E-government push brings privacy implications

12 Oct 2004

Moves towards joined-up government and electronically delivered state services can be a threat to individual privacy, an international expert has warned. Simon Davies, founder and director of the watchdog group Privacy International, also said that there is often a lack of public discussion around the changes involved in how citizens deal with the state.

“E-government is a method of blinding people to accepting technology that otherwise would be quite hard to pass,” said Davies, who has worked for almost 20 years as a privacy advocate and specialist in IT, consumer rights and data protection.

“The two processes it involves, perfect identification of every individual in the state and joined-up government, both involve breaches of privacy recognised in law for 30 years,” he told siliconrepublic.com. “Because it seems reasonable that all [government] databases should be joined at the hip, there has been no discussion of ‘functional separation’ as a safeguard for the public.”

According to Davies, this separation would involve keeping diverse records of each person which in turn would mean that individuals would not find themselves “fighting with huge government apparatus”. “If I have a dispute with my local authority, I won’t discover that in six months’ time my housing benefit has been suspended.”

Although many arguments in favour of e-government centre on a concept of the common good, Davies argued that privacy is in itself a common good. “Protections over individual information are a public good that is necessary in a democracy.”

Davies was visiting Dublin to work with the Irish Council for Civil Liberties at the launch of its Privacy Audit – a check on government systems to ensure that individual rights to privacy are being respected in accordance with current international standards. Davies has joined the board of the ICCL for the audit project and the Irish group now has established a formal working relationship with Privacy International. The results of the Irish privacy audit are due to be released in the first quarter of next year.

Davies welcomed the fact that Ireland appears to be more circumspect about its adoption of elements of e-government. “I have a sense that Ireland isn’t quite as much in the grip of IT fanaticism that the UK is. Things are done at a different pace in Ireland; in the UK, Germany and Northern Europe, legislation can be passed through with breakneck speed. Here, if you look at the gestation period of legislation it appears to be longer than in other countries and that’s a good thing.”

He also sounded the alarm over the widespread adoption of biometric technology as a security measure for passport control and international travel or national ID card schemes. The US General Accounting Office has established an error rate of 2-3pc for civilian fingerprinting and it observed that a further 1-2pc of individuals cannot be physically fingerprinted because of injury or occupation.

“If you combine those two statistics, what you find is that as you grow the database in size, the error rates will exponentially increase. It makes biometrics useless as a security measure beyond a certain point.”

Davies pointed out that Newham Borough Council in London had abandoned a four-year biometrics project based around facial recognition because it had not resulted in a single arrest. He was also sceptical of claims that biometric technology can reduce identity theft, noting that the problem is common in the US because there, a citizen’s social security number is used as a default identifier in many different transactions. “The more you distribute identity across government, the more remote are the chances of having your identity stolen,” he said.

By Gordon Smith