Although maybe useful, the important is not to be able to retrieve your data. After all, if your pictures are on Facebook, they were previously on your computer / camera / whatever. So you should already have them (and Facebook sends them to you in a zip file? what a feature!). Unless Facebook allows you to also download data about you but uploaded by others; this is a bit more interesting from a sociological / academic point of view (what has been posted about you). And then? A “big” step towards interoperability between social websites? Are you joking? For interoperability, you need 2 partners and, to my knowledge, no other websites (social or not) are currently offering the possibility to upload data from Facebook. Will it arrive? I’m sure of it. Is it secure? I doubt it: nothing is 100% secure in IT, Facebook is no exception. But this is still not important!

The important thing would have been to have total control on your data. The ability to post data. The ability to effectively remove data (Facebook policy explicitely states nothing is necessarily physically erased, not even your account if you decide to close it!). The ability to remove data about you posted by others. The ability to control data posted about your children. The ability to have real privacy.

So, why do I blog this? I don’t really get why people are so excited about this feature. Oxford building a new library [1, 2], why and how, this has nothing to do with the topic of this post but this is news!

Photo credit: Bodleian Library: Divinity School by Beth Hoffmann on Flickr (CC-by-nc-sa)

One doesn’t get much more than these numbers: nothing about the number of hours spent listening, nothing about the percentage of effectiveness/results, nothing about internet eavesdropping (e-mail e.g.). One thing struck me: all requests for eavesdropping were accepted. Or, at least that what the Minister implied when he wrote “there is no distinction between the number of requests and the number of effective eavesdropping”.

Comparison between an actual photo of the British Museum Great Court (left, by Guillermo Viciano, under CC-by-sa) and the cover of the Belgian State Security Report 2008 (right)

Then I saw it’s only a light version for the web, not the full version. I had a look at the Justice website and the Security web page but I couldn’t find the original version (if you have the full version, I’m interested).

The report summarizes all the activities done by the Security in 2008, including the groups, countries and activities watched, a report on the cases where it was involved (Belliraj, Benali, Trabelsi cases, a.o.) and a broad view of what they did to check people background, protect some others and check various accreditations.

The most interesting part for me, however, was a short description of a bill about data collection methods by the Security. This bill was submitted to the Belgian Senate in December 2008 and was recently adopted (the full text is here, in French). It’s now submitted to the Belgian king for signature.

Briefly, this bill modifies an existing law from 1998 and, among other things, tells apart ordinary data collection methods from specific (articles 18/7 and 18/8) and exceptional ones (articles starting from 18/9). As expected, the bill allows the use of techniques to intercept and read private communications between persons. The bill also allows entering into computer systems, removing protections, installing spyware, decrypting and collecting data (but it does not allow their destruction).

All these methods are controlled post hoc by two different bodies, an ad hoc administrative commission composed of magistrates (renewed each year by the king following a suggestion by the government) and a permanent “R” committee. Specific and exceptional methods needs to be approved first by the administrative commission but there is always the possibility for the Security hierarchy to bypass this and send a written notice to the commission later on. How many times can this last step be forgotten?

Although it’s nice to have the reference to the bill and be able to look for it on the internet, I would have liked to see some statistics about how many times these specific and exceptional measures were applied, how many times they were refused by the administrative commission, how many times the hierarchy allowed a mission and informed the commission later on, etc. in the same way they proudly show graphs of the number of hours spent protecting VIPs. I know details are protected by secret but it would still have been nice to have an idea on how often these methods are used.

Now you can watch people on the Bruxelles Grand Place and watch what is interesting for people operating the webcam …

The database already appeared a royal decree. This decree states that the police can store a bunch of sensitive data about certain categories of Belgian citizens since they are 14-years-old.
These include information on about family ties, consumption habits, ethnicity, physical and mental health, political and religious beliefs, membership of trade unions and political parties and suspicions of criminal offenses.

…

So what can we do about it? Human rights organisations as well as members of the Parliament (La Chambre, look for “P0499″) questioned the Minister of Justice, Jo Vandeurzen. He agreed that there should be both internal and external controls on what is inserted, who have access to the data, who can check the data and the access, … He promised the “Committee P“, the privacy committee and a supervisory body headed by a magistrate will be consulted. Let’s see …