Information privacy realities contradiction theory (IPRCT) is the convergence of the unity of opposites, materialist dialectics and self-interest in acquiring, managing or sharing personal or enterprise data (figure 1). First, individuals naturally have two sides to their attitude, representing the unity of opposites. Second, individuals and managers in a public or private organization or government struggle with the materialist dialectics of choosing between privacy violation and compliance in the information privacy unity of opposites. Third, our choice of the opposites, privacy violation or compliance, in time and circumstance, is based on our self-interests, which are motivated by the privacy realities we experience at the time.
Figure 1—Information Privacy Realities Contradiction Theoretical Concept
The fact that individuals, organizations, governments or nation-states simultaneously have both privacy protection and violation tendencies is not the main problem with information privacy violation, or guardianship, for that matter. Instead, the issue is allowing our information privacy violation tendency to outweigh our protection tendency because of our self-interests at the expense of others whenever the opportunity presents itself. First, think about how you felt as an individual or within the context of your organization when you realized that an individual, entity or government had exploited the data you provided them in good faith. Also, consider how you feel when an entity exploits the information it garnered from you, knowingly or unbeknownst to you, using technology or via an obligatory passage point (OPP)–induced means. Now think about the zeal with which you have used or wanted to use other people’s personal and enterprise data upon realizing there is value in the data. Why do you have different feelings, thoughts or attitudes in both situations? If you had the same sense, view or assessment regarding the cases, why is your assessment different? Why not?
One reason or answer could be that how we feel primarily depends on whether we are the subject of the information collection or whether we are the ones collecting the information or slated to benefit from it. Another reason is whether we perceive or consider the value and benefits to be essential or not to our well-being. Although there could be other reasons, the point is that our experience during an instance of an information privacy event determines the side of the information privacy contradiction coin we choose in time and within a circumstance.
But why is this important? To prudently answer that question, the impact of inaction or not caring about information privacy compliance or violation in our indispensable digital world must be understood.
We care about information privacy realities and contradictions in our personal and enterprise data because:
- Data has become a critical and indispensable asset at every level of society (i.e., socioeconomic, sociopolitical).
- Adherence to stipulated data policies, directives and regulations and the effectuation of those, and enforcement of punishments to information privacy violators, are imperative.
- Prudent use of data and adequate protection of data in use, motion or storage engenders digital trust and confidence among data subjects.
- Providing adequate consensual and unambiguous opportunity to data subjects should be a primary objective of system owners and developers to build an endearing digital trust.
- The value of data is exponential and continuously on the rise.
- The risk to personal and enterprise data could be enormous and continual because data do not necessarily lose value based on the number or length of uses unless there is a change in the facts.
- Data have a multiplicity of utilities and can easily be repurposed.
- Technological advancements and our socioeconomic and sociopolitical needs counter the nondisclosure of data and do not support personal and enterprise data nondisclosure.
- It is almost impossible to avoid sharing personal or enterprise data today considering the constant availability and ease of doing things, which the abundant and easily accessible internet-connected devices and technologies provide.
- There would be an impediment to the national, intercontinental and global emarketplace, ecommerce, egovernment, ehealthcare, elearning, eticketing activities without a free flow of personal and enterprise data.
- Allowing data owners to exercise control or even giving them an illusion of control over their data enhances data disclosure.
Editor’s note: For further insights on this topic, read Patrick Offor’s recent Journal article, “The Information Privacy Contradiction: Interest-Based Posture of Compliance and Violation,” ISACA Journal, volume 6 2022.
