Connecticut Governor Seeks to Protect Personal Data Online

Technical Writing Geek alerts us to a report that Connecticut governor Jodi Rell has begun to develop legislation to create an "opt-out" registry to prevent the distribution of personal information on the internet. The registry would be analogous to the "Do Not Call" list. This comes after Rell received many complaints about the availability of personal data from directory assistance sites such as WhitePages and 411.com. While Rell understands that the "sites are breaking no law by gathering and disseminating this information," the legislation will add to the work she has done to re-evaluate the disposition of private data. Where do we draw the line between free speech and privacy in the information age? From the Journal Inquirer: "'Privacy concerns are constantly evolving,' Rell said. 'We must not only keep up with them but do our best to stay ahead of the curve.' Rell said she will ask state agencies to review private information about residents that the state collects, manages, and distributes."

Publish personal details of all company board

[freedom_india]

Since "now law is broken" by companies for publishing out private information, we can plead the same by publishing the company's members information online.
Every single stockholder, boardmember, CEO, lawyer, employee contact information (including public and private numbers and addresses) should be published online 411.com by us.
Once the mighty CEOs and CFOs see their private and unlisted numbers plus email IDs online, am sure the congress and senate would go overnight to enact a law preventing that from happening.

Re:

[QuantumG]

Ummm.. if you can get it then how is it private information? Assuming, of course, that you are a member of the public and haven't broken any laws to obtain the information. That would seem to be the definition of public knowledge.

Re:Publish personal details of all company board

[TaoPhoenix]

Call it "intended to be private".

Just because you can social engineer it out of people doesn't mean it was intended to be known.

Re:

[Sandbags]

I do believe the idea here is "how did they get it?" Your name and phone number may be published in phone books from the phone company to which you subscribe, but you can easily enough opt out (become unlisted) and then that information is no longer publically accessible. Your e-mail address, employer, physical address, and more should not be part of public record. Sure, that information may be contained in legal and tax documents held by your local, state, or federal govt offices, but when requesting (l

Re:

[gallwapa]

How much I pay in taxes, what kind of car I drive, where I live, my numbers and e-mails, all of this is important and private information.

Your taxes are public information, and should be public information, in my opinion. I do agree with you, however, that it is silly that people can pull up your financial reports like that. You are entitled, by law, to receiving 1 "Free" credit report per year per credit agency (In the US). While I think this is bs - it should be available anytime for free - at least it is there.

Great post. Mod parent up.

This all comes down to...

[Belial6]

This all comes down to whether the law sees this data as "YOUR data", or "data ABOUT YOU". I think the law should be written that says it is your data. Thus anyone that wants to use it has to get your permission to use it. If there is any kind of "Intellectual Property" that really exists, it is your personal information.

Re:

[Sandbags]

Why should my taxes be of public(ally accessibly) record? Sure, there needs to be a back tracable record for auditing purposes, tax income to SSN and what not, but why should an individual outside of a government or 3rd party auditing firm have any access to that information? The general public needs to know the total taxes collected, and how that divides up by taxe type, code, and region, but not down the the detail of which individual paid (or owes) how much. This information has no interest or value o

Re:

[gallwapa]

Tax info has personal interest to me: Yesterday I was looking up tax information for my entire neighborhood. It IS useful to see which houses could potentially "ripe" for a deal for me to snatch up. Granted, it hasn't happened yet, but I have a vision of purchasing my entire neighborhood for a "re-engineered" community in an older neighborhood (built in the late 50s/60s). My neighborhood is decent now, but should I gain a majority control of it, I can make it even better.

You may not agree with my reason

Re:

[Sandbags]

Taxation is done by millage and zone, not by individual house, so you seeing exactly what I paid is irrelevent. You only need to know the estimated value of the property you plan to buy combined with the current and historical millage rates to determine the tax history for a proerty in a given neighborhood. You do NOT need access to my personal tax records, or my personal information to do so.

Keeping a record of the appraised value of a property is fine, so long as this information can be requested only b

Re:

[dcavanaugh]

In the case of property tax, the basis is a somewhat subjective assessment of property. I have every right to look at yours and compare it with mine, to see if I should challenge the assessment on my property. Before moving to a new city, I might legitimately use this tax data in the planning process.

On the other hand, the calculations for other taxes are straightforward. Income tax returns have no public value, and a great potential for abuse. So I have no problem with keeping those private.

Everything el

Re:Publish personal details of all company board

[MightyYar]

It is not hard to find any of the information that you are asking about. Any public corporation will have SEC data about all of its officers.

Take 411.com. Scroll to the bottom and see that it is run by Whitepages.com, Inc. They have an "about us" page with a leadership section. On that page are all the names you need to get started. Let's start with the top: Alex Algard, Founder and CEO. Searching for him on 411.com yields:

Algard, Alexander & Susie K
1005 5th Ave W
Seattle, WA 98119-3613

3 blocks from their main offices... so, yeah, that's him. Hard, huh?

CEOs not only have less privacy than us already, they have more people looking for them.

Re:

[jdjbuffalo]

I like that idea.

You would also want to include as much information as possible: Name, Phone Number, Address, Email, DOB, SSN, Credit Score, etc.

I'm not sure why immigration gets more people riled up in this country than the fact that anyone with $50 can access most of your personal and professional information.

The only problem is who wants to be the fall-boy/girl who runs the website. I can almost guarantee that even if no law is broken you will get a civil lawsuit for each person's information you post.

Opt-out? Meh.

[Xenkar]

I wish just once that one of these politicians would have the balls to make it opt-in, with written consent required and none of that "hidden deep within a contract" crud. Perhaps requiring a public notary to stamp it too might be beneficial.

I know for sure that I'd sleep well if these opt-out lowlifes lost their jobs.

Re:

[Anonymous Coward]

I really don't get it as well. It would be much easier to just copy some of the european data protection legislation, which has been proven to work (unless the politicians undermine it for their own (surveillance etc.) purpose).

Re:

[Daver297]

which is so likely to happen here.. its not always that the bill itself is bad, its normally once it makes its way through all the changes, make it worthless or a completely seperate bill...

Re:

[DreamerFi]

surveillance

You misspelled "re-election campaign fund".

Re:

[Anonymous Coward]

european data protection legislation, which has been proven to work

Why do you think it works?

I get cold calls and personally addressed spam and only competitors, not recipients, have the right to sue about that.
I have to publish my personal address in whois databases if I want a domain name.
I have to present my id-card to get a prepaid mobile phone.
ID cards and passports come with RFID chips which contain digital biometric pictures and fingerprints.
There's private video surveillance everywhere.
All phone cal

Re:

[Nicolas MONNET]

There's private video surveillance everywhere.

Not everywhere; the UK is not everywhere. It's strongly regulated in France; well, that is, until sarkonazi decides to "reform" this, as he has already hinted. And by "reform", I of course mean "fuck shit up to favor the rich & powerful at the expense of the people."

All phone call metadata, including location information, is going to be recorded and stored for six months beginning next tuesday.

That's bad alright, but *at least* there is some legal protection

Re:

[fprintf]

Except Gov. Rell doesn't have any balls anyway. She doesn't need them.

clueless

[Power_Pentode]

Once that opt-out list is complete, how much do you think spammers and scammers will pay for it? Oh, wait -- you're going to give access to anyone running a directory or investigative website? What could possibly go wrong?

Re:

[Gregb05]

if it's opt-out, you'd only need to record the information of people who want to receive the information anyhow, would you?

Re:

[redxxx]

Well, the article seems to be comparing it to "do not call lists" and talks about being on the list to not have your information distributed.

I think they are using the terminology oddly. As I'm reading it, it is a list which people can join, which allows them to opt-out of the free service of having your information sold to the highest bidder.

"The basic concept is to prevent collecting information without the consumer's consent," Blumenthal said. "If the consumer objects to collecting the information

Re:

[Gregb05]

Ah, I misunderstood and didn't take the time to RTFA (!new here)

The registry itself is opt-in, the point of it is that you would "opt out" of letting retailers legally distribute your information. I'm not terribly excited about the benefits of this. It would probably be more effective to require an opt-in or opt-out from any company that exchanges data, but I'm no lawyer nor a politician.

hahahaha

[Martian_Kyo]

'Do not track me when I travel the Internet' will work as well 'dont rob me I am carrying a million dollars'

Re:

[Garrick68]

Don't you mean "Don't track me bro!"?

Re:

[jank1887]

The Do Not Call list was one thing. It regulated who could make solicitations over a well regulated medium, where it's (relatively) easy to hold the caller responsible for their actions. You weren't trying to control information (all phone numbers are known, and most are published publicly in the phone book.), you were trying to control actions on that information.

Now they want to regulate the transfer of information. Information with value. Such regulation is only worthwhile until that information gets

Hmmmm

[edittard]

The registry would be analogous to the "Do Not Call" list.

In the sense that it, too, will be a totally ineffective waste of time?

Re:

[l4m3z0r]

In the sense that it, too, will be a totally ineffective waste of time?

The "Do Not Call" list has been extremely effective for me. The only calls I receive now are to people with whom I have a preexisting relationship, ie ive donated money to them before(like a political party) or I went to school there. In fact, I only ever had one call that I think was in violation of the list and I told them that 1) im on the "Do Not Call" list and 2) dont call me again or ill report this abuse. I have not received

where is the line

[Grampaw Willie]

the article asks

where do we draw the line between privacy and free speech?

generally, if you own the press you can print what you want,~~

with a few caveats, however, and as these are well established there is no need for discussion

1. you should not publish slander

2. you should not infringe other folk's copyrights

3. you should not involve in a conspiracy to commit crime

Is my personal information copyright protected? I see no reason why it shouldn't be and in a day and age where we have more hackers than Hollywood had stage robbers there are good reasons why we should protect everyone's personal data by law.

Re:

[gclef]

One problem: you can't copyright facts. You can copyright specific collections of facts (eg: phone books), but you can't copyright the underlying fact itself. For example, telling people your phone number does not violate Verizon's copyright on the phone book, since you're just sharing a fact. If you scanned the entire phone book & sent it to someone, that would violate Verizon's copyright on the phone book.

So, is your personal data a copyright-able expression of an idea, or is it a set of facts? If

Privacy Protection

[Grampaw Willie]

generally when we provide personal information to a provider such as Ma Bell it is with permission and with an expectation of confidentiallity

now with the phone company we have had to ask for our number to be un-listed and many of us have done this for years as it has been necessary to prevent the ditzies from mis-using the information.

the mis-use of information will most likely result in a marked tightening of privacy law. information that is currently a matter of public record may have to be moved to sec

Re:

[gclef]

the mis-use of information will most likely result in a marked tightening of privacy law.

In America? Good luck with that. Databases of personal information are considered business assets. A number of very large organizations (phone companies, cable companies, google, microsoft, etc) have these databases. If you make those illegal or heavily restrict them it will be taken as a huge hit to the value of those assets. This will be noted on the earnings statements of every one of them, and will likely cause a number of these companies to lose stock value. No politician in their right mind wa

Re:

[Grampaw Willie]

good point

not everything that has been done in the past has had the best interest of the private citizen at heart

and I think that today there is an under-tow of change toward privacy regulations. and that is a good thing.

i might provide my personal information to one corporation as a part of a service agreement. does that give them the right to sell that information to advertisers? more and more I'm seeing this question and here and there corporate agreements have even offered an option to prevent the di

Re:

[msobkow]

Your information isn't "copyright" per se, but needs to be treated the same as any other information published by a phone book. i.e. If you have a private unlisted number, then your contact information isn't published.

Personally I don't see what the big uproar is. An online phone book has the same content as the printed phone book. If you don't want your information published, you pay extra for an unlisted number. The same should apply to the online phone book.

Yay!

[TheHorse13]

Another Government run list that is completely ineffective. Ever hear of the do not call list? Ask people how well that's working out. I guess understanding a problem before attempting to solve it has gone out of style.

Re:

[PhxBlue]

Ever hear of the do not call list? Ask people how well that's working out.

Pretty damned well, actually. Thanks for asking!

Re:

[phoebusQ]

Maybe you just give out your info a lot, but the DNC list has been about 99% effective for me...I've seen a huge reduction in sales calls.

Gosh, we'd be happy if...

[jpellino]

...she'd stop the laptops with state taxpayer financial data from being plucked from employee cars. (They claim they need all the data resident on every laptop whose operator is working on a given datatset.) Here in CT that's the bigger issue for her and the lege, To this more recent one, I can recall people being horrified years ago that we could find their phone listing in whitepages, their address on mapquest and an aerial photo on terraserver. Of course all of this was public information, now it's just easier for the "datarazzi" to get it in bulk. We've been on the DNC list and reg'd with DMA's pref service for years, and they still get thru. National opt-in with some teeth in it would be nice.

Re:

[mckinnsb]

Essentially, ever since that incident, she has been creating a "security directive" every few months or so. I'm not going to conjecture as to if this is a political game or not, because even if she is genuinely concerned about this it is still in some ways a *game*, but I will say that it just won't work. Just like the "Don't Call" list, the "Opt-out" program will be squashed by heaps and heaps of legacy data and future data-mining, especially at the State level. It is interesting that this was *never* an

Interesting

[Bootarn]

In Sweden we have laws against publishing personal information of citizens. To publish even the equivalent of the social security number you must have the consent of the citizen in question. Unfortunately within license agreements the paragraph covering consent of publishing of personal information is buried deep within the text.

Self defeating.....

[Anonymous Coward]

We need to prevent the distribution of personal information on the Interweb so lets create a DATABASE of all the people who don't want their personal information accessible.

I am might be AGAINST this

[drhamad]

Do not call is one thing. That's people actively annoying you. But that's different from people not being able to FIND you. So what I want to know (unless I'm blind and didn't see it in the article) is what exactly they intend to restrict. Phone numbers and names should available. They always were in phone books, and the internet is really no different. When I get a call I don't recognize, I want to look it up. It's annoyed me for years that cell phones usually aren't listed in whitepages.com reverse

What about the data of 600 students in CT

[tenaciousdRules]

When I worked at the CT Department of Education, I lobbyed desperately for a centralized, secure data repository for student data. The analysts would constantly send student lists on disks via snail(or by a "secure" zip file), print paper lists of student data and take them offsite, and even put copies of this data on their personal computers to take home. I was passionate about keeping the demographic data of Connecticuts students secure and grew frustrated with the roadblocks.
We even got a Federal Gran

Re:

[tenaciousdRules]

Correction: 600,000 students. CT is small, just not that small....

playnamethatparty

[Aram Fingal]

I'm not quite sure what the "playnamethatparty" tag is supposed to be getting at but I'll name Governor Rell's party. She's a Republican. I would say a very moderate one, to the point that she could easily be mistaken for a Democrat at times.

Test Data

[Armatich_Defiant]

Add a unique test entry to the opt-out list, so that the databases could be checked for it's existence. This could be both 1) when someone uses a service and has opted out (to check the system is right) and 2) to check people aren't pulling from the opt-out list. There might be legal basis of a violation in some circumstances. just an idea

In breaking news

[elrous0]

Connecticut Governor Seeks to Protect Personal Data Online

California governor seeks to keep skynet offline