Reflections on NetSquared London Data Privacy Meetup
Facilitated by the knowledgeable and engaging Wendy Grossman and Javier Ruiz, the NetSquared London Meetup on Data Privacy surfaced some important, useful and informative discussion. One thing that was made clear is that there is a lot that the average person and nonprofit is unaware of on this issue. There is also a lot that those who are familiar with the issues (including those involved in the use of data for good) are struggling to address. Data privacy goes beyond the big players to middlemen, and beyond the lone hacker to organised crime. It is being driven by commercialism and government interests and laws are failing to keep up. We discussed the importance of identifying your threat threshold as each person and organisation depending on their activities, interests and level of obscurity may require a different approach to data privacy.
The types of data being kept and disclosed to third parties include:
- Public sector data e.g. education data or other data held in the public domain
- Private sector data - e.g. ISPs are required to keep records of data traffic including VOIP. Amazon and airline companies also keep data.
- Data submitted voluntary – e.g. through social media sites
- Automated data - e.g. CCTV cameras automated plate recognition systems
- Hidden data - e.g. super cookies and flash cookies, data exhaust
- Location data e.g. from mobile phones
- The data you store about other people - e.g. photographs and other information on your computer or phone.
Who wants data?
- Criminals (including money launderers)
- Everyone (depending on what the data is!)
Issues that arose in the Meetup
- Privacy issues can also arise when opening up government data. If aggregated data is made available, eventually, with the skills, time and right resources you may be able to identify individuals.
- If data is made open without the respective capacity to make best use of it the private sector may be the primary beneficiary of the data.
- Some lose social capital when their privacy is violated.
- Profiling may increase with the release of certain types of government data leading to discrimination
- ‘Fraud as a service’ is now the norm
- There is huge financial loss to governments, and corporations when privacy is violated e.g. did you know that according to Semantic the average data breech cost the UK £1.9 m to recover from
- The commercialisation of privacy in an era of not only open data but big data (See McKinsey report on Big Data) leads to an increase in data privacy violations.
- There is no longer the worry of only the lone hacker as online crime is organised crime.
- Legacy mistakes don’t get forgotten as more data is being stored for longer.
This is a brief summary of some of the issues discussed. For further information on how to protect yourself and your nonprofit have a look at information on the following websites, to determine what may be of importance to you:
- Open Rights Group
- Privacy International
- Access – Also see their Practical Guide to Protecting Your Identity and Security Online and When Using Mobile Phones
- Tactical Tech and Frontline – Security NGO in a Box
- Electronic Frontier Foundation – (See Surveillance Self Defence)
You can also read the EU Data Protection Directive and find out about the controversial EU Data Retention Directive and the UK Digital Economy Act.
In addition, if you would like to be involved in ongoing discussions about open government data and privacy you can subscribe to the Ogd-privacy mailing list.