Beware of gullible politicos tinkering with data privacy

Today is international data privacy day, and It’s a shame we do so little to mark the event

WITH THE Seanad passing the data retention – oops, communications – Bill without amendment last week, and Data Protection Commissioner Billy Hawkes warning political parties on Monday that they are not to illegally use (again, for some) unsolicited text messages, calls or emails in the looming election, how ironically appropriate that today is International Data Privacy and Data Protection Day.

We sure need it. Our own knowledge of the issues and implications around data privacy remains shockingly low. What else explains the ill-informed speeches of Senators and TDs welcoming data retention – the storage of transmission data about every one of our phone calls, e-mails and some internet use – as an aid for criminal investigations even as they wave in longer retention periods for Ireland than almost any other country?

Along with creating a more unwelcoming business environment for exactly the internet and technology “knowledge industries” the state supposedly wishes to attract, our new data retention legislation goes against all evidence that shows that police do not need data for investigations held longer than the six months advocated by Europe’s Data Protection Commissioners. Not for one to two years (as under the new proposals), not for three years (as was the case before).

Read that again: not one court case the politicos will cite during their speeches about why we need data retention made use of, or required, a single piece of data retained for longer than six months.

Meanwhile, as so few restrictions apply to the Garda in requesting retained data, tens of thousands of requests have been made for records. We do need legislation to protect data from wholesale trawling – but that does not mean we also need to continue to store it for longer than is recommended or than most of our European partners hold it for.

But our pending legislation ignores that the very concept of long-term data retention is under serious threat now in several EU countries including Germany. Our own poorly drafted, existing data retention legislation has been referred to the European Court of Justice for consideration on the very grounds of whether storing data on an entire population before any one of it has committed a crime – just on the possibility that someone might – is grossly disproportionate.

So we certainly have much to consider today. It’s a shame then that we seem to do so little with a day that has become an annual fixture elsewhere, with many events happening across the US and Europe. Not so much in Ireland, which is a lost opportunity for teachers in particular.

Many schools and universities internationally do awareness- raising activities with students around the subject, including debates on the subject of privacy and workshops on options for protecting your data online.

This is critical knowledge needed by new generations growing up having known nothing else but mobile phones, social media profiles, and public photo and video sites. And given that the default settings on Facebook, which more rather than less of us now use, still share your data and images with friends of friends, education in the area of privacy and data protection is crucial for all of us.

But it isn’t just students – many citizens say they feel powerless when they deal with social services and are asked for information that they do not need to hand over. This can be especially the case with the more vulnerable in society – homeless people, or the elderly; people less sure of what authorities are allowed to ask.

Would you know yourself? Most of us would not. And as the government prepares to bring in a universal identity card which would give access to so much of our most personal data, we need to understand what we may be trading away in the name of bureaucratic convenience.

There has been no public debate at all on whether citizens should have to carry ID cards much less cards connected to our health and social welfare information, the kind of card widely opposed by privacy advocates worldwide.

There are some easy ways to learn more about your personal and business rights to privacy – and if a business, obligations towards data protection.

For individuals, the Irish Council for Civil Liberties produces a range of free brochures on a variety of topics, one of which is called Protect Your Privacy.

This offers an excellent, easy to understand overview and list of resources and can be viewed online, downloaded from their website or obtained from their offices. You can find it at: tinyurl.com/6l6xt5d.

The Data Protection Commissioner’s website, dataprotection.ie, also has a wealth of information for businesses and citizens. The menu on the left-hand-side of the site offers a link for individuals or organisations, depending on what a visitor is looking for.

The website for European Privacy Day, europeanprivacyday. org, offers a booklet for this year’s event that summarises some of the key issues and provides a handy overview.

These are going to be topics that only become more pressing as we become ever more technologically intermeshed. In particular, we need to watch what our politicians are doing as it is clear they have a very low level of knowledge about data retention – much less data protection.