Minority Report

02/09/2015

Data – we are all generating skads of it all over the internet and other networks.

Where we have been, who we have been with, what we looked at, what we bought, who we talked to, who we messaged, what we listened to, … and the list goes on.

In the broadest sense there are three groups interested in this data:

1. Law enforcement and security agencies, either solving crimes or getting ahead of the curve and pre-solving crimes (minority report style).

2. Planning bodies of many sorts that need this information to make their plans more effective. This is a diverse bunch such as political parties, urban planning groups, and music festival promoters.

3. Any number of companies that want as much of your money as they can get. This groups consists of a whole supply chain of data gatherers, analysers, aggregators, wholesalers and retailers that on-sell their work efforts to vendors of products and services. However, increasingly data itself is the being consumed – we are disappearing up our own data orifices.

In the interests of personal freedom many are arguing that governments should clamp down on data collection. Unfortunately the cat is out of the bag and the data is already being collected. Indeed the various nets and the devices connected to their edges are beyond the control of any national government – at most there are a handful of governments that could bring down the networks. But that is different to control – in fact its a sort of admission of no real control.

The best we can do is place clear limits on the misuse of data by the three interest groups at the end of the supply chain, on a national level.

In fact I would make the misuse of such information a criminal offence. And put the onus of proof on clear data ownership and integrity, inclusive of any original data collection, upon the end (mis)user of data – the defendant. By making it a criminal offence the risks of using data illegally cannot be transferred by warranties in a contract. Indeed it would be an unlawful and criminal act so that any aggrieved party could take court action, not just the public prosecutors.

An example would be Coles or Woolies buying user data off some middle company that has aggregated and parsed data from a variety of sources including Google and Facebook. The directors of Coles or Woolies would be on the hook for criminal charges if they use illegally obtained data, or misuse data in contradiction to a clear code of conduct.

Generally speaking the risk of criminal charges keeps people honest, especially senior managers and board directors. At the end of the day we still live in a world where it is people, not machines, that make decisions to do silly things. So we need to make people responsible in a criminal sense otherwise the cost of getting caught is just a cost of doing business.

As a postscript I would add that data collected under a EULA (for example in an app or a browser) would only stand-up to court scrutiny if the EULA had first been approved by a national body set up for this purpose. If not it would be deemed to not exist for the purposes of being used by an end-user of data as defence material in a criminal court case.