Are we worried about the right issues on data privacy?

There are many reasons why I should not be a front line Lib Dem spokesperson. Among them is my rather pragmatic stance on civil liberties. I fear that my attitude to the government’s proposed law on surveillance is a case in point. Of course I think that individuals deserve proper legal protection, but I worry that the party, and the civil rights lobby generally, is expending too much energy on narrow legalisms, while missing what is happening in concrete reality.

Civil liberties are a touchstone issue for Lib Dems. While most of the public are indifferent, the party’s activists are passionate. Nick Clegg, the leader during the party’s coalition with the Conservatives, expended enormous amounts of political capital on the matter – and yet his compromises attracted opprobrium from activists, and not a few resignations. Now, as the party tries to stake out ground for a “core vote”, it has picked on this group of issues as an area to distinguish itself from the other parties. To do so the party will oppose the government’s new law, no matter what its final content. It is out and out oppositionalism, involving no fresh thinking and only token attempts to consider the problems  that the government faces. No doubt many of the criticisms will be valid, but the party will give ordinary citizens no reason to trust its overall judgement. Alas, that is politics.

At issue here is personal privacy, and how much information state agencies may collect on us without our direct consent, and in particular data on our online activities. The state faces a major problem: dealing with bad people: those who want to undermine public safety or steal our money, either through a malign political agenda (Islamic extremists is the favourite example), personal greed (an army of fraudsters) or simply personal gratification (such as paedophiles). These bad people are making full use of the opportunities provided by the internet, and the authorities are struggling to keep up. There is a more general difficulty alongside this: as the cost of skilled labour rises inexorably, the ability of law enforcement agencies to gather evidence by more traditional means diminishes. This means that much petty crime is not investigated; the police scarcely consider online scams to be a crime at all – they are left out of headline crime statistics. This allows a criminal fringe to exist on the edges of our society without serious molestation. Or so it seems to me (this is an unevidenced assertion!). Access to online data, including metadata (data applying to large groups of people), offers alternative ways to narrow down the search for leads, and may provide important evidence in its own right, allowing the authorities to pursue major threats and petty ones alike.

Now there is a real problem here: the problem of the false positive. Modern analysis techniques work on correlations and probabilities (much like human prejudices, in fact). This may be very helpful, in many fields, but it offers proof of nothing. Increasingly we tire of going that extra mile to get proof, and base decisions on these correlations. Mostly this is quite harmless. I get some rather odd online adverts on my Facebook feed; Amazon has yet to make any kind of sense out of my purchase history when it makes its suggestions. But it can be more sinister. Could some ill-advised browsing by your child on your computer mark you down as a terrorist suspect or, worse, as somebody who likes child porn? If such fears lie behind opposition to extending the rights of the state to examine online data, then it is not without foundation.

But isn’t stopping the state from gathering and analysing data tackling the problem in the wrong place? Shouldn’t we be looking harder at how they use the results of their analysis? My impression is that they don’t blink at trashing innocent people’s lives. The idea of innocence until proven guilty is being steadily eroded. In many fields all it takes is an allegation to wreck your career, even if it is false, or malicious. Credit ratings can be blotted by clerical errors, to say nothing of frauds. The more decisions are taken by computer algorithm, the more I worry about injustice. And yet these techniques surely have their place, if law is to be enforced by more than personal conscience.

I think this means that we need more accountability for the law enforcement authorities (from the intelligence services to the police to council officials), and better coding of what they are and are not allowed to do. The government’s new law looks like an important step forward here. No doubt it isn’t nearly as good as it is cracked up to be, but progress of any sort can be built on. The present legal vacuum allows injustice to be routine. We also need to be clearer on the types of inference that are acceptable in the legal process – mere correlation is insufficient.

So I think that liberals, instead of campaigning for stronger privacy, should be campaigning to prevent the abuse of data – and in particular establishing that enforcement actions taken should be proportionate to the level of proof. That will take a change of culture, and maybe it is swimming against the tide. But too heavy an emphasis on privacy simply aids those who are undermining our liberal society. And the public knows it.

.