Have you ever paused to read or understand the privacy policies you encounter online? Surprisingly, only about 20% of Americans consistently delve into these documents before agreeing, with a mere 9% always reading them in detail. This trend is particularly pronounced among younger individuals, where up to 97% bypass reading terms of service. Yet, privacy policies are more than fine print; they are essential in safeguarding our digital rights and clarifying how our data is handled. Understanding these policies is not just about legal compliance but about protecting our digital identities and data.
We recently rewrote our privacy policy and wanted to share with you a bit of context on what goes into privacy policies, and why they matter.
At Codifi, we prioritize the privacy and protection of data as a reflection of our core values. We implement strict access controls, automatic offline duplication, and a verifiable chain of custody to ensure the highest levels of data security. Our approach is tailored to meet the specific needs of Cultural Resource Management, adapting to various field conditions and locations. By focusing on robust data protection, we enable our clients to confidently manage their field data, secure in the knowledge that their information is safeguarded with the utmost care.
We’ll take a brief look at the evolution of privacy policies within technology, the ethical principles set forth by the Society for American Archaeology (SAA), and how we aligned Codifi’s privacy policy with these principles for responsible data stewardship.
The Evolution of Privacy Policies in Technology
The journey of privacy policies in the technology sector is a narrative marked by significant dates and milestones, reflecting a shift from a focus on security to a nuanced understanding of privacy. This evolution is characterized by heightened awareness and evolving challenges, underscored by the rise of tech giants and pivotal legal developments.
- Late 1990s – Early 2000s: The digital age ushered in new privacy concerns with the rise of internet giants like Google (founded in 1998) and Facebook (founded in 2004). These companies began leveraging user data for targeted advertising, shifting the focus from traditional internet security to more complex privacy issues.
- May 2018: A landmark in privacy legislation, the General Data Protection Regulation (GDPR), was enacted by the European Union. This comprehensive data protection law set a new global standard for privacy rights, data handling, and compliance requirements.
- January 2020: The California Consumer Privacy Act (CCPA), a significant U.S. privacy law, came into effect. The CCPA granted California residents new rights regarding their personal information, influencing other states to consider similar legislation.
Despite these efforts, a notable gap persists between the practices of companies and the privacy expectations of users, underscoring the ongoing need for transparent and user-centric privacy practices.
To understand this evolution, Skyflow’s historical overview offers valuable insights, from the early legal foundations, notably the 4th Amendment to the U.S. Constitution, to the sophisticated data privacy landscape of today.
Consideration for digital, tangible and intangible heritage
In shaping our privacy policy at Codifi, we deeply considered the ethics of managing digital data as a form of digital heritage. We recognize that the digital data we handle are not just bytes and bits but are representations of physical cultural materials with significant historical, cultural, and societal value. Our policy is designed to bridge the gap between digital and physical realms, ensuring that this digital heritage is treated with the same respect and care as the tangible artifacts they represent. We are committed to preserving the integrity, authenticity, and context of these digital reflections, ensuring they are preserved for future generations as part of our collective cultural legacy.
Fortunately, we have an excellent historical context for situating our policies and practices for cultural data stewardship with the Society for American Archaeology.
SAA’s Principles of Archaeological Ethics
The Society for American Archaeology (SAA) has been instrumental in establishing and evolving ethical principles in the field of archaeology. The process began in 1991 with the formation of the ad-hoc Ethics in Archaeology Committee, which was tasked with revising the society’s existing ethical statements. A pivotal moment came in 1996, when the SAA Executive Board adopted the original Principles of Archaeological Ethics. This was the culmination of years of extensive member consultation, workshops, and discussions. These principles were further expanded in 2016 with the inclusion of a ninth principle, focused on ensuring that all archaeological workplaces and educational settings are safe and welcoming for everyone, with a solid commitment to preventing harassment and promoting respect:
- Stewardship: Emphasizes the irreplaceability of the archaeological record and the responsibility of archaeologists to work for its long-term conservation and protection.
- Accountability: Focuses on the importance of public accountability and the commitment to consult actively with affected groups.
- Commercialization: Addresses the issue of the buying and selling of objects out of archaeological context and its impact on the archaeological record.
- Public Education and Outreach: Encourages archaeologists to reach out and participate in efforts to improve the preservation, protection, and interpretation of the archaeological record.
- Intellectual Property: Relates to the treatment of knowledge and documents created through the study of archaeological resources as part of the archaeological record.
- Public Reporting and Publication: Stresses the need for archaeologists to present their findings in an accessible form to a wide range of interested publics.
- Records and Preservation: Highlights the active role archaeologists should take in the preservation of and long-term access to archaeological collections, records, and reports.
- Training and Resources: Emphasizes the necessity for archaeologists to have adequate training, experience, facilities, and support to conduct research in a professional manner.
- Safe Educational and Workplace Environments: Focuses on the responsibility of archaeologists to foster a supportive and safe environment for students and trainees in all professional settings
In 2018, the SAA took a significant step forward in refining these principles by forming a diverse Task Force focused on recommending a process for updating the existing principles. Comprising members from various sectors and countries within the Americas, the Task Force emphasized the importance of the ethical principles being a “living document,” adaptable to the ever-changing professional and societal landscapes. Through extensive consultations with other organizations experienced in ethical revisions, the Task Force advocated for ongoing communication with members and a structured, multi-stage process involving several sequential Task Forces. This comprehensive approach aimed to ensure that the revised ethical principles were inclusive and reflective of a broad range of stakeholder perspectives, establishing a new standard for maintaining dynamic and relevant ethical standards in archaeology.
The SAA’s ethical principles are pivotal in guiding professionals in the ethical management of cultural data. These principles, encompassing stewardship, accountability, public education and outreach, intellectual property, and safe work practices, stress the duty to protect and share archaeological records and knowledge responsibly.
Codifi’s Privacy Policy in Light of SAA Ethics Principles
Codifi’s privacy policy is crafted to consider the ethical principles of the SAA. It articulates Codifi’s commitment to data privacy with strict access controls and secure data management. This commitment resonates with the SAA’s principles in several ways:
- Stewardship and Data Preservation: Codifi’s secure data management practices align with the SAA’s stewardship principle, ensuring the conservation of cultural data. This alignment is evident in Codifi’s data collection and management approach.
- Accountability and Transparency: The transparency in Codifi’s data processing reflects the SAA’s accountability principle. The policy offers clear guidelines on personal data usage, storage, and protection, echoing the SAA’s commitment to responsible research and public engagement.
- Intellectual Property: Respecting intellectual property, Codifi handles data in alignment with the SAA’s guidelines on treating intellectual property as part of the archaeological record.
- Safe Work Practices: By securing data and complying with privacy laws, Codifi contributes to safe work environments, paralleling the SAA’s principles of creating safe educational and workplace environments.
As we navigate the intricate world of data privacy and ethics, it’s important to remember that we’re all in this together. At Codifi, we’re inspired by the principles of the Society for American Archaeology (SAA) and deeply committed to respecting both the tangible and intangible aspects of cultural heritage in our data practices. But we know there’s always more to learn and more ways to improve.
We envision a future bright with possibility, where data and knowledge sharing are rooted in principled protections and privacy. In this future, ethical considerations are the cornerstone of our data management practices, not just an add-on.
At Codifi, we are excited to navigate the dynamic relationship between technology and cultural heritage, guided by our steadfast commitment to stewardship, accountability, and transparency. By giving priority to respectful and secure management of digital heritage, we aim not only to safeguard the privacy and integrity of our data but also to cultivate a culture of responsible knowledge sharing.
This approach opens the door to a world where each piece of information is shared with a deep commitment to honor and preserve our rich, collective cultural legacy.
How do you approach the challenges of data privacy and ethical management in your work? We’d love to hear your experiences and insights. Whether you’re mulling over your own privacy policies, looking for advice, or just curious about our methods, let’s start a conversation. Reach out, and let’s explore together how we can make data management not only secure but also respectful and sustainable.