Robin,
...
Primrose goes to InsureMe.com, where she will be asked for a lot of personal
data. InsureMe.com invites her to register and create a new account, with an ID
and password; all this is done over https, so InsureMe.com is confident it has
taken suitable steps to protect the data from being visible to third parties.
Third parties on the wire. Experience shows that Primrose's data is most
likely to be
disclosed to third parties once it is on the InsureMe.com web site. Your
example
goes on to cite a privacy violation in the form of Gotcher.com. But, a
successful attack
against InsureMe.com also would violate the confidentiality of
Primrose's data.
Bottom line: I agree with your observation that privacy is not the same as
confidentiality, and we often overly simplify these discussions.
Steve
_______________________________________________
perpass mailing list
perpass@ietf.org
https://www.ietf.org/mailman/listinfo/perpass