28 March 2007

Openness, Surveillance and Privacy

Previous posts have noted that there is an inherent tension between openness and privacy. That tension is even more acute in the case of surveillance, which goes beyond consensual openness. Despite this, there is relatively little public debate around these issues; instead, as has been remarked, the UK is effectively sleepwalking into a surveillance society.

Against this depresseing background, the new report from the Royal Academy of Engineering, entitled Dilemmas of Privacy and Surveillance Challenges of Technological Change, is particularly welcome.

This is not least because it offers a depth of knowledge about the technological issues involved that is rarely encountered (these are engineers, remember). But it is also notable for its even-handedness and sensible suggestions. For example:

In this scenario, disconnection technologies are widely used in a co-ordinated manner: personal data is routinely encrypted and managed in a secure fashion, so co-ordinated connectivity does not threaten it and even substantial processing resources are not a day-to-day threat. This leads to Little Sisters who, by themselves, watch over only a fragment of a person's identity, but when co-ordinated can reveal all.

It would be possible to devise a store loyalty card which incorporated a computer chip that could perform the same functions as an ID card, but without giving away the real name of its owner. Someone might choose a loyalty card in the name of their favourite celebrity, even with the celebrity's picture on the front. If they were to use that card to logon to Internet sites, the fact that they are not really the film star whose name they have used would be irrelevant for most applications, and the privacy of the consumer would be maintained. However, if they did something they should not, such as posting abusive messages in a chat room, law enforcement agencies might then ask Little Sister (ie, the company that runs the loyalty card scheme, in this case) who the person really is, and Little Sister will tell them. In this
scenario, government departments are just more Little Sisters, sharing parts of the picture without immediate access to the whole.

This approach exploits both mathematics and economics. If it is technically possible to find out who has done what - for example when a crime has been committed - but cryptography makes it economically prohibitive to monitor people continuously on a large scale, then a reasonable privacy settlement can be achieved.

This approach suggests a interesting way of balancing the opposing requirements for privacy and accountability.

Recommended reading. (Via the Open Rights Group.)

No comments: