(to end organised crime, malpractice, abuse and the surveillance state)
For more information visit :
http://www.freewebs.com/privacyanddataprotectionact/thepdpa07.htm
Summary
This is the 21st century, and although, modern technology has made the access to individuals' private affairs alarmingly easy
( CCTV, NIR, verichip, RFID, Databases etc...), there is still not a single law on privacy. Apart form article 8 of the Human Rights Act 1998, there is no other way to protect privacy than to rely on mere codes of practice. Controversial attempts have been made through the protection of personal data ( Data Protection Act 1984,1998) to protect privacy. However, such attempts have only succeeded in legalising even more intrusion in people's private lives with the help of data collection and processing. Data collection is by far the must dangerous and intrusive device without which no monitoring and/or abuse would be made possible. The ID card & database scheme, if introduced, will be a dangerous additional means of monitoring individuals that would change the relationship between citizens and their governments forever.
The Data Protection Act 1998 has made a mockery of the principles of fairness and security. It is biased, misleading, unreliable and there are far too many exemptions for safety. The aim of this act was not to protect data, but to legalise data collection regardless of whether such a collection of data is justified at all and as we all know it is not. What is more, its 8 principles are inconsistent and incompatible with our fundamental right to privacy, which make this act unreliable and counter-productive.
This act is biased as it only safeguards the interests of data controllers/users whatever the consequences (economic loss, ID theft, abuse etc...). It allows them to collect and process an unnecessary amount of personal data, even though they could easily be substituted. This is not only intrusive, it is giving a right to private and public bodies over our entire life and a means to fraudsters to steal it.
Consequently, data subjects are left with almost no protections. They are compelled to reveal, that they like it or not, unnecessary personal informations which are later processed ( filed, used, copied, disclosed etc...). Furthermore, they have no idea as to the amount of their personal data being processed, what kind of informations are being held about them, the number of people accessing them, or even with whom such data are shared in the UK and abroad ( Brussels, India etc...). Appallingly, trying to find this out or seek redress, it is both time-consuming and expensive. And as if this was not bad enough, there is not a single section on ID theft or on how to prevent it.
The Privacy and Data Protection Act 2007 (P&DPA07) is mainly concerned with the danger of data collection, processing and the monitoring of people which violate our fundamental right to privacy. It is also concerned with the inefficiency of protecting data from abuse once they have been collected.
Many would argue that data are needed for the well-being of modern societies. But so far, they have done more harm than good, and as we know data do not have to be collected to achieve this goal.
By failing to ask itself the right questions, the government has failed to realise that data collection and processing are responsible for the problems faced by most modern societies today. The facts remains that data are being used to commit organised crime (terrorism, ID theft, benefit fraud, forgery, sell of data, blackmail etc..), malpractice (discrimination, exclusion etc...) and abuse ( undue control, manipulation etc...), and this is not surprising considering the excessive amount of data being collected and processed everywhere.
Now a new threat has emerged, the threat of a 'surveillance state' where people live in fear of their government and police force. The profiling and monitoring of each and every individual are turning our democratic society into a police state in which the entire population is under, what could be called, a “country arrest order” for being potential criminals. Such practices, frighteningly enough, were only used by dictators ( Stalin, Hitler etc...), and therefore, have no place in our democratic societies. It is obvious to that this system is counter-productive.
What the government ought to have done was to – (a) determine the exact purposes of data collection ( accuracy of informations etc...), and (b) determine the exact set of data needed for a fully functional society ( income, properties, dependants, health, education).
The Data Protection Act 1998 uses painful and ineffective methods of protecting data, preserving privacy, and of preventing organised crime, abuse, malpractice, problems which it has caused. Have we not be compelled to reveal irrelevant personal informations they could not be used against us, and we would all be treated equally.
There is a easier, fairer and more reliable alternative to data collection. It is simply to use technology (ultraviolet lights, x-rays), handwriting, data substitutes, confidential registers, pseudo-names and anonymous reports to ensure privacy.
All professionals will have to do is check all required documents,compare data subjects ' handwritings and signatures with the ones on their documents, give a pseudo-name to each of their patients, clients or customers, and keep online anonymous reports on each of them. This will preserve data subjects' privacy and civil liberties without prejudicing other professionals ' need to access information for research, studies, statistical or administrative purposes. All these reforms can be found in the P&DPA07 proposal.
It is clear that the disadvantages of data collection far outweigh the alleged benefits. A system like ours lacks adequate safeguards for the protection of data and civil liberties. What is even more worrying, is that such a system is turning our democratic society into a dictatorship, in which oppression and control are its norms and values. We are in an urgent need of the new unbiased Privacy and Data Protection Act 2007, to end the evils of the 21st century, and the resurgence of the evils of the past.
CONTENTS
Summary.............................................................................................................................2
Contents..............................................................................................................................4
Introduction..........................................................................................................................5
“How privacy is protected under the law ”
1.
Why has the Data Protection Act been created?..................................................5
2.
What are the rights and obligations available to ensure data protection and privacy under the Data Protection Act 1998 the Act...............................................................5
2.1 Data subjects' rights...........................................................................................5
2.2 Data controllers' obligations........................................................................................6
3.
How efficient are those rights and obligations to protect data and privacy?......8
3.1 Organised crime, malpractice,abuse and the violation of privacy...........................8
3.2 Relevance, justification and effectiveness of 'data collection'..................................9
3.3 The disadvantages of the current data collection and protection system...............9
4.
What are the alternatives to 'data collection' to ensure data protection and privacy?........................................................................................................................10
4.1 Advantages and benefits............................................................................................12
Conclusion...........................................................................................................................14
Recommendations..............................................................................................................15
Introduction
“ How privacy is protected under the law ”
This is the 21st century, and although, modern technology has made the access to individuals' private affairs alarmingly easy (CCTV, NIR, verichip, RFID, Databases etc...), there is still not a single law on privacy. Apart form article 8 of the Human Rights Act 1998, there is no other way to protect privacy than to rely on mere codes of practice.Controversial attempts have been made through the protection of personal data (Data Protection Act 1984,1998) to protect privacy. However, such attempts have only succeeded in legalising even more intrusion in people's private lives with the help of data collection and processing.
1. Why has the Data Protection Act been created ?
The Data Protection Act has been created to protect data and citizens from dishonesty, malpractice, improper conduct, incompetence, and to safeguard citizens' right to privacy. Allegedly, the 1998 Act further protects our right to privacy.
In fact, all the Data Protection Act 1998 does is legalise 'data collection' to protect the government's and data controllers' interests and nothing more.
2. What are the rights and obligations available to ensure data protection and privacy under this the Data Protection Act 1998 ?
There are some unreliable rights available to data subjects to check data controllers' conduct, and some questionable obligations imposed on data controllers to protect data.
2.1 Data subjects' rights
The main rights available to data subjects are as follows:
- The right of access to personal data – It is complete nonsense to have to ask for the right to access our own personal data which we are forced to give in the first place, and what is more to have to pay to do so. It is simply appalling.
- The right to prevent processing likely to cause damage or distress – All data can cause damage and distress when they are used against their holders, as we know they all are, through discrimination, manipulation, exclusion or to commit crime.
- The right to prevent processing for purposes of direct marketing – To prevent such as process, data subjects have to be aware/informed that data are going to be used in that specific purpose. And what happens to data when they are sent abroad ? Who knows?
- The right in relation to automated decision taking - To prevent such a process, data subjects have to be informed that automated decision is taking place.
- Redress ( compensation, rectification, blocking, erasure,destruction) – Claiming redress is expensive, time-consuming and because of the limitations which protect data controllers from prosecution claimants are likely to lose their claims.
Considering, the damaging and distressing consequences and the ineffectiveness of this process, the most important right would be to stop compelling data subjects to give their personal data to complete strangers. However, there is no option and to obtain any public and/or private services data subjects are forced to comply with unfair and unjustified demands. This is tyranny and not protection.
2.2 Data controllers' obligations
Data controllers are under a duty to:
- Register before processing any data – However, as there are too many data controllers/users, and far too many data being processed, it is almost impossible to check whether they all comply with the law.
- Notify change - It is impossible to ascertain that they will all apply the law.
- Apply the eight principles of the Act – However, these 8 principles are inconsistent an incompatible with our fundamental right to privacy.
1st Principle : “ Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless- (a) at least one of the conditions in Schedule 2 is met, and (b) in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met”.
Data collection is incompatible with privacy. The actual act of revealing our personal data to complete strangers violate our fundamental right to privacy, even more when we did not consent to give them in the first place. Although it might still be lawful, it is definitely unfair not to respect one's privacy.
2nd Principle : “Personal data shall be obtained only for one or more specified and lawful purpose, and shall not be further processed in any manner incompatible with that purpose or those purposes”.
To ensure that this principle is applied, the Act ought to have determined the exact purposes and aims of data collection, so that data controllers cannot hide behind various exemptions or pretend that the collected data will later be used for some foreseeable purposes. To avoid abuse, the purposes and aims of data collection should only be to :
a) Authenticate ID documents so as to :
- identity data subjects ( to individualise people)
- impose duties ( taxation, insurance)
- give rights ( benefits, employment, education)
b) Enable:
- professionals to exercise their professions
- research
- studies
- statistics
- administration
3rd Principle : “Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed”.
To ensure that this principle is applied, the Act ought to have determined the exact set of data that are needed in all situations, which include:
- income (how much we earn)
- properties (what we possess: car, house, money etc...)
- dependants (how many we financially support)
- health (how fit we are physically, mentally)
- education (how much we know)
4th Principle : “Personal data shall be accurate and, where necessary, kept up to date”.
This cannot be guaranteed because the Act fails to authenticate each identity documents, and because data are collected, which makes them vulnerable to malpractice and abuse (fiddling, incompetence, sell of data etc...). A good protection would be to use technology (ultraviolet lights, x-rays, handwritings) to ensure authenticity and data substitutes to avoid malpractice and abuse.
5th Principle : “Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes”.
This cannot be guaranteed as data controllers could keep unofficial registers for how long that they like. They could also, easily, sale all these informations, after a period of time, pretending that they have been destroyed. Breach of confidentiality cannot be proven. To avoid such problems, data subjects should be given a pseudo-name every time they register, apply, enrol somewhere so as to keep all data anonymous.
6th Principle : “Personal data shall be processed in accordance with the rights of data subjects under this Act”.
Considering, that the Act has only been created to safeguard their interests, it is easy for data controllers to apply the rights given to data subjects, as there is always an exemption they can rely on to get away with any wrongdoing. The Act 98 ought to be amended and urgently replaced by the Privacy and Data Protection Act 2007.
7th Principle : “Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data”.
As long as data controllers/users will collect, use, disclose and store data, they will always be forged, tampered with, sold, or cloned and be used to manipulate, discriminate and exclude. There is no system that can protect data once they have been collected and processed. The only option is not to collect them, when necessary substitutes them, and allow data subjects to keep and store their own data, files/records. One cannot forge, sell, steal or unlawfully use informations one does not have.
8th Principle : “Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data”.
If data cannot even be efficiently protected in the UK, there is little hope that they would be adequately protected abroad. There are far too many data collected/processed all over the world for protection.
3. How efficient are those rights and obligations to protect data and privacy ?
The Data Protection Act 1998 has made a mockery of the principles of fairness and security. It is biased, misleading, unreliable and there are far too many exemptions for safety. The aim of this act was not to protect data, but to legalise data collection regardless of whether such a collection of data is justified at all, and as we all know it is not. What is more, its 8 principles are inconsistent and incompatible with our fundamental right to privacy, which make this act unreliable and counter-productive. Everyday, excessive amount of data are collected/processed and put into databases that link each individuals to what s/he does. For instance, phone a friend (mobile phone), buy a car (credit card), go shopping (loyalty cards) etc...
This act is biased as it only safeguards the interests of data controllers/users whatever the consequences (economic loss, ID theft, abuse etc...). It allows them to collect and process an unnecessary amount of personal data, even though they could easily be substituted. This is not only intrusive, it is giving a right to private and public bodies over our entire life and a means to fraudsters to steal it. Data collection is by far the must dangerous and intrusive device without which no monitoring and/or abuse would be made possible. The ID card & database scheme, if introduced, will be a dangerous additional means of monitoring individuals that would change the relationship between citizens and their governments forever.
Consequently, data subjects are left with almost no protections. They are compelled to reveal, that they like it or not, unnecessary personal informations which are later processed ( filed, used, copied, disclosed etc...). Furthermore, they have no idea as to the amount of their personal data being processed, what kind of informations are being held about them, the number of people accessing them, or even with whom such data are shared in the UK and abroad ( Brussels, India etc...). Appallingly, trying to find this out or seek redress, it is both time-consuming and expensive. And as if this was not bad enough, there is not a single section on ID theft or on how to prevent it. As they cannot be under surveillance 24/7, any data controller/user, or computer literate, can unlawfully access, steal, copy, store our data without our consent or the knowledge that our privacy is being violated.
3.1 Organised crime, malpractice,abuse and the violation of privacy.
By failing to ask itself the right questions, the government has failed to realise that data collection and processing are responsible for the problems faced by most modern societies. The fact remains that data are being used to commit :
- Organised crime (ID theft, terrorism, forgery, sell of data, blackmail etc...)
- Malpractice & abuse (discrimination, manipulation, exclusion etc...)
- Violation of privacy (data collection/processing)
And this is not surprising considering the excessive amount of data being collected and processed everywhere.
If anything, the 1998 Act makes things even worse by legalising data collection. Now, a new threat has emerged, the threat of a 'surveillance state', where people live in fear of their government and police force. The profiling and monitoring of each and every individuals are turning our democratic society into a police state in which the entire population in under, what could be called, a “country arrest order” for being potential criminals. Such practices, frighteningly enough, were only used by dictators ( Stalin, Hitler etc...), and therefore, have no place in our democratic societies.
3.2 Relevance, justification and effectiveness of 'data collection'
As there are still problems with accuracy of information and authenticity of identity documents, data collection has been inefficient and ineffective to solve these problems. And many are now questioning the justification, relevance and effectiveness of data collection. Considering, that data could be easily substituted and that pseudo-names could be used to remove all personal identifiers, the justifications of their collection are unfounded. It is plain to see that the relevance of such a practice is a desire to control each and every individual through manipulation, discrimination and exclusion.
Can you imagine the risks disclosing that much data, and to complete strangers ?
- Marital status
- Date of birth/age
- Place of birth
- Health records
- Educational records
- Place of study
- Parents' names/ Mother's maiden name
- Sibling ( names, age, sex, number of )
- Children ( names, age, sex, number of)
- Bank details/records
- etc......
This is not only intrusive, it is giving a right to private and public bodies over our entire life and a means to fraudsters to steal it. The introduction of ID card & database will make things even worse.
No one should ever be given the power to collect informations on others as this is bound to be abused. Have we not be compelled to reveal irrelevant personal informations they could not be used against us, and we would all be treated equally as human beings and not cattle.
3.3 The disadvantages of the current data collection and protection system.
The data collection/processing system is governed by various sources of law which are unmistakably inconsistent and incompatible with our fundamental right to privacy.
The main disadvantages are as follows.
The current system is :
To data subjects.
- Complex (too many sources of law to cope with).
- Unreliable (do not protect data, do not protect privacy).
- Undignified (to be compelled to give our personal data to complete strangers).
- Dangerous (enable crime, abuse, malpractice and police state).
- Unfair (too many exemptions, no free access to our own data, files etc...).
- Biased (only safeguards public and private bodies interests).
- Expensive (redress, right of access to data).
- Time-consuming (time wasted on court cases).
- Oppressive (bureaucracy, surveillance state).
To data controllers.
- Complex (too many sources of law, uncertainty over terms 'consent', 'relevant filing system', uncertainty over power “vires” to process).
- Costly (training staff, codes of practice etc...).
- Unsafe (cannot guarantee data/privacy protection).
To society.
- Dangerous (assist organised crime, malpractice, abuse, police state)
- Unfair (assist institutional discrimination)
- Undemocratic (society based on fear of its government and police force)
- Expensive (economic loss due to fraud etc...)
- Eco-unfriendly (more bureaucracy, so more papers)
4. What are the alternatives to 'data collection' to ensure data protection and privacy?
The Privacy and Data Protection Act 2007 (P&DPA07) is mainly concerned with the danger of data collection, processing and the monitoring of people which violate our fundamental right to privacy. It is also concerned with the inefficiency of protecting data from abuse once they have been collected.
It is often argued that data are needed for the well-being of modern societies. But so far, they have done more harm than good, and as we know data do not have to be collected and processed to achieve this goal. There is an easier, fairer and more reliable alternative to data collection.
Instead of scanning large amount of irrelevant personal data, a good option would be to :
I ) - Use technology ( ultraviolet lights, x-rays) : To check all official marks, stamps, paper patterns etc... of each identity document ( birth certificate, driving licence, passports etc..) to reveal whether they are authentic. In the same way banknotes are, to check it is not forged/stolen money.
It means that, birth/marriage certificates will have to be examined (ultraviolet lights, x-rays) before issuing passports, driving licences etc...which in turn will also have to be examined when checked (Airports) to ascertain that they have not been tampered with or forged. Such documents should also be checked before giving benefits etc....
Public bodies will only be allowed to keep confidential registers of all data subjects' personal details, to be used for correspondence only.
- Names
- Addresses
- Nationality
- Passport numbers
- Signatures
This will ensure ownership and authenticity of informations. Registers will have to be filled by the hands of each data holders, in case of loss of identity documents.
II ) - Use handwriting/signature : Because of their uniqueness, handwritings are the ideal way to end fraud, and therefore, each identity documents should be filled and signed by the hands of their holders, as word processors are too impersonal. Signatures are already widely in use at the end of legal documents (wills, cheques, contracts etc...) to show that such documents are valid and binding.
III) - Use data substitutes : In order to avoid any kind of abuse, when informations on data subjects are necessary ( employment, education etc...), such data will have to be replaced by adequate substitutes to balance the interests of both parties.
- Date of birth/ age : They are not useful to identify a person. Some people look much older or much younger that they actually are. Age does not impair one's ability to work or to achieve grand project, and it is not the main cause of death any more, heart attacks, cancers and stroke are the main killers whatever the age of the patients. If getting old is a problem then why are ' high-class' professions occupied by elderly people ( politicians, judges etc...). To avoid unnecessary age discrimination,“colour categorisation” should be used instead. For women age discrimination starts as soon as they reach 20 (childbearing age).
- A woman marital status should be kept as private as a man's one. The title “Ms” should be used in the same way as “Mr”. This will end discrimination against married and single women.
- Sex life : It would be politically incorrect and morally wrong to ask questions on homosexual applicants' sexual life, but strangely enough, offence questions on heterosexual applicants, are still seen as normal [ Are you married ? Single ? Divorced? Etc...]. Sex life should be respected whatever the applicants' sexual orientation. Therefore, no questions should ever be asked
- Health history : “ Medical notes” should be used instead of questionnaires on an applicant's health condition. The “ medical notes” should ONLY state, whether or not the applicant is physically fit to do what is expected of him/her. Apart from doctors, access to health records should be banned.
- Educational records/ Place of study : “ Certificates, Diplomas, Degrees etc..” should be used instead of records to ascertain data subjects' abilities, skills and knowledge. This will promote meritocracy and end social bacground discrimination.
- Familial situations : Data controllers should rely on “family & dependants records book” to find out how many people the data subject financially support and legally care for.
IV) - Introduce “pseudo-names” and “anonymous reports”: Professionals will have to be under a duty to:
a) Give a pseudo-name to each of their patients, clients or customers – to be used for the duration of the relationship, instead of real names of data subjects, to ensure privacy, end ID theft, malpractice or abuse.
b) Keep, only, contact details on application, registration and enrolment forms -
- Pseudo-name
- Address
- Telephone number
- E-mail address
- Mobile number
The pseudo-names and contact details (if necessary) will have to be used for all correspondence, administration, transactions, prescriptions, on credit cards, chequebooks etc...to preserve privacy.
c) Keep online “anonymous reports” ( with reference numbers)- on each of their clients, patients or customers' conditions (physical,mental), abilities, skills and progress etc... so as to ensure their privacy, without prejudicing other professionals the need to access vital informations.
d) Keep confidential registers with-
* pseudo-names & reference numbers – for professionals' personal use only, so as not to confuse all the "anonymous reports" with the wrong patients, clients or customers.-
* pseudo-names & passport numbers - in case of a problem which would involve the police and the courts.
Under no circumstances should professionals be allowed to keep a register of passport numbers & reference numbers so as to preserve data subjects' privacy.
V) - Impose a duty of confidentiality on professionals : Except in circumstances which involve the police and courts, professionals will not be allowed to reveal any informations concerning their patients, clients etc... to any 3rd party. To ascertain lawful access, data subjects should give their personal data to 3rd parties, if they judge it necessary. Does not apply to anonymous reports.
VI) - Prohibit the right to collect, process, sell or share data :
- Identity documents are very important to confirm a person identity, therefore, they should only be kept by their holders, and should only be shown when necessary to authenticate identity.
- Professionals should only be allowed to access files/records which should be, immediately, returned to data holders after professionals have added/obtained the informations they were looking for.
VI I)- Introduce online “passport numbers” registers : The registers should only contain a list of passport numbers. No names and/or pseudo-names should ever be attached to them.
- The police: The police will have to keep an online register of all convicted offenders' passport numbers, to be accessed by data controllers ( ie : employers, to check new applicants etc...).
- Professionals: Professionals will have to keep an online register of their data subjects' passport numbers, when necessary, to be accessed by government departments only ( ie : Inland Revenue, Social security agency etc... to verify claims) under no circunstances should passports numbers be shared or sold to any 3rd parties.
4.1 Advantages and benefits.
The alternative will ensure economic, social and environmental well-being which are the main objectives of this government.
All professionals will have to do is, to check all required documents,compare data subjects ' handwritings and signatures with the ones on their documents, give a pseudo-name to each of their patients, clients or customers, and keep online anonymous reports on each of them. This will preserve data subjects' privacy and civil liberties without prejudicing other professionals the need to access information for research, studies, statistical or administrative purposes. This will bring back people's trust in the data protection system. The main advantages are as follows:
The new system will be;
- Simple
- no more confusion about the terms
- only one source of law the ' Privacy and Data Protection Act 2006'
- Reliable
- ensure privacy (pseudo-names, prohibition to collect/process data)
- ascertain authenticity of identity documents ( technology ultraviolet lights, handwriting)
- ensure data protection (anonymous reports)
- ensure accuracy of information (technology and handwriting)
- Fair
- data and privacy protection also apply to dead data subjects.
- no problem with consent, access request.
- data can be kept indefinitely for historical,statistical etc.. purposes, as they are anonymous.
- ensure democratic values (justice, equal opportunity, equality, fairness etc...).
- stop institutional discrimination.
- ensure equality based on invisible criteria (age, marital status, records).
- technology use for our protection and not against us.
- Safe
- end organised crime
- end malpractice, abuse
- end the surveillance state
- enable data to be kept indefinitely
-enable the sale and flow of data (anonymous reports)
- Non-oppressive
- keep bureaucracy to its minimum
- allow autonomy
- Eco-friendly
- less bureaucracy, and therefore, less papers
- Time-saving
- no time wasted on court cases for redress
- Cheap
- no money spend on courts cases
- no money spend on right to access our own data.
Conclusion
To this day, the government has failed to provide an adequate law on privacy, although, our modern world has made the access to individuals' private lives alarmingly easy, with its ever-growing monitoring and surveillance devices ( CCTV, NIR, databases, RFID etc...).
So far, unsuccessful attempts have been made to protect privacy thought the protection of personal data, which have only resulted in more intrusion into people's affairs by allowing data collection, processing and the monitoring of people. The Data Protection Act 1998 has proven biased, ineffective and costly. All it has achieved is to legalised data collection, to favour and protect the government's and data controllers' interests, regardless of the damaging and irreversible consequences.
The government has failed to realise that data collection and processing are at the root of the problems faced by most modern societies ( organised crime, privacy violation, malpractice, abuse etc...) therefore, any new legislation legalising (ID cards,NIR) data collection is bound to create even more fraud and abuse. This government also appears to have overlooked alternatives to data collection/processing which could strike a balance between national security and civil liberties.
The relevance and justification of data collection are being questioned, because of the ineffectiveness of the whole system. Informations are still as inaccurate, if not more, than ever before, privacy is still not respected and data are still not protected. It is obvious that this system is counter-productive.
It is clear that the disadvantages of data collection far outweigh the alleged benefits. A system like ours lacks adequate safeguards for the protection of data and civil liberties. What is even more worrying, is that such a system is turning our democratic society into a dictatorship, in which oppression and control are its norms and values. We are in an urgent need of a new unbiased Privacy and Data Protection Act 2007, to end the evils of the 21st century, and the resurgence of the evils of the past.
Recommendations
The recommendations are straightforward and can be put into use within months. They are as follows:
1. To ban the use of monitoring devices such as:
- NIR
- Verichip
- RFID
- Biometric ID card
- Databases ( replaced by online “anonymous reports” )
- Data collection/processing ( replaced by substitutes, pseudo-names etc...)
2. To abolish the collection of such data as :
- Marital status
- Date of birth/age
- Place of birth
- Health records
- Educational records
- Place of study
- Parents' names/ Mother's maiden name
- Sibling ( names, age, sex, number of )
- Children ( names, age, sex, number of)
- Bank details/records
- sex life
- etc......
3. To introduce data substitutes.
- To use 'colour categorisation' on identify documents to avoid unfair age discrimination.
The colour of a passport, driving licence, application forms etc... will be:
- PINK : for adults (18 upwards).
- GREEN : for minors (15 up to majority).
- BLUE : for children (from birth to 14).
- Marital status : replaced by 'Mr' and 'Ms' to avoid discrimination.
- Health records : replaced by 'medical note' stating if the patient is fit or not.
- Educational records : replaced by 'diploma, certificate' to promote meritocracy.
- Familial situation : replaced by family & dependants records book.
- Etc.....
4. To allow data subjects to keep and store their own data, files and official records (birth/marriage certificates, educational records, health records etc...).
- To end organised crime, malpractice and abuse.
5. To prohibit the right to process personal data (collect, copy, file, store, disclose etc..) by public and private bodies.
- As long as data controllers/users will collect, copy, disclose and store data, they will always be forged, tampered with, sold, or cloned and be used to manipulate, discriminate and exclude. The only option is not to collect them, as one cannot forge, sell, steal or unlawfully use informations one does not have.
6. To introduce the use of technology (x-ray, ultraviolet lights, handwriting) in order to check the authenticity of identity documents.
- It will ensure identity documents authenticity, and therefore, the accuracy of information.
7. To introduce “pseudo-names” and online “anonymous reports”
- It will ensure confidentiality, ascertain data subjects' privacy and safeguards professionals interests.
8. To impose a duty of confidentiality on professionals.
- It will guarantee the confidentiality of data subjects private affairs.
9. To introduce online “passport numbers” registers.
- To ensure privacy,security and verify claims.
As data will no longer be collected, the chances of organised crime, malpractice, abuse and threat of a surveillance state will be made almost impossible. This will ensure a balance between national security and respect for civil liberties.
These reforms should be found in a free-standing Privacy and Data Protection Act 2007.
Advertisement
Privacy and Data Protection Act 2007(P&DPA07)(permalink)
Conversations
© MMIXThis page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.