Database Snooping Threatens Liberty - And We're All Making Matters Worse
Every year or two, I get back on my soapbox to say: database and analytic technology, as they evolve, will pose tremendous danger to individual liberties... This time I don't plan to be so quick to shut up.
Every year or two, I get back on my soapbox to say:
Database and analytic technology, as they evolve, will pose tremendous danger to individual liberties.
We in the industry who are creating this problem also have a duty to help fix it.
Technological solutions alone won't suffice. Legal changes are needed.
The core of the needed legal changes are tight restrictions on governmental use of data, because relying on restrictions about data acquisition and retention clearly won't suffice.
But this time I don't plan to be so quick to shut up.My best writing about the subject of liberty to date is probably in a November, 2008 blog post. My best public speaking about the subject was undoubtedly last Thursday, early in my New England Database Summit keynote address; I got a lot of favorable feedback on that part from the academics and technologists in attendance.
My emphasis is on data-based snooping rather than censorship, for several reasons:
My work and audience are mainly in the database and analytics sectors. Censorship is more a concern for security, networking, and internet-technology folks.
After censorship, I think data-based snooping is the second-worst technological threat to liberty.
In the US and other fairly free countries, data-based snooping may well be the #1 threat.
Below are the actual notes I spoke from. (Not typed out in the notes is the part about how I think there are a lot of precedents in US law for my suggestions, specifically in how the Fourth and Fifth Amendments are handled, but you can find that part in the blog linked above.) My call to action is still pretty vague, along the lines of "Think about this stuff, and talk about it too." (And please don't be as pig-headed as the Slashdotters mentioned here.) Beyond that, simpler and more immediate - well, this is one blog post I'm REALLY hoping will get a rich comment thread. Please pitch in!
My notes, with minor edits for blog-posting clarity:
Tremendous amounts of information are being or can be electronically recorded about everybody
All our credit card purchases
All our web access activity
For at least two different reasons -- child porn and internet file sharing -- governments around the world are finding reasons to mandate that this be stored...
...even as governments also sometimes try to mandate that it be deleted
All our email and other internet communication information, either in full content or at least from a traffic analysis standpoint
Many of our movements
Location-aware mobile devices
I doubt much of this is retained today except the camera part, but it could be
And by the way, it is not illegal in the US for the government to put cameras or other electronic sensors outside your house to peer in, which offers all sorts of other intrusive possibilities as that technology improves.
Analysis tools are improving in steps
Social graph analysis
If misused, this technology is an enormous threat to liberty...
...and we're all complicit in it (because we help advance the technology).
So it's our duty to also work to forestall the threat.
Unfortunately, most technological solutions have no hope of working
The data WILL be retained.
The data WILL be possible to correlate and de-anonymize.
Any technology that purports otherwise is merely a stopgap at best
But that doesn't meant such stopgap technology isn't worth developing and deploying
The only realistic long-term solution is legal, which is to say political
If regulating information gathering and retention is doomed to failure...
...regulate information use instead
Make it illegal to admit this kind of information in court
Make it illegal to use this kind of information to even track all but the most terrorist of criminal suspects
Certainly make it illegal to reveal much of this information to the private sector, or in many cases for the private sector to use it
Obviously, there have to be huge carve-outs for the ordinary business of marketing, government, medicine, whatever
But that's the direction we need to go
And I'm convinced that we in the technology community need to show the way.Every year or two, I get back on my soapbox to say: database and analytic technology, as they evolve, will pose tremendous danger to individual liberties... This time I don't plan to be so quick to shut up.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.