Databases and Privacy

If you aren't doing anything wrong, then what do you have to hide from us?

And, if I'm not doing anything wrong, then why am I under surveillance?

Or, what if privacy and surveillance don't have much to do with wrongdoing at all?

What if privacy were about a person's right to choose what he wishes to disclose about himself, and who he wants to share that with? And what if surveillance were about the loss of dignity and the likelihood of harassment that occurs when someone loses the ability to decide who knows what about his life?

We used to live in a world where privacy only worried celebrities. Now, we live in a world filled with questionnaires, application forms, and silicon gadgets — from credit-card readers to personal computers — that leave electronic tracks. Why should we worry about that? After all, the marketers and law-enforcement agents who collect, store, trade, and characterize us with this data only want to sell us nifty stuff and protect us from evil-doers. And it's not like they're trying to interpret all this data themselves; they have sophisticated software that makes all the assumptions for them. What could go wrong with that?

Well, most everything, as it turns out. Even if you aren't one of the millions of people who received letters in the mail this year telling you that your social security number or credit-account information had been stolen, you've still been hurt by data mining and database surveillance.

You've been hurt by all those telemarketers out there who pester you on your home phone because you bought a gift for someone with your credit card, or all those marketers who think you want your mailbox stuffed with obnoxious spam because you filled out a form for a company, or or all those insurance agents who think you're a reckless driver because your car has two doors instead of four, or all those employers who will screen you out of a job if you've ever said anything they might disapprove of on a blog or online discussion group, or all those security guards and law-enforcement agents who will hassle you at the airport, or on the highway, if you've ever called someone who's called someone who's been making a lot of long-distance calls to his sick grandmother, who happens to live in an Islamic country.

Of course, no reasonable person would ever do things like that to you, but then corporations and governments aren't reasonable people, are they? They are organizations whose obsession with data and statistics leads them to make even more ridiculous assumptions than the ones I've mentioned above. Every time they collect, store, and then "share" our personal data with some affiliated company or government agency, the thousands of little nuisances that make our lives a little bit worse multiply. Worse of all, not all of the problems they create are mere hassles.

Ron Peterson, for example, couldn't get a job, or insurance, because a company that purchases information from law enforcement agencies to sell to employers had him listed as a prostitute in Florida, a fencer of stolen goods in New Mexico, a witness tamperer in Oregon, and a sex offender in New Mexico. Peterson actually had been convicted of a crime, petty theft, in Texas, more than three decades ago, but that's all. Brandon Mayfield isn't too happy about database surveillance either. He was arrested and held in a cell for three weeks because his fingerprints, which are stored in a database, matched the fingerprints found on a duffel bag which contained the explosives that destroyed commuter trains in Madrid. But Mayfield is an Oregon lawyer who has never been to Spain. And Audra Schmierer has discovered that she can't "prove" she's herself to employers anymore because more than a hundred illegal aliens are using her social security number to get work after someone found her personal information stored on an organization's database server.

The organizations who do these things to us say they are concerned with our privacy, but if this were so, then why would they collect personal information in the first place, and then store it, forever, on machines that are inherently insecure and error-prone?

They do it because they've mistaken data for people and statistics for character. As a result, they've created a world where people should be worrying about what their credit cards might say about them or whether a phone call or E-mail message could be misinterpreted by a bureaucrat or a piece of software.

But organizations have no inherent right to data about us. Their "mining" of electronic networks, for browsing habits and communication patterns, is invasive. Their forms, which require us to divulge information to them that they have no reasonable use for, are obnoxious. Their habit of keeping, even relevant, information about us much longer than is necessary for them to do their jobs is irresponsible. Their notion that information about us is some sort of commodity, which they can sell and trade to each other, is contemptible. And their willingness to let statistics tell them who we "really" are, and what we are liable to do, is dangerous.

Organizations have demonstrated that they are not willing to stop collecting and "interpreting" our personal information until they are made liable for their actions. So, maybe, it's time to do so, because privacy matters more than you may think.