July 29, 2013

What our legislators should do about privacy (and aren’t)

I’ve been harping on the grave dangers of surveillance and privacy intrusion. Clearly, something must be done to rein them in. But what?

Well, let’s look at an older and better-understood subject — governmental use of force. Governments, by their very nature, possess tools for tyranny: armies, police forces, and so on. So how do we avoid tyranny? We limit what government is allowed to do with those tools, and we teach our citizens — especially those who serve in government — to obey and enforce the limits.

Those limits can be lumped into two categories:

The story is similar for surveillance technology:

But there’s a big difference between the cases of physical force and surveillance.

And they’re going to stay weak. Yes, over the past two months political sentiment has swung somewhat toward strengthening them, and I fervently urge you to support that trend. But all you’ll achieve is a delay — a temporary roadblock on the path to tyranny. Ultimately, governments around the world will not pass up the ability to track communications, financial transactions, or the physical movements of their citizens — not in a world where some of the biggest security threats are or are believed to be from terrorism.

Consequently, the indirect controls on surveillance need to be very strong, for they are what stands between us and a grim authoritarian future. In particular:

In addition, society at large needs to be tolerant of people’s peculiarities and failings. But that’s the least of my concerns, because I’m optimistic that we’re getting there. If you disagree, please consider this: The last three US presidents have been — at least in their pasts — a philanderer, a drunkard, and a cocaine user.

I lack the legal expertise to make very specific public policy recommendations. But the kinds of rules I’m envisioning include:

Or to sum up — the only activities I want to see chilled by electronic surveillance are the actual planning and execution of terrorist attacks.* For anything else, I’m content with the imperfect but tolerable law enforcement vs. individual freedom balance of the past.

*And maybe also the kinds of organized crime and so on against which telephone wiretaps and bugs have been effective in the past.

Do I oppose direct controls on the surveillance, retention or communication of data? No (with limited exceptions, such as HIPAA’s life-costing effect on medical research). I just don’t think they’re enough; strong indirect controls such as those I outlined above are needed as well.

And it’s about time that our policy-makers figured that out.

Comments

3 Responses to “What our legislators should do about privacy (and aren’t)”

  1. Very chilling effects | DBMS 2 : DataBase Management System Services on July 29th, 2013 12:40 am

    [...] This road leads to gray, totalitarian-like conformity. Fortunately, there’s still also a path to a brighter future. [...]

  2. M-A-O-L » What our legislators should do about privacy (and aren’t) on July 29th, 2013 6:28 pm

    [...] Great recommendations. What our legislators should do about privacy (and aren’t). [...]

  3. Why privacy laws should be based on data use, not data possession | DBMS 2 : DataBase Management System Services on August 20th, 2013 12:22 am

    [...] overcome these myriad challenges. So why am I hopeful that use-based ones can? Well, consider the use-based privacy control guidelines I recently [...]

Leave a Reply




Feed: DBMS (database management system), DW (data warehousing), BI (business intelligence), and analytics technology Subscribe to the Monash Research feed via RSS or email:

Login

Search our blogs and white papers

Monash Research blogs

User consulting

Building a short list? Refining your strategic plan? We can help.

Vendor advisory

We tell vendors what's happening -- and, more important, what they should do about it.

Monash Research highlights

Learn about white papers, webcasts, and blog highlights, by RSS or email.