EU agency warns of voluntary surveillance society


The executive body of the European Union should consider a new regulatory framework in anticipation of an socialized world of ubiquitous devices that gather personal data from nearly every aspect of human behavior, says a new report from the European Network and Information Security Agency.

In a report released Nov. 11, ENISA envisions a world within the next 5 years that includes networked automobiles, small medical sensors planted on people, constant and automatic updates to social sites and the widespread use of data mining to draw conclusions about people's lifestyle choices, health and productivity.

Such a world, the report says, would be created with the cooperation of individuals who voluntarily and incrementally agree to share information in exchange for benefits--discounted medical insurance in exchange for health monitoring, traffic jam avoidance information in exchange for automobile tracking.

The surrendering of personal data could become a routine part of any transaction, the report warns, even when no service improvement results.

Europeans and others run the risk of creating a surveillance society that results in discrimination or the exclusion of some individuals, that lacks privacy and fosters paranoid behaviors by some in response to a sense of being constantly monitored, and that results in a loss of autonomy, among other risks, the report says.

The report stops short of recommending a strong or specific regulatory response, however, stating that the European Commission should "utilize the consultation on revisions to the data protection directive as a mechanism to anticipate the regulatory frameworks required as a result of increasing use of life-logging devices and services."

It also emphasizes the need for cooperation between the private and public sectors, calling for at least some self-regulation by industry.

For more:
- go to the ENISA report webpage, "To Log or Not to Log? Risks and Benefits Of Emerging Life-Logging Applications"

Related Articles:
NSTIC will require privacy legislation, say groups
Privacy controls to be included in NIST cybersecurity guidance
Lewis: Privacy precepts need revising in light of new cybersecurity measures