Only yesterday Austin Gatt and two of his sidekicks were busy presenting a White Paper that was almost being hailed as a quantum leap in the state of digital rights on the island. Essentially Gatt, IT Claudio and Arriva Delia were promoting a suggested new constitutional provision that would enshrine the digital rights of every Maltese citizen – the digital right amendment. Kudos to all this sci-fi and all that but J’accuse’s feet remain firmly entrenched in the “if it ain’t broke don’t fix it” approach to legislation and we will not be easily impressed by the special effects of a proposed provision.
Not too far from the realm of digital rights is the issue of data and its protection. We do not need new rights to be enacted for that – we already have a snazzy Data Protection Act. The basic principles of this act are quite easy to grasp. Consider first of all that data is any information related to an identified or identifiable person. You then have the principle that in order to gather “data” that is yours or that identifies you, the potential gatherer (or “controller”) requires your permission. Once he has obtained that permission he can only use it for a specific purpose and for that purpose only.
Why am I saying all this? Well. Here’s the thing. I decided that it is high time I should log onto mychoice.pn and subscribe to updates so that I would be able to analyse what everyone else seems to be receiving. I proceeded to the lovely page and was asked to register. I gave the page my real name and my real surname as well as my email address (there’s always the spam folder). I did not wish to give the PN a remote chance of having my mobile number so I input what I believed to be a credible but phoney mobile number. No probs there.
Then came the ID Card business. I figured that if I subtract one from the progressive number allocated to me when I was registered I would come up with a credible ID card – not mine but credible enough… so if for example my ID was 500075 – the 5000th registered kid in 1975 then all I had to do was input 499975 and hey presto mychoice.pn would let me in.
Let me in my digital rights arse! Imagine my surprise when the validation system on mychoice.pn told informed me that the ID card number input does not match the name or surname provided. Wow. Let’s see what happened there. Essentially the ID number was checked against a database that mychoice.pn OBVIOUSLY has and the validation process checks whether the ID card corresponds to the right name and surname. Lovely. I was never asked by the site whether I acquiesced to the use of my ID number and name (the only box to be ticked is the one were you accept to recieve PBO’s updates). So mychoice.pn is in possession of a database (little need to guess that they are using the electoral register) that contains MY INFORMATION and are actively using it for data processing WITHOUT MY CONSENT. Without your consent either.
So what? I hear you say. Don’t we all know that political parties regularly use the electoral register in their day to day meddling. Sure. But they are definitely going out on a limb here and stretching the rubbish exception that they planted in the Data Protection Act to an incredible extreme. In any case, whether or not they manage to find some loophole to the Data Protection Act in this case what does this really say about the ever so grand initiative of DIGITAL RIGHTS and the white paper?
You’re right. Digital rights? They don’t give a rat’s arse. So much for all the high falutin’ consultation process.