Two types of news item expose the 21st-century challenge to privacy.

One, a breach of data on some organization’s servers or a lost USB drive puts scores of people’s private information into the hands of the unauthorized and probably unsavoury. Two, an organization that has amassed privileged, personal information about customers shows its industriousness by using this intelligence to draw inferences and help those same people. In both cases, we are violated… even if no harm is done.

A breach of trust

But privacy breaches are not the story. They are merely a symptom and proxy for what’s really going on—your trust is being breached. In the first case by larcenous criminals (or overreaching government) that acquired private property (your information) from the system; in the latter, by an institution that said “trust us with your important information” before misusing it. Naturally, we blame those that let us down.

Or do we?

"When someone is entrusted with money (information), a fiduciary responsibility is created. The one being trusted has a legal obligation to protect the asset. Financial institutions tend to take their responsibility for their customers’ money seriously because their customers take it seriously."

We don’t turn that blame inward. After all, we trusted others to keep our valuable personal information safe and use it only as prescribed. But didn’t we let go of that information in the first place, giving up what is dearest to us to somebody else’s keeping? To someone or something acquiring the same information from many others and creating wicked temptation in the treasure trove of value?

What me? It’s information. That’s just how it is…

Whether in the role of trusting an individual or leader of an organization holding information, maybe you’re thinking about information wrong. It’s digital, so you might see it as benign ones and zeros. Perhaps in your imagination it is isolated sets of discrete data. Whatever the case, you almost certainly perceive data and information in the abstract. It has no substance—even when rendered as reams of paper (Who else does that anymore?) So it’s easy to minimize.

Now try this: equate personal data with cash. Yes—make information money! Now it has substance and easily perceived value. Does that change things? Most people are more careful with cash than electronic funds. They’re more thoughtful about where they pull it out, where they put it, and with whom they entrust it—and why.

Information as money

When someone is entrusted with money (information), a fiduciary responsibility is created. The one being trusted has a legal obligation to protect the asset. Financial institutions tend to take their responsibility for their customers’ money seriously because their customers take it seriously. So does society—in the form of strict regulations and governance.

Moral, legal, and economic incentives, refined over centuries, have the necessary positive impact on behaviour with money (intangible credit being the exception that proves the rule). It’s not foolproof, and everyone wants the means to exert control over their money; the means to retrieve it from those in whom they have entrusted it if the need should arise. The system of tangible fiat money makes even fools care more about the exchange. Why not with our valuable personal information?

We could do a lot worse than think about our allegedly valuable personal information with the same concern that we give dirty old cash.


Timothy Grayson is an executive that thinks about privacy, security, innovation, and change in the fast-evolving digital world.