Next SectionSummary
Privacy has no one single meaning in society; it has many. As the chapters in this book show, privacy has legal, institutional, consumer, medical, workplace, telecommunications and a vast number of other venues in which it plays a role. Consequently, we must live and work in a tapestry of privacy. Living one's life in a society depends on one's ability to engage in many complex relationships with a variety of helping and controlling decision structures and, sometimes, with the media. Each of us, in our role as a first party, has a vast number of relationships with many second and third parties and with the fourth party. Each of these many decision structures, however, should function like privacy capsules, lodged in one sphere of the tapestry. The people who are inside the capsule carry out roles in which they are entrusted with first party personal information. They thereby have a fiduciary relationship with the party providing the personal information. An exclusionary principle also applies. Third party individuals who are not authorized members of a particular decision structure should be excluded from receiving personal information about the individuals who come to the structure for help or who must submit information to it. Third parties should remain outside the capsule. Only legitimate controlling decision structures should be allowed to crack the structures shell and then only under conditions of due process and they should only be given access to the minimum of the personal information they require.
Nevertheless, decision structures have a responsibility to be effective. Information flows within the capsule should be complete, accurate, timely and efficient so that the structures work can be done. In any case, disclosures of personal information outside the shell should be made with consideration and deliberation. A decision structure's duty of confidentially necessitates this level of care.
Policy and technology are the principle tools by which personal information is secured and the second party's duty of confidentiality fulfilled. The tools of information security include password protection and authentication, audit trails, biometrics, smart cards, digital signature standards, firewalls, and encryption methods including data encryption standards and public key or asymmetric encryption. Policies and operating procedures with respect to collection, use, sharing and access and to the handling of errors, corrections, and changes provide the guidelines for deploying these tools. These policies should be derived on the basis of an underlying moral analysis which specifies rights, duties, responsibilities and fair information practices. In the final analysis, however, most formal tools are inadequate. Technology alone is not adequate. Rules and regulations alone are not adequate. Market forces alone are not adequate. Every decision structure must internalize a set of humanistic values and accord respect to the people who entrust their personal information to them. These social values must undergrid everything. Only when these humanistic values are in place will a decision structure make the investment and have the will to protect its subjects' privacy.
Back to Cyberethics