[IP] more on MN GOP CD phones home]

To: ip@xxxxxxxxxxxxxx
Subject: [IP] more on MN GOP CD phones home]
From: Dave Farber <dave@xxxxxxxxxx>
Date: Wed, 01 Mar 2006 14:26:35 -0500
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
Reply-to: dave@xxxxxxxxxx
User-agent: Thunderbird 1.5 (Windows/20051201)

-------- Original Message --------
Subject: Re: [IP] more on MN GOP CD phones home
Date: Wed, 01 Mar 2006 10:52:56 -0800
From: DV Henkel-Wallace <gumby@xxxxxxxxxxxxxxxxxx>
To: Robert Alberti <alberti@xxxxxxxxxxxx>
CC: David Farber <dave@xxxxxxxxxx>
References: <4405DD3D.5080601@xxxxxxxxxx>

Actually, Robert (and Dave), it's not criminal nor, arguably, is it
even negligent.  Even spyware is being prosecuted for being
deceptive, not because it might leak private info.

Very very few developers understand how to even think about data
protection (and those who do still have a hard time securing
systems).  Furthermore there is not much culture of data protection,
and as we have seen lately, the tide has been going the opposite
direction even when it won't solve a problem (e.g. "security" cameras
or national ID cards).

I hate to advocate passing a law to solve a social problem, but this
is one that requires a statutory approach.  The few efforts in this
area have always been stymied by commercial marketing interests
claiming that commerce would grind to a halt.  I think it's
interesting to look at the existing examples to see that they don't
gum things up:

- European data protection rules and implementation, while far from
perfect, are quite effective and in my personal experience never
screwed up my daily life.

- If you've ever run a US business you'll see that companies bend
over backwards to enforce HIPPA rules.

- Banking is the most interesting.  US banks are required to enforce
various security rules to support the integrity of the banking
system.  On the other hand client privacy is not protected to the
same degree, and _that_ is where we see breaches.

I think the final example especially shows the value of the legal
approach.  But until then, there's really nothing to stop someone
lifting whatever they'd like.

-d

> Date: Wed, 01 Mar 2006 10:52:38 -0600
> From: Robert Alberti <alberti@xxxxxxxxxxxx>
>
> [...]
> Well apparently the place
> where the data is sent is not secured... so by decompiling the Flash
> program on the CD, you can trace down and access all the personal
> information stored in the database.
>
> This isn't merely criminal, it isn't merely negligence, it's
> tar-and-feathers quality criminal negligence...

-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] more on China To Launch Alternate Country Code Domains]]
Next by Date: [IP] might this FINALLY be the first step to deterring off-shoring?!
Previous by thread: [IP] more on China To Launch Alternate Country Code Domains]]
Next by thread: [IP] might this FINALLY be the first step to deterring off-shoring?!
Index(es):
- Date
- Thread