Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!uunet!looking!brad From: brad@looking.on.ca (Brad Templeton) Newsgroups: comp.org.eff.talk Subject: What is private information? Message-ID: <1990Dec25.062336.16836@looking.on.ca> Date: 25 Dec 90 06:23:36 GMT References: <13284@milton.u.washington.edu> <1990Dec22.040101.26926@ddsw1.MCS.COM> <13444@milton.u.washington.edu> Organization: Looking Glass Software Ltd. Lines: 60 I wrote earlier about a possible act declaring an implied contract of confidentiality on personal information given as part of a commercial transaction. Let's expand on this a bit more. First of all, let me list some "levels of privacy" that I can think of for a transaction. I will refer mostly to privacy of the buyer, but we could also extend this to the vendor. A) Total Privacy: The vendor doesn't even know who the buyer is. For example, a purchase form a coin-operated vending machine. This is rare, but not too rare. B) Strong Privacy: The vendor (or its agent) sees the buyer during the transaction, but keeps no record of the buyer's identity. Ie. buying something cash and carry. This is a very common form of transaction today. C) Courteous Privacy: The vendor knows who the buyer is and has that on file long enough to complete the transaction -- processing a cheque or delivering the item, for example. The information is eventually destroyed. D) Common Privacy: The vendor knows who the buyer is and keeps a semi-permanent record of the transaction for the files. This is used to things like customer support and other actions relating to the sale. The information does not leave the vendor, except perhaps in being passed to a delivery service or fulfillment house. E) Follow-up Privacy: The vendor records the buyer's identity, and uses it to solicit new business directly related to the past purchase. Ie. magazine renewal, sale of accessories, etc. F) Vendor-only: The vendor records the buyer's identity, and does not pass it to outsiders, but uses it to solicit new business of any kind. G) Controlled-Public: The vendor records the buyer's identity, and passes it on to outsiders in a controlled fashion -- as part of general mailing list sales or demographic info, for example. The vendor does *not* release info on any one specific buyer on request. H) Requested-Public: The vendor provides the information to anybody who requests it, either for pay or not. Z) Published: The vendor actively publishes the identity of the buyer, in varying degrees of detail. Ie. the telephone book. ----- I can think of degrees of most of these, and some cases in between. We might all like the world to run on class A privacy, but it can't. However, I think we might not feel too bad about classes C through F as standard default rules for transactions. I would suggest that a default be set of C through E based on the type of transaction, allowing vendors to specify F just by announcing it (implicit agreement) and explicit agreement required for G and beyond. Comments? -- Brad Templeton, ClariNet Communications Corp. -- Waterloo, Ontario 519/884-7473