Personal Privacy violations?
Advice:
The
right to privacy is as fundamental as "freedom of speech". We
have studied various attempts by governments in Canada, UK and the United
States to enact legislation to set guidelines for business and individuals.
Sadly, most laws have no teeth or are confusing.
Even government is reluctant
to follow their own rules which stems more from a lack of good policies,
procedures and enthusiasm.
Quite frankly, our best
advice is to take pro-active steps to protection your own personally
identifiable information from evaders,
government and business interests. Do not be afraid to ask what your
information is going to be used for. If you do not receive a good explanation- "No" is
perfectly acceptable response.
Steps you can take to protect your on-line Privacy.
Learn how to discard- older data that is no longer relevant, such as emails, outdated documents, etc. using a data destruction program. Know that just about anything entered into a computer can be traced back to you.
Computers are very good at collecting information about you, cross-referencing, sharing and profile building. Your data is available for a price. Make sure- it reflects an accurate picture of the "real" you.
ID theft is becoming a larger problem for computer users. A recent study (May 2007) in Canada, indicates the rate of occurrence has grown to one in fifteen people. ID theft occurs when thieves steal items such as your government issued ID cards, licenses, credit card bills, tax assessments and by digitally snagging data from your computer, cell phones,e-mail and electronic transactions.
Digital Rights Management (DRM) technology which is used to control access has over-stepped the boundaries of most privacy legislation. Publishers and copyright owners of DVD, MP3 and most consumer software which have been desperately trying to protect their products from unauthorized use and copying.
Unfortunately, many have overstepped the bounds of personal privacy by using the information you share with them for other purposes by not providing adequate disclosure. These other purposes include arrangements made with third party marketing organizations to pay to use or sell your information without your consent. An excellent example are social networking sites.
Information sharing results in you and your organization being bombarded with advertising and spam emails without your permission (at the bare minimum). In the worst case scenario, your identifiable information can become their property including financial details that are often stolen or sold to the highest bidder. Most times these conditions are buried in user agreements. Sorry, we do not buy into the concept that these companies should be allowed to share your information amongst their related organizations. It is too much of an opportunity for abuse.
Most Customer agreements are too one sided. Lawyers drafting these
types of agreements should be brought before their own ethics committees
for disbarment. Corporate execs and legislators that buy into this
cheesy fraud should have to go home and explain to their own Mothers
what went terribly wrong in their lives. Privacy laws passed in the
last ten years have had no enforcement provisions. Many legitimate
privacy violations have been registered but rarely is there any real
penalty assessed This reality is not a deterrent or incentive to change.
Trust needs to be earned and not squandered. This leads us to conclude
that your "Right to Privacy" is
being blatantly abused with the only solution being "self- preservation".
So what can you do?
When you register your products take out a separate nondescript email address to have all the poop sent to. Log off your internet connection and clear your cache and temp files. Log back on- do the registration and log off again. Most DSL and dial up connections use shared IP addresses so it makes it harder to track back your IP if you only use it briefly.
Do not agree to having credit card and contact information retained to allow you to log in quicker. These opened ended agreements leave you vulnerable to abuse (companies do change ownership, privacy policies change, etc.)
If you have the opportunity to email or write the supplier- make sure to mention your information is confidential & their agreement is confusing. If asked to do a survey- decline (especially the ones that ask about marital status, kids, income level, ethnicity, etc.) It is none of their business. Yes- DRM has been found to include companies that provide tax preparation software & filing services and even electronic books in libraries.
Have you been contacted by people out of the blue that seem to happen to know more than a little about you? What choice do you have if you want to consume these products- not much especially when terms are not disclosed or buried in a long agreement. But, you do have the option to ask the caller where they got your info or hang up, ask to be taken off their call or email list, throw their adverting in the garbage or delete their spam email. Not really great choices.
The debate still rages on whether your IP address is part of your personal information. Just assume that it is not. Most Internet Service providers just cave in when presented with a Court order, even though it is a hassle for them to track back all of your activity. Computers are very good at retaining detailed information. Be aware that operating systems, applications, instant messaging and browsers were designed to retain information as a function of their logging activities for troubleshooting and authenticating licensing.
Windows 7, Vista and XP do not permanently remove data when deleted, emptied from the re-cycle bin or formatted. If anything- vendors are becoming more intrusive with no legislation on the books to protect your interests. Once, you say "Yes" to an licence or agreement- your personal privacy is at the mercy of the provider. For example- some state that your personal information, usage and demographics are the business property of their company.
We are optimistic laws and software will evolve to benefit both the ability to conduct legitimate business & to protect people from info predators and abusers in North America. The opposite is true of countries in Europe where privacy is a high priority. Strict laws control the cross border flow of personal information without very specific consent from the individual. Non-compliance results in restrictions & barriers to trade and heavy fines for violators. See the Privacy Legislation directory for more details. State, provincial and regional laws can circumvent or conflict with national legislation. It is not uncommon that business and government interests will trump yours. We feel all parties should be interested in striking a balance between the right to personal privacy and the need to conduct business or provide services.
Do not expect much protection until government can figure out how to enforce their own legislation and make a few bucks off it. Business needs to entrench responsive privacy policies.
An example of an attempt at privacy is in Ontario, Canada. There are protections for personal and health information H.I.P.P.A. and Freedom of Information and Protection of Privacy Act. People should feel confident that their interests are being protected though it is rarely the case since the governing bodies have minimal enforcement capabilities. "Slap on the wrist" comes to mind for violators. Though this confidence is an asset to business and government that practice "due diligence". This involves establishing principals to meet the demand for privacy. More on laws around the world.
For business, inform your Staff and Clients of your policies and prove you mean it by reinforcing the message.
Organizations that have the foresight to realize that respecting privacy is important business moral are going to set the pace tomorrow, since the right message trickles down even to your own Staff.
