The Information Explosion

Even with the dangers posed by digital delinquents and eavesdropping employers, the biggest threat to your personal privacy is your own bad self. But who can blame you? We've all been trained to fork over our personal information since kindergarten, filling out form after form in school, doctor's offices, work, and for an ever-expanding number of governmental entities.

The problem is that in the USA, once you give up your personal information it no longer belongs to you. In a 1976 decision (Miller vs. U.S.), the U.S. Supreme Court ruled that Americans do not have a reasonable expectation of privacy for information they voluntarily provide to others. In other words, if you tell someone something they're free to tell anyone else, unless there's a specific law that forbids sharing this info or you make someone sign a legal document that says they won't disclose it.

(Of course, if you don't give up your data you can't get a job, or a credit card, or insurance, or medical care, and so on. So the notion that we "volunteer" this information is questionable. But I digress.)

In the past, keeping this data private wasn't an issue. When you filled out at a form at the doctor's office, that's where it stayed. Some of that information might go to your insurer or to your employer, where it would sit in an equally musty drawer until a clerk pulled your file. Even as records began to find their way onto computers in the '60s and '70s, the information was generally stored on mainframes sitting in the basement, accessible only to a few chosen geeks. Thus you were protected by what's known as "security through obscurity."

But the personal computer, and later the Internet, changed all that. Suddenly your files were accessible to anyone with a PC and a connection. With just a few clicks your data could be easily acquired and combined with other files. And outside of a few very limited legal restrictions, it could be sold and resold almost endlessly. The result: a boom in massive commercial databases and a multi-billion dollar data mining industry.

Every time you use your credit card, book an airline ticket, file a claim with your insurance company, mail back a product warranty, order something from a catalog, or buy toothpaste with your supermarket loyalty card, that information is entered into a commercial database (see Figure 1-4). Aside from credit bureaus, the companies that gather and sell this information are almost entirely unregulated.

annoyances 1-4. Web sites like Orbitz, Travelocity, and ExpediaExpedia

Adding to the data glut are public records laws, which require that certain information about you like the property you own, the lawsuits you've suffered, or your criminal record be available for public inspection. In the pre-Internet days, a snoop would have to totter down to the county seat and paw through paper records. Although these records were nominally public, getting at them and making copies was a royal pain, making this data essentially private. As state and local governments discovered the Internet, they began to put many of these records online, where virtually anyone could get to them at any time.

The exponential growth of commercial databases and easy access to public records combined to create an information explosion. And when information blows up, privacy is almost always a casualty. (For tips on how to avoid having your personal information sucked up by commercial databases, see Chapter 5.)