Consumer Privacy Bill of Rights

Posted on April 23, 2012 by admin

The following is a discussion of the Consumer Data Privacy in a Networked World:

A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy, (hereafter referred to as the Privacy Framework) is a fifty-two page treatise published by The White House on February 23, 2012 that presents the President’s imitative in this area.  While the Personal Data Collation applauds the Administration’s acknowledgement that privacy is an issue of major concern, we are concerned that they have overlooked one of the fundamentals – that privacy is more than keeping secrets, it is also about the protection of property.

Note:  The terms data and information are often interchanged. 

Data are values of qualitative or quantitative variables belonging to a set of items. 

Information is an ordered sequence of symbols (data) that can be interpreted as a message or provides some meaning.  For purposes of this discussion, both are considered one in the same.  Also, since we believe that personal data must be also considered as personal property, we will not be commenting on Section III through the end of the document.

 Think “property owner”, not “consumer privacy”

Privacy violation, as defined in the Privacy Framework, is the misuse of data that can be connected to an individual.

It does not mention the misuse of data as also the misuse of property.  Consequently, this limits the scope and confuses the nature of information-based privacy.  The result is a profusion of confusing and difficult to implement administrative policies, practices and procedures.  If privacy and (personal) property were to be linked, then we believe that they would (collectively) come under protection to the U.S. Constitution, making enforcement clearer, cleaner and simpler.  One does not enter a man’s house without a warrant not because it is a bad policy, but because is against the law.  We don’t take his property because it is not ours to take, plain and simple. We respect on the rule-of-law where the rules are based on individual’s rights (the Bill of Rights) and not the desires of the end users.  As a U.S. citizen, the individual, the owner of his or her personal data, should have the ultimate control and not the businesses and other parties that only use it.

We cannot protect our rights for privacy (as it relates to our personal data) without also examining our right to protect our personal property as provided by the 4th Amendment of the U.S. Constitution.  Like bacon and eggs, privacy and property go together. They are the ying and the yang of protecting personal data.

One cannot be considered without the other, which is why we continue to have problems arriving at the workable solution to the increasing abuse of individual privacy in the Information Age.  There is no better proof of statement than the discussion of what is known as the third party doctrine.   As reported by Timothy Lee on techdirt.com, third party doctrine is the legal principle that says, in effect, “you lose your Fourth Amendment rights when you relinquish information to a third party.”  Lee goes on to state that the “doctrine has become increasingly important with the rise of modern technology because we now entrust a host of private data — including our email, cell phone calling data, credit card transactions, and more — to private companies, and the third party doctrine would seem to suggest that Fourth Amendment protections would not extend to such information.”  Lee is against extending the use of the third party doctrine.  In his words, “(S)ticking with the third party doctrine would make the Fourth Amendment less and less relevant as technology changes because more and more private information to be held by third parties. If we want the Fourth Amendment to continue to be an effective protection for peoples’ privacy, and we think we do, it needs to be continuously updated to reflect changing technological realities.”  The Personal Data Coalition could not be more in agreement.

Continuing the current Oligarchy:

The focus of the White House’s Privacy Framework conforms to the Oligarchy view and is limited to the commercial aspects as viewed from a company or business perspective.  While part of the Privacy Framework dialogue includes a “discussion of how to protect privacy in a networked society involving public and private, industry and commercial, academic and governmental players”, its narrow scope focuses only on one the many ways we use our personal data.  We already have the (frustrating) experience of adding privacy provisions in the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191 that delayed its implementation for five years.  Will we have the same problems with commerce?  What about the IRS or the Social Security Administration?  Without the rule-of-law, the end will never be in sight.

Information as Property and the Rule-of-Law

We wonder how different the Privacy Framework would be if it was written from an individual ownership and personal property point-of-view.  We also wonder if it included a wider spectrum of users.  We are sure that if we were talking about a book, song, invention or some other “physical” form of creative work, the information as property argument would be much easier to make.

But we don’t always get things right the first time. In 1776 the Continental Congress crafted the Declaration of Independence.  Followed by the Articles of Confederation in 1781, it created a weak central government and thirteen individual states, each with their own sovereign powers to create such things as their own currency, stamps, laws, etc.  It did not work and by 1789 the Articles were replaced by the much more workable U.S. Constitution and, most importantly, the Bill of Rights.

The Bill of Rights is the secret sauce of what we were to and have become as a great nation – the rule-of-law with the protection of the rights of the individual citizens as the start point.  They were, perhaps, the first “codes of conduct” and have been with us for over two centuries.  They already exist. They work, and in doing so, eliminate the   need to write new ones for privacy and property.  We can just adapt them to what we already have – the 4th Amendment – keeping privacy protection simple and within our already existing legal framework.   Likewise, the Bill of Rights doesn’t discriminate by industry or affiliation, so why should we start now?  Personal data, privacy, and property are fundamental to the individual and agnostic to governments, associations, businesses, and organizations in their many forms.  We should keep it that way.

The President, in his cover letter of February 23, 2012, sets the stage for privacy, provides a brief history, alludes to its legal and personal values, discusses the impact of the information and technology, and concludes with the stirring statement that “we must reject the conclusing that privacy in an outmoded value.  It has been at the heart of our democracy from its inception, and we need it now more than ever.”  He is spot-on to this point, but then ignores history.  He wants to create a new document, a new process, a new Consumer Privacy Bill of Rights.  The Personal Data Coalition can only wonder if this is wise or even necessary.  We have the Constitution; why not use it for this issue as well?

Comments on the Consumer Privacy Bill of Rights Objectives

The following is a commentary on the specific objectives of the Framework.

 1. Individual Control:  The Privacy Framework states that the consumers have a right to exercise control over what personal data companies collect from them and how they use it.  On this we agree but wonder why consumers (owners) do not have rights concerning who can collect their personal data in the first place.   Unless there is a legal right under the law (i.e. driving record, arrest warrant), the process should be “opt-in”, not the current opt-out.  If we, by law, have the right to access to our credit reports, why don’t we have the same rights to access all of our personal data such as criminal/driving records, health, insurance, academic, and so forth?   All the time and for free!

2. Transparency: We would like to add “who gave them consent” to the list of requirements.  We would also add “in accordance with the 4th Amendment.”

3. Respect for Context:  Consumers must have the right to not only willingly provide the personal data (expect where required by the law) but have a way to verify that the data is being used as permitted.  It is the consumers (as owners) who should be in primary control (not the end user companies), as they are the ones who suffer the greatest consequences from misuse.

4. Security: We would add “as with any other form of personal property.”  The focus of this Objective is on the data, not the person (owner).  It should be the other way around.  Again, it is the consumer (owner) that has the most to lose.

5. Access and Accuracy: This provision, though well written, does not go far enough.  The consumer (owner) should at all times have the ability to monitor who is using their personal data, on whose authority (including 3rd party usage) they have access, what are the legal rights and limits, and for what purpose.  Also, since a person’s data is literally everywhere, only the consumer (owner) can determine if is the single version of the truth, which is to say, its accuracy

6. Focused Collection:  Why only reasonable limits on the personal data companies collect and retain?  Data is the personal property of the consumer (owner).  Its use should only be governed by the relevant laws or by the owner’s consent.

7. Accountability: We would change ‘adhere to the Consumer Privacy Bill of Rights’ to ‘the U.S. Constitution.’

Information and Data as Property

We would also add an 8th Objective: Ownership.  In this object we would define personal data, its status as property, its ownership, and how it is the same or different from other forms of property.  We make this recommendation because the Framework is limited to the business context and only “applies (the) comprehensive, globally recognized Fair Information Practice Principles (FIPP’s)…”  The 4th Amendment makes no such distinction, which causes us to examine (question) the specific provisions from a personal property and well as privacy point-of-view.   Conversely, FIPP’s seem to not acknowledge personal information as property.

We also note that the focus is on developing a single set of privacy rules to be followed by companies.  The focus is on companies and the Federal Trade Commission. The tone is voluntary.  It assumes all personal data are the same.  The problem is that our personal data, data that is or could be used by companies, is also the same data that is used by other entities, government or private, for a wide variety of reason.  As nice as it sounds, person data cannot be that easily parsed.  It is just not possible to develop a workable set of rules for every situation from a multitude of users.  Privacy itself, as a concept, is just too vague.  This is why personal data as property make more sense.  Property rules, supported by the Constitution, are much more concise, reflect the rights of the individual (human) owner, and have withstood the test of time.

A statement starting in the middle of page 6 acknowledges the inconsistent standards resulting from the confusion and complexity of Federal data privacy statues as they apply to specific sectors and that the Administration supports extending protections to the sectors that existing Federal statues do not cover.  Our thought is “are we making things worse?”  Again, why are we treating personal data only through the ever-expanding morass of privacy regulations and codes of conduct without resolving the personal property issue?  We can’t make a rule for every possibility.  We need to “reverse the telescope”, focus on the individual at the Bill of Rights, and then move forward.  To do otherwise will encourage businesses and other organizations to continue to “game the system.”

What is missing is any discussion of personal data as property.  The footnote on page 12 of the Framework uses the term “personally identifiable information (PII)” as information that is linkable to a specific individual.  It goes on to say that PII is not anchored to any single category of information…that rather, it requires a case-by-case assessment of the specific risk that an individual can be identified.”

The Framework, through footnotes on page 5, stresses that it is “concerned solely with how private sector entities handle personal data in commercial settings.”  Footnotes not withstanding, the U. S. Constitution still comes first.  The Personal Data Coalition has no object as long as what is being done is constitutional.  We do not believe this to be the case.  Merely stating that when it comes to privacy that personal data is not personal property does not count.

Conclusion

We are at the crux of the issue…is our personal data our property?  Can the protection of our privacy be achieved without constitutional protection?  Is “consumer privacy” any different than any other privacy? Will the third party doctrine prevail?  These are the key points and they must be resolved before proceeding, before any practical solution can be reached.  They are just too fundamental to ignore.

The co-consideration of privacy and property, and the technology to implement it already exists in a working “proof of concept” – HIPAA.  Originally designed to facilitate electronic portability of employee medical records between employers, accelerate the reimbursement cycle by eliminating paper, and reduce errors and administrative overhead, it was not fully enacted until 2001 when provisions for data security and individual privacy were added.  Thus HIPAA set the stage for maintaining the privacy and protection of personal data on a national basis — where privacy and personal data issues are safeguarded in a single technical solution.

Violations of property are protected by our Constitution and therefore dealt with the rule of law, the courts, and our current law enforcement infrastructure.  Attaining privacy and protecting individual rights through voluntary consensus as proposed by the White House’s framework on personal data privacy is little more than “privacy by committee.”  There ought to be a simpler way to resolve this issue within our existing legal (and international) framework.

 

 

Posted in Uncategorized | Comments Off

We the People demand….

Posted on October 14, 2011 by personaldataedit

 

have a constitution that is over 200 years old.  It remains one of the most remarkable documents in the history of Man.  We Americans will always be the first union of people to have a Government that is subservient … that serves the people.  Today, we need to consider what changes to that document should be made.

The digital age has crept up on most of us and we need to consider the implications of a digital world.  We live in an era of exponential changes.  For the most part our digital lives feel like a convenient extension of what we have always known but, do not be deceived.  Our phones still allow us to make phone calls… but allow our every movement to be tracked.  Our cars still provide transportation…but they record everything about our car including where we go.  Our TV still provides “entertainment”… but keeps track of everything we watch.  Our banking, insurance, healthcare, credit, tax and investment information is recorded in detail.  We haven’t changed what we do but the information about what we do has changed.  We freely (unknowingly and without options) give more and more information away to our Corporate Oligarchy in exchange for convenience.  We are giving away control of our Liberty and our FreedomWe must stop doing this and blaming corporations for the problems we have created.

It is possible that most of the problems that we have with our Government and the corporations we interact with today stem from the misunderstanding that not all data is the same!  We need to understand that our information is something We keep and let others look at.  We need to control it not let others control it.  We shouldn’t just give it away or let it out of our control.  Ever!  We need a different information management model for the future.  This is a BIG change for the better.  We know we need to get our privacy back and keep it and the first step needs to be to recognize that not all data is the same!

Information is not just information and data is not just data and that is what We the People are all missing.  Information and data comes in all sorts of forms and formats.  Some data can be made available to everyone while other forms, such as Personal Data, should not.

The Personal Data Coalition believes We the People need to take back our Personal Data, our Liberty and our Freedom! The information that we create is our personal property and should never be out of our control. It starts the moment we are born and ends sometime after we are no longer here.   Our Personal Data is unique to each of us.

Our Personal Data should be kept in a single network connected location accessible at all times but not be out of that persons control.  If someone needs to see it, we should know who it is and grant them access.  (Which means that we need free and open access to our Personal Data at all times) If the data is accessed by warrant and properly served then our Sovereign Government has that right.  We believe and support the rule of law…and we now need a law that gives our Personal Data the status of Personal Property.  The Fourth Amendment gives protections to our personal property and it needs to explicitly include our Personal Data.

The Fourth Amendment:

Every subject has a right to be secure from all unreasonable searches, and seizures of his person, his houses, his papers, and all his possessions. All warrants, therefore, are contrary to this right, if the cause or foundation of them be not previously supported by oath or affirmation; and if the order in the warrant to a civil officer, to make search in suspected places, or to arrest one or more suspected persons, or to seize their property, be not accompanied with a special designation of the persons or objects of search, arrest, or seizure: and no warrant ought to be issued but in cases, and with the formalities, prescribed by the laws.

We ask (or DEMAND?) that our Constitutional Watchdogs work to include our Personal Data as our personal property and have Fourth Amendment Rights granted to our Personal Data.  We think it is appropriate to update the Constitution to take into account the changes brought on by the advent of computers and digital technologies.  Two Hundred Years is a long time.

Make our Personal Data our Personal Property.

All electronic data that a person creates or is created for that person shall be that person’s property.  All rights to that data shall remain with the person that created the data and all searches, seizures shall require a proper warrant as prescribed by law.

It is for this reason, that we believe it is important to raise awareness to the imbalance of power in our lives.  We believe the first demand should be to give American Citizens back their Personal Property.   We Americans should consider a world that is much more efficient, accurate and cost effective using a Personal Data Archive ™ system.  Our information must be accessible in a secure manner at all times from any location and under the control of the owner of that information.  Our Personal Data has value to us, but only when it is in our control.

 

Posted in Definitions | Tagged , , , | Comments Off

Hipsters talk about privacy – Ashton Kutcher and Sean Parker

Posted on August 9, 2011 by admin

Sean Parker and Ashton Kutcher talk about Privacy as the new Celebrity….

Privacy as a scarce commodity

Posted in Uncategorized | Tagged | Comments Off

Google + (plus) and your rights

Posted on July 7, 2011 by admin

Do you read the fine print? You might want to in this case….a post about what you agree to give to Google

Posted in Uncategorized | Tagged | Comments Off

Bill Moyers on the truth

Posted on February 15, 2011 by admin

The essence of 1984 was not about “Big Brother Watching You”.  If you read that story in High School you may have missed the subtle and more serious issues of losing the truth.  Bill Moyers had a great story on how America Can’t Deal with Reality-this is just an excerpt.

George Orwell had warned six decades ago that the corrosion of language goes hand in hand with the corruption of democracy. If he were around today, he would remind us that “like the rattling of a stick inside a swill bucket,” this kind of propaganda engenders a “protective stupidity” almost impossible for facts to penetrate.

But you, my colleagues, can’t give up. If you do, there’s no chance any public memory of everyday truths – the tangible, touchable, palpable realities so vital to democracy – will survive. We would be left to the mercy of the agitated amnesiacs who “make” their own reality, as one of them boasted at the time America invaded Iraq, in order to maintain their hold on the public mind and the levers of power. You will remember that in Orwell’s novel “1984,” Big Brother banishes history to the memory hole, where inconvenient facts simply disappear. Control of the present rests on obliteration of the past. The figure of O’Brien, who is the personification of Big Brother, says to the protagonist, Winston Smith: “We shall squeeze you empty and then we shall fill you with ourselves.” And they do. The bureaucrats in the Ministry of Truth destroy the records of the past and publish new versions. These in turn are superseded by yet more revisions. Why? Because people without memory are at the mercy of the powers that be; there is nothing against which to measure what they are told today. History is obliterated.

http://www.alternet.org/world/149925/bill_moyers:_america_can%27t_deal_with_reality_–_we_must_be_exposed_to_the_truth,_even_if_it_hurts/?page=entire

Posted in Uncategorized | Comments Off

No Privacy

Posted on May 26, 2010 by personaldataedit

I think people have given up on having a sense of privacy online. Here is a comment from a local Social Media Group about his perception on the privacy issue in light of the latest Facebook questions.

What’s the big deal?

“Your privacy was dead long before Facebook made this change,” Schwartz said. “Privacy died a long time ago.”

Marketers have been collecting all kinds of personal data on web users for the better part of a decade, Schwartz said, and sometimes its more personal tidbits that anyone would be willing to share on Facebook. “Marketers aren’t doing this to be malicious, they’re doing it to optimize your web experience … to sell you a car.”

And it’s not just in Facebook. Anytime you send an e-mail, surf a website for a product, or offer an online review, information is captured, tracked and passed along to a marketer. The only way to opt out of the information sharing is to opt out of offering the information in the first place.

The bottom line is clear, Schwartz said: “Quit disclosing crap you don’t want people to see.”

If we think that we can control what others know by not posting things that we don’t want others to see, hear, read or infer we are missing the many uses of a social network.  You have no control of what others may post, say, photograph or capture on video.  I don’t think the problem is just about what we think we can control.  I think the problem with privacy is all of the data that we have no control over.

IT’s A MUCH BIGGER PROBLEM

As our lives continue to become more and more digital we have more and more to try and control, in more and more places.  If we don’t start to manage all aspects of our digital selves and begin to think about how to approach this problem we will surely be unable to control it.

Don’t think that it is appropriate for others to have your personal data.  It just isn’t theirs.

Join our discussion about personal data.  Let us know what you think.

Changing the model of information management and protecting personal data is very important.

Protecting personal data cannot be accomplished if you give it to others.  Once it is shared it is not private.

We first need to realize there is another model, that supports the privacy of the individual and still allows society to function.

We need to define the problem and help build awareness of the issues and the alternatives.

We need to build a legal framework for a digital world that supports our beliefs, values and freedoms.

We need to develop laws that protect individuals personal data, privacy and property.

We need to re-tool the information management industry to honor and adhere to privacy laws and to develop their software applications in accordance with good privacy protection.

We need to have networks that support our information management digital world needs.  The current model is broken.  Access to information should not be metered, filtered, monitored, or restricted in any manner.  I call this open networking.  Network Neutrality is a framework for support the current model.

We need to gather our information into a single place that can be protected, supported and managed easily.  Each individual has his own information storage system and it only contains their information.  It serves a single individual.

We need to separate data and applications.  We need better data standards.  We need better applications. We need a new system for storing individual data.

We have to know that the world operates on information and we have to begin to understand the value of our information.  It is not free and should not be shared without our approval.  It is currency.  We need to value our information.

The individual’s freedom for the pursuit of happiness, for life and the expression of ourselves in our work, thoughts and deeds is dependent on having information that is reliable, truthful and accessible.   Without having control of your information your freedom is at risk.

Posted in Connectivity, Technology | Comments Off

What your digital copier may know…

Posted on May 12, 2010 by personaldataedit

What your digital copier may know

A CBS investigative report on what is stored on digital copier hard disks and how easy it is to obtain…

http://www.youtube.com/watch?v=iC38D5am7go&feature=player_embedded#!

Posted in Technology | Tagged | Comments Off

“Free” Internet Service

Posted on April 26, 2010 by personaldataedit

How much should each one of us pay to have access to the internet?

I think it should be something like the annual pass fee for the National Parks.

(This is taken from the National Parks Service FAQ )

How many employees are in the National Park Service?

Permanent, Temporary, and Seasonal – Approximately 20,500 diverse professionals

Volunteers in Parks – 145,000

How many people visit the National Parks?

Total recreation visitors to the National Parks in 2009: 285,579,941

Visit the Public Use Statistics for more detailed information.

What is the National Park Service Budget?

FY 2010 Enacted – $3.16 billion

FY 2011 Request – $3.14 billion

How do I obtain a park pass?

Visitors can obtain park passes by visiting their nearest park site. Most sites have passes available, however it is recommended to call a      park prior to your visit. Learn more about the America the Beautiful – National Parks and Federal Recreation Lands Pass.

(note: based on the annual 2009 visitors and the 2010 budget that is like $11.00 per person)

And,  if you are older yeah, you get a discount….maybe like 50%

Here is what I think I should pay…

Remember there are 350 Million individuals. Even if two fifths of them paid, that would be 140 Million individuals

@$10/year that would be $1.4Billion dollars per year

@$20/year that would be $2.8 Billion dollars per year

Since the internet charges for both ingress and egress traffic (they charge you and the person you are connecting to) they get paid twice for most traffic.

I vote for “free” being less than $20.00 / year for individual internet access.  Let them get the rest from the companies that we connect to.

Most of the internet facilities I have been to are “lights out” (nobody works there) and their costs are for equipment and electricity.  It doesn’t take a lot of people to run the internet.  The equipment is depreciated so the companies get tax breaks on the equipment and the expenses as the costs of business.

Oh yeah, if we made it easy to get a wireless connection (no password) I doubt we would need many customer service people (no password reset).  Companies don’t need much support after installation and most of it can be done remotely.

The internet by definition is “best efforts” delivery so I am not paying for or getting quality of service.

I can afford $20.00 and that includes access at home and away.  Make sure I have Wi-Fi and I will only use my cell when I can’t get Wi-Fi service.  So I get it “free” on my cell phone plan too.

Posted in Uncategorized | Comments Off

Everyone needs internet access – Net Neutrality

Posted on April 26, 2010 by personaldataedit

“The internet is global”

[but the global governance of the internet is not recognized or well known or that functional]

“all media is moving to the internet”

[Government censorship or regulation is only available on regulated communications services.  Currently the internet is not under the jurisdiction of any government agency.]

These comments can be heard in this video from Bill Moyer\’s Journal It is short and worth watching.

Everyone needs access to the internet.

It should be “free” <$20.00 /year for individuals but organizations and  Companies will have to pay.

The use of the internet is for access to our information and because “all media is moving to the internet” it will be the way we get our general news and information in the future if not already today.   When all of our personal information is online we will have to have open access to the internet as the means to survive.  It will be just like the air we breath.  We will have to have it.  Take it away and we will be unable to function.  It is very important and a necessary resource for our digital future.

Posted in Connectivity, Legal, Technology | Tagged , | Comments Off

50 Ways to Take Back Control of Your Personal Data

Posted on April 25, 2010 by richardtruex

InsideCRM editors published these suggestions to take back control of your personal data.  These are good to think about, since we have no way to control our personal data…

We need to be able to authenticate ourselves without releasing personal data.

Posted in Technology | Comments Off