Who needs a "Unified database of personal data on citizens"?

2024 Author: Seth Attwood | [email protected]. Last modified: 2023-12-16 15:55

Why do we need a central database of personal data for all citizens? We have not been able to hear any meaningful answers either in the rationale for the bills or in the press. Why are officials so actively promoting this idea? …

This conversation usually starts with data security first. Will the central base not be the most vulnerable, with the risk of leaks, etc. Let's start with this, although this is definitely not the main thing:

1. Data security issues

It is believed that a centralized database of all data on all citizens increases the risk of leakage of this data. This is partly true: if a hacker or insider breaks through the protection of the system, then he will have the most complete (and most relevant, this is important!) Set of data for theft at his service. That is, a disc with the most complete data about everyone will finally appear on the conditional Gorbushka. Convenient, huh?

However, there is an opposite consideration: when there is a zoo of various partial databases about citizens in different departments, some of them are guaranteed to be made on the knee and poorly protected - due to negligence, low qualifications of security guards or general curvature of system administrators in a particular place. True, it will be possible to steal from there only partial, incomplete data (only about cars, only about SMS messages, only about recognized persons, or only about addresses, for example).

For a centralized highly responsible database, one can at least hope that there will be enough qualifications and money to organize good protection.

In general, when centralizing personal data bases, there are both processes - increasing the risk and cost of leakage and improving data protection, so the final, total level of data protection will depend on the specific implementation and competence of the developers of this central database.

In fact, security issues are not central to this issue, they do not need to be discussed. Let's talk about the purposes of creating such a database.

2. What are the goals? It looks like it's just a desire for digital power

Why do we need a central database of personal data for all citizens? We have not been able to hear any meaningful answers either in the rationale for the bills or in the press.

Talking privately with people involved in the bill doesn't help either. There are no substantive, convincing arguments. Only general superficial considerations, what is convenient, new technologies, all data in one place, etc.

I suspect that not only the argumentation, but also the internal motivation of those who promote this bill, in reality is very primitive: "Well, after all, it will be cool to have everything about a citizen in one place!" - that's all.

No, that's not cool, and I'll explain why below.

Having everything in one place is convenient so that “everything can be calculated,” that's what the supporters of the bill say. Why "calculate" this? What do we want to "calculate" about a citizen?

It seems that there is a desire to increase power over the citizen, to know everything about him - and therefore to manage him more effectively. That is, this is a pure desire of the authorities - due to "new technologies", "bigdata", "AI" - and other media nonsense.

Oh yeah, even more security. A single database will supposedly help solving crimes! Discussions about security, the capture of tax evaders, thieves and terrorists are irrelevant. They are being caught anyway - by tax bases, checks, cameras on the streets, etc. 99.9% of the database will contain information about law-abiding citizens, and not about criminals. And they will try to manage "through data", not criminals.

3. Who will manage the data?

The people who push such bills probably think that they will manage technology, data and people.

They - bosses, ministers, deputies, senators - apparently imagine this in such a way that they will have such programmers of the "give-and-bring" format who will do everything for them on this basis.

This is not entirely true. They will have programmers, but what they will do is a special question. As a rule, our bosses have a liberal arts education - legal, journalistic, history.

They are not capable of managing any "technologies" on their own. In reality, the average boss does not even really understand what is “inside”, what the programmers are doing, what “technologies” are.

He becomes a hostage of technical managers and programmers. When he asks them - "can you do this or not?" but it takes more iron, money and time."

In fact, middle managers, sysadmins and programmers begin to manage the digital data of citizens.

4. A new class of digital managers

Thus, we will have (already appear) a new class of people who have access to data about all citizens. That is, having a new, special digital power.

Nobody appointed him, this class, nobody authorized him, he gets power "in fact". Upon hiring, admitting, gaining access to the data of other people. These are ordinary people who, on average, are not seven spans in the forehead and are not saints. These are simple clerks and simple programmers, system administrators. They have in their hands a huge - and at the same time secret - power over the data of citizens, that is, over citizens. And they practically do not have any serious ethical or legal restrictions.

You can, of course, put them on the first form of secrecy or immediately arrest them preventively, but in reality no one does anything like that.

Let's look at a very conditional example about "give-and-bring" from an IT service. Let's imagine, purely conditionally, that you are a governor or mayor. And your IT department has access to a database of all the citizens of your region or city. And so you come up to the programmer behind the monitor and say:

- So and such a person just left me from the negotiations. Look at what you came in. Is it clear now. Remember the number in the buffer. Where is he going? Yeah. And look at the traffic policemen's trajectories around the city, and then the addresses, where you were before, with whom did you meet? And what is his home address? Yeah, is there a camera above his entrance? There is … Look through it quickly in the morning. Wo, this is it. Turn on face recognition.

Look, when he comes home and with whom … And where does he go from work at 14 o'clock almost every day? Why does he need all the time in Novopetrovskoe? Who is there at this address? Look at the same time SMSs in the database from the mobile operator …

This is not at all a fantasy: regional and central authorities and departments already have such databases in some places. They connect data from cameras, address databases, traffic police, mobile operators, face recognition, trajectories …

And here you are, for example, a well-known journalist who wants to ask an official a sharp question or a businessman trying to outplay an unfair tender - and in response he quietly asks you if you want to disclose information about your mistress in Novopetrovskoye, a Mormon prayer house in Balashikha, or something else. seemingly known only to you …

The example is, of course, conditional. But are there any doubts that these data are computable, and that an employee of the IT service of an official will not refuse, by order of the chief, to submit queries to the database, or will not take an interest in something himself?

For me personally - no. I've seen enough corporate sysadmins and department heads (not even security personnel!) Reading employees' mail and personal documents (out of pure curiosity or in order to launch corporate intrigue) to understand the psychology of the average digital clerk.

That is, a new powerful instrument of power is emerging. Which at the same time it is not clear who controls.

It already appears - even in those disparate databases that are already in departments and regions.

We are offered to strengthen it many times over and give it to someone for uncontrolled and secret use.

It is permissible to ask: why?

Yes, there are some tactical considerations. We've heard them (security, big data, stuff).

But strategically this is very bad. The presence of a central database on all citizens of the country creates such a possibility of manipulating people that any dystopias of Orwell, Zamyatin, and so on, seem like childish jokes.

And I don't see any serious arguments as to why this is needed at all.

That is, apart from the argument that it is really easier to calculate everything about each person and about people in total, in fact, there is nothing. And this is the argument that you just really want to build a totalitarian digital hell and control the citizens of the country with the help of data.

Do we really need this?