Vol. 9 No. 10 (October 1999) pp. 436-439.

VISIONS OF PRIVACY: POLICY CHOICES FOR THE DIGITAL AGE by Colin J. Bennett and Rebecca Grant (Editors). Toronto: University of Toronto Press, 1999. 287 pp. Cloth $60.00. Paper $22.95. ISBN 0-8020-8050-2.

Reviewed by Robert Brookshire, Computer Information Systems and Operations Management Program, James Madison University.

Through advances in technology, the development of large databases, the global reach of the Internet, and the ubiquity of computers in homes, corporations and government offices, during the last decade of the twentieth century the potential for invasions of privacy has increased dramatically. National and international laws protecting the privacy of individuals have failed to keep pace with these changes. In some countries, especially the United States, privacy protections have never been particularly strong.

Colin J. Bennett and Rebecca Grant have assembled a volume of papers that document how serious the problem is, how we have arrived at this situation, and what directions policy makers and activists should take to address this threat. VISIONS OF PRIVACY began as a collection of papers written by academics, privacy advocates and government privacy regulators, presented at an international conference on privacy held in 1996 in Victoria, British Columbia. Through the judicious selection of papers and careful organization the editors have put together a volume that is much more than a group of disparate essays. VISIONS OF PRIVACY is an effective and comprehensive introduction to the entire domain of privacy issues arising with the advent of advanced digital technology.

The volume is arranged into five sections. The first, "Ethical and Value Choices," surveys the history of privacy, sets forth some general principles of privacy ethics, and discusses general approaches to privacy protection. The second section, "Technology and Regulatory Choices," focuses on various new electronic privacy- enhancing technologies that provide powerful new tools to allow individuals to control access to their personal information. In "Market Choices," the essayists explore market-based techniques that would encourage corporations to respect the privacy of their customers. "Global Choices" addresses the problem of the flow of information across borders in an environment of nonequivalent national privacy rights and protections. In the final section, "Choices for Privacy Advocates," the authors address the challenges that privacy advocates and policy makers face in increasing the salience of privacy protection with the general public, politicians and government bureaucracies.

David H. Flaherty, Information and Privacy Commissioner for the province of British Columbia, leads off the volume with an overview of the state

Page 437 begins here

of privacy at the end of the second millennium. In his view, privacy has been threatened throughout history in the West, either by a pervasive surveillance ideology in society (e.g., Puritan New England), or by advances in surveillance technology. Compounding the problem today, most people have no idea of the extent to which their privacy is threatened when they consume government services or enter into transactions with corporations. He concludes that there is a critical need for the expansion of privacy protections, especially in the private sector.

In "Ethics for a New Surveillance," Gary T. Marx of the University of Colorado at Boulder offers an expanded set of principles of fair information practice. The current set of standards, which have been evolving since the early 1980s include several principles. These principles hold that organizations collecting data (1) should be accountable for that data, (2) should identify the purposes for which data is collected, (3) obtain the informed consent of the individual, (4) keep data collection to minimum, (5) not disclose data without consent, (6) retain the information only as long as necessary, (7) maintain the data's accuracy, (8) secure the information, (9) be open about its data practices, and (10) allow individuals to access and correct data about them. Marx proposes replacing these ten principles with twenty- nine questions that address the methods used to collect information, the context of the data collection, and the goals of the collection process. These include such questions as, "Does the data collection technique cause unwarranted physical or psychological harm?" "Are individuals aware that data is being collected?" and "Is there an appropriate balance between the importance of the goal and the cost of the means?" Through this expanded set of principles, Marx hopes to preserve the dignity of the individual in the face of privacy threatening technologies.

In the third essay in the section on ethical choices, Charles D. Raab of the University of Edinburgh challenges the doctrine that privacy protection should be a balance between safeguarding individual privacy and satisfying social, political or economic goals. The idea of balance implies that privacy rights are opposed to other rights or societal ends. If privacy is a fundamental human right, then the notion of balancing it against other societal needs is an affront to human dignity. Raab advocates a paradigm of "steering" instead of balance that would encourage regulators to drive policy in a desired direction rather than merely accommodating competing interests. It is not entirely clear how this would result in vastly different privacy protection policies, as Raab admits. He does raise provoking questions about the foundation of privacy protection policies that reveal the source of at least some of our current problems.

Janlori Goldman of Georgetown University introduces the notion of giving individuals technological tools to assist in maintaining their privacy. These privacy- enhancing technologies (PETs) would give people control over the collection and use of personal information. This is opposed to the current standard for most of the private sector in the United States under which persons must specifically "opt out" or object

Page 438 begins here

to the collection or reuse of data about their lives. Otherwise, the collector is free to use the data as he or she wishes. Goldman gives few specifics about what these technologies would look like, but some of these are discussed in the following two essays.

Ann Cavoukian's chapter concentrates on the application of PETs in health care information. Few patients realize how widely their health records are distributed, and how weak are the legal protections for this type of data. Cavoukian, Privacy Commissioner of Ontario, calls for the incorporation of PETs in the design and construction of health care information systems, including sophisticated digital signatures for authentication and encryption for biometric data. These technologies would enhance personal privacy while preserving access for legitimate health care uses.

Robert Gelman, former chief counsel to the Subcommittee on Government Information of the U.S. House of Representatives, also focuses on health care records. He describes the many challenges facing policy makers and privacy advocates seeking to protect health information. Although the principle of informed consent nominally guides the collection of most health data, in practice patients have almost no control over personal information being shared among health care workers, insurers, government agencies and researchers. PETs can offer some protections but may not be able to withstand pressures that facilitate or demand access to health data, such as a health care identification number or genetic treatments that affect not only the patient but also the patient's offspring.

Mary J. Culnan and Robert J. Bies author the first essay in the section on privacy and business. In "Managing Privacy Concerns Strategically: The Implications of Fair Information Practices for Marketing in the Twenty-first Century," they argue that marketers who follow fair information practices, such as those described by Marx, will gain the trust of consumers. These trusting consumers are less likely to defect and more likely to help attract new customers through word of mouth. Businesses should protect customer privacy through enlightened self-interest.

In "Toward Property Rights in Personal Data," James Rule and Lawrence Hunter propose the creation of a new property right over the commercial exploitation of personal data. Following the work of Kenneth Laudon and others, Rule, of SUNY Stony Brook, and Hunter, of the National Library of Medicine, present a forceful argument in favor of individuals exploiting the use of their own personal information, much like mineral or intellectual property rights. Companies who use these data should pay royalties that would be collected by a central agency, much as BMI and ASCAP collect royalty payments for musical works. This would allow individuals to control the use of their personal information.

Rene Laperriere, of the University of Montreal at Quebec, describes the approach Quebec has taken to the protection of privacy. Quebec is the only jurisdiction in North America

Page 439 begins here

that protects privacy in both its basic law and civil code and that extends the protection of privacy to both the private sector and the public sector. Unfortunately, Laperriere concludes, Quebec's law, far reaching though it may be, is still inadequate to cope with the challenges posed by global information technology.

In "American Business and the European Data Protection Directive: Lobbying Strategies and Tactics," Priscilla M. Regan of George Mason University examines the approaches American businesses used to influence the development of the European Union's effort to protect privacy. U.S. businesses were successful in modifying the European Union's directive because the complexity and length of the decision process allowed firms multiple access points and plenty of time to marshal their forces. This success underscores the global nature of privacy protection issues.

Fordham University's Joel R. Reidenberg emphasizes the global reach of privacy legislation in his paper. He maintains that the data protection standards established by the European Union will ultimately become the norm for the United States as well, and American firms will adjust their practices to conform to those of their trading partners and markets.

Privacy activists write the two final essays in the book. The first, by the Executive Director of the British Columbia Civil Liberties Association, John Westwood, describes two cases in which the BCCLA was involved. The first case was the creation of a province-wide data bank of drug prescription information, while the second case concerned the videotaping of police calls. The BCCLA was also involved in cases affecting workplace drug testing, criminal record checks, and data matching by government social service agencies. Westwood concludes that the BCCLA's mixed record of success in these cases is due at least in party to citizens and policy makers placing other interests ahead of privacy protection.

The final paper is by Simon Davies, Director General of Privacy International. Davies surveys the state of privacy activism worldwide. He argues that although governmental and corporate challenges to privacy are formidable, the increasing expertise and sophistication of privacy advocates have resulted in increased visibility for the movement. He concludes that it may be possible for privacy advocates to counter the success of anti-privacy interests.

Bennett and Grant have put together a highly readable set of essays on the challenges to privacy in the information age. Collectively, the authors in this volume agree that current privacy protection legislation has not kept up with advances in technology and that the public is largely unaware of the extent to which privacy is threatened. Opportunities exist for policy makers and privacy advocates to address these problems, and this volume contains some guides for these efforts. It should be of interest to students, researchers, policy makers and privacy advocates who are involved in this rapidly changing mix of law, technology and ethics.

Copyright 1999