Saturday, 25 August 2012
The unintended consequences of passing vague privacy laws
And yet here I was, attending a parallel event called the Turing Festival, sitting through a session on security and freedom. Surely, I thought, if anyone was going to raise a smile about surveillance and the sort of stuff we care about, then one of these speakers might.
And, actually, they did. But they were referring to a Government initiative that I’m taking a Trappist vow of silence on, so that material will be embargoed for a couple of months.
The surveillance session itself took place in a great location – it was in a lecture theatre in a building which was also used as the Edinburgh Fringe performers’ central base – so the morning coffee break involved meeting (and queuing behind) what can only be described as “comic royalty”. Sue – yes, she of Mel and ... – smiled at me and even said a few words. Then, I removed my bag from the spare seat, received another smile, and she ambled away, with said chair, back to join her friends.
Now, what did I learn today data protection-wise that I’m comfortable about talking about? Perhaps the most important thing was about precision and privacy law. And why many lawyers prefer statutes where the drafting is precise, like computer code, so that everyone knows just what it is that needs to be enforced, and what the output will be in specified cases.
But, and it is a big but, the problem with precision and issues as broad as privacy and technology is that the technology always evolves much faster than the law. So the law often struggles (and frequently fails) to keep up. And what we are left with is living in a world where new concepts constantly have to be tested against legal rules that were probably never designed to cover that eventuality in the first place.
Does this mean that privacy laws that are less specific should be feared? Should we welcome laws that are deliberately designed to be flexible? Or should they be resisted, not because of their sinister intent, but because of the unintended consequences that could result when they are applied to circumstances that those drafting (or reviewing) it never seriously intended?
I’ve usually advocated an approach that allows stakeholders to exercise a healthy dose of pragmatism, as I’ve previously taken the view that people go to work with best intentions, and apply an approach that is designed to benefit the community as a whole, rather than just enrich them personally. But what if I’m wrong? What if there really are lots of people in authority who are just out for themselves? People who adopt sneaky, unethical business practices that cause real harm to their fellow citizens? How should I recalibrate my view on the extent to which such people ought to be able to adopt a pragmatic approach to respecting fundamental values?
I’ve got a lot of thinking to do on the return train to London.
Today’s image is of a notice board in the performer’s central base at the Edinburgh Fringe. It’s littered with post cards from creatives requiring assistance, or just passing on general advice:
“Don’t forget to be awesome” said one.
“Breaketh leggeth [William Shapespeare]”quoth another.
“Our first show had an audience of 12 – awesome” said a third – under which someone had written: “Wow, you got an audience! We’re still working on it”. Under which, in much smaller print, someone else had scrawled: “And so are we.”
The best advice, probably, was the most direct: “Don’t forget to flush.” Or, as another wag put it, “Flush once for moaning Myrtle.”
And finally - sad but true:
According to The Stage, this year saw a record 536 different comedy shows eligible for the three Edinburgh Comedy Awards. That’s more comedy shows than the number of Data Protection Officers who attended the ICO’s Data Protection Officer’s event in Manchester on 6 March.