Scope and Categories of the Advisory
The Subgroup felt that in considering access and security issues it was appropriate to consider the sensitivity of the various categories of data and of data elements that may be contained within a broad category. Again, the Subgroup felt that a category-based approach to access and security would help identify common ground and areas of disagreement for the Commission's consideration.
II. Use As An Important Consideration
Similarly, the Subgroup strongly believes that the use of information should be an integral part of considerations of access. Of particular concern is individuals' ability to access information used to make decisions about them, and questions of commingling data from various sources.
There might be differing views of access and correction depending upon the how information is used and whether or not the information is shared. Such factors might impact the recommendations made by the Advisory Commission.
Information can be used to make various kinds of decisions about individuals. For example, a customer's account history could be provided to an insurance company and used to determine eligibility and cost for a policy, or the result of a medical exam could be used to determine whether or not a job is offered. Information may also be used for marketing purposes. For example, an individual purchasing a vintage Corvette may receive information to join a Corvette Club, or to receive a special credit card targeting Corvette owners.
Information may or may not be shared with others. For example, a book seller may or may not share the information that an individual purchased a home improvement book on-line with other on-line marketers of products to help the "do it yourself" homeowner.
The Subgroup felt that in considering the significance and privacy impact of Unique Identifiers the availability and scope of use were of particularly important. For example, a Unique Identifier assigned by one company and never shared with other entities in a fashion that tied it to other identifying information would be considered by the group to be a Local Unique Identifier. The same Unique Identifier used by multiple companies to track and retain information about a specific individual would be considered a Globally Unique Identifier and raise a different level of privacy concern.
III. What Do We Mean By Access
Access is the ability of an individual to view personal information identifying or describing himself or herself. The subgroup disagreed as to whether or not access should in all instances be interpreted to include the ability of the individual to correct, amend, or delete personal information.
IV. Reasons for Access
Although the subgroup believes there are other reasons for providing access, we believe that as a starting point, the following deserve consideration:
V. Considerations of Sensitive Information?
Sensitive information is a category of personal information that should be considered when discussing the scope of access. At this time, the subgroup does not have an exhaustive list or precise definition for this type of personal information.
The subgroup agreed that there are some categories of personal information, medical and financial, that clearly fall into this category. The subgroup was in disagreement whether to also include other types of personal information such as data pointing out or suggesting political leanings, religious beliefs, or gender.
The Subgroup felt that developing data categories would assist in defining the scope of the Committee's work and in identifying where differences of opinion exist. The Subgroup also felt the exploration of access and security would be strengthened by an approach that looks at separate categories of data.
In addition to developing categories of data to aid the Committee's work, the Subgroup felt that an initial analysis of whether or not they should come within the scope of the discussions of access would prove useful to the Committee. Therefore, the Subgroup prepared the attached grid which indicates (X) where the Subgroup was in wide agreement that in considering access the record created by the intersection of the two data points should be discussed. (?) indicate mixed opinions and (0) equal wide agreement that access to such records was not a priority for consideration.
VII. Chart for Consideration