The Best of Creative Computing Volume 1 (published 1976)
Computer Abuse: The Need for a Rational Perspective
However, an economic link between an individual's personal data and its use for
purposes other than that for which it was originally solicited has not been
established. As a result, credit card firms or universities may sell to third
parties data which they have required of their card holders or their students,
although the original "owners" of the data receive no compensation. Further,
governmental authorities require many institutions to provide them with
aggregate data, at no cost, for the purpose of public policy and law making. If
the economic nature of data were established, data would be paid for as with any
other resource, and individual persons or corporations would receive some
remuneration for the use of their individual data. Further, if the principles of
information economics were widely practiced, institutions would cease to view
data as a "free commodity", and much unnecessary, inefficient or duplicative
reporting would be dropped. Direct, economic incentives for increased efficiency
in data handling would be far more effective in curtailing burdensome public
reporting requirements than a dozen Hoover Commissions.
Let us examine how such an arrangement might work. A principle candidate for the
economic treatment of data would be the nation's banking and financial
institutions. These organizations, which possess vast amounts of personal data,
will soon acquire even more, with the completion of the Electronic Funds
Transfer System(EFTS), and the accelerating evolution of the so-called "cashIess
society", through the expanded use of point-of-sale terminals and direct
electronic transactions, such as consolidated payrolling. The more than 40,000
financial institutions who will participate in the EFTS will comprise a massive
distributed data base, from which enormously valuable economic information might
be generated on a para-real time basis.
If the present non-economic view of data continues, these financial institutions
would conceivably generate some limited saleable information from their vast
data-net whenever it was an attractive spinoff from normal operations. Presently
contemplated legislation would, however, put up serious barriers to the use of
personal data for purposes other than that for which it was originally
collected. (Such legislations would generally promote the necessity of
duplicative data gathering throughout the nation, in order to protect personal
privacy.) If, however, a formal information economy were to be promoted, the
EFTS might be used to generate great quantities of vital data for sale to the
public and private sector, with a portion of the profits to be returned to the
customer/owners of the initial inputs, perhaps in the form of additional
interest on their savings accounts. The published data from such a system would
be no more intrusive upon personal privacy than Census data, and would be
collected as a by-product of customer transactions.
Ultimately, such an arrangement could evolve into a wholly new institution, a
data banking system (DBS). The regulation of a DBS would take form similar to
that already applied to the nation's money banks. Data Banks would be
fiduciaries for the information they hold, just as regular banks are fiduciaries
for the money they hold. There would be penalties for the violation of the
fiduciary trust, such as misuse or misappropriation of personal information.
And, of course, just as individuals are subject to penalties for passing bad
checks or counterfeit money, so too would individuals be subject to penalties
for giving false information about themselves to the bank. The recognition of
information's economic value would promote institutional interest and resource
commitments in the protection of data, similar to those control and
accountability measures which organizations take to protect inventories of other
costly resources.
Of course, many people would argue that such a proposal does not come to grips
with the critical social and technological problems inherent in controlling
computers and protecting personal privacy. I do not agree. Any approach to
regulating info-com technology will be less than perfect; just as any approach
to regulating the banking industry will permit some misappropriation of funds,
and once in a great while, a bank failure. Those who anticipate the development
of a fool-proof data protection technology based upon voice or fingerprint
analysis or some other such esoterica simply do not understand the problem. So
long as there is potential gain to be derived from the misuse of personal data,
it will be misused. As with other human transgressions, laws must be enacted and
enforced against "data trespass", and other information related crimes. Laws
should not be passed constraining the use of info-com technology, any more than
laws should have been passed against automobiles in the early l900's (e.g., Laws
which required a driver to proceed his automobile by several hundred yards, on
foot, to warn citizens of his vehicle's approach. Or laws barring the use of
autos between sundown and sunup, or on the Sabbath.)
Above all, we must not convince ourselves that a fool-proof data security
process is essential before we can permit the development of the major
information-nets and data bases essential to our present critical research and
decision-making needs. In the first place, such security measures will clearly
not be quickly forthcoming, if at all. But, more importantly, if we will only
place our trust in technological perfection, it means we will have abandoned
altogether our faith in the rule of law, in our institutions, and in our fellow
men. This would bring about the true dehumanization of automation - a society in
which trust is reserved for perfect, inviolable systems. There will be risks
involved with the creation of the information society, just as there have been
risks in all of mankind's great adventures. The risk-avoiding alternatives
available to us are the sterile pursuit of problematical technical perfection,
or the stagnation and decay of inaction. I, for one, would prefer to accept the
computer, 'warts and all'. The game, as they say, will be worth the candle.
[Note: Whatever mechanism is evolved to manage and control info-com technology,
it seems apparent that, within 10-15 years, we will see an information industry
regulated like a public utility, with profit margins and capital investment
priorities, controlled by public commissions.]
[image]
93
