Privacy Policies and eGovernment
Maintaining the trust of its customers is a major concern for any ecommerce site. Customers willing to conduct business and transfer sensitive data electronically have a reasonable expectancy that the site has taken the proper precautions to assure the safety of the data. Securing the data, however, is only half of the responsibility of the site. The other half, ensuring the customer’s privacy, is perhaps even more important. Customers expect that their shopping patterns, interests, and other profile-specific data be treated with the utmost respect and that this data remains private. In response to this expectancy, many sites have successfully implemented privacy policies. These policies have become a common practice and have been integral parts of ecommerce activities for some time.
As time has passed, governments have realized the promise of taking government services online. While relatively young compared to ecommerce, egovernment has the potential to transform government services much like the way ecommerce has transformed commerce. In fact, egovernment shares many similarities with ecommerce, including speed, convenience, and cost savings. Egovernment also shares the same security and privacy issues and the protection of this privacy seemingly takes on an even greater importance for egovernment due to the sensitive nature of the data. Unfortunately, egovernment has not always followed the example provided by ecommerce when it comes to privacy policies.
It is the issue of privacy that Ellen Perlman (2003) suggests can either make or break an egovernment initiative. In her article, “Trust Busters,” she raises the notion that state and local governments must make it a priority to protect and ensure citizens’ privacy while still allowing for the convenience and efficiency enabled by placing information online. While she stops short of offering her own specific suggestions, she does cite several approaches chosen by various states and their varying results.
Perlman begins by contrasting the past with the present. In the past, governments stored sensitive data in file cabinets, placed in locked rooms behind security guards equipped with logbooks. Today, governments are increasingly moving toward electronic storage (Perlman, 2003). She notes that few people were concerned about their privacy when the physical security and “rigidity of file cabinets, locked doors, and 9-to-5 office hours” (Perlman, 2003, p. 32) were in place. Even if the data was considered to be publicly accessible, it was often tedious and time-consuming to obtain such information. With online storage, this is no longer the case and she feels that the inherent security risks could “stymie egovernment and the efficiencies it offers” (Perlman, 2003, p. 32).
To better understand the value of egovernment efficiencies, it is helpful to understand the goals of egovernment. The Federal government provides some insight into the purpose of egovernment. Its purpose is to encourage “interagency IT initiatives that, while improving customer service, also consolidate redundant systems, decrease paperwork, increase productivity, and save money” (Datz, 2003, p. ). To achieve this goal, “more data is collected and shared among agencies” (Datz, 2003, p. ). Sharon Dawes (2003), the Director of the Center for Technology in Government at the State University of New York in Albany, feels that such sharing and transfer of data is what raises the concerns about privacy. Referring to the data, she states that citizens expect that the “government won’t share it, won’t put it on public websites, will keep it in secure systems and that people will be trained in how to handle information of a confidential nature responsibly” (Perlman, 2003, p. 32).
If the government fails to uphold these expectancies, serious privacy issues can result. Perlman (2003) raises the concern of the public’s use of the data once it is available, stating, “It is no longer much of an effort for, say, nosy neighbors – or people with malice in their motive – to use browsers to try to check out personal details” (p. 32). Such fears were aroused in Nassau County, New York, when state officials posted names, addresses and assessments online for property comparison purposes (Perlman, 2003). Eventually the names were removed when concerns mounted, but other states, such as Maryland, maintain citizens’ names and addresses online with its “Real Property Data Search.” This search allows anyone with an Internet connection and a street name to locate homeowners, property value, and deed reference numbers for that particular street. This data can be viewed as a service to the public, but in the hands of malevolent individuals, this data could be the basis for a number of attacks.
Bob Freeman (2003), the Executive Director of the Committee on Open Government in New York, provides some insight into these attacks. He states that “the real issue of privacy is not the names and addresses. The reality is that with a good search engine, you can take my name and address and combine it with other information about me and come up with a profile” (Perlman, 2003, p. 39).
Perlman (2003) cites several other cases in her article regarding what some states have done in their attempts to handle these privacy issues. These include Washington State’s Gary Locke, who issued an executive order prohibiting the use of personal information on state Web sites, and New York and Alabama’s placing of court documents online. In each of the cases, there is a recurring theme about how much data should be placed online and whether data should be posted just because governments are capable of doing so. It is here that perhaps governments could borrow from their ecommerce lineage. Ecommerce sites have had to deal with customer privacy for years and have developed privacy policies that, in most cases, clearly state how information will be collected, used, and transferred among other sites.
Perhaps one of the most detailed strategies comes out of Microsoft. In an interview with the Harvard Business Review, Microsoft’s Director of Corporate Privacy, Richard Purcell, provides a five-point plan that attempts to provide a solution. He feels that it is “critical to have a single place where knowledge resides about the way customers’ information is handled and where policies are set for collecting and using on-line and off-line data” (Fusaro, 2000, p. 1). In an effort to do so, Microsoft designed an “ethical framework” for customer data. This framework consists of the five elements of notice, choice, access, security, and enforcement. Essentially, this means that ample notice should be provided that data is being collected and that customers should have the choice to determine how data is used, the length of time it is kept, and the circumstances under which it may be transferred to other companies. Data should also be protected, but remain available to the customer to make changes as necessary. In addition, Microsoft feels that some form of enforcement should be in place to hold itself accountable to ensure that it is adhering to its policies (Fusaro, 2000).
Borrowing and adopting privacy policies from the world of ecommerce might provide some direction for egovernment and perhaps alleviate some of the inconsistencies that currently exist. Charles Bacaraisse (2003) notes that state and local governments are clearly looking for direction. He states that the problem egovernment faces is that “there is no state statute, no Supreme Court guidance” (Perlman, 2003, p. 36) regarding public access to data and the protection of privacy online. Compounding the issue is the fact that all citizens are currently subject to egovernment’s placing of their information online, whereas consumers voluntarily submit their information to ecommerce sites. In states such as New York and Maryland, citizens are not given the option to opt-out of having their tax assessment data placed online with their names and addresses.
Ecommerce sites and egovernment initiatives share many similarities. From convenience to cost savings, the technology behind both ecommerce and egovernment provides many features of which the public can take advantage. Unfortunately, some take advantage of egovernment information in ways that were not meant to be taken. Some of this behavior could be prevented if privacy policies are developed for the posting of citizens’ data online. Privacy policies are somewhat lacking, if not non-existent in egovernment. It is this difference that separates ecommerce for egovernment as it stands today. If egovernment is to see the acceptance that its older sibling ecommerce has seen, privacy must be given the proper attention it deserves.
References
Datz, Todd. (2003, May 1). A More Perfect Union. CIO Magazine. Retrieved September 30, 2003, from http://www.cio.com/archive/030103/union.html.
Fusaro, Roberta. (2000). Chief Privacy Officer. Harvard Business Review, 1-3.
Perlman, Ellen. (2003, September). Trust Busters. Governing, 16, 32-39.
As time has passed, governments have realized the promise of taking government services online. While relatively young compared to ecommerce, egovernment has the potential to transform government services much like the way ecommerce has transformed commerce. In fact, egovernment shares many similarities with ecommerce, including speed, convenience, and cost savings. Egovernment also shares the same security and privacy issues and the protection of this privacy seemingly takes on an even greater importance for egovernment due to the sensitive nature of the data. Unfortunately, egovernment has not always followed the example provided by ecommerce when it comes to privacy policies.
It is the issue of privacy that Ellen Perlman (2003) suggests can either make or break an egovernment initiative. In her article, “Trust Busters,” she raises the notion that state and local governments must make it a priority to protect and ensure citizens’ privacy while still allowing for the convenience and efficiency enabled by placing information online. While she stops short of offering her own specific suggestions, she does cite several approaches chosen by various states and their varying results.
Perlman begins by contrasting the past with the present. In the past, governments stored sensitive data in file cabinets, placed in locked rooms behind security guards equipped with logbooks. Today, governments are increasingly moving toward electronic storage (Perlman, 2003). She notes that few people were concerned about their privacy when the physical security and “rigidity of file cabinets, locked doors, and 9-to-5 office hours” (Perlman, 2003, p. 32) were in place. Even if the data was considered to be publicly accessible, it was often tedious and time-consuming to obtain such information. With online storage, this is no longer the case and she feels that the inherent security risks could “stymie egovernment and the efficiencies it offers” (Perlman, 2003, p. 32).
To better understand the value of egovernment efficiencies, it is helpful to understand the goals of egovernment. The Federal government provides some insight into the purpose of egovernment. Its purpose is to encourage “interagency IT initiatives that, while improving customer service, also consolidate redundant systems, decrease paperwork, increase productivity, and save money” (Datz, 2003, p. ). To achieve this goal, “more data is collected and shared among agencies” (Datz, 2003, p. ). Sharon Dawes (2003), the Director of the Center for Technology in Government at the State University of New York in Albany, feels that such sharing and transfer of data is what raises the concerns about privacy. Referring to the data, she states that citizens expect that the “government won’t share it, won’t put it on public websites, will keep it in secure systems and that people will be trained in how to handle information of a confidential nature responsibly” (Perlman, 2003, p. 32).
If the government fails to uphold these expectancies, serious privacy issues can result. Perlman (2003) raises the concern of the public’s use of the data once it is available, stating, “It is no longer much of an effort for, say, nosy neighbors – or people with malice in their motive – to use browsers to try to check out personal details” (p. 32). Such fears were aroused in Nassau County, New York, when state officials posted names, addresses and assessments online for property comparison purposes (Perlman, 2003). Eventually the names were removed when concerns mounted, but other states, such as Maryland, maintain citizens’ names and addresses online with its “Real Property Data Search.” This search allows anyone with an Internet connection and a street name to locate homeowners, property value, and deed reference numbers for that particular street. This data can be viewed as a service to the public, but in the hands of malevolent individuals, this data could be the basis for a number of attacks.
Bob Freeman (2003), the Executive Director of the Committee on Open Government in New York, provides some insight into these attacks. He states that “the real issue of privacy is not the names and addresses. The reality is that with a good search engine, you can take my name and address and combine it with other information about me and come up with a profile” (Perlman, 2003, p. 39).
Perlman (2003) cites several other cases in her article regarding what some states have done in their attempts to handle these privacy issues. These include Washington State’s Gary Locke, who issued an executive order prohibiting the use of personal information on state Web sites, and New York and Alabama’s placing of court documents online. In each of the cases, there is a recurring theme about how much data should be placed online and whether data should be posted just because governments are capable of doing so. It is here that perhaps governments could borrow from their ecommerce lineage. Ecommerce sites have had to deal with customer privacy for years and have developed privacy policies that, in most cases, clearly state how information will be collected, used, and transferred among other sites.
Perhaps one of the most detailed strategies comes out of Microsoft. In an interview with the Harvard Business Review, Microsoft’s Director of Corporate Privacy, Richard Purcell, provides a five-point plan that attempts to provide a solution. He feels that it is “critical to have a single place where knowledge resides about the way customers’ information is handled and where policies are set for collecting and using on-line and off-line data” (Fusaro, 2000, p. 1). In an effort to do so, Microsoft designed an “ethical framework” for customer data. This framework consists of the five elements of notice, choice, access, security, and enforcement. Essentially, this means that ample notice should be provided that data is being collected and that customers should have the choice to determine how data is used, the length of time it is kept, and the circumstances under which it may be transferred to other companies. Data should also be protected, but remain available to the customer to make changes as necessary. In addition, Microsoft feels that some form of enforcement should be in place to hold itself accountable to ensure that it is adhering to its policies (Fusaro, 2000).
Borrowing and adopting privacy policies from the world of ecommerce might provide some direction for egovernment and perhaps alleviate some of the inconsistencies that currently exist. Charles Bacaraisse (2003) notes that state and local governments are clearly looking for direction. He states that the problem egovernment faces is that “there is no state statute, no Supreme Court guidance” (Perlman, 2003, p. 36) regarding public access to data and the protection of privacy online. Compounding the issue is the fact that all citizens are currently subject to egovernment’s placing of their information online, whereas consumers voluntarily submit their information to ecommerce sites. In states such as New York and Maryland, citizens are not given the option to opt-out of having their tax assessment data placed online with their names and addresses.
Ecommerce sites and egovernment initiatives share many similarities. From convenience to cost savings, the technology behind both ecommerce and egovernment provides many features of which the public can take advantage. Unfortunately, some take advantage of egovernment information in ways that were not meant to be taken. Some of this behavior could be prevented if privacy policies are developed for the posting of citizens’ data online. Privacy policies are somewhat lacking, if not non-existent in egovernment. It is this difference that separates ecommerce for egovernment as it stands today. If egovernment is to see the acceptance that its older sibling ecommerce has seen, privacy must be given the proper attention it deserves.
References
Datz, Todd. (2003, May 1). A More Perfect Union. CIO Magazine. Retrieved September 30, 2003, from http://www.cio.com/archive/030103/union.html.
Fusaro, Roberta. (2000). Chief Privacy Officer. Harvard Business Review, 1-3.
Perlman, Ellen. (2003, September). Trust Busters. Governing, 16, 32-39.
Labels: Academic Papers
posted by The Voice at 10:41 PM
0 Comments:
Post a Comment
<< Home