As people intertwine with the Internet, personal information, once sealed in envelopes, now seeps out like an oil spill. Edward Snowden-induced privacy revelations and the post-Ferguson rise of body cameras have lawmakers and regulators scrambling to decide where to put the booms.

In Washington, lawmakers are considering a potential mass of regulations, including Seattle’s forthcoming Privacy Initiative, one House bill and one Senate bill. Meanwhile, pre-existing local and national laws and court decisions make finding the balance between what’s public and what’s private even more complicated.

Not all of Washington's new laws will see the light of day — two in Olympia have already died; the two still in play still need to pass a full Legislative vote — but their simultaneous introduction begs the question: Will new policies clarify how Seattle and Washington deal with digitized personal information or will they get in the way of each other and complicate the issue further?

“When you really look at the amount of data we collect as a city, it’s intimidating,” said Harrell in a February 23rd council meeting. “We collect information related to home loans, law enforcement, B&O tax information, public Wi-Fi, credit card information, information about vulnerable populations and minors. It’s all fairly mind-boggling.”

Every time one puts information into a website or agrees to terms online, the city is collecting that data. When a user interacts with a city department website, they are confronted with a privacy statement. Most ignore it or simply click agree.

“We did an inventory of all the statements in the city,” said Harrell aide Vinh Trang, “and they were so inconsistent.” The city's Privacy Initiative is a means to establish a comprehensive approach to privacy across all departments.

The city has a precedent for privacy protection. In 2012, Seattle adopted the U.N.’s Universal Declaration of Human Rights, which states that "No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence," guaranteeing "protection of the law against such interference or attacks."

But despite the city resolution to uphold these standards, lawyers would not allow the term "right to privacy" into Seattle's recently adopted Privacy Principles, calling into question the significance of calling oneself a "Human Rights City."

As the city adopts more surveillance technologies like police body cameras, the question of whether or not Seattle's citizens are guaranteed a right to privacy takes on new meaning.

“The Seattle Police Department is constantly in our minds,” said Trang.

In 2012, controversy erupted over drones quietly purchased by police. In 2012 and 2013, the city council blocked the use of 30 cameras along the waterfront, known as the “meshnet” program. In January, protestors at the University Village claimed plainclothes police officers were photographing them.

The SPD showed a new commitment to data collection management last week when Police Chief Kathleen O'Toole announced former Amazon Vice President Greg Russell would fill the new position of Chief Information Officer. His primary role will be to figure out how to manage police body camera footage. "It's about finding the right mix of privacy and transparency," he said.

The question of what information should legally be kept private is both tricky and still emerging, built on a precarious web of legal precedent and existing and emerging state and local laws.

Part of the issue is that there is an opacity surrounding Americans’ national right to privacy. The U.S. Constitution does not guarantee a right to privacy; the Bill of Rights could be argued to guarantee it in pieces — a privacy of religious beliefs in the first, a privacy of one's home in the third, a privacy of one's possessions in the fourth.

In Europe, things are much clearer. The European Convention on Human Rights guarantees "the right to respect for his private and family life, his home and his correspondence."

Keeping tabs on every court decision or act regulating privacy can be, to use Harrell’s words, "mind-boggling." But, at a local level, there are a few significant pieces that, for the time being, inform information collection practices.

The Washington Privacy Act, created in 1967, attempts to define what constitutes a privacy violation. Opening someone’s sealed letter is forbidden; recording or intercepting private communications is only allowed with the consent of all involved parties or a court order; information collected without consent may not be used in a court as evidence. Any violation of the act will result in a misdemeanor.

The issue is that the act is badly out of date; the first chapter restricts intercepting telegrams. Though it exempts police and firefighters from many of the chapters, it's been unclear whether SPD's body-worn cameras would have been included.

The ambiguity delayed the implementation of Seattle’s body camera pilot program for nearly eight months. Eventually, Attorney General Bob Ferguson weighed in favor of exempting body cameras from the act, re-booting the program.

The other state precedent on privacy is the State’s Public Records Act, which serves to regulate access to government materials like e-mails, contracts or, potentially, police recordings. That act is also old, written in 1972, well before anyone had ever heard the word terabyte. It is fairly liberal, exempting disclosure only when it reveals intensely private information, such as social security or credit card numbers, identities of sex-crime victims and important witnesses.

The wording of the act does not suit modern data collection well. For instance, it reads, “Agencies shall not deny a request for identifiable public records solely on the basis that the request is overbroad."

Last fall, the gigabit hit the fan when local programmer Tim Clemans exposed the weaknesses of this language by requesting all video recordings from over 60 police departments. Poulsbo Police Department Chief Al Townsend said it would take the department until 2017 to properly redact all that information. Again, the body camera program was delayed.

Saying they “have not yet seen a solution that adequately protects safety, privacy, transparency and accountability,” the Seattle Community Police Commission, a citizen oversight organization, urged the Seattle Police Department in mid-February to delay the program further because of exactly these kinds of confusions. But the program rolls on and regulators try to keep up.

Further complicating the issue are two privacy bills currently floating in the Washington State Legislature, which, depending on how they're written or rewritten in the House and Senate, could undercut anything done in Seattle.

One of those bills, HB 1917, has already been largely gutted. The bill, sponsored by Drew Hansen, a Democrat from Bainbridge Island, would have originally restricted access to body camera footage to those directly involved or impacted by the incident recorded -- unless that request came accompanied by a court order.

Hansen was concerned that open access to police body camera footage would make people hesitate to call 911 for fear of public exposure. "We don’t want people putting things up on YouTube,” he said. (In fact, the SPD is doing largely that thanks to Clemans' efforts.)

But after stringent complaints from the ACLU (Technology and Liberty Director, Jared Friend called it an “enormous carve out in the Privacy Act"), the bill was stripped of most of its substance.

The substitute bill no longer strays far from current law: Hansen's act strengthens restrictions around material that contains nudity, sex or children where the original act forbids 'highly offensive material' more broadly.

"The new bill is not as protective," said Hansen, but maintained, "My goal all along was to provide greater privacy protections from the public, while allowing body cameras to move forward."

Another bill, SB 5732, would mandate that police officers wear body cameras at all times, make only "flagged" videos available to public disclosure and create an auditor to make sure body cameras were being deployed properly.

Back in Seattle

As Olympia's privacy bills weakened, Seattle was formalizing privacy principles of its own. In a February 23rd City Council meeting, the city adopted a new set of principles to guide Seattle's comprehensive privacy initiative, set to be introduced in August.

Councilmember Bruce Harrell, introducing the principles to the council, declared proudly, "We embrace the notion that privacy is a right."

The guidelines, assembled by a team of city employees, are relatively simple: “We value your privacy; We collect and keep only what we need; When possible, we make available information about the ways we use your information; We are accountable; We follow federal and state laws about information disclosure; We work to maintain and use accurate personal information.”

Phil Mocek of the Seattle Privacy Coalition, an advocacy group for citizens' privacy, served as an advisor to that team. Despite Harrell's declaration, Mocek said, the city refused to include the term 'privacy as a right' in its final draft. “Acknowledgement by our municipal government of privacy as a basic human right would result in personal privacy being treated with the seriousness it deserves," he said.

But in what he called a “baffling” response, the city's lawyers would not allow the language. "[DoIT] told us [City of Seattle Law] had said that privacy is not defined as a right in the U.S."

City Chief Technology Officer Michael Mattmiller confirmed this in an e-mail. "A number of our stakeholders on our City Interdepartmental Team, which includes a representative from our law department...pointed out challenges of noting that privacy is a human right in the city's Privacy Principles."

Still, he said, these principles are just 'a first step' for the city.

Vis-a-vis Seattle's resolution to be a 'Human Rights City', Elliott Bronstein, information officer with Seattle's Office of Civil Rights said, "I am not aware of a specific law or policy that has emerged out of this resolution."

If the efforts of elected officials tell us anything, it’s that there is still a lot of work to be done to clarify data privacy. Depending on how they're written, bills may supersede local ordinances, like Seattle's Privacy Initiative. Meanwhile, thanks to President Obama's recently introduced Privacy Bill of Rights, getting a hold on privacy within the private sector is a whole separate animal.

The complexities are not lost on those taking on the challenge. “Trying to determine what should be public and what should not is really difficult,” said Rep. Larry Springer, D-Kirkland, the sponsor of a failed House privacy bill. "We're threading a needle."