If you spend much time working with computers then you’re likely familiar with metadata, or data about data. In the digital era metadata is relied upon for many of the tagging and categorization systems that are seen in popular web environments, such as Twitter, Digg, Delicious, Facebook, and so forth, and is more generally used to define, structure, and administrate data across all digital environments. I should state, upfront, that metadata is incredibly valuable: nothing that I’m going to write about should leave you with the suggestion that metadata should be removed from the digital landscape or could be removed. Instead I’m advocating for a responsible use of metadata.
In this post I will be drawing on a pair of examples to underscore just how much data is contained in popular metadata structures: the information divulged every time a person tweets on Twitter, and what your mobile phone operator may be giving up to third-parties when you browse the web on your phone. In the latter case, especially, we see that metadata is not just important for routing data traffic but also responsible for disclosing a considerable amount of personal information. I’ll conclude by noting, once again, that our privacy regulators, commissioners, advocates, and researchers need to additional funding if citizens are to have those parties regularly identify ‘bad’ metadata practices and seek rapid remedies before the data ends up being datamined for illicit or unjustifiable reasons.
Newman’s Protectors of Privacy: Regulating Personal Data in the Global Economy is exemplary in its careful exposition of Europe’s data protection regulations. Using a historical narrative approach, he demonstrates that Europe’s current preeminence in data protection is largely a consequence of the creation of regulatory authorities in member nations that were endowed with binding coercive powers. As a result of using the historical narrative method, he can firmly argue that neither liberal intergovermentalist nor neo-functionalist theories can adequately account for the spread of data protection regulations in the EU. Disavowing the argument that market size alone is responsible for the spread of data protection between member nations, or in explaining Europe’s ability to influence foreign data protection regulations, Newman argues that the considerable development of regulatory capacity in European member states, and the EU itself, is key to Europe’s present leading role in the field of data protection.
Drawing on recent telecommunication retention directives, as well as agreements between the EU and US surrounding the sharing of airline passenger information, Newman reveals the extent to which data protection advocates can influence transnational agreements; influence, in the EU, turns out to be largely dependent on situating data privacy issues within the First Pillar. For Newman, Europe’s intentional development of regulatory expertise at the member state, and subsequently EU level, as demonstrated in the field of data privacy and tentatively substantiated by his brief reflection on the EU’s financial regulatory capacity, may lead the EU to play a more significant role in shaping international action than would be expected, given its smaller market size as compared to the US, China, and India.
Overall, I would highly recommend this book. If you are interested in the role of regulatory capacity in the ongoing issues of personal data (especially as it pertains to the EU), or if you just want to read an inviting, concise, and well-developed historical account of the development of EU data protection regulations, then this book is a great way to spend an evening or three.
Canadian SIGINT Summaries
The Canadian SIGINT Summaries includes downloadable copies, along with summary, publication, and original source information, of leaked CSE documents.
Parsons, Christopher; and Molnar, Adam. (2021). “Horizontal Accountability and Signals Intelligence: Lesson Drawing from Annual Electronic Surveillance Reports,” David Murakami Wood and David Lyon (Eds.), Big Data Surveillance and Security Intelligence: The Canadian Case.
Parsons, Christopher. (2015). “Stuck on the Agenda: Drawing lessons from the stagnation of ‘lawful access’ legislation in Canada,” Michael Geist (ed.), Law, Privacy and Surveillance in Canada in the Post-Snowden Era (Ottawa University Press).
Parsons, Christopher. (2015). “The Governance of Telecommunications Surveillance: How Opaque and Unaccountable Practices and Policies Threaten Canadians,” Telecom Transparency Project.
Parsons, Christopher. (2015). “Beyond the ATIP: New methods for interrogating state surveillance,” in Jamie Brownlee and Kevin Walby (Eds.), Access to Information and Social Justice (Arbeiter Ring Publishing).
Bennett, Colin; Parsons, Christopher; Molnar, Adam. (2014). “Forgetting and the right to be forgotten” in Serge Gutwirth et al. (Eds.), Reloading Data Protection: Multidisciplinary Insights and Contemporary Challenges.
Bennett, Colin, and Parsons, Christopher. (2013). “Privacy and Surveillance: The Multi-Disciplinary Literature on the Capture, Use, and Disclosure of Personal information in Cyberspace” in W. Dutton (Ed.), Oxford Handbook of Internet Studies.
McPhail, Brenda; Parsons, Christopher; Ferenbok, Joseph; Smith, Karen; and Clement, Andrew. (2013). “Identifying Canadians at the Border: ePassports and the 9/11 legacy,” in Canadian Journal of Law and Society 27(3).
Parsons, Christopher; Savirimuthu, Joseph; Wipond, Rob; McArthur, Kevin. (2012). “ANPR: Code and Rhetorics of Compliance,” in European Journal of Law and Technology 3(3).