Track Report - Electronic Databases and Privacy - The Research Center on Computing & Society

Text-only Version

Jacques N. Catudal, Ph.D.

Electronic Databases and Privacy

Cases like Lotus’ Marketplace database illustrate that what is significant about privacy problems as engendered by computer technologies is the significantly greater order of magnitude of the problem. The effects of such databases are dramatically new, occasioning unanticipated problems. Several examples can be offered to show how quickly and widely the dissemination of information can take place. An individual suffers a traffic accident; within a week he receives letters from four lawyers expressing an interest in representing him. Police blotters are published in many local newspapers; now, however, some police departments maintain “E-blotters.” It is now possible for a person in New Haven to find out who was arrested for DWI last evening in some small west coast town. Serious problems may result from incorrect information and from the difficulties associated with securing retraction when such is the case. There is sometimes an element of anonymity or invisibility surrounding the source of the (incorrect) data. The effect is to deny individuals due process and the right to confront their accusers.

So, what seems new about the problems of privacy and confidentiality is (1) the scale of the problem, i.e., number of persons affected and/or, (2) the invisibility of the source, i.e., unaccountability, (3) the number and kind of negative effects generated whenever the data is incorrect, and (4) the difficulty of obtaining retractions, and consequently, the persistence of negative effects. The harm that can be done to people when information is incorrect is dramatically illustrated by the current practices of credit bureaus.

Currently the default standard in matters of information about individuals is such that information that one releases about one’s self may be disseminated to others and may be manipulated (merged) in ways the individual has not anticipated. Perhaps the assumption should be the reverse; viz., that a corporation may not release any information about an individual unless it has secured that individual’s permission. People do not make a contribution to a database believing that the information will be merged and retained for very long periods of time. Most people are not aware of the ways in which the information is used or can be used.

An important issue with these cases concerns the retention of data for long periods of time. When should data die? The second Ethical Consideration of Canon 5 Canon 5 of the ACM Code states:
“An ACM member, whenever dealing with data concerning individuals, shall always consider the principle of the individual’s privacy and seek the following:

To minimize the data collected.
To limit authorized access to the data.
To provide proper security for the data.
To determine the required retention period of the data.
To ensure proper disposal of the data.”

The position advanced by Professor Richard A. Wright (“Information As a Commodity: Control and Benefit Are Morally Owed to the Source”), while bold, may yet present us with another occasion “to strike a deal.” That is, Wright’s position, if implemented, might lead people to sell away their privacy. The problem of privacy is not one of proper compensation for use of information about one’s self, but knowing what will be done with information about one’s self. Wright appears to be assuming that since we can’t control the use of information about ourselves, we ought at least to be properly compensated for it (i.e., as market value may determine).3

Back to the top

Go to: Conclusions

Home > Research Resources > Computing and Privacy > Track Report

The Research Center on Computing & Society
at Southern Connecticut State University
501 Crescent Street • New Haven, CT 06515
Director: (203) 392-6790 • e-mail: webmaster@computerethics.org

© 2000 – 2007 – Research Center on Computing & Society