Sunteți pe pagina 1din 37

A Self-Reflection on Information Privacy

Rasika Dayarathna, Department of Computer and Systems Science, Stockholm University, Sweden. Email:si-ika@dsv.su.se

Abstract
Privacy is very subjective and has been interpreted in a number of ways. Additionally, there are several paradoxes in the field. For example, a number of researches have shown a substantial gap between privacy attitude and related behaviors. These kinds of paradoxes hinder the progress of the field. One way of addressing these issues is studying privacy attitudes and underlying rationality behind these attitudes of individuals. This study presents this researchers frame of reference on privacy, with a special emphasis on information privacy. This paper explains privacy in religious, social, and legal contexts, reasons for privacy invasive behaviors, privacy protection means, and reasons for demanding privacy. The aim of this paper is to take a step in building a common understanding, which is essential in developing a global data protection regime. At the end, elaborating some realworld examples, this paper discusses the importance of information privacy for information system researchers. Furthermore, this paper invites the readership to compare and contrast their own views on privacy.

Introduction
This paper presents this researchers frame of reference on privacy with a special emphasis on information privacy in the digital era. It discusses the need for protecting and invading privacy, strategies used to protect and invade privacy, implications of too much and too little privacy, and reasons for demanding privacy for various personal data items such as medical, financial, contact data. Despite the fact that this paper is a personal reflection on privacy, newspaper articles and other evidence are used to support some of the claims made. 1

One of the aims of this paper to shed light on understanding the reasons for discrepancy between peoples attitude and behavior. In other words, the discrepancy between what people say and how people act. This is one of the biggest problems in social science, particularly in information privacy (McDonald & Cranor, 2008) People who say that they have nothing to hide often refuse or avoid answering when they are asked for personal information. On the other hand, people who ask more protection for their personal information reveal the same personal information for nothing or nominal financial gains. This kind of paradox makes it difficult to build theories that explain the relationships among constructs and reasons for the existence of such relationships in the domain of privacy. Though, this paper does not answer this question, it sheds light on the issue by explaining various aspects of privacy. Therefore, this paper contributes to build strong, but simple theories that have better explanatory and predictive powers. An understanding of this researchers background is important for the readership since this paper presents the frame of reference of this researcher. The frame of reference has been shaped by growing up in a Sinhala Buddhist culture in Sri Lanka and studying information privacy during the last six years. During this period, this researcher conducted a number of surveys, interviews, and discussions, participated at information systems conferences and seminars, took several courses in information security and privacy and listened to talks on the subject. Furthermore, half of this period, this researcher stayed in Sweden with European, African, and Chinese colleagues. This paper is organized as follows. The first part of the paper presents privacy in historical, religious, and social contexts. The second part explains why privacy is needed for various personal data items together with the consequence of excessive privacy and lack of privacy, strategies used to preserve and invade privacy, and the importance of information privacy for eastern cultures. This paper concludes by discussing the conclusions, implications, and identified future works.

Background
There is no agreed definition for privacy. It has been interpreted in various ways. One definition is the control over ones personal information. Some consider privacy as the state of art of security measures deployed to protect personal information against unauthorized access. Some interchange privacy for confidentiality. Several scholars have attempted to define privacy. Even though, there is no agreed definition for privacy, it is present in almost every culture in different forms. The following section

presents various synonymous of privacy in several cultures.

Privacy in social context


Even though, some languages and legislations do not have exact synonyms for privacy, similar terms exist. For example, according to an Indian Supreme Court judgment, the term personal liberty covers privacy (Kumaraguru & Cranor, 2006). On the other hand, the terms used for privacy in some languages give completely different meaning. For example, the term used in Mandarin, the main language in China, is yin-si, which means shameful secret". A similar meaning is given by the Japaneses. According to Murata and Orito (2008) in the Japanese culture, the "[I]nsistence on the right to privacy as the 'right to be let alone' indicates a lack of cooperativeness as well as an inability to communicate with others. In Sri Lanka, the term privacy is not common. In Sinhala, the main language in Sri Lanka, paudgalikai refers to confidentiality. Furthermore, it is being used as fashion. The Sri Lankans use the term private and confidential on envelops and letters to indicate the message is only for the intended recipient. This is very common term even in very public documents that need public scrutinizing. As one example given under the professional privacy, the word confidentiality is heavily misused to prevent questioning corrupt practices, which are common in government, public institutes, and charitable organizations in many developing countries. On this background, this paper argues that the notion of privacy is much broader concept; therefore, it should not be narrowed down to very specific instances. There is a digital divide based on attitudes toward privacy. In discussing privacy, many scholars divide the east and the west. According to them, westerners demand more privacy, but easterners do not show much concern on privacy. Throughout, this paper, it is argued that there is demand for privacy even in the east, but the demand for privacy appears in different forms. One reason for the appearance of attitude difference is superficial studies on the eastern cultures. For example, it is not wise to say the easterners demand less privacy based on information privacy studies since many easterners do not have enough experience in using IT, particularly the Internet. When the easterners effectively started using the Internet, a considerable level demand for privacy can be expected. Supporting this argument, Adams has stated [t]here is a myth amongst researchers that there is no such thing as 'Privacy' in Japan. [Andrew A. Adams] refutes that and shows that the advent of networked information 3

processing of personal data has brought Japanese attitudes to information privacy to a highly similar position to Western attitudes (Adams, 2007) Another reason for having a gap between privacy concerns is that some kinds of information that are considered as personal information in some countries, but not in other countries. For example, ones age is considered very personal in Sri Lanka, but it is public information in Sweden. One personal experience was that some Sri Lankan PhD students studying in Sweden considered public documents, which can be accessed by anyone under the Freedom of the Press Act of 1766 of Sweden, as personal information and objected publishing them. On the other hand, some kinds of personal information in the west are not considered as personal information in the east. For example, medical information. One of the exceptions for having a higher demand for more privacy in the west is the historical tradition of fighting for human rights. This claim is supported by having higher gender equality, laws against various discriminations, more concerned on environmental issues etc.. Another exception may be cultural and religious attitudes, which is discussed in the following section.

Privacy in the religious context


One of the criterions that distinguish religions in the west from the east is the concept of believing in a powerful god. The western religions, particularly Christian, Islam, and Jewish, believes in a single powerful god who has created the world, humans, and animal, punishes wrongdoers, and decides the life after the death. Governments attempt to keep eye on every human conducts and store only bad activities on central databases and the use of the built database to punish individuals is similar to the function of the god. Therefore, it is reasonable to assume that the public has perceived that governments are attempting to act as or on behalf of the god. Additionally, it is known fact that this is possible only with personal information. This might have caused the west to demand more control over their personal information. On the other hand, the eastern religions, particularly Buddhism and Hinduism, do not have a similar concept. In Hinduism, each god takes care of specific aspect of the individual. For example, the God Sarasvathi is in charge of artistic aspect of individuals . The Buddhists believe in the fact that all good and bad acts, talks, and thoughts are recoded in one itself. Therefore, it can be said that the easterners cannot easily understand the consequences of storing personal information at central repository since their religions do not have a similar concept. Additionally, the explicit recognition of the notion of privacy by western religions had led to introduce 4

several laws relating to the protection of privacy. For example, according to (Rosen, 2001), a Jewish law concepts hezzek re'iyyah, which means "the injury caused by seeing, led to the recognition of the right, which prevents neighbor from building a window. (Saad, n.d.) says that Islam has recognized several privacy protective ethical practices. For examples, Sura Al-Hujurat, Verse 12 ("spy not on each other behind their backs"), Sura An-Nur, Verse 27 ("enter not houses other than your own, until you have asked permission and saluted those in them") and Sura Al-Hujurat, Verse 11 ("Let not some men among you laugh at others & Nor defame nor be sarcastic to each other, nor call each other by offensive nicknames"). Similarly, Christian has recognized several privacy rights. For examples, no one is bound to reveal the truth to someone who does not have the right to know it (2489), it is a crime for a confessor in any way to betray a penitent by word or in any other manner or for any reason (2490), even if not confided under the seal of secrecy, private information prejudicial to another is not to be divulged without a grave and proportionate reason (2491), interference by the media in the private lives of persons engaged in political or public activity is to be condemned to the extent that it infringes upon their privacy and freedom (2492), civil authorities should punish any violation of the rights of individuals to their reputation and privacy (2493) (Catechism of the Catholic Church, 2002). On the other hand, the Buddhist looks at privacy from another angel. In deep Buddhism, individualism is not recognized. In one occasion, Lord Buddha asked laymens to look after their personal suffering, instead of worrying about the outside world. Verse 50 of Dhammapadaya(Lord Buddha, n.d.), which is given the title of Look Inwards And Not At Others says Not others opposition nor what they did or failed to do, but in oneself should be sought things done, things left undone. Explanation: Do not find fault with others. Do not worry about what others do or not do. Rather, look within yourself to find out what you yourself have done or left undone. Stop doing evil; do good (Buddha Dharma Education, 2011). In Buddhist discipline (known as Vinaya), Buddhists monks are supposed to possess very little personal belongings. Additionally, the Buddhism highly recognizes the importance of peaceful and quite 5

environment for peaceful life and practice meditation. As cited by Cline (2009), Mizutani et. al state "[a]t the very core of this is not a connection between an everlasting soul and God, but rather the idea that the suffering of the world is linked to the desires of the ego or self & [T]he effacement of self influences privacy in that the most basic unit which privacy protects, the individual, is sublimated."

Privacy in the legal context


The right to privacy has been recognized as a fundamental human right in many international treaties. Privacy has been recognized as a fundamental human right in Article 12 of the Universal Declaration of Human Rights , which states: "No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation" (United Nations, 1948), Article 17 of the International Covenant on Civil and Political Rights recognizes the right to privacy by stating that (1) no one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honor and reputation and (2) everyone has the right to the protection of the law against such interference or attacks (United Nations, 1966). There are three different legal means used to protect information privacy. They are the general data protection approach, which covers almost every sector, sector specific laws, which focus on specific sectors, and the self-regulation approach based on best practices. European countries have applied the first approach while the USA prefers the sector specific and self-regulatory approaches.

Discussion
People who take privacy for granted state they need privacy since it has been recognized as a fundamental human right in national legislations and international treaties. However, as argued in this paper, the understanding of the broader picture of privacy is important to make more informed decisions. This discussion attempts to provide a rich picture of privacy. This section starts with discussing the need for privacy in general and followed by the privacy needs for various personal data items. Privacy is important for creativity. Creators need private space for thinking, discussing, and engaging in creative activities. The importance of privacy space for creators is analogues to industry-oriented research where high confidentiality is maintained. For example, intellectual property laws have been introduced to protect commercial interest of creators and inventors and also to encourage competitiveness. However, none existence of separate laws for the protection of non-commercial 6

creative activities does not undermine the importance of private space for creators. Creators are interested in privacy due to the fear of others getting to know the ideas, creative process, others involved in the process etc., to avoid being criticized the work, and to have a peaceful mind. Therefore, information privacy is very important since the information flows from and to the creator has great potential of invading the private space of the creator. For example, the protection of creators contact list is important since it contains the identities of others who work with the creator. Likewise, divulging financial information may leak some information relating to the private space of the creator. Invading the privacy space that the creator wants to enjoy may reveal information of the works the creator is engaged with. When people feel they have a private space they tend to enjoy it. In other words, they use the private space for their advancements and progress. For examples, people who are reluctant to sing in front of others sing inside the bathroom, students who are ashamed to raise question in the class meet the teacher after the lecture or pass a note to the teacher. Another closely related reason for demanding privacy is to engage in activities that are not socially accepted or against the value system of the society. These activities range from criminal activities to innocent activities. The term innocent activities is used to refer to activities that do not harm anyone at the present or in the future. Some of the innocent activities are against the value system, some of them are important for the progress of both individuals and communities. Therefore, information privacy is important for those who challenge the common value systems. For example, though, no Sri Lankan considers religion is personal information, many of them are reluctant to disclose some religious practices such as meditating. Two primary reasons for such reluctances are the fear of being discriminated and the labeling issue. For example, mediators are sometime being discriminated due to very negative perceptions such as mediators do suffer and cannot face challenges. The labeling issue is indirectly forcing subjected people to behave in a certain way. For examples, the society expects a mediator not to get angry. Another example is that I was told that the upper classes in Britain are indirectly forced not to listen to music that are targeted or common in the working class. One interesting conversations I heard a few years ago explains the problem associated with the labeling issue. The first guy asked do you know Visual Basic and the second guy replied no, why ? what is the problem?. The first guy explained the problem and the second guy correctly answered. The first guy then asked why you said you do not know the subject. The second guy answered if I said I knew,

you would expect something more than necessary. This example shows the seriousness of the labeling issue. Some other innocent activities that need privacy in Sri Lanka are practicing yoga, watching certain films, exercising, practicing other religions, controversial practices of own religion, and traditional practices. In the past, similar minded people gathered and discussed their practices. Usually, they created their own private space. Unlike in the past, today, communication technology is used to discuss and practice some of these activities. Additionally, location information, credit card information etc. may reveal some information of these innocent activities. All these things make information privacy very important. The freedom of enjoying more opportunities is another reason for demanding privacy. Disclosing more personal information to many people drastically reduces ones opportunity set. This can be seen in the bargaining markets. In negotiating process, the seller gets an advantageous position by knowing the buyers purchasing ability. Therefore, buyers take several measures to show low purchasing ability. One measure taken by Sri Lankans is stopping vehicle a way from the sellers stall and walking to the sellers stall. Thus, smart people keep control over their personal information, which includes when, where, and to whom to disclose their personal information. The above overlapping discussion explains the need for privacy in general. The following section explains the need for privacy for various personal data items.

Personal data items:


What are the personal data items? What are the highly sensitive personal data items? What make them more sensitive? This section attempts to answer these questions. There are a number of personal data items such as financial information, health care information, location information, information relating to life styles, political opinions, criminal records. Some of these personal data items can be further divided into sub-personal data items. Some examples for health care information are information relating to serious medical illnesses, general health care, mild illness, and sexual transmission diseases. This kind of division is needed for privacy discussions since different levels of protection are sought for sub-personal data items. For example, information relating to sexual transmissible diseases is considered highly sensitive, but general health care information is not considered very sensitive. On the other hand, in certain circumstances, non-sensitive personal data become very sensitive. For example, information relating to mild illness is not sensitive, but 8

information relating high number of occurrences of the same mild illness within a short time period may be considered as sensitive health-care information. The Organisation for Economic Co-operation and Development [OECD](2002) privacy guidelines state that it is not possible to define sensitivity of personal data items irrespective of the context. However, according to the EU directive, sensitive personal data items are racial and ethnic origin, political opinions, religious and philosophical beliefs, trade-union membership, health and sex life (Article 8(1)), offenses, criminal convictions and security measures (Article 8(5)) (Directive 95/46/EC , 1995) The following sections discusses medical data, financial data, information relating to the life style and joint family system, location privacy, examination results, complaints and petitions, professional privacy, surveillance, the right to be left alone, birth related data, contact lists and details, philosophical and religious beliefs, political opinions, and criminal records respectively.

Medical data:
Privacy of medical data is one of the hot button issues. A number of legislations across the globe have insisted on several measures to protect medical privacy. As mentioned before, there are several varieties of medical data and the level of protection sought varies with the sensitivity of medical data. One of the reasons for demanding a higher level of protection over medical data is the seriousness of the labeling issue and various kinds of discriminations. The people, who are being labeled as sick people, are vulnerable to several discriminations. Therefore, sick people want to protect their medical data in order to refrain from being discriminated. There is a positive correlation of the level of the protection sought for medical data and the seriousness of being discriminated. For example, patients suffering from sexually transmissible diseases demand more protection over medial data since these data have strong discriminatory power. On the other hand, less or no protection is sought for mild illness since related medical data does not have discriminatory power. When a society becomes more discriminatory over certain diseases, more protection is sought for the relevant medical data. In some societies, patients suffering from transmissible deadly diseases were isolated or killed. Additionally, the lack of confidence to face discrimination also makes relevant medical data more sensitive. In the western societies, in general, medial information is considered as sensitive information. On the other hand, in Sri Lanka, only sexually transmissible diseases are considered as very sensitive. 9

Additionally, some transmissible diseases are also considered as mild sensitive medical information depending on the circumstances. This may be the case in many eastern societies. However, not demanding protection over medical data does not mean that patients are comfortable with disclosing their medical information with everyone. Reasons for less privacy concern are cultural and religious attitudes, traditions, customs, and the health care system. These factors more or less have compelled to give up the expectation of privacy over medical information. Under the current health care system, it is not possible to expect medical information privacy in Sri Lanka. Probably there may be exceptions, but generally no one visits a doctor with a specific appointment. Since appointments are general appointments, patients have to wait in queues. Being in a queue shows that one is waiting to get medical treatments. Additionally, these queues are categorized for specific class of health problems, for examples, cardiology, diabetic, and surgery. This further reveals medical information. In many government hospitals, several outdoor patients are treated in the same room. However, there are several measures taken by hospitals and patients themselves to protect medical privacy in cases such as sexually transmissible diseases (STD). One measure taken by patients is avoiding visiting clinic while medical students are under going training at STD clinics. Here , the patients want to minimize their exposure to the outside world. There are several religious and non-religious traditions that disclose some medical information. Though, these practices do not disclose every medical information, the disclosed information is sufficient enough to label a patient. One cultural practice that disclose some medical information is praying for recovery of the patient under a Bodhi Tree 1 by close associates of the patient and villagers. In Buddhism culture, not in Buddhism, this is known as bodi-puja. The Hindus have a similar practice. It is not necessary to obtain the consent of the patient to conduct a bodi-puja. The presence of large number of people at a public place easily disseminates some medical information of the patient. Another cultural practice is conducting devil-ceremonies2 to cure mental disorders. Since, a large number of people, usually the whole villagers, gather at the ceremonial place. This practice reveals the identity and the condition of the patient to the whole community. Another tradition is hanging a particular a branch of leaves on the front door of the house of the patient who is suffering from certain virus infected diseases. This is to warn others to take precautionary measures. In terms of medical privacy, all these practices reveal several medical information.
1 Scientific name ficus religiosa 2 This was very common in the past, but today, it is a dying practice.

10

The above two paragraphs shows that it is difficult to expect medical privacy in Sri Lanka. That might have caused Sri Lankans and other similar cultures to give up the expectation of privacy over medical information. There are at least three situations where people expect privacy on medical information. As previously discussed one is sexually transmissible disease. Another one is psychology disorders. Today, it can be seen that middle and upper class societies are attempting to hide identity of patients suffering from psychology disorders. the demand for the protection of medical data, particularly data relating mental disorders, is increasing. The third one is easily transmissible disease such as virus infections. In order to avoid being discriminated, some people attempted to hide the fact that they were suffering from HINI. In conclusion, it can be said that Sri Lankan and people in similar cultures do not expect privacy over medical information except in a few cases. However, a very high level of protection is needed in the exceptional cases. Several reported cases insisted the importance of strong protection over medial data related to sex life and sexual transmissible diseases. Several years ago, when the HIV started spreading in the country, several houses of the identified HIV victims were attacked. In another case, a female medical doctor, who got HIV infected by a blood transmission, was severely discriminated by her friends, relatives, and her colleagues. Furthermore, her family members abroad were also discriminated by Sri Lankans living in abroad. Even though, mild-illness and accidents related information are not considered as sensitive medical information, these information become sensitive in certain exceptional situations. For example, having flu is not sensitive information, but having it frequently may be considered as sensitive. This is due to the fact that frequently having flu may be considered as a discriminatory factor. Likewise, medical information related to accidents become sensitive when the patient or any related party wants to hide some personal information that have some connection to the accident. For example, in a case of an accident met by a drunken driver, the driver may want to protect medical privacy in order to hide the fact that he was drunken. Additionally, people who drunk with the driver may also want to protect the drivers medical information. Another example is that the family of an assassinated Sri Lankan opposition politician did not demand proper investigation of the incidents due to the fear of revealing some personal information of the politician might be embarrassing for the family members. Medical data and life style related information are closely associated. Some patients hide medical situations that may indicate inferior social status. For example, medical conditions resulting from malnutrition.

11

One of the criteria to decide the sensitivity of health information is the vulnerability of being discriminated for having bad health records. Thus, in societies, where having bad medical condition is considered as a natural phenomenon, there is no or less demand for privacy over medical data. Therefore, changing the attitude of individuals toward accepting every health condition reduces the demand for privacy over medical data. Another factor that eliminates the demand for medical data is the desire or ego to show having certain health conditions. For example, a few years ago in Sri Lanka, it was considered having high-blood pressure is an indication of social status since it was perceived that only people in higher social classes suffer from high-blood pressure. Today, it is a fashion to have cesarean operations and some people are proud to mention it. Another closely related privacy issue is the parties who are entitled to receive medical information from health care providers. Generally, medical information is given to guardians. In several situations, the patient is not informed about full medical situation. The reason for not disclosing medical information to the patient is not to make the patient unhappy by disclosing the seriousness of his condition. Therefore, the people who are entitled to receive medical information is another fact that must be taken into account in designing information systems in the health care domain. In conclusion, it can be said several medical situation need more protection over medical data in order to avoid being discriminated. However, it is not possible to identify when, where, under what circumstances privacy is needed. The need for privacy over medical data depend on cultural and religious practices, personal egos, attitude of the society including close relatives, self- confidence to face discriminations etc.. Additionally, there is a trend of demanding more privacy over medical data. Therefore, designing information systems with built in privacy protection measures and having proper guidelines are imperative.

Financial information:
All most all opinion polls and legislations have emphasized the sensitivity of financial information. Privacy issues of financial data are very complex and interesting due to the presence of a large number of different circumstances and influencing factors. Basically, two broad cases can be seen. One case is the rich pretending to be poor and the second one is the poor pretending to be rich. The rich pretending to be poor to avoid being taxed, asked for donations and ransom, to obtain 12

government grants and subsistence, to avoid making other peoples jealous, the fear of others attempt to sabotage ones success by making false allegations. In many cases, the demand for protecting financial data is associated with fraudulent practices. One example is presenting misleading tax returns. Though, presenting fraudulent tax returns is reported everywhere, it is very common in countries that lack proper accounting systems and transparency. For example, In Sweden, income tax returns are public documents, but, in Sri Lanka, they are considered very sensitive personal information. Likewise, fraudulent receivers of subsistence and government grants want to protect financial information due to the fear of complaining about fraudulent benefits. Therefore, in this aspect, it can be said that Sri Lankans are more privacy fundamentalists than Swedes. One interesting observation is that some Sri Lankan PhD students studying in Sweden considered their expenditures such as expenditures on traveling, literature, equipments, etc. are personal information, which is public information under the Swedish Freedom of the Press Act of 1766. Apart from the intention of avoiding being taxed or obtaining more subsistence, other cases are associated with innocent mind. Demanding ransom is common in countries that do not have proper law and order. Likewise, demanding donation sometime make people uncomfortable. These are two reasons for pretending to be poor. Additionally, in some cultures, it is believed that jealous people have some hidden power that can sabotage the health, wealth, and progress of people subjected to being jealous. This can be seen as a passive measure since there is no visible active involvement. Sending false petitions and making false allegations are some active means of sabotaging others success. Therefore, various measures are taken to prevent others getting jealous. There is a third category where people want to protect financial data to avoid competition for the limited benefits. For example, when one gets to know that the chances of getting benefits will be lesser if others get into the competition, the former tries to keep others way. Personal information is protected to prevent others getting to know about the limited opportunities. Two examples for such personal information are location and financial information. Some extremists protect information to have a comparatively better life. For example, one person never disclosed his contact information in order to prevent others getting to know about the seller who sells tickets at discounted prices. On the other hand, the poor pretend to be rich in certain situations. Possible reasons are to get a prestigious position in the society and to avoid being discriminated. Getting a prestigious position include being honored, praised, and attractive. The second reason is avoid being discriminated. This 13

can be seen in societies where the poor are discriminated or people perceive that the poor are discriminated. Some means used to pretend to be rich are wearing expensive suits, jewelries, watches etc., using luxury vehicles, living in luxury areas and houses. However, these are highly depended on culture. For example, being bankrupt is considered extremely bad in many societies including Sri Lanka, Sweden, and Holland, but not in the USA. It is interesting to have a look at the past. In the recent past, wealth was measured in material terms such as the number acres owned, size of the residential place, jewelries owned, number of animals such as cattle and elephants owned. One common property of these assets is that it was not possible to hide wealth from the rest. Therefore, it was not possible to expect privacy over financial data. One counter example is the practice of hiding coins under ground. This was to protect against robbing. It is also evident from other source, the wealthy community wanted to maintain their status by showcasing their wealth. Therefore, it can be said that, in the past, the wealthy community did not have privacy expectation over financial data. Today, the situation has been changed. Wealth is deposited in financial systems. In order to have higher privacy protection wealth is deposited in foreign financial institutes. For example, the Swiss banking system has higher reputation for protecting financial privacy. In summary, when opportunities available to protect financial privacy, people go for financial privacy. Life style and joint family system: The contemporary lifestyle also makes privacy more important. In order to keep lifestyle private, there is demand for protecting data that have potential of deriving the lifestyle. Financial and medical data are two examples for such data. For instance, I asked one of my friends to withdraw money from my bank account. He noted on the slip that I had taken a meal at a spiritual restaurant in Stockholm. This information revealed to him some information relating to my philosophical and religious beliefs. Though, I am willing to share my bankcards and PIN codes with a selected group of people, I am not comfortable with sharing other information with the same group of people. For example, religious and philosophical beliefs. Another example is that purchasing habits are revealed in the way of processing credit card information by some financial institutions. Another information relating to life style is marital status. In many opinion polls, a very few respondents have considered the marital status is sensitive personal information. However, the few 14

respondents consider it as extremely sensitive personal information. When a prominent Sri Lankan human right activist was asked whether she is 'Mrs' or 'Miss', she got annoyed and criticized the question. I have also seen that some married men pretend to be single and unmarried women pretend to be married. The latter is common in Sri Lanka, since it is perceived that married women are more protected. The Joint family system, where several families live in the same house, is also a part of the life style. This system can be seen in many Asian, Arabic and African societies. Several years ago, this was a common practice in many European countries. Apart from financial difficulties, some cultures insist on the joint family system. For example, wealthy Indian families share a common house. It is debating issues whether people have given up their privacy in sharing the same house or use various other means to protect privacy. One argument is that having similar lifestyles in joint families makes privacy not so important. In other words, there is nothing or very little to hide. For example, offering and sharing meals is very common in many Asian and African societies in the past. This practices prevailed in the past since there is no or less concern on life style privacy. On the other hand, there are diverse life styles in the contemporary society. And the fear of being criticized of ones life style demands more protection for life style and related information. For example, some are not willing to have meal with others due to the fear of being discriminated or criticized for the inferior quality of their food. In the past, cultures had own privacy protection mechanisms. For example, a several decades ago, in the central part of Sri Lankan there was a kind of joint family system, where a woman got married to more than one siblings. In this system, hanging the underwear on the door indicated the others that one was having sex. In contrary, today, a number of published and unpublished cases report incidents on peeing on ladies toilets and putting video cameras at privacy places. It is also common to see the publication of videos taken from hidden cameras on the Internet. Taking these two examples, it can be said that peoples mindset has substantially changed. However, it is not clear whether privacy invasive cases get more publicity today or the attitude of people have changed. Two types of attitude changes can be seen. One is the fear of being criticized, which led to create more private space and have more concern on privacy. The other one is desire or ego to invade others privacy.

15

Location privacy:
With the widespread use of mobile communication, the location privacy or special privacy has become one of the most concerned issues in the west. Kumaraguru and Cranor (2006) argue that location privacy is not a very concerned issue in India since only 17% of the respondents were highly concerned while 26% were not concerned at all about the Indian Railways practice of publicly disclosing passengers names together with their age, gender, source and destination station, seat number, and record number. However, this researcher expects that a substantial percentage of Indian passengers would demand more protection for their passenger details if the same information get published online.

Examination results:
The Sri Lankan media often reports students committing suicides once examination results are released. Among several reasons, the lack of self-confidence, embarrassment, and the fear of being discriminated are prominent causes for committing suicides. If there is a mechanism for protecting the privacy of examination results and attitude of accepting bad examination results, most suicides can be avoided. The important of protecting privacy is evident since various attempts are taken to distort (hide) identity information and examination results displayed on public notice boards. According to a study conducted in Indian (Kumaraguru & Cranor, 2006) surprising a low number of the respondents (21%) were highly concerned on publicly posting examination grades. This may be due to the fact that only student who get bad examination results demand privacy over examination results. And, this is also heavily depended on the culture. For example, inviting others for seminars is common in Sweden, but some Sri Lankan students are very nervous to see fellow students in seminars due to fear of being criticized.

Complaints and petitions:


Petitioning and complaining are very common particularly in governments without good governance. These complaints, which are against personal favors, arbitrary decision-making etc., are sometimes very useful. For example, under public litigation, the Indian Supreme Court has given important verdicts based on petitions sent by ordinary people. However, some of these petitions contain false allegations and very sensitive personal information. On the other hand, anonymous complaints are sent. Therefore, the privacy of complainants and the personal information contained in complaints is very important. This leads to several issues such as when to disclose personal information, maintain anonymity of senders, the level of weight given to anonymous complaints etc.. Wanting to divulge 16

others privacy, while protecting the privacy of complainants make the case more complicated. Reasons for demanding privacy of the senders identity is due to the fear of being humiliated and harassed. There are several Sri Lankan cases where complainants were harassed when their identities were revealed. In one incident, one person was jailed and subsequently was killed due to mistakenly identifying the callers identification number (Sri Lankan businessman dies, 2006). In this context, it is common to notice the reluctance of people to call the police due to the fear of revealing the callers telephone number by the police to media and outside parties. In Sri Lanka, it is still not possible for callers to hide their number. Therefore, it is important to take measures to protect privacy of complainants and petitioners. On the other hand, the anonymity of complainants is heavily misused. One case is disseminating wrong and misleading information. Another case is where the law enforcing authorities conduct various illegal activities covering up by claiming the protection of anonymity of the complainants. For example, SL police raided opposition press and houses based on anonymous complaint. When the court questioned about the information sources, the police informed that information sources could not be revealed since they are bound to protect their information sources (Anura Bandaranaike v. W.B. Rajaguru Inspector General Of Police And Others, 1999). This was possible under the privilege of protecting anonymity of the complainant. However, some law enforcing authorities, such as the Bribery and Corruption Commission of Sri Lanka, gives less weight for anonymous complaints. Pseudonymous based mechanism can protect identity of the complainants and misuses of privilege of being anonymous. This also dilutes the strong objection of law enforcing agencies against anonymous communication. In pseudonymous, the true identity is kept with an independent trusted party and revealed under very special circumstances. However, the problem is who the trusted third party is. It is also argued that no entity established in the country where a dispute arises can be treated as an independent entity. For example, Sri Lanka police asked for a court order compelling a journalist to reveal information sources (Court refuses to give permission, 2009) despite the fact that the privileges of journalists to information sources is legally recognized and universally accepted. There is no clear guideline on circumstances under which the identity of the journalist, complainants, and petitioners should be revealed. However, some decided cases shed light on the issue. In the UK court case on the right to be anonymous on writing blogs, it was held that anonymity could be expected when there is duty of confidence and public interest in retaining anonymity. Additionally, the court held 17

that anonymity could be expected in cases relating to sexual relationship, mental health, and financial affairs. However, anonymity cannot be expected when public has greater interest in knowing the identity of the pseudonymous user. In this case, it was held that the police officer, who was anonymously writing on a blog about police affairs, cannot expect anonymity (Ruling on NightJack, 2009). Professional privacy: Under this term, professional titles and conducts are discussed. A few examples for professional titles are doctor, engineer, lawyer. In Germany, by law, it is required to write the professional tiles in front of the name. Thus, professional titles such as professor doctor doctor can be seen. In Austria, titles such as architecture, engineer are common. In Mozambique, even diploma holders are entitled to use doctor in front of their names. The question is whether one has right to decide when and where to use his professional title. The other aspect is the privacy of conducts of professionals. Professionals argue that no one can investigate and question about their practices. In Sri Lanka, the term confidentiality is used to hide professional misconducts. For example, in Sri Lanka, students do not have a right to get the their evaluated answer scripts due to confidentiality. And, it is also a common practice of professionals to hide mistakes done by fellow colleagues. Reports such as the cause for 195,000 deaths per year in the USA is due to potentially preventable medical errors (In Hospital Deaths from Medical Errors, 2004) insists on the important having a look at professional misconducts which are usually covered up by the name of privacy or confidentiality. This researcher argues a privacy protective ethical framework would greatly contribute to solve the problem.

Surveillance:
Surveillance, which is a widely used to protect humans, building, and other valuable assets, is heavily criticized for its privacy invasiveness. Hidden surveillance cameras and covert surveillance worsen privacy invasiveness. Cameras that take x-rayed image are highly criticized for the invasion of bodily privacy. Apart from national security, public authorities use covert surveillance to prevent certain disorders. Though, it is claimed that surveillance are used for national security, several published and unpublished cases reveal the use of these techniques to suppress political opponents, human right activists, and to gain personal benefits. In democratic societies, laws and right groups insist on using 18

covert surveillance appropriately, only in necessary circumstances and proportionately for fulfilling their duties. Broadly, these duties are to identify and to prevent crimes and disorders. Thus, this leads to the question of what covered crimes and disorders are and what measures are considered proportionate to detect and prevent these crimes and disorders. In an English case, it was held that covert surveillance is not appropriate for detect dog fouling and putting rubbish bins before the scheduled time (Spy law used in dog fouling war. 2008). Therefore, it is important to have a set of guidelines detailing crimes and disorders and appropriate measures.

Criminal records:
One of the important personal data item is the criminal record held by law enforcing authorities. The fear of misusing criminal records by law enforcing agencies makes privacy of criminal records very important. In several Sri Lankan cases, old criminal records maintained in paper records were used to silence political opponents and human right activists. The situation will be worst when criminal records get digitalized and DNA data is collected. In England, Wales, and North Ireland, the DNA records of innocent people keep only for 6 years, but keep the DNA record of terrorism suspects keep forever (Six-year limit on DNA of innocent, 2009). However, even this practice is criticized for extensive retaining period and the appropriateness of keeping innocents data together with convicted criminals. Keeping criminal records of minor crimes is very serious issue. For example, a UK court allowed the police to keep criminal records including very minor offenses forever. For instance, one crime was committed 25 years and fined 15. Some problems associated with keeping criminal records of minor offenses are the fear of misusing criminal records by law enforcing agencies, being embarrassed in filling job and visa applications, the possibility of giving a false picture of the offender, and limiting the opportunity of changing the behavior. A false picture of the offender is given in cases where the offender has completely changed his attitude and behavior. On the other hand, a person who is labeled as an offender may keep on doing offenses since he cannot see a way to get rid of the label. In other words, he perceives that the society will never recognize him as a good person. Another important aspect is taking measures to protect privacy of victims and family members of the victims. For example, when one Sri Lankan opposition politician was assassinated, his family refrained from asking for proper investigation due to the fear that an investigation would reveal some embarrassing information.

19

Contact list and associated details:


Contact list and associated details are sensitive due to the fear of others communicating or establishing relationships with the people in the contact list, and exposing people in inner circles. The fears of sending misleading, disruptive, or defamatory messages etc. are some of the reasons for protecting contact list details. Additionally, some people are not happy with others establishing relationships with their close associates due to being jealous, the fear of loosing some benefits taking from close associates etc.. Some consider their contact details such as telephone number, email address are sensitive. This is mainly due to avoid being disturbed by unwanted messages and calls. However, some people, especially the young, use various means to disseminate their contact details. In Sri Lanka, it is very common to see various measures used by the young to disseminate their contact details. The motive behind this is getting attention and establishing new relationships. In the Internet, this is evident by the growing of the popularity of social networking sites.

Philosophical and religious beliefs:


Philosophical and religious beliefs are sensitive personal information in some countries. Sri Lankans do not have strong philosophical beliefs. But, they have strong religious beliefs and religious virtues. Though, no one or very few expressly stress the importance of privacy over religious beliefs, various means are used to hide certain religious practices. For example, a scholar who is against worshiping god said he visited a Hindu temple because he had to accompany his family. The European legislations insist on additional protection over religious and philosophical beliefs. Bad experience of dominated religions might be influencing factors for prescribing additional protection for this kind of information. A contrasting position on religious and philosophical beliefs between the west and the east can be seen. In the past, the west was reluctant to accept diverse views on philosophical and religious beliefs. On the other hand, the east welcomed diverse views on religious and philosophical beliefs. For examples, the Hinduism is a collection of religions and during the Buddhas period, there were 62 religions in India. In societies where one view was dominating and other views were suppressed, it is understandable to have high concern over the protection of philosophical and religious beliefs. However, today, the situation has changed. The west warmly welcomes diverse views. Therefore, there is no need for 20

additional protection for these information. This claim is supported by recent opinion polls conducted in the west. According to these polls, there is no demand for additional protection of philosophical and religious beliefs.

Political opinions:
Political opinion is very sensitive in highly politicized societies such as Sri Lanka where opposition supporters are highly discriminated. For example, sometime, it is difficult for them to receive even legally entitled benefits such as having equal opportunities in getting into government services and receiving various subsistence. Subsistence receivers are forced to attend various political activities conducted by the ruling party. Not only to express political opinion, but ordinary people also refrain from wearing read, green, and blue color cloths during election periods since these colors are used by the main political party in their election campaigns. Therefore, political opinion is very sensitive personal data in the east. The situation is different in the west, particularly in the USA. Therefore, political opinions are not considered as very sensitive personal information in the west. However, some political opinions such as supporting Nazi movement is considered a sensitive issue.

Birth related information:


Birth related information includes birth-time and place. These are considered sensitive in communities that believe in astrology. The perception that ones future can be predicted based on the planetary combination at the time of the birth makes these information sensitive. For example, if one has a particular planetary combination, which is known as raja yoga, the rulers are skeptical about that person. This is not something to laugh at since according to the BBC, one Sri Lankan astrologer was arrested for his predictions (Sri Lanka astrologer is arrested, 2009) . Therefore, many politicians publish false birth time, instead of the real birth time. In addition to that, birthplace is sensitive since it reveals ones caste. This can be seen where caste is used as a discriminatory factor. Some cultures consider age as sensitive personal information. Asking the age of a girl is considered offensive in Sri Lankan and other south Indian countries. It is also considered sensitive in some German and Austrian communities. The young do not consider age as sensitive information. But, when they get old, they tend not to disclose their true age. It was surprising to see that 44% of Indian

21

respondent indicated that they felt comfortable in sharing their age. However, my surprise disappeared when I realized that 75% of the respondents were between 23 and 35 (Kumaraguru & Cranor, 2006). In societies where old people get more respects, for example in Thailand, the age is not considered as sensitive information. In Sri Lanka, when a child was born, the monk in the village temple was asked to prepare a horoscope based on the birth time and place. The village temple never maintained a record of childbirths. In contrast, Swedish churches used to keep records of newborn children3. This practice was one of the reasons for demanding data protection legislations. For example, Sweden was the first nation to introduce national data protection legislation 4. This shows that retaining records makes data protection important. On the other hands, when there is no retention of personal data, there is no need for data protection laws and guidelines.

The right to be left alone


Among various aspects covered by the right to be left along, two important aspects are rights to decide what to watch and hear. For example, a person should have a right not to watch violence news items. Studies have also shown the affects of watching violence movies. Another example is the right to watch a film with no or a few commercial advertisements. A concrete example is playing commercial advertisements by Swedish mobile operators without the consent of the caller. This practice is criticized. The practices of displaying headlines of news items at the bottom of every televisions programs and telecasting news at every hour violate the right to decide what to watch and hear. An extremely rare example is that one day, I noticed the display of my digital clock was covered with a yellow sticker. When I asked for the reason, my apartment mate told me that he did not want the time to force him. In other words, he wanted to work with his own pace. The second case of being left alone is being isolated. One approach taken by spiritual practitioners and meditators is going to very isolated places like the forest that give peaceful environment for practicing mindfulness. Another approach is going to very crowded places with a belief that one is not being monitored in very crowded and remote places.
3 The reason for churches t keep records of all Swedish citizens was initially to know how many soldiers the state of Swedish could call. This practice went back to the 16 th Century. 4 The first data protection legislation introduced by a German federal state, Hesse, was applied only to that state.

22

Data retention
An important aspect of privacy is data retention and the retaining period. This is because, once personal data are revealed, it is difficult, sometime impossible, to take the control back. The best protection measure is not retaining personal data. However, it is not possible in many cases. The alternative measure is limiting the data-retaining period. These issues were not seriously discussed when personal information was stored in books and papers, since in the past, only very important personal information were retained due to inconvenience and cost. Additionally, it was not easy to find the relevant information from record rooms that contain a large number of files. This situation has changed due to capabilities of information technology, which have contributed to efficiently retain and retrieve personal data. The storing capabilities at a low cost facilitates and encourages retaining personal data a longer time period, sometime indefinitely. Additionally, the searching and sorting capabilities of information technology has facilitated to find a record in a second. It is imperative to mention that only bad activities often got recorded. For example, law-enforcing agencies are only interested in offensive behaviors and activities, and there is no authority to record good behaviors. In summary, in the past, only very important personal data were retained and it was costly to retrieve records; and today, almost every personal data gets recorded and can be retrieved in a second. The above discussion has to be taken together with the way in which human brain works. Though, human brain has immense storage and efficient pattern matching capacity, forgetting information and delaying in retrieving information are two fundamental characteristics. On the other hand, information technology has completely opposite capabilities and capacities. Therefore, with the widespread use of IT, forgetting and delaying characteristics have drastically reduced 5. Additionally, all most all-bad activities are getting recorded. Therefore, it is matter of time to retrieve all bad behavior of citizens. Usually, only governments and large business organizations have these capacities. Additionally, hackers with malicious intentions may also gain access to personal information repositories. This situation has worsened due to the capabilities of capturing information transmitted over networks and deriving personal information from the captured communications. The human mind keeps both good and bad behavior and human memories get forgotten over the period of time. On the other hand, in the IT world, most of the bad activities get recorded and can be retrieved in a second. This makes information privacy very important in the digital era. Another factor that makes information privacy very important in the digital era is that technology has given access to
5 I was told that there are systems that automatically prevent accessing data after pre-defined time periods.

23

personal information to people who do not have legitimate need to access personal information. For example, technical staffs get access to personal information that was previously accessed only by administrative staff. For example, one Sri Lankan professor was very reluctant to use the university email system due to the fear of system administrators reading his messages. This discussion insists on the important of taking information privacy into account in designing and developing information systems. This argument is further discussed under the privacy issues in modern information systems. Disseminating personal information to a large number of people is another factor that makes information privacy important in the east. It is argued that privacy is not considered important in collective societies (Kumaraguru & Cranor, 2006). However, the way in which information is disseminated makes privacy very important. In other words, there are enough reasons to protect personal information in the digital era since personal information is disclosed to many people and retain a very long period of time. For example, ordering a pizza online may keep the record of who ordered, when, where, how much etc. for a considerable period of time. Depending on business procedures and national data protection and data retention legislations, these kinds of information may retain with the hands of many parties such as banks, processing organizations, merchants, delivery agencies etc..

Privacy and cultures:


Several index are used to understand the relationship between privacy attitude and cultures. Individualism Index (IDV) and Power Distance Index (PDI) by Hofstede (1983) are two of leading indexes used to explain privacy attitudes. As reported in ClearlyCultural.com (2009) According to Hofstede, people in countries with high IDV more concern on privacy. Based on this index (Hofstede, 1983), United States (91), Australia (90), United Kingdom (89), Netherlands (80), Austria (79), New Zealand (79), Italy (76), Belgium (75), France (71), and Sweden (71) are more individualized societies. On the other hand, Guatemala (6), Venezuela (12), Pakistan (14), South Korea (18), and China (20) have lower IDV values. Despite these scores, I have experienced that some Swedes revealed their personal information to an extent that no Sri Lankan has revealed. I am also more comfortable in sharing my personal information with Swedes than Sri Lankans. Consciously or unconsciously, knowing that personal information is shared with a person who is not going to stay in the same country

24

might have encouraged the both parties to share personal information. Though, this might be a single instance that cannot be generalized, the underlying reasons may provide valuable lessons in developing information and surveillance systems. Mutual trust between parties is one important factor that significantly contributes to effective sharing of personal information. Even though, people trust their close associates and relatives, sometime, they do not share certain personal information with their close associates. The reason might be the fear of facing negative consequences when a conflict arises with them. Further explaining this position, it can be said that some people have fixed set of close associate with whom they share their personal information. On the other hand, some people, depending on the context, dynamically establish a group of people to share their personal information. Some people are extremely careful of their close associate getting to know about some personal information. For example, I was asked not to tell ones personal information to his sibling. Another example is that I have seen some people get extremely annoyed when the police informed their bad behavior to their parents. Being close, but not so close may be the right level of balance to build strong trust between parties. The most effective cause for sharing personal information is the elimination of information asymmetry. That is both parties are effectively engaging in sharing personal information. In other words, both parties placing trust on the other party. Therefore, in conclusion, it can be said that the use of Hofstedes indexes has little value in trust and attitude of sharing personal information. Another counter example against the appropriateness of IDV is mentioned in a Sri Lankan newspaper. According that article, despite the fact that Sri Lankan is considered as a collective society, a study has shown that students who got higher marks at the Grade 5 scholarship examinations are extremely individualized and self-centered [Lakmiba , December 2009]. The conclusion is that the indexes given for countries are not sufficient to explain the attitude and behavior of particular groups and individuals. One implication of the previous discussion is that some people feel more comfortable in sharing certain personal information with strangers. For example, in one occasion, I witnessed a lady sharing her sexual experiences online with a stranger. This might have some connection with the confession. Probably, the possibility of establishing a private space on the Internet is one of the reasons behind the success of social networking sites, where people can freely establish private sphere. This makes them more comfortable with sharing personal information. Therefore it is imperative to build privacy protection measures and educate users about the strengths and limitations in order them to take more 25

informed decisions. As mentioned before, many studies have superficially addressed privacy attitudes of the easterners. For example, Kumaraguru and Cranor (2006) have mentioned that one Indian respondent said [a]s an Indian mentality we always like to share things". Nevertheless, being in Sri Lanka that has very similar culture. I cant agree with this statement since even in collective societies, only certain personal information is shared within the family members. Furthermore, sharing personal information in collective societies does not mean sharing personal information with each and everyone in the society. Generally, a joint family has many layers and some information are kept secrete in each layer. On this ground, it is hard to agree with the quotation given by Kumaraguru & Cranor (2006). Today, even in the so-called collective societies, the collectivism is disappearing. Sharing service can be used to explain this phenomenon. Sharing services was very common in many countries including Sri Lanka in the past, but this practice is disappearing today. Furthermore, the practice of developing open source products and community-based services are more common in Austria, Germany, Holland, and Italy etc, compared to the countries in the Indian subcontinent. In Sri Lanka, the open source concept is considered as another business model. Another concrete example for missing collectivism in the eastern culture is that there are three temples in a comparatively small European city for a very few Buddhist monks despite the fact that sharing temples is one of the core Buddhist principles. In summary, there is no concept of sharing everything in collective societies and control over personal information is needed even for collective societies, especially in the digital era. Therefore, the importance of privacy should not be underestimated in the name of sharing, collective societies etc.. The previous sections discussed privacy issues of certain personal data items and the importance of privacy for them. The following sections discuss attitudes associated with various privacy issues.

Reasons for not caring about privacy


Opinion polls have shown that the young do not care about their privacy. Though, reasons are not clear, some possible reasons are the lack of understanding of the consequences of losing privacy, cost and inconveniences, bounded rationality, psychological distortions, ideology and personal attitudes, market behavior (Acquisti & Grossklags, 2003), and confidence to face future challenges. However, in simple terms, it can be said that the young would prefer enjoying today without worrying about tomorrow.

26

Additionally, some people themselves want to disclose their personal information for cheap financial gains such as discounts, lower the insurance premium, promotional offers, loyalty cards etc.. Another reason for disclosing more personal information is to improve credit ratings (New credit reporting", 2009).

Privacy and remedial measures


Some consequences of losing privacy affect not only the person concerned, but also his spouse, children, or other close associates. As mentioned under medical privacy, the family members of a medical doctor, who suffered from AIDS, faced many hardships when the medical data was exposed. Several published cases show how the invasion of privacy caused many hardships such as losing jobs, asking to resign from schools, and not giving university admissions. Not having adequate remedial measure is the biggest problem of losing privacy. The problem becomes worst when the disclosed personal information paints an incorrect picture due to outdated or inaccurate information. For example, the Sri Lankan state media telecasted a documentary of sexual life of an opposition political party leader. Though, in defamatory lawsuit, the state media used to plea guilty and agree to pay compensation, by that time, irrecoverable damage had been caused. However, in the developed world, these kind of defamatory cases are seriously attended. For example, former France prime minister was charged with plotting to discredit the current president (Sarkozy foe wins France smear row, 2010). Another issue is not having adequate measure in case of accidental disclosure of personal information. When I received an email message, I did not pay much attention to it. Later, I received another message asking me to delete the previous message. Furthermore, it was mentioned that the previous message was very confidential and had been sent to a wrong recipient list. To be honest, the second message made me curious to read the first message. When one is asked to delete a message, there is a high chance of reading the message instead of deleting it. On the other hand, everyone makes mistakes. The problem is how to take remedial measures in case of inadvertent disclosure of personal information.

Reasons for invading others privacy?


This section presents some influencing factors that cause one to invade others privacy. The most common factor that influences one to invade others privacy is to get an understanding of ones competitive position. For example, a student is interested in others examination results in order to 27

understand how good he is with respect to others. Invading privacy for making comparisons is very common in countries where the examinations are very competitive or insensitive are given on the performance basis etc.. However, it can be said that if one is willing to give his full energy for a particular task, a comparison has no or very less value. Another reason for invading privacy is to gather information with either innocent or destructive mind. People having innocent motives invade others privacy in order to make better decisions, identify new possibilities or to confirm the accuracy of decisions they have already made. For examples, one is interested in what another person reads in order to make a personal judgment. When one notices a book is being read by many people, particularly very prominent persons, there is a high chance of the former gets interested in that book. Similarly, one is interested in knowing where others go for shopping because he assumes that those shops have better deals. This is heavily used for marketing. For example, book reviews published by publishers and merchants such as Amazon. Knowing that many readers have appreciated the book, there is a high chance of another reader choosing that book. This process saves time, money, and prevents facing bad experiences. The other motive of gathering personal information is destructive. Gathering financial information such as information relating to fraudulent government subsistence, in order to complain about unjust enrichment is a good example. Another cause for invading privacy is to control others. For example, blackmailing. Governments are alleged for reading and listening personal communication of opposition members and human right activities in order to have a control over them. According to a BBC report, Police caught fans, who voted for a singer in a neighboring country, instead of voting for the singer in their country (Azerbaijanis in Eurovision probe, 2009; Eurovision changes privacy rule, 2009). Male and female student of Jaffna University, one of the Sri Lankan university in the Northern province, keep distance from each other due to the fear that they would be punished if they get caught of having a love affair. The punishment is deliberately reducing examination results. This is related to professional privacy, which was previously discussed. Privacy is also invaded to detect and prevent criminal activities and misbehaviors. Good example is invading privacy of alleged copyright and digital right violators. Media reported that a German doctor was tried for killing patients by giving excessive painkillers. Despite the fact that insurance companies are often accused of invading medial privacy, this case was brought up by an insurance company 28

(German doctor tried for 13 deaths, 2009).

Strategies used to preserve privacy?


The previous section presented reasons for invading privacy. This section presents various strategies used to preserve privacy against privacy invasive efforts. The straightforward way of preserving privacy is being straight and refuse to disclose personal information. For example, it is very common to notice small notice boards stating private in Switzerland. However, this is not possible in many cultures. For example, in China, a person, who refuses to provide personal information due to the fear of invading his privacy, is considered as a bad, non-trustworthy person (Cline, 2009). The widely used mean to protect privacy is telling lies. Other means are diverting the direction of the discussion or question, telling something totally irrelevant, information overloading, giving contradictory facts etc.. In Sri Lanka, the common practice of receiving donation is writting the amount and the name of the donor in a book. Sometime, a receipt is also given. This practice is to make the donation process more transparent and prevent mishandling of the donations. But, today, by making a cold competition among donors, it is used as a tool to get big donations. One of my experience is that, a Hindu temple in Jaffna 6 follows an interesting practice for protecting the identity of the donors. In this temple, donors are asked to open a drawer and put the money. This is similar to a donation box, which is normally used for donating small amounts, especially coins. Asking the reason for having this practice, it was said that the purpose is to guarantee equal and fair treatments for all devotees. In another instance, I witnessed removing all identity information attached to gifts received at a wedding. This practice makes it free for one to donate the amount one is willing to donate, without being discriminated or praised. In other words, this facilitates to practice true generosity. Destroying evidence is also used to protect privacy. Being reluctant to say that one had already visited a doctor, a patient removed diagnostics details before visiting a second doctor. Though this is very stupid and unnecessary, the patient was compelled to do this since there is a perception that doctors do not like patients visiting other doctors.

6 A city in the northern part of Sri Lanka

29

Wearing cloths is a mean to protect bodily privacy. Additionally, some customary practices also protected bodily privacy. Wearing a ring on the toe of a married womans legs was a tradition in the Northern Sri Lanka. The purpose of wearing the ring is to indicate her marital status. Thus, men were not supposed to look at the face of the woman wearing a ring on her toe. Though, it is not sure the efficacy of the tradition, it is clear that there were some practices in the past to respect others privacy. The concept of pseudonymous is applied to obtain unbiased opinions. Sri Lankan university students are legally required to write down only the index number on answer scripts and examiners are given only the index number. The examination department handles the linking between the index number and true identity of the students. However, a large number of complaints of violating this practice is reported. On the other hand, Swedish university students wrote their names on answer scripts. Today, Swedish students have two options: writing their names or codes (pseudonymous). This shows, at least in theory, how privacy is regarded more important in Sri Lanka with compared to Sweden. The blind review process is another similar practice to obtain unbiased opinions.

Consequences of excessive privacy:


Even though privacy is important, there are some negative consequences associated with attempting to protect privacy. As a result of demanding excessive privacy, privacy fundamentalists creates a boundary around them. Loosing trust is one of the main negative consequences of attempting to maintain an excessive level of privacy. An example given in the previous section explained how the Chinese perceive privacy. Effective information sharing and building friendships happen when parties are convinced that each one is willing to share information. When one party perceives that the other party is attempting to hide some information, including personal information, it negatively affects effective sharing of information and building friendships. One example is that when a party gets to know that the other party has unnecessarily set the status to busy, invisible or away on online chat programs such as Skype, and Google talk, the long term relationship is badly affected. Furthermore, being on invisible mode may be considered as a kind covert surveillance. It is needless to further explain, other privacy preserving techniques such as telling lies and diverting the topic very easily loosing the trust between parties. Therefore, it is important to educate the users about the consequences of taking excessive measures to protect privacy.

30

Privacy issues in modern information systems:


The previous sections discussed the important of privacy by covering various personal data items, privacy preserving and invading techniques, consequence of lack of and excessive privacy and how information privacy becomes an important issue in the information era. This section prescribes some privacy protection measures to be taken in designing, developing, and operating information systems. Information systems should be designed such a way that access to personal information is limited to minimum number of authorized persons and only for assigned official tasks. Data protection guidelines and legislations also have stressed this point. Though, many organizations have taken strong security measures against unauthorized access by outsider, adequate measures have not been taken to protect personal information from insiders. Being reluctant to use internal communication systems for exchanging sensitive information clearly shows the lack of protection measures taken to protect personal information from insiders. For example, media reported that personal email message of the leader of opposition of Sri Lankan parliament was obtained and published with the help of an employee working at national telecommunication provider. A number of initiatives have been taken to computerized manual systems. However, it is reported that 50% of investment on information systems is wasted (Basden, 2007). Though, there is no evidence to claim that the lack of privacy is one of the contributory factor, it may be a factor. A simple example illustrates the importance of protecting privacy in designing information systems. Before getting married, both parties have to inform the local marriage registrar. This is to meet legal requirements and religious obligations. The registrar announces the intended marriage on a notice board. This is to inform the public and to give an opportunity to raise objections against the proposed marriage. This mechanism has been in operation for many years. This system worked well in small communities. However, today, it is not so effective since few people stay in local places and usually one of the partners comes from another place. One solution is implementing a publicly available online marriage registry and notification system. Such system fulfills the initial objective of publishing the details of proposed marriages to a wider audience. However, some pointed out the danger of such online system. The danger is that interested parties can easily get to know when and with whom their ex-girl/boy friends are getting married, which was not easy with the traditional manual system. A kind of barrier to get this information is important since some people want to hide their marriage from former girl/boy friends due to the fear of sabotaging the wedding by angry ex-partner. Media often reports attempts to

31

sabotage such weddings. The trend of forgetting previous affairs is natural. However, mere online system, without proper built-in privacy features, makes it possible to keep an eye on ex-friends wedding. As this simple example emphasized, information systems should be designed with minimum impact on privacy and should not allow bad things happen. There are several cases that show users are not fully confident with privacy protection given in the modern communication systems. Some people prefer voice communication to typing text messages on online chat programs. One of the reasons is the fear of using the recorded conversation against the party. Not widely using the voice recording feature might have contributed to this false impression. Additionally, instead of using Internet based communication systems, the conventional telephone system is used for having sensitive discussions assuming the conventional telephone system is more secure. Extremely concerned people prefer face-to-face meeting under the assumption that the other party never gets a chance to record the conversation. Some extremely concerned people are afraid of others taking minutes. Several online communication programs, for example, Google talk has some privacy preserving mechanism. However, more improved privacy preserving and trust building mechanisms based on both legal and technological measures are needed. For example, in some states in the USA, taping conversations and filming in private places with out the consent of both parties is illegal (Freivogel, 2009). The challenge is implementing these features in communication systems. The above sections discussed how technology created a big threat to privacy and the importance of privacy preserving and trust building mechanisms in designing and developing information systems. On the other hand, information technology, especially the Internet, has provided a number of means to preserve privacy. For example, social networking sites have created separate private spaces, where likeminded people can communicate. Therefore, it can be said that having a separate private space for likeminded people may be one of contributing factor for the widespread use of the Internet. Another example, in communities where believing and practicing another religion is considered as extremely bad, the Internet has provided opportunities to practice other religions to a certain extent. Technology has also been used to prevent disturbances cause by technology. For example, a Kenyan mosque used technology to jam mobile calls during prayers (Kenyan mosque jams mobile calls, 2009). The previous section presented how a new private space has been created as a result of innovative technology. Likewise, technology can further be used to meet existing privacy demands. For example, anonymous communications can be used to preserve privacy of students who are shamed to raise 32

questions in a class. Sharing these questions and answers without disclosing the identity of questioners contributes to improve the quality of education. As exemplified here, IT has great potential of exploring new avenues while preserving and enhancing privacy.

The important of privacy in the East


Many argue that there is no need for privacy in eastern countries and data protection laws are being implemented due to the western pressure, particularly from the European Union. Though, it is true that data protection laws are being introduced to secure outsourcing contracts, many reasons insists on the importance of introducing proper personal data protection regimes to the east. Changing attitudes is one of the important factors that makes information privacy very important in the east. One way of defining happiness is the gap between the desires and the possessions. In the past, the easterners attempted to achieve happiness by lowering the desires while the west increasing their possession. However, today, the opposite is happening. Attempting to increase individuals wealth, the Easterners are creating private spaces around them and becoming more individualists. This attitude change is one factor that makes privacy important in the east. As mentioned before, disseminating personal information to hands of many people and retaining a considerable period of time make information privacy important in the east in the digital era. Another factors that makes taking privacy protective step important is the experience of misusing the western concepts. For examples, in the multi-party system, which was adapted from the British, several people are killed during the election period in many developing countries including Sri Lanka. Likewise, while developed nations use the Internet for fruitful political discussions, the developing nations heavily use the Internet for mud sliding. Therefore, it is prudent to take proactive privacy protection measures while the Internet gets spreading. Otherwise, it would be too late to take preventive measures. Stressing the importance, it can be said that learning lessons from the west and taking proactive measures at this point is important, instead of facing the same problems the west faced. As mentioned in this article, a large number of privacy violations are reported in Sri Lanka. However, a public outcry cannot be seen. This is not surprising since there is no public outcry against woman rights, right to information, good governance, etc.. I was told that human rights activists and pressure groups are inactive due to the fear of their protection including protection over their personal 33

information. Thus, privacy and data protection is important to make conductive atmosphere for human right activists and pressure groups. Another debating issue is how to make the easterners follow data protection rules and guidelines. As mentioned before, a simple translation of the Western data protection rules to eastern national languages does not work. For example, yin-si, the Mandarin word for privacy means a shameful secret. But, this translation does not give a broad, true and fair picture of privacy. These kinds of words create barriers for fruitful dialogs on privacy. Thus, scholarly works are needed to identify proper native terms. Another possible step is insisting on privacy based on local religions. For example, one of the Buddhist precepts is refraining from stealing. But, It is not sure how many Buddhist consider others personal information as their personal assets. Convincing the Buddhist that others personal information is part of their assets and misusing them is a violation of Buddhist precept would make them to respect others privacy.

Conclusion
This paper argues that privacy is not a western concept, but it is inherited in some eastern cultural and religious practices. Furthermore, it argues that there is demand for privacy in the east, despite opinion polls and scholarly articles mention otherwise. Additionally, this paper explains how to teach privacy and change attitude toward respecting others privacy. This explanation shed lights on the debate of the possibility of protecting personal information in countries that do not have data protection legislations. This paper also explains why a set of personal information is considered sensitive in some societies, but not others. All these efforts contribute to establish a common understanding on the subject, which is essential to introduce a global data protection regime. Though, there is a European data protection directive that mandates all member countries to guarantee a minimum level of data protection by adopting national data protection legislations, it is not possible to introduce a global data protection framework due the lack of common understanding on the subjects. This paper takes a step to build a common understanding, which is essential in developing a global data protection regime. In summary, this discussion leads to understand when, where, and what level of privacy is needed for the advancement of the society. Elaborating some realworld examples, this paper discussed the 34

importance of information privacy for information system researchers. At the end, this paper stressed the importance of privacy in the East and suggested some privacy preserving measures.

References
Acquisti, A., & Grossklags, J. (2003). Losses, gains, and hyperbolic discounting: An experimental approach to information security attitudes and behavior. Presented at the Annual Workshop on Economics and Information Security (WEIS 03). Adams, A. A. (2007, November). Privacy saved my life -Privacy in Japan. Retrieved June 17, 2011, from http://garea.blogspot.com/2007/11/privacy-in-japan.html Anura Bandaranaike v. W.B. Rajaguru Inspector General Of Police And Others. (1999). SLR (Vol. 1, p. 104). Azerbaijanis in Eurovision probe. (2009, August 18). In BBC News. Retrieved July 6, 2011, from http://news.bbc.co.uk/2/hi/europe/8205907.stm Basden, A. (2007). Philosophical frameworks for understanding information systems. PA,USA: IGI Global. Buddha Dharma Education. (2011). Treasury of Truth (Dhammapada) Chapter 4, Flowers. Retrieved July 6, 2011, from http://www.buddhanet.net/dhammapada/d_flower.htm Catechism of the Catholic Church. (2002). Continuum International Publishing Group. ClearlyCultural.com. (2009, July 11). . Retrieved June 28, 2011, from http://www.clearlycultural.com/geert-hofstede-cultural-dimensions/individualism/ Cline, J. (2009, June 29). You say 'shameful secret,' I say 'privacy' - Computerworld. Retrieved June 28, 2011, from http://www.computerworld.com/s/article/9134947/You_say_shameful_secret_I_say_privacy_ Court refuses to give permission to CID to elicit information on the source of news from Lanka e news Editor. (2009, November 24). In lankaenews.com. Retrieved June 27, 2011, from http://www.lankaenews.com/English/news.php?id=8707 Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the 35

Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of such Data. (1995). The European Parliament and of the Council. Eurovision changes privacy rule. (2009, September 18). In BBC News. Retrieved July 6, 2011, from http://news.bbc.co.uk/2/hi/entertainment/8263437.stm Freedom of the Press Act - Wikisource. (n.d.). . Retrieved June 23, 2011, from http://en.wikisource.org/wiki/Freedom_of_the_Press_Act Freivogel, W. H. (2009, September 9). St. Louis Beacon - Acorn sting may have used illegal videotaping. Retrieved June 28, 2011, from http://www.stlouisbeacon.com/voices/blogs/lawscoop/11683 German doctor tried for 13 deaths. (2009, October 20). In BBC News. Retrieved June 28, 2011, from http://news.bbc.co.uk/2/hi/8316758.stm Herrmann, D. S. (2007). Complete guide to security and privacy metrics. CRC Press. Hofstede, G. (1983). The cultural relativity of organizational practices and theories. Journal of international business studies, 7589. In Hospital Deaths from Medical Errors at 195,000 per Year USA. (2004, August 9). In medicalnewstoday.com. Retrieved June 27, 2011, from http://www.medicalnewstoday.com/releases/11856.php Kenyan mosque jams mobile calls. (2009, July 17). In BBC News. Retrieved June 28, 2011, from http://news.bbc.co.uk/2/hi/8155628.stm Kumaraguru, P., & Cranor, L. (2006). Privacy in India: Attitudes and awareness. In Privacy Enhancing Technologies (pp. 243258). McDonald, A. M., & Cranor, L. F. (2008). The cost of reading privacy policies. ACM Transactions on Computer-Human Interaction, 4(3), 122. Murata, K., & Orito, Y. (2008). Rethinking the concept of the right to information privacy: a Japanese perspective. Journal of Information, Communication and Ethics in Society, 6(3), 233245. New credit reporting laws could help SMEs. (2009, October 15). In smartcompany.com.au. Retrieved

36

June 28, 2011, from http://www.smartcompany.com.au/finance/20091015-new-credit-reportinglaws-could-help-smes.html Organisation for Economic Co-operation and Development. (2002). OECD guidelines on the protection of privacy and transborder flows of personal data. Rosen, J. (2001). The unwanted gaze: The destruction of privacy in America. Vintage. Ruling on NightJack author Richard Horton kills blogger anonymity. (2009, June 17). In the Times. Retrieved June 27, 2011, from http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article6509677.ece Saad, A. R. (n.d.). Information Privacy and Data Protection A Proposed Model for the Kingdom Of Saudi Arabia. Citeseer. Retrieved from http://citeseerx.ist.psu.edu/viewdoc/download? doi=10.1.1.137.3785&rep=rep1&type=pdf Sarkozy foe wins France smear row. (2010, January 28). In BBC News. Retrieved June 28, 2011, from http://news.bbc.co.uk/2/hi/8484728.stm Six-year limit on DNA of innocent. (2009, November 11). In BBC News. Retrieved June 27, 2011, from http://news.bbc.co.uk/2/hi/uk_news/politics/8354850.stm Spy law used in dog fouling war. (2008, April 27). In BBC News. Retrieved June 27, 2011, from http://news.bbc.co.uk/2/hi/uk_news/7369543.stm Sri Lanka astrologer is arrested. (2009, June 26). In BBC News. Retrieved June 27, 2011, from http://news.bbc.co.uk/2/hi/8120859.stm Sri Lankan businessman dies after being arrested and tortured. (2006, August 8). In WSWG.org. Retrieved June 27, 2011, from http://www.wsws.org/articles/2006/aug2006/sril-a08.shtml United Nations. (1948, December). The Universal Declaration of Human Rights. Retrieved June 17, 2011, from http://www.un.org/en/documents/udhr/index.shtml United Nations. (1966, December). International Covenant on Civil and Political Rights. Retrieved June 17, 2011, from http://www2.ohchr.org/english/law/ccpr.htm

37