Structured or unstructured

Tinkebell
Tinkebell

Regarding privacy a lot of fuss is often made about the information that the government collects about this. And I must say the government collects a lot.
An interesting case recently was with two criminals in the Netherlands. After stealing 21 cars they have been apprehended. The police stores every license plate in a database of every care that drives on the highway at Zwolle. It turned out that each time a stolen car drove by the same car was just behind it. This is the first time that the judge has to decide if this large database of car movements in the Netherlands can be legally used to search for clues.
As for the storage of personal information we can distinguish three domains who has access to the information: the government, (networks of) companies and the Internet.
As for the Government I am not that worried. I do believe that we have a strong democracy that will correct itself when information is misused too often. Of course that government may change. However, when it changes the government would start to implement a lot more means to spy on us anyway. As long as the use of the information is transparent I won’t lose much sleep over it.
As for companies it starts to become more complex. Banks, Supermarkets, web-stores, Google and others collect huge amounts of data. When companies combine this information it makes you feel digitally naked. Sometimes this is information that is collected without the person knowing that it is collected.
The website geencommentaar.nl had collected the IP addresses of people that signed a petition with false names after a post at another website, geenstijl.nl that asked people to invalidate the petition. These IP addresses where than supplied to other websites in order to block the people behind it. The CBP has taken action in this case.
There are rules to what kind of information can be combined but it is often a shady area. In the example above it became transparent but especially in commercial environments it will often be hidden. The risks are significant. Much of this information in the hands of insurance companies will lead to a risk selection that is, from a societal point of view, not what we want. The acquisition of hospitals by insurance companies is a dangerous move in this respect.
In this case we are talking about information collected by (fairly large) companies. And companies can be found and are subject to regulations. This means that with a good legal framework it is a subject that can be controlled to a large extent.
As for Internet things are getting messy. The Internet is more and more used by people as the context to interpret information. If someone applies for a job he or she is googled. If a social worker is looking into a case it is not only the “kinddossier” that they look at but also hyves is checked. Internet has become the context in which official information is interpreted. And context information may be more important than the official information…
Problem which information on the Internet is that it is much harder to control in presence and in use. You can not stop a company from using the information on a potential pregrancy of a candidate that they have found. And you often can not have information removed that you do not like. And sometimes people leave information on websites that is plain false in order to harm someone.
People should become much more aware how much information can be found on them. Tinkebell recently published a book with all the hate-mail she got combined with personal information of the people that had send this e-mail. The people sending the hate-mail had the idea that they could send their messages in anonymity. Of 30% of the hate-mail she has received she could find extensive personal information on the net and has published this personal information together with hate-mail. I think a brilliant action.
We can not stop the amount of personal information on the Net. It is not just the information you publish yourself but also information others publish about you. What we need is some sort of digital mirror that shows us how the world sees us through the eyes of the Internet. Just like the mirror that hangs in you hallway and where you check your physical representation before going into the world. And like how we use clothes to create an image to the outside world we will pro-actively plant information on the net to create the image we want.
Have you already checked you profile?

Private?

Civil ServantsI came across this article in the paper on Saturday about the fact that civil servants are adding and changing information on Wikipedia during working hours. Some time ago I blogged about the Wikiscanner and of course one can see more and more how important transparency is. There have been numerous cases where with the help of the wikiscanner people have been found out while trying to create their own truth …
However, the question is how are we going to deal with this transparency. Of course ciivil servants also use the Wikipedia during working hours and of course they sometimes also change information. Just like people in companies and people at home. Wherever we are we still remain individual human beings. One of the effects of Web 2.0 is that the different roles we have are more and more blending together. At all times of the day we are private person, employee, citizen, husband and father and can switch easily between all these roles.
Somehow we have to learn how to deal with this transparency. The fact that information came from a computer within a public department has nothing to do with the department. By locking the access to Wikipedia only image may be gained but civil servant will lose access to important information. We have to accept the fact that also aberrations are visible.
Before they existed also and we knew they did, now we can see they do.

Google, formerly known as the NSA

I am member of a guidance committee for Rathenau instituut in the Netherlands for a project about privacy. In this project we deal with the changing concept of privacy in our society. I talked about it some time ago in this post. It still amazes me how much people put on the net (including what I put on the Net, look at the sidebar of this Blog).
In this project a special website has been developed that invites people to comment on privacy, discuss and share all kind of ideas in a creative way around this subject (the website is www.privacyproject.nl). The information on the side ranges from exhibitionists to people putting an image of their passport on the web to people completely hiding how they look in real life. In the end a television documentary will be made out of it.
There is one item on the site that is I think very interesting. A colleague of mine, Rogier Brussee, has a conspiracy their for some time that Google is in fact a front for the NSA. Funny thing is if you look in the history of Google that they got quite large initial funding in order to pay for all the servers they needed to store all their data. Without it Google would not be able to show how good they are. But at this moment there really was not even a beginning of a business model. So his theory is that the NSA is the one that funded it (this is the organization with one of the largest budgets in the USA so funding 30 million dollar is mere noise to them). Their strong emphasis on “Don’t be Evil” of course fits nicely into this idea…
Just look at what Google knows of you:

  • It knows what you are interested in based on your searches as well as what link in the search results you clicked (the link you click on is not the real link but links to Google and than transfers you to the site you wish to go. Also you can save bookmarks, the kind of information on your iGoogle page, Google reader to show what blogs you are interested in (subscribed as well as the one you click on to read). The list goes on: adds you click on, the spell checker I use to check this blog so they already know I am writing about this before I post it …)
  • It knows what you are going to do based on your calendar info. The one thing that really surprises me is that Google does not yet have a tool to store your to-do items since this is a much better way (finer grained) for predicting what people are doing than your calendar).
  • It knows with whom you communicate and about what, based on your Gmail.

An of course, items like google apps enhance the knowledge about you by knowing what you are writing (though you would have sent it out with Gmail so they would have known anyhow.
Looking at this amount of data they have about a lot of people must the the ultimate dream of the NSA. Looking at the video below it is clear that more people are beginning to be suspicious.

Though I must say that I am totally addicted to Googe: Gmail, Calendar, Apps, Psearch, Scholar, and probably lots of others I use but do not know they are Googles (I use a very nice ToDo app that for all I know may be a front for Google (who is a front for …). I use them all because I like how they work (Hey Google, when are you going to develop this ToDo application, and when you are at it, why can’t I synchronize with my phone through SyncML…. If you do that you also know who I am calling).
I just hope they are not Evil…..

Identity

When I have an appointment at an organisation that is very security conscious (e.g. Police, Thales, the home office and others) I normally have to show an official ID like driver license or passport. In normal life we all feel comfortable doing this when there is a reason for this security. And we see it as a normal task of the government to provide us with the means to identify ourselves in a way that creates a fair amount trust that we are who we say we are.In digital life there is a serious lack of trustworthy identification. At the moment I am developing a project that deals with organising prevention, care and cure bottom up. Not starting with the specialists but with the people in the local districts. Helping people organise this in their own district can help to strengthen the social fabric of our society. Through helping people to help each other and through a stronger say from the civilians living in these areas in what is important. For them and for the district. This is especially important in areas with problems like the Ella Vogelaar wijken in Rotterdam.
For some services you definitely need to know who the person is that is asking questions. For example in the case that a person wishes to view his medical info. Not from a big brother perspective but from the perspective of the user who does not want his information abused.
Yesterday I had a discussion with the EDBR in Rotterdam and this issue surfaced also here. The risk is that all organisations dealing with these areas are creating services that are going to develop their own identification, resulting in numerous ID’s and passwords. This makes the service less easy to use but also lowers the security dramatically because people will start to use easy passwords and such.
In real life we as well as the government feels it is logical that he government organises and operates a secure and trustworthy mechanism to proof identities. Why is it than that in the electronic domain the government hesitates so much. Several government administrators have been sent away due to problems with physical passports. But in the electronic domain, that is becoming more and more vital, the government leaves us in the cold. There is the service DigiD but the government is very hesitant to have this used by private companies (including hospitals).
Ensuring trustworthy identification is an important task of the government, in real life as well as in the electronic domain. For many initiatives that are using Internet to enhance the lives of civilians (us) and companies delivering services to these civilians it would be a big step forward when there is a trustworthy and easy to use identification service available for all.
Like a passport.