Last month it was revealed that the National Security Agency had been logging telephone calls since 9/11. This month, the right to privacy debate is set to ignite even further after a report in the New Scientist claims that the NSA is funding research into the harvesting of personal information from social networks such as MySpace.
This might not sound like such a big deal, until you step back and realize quite how much personal information gets posted on social networking services: who you know, what blogs you read, your political allegiances, sexual preferences and more. Things heat up when the social networking data is added to such things as financial transactions, physical movements (cellphone base stations make great tracking systems) and that phone tapping information. But that’s just the start of it; if the semantic web proposals for a common Resource Description Framework (RDF) data structure become a reality then the NSA could potentially monitor your entire online life. The whole point of RDF is to bring an unambiguous commonality to online data, making it a machine as well as people friendly place.
New Scientist quote a paper (Semantic Analytics on Social Networks) presented at the recent WWW2006 conference in Scotland, part funded by the Advanced Research and Development Activity, and showing how data from social networks and other databases can be used together to reveal personal detail. ARDA have since changed their name to the Disruptive Technology Office (DTO) but whatever the name, the role remains the same: to research critical problems facing the US intelligence community, using NSA funds. If this reminds you of the ill fated Total Information Awareness (TIA) initiative, another Pentagon program designed to track and analyze online data trails post 9/11, you are not alone. Me as well. Let’s hope the similarities don’t end with the automated intelligence profiling aspects. The TIA program was suspended in 2002 after a high profile campaign by privacy groups.
Of course nobody, and certainly not I, would argue that intelligence gathering isn’t a requirement in the fight against global terrorism. However, there’s a world of difference between focused, targeted and legal data profiling and this kind of one size fits all invasion of privacy. Between the dangers of phishing expeditions by ID thieves and fishing expeditions by The Powers That Be, perhaps it’s time we all started taking online privacy a whole lot more seriously.