PGP Corporation - Library - CEO Blog

24 Aug, 2005

One of the consequences of the data breaches at CardSystems, ChoicePoint, CitiBank, etc. is that Americans are beginning to recognize just how public and vulnerable the details of their personal lives can become. Although most of us assume the details of our financial and commercial transactions are confidential, the reality is exactly the opposite. The paradox of this situation, in my view, is that we live in a nation founded on the recognition of certain “inalienable rights.” At the same time, we enjoy fewer protections against the collection and release of our personal information than any other developed country. To see how the rest of the world has addressed this key issue, I recommend Eric Dash"s excellent story in the August 7 edition of The New York Times (registration required).

Although the U.S. Constitution identifies a number of personal rights, including freedom of speech and the right to bear arms, the founding fathers saw no need to identify a fundamental right of privacy. The founding fathers, however, had no way to foresee how the collection and dissemination of immense databases of personal financial, medical, and other data dramatically reduces our legitimate right of privacy as we conduct our daily lives. Legal scholars have debated for decades whether there is an implied right of privacy in the Bill of Rights. The courts, however, have historically declined to extend their interpretation of the Bill of Rights to include a broad fundamental right of privacy or even a narrower right to personal data privacy.

Periodically, Congress has modified the Constitution to identify new rights as it did with the 14th amendment, which established the notion of fundamental civil rights, and the 15th and 19th amendments, which extended the right to vote regardless of race or sex. More recently, Congress established the concept of the privacy of certain medical information when it passed the Health Insurance Portability and Accountability Act (HIPAA) in 1996. When it comes to protecting our non-medical personal data, however, Congress has shown little desire to block the commercial interests of the multi-billion-dollar data-collection industry. There are several relevant bills pending in Congress at the moment, but given the relative lack of sponsorship and the agenda before the 109 th Congress, it's unlikely they will come to a vote.

My own view is that the time has come for the United States to catch up to the rest of the developed world and recognize the fundamental and inalienable right of personal data privacy. Whether this occurs through the proposal of a 28 th amendment to the Constitution or through passage of one or more of the bills now matters less in my view than Congress acting before Americans lose faith in the institutions and processes with which we interact every day.

Many states have already started to take action, but if that trend continues, we'll end up with the kind of patchwork legal structure that makes it difficult for businesses to operate nationally and even harder for consumers to know when they can expect their personal data to be protected. It's time for Congress to demonstrate leadership on this critical issue and ensure that all our personal data is treated with the care and respect it deserves by both private and public sector institutions.

- Phil

Related Links
Personal Data Privacy and Security Act of 2005 [S.1332.PCS] E-Mail Privacy Act of 2005 [H.R.3503.IH] [S.936.IS] Information Protection and Security Act [S.500.IS] [H.R.1080.IH] Online Privacy Protection Act of 2005 [H.R.84.IH] Privacy Protection Act of 2005 [H.R.2387.IH] Social Security Number Protection Act of 2005 [H.R.1078.IH] Social Security On-line Privacy Protection Act [H.R.82.IH] Identity Theft Prevention Act of 2005 [H.R.220.IH] Privacy Act of 2005 [S.116.IS]

		/ Home / Newsroom / CEO Blog / Time for Congress to Recognize Our Fundamental Right of Personal Data Privacy

Newsroom Media Releases In The News Awards & Reviews Events Article Reprints CEO Blog Current Archives CTO Corner Executive Briefs Government Regulations Webcasts Newsletter		Subscribe to CEO Blog via RSS. Time for Congress to Recognize Our Fundamental Right of Personal Data Privacy 24 Aug, 2005 One of the consequences of the data breaches at CardSystems, ChoicePoint, CitiBank, etc. is that Americans are beginning to recognize just how public and vulnerable the details of their personal lives can become. Although most of us assume the details of our financial and commercial transactions are confidential, the reality is exactly the opposite. The paradox of this situation, in my view, is that we live in a nation founded on the recognition of certain “inalienable rights.” At the same time, we enjoy fewer protections against the collection and release of our personal information than any other developed country. To see how the rest of the world has addressed this key issue, I recommend Eric Dash"s excellent story in the August 7 edition of The New York Times (registration required). Although the U.S. Constitution identifies a number of personal rights, including freedom of speech and the right to bear arms, the founding fathers saw no need to identify a fundamental right of privacy. The founding fathers, however, had no way to foresee how the collection and dissemination of immense databases of personal financial, medical, and other data dramatically reduces our legitimate right of privacy as we conduct our daily lives. Legal scholars have debated for decades whether there is an implied right of privacy in the Bill of Rights. The courts, however, have historically declined to extend their interpretation of the Bill of Rights to include a broad fundamental right of privacy or even a narrower right to personal data privacy. Periodically, Congress has modified the Constitution to identify new rights as it did with the 14th amendment, which established the notion of fundamental civil rights, and the 15th and 19th amendments, which extended the right to vote regardless of race or sex. More recently, Congress established the concept of the privacy of certain medical information when it passed the Health Insurance Portability and Accountability Act (HIPAA) in 1996. When it comes to protecting our non-medical personal data, however, Congress has shown little desire to block the commercial interests of the multi-billion-dollar data-collection industry. There are several relevant bills pending in Congress at the moment, but given the relative lack of sponsorship and the agenda before the 109 th Congress, it's unlikely they will come to a vote. My own view is that the time has come for the United States to catch up to the rest of the developed world and recognize the fundamental and inalienable right of personal data privacy. Whether this occurs through the proposal of a 28 th amendment to the Constitution or through passage of one or more of the bills now matters less in my view than Congress acting before Americans lose faith in the institutions and processes with which we interact every day. Many states have already started to take action, but if that trend continues, we'll end up with the kind of patchwork legal structure that makes it difficult for businesses to operate nationally and even harder for consumers to know when they can expect their personal data to be protected. It's time for Congress to demonstrate leadership on this critical issue and ensure that all our personal data is treated with the care and respect it deserves by both private and public sector institutions. - Phil Related Links Personal Data Privacy and Security Act of 2005 [S.1332.PCS] E-Mail Privacy Act of 2005 [H.R.3503.IH] [S.936.IS] Information Protection and Security Act [S.500.IS] [H.R.1080.IH] Online Privacy Protection Act of 2005 [H.R.84.IH] Privacy Protection Act of 2005 [H.R.2387.IH] Social Security Number Protection Act of 2005 [H.R.1078.IH] Social Security On-line Privacy Protection Act [H.R.82.IH] Identity Theft Prevention Act of 2005 [H.R.220.IH] Privacy Act of 2005 [S.116.IS]