The Privacy Act of 1974—the law designed to protect your rights as the government collects, uses, and shares your data—fails to consistently protect of citizens’ privacy because circuit courts disagree on how to interpret its language.[From PolicyBeta – Blog Archive – A Remedy for Every Wrong? Why We Need a Consistent Privacy Act]
This illustrates my point. My personal data should be protected by cryptography, not by the vagaries of judicial interpretation.
The idea that cryptography rather than good intentions should be the source of public confidence in a system handling personal data is central to what I’ve taken to calling Post-Modern Privacy (or PMP). But it’s not just that cryptography should be used, it’s that it should be open. The security of personal data should be based on the security of keys, not on secrecy or proprietary technology. The specifications for, for example, a national ID card, should be published, open and subject to peer review and revision: that’s the way to generate confidence in a scheme, not meaningless, soothing waffle from politicians.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]