Andrew Limo
31 October 2008
opinion
It feels nice to be on the receiving end of technology, especially when it is helping you solve some problem.
The other day, I lost a slip the camera repair shop had given me and I did not know how they were going to sort me out. Luckily, the shop was a smart one -- the kind that stores whatever they handle in computer databases.
With a smile, the lady asked me to give her one or two pieces of the following information: my name, identity card and telephone numbers and the camera type and make. She fed the information into her computer and, after a few minutes, printed a duplicate slip and gave it to me.
Imagine if she worked in an establishment where paper records are kept in files and folders stored away in old metal cabinets. Would you blame her if the thought of looking for the information stressed her and was unwilling to help?
Since it's easy to store and retrieve digital information, many organisations find themselves keeping lots of client information, some of it stuff that has outlived it usefulness.
We are always giving out information about ourselves when seeking services or going through a security check, and we trust that people collecting personally identifiable information (PII) about us will keep it safely and use it only for the intended purpose.
PII is data that is unique to an individual's name, phone number, residential address, e-mail address as well as identity card, vehicle registration and credit card numbers. Sometimes an organisation passes on clients' PII without authority.
A breach of privacy could also come about as a result of carelessness on the part of the employee who fails to take security measures. Quite often employees ignore simple things like securing the computer passwords.
In an age where most transactions are electronic, a bad guy accessing your PII can use it to steal your money, or sell it to marketing organisations which then bombard you with unsolicited SMSs and e-mails promoting their wares.
Largely, a PII is collected by schools, hospitals, supermarkets, internet and telephone service providers, call centres, customer care and websites.
People running such organisations or services ought to be aware that they are responsible for any information they keep.
We must be concerned that modern fax machines and photocopiers store data and must, therefore, be purged after accomplishing a task. Most digital devices are getting smaller even as storage capacity increases.
And since laptops, PDAs (personal digital assistants) and memory sticks are portable, they are easily lost or stolen.
To appreciate the consequences of a breach of privacy, imagine someone analysing your drug-buying habits concluding that you are diabetic or have a terminal disease.
This is not the kind of information your health insurance would like to have, and a digital crook will make it available for a fee.
Kenya is yet to enact a comprehensive law to address privacy issues, especially in the internet environment.
The e-transaction Bill, 2007, which it is hoped MPs will see the urgency of passing it into law, says: "Personal information shall not be collected and stored unless, where the purpose for collecting information has expired, the record-keeper must within reasonable time delete or destroy all personal information subject to any statutory regulations".
Collecting data per se does not constitute a violation of privacy. It is the usage that does. Therefore, it is prudent to use personal information for the stated purpose only.
In most cases, you need to tell people why you are collecting information about them before and not after they have given it to you. Then you must have a date by which to remove the data you have collected.
In the camera repair shop case, I am wondering how long it will keep the information on me and my camera?
Since I am a law-abiding citizen, I am not bothered about how long it keeps the data. What bothers me is the possibility of crooks hacking into the shop's databases and using my PII for sinister motives.
Be the first to Write a Comment!
Copyright © 2008 The Nation. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.
AllAfrica aggregates and indexes content from over 125 African news organizations, plus more than 200 other sources, who are responsible for their own reporting and views. Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica.
