[LINK] "Privacy" of corporate entities

[Steven Clark]

Stephen Wilson wrote:
> Roger Clarke wrote:
>> At 9:15 +1100 24/2/09, Stephen Wilson wrote:
>>> I wonder if there is any precedent, or special legislation, that 
>>> provides for 'privacy' of corporations working in sensitive areas? 
>>> I'm thinking of women's refuges, abortion clinics, political 
>>> activists and the like.
>> The privacy aspects relate not to the organisations, but to the 
>> individuals who are at risk, respectively battered wives (sorry, 
>> victims of domestic violence), patients and doctors, whistleblowers 
>> and dissidents.
> Yes, but if we were to abstract the identity of the abortion clinic, 
> or women's refuge, as being meaningful and important to keep private, 
> then we would get a useful additional layer of protection for the 
> employees, guests, users etc.  
Sadly, no. Apart from how quickly it would be abused, it is unlikely 
that 'privacy' would be extended to non-natural persons.

In any event, our privacy laws are focussed upon information - 
information privacy - and even then, it's more about data and data 
collections than the person/s.

Existing privacy laws don't keep anyone's *identity* 'private'. They 
relate to the handling of data relating to an individual, and perhaps 
thereby to their identity.
> I mean "private" in the full sense of the word: you would not be 
> allowed to identify the entity to anyone who doesn't need to know, you 
> would not be allowed to share any information about it, or use that 
> information for secondary purposes etc etc etc.  
How would people know these places exist to seek them out?

It's more realistic, and more sensible IMNSHO, to provide better (more 
effective) measures to protect the people rather than the places, per 
se. There are already secrecy provisions for people in 'high risk' jobs 
such as family court justices.

There are discussions in academic literature advocating for 'collective 
privacy' of varying flavours - essentially providing similar privacy 
protections/rights to groups of people. These are interesting. They are 
also careful to differentiate a group of people from an institution or 
organisation: for example suggesting that minority groups in a society 
ought to have collective rights in contrast to a minority advocacy group 
or interest group. Or suggesting that privacy could be considered to be 
a collective right in the sense that it arises because we all have an 
interest in the sensitive handling of personal information, such that 
privacy ought to be weighted against other collective interests such as 
security on an equal footing when they overlap or compete (collective v 
collective interest, rather than collective v individual and thus always 
loosing out).
> Someone suggested to me off-list that "commercial-in-confidence" is 
> the way that these issues are approached in the private sector, but 
> that doesn't provide anything like the protections of a (proper) 
> privacy law.  
CiC is designed/intended to protect the *commercial value* of 
information, not protect the information, people or institution involved.

It would be lovely to have a 'proper' privacy law. Maybe we could have 
some of that instead ...

-- 
Steven R Clark, BSc(Hons) LLB/LP(Hons) /Flinders/, MACS, Barrister and 
Solicitor
PhD Candidate, Centre for Regulation and Market Analysis
School of Commerce, City West Campus, University of South Australia

/Finding a Balance between Privacy and National Security in Australia's 
ePassport System/