Privacy – a critical issue


Privacy is an information-age social issue, high on the agenda of governments and corporations, and it gives rise to starkly contrasting views. To some, erosion of privacy is not a threat but is a means of gaining benefits in quality of service and opportunity. To others, erosion is an infringement of rights and an intrusion into their lives.

Centuries ago there was little concept of privacy. Yet it was recognised that people should have the personal freedom and democratic right to live their lives (to ‘pursue happiness’, as in the Bill of Rights) without prying from individuals or organisations. The industrial revolution and two World Wars changed that. Movement from village communities to large towns, the ability to travel and communicate over long distances, and increasing wealth enabled people to live less restricted lives. The creation of wealth from stock markets or property investments led to a need for privacy. It was perhaps the golden age of privacy.

Computers and the ability to develop databases of information on individuals, initially with the aim of providing better customer service and marketing, have eroded privacy. The Internet with its global reach and powerful search engines can link disparate databases. A high level of detail about an individual, group of individuals or organisation can be assembled rapidly by anyone, anywhere in the world, without the individual knowing. There have already been instances of ‘identity theft’. Enough information can now be obtained about an individual and their activities for them to be impersonated in commercial and financial transactions.

The next generation (3G) cellphones will have position-location capabilities with an accuracy of a few feet. These can direct the user to a nearby retail outlet, restaurant, or entertainment venue. The key question is whether cellphone users will trust wireless carriers to identify their whereabouts to a third party. A draft European Directive seeks to ban the processing of location data without the specific permission of the caller – a laudable but possibly cumbersome process that could stifle many useful new services.

In his book The unwanted gaze: the destruction of privacy in America, Jeffrey Rosen comments that ‘People’s subjective expectations of privacy tend to reflect the amount of privacy they experience … as advances in technology have made ever more intrusive surveillance possible, expectations of privacy have naturally diminished.’ Scott McNealy, CEO of Sun Microsystems, has said that we should ‘get over the death of privacy’. The Economist in 1999 gave the opinion that ‘privacy is doomed … it is a residual value, hard to define or protect in the abstract’.

The crux of the problem was identified by the attorney Harvey Silvergate, who stated that ‘people have to be willing to divulge some of their data to participate in modern life. The question is how to curtail abuse.’ Some see industry self-regulation as the way forward but others see a need for formal regulation. ‘After months on the virtual back burner, the contest over online privacy may be reaching boiling point as business and politics collide. On the one hand are high technology companies promoting self-regulation; on the other, lawmakers determined to do something’, quoted the Financial Times.

The ability to compile information from a variety of databases and assemble detailed personal profiles creates a new information commodity. Such consumer profiles are a major asset for a company and are tradeable without the knowledge or permission of the individual. New companies have sprung up to trade in this information. Yet there is some legislation for the protection of the individual. The European Union Data Protection Directive mandates that individuals have a legal right to access any information collected on computer about them, by whatever organisation.

It aims to give people control over their data but in practice it is difficult to enforce or monitor its effectiveness. There is no centralised record of data and the individual must know where and how to search for data held, maybe on a large number of databases. Although any organisation collecting information has to obtain the consent of the individual to pass on the information, this requirement has been implemented surreptitiously. Buried in the small print of an information-collecting document is the requirement to indicate an ‘opt-out’ if the information is not to be passed on. This ‘opt-out’ is largely useless since there are no effective regulatory procedures to trace breaches.

There are moves to introduce a ‘Privacy Bill of Rights’, addressing in particular the impact of the Internet on privacy. The Bill would require consumers to ‘opt-in’ to allow information to be used rather than to ‘opt-out’ if they do not want information passed on. Other recommendations are the posting by every company of a privacy policy and the establishment of trusted third parties to assist individuals to manage, protect and retail their data. Maybe the main route forward in the future will be through the establishment of trusted third parties who will be corporations with established and trusted brand names. Securicor, with its new ‘Safedoor’ service, is an example.

It is now vital for all companies to consider how privacy issues will affect their business. In particular, do they have a formal privacy policy to reassure their customers and do they have opportunities in the emerging market as trusted third parties?

consumer profiles are a major asset for a company and are tradeable without the knowledge or permission of the individual

Many thanks to all Ingenia readers who completed and returned the Reader Survey included in the last issue. Congratulations to Dr Robert Tyler FREng who was the lucky winner of the case of wine. It is not too late to return the survey form or let us know what you think of the magazine: please email or write to the Managing Editor, Dr Julia Tompson (addresses can be found on the Contents pages).

John Forrest FREng

Download Article 365KB