"The Internet has been turned into a giant surveillance machine"

I have just received the latest ISOC newsletter with a link to the press release after the 88th meeting of the Internet Enginering Task Force in Vancouver (hosted by Huawei), attended by 1100 of the engineers who created the Internet that we know today and keep it running. The heading for the press release is “Leading Engineers agree to upgrade standards to improve Internet privacy and security”. The tone was, however set by Bruce Schneier: ” The Internet has been turned into a giant surveillance machine. This is not just about any particular country or indvidual action. We need to work broadly to fix the problems of today and tomorrow”.    

The UK government plans to censor the Internet, beginning with pornography and moving onto to political extremism is probably less of threat to individual privacy than the actions of those already tracing the source and destination of content that they claim is illegal or stolen in order to bring civil actions. Both need to be seen in the context of the German action against Google Analytics because it offers a degree of collation to which the Stasi aspired in vain. Meanwhile the Cabinet Office “Open Data Strategy“, allied to HMG’s enthusiasm for Cloud and Big Data probably presents bit as big a threat to personal privacy as anything the NSA or Google might plan.

We should, however, remember that surveys regularly appear to show that 2/3rd of us welcome data sharing to improve services and only 1/3 regard it as a threat.

Is that still true?

In 1991, in a BBC programme to introduce a competition for school-girl produced IT careers videos, Angela Rumbold (filmed using her constituency computer because her Department of Education officials had refused support) described the computer as an extension of her mind. Today your smart phone is the window for for Big Brother into your mind.
This is a debate that will run and run.

I personally like the idea that under common law we own our own personal information and that all others, including the state and its quangos as well as our Internet Service Providers are agents, owing us a duty or care and/or royalties – with “shrink wrapped” and “click wrapped” voided as unreadable and unfair terms and conditions.       

However, far more interesting to you, is what will happen if the Internet Engineering Task Force attempts to turn its rhetoric into action.

Is the Internet still run by freedom loving engineers?

Or are they now only the puppets of US IPR lawyers and defence contractors?      

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

I think you're rather undermining your argument by characterising the Cabinet Office's Open Data Strategy as a significant threat to privacy. As a matter of definition, personal data cannot be released under an open data licence.

There is potential that some of the transparency and open government rhetoric attached to the Open Data Strategy can be used to "openwash" other agendas, and we have to remain alert to that risk. However the basic principle -- that non-personal public data assets should be freely available for re-use -- is sound. There is no fundamental conflict between support for open data and support for privacy and protection of personal data.

This is a good point but I would amend the last sentance to read "There should be no conflict between ... "

Currently there is.

Much personal data, including medical records, which has supposedly been anonymised can, using current generation tools, be collated to enable full identification.

Hence the reason for the link to the Cabinet Office Strategy. Without attention to detail, it is a very real potential threat.

Yes, that's a real concern. The Government is pushing ahead with several data-sharing initiatives, such as Care.data and the National Pupil Database, without due regard for informed consent or the risk of disclosure.

However I cannot see that any of that work falls within the scope of the Cabinet Office's Open Data Strategy. Unless you can point to a dataset containing (supposedly) anonymised personal data that the Government plans to release as open data?

I am pointing to the risks inherant in a strategy that has not been thought through.

Fortunately, in this case, implementation lags well behind aspiration so most of the potential damage is in the future not the present.

However the damage caused when public record databases contain all that is necessary to fog (falsely obtain genuine) government issued identities, is all too real. The most obvious example is Companies House, used as part of the start point for impersonating high net worth individuals. Meanwhile the Electoral Register is the most common start point for creating totally false identities and the EU proposals for mandating the sharing of information with Governments whose files are even less trustworthy than our own ...

Perhaps the reasons for the Dutch judgement aginst Google http://www.bbc.co.uk/news/technology-25154252 illustrates my point. I would perhaps also add plans to make supposedly anonymised patient data available to academic medical researchers whose systems, unlike those of most pharmaceutical companies, commonly have little or no security.

Conversely, we have the almost total failure of HMG to use "Big Data" techniques to identify the various groups which have been using similar techniques to organise large scale tax, benefit and other frauds for over a decade.

All of the arguments in this area are double-edged.

Again, I'm not saying those things aren't happening or that we shouldn't be concerned about them. But they don't proceed from the Cabinet Office's Open Data Strategy.

Records on company directors held by Companies House, and the edited Electoral Register, were available to the public and licensed for commercial re-use well before the current Government took power. Neither dataset is open data.

Once again these are good and valid points. I could be more enthusiastic about the Open Data stategy if it was linked to a robust programme to improve the quality of public sector data (much of which is more akin to toxic sludge rather than black gold). But given current standards of security, encouraging the public to help correct errors could merely open it to systematic falsification. I should perhaps add that I do not disagree with the Cabinet Office aspirations. It is "merely" the implementation about which I am very cautious. That caution is compounded by the lack of experience of those currently in post with running large scale, mission critical services, let alone those under attack from serious fraudsters (not just hackers). Running information websites and building smart phone apps is not the same thing.

I would be much happier with a commentary from the teams running First Direct, Befair or one of the other mass transaction, on-line systems which have to combine ease of use with security.