Managing Information Privacy and Information Access in the Public Sector
journal contribution
posted on 1998-01-01, 00:00authored byGeorge Duncan
Government agencies collect and disseminate data that bear on the most important issues of public
interest. Advances in information technology, particularly the Internet, have multiplied the tension
between demands for evermore comprehensive databases and demands for the shelter of privacy. In
mediating between these two conflicting demands, agencies must address a host of difficult problems.
These include providing access to information while protecting confidentiality, coping with health
information databases, and ensuring consistency with international standards. The policies of agencies are
determined by what is right for them to do, what works for them, and what they are required to do by law.
They must interpret and respect the ethical imperatives of democratic accountability, constitutional
empowerment, and individual autonomy. They must keep pace with technological developments by
developing effective measures for making information available to a broad range of users. They must both
abide by the mandates of legislation and participate in the process of developing new legislation that is
responsive to changes that affect their domain. In managing confidentiality and data access functions,
agencies have two basic tools: techniques for disclosure limitation through restricted data and
administrative procedures through restricted access. The technical procedures for disclosure limitation
involve a range of mathematical and statistical tools. The administrative procedures can be implemented
through a variety of institutional mechanisms, ranging from privacy advocates, through internal privacy
review boards, to a data and access protection commission.