Path: utzoo!attcan!uunet!dino!ceres.physics.uiowa.edu!zaphod.mps.ohio-state.edu!van-bc!cynic!curt From: curt@cynic.wimsey.bc.ca (Curt Sampson) Newsgroups: comp.org.eff.talk Subject: Re: Lotus Marketplace Keywords: CD-Rom consumer database,privacy Message-ID: Date: 19 Nov 90 10:04:44 GMT References: <1990Nov19.000849.23021@math.lsa.umich.edu> Organization: Mad Artists' Technological Hangout, Vancouver, B.C. Lines: 27 > This problem would seem to me to have a rather simple solution. Simply > prohibit the storing and using of any personal information in any > database without the explicit consent of each person regarding each > and every database. Said permission should required to be sought > decoupled from any other transaction. Thus, your bank would not be allowed > to sell your name as a condition for obtaining a loan. Perhaps a "distributed" database is the key. Rather than having the actual data, people could have a way to get the data from the rightful owner. The owner of the record (the individual to which it refers) would have complete control over the contents of the record. When she moves, she just updates the address. When someone wants the information, say for a mailing list, that entity would send a request to the server for information from this record. The server would check to see if that entity was authorised to have the particular information requested (address, phone number, SIN, whatnot). If it were, it would send the information, if not, it would deny the request. The owner of the record could then determine who and what kinds of entities have access to which pieces of information. cjs curt@cynic.UUCP | "The unconscious self is the real genius. curt@cynic.wimsey.bc.ca | Your breathing goes wrong the minute your {uunet|ubc-cs}!van-bc!cynic!curt | conscious self meddles with it." --GBS