|Book Reviews |
Privacy & Individual Rights
Commerce, Security, & the Law
Net Culture, Art, & Literature
International Affairs & National Security
Ethics, Rhetoric, & Metaphysics
Science Fiction Other Resources
Other Book Review Sites
| By now the variety of ways governments, corporations, and other
individuals can violate one's privacy are well known, so you might well ask why another "this is how you are vulnerable" book
is needed. In the case of Simson Garfinkel's Database Nation, the answers are clear: the author's technical abilities
and understanding of the role technology plays in society, the book's new look at medical privacy is of a type I had not seen
before in the popular literature, and the depth of Garfinkel's inquiry into each type of privacy intrusion.
That said, Garfinkel's book does cover a lot of familiar ground. For example, he describes how supermarket affinity cards, warranty cards, and cell phone networks can be used to track individuals' preferences and, in the case of cell phones, their physical movement. He also goes into significant detail about advanced identification technologies, including retina scans and DNA analysis, that can be used to identify and track individuals, but those technologies serve as a lead-in to the issue Garfinkel seems to regard as the most serious: medical privacy.
Chapter 6 goes into more depth than any other published account I had seen of how medical information is distributed within the medical community. At the center of those transactions is the ominously-named "MIB", or Medical Information Bureau (not "Men In Black", though the unspoken parallel is amusing). The MIB collects medical information entered on insurance forms and into personal records and sells that information to companies that need to set insurance premiums for applicants. What gives the MIB the right to collect that information? Patients give them that permission when they consent to receive treatment - page 136 contains the disclaimer on the bottom of an insurance form that gives medical practitioners the right to share the information derived from any examination or procedure with the Medical Information Bureau.
At the end of Database Nation, Garfinkel offers a legislative solution for strengthening privacy protections in the United States. In particular, he calls for the government to establish an executive agency charged with enforcing existing privacy laws and acting as an ombudsman for individual privacy. The problem with such an agency is that it would not have the legislation behind it to protect privacy adequately. As Garfinkel himself argues, the existing protections against private sector use of personally identifiable information are toothless; at best, they allow individuals to "opt out" of mailing and telephone solicitation lists. The new medical privacy standards the White House offered in early 2000 (after the book went to press) go part of the way to solving some of the problems mentioned Garfinkel describes, but in all his solution is far too feeble to result in meaningful privacy reform.
Database Nation continues the growing tradition of O'Reilly books that cast technology in its social context. That movement started with a pair of market research reports (one on the size of the online population, the other an investigation of the secure web server market) and continued with Stephen Talbott's The Future Does Not Compute (a cautionary book that critiques the role of computers in society in general and education in particular); Cracking DES (a complete technical specification for the brute force encryption key locater built for $200,000 by the Electronic Frontier Foundation); and Open Sources, a collection of essays from leaders in the open source software movement. It's heartening to see such an influential technical publisher offering books that examine technology's role in society.
--Curtis D. Frye, Editor of Technology & Society Book Reviews