Saturday, June 20, 2009

Database Nation - The Death of Privacy in the 21st century

Yes, I know, this is not an especially new book, but after finishing reading it, I can only say: it is still worth reading it.

Some things regarding privacy and data security are quite surprising and scary at times, from data leaks and stolen credit card information to unwanted mails, surveillance camera on youtube or stolen identities. Simson Garfinkel explained in his book from year 2000 some background, shows in detail what can become out of that - some things became reality in the years from publication to now - and makes a very strong case for more privacy regulation and engaged customers and citizens.

Sure, I looked up what else he wrote (a lot similar stuff) and what he is doing now (his page) and I just love his RFID Bill of Rights (PDF) and his very similar Smart Card Holder Bill of Rights (PDF).

I think he actually missed one important point. Some of the things happening right now with data collection and publication of relationships, believes, pictures and statements. I am sure, some of the uses violate current law like discrimination based on gender, race or age. Still, this will be very hard to prove, if ever possible, and question is, if this can be prevented or limited by regulation or oversight.

And there is so much more to come. Just combine that someone tagged you on facebook and Google's face recognition program in the image search. If someone would look for andreas.wpv in the google image search, they might check if there is a picture on facebook, and then search similar pictures on the net... and a very complete profile might be build around that picture. If a company includes own data from surveillance cameras, they might actually see if I visited certain places and so on - convenient with a combined search with google.com and the internal google search appliance. And this is not under my control at all.

Where does this lead us to? I think, the most important question is not if this is good or bad, but if this is the same for everyone, or if there are groups excluded. Another important question is, who can use this data to what purpose, and who can control or oversee that.
Can contracts for insurances be modified, based on what pictures show on the net? Dangerous sports, smoking, body type are indicators which might be useful to change risk assessments. Political statements might be used to see a 'non-fit' for an employment. And I can see the case for all this, but still we need to discuss publicly - IMHO - if we want this and how much of it.
Bookmark and Share