Fighting for Privacy - Does it Matter?
Larry Ozeran, MD, FAMIA
Strategic Consultant for Health Informatics, Organizational Governance, Health Policy and Software Development
For 20 years I have been saying, “you only get the privacy you fight to keep.” With so many serious challenges to our privacy, it seems that fewer and fewer people have the energy to fight. Most people seem to be resigned to what technology CEOs have told us. [https://www.wired.com/1999/01/sun-on-privacy-get-over-it/ https://www.eff.org/deeplinks/2009/12/google-ceo-eric-schmidt-dismisses-privacy ] After all, what can you do when there is so much personal data on your smartphone, in public databases, and in social media? Your friends and colleagues post information about you that you may not even know has been posted.
There are many things we can do, but for most people it seems the effort isn’t worthwhile. One easy thing to do is to subscribe to the Electronic Frontier Foundation (EFF, founded July 1990) Newsletter [https://www.eff.org/].
In this periodic series of posts, I will talk about how privacy is invaded, how I am fighting for change, and seek to hear your thoughts. There is no set timetable for these posts. They will follow what I am observing and experiencing.
We start the series describing the subtle differences between privacy, confidentiality and security.
Privacy is the right to be left alone. In the context of data, it is often specified as having some control over how one’s personal information is collected, used, or shared.
Confidentiality accords information a value that others should keep the data secret.
Security is the process of keeping data safe from theft, loss or inaccuracy.
领英推荐
They all can work together, but data that is secure might not be either private or confidential. If someone steals your data without your permission and keeps it in a secure location, the security of the data does not undo the thief violating your privacy. Keeping one’s data private implies that one should own the data that describes them and have a say in whether that data is shared with any other party. Why is theft of our personal data treated differently than theft of a physical object? Perhaps the newfound excitement for ethereal assets, like NFTs and cryptoassets, will tip the scales and bring a new focus on the value of things we cannot physically touch.
Many people, intentionally or not, conflate privacy, confidentiality and security. I recently heard from someone who complained to an entity about their lack of privacy and was told their data was secure. Privacy and security are not the same thing and that response completely devalued the person’s concern. The person was effectively told their privacy had no value because the entity kept the personal data secure.
This situation always strikes me as hypocritical. Personal data for commerce or research has value to the business or researcher, but for some reason a person’s identity, the data that defines them, is treated as though it has no value to the person. “Your data has value to me, but is of no value to you, so I should be permitted to simply take it without your permission.” Why should it be OK to just take personal information from people and pass it around, whether for free or for a fee? I hear researchers concerned about the cost of getting consent for health data use. They fall back on “people should share their data for the common good.” Perhaps. Most people will share data if you ask them. Some will not. Shouldn’t it be the person’s choice? Shouldn’t each person have some personal autonomy over data that uniquely defines them? Why do we have an ongoing growth market in identity theft?
This series is an experiment checking to see if there is fight left in people to expand privacy protections. Maybe it will work. Maybe it will reinforce the status quo. Either outcome will be instructional.
Next up: My context for why privacy matters
What do you think? Have we done enough? Are we like ants, or bees, just part of the collective? Should we just give up the fight for privacy and let corporations, research organizations and other groups use our data in whatever manner they choose and simply suffer from the negative consequences in silence?
Plastic surgery Franciscan health, Tacoma, WA
3 年I enjoyed your article and I think that most people do not concern themselves with the potential consequences afforded by sharing of data at the expense of loss of privacy as well as security. But this is such a multifaceted subject on so many levels. For example, I am frustrated by the fact that, as a physician, I must keep computerized medical data and bill insurance companies electronically. There's so much sensitive information--a goldmine for the ransomware artist-- and the risk of data breach is out there. It is mandated by the federal government and puts patients' information at risk. How I long for the days when my paper charts could be locked up in the office! But on the flip side the convenience of knowing where to shop or the ability to pay bills or on-line banking for most people seem to outweigh the risks of sharing information for improved quality of life. I think that most people believe that sharing data is promulgated by those truly wanting to improve others' lives but lost sight of the fact that at some point we have to protect our privacy or lose it. I can't imagine owning an Alexa. I am glad that I am no longer on Facebook or Instagram but I have heard from friends "hey i heard you went to .... last weekend" or I heard you bought a new car. Really? That's private information. In most cases innocuous but if someone knows you're out of time great time to rob the house. I think that the bottom line is that we as consumers have to be responsible and with a better understanding about what's at stake. When prompted to acknowledge that a site uses cookies should be alarm enough to consider how important your privacy is to you. There's definitely a lot to discuss