Page 318 - DMGT308_CUSTOMER_RELATIONSHIP_MANAGEMENT
P. 318

Unit 12: Customer Privacy




          In 1992, the European Commission adopted a directive establishing basic telecommunications  Notes
          privacy rights for its member states. The draft included restrictions on unsolicited calls, calling
          number identification, and use and storage of data collected by telephone carriers for electronic
          profiles. It mandates that holders of data pay for security measures in order to bar unauthorized
          access. It also prohibits the creation of electronic profiles of individuals utilizing data concerning
          their purchases or other actions, and it bars transfers of data to non-EC member countries unless
          those countries have adequate data protection rules.
          Among Third World countries, Brazil has been particularly active in data and telematics issues.
          Instituted during the years of military dictatorship, the thrust of Brazil’s policy was evident in
          the  statement  of  its top  information officer, who combined both the  civilian and  military
          functions of that term.

          The administration [i.e., the restriction] of TDF [transborder data flows] appears to be an effective
          government  instrument for the creation of an environment that makes the emergence of  an
          internationally viable national data-service industry possible. By itself, such an industry would
          have  had  great  difficulties  in  overcoming  the  obstacles  of  a  completely  “laissez-faire”
          environment. The country’s TDF policy altered that situation.
          A license had to be obtained before establishing international data links. Applications for foreign
          processing, software import, and database access were rejected if domestic capability existed.
          The policy was strongly embraced by the Brazilian military dictatorship and its business and
          industry allies, and it was admired around the world as an assertion of national sovereignty by
          many observers who would otherwise feel no kindness toward right-wing juntas.
          In the United States a generally more pragmatic approach to legislation, and a case oriented
          decision process administered through the judiciary and the regulatory agencies, have led to the
          tackling of specific data abuses when they became apparent rather than to comprehensive laws.
          This has led to a less systematic approach that in Europe, and to a variety of ad hoc federal and

          state legislation. Typically, they addressed a narrow and specific issue of concern. Most such
          statutes were either aimed at particular industries (for example, credit rating bureaus), or at the
          conduct of governmental agencies, or they dealt with flagrant abuse such as computer break-ins.
          Thus, contrary to often-held views in other countries, numerous laws protecting data and privacy
          exist in the United States, and some of them are quite far-reaching, especially in terms of access
          to state files, and limits on such files.

          Nevertheless, U.S. privacy legislation remains considerably less strict than European law in the
          regulation of  private databases, and coverage of U.S. governmental  organizations by privacy
          law is not comprehensive. Although the Privacy Act of 1974 restricts collection and disclosure
          by the federal government, and vests some responsibility in the Office of Management and
          Budget, only a few states and local governments have passed similar fair information practices
          laws for their agencies. The U.S. has no government agency specifically  charged with  data
          protection similar to the centralized data protection commissions or authorities established in
          European countries, though proposals have been advanced in Congress.
          A synthesis of the comprehensive European and the ad-hoc American approaches is to formulate
          a set of broad rules or principles applicable to a sector of the economy, or to a set of issues. This
          was  the  direction  taken  by  the  New  York  Public  Service  Commission  on  the  issue  of
          telecommunications privacy.
          The New York Public Service Commission’s approach in 1991 went well beyond the problem-
          specific approach. It issued, after a proceeding initiated by the author, a set of broad privacy
          principles applicable to the whole range of telecommunications services under its jurisdiction.
          A similar approach, that of privacy principles, was recently taken by the Federal Government’s
          high visibility  Information Infrastructure Task Force,  in the  report by its Privacy Working



                                           LOVELY PROFESSIONAL UNIVERSITY                                   313
   313   314   315   316   317   318   319   320   321   322   323