scary .. but logical, alaric On Fri, Apr 1, 2011 at 2:29 PM, Alaric Snell-Pym <ala...@snell-pym.org.uk>wrote:
> On 03/30/11 19:30, J. Andrew Rogers wrote: > > > If it is not possible to usefully anonymize data, of what use is a > > policy which states that all data must be anonymous? If a person > > actively puts their personal data in the public domain, intentionally > > or unintentionally, how is one supposed to prevent that? How > > effective is regulation of official databases when someone can > > reconstruct much of the content of those databases without official > > access? A big challenge is that almost everyone's intuition about > > what would constitute an effective privacy policy is incorrect. > > Yeah, I've felt that a lot of privacy/data protection rhetoric attempts > to bolt the stable door once the horse has fled, as it where. > > To be honest, if any data about me leaves my own property, I don't > really have high hopes of it remaining private unless I've explicitly > entered into some kind of contract with the recipient, anyways. I > believe it's bad manners to peer into somebody's home through an > uncovered window, but I don't feel I have *great* cause to complain if > people make use of information encoded in photons I carelessly broadcast > out onto a public right of way. If I want to perform embarrassingly > perverse sex acts with my wife, I close the curtains first... > > > Anything I do in public could be witnessed by anybody anyway, so I see > no greater harm in it being recorded and then broadcast to the Internet > etc. In fact, it might be healthier for society if things like CCTV > footage and logs of public activity (such as Oyster card activity logs) > were, as a legal requirement due to them being logs of public activity > anyway, placed in the public domain and made easily accessible by their > collectors! The costs of doing so might kerb the excesses of > over-monitoring a little, and it would discourage the false sense of > privacy some people seem to have - and it would make it hard for > organisations to keep quiet about the data they gather :-) > > What privacy provisions would I like in law, then? More encouragement > for the use of cryptography, I guess. Standard legal frameworks for > privacy agreements being negotiated; when I buy something from an online > shop or whatever, it'd be nice if there was a standard contract of > privacy about the transaction implied by the making of a sale, any > exceptions to which would have to be declared boldly... I think that > would be a subtly better approach than the data protection act. > > > It would probably be more constructive at this point to work on > > policies that ensure the increasing loss of privacy is symmetric (or > > asymmetric in favor of the private citizen) rather than trying to > > guarantee a level of privacy that is no longer practical. > > Yes. > > ABS > > -- > Alaric Snell-Pym > http://www.snell-pym.org.uk/alaric/ > >