Tedd McHenry writes in with some creative musing on an idea that would allow even the most extreme privacy fetishist to harness a splendid cost minimizing technology whilst keeping the user shielded from intrusive data mining. With apologies to John Donne for the editor imposed title.
This idea was inspired by Highway 407 in Toronto, Canada, which is a toll highway. I do not know if it is privately managed, but it could be. I am very interested in both toll roads and private roads, which have been discussed before on samizdata.net. Highway 407 solves the toll-collection problem with two technologies. When a car enters and leaves highway 407 its licence plate is photographed, and that information is used to bill the owner for the distance traveled on the highway. Regular users can get a subscription wherein they mount a transponder on their car, which makes billing easier (and gives them a discount). Both of these technologies make toll roads much more viable by making toll collection cheaper and easier. But they both entail a very serious compromise of privacy, in that someone collects information on where and when your car travels.
The solution that occurred to me was to have, for lack of a better name, a privacy agent through which a car owner could subscribe to the highway. The transponder would be registered to the agent, and the agent would collect from the car owner. There would be no way for the bill to be tied to any actual person or vehicle.
Then it occurred to me that this system could be generalized for any service. You could interact with governments and markets through your privacy agent, much as subscribers to anonymizer.com interact with the web. Privacy agents could provide credit and debit card services allowing you to buy any product or service anonymously. Where a service requires identification (name, social insurance number, etc.) you would simply provide your privacy agent account number (and a PIN, to prevent fraud). Your public identity would be somewhat like a corporation, but with a reversal: whereas a corporation limits the liability of its owner but must publicly declare who he is, this body would not limit the liability of its owner but would also not publicly declare who he is.
There must be some holes in this plan, other than the obvious difficulty of selling it to politicians, but I am not coming up with them on my own. Any thoughts?
Tedd McHenry, Surrey, BC, Canada
That is an outstanding way to have our cake (convenience) and eat it too (privacy)! Ask and the market shall provide.
Of course there is little chance that many politcians will sit still for such a splendid idea such as this as it would prevent your data being accessed by anything less than a court order.
Agreed! This is a good idea.
Perhaps there is some relevant prior art in internet encrypting-anonymizers?
Sounds to me like the old first-generation anonymous mail forwarders. Works perfectly, until someone subpoenas the customer list, or just plain writes the law so that the “anonymizer” has to “escrow” a copy of everything with the cops.
Regarding the tolling scheme used on the highway, ISTM that if this were implemented as a means of tolling on roads right across the country/world, then there’ll be some market opportunities for false number plate manufacturers to exploit… 😉
As for the proposal, I’d be surprised if it lasted more than 5 minutes before the govt decided that it had the right to collect the customer lists from the privacy agents at will, or required agents to provide copies to the govt, just as Julian Morrison suggests.
The question is could an automated road tolling scheme be anonymous/private? If all data is automatically destroyed once billing is completed, and the data used to compute the toll is destroyed once the toll has been worked out then yes, but how’d we ensure that?
I live in Ontario, drive though Toronto; past the 407 all the time. First I don’t drive on it. Second I never will. Third it was supposed to be owned by the public and be a toll system similar to 80-90 in the US. It was sold off to private investors to pay for the huge debt that the provincial government owed, at a fraction of what it was really worth. Thanks for pillaging me again!
Next, there have been so many times that people have been falsely billed for the service that it’s not funny. The corporation that runs it has more power then the government including the ability to suspend your drivers license on the idea that you haven’t paid your bill. Oh did I mention that you have 10 days to pay or you might end up driving without a license? And you’ll never know until the cops pull you over. Great system isn’t it?
While it might seem like a good idea, I trust no company with my personal data. There are plenty of rumors that have gone around that these guys have sold personal information regarding who and what drives on the highway, I don’t trust the governement to keep it private either.
I would predict an instant Order in Council or similar administrative fiat, bringing such “privacy agents” within the orbit of the RIP Act just like ISPs. There is no way the State would tolerate genuine anonymity.
Mashiki – that’s pretty horrifying!
James Hammerton and Tony H – What if such a company were registered offshore? The British government would have no jurisdiction over it.
An idea for a business opportunity just ocured to me:
Put up a camera along some public roads, register all cars’ license plates, and sell the data to anybody interested such as cops, private detectives, government etc.
The idea is that once a persons steps into the public domain (physically or electronically) he gives up some of his rights of privacy, and cannot complain if he is beeing watched. I think it is not an infringment of one’s rights if your license plates are recorded somewhere, the question is – what is done to you – are you in any way harassed by it.
If you don’t like the toll road – don’t use it. It’s operator will have to find ways of making it attractive to the customers.
There is nothing wrong, in principle, with electronic toll collection.
James Hammerton asks, “could an automated road tolling scheme be anonymous/private?”
I was about to suggest an amazing scheme that worked the way pay as you go mobile phones do (or at least did) – with vouchers that you pay for in cash to top up your account. Then I realised that the problem is what to about people who don’t pay. You end up trying to identify them with their number plates which gets us back where we started.
It seems to me the only anonymous solution would be a physical barrier that stops you from getting onto certain roads unless your account is good. Perhaps some spikes that pop up with a red light as a warning!
What if such a company were registered offshore? The British government would have no jurisdiction over it.
It could forbid the company from doing business in the UK unless it played ball with the government. It could also forbid UK subjects from doing business with the privacy company. For their own good, of course.
As I don’t live there, my only goal in passing through Toronto, is getting out of Toronto. I don’t mind paying tolls for convenience, but 407 is useless.
What bleeping use is a toll road that only goes half-way through the city?
Interesting thread. I’m a database guy by trade, so am well aware of the realities involved. In a nutshell, the threats to your privacy are very real, but the incompetence of most bureuacracies to maintain their information properly is by far your best defense to date. And will be for some time yet.
In any event, the original agent idea raises a possibility: using your own legal counsel as the agent. I presume this is possible? And that the relationship and its associated particulars would then be privileged?
There are many simple solutions to these concerns.
Swap your car, your cell phone and your credit cards with some friend or family member. Do it frequently, with different persons. People trying to track you will get confused fery fast. You are left with the problem of sorting out the bills, but it can be done.
I am a awyer in the Toronto area.
The outcry against allowing a private entity to suspend your driver’s licence for alleged non-payment raised such a (warning: technical legal term) shitstorm that the Ontario government changed the Act!
The 407 Highway corp’s billing methods (and extortionate rates) leave a lot to be desired. The penalty for failing to pay on time is quite likely at an illegal criminal interest rate! I will not ever use the highway again. My petty retribution was to pay *almost* all of the bill including the penalty fee (it was $25 on a late invoice of $8.12!)…I still owe $0.91. I figure it costs them that to send me a bill every month!
Regarding using your lawyer as your agent, the problem would be that facts are not privileged, only communications with the client. The transactions in a lawyer’s trust account are not privileged, so they would be available under the usual subpoena powers, (or for that matter during examination for discovery).
This does not mean however that the use of an anonymous agent is impossible. It would need some technological trickery if the capability does not already exist, but I suspect that the transponders can already be disabled remotely. If you want to be anonymous you ‘buy’ a pre-paid transponder…with cash. When that runs out, it is disabled. And then the 407 then uses your licence plate….so it would behoove you to keep the transponder paid up.
(This might require the agent to, in effect, clone a ‘real’ transponder (which they hold) and add some extra capabilities…This makes the ‘legality’ extremely murky..but not necessarily impossible.)
Note BTW, that even if you have a transponder, the system still takes your licence plate picture. No idea how long those are kept..
Geoff
Thank you everyone for your insightful comments. It’s just the sort of discussion I’d hoped would result from my post.
Mashiki:
The action you described–taking away your license for not paying your toll–is a violation of the Constititution of Canada and that opinion was upheld by a Supreme Court decision just a few years ago. In essence, the court said that your right of mobility means your driver’s license can only be taken away for incompetence, not for any “administrative purpose.” Sorry, I’ve lost the case title.
Yellow Pages:
Yes, I believe you could use a solicitor for the purposes I described. You might have to give him or her power of attorney. I suspect that sort of thing is done all the time by people who can afford it. My idea of a “privacy agent” is to bring this service down to everyday affordability, like a notary public.
All:
I want to be clear that I’m in no way proposing or advocating a method for avoiding the toll. Quite the opposite. My intent was to imagine a system under which the toll collector had the same rights and expectation of exercising those rights as he does today, but without the unnecessary information about who goes where, when.
I also hold no illusions about the government allowing this process to go ahead “unchecked.” But I hope that it could put some limits, or at least restrictions, on the kinds of situations in which they would legally have access to the information. Also, I think such a system would be useful for keeping the information out of the hands of people other than the government.
One thing I find very interesting about the whole question of identity and privacy is who a person fears. Some people are afraid of what private interests will do with their information. Others are more afraid of the government. And some are afraid of both equally. For what it’s worth, I think I’m more afraid of how the government uses information about me. Their monopoly on the legal use of force (where I live) makes them a much more formidable opponent, to me.