Can we get a guaranteed freedom to privacy?

The privacy protection which we all need is a constitutional amendment (similar to what Europe has had for over a decade[1][2]) in the United States that declares all private information to be the sole, non-transferable copyright and intellectual property of the identified citizen:

  • This private copyright and grant of intellectual property includes, but is not limited to, email addresses, mailing addresses, phone numbers, lists of friends or acquaintances, family trees, physical location history, browsing history, shopping history, employment history, medical history, and financial history.
  • This private copyright does not apply to any groups, organizations, collectives, institutions, corporations, or businesses. This private copyright only applies to individual persons.
  • Companies may offer to collect or create this information for you, but such services are always considered work-for-hire and the customer exclusively owns the resulting information and copyrights.
  • Companies may also offer services to store and distribute or publish this information for you, but all default options must be as private and closed as possible, and the customer’s consent is explicitly required for all instances of distribution or publishing. If the customer is a minor or has a legal guardian, then the parent or guardian’s consent is also required.
  • Companies are forbidden from requiring customers’ private information as part of the terms of service unless such information is necessary to deliver goods or services to the customer. The burden of proof lies with the business to show that any information demands are necessary in order to provide their offered product or service.
  • Since businesses do not and are legally incapable of owning individuals’ private information, they are forbidden from selling individuals’ private information.
  • All private organizations which store private data are required to destroy such records after 2 years (24 months) without communication from the identified individual consenting to continued storage.

It is likely that is not worded perfectly, but I think I managed to get my primary thoughts into the section. In case I did not, I will try to explain them explicitly.

I believe that the only true solution to privacy protection is to make it unprofitable to invade people’s privacy or abuse private information, regardless of how the information was collected or whether the identified individual purposefully shared or inadvertently leaked the information. I cannot see how a tax could be implemented and that has its own moral dilemmas anyway (e.g. at what point are you poor enough that someone can buy your privacy?), so I see legal protection [strong enough that it creates a basis from which offended individuals can sue offending parties for damages] as the best hope for privacy.

The most intuitive way I see this could be achieved is to enshrine in law the idea that people’s personal information is their personal intellectual property rather than letting it be the property of whoever collects it. Then individuals whose information is abused can sue the offending party. This ought to prevent the sale of collected information (even though you have a copy, it is not yours to sell), and the unauthorized display or transfer of the information to third parties.

References:

[1] : “Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995” by the Center for Democracy & Technology, 1995/10/24
http://www.cdt.org/privacy/eudirective/EU_Directive_.html

[2] : “Data Protection Directive” by Wikipedia, 2010/11/14
http://en.wikipedia.org/wiki/Data_Protection_Directive

Additional Reading:

“Raising data privacy awareness” by Peter Fleischer and Jane Horvath, Global Privacy Counsel, The Official Google Blog, (2009/1/28)
http://googleblog.blogspot.com/2009/01/raising-data-privacy-awareness.html

“Why I deleted my Facebook data. Commentary on Internet data privacy rules.” by Dhananjay Nene, (2009/02/?)
http://blog.dhananjaynene.com/2009/02/why-i-deleted-my-facebook-data-commentary-on-internet-data-privacy-rules/

“No pixels, please, we’re German” by The Economist, (2010/09/23)
http://www.economist.com/node/17103679?story_id=17103679

“Google, Facebook, Rivals Face Stricter Data-Privacy Rules in EU” by Stephanie Bodoni, Bloomberg, (2010/11/03)
http://www.bloomberg.com/news/2010-11-03/google-facebook-rivals-face-stricter-privacy-rules-in-european-union.html

“Google vs Facebook: Adult supervision desperately needed” by Robert X. Cringley, Adventures in IT: Notes from the Field, (2010/11/10)
http://www.infoworld.com/d/adventures-in-it/google-vs-facebook-adult-supervision-desperately-needed-804?page=0,1

“Safebook Project” by Safebook, (2009-2010)
http://www.safebook.us/home.html