Openness as a Privacy Protection Strategy

Computerworld - The challenge that new computer, network and sensor technologies pose for privacy is now beyond dispute. At the forefront of social, legal and business struggles over defining privacy in an age of increasing exposure of personal information is the
transparent enterprise.
As I discussed in two earlier columns , our enterprises are increasingly transparent. We see growing linkages among previously stovepiped databases. Web services and semantic Web technology will connect information stores of partners that span enterprise boundaries, and our networks are connected though mobile infrastructures that reveal not just who's online but their physical locations.
All of this means that we're collecting orders of magnitude more information and have the power to do much more with it than ever before. So, the privacy challenge in the age of transparency is, How do we respect the privacy expectations of our customers and employees while taking advantage of critical new data-integration capabilities available to us?
Perhaps the only way to protect privacy is through greater exposure of personal information. After thousands of years of code-making, cryptographers learned that security by obscurity is no security at all. While there are important differences between security and privacy, could it be that privacy by obscurity is about to go the way of security by obscurity? CIOs, privacy officers and others who worry about the public policy implications ought to pay attention to transparency design strategies as cornerstones of privacy.
Three technical phenomena should encourage system designers to rethink their approach to privacy protection: first, the gradual demise of stovepiped applications in favor of enterprisewide data integration; second, the rapidly declining cost of Web-scale query; and third, the rapid spread of sensor networks in public and private settings. The dramatic privacy impact of cheap, Web-scale data integration is visible today through the operation of systems such as credit card fraud-detection networks, vehicle guidance and telemetry systems, transponder-based toll-collection systems that also seem to monitor traffic flow, and the proximity cards tied to individual identity that are increasingly common in office buildings.
Science fiction author David Brin is best known for suggesting that we embrace transparency. His proposal has been treated with considerable skepticism in the privacy community. Fundamental changes in the technology we adopt, as well as limitations in privacy protection regulations, compel us to take a more careful look at what transparency has to offer. We must not conclude that privacy has been somehow superseded by 21st century IT. Indeed, the increased data collection and inferencing power in today's information environments makes support for