Demos_The_new_politics_of_personal_information

About Demos

Who we are

Demos is the think tank for ever yday democracy. We believe ever yone

should be able to make personal choices in their daily lives that contribute to

the common good. Our aim is to put this democratic idea into practice

through our research and dissemination.

What we work on

We focus on six areas: public services; science and technology; cities and

public space; identity; ar ts and culture; and global security. Many of our

projects link more than one area, and we consistently seek to explore and

strengthen our understanding of those connections.

Who we work with

Our partners include policy-makers, companies, public service providers and

social entrepreneurs. Demos is independent of any part y - we work with

politicians across political divides. Our international network, spanning six

continents, provides a global perspective and enables us to work across

borders.

How we work

Demos knows the importance of learning from experience. We work

collaboratively with communities and individuals, and we test and improve

our ideas in practice by working with people who can make change happen.

How we communicate

As an independent voice, we can create debates that lead to real change.We

use the media, public events, workshops and publications to communicate

our ideas. All our books can be downloaded free from the Demos website.

www.demos.co.uk

First published in 2007

Some rights reserved - see copyright licence for details

ISBN 978 1 84180 191 9

Copy edited by Julie Pickard, London

Typeset by utimestwo, Collingtree, Northants

Printed by IPrint, Leicester

For further information and

subscription details please contact:

Demos

Magdalen House

136 Tooley Street

London SE1 2TU

telephone: 0845 458 5949

email: hello@demos.co.uk

web: www.demos.co.uk

Open access.Some rights reserved.

As the publisher of this work,Demos has an open access policy which enables anyone to access our

content electronically without charge.

We want to encourage the circulation of our work as widely as possible without affecting the ownership

of the copyright, which remains with the copyright holder.

Users are welcome to download,save, perform or distribute this work electronically or in any other format,

including in foreign language translation,without written permission subject to the conditions set out in

the Demos open access licence which you can read at the back of this publication.

Please read and consider the full licence.The following are some of the conditions imposed by the licence:

Demos and the author(s) are credited

The Demos website address (www.demos.co.uk) is published together with a copy of this policy

statement in a prominent position

The text is not altered and is used in full (the use of extracts under existing fair usage rights is not

affected by this condition)

The work is not resold

A copy of the work or link to its use online is sent to the address below for our archive.

Demos

Magdalen House

136 Tooley Street

London

SE1 2TU

United Kingdom

You are welcome to ask for permission to use this work for purposes other than those covered by the

Demos open access licence.

Demos gratefully acknowledges the work of Lawrence Lessig and Creative Commons which inspired our

approach to copyright.The Demos circulation licence is adapted from the 'attribution/no derivatives/non-

commercial'version of the Creative Commons licence.

To find out more about Creative Commons licences go to www.creativecommons.org

Contents

Acknowledgements 7

Executive summary 9

Introduction: asking for it 16

1. Being watched, and needing to be seen 21

2. The convenience of being known: what organisations

and institutions do 30

3. We care, but we're not sure why: attitudes to personal

information

4. Protecting and promoting: data protection and digital

identity management 49

5. The new politics of personal information 59

Recommendations 66

Notes

Acknowledgements

We are extremely grateful first of all to the Information Com-

missioner and his Office for his early help in the project and their

consistent support and advice throughout the research. Special

thanks also to our steering group members Rodney Austin, Caspar

Bowden and Madeleine Colvin; their generous expertise and

comments were invaluable. Thanks also to the many people we have

spoken to through the course of our research, all of whom

contributed generously with their time, thoughts and advice. In

particular we are grateful to Sue Milnes, Neil Munroe and Andy

Phippen.

Huge thanks to all our Demos colleagues for their support, ideas

and enthusiasm. In particular, to Duncan O'Leary for his guidance

and intellectual interventions. Similarly, thanks to Sam Jones, Simon

Parker, Charlie Tims, Jack Stilgoe, Alessandra Buonfino and William

Higham for their thoughts and inspiration. We are extremely grateful

to the Demos interns who have supported the project so intelligently:

Louise Wise, Outi Kuittenen and Miae Woo. Thanks, finally, to Vikki

Leach and Roger Sharp at O2 for supporting the research.

Errors and omissions remain, predictably, our own.

Peter Bradwell

Niamh Gallagher

December 2007

Demos 7

Executive summary

Aims of the study

This report has three aims:

1 to connect the value people gain from an information-

rich society with the challenges that arise from giving

away personal information

2 to raise awareness of the consequences of the increasing

reliance on personal information by institutions in the

public and private sector

3 to provide a framework within which policy-makers,

businesses and individuals can address these challenges in

the long term.

This report is intended to push the debate on personal information

beyond the legal and technical language associated with data

protection and identity management. The debate must move towards

something that people - through day-to-day experiences in their own

lives - have a stake in. New trends of communication, customer

services, personalisation, and issues of social inclusion and privacy

are helping to create a new framework for the discussion of personal

information.

Our argument

Personal information has become central to how we live - from

Demos 9

FYI

banking online and supermarket shopping, to travelling, social

networking and accessing public services. The visible result of this is a

trend towards personal, tailored services, and with this comes a

society dominated by different forms of information gathering. This

is not just something people are subjected to. They are more and

more willing to give away information in exchange for the

conveniences and benefits they get in return, and are often keen for

the recognition and sense of self it affords.

But there is a tension here. By sharing personal information we

surrender control in the longer term by leaving ourselves open to

judgement by different groups in different ways. The drive to

personalise or tailor services, which is shaped by those judgements,

can lead to differences between what people experience and have

access to. This can mean a narrowing of experience, can lead to social

exclusion, and has significant implications for how we live together as

a society. We argue that these problems can only be resolved by a

more open understanding of and better democratic debate about the

boundaries, rights and responsibilities that regulate the use of

personal information. That debate should focus on developing the

collective rules that determine individuals' ability to negotiate how

personal information is used.

Chapter summaries

Introduction: asking for it

Problems of data protection, privacy, technology and identity are

inseparable from the benefits we enjoy from the open information

society we live in. There is a hazy distinction between the lifestyle and

social benefits that can result from sharing our personal information,

and the way information can change how organisations and

institutions find out and make decisions about us. Personal

information creates a

political

challenge because it is the basis on

which decisions about interventions from institutions are made. This

pamphlet will focus on the resulting tension, between empowerment

through

information and control

information, that sits at the heart

of the move towards a personalised, tailored services agenda.

10 D emos

Executive summary

Chapter 1: Being watched, and needing to be seen

Being watched through the exchange of personal information in our

everyday lives has become ever more central to our identities, to our

experiences of services, and to how we relate to other people. But the

Big Brother metaphor cannot fully explain the significance of how

personal information is used. This chapter shows why there has been

an increased prominence of what we will call 'interpersonal surveil-

lance': people watching people. We argue that this opens the potential

for more people to be involved in what surveillance is for: judging,

sorting and responding to the people and ideas around them.

Chapter 2: The convenience of being known: what

organisations and institutions do

Information has become the tool that enables product and service

specialisation based on individual wants, needs and aspirations. This

chapter explores the assumptions behind the personal 'offer' by

looking at the practical reality of individually tailored services - first

through the private sector, and then through government. It maps the

realities of information use, what the consequences are, and outlines

people's ability to influence the decisions made about them.

Chapter 3: We care, but we're not sure why: attitudes to

personal information

The rate of technological change and professional practice can move

faster than the public's awareness. Though people are beginning to

understand how their information is used and what the implications

are, that understanding is marked by ambiguity. That makes it even

more difficult for people to make sense of the benefits and dangers of

giving away information. In this chapter we will explain why this is,

focusing on people's attitudes and understanding.

Chapter 4: Protecting and promoting: data protection and

digital identity management

This chapter looks at the means through which people can try to

manage and control what happens to their personal information.

Demos 11

FYI

Empowering people through their personal information has to be just

as much about negotiating and managing the way other people 'see' a

person - through their personal information - as it does about

securing it. The chapter highlights the tension between individuals'

decisions about rights over personal information, and institutional or

organisational rights to use and make decisions on the basis of it.

There is a consequent tension between 'top-down' solutions to the

management of personal information and 'bottom-up' approaches.

Chapter 5: The new politics of personal information

Rational distinctions between types of people based on their personal

information can lead to differences between what those individuals

experience and have access to. This can result in a narrowing of

experience, can exacerbate social exclusion, and can have significant

consequences for how we live together as a society. This is the political

battleground of personal information. This chapter explains why the

'rules of engagement' in personal information need to be more open

and democratic, and how to make that happen through policies and

approaches from government, organisations and individuals.

Recommendations

People themselves must be put at the centre of information flows.

Our findings suggested a number of measures that government, the

private sector and individuals could follow to improve the relation-

ship between people, personal information and the institutions that

use that information.

For individuals, we recommend:

The first step is for individuals to take measures to protect

their personal information - for example, by securing

wireless networks. Second, they must recognise the

connections between the benefits of sharing information,

and the often less tangible costs and dangers that can

result. A better understanding of this relationship is the

necessary step towards bottom-up policy driven by

12 D emos

Executive summary

collectively negotiated norms and rules, rather than policy

driven by the narrower needs and interests of government

or business. However, this does need considerable support

from government and the private sector to start the

process.

For government, we recommend:

The government should develop a more coherent strategy

around personal information use. This strategy should

clarify the links between how government will use

personal information, in specific contexts, and what the

potential benefits or costs might be for individuals. Each

government department using personal information must

say how they are accessing personal information, for what

purpose, and how it affects people. They should also

employ 'cash-handling' disciplines for dealing with

people's personal information.

The government should begin long-term research and

thinking into increasing levels of information about

individuals, coupled with personalising services and

experiences. Segmentation and increasing knowledge of

individuals will create markets that exclude in ways that

current uses of information do not. That will have a

significant impact on what is meant by equality. For

example, will a new frontier of the welfare state be

providing life insurance for certain types of people who

are deemed bad investments by private insurance

providers?

The Information Commissioner's Office (ICO) needs

greater capacity to cope with the range of demands of an

information society, which continue to extend away from

just security of data towards data use and the nature of

information sharing. For example, that could include the

ability for the ICO to audit organisations' use of personal

information without needing their consent.

Demos 13

FYI

'Privacy impact assessments' should be used for major

projects across public and private sectors to assess the use

of personal information early in development, led by the

ICO.

There needs to be a serious, renewed debate about the

identity card scheme, with the kind of engagement that

should have happened at the start of the process.

Otherwise, the scheme should be dropped. There needs to

be more open consideration of what kind of information

the cards would hold, why, and in what circumstances

they will be used. Meaningful engagement with the

public about how the technology should work must be

foremost in shaping what the cards do, if they are to go

ahead.

For business and the private sector, we recommend:

The rights of access individuals have to information held

about them in the private sector should be extended,

including the right to know what groups people have been

'segmented' into, and allow greater ability for individuals

to challenge and change existing information about them-

selves that they believe to be invalid, incorrect or unfair.

Information holders should engage in an open debate

about where responsibility for personal information lies,

with a view to clarify ing the rights and responsibilities of

businesses and individuals.

There should be a common sense test for privacy

statements and personal information policy. The private

sector must provide simple, accessible explanations of

why personal information is gathered. It is too easy

currently to adapt and rely on established legalistic

policies. A move away from jargon is needed. This means,

for example, requiring businesses to follow the legal

concept of the 'reasonable person' when drawing up

policy statements on personal information.

14 D emos

Executive summary

Banks should consider a 'no claims bonus' for customers

who successfully protect their personal information.

Technical distinctions used by business - between

authenticators and identifiers, for example - should be

binned. As for government, private sector involvement in

digital identity should be grounded in the ways that

people use and value their digital identities. That should

imply a move away from using information people are

likely to divulge - such as family maiden names, dates of

birth - as 'authenticators' instead.

As a bridge between people, policy-makers and

technologists, a body such as the ICO should be given the

remit and resources to lead open discussions and debate

to help build more secure, effective and appropriate

technology for personal information.

The research

This report is the result of nine months of Demos research, focused

on understanding the value of personal information to government,

the private sector and individuals. The process involved interviews

with over 30 experts - from fields of technology, business, govern-

ment, security, academia and media - all associated with the use,

protection or promotion of personal information use; a half-day

workshop with information and privacy specialists; a wide-ranging

literature review; eight focus groups; and six in-depth case studies of

information use in the public and private sectors, and by individuals.

In May and June 2007, we ran eight focus group meetings

exploring attitudes to personal information. The groups comprised a

random sample split by age: 17-25, 25-35, 35-45 and 45+. In

addition to a range of focused questions, participants designed

personal information 'maps' - demonstrating what information was

most personal to them, who they would share it with and in what

context. Following the group meetings, participants were asked to fill

in 'information diaries' for a month, detailing when and where they

encountered transactions involving personal information.

Demos 15

Introduction

Asking for it

Millions of travellers in London use their Oyster card to board the

tube or bus to get to work, commute home, or simply get around.

With a swipe of plastic they share private information - the times,

frequency and destination of their journeys, how much they pay and

how - in a public setting. The card uses 'radiofrequency identi-

fication' (RFID) technology, meaning it transmits data about the

commuter's credit, and the ticket barriers receive it.

The card generates and relies on commuters' information. It

records people's movements. That might happen in public, but the

logging

of when and where a card was used generates information

many would consider private. The information is held by the

operators of the scheme Transport for London (TfL), with access for

other government agencies through data legislation. That

information is connected, in the case of registered cards, to further

information - names, addresses, birthdays and bank details. Services

like the Barclaycard OnePulse,

for example, offer a combined credit,

Oyster and 'cashless' card meaning that, as well as travel information,

those cards can generate purchasing and bank details.

The Oyster card is a convenience, potentially cutting down the

number of ticket purchases, making them cheaper and, in using

plastic rather than flimsy card, making the ticket more difficult to

break. It allows for a better understanding by TfL of journeys through

the Underground system, as they can more easily monitor which

16 D emos

Introduction

stations are used most at what times, and on which days. These are all

connected to the information commuters give away in using Oyster.

But at the same time, beyond a ticket it is hard to know what deal

people are getting - exactly what information is held where, by

whom, and under what circumstances. And it is difficult to decide not

to give that information away - the Oyster card has been promoted

through price discrimination, with significant disparities between

Oyster and paper ticket prices; it is costly to opt out.

In 2004, the Information Commissioner Richard Thomas warned

that we are 'sleepwalking into a surveillance society'.

A report for his

Office two years later announced that 'it is pointless to talk about the

surveillance society in the future tense'.

Surveillance of some form

has become a prevalent if not dominant means to manage, regulate

and organise the modern world. 'Personal information' is a central

part of how that surveillance works, and what it means.

Despite rich coverage from experts, academics and commentators

there is a mixed attitude to what this era of surveillance means.

Concerns on a general level about privacy have not disappeared. But

people's attitudes to surveillance are perhaps better summed up by

community requests for

closed circuit television (CCTV)

rather than collective outrage at constant unwelcome intrusion. There

is a disconnect between people's standard concerns about privacy and

Big Brother on the one hand and, on the other, their willingness to be

part of a world to which surveillance of some form is fundamental.

As a result, few people connect those concerns to their everyday

experiences. This is not surprising, given that personal information is

often gathered as part of transactions, interactions or situations we

enjoy or find beneficial. That hazy distinction - between the lifestyle

benefits that can result from sharing our personal information, and

the way information can change how organisations and institutions

find out about us - is the basis of this pamphlet. Current debates miss

how problems of data protection, privacy, technology and identity are

inseparable from the benefits we enjoy from the open information

society we live in.

This is because it is impossible to untangle the positives of an

Demos 17

FYI

information-rich world - convenience, choice and collaboration -

from a set of potential dangers and challenges.

There are two trends that make this problem more fraught:

1 There has been a drive in recent years towards

'personalising' public services. As a public services policy

review from March 2007 urged, public service reform

looks to offer 'a Britain where ...services are geared ever

more to the personal needs of those who use them'.

This

reflects existing approaches in the private sector that seek

to build relationships with customers through tailoring

services to their needs. Both are driven by people's desire

for more bespoke, responsive services.

2 There are many new ways people communicate, share

experiences and associate with each other, and the way we

come to understand ourselves, and others come to find

out about us, has changed as a result. People now have

greater ability and desire to find out about and judge each

other in their everyday lives, making surveillance not just

something done to us, but something we potentially take a

greater part in together.

Personal information is inextricably linked to both of these. Services

and products are becoming tailored around the 'footprints' people

leave, a footprint that increasingly takes the form of personal

information. The information generated by the two trends

mentioned above means that other people and institutions are more

able to make decisions about us. Personal information creates a

political

challenge because it is the basis on which decisions about

interventions from institutions are made. This pamphlet will focus on

the resulting tension between empowerment

through

information

and control

information that sits at the heart of the move towards

a personalising, tailored services agenda. The pamphlet argues that

personal information use needs to be far more democratic, open and

transparent (see box 1).

18 D emos

Introduction

Box 1. Three approaches to personal information

Paternalistic:

Collective rules and decision-making about

personal information use that provide security,for example,

legislation granting security services access to

communications data,or decisions about using information

about children's diet to intervene in family life.

Deregulatory:

Lack of collective rules on use,allowing the

market and individuals to decide the rules of how personal

information is used,for example,the Conservative Party's

Redwood policy review suggestion that the Data Protection

Act should be repealed as a piece of expensive bureaucracy.

Using this model, good practice and consumer interests

would be served by market forces.

Democratic:

Collective rules that create the possibility of

individual negotiation.When institutions,public or private,

make decisions based on personal information there is an

assumption about what sort of people can make decisions

about particular types of behaviour, and what the

consequences of those judgements should be.That ranges

from whether a security service can access someone's phone

records,towards allowing the music industry to use

information from internet service providers about what their

customers do online to prevent file-sharing.

People's attitudes to where this is appropriate vary. A more

democratic use of personal information means giving people

the opportunity to negotiate how others use their personal

information in the various and many contexts in which this

happens. We need collective rules that establish people's

rights to do this, and increase their ability to make informed

choices. Deregulated and more paternalistic approaches may

be appropriate in different contexts. However, a democratic

approach entails a more open negotiation of when and

where those approaches are taken.

Demos 19

FYI

The problems arising from the use of personal information stem

from some basic questions about how a society decides what kind of

behaviour and relationships to encourage, support, regulate or

intervene in. Decisions, increasingly based on personal information,

are significant in determining outcomes for people - whether it is

when applying for benefits, trying to get a mortgage for a new house,

or deciding which photos to put up on a social networking site. In the

case of government, there are very good reasons why at times these

decisions are against the wishes of the individual concerned.

However, because of the impact these decisions have on people, it is

important that they have a chance to negotiate openly the terms of

engagement, and what sorts of decisions this applies to.

Currently people do not have enough opportunity to do that. The

relationship tips in favour of the data holder, who often has the

means of coercion to exploit our desire for convenience and the

benefits sharing data afford. But the tools that people use to learn

about each other, communicate and share knowledge

can

be tools to

tip that balance back towards the public - making 'surveillance'

through information, and decision-making, something more people

are part of. Not doing so means, as this pamphlet will argue, the

potential for more 'pigeonholing', a narrowing of experience and a

fragmented public realm.

We argue that policy on personal information needs to be based on

collective rules and regulations that give people the ability to be more

involved in how personal information is used. Instead of simply

questioning data security, or wondering how to regulate flows of

international information, we need to hold a debate about the basis

on which information exchanges happen, the rationale for the

profiling that takes place, and the means for accountability and

redress. The question is not whether we are in a society dominated by

surveillance, but whether that means more or less control, in this

particular sense, for individuals over their lives, and over decisions

and policy of collective interest.

20 D emos

1. Being watched, and

needing to be seen

There's a lot of watching going on.

Roger Clarke, 'Have we learnt to love Big Brother?'

As part of his 2006 Turner Prize display, artist Phil Collins set up a

working office under the name 'shady lane productions' in Tate

Britain's exhibition space. He and his staff worked nine 'til five

researching 'the influence that the camera exerts on the behaviour it

seeks to record'.

Their work drew on the experiences of people who

have suffered from the compelling draw but often unseemly

aftermath of involvement in reality television.

The focus of the exhibit was the power of others' eyes, and the ways

that our behaviour changes before them. But the office itself stood

within a high-profile, popular art competition. The lives of those

within it became the subject of visitors' inquisition - visitors who

were asked simultaneously to interpret the meaning and value of the

piece itself while comprehending the significance of the job,

behaviour and reactions of 'shady lane' staff. People stared and peered

in, looking for answers from the office workers. Gallery attendants

and closed-circuit television oversaw the public's reactions. Seeing all

were the judges of the competition, charged with ascribing the

institutional value of the exhibits, the public's views left on walls of

postcards accumulated at the end of the show. There was no escape

Demos 21

FYI

from the watching, only inferences about the power that different

people hold while it is happening.

Watching each other, watching us, watching them

Surveillance is usually talked of as a tool for 'Big Brother', an idea at

whose heart lies a disconnect between individuals and the systems or

institutions through which their lives are lived. From the

authoritarianism of Orwell's nightmare, to the underground DNA

vaults of the

X-Files

' evasive shadow government, the common story

of surveillance is of a power with a malevolent or intangible intent.

Being watched through the exchange of personal information in

our everyday lives has become ever more central to our identities, to

our experiences of services, and to how we relate to other people. But

the story of Big Brother cannot fully explain the significance of how

personal information is used. A dependency on information-based

'surveillance' is in part a function of how we all now communicate,

live and work together. Even though identity and social status have

always been about how people are seen, personal information use is

part of a change in

how

people are seen, and how they see each other

- a change in how we should think of the word surveillance.

This chapter shows why there has been an increased prominence of

what we will call 'interpersonal surveillance', and what it means for

how we understand the potential power and control that surveillance

through personal information brings. We argue that this opens the

potential for more people to be involved in what surveillance is for:

judging, sorting and responding to the people and ideas around

them.

Being watched . . .

Instead of surveillance being something done

us, the sort that

happens everyday is now almost as much about how we watch each

other. Figure 1 sketches some examples of how this everyday

surveillance looks. It is divided into four, with two key distinctions

made. The first, between private and public, is based on distinctions

drawn from our focus groups in which we asked participants to map

22 D emos