Posted on Feb 6, 2016 by Rick Falkvinge

It doesn’t matter why data is collected: it only matters that it is

A lot of procedures for collecting personal information go to great length to explain why the data is being collected and how it will be used. Sadly, it’s all for nothing. Any such safeguards are null and void, and the only thing that matters is that the data is collected.

We’ve all seen the privacy policies. We’ve seen the governmental fine print on how data will be used. It’s just pretty print. It accounts for absolutely nothing. All that matters is that the data is collected.

A privacy policy may bind the corporation collecting the data about you, if you ask a lawyer. Maybe even if you ask a politician. What happens next is that the corporation goes bankrupt, all deals are off, and a liquidator looks at all the assets that can be monetized to pay off the bankruptcy debt as required by law. Those assets include the data collected about you.

A government may be equally honest when it collects data about you for the most benign of reasons. But come election day, that government is voted out of power, and the next administration discovers this cache of useful information about citizens that it re-purposes in ways that you would never have approved of at the time the data was collected.

In other words, it doesn’t matter if you trust the good faith of the entity collecting data about you. It doesn’t even matter if they have the purest of good faith from a strictly objective standpoint. Sooner or later, through legal, illegal, or violent means, those you trusted and who promised how the data will be used will no longer wield the required power over the data collected – and at that point, somebody else is calling the shots and rewriting the rules entirely to suit their interests.

The only concern when data is collected about you should be how that data can be abused in a worst case scenario, for that exact scenario is more likely than not to materialize.

There are many warnings of history here. One of the most horrifying, at the risk of pulling a Godwin, happened early last century as the Netherlands was collecting religion data as part of the population records. The reason was the most benign imaginable: to make sure that there were enough places of worship for everybody in the city, and at convenient distances from people’s homes.

Surely nobody would object to such data being collected, to provide citizens with the best civic service possible?

Then, World War II came around. The new… administration… found it very convenient to have religion listed as part of the public population records, including where all people lived. As a result, there were almost no Jews at all in Amsterdam in 1945. Quoting Wikipedia:

In 1939, there were some 140,000 Dutch Jews living in the Netherlands. […] In 1945, only about 35,000 of them were still alive. […] Some 75% of the Dutch-Jewish population perished, an unusually high percentage compared with other occupied countries in western Europe. […] The civil administration was advanced and offered Nazi Germany a full insight in not only the numbers of Jews, but also exactly where they lived.

As horrible as this is, it’s far too easy to dismiss it because World War 2 was such an exceptional event that could never possibly happen again. This is a mistake. Most genocides are based off of public records, to the extent that some of my fellow activists are doing research into the field of genocide-resistant identity cards.

But even short of genocide, far short of genocide, examples abound of how collected data has been horrifically repurposed. Let’s take an example from modern-day Sweden, which has one of the most extensive medical databases for research into hereditary factors of PKU, phenylketonuria, an inability to metabolize phenylalanine and therefore most artificial sweeteners. To assist this research, a small blood sample has been taken from every baby born after 1975. For strictly medical research purposes into hereditary deficiencies.

That is, the blood sample database was strictly for medical research, until a prosecutor’s office realized they could legally subpoena that database for DNA samples.

All of a sudden, without any public debate whatsoever, and merely at the initiative of a prosecutor’s office, Sweden had created a DNA registry for law enforcement purposes of its entire population younger than 40 years of age. This registry remains today, and is the largest population DNA registry available to law enforcement anywhere on the planet.

Then, of course, you have the ordinary everyday but catastrophic database leaks, the ones that happen for all reasons from incompetence to malice. The recent leak from the Ashley-Madison dating service springs to mind.

The only thing that matters is whether data is collected at all. It will always be used against the person concerned, with mathematical certainty.

Privacy remains your own responsibility.

About Rick Falkvinge

Rick is Head of Privacy at Private Internet Access. He is also the founder of the first Pirate Party and is a political evangelist, traveling around Europe and the world to talk and write about ideas of a sensible information policy. Additionally, he has a tech entrepreneur background and loves good whisky and fast motorcycles.


VPN Service

Leave a Reply to Same as above Cancel reply

Your email address will not be published. Required fields are marked *

4 Comments

  1. Some Swedish person

    Has the registry been copied altogether to law enforcement, or can they “only” at will request single entries from it? If the latter, is it still possible to demand destruction of the sample, as it have been in the past?

    Please answer

    2 years ago
    Reply
    1. Falkvinge

      The registry consists of physical blood samples, and so, can’t easily be copied. It’s not been sequenced into genome information to the best of my knowledge. Thus, what law enforcement is doing is testing for DNA matches on already-identified suspects rather than going on fishing expeditions.

      It has never been possible to demand destruction of the sample, only “destruction or anonymization”, which can be taken to mean the latter in practice – but anonymization is hard and I don’t trust a random medical researcher to do it correctly when perhaps two dozen cryptographic experts understand the subject.

      2 years ago
      Reply
      1. Same as above

        Thank you!

        Anonymizing DNA, how stupid! Does even crypto experts understand that, given what properties the DNA itself has? It’s not like it is just random numbers that are assigned to someone, they are probably internally symmetrical in many ways and they pretty much describe the properties of the person in question, if one knows how to read them.

        No matter what, it has to be better to let them do that “destruction or anonymizatioon” than nothing, right?

        2 years ago
        Reply
        1. Falkvinge

          Anonymizing DNA, how stupid! Do even crypto experts understand that, given what properties the DNA itself has?

          This is an excellent point.

          2 years ago
          Reply