Have you ever read those little pieces of paper inserted into your bank statement, credit card statements, insurance bills, mutual fund statement, and all of your other statements and bills? We all get them. You know, those flimsy pieces of paper, printed in small type and written in convoluted English. I have started collecting them— sort of like baseball cards. But I doubt they’ll ever be valuable. They are entertaining, though… and disheartening.
One thing you’ll see in just about every one of these little is the phrase “… unless otherwise permitted by law.” So, basically, they are telling us this: “We’ll do what we say here unless we can find some law that allows us not to comply.” Oh great! I guess we all have to read every law on the books before we can trust this policy. I’d feel a lot better if the document had the phrase “…unless otherwise forbidden by law” in it. That way, we could (hopefully) feel confident trusting the policy to be as strong as what is actually written there, if not more so. As it is, we should feel confident that the policy is not anywhere near as strong as what is actually written there until it is proven otherwise. I guess I’m a pessimist, but I think I’m actually more of a realist with the sad state of data security and protection these days.
It is interesting to compare the privacy policies for the same company as (if) they change each year. One trend seems to be the addition of “chief privacy officers.” This could be a good trend. But I bet the chief privacy officer is more concerned with furthering the interests of the company they work for than actually protecting the privacy of the company’s customers. But maybe I’m being a pessimist again.
One trend seems to be clear, at least to me: our privacy is evaporating. We should try to do as much as we can to stop that evaporation. So should the companies that we do business with. And so should data management professionals who deal with corporate data as part of their job!