Thursday, November 09, 2006
Pervasive computing and privacy
What are the implications of new pervasive computing technologies for privacy? When there are dozens of sensors in every home, office and public space, monitoring and transmitting data on your every activity, do you have anywhere left to be alone?
A Royal Society meeting yesterday featured speakers from various UK research projects, NGOs, companies and government departments that are both designing pervasive technologies and considering how they should be regulated.
The Home Office told us that as long as people know when they might be spied upon by government and employers, there is little to worry about. The "Snooper's Charter" lists in great detail those UK government bodies that may access communications data on people's phone, Internet and mobile usage. But as Microsoft's Caspar Bowden pointed out, why and on whose behalf surveillance is taking place is less transparent.
My question: the Home Office wants the public to trust the integrity of the surveillance process. Why would they do so when hundreds of government bodies authorise their own access to communications data? When a recent Home Secretary has stated that he continued to authorise communications intercepts in the middle of a mental breakdown? And when the Attorney-General (who thinks it appropriate that he has a say on whether his friend Tony Blair should be prosecuted for the cash-for-coronets affairs) has recently blocked the prosecution of a government official alleged to have abused surveillance powers?
We certainly should not encourage the development of pervasive computing with the vague hope that privacy regulation will eventually catch up. If privacy is not a core design feature from the start of the system design process, it is extremely difficult to retrofit.
Last week's Database State workshop heard that the Information Commissioner's Office believes that opinion polls on privacy are more important than its nature as a fundamental right. We need to make sure pervasive technologies support privacy by default; we cannot rely on regulation to fix the privacy disaster that will occur if they do not.