(Adapted from a post made in December 2005)
Given how much we have become a data-driven society, and given how little consideration it sometimes seems that the government and corporations give personal privacy rights, I strongly believe that we need Constitutional recognition of our right to privacy.
So, if I could wave my magic pen, I would like to see the following Amendment (based upon a similar provision in the proposed EU Constitution) added to the U.S. Constitution:
1. The right of an individual’s privacy in his or her private and family life, home, and communications is essential to the well-being of a free society, and shall not be denied or impaired by the United States or by any State except to the minimum extent required for the protection of public safety.
2. The right of a United States citizen to the protection of personal data concerning him or her shall not be not be denied by the United States or by any State.
3. Data collected on a citizen of the United States shall be processed fairly for specified purpose and on the basis of the consent of the person concerned or some other legitimate basis laid down by law.
4. The right of a United States citizen to access in a timely manner data which has been collected concerning him or her shall not be denied or impaired by the United States or by any State except to the minimum extent required for the protection of public safety.
5. The right of a United States citizen to have corrected in a timely manner errors in data which have been collected concerning him or her shall not be denied or impaired by the United States or by any State.
2 responses so far ↓
1 Dennis // 18 Oct 2007 at 4:21 pm
Mike, I agree with you on data privacy. But, I would also add some provisions requiring companies to substantially up the data security technologies applied to personal data. this would include such things as:
1) All personal data to be stored in a “highly encrypted” form, which can only be unencrypted by specific software, and with highest standard password required for access. (I’m sure a data security geek can write this more appropriately.)
2) All personal data can only be stored on hard drives in a corporate data center, except for small organizations (see 2b)
2b) Small organizations which use a PC or small PC-based server as their “data center”, must store the data on only one computer, and must institute the “highest possible” physical security measures on said computer.
3) No “off-site” copies of data allowed, except for appropriate backups, which would also be stored in highly encrypted form.
4) No copies whatsoever allowed on CD’s, DVD’s, memory-sticks, portable hard-drives, DAT tapes, or any new technology, etc, except backup copies created as part of the “standard daily/weekly backup process”.
5) No copies ever allowed to local hard-drives on laptop or desktop computers.
6) Any computer screens/monitors which might display personal information must be in locations where viewing of the screen is limited to the individual signed on and not to any “onlookers”. (I have had times when i could read private info of someone else when a nurse’s or receptionist’s screen still had the previous patient’s info on the screen.) Screens should go blank or to screensaver after only 2-3 minutes of inactivity.
7) Any software which displays personal information must display only the minimal information required to complete the required task (for example display age for the nurse, but not birthdate or address; display address and phone number only for a billing department agent and the appointments clerk).
OK OK, I do tend to go overboard sometimes.. but the point is that the data should be highly encrypted, not copied, and software and screens should limited info for limited visibility.
Dennis
PS I am also in Memphis
2 A Centrist’s Platform 2008 — Privacy // 7 Jan 2008 at 12:11 pm
[...] Privacy RightsPrivacy RightsA Centrist’s Political PlatformA Centrist’s Platform 2008 — VisionDonklephant Says Third-Party Movement Gains Momentum ← Accessing the MIB [...]
Leave a Comment