The Washington Post|
"The Case Against Absolute Privacy"
by Scott McNealy
Published Tuesday, May 29, 2001; Page A15
Any company that doesn't properly safeguard people's personal information will suffer the same fate as a bank that doesn't safeguard people's money. It will go out of business. But privacy is not always desirable -- and absolute privacy is a disaster waiting to happen.
Take medical records. If you're in an accident, do you want an ambulance driver to be able to access your medical records online? I think you do. Do you want everybody to? No.
Properly administered, the online environment offers more privacy protections, not fewer. Online, you can encrypt things and provide conditional access. You can know where your files are and who's looking at them through audit trails. Try that with a paper file.
I know medical records are a hot button for a lot of people, and I agree they need to be protected. But it would be a mistake to lose sight of the real benefits of sharing information about ourselves. One of the chief benefits, to use a more routine example, is personalized service. In exchange for a little information, you can get an online experience that's more in tune with your interests and needs. I have agreed to let my car company, for instance, track my every move through GPS satellites. Some people might consider that an invasion of privacy, but I find it comforting to know that, should my air bag deploy, they know where I am and can send help.
I'm convinced that we've barely scratched the surface on this one. Someday soon you could find yourself in a strange city and your Web-enabled wireless phone will be able to recommend a nearby restaurant based on your fondness for French, Italian or Mexican cuisine -- and then make your reservation for you. It could even recommend a movie based on what you liked and didn't like in the past -- and, by the way, it's playing three blocks away, starts in half an hour and only a few tickets are left, so would you like to purchase one now with your credit card?
Those are just two examples of how specific needs will be met in specific circumstances -- many more are possible. The point is, for that level of service, most people would gladly reveal their personal preferences, as long as they feel certain the information won't be misused. On the Internet, even more than in other areas of our lives, trust is the real currency. Squander what you have and you'll find out how hard it can be to get more.
So far the industry has done a pretty good job of regulating itself. Most companies now post formal privacy policies on their Web sites and allow visitors to have a say in how information about them is used.
That just makes good business sense, but I recognize that it took some prodding from the watchdogs in the media. The media could also start rewarding companies who have learned how to offer both consumer protection and personalized service. Maybe some enterprising magazine will start publishing an annual list of the companies with the best policies and practices. The Privacy 500, perhaps.
The writer is chief executive of Sun Microsystems Inc.