I’m in the process of registering with the ICO so I can use a computerised system with people’s details for work. The idea of data protection is a good one as it assumes privacy is desired unless there is a specific indication to the contrary. It is perfectly legal to share people’s data if they have consented to it.

There are so many organisations out there, though, with our data that it is hard to keep track. I may have allowed charity A to share my data with similar charities and allowed company B to share my data with, say, other companies in its group. If I then receive a piece of junk mail carefully targeted investment opportunity from organisation C, it is very hard for me to work out where they found my information. I can almost certainly call up that company and tell them not to contact me again. If, however, charity A or company B has been selling or exchanging my information with organisations (even if they are specially selected) that are going to send me rubbish through the post, I may well want to make sure they don’t do it again. I have no way of doing that.

If, however, anyone collecting data had to keep track of where they obtained that data, things would be rather different. When I called up organisation C to tell them to stop sending me rubbish, I could ask how they found my address. A quick look in the database would mean they could (and ideally would be legally obliged to) tell me whether it was charity A or company B. I could then tell the offender not to do it again and, indeed, review my opinions about just how carefully they select the companies they share my details with.

Ultimately, companies would want to avoid the costs, both in terms of hassle and damage to reputation, of customers calling to stop themselves being spammed.

While we’re at it, it’d be nice to be able to place limits on how far sharing can go. I might want to allow charity A to share my details with similar organisations, but I might not be so sure about the policies that those organisations have for sharing; they are a largely unknown quantity. A ’share once down the line’ option might be a way of reducing the flow of rubbish through out collective letterboxes.

An interesting corollary would be if anyone who kept such data also had to keep a record of who they’d given it to1 so that individuals could see how, for instance, Mosaic data comes together. I suspect, though, that this idea would be of limited appeal.

This idea is practicable; it would mean attaching a subfield to each record (or possibly each datum) to give the information’s provenance. It would be something of a burden on database administrators to implement on existing databases but the benefits, in terms not just of privacy but an effective means to control your own data, might make it worthwhile.

xD.

Posted on Thursday, June 12th, 2008 at 4:28 pm
Categories: Politicae Britannicae, Politics.
RSS 2.0 feed for this post
Leave a comment
Trackback