Trust: The Missing Element in Surveillance
The
Snowden revelations revealed global surveillance occurring at unprecedented
levels and granularity. Debates
over the ethical acceptability of intra- and inter-national surveillance often
conceptualise the problem as finding the appropriate balance between privacy
and security, wherein monitoring the interactions and communications of
citizens are seen as a way to enhance national security and enforce law. This dichotomy is false, in that it is
not necessary to locate a balance between the two values which can be
universally applied to all instances of potential surveillance. Rather, it may be that more invasive
violations of privacy can be justified within certain contexts, for example
when an identified threat to national security (or other values) is
imminent. A model for justifying
surveillance is thus established wherein the degree of severity or invasiveness
of a particular surveillance action is justified directly by the identification
of a specific imminent threat. If
this model functions properly, perpetual invasive surveillance cannot be
justified by the vague possibility of a future threat or attack.
The
proposed model of surveillance is missing a key element to justify the
violation of citizens’ privacy: trust.
In the Snowden
revelations a relationship of trust between the NSA, GCHQ and citizens was
missing, indicated most clearly by the secrecy of the surveillance operations
and underlying legal processes.
Trust is interpreted as an interaction between a system that collects
and processes data, the users that provide the data, and stakeholders who
access it. Trust can be seen as a
sum of the credibility, motivation, transparency and responsibility of a system. Credibility is linked to ‘loyalty’ or
‘reputation’; a stakeholder must be seen as responsible or credible enough to
handle sensitive personal data.
Motivation refers to the intentions of stakeholders, or how they intend
to use the data of users. To
achieve trust these motivations, as well as the extent of data held, must be
transparent to users so that the system (and its custodians) are seen as
responsible: as a citizen, you must let me know what data you are capturing and
how you plan to use it in order for me to consent to targeted or increasingly
invasive forms of surveillance in times of crisis.
Trust
is something that develops over time, based upon development of the system and
stakeholders involved. Trust
allows for violations of privacy to be justified in particular contexts. For trust to exist, transparency is
required on the part of the organisation conducting the surveillance. A trusting relationship thus requires
fidelity and transparency on the part of the surveillance organisation, and
consent from data subjects.
Participation in decision-making regarding appropriate forms of
surveillance may also be required, in particular to establish appropriate
limitations on transparency in the interest of operationally-required
secrecy. When trust is breached,
it must be clear who can be held responsible, and to what extent. Similarly, new or increasingly invasive
forms of data analysis require notification within a trusting
relationship. Systems and stakeholders
that clearly establish responsibility before a system is implemented are, according
to this conception of trust, more trustworthy. Each of these elements was lacking in the surveillance
operations revealed by Snowden, indicating a lack of public good will which
must be re-established if future surveillance practices are to be broadly
justified.
No comments:
Post a Comment