This morning I woke up and had a LinkedIn request. LinkedIn is stupid, but I have it for some reason. I’ve never figured out what to do with it, nor received any benefit from it, but that’s beside the point. After I accepted the request, it then suggested “people I may know.”
I start browsing through the list, and something startled me. It was suggesting current clients of mine, prospective clients, and opposing counsel. Many of whom I’ve never met in person, and have only emailed a few times. We’re not Facebook friends, we’re not on Google Circles, and we don’t follow each other on Twitter. No, these are people I have simply emailed privately back and forth with. Other than our private emails, there is no trace that I had ever encountered many of these suggested contacts. Several were not even in my geographic area, we had no shared connections, and my only connection to them is either being a client of mine or counsel in another case. Our only traceable connections were emails back and forth.
To put it mildly, the discovery was unsettling. How the hell does LinkedIn know who I’m emailing with? Isn’t that information private?
Then I got to thinking….
My email is through Google Apps for Business. Google apps is a third party and in possession of all my private emails and contacts. Does this mean that Google is providing LinkedIn with people who I contact via email? How else would LinkedIn have known who I digitally associate with?
Alright, but it’s just LinkedIn. Who cares if they know who I email and suggest I “connect” to them? That’s helpful, right? Isn’t that what the marketeers call leveraging social media to “accelerate” relationships?
Then I really got to thinking. If LinkedIn can get access to my private emails, and use them to assemble a profile on my network, who else can?
Ah, quit being stupid. Who would want to do that?
Maybe… the government?
See, military intelligence is mostly about looking at people’s networks and making connections. For instance, it’s pretty obvious who is associated with the Legal Blogosphere, the Happysphere, etc just by looking at how people are connected online. You can learn a lot about people by who they associate with. I have my friends from the local bar association, high school, college, law school, legal blogosphere, etc. You can just look at my social network and build a pretty damn accurate picture of me – Philly guy, lawyer, Fishtown, hangs out with other urban professionals and is a legal blogger.
In the olden days, if the government wanted to build a case against someone, they would have to do some undercover work and figure out which networks people were involved in. My guess is when combating terrorism, the intelligence community will try and see who is connected to the bad guys, and how.
But what if social media has become a quasi-intelligence operation on everyone who uses it? If LinkedIn has access to this data, the government can instantly figure out who you associate with just by seeing who you email. From there, they can paint a pretty damn accurate assessment of who you are. And if they know who you are emailing, and how frequently, let’s say that picture is a bit more interesting.
While social media and the cloud are convenient, they have also created the biggest piece of intelligence ever. And what I find interesting is the government didn’t have to do any work – we handed it to them smiling, and then hit the “like” button afterwards.
Now, I doubt the NSA cares about who I email, and I’m not looking out my bedroom window for black helicopters. I seriously doubt anyone is reading every single one of my emails (or updating my Facebook status), and I am reasonably certain that they use any data collected to catch terrorists and big time criminals (or create the terrorist attacks and then arrest those responsible, but that is besides the point).
This is what worries me… only ten years ago, if the government wanted data like this they would have to obtain a search warrant. If they wanted my private files and to know who I was corresponding with, subpoenas would need to be issued and they would have to rifle through large filing cabinets. I presume there would be some level of due process. I would certainly argue that much of what they are seeking is privileged, irrelevant, and a fishing expedition.
Now all that data is readily available thanks to the kind folks who are so kind to store it for us, available on a sliver platter. With no knowledge to you that information you may have believed is private is actually being turned over to many other sources. Corporations are obtaining this data under the guise of being helpful. Helping us connect with people, being more social. Accelerating relationships. That is all so very helpful, right?
While we lawyers have done nothing but espoused the benefits of the cloud, is anyone else concerned that the government now has unlimited access to a lot of data, most of which was private just ten years ago, and does not even need to afford us due process to obtain it? Can lawyers safely email with clients without potentially exposing them to government scrutiny, or giving the government a leg up in a criminal investigation?
I mean, if LinkedIn can put together an accurate profile on me based on who I email, why can’t the government? And should we be letting them?