Tuesday, April 24, 2007

Pour vivre heureux, vivons cachés

It used to be said that “pour vivre heureux, vivons cachés.” If only life were still that simple. But today all of us regularly trust other people with our personal information. Mobile phones pin point where we are to within a few hundred meters. Credit cards record what we like to eat, where we shop and the hotels we stay in. Search engines log what we are looking for, and when.

This places a huge duty on business to act responsibly and treat personal data with the sensitivity it deserves – of which more later. But it also raises important questions for governments, which increasingly see the information companies hold on their customers as a valuable weapon in the fight against terrorism.

For decades politicians have had to strike a balance between personal privacy and the power of the police when drafting criminal justice legislation – and generally they have erred on the side of caution, aligning themselves with the rights of the individual. But in the aftermath of the atrocities on 9/11 and the horrendous bombings in Madrid and London, governments globally have sought to redress that balance – giving more power to the police and in the process starting a fierce debate about where the boundary between security and privacy lies.

The Patriot Act in the United States, for example, made it easier for law enforcement agencies to access people’s personal data so that they could more quickly investigate acts of terrorism. It has been widely criticized for over-riding longstanding safeguards designed to protect individual liberty. In Europe politicians have taken a different approach – although the consequences look as if they will be the same: an erosion of personal privacy. The EU Data Retention Directive requires phone operators and Internet companies to store data on their users – such as the emails they send and receive – for between six and 24 months so that the police can use it to investigate serious crimes.

Many people will see nothing wrong with this approach, arguing that it will impact only terrorists and that the innocent have nothing to hide. However, as is so often the case the problem lies in the detail, which will vary country by country as different governments intend to implement the Directive in different ways. In Italy, for example, the 2005 Act on Urgent Measures to Fight International Terrorism – which effectively anticipated the Directive - led to the suspension of certain privacy provisions in the Italian Data Protection Code. The Act also requires companies to store Internet traffic data for twelve months to help investigate terrorism and serious crime. In Germany the Ministry of Justice has decided that anyone who provides an email service must verify the identity of their customers before giving them an account – effectively ending the use of anonymous email.

The Data Retention Directive is being challenged on many fronts. Some question whether it will actually help in the fight against terrorism when tech savvy people will be able to use the Internet in such a way as to ensure they do not leave tracks that can be traced. Nor is it at all clear that the benefits outweigh the additional security risks posed by the creation of such massive databases. And then there is the whole question of whether this Directive actually applies to non-European-based companies.

Take Google for example. We do not ask our users to prove their identity before giving them an email address – and we think it would be wrong to do so because we believe that people should have the right to use email anonymously. Just think about dissidents. We would therefore challenge any government attempt to try and make us do this. Of course we recognize our responsibility to help the police with their inquiries where they have been through the proper legal process. While most people use the Internet for the purposes it was intended – to help human kind communicate and find information – a tiny minority do not. And it’s important that when criminals break the law they are caught.

But we think personal privacy matters too. From the start Google has tried to build privacy protections into our products at the design stage – for example we have an off the record button on our instant messaging services so that people cannot store each others’ messages without permission. And we allow people to use many of our services without registration. Like our search engine, we want our privacy policies to be simple and easy to understand – they are not the usual legal yada yada.

Nor do we believe that there are always right and wrong answers to these complex issues. That’s why we keep our policies under constant review and discuss them regularly with data protection specialists. For example we have recently decided to change our policy on retaining users’ old log data. We will make this data anonymous after 18 to 24 months – though if users want us to keep their logs for longer so that they can benefit from personalized services we will. This change in policy will add additional safeguards for users’ privacy while enabling us to comply with future data retention requirements.

In the meantime we expect to see the debate on privacy intensify as the Data Retention Directive is passed into law across Europe. The European Union has written both privacy and security into its Charter of Fundamental Rights. Important principles are at stake here – and an open and honest discussion is important if we are to balance these two, often conflicting, principles.

1 comment:

Ina Zwerger said...

This year's Ars Electronica conference (September 6/7 in Linz / A) will center around the topic "Goodbye, privacy".

Ars Electronica, held since 1979 and awarding the Prix Ars Electronica since 1987, has become a highlight where the avantgarde of digital thinkers and creators meet.

The conference tries to rethink privacy under changing social and technological conditions. New technologies associated with buzzwords such as Web 2.0 and social software create exciting new possibilities for expression, exchange and networking. Many of these new services rely on users voluntarily giving up data about themselves. Society seems fixated with fame, celebrity, reputation. Powerful automated information systems allow insight into people's behaviour, transactions and relations on a grand scale and with minute precision at the same time.

Under the title "Goodbye, Privacy" Ars Electronica asks if we aren't inclined to give up digital citzizen rights too easily. How can we rethink privacy under new conditions?