My panel session at ITU Telecom World 2013 is about privacy and security.
I would define privacy as the right to keep information about yourself from others. It is often thought to include anonymity and confidentiality of your information. There are many other variations of this basic thought. You may wish, for example, to keep your identity private, or you may wish information to only be available to your close friends and not to anybody else. You may also wish to move or remove information, or be able to change inaccurate information about yourself.
Let us think about the mobile phone. Your operator clearly knows where you are and who you calling, but depending on the services you may be using, other people or applications may also know information about you. This information could be your location, the contents of messages you are sending or numbers you have dialled. It is truly revealing to look at privacy messages that you may agree to when you download and use a particular App on your mobile phone platform. I know of one very common game, for example, where everyone has agreed for it to look at your last number dialled. I am still not clear as to why this would be required!
Another example is a large email provider, who inspects all the words in your emails both sent and received, and targets advertisements at you. Would you say that this is a breach of your freedom, or is it a legitimate use?
It is often argued that information can be anonymised, but this has been proved many times to be ineffectual – and one can find many examples of inferring an individual’s behaviour from anonymised data. So equally, there must be guidelines for data aggregation as well as data collection.
Naturally, there is a balance between the individual and their right to privacy. If you are a criminal or terrorist, for example, would you have equal rights? Of course all of this becomes more difficult because one person’s terrorist may be another person’s friend. This becomes even more interesting when we look at countries, where what from one viewpoint might be terrorism is from another viewpoint freedom fighters in action.
People also have rights to have their information forgotten. We do not want our fun or holiday pictures to be taken into account when future employers look at our prospects for a job. So should you have separation between your identity as a person with your own legitimate personal activities, compared to somebody in a role or position of power? We all have something that we wish to keep private from others!
The interesting question is: how do we ensure privacy and security in the various services and communications that we might be using? I believe that there should be clear guidelines and easy-to-understand, clear language to offer guidance to the individual. There are many examples of services that keep on changing security settings where it is extremely difficult to secure communications and ensure privacy. Services and products should also have adequate controls with regards privacy and security to protect the individual. For the present, this is not universally true. We need to think carefully to develop clear guidelines and protocols for doing this.
And so the panel should have a very interesting debate on the individual’s rights to privacy and security, and how to balance this against the detection of any illegal activities. We only have to think of recent events to realise what a delicate balance this can be.
