It was a remarkable day at the annual conference of the Digital Enlightenment Forum in Luxembourg. The Forum is an organization that has been set up over the last year to animate a dialog about how we evolve a technology that embodies our human values. It describes its vision this way:
The DIGITAL ENLIGHTENMENT FORUM aims to shed light on today’s rapid technological changes and their impact on society and its governance. The FORUM stimulates debate and provides guidance. By doing so, it takes reference from the Enlightenment period as well as from transformations and evolutions that have taken place since. It examines digital technologies and their application openly with essential societal values in mind. Such values might need to be given novel forms taking advantage of both today’s knowledge and unprecedented access to information.
For the FORUM, Europe’s Age of Enlightenment in the 18th century serves as a metaphor for our current times. The Enlightenment took hold after a scientific and technological revolution that included the invention of book printing, which generated a novel information and communication infrastructure. The elite cultural Enlightenment movement sought to mobilise the power of reason, in order to reform society and advance knowledge. It promoted science and intellectual interchange and opposed superstition, intolerance and abuses by the church and state. (more)
The conference was intended to address four main themes:
What can be an effective organisation of governance of ICT infrastructure, including clouds? What is the role of private companies in relation to the political governance in the control and management of infrastructure? How will citizens be empowered in the handling of their personal data and hence in the management of their public and private lives? How do we see the relation between technology and jurisdiction? Can we envisage a techno-legal ecosystem that ensures compliance with law (’coded law’), and how can sufficient political control be ensured in a democratic society? What are the consequences for privacy, freedom and creativity of the massive data collection on behaviour, location, etc. by private and public organisations and their use through mining and inferencing for profiling and targeted advertising? What needs to be done to ensure open discussion and proper political decision-making to find an appropriate balance between convenience of technology use and social acceptability?
The day was packed with discussions that went beyond the usual easy over-simplifications. I won't try to describe it here but will post the link to the webcast when it becomes available.
One of the highlights was a speech by Mme Viviane Reding, the Vice President of the European Union (who also serves as commissioner responsible for Justice, Fundamental Rights and Citizenship) about her new proposed Data Protection legislation. Speaking later to the press she emphasized that the principle of private data belonging to the individual has applied in the European Union since 1995, and that her new proposals are simply a continuation along three lines. First, she wants users to understand their rights and get them enforced; second she is trying to provide clarity for companies and reduce uncertainty about how the data protection laws will be applied; and third, she wants to make everyone understand that there will be sanctions. She said,
“If you don't have sanctions, who cares about the rules? Who cares about the law?”
And the sanctions are major: 2% of world-wide turnover of the company. Further they apply to all companies, anywhere in the world, that collect information from Europeans.
I very much recommend that everyone involved with identity and data protection read her speech, “Outdoing Huxley: Forging a high level of data protection for Europe in the brave new digital world”.
In my view, the sanctions Mme Reding proposes will, from the point of view of computer science, be meted out as corrections for breaking the Laws of Identity. John Fontana asked me about this very dynamic in an article he did recently on the relevance of the Laws of Identity seven years after they were written (2005).
ZDNet: The Laws of Identity predicted that government intervention in identity and privacy would increase, why is that happening now?
Cameron: There are many entities that routinely break various of these identity laws; they use universal identifiers, they collect information and use it for different purposes than were intended, they give it to parties that don’t have rights to it, they do it without user control and consent. You can say that makes the Laws irrelevant. But what I predicted is that if you break those Laws there will be counter forces to correct for that. And I believe when we look at recent developments – government and policy initiatives that go in the direction of regulation – that is what is happening. Those developments are providing the counter force necessary to bring behavior in accordance with the laws. The amount of regulation will depend on how quickly entities (Google, Facebook, etc.) respond to the pressure.
ZDNet: Do we need regulation?
Cameron: It’s not that I am calling for regulation. I am saying it is something people bring upon themselves really. And they bring it on themselves when they break the Laws of Identity.