July 25, 2007

Roger Clarke's 'IT and Dataveillance'

This was cited in that Solove piece and it is worth reading:


Roger Clarke's 'IT and Dataveillance':


"This section discusses the techniques used in personal dataveillance, mass dataveillance, and facilitative mechanisms. Figure 2 provides a summary.
Figure 2: Techniques of Dataveillance
  • Personal Dataveillance, of previously identified individuals
    • integration of data hitherto stored in various locations within a single organisation
    • screening or authentication of transactions against internal norms
    • front-end verification of transactions that appear to be exceptional, against data relevant to the matter at hand, and sought from other internal databases or from third parties
    • front-end audit of individuals who appear to be exceptional, against data related to other matters, and sought from other internal databases or from third parties
    • cross-system enforcement against individuals, where a third party reports that the individual has committed a transgression in his or her relationship with the third party
  • Mass Dataveillance, of groups of people
    • screening or authentication of all transactions, whether or not they appear to be exceptional, against internal norms
    • front-end verification of all transactions, whether or not they appear to be exceptional, against data relevant to the matter at hand, and sought from other internal databases or from third parties
    • front-end audit of individuals, whether or not they appear to be exceptional, against data related to other matters, and sought from other internal databases or from third parties
    • single-factor file analysis of all data held or able to be acquired, whether or not they appear to be exceptional, variously involving transaction data compared against a norm, permanent data or other transaction data
    • profiling, or multi-factor file analysis of all data held or able to be acquired, whether or not they appear to be exceptional, variously involving singular profiling of data held at a point in time, or aggregative profiling of transaction trails over time
  • Facilitative Mechanisms
    • computer or data matching is a process in which personal data records relating to many people are compared in order to identify cases of interest
    • data concentration is the combination of personal data through organisational merger or by the operation of data-interchange networks and hub systems
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)