Before you start the lynch mob, ask yourself this: what on earth can one do with non-person-identifiable data stored on a server?
"Next on BBC - Terrorist organisation finds out too many British people forget to update their MOTs"
That's not what I want from my government.
Be very very fortunate you can even get a somewhat usable site, much less a very user friendly site. There are citizens of the other nations that would kill for easier access to public information.
Someone in another country, not subject to the same laws about how that sort of data is collected and used.
Actually it's not even equivalent then. It's more like them recording the conversation you have with the public services folk. And you haven't actually gone there, just called on the phone.
This is where I'm really failing to understand your logic. Your activity is very different from what you converse. If I fill out a web form and that data gets logged, fine, I can see how privacy may be an issue. Unless someone can correct me, Google analytics does not have that capability, it only tracks how you navigate.
If I walk around a public library and check out 6 books and someone follows me around watching me look at 6 books, then again I ask "so what?"
In the largely broken analogy, you might phone the DVLA, ask to speak to a certain department (driver licenses, vehicle tax), then perform a specific task (apply for a new license). This maps to your navigation around the pages. Previously you would not really expect a third party in another country to be informed you were doing this, and I don't think it's necessary now.
>> If I walk around a public library and check out 6 books and someone follows me around watching me look at 6 books, then again I ask "so what?"
They compile a dossier on you, including everything you read, all of the shops you go to, food you like. They sell this data to whoever wants it and leak it out the back door to overseas government agencies.
But I guess you've nothing to hide from anyone eh? Good for you.
>In the largely broken analogy, you might phone the DVLA, ask to speak to a certain department (driver licenses, vehicle tax), then perform a specific task (apply for a new license). This maps to your navigation around the pages. Previously you would not really expect a third party in another country to be informed you were doing this, and I don't think it's necessary now.
But that's the point I think he's trying to make: Why is this an issue? If I open up a page on the site that say tells me what the VAT rate is and that gets timestamped and sent to google, why should it matter?
The site is purely for information. They could - as you say - get wind of the fact that I want to apply for a new passport. So what? That (at least in my mind) isn't a privacy issue.
Well, not really, it directs you to portals for various services.
>> They could - as you say - get wind of the fact that I want to apply for a new passport. So what? That (at least in my mind) isn't a privacy issue.
I think it is and I would be upset about (for instance) my library browsing habits being supplied to people as well, particularly if they were based in places with far less in the way of data protection law.
You may as well say "Why would anyone care about PRISM? Who cares who knows I call my mom every week?", yet it's the biggest story around at the moment.
I certainly understand where you are coming from, I just think that the issue of having this data supplied to Google isn't really that important to warrant spending a tremendous amount of the budget to do an in house system.
The fact is that the web is not anonymous in its nature. If I browse to a random site I've never heard of, how do I know they aren't using a third party image? If they are, then my IP/Location will be broadcast to that third party.
>> I just think that the issue of having this data supplied to Google isn't really that important to warrant spending a tremendous amount of the budget to do an in house system.
Well I think they probably have a tremendous budget, and a variety of FOSS or third party (but running in-house) solutions have been mentioned in comments here, that could likely do the job.
>> The fact is that the web is not anonymous in its nature.
It's not really about anonymity though, it's about who the government is (deliberately) sharing data with or leaking data too. I'm not asking for anonymity in who I intend to interact with (UK government services), I'm asking them to think about who they share that data with.
>> If I browse to a random site I've never heard of, how do I know they aren't using a third party image? If they are, then my IP/Location will be broadcast to that third party.
When it is a page run by one's own government, one can have different expectations and even ask for things to be changed not to leak such data. Or at least ask if they've thought about it.
However this is also why I tend to block things like social media buttons, I have no desire for FB or Google to be informed every time I read ... well just about anything online these days.
>> Before you start the lynch mob, ask yourself this: what on earth can one do with non-person-identifiable data stored on a server?
How do we know it's non-person-identifiable? It's certainly clear that the analytics data comes from a set IP address, and when correlated with all the other data that big G collect from all over the web, who knows what can come out of it.
>> Be very very fortunate you can even get a somewhat usable site, much less a very user friendly site.
1. It's not just an information site.
2. Why should Google (and by extension the US government) be informed that I'm looking up (for instance) legal advice, business law or anything else?
Again, this is my interactions with my government being published to another nation.
--edit-- removed accusations of laziness, I'm sure the gov.uk folks aren't that.
Right, so because we haven't got a full and complete legal framework and associated consensus driven moral framework in this area, we should just relax and give up on the whole idea?
We already have data protection frameworks in the UK and at the EU level. I would like to see them adhered to in spirit, and I would also like to know that someone involved in the gov.uk has at least given this a moment's thought.
Clearly not give up. But we should have at least a clear idea of where we want the debate to go to. You say you want the DPA adhered to in spirit - great. It is adhered to in the letter of the law, and there are many interpretations of the spirit of that law.
My view is that the spirit of the law needs to be codified for a new world, and it is healthier to have that clear (and so open for debate) than to say someone is violating my idea of what the law should be.,
My starter for 10:
* Privacy is merely a politeness, and does not actually "exist". The expectations of privacy are the expectation for data to not be exploited without our consent.
* All digital communications and associated metadata are made in a public domain, and should have very limited expectations of privacy.
* If digital communication is encrypted, or marked as anonymous, then it should be legally viewed as having an expectatin of privacy and similar penalties applied for interfering with that as with post.
* Any monitoring of digital activity that can be linked to an individual human must be publically acknowledged by the monitoring organisation and the data released / published unless the individual has given consent for identifying data to be stored and processed to that organisation.
>> All digital communications and associated metadata are made in a public domain, and should have very limited expectations of privacy.
This is where we depart. Just because it is a public network does not mean that people somehow naturally consent to monitoring by anyone and everyone, nor that they should have to consent to this stuff. The telephone network is a good example of public and private infrastructure in which one still has the expectation of privacy.
>> If digital communication is encrypted, or marked as anonymous
And what if someone, mostly without notifying us, loads a script into our browser that tracks everything we do and reports back to mother?
This is not a case of people marking data private, nor is it 'digital communication' this is intrusion.
Before you start the lynch mob, ask yourself this: what on earth can one do with non-person-identifiable data stored on a server?
"Next on BBC - Terrorist organisation finds out too many British people forget to update their MOTs"
That's not what I want from my government.
Be very very fortunate you can even get a somewhat usable site, much less a very user friendly site. There are citizens of the other nations that would kill for easier access to public information.