Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
20 March 2006  
Untitled Document
Sections

Market
Management
Technology
 Technology Life
Columns

Between The Bytes

Specials

HMA Bankbiz
UPS Batteries

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Express Hospitality
Express TravelWorld
feBusiness Traveller
Express Pharma
Exp. Healthcare Mgmt.
Express Textile
Group Sites
ExpressIndia
Indian Express
Financial Express

Untitled Document
 
Home - Management - Article

Business Accent

Privacy pleases

In the digital networked economy, it is difficult to keep track of your personal information and safeguard your privacy. So how can you be sure that your data won’t be misused? Mark Cleaver discusses the issues involved

Last year, the American Civil Liberties Union (ACLU) released an online video designed to satirise the potential misuse of private customer information by companies. The video features a man ordering a pizza from a delivery service. His customer service advisor has access to his address and phone number as soon as she picks up the phone, but that’s just the start. Via a database, she also has access to details about where he works, his health records, his recent credit card transactions and his last library book loans. She even knows his waist measurement.

All this information is used as the basis of the highly invasive and overly- personal exchange that’s featured in the video. It is close to being over the top, but like most good satire this too contains an element of truth. At the very least, it highlights our fears of what might happen if unethical companies had unrestricted access to our personal information.

Data in danger

What it also illustrates is a growing level of mistrust between consumers and the companies that collect, collate and use their (consumers’) personal data. It demonstrates why people have begun to feel nervous about some of the technologies that are becoming available in the digital networked economy. This raises the issues of responsibility, awareness and education that need to be carefully thought through.

Using hypothetical examples, it can be illustrated how previously isolated sources of data could be linked to help identify and prosecute individuals who break laws or fail to pay for licences. For example, in Britain, homes that have TVs are required to buy a TV licence. If data about the purchase of new TVs could be cross-checked against the data about licence holders, offenders could quickly be identified and prosecuted.

Alternatively, given the heightened concerns about terrorism, information held by airlines about their passengers could be correlated to supply the authorities with risk profiles of individuals without their knowledge.

The second issue is the growth of specific technologies that have the potential to impact people’s privacy. This is not a problem that is going to go away on its own as has been demonstrated at many of the highly publicised breaches of 2005—the information leak at a division of Lexis-Nexis, the loss of several data tapes by Bank of America, and the scandal at data-broker ChoicePoint.

A multi-layered response

So what should be done? And who is responsible for the best practice?

Firstly, it’s important to stress that by portraying the company as the villain of the piece, the ACLU’s video is somewhat lopsided. What the video doesn’t show is that there are interests and issues on both sides, and that these need to be balanced if we are all to reap the benefits of increased connectivity.

Companies are clearly beginning to appreciate this. In 2003, less than 36 percent of the North American companies that took part in a Vontu-Ponemon Institute benchmark study of corporate private practices felt that privacy was important to their brand or image. By 2005, the percentage reached 56; this 20 percent rise is supported by other Ponemon Institute studies.

States the study report: “It appears that while many corporations still approach privacy as (an issue that’s) restricted to compliance, results from this study and others suggest that several leading organisations now value good privacy practices as a business differentiator and a competitive advantage.”

In addition, technology developers have been developing applications and services purely to protect people’s privacy. For example, Privacy Enhancing Technologies are software programmes and hardware devices that do just that. They range from RFID blockers to electronic privacy policies, from encryption to credential systems and e-cash.

It’s up to you

And what of the individual? The first thing we need to understand in this new connected world is that our personal data is extremely valuable but can be extremely vulnerable too. Indeed, there is a strong belief among technology and privacy experts that we are not informed enough about the potential risks of sharing personal information and what might happen to it.

True, there is a maze of international guidance and national legislation to protect us. It includes the UK Data Protection Act, 1998; the EU Directives on Data Protection which require that data be kept accurate, protected and used only for authorised purposes; the Gramm Leach and Bliley Act in the US which protects information held by financial institutions about customers; and SB1386 2003 which requires any person or business working in California (US) to notify any Californian resident whose unencrypted personal information was or is reasonably believed to have been acquired by an unauthorised person.

Regulations also control the movement of consumer data between countries. For example, the US Department of Commerce and the European Commission have developed a ‘safe harbour’ framework to help American businesses meet EU requirements for privacy protection.

However, even legislation will never protect privacy fully, and so companies, particularly technology companies, always need to consider the privacy impact from the earliest stages of product or service design. At the same time, individuals need to be more aware and treat their personal data with care.

Take the ACLU’s video to its logical conclusion and you might decide to try to opt out completely. But these days that would mean no store or credit cards of any kind. No bank account. No phone. You could never buy anything online, never buy a mobile phone, and never get on a plane planning to fly over certain countries’ airspace. It’s practically impossible, and also, for most of us, highly impractical.

So what are the answers? Meet the risks head on. Value your data. And only use companies that do the same and are totally transparent about how they use any information you supply them with.

The benefits? Better customer service that’s faster, more personalised and more efficient.

Like anything new, our increasingly digital world may offer positives and negatives, but it looks like the former will outweigh the latter very soon, given just a little more care and attention.

The author is Country Manager, BT India.
He can be reached at mark.cleaver@bt.com

 


Untitled Document

UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.