I’ve long argued three points:
- It is inevitable* that governments and other constituencies will obtain huge amounts of information, which can be used to drastically restrict everybody’s privacy and freedom.
- To protect against this grave threat, multiple layers of defense are needed, technical and legal/regulatory/social/political alike.
- One particular layer is getting insufficient attention, namely restrictions upon the use (as opposed to the acquisition or retention) of data.
*And indeed in many ways even desirable
I surprised people by leading with the liberty/privacy subject at my New England Database Summit keynote; considerable discussion ensued, largely supportive. I hope for a similar outcome when I keynote the Aster Big Data Summit in Washington, DC in May. And I expect to do even more to advance the liberty/privacy discussion as 2010 unfolds.
Fortunately, I’m not the only only thinking or talking about these liberty/privacy issues. A group of Very Big Companies (Google, eBay, Microsoft, AOL, AT&T, Intel, et al.) have backed something called Digital Due Process, to restore the Fourth Amendment’s teeth in the electronic age. (The Fourth Amendment to the US Constitution is the one that restricts and governs law enforcement activities in the areas of “search and seizure”.) That fits quite nicely with the privacy/liberty point I’m most emphasizing, to wit:
I think that regulating use actually suffices. Look again at the Bill of Rights. On a first reading, it seems that the Fourth and Fifth Amendments prevent the government from getting certain kinds of information. It can’t look inside our houses, and it can’t make us answer questions … wrong! Actually, the courts can compel you to testify on any subject they choose; if you refuse to answer, you can go to jail for contempt of court. But they can only compel you if you are given immunity, so that you can’t be convicted of the crimes the testimony reveals. I.e., the government can get the information it wants; it just can’t use that information to harm you. (Fourth Amendment rights are a little murkier; if the government finagles its way into your house for any reasons, there are still actively litigated questions as to what kinds of information it can use that it may find there.)
A week ago, Michael Arrington posted the social side of the same coin, saying It’s Time To Overlook Our Indiscretions, by which he seemed to mean: In a world where all kinds of embarrassing information will come out, we should not (always) penalize people for the existence of mildly embarrassing information about them. I am in vigorous agreement with that.
Progress is being made. But we’re just at the beginning of what will be a long, difficult, and hugely important process. The stakes, without exaggeration, are human freedom, on a national and indeed global scale.
Edit: Scott Yara of Greenplum says it simply (emphasis mine):
We need laws to keep sensitive stuff such as credit records and medical histories from getting into the wrong hands. But even with such laws, it’s inevitable that information will leak out. So we also need rules about how personal information that might come into the hands of employers, police, lenders, and others can be used.
- Declan McCullagh wrote up the Digital Due Process initiative
- India is fingerprinting and photographing its whole population
- Finland, notwithstanding that it is a large forest products producer, is demonstrating that an almost entirely paperless society is realistic.
- Microsoft Research is trying to separate data-for-analysis from data-with-enough-detail-to-use-against-you