Corporate Privacy?

I’ve been arguing a lot recently that individual privacy, state secrecy and corporate confidentiality should be regarded as clearly separate things. Keeping this separation is important precisely because it stops organisations which we should expect to be open to inspection and accountable to us, from using ‘privacy’ as an excuse for avoiding such inspection. Philosophically, the distinction should be clear, but legally it may not be so obvious. One problem however lies in the nature of the whole notion of ‘incorporation’, which in its very language already assigns certain individual human attributes to organisations. And corporations are very much aware of this.

Marc Rotenberg points me to a very interesting legal test case in which the Electronic Privacy Information Center (EPIC) in the USA is currently involved. This case originally started when in 2008 the Federal Communications Commission ruled that corporations could not use ‘privacy’ as a reason to reject Freedom of Information requests. In 2009, a court overruled this decision. And now the FCC, ironically aided by EPIC, an organisation which frequently finds itself challenging rather than supporting the state on such issues, is seeking to have this ruling overturned in the Supreme Court.

This strikes me as a vital case, not just for the USA, for other jurisdictions where corporations will be observing the outcome and seeking to bring similar challenges if they can. If privacy, and indeed any other fundamental human right, is to mean anything it can neither be granted to companies who find it simply a convenient cover for a desire for confidentiality, nor to states who seek to maintain secrecy. Clearly there is information possessed by corporations and by states that might have elements that could be damaging to personal privacy. Private individuals acting in a corporate or state capacity may perhaps in some clearly delineated circumstances have the right not to be personally identified, even more so for individuals from outside the organisation concerned, but the ‘what’ of the information should still not, by association with an individual expressing a desire for privacy or anonymity, acquire the protection of privacy.