Before we take a deep breath and plunge into the debate about privacy, I’d like to introduce myself and explain a little about my interest in this subject area.
I’ve worked in information security since 1993, although I tinkered with crypto systems before that at university. Security’s been a good career that’s given me the chance to live in Australia and then Hong Kong. I’ve audited banks, built financial networks, investigated frauds, planned for disasters and probably caused a few of them myself.
Over that time information security has developed into a proper profession, but it’s also become commoditised: back in the good old days, a firewall was something you got a highly specialised engineer to put together using a PC, an early build of Linux and a couple of network cards. These days PC World stocks pretty much all the equipment a small enterprise needs to secure itself. I wasn’t equipped with the technical skills to keep ahead of new developments and was getting bored.
Then in 2002 I had the good fortune to attend the Computers, Freedom and Privacy conference, and I saw the future. Privacy is one of the most important topics in information technology today. It’s the glue that holds consumers and companies together. It’s the covenant between government and citizens. It’s the new Green. It’s also a massive potential market, and a great topic to be working on.
I founded the Enterprise Privacy Group in 2004 to bring together those companies and private authorities that are pursuing best practice in the management of personal information – a collaborative think-tank for privacy. We’re not a lobbying group or a standards body, but we aim to catalyse and guide the debate. Our goal is top make ‘privacy-positive’ data processing a mainstream topic. I won’t dwell on the day job at length here, but may refer to it from time to time if it’s relevant to the blog. I’m also chair of the British Computer Society’s Information Privacy Expert Panel.
Since moving into privacy, I’ve been through the full cycle of privacy views. I started unconcerned about privacy; became increasingly worried about how my personal data is being used; and now believe that population-scale identification technologies are essential if we’re to interact confidently in an online world. Over the coming weeks and months I’ll explain why.