Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!sol.ctr.columbia.edu!cunixf.cc.columbia.edu!cs.columbia.edu!abrams From: abrams@cs.columbia.edu (Steven Abrams) Newsgroups: comp.org.eff.talk Subject: Re: Database Regulation (was Re: Post Office plans.) Message-ID: Date: 19 Dec 90 06:19:38 GMT References: <5308@rsiatl.Dixie.Com> Sender: news@cs.columbia.edu (The Daily News) Organization: Columbia University Department of Computer Science Lines: 85 In-Reply-To: jgd@Dixie.Com's message of 18 Dec 90 22:59:25 GMT In article <5308@rsiatl.Dixie.Com> jgd@Dixie.Com (John G. DeArmond) takes my bait and writes: >abrams@cs.columbia.edu (Steven Abrams) writes: >>Is this sufficient reason for making databases illegal? This is >>almost along the lines of the "guns don't kill people" type of >>argument, with the major exception that there is nothing implicitly >>dangerous about data. > >Yes it is. The gun analogy is not quite right. In general, things >that can easily cause harm to people through inadvertant use and/or >things that have the potential for mass destruction are most heavily >regulated. Plus the degree of regulation (should) depend on the ease >of use of the potential harmful force. I'm glad someone took didn't let this slide. It wasn't meant sarcastically, but it was meant to get a reaction. To put databases in the same category as guns or explosives is ludicrous, in my opinion. Let me explain what I feel to be true about databases, computers and regulations. These are IMHO, and not meant to be construed as law or my opinion of law. 1) A "Data base" is a collection of knowledge. You can not forbid knowledge. You can't even prevent people from writing down everything they hear. You certainly can't pass a law against someone with a photographic memory from remembering things. 2) Any data that is presented or discovered by someone is free to all, unless the ideas are patented or they are discovered while under a non-disclosure agreement. (I'll get to this later...) 3) Computers are rapidly becoming the primary ways in which we store and analyze data. I don't think I have to go into the reasons why. 4) The fact that a device can be misused to harm people is not cause in and of itself for regulation. Yes, guns and explosives are and should be heavily regulated. Probably because if you use a gun correctly, you shoot someone or something, not only if you misuse it. And explosives blow things up as a rule, not an exception. Knives, on the other hand, have many uses. They cut wood, meat, wires, and yes, they kill people. But they are not (nor should they be) regulated. Now, mind you, I am scared of the prospects of Lotus, et al, having my life story on CD-ROM, and being able to predict what, when, and how I buy everything from engagement rings to toilet paper. I am even more afraid of the government coming in and passing laws about who can store and search what types of data. Do I have to now explain how I get my "hit list" of potential leads for contract work to the government? What if this list grows to be so big and detailed that it could be searched for, say, all computer companies with more than a million dollars worth of hardware and are looking for night staff or are located in secluded parts of town? Is this now a "dangerous" database? No, they can't touch this. What if I give this list (or sell it?) to colleagues looking for similar work. Is this now a regulateable database? Hmmm. I mentioned above that acquired data is freely distributable unless obtained under an (explicit or implied) nondisclosure (this is again, my belief, and I'd appretiate one of the net.lawyers, Mike, to correct this if wrong). Perhaps the approach is to pass a law that allows the safe assumption that certain types of data are automatically confidential, i.e. there is a de facto non disclosure on addresses obtained by mail-order houses, retail stores, periodical publishers, etc., unless explicitly waived. The waiver must be explicit, not implicit, to prevent stupid fine-line type stuff. This might satisfy lots of people. Now, what about data already in circulation? Tough call, and also impossible to retroactively make such data "illegal." Well, perhaps Brad's idea (was it you in fact?) about protecting mailboxes and phone numbers from junk mail/phone calls/faxes. Banning the databases? Don't think so. Let me safely assume that certain stuff is confidential? Sounds better. ~~~Steve -- /************************************************* * *Steven Abrams abrams@cs.columbia.edu * **************************************************/ #include #include