Faustian deals in the ether

The rosebush of technology, especially information technology, bears the shining bloom of increased efficiency and productivity, visible to the four corners of our universe, but sadly it sports also the thorn of a growing threat to that much-loved right of privacy. We know that benefits from IT arise precisely because of the ease with which organisations and individuals are able to share knowledge, disseminate intelligence and diffuse information. Unfortunately the object of interest is far too often the individual citizen. And the technology exists to obtain detailed information about our lives, our predilections and our spending habits without our even being conscious of what has been extracted from us.

Computing and telecommunication technology has been converging for some time now, with the effect that it matters not one iota that cameras may be the core technology in say CCTV (closed circuit television). When they are deployed together with computing and telecommunication they form part of the new juggernaut trampling on our privacy. CCTV may be useful in reducing crime in city centres but comes near to embodying Big Brother when the object of attention is the law-abiding citizen. Even that child prodigy the Internet is throwing up scares about threats to privacy. Pop in to your friendly "local" web site to window shop for books, music or train times and your every slightest move through the site, your electronic blinks and digital dalliances with intriguing new offerings are being recorded and scrutinised in detail. To use these sites you must register. To register means to consign your personal details once again into the maw of another corporate database. But who knows what they are doing with the data? To whom they are selling it? And while you are pondering these issues their website has placed a small but insidious piece of software on your PC's hard disk whose role is to report useful information about you and what you do back to its base camp.

Perhaps the price of the information society is the loss of privacy. Certainly it is no longer possible to preserve the kind of anonymity that paper-based information systems permitted, where the practical barriers to marshalling personal information on a grand scale meant that the privacy of the individual might remain relatively unmolested. Of course it all depends on how we define privacy and despite myriad references to the concept in this book, no undisputed meaning emerges. Given the variety of contributors ranging from full-time data protection administrators, academics and researchers, to campaigning journalists, this is perhaps unsurprising.

Another omission is the lack of a definition of technology apart from in the rarefied chapter on cryptography which ventures into a dialectical cul-de-sac with "Technical systems, then, are essentially social, and social systems are essentially technical".

The most significant criticism of the book is the strange lack of common foundation in the intellectual undergrowth of the twin peaks of technology and privacy. The impression is that the contributors are all activists in the struggle to defend privacy against the threats implicit in the technology. It annoys them occasionally that the public are often not so convinced of the yawning abyss confronting them. For example Flaherty, the data protection administrator, bemoans the public's failure to employ passwords when offered in Pharmanet, a medical data system in British Columbia. Davies in the chapter "Re-engineering the rights to privacy" goes further and laments the irony that "people tend not to support the more privacy-friendly technological options that are less likely to collect potentially damaging personal data". He cites the case that customers using smart cards tend to want full accounting of their purchases, presumably leaving behind a better audit trail for Big Brother to follow. Here lies the rub. People want the utility of the technology and are prepared to ignore or remain ignorant of the threat to their privacy.

Victoria Belloti's chapter on the practical aspects of designing privacy in a multimedia environment was of especial interest. She deals with the issues of disembodiment and disassociation, features of the virtual organisation, whereby the diminishing number of face-to-face encounters can contribute to the breakdown of social norms and practices. An example would be intrusive prolonged and unintentional observation of other persons using audio-visual technology, unfettered by the "if you see me, I can see you" principle of in-person encounters. There is a larger question not broached in this text of how informal social norms will be maintained anyway in the circumstances of disembodied interaction. Bellotti has developed a design framework for practical control of disembodiment and disassociation issues.

Philip Agre and Marc Rotenburg have brought together ten highly distinctive and interesting contributions which tackle different facets of the technology and privacy head-to-head. There is meat and drink here for lawyers, systems designers, cryptographers, information systems managers and many other professionals with responsibility for repositories of personal information or for deploying technology which collects digital traces imputable to individuals. And it should be preferred reading for courses dealing with the role of IT in society.

James Backhouse is director, computer security research centre, London School of Economics and Political Science.