Public Plays Both Aggressor and Victim in Privacy Issue
When two or more human compulsions collide with explosive force, it’s time to plot a better course. An example is the desire to protect personal privacy at a time when immediate access to ever more thorough and sometimes invasive information is exactly what many Americans and their institutions want. The best lesson here is a simple one: The proper use of a new technology hardly ever keeps pace with what people demand from that technology.
How much caution ought to be exhibited by individuals, businesses and especially government agencies before they venture into the electronic jungle? Consider the view of an expert, Jahan Moreh, a senior staff member at UCLA’s department of information science. Moreh also is the chief security architect for Open Horizon, a computer software company that designs comprehensive electronic security packages for banks and health care systems. To this day, Moreh will not give his credit card number to anyone on the Internet.
“The electronic infrastructure, as it exists today, is not built in a way that allows me to fully trust it,” he told The Times. Adequate protections either do not exist or are not firmly in place. Technologies and those who operate them have their shortcomings, and there is simply no good reason for blind trust in the abilities of electronic data gatherers.
Examples abound. They can be found in government agencies that provide more than they can safely and securely deliver online. The latest instance was the Social Security Administration’s offer to transmit personal benefits information in a way that made it far too easy for prying eyes to obtain personal financial information on someone else.
“If we can get to a higher technology . . . it’s entirely possible we could put that information back on the Internet,” Social Security Commissioner John Callahan said recently. His confidence was not reassuring.
How about the huge credit report firm that decided it had the technological wherewithal to send out credit reports online. It promptly delivered an undetermined number of these highly personal reports to the wrong people.
Only the threat of congressional intervention and firm government regulation has forced the giants of the software, communications and data collection industries to inch their way toward self-regulation. In one form or another, the industries have promised to limit or prohibit the release of personal information to others without prior consent. They have also begun to provide means for the consumer to “opt out” or refuse to take part in various means of personal data gathering and sharing. But largely, the firms don’t get it. They don’t understand, for example, that people will demand to know what personal information has been collected and why, and that individuals may want to review that information as often as they check their credit reports.
At the same time, it’s important to note that the people so concerned about privacy nonetheless fuel the demand for technology that can threaten it. Sure, most workers would be appalled at the notion that their boss might have sophisticated hidden cameras to verify that work is being done. But the same employees, as parents, might have few qualms about using a camera to monitor the behavior of their baby sitter. That should give pause to those who think the new technologies simply go too far, are too dangerous and are too ripe for abuse.
“All improvements are double-edged swords,” says Eugene Volokh, a UCLA professor who specializes in free speech law and cyberspace law. “We can’t have a knee-jerk reaction that shuts down the flow of information.”
He’s right. The trick will be to advance the interests of privacy and the pace of new electronic technology in a way that allows the protection of the former before rushing ahead with the latter. That’s not the case now.
