A discussion of some of the problems and effects of computer information systems relative to society. Although society's size and complexity demand computerized recordkeeping, the opportunities for malicious misuse of personal information — or for spreading misinformation — are increasing as more and more dossiers exchange information automatically. Some medical information gets into data systems. There is no legal framework to protect the individual, to fix liability for leaks, or to provide for award of damages, although the U.S. Fair Credit Reporting Act is a start. We do not yet understand how to design or test systems that protect the information they contain, and often do not use the protective mechanisms we do know about. The problem is real, the urgency is great, and action is needed now.
This report is part of the RAND Corporation Paper series. The paper was a product of the RAND Corporation from 1948 to 2003 that captured speeches, memorials, and derivative research, usually prepared on authors' own time and meant to be the scholarly or scientific contribution of individual authors to their professional fields. Papers were less formal than reports and did not require rigorous peer review.
This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.
The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.