Gt. Duncan et S. Kaufman, WHO SHOULD MANAGE INFORMATION AND PRIVACY CONFLICTS - INSTITUTIONAL DESIGN FOR 3RD-PARTY MECHANISMS, The International journal of conflict management, 7(1), 1996, pp. 21-44
The U.S. Census Bureau, health data providers, and credit bureaus are
information organizations (IOs). They collect, store, and process larg
e sets of sensitive data on individuals, households, and organizations
. Storage, processing, and dissemination technologies that IOs employ
have grown in capability, sophistication, and cost-effectiveness. Thes
e technologies have outpaced the design and implementation of procedur
es for protecting data in transfer from primary data provider to IO an
d from IO to data user. On the one hand, it is necessary to protect th
e confidentiality of such data; on the other hand, it is necessary to
protect the accessibility to the data by users, including researchers
and analysts. Conflicts ensue in the two corresponding arenas: between
the IO and data providers concerned with inadequate privacy and confi
dentiality protection: and between the IO and data users who find thei
r access to data restricted. In this article third-party mechanisms fo
r managing disputes in the privacy and information area are both theor
etically justified and their empirical manifestations examined. The in
stitutional mechanisms considered include privacy and information clea
ringhouses, a ''Better Data Bureau,'' a privacy information advocate,
a data ombuds, a privacy mediator, an internal privacy review board, a
nd a data and access protection commission. Under appropriate circumst
ances, these arrangements promise a more flexible and responsive resol
ution of the conflict between privacy/confidentiality and legitimate i
nformation access than is possible through legislative action and admi
nistrative rulings alone.