Data abuse: When too much available data arouses desires

If the Internet of Things has teached us anything, than that data is its most valuable asset. Companies use it to optimize their production processes, improve logistics or simply increase their output. Data is also valuable for law enforcement. But it has to be used confidential. Unfortunately that is seldomly the case. In the long list of worldwide governmental data abuse, the Los Angeles Police Department recently banned facial recognition, after it had been used by officers without authorisation. But this is by far not the only case of abuse. Data protection seems more important than ever.

Data helps us ot identify and react on upcoming problems as early as possible. With the smart use of data we can avoid getting stuck in traffic, encounter hazardous weather or fix machines before they break down. So, naively spoken: The combination of all kinds of data can help making the world a better place. Unfortunately almost always the human factor comes into play. And wherever data is being generated, misuse is almost certain.

Nationwide camera surveillance, encryption backdoors and long time data retetion are the stuff, governments dream about. While this is no problem in totalitarian systems, those wet dreams of control fanatics are not that easy to implement in democracies. That is why terrorism, child abuse or other horrible crimes are reguarly used as justification for the further weakening of data protection and privacy. The eternal argument: There will be strict rules to prevent abuse!

Only that reality has proven these promises lies in most cases.

Governmental data abuse

We should not be surprised, that in totalitarian countries, smart technologies are being used to monitor the whole population or, as a case in Saudi Arabia shows, especially women. In Saudi Arabia, residents can use the Absher app, an online government platform, to access Interior Ministry services. The App allows you to apply for or renew your IDs, passport, pay traffic tickets or apply for visas. Since by Saudi rule, women are in need of a male guardian, the Absher app is also being used to grant or deny permissions for women and their children to travel abroad or apply for a passport or a visa. While the app is not tracking the movment women in real time, it still informs the male “guardian” automatically, if a woman tries to get her papers in order to prepare for a trip.

Google and Apple came under fire recently for not removing surveillance apps like “Absher” from their Appstores.

While the Saudi case comes to not much surprise, democracies also struggle when it is about to respect their citiziens privacy: During the corona pandemic, Germany made it mandatory for restaurant visitors to leave their name and contact adress in case of a Covid-19 outbreak. The collected data was explicitly only to be used for the purpose of tracing restaurant visitors in case of an infection outbreak. Turned out that in five german states the police used these guest lists for “reasons of criminal prosecution”. A clear breach of trust to those who gave away their data in good will in order to prevent the further spreading of the desease.

The Los Angeles Police Department (LAPD) has come under fire frequently for using facial recognition software in combination with surveillance footage. While consistently denying the use of this technique, journalists have uncovered more than 30.000 cases in the past ten years, when officers used facial recognition. While the defendants of those technologies argue that without them, fighting crime would be harder, the opponents argue that facial recognition is not accurate enough and often deliveres biased results with higher error rates for women, young and old people as well as for certain racial groups. Also, in the wrong hands, this tool can quickly being used to fight political opponents. As a result, the LAPD as now officially suspended the use of facial recognition for privacy concerns. But the move came not because of using facial recognition in general, but more because of using a third party software, that accessed publicly available photos from social media or websites without consent.

Can you really trust the system?

Data privacy is valued differently all across the globe. While in Europe especially the Germans value their privacy to an extend that even useful services like Google Streeview can only offer a fraction of what’s available in the surrounding nations, people in other democracies take their privacy less seriously. “I’ve got nothing to hide”, is the usual answer of those who care less. But is that the case? When too much data is available, it arouses desires.

Google StreetView coverage on a European perspective. Seems, the Germans (and Austrians) don’t like cameras in the streets pretty much..

In times of “Fake News” and the rise of state leaders who flirt with totalitarian methods “nothing to hide” can suddenly become an “unwanted opinion” and some previously harmless opinions, contacts visited or even purchases at the local book store make you an “enemy of the state”. With the increase of radicalization, when its less about having the best argument and more about who can lie and scream loudest, you might quickly wish your data would not be accessible to people you can’t trust.

There is the case of Frankfurt-based lawyer Seda Basay-Yildiz, who represented the family of the first murder victim of the German right-wing terrorist cell “National Socialist Underground” (NSU). Basay-Yildiz received death threats to her privately kept address mentioning herself and her whole family with details nobody could obtain simply by a Google search. Turned out that someone within the police accessed her data via the residents’ registration office. After examination of the case by the authorities a right-wing extremist network within the police surfaced, with not less than at least 38 suspects. The real offender couldn’t be identified until now.

Take data protection seriously

Companies must be careful not to become accomplices in the governments’ hunger for data. This is not always easy. On the one hand, they don’t want to mess with their customers and loose trust, but on the other hand, bad relations with the government can also mean bad business. Be it through lost tenders or ever new hurdles or even laws that threaten the own business model. If the balance of power has to be maintained, a civil society is needed that does not lose sight of the issue of data protection. A society that does not sit back and does not care. A society that keeps a close eye on companies and their governments on a daily basis and does not allow itself to be lulled by empty promises.

This does not require that everyone has to throw their smartphone or Alexa directly out of the window. But we need to be more aware of how we use these technologies. What Apps do I use, what rights do I grant my app. Do i always need the “best user experience” and therefore share more data than usual or is a little less sometimes better? But then again, how does all of this help if the abuse of data happens on a completely different level? A level where I, as a single person, have few or even none influence on like the aforemetioned case of lawyer Basay-Yildiz?

The least we can do is not to stay quiet about it and constantly remind our representatives what we expect from them.