I was at a fascinating (if chilly) conference yesterday to hear a gratifyingly diverse bunch of panellists express their views on the so-called “Post-Bureaucratic Age” (PBA… Twitter hash-tag #pbage in case that’s how you prefer to get fed). A strong “draw” for the morning session was the appearance of David Cameron to set out how a Post-Bureaucratic strategy could help square the circle of improving public services while wrestling with colossal budget constraints.
I’m not going to try and define what the PBA is, or re-visit yesterday’s speeches – there’s plenty of coverage of that online (here‘s as good a starting-point as any, and William Heath’s comments here set out the identity and privacy landscape with commendable eloquence).
What I will try and do, though, is look at this through the eyes of a privacy/policy technologist well-used to promises that the latest technology will fix all our ills. Here are some of the pitfalls I think this policy strategy will need to negotiate if it is to deliver the kind of benefits being cited in its support.
First, I should make it clear that I agree with many of the concepts. The PBAge is to be founded on the idea that public data should be more visible; processes more transparent; decision-making more accountable. Arguing against that is a bit like making the case against motherhood and apple pie.
However, whatever the potential benefits of a PBA approach, I think it’s absolutely critical that we understand the basis on which we’re opting for it, if we do. For instance, I suspect that a large part of the purely emotional appeal of PBA is in reaction to the undeniably adverse perceptions of “Bureaucratic Age” programmes such as the National Identity Scheme, ContactPoint, Connecting for Health, the Independent Safeguarding Authority, the Digital Economy Bill and so on. In short, we need to be very clear-headed about whether we’re signing up to PBA “on the rebound”. That’s not a healthy basis for a long-term relationship…
Second, there’s the risk of believing our own hype about this sparkly new technology. Too often, this takes the form of a stampede to novelty, with thoughts of security/privacy only after it’s too late. As regular readers can imagine, I do not subscribe to Mr Zuckerberg’s recent contention that “privacy is no longer the social norm”. It will be a strange day indeed when the last word on “privacy as a social norm” comes from a 25-year-old white male American billionaire college drop-out.
So, by all means consider ways of making household energy consumption figures more visible… but think equally carefully about whether there might be some issues of personal privacy involved in printing your household energy numbers on your neighbour’s bill (as was suggested yesterday).
If the concepts are poorly implemented, they encourage ‘gaming’ of the system. After all, public sector performance/league tables were also proposed with the best apparent intentions of ‘transparency’, ‘choice and ‘accountability’ in mind, yet yesterday Prof McGurk’s plea to manage outcomes, not processes, could not have been more heartfelt.
If the implementations are badly deployed, they lead to perverse consequences. For instance, current guidance on the implementation of ISA “safeguarding” measures appear to require employers to compile – and disclose – dossiers which intrude substantially into the private lives and personal history of their employees – regardless of the provenance or reliability of that information, or its relevance either to the employee’s job, or to the stated purpose of protecting vulnerable third parties.
Third, governance. All the use-cases proposed yesterday were conspicuously cuddly. Energy-saving; better public services; reducing public debt; plan and fund the development of your own neighborhood. Bless. Here are some things which weren’t mentioned: counter-terrorism; anti-money-laundering; immigration and border controls; taxation; reduction of benefit fraud… My point is, as well as empowering us to do the things we would like to do, the PBAge will also have to include those things which we don’t like, but which the state occasionally has to do to us.
In terms of identity, privacy and personal data, the way I usually describe this is as follows:
Think of “the government” as having a number of sources of information about you, by virtue of the various relationships it has with you as a citizen.
The PBAge suggests that you, as a citizen, can benefit from better services if you or someone else is able to join together various now-to-be-published sources of data. Presumably it will still, though, be important that that only happens as and when you consent to it (either the data-joining, or your making use of the resulting service).
On the other side of the ‘cloud’ are the less cuddly things government is expected to achieve; protecting public funds and services against fraud, delivering effective law enforcement, preserving national security, and so on. Many of these things, let’s face it, are often based on the non-consensual joining-together of information about you… and some of that information is from exactly the same sources as are to be used for the cuddlier purposes of PBAge.
In other words, what is required is the ability to manage two different and conflicting views over what may often be the same data. That implies a level of data management expertise which I don’t see in many places in the commercial sector, let alone in the public sector.
I do not think we understand, yet, what is the appropriate governance regime for data (including personal information) in the PBAge… bearing in mind that there’s no reason to suppose the current governance regime is fit for its current purpose, let alone applicable to the emerging requirements of the future.
With that in mind, whither PII?
Current notions of online privacy are, for the most part, based on legislation which seeks to list a finite number of pieces of data, which are to be considered “personal”, and which are therefore to benefit from special protection. Nowhere in those lists will you find pieces of data like “mobile network presence”, “time-stamp”, “network cell location”, “search history”, “browser profile”, “browser history”. And yet there is ample evidence to suggest that these are more than enough to compromise the individual’s privacy, anonymity and indeed self-determination. (I also hear, incidentally, that from the pattern of energy usage reported by a smart meter, the electricity company can tell the make, model and age of your washing machine… How long before the manufacturers start offering money for that data so that you can be spammed with “it’s time to replace your washer” messages…?).
Among the questions I think PBAge proponents are going to have to address with some urgency are these: in an age where “all data is personally identifiable”, how is personal privacy to be managed? How are factors such as informational self-determination to be incorporated in the resulting policies? And, echoing Prof McGurk again… how are we to manage data, but measure outcomes?