After hours Toolkit

The Digital Person review

7.5

Editors' Rating

Wendy M Grossman ZDNet.co.uk

Published: 08 Jun 2005

If a marketer accesses a database in an empty forest, is your privacy invaded? The landscape of database matching, of marketing and of privacy invasion is different in the US, where Daniel Solove's The Digital Person: Technology and Privacy in the Information Age is set, than it is in the UK. Two current issues make it worth looking at: the ID cards bill, which seeks to create a national register, and the growing problem of identity theft. Yes, we have a Data Protection Act and an Information Commissioner. But the same multinational companies that trade marketing data in the US are in business here. Your Amazon.co.uk contains all the same purchasing and browsing history as Amazon.com. And increasingly the voice on the other end of the unwanted phone call trying to sell you time-share holidays is an American computer.

The closest book on the market to The Digital Person is probably Simson Garfinkel's Database Nation (O'Reilly, 2000). In it, Garfinkel, a well-known technology writer, lays out the future we can expect given the way technology is developing. Solove, a law professor at George Washington University, logically enough focuses more on the legal landscape and the present. What he finds proves Garfinkel's earlier projections to be generally accurate.

Solove believes that our first problem is to redefine our understanding of how to think about privacy. The dominant metaphor is that of George Orwell's Big Brother, either alone and monolithic or expanded to multiple Little Brothers that includes major corporations and financial services as well as government.

A second common metaphor is that of Kafka's The Trial: the confused citizen who is arrested without notice and charged with crimes whose details are never given, based on information he never sees.

As long as we think of privacy protection in terms of invasion, we will be unable to deal effectively with crimes like the growing one -- both here and in the US -- of identity theft. Solove cites statistics: fewer than one in 700 incidents of identity theft result in a conviction. One reason it's such a problem is that we do not own our own data: we are at the mercy of credit card companies and others to spot the ringer and inform us. If we do find out on our own, we face an uphill battle to prove it even happened.

Another part of the problem is that by concentrating on whether or not information is secret, we've only tackled one part of the problem. In today's digital world, information that formerly would have existed in small, separate pools is now linked and merged without our knowledge or consent. Information can be private even though it's not secret -- as any teenager buying a condom in a crowded shop for the first time could tell you.

All of these parts of the book are generally relevant. British readers will find less to identify with in Solove's discussion of the American Fourth Amendment, however, and he spends little time considering the data protection regime that prevails throughout Europe. Overall, the book charts the long distance we've come since the first census in 1790, which had only four questions on it. We need, Solove concludes, to reconstruct society and our information networks to build privacy into our lives.

For those who follow today's privacy debates closely, there won't be much new in Solove's book. For those who don't, it serves as a good backgrounder, albeit a somewhat US-oriented one.