Data Retention

LIS 550 Winter 2010Unsworth

Tuesday, March 02, 2010

Garbage or information?

ALA guidelines for developing a Library Privacy Policy

• Data Retention: It is the responsibility of library staff to destroy information in confidential or privacy-protected records in order to safeguard data from unauthorized disclosure. Information that should be regularly purged or shredded includes PII on library resource use, material circulation history, and security/surveillance tapes and logs. If this data is maintained off site, library administrators must ensure that appropriate data retention policies and procedures are employed. Libraries that use surveillance cameras should have written policies stating that the cameras are not to be used for any other purpose. If the cameras create any records, the library must recognize its responsibility to protect their confidentiality like any other library record. This is best accomplished by purging the records as soon as their purpose is served.

School data retention policies

• Log files• Library circulation records• Student immunization records– HIPAA

• Dependent on financial, contractual and other types of obligations

In the US … Data preservation

• When contacted by the police ISPs can save specific data for longer periods

• 1986 law – Electronic Communication Privacy Act regulates data preservation– Requires ISPs to retain any “record” in their

possession for 90 days “upon the request of a governmental entity”

– search warrant– Court order– subpoena

Benefits of data retention

• Network monitoring• Fraud prevention• Billing disputes• Litigation

Potential for abuse

• Data retention increases the potential for abuse and privacy invasion

• Possibility of synthesis (Blanchette and Johnson, p.34)

Transaction-generated information

• Phone calls• Purchases• Geographical location• Banking transactions

Individual and Social goods

• “privacy is good for society insofar as it promotes the development of the kinds of individuals who are essential for democracy” (36)

• “social forgetfulness serves individual and social interests” (37)

• It is easier to exclude bad risks and focus on derogatory information that it is to find good risks and reward the behavior

• Adverse information includes peripheral identifiers such as crime statistics related to place of residence

Individual behavior is regulated by:

• Laws• Norms• Technology• The market• (Lessing, 1999 in Blanchette and Johnson,

2002)

Code of Fair information practicesThe Code rested on five basic principles that would be given legal effect as "safeguard

requirements" for automated personal data systems. • There must be no personal data record keeping systems whose very existence is

secret. • There must be a way for an individual to find out what information about him is in a

record and how it is used. • There must be a way for an individual to prevent information about him that was

obtained for one purpose from being used or made available for other purposes without his consent.

• There must be a way for an individual to correct or amend a record of identifiable information about him.

• Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take precautions to prevent misuse of the data.

http://itlaw.wikia.com/wiki/Code_of_Fair_Information_Practice

EU Directive on Mandatory Retention of Communications Traffic Data

• To help combat terrorism• Standardize disparate data retention laws• Requires member states to retain communication

data for between 6 months and 2 years• This includes traffic and location data• Subscriber identifiers

Countries against the Directive

• Irish NGOs litigate against the act. They state the act breaches the right of privacy (Irish law and EU Convention), has chilling effect on freedom of expression, and interferes with the right to travel by retaining the mobile phone location of citizens (McIntyre 2008).

• The German working group on data retention challenged the law at the Federal German Constitutional Court on January 6. They claim it is unconstitutional, because it is treating every citizen as a potential delinquent. They also state that the law would severely disrupt free communication.

The right to trust your IT equipment"a guarantee of confidentiality and integrity in information-technology systems"

• In Germany, all data must be deleted immediately• There must be transparent control of how the

information is used

German Constitutional Court

Memory and forgetfulness

Trust

• trust in who?

Is it still possible to disappear and start over?