Happy New Year and Upcoming Data Privacy Week!

Screenshot of the summary privacy report and rating of Facebook as completed by the TOSDR website

Privacy Considerations for the New Year

The beginning of the year is a great time to reflect. With data privacy week later this month, it’s also a good time to be intentional about what information we share online (even in “private” messages). How are the privacy settings configured across our various platforms (social media, email) and devices? What personal information did we sign away when we agreed to the “Terms of Service?” What role does the government play in the protection (or surveillance) of our data?

Privacy Timeline

To get a sense for what history can tell us about privacy in the US, check out the following privacy timeline, which has been adapted from Heidi Boghosian’s 2021 book, I Have Nothing to Hide and 20 Other Myths about Surveillance and Privacy. Or you can skip to the bottom of this post for some interesting and useful resources to help you navigate your own privacy journey!

  • 1902: US authorities first use fingerprints, beginning with the New York Civil Service Commission. Use of fingerprints quickly spreads to prisons, the military, and police departments.
Fingerprint flanked by rulers
Source: “Cool Mint Fingerprint” by Jack Spades is marked with Public Domain Mark 1.0 license.
  • 1924: Congress mandates the FBI manage a national fingerprint database, which by 1946 grew to one hundred million records.
  • 1952: President Harry Truman founds the National Security Agency.

    Aerial photograph of the black, reflective, and angular buildings of NSA's headquarters
    Source: Current Headquarters of the National Security Agency by NSA. Public Domain.
  • 1971: Seven activists break into an FBI office. Documents they discover reveal the existence of the US Counterintelligence Program. “COINTELPRO” was a set of FBI programs started in 1956 and terminated in 1971. As part of the program FBI agents committed burglaries, opened and photographed the mail of Americans, planted forged documents to make it appear that individuals were government informants, sent anonymous letters to spouses designed to break up marriages, secretly communicated with employers to get individuals fired, sent anonymous letters containing false statements designed to encourage violence between street gangs and the Black Panthers, requested selective tax audits, posed as members of antiwar groups in order to discredit those groups, and more.

Although these were “counterintelligence” programs, the FBI did not consider most of the targeted individuals to be spies. Rather, the FBI deemed their political activities dangerous. COINTELPRO began by targeting the Communist Party but quickly expanded to include other groups. The FBI’s “black extremist” category included not only the Black Panthers but the Southern Christian Leadership Conference and its president, Martin Luther King, Jr., the Student Nonviolent Coordinating Committee, and other civil rights groups of the 1950s and 1960s. They also targeted groups opposed to the Vietnam War.1

Photocopy of a leaked COINTELPRO document aimed at disparaging Black Panther Party supporter Jean Seberg
Source: “A [leaked] COINTELPRO document outlining the FBI’s plans to ‘neutralize’ Jean Seberg for her support for the Black Panther Party” by Richard Held. Public Domain.
  • 1978: Congress enacts the Foreign Intelligence Surveillance Act (FISA) establishing procedures for gathering intelligence on foreign powers.
  • 1994: The Communications Assistance for Law Enforcement Act (CALEA) of 1994 is an early legislative effort to address FBI fears of “going dark” (when a person, organization, or device becoming inaccessible or untraceable). The law requires telecommunications carriers to give police access to real-time interception of phone calls and call-identifying information.
  • 1998: Congress enacts the primary law, which would be implemented by the Federal Trade Commission protecting children from advertising: Children’s Online Privacy Protection Act of 1998 (COPPA). It limits collection of personally identifiable information from children without parental consent.
  • 2001: Four coordinated attacks against the US occur on September 11, 2001, marking a new chapter in the “war on terror.” Congress then passes the PATRIOT Act, which eases restrictions on wiretapping and changes the Foreign Intelligence Surveillance Act and Electronic Communications & Privacy Act. For example, roving wiretaps and sneak-and-peek warrants are allowed—a turning point for domestic spying.
  • 2002: Congress passes the Homeland Security Act to create the Department of Homeland Security, a Cabinet-level department aimed at unifying national security initiatives.
  • 2003: AT&T technician Mark Klein discovers a secret room at AT&T’s San Francisco office. He testifies in a federal lawsuit against the National Security Agency that the room was set up to conduct “vacuum-cleaner surveillance” of internet use by millions of unsuspecting Americans. AT&T’s corporate relationships enabled them to turn over other internet service providers’ data without their consent.

Photograph of door without a doorknob in an artificially lit room.

Source: “Photograph of room 641A’s door within the SBC Communications building” by Mark Klein, Creative Commons Attribution-Share Alike 3.0 Unsupported license.

  • 2005: The New York Times reveals government surveillance going back to 2002, including warrantless wiretapping of phone and internet communications of possibly thousands of Americans.2
Photocopy of a New York Times column revealing the G. W. Bush administration's domestic spying program
Source: Risen, J. & Lichtblau, E. (2005, December 16). “Bush lets U.S. spy on callers without courts: Secret order to widen domestic monitoring.” New York Times 155(53,430).
  • 2005: Congress passes the REAL ID Act, which closely resembles a mandatory national ID program.
  • 2006: The Center for Constitutional Rights files CCR v. Bush (later CCR v. Obama) against President George W. Bush and the heads of major security agencies. It challenges warrantless National Security Agency wiretap surveillance of American’s phone calls that had occurred for four years.
  • 2008: FISA Amendments Act of 2008 passes. Section 702 affords the National Security Agency virtually unlimited authority to monitor Americans’ communications while ostensibly targeting foreigners living abroad.
  • 2011: The Federal Aviation Administration Air Transportation Modernization and Safety Improvement Act sanctions drones for domestic surveillance.
  • 2012: The lawsuit Hassan v. City of New York (PDF) claims that the NYPD violated the Constitution by surveilling mosques and local venues frequented by Muslims.
  • 2013: Edward Snowden, former CIA staffer and NSA contractor for Booz Allen, releases documents to journalists about the National Security Agency’s mass surveillance program. On June 6, 2013, The Guardian runs its first in a series of disclosures.
  • 2015: Oregon Senator Ron Wyden introduces a bill that would strengthen the Privacy and Civil Liberties Oversight Board, but the bill dies in the Republican-chaired Judiciary Committee
  • 2015: With the nonprofit Library Freedom Project, IT librarian Chuck McAndrew installs Tor browser software on Kilton, New Hampshire library computers. Kilton is the nation’s first library to provide patrons with anonymous Web surfing. The U.S. Dept. Of Homeland Security alert local law enforcement who lean on the library to reconsider installing the privacy software.
  • Tor logo with onion as the "o"
    Source: Tor logo by The Tor Project, Inc. This file is licensed under Creative Commons Attribution 3.0.

     

  • 2016: The FBI tries to force Apple to unlock an iPhone after a lethal 2015 mass attack in San Bernardino, California. The FBI wants Apple to create new software for them to use to access an iPhone 5C recovered from one of the shooters.
  • 2017: News reports surface that Samsung smart televisions recorded conversations in someone’s home, and that Samsung sent those recordings to government agencies including the CIA.
  • 2018: Police use DNA forensics to apprehend the so-called Golden State Killer, Joseph James DeAngelo, triggering an uptick in police use of private genealogy services’ DNA databases.

    Illustration of a DNA double helix molecule
    Source: “Vector DNA color” by gemmerich, CC BY-SA 2.0.
  • 2018: Cambridge Analytica Data scandal breaks in which digital consultants to the Trump campaign misused the personal data of 87 million Facebook users.
  • 2018: The European Union passes the General Data Protection Regulation, the world’s most comprehensive privacy and security law. It imposes obligations on organizations anywhere, if they target or collect data related to people in the EU.
  • 2018: President Trump renews Section 702 of FISA in January which affords the National Security Agency virtually unlimited authority to monitor Americans’ communications while ostensibly targeting foreigners living abroad. This renewal made Section 702, according to security expert Bruce Schneier, “effectively a permanent part of US law.”
  • 2019: TikTok’s parent company ByteDance pays a fine of $5.7 million, and the Federal Trade Commission prohibits it from collecting and using data from kids under the age of thirteen.
  • 2020: The city of Baltimore launches a wide-aerial surveillance experiment in May. Its police department contracts with Ohio-based Persistent Surveillance Systems to fly Cessna aircraft over the city for six months.
  • 2020: The Trump administration enacts a program requiring ICE agents (Immigration and Customs Enforcement) to take mouth swabs of people in their custody for the FBI’s DNA database.
  • 2022: Report emerges documenting massive “backdoor” searches (and collection) of US citizens’ private communications without a warrant by the FBI under the authority of the Foreign Intelligence Surveillance Act
  • 2023: The Privacy and Civil Liberties Oversight Board releases a report detailing how 3,527 reports containing private communications of U.S. citizens were shared by the FBI with local, state, tribal, and federal law enforcement agencies (among others), which raised concerns about how often American’s private data is being shared.
  • 2023: In a letter to the US Attorney General (PDF), Oregon Senator Ron Wyden exposes new details about a secretive program (formerly “Hemisphere,” now “Data Analytical Services”), run by the White House, AT&T, and the Drug Enforcement Administration, which gives law enforcement access to trillions of domestic phone records, including people not suspected of crimes (e.g., crime victims), sidestepping judicial oversight.
  • 2025: The “One Big Beautiful Bill Act” is passed by the Republican-controlled Congress and signed into law by President Trump. “[The] new law gives federal agencies $170,000,000,000 ($170 billion) for anti-immigrant enforcement, detention, and deportation…This money makes the US immigration enforcement agencies richer than many nations’ entire military force…” Source: National Immigration Law Center.
  • 2025: Since the signing of the One Big Beautiful Bill Act into law, ICE has spent $25 million in “contracts for spy technology: social media monitoring systems, cellphone location tracking, facial recognition, remote hacking tools, and more.” Source: Brennan Center for Justice 
    Immigration and Customs Enforcement badge
    Source: “[Immigration and Customs Enforcement] badge” by D.C. Atty, CC BY 2.0.

Library Resources for Learning More

Learn more about a wide range of privacy topics by checking out some of the following library resources available through your library:

Useful Websites

  • Terms of Service; Didn’t Read (tosdr.org), which provides plain-language summaries of how various platforms (e.g., Instagram, Gmail, etc.) treat your personal data based directly off of the “Terms of Service” that we all agreed to when we signed up.
  • Electronic Frontier Foundation (eff.org), which is a non-profit organization that “champions user privacy, free expression, and innovation through impact litigation, policy analysis, grassroots activism, and technology development.”
  • Surveillance Report (Podcast), which provides updates and analysis on privacy, security, and digital rights news along with historical context and actionable advice.

Sources

Featured image: Screenshot of the privacy report summary and rating of Facebook by the Terms of Service; Didn’t Read (TOS;DR) website

Credit: Timeline adapted from Heidi Boghosian, 2021, I Have Nothing to Hide and 20 Other Myths about Surveillance and Privacy

Gilman, L. (2004). “COINTELPRO.” Encyclopedia of Espionage, Intelligence and Security, eds. K. Lee Lerner & Brenda Wilmoth Lerner, Vol. 1, Gale, pp. 229-230. GVRL Reference Titles. Accessed 21 Nov. 2025.

Risen, J., & Lichtblau, E. (2005, Dec 16). “Bush lets U.S. spy on callers without courts: Secret order to widen domestic monitoring.” New York Times.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

Post comment