We have recently realized with the Edward Snowden case that security organizations have been using a gigantic set of data about our lives without any restriction.

I guess I saw it in an Australian paper the other day. Australia is a weird place; it has no interest in the rest of the world. Australian papers are like Turkish ones; it is impossible to find anything about the world on the front page. They have other interesting stuff, though. According to one article, you can follow on Twitter where sharks are. In other words, Australian sharks are now on Twitter!

The headline made me curious, so I read on. Government researchers have tagged 320 sharks with signal transmitters. The data on the location of tagged sharks is delivered to a center. The message pings a computer, which posts a warning tweet that includes the type of the shark, alert time, and the exact location. We are already done with monitoring humans and now it is time for sharks. Aren’t you stunned by the level of detail of the data compiled? Aren’t you uncomfortable that so much information is being collected somewhere? Don’t you wonder who has access to all of this information? If not, I think you should start doing so. Because the draft law on the protection of personal data has yet to be codified. Indeed, the issue has not even been discussed thoroughly in Turkey. Since the law on personal data protection is waiting for codification in the Parliament, let me stress once again the particularities of the current era.

We have recently realized with the Edward Snowden case that security organizations have been using a gigantic set of data about our lives without any restriction. Though it is just a part of the story, it is important concerning outcomes. So, here is the question: Should security forces be entitled without any restriction to analyze data not necessarily related to an investigation with an aim to compile otherwise unknown information? We hear that information obtained via phone-tapping is associated with specific investigations. So, is it legitimate to monitor personal data completely independent of any investigation? These were the popular questions the world started to ask after the Snowden case. The issue also mattered for the evolution of the legal framework on Internet policies. At the stage at which we have arrived, we can say that there is a very long way to go.

Last month two different judges in the US gave two entirely different decisions on this question, which surfaced with the Snowden case. First, a judge from Washington issued a decision on 16 December that the collection of personal data with undefined restrictions and purpose for analysis for security purposes is unconstitutional. Two weeks later, another US judge from New York ruled that the collection of personal data by security units for analysis without any limits and the relevant metadata program is lawful. His reasoning was linked directly to a Saudi jihadist working for Al Qaida. According to this, the Islamist terrorist Khalid Al Mihdar, who died during the Pentagon attack, had made seven calls to Yemen while he was in San Diego prior to the attacks. The security units were not able to identify the location from which the calls were made as they did not collect all phone data. Lacking the information they have today, they were unable to prevent the Pentagon attack, which killed many citizens. That’s why the second judge decided that the repetitive analysis of bulk data collected via metadata programs was useful and lawful with respect to the antiterrorist regulations.

No surprises here: first, just like the industrial revolution caused a systematic release of waste, the IT revolution is causing a systematic generation of data. Second, it has become much cheaper to store data. Third, processing and analyzing the data has become much easier and relevant algorithms continue to advance. Fourth, knowing that bulk data is stored somewhere necessarily makes access easier. Fifth, everyone knows that when you have access to the data, you have access to a gigantic treasure of human behavior. The only missing part is that the legal framework is not yet in step with this new era. The legal dimension is just emerging.

How about Turkey? We have barely entered the Neolithic age. Lacking the relevant regulations, activities related to areas not mentioned in the legal system of continental Europe, of which Turkey is a part, automatically become illicit. As a result Turkey trails behind in the field of innovations. But who cares, right? I sometimes think that billions of dollars Turkey blows on the promotions of innovations are done for show only.

This commentary was published in Radikal daily on 07.01.2014