In a perfect world, consumers and employees would have complete control of any data that is specifically about them. They could choose who gets it and how it can be used. Crucially, they would have constant access to a list of where and how their data is being used, and they could edit it at whim.
But you might have noticed that we don't live in a perfect world.
Various privacy advocates have sought such user privacy controls, with European telecom giant Orange being the latest to champion the idea. Beyond the calls for action, little has actually happened. This will be hard for many of you to believe, but the company that has come closest to delivering a tool that could give users more control over their data was Google, which tends to view privacy the way Superman views Kryptonite. Rest assured, though, the release of that tool to the public was unintended and Google quickly shut it down. Perhaps when Google saw the Electronic Frontier Foundation applaud the tool, the company realized that it had accidentally served up something that was Google poison.
The question of whether such privacy controls would be good or bad for business and society is complicated. Used properly and respectfully, personally identifiable information (known as PII, in IT's acronym-loving way) can truly help companies deliver far better services. Amazon is perhaps the best example of a company that loves to leverage PII while being disciplined and restrained enough to (usually) not be obnoxious about it.
As for consumers, unless they really understand at a fairly sophisticated level how their information is to be used, most of them are not in a position to make the decisions about their own data that best serve their own interests.
As it turns out, though, the practical realities of IT spare us from having to make these decisions at a "what is best for society" level. That's because the only privacy call that can pragmatically work is to refuse from the get-go to let a company collect any of your personal data. The reason is that, once data is in a system, it really can't be removed -- at least not completely. It's as if the data has entered a Mobile IT Roach Motel: Data can check in, but it can never check out. (If you recognize the tagline from those iconic Roach Motel ads of the late 1970s, you can watch one on YouTube. But I should note that roaches don't seem to have it as bad as data: There is evidence that some German cockroaches have developed an aversion to glucose, which is used as bait in the traps, and are passing this trait on to their offspring. Yeah, I think it's safe to conclude that cockroaches will indeed outlive humans.)
Getting back to consumers, their data is really difficult to take back. It is not as if the data exists in only one place and can easily be deleted. That simply isn't how it works. Once duly authorized and collected, consumer data gets plugged into dozens of databases and shared with just as many departments, consultants and partners. The data is parsed and backed up, and the chances that anyone can accurately list every place where that data exists are roughly nil. That's why it's ludicrous to believe that you can change your mind and demand that all the data you let a company collect be removed. Block it initially? Sure. Get it back later? Not going to happen. There will always be copies floating out there somewhere.
And that's true even with the anonymous/aggregated approach. Yes, a company that aggregates the consumer data it collects only analyzes that data in the aggregate, and the aggregated data is anonymous. But all that data arrived in unaggregated form and far from anonymous, and that raw data certainly still exists in a database somewhere. Probably more than one, which brings you back to the question of how to corral all those data roaches that are running around the company's systems.
The cynical view of all this is that corporate advocates of privacy want to offer consumers the illusion of privacy control without having to deliver actual control, since the consumers have no way of knowing whether the data they have decided to "take back" has been actually removed. It's the business equivalent of the time-honored politician's trick of voting against a bill unpopular with constituents, knowing full well that it will pass anyway.
I can think of no practical way for a Wal-Mart, Exxon, Nabisco or Hilton to remove specific pieces of data once they've been absorbed. That means that corporations are going to have to stop making consumers privacy promises that they can't possibly keep. Assuming, of course, that you want to be honest. If you don't, that's something you really want to keep private.
Evan Schuman has covered IT issues for a lot longer than he'll ever admit. The founding editor of retail technology site StorefrontBacktalk, he's been a columnist for CBSNews.com, RetailWeek and eWeek. Evan can be reached at firstname.lastname@example.org and he can be followed at twitter.com/eschuman. Look for his column every Tuesday.