Our laws lag, but corporations are not the biggest threat

This is an open letter to the editor of Tech Review, Jason Pontin.

Dear Sir,

I'm writing generally to praise the "view" by Vivek Wadhwa ["Our Lagging Laws", for some reason not available on line in its hardcopy July/Aug form, even to subscribers]. In fact I hope you develop this problem into a full article by one of your investigative reporters in the near future.  However, I think his comment about the threat by the NSA is very misleading. The NSA has (or at least recently had) full access to the databases of Google, Apple, Facebook and more, so it is misleading to say that companies are a greater threat or have more information.

Also, that suggestion misses an important point that any future article should be promoting.  We are never going to go back to not sharing data, just as our governments are never going to be too weak to break into our homes.  But we do not expect our governments (or anyone else) to break into our homes without extraordinarily good reason.  Neither should we expect anyone to misuse the data we entrust to them.  The law should be ensuring that all data is obfuscated and anonymised in a way that makes it unusable for anything but its intended purpose, and ensure that no organisation beyond that we entrust it to should ever obtain access to it, even in cases such as bankruptcy when ordinary assets would pass to new owners.  Data (like much commercial software) should be viewed as leased, not owned by those we entrust it to.

Data and AI are growing at a sufficient rate that we are already able to make unprecedentedly good predictions about our own and others' behaviour.  This will fundamentally change governance as well as commerce.  We need to be moving forward now in accelerating legislation, enforcement of current privacy laws, and public education. 

Joanna Bryson
ScD EECS 2001
Reader (Assoc Prof) in Intelligent Systems, University of Bath