Metadata: Separating fact from fiction

Posted on July 17, 2013 in Governance Debates

TheStar.com – opinion/commentary – Collecting metadata can actually be more revealing than accessing the content of our communications.
Jul 17 2013.   By: Ann Cavoukian

Ever since we learned about the revelations relating to the U.S. National Security Agency’s sweeping surveillance operations, the term “metadata” has been frequently used, without proper explanation of its meaning or implications for privacy. Senior government officials have defended the seizure of our personal information on the basis that “it’s only metadata.” They claim that gathering metadata is neither sensitive nor privacy-invasive since it does not access any of the content contained in associated phone calls or emails.

This is fanciful thinking — perpetuating a myth that is highly misleading. The truth is that collecting metadata can actually be more revealing than accessing the content of our communications.

Metadata is information associated with other information — generated by our smartphones, personal computers and tablets. This information can reveal the time and duration of your communications, the particular devices used, email addresses or numbers contacted, and at what locations. Since virtually every device has a unique identifying number, all of your communications and Internet activities may be linked together and traced, with relative ease.

This digital trail can reveal a great deal about you as an individual. Information about where you live, work, travel, what you purchase online, who you associate with, even what time you go to sleep, wake up and leave home. All of this metadata is collected and retained by companies like telecoms and ISPs, for varying periods of time, for an array of business purposes.

Government surveillance programs, however, gather and analyze our metadata for different purposes. Armed with this data, the state has the power to instantaneously create a detailed digital profile of the life of anyone swept up in such a massive data seizure. Once this data is compiled and examined, detailed pictures of individuals begin to emerge. The data can reveal your political or religious affiliations, as well as your personal and intimate relationships.

Other inferences may also be drawn, from visits to social events, stores and businesses, as well as interactions with family, friends, colleagues and their associates. In this context, we might ask, what is more intimate, listening in as people talk on the phone, or being able to chart their activities and associations, day-in, day-out, and in great depth, at any time?

Supporters of this type of blanket surveillance continue to perpetuate the mistaken belief that if you have nothing to hide, you have nothing to fear. That is utter nonsense. The truth is that privacy isn’t about hiding — it’s not about secrecy. Privacy is all about control — personal control and freedom of choice. In a free society, individuals must be free to make informed choices about their lives, including when and to what extent they wish to reveal the personal details of their lives.

Another frequent misnomer used to defend metadata surveillance is the myth that if you want to be secure, you have to give up your privacy. This is simply false — it is reflected in dated either/or, zero-sum thinking. Not only is it possible to have security while protecting privacy, it is far preferable because that is the essence of freedom — going about your daily activities without fear of the state looking over your shoulder. In free societies, we are not expected to “tell all.” That is your choice to make. The time to abandon these flawed beliefs and unnecessary trade-offs is now.

We must strive to have both security and privacy, in tandem. Freedom must be preserved from both terrorism and tyranny. Any power to seize communications metadata must come with strong and explicit safeguards. The purpose, scope and duration of data collection must be strictly controlled. Judges and elected officials must be empowered to provide independent, robust oversight.

The need for operational secrecy must not stand in the way of public accountability. In this networked age, privacy knows no bounds — it transcends borders, thus requiring our global attention. Together, we must demand national security measures that are accountable and transparent. Our essential need for privacy, and the preservation of our freedom and liberty, are all at stake.

Ann Cavoukian is Ontario’s information and privacy commissioner. Her new paper, “A Primer on Metadata: Separating Fact from Fiction,” is now available at www.ipc.on.ca.

< http://www.thestar.com/opinion/commentary/2013/07/17/metadata_separating_fact_from_fiction.html >

Tags: , ,

This entry was posted on Wednesday, July 17th, 2013 at 5:08 pm and is filed under Governance Debates. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply