Public Place – a location accessible by the general public or anything outside of our home.
Public Information – information shared or published with or without approvals.
Personal Place – a location accessible by an individual and generally owned or paid for by that individual generally our home or living space.
Personal information – information about a person that would not exist if that person did not exist.
Why do we believe that we can create public information from personal information just because that person is in a public place? What we do or say whether in a personal or public place is still most likely personal information. We may CHOOSE to publish this information and make it available to the PUBLIC but that is not the normal state of that information. Choice is key and a very important right.
Why is it that all information is considered to be the same? And, if it is not all the same, then why, in this time of rapid technological change, has the technology used to store and manage data remained unchanged? (The relational database has been the technology of choice for over 30 years.)
Sure, we call our information and data public or private, free and open or confidential, but these are just different swipes of the same broad brush. Maybe this was OK in the analog world, but in the digital world this is the reason why, in the words of John Perry Barlow, that “almost everything we think we know (about managing information)…is wrong, (that) we are going to have to look at information as though we’d never seen the stuff before?” The differences in information we are talking about go mainly to the legal standing – the ownership and the uses provided our Constitution and the rule-of-law.
There is information out there in many forms and purposes. There is information that has its own unique value and there is information that enables value in other things. There is public information “owned” everyone and personal information that belongs solely to the individual — information about us that has been deposited in thousands of haystacks (read: databases), each with its own purposes, and none with our consent or control. The result is two-fold and interrelated — confusion about information rights and ownership, our inability to find needles (read: store and manage it) efficiently and cost effectively.
To help make our point, to become less confused and more efficient, we should start with some basic definitions and take a fresh look at information from several points-of-view — who owns it, who uses it, who needs it, who has access to it, and who abuses it. After all, information comes in several forms, serves a variety of purposes, and is of differing interest to different groups and individuals. Once we have done this, then we can examine how it is managed today and how it should be managed tomorrow.
Information can be segmented into the following four categories.
Private Information: In this category is information created by us and is known only to ourselves. It resides within the physical confines of our brain, under lock and key in a safe place, or is otherwise protected from access by others. No one, other than you, the owner, has access to private information.
Public Information: This is information that is known by two or more people. It is private information that has been replicated outside of its protective container without any restrictions.
Confidential Information: This is public information that is restricted to those who have a legal basis for need-to-know. It can be protected physically (encryption, registered mail, etc.), legally (court orders, sealed records, security classifications) and/or morally (confessions,manners, rules of society). Although private information, by its own definition, is also confidential information, confidential information is not necessarily private information.
Personal Information: This, the newest category of information, is information about a person such a date-of-birth, weight, DNA and finger prints, religious preference, personal habits, citizen and community status, and personal sins. It is information that would not exist if the person did not exist.
Personal information can be private (weight measured in the privacy of a bathroom), or public (weight as recorded on a driver’s license and used to target weight-loss prospects), or confidential (weight on a health record that is part of the doctor-patient relationship.) Although it is about a specific individual and, therefore the property of that individual, it can be the property of others (our driver’s license is also the property of the issuing state.)
The Key Word is Personal
So…. what is personal to us, what is our personal data, our personal information? Maybe it’s our age, or our real weight (not what’s on our driver’s license), or our real hair color, our height, our incontinence, or our criminal record (Yes…it was just a juvenile offense.)? How about our bank pass code…that’s private right…nobody knows that, or our bank balance, our net worth, our credit card balance, or our credit score? Then there is your identity stuff such as passport information or information about our adoptive parents.
On the legal front there are our depositions and our tax return information. Oh, and did we forget our employment history, pictures of our kids, what we post on Facebook and our text messages…we know the ones? And by the way, where did we drive our car last night? What did we look at online? What emails have we deleted? From these few probing questions alone, we can see that the personal data issue is a serious one and likely to get more so. But, that is just what’s obvious. A little more difficult set of questions start with what are we going about it, or rather what can we do about it? How much information are we willing to share? What would we like to have more control of? How much convenience are we willing to give up in exchange for more control? Ask most people and they will say that they would like to have more control but that it is just not possible.