As lawyers we did a good job debating the legal and policy elements of the situation. As moral agents or ethicists we failed badly.
As is discussed in the article, there is a particular issue around protecting the privacy of vulnerable people. While they are particularly concerned with protecting women and children — from stalkers and abusers — I think the point holds generally. If society is going to construct identity infrastructure, then it has a responsibility to make sure that the infrastructure actually protects the vulnerable. I was thinking about this today because there’s a story in the U.K. newspapers that the great data disaster of 2007 (the HMRC “identity theft”) could result in people dying, because the records on the missing CDs include the names and addresses of 350 people in witness protection programmes.
One case they touch on has been touched on here before, and that is the issue of employers gaining access to personal information. Not in the trivial sense of the looking at people’s Facebook pages but in a variety of circumstances around real-world problems. If I sued an employer for discrimination 20 years ago, should that information be available to a potential future employer? Should potential employers be able trawl public sources? If I’ve had a legal battle with a neighbour over a hedge (I live in Woking, remember) might an employer decide not to employ me thinking I might be too much trouble? Or should this information remain private except in hedge-related contexts?
I can’t I say I know what the answer is, but I can say that creating a digital identity infrastructure for the modern world must somehow factor in these kinds of issues, so that there is conditional longitudinal and horizontal linkability under the right circumstances (ie, under an appropriate warrant) but not outside them. No-one is saying it will be easy.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]