Privacy is the Future? Not on London's Trains
“The future is privacy,” is the new mantra of Mark Zuckerberg, Facebook’s CEO. Not long ago it was: “Privacy is dead”. Which is it?
This is an important choice and not one reserved for BigTech titans alone. It is a choice we each must make, especially in the way we engage with public authorities and companies that seem intent on fudging the line between service, security and privacy.
Transport for London (TfL), the UK capital’s transit authority, has announced that it is about to start collecting data from users’ wifi as they move around the underground rail system.
The data collection, which will start on July 8, will purportedly be used to offer sturdier details on how people move around the Tube system and within stations. This, says the authority, will help with its long-term planning and will enable it to provide more effective updates for travellers.
The data collected will, at this stage anyway, be depersonalised. It won’t record browsing history or other similar information from your phone or tablet.
However, while there is no doubt that tracking wifi use will provide a more granular set of data than, say, CCTV or the use of e-ticketing systems, there are still questions as to why the TfL has decided to go this way.
Existing security measures already provide a great deal of detail about customer movement through the system, including some of the type of detail TfL says it wants to mine using wifi tracking.
Without pitching headlong into the world of Dan Brown-style conspiracy theories, one questions whether the TfL, in using this technology, is either operating now as - or soon will become - an arm of GCHQ, the British governments’ communications headquarters.
This agency is responsible for such things as identifying potential security threats to the UK, using the latest in security technology.
Given the often very serious threats of terrorism on London’s packed Tube system, GCHQ will be keen to use whatever means available to track the movements of potential aggressors.
It already has access to at least some TfL data. Will this new system encourage GCHQ to take things a step further - for example, by removing the “anonymous” factor and adding names to data?
A balance must be maintained between public security and personal privacy.
Of course, TfL may not have this type of inter-agency cooperation at the top of its priority list. However, there is clearly a possibility that this may occur once the measure is in place, especially given the history of technology creep in other areas of public life.
When CCTV cameras were first widely installed across London, they were presented to the public as a way of cutting down on theft - particularly car theft. A former senior police officer once told me that CCTV has certainly been a boon to police in this regard. It helped to bring about a marked drop in theft rates.
However, over time, the use of CCTV technology gradually expanded beyond this original purview. Today, cameras are used to track parents who double-park momentarily while dropping their children at school.
While preventing people from blocking roads is a laudable exercise, there was no public discussion as to whether CCTV was the appropriate mechanism for this. The authorities simply decided that as the tools were already to hand they may as well use them in this way.
Similar problems have surfaced around technologies such as number plate recognition. Now, police are looking at using facial recognition on a fairly wide-ranging basis, to track the movements of potential suspects.
Unfortunately, while facial recognition technology is growing in sophistication and precision, it is a blunt instrument in the wrong hands, or under the wrong regulatory regime. It may be used on thousands of innocent people before it manages to identify one criminal offender.
The principle of innocent-until-proven-guilty is arguably already under threat, in an age of hyper-sensitivity and mass overreaction on social media. Widespread police use of facial recognition might devalue this principle even further.
China leads the world in terms of developing and deploying high-end biometric technology among its citizenry. Its technology can identify people by their gait as they walk.
The question is: if you are already tracking the movements of everyday people, via facial recognition, why do you need to add gait-tracking capabilities? This is technology creep at its most extreme, but we should be wary of thinking that it can only happen in China.
There is, of course, a considerable difference in terms of scale between biometric-tracking in China and the TfL’s tracking of wifi usage. However, the principle of technology creep applies here, too.
For now, the data collected by the TfL might be anonymous. But now that the system is in place and once people have grown blase about it, what’s to stop the TfL or another agency from removing that anonymity?
We are surrounded by so much privacy intrusion. Social media companies harvest our data - yes, including data we have willingly provided - in ways that we do not condone. Most sell the data to marketers and research or polling groups about whom we have no knowledge.
Over the next decade, privacy intrusion will become a major cause celebre. New activist groups will rally around calls for greater autonomy in an age of increasing machine automation.
A new generation, the emerging Generating Edgers currently in their childhood and teens, will emerge to challenge the ubiquity of intrusion. Some will become technological refuseniks - not exactly Luddites, but people who withdraw at least part of their lives from the growing reach of the internet.
We must ensure that we and they continue to have that choice. If we allow technology to creep too far, we may not be able to turn back the tide.
No, the TfL is not on its own ushering in the age of Big Brother - or, probably more correctly, Bigger Brother. But privacy is defended in small and incremental ways.
There has been no public discussion about these new measures. There should have been.