Data sharing-the guiding principle should be informed consent

27 11 2009

There are many good reasons why both governments and businesses may want to capture, analyse and share data. Good in the sense that the intention is to create mutual benefit for all concerned. In some ways we would like digital marketing, for example,  to be more targeted than it is, if only to avoid the torrent of spam email inflicted on us. The gathering of statistical information by governments can also be used to plan service provision and state investments in a more rational way. So I do not take  the view that governments and big business are out to get us and that any data gathering is inevitably an unwarrantable intrusion into privacy.

However, while the interests of data  gatherers and those whose data is gathered (datees perhaps?) may be congruent, they also may not. This is a particularly crucial point now that we leave such a long electronic data trial behind us through phones, email and internet browsing. We should understand as well that governments have a secular tendency to gather information for its own sake. This tendency is particularly exacerbated today when politicians and others in the state apparatus are more isolated from their constituents than before. In wishing to reconnect they are very keen on gathering as much information about us in as many ways as they can. Their insecurity also inclines them to want to police society more closely , hence current attempts to have access to all the electronic  data held by phone companies.

The discussion around data sharing and privacy is very complex. However I think there is one principle that, if it were adopted, would enable a way to benchmark what should and should not be allowable. That is the principle of informed consent. In other words, those whose data is being collected should have agreed in advance that this should be so. The principle of informed consent is implicit in any democratic society. If we need a legal definition of informed consent which we could apply to data gathering we can go to the Nuremberg trials of 1947.

The voluntary consent of the human subject is absolutely essential. This means that the person involved should have legal capacity to give consent; should be so situated as to be able to exercise free power of choice, without the intervention of any element of force, fraud, deceit, duress, overreaching, or other ulterior form of constraint or coercion; and should have sufficient knowledge and comprehension of the elements of the subject matter involved as to enable him to make an understanding and enlightened decision.

It should be informed because effective democracy requires people to understand what is being done to them and in their name. It should involve active consent because that is the essence of democratic government. In practice this should mean that any information in data form should only be stored or shared with the prior active consent of the individual concerned. There should always be an opt-in rather than an opt-out button. The onus is on the data gatherers and sharers to persuade and convince that this is the right thing to do.

This approach to data sharing is consistent with the view that we are autonomous citizens whose cooperation and consent with the state or with business is an active conscious decision taken with all the facts discuss and debated out in the open. In that sense it is an approach which would contribute towards a broader democratic renewal.




One response

27 11 2009
Johny Morris

I think the issue of trust and informed consent goes back ka little further than the second world war. As the Roman poet Juvenal famously expressed it “Quis custodiet ipsos custodes” or “Who guards the guards?” this is a problem with a provenance at least as old as Plato’s Republic.

Plato’s rather doubtful solution was the use of the famous “noble lie” that will keep the guards watchful of themselves. The modern equivalent of this are the various versions of the Public Sector Ethos. Of course the police will not abuse their powers – they are Police officers and therefore are to be trusted to police themselves. Then of course we see how they abuse the DNA Data Base, the anti-terrorist legislation, the use of summary powers in young offender situations, the deliberate downgrading of offences to make the stats look better etc. etc.

Respectful distrust should be the hall mark of a civilised democracy. I don’t expect the tax office to trust me when I submit my returns, I expect to be asked to provide evidence (well at least if asked). As a rule any powers given to the authorities will be abused to the point to which the abuse becomes intolerable to the public (as we are beginning to see with the DNA database) to further the aims of the organisation entrusted with the power. And in this case data is power.

And here I am not talking about the conscious abuse of data that many coppers routinely indulge in to check on the criminal records of their neighbours or potential son-in-laws but the scope creep of a collective desire to achieve targets. To misquote Rousseau “The use they make of that trust well begets their loss of it”. I’m for more Chinese walls, less connectivity, less data gathering and real power (and resources) to be given to a genuinely independent Information Commissioner.

Then there is the quality issue of relying on data captured for one purpose and used for another. Here I am speaking from my own professional experience as a recognised expert in data integration (that is the tying together of disparate computer systems). We all get to trust what is on the screen at the expense often of what is front of us. The spurious authority of the print out often overrides common sense. But where the recipient of the miss-information is disconnected from the source the consequences can be serious. I am currently fighting a local skirmish with the Metropolitan Police over data that they acknowledge to be wrong but which they refuse to correct and still intend to pass on to third parties who of course see it as having come from a trusted source and are not aware of its limits. Current proposals will automate this problem by a factor of 10.

The data in most corporate databases is often inaccurate. I know, I’ve looked at it. It tends to be just good enough to be used for the purpose for which it was originally gathered. Start pushing it around to places where the limits are not known and the result are disastrous.

Of course is there any political will to do anything about it? Here I side with Rob. Right now I’d say no there isn’t. We have been too fat and too lazy for too long. We aint sleep walking into a surveillance society we’re couch potatoing our way there. So here’s to Rob and people like him maybe he can shake a few of us awake long enough to resist.

Leave a Reply to Johny Morris Cancel reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: