Page 29 - Privacy in a Cyber Age Policy and Practice
P. 29

14  PRIVACY IN A CYBER AGE

           Internet user would have to respond to scores if not hundreds of requests
           each day even for uses of nonsensitive information. It seems that in this
           area, as in many others, the way the DPD rules survive is by very often not
           enforcing them. Whenever I meet Europeans, and following public lectures
           in the European Union, I ask if anyone has been ever requested to consent
           to the use of personal information that they had previously released. I have
           found only one person so far. He said that he got one such request—from
                                                                 43
           Amazon. Other sources indicate that compliance is at best “erratic.”  The
           penalties for violating the DPD seem to be miniscule and rarely collected.
           No wonder a large majority of the EU public—70 percent—fears that their
           personal data may be misused. 44
              In short, neither of these approaches is satisfactory.



                              2. Mending the Crazy Quilt

           There are a large number of laws, regulations, and guidelines in place that
           deal with limited particular usages of personal information beyond the col-
           lection point. However, a very large number of them deal with only one
           dimension of the cube and often with only one element of cybernation,
           limiting either storage, analysis, or distribution. The laws reflect the helter-
           skelter manner in which they were introduced and do not provide a sys-
           tematic doctrine of cyber privacy. They are best viewed as building blocks,
           which, if subjected to considerable legal scholarship and legislation, could
           provide the needed doctrine. They are like a score of characters in search
           of an author.
              One of the key principles for such a doctrine is that the legal system can
           be more tolerant of the primary point spot collection of personal informa-
           tion (a) the more limited the volume (duration and bandwidth) of the col-
                 45
           lection  and (b) the more limited and regulated cybernation is—holding
           constant the level of sensitivity of the information. (That is, much more
           latitude can be granted to the collection and cybernation of insensitive
           information, stricter limitations can be placed on highly sensitive informa-
           tion, and a middle level of protection can be established in between). The
           same holds for the threat level to the common good.
              In other words, the cyber age privacy doctrine can be much more tol-
           erant of primary collection conducted within a system of laws and regu-
           lations that are effectively enforced to ensure that cybernation is limited,
           properly supervised, and employed for legitimate purposes—and much
           less so, if the opposite holds. One may refer to this rule as the positive corre-
           lation between the level of permissiveness in primary collection and the strict-
           ness of controls on secondary usage of personal information.
   24   25   26   27   28   29   30   31   32   33   34