Timothy Grayson at recrusiveProgress has been mulling over the recent decision of the federal Privacy Commissioner about secondary marketing (see The Canadian Privacy Law Blog: PIPEDA and non-personalized secondary marketing). He's also been thinking about what Professor Michael Geist has had to say about it (see: Michael Geist - Building a Privacy Culture from the Ground Up). All of this has left him a little confused about what this has to do with "privacy" as the term is understood by most people:

recursiveProgress: I guess I just don't understand Privacy.

"...What makes less sense is what comes of that foundational premise. First, the Commissioner and Geist take the position that these "secondary marketing" materials are an unauthorized use of customers' personal information. Interesting. With reference to the online practice of ensuring opt-out from mailings of "other interesting and valuable information from associated companies," I see the consistency. I, a customer, did not specifically allow you, the business, to send me any information beyond that which relates directly to the service you are providing. OK. But what does that have to do with privacy?

The bank under scrutiny notes that it bulk mails such enclosures to all its customers with their regular statements. The mailings are apparently not individuated and personalized by customer. Moreover, the envelope is a means to convey an essential element in the provision of the service: the statement. That it also affords a fabulous, paid channel to the individual for added messaging is a bonus not especially different than having sponsor's signs painted on hockey rink boards, commercials on television, ads in magazines, or . . . Yes, no doubt, the paper that is received inside the envelope, inside my house, is much more insidiously annoying and difficult to block out like those other ads. Yes, they are inside my house and therefore have breached my territory (without my desire or approval). All true. So what? ..."

In a further posting (recursiveProgress: I still don't understand privacy, but maybe it's a language barrier), he muses that perhaps there is a problem with the language and terminology of this particular discussion.

"...The point of this entire pedantic diatribe is that I think the language -- the vocabulary --we're using to create and discuss digital identity is a holdover from a different time and place. While it is valid and necessary to some degree during this transitional period because it creates a shorthand for getting to ideas and provides essential continuity with the past, the baggage that this vocabulary brings with it is weighing down and impeding effective discussion about what is and where it's going. In this case, we're applying 17th or 18th-century definitions of private and privacy in a 21st-century world.

Some people like the old vocabularies: they're comfortable and easy. New vocabularies are hard work and cause tremors of their own accord. Some would suggest it is more important to focus on the practical issue at hand than with the pissy notion of the vocabulary by which we discuss these issues. Others -- like the Cluetrainers and Kim Cameron, even Dick Hardt -- are busy dealing with changing the language. Is "identity meta-system" an appropriate word or description? Maybe, maybe not. Doesn't really matter. What matters is that the word is (sort of) new and the opportunities for it are endless.

Thanks to Rob Hyndman for pointing me to Grayson's postings.

Labels: information breaches, privacy