A couple of weeks ago I went along to a meeting of the Open Rights Group.
Cory Doctrow gave an interesting talk about some of the issues surrounding the debate over digital riglts management, in which he pointed out, amongst other things, the futility of trying to prevent the copying of bits - it is something that will only get easier with time. Cory is a good speaker, and it was an interesting talk, although as is so often the case with these events, there seemed to be a large element of preaching to the converted.
The second talk was on the campaign against identity cards, an issue that I think is more controversial. One of things that worries me about ORG is that it will attract people with certain views, and an orthodoxy will emerge to the exclusion of others - I suspect that the ID card debate might be a case in point.
It’s not that I’m particularly in favour of the government’s scheme, it’s just that i think that most of the debate about identity - tracking of information, dna databases, identity theft, civil liberties - is the wrong way round.
There are good analogies with the DRM debate. Just as it is futile to attempt to prevent the copying of digital information, it seems equally unrealistic to believe that we can prevent the storage and tracking of personal information.
We live in a digital age, and computerisation and automation in all walks of life is going to increase, not decrease.
That’s inevitably going to produce more data, and the ability to track and analyse it is already possessed, to a significant degree, by a number of organisations. Today, most of them are shady government bodies, either partially or wholly unaccountable to democratic scrutiny. Tomorrow, such abilities will increasingly become available to the rich and powerful, be they corporations or organised crime.
The knee-jerk response to all this is to attempt to curtail the collection of information - but not only is that not going to work, it’s actually going to harm us in as many ways as it helps, by preventing lots of the genuinely useful advances that technological integration could bring to our daily lives.
I would argue that the danger posed to our liberty by the collection information comes not so much from its existance, but the uses to which it is put. Therefore we should be concentrating, not on prevention, but on two other things: regulation and complete transparency.
Regulation to make it absolutely clear what uses the information can not be put to - such as discrimination on the basis of genetic data. That’s the easy bit.
The bit that’s harder to get one’s head around is the transparency. As with everything from freedom of information legislation to open source software, we need to recognise that protection from abuse is more likely to come from increased scrutiny, rather than secrecy. So instead of trying to keep the information locked up, we should go to the other extreme and open source it. The scary bit of having a unique identifier for a person comes when we ask ‘what happens when things go wrong?’. What if my unique id gets separated from my biometric data, and the world thinks that I am someone else? The way to protect ourselves against that is massive redundancy, distributing and duplicating the records all over the place and making sure that there are multiple, independantly verifiable sources, and that everyone has equal access to all the data.
As someone at the meeting pointed out - I don’t really care if someone can see my bank records, just so long as I can see Tony Blair’s in return.