Mobile devices and apps are an integral part of modern life. However, user data may not be so private.
By John Pennington, Edited by Isabel Yeo
With CCTVs in the street and traffic cameras on the road, we are used to state surveillance in public. However, the state now has the potential to store, analyse, and interpret our private data each time we use our mobile devices. What the state does with our data depends on where we live.
Data privacy laws vary across countries
In some areas of the world, like the US and parts of Europe, it is illegal for the state to use private data for state surveillance routinely. However, in Asia, the concept of data privacy is very different.
In general terms, the more authoritarian the state, the broader the data localisation rules are. Data localisation rules are those that govern storage, movement and processing of data and limit those actions to specific locations. The broadest scope includes allowing the state access to all user data. One example of such a wide range is Cambodia, where the government asserts the right to access user data if it feels it has a legitimate interest in doing so.
Singapore also has broad localisation rules. According to some analysts, Singaporeans “accept” government surveillance because they do not believe the government is misusing it. The government – never shy about technological advancements – is using data to create a “Smart Nation” rather than spy on its citizens every move.
On the other hand, EU law mandates that individuals own their data. The state is not allowed to access or use private data without express permission. Indeed, it is responsible for protecting the user’s privacy.
In China, the recently enacted cybersecurity law is deliberately ambiguous. It regulates all information technology networks but enables the government to control the operations of internet-based companies in the country. However, it does not strictly define what “critical information infrastructure” is or who “network operators” are. Therefore, it seems likely that the state has the power to store and access the data it wants.
“There is little to prevent security authorities from interpreting the law as providing expansive access to private information, trade secrets, intellectual property, or internal business communications,” the American Chamber of Commerce in China wrote.
China, in particular, is getting its way with its citizens and with foreign companies
The sheer number of people in China with access to mobile devices makes it a highly attractive market for businesses operating via digital platforms. Consequently, transnational corporations such as Airbnb, Apple, Evernote, LinkedIn, and Uber have complied with China’s laws. They now store Chinese user data on Chinese servers.
“The line between private companies and state institutions is often quite blurred,” Human Rights Watch’s Maya Wang argues. “In theory, there are protections on citizens’ data, but in practice, there are no controls about how this data may be used,” she says.
China wants to use big data to build a social credit rating
One of China’s government’s ambitions is to create a social credit rating linked to everything their citizens do. Alipay operates one of the pilot schemes – Sesame – where the users’ purchases are used to calculate a “credit score”. A high score enables users to access benefits, such as discounts.
The full system would include a wider range of data such as tax returns, credit checks and driving penalties. Consequently, punishments as well as rewards would be given. The system has already been trialled in some cities and could be rolled out across the country by 2020. However, experts have expressed concerns about the proposed social credit system.
“For international companies operating in China, the social credit system poses significant challenges,” said Mirjam Meissner from Berlin’s Mercator Institute for China Studies. “They will probably be fully integrated into the system’s mechanisms and could see their freedom of decision-making in China significantly constrained,” she added.
One missed rent payment could have dramatic ramifications in other unrelated areas of a citizen’s life. Critics have called the proposed system “Orwellian”, implying the government will use it to increase their control over the population. Officials have defended the system as one that enables “the trustworthy to roam everywhere under heaven while making it hard for the discredited to take a single step.”
China also uses data for political purposes
China also has a track record of spying on its citizens. There, the internet and surveillance go together. The state is already using data from mobile usage to keep an eye on what its citizens are doing.
Tracked WeChat conversations may have led to the arrests of two Taiwanese activists. In Guiyang, police use data to track the movements of migrant workers. China already monitors domestic social media chatter, and there is talk about the future creation of a political ideology database.
The rise of surveillance is only likely to continue
Mobile phone and mobile app usage are increasing. As a result, the amount of user data is growing. In this case, more data would allow governments to make better analyses and spot trends quickly. State surveillance will potentially become more efficient and more invasive.
Downloadable apps that encrypt data to circumvent state surveillance will not always work. For example, China bans anti-surveillance apps like the Onion browser.
Surveillance per se is not necessarily a bad thing. Positive applications include combating terrorism and crime. Pro-active state monitoring can increase safety and provide assurance. The purpose of national surveillance varies from state to state.
Surveillance is merely a tool and is not inherently an act that is right or wrong. How governments use it makes all the difference.