At Thu, 18 May 2006 16:29:53 -0400, "Jonathan S. Shapiro" <[EMAIL PROTECTED]> wrote: > there is universal agreement that some form of > digitally enforced disclosure control will be part of the technical > solution.
Well, according to your first mails on the subject this means necessarily some form of DRM. According to your latest clarification on the subject, it means something that is "reasonably diligent", which does not necessarily mean DRM. Even an outspoken pro-DRM publication like "www.drmwatch.com" says that "we have yet to be convinced, for example, that DRM technology applies to regulatory compliance scenarios like HIPAA and GLB at more than a superficial level", whatever _that_ means. http://www.drmwatch.com/drmtech/article.php/3294391 It's interesting to note that in the one criminal enforcement of HIPAA that Peter mentions, the case was about the abuse of patient information which were accessed under authorization (the case of Richard Gibson, a lab assistant). Despite your impression otherwise, I have never proposed that any information is disclosed to anybody involuntarily. So, I find myself in agreement with the words I quoted above, but I don't think we are in agreement in spirit. If the issue of contention is what constitutes "reasonable diligence", I think that this issue alone would widen up the discussion considerably, and a narrow view on protection alone would not be sufficient. Thanks, Marcus _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
