“Big Brother is Watching”
Privacy in the Information Age.
May 13, 2001
Have you sat down to eat dinner, just as you put that first bite into your mouth the phone rings. You know better than to answer it, but you do any way. To your dismay you find out that you were right Tele-marketers? As you hang up you wonder how did they get my number? How do they know what are your interests, likes, dislikes?
You hand the cashier a plastic card with a magnetic strip which contains your name and address. All of your purchases are recorded and a few days later you receive discount coupons for a new product you might like in the mail. You think that targeted marketing in the information age really works!
A woman feels she may be expecting, she goes to the pharmacy to purchase a home pregnancy test. Without thinking, she hands her “bonus card” to the cashier and a few days later she receives mail from baby product manufactures. She is thinking that she is living in an information age nightmare.
Information technology, and particularly the internet and the World Wide Web, can provide benefits that were only dreamed of a decade ago. These new opportunities, however, raise questions about potential threats to personal privacy that are just now starting to be understood.
Consumers, for example, like “one on one marketing” at Miscellaneous Web sites which allows them to browse various selections recommended based on previous purchases and their personal profile. They are much less sure about the site’s developing real time profiles of users based on demographics or psychographics. Similarly, workaholics are attracted to internet dating services that promise to find high achievers their ideal mate; They gladly spend thirty minutes completing the extensive introductory questionnaire. They are less thrilled when they later find that “E-Mate” has been acquired by another company specifically for its extensive data base of personal information.
Our concern is the privacy of personal information in a digitally networked world where personal data can be input, stored, sorted, analyzed, mined, transmitted and exchanged globally with increasing ease and decreasing cost. There is growing concern about data privacy, especially on the Net which is accompanied by marked disagreements about what can, and should be done. These differences are exacerbated by very real cross-cultural and cross-national differences in values, history and economic philosophies. Where national borders are not even speed bumps on the information superhighway.
We argue that while the protection of personal data in a networked world requires transnational solutions, stark differences exist in basic privacy values among nations and cultures. These differences, which flow from basic cultural traits such as individualism and varying political-economic philosophies, are very real and cannot be “papered over.” This circle must be squared: global solutions must deal with local differences. The data privacy issue serves as a metaphor for more general problems of governance of the world economy given the reality of basic, underlying cross-border social, cultural and political differences.
Data privacy is a concern on the Net. A recent E-Trust survey found that over 80% of consumers are more concerned about privacy on the Net than with the telephone or mail. A widely cited Business Week/Harris poll reported that 61% of respondents who use the Net cite privacy as their primary concern. An OECD workshop concluded that unless consumers gained more confidence that their privacy would be protected, the growth of Electronic Commerce (E-Commerce) would be hindered.
Concern about privacy was around long before the Net and Web. The New York Police Department was tapping phones within a decade or two of Bell’s first call. Party lines and operators were notorious for eavesdropping. More recently the widespread use of credit cards and the development of credit bureaus have raised serious concerns about control over personal information. It is reasonable to ask is anything really new?
I believe the answer is “yes,” that the explosion of interconnected digital networks makes a significant difference in the economics and feasibility of using “private” information. More of what we do is (or can be) input in to a computer system than ever before: debit card purchases and ATM withdrawals; phone calls; the location of your cell phone; supermarket purchases; where your Web browser is pointing; where you are when you fill your car with gas; the toll booth you just passed through; and the extensive information you provided when applying for insurance, a new car or a mortgage on the Web.
As important, the cost of acquiring, storing, sorting, analyzing, mining, transmitting and exchanging information is falling dramatically. Most important is the inter-operability or interconnectivity. We live in a world of decentralized but interconnected computer networks. Once entered digitally, personal information potentially is available to anyone connected to the net, regardless of where it resides. The distinction between government or public and private data is becoming meaningless in a world of distributed networks.
Newer data mining techniques allow a vast amount of information about any of us to be collected and analyzed by a wide variety of end users. It is fair to surmise that the Net is inherently invasive; that the gathering of personal information, profiling and targeted marketing, which bring benefits as well as costs, are part and parcel of E-Commerce. Cyberspace does not map on geographic space. National and cultural borders are irrelevant; more important, so is the very concept of geographic jurisdiction. The EU recognizes that in prohibitions of data transfers to third world countries that do not meet the Directive’s standards. Even leaving aside the disaster that an EU-U.S. confrontation over this issue would entail, it is clear that the EU simply cannot build a wall around its borders to implement its data protection laws. What about American or Asian visitors who want to use their credit cards in a French caf?; would every check with an external credit data base be a violation of the law.
Much more problematically, would every Web site, regardless of where in the world it is “located” that is accessed from Europe be subject to European law? At least one authority believes that to be the case. Does that mean every Web site is subject to the Everyone’s law? To no one’s law? That every time a European logs on to any American web site that does not meet the standards of the EU Directive that the owner of that Web site is in violation?
The protection of the privacy of personal information on the Web is not amenable to national or even regional solutions. The Web is a complex interconnected global network. At a minimum, some degree of harmonization of national efforts in the effect of the law is required. The dilemma we face is the need for global solutions in the face of a very real, and very deep-seated local differences in a political culture, values and history.
Any meaningful solution to the problem of protection of personal privacy must square this circle. Absolutist positions on both sides are counterproductive: Americans cannot continue to argue that anything but a market based solution will drive us back into the technological dark ages and Europeans must move beyond caricatures of the American privacy environment as the “wild west.” Any effective solution requires understanding other world views and more important, acceptance of their validity.
We believe that and acceptable international data privacy regime will have to focus on outcomes rather than the technology. On facts on the ground rather than ideology. On whether, at the end of the day, the net effect is an acceptable level of protection of privacy to the individual rather than the specific means of attaining that objective. While this is not the place for specific, detailed recommendations, we believe that this will entail some combination of self-regulation and regulation, perhaps reinforced by privacy enabling technologies.
The privacy problem is a metaphor for a more general set of problems of governance in the age of a digital global economy. Any number of issues, including the need for a new “financial architecture,” achieving a much needed multilateral agreement on investment, protecting the environment, human rights and worker rights require transnational solutions in the face of stark, and at times, diametrically opposed, local differences in values, belief systems and history. Again, this circle must be squared: “global” solutions must be found that accommodate and respect local differences. Perhaps even in this global age, Tip O’Neal, the Speaker of the House of Representatives, advice still holds: “all politics is local.”