Privacy Law and Policy Reporter
Brookings Institution Press, Washington DC, 1997, ISBN 0-8157-1315-0
The growing significance of the privacy debate in the US is reflected in the publication of Privacy in the Information Age, a book by the Brookings Institution, a leading American think tank. Its author, Fred Cate, is the director of the Information Law and Commerce Institute at the Indiana University School of Law, and chaired the Annenberg Washington Program’s project on global information privacy from 1994 to 1996. The publication of the book follows on from a Brookings conference on privacy convened in Washington DC in April 1997.
Cate provides a good general overview of the privacy debate in the US in the late 1990s. The first two chapters give a background to privacy issues, reflecting on the rapid growth of information flows, the reasons why privacy is a significant social value and the need to strike a balance between privacy and other social interests. Cate then contrasts the European and American approaches to protecting privacy. Two chapters explain the extent to which the public and private sectors in the US are now covered by the variety of legal protections for privacy — a “cacophony of constitutional rights, narrow sectoral statutes, state legislation, federal regulations and common law torts”. Indeed, Cate argues that 980 of the 7,945 bills introduced into the 104th Congress addressed a privacy issue. Included in his analysis are details of recent legislative amendments which have extended privacy legislation covering both credit records and the telecommunications sector. Cate concludes with his own reflections on the way forward for the US. The book’s appendices include the EU Directive and the principles of the US Information Infrastructure Task Force.
Cate characterises the American model of privacy protection as a sectoral approach, as opposed to the European omnibus model. This is an interesting point given that elsewhere, it is sometimes argued that the American approach is simply self-regulation. Rather, Cate describes it as a ‘patchwork of uneven, inconsistent, and often irrational, privacy protection’ — which, for example, protects the privacy of video tape rental records but not medical records. Cate also suggests that the US is unlikely to implement a comprehensive privacy statute because of constitutional restraints on the Federal Government. Nevertheless, he notes that ‘though the legal cultures concerning privacy are unlikely to ever converge completely, they are likely to grow closer together to the extent they share the same values.’ He suggests that this process might be accelerated by deliberate multinational negotiations — ‘it’s time for a Berne convention for privacy’.
Cate recommends against adopting the European model of a comprehensive privacy statute — of which he remarks that ‘it is difficult to imagine a regulatory regime offering any greater protection to information privacy or any greater contrast to US law’. Cate instead encourages greater reliance on self-help measures, technological solutions, public campaigns and adherence to voluntary codes of practice over a general legislative response. Nevertheless, he argues that when competitive forces are ineffective in developing market-based mechanisms to protect privacy, legislation may be necessary.
Unfortunately the book suffers from the narrow scope of Cate’s research. By treating the alternatives simply as a contrast of American and European approaches, which can be explained by their differing histories and political cultures, he avoids harder questions about why other nations outside of Europe have attempted to establish a consistent privacy protection regime through a general privacy statute. The limitations on Cate’s perspective is unfortunate both for his American and international audiences.
While he generally sees the role of law as a ‘gap-filler’ when other methods do not work, Cate nevertheless appears somewhat attracted to the idea of a single major privacy statute, because it offers clarity and consistency. He proposes that such a law should focus on the three key issues of clear, straightforward notice of information practices, consent to information collection and use and accountability for information users.
For those relatively new to privacy issues, this is a concise and up to date overview of the privacy debate. For those more familiar with the privacy debate, little that Cate says will be new — they could probably go straight to the seventh chapter on his own conclusions. But his thoughts are well-expressed, his sources are up to date, and given the prominence of the Brookings Institution, the book represents a significant contribution to the privacy debate.
Tim Dixon, Secretary,
Australian Privacy Charter Council