As American angst over their government's massive domestic spying program soars, the Victorian Privacy Commissioner has warned responsible handling of personal information will increasingly require deft application of the "best custodian principle".
Commissioner Paul Chadwick told the Institute of Public Administration Australia last month the best custodian of a large set of personal data is usually its original collector.
While under the principal various parts of government or the private sector may be authorized to refer to one or more of the large datasets for legitimate purposes, the custodian should always maintain a central role, he warned.
"In the case of the electoral roll, the best custodian is the Electoral Commissioner. For registers of births, deaths and marriages, it is the Registrar. For police databases, it is the police forces that compile them," Chadwick said.
In the US that would make the best custodian of telephone records the telephony companies. It is not yet clear how well those principles have been observed by the US government under its massive domestic surveillance program, yet American's privacy has been put under serious threat nevertheless. USA Today revealed last month that the National Security Agency (NSA) has been secretly collecting the phone call records of tens of millions of Americans, using data provided by "best custodians" AT&T, Verizon and BellSouth.
USA Today claimed the program reached into homes and businesses across the nation by amassing information about the calls of ordinary Americans - few of them suspected of any crime. While the NSA has apparently not been listening to or recording conversations, it has been using the data to analyze calling patterns in an effort to detect terrorist activity, according to USA Today sources.
"It's the largest database ever assembled in the world," one person in the know claimed, adding the agency plans "to create a database of every call ever made" within the nation's borders.
And while the "data custodians" haven't hand over customer names, addresses or other personal information to the government, USA Today notes the phone numbers the NSA collects can easily be cross-checked with other databases to obtain that information.
And political insiders Web site Capitol Hill Blue claims newly-sworn CIA head General Michael Hayden plans to build an even vaster domestic spying network that will "pry into the lives of most Americans around the clock".
Founder and Publisher Doug Thompson claims President George W Bush told Hayden to "take whatever steps necessary" to monitor Americans 24/7 by listening in on their phone calls, bugging their homes and offices, probing their private lives, snooping into their financial records and watching their travel habits.
He claims sources within the CIA, FBI, NSA and Pentagon have warned about Hayden's plans for an expanded, consolidated spy network aimed at Americans, not terrorists, and violating numerous laws that prohibit such activities against citizens of the United States.
According to one longtime CIA operative who may retire early rather than participate in what he sees as an illegal extension of the spy agency's activities: "What Hayden plans to do is not only illegal, it is immoral."
Thomson claims Hayden, who oversaw the NSA's monitoring of phone calls and emails of Americas, plans to consolidate much of the country's domestic spying into a new desk at the CIA, calling it a "domestic terrorism prevention" operation.
And this will almost certainly lead to problems. It's not just that the sheer size of the database will make identifying a presumably small population of terrorists immensely difficult - one blogger likened it to "trying to find a needle in a haystack by adding a million haystacks."
But as Chapman also pointed out last month, there are special data security risks associated with large unique datasets, including the dangers of copying large amounts of personal data onto CDs, or performing large transfers online (e.g. using XML) without robust security measures such as encryption.
He adds: "Experience suggests that where large datasets are put into the hands of those unfamiliar with them, data security problems can grow, even if inadvertently."
All this suggests the spying program is likely to be controversial for a very long time to come.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.