However, these vary in effectiveness, and would not typically meet the much higher standards of client confidentiality applied by ethical codes or legal codes in banking or law, nor patient privacy measures in medicine, nor rigorous "national security" measures in military and intelligence organizations.
Since they operate for-profit, commercial organizations also cannot spend an unlimited amount on precautions and remain competitive - a commercial context tends to limit privacy measures, and to motivate organizations to share data when working in partnership. This has led to many moral hazards and outrageous customer privacy violation incidents, and has led to consumer privacy laws in most countries, especially in the European Union, Australia, New Zealand and Canada. The United States has no such law and relies on corporate customer privacy to ensure consumer privacy in general.
Some services, notably telecom including Internet, imply collecting a vast array of information about user's activities in the course of things, and may also require consultation of this data to prepare bills. Telecom data must be kept for seven years in the US and Canada, to permit dispute and consultation about phone charges. Telecom regulation has always enforced a high level of confidentiality on these very sensitive customer communication bills and the underlying records. However, this approach has to a degree been outmoded as other industries also now gather sensitive data:
Such common commercial measures as software-based customer relationship management, rewards programs and target marketing tend to drastically increase the amount of information gathered (and sometimes shared). These very drastically increase privacy risks, and have accelerated the shift to regulation, rather than relying on corporate desire to preserve goodwill.
See Also:
Finding related topics