People who defend today’s mass surveillance tend to claim that the collected data on everybody’s private communications and movements won’t be abused. History tells us that they are horribly and dangerously wrong: the most benign data collections have been used for outright genocide. We need to learn from history and realize that such collected data not only can be abused, but will be abused, with mathematical certainty.

With the risk of invoking Godwin’s Law, I’d like to tell a story from early last century, when the collecting of private data was far less intrusive. This story illustrates the dangers of collecting private data with horrible precision. More specifically, the data point is from when the Netherlands included people’s religion as part of the public population records.

It could be trivially observed that somebody’s faith, while still private, is several orders of magnitude less sensitive than somebody’s complete communications, movement, search, and browsing history. But this data was still private – what was the justification at the time for asking people for their faith in order to include it in the public records?

Urban planning.

Not national security, not any “war on terror”, no pedophile scare, not propping up an obsolete copyright industry or anything like that. The citizen wasn’t an enemy in this case.

It was as simple as making sure that city planning met the needs of the citizens by having a somewhat proportional distribution of synagogues, Catholic churches, and Protestant churches that matched the density of respective faiths and the locations of where the people wanted them lived. It was the most benign reason imaginable for collecting private data – and it wasn’t even collected forcibly.

What happened next is in the history books. World War II came around. The Netherlands were swiftly invaded by Germany, who had a profound dislike at the time for one of the faiths listed in the public records.

There were almost no Jews at all in the Netherlands after World War II.

Having this private data collected made the German genocide campaign horribly effective in the Netherlands – and we need to remember that this was data we don’t typically consider sensitive, which had been collected for a clearly benign purpose. How can today’s collected data be abused? It’s useful to consider that question now, because it will.

According to Wikipedia, less than 10% of the Dutch Jews survived (14,346, compared to an earlier population of 154,887). As it turns out, it was very convenient for the… new “administration”… to have access to the collected data, and it was indeed used against the citizens, as it always is in the end.

Since no private surveillance data is ever deleted, and there is a nonzero chance of that data being horribly abused, then it will be abused, with mathematical certainty.

(No private surveillance data is ever deleted. Even if the records are “purged”, there are always backups of the database, and such backups have been brought out on occasion. Besides, even if governmental agencies claim that a piece of data has been deleted, there is no way to verify such a claim. The only way to make sure it’s not there is to not have it collected in the first place.)

Governmental agencies now have pretty much complete access to records of how you have walked and driven about the city, your flight records, your call records, your Internet browsing habits. If somebody’s mere religion can be abused to this degree, and we need to remember that it was, how can today’s surveillance be abused?

Privacy remains your own responsibility. No government is on their citizens’ side today.