JISC legal information Service
Privacy is a fundamental human right. It underpins human dignity and other values such as freedom of association and freedom of speech. It has become one of the most important human rights issues of the modern age. Privacy is recognized around the world in diverse regions and cultures. It is protected in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and in many other international and regional human rights treaties. Nearly every country in the world includes a right of privacy in its constitution.
At a minimum, these provisions include rights of inviolability of the home and secrecy of communications. Most recently written constitutions include specific rights to access and control one’s personal information. In many of the countries where privacy is not explicitly recognized in the constitution, the courts have found that right in other provisions. In many countries, international agreements that recognize privacy rights such as the International Covenant on Civil and Political Rights or the European Convention on Human Rights have been adopted into law.
The act of Choicepoint may be justified in the light of Utilitarianism, which roughly speaking advocates the greatest good for the greatest number. The consequences of the action which basically provides greater benefits to the public can be the measure of whether or not a act should be take as an imperative. The benefits provided by choicepoint and all other personal data industries can be well taken as they are indeed helpful especially in the recent times where terrorism and threats are common and blatant.
Individual benefits and commercial advantages should be highly considered from such information and has indeed placed one who used the same to a more advantaged position. Hence, personal data industry, notwithstanding lack of consent on the part of Choicepoint in obtaining eve the most vital information of the people are proven to be beneficial and useful to almost all sectors, the public, private individual and commercial or business sectors, among others. Under the Kantian Paradigm, the act of choicepoint undermines the basic human dignity of the persons whose vital and purely personal information were obtained involuntarily.
Kant declares as a categorical imperative to treat a person with utmost dignity and respect. Men and women should be treated as an end and not as a means. Human beings cannot simply be treated as a mere lifeless data which one can just collect without taking the other’s consent. Human beings have the basic rationality which gives them the capacity to think of their actions and choices which cannot be simply subjected to another’s will and power. The act of Choicepoint is deemed to be a condemnable act which denigrates the individuals whose personal information have been gathered involuntarily.
The latter view is the one being supported by law notwithstanding the benefits of the Personal Data Industry to be a reasonable effect and ramification of the industry. Necessary guidelines should be implemented in accordance with the existing laws governing Personal Data Industry, in relation to the constitutional and international law mandate of protection and respect to liberty. Choicepoint must necessarily adjust and change itself and adapt and comply to the existing rules and regulation so as to serve the policy of upholding human dignity by the basic and full observance of respect and privacy to one’s fellowmen.
Personal data must be fairly and lawfully processed. For personal data to be fairly obtained the data subject must be informed of the collection of such data at the time at which the data was obtained and of the purposes to which it will be put. For this purpose, the controller of the date must be disclosed to individuals who consented to the taking of personal information. Information must be taken directly and clearly from the respondent, and not just through machination and schemes which would bring the respondent individual into utmost prejudice.
The intention of the taking of such information must be given to the individual upon the taking of the information. Such knowledge of the intention is necessary in order for the individual to formulate his choice whether to consent or not. Such intention may not be too general as would cover all those which may be necessarily implied to the information given the respondent however extremely prejudicial ad dangerous to the respondent-individual. Consent however may be classified only upon disclosure of the party or representative who wish to take certain information from that individual.
Consent to the processing of non-sensitive personal data may be implied. The Act requires that for such consent to be held to exist the data subject be properly informed and must not be obtained by misleading or elusive statements. This consent must be present at the time the personal data is being collected. For consent to be correctly obtained the data subject must be informed of any non-obvious uses to which the data will be put, including any disclosures that may be made by the data controller to third parties. The individual may withdraw his or her consent at any stage.
Where the data controller seeks to make a fresh use of the data for purposes not previously specified, the fresh consent must be gained from the data subject. It is important to note that when sensitive personal data, explained below, is being processed, the explicit consent of the data subject must be obtained. Explicit consent means that the data subject must be made aware of the details of the proposed processing; the type of data to be processed, the purpose of same and special aspects to the processing such as disclosures that may be made of the sensitive data that may ultimately affect the individual concerned.
The processing of data shall only be taken when it done only for a lawful purpose. The object of data-gathering must not be illicit as to compromise and prejudice e the person giving consent thereto. It can be said as lawful when it is necessary for the administration of justice or for the fulfillment of a statutory obligation or for the fulfillment of a function that is of a public nature and in the public interest. The processing is necessary for the purposes of the legitimate interests of the Data Controller or the third parties to whom the data is disclosed. Sensitive data should be gather with utmost caution and care.
Sensitive data is defined as personal data which consists of information relating to the racial or ethnic origin, the political opinions, the religious beliefs or other such beliefs, the membership status to a certain association or organization, the physical or mental condition, the sexual life, the commission or alleged commission by the data subject of a criminal offence, and the details concerning any proceedings for an offence committed by or allegedly committed by the data subject, extending to the details concerning sentencing or the disposal of such a case by a court of law.
Personal data must only be obtained for one or more specified purposes and may only be processed in accordance with those stated purposes. If one wishes to use the data for an unspecified purpose the express consent of the data subject must be attained. Moreover, personal date must be adequate, relevant and not excessive, which requires that the amount and nature of personal information held by the data controller is actually necessary in relation to the carrying out of the stated purpose of the data processing. The information gathered and held must not be excessive and must be relevant to the Stated purpose.
The processing of personal data must not exceed what may be objectively necessary. Furthermore, the personal data must be accurate which means that records held must keep current. All obsolete and erroneous information must be removed and or updated. And lastly, personal data should not be kept for long but shall only be kept and used for a stipulated period of time. At the end of a term, such date shall be deemed as not allowed by the data subject or the respondent to be used any longer and should be destroyed, and effaced. Conclusion The act of Choicepoint is an invasion of right to privacy plain, and simple.
Right to privacy is a demandable right under the constitution and existing laws, which would entitle those person against whom they are committed to such amount of damages just and proper under the circumstance of each case. Non-compliance and blatant violation of the law is simply a big loss to the business interests and capital reserves of the Choice Point Personal Data Industry. There should be a proper adjustment of policies which would effect a paradigm shift to the old ways Choicepoint was doing its business. It must take the law in primordial consideration.
Moreover, the basic norms of moral conduct should be observed well upon which these laws are based. To continue with the old policies Choicepoint was doing its business can only lead to a total collapse of the industry aside form the fact of ridicule and condemnation of the public at large of the serious breach it has committed to their privacy. Not every action can be effected just because it can provide us with strategic economic and financial advantage. While profits and gains are the main objective of business and industry, the same should be carried out complying with the norms acceptable to all.
A proper business strategy which could serve both the demands of business and human dignity is surely a more desirable one. It only entails to no prejudice and compromises but everyone is served of its interests and basic human rights.
Hayes, Martin. “The Data Protection Principles”, JISC legal information Service.. Last retrieved: December 18, 2006 from: http://www. jisclegal. ac. uk/dataprotection/DPPrinciples. htm Perry, David. “Privacy and Electronic Data Transfer” last retrieved: December 16, 2006 from: http://home. earthlink. net/~davidlperry/edata. htm.