|
As the issues of privacy came to the forefront (b/c of the Internet and triggered by Doubleclick and Toysmart et al), there were various programs and speeches on privacy rights. Many of these included a comparison between the US and UK views of privacy rights. As many people know, the EU collectively and each EU country individually has a vastly different approach to privacy -- it applies to all personal information, not just certain categories, like we have in the US. The approach strictly regulates the collection, use and transfer of personally identifiable information, including information that reveals something about you, such as ordering a kosher airline meal might reveal that you are jewish.
A common theme of these programs is to trace back in history the respective countries' views of personal data. In tracing back the EU model approach, the point is made that people in the EU countries trust their government, and generally have no problem disclosing their personal information to the government. They do not, however, trust the use of their information for marketing and sales purposes, and so have always been very suspicious of efforts by companies to collect their information for commercial purposes. So as the EU looked at the issue, it was appropriate and relatively straight forward to adopt directive like the data directive that restricts what can be done with an individual's data. EU residents also believe, as does the government that your personal information is exactly that - yours. Your data is considered almost sacred.
The US history is exactly the opposite. The speakers would say that US citizens don't trust their personal data to the government, and so resisted efforts to provide more information to the government. US residents however cannot turn over the personal information fast enough for any commercial purposes - entering a sweepstakes, signing up for a free offer, providing their phone number when making a simple purchase, using loyalty cards to save money. So the US has been more receptive to the collection, use and sale of data. In fact, US companies treat personal data as a corporate asset - to increase the value of the company. It is not considered the property of the individual.
US regulation of privacy is relatively minimal even today. The US regulates certain categories of information - health, financial, student, information about children. Certain US states have laws regarding employee information, and narrow laws on selected categories of data - your video store rental history. There is no generally applicable law on privacy and data regulation. The FTC has a set of principles (notice, consent, access/opp to correct, security, are some of the elements) they apply -- which are not law. Most of the enforcement activity by the FTC has been fining companies for saying they protect data in one way, when their actual practices are different/inferior. More recently, the FTC has been focused on security - but that is b/c the information at issue is financial.
So why do I think Bush is in trouble over the NSA/telcon spying -- the commercial side, which US residents were comfortable with, is now collaborating with the government. US residents drew their privacy line decades ago - companies changed the line b/c working with the government. US residents won't and don't like this - and will demand more protections regarding data collection, use and sharing.
|