I had to open a new personal e-mail account recently, an action one rarely does these days. A long time has gone by since I signed up for my previous one. I was shocked at the harsh reality of privacy violations. When syncing the new e-mail account in my smartphone, the mail exchange app wanted access to a massive amount of my personal information, literally every piece of data there was on my phone, including my gender, my image files and of course my contacts: e-mails and phone numbers, among many other things. Why on earth would an e-mail app need to know my gender or have access to the images on my smartphone? Of course, I was politely reassured in a brief sentence that I could change these privacy settings at any given time after I had completed the registration process.

This is the surveillance society and it has not yet reached it’s climax. When Timo Toots, one of the most prominent young Estonian artists working in media art, created his “Memopol” precursor in 2009, the world was a different place. Memopol clearly shows that the Orwellian surveillance society has exceeded all expectations, and we still don’t realise how dangerous it is. Among many other media art projects, Timo Toots has also been active in a number of socially engaging projects, and has organised residencies and workshops. However, the series of “Memopol” machines have stood out the most over the years, and have also won him one of the most important media art awards in Europe: the Ars Electronica grand prix for interactive arts in 2012. “Memopol” has been exhibited eight times all over Europe.

Experience Surveillance

The story of “Memopol” started in 2009, when Timo Toots created his first and smallest data machine, based on the info accessible via the Estonian electronic ID card; it was called “Hall of Fame” and it was in the format of a small billboard with data projected onto it. It was innocent looking and a fun game that carried a warning message: the threat to our privacy has never been greater. However, it seems that even then only a few people valued their privacy.

“Memopol I” (2010)  and “Memopol II” (2011) were decidedly different in design from their precursor. Also based on the electronic Estonian ID card or passport scan, “Memopol” was now based on a spatial, theatrical experience. The environment is a dark room, and the interface machine itself is a wall-to-wall oversized electronic board in black and red, which creates an experience of doubt. It generates second thoughts, which is never the case in our everyday lives when we give out private information to unknown third parties. The carefully orchestrated “Memopol” experience had two important moments. First, there was the moment of hesitation of whether or not to insert one’s personal ID card into an unknown machine. Secondly, there was the awe moment when the machine started to collect and present all of the possible information available about that person online and in different databases, accompanied by flashing lights and a soundtrack.

There was nothing innocent about the data-collecting machine, as opposed to regular ID cards and smartphone applications that operate so pleasantly that we don’t even think about the fact that we are giving access to our private information. “Memopol”, however, forces an individual to actually think twice about whether s/he really wants to step in. Surveillance in this instance becomes almost physically real. The visitor is made to experience the surveillance of their private data, as opposed to in the real world, where great efforts are made by governments and other agents hungry for our personal information to mask the extent of their grasp on our personal information. While visitors to “Memopol II” in 2011 at least hesitated before inserting their ID cards into the big-dark-scary machine, since then we have become even more numb to giving out our private data without hesitation. It is not “Memopol” but society that has fundamentally changed, and very fast.

Thus it was time for “Memopol” to evolve again to meet the prevailing level of numbness and raise the bar, its data collection has grown exponentially, and so has the installation itself. “Memopol-3” is a more immersive piece of social and interactive art; it is also more insolent and intrusive in terms of the scale and depth of private data collection. “Memopol-3” tracks and mimics the actions of many multinational companies collecting our private information at every step we take in the digital world.

First of all, to gain access to “Memopol-3” one already has to give away a lot of private information at the gate by inserting an ID card or US driver’s licence, or by making a passport scan. The gate opens. The next step involves biometric measurements of the visitor, after which he can comfortably sit down in a futuristic chair designed for smartphone users (which means for everybody) and gives the computer programme access to all of the information stored in your little life companion. Let us just stop here for a moment. Mikko Hyppönen, Chief Research Officer at F-Secure and a columnist, has said that “smart means exploitable”. The big smart explosion reached its climax around 2010, and by 2012 there were one billion smartphones in use worldwide. This has brought about fundamental changes to people’s lives and society in general.

Your smartphone knows everything about you. It knows your location at any given time. It knows all the SMS messages you have ever sent to anyone and all the contents of them. It knows who your parents are, your little sister and your son. It knows what you buy online. “Memopol” rips all of that information from the smartphone to make us think about the huge security breach we are under via our dear flat-screen friend. The only difference is that “Memopol” doesn’t sell the information to governments and marketers for big bucks like data broker companies do.

After purging their smartphone, the visitor can move to the last room, where all of the information gathered during his journey through the “Memopol-3” spaces is visually presented. As “Memopol-3” is not an evil machine, it deletes the gathered data after each session, although it leaves a trace of names and portraits on the screens in the lobby as footprints.

Memopol Doesn’t Generalise: It Specifies

“Surveillance society” sounds so tedious. We have heard about it for decades and gotten tired of the fuss. We are only now slowly starting to realise what it actually means and what threats come with it. It’s slowly entering our consciousness, although not so much for the younger generation of digital natives. We are biologically programmed to protect ourselves by ignoring problems that we cannot fix or that are so complicated or abstract  that they often seem to appear to be made-up.

Evgeny Morozov has another take on this indifference:


“By presuming that we are living through revolutionary times, epochalism sanctions radical social interventions that might otherwise attract a lot of suspicion and criticism. … The paralyzing influence of epochalism induces passivity and limits our responses to change, for the unfolding trends are perceived to be so monumental and inevitable that all resistance seems futile”


Where there is a problem, technology can find a solution: technological positivism has rooted itself so strongly in our society that it is extremely difficult to express doubts about it or even dare to ask what is actually behind it. Anybody that goes against it is accused of being paranoid. Words and arguments against it are easy to twist.

Morozov, who is a well-known but controversial researcher who warns about Internet threats, published his first book in 2011 (The Net Delusion: The Dark Side of Internet Freedom), the same year “Memopol II” was created. Morozov argues against the idea that the Internet is democratic, stating that instead it is used as a tool of mass surveillance, political repression and a way to spread all kinds of propaganda.

What if you are confronted with the physical reality of mass surveillance and breaches to your private life? Memopol’s strength as a social (impact) machine lies in the way it interacts with the visitor. “Memopol” takes on visitors one at a time, giving each an exclusive, personal experience. The visitor is singled out, thus creating a bigger impression than the world-wide data collecting companies who collect wholesale data and seemingly make a person feel like one drop of water in an ocean of information. So, inside that very personal experience “Memopol-3” provides an overview of a specific person’s private data that is accessible to many unknown agents all over the world. It doesn’t generalise: it specifies. It takes the magnifying glass and makes an individual’s private information significant through a massive pool of faceless data.

The World & Memopol After Snowden

In 2013 former CIA employee Edward Snowden leaked hundreds of classified documents revealing global surveillance programmes run in cooperation with the US government, telecommunication companies and European governments. Almost everybody was vulnerable, from national leaders to business owners.

Even though the Snowden scandal has almost died out now, it did lead to ambitious data protection reform in the European Union. At least the film director David Bernet was convinced of that. Bernet’s documentary “Democracy” (2015), original title “Democracy – im Rauch der Dates” followed the difficult road of an idealistic and individual-centred (rather than business or government-directed) law-making process in the European Union. The process first encountered great opposition from European leaders and corporations, only to be easily accepted after the world was shocked by Snowden’s revelations. The data protection law will take effect in the European Union in the spring of 2018.

So, what does the data protection reform protect us from and what does “Memopol” try to visualise for us? “Memopol-3” strives to make people realize the extent to which their private data is actually available and collected by different agents. Mobile phones that pinpoint your location. Cameras that track your every move. Subway cards that remember where you’ve been. Credit card purchases online. We routinely sacrifice privacy and security for convenience. Still, are we really free to decide about access to our privacy? We are put in the position where we either give access to personal information or we are denied services. Consent is one of the easiest things to get on the Internet, but it is not a guarantee of data protection. Data is forever. Literally. The ‘delete’ button doesn’t ‘wipe information off the face of the earth’. It means ‘I just deleted data from my device, but it will continue to exist in big server systems, where it can be found by anyone at any given time in the future’.

Timo Toots’s “Memopol” reflects our own actions back to us. Voluntary and involuntary. At the end of the day, it is really nobody’s business whom I call, where I travel, what words I Google or what shoes I have bought online.


  1. Morozov, Evgeny. To Save Everything, Click Here: The Folly of Technological Solutionism. New York: PublicAffairs, 2013, p. 36.