understanding the importance and impact of anonymity and authentication in a networked society
navigation menu top border

.:home:.     .:project:.    .:people:.     .:research:.     .:blog:.     .:resources:.     .:media:.

navigation menu bottom border
main display area top border

« July 2005 | Main | September 2005 »

Here’s to the Stupid Users: Notes from the WSIS Working Group Meeting on Cybersecurity

posted by:Valerie Steeves // 08:34 PM // August 30, 2005 // ID TRAIL MIX

In July, I went to the World Summit on the Information Society meeting on cybersecurity in Geneva. It was a remarkable experience in many ways, not least because Deborah Hurley, who organized the meeting, seeded every panel with representatives from the developing world. Western demands for tightened security - including the routine authentication of online users - were put into wonderful context when the delegate from Tanzania pointed out that almost everyone accessed the Net in his country only through cybercafés - try authenticating them - and, although cybersecurity is a priority, it’s less of a priority than things like clean water and electricity. Security takes on a different flavour in those circumstances.

But the thing that really stuck with me after the meeting was a comment made by one of the European delegates. As he bemoaned the sorry state of cybersecurity on the Net, he said, “It’s the stupid users. If we could just get them to use the technology properly, then we wouldn’t have a problem.”

Throughout the meeting, government and industry representatives - and many academics - talked about threats, attacks, counterattacks, command and control centres, arsenals and systems. Security was defined in terms of the network, not the people who use the network for their own purposes. The emphasis was put on creating a network that was controllable - that’s why the users are problematic, because they’re harder to control than routers and cables. At the very least, so the argument goes, users should identify themselves so the system can be protected from criminals.

This discussion bothered me, for a number of reasons. Not least is my firm belief that language is important. Not only does the language we use structure how we define a problem but it also structures the kinds of solutions we embrace. Early articulations of privacy rights in a world of databases were rooted in the European experience of World War II. Deep concerns about abuses of power and the gross denial of human rights led to the enactment of the Universal Declaration of Human Rights and the recognition in international legal instruments that privacy is an essential element of human dignity, autonomy and the democratic process. That’s a far cry from our current apparent consensus that we should strip away the anonymity of the stupid users who are screwing up the works because they pose a threat to the corporations and governments who use the Net to deliver goods and services to consumers.

I’m not arguing we don’t need to address problems like denial of service attacks and botnets. We do. But we should be more particular about the way we do it. Massive surveillance of “users” isn’t the answer because it creates its own insecurities. As Bruce Schneier points out, the automatic tracking of the numbers you call on your cell phone puts you, the person using the technology, at risk because that information becomes available to others. GPS functionalities create a similar problem. Identity theft is facilitated by the massive collection of your personal information by institutions which are then vulnerable to internal leaks, not through you forgetting to cover up your PIN at your local grocery store.

Blaming the user blinds us to the larger issues of corporate responsibility for these unintended security problems. It also predisposes us to accept solutions that are privacy invasive, because we no longer see the user as a person with fundamental rights or the law as a means to protect those rights. In fact, the law becomes the problem because it makes it difficult to protect the network.

For example, a South American police officer at the WSIS told a story about tracking a man who had apparently disappeared but then used a hotmail account to send an email to a friend. When he contacted the police in the US to get the IP address, he couldn’t get the information because of data protection laws. This led to a lengthy discussion of the ways in which data protection laws - although well-meaning - create insurmountable barriers to law enforcement in a networked environment by protecting the identity of criminals.

The thing is, the US doesn’t have data protection laws in place for IP addresses, so it’s hard to see how data protection could be at fault. And last time I checked, a person who leaves his family without telling them where he’s going isn’t a criminal.

Blaming the user is a dangerous ideology because it blurs the line between users and criminals. Especially in a global context, “criminals” can include human rights activists and political dissidents who use the Net to exercise their right to free expression and association. We’re doing them and us no favours when we build mandatory authentication and surveillance into the network.

Rather than worrying about controlling the stupid users, we should be worrying about the effects of weakening judicial supervision of police surveillance. We should also invest in privacy-respectful alternatives, like honeypot servers that attract attackers and provide early warning of pending attacks on the network - all without collecting personal information or invading anyone’s privacy. Because ironically, in a world information society, it’s the users that matter. The people who talk to their friends, carry on their businesses and surf through the vast labyrinth of information that resides on the Net are the society we’re seeking to protect.

| Comments (2) |

Private Conscience, Identity and Equality: Limiting Free Speech for the Greater Good

posted by:Daphne Gilbert // 11:30 PM // August 23, 2005 // ID TRAIL MIX

Daphne Gilbert and Jena McGill

"Give me the liberty to know, to utter, and to argue freely
according to conscience, above all liberties."

John Milton
Areopagitica, 1644

Even though same-sex marriage is now firmly situated in Canadian law, Canada’s top Roman Catholic Cardinal, Marc Ouellet, continues to express great concern about the effect of the legislation on his religious freedom (Gloria Galloway, Ottawa, Same-sex foes risk charges, Cardinal fears, July 14, 2005 Globe and Mail at A1). Cardinal Ouellet is worried that vocal opponents of same-sex marriage will risk criminal charges for speaking out against homosexuality. Before a senate committee hearing arguments for and against Bill C-38, Cardinal Ouellet argued, “[t]here’s a type of climate that exists where we no longer feel we can express our opinion…[w]e realize if we say certain things we may get accused of homophobia or of hatred, bigotry...”. His claim reveals a tension between the Cardinal’s private beliefs, his desire (and right) to speak those beliefs publicly, and the possible consequence that he will promote hate by opposing a status quo that accepts, and indeed now celebrates gay and lesbian identities and same-sex marriage.

A vibrant, free society is characterized by the vigor of its public debate and the extent to which it encourages its members to form and promote their own world-views. Our Canadian Constitution protects each person’s right to convey opinions publicly, subject to few limitations. Cardinal Ouellet’s concerns rightly attest to the fundamental importance of private conscience. The privacy of one’s mind is perhaps the last realm of our lives to be virtually impermeable to the outside world, and the dissemination of our thoughts is something over which each individual is able to exercise total control. The sacredness of private conscience is reflected in our system of law with the basic precept that one cannot be punished for thoughts alone. It is in our minds that we enjoy the ultimate form of privacy – complete, uncensored freedom to think whatever we want without the risk of judgment or prosecution.

The sanctity of the private mind provides the foundation upon which identity is built. In our most private conscience we define and re-define our identities, values and opinions. What good is private conscience if it must stay private, if we are not able to share the thoughts and beliefs that we have developed in our private minds? According to Cardinal Ouellet, the right to hold private beliefs is of little value without the complementary right to make private conscience public by speaking one’s opinions freely. Considering the supremacy of freedom of expression in Canadian law and society, it would seem that Cardinal Ouellet may be right. The extension of private conscience is the freedom to speak one’s mind, a highly-prized and protected value, labeled a “fundamental freedom” under section 2(b) of the Charter of Rights and Freedoms.

One of the primary goals of strong protections for freedom of expression is to enable the pursuit of self-fulfillment and self-realization as an essential part of autonomy and identity. By speaking our private minds, each person is able to grow and further him or herself, others and society, and thus realize his or her full potential as a human being. Giving every individual the right to freely communicate his or her thoughts, aspirations and opinions is to affirm the dignity of each member of society. What goal could be more laudable, more worthy of protection? For Cardinal Ouellet there is no more important objective, even if in the course of pursuing his full potential through expression, the statements he utters amount to a violation of the equality rights of the gay and lesbian community.

While private conscience and free expression are valuable rights that play a critical part in reaching the worthy goal of self-fulfillment, they also exist in a framework of other rights that must not be forgotten. The goals of autonomy and self-determination are heavily grounded in individualism, with little regard for the good of the collective whole. This makes sense given that our society is heavily focused on the advancement and satisfaction of the individual. The importance of free thought and speech stems from individualistic thinking, but at what cost to collective rights like equality? Equality requires cooperation, respect and tolerance, and occasionally, the silencing of opinions when it comes to public speech that offends the dignity and equality rights of another group. A collective outlook on rights may necessitate the sacrifice of individual goals; a sacrifice that, based on Cardinal Ouellet’s comments, the religious community is not prepared to make when it comes to same-sex marriage.

This is not to say that group sensibilities inevitably take precedence over individual conscience. Indeed, it appears this is rarely the case. Cardinal Ouellet has the constitutional right to religious freedom and to express his religious conscience in all private conversation. If he is concerned about being prosecuted for the promotion of hatred against the gay and lesbian community in the course of his public religious teachings, he need only refer to section 319.3(b) of the Criminal Code, which reads “[n]o person shall be convicted of an offence under subsection (2) [willful promotion of hatred] if, in good faith, the person expressed or attempted to establish by an argument an opinion on a religious subject or an opinion based on a belief in a religious text,” to see that he is easily excused. It seems that the Cardinal’s freedom of religious expression could effortlessly take priority over the equality rights of gay and lesbian persons. Cardinal Ouellet may continue to preach against same-sex marriage and homosexuality; not only that, but he will occupy an exclusive niche carved specifically to protect people who may willfully promote hatred with ‘religious justification’. The Cardinal can stop worrying and continue to seek self-fulfillment through religious expression, knowing that he is protected by the law.

Conversely, gay and lesbian persons must continue to worry about the ongoing attack by members of the religious community on their dignity and thus, their equality rights. Everyone has a right to security of the person, and public expression that attacks, marginalizes and degrades the gay and lesbian community violates their security, no matter if it comes from the pulpit or the newspaper. Why does freedom of religious expression for one group ‘trump’ the equality rights of another? There is some indication that this may not be set in stone. In Owens v. Saskatchewan (HR Commission) [2002] S.J. No.732, the Saskatchewan Queen’s Bench ruled that Hugh Owens was guilty of violating section 14.1(b) of the Saskatchewan Human Rights Code, which prohibits the publication or display of any material “which exposes to hatred, ridicules, belittles or otherwise affronts the dignity of any person, any class of persons or a group of persons because of his or their race, creed, religion…sexual orientation…” Owens placed an advertisement in the Saskatoon Star Phoenix newspaper for bumper stickers with four Bible passages condemning homosexuality and a graphic of two men holding hands with a line drawn through it, indicating “no” to homosexuality. The ad was placed to coincide with Saskatoon’s Gay Pride celebrations. In his judgment, Barclay J. said: “[w]hen the use of the circle and slash is combined with the passages of the Bible, it exposes homosexuals to detestation, vilification, and disgrace. In other words, the Biblical passage (sic) which suggest that if a man lies with a man they must be put to death exposes homosexuals to hatred” (at para.21). If the publication of Biblical passages vilifying homosexuality can constitute an expression of hatred sufficient to offend the equality rights of gays and lesbians, why is speaking those same passages as religious teaching a protected right?

There is not a straightforward resolution to the conflict between free expression as it is used to convey private conscience and further individual identity, and the equality rights of a group that may be undermined by someone else’s quest for fulfillment. Must the achievement of a civil society be at the expense of a free society? We believe the answer is no, however in the fine art of balancing rights, where individual freedoms may eclipse collective rights like equality, some sort of prioritizing must take place. In weighing the value of public religious speech against equality, it seems necessary to ask exactly how the condemnation of gay and lesbian persons furthers Cardinal Ouellet’s self-fulfillment. In R v. Keegstra [1990] 3 SCR 697, the Supreme Court stated (per Dickson C.J.), “[h]ate propaganda contributes little to the aspirations of Canadians or Canada in either the quest for truth, the promotion of individual self-development or the protection and fostering of a vibrant democracy where the participation of all individuals is accepted and encouraged.” This is true no matter what form the expression of hate assumes. Though freedom of expression is central to the full realization of private conscience and is protected under the Charter as a fundamental freedom, there is no right more essential than living with dignity and security in a society free from hatred – goals that only full, unrestricted equality rights can guarantee.

| Comments (0) | | TrackBack

Ottawa to give police more power to snoop

posted by:Jennifer Manning // 10:21 AM // August 19, 2005 // Surveillance and social sorting

The Globe and Mail

Ottawa — The federal government will introduce legislation this fall that would give police and national security agencies new powers to eavesdrop on cellphone calls and monitor the Internet activities of Canadians, Justice Minister Irwin Cotler said yesterday.

The bill would allow police to demand that Internet service providers hand over a wide range of information on the surfing habits of individuals, including on-line pseudonyms and whether someone possesses a mischief-making computer virus, according to a draft outline of the bill provided to the Privacy Commissioner of Canada.

After a speech to a police association in Ottawa, Mr. Cotler confirmed that his government will soon bring "lawful access" legislation to cabinet for final approval before it is introduced in the House of Commons.

The minister said the law is needed to replace outdated surveillance laws that were written before the arrival of cellphones and e-mail.

"We will put law-enforcement people on the same level playing field as criminals and terrorists in the matter of using technology and accessing technology," he said.

"At the same time we will protect the civil libertarian concerns that are involved such as privacy and information surveillance,"the minister said.

Police groups say they are not asking for any new powers but rather the ability to continue their regular investigative activities in the digital age.

Clayton Pecknold of the Canadian Association of Chiefs of Police said police are working with laws originally written in 1974, a time when wiretapping involved climbing telephone poles.

"The laws were written for a wired world as opposed to the wireless world," he said. "We are not asking that we be given any powers without a court order."

But critics who have been involved in private consultations with the government are expressing concern that the proposed law goes too far and could ultimately be used to nab Canadians as they engage in relatively minor offences such as downloading music, movies and computer software without paying for them.

The law would force Internet service providers to retain records on the Internet use of its clients in such a way that it can be easily retrieved by police, doing away with the need in many cases to seize an individual's computer as part of an investigation.

In her submission to the government earlier this year, Privacy Commissioner Jennifer Stoddart concluded that Ottawa and the police have not provided enough justification to warrant such a law.

"We remain skeptical about the need for these potentially intrusive and far-reaching measures," she wrote. Ms. Stoddart noted the law could give police access to global-positioning-system data from cellphones combined with electronic banking data that could allow the government to track an individual's every move.

"The digits we punch into a modern telephone do not just connect us to another party, they can also reveal our financial transactions, PIN numbers and passwords, or even health information." Michael Geist, a University of Ottawa law professor who took part in the consultations, said the proposed law goes "well, well beyond" updating references to analog technology. "For individual Canadians, this is an issue that should attract enormous interest because it fundamentally reshapes the Internet in Canada, creating significant new surveillance powers," he said.

Alex Swan, a spokesman for Public Safety Minister Anne McLellan, who will be introducing the bill, said the new law will not add any new offences to the current list in the Criminal Code that can be used to justify a wiretap.

While that list of more than 100 crimes does include a host of sections dealing with terrorism and organized crime, it also includes theft, mischief and keeping a gaming or betting house.

Mr. Swan said judicial oversight will prevent police from using the new surveillance law for minor offences, as will the cost involved in using such surveillance methods.

| Comments (0) | | TrackBack

The Personal and the Empirical

posted by:David Matheson // 04:13 PM // August 17, 2005 // Core Concepts: language and labels

Sometimes when we describe information as "personal" we mean to cordon it off as information that others have no business knowing. This is often what's going on when one declines to answer a question on the grounds that "that's personal!" But here I want to talk about personal information in a broader sense. I'm interested in understanding the nature of personal information in the sense of the sort of information with respect to which one can, at least potentially, have privacy. I can have privacy with respect to information about what medications I might happen to be on, because that's personal information about me; but I can't have privacy with respect to information about the average annual rainfall in Ottawa, because that's obviously not personal information about me. This even though the information about my medications might quite properly be the business of others to know (e.g. my physician).

What is personal information in this broader sense? An adequate answer to that question is important for any robust theory of the individual's right to (informational) privacy, since if we want to understand what that right amounts to we'll also want to understand what the thing is – privacy -- to which the right entitles the individual. And since privacy is presumably a relation that holds between the individual's personal information and other people, we'll in turn want some understanding of what we're talking about when we speak of the individual's personal information.

Elsewhere I've argued that personal information is not necessarily sensitive information about the individual, on the grounds that even if the individual could care less about whether others know a bit of information about her (or even if most members of the society in which she lives could care less whether others know that sort of information about them) that's not enough to render the information in question non-personal; all it might show is that the individual could care less about whether personal information about her is known by others. I'm still inclined to say this. But this, of course, is not really to say anything about what personal information is; it's only to say what personal information isn't.

Once the personal and the sensitive are drawn apart in this way, it becomes tempting to suggest that personal information is just information specifically about an individual: personal information about me, for example, is just facts about me as opposed to other people (or no people at all). But there are serious problems with this liberal account of personal information. Consider the following fact (i.e. bit of information):

(1) David Matheson is David Matheson.

As Steven Davis has pointed out in a recent paper (see footnote 17 of his "The Epistemology and Normativity of Identifying and Identification"), this sort of trivial identity fact is, for all its triviality, a bit of information specifically about an individual, viz. me. No one else, after all, is identical to me except me! And so on the liberal account, (1) would count as a bit of personal information about me. But that's absurd: (1) is information specifically about me, to be sure, but not personal information about me.

Other counterexamples to the liberal account of personal information abound. Consider, for example, the following two facts about me:

(2) If David Matheson is a resident of Ottawa, Ontario, then he is a resident of Canada.

(3) David Matheson is not both married and a bachelor.

Again, (2) and (3) are both bits of information specifically about me. But it is quite implausible to say that they are bits of personal information about me.

So we're still in a fog. If personal information is to be equated neither with sensitive information about an individual, nor with just information specifically about an individual, what is it? My suggestion is this: personal information is empirical information specifically about an individual. To flesh this new account out a bit, I'm going to have to say something about the meaning of its key term, "empirical." And to do that, I have to say something about knowledge sources.

A knowledge source can be thought of, generally, as a cognitive process that begins with certain characteristic mental states (the source's "input") and -- provided all goes well -- results in knowledge (the source's "output"). Philosophers have distinguished six putative knowledge sources, so understood, distinguished from each other in terms of their distinct inputs and/or outputs:

Perception. This takes sensory appearances of things in the world (e.g. its seeming to me visually as if there is a dog in front of me) as input, and generates knowledge of things in the world (e.g. my knowing that there is a dog in front of me) as output.

Introspection. This takes appearances of one's own mental life (e.g. its seeming to me, when I direct my attention to my own mind, that I am annoyed with someone) as input, and generates knowledge of one's own mental life (e.g. my knowing that I am annoyed with that person) as output.

Inference ("Reason" in one sense). This takes knowledge of certain information (e.g. my knowing that Socrates is a man and that all men are mortal) as input, and yields knowledge of new information (e.g. my knowing that Socrates is mortal) as output.

Rational Intuition ("Reason" in another sense). This takes appearances of necessity (e.g. its seeming to me necessary that 2+2=4) as input, and generates knowledge of necessary truths (e.g. my knowing that 2+2=4) as output.

Memory. This takes past knowledge of information (e.g. my knowing yesterday that I had a latte in the morning) as input, and yields present knowledge of the very same information (e.g. my knowing today that I had a latte yesterday morning) as output.

Testimony. This takes knowledge that another person has claimed something (e.g. my knowing that the departmental chair has claimed that philosophy enrollments are up this year) as input, and yields knowledge of what she has claimed (e.g. my knowing that philosophy enrollments are up this year) as output.

Among these general sources, only Perception, Introspection and Rational Intuition seem to be basic knowledge sources, since only they generate knowledge from something other than knowledge. The other sources -- Inference, Memory, and Testimony -- only work if they've already got knowledge ultimately derived from the basic sources.

We can understand the notion of empirical information, however, just in terms of the basic sources. To say that a bit of information is empirical is to say that it can only ultimately be known through the operation of Perception and Introspection (through "experience", as philosophers are often wont to say). The contrast is with (as philosophers also often put it) "a priori" information. A priori information is information that can ultimately be known through the operation of Rational Intuition. (A little aside: you've probably heard about great debates in the history of Western philosophy between the "Rationalists" and the "Empiricists." The Rationalists think we can know a lot of significant a priori information, i.e. a lot ultimately just through Rational Intuition; that's why they're big on Reason. The Empiricists, by contrast, think that pretty much any significant information to be known is empirical, i.e. to be known only through Perception and Introspection; that's why they're big on Experience, or the Senses.)

So, in a nutshell, the claim that personal information is empirical information specifically about an individual amounts to this: personal information is information specifically about an individual that can ultimately only be known through the operation of Perception and Introspection. Rational intuition ("reason" in one historically important sense of the term) alone won't do the trick.

This account of personal information allows us to understand why the likes of (1)-(3) don't count as bits of personal information. Although they are bits of information specifically about an individual, they are not empirical bits of information specifically about that individual, since they can (I suggest) be known ultimately though Rational Intuition. They are bits of a priori information about me.

This account also makes it clear why personal information does not necessarily go hand in hand with sensitive information about individuals. For it's pretty obvious that not all empirical information specifically about an individual is sensitive information about the individual.

| Comments (6) |

Technology and the law: Will reasonableness be the ruin of privacy?

posted by:Alex Cameron // 08:34 PM // August 16, 2005 // ID TRAIL MIX

In a recent ID TRAIL MIX entry titled “A Society Drunk on Technology (or, A Luddite Commissioner Takes Stock)”, Frank Work, Information and Privacy Commissioner of Alberta, blogged some of his insightful observations about the nature of the relationship between technology and “the rules”. This is a fascinating area of inquiry and an essential one in the area of privacy. For this entry, I want to add a brief late-summer observation of my own.

Many modern technologies implicate privacy directly. Some technologies unquestionably enable privacy invasions – these are the key-loggers and other surreptitious surveillance technologies. Other technologies are ostensibly designed to protect against privacy invasions – these are our so-called “Privacy Enhancing Technologies” or “PETs”, such as encryption. Many other technologies lie somewhere in the middle, having some impact on privacy but perhaps an unintentional or peripheral one. Camera phones and RFID tags might fall into this middle category.

In addition to the kinds of direct effects listed above, however, technology can have fundamental implications for privacy law because of the way that most countries have chosen to regulate privacy. Setting aside the issues (and limitations) of consent-based privacy regulation, the use of reasonableness – and in particular the notion of a ‘reasonable expectation of privacy’ – permits technology to undermine the spirit of existing laws by continually influencing or changing the context in which those laws are interpreted. At the very least, this interaction between technology and law suggests that technology, rather than law, is the prime force charting our future privacy landscape.

In order to help understand this point, it is useful to first consider a non-privacy example – the use of geo-location technology by e-commerce businesses. Geo-location technology allows companies to determine the location of potential online customers with a reasonably high degree of accuracy. Knowing the location of a potential customer can be important for an e-commerce business that does not wish to do business in particular jurisdictions, perhaps they do not wish to be hauled into court or face potential legal liability in those jurisdictions. For example, Canadian visitors to the US-based site Movielink.com are met with the following message: “Thanks for visiting Movielink! Unfortunately, we do not offer our service in your region.” As geo-location technology becomes more widely available and adopted, companies may be judged in law according to whether or not they use it. If, for example, a major multi-national company did not use geo-location to limit the jurisdictions that it sells to online, and it could have done so, then that company may be found subject to the laws of all jurisdictions that it was selling to. This analysis may depend on the circumstances of particular cases as well as the extent to which effective geo-location technology is available and generally adopted. The important point is that the technology itself can be used to define the context in which the existing law is interpreted and even become an integral part of the legal test.

In the area of privacy, a similar issue may arise in the context of encryption technology. As it presently stands, most email users likely believe that their email communications are entirely private. That assumption may not always reflect reality (which is not important for the purposes of this blog entry). However, if encryption technology is a virtual guarantee of private email communications, then it is conceivable that future courts or legislators may hold that a person is not legally entitled to an objectively reasonable expectation of privacy in their email if they do not use encryption. This may of course depend on whether encryption technology is generally adopted, available and affordable.

In effect, what is happening here is that an unregulated change in technological context (e.g. the fact that emails can be intercepted and read unless individuals use encryption technology) is driving legal regulation in an area where the latter should arguably drive the former. For example, it is difficult to imagine that the widespread availability and adoption of key-loggers, digital camera phones or infra-red heat scanners, along with the failure of individuals to take technological counter-measures, should mean that we are entitled to less of an expectation of privacy. This is particularly true to the extent that our use of encryption and other privacy-enhancing technologies can be also used against us by suggesting to legal authorities that we must be hiding something. Violations of privacy are what the legal regulation was designed to protect against in the first place! We seemingly should not need to close our curtains in order to be entitled to a reasonable expectation of privacy (though some might suggest that our Supreme Court would have us build our homes with heat-proof walls!).

It seems to put the cart before the horse to allow the effective strength of the regulation (i.e. the reasonableness of the expectation of privacy) to be influenced so strongly and directly by a change in technological context. This effect is unavoidable to some degree but is a reminder that our laws may need to do a better job charting our privacy course, rather than leaving open the reasonableness door for unregulated technological innovation to do it for us. For example, the use of key-loggers today might be just the kind of thing our privacy laws attempt to stop. However, if key-loggers and privacy-protecting countermeasures are still around in even five years, one has to wonder whether they will influence the legal definition of our reasonable expectation of privacy, undermining what that expectation is and is intended to accomplish today.

| Comments (0) | | TrackBack

NYC wants to track diabetics

posted by:Marty // 11:49 AM // August 14, 2005 // Surveillance and social sorting

New York City recently proposed a new plan to track diabetic New Yorkers. The plan would call for area medical labs to report the results of a diabetes test that can indicate the effectiveness of a person's care. The program would flag patients whose care is lapsing and send notes to their doctors. It is then up to the doctor to follow through and contact the patient.

This article from the Associated Press, via the Seattle Times, provides us with soundbytes from two sides of this issue....

In this corner, we have the City of New York:

There will be some people who will say, 'What business of the government is it to know that my diabetes is not in control?' " said Dr. Thomas Frieden, the city's health commissioner.
The answer, he said, is that diabetes costs an estimated $5 billion a year to treat in New York and was the fourth leading cause of death in the city in 2003, killing 1,891 people.
By pinpointing problem patients, then intervening in their care, Frieden said the city can improve thousands of lives. "I don't think we can afford not to do anything," he said.

And in this corner, we have those with privacy interests in mind:

This isn't smallpox," said James Pyles, an attorney who represents health-care groups concerned with medical privacy. "The state, or the city in this case, does not have a compelling interest in the health of an individual that overrides that individual's right to privacy."

And in this third corner, we have the medical community:

Dr. Nathaniel Clark, vice president for clinical affairs of the American Diabetes Association, said the surveillance system could be a great tool for doctors who find it difficult to track patients over long periods. Currently, he said, people who aren't aggressive about their care can easily fall through the cracks. Some switch health-care providers, and many people living in poor neighborhoods where diabetes is common don't have a regular doctor.

Given the recent trend of security breaches, can such a database really be trusted? Does the end-goal truly justify such a program? Was this proposal drawn up based on a business case or on actual healthcare goals? Should government tracking be limited only to infectious diseases, or just to other major health epidemics? Or should all tracking be ruled out? Given that this program is not seeking healthcare data in the aggregate, but to target individual people, does the stepping on one’s privacy balance against the personal health handholding/looking out for you by the government?

What, I believe, is most compelling here is the issue of consent. Initially, at least, all patients will be flagged for the system. Only afterwards will they be able to opt-out. Think of the above questions, again, in light of a opt-out mechanism, do any of your opinions change? Is this a case of Government Knows Best?


| Comments (0) | | TrackBack

Little v and big V: online voting

posted by:Marty // 04:55 PM // August 13, 2005 // Digital Democracy: law, policy and politics

E-voting – raise the word and we readily think (ok maybe just me) of voting with a big “V”, i.e. voting for government officials. However, taking a quick pause we can see some of the many other instances of e-voting:

  • The Dove Awards (Christian Music) are taking their balloting online, allowing the members of the Gospel Music Association to vote online
  • Countless online sites offer polls and "vote for your favourite ___" items
  • the New York City Firefighters Union has set up online voting for its members who are serving in Iraq and Afghanistan, and
  • A new sea lion born at a Six Flags had its name selected by online vote.
  • All of this to say that increasingly we are seeing these examples of, what I'll call, small "v" online voting - micro voting - where the issues are trivial to some, significant to others, but their results are not universal or pan-geographic (national, regional, municipal, etc.). Will our comfort with small v online voting make for a seamless transition to big V online voting (voting for our government officials)? Will familiarity with online voting encourage increase voter participation? Lastly, will voters take safety and reliability of online voting for granted?

    As an aside, I'm reminded of something that George Carlin once said. Let me paraphrase "If you don’t vote, you have no right to complain’, but where’s the logic in that? If you vote and you elect dishonest, incompetent people into office who screw everything up, you are responsible for what they have done. You caused the problem; you voted them in; you have no right to complain. I, on the other hand, who did not vote, who in fact did not even leave the house on election day, am in no way responsible for what these people have done and have every right to complain about the mess you created that I had nothing to do with"
    | Comments (2) | | TrackBack

    Camerica?: Two Cheers (or Less) for the Indiscriminate Spread of Video Cameras in Public Areas

    posted by:Gary Marx // 08:16 PM // August 09, 2005 // ID TRAIL MIX

    In a case seen by millions of TV viewers on the evening news an Indiana mother was caught on videotape hitting her child in a public parking lot. How should such a case be viewed? Public comment has generally been supportive. There is a sense that justice has somehow been done -- an apparent abuser, who before the age of the instant replay would have gotten away with it is indisputably caught in the act.

    The video’s documentary evidence is not dependent on the vagaries of memory, conflicting or fraudulent claims or the distortions of power. The camera is in one sense neutral, capturing all within its purview, regardless of the personal characteristics of the watched or the watcher. The low cost and ease of use may even contribute to the democratization of surveillance, offering a means to document mistreatment of the less powerful (in this case a child, but note also videos of police beatings or sexual harassment). The presence of the camera makes some persons feel more secure.

    Nor is there much question about the legality of such taping. The courts have generally held that whether a topless celebrant at a festival, or fully clothed on a mall bench, there is no reasonable expectation of privacy in public settings. In many U.S. states that even extends to surreptitious photographing up skirts and down blouses, unless a law specifically prohibits that. Nor is there such an expectation in “private” settings such as a backyard, for what is “publicly” offered to an overhead observer (whether satellite or video drone or neighbor in a high rise apartment).

    But enthusiasm for the rapidly spreading, and minimally regulated, surveillance cameras needs to be tempered by awareness of their limitations. One issue involves validity. We need to ask, “does (or better can) the camera lie”? Is seeing believing? By what unexamined standard is a picture worth a multitude of words? Certainly as current computer generated films and advertisements suggest, with digital manipulation a realistic appearing visual record can be created showing anything.

    But even absent technological tricks, we must avoid rushing to conclude that with a visual record things “are” necessarily as they seem. Meaning lies in interpretation beyond the physical depiction. Consider joking, play acting or manipulation. It might be that a video image of someone being struck is other than it appears to be (e.g., play-acting in which a punch is pulled at the last instant). Even with a real image, the camera is spatially (and often temporally) restricted. For example a rotating camera capturing a fight in progress, in which one person is clearly injuring another, is not necessarily evidence of assault. The person with the upper hand may simply be fighting back from an unprovoked attack that occurred off-camera. Or consider the pseudo-shop lifter stuffing an expensive item in his pocket in full view of the camera. He then moves out of the camera’s view, drops the item and exits the store, hoping for the chance to file a false arrest suit against the store when he stopped outside it.

    The evidence for the camera’s crime reduction effectiveness is underwhelming to non-existent. Under limited conditions there may be some modest displacement of crime to areas without video cameras. Even the British Home Office has eventually had to conclude that the research evidence for deterrence is weak to non-existent.

    Surveillance videos usually have a grainy B grade movie quality. Images are often unclear because of lack of light, angle or distance and identification of a person of interest is far from automatic. Certainly there are occasions when the camera helps in identifying a perpetrator. But even if the image is clear, it is interesting to note that as cameras have become ever more prevalent in banks, bank robberies have nonetheless continued to increase. Most cameras have blind spots. Sophisticated violators quickly learn how to neutralize or avoid new control techniques.

    The cameras’ effectiveness may be further undercut by those doing the monitoring. Such work is generally done by poorly-trained and ill-paid workers with high rates of turn over. The monitoring is boring. Since most of the time nothing happens, the mind can easily wander missing that rare event, should it occur. There has been little public cost-benefit analysis of the tactic, nor comparison with other means of obtaining equivalent goals.

    Those justifying the camera’s presence and expansion argue that, “if you have nothing to hide, you have nothing to fear.” This simplistic view makes the error of equating a desire for privacy with guilt. Yet we all have things to hide, or at least shield from broad public presentations, that do not involve wrong doing. These vary from strategic concerns, to bodily functions, to the frequent gap between behavior and inner feelings and attitudes. The advantages of varying forms and degrees anonymity are well known. Social creativity would be greatly weakened if a documentary record was made of everything.

    A related argument involves the “techno-fallacy of more” --the assumption that, if some information is good, more must be better. Yet contrary to the ideas of the Enlightenment, there are times when it is better not to know. Consider the parking lot camera that records images of an amorous couple in the back seat of a car, or a secret meeting of feuding politicians or diplomats seeking to negotiate out of the public eye.

    With respect to the loss of anonymity, political demonstrators may feel inhibited being recorded and not knowing who will have access to the tapes, or under what conditions. Nor is liberty significantly advanced when, as happened recently, a clerk in a gay video store can sell surveillance camera images of a customer (an actor, well known for his macho portrayals), to sensationalist media.

    In surfacing and memorializing so much of what had been ephemeral, back stage behavior before the advent of the camera, we also run the risk of overloading control systems. There are far more rule violations than can ever be processed. Bringing these to public notice, when many will not be acted upon, can generate cynicism and concerns of discrimination. The use of discretion that is so central to wise decisions and justice in a complex and changing world can ironically be undermined by video cameras adopted in the hope of increasing accountability.

    None of this is to argue against the appropriate use of video cameras. It is however to call for broader public discussion informed by research and clearer guidelines as the cameras become ever more common features of everyday life.

    Gary T. Marx is emeritus professor MIT. Related articles can be seen at garymarx.net.

    | Comments (0) | | TrackBack

    Interests of Personality in 1915

    posted by:Catherine Thompson // 11:42 AM // // Core Concepts: language and labels

    Read an article called “Interests of Personality” by Roscoe Pound, published in the 1915 edition of the Harvard Law Review. It’s philosophical and mentions privacy, so I thought I would share my summary of the article.


    The legal system recognizes interests. It does not create them. Interests rise through the competition of individuals and societies. The legal system does not recognize all interests. It must choose which interests it will give legal effect.

    The scope and subject matter of the law can be quite wide because, in determining which interests should be given legal effect, the following must be considered:
    1. Interests the law ought to recognize
    2. The principles that will determine which interests will be recognized
    3. The principles that will inform decisions to limit legal interests
    4. The means that the law can secure legal interests
    5. The limitations to effectively securing legal interests

    The first legal interests were the social interests of prevention of self-redress and prevention of private wars. General security, as a social interest, was the first to be recognized by the legal system. This interest is responsible for the beginning of law. The social sciences and legal jurists should cooperate to recast historical jurisprudence in a light that recognizes this fact.

    Individual Interests

    Natural rights are interests that the law ought to recognize. When a natural right is given legal effect, it is called a legal right. The deduction of natural rights was achieved in either of three methods of critical evaluation. The first method, discarded after Kant, saw natural rights deduced “from a supposed social compact.” The second method saw natural rights deduced “from the qualities of man in the abstract.” However, ‘man in the abstract’ has never technically existed. The third method saw natural rights deduced “from some formula of right or justice.” The formula relied on was that of the nineteenth century system of fundamental individual rights. It is the starting point for many of the individual legal rights we have today.

    The law does not exist primarily to recognize individual interests. Neither does the law primarily exist because of the pressure of competing interests. The law exists for social ends. Individual interests are only secured as a means to that end. The law’s overall goals include:

    • making individual capacities available for the development of general happiness or the common good
    • promoting the general, public, organization and order to equalize opportunity for all

    Individual interests have gradually been disentangled from group interests. Now the law is disentangling social interests from individual interests.

    Drawing from Kant, individual interests may be classified in three ways:
    1. Interests of personality (physical and spiritual existence)
    2. Domestic interests (individual life)
    3. Interests of substance (economic life)

    Hegel argues that all interests are personality interests because “all natural rights flow from the principle of respect for the free will of others.” This view was generally accepted in the nineteenth century.

    The law has generally developed to begin compensating for the interest infringed rather than for the unlawful act.


    How do you determine which interests the law ought to secure? “How shall we construct a scheme of natural rights of personality?” As mentioned already, the third method of deduction is the best starting point. A good example of this method is Spencer’s Justice. Spencer draws from Kant’s formula of right, as well as from metaphysical and historical methods, to deduce seven natural rights:
    1. Physical integrity
    2. Free motion
    3. Use of natural media (res communes, res publicae)
    4. Property
    5. Freedom of contract
    6. Freedom of industry
    7. Freedom of belief and opinion

    Physical integrity, honour and reputation, and belief and opinion will be examined.

    The Physical Person

    This interest includes the concepts of:
    • immunity from direct / indirect injury
    • bodily health
    • freedom from coercion
    • freedom of choice
    • immunity of the mind and nervous system
    • preservation and furtherance of mental health
    • freedom from annoyance interfering with mental comfort

    Some of these interests are group interests in the prevention of private wars, the debt to be paid back to the group (the state). The individual interest of integrity of the physical person is, in addition, an interest in one’s honour. In ancient Roman and Greek laws, this was viewed as relevant to gauge the amount of vengeance that might be aroused. The social interest is ensuring peace.

    The three steps to recognizing personality interests are: 1) recognition of physical harm as a wrong, 2) recognition of coercion as a wrong (free will interfered), 3) recognition of mental injuries and even “infringement of another’s sensibilities.”

    The biggest hurdle is to demonstrate the harm objectively, because the individual interest in receiving redress for a subjective emotional harm must be balanced against the societal interest of preventing false claims of harm. Additionally, there are the complicating factors of individuals who may be “unduly sensitive or abnormally nervous.” Hope lies in the advancement of psychological expert evidence.

    The difficulties posed in proving merely mental discomfort is greater. The law has dealt with these difficulties by 1) judging the infringement according to an objective standard (meaning that damages are gauged as if the harm occurred to a fictional person who is NOT the complainant and who, for example, is NOT unduly sensitive), and 2) the damages flowing from the harm are only awarded if some other more tangible harm has occurred (such as physical injury or trespass to property).

    Therefore, one reason why personality interests are rarely recognized is because of the practical problem of proof. Another reason is that the law is too hesitant to move forward and recognize such a right. A case in point is the lack of recognition of a tort of privacy despite Warren and Brandeis’ arguments [note to non-lawyers: the tort of privacy is alive and well in the U.S. now (2005)].

    Honour: Reputation

    Interest in honour (personality) must be separation from reputation interests that are asset interests (substance). For example, a fictional book is published using real names and life details of individuals known to the author. The named individuals may have an interest in the use of their name (substance interest of property). They also may have an interest in not having the intimate details of their lives made public (personality).

    How has the law recognized the interest in honour? In the context of property, Roman law made injury to slaves by other than the slave’s owner illegal on the basis that it was an affront to the slave owner. In German law, there must be intent to injure another’s feelings.

    In American defamation law, quantification of compensation injuries to asset are easily done. However, injury to honour, which can not be compensated in theory, must receive one of the only quantum available: money. Awards vary widely, in part due to the decision being entrusted to juries.

    Belief and Opinion

    This is a well engrained right in American law. Often, it is only seen as an individual right. As a societal interest, it serves political efficiency and social progress. Individuals who are restrained in the expression of belief and opinion can not be said to lead a “full moral and social life.” A limit to the right is expression of beliefs that may overthrow the state or vital institutions. This social interest limit is sometimes overemphasized. The threshold is when those beliefs are manifested externally.

    | Comments (0) | | TrackBack

    Confessions of a closet Airmiles collector

    posted by:Hilary Young // 12:54 PM // August 08, 2005 // Commentary &/or random thoughts

    So I'm having dinner at Stoneface Dolly's with some friends on Saturday, enjoying the patio and cold beer, when the conversation turns to which credit cards offer the best features, and eventually to loyalty programs such as the Airmiles card. (I know, we're an exciting bunch.) Someone mentions that because of such programs, companies have extensive profiles, not only of what you buy, but of demographic information and that there's a potential for some companies to have location information through GPS and cell phones. Someone else mentions Gmail and how it scans your e-mails in order to target advertising to you. All this is said without anyone expressing much concern – just interest in what is happening these days.

    Then one friend says that, personally, he'd rather be subjected to ads related to his interests than to ones for products for which he has no use. He knows it's a machine searching his e-mail and doesn't feel that his privacy has been violated, and he sees the utility of targeted advertising.

    In general, the group is aware that loyalty programs are ways for companies to buy information about you (what groceries you buy, how much you spend on your credit card in an average month) and they have no problem with that. And most of the time, I must confess, I feel the same way. In the past four years I've received almost $600 in free groceries by using my Master Card. In May, I went to Asia (Bangkok and Beijing) for free by cashing in Aeroplan points. I am quite willing to sell my personal information to companies if the price is right, and the price doesn't have to be that high – for my groceries it's slightly more than 1% of my Master Card purchases.

    So, munching on focaccia with chèvre and eggplant, I feel that I should toe the privacy line and enlighten my friends with some of the reasons why all this data collection isn't such a great idea. In particular, the facilitation of identity theft and using information collected for other purposes to determine insurance rates made my friends think twice. But of course I'm being a total hypocrite. Here's my confession: I don't care that much about informational privacy. I think it's important that those who DO care have the means to preserve their privacy, but I'm not one of those people. There, I said it.

    Now before you revoke my membership in the On the Identity Trail project, let me defend myself. I think one of the most important things this project is doing is imagining the implications of various future legal, policy and technological changes so that we as a society can make informed decisions about what we want to happen. If, knowing the consequences, people want to live in a Minority Report-type world where ads are targeted to specific individuals, that's fine by me. The problem is that we risk ending up in such situations, not because we've chosen them, but because we have made a number of incremental decisions that led to an undesirable result only because we didn't have the foresight to avoid it. Now that would be a shame, and I think this project's greatest contribution will be to provide some of that foresight.

    At our table, as the sun begins to set, the conversation moves to lighter topics, such as how many empties we collectively have in preparation for bottling our next batch of homebrew (almost enough – I'll just have to empty a few more). Ironically, when we leave I pay cash, so that the only record of my having been at Stoneface Dolly's is… this blog entry.

    | Comments (2) | | TrackBack

    What is Anonymity, Anyway?

    posted by:Jason Millar // 09:22 PM // August 04, 2005 // Commentary &/or random thoughts

    Within the privacy debate, the archetypical argument for anonymity seems to be that it protects privacy by obscuring the trail of information that points back to a specific individual. It is not surprising that the archetypical argument against anonymity seems to be that, by obscuring that trail, a person reveals his intention to act immorally or illegally—why else would he want to act anonymously if not because he has something to hide? Plato, in his Republic, used the tale of the Ring of Gyges to argue that any person, given the opportunity to act immorally and with impunity, would be a fool to do otherwise. Although Plato’s intent was not to argue against anonymity, his use of anonymity to further the goals of the unjust man points out that the strong correlation between anonymity and injustice is not a new one, created by some recent technical advance like email or the chat room.

    Arguing for anonymity in this manner seems to be a defense of privacy as a good in itself, anonymity then plays the role of a privacy enabling technique. Anonymity itself not being the end in mind.

    Of course, the argument against anonymity, as stated above, is too simplistic to be taken seriously. Clearly, not everyone wishing to act anonymously has something to hide for criminal reasons. To be fair the more nuanced arguments against anonymity recognize that there is generally a balancing act in play when anonymity is raised as a desirable enabling technique. For instance in the privacy debate anonymity is said to enable stronger privacy, which must be balanced against a resultant threat to security. Opponents to anonymizing techniques might claim a primacy of security over privacy, arguing that the anonymizing techniques are better seen as enablers of crime or that they, at the very least, provide a safe environment in which criminals may flourish thus threatening security.

    So the success of arguments for anonymity of this kind seem to rest on the ability to defend anonymity as a legitimate (morally or otherwise) enabling technique of some other good and, of course, demonstrate the primacy of that good (over competing goods) within the context being discussed. This is, in the very least, the tone of the legal debates I have witnessed and read. More often than not I have seen this argument end in a stalemate due to the enormous complexity involved in weighing each outcome against the other in meaningful terms. How much of a threat to security is expected as a result of anonymity? Will anonymity foster a better society, and to what degree or how so? I could go on.

    A recent article posted on Australian IT featured an interview with Ian Clarke of the Freenet Project, a group planning to release a piece of software that enables anonymous file sharing over the internet. According to the article, “Mr. Clarke said that Freenet is altruistically advancing technology and defending democratic ideals of unrestrained communication.” Furthermore, Clark is quoted as saying “you cannot have freedom of communication and protect copyright laws…the two are mutually exclusive."

    Taken as a classic debate of anonymity/unrestrained communication versus anonymity/illegal file sharing it is difficult to establish a clear favourite. (I will say that I think that Michael Geist has essentially dispelled the various rhetorical claims, put forth by the recording industry, through a detailed analysis of the file sharing debate over the last several years. I would highly recommend a careful reading of his findings. But this is not directly related to the issue of anonymity.)

    The technology is framed within the classic anonymity debate by both the designer of the technology and the journalist. How are these debates to be settled?

    It seems to me that there are interesting questions that need to be answered (when faced with the classic anonymity debates) along the lines of the following: Is anonymity a good in itself or is it simply an enabling technique for other goods? If it is an enabling technique then can it be valued in itself or should it be evaluated under the rubric of whatever good it enables? If it is a good in itself then do technologies such as the one proposed by Freenet undermine or strengthen it?

    Equally interesting are questions regarding the concept of anonymizing technologies themselves. How do anonymizing technologies affect the concept of identity? Given that one cannot be completely anonymous in society, rather than talk of anonymity as a value does it make more sense to talk about anonymity as a technology?

    I’ll leave the floor open for comments...

    | Comments (1) | | TrackBack

    A Society Drunk on Technology (or, A Luddite Commissioner Takes Stock)

    posted by:Frank Work // 08:35 PM // August 02, 2005 // ID TRAIL MIX

    Actually, I am not a Luddite . I do however, get to see a lot of technology and the human applications thereof and it makes me wonder. I’m not a sociologist or anthropologist either, so all of my observations are, well, purely my observations. And that is the whole point of a blog, is it not?

    In fact, the point of this entry is “What are the rules?” although sometimes I think it is a case of “Rules? We don’t need no stinkin’ rules.”

    We human beings are amazing creatures: clever, inventive, resourceful, endlessly curious about our world and each other. We invent things, find lots of applications for them and then, at some point, say, “Darn, we never thought about that.” We had printing presses long before we had laws on slander and libel or inciting hatred. We had cars before we had traffic laws. We had atomic weapons long before we had disarmament treaties (and even that is still a work in progress). Industries before environmental protection laws. We will always chase technology in that sense.

    This is true of the myriad of information technologies now available to us. I saw an article the other day about the City of Winnipeg considering banning cell phones from locker rooms in its facilities, for obvious reasons. And there was another article to the effect that people who drive and talk on cell phones (yes, even hands free) are four times more likely to have an accident. I was at a conference recently. The conference room had wireless access. I counted about one third of the audience had their laptops out during the presentations. Trying not to invade anybody’s privacy, a glance about from my perch at the back of the room told me that none of these laptop users were diligently taking notes on what was being said. My particular ethics are that this is just rude. For others, this is perfectly legitimate “multi-tasking”, that is, doing several things at once (and doing none of them well. Like talking on a cellphone while driving).

    What are the rules respecting cell phones, cell phones with cameras, the web (downloading music, copyright), surveillance cameras, RFID chips, databases and so on? Why do we need rules anyway?

    Rules (or laws) are ways of humanizing technology. Rules are a way of imposing human values on technology. I think, in the past, we were better able to deal with technical innovation without written rule (laws), because we had unwritten rules, call them customs, ethics, or mores, which we could adapt and apply to technology to make it human. Not only are we now a less homogeneous society in terms of customs and ethics, but the rate of technological change is such that, as a society, we don’t have time to adapt our customs to technology. The rate of take up of new technologies by individuals is much faster than the rate of adaptation by society, it seems.

    Some of this technology has very serious implications. Consequently there are significant risks involved in waiting for custom and usage to catch up to and humanize the technology. For example, we have an amazing array of technologies which have surveillance applications: GPS, RFID, high resolution cameras, facial recognition software, keystroke logging software. What is it about these things that needs rules? What harm should we try to prevent through rules? Do these things pose a threat to other things which we value? We have relatively little research on how surveillance affects human behaviour. There were some 6 million surveillance cameras put up in the United Kingdom before the studies came out which said “Oh, these things occasionally help solve crimes, but they do not reduce crime.” Now we are hearing about the merits of biometric national identification cards, which will be absolutely foolproof and all the social ills they will cure. It all looks so good: your financial information online; your health information on an RFID chip implanted in your body; cameras in cellphones. What could possibly go wrong?

    Canada has laws, privacy laws. But the limitations of these laws must be understood. It is difficult to legislate technology, whether it is information technology, reproductive technology or something like stem cell research . For one thing, it morphs too fast. For another thing, most technologies have useful applications as well as harmful ones, so outright bans of technologies are not usually an option. (Although, there have been attempts to ban technology, file sharing software like the “old” Napster being a current example). Third, as consumers, we just want these things and we want them now: they are new and sexy and there is a cachet to being the first to have it.

    In order to be relevant, flexible and adaptable, privacy laws usually require either consent to collect, use or disclose personal information or the existence of circumstances which make it reasonable to assume that the collection, use or disclosure would be regarded as acceptable by the reasonable person. There is a lot of reasonableness required in these laws. Then a Commissioner or Commission is charged with deciding if something was reasonable.

    Reasonableness is a difficult concept, particularly in a pluralistic, multi-cultural society. What is a reasonable use of any technology to collect, use or disclose personal information will vary from person to person, depending on many factors, including use and understanding of the particular technology. (Are users of cell phone cameras more tolerant of the taking of pictures, wherever, whenever then non-users?) Then too, the world around us shapes our view of what is reasonable. Public surveillance by security agencies will more likely be seen as reasonable in the wake of terrorist activities, for example.

    It is possible to regulate badly. It is possible to make rules based on immediate issues, rules which cause as many problems as they solve in the longer term. The internet is a good example. For at least a decade the internet was the ultimate free market for the exchange of information and ideas. It could be liberating and uniting. It was totally unregulated. Then the problems appeared: spam, viruses and worms; file sharing and breach of copyright; the dissemination of child pornography via the web; the use of the web to further crime, money laundering, terrorism. How should and much should the world wide web be regulated? The same law that prohibits using the web to plot terrorism may prevent me from dissenting against my oppressive government.

    We sometimes lack the willingness to think and analyze before we act. In a world where we become impatient if it takes more than a second to download a two thousand page document, where we expect an immediate reply to our email, where we expect someone to answer their cellphone wherever, whenever we call, where we demand instant credit and immediate gratification of our wants, we tend to look for the immediate fix to problems. And, we usually adopt the techno-fix, so strongly do we believe in the power of technology. But the techno-fix, the quick-fix, is not always the best fix: there is, after all, the law of unintended consequences. There is an old Luddite saying: “Act in haste, repent at leisure.”

    I believe that we will work our way through these issues, remembering that we are only in the infancy of the Information Age. I am confident that, while these things will change us, they will not destroy us. From what I have seen so far, the trip will be a bumpy one: full of potholes and diversions and detours and cul de sacs. But there will be achievements and success stories. Grand vistas will open up before us. The voyage may be as important as the destination.

    To Ian Kerr, thanks for the opportunity to take these thoughts out for a walk.

    Frank Work is the Information and Privacy Commissioner of Alberta.
    | Comments (0) | | TrackBack

    main display area bottom border

    .:privacy:. | .:contact:.

    This is a SSHRC funded project:
    Social Sciences and Humanities Research Council of Canada