Private information needs better safeguarding

In an attempt to streamline their operating costs, improve their efficiency and better target their constituencies, business and government institutions have embraced the electronic centralization of personal information. However, increased incidences of identity theft and unauthorized releases of personal information demostrate that many more privacy protection safeguards need to be erected even as our private information becomes more readily available to businesses and institutions.

Certainly, an institution’s ability to electronically centralize information can be a boon to the institution’s constituents. For example, the University’s U Card and its related database enables students to seamlessly access checking, calling and library accounts with one piece of plastic. However, the unauthorized release of personal data from intstitutional databases, causing consumers to feel violated and sometimes even lose money, is on the rise; the protection against releases of private personal information is obviously lacking.

According to the U.S. Federal Trade Commission, identity theft complaints rose more than 72 percent from 2001 to 2002. Further, Privacy Journal – a publication that covers privacy issues –

correctly notes that current federal law does not adequately secure the privacy of our medical and library records, and only provides partial protection of private financial records.

The common belief is that malicious computer hackers and telemarketers are responsible for the dramatic increase in identity theft and the unauthorized release of private information. However, personal information administrators have abused databases for personal gain. Further, as the Daily article in today’s edition regarding the careless disposal of personal information by University workers proves, the unauthorized release of personal information can be facilitated by careless personal data handlers.

More aggressive measures must be taken by U.S. institutions to prevent identity theft and the unauthorized release of private information. Documents can be shredded and routine evaluations of data handling procedures can help institutions better learn how to safeguard personal information. Additionally, information which is irrelevant to purpose should not be collected. Further, federal laws safeguarding personal privacy, such as the Gramm-Leach-Bliley Act of 1999, must be aggressively pursued by U.S. law enforcement agencies. And new laws to protect personal information such as medical and library records must be considered, including the repealing of the most egregious anti-privacy provisions of the USA Patriot Act.