Advert

It’s getting personal

There are hundreds of specific data brokerage companies whose business focuses on gathering, storing, and selling personal data.

There are hundreds of specific data brokerage companies whose business focuses on gathering, storing, and selling personal data.

Many condemned Donald Trump’s campaign proposal to build a Muslim registry. Yet this – together with registries of nearly every aspect of identity – already exists, Marc Kosciejew says.

Registering individuals’ identities is an ambiguous practice with a long and troubled history. It is a common routine practice for most governments, corporations, and other institutions for diverse administrative, operational, financial, and cultural purposes.

Examples of legitimate institutional kinds of identity registrations include documentation such as the census, the passport, and the driver’s license. But identity registrations also have a frightening past of being used to control, discipline, and oppress individuals for various reasons including ideological, political, economic, social, and religious ends. They have been used to discriminate, marginalise, enslave, and kill people based on their registered identities.

During the controversial 2016 US presidential campaign, for example, there was an ominous proposal for the introduction of a national Muslim registry to identity, monitor, and track individuals of Muslim identity in the US. As a candidate, and now as President, Donald Trump promised to pursue aggressive policies targeting Muslim immigrants, migrants, and refugees.

He signalled favour for a possible Muslim registry, stating that he would “absolutely” require Muslims to register in a special database. He speculated that this system of religious identity registration would legally require Muslim individuals to sign up and register in the database in various locations across the country. It would help ensure the surveillance and ultimately the control of Muslims in the US.

This controversial proposal for a possible Muslim registry garnered concern and condemnation from across the political spectrum and throughout Muslim and other religious communities. Trump eventually, seemingly, distanced himself from it by tweeting @realDonaldTrump that “I didn’t suggest a database – a reporter did. We must defeat Islamic terrorism & have surveillance, including a watch list, to protect America”.

Trump’s presidential transition team also formally issued a statement claiming that he “never advocated” for a Muslim registry, despite video footage and reports showing him doing so.

Trump admittedly did not specifically campaign on the need for a Muslim registry – however, he has not disavowed the idea of a religious identification system or database to track Muslim individuals. He has neither unambiguously objected to such a registry, nor has he retracted any of his agreements or favourable statements regarding it. Indeed, his mention of a “watch list” indicates his support for officially registering Muslim individuals into a database, whether or not it is called a Muslim registry.

The creation of a Muslim registry, and indeed of any kind of identity registration system, would require Silicon Valley’s technical assistance and knowhow. Silicon Valley’s powerful information technology corporations – including Facebook, Google, Microsoft, Twitter, and others – would necessarily play central roles in designing, implementing, operating, and maintaining such a database. But there is resistance in Silicon Valley regarding this very idea. Many of these companies, and specifically their employees, have issued statements opposing the establishment of a Muslim registry.

For example, neveragain.tech is an online petition created and signed by thousands of employees of tech organisations and companies based in the US “whose jobs including managing or processing data about people”. The signatories “are choosing to stand in solidarity with Muslim Americans, immigrants, and all people whose lives and livelihoods are threatened by the incoming administration’s proposed data collection policies. We refuse to build a database of people based on their Constitutionally-protected religious beliefs. We refuse to facilitate mass deportations of people the government believes to be undesirable”.

They claim to have educated themselves “on the history of threats like these, and on the roles that technology and technologists played in carrying them out”, promising to “stand together to say: not on our watch, and never again”.

But petitions and statements, such as neveragain.tech, are important, but ignore that these very companies have already created Muslim registries, in addition to registries of nearly every other aspect of identity that can be classified, from racial and ethnic to gender and sexual.

The problem therefore is that the proposed Muslim registry that some in Silicon Valley claim they will not build, already exists. And they built it. Every major Silicon Valley company – and in fact most major corporations in other industries too, including advertising, finance, banking, communications, medicine, and insurance – that tracks customers, which is most of them, already manage sophisticated and detailed identity registries.

There are also hundreds of specific data brokerage companies, such as Acxiom, whose business focuses on gathering, storing, and selling personal data. Personal data collected and stored through internet and Wi-Fi connections, searches, posts, updates, messages, emails, purchases, transactions, browsing, streaming, and countless other data points enable the personalised targeting of millions of individuals with increasing effectiveness and precision. This mammoth scale of personal data, coupled with continuously advancing data gathering and mining possibilities, mean that these companies already have powerful large-scale databases of millions of individually-identifiable consumers and clients.

As Bruce Schneier, a Harvard University cybersecurity expert, argues: “We’ve built the mechanism to enable a police state. We live in an era of surveillance capitalism. The notion that the government doesn’t have this data is a complete fantasy. All they have to get is a court order for Google to turn over a list of every Muslim, and who they are talking to.”

The proposed Muslim registry that some in Silicon Valley claim they will not build, already exists

Trump’s proposed Muslim registry, in other words, would not necessarily need to be established. The government could instead use the judicial system, hack, infiltrate, co-opt, or collaborate with these companies to access these rich databases. If the government wanted a Muslim registry, it would be relatively simple to gather the required personal data without needing to register anyone.

The marketing industry, for example, could quickly compile a detailed list of customers’ or clients’ identities, based on their personal data, within hours. According to Rob Shavell, a co-founder of the digital privacy company Abine: “I think they could have an audience of several million US citizens with a high propensity for the Islamic faith, as well as those who read Arabic, in 24 hours”. It would then be a relatively straightforward process to connect that personal data with telephone numbers, addresses, bank accounts, and other personally identifiable information.

Or, as another example, an Amnesty International report on Trump’s proposed Muslim registry describes how the data brokerage firm ExactData.com presented their researchers with “a quote to download data on 1,845,071 people listed as Muslim in the United States. For the price of $138,380, the website offers a database file containing more than 1.8 million individual names, addresses, cities, states and ZIP codes. Just 7.5 cents per person. ExactData.com boasts a total database of 200 million US contacts, which can be filtered by 450 terms. These include categories such as ‘religion’ and ‘ethnicity’, as well as personal information such as ‘household income’ and ‘vehicle make’”.

The same Amnesty International report illuminates how many companies sell and share personally identifiable information. It describes how their research on “Nextmark, a kind of clearing house for lists, contains several entries for ‘Muslim’, including lists from other data brokers such as Sprint Data Solutions and E-Tech. The much larger Experian, one of the biggest global data brokers offers ‘181 detailed ethnicities’ in its list catalogue, including the category ‘Islamic’, alongside 11 other religions.”

This personal data is what they openly offer. There is more data that they do not market but that is acquired and made available for purchase.

It can also be a red herring for some companies to reject involvement in a proposed Muslim registry. The data brokerage firm, Palantir, for instance claimed that it had not been asked to help create a Muslim registry and “would not do so if asked”. But, as Amnesty International highlights, the company, which was part of Trump’s presidential transition team, “has active multimillion dollar contracts with the US Immigration, Customs, and Enforcement Agency – including to operate and maintain a system for collating and analysing a vast bank of personal information drawn not only from government records, but also commercially available and open source data.”

The government consequently would only need to gain access to one, or a few, of these companies’ databases to access detailed personally identifiable information about Muslims or nearly anyone else in the US. This access would be further refined when combined with the government’s own immigration, security, and police databases.

The gathering and storing of this mammoth amount of personal data presents serious risks to individuals’ civil and human rights. It could be used by governments – and indeed by other actors including the corporations themselves, hackers, spies, criminals, or terrorists – to identify and target certain people or groups based on specific identity characteristics or features.

A proposed Muslim registry is therefore arguably a red herring. There is no need for one. Comprehensive and detailed identity databases already exist. Governments, corporations, and other actors already have access to the detailed, intimate, and minute aspects of our identities to do with as they will.

Marc Kosciejew is a lecturer and former head of department of Library Information and Archive Sciences at the University of Malta.

Advert
Comments not loading? We recommend using Google Chrome or Mozilla Firefox with javascript turned on.
Comments powered by Disqus  
Advert
Advert