Last week I highlighted both the benefits and drawbacks that face local and international business if Bermuda introduces data protection legislation in a form similar to that seen in the European Union (EU).

This week I will examine the reasons why the EU believes this form of protection is important.

Jenny, a young teenager, was convicted of theft. She had been with a crowd of friends and someone had taken some candies.

She was not involved in the theft but had eaten some.

Her attorney told her to plead guilty. She got a job with a store and worked for them for more than 40 years until four weeks before her retirement.

Some of the September 11 hijackers had used a store credit card and the company clamped down on credit card staff.

They reviewed their files and sacked Jenny because of the conviction she had as a youngster.

She lost all her retirement benefit. This is a true story from the United States and shows the power of 'information' and the potential harm that it may cause.

Of much greater harm was the Nazis' use of public records in Amsterdam to identify Jewish residents who were then rounded up and sent to concentration camps.

In this case the efficient manipulation of data was directly responsible for the deaths of thousands of men, women and children.

Information may be used for good, of course. With the right data you may identify people at risk of a particular disease; select people with the right talents for a particular task; ensure that people obtain the correct benefits; reduce the internal administrative costs of business; enable effective marketing, and so on.

These benefits have made the acquisition and use of information a matter of tremendous importance.

It is entirely possible that, in the case of a 30-year-old with an average lifestyle and living in Bermuda, their personal data will be stored on thousands of computers.

As a habitual user of a personal organiser I am well aware of the errors contained in my own contact list and calendar.

This has often made me wonder how accurate the databases of Government and business are and whether they need all the information that they hold.

There is now a trend for websites trading in the United States to request Social Security Numbers in an attempt to reduce credit card fraud.

This trend has been resisted elsewhere as it is seen as the start of a national identity card that provides commercial organisations with the ability to track your every move.

The science fiction films that envisage street adverts welcoming you by name and targeting you based upon your shopping data are likely to become science fact in the next few years.

You can even find out how much information about you is worth if you go to http://turbulence.org/Works/swipe/calculator.html. This web site also enables people to find out what information is held by the big database companies in the United States.

The potential for the extension of data collection has led to the creation of an e-mail currently circulating around the Internet.

The mail provides an example of someone ordering a pizza in 2012. The operator is able to tell the customer how much money he doesn't have; that he must use his bike as his car was repossessed; that he should order a different pizza because his health provider says he is unhealthy; and that he can't have a soda because he is a diabetic.

Although a joke, the e-mail raises a serious question: Do the people of Bermuda want to allow this level of access to their lives?

Data protection laws have been created to protect the right of individuals to their personal data. Jenny, for example, would have been able to seek redress under legislation, since the manipulation of unrelated data based upon her social security number would not have been permitted.

The record office in Amsterdam might have been blocked from recording the religion of city residents. In other instances, anyone refused credit could find out if the credit reference agencies hold incorrect data.

Mistakes would have to be fixed and people previously given incorrect information notified. Excessive data could not be obtained.

When considering this form of legislation Bermuda must decide whether personal data is a commodity, or whether it is the right of an individual to control their own personal data. If we decide on the former, this will mean that third parties may acquire rights to it so that they may sell, license and otherwise deal in it.

There remains the question whether or not Bermuda needs this form of protection and if so, whether the EU model is appropriate. Such protection may take other forms yet provide the same result.

If you have an interest in this subject and the rights it provides it is vital that you give your comments to the Government (Nigel Hickson nhickson@bdagov.bm, Tel: 297-7944).

Attorney Graham Wood is a member of the Telecommunications and Technology team at Appleby Spurling & Kempe. Copies of Mr. Wood's columns can be obtained on the Appleby Spurling & Kempe web site at www.ask.bm. This column should not be used as a substitute for professional legal advice. Before proceeding with any matters discussed here, persons are advised to consult with a lawyer.