Simon Davies: Privacy's New Image

America's new rules of privacy are coming from the Old Country. Here's how Europeans like Simon Davies are getting America to rethink privacy.

By Daintry Duffy

Page 2

Why is it so hard for companies, and indeed governments, to reconcile the two?

"Such intuition used to be at the heart of America's Fourth Amendment," says Jeffrey Rosen, associate professor of law at George Washington University, referring to the right of citizens to be safe from unlawful search and seizure. "The most invasive measures should be limited to the most serious crimes, but we lost that principle along the way," adds Rosen, who is also author of The Unwanted Gaze: The Destruction of Privacy in America.

In the United States especially, the relationship between privacy and security has been a particularly contentious onenot only because of the disinclination toward legislation but also because information has always been the lifeblood of our capitalist culture: Privacy protections, it is feared, could put a stranglehold on the flow of commerce.

But the war on terror in particular has brought the clash between privacy and security to the forefront like never before. Recent casessuch as the attention given the Muslim-American woman in Florida who refused to remove her veil for a driver's license picture, and the furor that greeted the announcement of the government's plan for the Total Information Awareness Program, which would link and mine databases to identify security threatshave further muddied the relationship between the two. One always seems to be implemented at the expense of the other.

The problem is exacerbated on the corporate side by the breakdown in communication that often occurs between the privacy and security folks. CPOs such as Cullen feel somewhat misunderstood by the security profession. "CSOs don't understand privacy as well as privacy officers understand security," he says, noting that he believes privacy is more nuanced and less black-and-white. "Security is a fairly rational thingthe antivirus protection is either on or offwhereas there is a high degree of variability in privacy." What feels invasive to one person can be of little matter to the next.

More than a quarter of the 1,010 U.S. citizens responding to the annual Harris Interactive poll in February 2003 identified themselves as being "privacy fundamentalists." They feel strongly about the loss of privacy and will resist any further erosion. Only 10 percent of respondents identified themselves as "privacy unconcerned." They have little or no anxiety about how their information is collected and used. But a majority of people63 percenttake the "privacy pragmatist" approach. They may be concerned and aware of issues surrounding privacy, but they are also willing to trade some of their personal information if the perceived benefit is great enough and the risk of information misuse is low. The Continental ClashIn Europe, however, the issue of privacy goes beyond that of a preference. It is seen as a fundamental human right. For that reason, the Europeans have had a much easier time combining the issues of security and privacy into a single ethic of information handling. "In the U.S., citizens see privacy as a legal minefield," says Simon Davies, director of London-based Privacy International, noting that consequently it often is turned over to the legal counsel or human resources to manage. "In Europe [privacy is] more a human condition than a legal condition. It's more a social issue than a litigation issue. So security people find it easier to take [privacy] on. In the United States, the corporate environment is steeped inand constantly threatened bylitigation." When the prime directive is avoiding litigation, it becomes next to impossible for security and privacy to evolve side by side.