Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sun-barr!lll-winken!elroy.jpl.nasa.gov!usc!zaphod.mps.ohio-state.edu!rpi!uupsi!sunic!nuug!ifi!hhe From: hhe@ifi.uio.no (Hans Henrik Eriksen) Newsgroups: comp.org.eff.talk Subject: Re: Lotus Marketplace Message-ID: Date: 17 Nov 90 16:46:03 GMT References: <1990Nov16.205011.10348@uncecs.edu> <1990Nov17.074534.8751@looking.on.ca> Sender: hhe@ifi.uio.no (Hans Henrik Eriksen) Organization: University in Oslo, Department of Informatics Lines: 47 Nntp-Posting-Host: helblinde.ifi.uio.no In-Reply-To: brad@looking.on.ca (Brad Templeton)'s message of 17 Nov 90 07:45:34 GMT Originator: hhe@helblinde.ifi.uio.no In article <1990Nov17.074534.8751@looking.on.ca> brad@looking.on.ca (Brad Templeton) writes: > We are pulled in two different directions. > > On one hand, we have deep concern on how the government might regulate > our use of computers and what we will do with them -- what information > we will collect, what we will share, what we will publish. We fear a > bureaucracy and invasions of our homes by armed goons on strange > pretexes. > > At the same time, we call for protection of privacy, and strict regulation > of what people can store about us on computers, what databases can be > merged and what can be done with that information. Yes, this is a difficult conflict of interest. In Norway we have rela- tively strict regulations on use of registers containing personal infor- mation. The legislators has made it a key point that every individual should be able to control the information about themselves floating around in databases (the most important exception is medical records, but this is governed by its own laws.) That is, in a sense a person is the OWNER of the information about him or herself. An individual has two basic rights regarding the control of personal information: -the right to request a printout of his or her personal record in a database -the right to request that oneself be expunged from the database (difficult with distributed material, especially CDs :-) All this comes from the assumption that the information regarding a person will be used in some way that may affect that person. Therefore it is of vital interrest that the information is CORRECT, COMPLETE (in some sense) and UPDATED, so that one will get a fair treatment when it is used. Further on, companies are prohibited from selling or giving away their customer databases. Direct mail agencies with special permits are allowed to merge registers from several companies for a ONE TIME mail job only. The merged registers must be destroyed immediately thereafter. Many direct mail agencies now print their register sources on the distributed material. Needless to say, there must be a gray marked for consumer registers in Norway, but the large and important direct mail companies are (hopefully) not willing to take the risk of doing something illegal and having their permits revoked. Hans Henrik Eriksen, hhe@ifi.uio.no