Government photograph databases form the basis of any police facial recognition system. They’re not very good today, but they’ll only get better. But the government no longer needs to collect photographs. Experiments demonstrate that the Facebook database of tagged photographs is surprisingly effective at identifying people. As more places follow Disney’s lead in fingerprinting people at its theme parks, the government will be able to use that to identify people as well.

In a few years, the whole notion of a government-issued ID will seem quaint. Among facial recognition, the unique signature from your smart phone, the RFID chips in your clothing and other items you own, and whatever new technologies that will broadcast your identity, no one will have to ask to see ID. When you walk into a store, they’ll already know who you are. When you interact with a policeman, she’ll already have your personal information displayed on her Internet-enabled glasses.

Soon, governments won’t have to bother collecting personal data. We’re willingly giving it to a vast network of for-profit data collectors, and they’re more than happy to pass it on to the government without our knowledge or consent.

Bruce Schneider, “The Public/Private Surveillance Partnership”

It’s the ability for government to prospectively combine public and private data that makes American laws such as CISPA, which would permit the disclosure of private information to public bodies without absent warrant requirements, so significant. Privacy legislation serves as a necessary friction to delay, limit, and prevent governments from accessing citizens’ and resident aliens’ personal information unless such access is absolutely necessary: we need to strengthen such laws to preserve basic democratic freedoms, not weaken or erode them.