Roger Clarke's Web-Site
© Xamax Consultancy Pty Ltd, 1995-2016
|Identity Matters||Other Topics||Waltzing Matilda||What's New|
Principal, Xamax Consultancy Pty Ltd, Canberra
Visiting Fellow, Department of Computer Science, Australian National University
Version of 18 May 1996
© Xamax Consultancy Pty Ltd, 1997
This document is at http://www.rogerclarke.com/DV/Trails.html
People have always left tracks behind them. Apart from the physical footsteps we leave in the dust and the mud, some of the people who see us, and who we talk to, remember the events.
The twentieth century has seen a significant increase in the intensity of our trails. There have been many reasons for this, including the increased scale and geographical spread of societies, the growth of organisations to the point where employees have no personal relationship with the organisation's clients, and the ongoing drive for efficient and rational management.
Since the middle of the century, the capabilities, and the capacity, of various elements of the computing and communications technologies have been an important driver of increased intensity in the personal data gathered, stored and used by organisations.
Some examples of trails that we have been leaving for some time are:
In many cases, these trails have remained entirely independent of one another.
In some cases, however, marketing organisations have shared data about our purchases; lending companies have shared data about our applications for, and repayments of, loans; and the tax authority and more recently the Department of Social Security have raided many different data-sources in an endeavour to catch people out.
We have been leaving additional tracks in the sand:
A proportion of what used to be anonymous cash transactions are now identified, because, during the early 1990s, we have begun making many moderate-sized payments to supermarkets and petrol stations by debit-card instead of cash.
We are withdrawing money from ATMs more often that we used to in the bygone days when we went to bank-branches in order to get cash into our wallets. This results in our whereabouts in time and space being recorded more frequently.
The devices from which telephone calls are made, and the numbers to which the call is placed, are now recorded and reported.
A whole series of developments is taking place, which are resulting in yet more, yet more intensive trails. Consider the following:
Entry to and exit from many buildings and areas within buildings is now controlled by cards and chips of various kinds. These give rise to logs of which cards (and therefore which individuals) passed which points when, and therefore where people were at various times.
Increasing use is being made of cameras and video-monitors, in such places as banks, shopping malls and car-parks. The records are migrating from film to digital form, and are being kept for an increasing duration. Various universities and companies are working on automating the detection of particular kinds of actions, and the identification of individuals appearing on film.
The sources and destinations of all email is logged. Content is also logged, in many cases only briefly, but in others for an extended period of time. Employers are tending to claim (and in some cases actually have) the power to monitor, and to intercept any message sent or received by an employee. This was less clear with telephone calls, and logs of telephone calls have generally not existed.
The sites and pages visited, the web-forms filled in (including their content), and the search-terms provided to spiders, are all logged. This logging may be by the client workstation, a nearby server, or a distant server. The Netscape 'Cookies' feature enables a server to initiate an inquiry into a file stored on a client; and Java scripts enable a server to cause processing to be performed by a client.
Stored-value cards are intended to replace anonymous cash payments. Some schemes are just as anonymous as real cash; but some are at best pseudonymous (by which is meant that that an indirect identifier is used, rather than the person's 'real' identifier); and in many SVC schemes, all transactions are identified. The large numbers of small-value transactions that we undertake each day represent a splendid trace of our movements.
And there's more .... Here are some forthcoming sets of records:
Telcos are implementing technology to enable the receivers of calls to be able to see and record the number from which the caller is dialling. The primary purpose of this is to enable marketing companies to gather identification, contact and demographic data about their callers; and to inter-relate it to their exist data-holdings.
Until recently, telephone numbers have identified sockets in walls. With the advent of analogue mobile telephones, they came to identify devices. With digital mobiles, they now identify the chips on the cards inside the devices (and shortly the telephone company will be identifying both the chip and the device).
Meanwhile, plans are in place for numbers to be issued not to sockets, devices and chips; but to people. Calls will be placed to a person, and the network will work out where the person is and how to connect the call. The ambiguity involved in existing trails will disappear, as call records will unequivocally record which two people the conversation was between; and the telephone network will incorporate a real-time locator capability for people generally. This will presumably be sold as a service.
The transport industry intends that, in perhaps a decade's time, vehicles will be routinely tracked through transport networks, and their drivers will pay for their usage of the space. Most such schemes are being designed to identify vehicles, and even their owners, which will result in a real-time log of people's locations and movements.
A range of means are used for associating data with individuals. For a comprehensive review, see Clarke (1994).
There is an increasing trend towards the invention and application of biometric means of identification, which depend on human attributes or behaviour. Although certainly not foolproof, they are capable of being more accurate than existing schemes based on tokens and personal knowledge.
There is a great temptation to use the same identification scheme for multiple purposes. Where this is done, it is trivially simple to merge two or more sources of data, and generate an even more intensive trail of personal data.
Some people regard all of the above as simply technological progress, and bound to be all for the best ('why else would companies and governments be doing it?', they reason).
Other people perceive enormous dangers in the increasing intensity of personal data trails. These are based on:
Further details about these threats can be found in Clarke (1988) and Clarke (1994).
Some people (in particular contemporary sci-fi authors) think this is all basically true, but doesn't actually matter much, because the control exercised by government agencies and corporations over individuals is going to be fairly short-lived anyway.
Other people think that the present, seriously inadequate privacy protections need to be greatly extended, by using anonymity and pseudonymity to a far greater extent.
Sources on Dataveillance
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.
From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 50 million in early 2015.
Sponsored by Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916
Created: 18 May 1996 - Last Amended: 24 November 1997 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/DV/Trails.html