Sunday, March 1, 2015

Citizen Four and Preservation

Last night I watched Citizenfour, a documentary about Edward Snowden and Glenn Greenwald. Others play a role in the story but those are the two main "characters". I'm going to presume that anyone reading this has a pretty good idea what the story is about.

I found it to be a discouraging and disheartening story - or rather a story filled with discouraging and disheartening information. Shortly after watching it, however, I began to ask myself "What preservation lessons might be learned from all this?" (I'm a little embarrassed that I ask this question in so many different contexts. I feel like a man with a single thought who needs to bring everything back to preservation. But if that's who I am I guess I should run with it.)

Two things that came to mind after this film were our decisions of what to preserve, and where to preserve it.

It seems to me that within our increasingly digital context the default approach to records and information is to keep it, even if only through neglect. Adding more file cabinets to take on more files can cause us to reconsider how much we are keeping, whereas decisions to buy a bigger hard drive, or using cloud-based storage are easily made. The apparent ease of keeping data reduces our felt need to decide what to keep, and more importantly, to decide what to dispose of.

But when do we consider if the convenience and ease of retaining this data is less significant than the potential threat of its misuse or use against your interests?

Libraries took the lead on this in response to the Patriot Act by assuring that their systems did not retain records of patron transaction histories. There could be value in retaining those records, like proving more personalized experience for patrons, but the principle of patron privacy is deemed to be more valuable.

It seems an important question to ask if the value of preserving information is greater than the potential harm or violation that could be done with that information? Is the convenience of preserving your various passwords on a post-it attached to your monitor of greater value than the risk of someone finding and using those passwords for malicious purposes? Do we keep things because it is easy and convenient, or do we keep them because we need to?

Related to choosing what to preserve - and what not to preserve - is the choice of where to preserve it and related security questions. After viewing this film, it is hard for me to think anything other than if you don't want the NSA (and who knows who else) to be able to access your files, don't store them with a cloud-based provider. It's really hard to know where in a networked environment your data is not vulnerable to intrusion.

A significant part of preservation is providing security from threats, and while there is no way to avoid all threats it is important to know and understand your security vulnerabilities. It would be a sad conclusion if the only way to mitigate the risk of security vulnerability was through self-censorship. There is not preserving what you don’t need, but there can also be not preserving what you do need, because the risk of unwanted discovery is too great.

It was a striking closing scene in the movie to see Snowden and Greenwald in a room communicating with a few spoken words, but mostly hand-written notes - which were then shredded. Information was shared between then in a way that had the least vulnerability to interception.

I fully acknowledge, I do not write these things as a very informed voice. And my desire is not to be alarmist or paranoid. My simple goals are to be more aware of the ramifications of my preservation decisions; and to be more aware of what I value.

No comments:

Post a Comment