Our Blog

Cavoukian’s Plea

added: 09.10.2013, by Mike Spinney

In a heartfelt video statement posted on the Privacy by Design website, Ontario, Canada’s Information and Privacy Commissioner, Dr. Ann Cavoukian, takes aim at the “appalling” amount of effort and resources spent by the U.S. and other governments to “subverting encryption and cryptography” meant to protect digital access to the valuable information pertaining to organizations and people.

Cavoukian, clearly unhappy with recent revelations that the NSA and other agencies around the world were engaged in such activities rather than working with public and private entities to strengthen privacy and security, uses words like “blood boiling,” “unfortunate,” “depressing,” “disappointing,” and “outraged” to describe her feelings.

And she’s not alone in those feelings which amount to an expression of the growing lack of trust with the very agencies commissioned with protecting the public.

Intelligence organizations operate in secrecy, and with good reason. It’s difficult to execute the necessary functions of identifying and rooting out enemy malefactors before they can harm us if those organizations’ methods and activities are known in advance. But operating with entitlement and hubris, and without needed accountability oversight, is to invite abuses of power.

In 2009 I addressed the American Chemistry Council’s annual ChemITC conference on issues of data privacy and security. My discussion followed a presentation by a representative of the Department of Homeland Security who pleaded for cooperation from the industry to share information on data breaches. The mood in the room was one of skepticism, and some in the audience openly expressed their lack of trust in the government. They knew there were real and present threats to their valuable information and intellectual property, but they felt more at ease addressing the issues internally rather than sharing the information.

It turns out those instincts may have been right. We must all operate on the assumption that we are our first and best line of defense when it comes to protecting our personal information or business data.

The old line “I’m from the government and I’m here to help” is one usually delivered to elicit laughs of incredulity at the notorious bureaucratic entanglement that sometimes comes when a public agency gets involved. Cavoukian – a government agent in her own right – seems most heartbroken at the breach of trust that surely affects her own organization’s reputation. But her message is not one without hope.

The private sector will respond, she says, with efforts to increase the efficacy of the tools used to protect privacy and secure information systems. The people must also respond and “keep putting the pressure on government” by demanding greater transparency, accountability, and oversight of its public servants.

After all, Cavoukian reminds: they work for us.