Privacy in the Information Age
From a talk given by Charles Anderson to the North Yorkshire Humanist Group, October 2005
It is my belief that advances in technology are making it harder and harder for individuals to maintain their privacy, and that this problem is only going to get worse with time. The threat comes both from other individuals, acting out of pure nosiness, and also large organisations, such as government departments or large retailers, which believe that by knowing more about you they will better be able to manage you.
Until relatively recently, a person living in a large community could rely to a large extent on "privacy through anonymity". For example, you could go shopping and be seen by maybe hundreds of different people, but as none of them knew you, you might as well have been invisible. Even someone carrying out a criminal act in public might escape if their description was sufficiently vague as to avoid identification.
And, once home, you could rely on walls and curtains to keep your comings and goings private. We even talk about "in the privacy of your own home".
All this is being eroded.
Growth of Data
You will probably have noticed how often nowadays, during a high profile murder or abduction investigation, there is a vast amount of CCTV camera footage available showing the victim's or murderer's movements. The cameras covering our streets are run by the police or councils, many others are operated inside shops to combat shoplifting or abusive behaviour. Indeed, it's been estimated that the average UK urban resident is now monitored more than 300 times a day, and that was in 1999.
At present, tracking a specific individual using this camera footage is a time-consuming exercise involving first the collection of all possible material from the many cameras that might have caught the person being tracked, and then watching all the material looking for sightings of the person. In practice, the work involved alone is enough to make 'casual surveillance' impractical.
This situation is not going to continue forever. As CCTV cameras increasingly become digital, and as the software matures that can automatically recognize faces, the time will soon approach when a computer can quickly search through any amount of camera footage looking for particular faces.
As you travel around, how often do you use bank and credit cards? Every time you use them, a computer somewhere records the transaction. Every time you use a mobile phone, another record is created of where you were at the time, who you rang, and for how long. You many even have a Tesco club card or its equivalents, with which you voluntarily help a retailer keep detailed records of your spending patterns.
Road-pricing schemes, currently being pushed as the answer to traffic congestion, work by having your car automatically identified as it enters a priced area or highway. Again, there'll be a computer somewhere, making a note of your car's movements.
It is a computer's ability to very rapidly cross-reference data sources that makes them so powerful, a technique sometimes called "Data Mining": looking through a mass of information, picking out the details relevant to its search so as to build up a picture of its target.
This isn't a deliberate conspiracy to keep track on us. It's just a side effect. And, although there is indeed enough information being held electronically to let someone build up a comprehensive picture about you, because it's held on a large number of different computers, run by a large number of different organisations, putting that picture together is currently very difficult, or even illegal under data protection legislation, at least in this country.
Unfortunately there are plenty of countries that would have no qualms about using personal data against its citizens. But even in a democratic country like ours, governments have difficulty resisting the temptation to take freedoms away. At the moment we're seeing the threat of terrorism being used to argue the case for dramatic curbs on privacy and liberty.
The argument often put forward by government is that law-abiding people have nothing to fear. All information is allegedly securely held, and only accessible to authorised personnel. In practice, this is very hard to ensure. The more inaccessible you make the material, the less useful the system becomes. In any case, people are only human; "authorised personnel" may get bored, or just nosy, and start to browse. Corruption is always a possibility too, but accidents are more likely still.
Last month the University of California admitted that a stolen laptop computer holding personal information of more than 98,000 students and applicants had been recovered. It wasn't known if the data had been accessed. Another American university recently found that personal details of its students had been exposed to the internet for several years. We've had stories in Britain too about medical records being found at tips, or MI6 laptops getting lost in bars. Finally, there are always the criminals trying to hack into computers to access confidential details.
In the end, information placed on a computer can never be guaranteed to be safe.
Worse still, we have few ways of knowing how much information is held on us, who has access to it, or how many mistakes it contains.
How do other individuals have the ability to invade your privacy? For a start, a search on the internet nowadays can quickly produce a large amount of details about a person. Most, if not all, of it will be harmless; items such as address, age, occupation. Information about you like that has always been in the public domain, accessible to a determined individual. However, the sheer speed and convenience of the search nowadays makes for an altogether different situation. I don't know how many of you have used Friends Reunited? This was a great idea: a web site where you could find out how the people you knew at school have got on. Locate your school and year of leaving, click on a name, see what they've written about themselves, maybe even send them a message. It had an explosive growth in popularity. But then people realised that you can also find out about people that you weren't at school with. Just enter their name, get back a list of matches, and hopefully you find the person you're looking for.
In a hour on a web site like this you can search for details about dozens of people, browsing through the databases like browsing through books in a library.
Also, in the last few years advances in personal electronics have given other individuals cheap access to technology that can dramatically invade your privacy. For a while it looked as if electronic snooping devices would become so inexpensive that ordinary people would be able to buy their own miniature recording devices, hidden cameras and the like, bringing up the possibility of suspicious spouses bugging their partners, or parents keeping tabs on their children.
These devices are still available, and still getting cheaper. However, they've been overtaken in the public imagination by webcams and digital cameras, particularly the ones built into the majority of new mobile phones. Legislation around the world struggles to keep up with the new offences that technology enables snoopers to commit. In Japan it's been suggested that all new digital cameras should be re-engineered to make a noise when they take a photo, just to prevent them being used to take inappropriate images without your knowledge.
Data On Your Own PC
Home computers have opened up a new avenue for loss of privacy. Most people surfing the web have a feeling of being anonymous, of moving from site to site without leaving a trace. In fact, and purely for your own convenience, your computer is painstakingly remembering every site you visit, storing the details away in obscure folders on your hard drive.
Again, just for your convenience, your computer will remember personal details for you, usually unless explicitly told not to. A few months ago I revisited a web site to download a game for my son. I was quite pleased when I discovered that the order form had remembered my name and address. How much typing it was saving me! Only when I discovered that it had also remembered all my credit card details did I decide I could live without this labour-saving feature.
Criminals have spotted in this a new way of perpetrating so called "identity theft". Laptops are stolen not just for their resale value, but as a potential source of confidential data that can be used for fraud. PCs at home are subject to frequent attacks from hackers using the internet to break in and access personal details. Now every self-respecting computer has to have firewall software fitted to block attempts by other computers to access your machine. When I first installed a firewall I was amazed to get a message from it about a blocked access attempt within the first five minutes. Subsequent attempts came in so frequently I quickly told the firewall to just get on with its business and stop informing me of its work.
What advances can we foresee that will make the situation worse?
In the US (maybe here too by now) some employers have had their company vehicles fitted with GPS systems, so they can keep tabs on employee movements.
It has been seriously suggested that one day every car will have to be fitted with a GPS system, reporting your position by satellite to a government computer system. This would be part of a universal road-pricing scheme. The system, knowing what road your car is on at any time, would be able to very accurately price your journey. Some road safety advocates have come out in favour of this scheme, because a side effect of the system would be that it could also monitor car speeds. Of course, another side effect is that the system (Government-run presumably) would know exactly where you are, and where you've been.
Compulsory GPS systems in mobile phones have also been suggested, which would encode the phone's location into the telephone signal, allowing any caller's position to be known to the nearest few meters.
DNA databases for criminals already exist. If the police get a DNA sample from a violent attacker they can check it against other known offenders. Their job would be much easier if they had everyone on file.
Are there ways that we can defend our privacy?
Legislation will continue to adapt to keep up with technology, creating new offences to match the new capabilities. Technology itself will provide counter-measures for us to use, such as firewalls and virus checkers, for instance. Just recently a device was unveiled that can detect a nearby digital camera being aimed at it, and then fire an intense beam of light directly into the lens to prevent photos being taken. Not yet cheap enough for personal use, unless your name is Beckham or Madonna.
We already have laws that prevent the pooling of data and supposedly make access secure. These need to be rigidly enforced, but probably won't, given the enormity of the task.
How will we cope?
In very small communities, privacy is quite difficult already because everyone knows everyone else. They cope, so why can't we? There is a very big qualitative difference though: in a small community you know the people who know your secrets, and you know theirs. But in today's high tech society, your personal details are available to people you've never met. Worse, you have no idea who's monitoring your details, or even if they are.
Humans do have a basic need for privacy. Will we have secure rooms in our houses, electronically screened, and computers laden with anti-snooping software?
Maybe people will become more devious, more able to conceal our thoughts and feelings, as a reaction to people knowing so much of what we do and say.
And perhaps we should accept the loss of privacy in exchange for less crime? After all, if all the trends I've mentioned are fulfilled, crime (at least, successful crime) will become an awful lot harder, and fear of crime is always a big issue. Just look at any general election campaign.
I think in the end we will learn to live with the loss of privacy. Humans are wonderful at adapting to new circumstances, and the new environment will become the norm.
We will accept that people can find out our most personal details without us knowing anything about it, or perhaps we will just put it out of our minds. In the early days of telephony, your telephone conversation could be easily listened into by the operator, or even a next door neighbour on a shared line, but people still used the phone for intimate dialogs. Today, the same thing happens with e-mails, even though they are the electronic equivalent of postcards, and can be read at any of the numerous computers they pass through on the journey from sender to recipient.
In the end, I believe, we will put up with the side effect of less privacy because of the sheer convenience of the technology that causes it. Just as we have learned to put up with pollution and road deaths from cars.