Data Privacy: Time for better safeguards against data abuses?

They know your name, where you live, where you’re going and where you’ve been…

Page 3

Whether it’s Edward Snowden’s explosive revelations about the secretive data gathering carried out by the NSA, or worries around Google Street View cars snapping pictures of your house, privacy issues are everywhere.

Data abuses have been steadily making headlines. American retailer Target caused a storm last year when statisticians used data to work out a customer was pregnant. Target sent the girl coupons for baby clothes and cribs. But it turned out the girl, who was still in school, had not yet told her father about the baby, causing him to angrily turn up at the store to complain.

And as more organisations look to get their hands on personal data – from companies buying up records to the UK government proposing to monitor telephone and email communications for security purposes – experts are calling for a full discussion on how to safeguard privacy.

The genie is out

Louise Bennett, who heads up a group of security specialists at professional body the British Computer Society, says it is too late to stop personal data being collected. But she believes the technology industry and public organisations need to consider privacy issues.

“When the genie is out of the bottle, you can’t get it back in again,” she says. “But there are privacy issues, particularly around identity discovery.”

Bennett is referring to occasions where people realise that different, anonymous data sets have been put together, leading to an individual being identified.

She says: “I think that’s what really upsets people, when others join data that people work to keep separate.

“Most people have two emails, for work and for private use. It’s not for any nefarious reason, but because on the internet, people want to have different profiles.

“It’s similar to how, at work, you may act differently to the way you do around your friends.”

Bennett argues that, though data collection is beneficial in a number of areas, it needs to be carried out with personal consent. She also believes people must be informed about data sharing which could lead to their identification.

She says: “You need to be aware of what’s happening and you need to be aware of what’s going to be shared with someone else.

“It also may be good if people could segment parts of their life online, to represent the different personas they have.”

People are easy to find

Professor Mark Whitehorn, chair of analytics at the University of Dundee’s School of Computing, agrees that the risk of people being identified can cause problems.

He says: “It can be very easy to identify someone. With phone records, for example, if you look at three phone calls I have made on a day with certain information such as time, location and who I called, it is quite easy to work out who I am and discover a lot of my personal information.

“This can make people uncomfortable. A lot of people don’t want their sexual preference to be broadly known – and it’s their right.

“There are people who have speeding tickets who don’t want them to be known.”

But at the same time, Whitehorn argues people are making a necessary trade-off by giving up data in return for certain services and even things such as national security.

“I lead a fairly blameless life and I have no wish to be blown up, so there’s a trade-off going on here,” he says.

“It’s difficult, because I want privacy, but I also want terrorists nailed.”

And he notes that valuable work, on projects such as research into the human genome, is being carried out using data.

He says: “With scientific research, I think it’s fabulous what you can do with this stuff. The good you can do with it absolutely outweighs the bad.

“But there are also questions around the abuse of data. And with government departments using data, let’s not forget the amount of data this, or previous governments, have lost.

“We do need to have a sensible debate about all of this. It’s not a technical problem – it’s a social problem.”

Hard to be anonymous

Taha Yasseri, a big data specialist at the Oxford Internet Institute, says some information can be kept anonymous, but with other datasets it is impossible.

“With research looking at molecules, we are not interested in individual molecules so it’s all anonymous,” he says.

“But with some personal information it is hard to keep it anonymised.

“Most of the problem comes from small companies wanting to do some data analysis and ignoring issues around the privacy process.

“It’s easier for a company to give advice than to introduce protocols to anonymise data.”

As the scramble for data continues, controversies are likely to follow.

The Information Commissioner’s Office has recently threatened Google with criminal proceedings over data secretly collected by its Street View cars.

In the UK, the government is floating proposals to track email, internet and social media activity in what has been dubbed a “snooper’s charter” by critics.

More organisations are likely to fall foul of privacy campaigners and the general public in future. Until they are addressed, these problems can only get bigger.