January 31, 2010

Data-based snooping — a huge threat to liberty that we’re all helping make worse

Every year or two, I get back on my soapbox to say:

But this time I don’t plan to be so quick to shut up.

My best writing about the subject of liberty to date is probably in a November, 2008 blog post. My best public speaking about the subject was undoubtedly last Thursday, early in my New England Database Summit keynote address; I got a lot of favorable feedback on that part from the academics and technologists in attendance.

My emphasis is on data-based snooping rather than censorship, for several reasons:

Below are the actual notes I spoke from. (Not typed out in the notes is the part about how I think there are a lot of precedents in US law for my suggestions, specifically in how the Fourth and Fifth Amendments are handled, but you can find that part in the blog linked above.) My call to action is still pretty vague, along the lines of “Think about this stuff, and talk about it too.” (And please don’t be as pig-headed as the Slashdotters mentioned here. 🙂 ) Beyond that, simpler and more immediate – well, this is one blog post I’m REALLY hoping will get a rich comment thread. Please pitch in!

My notes, with minor edits for blog-posting clarity:

More technical posts based on the same talk

Related links (updates)


8 Responses to “Data-based snooping — a huge threat to liberty that we’re all helping make worse”

  1. Open issues in database and analytic technology | DBMS2 -- DataBase Management System Services on February 2nd, 2010 1:12 am

    […] isn’t technological at all – rather, it’s the legal and political steps needed to preserve liberty in the face of advancing, intrusive […]

  2. Scott Rosenthal on February 3rd, 2010 3:28 pm

    Your analysis of the nature of the problem is excellent, but I am unsure that your policy perscriptions will do much to alleviate it.

    Governments are unlikely to restrict their use of available information in the face of what they see as pressing priorities, for example:


    If we decide to permit the use of ‘this kind of data’ for the pursuit/prosecution of terrorists, why not for child abusers, or large scale embezzlers, etc. Obviously, slipperly-slope arguments can be taken to extremes, but in truth I think that this is a situation where the slope is both exceedingly slippery and exceedingly steep. What might be even worse is how this sort of data could be used OUTSIDE of a courtroom by a unethical prosecutor or even just a government apparachik with sufficient tech savvy and ambition. Of course none of this even begins to cover how private actors might misuse data like this…

    Regulations restricting data release/use/dissemination will always have carve-outs for various legitimate uses, and over time, these carve-outs will expand as more and more actors catch on to the potential returns. A political solution thus strikes me as a poor choice for coping with either public or private malefactors.

    Perhaps there isn’t an easy way out here, other than becoming a society less concerned about privacy, something that I suspect we are going to have to do anyway…

  3. Michael Shynar on February 4th, 2010 2:32 am

    I believe the scope of the problem is wider than just government data. It is also a problem of big corporations and advertising agencies consistently collecting more and more data about users.

    We all know about third-party cookies which are all too common on the web, and there are other techniques, such as:

    These surveillance mechanisms are slowly making their way into every aspect of life, for example via mobile devices, using bluetooth hosts scattered around the city.

    Both government and corporate aggregated data might leak out and be used for criminal intent. I believe a more robust solution than government regulation should be taken.

    One idea is creating “Social White Noise” – filling databases with false data that will confuse anyone querying the database. This would have implications to one’s accessability via the web (are you the real slim shady?), but offers a valid trade-off in exchange for privacy.

    I have also written about this topic in my own blog recently:

  4. Rob Navarro on February 28th, 2010 2:16 pm

    A partially legislative and totally scalable approach to preventing the snooping world you mention (i.e. other people taking away your life’s choices based on their incomplete or malicious interpretation of data about you) is to mandate all data holders mitigate the risk of “Illicit re-identification” of the people in that data.

    Imagine a world where both the data and the accessing people were constrained by the needs to keep illicit re-identification below an “acceptable level” for that data.

    In practice this would mean storing more data in a de-identified way until it was needed. Not linking datasets until they were required to be linked. Vetting the staff to minimise the means, motive and opportunities for illicit re-identification. Imagine new auditing requirements for particularly large or sensitive holders of linked person-level data.

    Having just been impressed by Cameron’s Avatar movie and the depiction of perfect communication for all creatures on the planet Pandora, I can see that when/if we get there, privacy concerns may diminish. Who would misinterpret your wishes mistakenly? They would know too much to err that way. You would only need protection against the malicious or hungry. Maybe there would be too few of those to worry about. But maybe not. The rise of Internet crime from Spammers and Phishers tells us something about the dreary predictability of ne’er-do-well’s looking for an easy route to better wealth. However you might also need some shielding against the incessant targeted marketing of products eerily timed and somewhat interesting.

    Until (and maybe even when) we reach Nirvana each person remains at risk of others: making bad choices for them (i.e. removing options), interferring with their daily activities (to prove their innocence, reject offers) or simply trying to steal stuff. It therefore is most appropriate to defend against the potential harms (of snooping) through legislation whilst we speed towards a “total information awareness” society.

  5. Quick news, links, comments, etc. | DBMS2 -- DataBase Management System Services on March 27th, 2010 12:59 am

    […] in theory) privacy risks of geolocation services, going into a lot more detail on that point than I ever have. However, he topped that off with the odd claim that people pay toll (rather than using an […]

  6. A new attitude toward online reputation? | Text Technologies on March 28th, 2010 6:15 pm

    […] Data aggregration or other technologically-advanced snooping used against one. […]

  7. Privacy and liberty, continued | DBMS2 -- DataBase Management System Services on April 4th, 2010 12:49 am

    […] surprised people by leading with the liberty/privacy subject at my New England Database Summit keynote; considerable discussion ensued, largely supportive. I hope for a similar outcome when I keynote […]

  8. I’ll be speaking in Washington, DC on May 6 | DBMS2 -- DataBase Management System Services on April 18th, 2010 5:48 pm

    […] condition that I would be allowed to start with the same liberty and privacy themes I started my New England Database Summit keynote with. Since I already knew Aster to be one of the multiple companies in this industry that is […]

Leave a Reply

Feed: DBMS (database management system), DW (data warehousing), BI (business intelligence), and analytics technology Subscribe to the Monash Research feed via RSS or email:


Search our blogs and white papers

Monash Research blogs

User consulting

Building a short list? Refining your strategic plan? We can help.

Vendor advisory

We tell vendors what's happening -- and, more important, what they should do about it.

Monash Research highlights

Learn about white papers, webcasts, and blog highlights, by RSS or email.