Big Uncle: benevolent security. The positive side of the loss of privacy

Big Uncle is the concept of “benevolent security”. We discussed previously how privacy is a dated concept, disappearing fast. People get all tied in a knot over this, but the consequences are only as bad as we let them be. Like any technology, there will be evil applications and there will be good ones. There are upsides which we will investigate, in a series of posts about Big Uncle.

Security is one of the most active areas of IT, driven by new pressures. There is a convergence of different security domains, and new technologies for mining the data in those domains. The changing world creates pressures to employ these advances for our protection. As these advances compromise our privacy, they also drive social change in our attitudes to privacy.

It is already an accepted fact that the organisations around us watch us: governments, employers and corporations. This is generally done for security, to detect fraud, or for marketing. Their sources of data are proliferating:

• mailing lists, subscriptions, memberships
• tax, customs, permits, licenses
• offences and fines
• EFTPOS, ATM
• web traffic, cookies, social networks, e-commerce
• emails, SMS, VOIP, traditional phone
• mobile phone location
• public transport, tolls
• physical building and car-park access
• CCTV : license plates, face recognition (over 4 million cameras in the UK alone)
• Smart tags (RFID), smart cash

In addition to the growth in the number of sources of data, there is a convergence of these sources. Thanks to EAI, Web Services, and SOA, organisations can share data between their systems and between organisations.

Because much of the infrastructure in countries such as the USA is privately owned and operated, effective security measures depend upon collaboration between the public and private sectors.

Most of the inter-organisational data sharing is with your permission, either directly (for example, where an organisation such as a bank manages your identity for you and authenticates you to another organisation) or indirectly through legislation (for example where Customs and Revenue are allowed to exchange data, or covert agencies are enabled).

You may not always realize you have given permission (as in the fine print in agreements that allows companies to share marketing information), but in general you have granted trust to these organisations by conceding a little of your privacy. We will return to this point.