FRAMINGHAM (04/03/2000) - Why did it take the web to make privacy, the inalienable right sanctified by the Fourth Amendment, a national issue? Why are people suddenly so concerned about safeguarding their personal information from companies that pay the highest bidder for it? Several factors have converged to cause this uproar and inspire contempt among consumers for businesses that engage in this controversial practice. But the real issue concerns the way the web forces consumers to reevaluate the notion of privacy. As a result of this raised awareness, CIOs must be more proactive in addressing this issue. They are in the best position to address consumers' privacy concerns because they decide which technologies to implement in pursuit of business goals. It's time for CIOs to think beyond the business value of technology and consider the effect of their technology decisions on privacy. If they don't, they could find that their companies are systematically eroding a constitutional right, all to make a buck.
The internet is an extensive network of interconnected servers and databases that link private industry, universities, governments and individuals. The web makes this vast array of resources readily available to anyone with a computer and an internet connection. Just think, where you once had to flip through musty card catalogs to find a book in your local library, you can now search for it from your computer.
It's this network of databases containing people's driving, real estate and employment records (to name just a few) that has spawned an industry that taps into this information. In the old days, the curious or vengeful among us would have spent thousands of dollars to hire a private investigator to search public records. Now anyone with a modicum of curiosity and a penchant for voyeurism can play gumshoe on the cheap.
The fact that these databases are connected and that their contents are available via the web drives home a disturbing truth: Information we deem personal--our name, address, how much we paid for our home--is not private.
This kind of information has never been private; before the web, it was just much more difficult to access.
And nor are we the sole proprietors of our personal information. Companies traffic in this stuff the way that the Medellin drug cartel traffics in cocaine. If Company B buys your personal information from Company A, which originally obtained it through a purchase you made, does that mean Company B now owns this information? What right do you have to it? Indeed, companies selling or sharing people's personal information with so-called strategic partners has become a billion-dollar business, a competitive advantage and a new business model all at the same time. Venture capitalists pour obscene amounts of money into e-business plans that derive value from aggregating and sharing information about prospective browsers and buyers. In the new economy, it's not what you sell, it's whom you sell.
Businesses are capitalizing on people's interests and attitudes. They tout one-to-one marketing relationships as if they valued customers as individuals, but what they really value is customers as revenue streams. As the web renders distinctions between what is public and what is private increasingly ambiguous, this ambiguity raises serious ethical questions about who has the right to personal information and if such information can actually be bought and owned.
Consumers have to be vigilant. They must choose privacy over convenience. They still hold some influence over businesses in that companies acknowledge consumers' privacy concerns by explicitly asking them for permission to share with partners the information they enter on websites. But consumers must be careful of losing this influence altogether. Why? Because by choosing convenience, they show corporate America their willingness to relinquish the intangible right to privacy for the tangible benefits of electronic commerce and services. One day, they might not have this choice.
Furthermore, as the web gets more pervasive and personal information gets more valuable, the interests of corporate America and consumers will diverge.
Companies say they have the best interests of consumers in mind when aggregating and sharing this information with their partners. In turn, the partners may then send consumers advertisements about their products and services that they think may be of interest based on items consumers shopped for in the past. But all they really want is to sell to you.
The surveillance technologies that let companies track visitors' activity on the net are also increasing consumers' privacy concerns. Cookies, for instance, collect data on the links visitors use, how long they view pages and which ads they click through. Once a name is submitted on a site along with shipping or payment information, cookies can identify the shopper as an individual rather than a number.
This kind of technology allows companies to collect more than transactional purchase data. It allows them to capture a snapshot of people's interests and behavior. Companies can then use these snapshots to develop more complete and creepily accurate portraits of customers. True, retail stores can amass this caliber of information. But to do so, they have to employ auditors disguised as shoppers who follow people around the store to see which products attract their attention. Or they can turn to surveillance cameras, which are used just as often to identify shoplifters.
Consumers are rightly waking up to reality: Whether browsing in a brick-and-mortar store or online, Big Brother is watching. As worries about privacy increase, consumers realize that there is a high price to pay for convenience. Unless CIOs acknowledge the ethical questions surrounding the use of certain technologies--and address these issues with the rest of senior management--the backlash that has begun will only continue.
It's time to balance the scale. Companies know so much about us--from how long we spend browsing virtual shelves of vitamins to our preference for taking zinc rather than echinacea to prevent colds--while we know little about them. We don't know what they are really doing with our personal information, and the thought of a faceless company knowing us so intimately that it could predict our every caprice scares people. And it should scare CIOs as well. The CIO knows firsthand which technologies are on the market to aggregate customer information, how they work and how they tie into other systems. CIOs also know what companies do with this information. For these reasons, CIOs should be the ones who bring the social implications to the boardroom. After all, it's not just consumer privacy that's at stake; it's their own privacy too.
What bothers me most about the waning control over personal information on the web is my Orwellian suspicion that anonymous companies will usurp control of our lives and begin prescribing what we need and want. Indeed, they can dictate our life experience because they know too much about us.
Do you think Staff Writer Meridith Levinson is a) a crazed libertarian b) a crazed socialist c) just plain nuts? E-mail her at firstname.lastname@example.org.