> Thinking through this example, I believe that it is a non-issue. The government, who are the ones with the most incentive to find such a whistleblower, already has all of this data (as well as the email contents) which is why any sensible person would not use their government account to send or receive incriminating emails. Revealing the header data to the public does not pose any additional risk save that there would be added resources devoted to analysis which could bring up an association that the government might otherwise have missed. To me, the benefits far outweigh this slight risk.
I wouldn't overstate the likelihood of government spying on the communications of users of its mail servers. Privacy laws protect civil servants from such spying. It doesn't make a difference that the government owns the servers on which the email is stored.
In Montreal, such a case of espionage has had significant political ramifications and has brought Quebec's anti-corruption unit down on the city. In this case, the Auditor General's email was read without authorization. The Auditor General, in performing his function, is in regular contact with whistleblowers within the city and until recently also received tips through Montreal’s whistleblower hotline. Disclosing details of his emails would have a chilling effect on whistleblowing activity. Like Clay Johnson, I could stand for more whistleblowing and less transparency: http://infovegan.com/2010/07/01/how-transparency-fails-and-works-too
Of course, such civil servants as the Auditor General could carry on their activities with private phones etc. but when you force this activity out of the domain of the normal work environment you send a strong social signal that this activity is not supported by the institution and encourages fear and uncertainty that really gets in the way of actually doing your job. I want my civil servants to be able to follow up on tips from whistleblowers without fear of retribution or disclosing sources. It is far from clear to me that the benefits outweigh the risks.
I think it would be hard to disentangle civil servants who were trying to do something useful from those trying to do something sleazy. �They could both be communicating with the same entity but for different reasons. �Also I see a lot of business cards from representatives of companies where the email address is gmail or yahoo etc. rather than an identifiable company.
But I do understand the beauty of the dream of following lines of influence and communication. �Even imperfect, it would be quite an interesting dataset to mine.
On Thu, Aug 18, 2011 at 1:24 PM, Bruce Atherton <call...@gmail.com> wrote:
Thanks for the story about Montreal's Auditor General. It is an interesting one, for sure.
Not to be too paranoid, but anyone who really wants to protect whistleblowers should probably insist that the communication infrastructure that supports them is completely isolated from the infrastructure of those they are blowing the whistle on. It is far too trivial to access email with no record of having done so for a large number of email systems. Resorting to the telephone is not a solution, either, since monitoring and storing conversations is easily done with many systems if you control the phone network. Relying on all the people within an organization to do the right thing by averting their eyes seems pretty risky to me.
On Thu, Aug 18, 2011 at 12:37 PM, James McKinney <oxford...@gmail.com> wrote:
On 2011-08-18, at 2:58 PM, Bruce Atherton wrote:I wouldn't overstate the likelihood of government spying on the communications of users of its mail servers. Privacy laws protect civil servants from such spying. It doesn't make a difference that the government owns the servers on which the email is stored.
Thinking through this example, I believe that it is a non-issue. The government, who are the ones with the most incentive to find such a whistleblower, already has all of this data (as well as the email contents) which is why any sensible person would not use their government account to send or receive incriminating emails. Revealing the header data to the public does not pose any additional risk save that there would be added resources devoted to analysis which could bring up an association that the government might otherwise have missed. To me, the benefits far outweigh this slight risk.
In Montreal, such a case of espionage has had significant political ramifications and has brought Quebec's anti-corruption unit down on the city. In this case, the Auditor General's email was read without authorization. The Auditor General, in performing his function, is in regular contact with whistleblowers within the city and until recently also received tips through Montreal�s whistleblower hotline. Disclosing details of his emails would have a chilling effect on whistleblowing activity. �Like Clay Johnson, I could stand for more whistleblowing and less transparency: http://infovegan.com/2010/07/01/how-transparency-fails-and-works-too
This is the beauty of data, it's not biased.
As I understand it, this data is almost all available under a costly FOI process if it is formally requested. The question then isn't one of 'should the public have this information' because they already have the info under FOI... but rather does having more efficient access to it (eg as a dataset under ogl) change the argument for FOI? Is this the big litmus test for FOI in an open-data world, and will it underscore the concept of proactive disclosure (that is government releasing data before it is requested under foi)
One of the advantages of the FOI system is indeed that the work of prepping a dataset is only done when it's requested. If the work is monumental, the FOI agents will often work with the requester to narrow down the data requested. In the case of sensitive datasets, proactive disclosure means that you have work to do all the time, whether or not anyone is interested in it. I think this is why proactive disclosure is limited to datasets that are not sensitive or easy to vet for privacy concerns, e.g. contracts, travel and hospitality expenses, grants and contributions, etc.
This is where opendata is so powerful. So one reporter puts out a
sensationalist story, and the data, being open and available to all,
allows the other N number of reporters to shred that persons
credibility. It could actually bring peer-review to journalism in that
case as more than one reporter would have access to the information.
>
> All FOI requests have to be passed through a process to eliminate
> privacy issues, don't they? An email with the subject line, "Welcome
> back from Rehab" has information that is none of our business. To vet
> every single email generated by government would seem like a
> monumental task.
I would hope that government officials are not communicating third-party
personal information via email (given the obvious security risks), and
as I understand it, part of the standard government process informs
civil servants their email will be monitored and used for FOI, etc. As
such, I think civil servants have largely already given up their rights
to privacy in official work email.
That said, I like herb's comment about getting the information going
forward... which would eliminate the 'but i didnt know' scenario, and
could re-iterate the public nature of government emails. That said, I
think essentially all civil servants realize that their email is
publicly accessible -- and if not, then that's a pretty major internal
communications issue.
Right now we have a system where journalists can get the information,
but where citizens, lacking the resources to file foi requests broadly,
have a lot harder time accessing this information. Further, the research
angle as Herb alludes to is essentially impossible in the FOI sphere.
Essentially, the data's already published, the people involved are
already aware of the public nature of the email and we're not asking for
contents, simply subjects, which at least in my mind, seems a reasonable
intrusion given the obvious benefits of such information.
--
Kevin