Federal Trade Commission Wants More Online Privacy 88
orpheus writes: "According to this article, The U.S. Federal Trade Commission has completed a review of Web site privacy policies, and voted 3-2 to seek Congressional legislation to improve user privacy on the Web. According to Jason Catlett, president of Junkbusters Corp, the grading was "very easy", but most Web sites flunked anyway. "
cool. (Score:2)
- A.P.
--
"One World, one Web, one Program" - Microsoft promotional ad
Sorry but... (Score:2)
Unless the FTC plans to sieze already-existing databases, or to regulate their use, the privacy war is already over, (except for those netziens who haven't been born yet.
tcd004
Here's my Microsoft Parody, where's yours? [lostbrain.com]
Full text (Score:3)
___
well now (Score:1)
Take that Edward Bronfman
-----
If my facts are wrong then tell me. I don't mind.
Let's try not to just react here... (Score:3)
OK.. that's valid, but it's not going to do anything to help. Lawmakers are in office because they want to do things to (in their eyes, and supposedly the eyes of their constituents) help, and they are fairly convinced, probably by the fact that they are elected officials, that they should be the ones to make changes to try to help. I don't think we're going to be able to pursuade them from that beleif, so yelling and screaming about how uninformed and non-technical politicians shouldn't be making technology laws isn't going to help anything. What WILL help is either a) educating the politicians so that they beleive themselves that keeping anonymity and privacy will be beneficial to the internet and to society as a whole or b) convince them that their constituents beleive this.
A is a tall order.. congressmen did not grow up in our generation, they do not understand the kinds of changes the internet is going to bring, so we should focus our efforts on B. Make yourself heard, and not just by writing your congressman (which is good as well), but also by telling people you know, your family and friends, people you meet, etc our point of view. If more people can be made to understand this the way it really is rather than having their views shaped by the equally ignorant and hype-prone media.
Spread the word!
//Phizzy
Its about time! (Score:4)
On a side note, I only use SSH now because of them, SSH for almost everything. Before I usually used SSH, but if I needed to I would use telnet. Now if a computer doesn't have SSHD running, I don't login to it.
Re: (Score:1)
Methodology (Score:2)
___
It's About Time! (Score:2)
about a year ago, i sent a long, heartfelt email to natalie portman. i expressed my deepest emotions and offered to assasinate a top political figure to win her love.
i was astonished when i was subsequently contacted by the fbi. they knew EVERYTHING about me! THEY EVEN HAD A COPY OF THE EMAIL I SENT TO NATALIE PORTMAN! they confiscated my natalie portman film collection and my detailed blueprint of the whitehouse.
something needs to be done about our lack of internet privacy AT ONCE!
thank you.
This is great, but... (Score:2)
Re: (Score:1)
Re:Let's try not to just react here... (Score:2)
I hope you weren't trying to whore karma from writing this "everybody let's not over-react, let's hear what I have to say" trite.
Go get your free Palm V (25 referrals needed only!)
Who do you want to control you today? (Score:2)
How cleverly put. In other words: "Since we don't believe the industry can control the net, we should be given the authority to do it". What's wrong with this picture is that the net doesn't need to be regulated by any institution! So far it has done just fine without a one. Unfortunately, just like the Seagrams guy basically claimed that only corporations have brought (and can bring) content to the net, lots of non-tech people believe that the government is the only way to impose order in the net.
Wrong.
Having the government (or actually: governments) in control of the net would be just as bad as having corporations running the place. While FTC does seem to have a more positive attitude towards privacy (for now), it doesn't change the fact that they are -- just like corporations -- simply trying to gain back the ground they lost by being asleep when the net started to become mainstream.
"Self-regulation" is a joke, in any context (Score:2)
I mean, I don't like excessive laws either, but consumer protection laws are to protect you and me. There wouldn't be any demand for these laws if companies had behaved in the past. They had their chance, they blew it. I have no sympathy for them. If they don't like it, then they should remove the need for these laws, not complain about them.
Hey officer, can I self-regulate too?
Privacy Standards (Score:3)
department of redundancy department (Score:1)
you can't self-regulate yourself. You can regulate yourself, you can self-regulate, but... now, go self-flagellate yourself :)
Re:Its about time! (Score:1)
reasonable regulation (Score:1)
Fair enough?
Re:Its about time! (Score:1)
Beware the small print in privacy policies (Score:4)
Many privacy policies sound good, and give you that comfortable warm feeling that makes you trust them. HOWEVER, somewhere in the small print is a line like
Yeah, carefully selected to give Foo Inc. the most money per demographic datum.
Such a privacy policy can be worse than nothing, because it gives the user a false sense of security (much like bad encryption). These days, I simply don't trust any privacy policy; I figure there's always some loophole I missed.
I'm not saying that every company means to deceive; I know for a fact that some companies truly value consumer privacy. Clauses like the one above may be needed to allow for outside contractors, etc. (but they should be more specific in that case). All I'm saying is that most privacy policies look a lot stronger than they really are, and that you could be screwed if you count on their protection.
Doesn't need? It can't! (Score:1)
How cleverly put. In other words: "Since we don't believe the industry can control the net, we should be given the authority to do it". What's wrong with this picture is that the net doesn't need to be regulated by any institution! So far it has done just fine without a one. Unfortunately, just like the Seagrams guy basically claimed that only corporations have brought (and can bring) content to the net, lots of non-tech people believe that the government is the only way to impose order in the net.
It doesn't need to be regulated, you say? I'd go so far as to say that it can't be; it's too widespread and international to be regulated. TLD-based regulation would have been an option if the TLDs were actually used correctly. It's fargone that we can't regulate the net. I hope.
Optimistic 'cause he's the future,
Mikey G.
I just don't understand. (Score:5)
I think it's naive of Slashdot to think that geeks alone are going to be able to convince corporations that they need to maintain the privacy of their customers. I think government intervention on an even more massive scale than the US government (read: international) is going to be required to safely ensure that we have access to what information is being collected, what is going to be done with that information, and who has the right to restrict that information. Corporations just won't do it on their own. I have never been to a corporate web site that would've passed the tests that the FTC used, and the tests were basic. They didn't cover anything about what was done with the information, only about how it's collected.
But Slashdot plays this out like there is no good side. We say, "Oo, corporations are evil," but when someone (read: the government) tries to help us out agains the evil corporations, we say, "Oo, governments are evil," and turn our back on one of our potentially greatest resources. How do you expect to reform the corporate world? By going around door-to-door like some geek Jehovah's Witnesses? The fact that Congress is controlled rather strongly by corporatist lobbiers means that these FTC recommendations have an uphill climb. We should backing them if we want to see any of these suggestions come to bear (and from the slant of past Slashdot stories and posts, I'd say that most in the online community do).
But what do I see when I finally read the posts? I see basically mistrust of the government and a refusal to take help from those who are offering it. Personally, I'll throw my support behind the FTC. I'd rather have a organization that is supposed to work for the people working towards my privacy goals than a corporation with absolutely no ties to me whatsover.
Re:Its about time! (Score:5)
Since you're using THEIR network to operate over, they have every right to monitor and log ANY traffic over that network, including MAC addresses, IP addresses,
So your recommendation for privacy would be: 'buy the entire internet or shut up'? He is paying to use their network the same way you are (presumably) paying to use your ISP's network and your phone company's resources. Is it OK if your phone company pipes your conversations into the breakroom for the enjoyment of all?
Re:.gov (Score:1)
Certainly for the people, but also *by* the people
"Easy"? (Score:3)
Accessibility and security are always at odds, especially on the internet. One thing that I have been saying for years, and will likely continue saying, is that if you want to secure your information, you must keep it away from the internet, period.
There is no practical way to give J. Random Surfer internet access to his personal information as stored by an internet business without also giving it to any script kiddie who finds a way to crack the system. As long as the threat of intrusion exists, the data is at risk of unauthorized disclosure. As long as that risk exists, the only responsible thing to do with that data is to get it away from the internet as fast as it comes in. ALL DATA THAT CAN BE REACHED VIA THE INTERNET IS AT RISK OF UNAUTHORIZED DISCLOSURE.
The referenced FTC report is so suspicious as to be, in my mind, totally discounted. Either the people who wrote it don't know how the internet works, or there's some hidden motive. I am most fearful of, and most likely to believe, the latter. FUD is a powerful weapon.
i'm going to say this is a Good Thing (Score:2)
in reality, it's not the government, but rather it's power that is the real danger. furthermore, anythign with too much power can be a danger, whether it be a corporation, or an individual. in this case, we have the government offering to limit the power of corporations. now, IANASGV (i am not slashdot grizzled veteran) but this certainly seems like something to check the rampaging power of the 'shrink-wrap' type license agreements ("by entering this site you agree to give us your firstborn upon it's 2nd birthday") and kicking the various corps around a bit.
we should cheer up a bit.
Some things just don't go together. (Score:4)
2) My name is Hemos and I've never been in a
3) I'm from the government and here to help.
;)
___
The user's responsibility (Score:2)
The paradox I see is that while something like 90% of people online list privacy as their primary concern, general behavioral practices don't support that. People dole out personal information for online lotteries, to get free Web space, to get "paid to surf", to get free PCs -- as if there were no value to the data at all. Either that or their valuation is much lower than mine. Generally, (and this certainly doesn't apply to Slashdotters, eh?), people don't know to insulate their primary email address or to be judicious in filling out forms, particularly when the data isn't required, or how to take protective measures when surfing "promiscuously". Though it's been a hot button issue, most people don't get what HTTP cookies are, assuming they've even heard of them. I asked my young nephew who spends an inordinate amount of time online if he ever surfs anonymously. "Oh, all the time" he said. I asked him what he did to stay anonymous and he gives me a quizzical stare and says "I just don't tell anyone who I am". I'm sorry, but this may seem profoundly naive to this crowd but the truth is that the vast majority have no clue and probably don't want to have to deal with the details. They just want to know that what they perceive is true...that electronic communications are somehow inherently private.
I've been a believer that educating the user/consumer to take more command of his or her personal information was much more empowering than having "big daddy" government do it for us, especially if the masses out there don't seem to care as strongly as the advocates. Is that ignorance? I certainly don't think anyone is justified in saying the person who makes the educated decision to expose his personal details in return for something (whether it be a free giveaway, opt-in targeted advertising, or just a customized homepage at Yahoo) is a fool who doesn't appreciate the degree of intrusion. The key is that it must be an EDUCATED choice...not one clouded by ignorance. I do think what we need is for the marketplace to react by penalizing companies or entities that abuse the trusted consumer/provider relationship. It's our obligation to demand and examine the privacy statement and not just see that one exists or that there's some toothless seal attached to it. We must be judicious in limiting data in registration forms to only what the requester has a need to know and with what matches our comfort level with regard to personally identifiable information. We don't have to be evangelical paranoids, worried about "cookies filling up our harddrives" or charging that Anonymizer.Com is a front for the FBI. We simply need to help the common Internet user know that choice is already in his hands (assuming the cat's not already out of the bag).
I'm not suggesting that there isn't a role for legislation or regulation. I certainly would like to see some standardized method to let consumers rely on a spoon-fed assurance of privacy and the means for remedy if the guarantee is violated. But what I think we'll end up getting are "Surgeon General" style warnings about how your personal data is going to be exploited before the registration process, and we'll become dulled to it just as I bet 99% of you breeze on past the Terms of Service or Acceptable Use Policy statements (you've seen one, you've seen them all, right?).
Now that my long-winded position has been poorly articulated, I end by saying that mine may be a Utopian goal. We'll never be able to rely on education and experience as a protective umbrella for all users. And while I'd like to see consumer privacy demands influence the marketplace, <sigh>I'm beginning to acquiesce and see the necessity for oversight. </sigh>
Re:Let's try not to just react here... (Score:3)
There're many reasons why the Government doesn't just abolish tobacco altogether, including the large number of farmers that make their living growing tobacco for the corporations, the millions of people that smoke and chew tobacco products, and of course the corporations that supply an economy for their states.
A good number of politicians do, in fact, think they are doing the right thing. The pay for being a representative doesn't compare with being a doctor, lawyer, scientist, several different types of engineer, or corporate executive. The amount of power in being a representative, especially in the House, is also fairly small, given the distribution. This isn't too say that none of them are in the pockets of corporations, but to suggest that all politicians are somehow corporate whores is nonsense. We'd have no where near as pleasent a society, if all they did was bow down to multinational corporations.
YOU are the protector of your own privacy (Score:4)
Buy online? post your information EULA, stating that if they do not agree to keep your info private and not use it then to cancel your order,and destroy all information about you. that way they are legally bound (as we are legally bound by EULA's) to use your information as you requested. - and dont trust "geek" friendly sites...you set the terms sof your information, and if they dont agree, they must destroy your data. Or sue their butts off.. It's time we used their tools against them!!
EULA's for our personal Information!
Watched some of the hearings... (Score:2)
But Orson Swindle (one of the dissenting votes) got it right. He said:
1. Web sites have an incentive to figure out what the best privacy options are, and offer those to their customers.
2. The guidelines the FTC wants don't necessarily bear any relation to what consumers want.
One condition that failed a lot of sites was "access to the data". Which means that I can see what information they are keeping on me. Now, when you're talking about credit reports, this makes sense. But it doesn't when you're talking about websites. What websites track is your habits, and what pages and ads you have seen. The information is used for advertising. Does anyone really care that there might be incorrect data in what ads Slashdot thinks I might want to see?
Websites have been keeping track of people since about 1996 or 1997. Why does the government need to jump into an industry and start regulating it before it has had time to develop and see whether it solves the "problems" on its own? The only reason I can see is that it's obvious that these problems will be solved by the marketplace ("5% off, if you let us add you to our mailing list!"), and the government realizes they aren't going to be able to justify regulation when everything is working fine.
For more, go to the link above, and read Swindle's dissent. I don't recommend the computer world article. I mean "We've toyed with the problem long enough; it worsens every day".
What if they actually reported what's really going on? "Government Study Finds Young Companies Still Ironing Out the Details". "Federal Bureaucrats Want More Power".
Re:"Self-regulation" is a joke, in any context (Score:1)
Actually, I do regulate myself, pretty strongly. (My own rules don't always match the government's rules, though.) I'm ALL FOR a society where everybody treats each other with compassion and respect, and there's no need for laws.
I'm asking the question-- what is the difference between self-regulation for these companies, and self-regulation for individuals? Once again, corporations end up with more civil liberties than citizens. Who let that happen? Courts, Congress?
Be careful when using the word "crime". Crime according to whom?
Re:"Self-regulation" is a joke, in any context (Score:1)
Re:Doesn't need? It can't! (Score:1)
It is just trying to make the net the nice place for all of us like it was a few years back - where everyone is anonymous and people can STILL do business as usual.
It is just trying to stop some companies who's trying to use the net to harm consumers (like "automatic demographed ad delivery").
The net without targetted advertisements is a perfectly functional to consumers (I remember I could buy online about 3 years ago where you didn't see as many banners)
Innocent people think that large corporations on the web must be trustworthy and fall to victim by their privacy statements of deception.
They don't understand that you can't really trust people on the web, and forget that the reason of existence of a lot of companies is profit maximization. These two combined gives you a bunch corporate victims making up I guess more than 80% of the web.
I'd say it would be pretty pathetic if FTC just sat there watching. Now give us some real results!
Before you point fingers.... (Score:4)
1) a notice defining privacy policies.
YES, at http://andover.net/privacy.html [andover.net] (link on the left of the page)
2) a choice as to how data collected by the site is used.
NO, though the editors have talked about adding an option for opting-out of book publishing deals.
3) access to that data.
NO, correct me if I'm wrong here...
4) assurances that the data is secure.
NO, at least not that I can find in the FAQ or the about sections.
My point is that the criteria were pretty strict, as #2 and #3 are not readily available on most sites. I am really surpised that ANY sites offer #3. As for #4, it's pretty useless so I don't really care about it.
So before you get all upset about all those sites failing... remember that privacy-respecting firms like Andover.net (I hope) fail too.
-rt-
Re:.gov (Score:2)
"running for local/state/federal office"? You mean, if I get elected to the senate, then government will represent me? Or will I just be part of the government, saying "fuck the people, I want power"?
You don't need to get involved. You need to tell the government to go fuck itself. I don't want anyone to have that kind of power over me. With corporations, I can opt out. I can refuse to buy SDMI hardware. I can refuse to sign up for a service that doesn't respect my privacy. With government, I have no such choice. For example, I can choose not to put my savings in Wells Fargo. I cannot choose not to put my savings in the federal social security. The key point of government is that you are given no options. I like having options. Therefore, I dislike government.
--Kevin
MORE WHAT? (Score:2)
"Federal Trade Commision Wants More Online Piracy"
We're not that lucky =(
COPPA failure? Government backed authentication (Score:1)
However, perhaps this problem could be alleviated with a government backed authentication [usemod.com] scheme. This may sound like sci fi (and it is), but it's essentially a digital analogy of your driver's license or social insurance number, but for each and every citizen. It has to be government backed in order to be trustable and to ensure each person has an digital identity. Plus, the government already tracks information like who is the child of whom.
Then, whenever a site needed to verify that a person is either over the age of 13 or that his or her parent consented, the end user can authenticate him or herself.
A shadow identity [usemod.com] may also be an interesting twist on this.
Aol and online privacy in the same sentence? (Score:2)
"You may find that there are gaps in industry enforcement where government must step in to ensure compliance," said Jill Lesser, a vice president at America Online Inc. in Dulles, Va. "Nevertheless, it is clear that companies are responding to the increasing marketplace demand for online privacy," she said at the commerce committee hearing.
AOL is arguing that online privacy is increasing? AOL that steals people's URLs? AOL that has the *worst* track record for spam in the entire $#!@#% industry?! That AOL?
If an aol atom touched an online privacy atom, they would probably annihalate each other in a puff of pure energy.
Re:"Self-regulation" is a joke, in any context (Score:1)
Now now, calm down. Of course I'm not saying that. I'm saying that purely self-interested parties can't be trusted to regulate themselves regarding their actions toward others. Corporations, almost by definition, are purely self-interested. Much of law enforcement has become that way, tragically.
A dictator or monarch is self-regulated, so that scenario does not follow from my comments. A nation controlling itself is great, as long as it doesn't try to control others. Self-regulation is good for internal stuff that doesn't affect others, whether on a national or personal scale. I was talking about actions which do affect others; maybe I should have been more specific.
The way I see it, the trick is to balance the power: The less powerful need oversight (regulation) over the more powerful. Otherwise, the powerful few get more powerful and fewer, and everyone else suffers. In many ways, this is the goal of democracy-- without it, monarchs would rule. In the US today, corporations are far more powerful than citizens. Without regulation, they'd walk all over us and any rights we had.
Quantity has its own quality ... (Score:1)
*sigh* how often do these efforts work? Seriously? It usually seems to take an organized effort to repel this kind of behavoir on the part of corporations and lawmakers, and sometimes even that doesn't work. If a single, established body tells a congressman that they don't like something, he's more likely to listen than if a thousand individuals tell him the same thing. But even then, how good does it do?
Sometimes I wonder if it really works at all. I get the feeling that we should consider a few other things, in addition to shouting complaints at our congressfolk. Perhaps an organized boycott of some of the more prominent sites, letters to CEOs, congresspersons and other policy-makers (spam them like their mamas never did), and even (*gasp*) suggest solutions to the problems. Instead of a knee-jerk "gee this sucks" reaction, what say someone actually take charge and formulate an intelligent, organized solution.
--Forager
UK DPA: the gun in _your_ hand (Score:3)
So she came to me for help. I informed her of her rights under the Data Protection Act - the right to copies of any data any organisation had on her - and she asked college for the lot.
A month later, college delivered a HUGE box of documents. They listed everything college knew, all her academic record (including confidential bits), interview reports, etc. Then some college council minutes in which her activities had been discussed.
The moral of the story? DPA law is _good_ for individuals, _bad_ for companies. And you don't need a lawyer, just write a letter.
Re:UK DPA: How about a white paper? (Score:1)
Re:.gov (Score:2)
Whether or not you exercise your abilities is entirely different. If you don't, then don't be surprised if laws, policies, and decisions that effect a number of people, don't reflect what you want. This is something that many people attempt to ignore, as they whine about some nonexistant repressive institution.
Amongst other things that I mentioned, yes, becoming a Senator is a fairly good way of making sure that policies reflect your beliefs. Simply voting is also another way, but if you feel no one represents you directly, then doing it yourself is the way to go.
What you would personally do as an elected official, I can't say, but there's really only minor power to be had as one of many U.S. Senators.
You do need to get involved, otherwise you can't expect your world around you to represent your ideals. If no one hears your great ideas, no one is going to support them.
I'm not sure what sort of power you think any one member of the Government has over you, either. Are you suggesting a member of the FTC, or perhaps a school board member, can somehow control every action in your life? Perhaps you think your mayor can tell you what color socks you should wear, or a town clerk can tell you how to cut your hair?
You may not be aware of this, but the Government's actions are constrained by law and the courts. The law will reflect what ever body of people actively attempts to shape it, and then the courts will decide if it's appropriate. So the Government doesn't have any supreme control over you.
You can make a difference, but certainly not by running from "big brother."
It's amusing that you hold more faith in corporations, which are made in an even more amusing form of feudalism.
If a corporation is dumping toxic waste in your river, can you go to them and vote to have them stop? No, of course not. Since you've removed the Government, you either deal with it, or leave.
If you work for a business, can you vote for a longer lunch break? Can you vote on what you want to work on, as an employee? No, your options are deal with it, or leave. Yeah, power to the corporations!
You have no choices with corporations, other then the ones they choose to give you. As a private non-democratic institution, you have no say in their actions. Your options for controlling them is law (which you don't like), money (and there's a million more people to sell to), and going somewhere else.
With Government, if you don't like something, you can change it. You don't want to pay social security? Get off your ass and tell your elected representative. Don't like him? Run yourself, or support someone you do like.
Re:Its about time! (Score:1)
Privacy rights are independent of ownership rights.
Re:.gov (Score:1)
Re:Watched some of the hearings... (Score:1)
I don't remember the details, but to make the FTC happy right now, you would have had to have two different checkboxes for "you can use my info internally" and "you can share my information". Other people they didn't like because they didn't clearly specify who they might share the information with.
So why is this a problem? Dosn't seem so absurd to me. If some company I do buisness with wants to sell my informion I should have the right the choose whether they are allowed to or not. I mean, a feature like that takes 5 minutes out of an administrators time to implement on the site and in the tracking database and personaly it would raise my respect for the company 10 fold and probably make me a repeat customer.
Web sites have an incentive to figure out what the best privacy options are, and offer those to their customers.
No they don't, they have the incentive to get the best bottem line while still maintaining customer trust. This usualy results in posting a privacy policy (with a lot of fine print) that is designed to give the customer a sense of security while still giving the company the freedom to find as many customers for the information they gather as possable. Profit is what drives the industry not morals
What websites track is your habits, and what pages and ads you have seen. The information is used for advertising. Does anyone really care that there might be incorrect data in what ads Slashdot thinks I might want to see?
Not realy, but is it so hard to allow me to override what they think I might want to see so I can tell them what I want to see? Or for that matter to allow me to tell them that I don't want any ads at all? The people that would bother to use such a feature are the people that will very rarly to never look at an ad anyway, so it wouldn't even have a real effect on there bottem line
What if they actually reported what's really going on? "Government Study Finds Young Companies Still Ironing Out the Details".
I think this could be better represented as "Government Study Finds Young Companies Still Ironing Out the Details of how they can get more information and more ways to sell it"
Now I'm not realy saying I agree entirly with a federal body sticking its nose in. U.S. federals tend to have heavy, sweeping solutions to problems that would better be served with a little finess (i.e. they use a crowbar when a fine dentists pick would have been the proper tool) but in this case I think it may be the lesser of the two evils. Companies in recent years havn't been working to come up with better privacy, its not a concern for them. Why actualy increase consumer privacy when you can post a nice privacy policy with lots of fancy words, make the consumer believe your working to protect them, and use your time in the more profitable venture of exploiting there information?
--
Re:COPPA failure? Government backed authentication (Score:1)
Re:"Self-regulation" is a joke, in any context (Score:1)
Giving corporations the ability to simply regulate themselves, and go on the honor system, is a bit naive. Given the choice, that corporation wouldn't spend the $1.50 to add safety features to their product. It also wouldn't hesitate to save money by dumping waste in their world's water supply, or to make a buck by clear cutting forests.
If you don't believe they wouldn't do that, I'd advise you to pick up a history book or two at your local library. I think you'll find the early auto industry's opinion on adding safety features to automobiles horrible.
Choice is the real problem (Score:1)
-Jason
$20 Domain Registrations. Click here! [silverscape.net]
Re:Its about time! (Score:1)
Re:.gov (Score:2)
Run for office? To which party am I going to sell my soul in exchange for enough backing to stand a chance of being elected? Ventura's election in Minnesota gives a slight amount of encouragement, but it doesn't change the fact that getting elected as an independent is almost impossible unless you're personally sickeninglyl rich.
Just voting leaves me with an interesting dilema, however. Do I vote for the party which wants to pass an internet decency act and reduce everything on the net to a level suitable for third grade children, or for the party which wants to pass a law which says that it's illegal to use any encryption other than the program supplied by the government with a built-in backdoor? Voting is, at best, a choice of which evil you want. To put it crudely, just because you can choose whether to grab you ankles or swallow doesn't mean you aren't being raped.
Re:Or sue their butts off.. (Score:2)
A:None.
I think your idea is not only very plausable, but very inforceable if the law would recognize your personal data as your copyright. It's sad, really, but at the moment (In USA) it becomes the property of the collector building your digital biography. What's more is you have no recourse when the data is incomplete, incorrect, or just flat out false.
___
The European Way (Score:2)
1)Within 2 years(i think) the companies and institutions need to send you a letter containing what info they have on you.
2) You have the right to correct any info about you
3) They have to ask you if they can distribute youre info and you have a right to say No.
4) They cannot give the info to anyone in a third country that does not guarantee the same amount of privacy.
It also contained a whole heap of other protective measures. Allthough i think the European mentality is much more for privacy than the US one, in general atleast.Over here people want theire privacy.
Anyhow that is the type of law i think should be passed in the USA, and then maybe made into an international standard.
Re:Who do you want to control you today? (Score:1)
And if this was about "the net" you might have a point - too bad it's not. This is about the harvesting, usage, and sale of personal information and privacy, and it just so happens that the harvest, use, and sale happens over TCP/IP.
So the FTC's argument is simple... if you want privacy, the privacy-violation industry has shown your desires are irrelevant to them, and they will never choose to honor them in good faith. If the FTC is right, then you must either stop being so married to this laughable concept of privacy (next you'll want anonymity!) or you must take choice away from the privacy-violation industry.
The privacy-violation industry was given a chance to prove they wouldn't piss in the well. They've been failing by inches and feet and yards ever since, and we're the ones whose drinking water stinks of urine for it. My privacy is worth more to me than DoubleClick's ability to show me "targeted" advertising, so I'm going to wait, and see, and hope that the FTC contrarians start realizing that they're in place to maintain standards for citizens, not corporations.
Re:Its about time! (Score:1)
Re:.gov (Score:1)
And if you want to count our various territories, which I don't, since they don't even pay taxes, also can not vote. I wasn't unaware of this, it simply didn't come to mind as I was mentioning what it means to live in a democratic society, even a Republic.
You're apparently under the naive impression that people don't make a difference. Does your one vote really matter in a pile of millions? Maybe, but most likely not in itself. The problem lies in the fact that such a large number of the people feel that as individuals, they don't matter (or care, or hate the Government because they're ignorant) and subsequently, do not vote.
Governor Ventura wasn't an independent. He was originally a member of the Reform Party. He has since discarded it, however.
There are two real independents in Congress, one of which is from my home state. As for local Government, it's composed of a much larger mix than the Federal spectrum, but it too suffers. I think the best thing the Reform Party will ever do, is to help shake up the two party nature of Federal politics.
The Government, however, is more than simply Congressmen and Presidents. It's also very much local, on many different degrees. If you can't afford to run for Governor, you certainly could run for a local Government position, or even state legislature. You could even start a politically oriented organization, to help spread whatever political views you have.
As for the rest of your comment, it's mostly silly. A gross exaggeration of a result of people sitting on their asses, instead of getting involved with their Government. It's much easier for them to bitch, later.
Re:I just don't understand. (Score:2)
Re:Before you point fingers.... (Score:2)
1) Yes, we agree. They have a fairly detailed privacy statement. In particular, this statement is nice: If you tell us that you do not wish to have this information used as a basis for further contact with you, we will respect your wishes.
2) I would say, "Yes" here, too. Your choice lies in that most of what Slashdot asks for is completely optional. About the only required information is your e-mail address, and that's only true if you decide to setup an account, which you both don't have to do and don't have to use.
3) You have a preferences control panel. Well, you may not, but I do. And I can read and change the information I've given Slashdot.
4) This one's more iffy. Slashdot says this about your regular password: required but never displayed publicly. It also says this, though, about logging in: This is totally insecure, but very convenient.. I suppose that's an assurance of sorts?
In addition, Andover.Net says that they will notify you when they have intent to use your information. The only specific piece of information that admit to tracking is domain name information, which to me isn't a private thing at all, much more of a public piece of information, like a license plate number or other public unique identifier.
Re:COPPA failure? Government backed authentication (Score:2)
As a computer scientist, I'm sure you're aware that the government doesn't need to make public every piece of information it knows about you in order to authenticate you. Indeed, all they have to do is map an instance in their identity database to one "instance" of a person (er, you).
Even then, with a shadow identity [usemod.com], it would be trivial for you to choose what authenticated information to send. You just ask the government database to authenticate you to the foreign site and send with the ticket some information about you. Naturally, it will be encrypted--for whatever protection that gives you.
Privacy policies usually aren't so bad (Score:1)
In the last 2-3 years since I switched my email address I've always been very careful to read privacy policies before I give out personal details. If there's no privacy policy at all, I'll be very careful about ever giving away real details.
Lately since I bought my own domain, I've been giving custom email addresses to all the companies I give my address to. (eg. realaudio-zog@jester.net.nz). This way if it ever does get on someone's spam list when they said it wouldn't, I know exactly where it originated from and could hopefully make life really uncomfortable for them if I needed to.
I'm not a lawyer, but the main sections I watch out for in a privacy policy are anything to do with partners or not keeping details completely private. Every so often there's a risky one, but in the last couple of years I've had about 4-5 spam emails in total.
I can't remember the first ones - they were from early on when I wasn't entirely careful. But the irony is that the 2 that I've had in the past month were to a completely different address that I don't fill in on forms. It's only published on the web, so someone either had a crawler or they went around collecting them manually.
Re:Sorry but...(tcd004 has a sore butt--flamebait) (Score:1)
Every spammer has a copy of your credit report? Really? What do you base this belief on? Just because offering quick fixes for bad credit is the fashionable scam these days doesn't mean anybody has been looking at your credit report. Why on Earth do you feel the need to tell all of
I don't think you'd want the government regulating databases. Do you really think it would be a better world when Big Brother government is the only entity allowed unrestricted use of databases of personal information? Besides, haven't we already seen enough articles here about how datamining isn't paying off as much as everybody claims it is? Why not just wait until everybody realizes that we don't pay attention to targeted e-mail ads?
Thanks tcd004 for making me realize that yes, there are blatent karma whores that detract so much from the discussion. I guess I should be looking at slashcode to figure out I could write a patch that would let you ignore certain users, so I don't have to put up with bullshit like this from you anymore when my threshold is at 2. Btw, your Microsoft parody isn't funny at all and lacks any semblance of originality.
Re:The European Way (Score:1)
Re:Sorry but... (Score:1)
Overall I think my posts have had much to contribute, at least much more than the obnoxious AC's who all scurry to put up a "FIRST POST!"
So I guess what I'm saying, at the risk of losing a little karma, is blow it out your ass.
tcd004
Re:"Self-regulation" is a joke, in any context (Score:1)
Re:"Self-regulation" is a joke, in any context (Score:1)
Re:Sorry but... (Score:2)
and by the way, very good point.
tcd004
Re:.gov (Score:1)
My vote isn't meaningless because it's statistically insignificant. My vote is meaningless because, for many of the issues I'm concerned with, it doesn't matter WHO gets elected.
Let us suppose that you're correct - that if everyone suddenly started voting and became actively involved, the government would automagically began reflecting the will of the people rather than the desires of those supplying the campaing funding. Do you suppose that this would also automagically remove the danger of the DMCA, UCITA, CDA, etc. If you believe this, I've got a heckuva real estate deal for you.
Re:Sorry but...[OT: more flames] (Score:1)
I am well aware of this.
The posts that I have made that earned 3, 4, or 5 were always geared to contribute diretly to the discussion, and I think that in the time I've been on slashdot I've been moderated down to zero very few times.
That's still no excuse for your other heap of posts that have no business being moderated anywhere.
Overall I think my posts have had much to contribute, at least much more than the obnoxious AC's who all scurry to put up a "FIRST POST!"
Surely you must be joking. I don't really need to say much more than that, because the average slashdotter certainly has enough intelligence to see through that bit of flawed logic (or rather I would hope that they would, but I'm not so sure of that anymore after running into the likes of you).
So I guess what I'm saying, at the risk of losing a little karma, is blow it out your ass.
Sorry about the "sore butt" subject. I originally put it in there as a play on words with the original subject "sorry but..." (which doesn't really say much of anything about about any post and is all too common). I guess I got carried away and made it look like a cheap insult instead, so people would know what was coming when they read the rest of my post.
Of course... (Score:2)
Re:I just don't understand. (Score:1)
Re:.gov (Score:1)
Of course I think the people of D.C. and those in prison should be able to vote, and I think our various territories should be given status as states, assuming it's their desire to become one.
Who was elected would matter more, if people didn't see Government as an entity posed against them. If everyone took it as a social responsibility to be involved with ensuring the dream of democracy isn't squandered, there'd certainly be a larger base of people to vote for.
And if people took it as a responsibility, then perhaps some of the injustices commonly practiced (The attempts of the Democrat and Republican parties to maintain their monopoly) could be fixed.
The problem isn't in the Government, it's in the lazy people that squander, or make a joke of their ability to change the world in which they live. Any faults in our Government are simply echoes of a problem much more severe.
The Government already does reflect the will of the people. It's simply they reflect the will of the people that get involved. There is no "automagic" way of fixing anything, which is exactly the point; being a member of a democratic society is work.
If the people respected their right to participate, either directly or indirectly, then the amount of influence that any paticular corporation would become far more equitable. Whether or not this would have an influence on the CDA (Which corporation don't support, btw), or anything else, I can't say for certain.
I do, however, know that sitting on your one's ass, not participating in Government, simply ignoring laws you don't support, and whining on public forums how the Government subjugates you, won't change a thing.
I'm not suggesting this is your behavior, but it certainly does compose a good number of the dotters.
You can't feed the hungry by saying "There are hungry people." You can't build a house by thinking "I sure could use a house." Why is it people think that a Government they don't participate in, will somehow reflect their ideals?
Re:"Self-regulation" is a joke, in any context (Score:1)
A monarchy is the embodiment of self regulatory Government. A Government that is regulated solely by itself, and not by the people.
The other embodiment of self regulatory Government would be anarchy. Where each person is his own self-regulated world. This, however, is a state of "non Government," which is why I didn't include it. With people that construct multinational corporations, which in turn attempt to dominate each other, and the masses, I'd certainly not suggest we're ready for anarchy.
Thanks, but I'll skip on either.
Re:YOU are the protector of your own privacy (Score:1)
This type of thing can plague these systems for years if enough people do it.
Re:"Self-regulation" is a joke, in any context (Score:1)
What's the big deal? (Score:2)
I remember an article posted to Slashdot something like two years ago. It was a commentary on the future of privacy and painted a really good picture of a world where cameras were just a part of daily life. It provided people with a way to look after each other and after each others' properties. Imagine how low the crime rate would be if there was most likely an active camera in every house.
On the more abstract side, privacy concerns block the flow of data. This is fundamentally contrary to the geek mindset, and I have never understood why so many geeks believe in it. Consider if someone did have records of your every move. You could never be falsely accused of a crime, you could be found easily in case of emergency, and the statistical information could be very good for society. Remember how the vaccine for small pox was discovered by noticing that milk maids previously infected with cow pox never contracted the disease? With huge databases of statistical data, I have to wonder how many other cures could be discovered like that. But the collection of much of this information would run against the privacy concerns of many of you.
On another angle, it is coming. Survaleance technology will soon be to the point where the cameras and microphones are completely undetectable, at which point no law can really help anything. So we have a choice, either we embrace it and have access to the vast amount of data, or we kick and scream and only the Orwellian police type people will. As long as the people have access to the data, we can even monitor the police. By kicking and screaming about it all, we actually increase the chances of the future that people say they're trying to protect.
Finally is the arguement that I have been avoiding: if you're not doing anything wrong, what do you have to fear? I say let them (websites, police, men in black, my neighbor) monitor me all they want. I'm not doing anything wrong. If that's how they'd get their kicks, let them go for it. If they want to put forth the effort to watch me going about a normal life, let them. It doesn't cost me anything.
I think complaining about privacy is the wrong way to go. Instead, complain about how the data is used. Pass laws making it illegal to modify data without making it clear that the data was modified (Times Square on New Year's Eve). Make sure all of the data is public so that no entity can horde it and use it for nefarious purposes. Knowledge is power, and that power needs to be in the hands of the people, not any secret police. Laws would have a much greater success rate when dealing with how the data is used, not how it is collected. It's just too tough to police every organization and person who *might* have a camera, while it is comparitively easy to monitor how the data is used. As soon as someone gets hurt, they can sue, and a harsh penalty will warn organizations against such practice in the future.
Don't get me wrong, I don't advocate forcing a webcam in every home. But I do wish people would stop raising such a fuss about every little thing that they see as an invasion of privacy. It seems to represent an inconsistancy in the mindsets of many geeks, and is swimming against a strong current instead of being carried to a place downstream that's better anyway.
Like a food buff swimming up the Mississippi River doing his best to get away from New Orleans (food capitol of the world, for those of you who don't know).
MAC Address (Score:1)
At this university they record our MAC addresses as well, but as I have a Sun, I can change the number to whatever I like. (I've heard some PCI eth cards do this now too; anybody know?)
During the term I need to keep it the same because the port is configured to only respond to a card with the appropriate MAC address. This lets you connect only one machine, so you can't share (unless you can set up IP MASQ, but we all know how terribly difficult that is. ;) )
Re:Watched some of the hearings... (Score:2)
My point is that if a website had an option "do not use my information internally and do not share it with third parties", I think that would have failed the governments criteria. You had to have separate options for "don't use my data internally" and for "don't share my information with third parties". So the government may have found that some site were not offering customers a reasonable level of privacy protection when in fact they were.
Now I'm not realy saying I agree entirly with a federal body sticking its nose in. U.S. federals tend to have heavy, sweeping solutions to problems that would better be served with a little finess (i.e. they use a crowbar when a fine dentists pick would have been the proper tool) but in this case I think it may be the lesser of the two evils. Companies in recent years havn't been working to come up with better privacy, its not a concern for them. Why actualy increase consumer privacy when you can post a nice privacy policy with lots of fancy words, make the consumer believe your working to protect them, and use your time in the more profitable venture of exploiting there information?
I admit I have a knee jerk response to "keep government out at any cost", but I don't think the arguments for government involvement are nearly as strong here as in other situations (e.g. HMO regulation). One important point is that even though people don't like it, no actual harm is done. That is, no one is hurt by getting lots of junk mail.
Also, there's the issue that even though people say they want privacy, their actions say otherwise -- they'll sell their privacy very cheaply, probably recognizing that privacy isn't really worth that much to them (at least the kind of "what products do you buy" privacy we're mainly talking about). This is why economists talk about revealed preference. Most people would say their life is infinitely valuable, but if you look at revealed preference via how much money people want to do dangerous jobs, you find that people rarely value their life at more than a million dollars or so. Similarly with privacy. People say it's worth a lot to them, but their actions say otherwise.
So we might end up with the government enforcing the situation which is what people say they want (privacy at any cost), when what they really want is something different (lower prices and targeted marketing at the expense of privacy).
Besides all these arguments, the fact that congress is taking an interest in it may be an indication that public is waking up to how much their information is worth to these companies. I would credit programs like free internet access and iwon.com, which almost everyone can see are offering to buy your personal information, for waking consumers up to this. Maybe once people become aware of it, the market will provide a solution.
BTW, I highly recommend David Brin's The Transparent Society for anyone interested in whether privacy is really worth it. The tagline is "will technology force us to choose between privacy and freedom". It's an interesting question.
--Kevin
Re:What's the big deal? (Score:1)
No, you don't understand. (Score:1)
The government's purpose is to protect people and enforce their rights. Most governments do an almost passable job of that when the laws and policies they follow coincide with everyone's rights and interests. (Unfortunately, a lot of laws are stupid and dangerous, and there you get most of the dissatisfaction with government.)
The role of government in commerce is essentially to make sure companies and individuals aren't cheating each other. The privacy issues the FTC bring up involve consumer and regulator discontent with the practices of some businesses that use the Internet. However, one has to look at the issue beyond the initial "I don't like how this company is acting" reaction - we live in a free country, where supposedly simply not liking what other people do isn't a justification for putting them in jail or taking their money away.I have to take a very skeptical view of the FTC's complaints, based on the problem areas they identify.
Now, admittedly, there is a second issue: what if a company blatantly lies in its privacy policy and shares information it promises to keep confidential? Well, there's a word for it: fraud. And, amazingly enough, the FTC has long had the authority to get involved in cases of fraud (or at least ones that cross state lines). So, why exactly are these bureaucrats asking for additional laws to be passed to deal with a problem when the FTC could be cracking down right now?
So, what's the deal? If I'm claiming that most of these things aren't wrong, and the remainder are things the FTC can already deal with if they want to, why is the FTC asking for Congressional action?
Well, right now, companies involved in internet commerce are having a public-image problem. People don't like filling out a form on a web page and getting spam from several other companies and similar things. Two of the five commissioners of the FTC noticed that companies are catching on that consumers don't like being treated that way and so are starting to change their behavior, and said so (and I've got to be one of the most stunned people here to read of a government official recognizing the power and function of the market). However, the other three perhaps decided to hike up the public image of the FTC (making even a token effort to show disapproval of something people don't like works wonders with voters) and their personal regulatory credentials, both of which are good for their current jobs and future political positions. On the other hand, they may be those among government regulators who genuinely believe that they, not the decisions of consumers or the effort of entrepeneurs and companies, provide the benefits of the free market to people. Or, considering the mixture of pragmatism and "idealism" most people have, probably some mixture of both.
In any case, it's a matter of the FTC trying to pull the wool over the public's eyes to gain public support and hide their failure at enforcing current laws, and should be rejected as such.
Re:What's the big deal? (Score:1)
It seems that if people put as much effort into combatting the system of cookie cutter ideals as they put into grasping privacy, much good could come from it. Crying out for privacy is like patching holes in the dam with duct tape. It is a constant fight that will never be won. Stopping those who repress others based on things like religion and sexual preferances is fixing the dam, and is actually a positive step. Complaining about privacy is only moving sideways.
OT: scientology is in trouble (Score:1)
//rdj
Re:Its about time! (Score:1)
Re:The European Way (Score:1)
You forgot to mention the establishment (in each country) of an independent "Personal Data Protection" Authority which acts as a watchdog and also has the power to prosecute on their own or after a complaint. It seems personal privacy issues are important enough in the EU to be granted a separate agency instead of being handled by a trade comission
Another provision that is very important is that the law defines several kinds of data as 'sensitive data' (i.e. religion, ethnic origin, health problems). For those data protective measures are even stricter
The fourth point you made actually is very important as one of the countries that does guarantee the same amount of privacy is the US. This has become a matter of confrontation between the EU and the US (the EU claims that in America thera are no laws regarding personal data privacy while the US claims that self regulation should be enough.) The matter may end in the WTO (although I believe the EU shouldn't recognize WTO jurisdiction; personal data and privacy is not about commerce only). Of course the FTC report is bound to at least weaken the position of the US government
Re:Sorry but...[OT: more flames] (Score:1)
No more karma pumping for me....
tcd004
Re:"Easy"? (Score:1)
Who said it had to be accessible via the net?
Re:Its about time! (Score:2)
The telephone network is also a shared resource where I (and you) am just one of many.
I'll bet that having a network available was a selling point for the University. I assure you that the student's there DO pay for it one way or another. After all, he IS paying to be there.
At the point of actually making unauthorized access to the machine, it becomes a crime unless it was done with police authority and a warrant.
I agree that things are not black and white. For example, aggregate statistics might not be over the line. Possably even logging headers (but it's very close at that point). Actually logging the packet payloads is WAY over the line.
Re:Its about time! (Score:2)
The lack of laws does not mean the behaviour is moral or ethical. Personally, I don't have much to worry about. Who I connect to isn't a big deal, and I use ssh to keep passwords and such from prying eyes. I would still be incensed to discover that my provider was trying to snoop my connections. I would vote with my feet and wallet. If he tried to gain access to my box, I would prosecute.
As for sensitive, who said anything about sensitive? Being watched is creepy even if you are literally doing nothing. I would object to such a thing even If I used the net only to read /. and download books from Gutenberg.