Does your data belong to you?

Why privacy may head the way of free tertiary education and reliable public transport

In the science fiction novel The Light of Other Days, authors Arthur C Clarke and Stephen Baxter depict a world void of privacy, where people can spy on each other without any chance of detection.

In the non-fictional world in which we live, unfortunately, there are numerous examples of privacy erosion.

Soon after the 11 September, 2001, terrorist attacks, Northwest Airlines submitted millions of passenger records -- including credit card numbers, addresses and telephone numbers -- to the National Aeronautics and Space Administration's Ames Research Centre, after company officials publicly stated that it "never provided this type of information to anyone".

The carrier told the Washington Post that the data was for a secret US government project to improve aviation security.

Although passengers were not informed, Northwest officials insist privacy policies were not violated. Not so, says information-privacy group The Electronic Privacy Information Centre. The organisation plans to file a complaint with the US Department of Transportation on Wednesday.

This is the second such case in the US. Last year, JetBlue Airways admitted to violating customer privacy when it handed over 1.1 million passenger records to the US Defense Department. Passengers have since taken class-action lawsuits against the airline.

In Australia, privacy advocates are battling another form of "cancer" -- RFID (radiofrequency identification) technology.

Malcolm Crompton, Australia's Privacy Commissioner, told ZDNet Australia's James Pearce that if incorrectly implemented, RFID could be a big problem.

It's a post-sale concern -- the use of these tags along the supply chain to point of sale wasn't the issue. It's what happens after that, said Crompton. Although he conceded that RFID technology was not inherently bad, he said that individuals and companies in the United States considering collecting data after the point of sale was a cause for concern.

But the Commissioner is confident that the Privacy Act does provide a stable framework for deploying RFID technology.

"The Privacy Act only deals with personal information. If a name is attached to a tag [or the name can be deduced from the information linked to the tag] then the Privacy Act comes into play," he said.

The Act requires you to tell people you are collecting information, what you are going to do with it, and deliver on that promise, said Crompton.

In the case of Northwest and JetBlue, both say they had no choice as it was in the interest of national security and not for commercial purposes.

When ZDNet Australia asked Qantas if the US (or Australian) government has ever requested its passenger data, it declined to comment.

Privacy has always been part and parcel of our civil liberties but in the name of security, the basics are always forgotten. If this type of "data mining" continues, privacy will be a privilege... no longer a right.