It is clear that IT has radically affected our ability to control access to information about ourselves and thus presents serious privacy problems. Before the computer, when transactions and records were on paper, there was quite limited access even to public information about ourselves. To find information someone had to go to where it was located, find it in the file, and copy it down. However, it was also difficult to keep track of who had accessed it. Today, when the same information is in an online database accessible via the Internet, it can be obtained from anywhere in the world in a few seconds and at no cost unless the appropriate security controls are in effect. That ability has provided an enormous boost to productivity in our economy, but without substantial safeguards, it can devastate our personal privacy. The Internet has therefore enormously magnified the privacy problem, because once electronic information is captured, it may be copied and made available in numerous other places.
Explosive growth of the use of IT has produced a situation where huge amounts of personal information are easily available without any need for criminal activities. For reasons of convenience and efficiency, government agencies are putting official records into online databases-birth and death records, marriages, divorces, property sales, business licenses, legal proceedings, driving records, and so on. Furthermore, personal information is valuable for marketing purposes, and there are data brokers whose business is to collect and sell such information to whomever wishes to purchase it.
In the normal activities of transacting business, we often must provide sensitive personal information such as name, address, and credit card number. To take out a loan from a financial institution, we must provide much more personal information and allow a credit check so that the lending institution can decide whether we are likely to repay the loan. This is quite legitimate and, because we agree to provide the information in order to transact the business, there is no invasion of privacy. However, when the business uses the information for purposes that we did not authorize or sells the information, serious privacy problems arise.
People differ widely in their attitude toward the privacy of this type of personal information. Surveys over the years have shown that about 25 percent of the public is not at all concerned with these privacy issues, 25 percent is quite sensitive to loss of privacy, and the remaining 50 percent is willing to consider trading some privacy risks for other benefits, if given the right to make that decision.