“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affir mation, and particularly describing the place to be searched, and the persons or things to be seized”. By this IV amendment of the US-Bill of rights as ratified in 1971, the US congress guarantees the protection of what is private.
Today, with the explosion of newer computing trends and digital communications, the difference between public and private has become more ambiguous than it was two and a quarter centuries ago when the text was ratified. Most commercial websites nowadays utilize "cookies," or forms to collect personal information such as name, street address, email address, IP address etc... from their visitors. The data collected, organized and stored into databases are primarily intended to enhance the customers' navigation experience. But more often than most users care to know, they are packaged and resold to other organizations for “spamming” and other targeted advertisements. With the increasing number of security breaches and the potential risk of damages that such information could cause to single individuals grows the concern of whether our privacy rights are still protected.
Many companies need access to personal information in order to securely provide services. When a consumer shops online and elects to checkout using electronic payments, the business will need information such as name, address and payment credentials to secure the transaction. The details provided by the consumer are checked against a financial protocol to guaranty accuracy and to clear the transaction from potential frauds. These collections of personal information for identity validations are performed at various retails points of sales (POS) and also by medical, pharmaceutical or other financial service providers. For these institutions, being able to collect such data is not only necessary but highly crucial to guaranty that the service or good requested is being provided to the right person. In recent days, with the explosion of social networking, more and more data are being collected with or without the knowledge or suspicions of the users.
In fact, in addition to requiring personal and identifiable information such as email address, name and sometimes locations information at sign up, most social networks also collect metadata information such as IP addresses, device Mac address, session duration, and tracking cookies information from their users. For example, the items that you look up on eBay or Amazon usually shows up on your Facebook ads or google ads as recommendations. The electronic metadata footprints that we leave behind are now collected and classified on Master Data Management (MDM). Our whereabouts on the internet are no longer private (if they have ever been). They are collected, stored in databases and sold to third party companies either with our unconscious blessing (with terms hidden on lengthy privacy policies that no one ever reads) or without our consent or knowledge. For the most part, these information are used for market researches and advertisement. But the fact that the data harvested contains identifiable information is in itself a major consumer concern.
MDM is the leading data consolidation strategy that allows a company to gather and relate private and public information from an individual. Indeed the power of MDM coupled with Big Data basically allows businesses to tie social network and other internet data generated by their clients or potential clients to create a master profiles. A successful Big Data implementation would allow the business to get a broader knowledge and understanding of its clients. through big data, the business would get the information needed to build solutions that meet the needs of their consumers even before these needs are expressed. In essence consumer big data gathering and mining could increases customer satisfaction and help the business that implements the right solution to bring its inventory under control.
While this solution improves business profitability and in turn benefits the society in general by creating more jobs and opportunities, it also has the potential to backfire in exposing individuals’ privacy. Indeed, the need to have control over the information that we want to share as guaranteed by the IV amendment of the Bill of rights stands as one of our core human rights. This unfortunately is no longer as obvious and guaranteed in this world of technology as it used to be. Many companies today using Big Data are gathering individual information from different platform based on common keys that they are making available online. Just with a click of a button, one can purchase location, vitals and social security numbers and in some cases HIPPA or non-HIPPA protected medical information of specific individuals.
The storage and utilization of our electronic footprints have become unavoidable to the point where to gain back our privacy we will have to cast out the internet and all of its related branches from our lives. But, view that we cannot operate without sharing information, the protection and security of the information that we share should be the top priority of the organizations collecting them. Healthcare and financial service organizations more than the others should ensure that the right people have access to the data that they need as they need them. Thankfully we have regulations like HIPPA (Health Insurance Portability and Accountability Act) that protect the storage and secure the exchange of patient health information between medical care providers. FINRA (Financial Industry Regulatory Authority) through “Regulation S-P” ensures and regulates the privacy of Consumer Financial Information. These regulations though they are not yet perfect, shield the consumers from potential health of financial privacy invasions.
Yet, looking at the recent security breach on the anthem blue cross and blue shield database system that resulted in the theft of over 80 million customer records, we cannot help but to realize that the best security system is only as good as its weakest link --the human factor.