Enterprise Software

Weekend Reading—Database Nation

Will the bag of chips you buy at the grocery come back to haunt you when you try to purchase insurance? Simson Garfinkel offers a warning to us all in <I>Database Nation</I> about the lack of privacy that permeates even the most mundane aspects of our lives.


By Simson GarfinkelO'Reilly & Associates, Inc., 2000312 pages, hardcoverISBN: 1565926536Price: $17.45 at Fatbrain.com
What's your day been like? Have you posted something to a newsgroup, left a voice mail message, visited your doctor, filled a prescription, or paid for something by credit card? If so, you've given more substance to your data shadow.

That's a term Simson Garfinkel has borrowed to describe the data trails we leave behind while living our modern lives. Records of our phone calls, purchases, and Internet activities don't die when bills are paid, receipts hit the trash can, or the computer is turned off. Instead, data is warehoused on the hard drives of corporations and marketers. And the data will probably even outlive us, leaving rich archaeological deposits for future data miners to dig into.

Is Kid Brother watching?
Garfinkel's book, Database Nation: The Death of Privacy in the 21st Century, documents the many ways—some obvious and some subtle—that we're trading away our private information for the sake of convenience, as well as the ways in which it's being stolen from us.

"The future we're rushing toward isn't one where our every move is watched and recorded by some all-knowing 'Big Brother,'" he writes. "It is instead a future of a hundred kid brothers that constantly watch and interrupt our daily lives."

It's a future ruled by marketers who'll have glommed onto your personal information, pegged you, cross-referenced you, and made suppositions about you. Those with something to sell will bombard you with customized, automated, one-on-one offers. Imagine e-mail spam, but worse.

Along with painting alarming future scenarios, Garfinkel spends time debunking current assumptions. For example, did you know that hospitals aren't prohibited by law from divulging your medical information? Yes, there's doctor-patient confidentiality, but that confidentiality doesn't extend to clerks, lab techs, or any of the hundreds of hospital employees with the potential to tap into computerized records.

Theft of hospital records and even identities
Privacy is something hospitals do strive toward and caution employees about, but "few state or local laws criminalize the unauthorized release of medical records," Garfinkel writes, pointing to the example of Nydia Velazquez. After she was nominated to serve in Congress, someone from a hospital anonymously faxed to the press hospital records detailing Velazquez’s treatment after a suicide attempt several years prior.

Another surprising tidbit is that victims of identity theft—in which someone else takes out credit in your name and lives the high life, leaving you all the bills—aren't the innocent people who end up with all the debt and hassle. According to the law, it's the credit card companies who are legally considered the victim. The poor sucker who has to spend the next three years of his life on the phone fending off irate creditors is on his own.

Will government come to the rescue?
Garfinkel believes government legislation will be the big stick to beat back privacy invasions. Corporations that make money by obtaining and spreading the details of your lives, whether to sell magazines or target customers for pharmaceutical drugs, aren't going to voluntarily rein in their powers.

For an example of government to the rescue, Garfinkel advises looking to the credit industry. For decades, the credit report has defined a citizen's ability to make major life purchases, yet people weren't allowed to view their own reports or challenge false information contained inside until Congress passed the Fair Credit Reporting Act of 1971.

But he also warns that government must be closely watched, because even innocent efforts can become subverted over time, or be exposed to "mission creep." The social security number is an example of something whose mission has "crept."

Originally, the number was intended simply to keep track of a worker's earnings. Now it has become the "universal identifier for American citizens." And people who know it, along with a few other pieces of your private puzzle (mother's maiden name, address, telephone number), have enough information to attempt identity theft. All they need to do is intercept one of the hundreds of credit-card offers you receive every year in the mail. Or go through your trash. Or find one of your credit card numbers in yet another database.

Garfinkel also explores privacy ramifications in biometrics, such as unique physical characteristics like fingerprints and iris patterns that may become your future "proof of ID." And he ponders how government response to future terrorism may strip rights and privileges from the average citizen's life.

If you think you can handle more, there’s a bibliography
Garfinkel copiously annotates points and passages throughout the book, and if you're interested in reading further on privacy matters you can refer to the extensive bibliography.

Should you pitch your grocery store card?
Database Nation is a book to validate beliefs held by the paranoid: Yes, you're being watched, but probably not by those you thought had their eyes to the peepholes. And if it doesn't scare the rest of us, it'll make us think.

It's making me think I should pitch that Kroger Plus Card. Will that $5 I save per visit really be worth it if I end up having to explain a history of tortilla chip purchases to an insurer tsk-tsking over my cholesterol level?

Lauren Willoughby is a freelance writer.

If you'd like to share your opinion, please post a comment at the bottom of this page or send the editor an e-mail

Editor's Picks

Free Newsletters, In your Inbox