Speakers at BCS event unravel data privacy issues

"We need to question the assumption that the imperative to share personal data can only be thought of in terms of catering to the needs of society rather than safeguarding the privacy or confidentiality of the individual," said a delegate at the BCS Ethics Forum Thought Leadership debate.

"We need to question the assumption that the imperative to share personal data can only be thought of in terms of catering to the needs of society rather than safeguarding the privacy or confidentiality of the individual," said a delegate at the BCS Ethics Forum Thought Leadership debate.

Polarising public opinion is to miss the importance to society itself of securing the personal liberties of the individuals who comprise it, speakers said. Therefore, it is important to develop a theory of privacy that acknowledges privacy's importance to society as a whole as well as to the individual.

A greater understanding of the concepts of privacy, confidentiality and anonymity is required. Privacy is an complex concept, with different meanings, which can change according to contexts. Information sharing has a lot to do with context of use and relationships, and crosses private and public boundaries, which are difficult to pin down.

There has always been a need for information sharing within and across enterprises. The aim of the information system, then, should be to provide the right information, to the right person, at the right time. For this to happen, developers should focus on the whole system rather than just the technology.

An infallible system does not exist, and probably never will, delegates said. There are always going to be risks, which are continually changing and evolving. As a result of this, it is not possible to build in permanent safeguards. Planned and ongoing risk assessments are essential if there is to be any kind of data security.

The medium used for storing data is not necessarily what matters, but rather how it is handled. The information might be on paper or digital form, but, almost without exception, the errors occur because of the human factor. Hence, data security has to focus on natural human frailty. Data protection legislation does not go far enough to address this issue - for example, there is no requirement for a privacy log.

People are ultimately responsible for the actions they take, but IT makes it easier to avoid responsibility. Technology should support people policies and in a democracy it is us that should determine social policy.

Ultimately, the value in data sharing has to reach a point where the benefits outweigh the costs. Data sharing needs to be intelligent - it is not just black and white.

Speakers at the event included Charles Raab, from the University of Edinburgh Keith Gordon, author of Principles of Data Management: Facilitating Information Sharing and Chris Hanvey, UK director of operations at Barnardo's.

This was last published in March 2008

Read more on IT legislation and regulation

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close