Omnipresent Data vs Privacy

"Honest men have nothing to fear from the law" is a widely used dictum much loved by protagonists of the surveillance society, and by much of the less imaginative part of Middle England.

It is also, unfortunately, naïve and inaccurate. Pratchett refers to is as being "under review from the Axioms Appeal Board" in Men At Arms. The problem has several aspects; firstly that the agents of the law, not to mention the full range of overly conservative small-minded snoops, have very specific ideas of "honest people" and "suspicious" or "wholesome" behaviour. It is therefore incumbent on us not only to be honest, but to be staid, mainstream and "above reproach". There's long been an attitude of "don't ask, don't tell" towards anything risqué, to the extent that many widely-shared behaviours are expected to be hidden for the sake of hypocritical propriety.

The classic case of this has always been with regards to sexuality, particularly homosexuality in the US military, with the attitude of "you can die for us, but don't expect us to accept you". The attitude is also present, with less mortal consequences, in public life in the UK. It is widely known or assumed that many politicians or members of the judiciary have a non-mainstream (and entirely legal) sexuality that they dare not display for fear of being deemed inadequately wholesome, or hounded from office.

In a similar vein; I work for a publisher that counts among its portfolio magazines and sites which feature "glamour" photography of various types. The mainstream, while trying to look tolerant and modern, will generally accept that "tasteful glamour" is entirely socially acceptable, so why do we keep getting emails from former models who now need the pictures removed in case "it harms their career or credibility". Simply, because many of the public more small-minded and lest honest than it wishes to admit.

But what if we are really wholesome, law-abiding, upstanding and utterly boring? Surely we have nothing to hide then?

Well, no. I'm not going to publicly share my passwords, bank details, pin and so on; that much is obvious. I'm also not likely to share how much I drink, what sort of adult entertainment I may prefer, or what I do in the privacy of my own home. But there's another class of "semi-public" information I need to keep pretty private too, and that's just a nuisance.

I'm referring to the sort of information that banks and similar organisations use to "verify your identity" for security purposes. Your date of birth, for example. Letting the world know your exact age can be a security risk. So can sharing where you live; some banks seem to think that my postcode is secure and sekrit data. My place of birth and mother's name are verboten, which is a right pain if I want to do any sort of genealogical research (which it so happens that I do). My first school, favourite colour, pet's name... it goes on and on. Even which electricity supplier I use could be used to compromise my accounts. This is all information my friends at least should be able to know, and it should be harmless in any hands.

But it's not, because banks are inept, and (in part due to this) the public don't understand security. So we're grossly limited in the information we can make public. This matters, not only because it's terrible security (it's all "semi-secret" in the same sort of "don't ask, don't tell" mentality of "private" lifestyles, but because it compromises methods we might use to keep in touch with, and locate, old and new friends.

In one particular ideal world, I would be able to let any of my friends who "need to know" where I live, my phone numbers, what I was doing, my parent's names, my niece's date of birth, where I was at any given time, and where I was planning to go clubbing or holidaying next. The technology and use for all of these exists in the forms of Twitter, Dopplr, Fire Eagle and MyHeritage, but the use I can make of them is grossly limited by a combination of the world's broken security models and broken attitudes. Even where "friend-locking" exists, it's rendered useless by the mass of account management I'd need to do for everyone who might want to know, and the fact my friends would all need accounts (and I'd have to know which these accounts were) on all relevant sites. And most data I wouldn't want to have to lock anyway.

What's required may be difficult. The amount of data we'd like to share to make our lives easier and better connect with our friends (and find new like minds) is too wide for entirely traditional notions of privacy. Now, this may sound weird; like many liberals and techs I'm a privacy advocate. But the point is that we need to have a greater choice in privacy; not only in what we can keep secret from prying eyes if we wish to, but also what we can make public without risk of censure or security compromise if we want to.

We need a new attitude to "semi-public" data. We need banks to stop treating it as secure, and we need the wider public and our current and potential employers, leaders and neighbours to adopt a more honest and less censorious and hypocritical attitude to our behaviour. It may not be easy; in fact it almost certainly won't be. But we live in the information age, and if we can't, as a society, learn how to properly manage and use information, we'll be grossly limiting ourselves.
Posted by parsingphase, 2008-10-11 16:53

Anonymous user



Contact Richard