Author(s)
Source
The Privacy Projects, 2009
Summary
This article examines how leading companies manage their global use and distribution of personal information.
Policy Relevance
As information technology continues to develop, it may be important for regulators to oversee companies in ways that promotes internal security and control of private data. Stricter regulatory regimes, such as those employed by some European countries, may fail to ultimately serve the consumer by hindering future use of innovative technology.
Main Points
- The continual revolutions in technology, particularly the expansion of the Internet, have created new challenges, risks, and opportunities for companies. This is especially true in the realm of consumer privacy protection, especially with issues regarding collecting, distributing, and protecting users’ private information.
- In order to determine how the Internet has changed the way companies deal with privacy data, the methods used by six leading North American companies were researched. Three dramatic changes were observed in comparison to previous ways of dealing with privacy data.
- First, the amount of data collected, stored, and transferred between companies has dramatically increased. Pre-Internet, international exchange of consumers’ private data was a rare event, regulated on a case-by-case basis; but now international informational transfers are nearly constant.
- Secondly, many current data transfers occur over decentralized servers, also called the “cloud.” Previously, most data was stored in-house and data transfers were planned in advance.
- Finally, the degree of internal oversight at the companies studied revealed that there has been a significant increase in security. This increased security functions to protect users’ information from invasion and safeguards companies who control that information.
- This study allows for international comparison between different regulatory regimens on privacy protection. Such comparison suggests that the regime currently in place in certain European countries, where servers containing users’ private data must be registered with the government, may prevent future innovation and data exchanges that are increasingly happening over decentralized servers.