Formalising Surveillance and Identity

Surveillance is a social phenomenon that is general and commonplace, employed by governments, companies and communities. Its ubiquity is due to technologies for gathering and processing data; its strong and obvious effects raise difficult social questions. We give a general definition of surveillance that captures the notion in diverse situations and we illustrate it with some disparate examples.A most important, if neglected,component idea is that of the identity of the people or objects observed. We propose a general definition of identifiers as data designed to specify the identity of an entity in some context or for some purpose. We examine the ways identifiers depend upon other identifiers and show the provenance of identifiers requires reductions between identifiers and a special idea of personal identifier. The theory is formalised mathematically. Finally, we reflect on the role of formal methods to give insights in sociological contexts.

💡 Research Summary

The paper tackles the pervasive phenomenon of surveillance by offering a unified, mathematically grounded definition and by focusing on the often‑overlooked component of identity. It begins with a broad description of surveillance as any systematic process of observing, recording, and analysing data about individuals or objects, a process now enabled by ubiquitous sensing, networking, and data‑processing technologies. The authors illustrate this definition with a range of examples—from government CCTV networks and biometric passport checks to corporate web‑tracking and community‑driven smart‑city sensors—showing that the same conceptual framework applies across vastly different contexts.

Central to the analysis is the notion of an identifier. An identifier is defined as a piece of data specifically designed to specify the identity of an entity within a given context or for a particular purpose. The paper argues that identifiers are not isolated tags but are often inter‑dependent, forming networks of reference. To capture this, the authors model the set of identifiers I together with a binary relation R⊆I×I that records dependency (i R j means identifier i depends on identifier j). When R is reflexive and transitive, the identifier system acquires a hierarchical structure, enabling clear provenance tracking.

The authors introduce the operation of “identifier reduction,” a formal mapping f : I₁ → I₂ that transforms a higher‑level identifier into a lower‑level one. Different properties of f (injective, surjective, bijective) correspond to different practical operations such as aggregation, anonymisation, or de‑identification. A special class, personal identifiers, receives extra constraints because of legal and ethical considerations. The paper formalises personal identifiers as those that satisfy both “identifiability” (the ability to single out an individual) and “identifiability‑restriction” (the ability to limit that identification under prescribed conditions).

Using set theory, function theory, and relational algebra, the authors prove several key theorems. One shows that if a collection of identifiers and reductions is closed under composition, the system can be extended modularly without losing consistency. Another establishes a “no‑cycle” condition that prevents circular dependencies, which could otherwise create paradoxical identification loops. A preservation theorem demonstrates that certain reductions can be performed without loss of essential identity information, providing a formal basis for privacy‑preserving transformations.

The final sections reflect on the sociological implications of this formalism. By making the structure of surveillance systems explicit, the model aids in assessing transparency, accountability, and the distribution of power. It also offers a quantitative language for policy debates about the trade‑off between data utility and privacy protection, allowing regulators to specify permissible reductions and to enforce constraints on personal identifiers. The authors conclude that formal methods, far from being purely abstract, can deliver concrete insights into the design, evaluation, and governance of surveillance technologies, thereby bridging the gap between technical design and social‑ethical scrutiny.