It’s not OurSpace… It’s MySpace.
Once upon a time, a law student was approached by his significant other asking about a website that he signed up to and maintained. Among her inquires; who were these other girls, where did he know them from and what references were they making in their comments that were posted on the webpage for the public to view. The discussion did not go well, henceforth why I say, once upon a time. That unfortunate student foolishly over looked the fact that this is world is too small, and the Internet just made it even smaller. The information we post is public and available, but what about privacy? Privacy was once limited to only what you reveal, but now in this new age of technology there is a redefinition of privacy and that voluntary notion of providing no longer exists.
Various definitions state Privacy is the ability of an individual or group to keep their lives and personal affairs out of the public view or just the right to be left alone. It is also the ability to control the use and flow of personal information. After Con Law, most law students would associate privacy with abortion and rights of personal autonomy, yet when you incorporate the Internet, you are transfixed in a completely different debate. With the Internet, privacy once centered on anonymity but now the focus is consent, security, disclosure and availability.
Everything with the Internet revolves around one thing, Data. It begins with the collection and storage of data that is either given or taken, utilized for purposes know and unknown, and concludes with its availability to many more than initially thought of.
Privacy also takes into account the right against unsanctioned invasion by the government, corporations or other individual that the constitution and the laws of this country protect against. Yet what occurs when there is a violation? Courts have provided tangible damages for the violation of rules and regulations concerning privacy yet, awards for fraud, lost time from work and attorney’s fees don’t amount to much when compared to the intangible effects that are coupled with that loss.
The problem is, how can one be compensated sufficiently for violations of privacy when there exists no fixed definition to what it is, hence you can’t really measure what has been lost and the potential effects of its loss. An education in law school will demonstrate that a violation in the law of worker’s compensation, contracts or torts is defined and is coupled by a distinct matter in recourse. The law will compensate loss of earning capability, expected consideration, and even injury, providing sufficient tangible compensation to satisfy its loss, yet the loss of privacy cannot be compensated as such.
The yin to the yang of privacy is consent. Consent can and is often sacrificed by its holder, but to what degree do individuals know what rights they are forfeiting and how it happens? Much legislation is centered on just this. Privacy watchdogs insist that privacy is something that individuals should be allowed the choice to “opt into” for consent to use their personal information, yet corporations demand freedom and flexibility of utilizing it until people “opt out.”
The use of information stretches the gambit from basic storage and marketing, to being sold to unaffiliated third parties for use in completely unrelated purposes, and even government and corporate profiling.
In defining consent, how is consent transferred? Before the dawn of this technology, consent was given by written signature, but now just checking off a box on a site can do it. Even making or completing a purchase can serve as consent to data. Although age, sex, and location are indictors of information collected, many may feel that is private, others not - yet we are not given notice or choice. So how is consent given? Was it that oblique phrase on page 26 of the TOS that we checked off? Was that sufficient to allow anyone access to that information or market me? Providing my email address seems to consent to countless offers and fill up my spam box.
And the security protecting that information? The law addresses data protection, where private companies are instructed to take “reasonable security measures” in order to prevent unauthorized access, altercation and or exposure. Yet “reasonable” is interpreted differently given the scenario and there is no “one size” fits all approach to security, because potential, if not actual exposure exists. From loan debt information for refinancing, to credit ratings for balance transfer offers, and even past purchases for special offers. No one has a problem until one arises, but what then? Who do you address? Was there a violation of my rights and what law helps protect against this?
This complex paradigm no longer addresses only personal information disclosed on a voluntary basis with consent to only those we chose, for a specific purpose where it is protected. Consent is immaterial and storage is unknown. Participants are anonymous, purpose is reinvented daily and security awaits a talented hacker before it is re-conceived.
That poor law student who hoped that his voluntary information would not be discovered was aware of its public display, but he is now learning of records that exists about him that were not volunteered. So if information from sources like MySpace, which are free and virtually effortless to access, can impact one’s image in society, among their peers, with employers and even directly affect his relationships with significant others, what could the information that is collected without consent or knowledge and used for unknown purposes do to a specific person.
It seems that information leads to unquestionable power and now it is a question of who controls and how they leverage that power. In the case of the significant other, she used it well to his disadvantage, and in the end the only question about data and the Internet is no longer will you find me, but what will you find out about me.
Arvind Galabya
