Comment: What's Worse?

The discussion of the UK plans for the 'Big Brother Database' has me wondering: What's worse, centralised storage of this communications data, or forcing ISPs and Mobile Phone companies to hold on the data for long periods of time?

Clearly this data is incredibly sensitive, and there are good reasons to want to restrict anyone's access to it. But, were such information to be stored, what would be worse? The idea of a centrally held database tends to make for bigger headlines, calling to mind, as it does, the vision of faceless government bureaucrats poring over our intimate secrets.

And the risk of government officials abusing such private information is indeed one of the reasons one would want to restrict access. But it's only one of the reasons. Surely another is the risk of any sort of public disclosure of this information. It is intrusive for anybody I haven't chosen to do so to view information about who I telephone or what websites I visit. But this information tends to be of much more interest to our neighbours, friends and work colleagues and of virtually zero interest to government. In deciding which is worse, one of the matters I think we should consider is which arrangement makes it less likely for some data breach to result in unauthorised access to my data.

Some will point to the many cases where various levels of government have proven hopelessly careless with our information (to the point of accidentally releasing vetting records with details of debt, extra marital affairs, drug use and use of prostitutes). But I don't think we can simplify this to a case of 'private sector good, public sector bad': some of the most notorious cases of releasing private information have been the fault of businesses - just think of the AOL scandal when records of people's searches were released, to remain posted in the internet to this very day. Private companies have a commercial interest in avoiding such scandals, to be sure, but is that any safer than trusting it to government?