Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!cs.utexas.edu!sun-barr!newstop!central!letni!rwsys!sneaky!gordon From: gordon@sneaky.lonestar.org (Gordon Burditt) Newsgroups: comp.org.eff.talk Subject: Re: Database Registration and privacy acts Message-ID: <57014@sneaky.lonestar.org> Date: 18 May 91 04:13:51 GMT References: <1991May14.040427.10453@looking.on.ca> Organization: Gordon Burditt Lines: 47 >In one case a site has queried the database registry office about what >databases must be registered. (Apparently the law requires that if you >keep a collection of information about people on a computer, you have to >register it, and other laws allow people to look at the data) > >They kept asking if X should be registered and always got yes. Examples >of X: > The uucp maps and alias databases for sites and users > Hostname databases for the internet Does the registration for a database have to be registered, if it is prepared on a computer? To how many levels of recursion? Or can a registration of a database include registration of the registration? I got in a discussion about a year ago about certain proposals to regulate databases, complaining that these proposals (mostly anti-credit-bureau and anti-mailing-list-vendor proposals for use in the USA) outlawed the Personal Address Book. Nobody took the complaint seriously. It seems the UK has implemented it. The only way we are going to get sane laws on the subject, which balance privacy rights against government intrusion into everything, is to write the law in such a way that it does not in any way refer to computers. If it's illegal to do with computers, you can't do it with paper or stone tablets either. Computerized versions of the personal address book shouldn't be any more illegal than the paper kind. You should be able to use either as a mailing list for Christmas cards, but perhaps not as a mailing list for selling insurance. Also, it has to apply to the government as much or more so than to corporations and individuals. What are the consequences of a registration under the UK Data Protection Act that goes something like this: Data collected: everything we can get our hands on, up to and including name, address, credit information, sexual history and videotapes thereof, telephone calling records and recordings of telephone conversations, urine tests based on samples flushed down the toilet, anything good for blackmail, all financial transactions, copies of all mail received and sent, and anything else. Distribution of data: Intergalactic, to all known adult sentient beings, except for people who pay us NOT to send it to them, and so far nobody has that much money. Gordon L. Burditt sneaky.lonestar.org!gordon