It doesn’t matter why data is collected: it only matters that it is
A lot of procedures for collecting personal information go to great length to explain why the data is being collected and how it will be used. Sadly, it’s all for nothing. Any such safeguards are null and void, and the only thing that matters is that the data is collected.
We’ve all seen the privacy policies. We’ve seen the governmental fine print on how data will be used. It’s just pretty print. It accounts for absolutely nothing. All that matters is that the data is collected.
A government may be equally honest when it collects data about you for the most benign of reasons. But come election day, that government is voted out of power, and the next administration discovers this cache of useful information about citizens that it re-purposes in ways that you would never have approved of at the time the data was collected.
In other words, it doesn’t matter if you trust the good faith of the entity collecting data about you. It doesn’t even matter if they have the purest of good faith from a strictly objective standpoint. Sooner or later, through legal, illegal, or violent means, those you trusted and who promised how the data will be used will no longer wield the required power over the data collected – and at that point, somebody else is calling the shots and rewriting the rules entirely to suit their interests.
The only concern when data is collected about you should be how that data can be abused in a worst case scenario, for that exact scenario is more likely than not to materialize.
There are many warnings of history here. One of the most horrifying, at the risk of pulling a Godwin, happened early last century as the Netherlands was collecting religion data as part of the population records. The reason was the most benign imaginable: to make sure that there were enough places of worship for everybody in the city, and at convenient distances from people’s homes.
Surely nobody would object to such data being collected, to provide citizens with the best civic service possible?
Then, World War II came around. The new… administration… found it very convenient to have religion listed as part of the public population records, including where all people lived. As a result, there were almost no Jews at all in Amsterdam in 1945. Quoting Wikipedia:
In 1939, there were some 140,000 Dutch Jews living in the Netherlands. […] In 1945, only about 35,000 of them were still alive. […] Some 75% of the Dutch-Jewish population perished, an unusually high percentage compared with other occupied countries in western Europe. […] The civil administration was advanced and offered Nazi Germany a full insight in not only the numbers of Jews, but also exactly where they lived.
As horrible as this is, it’s far too easy to dismiss it because World War 2 was such an exceptional event that could never possibly happen again. This is a mistake. Most genocides are based off of public records, to the extent that some of my fellow activists are doing research into the field of genocide-resistant identity cards.
But even short of genocide, far short of genocide, examples abound of how collected data has been horrifically repurposed. Let’s take an example from modern-day Sweden, which has one of the most extensive medical databases for research into hereditary factors of PKU, phenylketonuria, an inability to metabolize phenylalanine and therefore most artificial sweeteners. To assist this research, a small blood sample has been taken from every baby born after 1975. For strictly medical research purposes into hereditary deficiencies.
That is, the blood sample database was strictly for medical research, until a prosecutor’s office realized they could legally subpoena that database for DNA samples.
All of a sudden, without any public debate whatsoever, and merely at the initiative of a prosecutor’s office, Sweden had created a DNA registry for law enforcement purposes of its entire population younger than 40 years of age. This registry remains today, and is the largest population DNA registry available to law enforcement anywhere on the planet.
Then, of course, you have the ordinary everyday but catastrophic database leaks, the ones that happen for all reasons from incompetence to malice. The recent leak from the Ashley-Madison dating service springs to mind.
The only thing that matters is whether data is collected at all. It will always be used against the person concerned, with mathematical certainty.
Privacy remains your own responsibility.