Data privacy is a burgeoning issue that is becoming more and more of a burden on organizations as not only the amount of data under management increases, but the velocity of new data arriving increases.
In this networked world, in which we are thoroughly digitized, with our identities, locations, actions, purchases, associations, movements, and histories stored as so many bits and bytes, we have to ask – who is collecting all of this – what are they doing with it – with whom are they sharing it? Most of all, individuals are asking ‘How can I protect my information from being misused?’ These are reasonable questions to ask – we should all want to know the answers.
There are more than 30 federal statutes and over 100 state statutes governing information privacy in the U.S. The approach has been piecemeal in protecting privacy. The European Union, on the other hand, has adopted a Data Protection Directive requiring its member countries to adopt laws that implement its terms. The Directive creates rights for persons about whom information is collected, known as “data subjects.” Entities that collect information must give data subjects notice explaining who is collecting the data, who will ultimately have access to it, and why the data is being collected. Data subjects also have the right to access and correct data about them.
There is even a Data Privacy Day the purpose of which is to celebrate the dignity of the individual expressed through personal information.
The recent bankruptcy of Borders Books provides an example on the impact of privacy policies on corporate data. As part of Borders ceasing operations, Barnes & Noble, a competing bookseller, acquired some of its assets including Borders brand trademarks and their customer list. Their first course of action, however, was to alert the customers as to their rights. The e-mail I received stated:
“It’s important for you to understand however you have the absolute right to opt-out of having your customer data transferred to Barnes & Noble. If you would like to opt-out, we will ensure all your data we receive from Borders is disposed of in a secure and confidential manner.”
This is one example of how privacy policies can impact the job of database administration and corporate data experts. Of course, you may never work for a company that goes bankrupt, but your company may decide to retire applications and data due to legal regulations, business conditions, or mergers.