One way of working out if the data you’re gathering is particularly sensitive is to do a thought experiment: what would happen if this data got into the hands of a malicious actor? Who would be keen to get their hands on it? What are the worst things that they could do with this data?
Sometimes, though, it can be hard to put yourself in the shoes of your enemies, or to envision potential future actions. As a result, practising data minimisation is a keystone of a rights-based, responsible data approach. And sadly, it’s the opposite of the approach we’re seeing governments around the world take.
Last week, the UK Government passed what has been described by Jim Killock, director of the Open Rights Group, as the “most extreme mass surveillance law ever passed in a democracy”. The law, known officially as the Investigatory Powers Act, forces UK internet providers to store browsing histories — including domains visited — for one year, in case of police investigations. Unofficially, and in reference to its invasive powers, it has been nicknamed the Snooper’s Charter.
At the same time, the new President-elect of the United States is “not ruling out” their campaign idea of gathering a ‘registry’ of Muslims, refusing to answer questions on how it would differ from Nazi-era Germany policies around registering Jews.
Data gathering around sensitive topics has a long history of being used in malicious and dangerous ways.
There have even been multiple occasions when mass surveillance and data collection have played key roles in facilitating humanitarian crises, including genocides.
To make really clear the link between surveillance and mass human rights’ abuses, and to highlight some of humanity’s worst examples of what can happen with mass surveillance, lack of freedom of expression, and abuse of data, here are a just a few examples.
The Rwandan genocide
During the 1994 genocide in Rwanda, ID cards identifying people by their so-called “ethnic group” served, for some, as an effective death sentence.
The post-colonial Rwandan authorities decision to include “ethnic group identities” on ID cards, which had originally been introduced back in 1933 by the Belgian colonial government, not only brought the very idea of rigid racial group identities to the fore, but it also “facilitated the identification of victims” and meant that the genocide took place in a terrifyingly systematic and organised way.
More information: Ten years ago in Rwanda this Identity Card cost a woman her life, by Prevent Genocide
Institutionalised discrimination towards asylum seekers in Bangladesh
The introduction of ID cards in Bangladesh could be blocking millions of Rohingya asylum seekers from receiving basic human rights; access to education, to food, and basic public services.
There are over 200,000 Rohingya asylum seekers who are not eligible for identification cards given to recognised Bengali nationals.
The cards also make carrying out ‘unofficial’ work increasingly difficult for unregistered Rohingyas, thus diminishing their already meagre opportunities to earn money.
More information: “New ID card policy could hit Rohingya asylum-seekers” by IRIN News ; No respite for Rohingya in Bangladesh, Al Jazeera English
Data-gathering in the Netherlands prior to the Holocaust
Prior to Nazi occupation, in the Netherlands, a “comprehensive population registration system for administrative and statistical purposes” had already been completed.
During Nazi occupation, this structure, aimed at following people “from cradle to grave” (see previous reference), was then adapted to create special registration systems covering Jewish and Roma populations within the Netherlands, and “played an important role in the[ir] apprehension”.
Evidence of how “effective” this method was can perhaps be seen in the statistics – at a terrible 73%, Dutch Jews had the highest death rate among all other occupied western European countries. As comparison, the death rate among the Jewish population in Belgium was 40% and in France, 25%.
IBM and the Holocaust
“The government of our Führer and Reichschancellor Adolf Hitler is statistics-friendly,” wrote Zahn in Allgemeines Statistisches Archiv (ASA), the official journal of the German Statistical Society
Systems to identify Jews on a large scale played a key role in the Holocaust, and the development of punch card technology facilited automation – and thus speed – of collection of this data.
Statistical publications released from Germany throughout this period, with titles such as “Development of German Population Statistics through Genetic-Biological Stock-Taking” and “The Position of Statistics in the New Reich” give perhaps an idea of the importance given to statistics as a facilitating factor to the Holocaust.
More information: Gizmodo, “How IBM Technology Jump Started the Holocaust”
Internment of Japanese-Americans in World War II
After decades of denial, it was revealed just a few years ago that during World War II, the U.S. Census Bureau provided the U.S. Secret Service with data from the 1940 census to identify people of Japanese ancestry, “to assist in the roundup of Japanese-Americans for imprisonment in internment camps in California and six other states during the war.”
Researchers who revealed this say that the speed with which the data was released, just seven days after it was requested, lead them to “believe this was a well-established path”.
[box]This post was adapted from a post on the Open Development Toolkit site written in 2014 by the same author.[/box]
Aiding Surveillance, by Privacy International