While browsing washingpost.com I came across this gem: “Google Calls for International Standards on Internet Privacy.” The article discusses Peter Fleischer’s (Google’s global privacy counsel) recent call for the development of international privacy standards. The article does a fairly good job at presenting the nuance of the privacy debate – summarizing Fleischer’s argument (that current “fragmentary international privacy laws” are burdensome to companies and harmful to citizens, thus a coherent set of minimum privacy standards should be established at a global level) while addressing Google’s mediocre privacy policies.
Discussing the recent Google/DoubleClick merger and fears that it will “aggregate too much consumer data in the hands of one company,” the article notes:
Google, under investigation for violating global privacy standards, is calling for international privacy standards,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center, a critic of the DoubleClick merger. “It’s somewhat like someone being caught for speeding saying there should be a public policy to regulate speeding.
Fleischer’s argument, in its entirety, can be found here. His point that data should be given the same consideration as other global flows in the informational age – namely copyrights, airplanes and pandemics – is certainly worth entertaining.
In today’s inter-connected world, no one country and no one national law by itself can address the global issues of copyright or airplane safety or influenza pandemics. It is time that the most globalised and transportable commodity in the world today, data, was given similar treatment.
Global standards which recognize the right to privacy as a basic human right in the informational age is certainly needed. Additionally, I would argue that the mass collection and aggregation of consumer data should be public record – whether assembled by the State or commerce, information on the public should be public information. Current standards at Google and Microsoft is to anonymize consumer data after 18 months. Once anoymized why not make these data sets public record?
In citing the APEC Privacy Framework, which “suggests that privacy legislation should be primarily aimed at preventing harm to individuals from the wrongful collection and misuse of their information,” Fleischer suggests that the “preventing harm” principle be applied to the proposed global privacy standards. But as the washingtonpost article points out, a focus on “preventing harm” is different than a focus on “privacy as a right.” Whereas a focus on “preventing harm” burdens consumers with the responsibility to prove they have been harmed, a focus on “privacy as a right” implies preventative policies that ensure a consumer or citizen’s right to privacy is not violated. How does a consumer prove they have been harmed let alone prove that their privacy has been violated?
I’m with Fliescher when he says:
Data is flowing across the Internet and across the globe. That’s the reality. The early initiatives to create global privacy standards have become more urgent and more necessary than ever. We must face the challenge together.
But looking at the recent NSA wiretapping fiasco which has allowed the illegal surveillance of innocent citizens, precisely because those spied on have no means to prove they were spied on, alarms me. We know telecommunication companies like at&t participated in government surveillance but because no consumer has yet to demonstrate harm – or even that they specifically were spied on – the surveillance program remains. In my opinion, any global privacy standard must – at a minimum -include the right to privacy.