On February 15, 2005, a Florida court ruled that when Ms. O'Brien installed spyware on her home computer to monitor her husband's online conversations, she was in violation of Florida's wiretapping law.  A few days later, the private contents of heiress Paris Hilton's Sidekick – including phone numbers, photos, and email messages – were taken from the device and posted on the internet. That same week, data broker ChoicePoint Inc. admitted that "criminals posing as legitimate buyers" purchased "sensitive financial information" of about 145,000 people.  These cases are but the latest installments involving the rights we have over information about us.
Ownership of physical property is generally straightforward. Ownership of information, however, is a much more nebulous concept. Information is nonrivalrous,  yet it can do much harm in the wrong hands, as victims of identity theft can attest. Current understandings and applications of information management and privacy are piecemeal, with comparisons running the gauntlet from physical property to free speech. Canadian citizens are given unilateral control over the use and re-use of their personal information, as if it continues to be their property even as it is replicated and disseminated.  Meanwhile, countless clandestine trackers, from employers to grocery store membership cards,  incessantly collect and correlate our electronic tracks as if the information is theirs for the taking.
Most would agree that those who stole Hilton's and ChoicePoint's information were in the wrong, but this does not resolve the larger issue of who is allowed to act as gate-keeper. What rights should we have over the data that we inadvertently leave behind in the digital world, for spouses or companies like ChoicePoint to collect? What obligations do lawmakers and information architects have to provide adequate security, and as a corollary, what responsibility should they have to take when (as in the Hilton case) their precautions are inadequate?
Because of the intangible, nonrivalrous nature of information, developing consistent guidelines for its protection is no easy task. David Brin's argument for accountability is compelling and his "transparent society" seems utopian, until it is clear that power inequalities would most likely persist.  One of the best existing systems for information privacy and accountability – which would have likely prevented the ChoicePoint debacle – is Canada's PIPED Act, which gives people the right to access, correct, and control the dissemination of their personal information.  In addition, information designers could prevent cases like Hilton's and O'Brien's by adopting a consistent approach to information security aligned with the user's actions that, by default, protects them.  These actions would give us a more consistent view of information and help us control our own.
 The wiretapping claim was based on intentional, real-time recording of the electronic data. See McCullagh, D. Court: Wife broke law with spyware. CNet News.com, February 15, 2005. (online at http://news.com.com/2100-1030_3-5577979.html)
 The information included "financial, legal and health information" that ChoicePoint had obtained from various sources and sells to various clients deemed "legitimate," including credit agencies, "direct marketers," and the government. See Schwartz, J. Some Sympathy for Paris Hilton. New York Times, February 27, 2005. (online at http://www.nytimes.com/2005/02/27/weekinreview/27paris.html)
 A rivalrous resource is one that can be depleted, such as a book or petroleum; a nonrivalrous resource, like an idea or electronic information, can be shared without lessening its quantity. Nonrivalrous resources can be summarized with Thomas Jefferson's conception of sharing ideas: "the moment it [an idea] is divulged, it forces itself into the possession of everyone, and the receiver cannot dispossess himself of it. ... as he who lites his taper at mine, receives light without darkening me." See Lessig, L. The Future of Ideas: The Fate of the Commons in a Connected World. New York: Random House, 2001.
 Brin argues that if all information were public, then all people and institutions would be both watchers and the watched, and everyone would be held accountable. This last claim – that everyone would then be held accountable – is the most controversial. We may know that the credit card companies are selling our information, that our favorite brands support sweatshop labor, or that government is condoning torture, but we are powerless, as largely-unorganized individuals, to control it. See Brin, D. The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom? New York: Perseus Books Group, 1998.