Surveillance Britain

By noting when and where these dots collect, security staff can be directed to places where pickpockets are most likely to strike, for instance.

By discovering which areas of a shopping centre are generally more popular, cleaning staff can be better deployed, too.

One criticism of systems like this is that if it were hacked, one could positively identify individuals without their knowledge or consent.

It’s something the developers of Footpath have taken into consideration in the design of their technology. All phone IDs are automatically scrambled before use.

"Even if someone managed to break into our database they would not be able to match up our datasets with those held by the network operators," said the company.

Phorm and function
In 1970, Professor Douglas was also concerned about the data a state might collect on its citizens, the quality of that data and how it would be used: " Who, even today, has such trust in the willingness and ability of Parliament to check the power of the Executive, let alone defend the individual’s right to fight the system if he believes it wrong?" he wrote. "And what about the data on which all this would be based; how do we ensure that what is in the system is correct? We might not even know it is there."

Today, when someone does store data that identifies you, in all but the interests of national security you are entitled by law to access it and, where it’s wrong, to have it put right. This includes data held by private companies, public authorities, government departments, local authorities, hospitals, schools and even police forces. You can find out how to do so at the website of the Information Commissioner’s Office.

But it’s not just official snooping that Professor Douglas would have been worried about. There is also the problem of private companies gathering and holding personal data, which is used in what people think to be an inappropriate manner.

This is where the power of the Information Commissioner (Richard Thomas) really begins to show itself on our behalf.

“Phorm is striving to create a new, more responsive, intuitive kind of internet experience,” said the company’s website. However, when it hooked up with BT, Virgin Media and Carphone Warehouse to test its targeted advertisement serving technology in 2007, the implied secret nature of the trials caused a minor scandal. Customers were unhappy that their surfing habits had been monitored without their knowledge and the press had a field day.

When the trial was uncovered, BT said: “We conducted a very small-scale technical test of a prototype advertising platform on one exchange in June 2007. The test was specifically conducted to evaluate the functional and technical performance of the platform. Absolutely no personally identifiable information was processed, stored or disclosed during this trial. As with all service providers, it is important for BT to ensure that, before any potential new technologies are employed, they are robust and fit for purpose.”

Following considerable concern from the public, the Information Commissioner stepped in to investigate. The Commissioner’s office said in a statement: “Regulation 7 of the EU Privacy and Electronic Communications Directive will require the ISP to get the consent of users to the use of their traffic data for any value-added services. This strongly supports the view that Phorm products will have to operate on an opt-in basis to use traffic data as part of the process of returning relevant targeted marketing to internet users.” In future, surfers will have to agree to Phorm’s snooping.

The Information Commissioner also has the power to raid a company or other organisation for serious breaches of the Data Protection Act. One such raid took place on The Consulting Association in March. The Association, based in Droitwich, held data on 3,213 construction industry workers and building firms paid a yearly subscription to gain access to this data.

An enforcement notice served by the Information Commissioner ordered Ian Kerr, the owner of The Consulting Association, to close his business. He is also being prosecuted by the Commissioner’s office. The enforcement notice itself is very revealing, highlighting the findings of the raid, in which detailed data going back over 30 years was discovered, along with invoices for service subscriptions and data searches.