Privacy Law vs Privacy Reality
Following the recent disclosure that virtually every American is being tracked and to some degree “investigated” with no cause, there has been a rash of quick judgments regarding the government’s activities. History may paint Edward Snowden as a hero whistleblower or a traitor. Time will tell. Regardless, what we should expect to take a lot of time to sort out (and it may never be resolved) is the proper level of engagement and access that the government should have to information about its citizens. One thing is assured all three branches of government will be fully engaged on these issues and there will be a flurry of proposed legislation and regulation. Be certain of one thing, the nature of our exposure will change as rapidly as technology advances and our laws and regulations will unlikely ever be able to keep the pace.
As both American citizens and financial services professionals, we should be clear in our distinction between privacy laws and regulations and actual personal privacy. First, with regard to privacy laws. There are hundreds if not thousands of laws on the books, most of which are in-place to ensure the protection of personal data handled by individuals as well businesses. There are also laws that ensure punitive action will be taken toward business that fail to protect collected data appropriately.
In fact, the most current estimate from the Federal Trade Commission is that there are 32 major lawsuits pending against business that have failed to comply with various privacy laws and regulations. A quick search of Thomas, the Library of Congress’ legislative database, for terms such as “privacy” and “cyber+security” returns thousands of hits. Make no mistake the quagmire of privacy laws and regulations will continue to get deeper and more complex. Perhaps this process will happen more quickly as a result of the most recent NSA flap.
In my opinion, when it comes to personal privacy the picture is clear and the bottom line is this: There is essentially little or no personal privacy left in the U.S. or other developed countries, the aforementioned laws and regulations notwithstanding. As a young member of Congress, over 30 years ago, a senior executive from one of the sole providers of telephone service at that time said to me very candidly, “Congressman, you should know that anything you say on the telephone you should be willing to shout out on a microphone in a public parking lot.” Statements like these highlight the very real delineation between privacy laws and privacy reality. At some point the legality of the matter becomes moot and our expectations of privacy must be tempered by the realities of our digital existence. In fact, not recognizing these realities and acting accordingly as individuals, could increase our risk of cyber trouble. Look at it this way, if you have a driver’s license, a passport, a credit card, online accounts for the IRS, the DMV, your credit union (the list goes on and on) “cyberattackers” (and apparently the federal government) can find out more about you than you can remember about yourself!
So what does all this mean? For businesses the legislative and regulatory spigot may have just become a fire hose and is flowing at full capacity. Perhaps the only thing that will save us from this onslaught is the seeming inability our government to actually enact any laws. Of course, if the scandals keep flowing and the press keeps the pressure on, we may see something get done. As individuals it behooves us to understand and accept the reality of our vulnerabilities and be prepared to take at least some basic, routine steps to protect ourselves. This could be as simple as routinely changing passwords and checking credit reports. Will this keep big brother from peeping on you? No. But, as I have been trying to illuminate, other than completely unplugging and operating on a cash basis big brother will keep on watching. In fact, I will get a metric on how many people have read this article, so in some ways you are being tracked right now!!! (there is no real personal privacy.)
