Data-based snooping — a huge threat to liberty that we’re all helping make worse
Every year or two, I get back on my soapbox to say:
- Database and analytic technology, as they evolve, will pose tremendous danger to individual liberties.
- We in the industry who are creating this problem also have a duty to help fix it.
- Technological solutions alone won’t suffice. Legal changes are needed.
- The core of the needed legal changes are tight restrictions on governmental use of data, because relying on restrictions about data acquisition and retention clearly won’t suffice.
But this time I don’t plan to be so quick to shut up.
My best writing about the subject of liberty to date is probably in a November, 2008 blog post. My best public speaking about the subject was undoubtedly last Thursday, early in my New England Database Summit keynote address; I got a lot of favorable feedback on that part from the academics and technologists in attendance.
My emphasis is on data-based snooping rather than censorship, for several reasons:
- My work and audience are mainly in the database and analytics sectors. Censorship is more a concern for security, networking, and internet-technology folks.
- After censorship, I think data-based snooping is the second-worst technological threat to liberty.
- In the US and other fairly free countries, data-based snooping may well be the #1 threat.
Below are the actual notes I spoke from. (Not typed out in the notes is the part about how I think there are a lot of precedents in US law for my suggestions, specifically in how the Fourth and Fifth Amendments are handled, but you can find that part in the blog linked above.) My call to action is still pretty vague, along the lines of “Think about this stuff, and talk about it too.” (And please don’t be as pig-headed as the Slashdotters mentioned here. 🙂 ) Beyond that, simpler and more immediate – well, this is one blog post I’m REALLY hoping will get a rich comment thread. Please pitch in!
My notes, with minor edits for blog-posting clarity:
- Tremendous amounts of information are being or can be electronically recorded about everybody
- All our credit card purchases
- All our web access activity
- For at least two different reasons – child porn and internet file sharing — governments around the world are finding reasons to mandate that this be stored …
- … even as governments also sometimes try to mandate that it be deleted
- All our email and other internet communication information, either in full content or at least from a traffic analysis standpoint
- Many of our movements
- Electronic tollbooths
- Location-aware mobile devices
- Police cameras
- I doubt much of this is retained today except the camera part, but it could be
- And by the way, it is not illegal in the US for the government to put cameras or other electronic sensors outside your house to peer in, which offers all sorts of other intrusive possibilities as that technology improves.
- Analysis tools are improving in steps
- Data mining
- Social graph analysis
- If misused, this technology is an enormous threat to liberty …
- … and we’re all complicit in it (because we help advance the technology).
- So it’s our duty to also work to forestall the threat.
- Unfortunately, most technological solutions have no hope of working
- The data WILL be retained.
- The data WILL be possible to correlate and de-anonymize.
- Any technology that purports otherwise is merely a stopgap at best
- But that doesn’t meant such stopgap technology isn’t worth developing and deploying
- The only realistic long-term solution is legal, which is to say political
- If regulating information gathering and retention is doomed to failure …
- … regulate information use instead
- Make it illegal to admit this kind of information in court
- Make it illegal to use this kind of information to even track all but the most terrorist of criminal suspects
- Certainly make it illegal to reveal much of this information to the private sector, or in many cases for the private sector to use it
- … regulate information use instead
- Obviously, there have to be huge carve-outs for the ordinary business of marketing, government, medicine, whatever
- But that’s the direction we need to go
- And I’m convinced that we in the technology community need to show the way
- If regulating information gathering and retention is doomed to failure …
More technical posts based on the same talk
- Flash, other solid-state memory, and disk
- Interesting trends in database and analytic technology
- Open issues in database and analytic technology
Related links (updates)
- More on liberty and privacy
- More on data retention
- CNet reports that the FBI is asking internet service providers in the US to keep website access data for 2 years
- CNN reports that US states are storing DNA for all babies born
Comments
8 Responses to “Data-based snooping — a huge threat to liberty that we’re all helping make worse”
Leave a Reply
[…] isn’t technological at all – rather, it’s the legal and political steps needed to preserve liberty in the face of advancing, intrusive […]
Your analysis of the nature of the problem is excellent, but I am unsure that your policy perscriptions will do much to alleviate it.
Governments are unlikely to restrict their use of available information in the face of what they see as pressing priorities, for example:
http://washingtontimes.com/news/2010/feb/03/germany-pursues-tax-evaders-data/
If we decide to permit the use of ‘this kind of data’ for the pursuit/prosecution of terrorists, why not for child abusers, or large scale embezzlers, etc. Obviously, slipperly-slope arguments can be taken to extremes, but in truth I think that this is a situation where the slope is both exceedingly slippery and exceedingly steep. What might be even worse is how this sort of data could be used OUTSIDE of a courtroom by a unethical prosecutor or even just a government apparachik with sufficient tech savvy and ambition. Of course none of this even begins to cover how private actors might misuse data like this…
Regulations restricting data release/use/dissemination will always have carve-outs for various legitimate uses, and over time, these carve-outs will expand as more and more actors catch on to the potential returns. A political solution thus strikes me as a poor choice for coping with either public or private malefactors.
Perhaps there isn’t an easy way out here, other than becoming a society less concerned about privacy, something that I suspect we are going to have to do anyway…
I believe the scope of the problem is wider than just government data. It is also a problem of big corporations and advertising agencies consistently collecting more and more data about users.
We all know about third-party cookies which are all too common on the web, and there are other techniques, such as:
http://www.h-online.com/security/news/item/Indiscrete-web-browsers-assist-de-anonymisation-919669.html
These surveillance mechanisms are slowly making their way into every aspect of life, for example via mobile devices, using bluetooth hosts scattered around the city.
Both government and corporate aggregated data might leak out and be used for criminal intent. I believe a more robust solution than government regulation should be taken.
One idea is creating “Social White Noise” – filling databases with false data that will confuse anyone querying the database. This would have implications to one’s accessability via the web (are you the real slim shady?), but offers a valid trade-off in exchange for privacy.
I have also written about this topic in my own blog recently:
http://shmichael.com/2010/02/social-white-noise/
A partially legislative and totally scalable approach to preventing the snooping world you mention (i.e. other people taking away your life’s choices based on their incomplete or malicious interpretation of data about you) is to mandate all data holders mitigate the risk of “Illicit re-identification” of the people in that data.
Imagine a world where both the data and the accessing people were constrained by the needs to keep illicit re-identification below an “acceptable level” for that data.
In practice this would mean storing more data in a de-identified way until it was needed. Not linking datasets until they were required to be linked. Vetting the staff to minimise the means, motive and opportunities for illicit re-identification. Imagine new auditing requirements for particularly large or sensitive holders of linked person-level data.
Having just been impressed by Cameron’s Avatar movie and the depiction of perfect communication for all creatures on the planet Pandora, I can see that when/if we get there, privacy concerns may diminish. Who would misinterpret your wishes mistakenly? They would know too much to err that way. You would only need protection against the malicious or hungry. Maybe there would be too few of those to worry about. But maybe not. The rise of Internet crime from Spammers and Phishers tells us something about the dreary predictability of ne’er-do-well’s looking for an easy route to better wealth. However you might also need some shielding against the incessant targeted marketing of products eerily timed and somewhat interesting.
Until (and maybe even when) we reach Nirvana each person remains at risk of others: making bad choices for them (i.e. removing options), interferring with their daily activities (to prove their innocence, reject offers) or simply trying to steal stuff. It therefore is most appropriate to defend against the potential harms (of snooping) through legislation whilst we speed towards a “total information awareness” society.
[…] in theory) privacy risks of geolocation services, going into a lot more detail on that point than I ever have. However, he topped that off with the odd claim that people pay toll (rather than using an […]
[…] Data aggregration or other technologically-advanced snooping used against one. […]
[…] surprised people by leading with the liberty/privacy subject at my New England Database Summit keynote; considerable discussion ensued, largely supportive. I hope for a similar outcome when I keynote […]
[…] condition that I would be allowed to start with the same liberty and privacy themes I started my New England Database Summit keynote with. Since I already knew Aster to be one of the multiple companies in this industry that is […]