Newsgroups: comp.org.eff.talk Path: utzoo!utgpu!watserv1!maytag!looking!brad From: brad@looking.on.ca (Brad Templeton) Subject: Re: OUTLAW ALL DATABASES!! Damn right! Organization: Looking Glass Software Ltd. Date: Thu, 29 Nov 90 02:59:37 GMT Message-ID: <1990Nov29.025937.29810@looking.on.ca> References: <7425@hub.ucsb.edu> <5140@rsiatl.UUCP> The fact that you can prove that the credit databases are worthless and erroneous doesn't change the fact that big organizations want them and pay big bucks for them. Fact is that these big outfits, procedure and rule oriented as they are, *need* some sort of security, even if it is false security. They would never tolerate giving ordinary employees the right to grant credit on their own intuitive appraisals of a debtor's credit worth. Here are some possible ideas I will throw out... a) A simplified law of database libel. Pre-set, straightforward fines for database errors. Fines are fixed unless malice or criminal negligence can be shown. Fines would range from the miniscule for getting spelling wrong, to a serious fine for invalid credit information to a very serious fine for invalid criminal conviction info, etc. For the basic fine, no proof of damage need be shown (ie. nobody need have accessed the data -- this is a preventantive fine, like many other that exist.) Plaintiff can also get real damages, but that needs a trial. For basic fine, conviction is summary unless contested. ie. plaintiff shows database record, demonstrates falsehood of record, defendant makes no defence, pays fine. Defendent can, of course, offer a defence that the information is true. Fine is split by court and Plaintiff. With such a law, people who are poor or had nothing better to do would run around snooping for database errors to get their share of the fine. In fact, whole firms would exist to seek out the info from anybody selling or giving away info on other people. b) Tagged information. All records must be tagged and digitally signed as to their origin. Author of bad record is jointly liable for fine (or liable as arranged in contract between database vendor and information supplier) Information tagged with date as well for expiry. Any database with unsigned information makes the database owner liable for such libel. c) Standard contract of confidentiality: Definet the law so that there is an implicit contract of basic confidentiality of information in certain transactions, such as purchases, subscriptions, trade show attendance, mail order, video rental, credit card, banking etc. Naturally the party giving the information may explicitly waive that implied contract. If all information must be tagged as to its sources, it's easy to catch violators of that sort of confidentiality. I'm not talking about the full secrecy of a non-disclosure agreement here, just a basic agreement not to give the information out except as necessary for the business at hand. Implied contract must be transitive. Magazine gets name for subscription, hands it over to circulation house -- they must also be bound. -- Brad Templeton, ClariNet Communications Corp. -- Waterloo, Ontario 519/884-7473