Thomas Lord [03.22.08 02:23 PM]

Suppose you do something stupid and your medical records appear on your social networking home page.

Does that make it ok for you insurers and employers to use that in a discriminatory way or should regulation against abuse cover such cases?

Why is your lampshade-on-the-head photo or the name of your favorite band any less subject to protection against such abuse?

Professionals exist by virtue of certification -- it's a "social deal" -- it comes with obligations. It's ok to contemplate restricting business in these ways.

-t

  Danny Weitzner [03.22.08 06:33 PM]

My thanks to Allison for listening and providing a thoughful comment. I'm on Thomas' side of this issue, though. He is correct that it is illegal to discriminate against people based on certain personal characteristics (race, religion, gender, etc.) regardless of the fact that those characteristics are often publicly observable. So, the suggestion that medical and financial privacy laws are just about restricting access to personal information is not quite accurate. In fact, in both cases, the institutions that hold data about us are only allowed to use it for certain purposes. (Of course, one of the things they cannot do is to give it to unauthorized 3rd parties, but the rules go far beyond that.)

What's more, in the case of health care, people have more and more reasons to share even the sensitive parts of their health records more widely: we may be able to get better treatment, figure out which doctors will be best able to handle precisely the condition we have, etc. (Look out for Google Health and Microsoft Health Vault in this regard.

Historically, privacy has been about a lot more than just preventing information leaks: it's about boundaries between individuals and institutions (or other individuals) that we know not to cross even if we can. If I'm sitting in public with briefcase open, people could come along and look inside to see what I'm reading, but they won't, because would be crossing a social boundary that we all know not to cross. (People who don't understand those boundaries we consider to be either poorly acculturated or mentally imbalanced.)

I was part of the first generation of Internet privacy activists who fought for access to strong encryption in order to protect privacy. I still think that's important is some cases, but in order to protect privacy on the Web we're going to have to learn how to define usage limitations, not just access control. And then, we're going to have to learn to build systems that detect improper use.

  Marietta [03.23.08 06:59 PM]

Another way of violating our privacy is the outsourcing of jobs and services to India and other countries. My friends' car insurance representative is in India and was recently asking him for information that I'd be uncomfortable sharing: social security, mother's maiden name..
It is unfortunate what is happening in our country--many businesses that want to cut spending end up losing in the long run.

  Anne Onimos [03.24.08 10:03 AM]

I think many of us in "the West" have less and less a concept of privacy to begin with. How many people have you encountered persons who say, or write, things like, "Ask me anything", "I have nothing to hide", or "I'm an open book."? (US Americans are particularly known for this. As Michael Palin observed in one of his travel shows, while traveling through the US, "Americans will tell you anything.")

Privacy is equated with secrecy. The idea that there is a part of one that is special, internal, sacred -- private -- and available only to oneself and, voluntarily, one's intimates, is to more and more people, bizarre and hard to comprehend.

Add to that the increasing tendency of people (especially young people) in the West to expose, indeed to live their private lives in public -- via blogs, social websites, forums, etc.

No government, corporation, Church, or individual could violate or take away the privacy of those who already have none.