In the case of our name and personal data, I believe that the laws of privacy prevail. I also believe that individuals have the right to decide whether or not this private information should be sold on the open market, and, if it is, to maintain 100% control. That said, what officially—or even legally—backs my theory, when opponents repeatedly cite the 1st Amendment as their right to send unrestrained junk mail?
Paraphrased, the 1st Amendment states that Congress shall make no law prohibiting free speech. Just click on the highlighted portion and you can research the Amendment at FindLaw. My question is, where does the junk mailer’s right to free speech end and my privacy begin?
The Constitution does not specifically mention a right to privacy, but Supreme Court decisions over the years have established privacy as a basic human right. The 9th Amendment states that, although certain rights are specified by the Constitution, just because something is not specifically designated, it should not mean that it isn’t a right of the people. Again, available on FindLaw.
In the Bill of Rights, 4th Amendment, the people are given the right “to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures…” It’s not likely the architects of the Constitution could have even imagined the era of computers and personal databases. They were busy putting a new country together. However, it seems clear to me that, at least in the spirit of the law, we are supposed to enjoy a certain level of privacy.
Apparently, privacy wasn’t much of a real issue until The Privacy Act of 1974, when government agencies were restricted in what they could do with citizens’ personal data. It was enacted, in part, because the people do not have the same alternatives in dealing with the federal government as they do with private business. The major concern was assuring the public that their private information would not be abused by federal agencies or bureaucrats. Even then, they couldn’t have envisioned The Patriot Act.
Three years after The Privacy Act of 1974, a Privacy Protection Study Commission was formed and it issued its report: “Personal Privacy In An Information Society,” July 1977. Click on the highlighted area and then click on “Mailing Lists.” This report has been in my hands since its original publication, another confirmation of the number of years I have been concerned over the potential problems of selling names and personal data.
One of the recommendations made by the Commission was that organizations selling customer names and personal data “…should adopt a procedure whereby each customer, member, or donor is informed of the organization’s practice in that respect, including a description of the selection criteria that might be used in selling, renting or exchanging lists, such as ZIP codes, interest, buying patterns, and level of activity, and, in addition, is given an opportunity to indicate to the organization that he does not wish to have his address, or name and address, made available for such purposes.”
Interpretation: selling our name and personal data should be an opt-in arrangement, meaning the junk mailers shouldn’t make a move without our prior approval. Folks, this was 28 years ago. The commission had the vision to predict that certain selection criteria like our “buying habits” could be tantamount to a major invasion of our privacy. They were defining “personal data” before we really knew what it meant.
In another important move, the Commission recommended against companies selling or sharing data with their affiliates, a problem that still exists today. If you trust the parent company, why not the subsidiaries? Simply put, loss of control. And, if security is lax at the top, ie. ChoicePoint, LexisNexis, Bank of America, Time Warner, what’s it like in the companies’ smaller affiliates?
In my next post on this subject, we’ll talk about what’s happening today in personal data privacy and the mounting war against identity theft.