Wednesday, November 23, 2005

Cyborgs have no privacy

So here I was, cut off from the world this morning (that is to say, my Internet connection wasn't working because my account was overdue). Not a big deal: I called Shaw and said I'd pay it today and the operator obligingly reconnected me. But here's the shocking thing. She also asked me to give her either my driver's license number, or my health services card number. I balked, politely, and she told me I didn't have to do it today but that the Canadian government had recently ordered that this information be collected by all Internet Service Providers in Canada. I couldn't quite believe it, but this, she assured me, would be the scenario in the near future any time anyone wants changes to existing services, or updates, or to set up a new account: Shaw would first require that customers provide one of those numbers--and that the ISP would be legally required to collect and store these numbers in their database. "That's insane," I said, with all the eloquence I could muster.

On Michael Geist's site at www.privacyinfo.ca, there's a nice summary of what I presume to be the legislation behind this request:
The Canadian government today revealed that it will unveil the lawful access bill on Tuesday, November 15th. The bill, titled the Modernization of Investigative Techniques Act, will "compel all Canadian telephone and Internet companies to create and maintain infrastructures that are intercept capable and to provide access to basic subscriber contact information such as a name, address or telephone number."

Geist's website points to Bill C-74 online as well. I haven't yet read this thoroughly, but what I can see is this on page 15:

A telecommunications service provider shall, on the request of a police officer or of an employee of the Royal Canadian Mounted Police or the Canadian Security Intelligence Service...provide the name, address and telephone number of any telecommunications service providers from whom the service provider obtains or to whom the service provider
provides telecommunications services, if the service provider has that information.

...the operative words being "name, address and telephone number" and "if the service provider has that information." What the...?

Now I'd like to believe that the operator to whom I spoke is just confused, but she clearly had a database field at the ready in which to enter my health card information or driver's license number. This is just plain disturbing. I think I'd better call Shaw and see what's up.

UPDATE (morning November 28): Help! I need a lawyer! I called Shaw again this morning to figure out what's going on, and spoke to a kindly-sounding customer representative, who explained that in fact, yes Shaw does need to collect a health services card number, a driver's license number, or a passport number - something that provides unique identification. She claims this policiy is a result of recent updates to the Privacy Act. I asked why. She explained that they need a way to identify people - say someone in your house, a young child, wants to get a movie - if Shaw has your personal information, they have a way of identifying the person requesting the movie. I told her I don't even have cable, I just have Internet access. It's used for identification purposes for services, she said, for example if you need to find out your password, or get the balance on your account. Are all Internet Service Providers in Canada required to collect this information, I asked? She assured me it was for cable tv too. Well, say, does Sasktel have to collect this information too? Yes, she said, it's because of the updated Privacy Act. There's a website, she said. Just look it up in the blue pages.

Huh? Now, I'm not a lawyer, but I looked this up, and the Act reads as follows, right at the top:
The purpose of this Act is to extend the present laws of Canada that protect the privacy of individuals with respect to personal information about themselves held by a government institution and that provide individuals with a right of access to that information.
Last time I checked, Shaw was not a government institution (last time I checked, requiring personal information to make changes to or to set up an Internet account was not a policy particulary concerned with protecting an individual's privacy). A quick skim of the next section, "INTERPRETATION," suggests that the act is solely concerned with access to information retained by governmental institutions.

What is Shaw up to, I wonder? This seems, at the very least and in the most generous of interpretations, misleading. Perhaps I'll phone again tomorrow and talk to a different service rep.

3 Comments:

Blogger Andrew Chen said...

"privacy is a red herring" or so some Sun executive was once quoted as saying.

Good luck digging to the bottom of this, and keep us informed, but I think that this sort of behavior by corporations may increasingly become more commonplace - legal justification or not.

11:31 AM  
Anonymous Anonymous said...

I don't see how this has to do with cyborgs at all. Are they asking for personal information if you have a pacemaker or bionic leg?

Bad title, totally misleading.

1:19 PM  
Blogger Allison Muri said...

Well, if you read cultural studies of the cyborg, what you'll see is that many theorists consider that those of us who live in the world of "cyberculture" -- a world mediated by computer communications -- are already cyborgs. If you read more of this blog, you might find that some of the titles and ideas are somewhat ironic. The title gives a nod to Steve Mann, author of Cyborg: Digital Destiny and Human Possibility in the Age of the Wearable Computer. Mann, a self-proclaimed cyborg, has been at the forefront of experimenting with wearable computing and one of his targets has been the surveillance culture made possible by computing technology. It's interesting reading, if you've got the time.

7:26 PM  

Post a Comment

<< Home