Who wants to know?

Innovative engineering is needed if privacy is to survive the information revolution, says Nigel Gilbert.

Increasing amounts of electronic data about us are being collected as we go about our daily lives. This has some advantages — it makes it easier to access medical records when and where they are needed, provides better personal security against theft and violence and enables more precisely targeted supermarket special offers. The disadvantage is the loss of privacy.



In a recent report, a working group of the

Royal Academy of Engineering

argues it is possible to have security, convenience and privacy — if good engineering principles are followed.



Dilemmas of Privacy and Surveillance: Challenges of Technological Change

raises a number of points that engineers involved in the specification, design and implementation of IT systems need to consider.



For many electronic transactions, a name or identity is not needed; just an assurance that one can pay or is eligible for the service. In short, authentication (do you have the right to perform some activity?), not identification (who are you?), should be all that is required.



Services for travel and shopping can be designed to protect privacy by allowing people to buy goods and use public transport anonymously. It should be possible to sign up for a loyalty card without having to register your personal details, and consumers should be able to decide what information is gathered about them.



The same is true for many other services where information is collected, often without good reason, or reasons that appeal to the organisation collecting the data but give no benefit to the consumer.



The report suggests the government could regulate this and other matters through a 'digital charter' that would clarify how personal information may be shared, the rights individuals have to check and correct their data, and their rights to opt out of having data stored by businesses the state.



One practical recommendation is that credit agencies and the like should be required to make copies of personal credit ratings available annually without charge, as is now the case in the US.



In future, there will be even more databases holding sensitive personal information. As government moves to provide more electronic services and constructs the National Identity Register, databases will be created that hold inform- ation crucial for accessing essential services such as health care and social security.



But complex databases and IT networks can suffer from mechanical failure or software bugs. Human error can lead to personal data being lost or stolen. If the system breaks down, as a result of accident or sabotage, it is possible that millions could be inconvenienced or even have their lives put in danger.



The report calls for the government and corporations to prepare for such failures, making full use of engineering expertise in managing the risks, and for compensation for individuals affected by foreseeable disasters.



It also investigates the changes in camera surveillance. CCTV cameras are increasing in resolution, record in colour and generate digital images that could be stored forever. Predicted improvements in automatic number-plate recognition, recognition of individual's faces and faster methods of searching images mean that it may become possible to search back through vast amounts of digital data to find out where people were and what they were doing.



The UK has the highest density of surveillance cameras per head of population in the world. Often, these are installed in the belief that they will reduce crime but the evidence, from Home Office and other research, is that cameras are poor at preventing crime, although they can be used to identify criminals after the event.



The report calls for greater control over the proliferation of camera surveillance and for more research into how public spaces can be monitored while minimising the impact on privacy.



We already have a good idea about what technologies will be on the market in the next 10 years, because that is the minimum time it takes from invention through to mass market penetration.



The report looks at likely developments and classifies them according to their implications for privacy and surveillance. It suggests some areas where current and foreseeable technologies will probably be inadequate and where we need to put our research funds.



For example, we should examine ways of monitoring public spaces that minimise the impact on privacy. We should devise secure ways to provide goods and services electronically that do not require identification. And we might think about ways to protect personal information with adaptations of the digital rights management technology methods similar to those used to protect music and films.



Engineers' knowledge and experience can help 'design-in privacy' into new IT developments. But first, the engineering professions, the government and corporations must recognise that they put at risk the trust of citizens and customers if they do not treat these matters seriously.





Nigel Gilbert is professor of Sociology at the University of Surrey and chair of the Royal Academy of Engineering working group on the dilemmas of privacy and surveillance. The report is available at http://tinyurl.com/yul7kl