When purchasing an item from the store it creates a transaction which then makes information. The seller then can decide to collect the time and the date of the purchase, the cost, the item and even the other information about the precise items in the same market basket. However, will the information be linked to the exact customer? When paying with cash it normally guarantees anonymity; which is when the buyer is not associated with the purchase even though, the cash transactions in small areas for example, the neighbourhood or the town stores is where everyone knows everyone perhaps aren't anonymous. On the other hand, the current payments can certainly be connected to the purchase with the customer:
If you are purchasing socks, you wont care as much if the information is being recorded. If your purchasing a book called P.S I love you, you most likely you do. You want the purchase to be private and not public.
The book merchant who takes your payment of a check for the book P.S I Love You can realistically claim that collecting the transaction information is a usual part of performing a business so, the information belongs in the store. However, if the bookstore chooses, built on the information given from the transaction, to send you an advertisement the store is then using the information for the standard business practice for collecting more business.
Supreme Court Justice Louis D, Brandeis would have sympathized with your wish. He described privacy as the individual right to be left alone. He also wrote (with Samuel D. Warren) in the Harvard Law Review:
The narrower doctrine [of privacy] may have satisfied the demands of society at a time when the abuse to be guarded against could rarely have arisen without violating a contract or a special confidence; but now that modern devices afford abundant opportunities for the perpetration of such wrong without any participation of the injured party, the protection granted by the law must be placed upon a broader foundation. [Emphasis added]
This disagrees that in the past it shows that, it was very difficult for peoples privacy to be dishonoured without their knowledge although, utilising modern devices shows that people's privacy can be violated without them acknowledging it. The good thing about Warren and Brandeis omments is that it was written in the 1980's. The modern device that they were talking about was the first portable camera and the faster film authorising short exposure photographs.
There are four main responsibilities in controlling the use of information which are:
There is also a fifth responsibility which is called Internal Use. This is where the store can utilise the information to conduct business with you only for no other use. When conducting a business with you means storing your address on file so, they can keep you posted and send announcements about different sort of things for example, meetings and clubs. This doesn't require selling or giving your personal information to other parties for instance, to another person or a business but, it might not need you to approve either.
Normally, privacy relates to four aspects of our lives: territory, personal information, communication and our bodies. The only two of these aspects that concern us a lot is personal information and communication. The definition of privacy is the right of people to choose freely under what circumstances and to what extent they will reveal themselves, their attitudes, and their behaviour to others.
This definition highlights firstly, that it is the person has to choose to what extent and circumstances to which the information is publicised not to anyone else. This is where the person has control. Secondly, it underlines the choice of features over the person which controls the information symbolising every part of the person for instance, their attitude, themselves and their behaviours. For example, buying P.S I Love You was an act of behaviour which defined privacy. This doesn't repeatedly involve the No Uses Classification. We might not determine the fact that the book was paid with a check rather than cash this is recognising the form of payment used as opposed to an anonymous one. We could also choose the form of payment has no influence on whether the information should be disclosed or not; consent to show the information must be clearly given.
There are two basic threats of privacy: government and business. However, there is also a third threat which is snooping and gossiping private parties; this is controlled by security as this remains the information to be kept private. Previously, the governmental threat is a command spying on its citizens this fears people mainly, because when this takes place the consequences are so serious. Whereas, the business threat is a more up to date problem due to the IT aspects. The two types of business threats are: the use of business related information consisting of transaction information for other uses and the surveillance of employees.
Most of us communicate with numerous organisations and people for example, businesses, our employers and government. This is to whom it may interest to reveal private information to. This is when we generously choose to show information in exchange for real benefits.
It is likely to disclose information about ourselves and have substantial privacy. However, it depends on what occurs to the information after we have disclosed it to other organisations and individuals. If the information is kept confidential use it for the purpose which they have collected and restrict the data from other organisations.
For those organisations or people it is limitless to supply or sell the information to anyone else that is disclosing information about us. There should be clear rules taken from handling private information therefore, we have standards by which to judge whether or not the trust is justified.
In the 1980 OECD otherwise, known as Organisation for Economic Cooperation and Development has 29 countries involved with international trade. It has resulted in an eight point list of privacy rules that has become well known as the Fair Information Practices.
The OECD Fair Information Practice principles are:
Standard OECD for both government and business held information is where privacy is not enjoyed as much into the OECD world.
An example, of privacy conflicting with the governmental interest is that the United States have not taken the OECD principles although being a huge player in the OECD and having developed earlier principles based on the Fair Information Practices. It is alleged as, the companies have profited by collecting and gathering information, or by purchasing and selling information in such ways that are inconsistent with the OECD principles. The privacy rights for these countries are therefore, reduced.
The European Union issued the European Data Protection Directive, a law including the OECD principles in 1995. The members of those countries have performed this law giving everyone in the EU the same high level of privacy. However, many EU countries for instance, New Zealand, Canada, Hong Kong and Australia and non EU countries have taken new laws established on the OECD principles. This is vital since the one provision that the EU Directive needs the data about the EU citizens be kept protected by the standards of the law even when it leaves their country.
Non EU countries that want information on EU citizens must demonstrate that they have consistent privacy laws with the OECD principles. For example, Switzerland a non EU country was functional and therefore, was approved.
In 1974 United Sates passed the Privacy Act law. This is where the government has the ability to invade people's privacy. This consists of the privacy problem and the interaction with the government.
The difference to the omnibus solution taken from the OECD list is that the United States uses a method called sectoral describing that it passes laws to deal with the precise practices or industries. Examples are:
The difference between the two privacy laws is that the U.S and the EU has a serious problem for multinational companies and internet and web based companies. A company cannot transfer data from an EU country to the United States until the United States meets the OECD principles.
The EU and the Federal Trade Commission (FTC) have been discussing for many years to solve this issue. An unsettled agreement was established on an idea called a Safe Harbor which signifies a U.S company following the rules of an agreement where they can receive information from the EU. The guidelines of the FTC are much weaker than the OECD principles.
Opt-in/Opt-Out : Opt-in is where the business can't be used except if the individual explicitly lets the new use. Whereas, Opt-out is where the business can use it except the individual clearly forbids the new use. For example, in 1972 the privacy principles reliably need Opt- in for all the alterations in use or, the individual will not be able to manage the use for all the private information. The FTC rules still, need Opt-in merely for highly sensitive information for example, like medical data; Opt- out is the benchmark in the US and the complete opposite of the OECD guidelines.
Compliance/Enforcement describes how organisations meet their responsibilities under the principles which, is how the data controller was applied. The EU and other OECD subscribing countries have established offices to carry out their duties of the data controller. The FTC suggests the U.S companies comply voluntarily as a result of market pressure.
Both of the privacy issues are vital on both sides. For instance, without Opt-in and enforcement the OECD principles are poorly eroded. However, with those requirements, industries like direct marketing are extremely affected.
Next Page Back to top
