Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!apple!uokmax!d.cs.okstate.edu!unx2.ucc.okstate.edu!minich From: minich@unx2.ucc.okstate.edu (Robert Minich) Newsgroups: comp.org.eff.talk Subject: Re: Information Control Message-ID: <1991Mar27.183256.8047@unx2.ucc.okstate.edu> Date: 27 Mar 91 18:32:56 GMT References: Organization: Oklahoma State University Computer Center Lines: 55 by guest@geech.ai.mit.edu (Guest Account): | In article <1233@airs.UUCP> ian@airs.UUCP (Ian Lance Taylor) writes: | | For example, I occasionally find it necessary to mail order various | items. I doubt the mail order companies would be willing to enter | into such a contract, not necessarily because they want to sell my | address and information about my purchases but because it would likely | be more time and effort for them than the sale would be worth. | | What does this say about the consequences of implementing new laws? | People who really care about privacy should pay for it. Those that | don't really care should not have to subsidize those that do. | | Daniel Guilderson | ryan@cs.umb.edu Uhmmm. Uhmmm. I don't want to panic or anything, but the Supreme Court *has* acknowledged a fundamental right to privacy. Should those who desire life, liberty, and the pursuit of happiness have to pay extra??? Should I also be forced to pay extra for police services if I "really care about" my life and property so those who don't give a damn don't have to subsidize me and the criminal justice system? Should it cost me more to prohibit Joe Schmo from entering my home and looking through my desk? (After all, this is just another blow to my privacy.) Is it really too much to ask that EVERY database be required to use a flag indicating whether it is OK to distribute information about me for purposes other than which I granted access to the information? (By default, the data should be considered private.) That is much less restrictive than requiring, say, that everyone in the database be notified of its existance or, even more interesting, notification of each access made to information about themselves. (_I_ would really like to know when and why information about me is being accessed. It is difficult to defend yourself when you are not allowed to face your [possibly silicon] accuser.) I don't think a bit per person is too much to ask. If the data collectors complain that an absolute yes or no is too great of an imposition, they are welcome to add more access control bits to their database. I think it is safer and easier for all involved to *grant* access to information rather than trying to *deny* such access or prevent propagation of information that is incorrect and/or desired to be kept private. If a database where found to have inappropriately obtained data, its owners should be required to delete such data upon request. Finally, how many people don't care at least somewhat about their privacy? Would you be offended if I browsed through your bills, tax returns, bank accounts, shopping list, or sock drawer? -- |_ /| | Robert Minich | |\'o.O' | Oklahoma State University| "I'm not discouraging others from using |=(___)= | minich@d.cs.okstate.edu | their power of the pen, but mine will | U | - "Ackphtth" | continue to do the crossword." M. Ho