In selecting the theme of ′Visions of Privacy for the Twenty-first Century′ for our 1996 conference, my colleagues and I were largely taking advantage of the imminence of the millennium. But I increasingly regard that thematic choice as very fortuitous, because it allows a privacy advocate to move beyond the short-term perspective and to think at least several years into the future and, indeed, into the past as well. Let me develop the perspectives that I wish to bring to this issue of privacy protection in the foreseeable future by starting first with the past, before reflecting as well on...

In 1928 Justice Louis Brandeis wrote in the Olmstead case ′discovery and invention have made it possible for the government, by means far more effective than stretching upon the rack to obtain disclosure in court of what is whispered in the closet. The progress of science in furnishing the government with means of espionage is not likely to stop with wiretapping.′ His haunting and prescient words clearly apply today, as the line between science and science fiction is continually redrawn and private sector databases join those of government as a cause of concern.

New technologies for collecting personal information, which...

Privacy protection¹ in law and practice involves a balance between competing values in order to achieve a result that safeguards individual privacy while also accommodating other important social, political, or economic ends. The first quarter-century of data protection laws and regimes has established this doctrine by underwriting privacy claims while tempering their force with limitations, exemptions, and countervailing precepts that reflect a concern for other values, public interests, and policies.

Thus, data protection regimes aim to restrain certain data practices, which, if given free rein, could otherwise serve as a charter for privacyinvasive developments of commerce or public administration, but...

This essay outlines the contours of the privacy landscape in the United States, addresses the difficulty of enacting enforceable rules even against the backdrop of heightened risks and concerns, and suggests that privacy advocates may be presented with some new opportunities for privacy by pressing for the development of policies and tools that empower individuals to make and enforce individual choices. The existing power imbalance often leaves individuals helpless against the rapacious information gathering of the state and the private sector. Technologies of privacy offer a potent strategy for turning that power imbalance upside down. A dual policy and technology...

This essay will explore medical privacy, the growth of health information networks, and the need for privacy-enhancing technologies. Increases in the automation of previously paper-based records, combined with the growth in networked communications, will lead to a decrease in the data subject′s ability to control the uses of his or her personal information. Privacy-enhancing technologies that serve to anonymize and de-identify personal data will be advanced as one of the leading technological solutions to this problem. This essay begins with a brief review of the legal protections, or lack thereof, pertaining to medical records in Canada and the United States....

What kind of mechanisms are appropriate and effective for protecting the privacy of personal information? This is a question that bedevils legislators, policy makers, record keepers, and privacy advocates around the world. While fair information practices provide a widely accepted¹ policy direction, no simple, obvious, or universal answer to privacy concerns is available. For each type of record and record keeper, a different implementation of fair information practices may be possible and suitable.

A key threshold issue, and one that is not always recognized, is who makes which choices. Some decisions appropriately belong to the subject of the record. Other...

Marketers today are challenged by two converging trends, one competitive and the other technological. First, marketing is undergoing a paradigm shift, fuelled by advances in technology. To survive in the increasingly competitive global economy, companies depend on vast quantities of personal information to create switching costs for current customers and to attract new customers. Mass production and mass merchandising are being replaced by one-to-one marketing and personalized service such as loyalty programs including frequent flier or shopper programs, co-branded credit cards, and advertising messages on customer billing statements which are customized based on the customer′s buying patterns.

Second, information technology...

Roughly a generation has passed since the original acknowledgment of privacy protection as a legitimate issue for public concern. This interval offers a good vantage for reflection. We privacy advocates might fruitfully ask ourselves, are the essential values of privacy better protected now than they were then?

Many privacy watchers would no doubt want to give a positive response to this question. They would point to the array of legal and policy safeguards enacted in the past decades for treatment of personal data – and to the many institutions that have been created to make these strictures work. Throughout the...

Privacy protection in Quebec is the object of general statements of principles applicable to all persons, physical or corporate, in the Charter of Rights and Freedoms of the Person and the Civil Code. The legislature adopted in 1982 a piece of legislation applying to the public sector both favouring access to information and protection of privacy. In 1993 an Act Respecting the Protection of Personal Information in the Private Sector was also unanimously adopted. Because of its originality in North America, it is worth giving here a few indications on its content and implementation.

The private sector legislation applies to...

During the early 1990s U.S. businesses watched with some trepidation as the European Union′s Data Protection (or Privacy) Directive worked its way through the somewhat tortuous course of policy development and adoption required by the European Union. To achieve a unitary European market, the European Union is harmonizing national laws that affect the workings of the European economic market. Included among such proposals is one that requires the twelve countries in the European Union to harmonize their privacy or data protection legislation. The proposed ′Directive on the Protection of Individuals with Regard to the Processing of Personal Data and on...

Varying jurisdictional approaches as well as different standards for the treatment of personal information will pose conflicts for the interrelated and international data processing arrangements of the twenty-first century. The European Union′s directive on data protection (the ′EU directive′)¹ coupled with the Global Information Infrastructure (GII) raise the stakes for global solutions to the universally recognized need to maintain fair information practices in an information society. Yet, at the same time, the nature of twenty-first century information-processing arrangements will be complex and ill-suited for a single type of solution. This essay argues that data protection norms in Europe will promote...

The British Columbia Civil Liberties Association (BCCLA) has not been nearly as successful as we would have liked in securing privacy protection for citizens.¹ Our experiences are not unique; other privacy advocates in Canada have also found their task heavy sledding, and I suspect advocates around the world have too. In this essay I will analyse four cases in which the BCCLA tried to secure or influence privacy protection and discuss the lessons privacy advocates can learn from these experiences.

First, I will offer some comments about the world facing privacy advocates. The difficulty in getting public and private sector...

Since the birth of the modern privacy movement in the late 1960s, the goals and tactics of privacy activists around the world have demonstrated an extraordinary diversity. As with the environmental movement that paralleled it, some privacy strategies have been designed along institutional lines, while others involved varying degrees of civil disobedience and non-violent direct action (NVDA). Promotion of privacy concerns has ranged from intellectual expression through to physical violence against technology.

Privacy organizations and campaigns have varied from country to country, and from time to time. Some were quasi-industry initiatives that worked ′within the system.′ Others were overt campaigning...