The release of the annual Data Protection Commissioner's report tells us a lot about how personal information is collated, used and abused. In 2011 the Office received 1,167 data breach notices relating to 186 different organisations, an increase of almost 300% over 2009. Among those to get a be censured this year were a gym that turned CCTV cameras on its own employees; an insurance company that wanted to know too much about potential (human) customers looking for pet insurance; and a number of telecoms operators for making unsolicited marketing calls and texts.
One thing that becomes obvious in reading the details of some of the infractions is that organisations are hurting themselves through lack of knowledge of what an appropriate amount of information to ask for from customers and what best practice for managing such data is. As a result, when breaches occur they are usually out of ignorance and negligence than a deliberate intrusion.
The report puts into context the recent visit by Google vice president and chief evangelist Vint Cerf to Dublin where a media roundtable discussion addressed the challenges of privacy, piracy, the slow movement towards defining a set of social norms, and the arrival of big data. Of course, Google itself has had its troubles with the Office of the Data Protection Commissioner over the use of unsecured Wi-Fi networks in generating Google Street View maps, but that's a matter for another day.
Cerf endorsed the government's strategy of fostering foreign direct investment, focusing international markets and a belief in ICT as the backbone of economic recovery were moves in the right direction, observing that the creation of new technologies would lead to jobs in technical support for them. Central to the country's path out of recession is the continued development of network infrastructure where ideas can be freely exchanged and discussed in a "spirit of openness". Unfortunately the potential of the Internet to foster new ideas is balanced out by its vulnerability to the darker side of human nature and a Wild West mentality where convenience trumps courtesy.
"Once you get the general public on the Internet, you will have every motivation know to mankind," Cerf said. This presents service providers with three alternatives in formulating some kind of civilising process: developing technologies to prevent abuse, developing a protocol for responding to abuses and develop a spirit of co-operation that defines its own idea of what can be deemed socially acceptable. Unfortunately, Cerf conceded, the first and second options would be open to abuse in the wrong hands - something we may be about to see as the Cyber Intelligence Sharing and Protection Act (CISPA) works its way through Congress in the US.
Cerf said the organic development of online norms as being the most beneficial approach, but also the most ephemeral and hardest to foster. It's an ambitious goal that could affect everything from the perception of illegal file-sharing as a victimless crime to ad hominem attacks on discussion forums to tagging and publishing tagged photos on social networks without permission. From Cerf's perspective, the Internet's ease of use has made it easier than ever to publish material for and about other people (with varying degrees of accuracy) which effects for how online discourse conducts itself. The obvious solution of 'Internet passports' is a poor response as anonymity has many benefits, particularly the protection of freedom of speech; particularly relevant in oppressive political climates or for corporate whistle blowers.
"How we put in place the solution to solve the problem [of privacy] while at the same time preserve human rights... that's a tension that's going to be with us for some time," Cerf said. "We invade people's privacy in ways we don't fully appreciate... We can't figure this out by sitting down and analysing the thing."
Big data
On the subject of 'big data' Cerf was enthusiastic about the possibilities for what large data sets can reveal about patterns of behaviour and, in the case of the public sector, how government operates. While conceding that "all information should not be available" Cerf cited the example of how the US government made available information on its investments - something Ireland could certainly benefit from. One of the problems big data presents to analysts is the issue of data quality and specific constraints on its collection such as flawed methodology, political climate and simple misinterpretation. For Cerf, the fostering of critical thinking and the STEM subjects at second level can help filter out substandard information through critical thinking. Another challenge to big data is that of the 'bit rot problem' where information can become inaccessible as the software used in its collection and analysis becomes obsolete and is no longer supported, either by open source projects or mainstream operating systems.
To see an advocate of net neutrality struggle with the same issues as rightsholders, and in many ways agree with them, is heartening. All that remains is for common ground to be established as a way forward, instead of butting heads of what is and is not permissible in an evolving space. Pretty simple when boiled down to those terms.
Niall Kitson