I received a staff e-mail the other day on the subject of data protection which asks members of academic staff to be very careful with the personal information in their possession about students.
“Be particularly careful if you are in possession of sensitive personal data (i.e. information relating to race, political opinion, physical or mental health, religious belief, trade union membership, sexuality, criminal offences etc).”
It’s easy to see how such regulations emerge and evolve as society becomes more concerned about litigation, but despite the increasing nuances (and the possible protections these afford) there’s rarely ever an attempt made, on the part of the people handing out the “advice”, to deal with or seek to expose the complexities and contradictions which are embedded in such measures. For example, how are we to ascertain what is really meant by the word “sensitive” in this context? If someone is heterosexual, should we consider this to be sensitive information, and who decides? If someone supports the Labour Party is this any less sensitive data than if they’re an Anarchist? And what about personal information that people broadcast without even realizing that they’ve done so?
The problem with injunctions that ask us to “be careful” is that they’re often so vague that we’re forced to form our own judgements about what is or isn’t appropriate and these can sometimes lead to absurd levels of caution. In this context it’s perhaps understandable that, during discussions with students, we tend to refrain from the mention of potentially sensitive subjects because we don’t wish to be accused of a breach of any kind, but if you take this to a logical conclusion, it's not difficult to imagine a situation where we may feel compelled to say to students that we don't wish to discuss any personal subjects whatsoever, and where would that leave us, especially in fine art where personal expression is still a much vaunted practice?
The problem with injunctions that ask us to “be careful” is that they’re often so vague that we’re forced to form our own judgements about what is or isn’t appropriate and these can sometimes lead to absurd levels of caution. In this context it’s perhaps understandable that, during discussions with students, we tend to refrain from the mention of potentially sensitive subjects because we don’t wish to be accused of a breach of any kind, but if you take this to a logical conclusion, it's not difficult to imagine a situation where we may feel compelled to say to students that we don't wish to discuss any personal subjects whatsoever, and where would that leave us, especially in fine art where personal expression is still a much vaunted practice?
Shared personal information creates a bond of trust between people, especially if they’re friends. The value and meaning of this bond is based on a two way relationship which acknowledges both the value of privacy and the possibility of betrayal. Friends are, in part, judged on their discretion and trustworthiness. But institutions also hold personal information about individuals associated with them and are consequently obliged to be extremely prudent about how they treat this information. Teachers, as representatives of institutions, also carry this burden of responsibility and it's therefore understandable that they should be very careful with any personal information in their possession. The problem which concerns me here, arises through the conflict between institutionalisation and self-regulation; between the institution's desire to meet its legal responsibilities and the integrity of its representatives. Now, you might say that there doesn't seem to be a conflict here: both parties desire confidentiality. This is quite correct, but the important aspect is not what is desired but how this aim is brought about. Just as friends are judged on their discretion, so teachers are judged on their integrity, and integrity, as we all know, is something which certainly doesn’t come as an automatic consequence of regulation. I'm far from arguing that every teacher is every student's friend but I do think it's important to recognise that the more structures put in place to regulate the behaviour of teachers, the more difficult it becomes for them to distinguish themselves by their conduct: in this case, their custodianship of other people’s personal information.
This isn’t an argument for greater recognition of teachers (though this is arguably also an area which is being eroded) but rather about principles and most especially about how these principles are inscribed and cultivated within the very fabric of the institutions which also cultivate future generations and contributors to society. Is it not ironic that the very institutions who are entrusted with the authority to bestow “honours” by the thousands to graduating students each year, think so little of the concept of honour itself and seem to have so little understanding of how it is nurtured?
Personal data is sensitive either because it can be used to discriminate against people or because it can expose emotional vulnerabilities. I’m certainly not suggesting that we should be more relaxed with personal information but I think the attempt to mitigate against abuse in this way has the unfortunate side-effect of perverting the value and authenticity of well-established social codes which, whilst they may be open to abuse, at least treat people as discerning, self-regulatory and principled beings rather than untrustworthy infants who need to be kept in line. This is one of the worst things you can do with legislation – pass it down the chain, with no invitation for discussion of how best to utilise and apply it, as if it were so much uncomplicated common sense. And this is where the subtle but important point lies: at it’s best, legislation augments social codes by enshrining them in law and ensuring that everyone has equal protection and equal opportunities for justice and fair treatment. In many ways such institutionalization is perfectly reasonable, but from another perspective there's the danger that it simply substitutes one flawed system for another: accountability stripped of understanding, conformity robbed of scrutiny and obligation devoid of trust. Personal information has become a liability for teachers – no longer is it something which creates a bond, but rather a contractual obligation reinforced by the threat of civil action.
To return to the original point, I think where we most need to be “careful” is in the use of the words we use to describe the objects of data protection. The word “personal” is misleading for the simple reason that, as a concept, it straddles both the public and private realm and is completely unaltered by the shift between them. There’s no clear emphasis or imperative about the concept of the personal to suggest that it should be maintained in its present state, whereas “Private” information on the other hand can only ever be private, by definition. So if you want to make it quite clear that something is confidential - and therefore should not be divulged - then it’s probably best to tell people that it’s private. And if you’re in any doubt about the imperative that this lends then consider for a moment the change in emphasis if you replace it with the word “secret”.
0 comments:
Post a Comment