From the point of view of an access advocate, the strides being made in protecting personal privacy seem to grow monthly, if not daily. However, the access/privacy conflict is one of those classic "half-empty" or "half-full" illusions: Gains or losses always look different depending on who is doing the looking. It is also a matter of where the battles are being won and lost, where access is losing and privacy is gaining, and whether the trade-offs represent the best policy mix.
On the government-information side of the equation, privacy has largely won the day. This is not to say that all personal data in the hands of all levels of government is kept under a figurative lock and key at all times. There are still many instances in which personal information is disclosed in land records, voting records and the like. Records are still being put up on the Internet with little forethought concerning the privacy implications of those records. And there are still decisions being made to disclose personal information because a determination has been made that disclosure is in the best interests of society.
The public interest in public availability of traditionally open records, such as land records and voting records, is thought to outweigh the privacy considerations attached to those records. Massachusetts decided recently to make professional licensing information available online, and the Department of Health and Human Services has an online database containing the names of doctors who have defaulted on their student loans. All these records implicate a privacy interest, but the determination has been made that the magnitude of that interest is less than the public's right to know.
Where the war is being won by privacy interests is the consistent gnawing away of the parameters of what constitutes a privacy interest in public records. Gone for good -- at least at the federal level -- are the old notions that only intimate details of one's life are eligible for privacy protection and that disclosure of more routine personal information -- which we might normally share with others -- is not protected because disclosure would not constitute an unreasonable invasion of privacy.
The Supreme Court's ruling in Dept. of Justice vs. Reporters Committee changed that equation when the court ruled that any personally identifying information qualified for privacy protection if weighed against the very restrictive public-interest test that the information, on its face, must shed light on government activities or operations.
Harm From Release?
When Congress passed the Freedom of Information Act in 1966, and, particularly, when it strengthened it in 1974, proponents believed that public information should generally be disclosed unless the government could delineate a harm flowing from release. The requesting community has always scoffed at government arguments that, by necessity, were based purely on speculation that disclosure of various kinds of information could lead to untoward events. It was never necessary for agencies to show that, without doubt, harm would occur, but it was, at least, expected that they must carry the burden of showing that harm was probable.
However, it is now clear that privacy advocates have ultimately benefited from this speculative approach to harm. Arguments of potential stalkers, harassers and those who might misuse government information are the litany upon which denials of personal information are built. Since the likelihood that someone could be harmed by disclosure of personal information is real, the harm is virtually always speculative. While some people are victimized by credit information scams, it is not a solid policy basis to conclude that all people will be subject to such scams. About the only thing that follows from the disclosure of personal information is that it will end up in the database coffers of marketers, and we will all be inundated by unwelcome junk mail and telemarketers.