Chris Adams

I see the usual concerns about the government collecting data about citizens are making the rounds again, with a recent Wired post about national ID cards and a concerned editorial in the CS Monitor about Census data. This sort of thing comes up regularly in both the generally left-leaning privacy circles and the right-leaning small-government crowd and I find it interesting that the discussion almost inevitably revolves around strategies for preventing the government from collecting data.

What I find surprising is that the discussion always seems to be based on the misunderstanding that this is a future threat, as opposed to something which has been routine for decades. I'm not referring to just SSNs, although they're closed enough to a national ID to make these discussions obsolete, but simply the fact that there are already many large databases containing various bits of personal data and since the invention of the digital computer (or at least the relational database) there's been no privacy advantage to be gained by avoiding a number since anyone can trivially cluster data on characteristics like name, age, address, etc. Academic research has demonstrated that much of our sense of privacy is illusory - something as simple as the name, zipcode and birthdate or approximate home and work locations suffices to uniquely identify most people. At this point, campaigning against a national ID card devolves into the case that abuse will be stopped because the suspect agencies aren't capable of basic database use.   

Since we know that large scale, effective data-mining is already going on - not every agency shares TSA's reliance on WWI-era technology in excel and not all of the data mining is being done by public agencies - the better question is what a reasonable expectation of privacy is in the post-Google era and how we can deter abuse while taking advantage of the benefits offered by modern computing¹. Since data is so easy to collect and mine, we really should be discussing acceptable use of data and the penalties for abuse, covering both government and corporate use. If we had European-style privacy laws, a national ID card could be discussed as the obvious good idea it is rather than the proxy for a litany of tangentially-related fears.

1. Does anyone really want to make the case that government shouldn't use effective tools? Instead of fighting the Census we should be trying to figure out how it could be updated yearly or better so policy can be adjusted for trends on less than a decadal timescale.