The changing definition of privacy

Paul Sholtz sees a mushrooming number of data banks holding all varieties of personal information on citizens and consumers. Deciding on "fair use" will be a defining policy issue for the 21st century.

COMMENTARY--We live in an extremely sophisticated and complex society, and oftentimes our language has not evolved as rapidly as our technology and social conditions have changed. This is certainly the case with the word "privacy," which carries many different shades of meaning to many different groups of people in many different situations.

In the wake of the World Trade Center disaster, the most immediate implication of the term privacy is in the context of civil liberties and how privacy acts as a counterpoint to the broad concept of "security." Even before the disaster, increasing use of surveillance cameras and face scanners had already caused an erosion of what some call "privacy" in the public sphere.

Following the recent terrorist activity on the U.S. East Coast, we can only expect the amount of surveillance in American society to increase. We can also expect increased government calls for wiretapping and for new restrictions on encryption software. There are those who would argue that these trends have a deleterious and possibly long-lasting negative effect on civil liberties in the U.S. and on the amount of "privacy" the average American citizen can expect. They are probably correct.

To the average American consumer, on the other hand, privacy means the confidence that information shared with a vendor will not be used in ways inconsistent with customer expectations. To many people, this means that personal data will not be shared with third parties who may use it to make unwanted telemarketing calls or to send junk mail. Other consumers are comfortable with sharing personal data with third parties as long as they are compensated for it some manner.

Frequent flier programs, cash-back credit cards and supermarket rewards cards all operate on this principle. In still other cases, consumer privacy means the confidence that sensitive personal data will not be used in the future to deny employment or insurance, or possibly even worse, displayed on a Web site that has been hacked for the whole world to see.

Note that when used in this (corporate) sense, "privacy" is a very different animal than "privacy" in the sense of government surveillance and wiretapping. It is entirely possible for consumers to maintain control over the amount of personal information telemarketers and junk mail vendors learn about them, even if those same consumers live in a state of near total government surveillance and wiretapping. Ubiquitous government surveillance and wiretapping may not be desirable conditions under which to operate a democracy, but it is entirely independent of the ability of consumers to exercise property rights over the personal data they share with vendors in the marketplace.

Given enough time, our society will likely evolve separate and unique terms to describe each of these very different and unique concepts, particularly as we move forward into the Information Age and numerous databanks filled with personal information (in various forms) become easier and easier for any number of people (including terrorists and other criminals) to obtain and use. For the time being, however, we have to make do with the use of the word "privacy" as a blanket term to describe these and many other concepts in society and the marketplace.

We must also live (for now) with the confusion that results from the use of such inaccurate definitions when we talk about what we except (both as citizens and as consumers) in terms of "privacy rights."

The WTC disaster has already thrust privacy to the very front of public consciousness. Americans are now slowing waking up to the fact that they will have to make due with substantially less "privacy" in what had until recently been a relatively "anonymous" public sphere. But as Americans come to terms with the increasing lack of privacy and anonymity in society at large, they will likely desire (and demand) that it be replaced by newfound sources of privacy and data protection in other areas of their life.

Increasing use of surveillance by government agencies will probably (and ironically) bolster the case for consumer property rights over personal data when exchanged in the context of a commercial transaction. Whatever assurances the enterprise can make regarding the safekeeping and safe handling of personal customer data will likely take on an added dimension of new importance in the wake of the WTC disaster.

One thing is for certain--the future holds an ever-increasing number of data banks holding all varieties of personal information on citizens and consumers alike. The degree to which organizations are able to make assurances of "fair use" of this information to individuals will be a defining policy issue for the 21st century. The WTC disaster may have been the first large-scale incident to thrust privacy into the minds of every American citizen, but it certainly won't be the last.

Paul Sholtz (paul@privacyright.com) is chief technology officer at PrivacyRight.