Big Data and Big Government necessitate a paradigm shift
Big Data and Big Government necessitate a paradigm shift
by Petra Sitte, Member of the German Bundestag (The Left)
In his book Digital Disconnect, Robert W. McChesney sees an increasingly symbiotic relationship between Big Data and Big Government, describing it as “a marriage made in heaven, with dire implications for liberty and democracy” (McChesney, p.21). He explains how a military–digital complex has been developed, made up of the government, the military and the secret services on the one hand and the Internet giants from the digital economy on the other. According to McChesney, they have a complementary and mutually beneficial relationship: the government benefits from being given access to technologies and data by the firms; the firms benefit not only from receiving large services contracts from the government, but also because they can rest assured that the government will not restrict their activities through anti-trust, taxation or regulatory measures and will represent their interests across the world.
The grim picture painted in 2013 by McChesney, who is Professor of Communication at the University of Illinois, was published prior to the far-reaching revelations made by Edward Snowden. Since then, acronyms and codes such as PRISM, Tempora and XKeyScore have become synonymous with the covert mass surveillance of the population on a previously unknown scale.
Though only a fraction of the Snowden documents has so far been published and we currently have to assume that Internet firms are generally forced by national laws to collaborate with the security apparatus in the states concerned, the existence of a convergence of interests cannot be dismissed completely. This convergence of interests stems from the automated processing of large amounts of data for the purposes of analysis, prediction and accessing of information on individual behaviour.
Peter Schaar aptly defines the underlying concept as follows in his proposition: “big data represents a concept based on the idea of collecting as much data as possible – the more data that is collected, the better the concept works”.
In some areas of science this may even have positive effects. In medicine, for example, Big Data analytics is already bringing practical benefits in fighting infectious epidemics. Big Data makes improved prevention, earlier protective measures and more targeted treatment possible. Yet the knowledge gained through Big Data appears relatively superficial in comparison with scientists’ traditional quest for knowledge. In a talk given in Berlin recently, Viktor Mayer-Schönburger from the Oxford Internet School pointed out that Big Data allows correlations to be identified, but is rarely able to provide information on causality (see Sievers in Neues Deutschland, 22 April 2014). Yet finding answers to the question “why” remains the duty of critical science and it is also the very essence of enlightenment, emancipation, innovation and progressive policymaking. Thus, the limits of Big Data also highlight a trend towards a totality of existing facts and make clear that the use of Big Data must be well thought through and must be subject to strong human oversight, i.e. oversight by society and policymakers. It is particularly important in this context to ensure a sensitive technology impact assessment, leading to legal provisions focusing on individual civil liberties and human rights.
Against this background, the words of Eric Schmidt, now Google’s Executive Chairman, give pause for thought. Speaking as Google CEO at a technology conference in August 2010, he suggested that the challenges of modern technology could only be tackled through “much greater transparency and no anonymity”. And he added that, in a world of asymmetric threats, “true anonymity is too dangerous” (see Fried in CNET, 4 August 2010).
Schmidt’s words described a vision of society in which the elimination of all kinds of anonymity on the Internet is viewed as an article of faith. What he omitted to say was that in a world of mobile communication, with robots, drones, intelligent household appliances and many other technologies, information about people‘s current location is also generated. He also did not mention that the technologies needed for biometric body scans and analysis of humans have already existed for some time – whether they are used for voice or face recognition, fingerprints or handprints. It is already possible for the algorithm-based analysis of large amounts of data gained through smart devices to be combined with the logging of physical characteristics such as somebody‘s way of walking and moving or their speech, heartbeat or breathing patterns.
The data processing industry dreams of complete transparency in order to allow the profitable marketing of individual patterns of behaviour through advertising, insurance services, transport guidance systems and other process management systems. At the same time, this transparency presents opportunities on an even greater scale for the security state whose existence has become particularly evident since the Snowden leaks. The security state would gain opportunities to predict (and thus observe and sanction) human behaviour with, at the very least, Orwellian dimensions.
Thus, not only are a large number of good detailed regulations needed, as proposed by Peter Schaar, but also no less than a paradigm shift in data protection policy. We need a European area of data protection which is worthy of its name and which sets limits on the dreams of generating profits through Big Data at the expense of personal autonomy and identity, as well as on Big Government‘s false promises of security. Yet a European data protection area must not lead to re-territorialisation or balkanisation of the Internet, as Peter Schaar writes. A European Schengen routing system, for example, would mean the end of the fundamental principle of global connectivity. This would make it difficult to reject calls like those already made in the framework of the European Commission‘s Schengen deliberations during the Hungarian Council presidency for checks on content entering the area at external borders. Instead, we must ensure an equally high level of protection both within and outside the European Union. And in the context of amendments to European data protection law, we must ensure legal security concerning data processing by international companies, and that the right to informational self-determination is taken into account.
One important step in this direction is to make the principles of “privacy by design” and “privacy by default” binding in Europe. Schaar only mentions this briefly in his article, yet it is worthwhile explaining this by means of concrete examples. The privacy by design principle would make certain functionalities obligatory, such as the default encryption of data, data deletion after the performance of a function and technical measures ensuring purpose limitation. The privacy by default principle would mean that the strictest possible data protection settings would apply as soon as people began to use electronic services and applications. Thus web services, smartphones, tablets and apps would not be able to pass on data on usage, contacts and location and accumulate it on server farms without users giving their consent.
In addition, the establishment of a European area of data protection will undoubtedly require the exertion of political and economic pressure. The means to achieve this are there. One important element is the renegotiation and, if necessary, termination of the Swift and Passenger Name Record agreements, along with the Safe Harbour Agreement, which has proved ineffective in practice. In addition, an initiative is needed to create a European open-source infrastructure developed by a large number of small and medium-sized companies with public financial support and with standards developed openly, publicly and transparently. This is the only way to create a trustworthy European counterweight to the dominance of large American Internet firms.
Finally, I should point out that the mass surveillance of Internet communications is not only being carried out by the US National Security Agency (NSA) and the British Government Communications Headquarters (GCHQ). The French Direction Générale de la Sécurité Extérieure (DGSE), the German Federal Intelligence Service (BND) and other Western external intelligence services are also involved in this total surveillance. They are all responsible for surveillance of communications outside their own countries or between their own countries and others. Surveillance of communication within a service’s own country is largely taboo and the legal restrictions in place are similar in all cases.
These services cooperate via a system of information swaps. They receive information on communications within their own country in exchange for information they have gathered on communications in another country. As surveillance of communications abroad is not subject to any restrictions and thus not to any oversight, the system always conforms with the national legal framework – at least from the perspective of the secret services and the governments which back them. Were it possible to end this system of mutual favours, at least in Europe, by ensuring that all EU citizens were treated as domestic residents, one of the first important elements would be removed from the worldwide system of mass surveillance. This would lend the EU a much stronger position in negotiations with the US Administration on dismantling the surveillance system. Unless this happens, the impacts of Big Data and Big Government will indeed be fatal.
List of references:
Fried, Ina. “Google‘s Schmidt: Society not ready for technology.” CNET. 4 August 2010. http://www.cnet.com/news/googles-schmidt-society-not-ready-for-technology/
McChesney, Robert W. Digital Disconnect. New York: The New Press, 2013
Sievers, Uwe. “Verfolgt vom eigenen Datenschatten.” Neues Deutschland 22 April 2014. http://www.neues-deutschland.de/artikel/930683.verfolgt-vom-eigenen-datenschatten.html
|
MIND-Multistakeholder Internet Dialog |
