Friday, September 16, 2011

Storing all personal data for "security" purposes - some things to think about

Thanks to for alerting us to the problems with lawful access, anticipated to be part of an omnibus crime bill introduced by Harper's conservatives this coming Monday.

One aspect of lawful access expected to be included is a requirement for Internet Service Providers to retain personal data for delivery on request to law enforcement officials, with no requirement of a warrant.

There are many troubling aspects of this approach. One very troubling aspect of lawful access that I would like to highlight today is whether it is wise to assume that retaining large databases of personal information would ONLY be accessible by law enforcement officials. Wouldn't a database like this be handy for identity thieves? What about stalkers, spammers, hackers, con artists, or corporate espionage?  If we build it - a large database storage everything we do over the internet, designed for retrieval at an individual level - will they come?

No doubt efforts would be made to protect these databases - but if the information is designed to be retained to hand over for security reasons, then it seems reasonable to think that others will be able to figure out how to get at this information, too. It seems almost incomprehensibly foolish to even contemplate suggesting the creation of such databases late in the summer of the phone hacking scandal. Surely this has alerted enough of us to the dangers of not attending to our privacy in the electronic age that proceeding with such a plan would be political suicide?