Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy

U.S. vs. Europe on Online Privacy 118

A group called Consumers International has released a report about online privacy in the U.S. and Europe. The report's sound-byte conclusions - "U.S. beats Europe in online privacy protection" - have been widely reported in tech media, but I'd like to take issue with the report in a brief analysis below.

A lot of the blame for the misreporting falls on the authors of the study. They described their study as "An international comparative study of consumer privacy on the internet", when in fact it was nothing of the kind.

One of the major problems facing pro-privacy activists today is a certain type of corporate spin. Major advertisers in the U.S. have created a PR campaign whose goal is convincing people that notice about how your privacy is being violated (typically buried in a dozen pages of fine legal print) is more important than actually having privacy. The PR campaign is designed to push the idea that a privacy policy is what is really needed, not actual privacy. Of course, the privacy policy can say anything: "You have no privacy when dealing with this website" is a perfectly valid privacy policy. A privacy policy which says, "We keep all your information private", when in fact the company sells everything it knows about you to the highest bidder, is also a perfectly valid (though untruthful) privacy policy. So the existence of a privacy policy says absolutely nothing about the actual privacy afforded. Indeed, since privacy policies are written to protect the company, not you, the existence of a privacy policy is a good clue that this is a company which intends to violate your privacy. If you don't collect information from visitors to your site, you have no need for a privacy policy.

So it's embarrassing to see "consumer" organizations take a study of privacy policies and call it a study of privacy. It says to me that either they're strapped for resources (studying privacy is much harder than studying privacy policies) or that they're being dishonest. Occam's Razor suggests the first. But the results are harmful to their cause I think - they end up promoting the idea that privacy policies = privacy. This roughly similar to the idea that good brochures equal good vacation spots, or that good signage on the outside of a hospital equals good medical care inside.

Honestly: if someone did a study of hospitals by walking around them and examining the posted signs, and called it "An international comparative study of medical care", it would immediately be seen for a fraud.

Methodology is important. No study is useful without the proper methodology to support its conclusions, and in this case few methods to study privacy were actually employed. The researchers didn't, for example, actually audit any companies, actually going on-site and interviewing people to see what was actually done to data that was collected. The only useful conclusion drawn out of the study is that the large popular European sites were less likely than large popular U.S. sites to have posted privacy policies - quite possibly because, due to the fairly strict European rules covering the use of personal data, those European sites do much less privacy-violating than U.S. sites and therefore have much less need to post privacy policies. (And the European sites aren't involved in the U.S. PR campaign run by U.S. advertisers, either.)

The study is not awful. The researchers actually did some minimal verification - checking to see whether "do not mail" actually results in not getting spam mail from a company, for instance. (They encountered several cases where they received advertisements even though they had indicated they didn't want any - Ebay users will be familiar with this practice.) But most of the study was based on examining privacy policies.

Possibly the best way I can describe the study is this way: If a company did not collect any information from visitors, did not sell it to marketers, and in general respected its visitors' privacy - but didn't have a privacy policy spelling that out, in great detail - it would receive a poor grade from this study. This is fundamentally wrong - the organizations intending to protect privacy have forgotten the forest for the trees.

This discussion has been archived. No new comments can be posted.

U.S. vs. Europe on Online Privacy

Comments Filter:
  • uh, no .. do YOUR women get beaten by the ugly-stick regularly? because it's rarer to see a beautiful american woman than a european one.
  • You're not a moron, and 'right-thinking' types would be morons themselves to classify people who do not like CCTV for reasons of privacy as morons.
    I like CCTV, personally. It helps catch people who commit real offences.
    It is one thing to set up this sort of monitoring but another to abuse it, and frankly actual abuse of this is very hard to envisage for ordinary people, at least in the UK.
    I've yet to hear a really convincing argument as to why I might be the victim of abuse of CCTV cameras by those in a position to do so.
  • Well this Brit found it funny. ;-)
    +1 if I could...

  • Moderators, could you please use your moderation points for the posts dealing with the interesting issues of privacy and openness, and not waste them on the inevitable huge intercontinental flamewar? Thanks.


    ************************************************ ** *

  • If moving somewhere for tax reasons, I think Sweden would be the last place to go. ;-)

    It just refers to my spam trap. If you look up, it says @home.es instead of @home.se. If people are not smart enough to figure it out in a couple of tries, I don't think I need to read what they write. So hopefully it is a stupidity trap as well. (On the other hand, @home probably have a Spanish branch as well, and making people's mail travel there only to bounce when no user is found is a bit of a bandwidth waste compared to having an impossible domain so they can't send it in the first place. But what the hell...I don't think I get enough mail for that to be a problem.)

    I really like Spain by the way. Just about everything except the fucking bullfights. And there are blond people in Spain as well, just not as many.

    Cheers,
    Lars

    ************************************************ ** *

  • MArket power, the number of entities engaged in trafficing in personal data is vastly smaller than the number of people being asked to provide it. Secondarially, there is very little ability of the consumer to limit the spread of their personal data, your choices are basically
    1. never tell anyone anything
    2. accept that a single slip-up on your part will lead to that information flashing to the ends of the earth
    The former is fairly impractical, there are things you need to give people personal information to do, and there is very little legal recourse if they turn around and sell it. Yes, you could theoretically sue them for violating a privacy policy, but finding one that doesn't allow them to sell it to anyone, or doesn't allow them to revise it at will, or anything like that is rare.
  • While I don't dispute the anacdotes you have related, I do disagree with your statement that privacy is a "dead horse". Consumer Privacy is a critical issue. We have not beaten this "horse" to death.

    Corporations would like to facilitate a sense of hopelessness in consumers to prevent those consumers from challenging and curtailing the actions of corporations.

    I agree wholeheartedly with your conclusion that we have to act together to defend our privacy. Don't give out your information, ask what is going to be done with it, and track those that violate it. While not everyone is motivated to sue privacy theives, everyone can complain to their friends when it happens. That alone makes a big difference in combatting the culture of hopelessness that the privacy violators have cultivated.

  • Perhaps part of the reason why they didn't find that many "privacy-policies" on some European web-sites is that atleast soe European countries have consumer-rpotection laws strict enough that merely following the laws makes for relatively decent privacy (though not as good as I'd like)

    Norway for instance, which I know most of, since it's where I come from have a lot of protection for consumers in general, and with respect to privacy in particular.

    • No company can store any personal identifiable information about me unless I'm having a direct business-relation with them that nessecitates it.
    • There's a national opt-out (yes, I'd prefer opt-in but this one ain't all bad) list maintained by the governement. Covering SPAM by phone, fax, email and postal mail. Failing to get your adress-lists cleaned of adresses mentioned here is punishable by prison. (you can't get the list, you send your adress-list to the register, and they return it, minus the people who've registered not to receive the advertisements)
    • If a company gets addresses from another company, they're obligated to include info in the advertisements as to what's the source of your adress. You can demand of any company that they do not sell your adress, or that they remove it from their registers alltogether.
    It's not perfect. And not all companies follow the laws as well as they should. But it's a start.
  • Oh dear....its Continental
    'My Continent is Better Than Your Continent' time.
    Oh well, my karma is comfortably above 50, so perhaps I won't mind a '-1' this time.

    When you Americans start to play American Football without wearing metal frames and Kevlar and call it by the correct name (Rugby) we'll regard your sporting prowess with some respect.
  • Nope, I don't think so.

    Anyway I think the roughest game regularly run seems to be Aussie Rules football, which calls for all round athleticism, since it incorporates, basketball, football and rugby skills.
  • almost all the great technology inovations have come from America. The PC, the Internet....
    IIRC, the Internet as we really know it came about because some guy called Tim-Berners Lee came up with HTML. Where did he work?

    Ah yes, CERN in the EU!!
    [Yes I know the US invented TCP/IP].

    Last time I looked in the back of my PC, I saw that all the components came from Taiwan, Korea and China, not the USA.

    90% of all great software..
    It took a Finn to develop the greatest software, and the "second in command" is a Brit! (Alan Cox).

    the car...
    In the field of cars the US didn't invent cars, although to your credit Ford did come up with mass producing them and thus totally ruining the environment. However BMW and the Japanese seem to make better ones nowadays. Remember America produced the Edsel.

    the Airplane...
    OK, you got me, the Wright brothers ensured you got there first.

    giving Women the right to vote...
    You gave Women the right to vote, but forgot to give coloured people the same rights till recently. Other nations had universal suffrage well before the US (and Britain for that matter) did.
  • Can we now have the bit where all us Brits are "British Subjects" even though my passport clearly says:


    Nationality/Nationalité(3)
    British Citizen


    and


    Citizenship and National Status British Ciizens have the rite of abode in the United Kingdom. No right of abode in the United Kingdom derives from the status, as British Nationals, of British Dependent Territories citizens, British Nationals (Overseas), British Overseas citizens, British protected persons and British subjects.


    That ones always my favourite. Actually, maybe I should note this down for future use when someone from the US calls me a British Subject. My passport states I am a citizen and goes out of its way to state that I am not a subject.
  • Is it just me or does the popularity of basketball, a sport where not scoring is rarer than scoring, sum up the US as a whole?
  • Here in the U.S., no such legal recourse exists.

    Sure there is... if a company violates its privacy policy you have every right to sue them.

    That's obvious: you have every right to sue anyone over anything. The important question is whether you have a chance to win.
  • I just finished a survey, of the 100 US and 100 European sites I visited none had a policy regarding denial of service attacks.

    By the way, I also didn't find the possibility to tell them not to drop garbage in my backyard, not to break into my house, or not to kill me.

  • funny thing is ... that the GOP won... clinton is gone... gore "lost"...

    guys, move on... you arent making any friends here...

    so hes a shister.... get over it...


    tagline

  • > American ass

    you just summed yourself up nicely.

    Cheers.
  • Read again my post.

    The governement knows what datas are collected, not the datas themselves. If my bank collect infos on what is my familly status, then they have to declare they collect this info to the governement. They don't have to give the gov. their database itself of course !!!

    Now I'd rather have the governement have my datas than 1 corporation :
    - People choose who get to control the governement, but only a bunch of very rich guy get to choose who control corporations
    - The governement purpose is to serve citizen. A corporation purpose is to serve it's owner(s).

    Would you rather put your life into the hands of the cops or Microsoft ?
  • The point of registering databases with the gov. is to let the gov. check if anything is violating privacy laws - like bankers who used to put rather private infos in their database ("is going thru a divorce" or stuff like that). Since this is a separate agency, they have several times stopped the French gov from merging databases too.

    I swear, if you french didn't invent the french fry, I would have nothing more to do with you.

    I pity you who don't know the French kiss...
  • B*ll*cks. The toughest team sport in the world is Hurling, closely followed by it's Scottish cousin, Shinty.
  • So, instead of creating a possibility of distraction for the childs and spending more money for policemen, they wanted to install cameras to monitor everybodys movements.

    What a direct and senseful approach for a social problem.

    The crime rate doubled for what reasons?
    Because they didn't installed the cameras?

    Cellulars are a greater risk for privacy, unlike walking in public, you mustn't use them.

    >La liberte des uns s'arrete la ou commence celle des autres.

    Monitoring everybody in public places is a restriction on others liberty.
    Furthermore the majoritys right on privacy has to be restricted to prevent a minority from commiting crimes.

    I fear robbery less than the loss of privacy and self-determination. Not that the latter is more possible, but

    You might have heard of the person in GB whose suicide was recorded by a surveillance camera and broadcasted on tv.

    AFAIK, the only result of installing cameras has been that criminality has migrated to other areas were no cameras were installed.

    Maybe you should read George Orwells "1984".
  • Yeah, believe what you want. Things might get invented somewhere but success lies in IMPLEMENTING it.

    Computers, airplanes, VM, television, radar, radio, sonar, WWW and the telephone. ALL implemented more successfully by Americans than anyone supposedly inventing it.

    Why? Freedom.
  • And Europe produced the Yugo.
    As for linux, copied from US software (unix).
  • You first sentence is unclear. Do you claim that the EU needs better regulation than it has, or better than the USA? Do you claim that markets are not competitive in general, or just in the EU? Either way, what evidence supports this conclusion?

    A few US companies with very high reputations to maintain may decide it is more profitable to respect their customers' privacy. Many managers will consider the money to be made from abusing their customers, but refuse on ethical grounds. (Don't laugh, it's true.) But it is common practice to use customer data in any way which might prove useful. There are several reasons for this:

    • As far as I can tell from press commentary and the actions of companies such as Amazon.com, privacy policies have no legal standing. They purport (at least on ecommerce sites) to be terms of sale, which would be legally binding, but apparently they are not. It seems they do not even have the status of advertising, where companies can be penalised for making false claims.
    • All you can see is the privacy policy. You have no way of finding out whether the company is follwing its policy. You may realise that your email and physical addresses have been sold to spammers, but you won't know who sold them.
    • Most dotcoms are fly-by-night companies not long for this world. They have not had time to build a good reputation and will not have time to suffer from a bad one.
    • Even in a long-established company, the executive who makes the decision to sell your personal data will probably not be there for long. (S)He will receive a generous bonus for the profit generated, and leave before the lost sales are apparent. There are a few industries such as pharmecuticals and aerospace where a long-term view is required, but they are exceptional.
    In theory there would be no need for laws against fraud, false advertising, unsafe food, medical malpractice or deadly working conditions. The market would prevent such problems. But in reality all these were extremely widespread before they were outlawed, for the reasons given above, and still occur sporadically.

    I'd be interested to hear about this personal experience you speak of. Exactly what protection do you have in the US that you do not have in Europe?

  • How much did they fine Amazon.com for revealing individuals' purchases? Wasn't it $0?
  • Pitcairn women have been voting (on and off) since 1838. See the encapsulated history [puc.edu] of the islands.
  • England has never been a representative democratic republic. In the 17th century England was briefly a republic under an unrepresentative parliament (elected by a minority of wealthy men, much like US governments before the abolition of slavery, female suffrage and civil rights), and then a dictator. England has not existed as a sovereign nation for nearly 300 years, and the UK remains a monarchy as its name suggests.
  • >There is an entire town in England that is wired >with outside CCD caramra's with police stations >every few blocks to monitor everyones movement.

    Do you know the actually benefits of CCTV cameras?
    This reduces all kinds of crime, muggings, beatings, rapes, burglarys etc.

    I don't really care that I appear on CCTV cameras because I have nothing to hide. If i'm walking home on my own or in a small group after the pub at night, I know damn well that I'm safer and I'm Less likely to get attacked by a hord of drunken wasters.

    People who winge and moan and CCTV cameras are obviously either, paraniod, have something to hide, or just plain stupid. The privacy bit is outweighted by the benefits - a saver environment where people can pass - day or night.

    Stop trying to create conspiracy theories, and look at the known benefits.

    I do care about privacy, but CCTV outweighs the disadvantages... *safer* environment for *all*.

    Yes, unfortunately, CCTV does push crime out to other parts of a town, or to different towns where there are no CCTV cameras - but these are problems that need to and will be addressed.
  • Check out this article: http://www.zdnet.com/zdnn/stories/news/0,4586,2678 941,00.html

    Looks like kids don't have any privacy even when they are at school. I can't believe that our society (US) allows corporations to have access to our school systems, whether it's these net filter companies selling viewing habits or even these private companies coming in to manage school systems, with little consideration about the possible long term consequences.

  • Do you know the actually benefits of CCTV cameras?
    This reduces all kinds of crime, muggings, beatings, rapes, burglarys etc.

    Get real. CCTV cameras do a little to counter popular spots for Friday-night drunken brawling, are useful for supporting evidence in shoplifting or car theft (assuming the thief has already been arrested), but do little else.

    Unless you're the thickest of criminals, you don't mug people where the cameras are. So what ? There are plenty of other suitable ambushes, and typical camera sites tend to be large open spaces (so as to give a good field of view) and these weren't where the muggings happened anyway.

    Burglaries ? Do the police really have a camera pointed at your back entry ?

  • The RIP Act is certainly a big problem with the UK, but it's only one specific instance of a more widespread problem; Reactionary Ignorant Politicians.

    Witness the recent furore over internet adoptions; a UK couple "bought" two American babies from a US-based on-line eBaby auction. The second-highest bidder complained to the news media. Maybe we need to fix this, but we should do that by either the USA stopping baby sales for profit, or the UK imposing controls on the import of unlicensed babies to unsuitable parents.

    We can't import strong crypto, but babies are OK ? Something is wrong there !

    The UK government's reaction though was to threaten prosecution for UK ISPs allowing connectivity to offshore baby shops. Doh! These people are too clueless to be allowed to make policy.

    Our previous "Minister for DotComs" managed to stamp out independent IT consultancy, including my own, by introducing punitive taxation on one-man-bands, yet continues to pork-barrel the Big Six consultancies with government contracts to deliver non-working mega-systems. This government continues to mouth platitudes about "UK eCommerce leadership", but their actions are entirely contradictory. Blair is almost proud of having less IT knowledge than George W.

  • Granted, a stated policy can still be a bad policy.

    OTOH, without a statement of the policy, then we have nothing. It's not enough, on a privacy issue, to simply live in a country where most sites are well behaved. It's not the multitude of good sites that are the problem, it's the minority of privacy abusers. Without stated policies, we can't detect these and avoid them.

    Secondly, we need automatic policy publication through systems like P3P [w3.org]. Even that much isn't yet a solution, as we also need the next step; protocols like APPEL [w3.org] that allow us to express our own preferences for an acceptable policy. We're not even home yet, as we then need browsers to start supporting it. Actually we need IE, the mass-market choice, to do it so as to give a critical mass.

    Privacy can be so much better than it is at present, and there are already demonstrations of these W3C-derived standards in action. They're a good fix ! Damn near complete user satisfaction, just by getting well-integrated browser negotiation of your preparedness to disclose.

    Underlying it all though, is a stated policy on the site. Without that, you have nothing.

  • I can't believe that our society (US) allows corporations to have access to our school systems,

    Why not ? You're the ultimate Capitalist state. The deal is that you get cheap cars and gas, and that anything Cornelius Vanderbilt (and his moral inheritors) wants to do to you in return is explicitly permitted. If the government starts to not like it, the Capitalist party (as Gore Vidal described it; one party, with two right wings) will install a new and more compliant Barbie-doll president.

    If you want something that behaves like socialism (where an individual's privacy is a matter for the individual), move to a socialist country.

  • This report claims that stated policy is bad, because it's not enforcable and it can be misleading.

    It's not a stated policy that misleads though, because that's verifiable (we can already do this - it's only site inertia and lack of demand that stops us). It's the mis-use of TRUSTe and Which -style branding that's a more serious problem. Joe Sixpack doesn't assume a site is secure because he read the small print in a policy statement, it's because there's a big flashy logo from a trade organisation that he's impressed by.

  • Spamm is prohibited in Spain,

    Although in practice, alt.animals.badgers is regularly Spammed to death ("Ganero Dinareo !") by teleline.es Whatever legal provision there is, hasn't solved the problem.

    Look, I like badgers, OK ?

  • I don't know about the french police, but I'd trust any scandinavian policeforce, rather than having any connection to Micro$oft. Hell, I'd even prefer Intel if that choice was available...
  • all the great technology inovations have come from America

    The internal combustion engine - a prerequisite for cars and aeroplanes - invented by the Germans. The jet engine - invented by the British (and a German simultaneously, but they lost the war). The stored program computer - invented by the British (C Babbage), the electronic computer - first one built by a team of British people. Virtual memory - invented by the British. The television, radar, sonar - all invented by the British. The World Wide Web - invented in Europe. The telephone - invented in America by a Scotsman. Linux - written by a Finn

    The electric chair - invented in America. Gun crime - invented in America. The Police Academa series of films - invented in America. Windows 1, 2, 3.x, 9x, 2K, NT - invented in America

    Yep you Americans sure lead the World technologically and we'll all be wonderfully safe as long as we let Uncle Sam piss all over us

  • This studies "findings" don't seem consistent with what I see on the internet. The second "finding": "The vast majority of sites gave users no choice about being on the site's own mailing list or having their name passed on to affiliates or third parties" doesn't sound right. I don't think I've registered at a site in the last year that automaticly threw me onto a mailing list. Indeed, most sites seem to give you lots of options about the mailing list. The problem normally comes when you want to get off the list...:)

    The first "finding" is just as meaningless: "Just over two thirds of sites collect some sort of personal information and almost all of these sites asked for details that made it easy to identify and contact the person." So fucking what? So don't provide the information!?!?!?

    This study should have been conducted in the larger context of why sites collect this information and what this has to do with consuemr habits on the internet. Of course, the answer is to make money from advertisers. Someone's got to pay for the internet and don't hand me that shit about your tax dollars at work. If you really believe that, stop posting to slashdot immediately and forsake all sites that have banner ads. Good luck finding something useful beyond usenet. Oh, make sure that you're using tin too. Deja has some ads on it.
  • An interesting rant. Here in the states, everyone but the individual owns the information. Even the gov't will be happy to sell you personal information about it's citizens. Not too long ago it was disclosed that state governments were selling personal information collected at the DMV.....
  • No, you guys only wear the armour becuase you wear the armour!

    I know it sounds confusing, but if you didn't wear armour, you wouldn't need it to defend yourself. As players use stronger armour, players need stronger armour to defend themselves!

    In rugby, the players are not pussies and take a hell of a bashing compared to your American football nancy boys. Cauliflowered ears, burst eyes - it's a regular thing.

    And, in rugby the players don't get more time resting than playing because of your advertisment dominated pathetic excuse for a game!

    Rugby rulez!

  • >And womens rights to vote was first granted in New Zealand.

    Nope, sorry. Women first got the right to vote in South Australia. New Zealand was the first whole country to give women the vote.

  • Hey.. why flamebait ?? it was very funny
    Besides, they do beat us at basketball (shame shame shame shame shame, shame on us)
    They also beat us at patent warfare, fatness, american football, american bad fast food, american bullshit, and tons of other very interesting and relevant things :)
  • Hmmm your post almost implies you didn't see Godzilla !!!
    Now how are you to be trusted ?? :)
  • There is..
    After abusing of animals, we have to apologize
  • Yes, you are right.

    We are, mostly, teleline haters ;-), I would say that Teleline and Terra-Lycos are the Spanish AOL.

    Most of their SMTP daemons are unprotected and relying spam mails.

    --ricardo

  • Sure there is... if a company violates its privacy policy you have every right to sue them.

    And how do you sue when most policies say "This policy can change at any time without notice"?

  • I have lived 5/6 of my life in the EU
    What I was trying to say is that it is not obvious, *from a theoretical standpoint* that we need regulation to protect privacy.
    By the same token, regulation isn't necessarily effective, as much european privacy protection legislation shows. All it does is to inform you that you don't have privacy. It's something but it ain't privacy.
  • This just in...

    The US also beats Europe in...BASKETBALL!

    You silly brits are so OWNED by our mad skillz in Hoops and Online Privacy!"

  • Thank you. It was meant as comedy, just as 85% of my comments are...I hope some Mod is trolling at 0 to catch that and correct the rating...but as usual, someone with no sense of humor incorrectly labels it. :(

    And yeah, we're MUCH fatter too :)

  • What consequences?

  • Yeah, we 'Merkikuns may be fatter - but "We've Got the Bomb" - too bad we've only dropped it in anger twice...
  • Privacy laws in Europe bring certain requirements onto european companies, and US companies that do business with europeans too.

    In a compromise, Europe asked US Companies to voluntarily conform to "Safe Habor" policies, i.e. voluntary compliance. So far, only a few US companies have accepted them, and that will mean that Europe might soon impose a ban on electronic trade with the USA.

    That is an argument against the study. On the other hand, maybe privacy laws really are just ignored inside Europe ?

    (My account may be slightly inaccurate in the details.)

  • Does anyone know anthing about the history of privacy ? (links please)

    It seems to me that for the greatest part of history people have been living without the 'right' to privacy. I understand that one can't compare a modern democracy to feudal/autocratic governments but I would be interested in where in history people first began thinking/worrying about privacy.

  • by kyz ( 225372 )
    ba ba booey to all of you?

    Cheers for the info, Bob.
  • > Would you rather put your life into the hands of
    > the cops or Microsoft ?

    Well, I'd choose Microsoft. They at least have a vested interest in keeping me alive.

    Virg
  • Nah you dont have to be an AC to speak freely, just to be free from the consequences of your speech..

    On the other hand nice slashdot reference...
  • Let the market decide how valuable your privacy is.

    No thanks! I don't want "the market" or any one else deciding the value of my privacy. I'll make that decision. The privacy in question is, after all, mine. No one else has a right to decide that I will give it up regardless of what dubious "advantage" I get in exchange.

    As for privacy policies, they are of no use to people without any legislation to back them up, for the following reasons:

    1 - The market has demonstrated quite decisively that the disadvantages of angering potential customers by violating their privacy are nothing compared to the advantages to be gained by going ahead and collecting the information. Junk mail and spam are classic examples of this. Spammers constantly anger millions of people, but at the same time, they get enough return on their investment to make it worth the trouble.

    Because of this, we cannot expect "the market" to protect our privacy by allowing the least invasive companies to rise to the top.

    2 - No matter how good the privacy policy of a company is, they nearly all contain language saying that the company may change the policy at any time without consent, and often without even notification of their customers. Thus they can tell you one thing, and then later change their minds.

    The first problem above can't really be solved without changing societal attitudes towards giving information to companies. But the second problem could be alleviated to great extent (but not completely - nothing is ever perfect) by passing some basic legislation. To wit:

    1 - Require companies that collect information to explicitly tell you what that information is, and how it will be used. Essentially, they must have privacy policies.

    2 - Require that if they want to change the policy that they notify you before the change, and that if you reject the change, then they must either continue to use your info under the terms of the old policy, or delete your information entirely (in which case you would probably have to explicitly agree to their new policy in order to keep using their services). This requirement of notification and giving someone a chance to reject changes is not any onerous burden; in fact it is standard procedure in contracts (read your credit card agreements for an example). All I'm saying is that "privacy policies" should be treated as contracts, since they are used as if they were contracts describing an exchange of personal information for use of a service.

    I would also like to see a law requiring deletion of personal information at the customer's request. We already have something similar in the National Direct Marketing Association, but participation in that is voluntary.

    Eris

  • Sure there is... if a company violates its privacy policy you have every right to sue them.

    Suing someone is a tremendous pain in the ass, and expecting private citizens to mount law suits against obvious lawbreakers is an unreasonable burden. Obviously illegal activities should be pursued by law enforcement agencies.

    For example: When I was living in California a couple of years ago, I had a private dedicated fax line to my home. After a month or so, I was receiving several unsolicited faxes per day. Unsolicited faxes are illegal [gpo.gov]. So after a couple of months of tremendous paper and ink waste, I decided to look into my legal options. The FCC site recommended that I call my district attorney to alert them of the breach of law, which I did. It took a while to get someone actually on the phone, but when I did, they recommended that I go out and hire an attorney! An attorney! Why in the hell should I have to do anything more than report the crime and serve as a witness?

    Privacy law should be written in such a way that minimal privacy measures are mandatory, and infractions of privacy policy are felonious offenses.
  • And IMHO they're full of shit, wherever they are.

    However, if a British consumer group finds that America has better privacy measures, it may be motivated by desire to improve privacy policy in UK, rather than to let US feel complacent.
  • Here in the states there is a quiet debate about e911 services - the ability to locate and track any cell phone that is on. The ability to determine who is at a meeting in the proximity of whom. Divorce lawyers are foaming at the mouth to get this. This is being done in the name of 'public safety' whereby the police would be able to find you if you had an emergency, blah blah blah. At any rate we hear the same empty policy statements: "we won't sell the information to anyone, we won't give it up in bulk without a subpoena, it's protected, woof woof woof" But since the Republicrats have moved larger and larger portions of the implementation and execution of public policy to private enterprise there are few if any controls and no incentive whatsoever to comply with even that fluffing. You will be tracked you will be recorded.
  • > If the US government tried to implement that,
    > we would be kicking and screaming about
    > government control of the Internet,

    Erm... In Europe the governments know who is collecting data and for which purposes, but they do NOT have access to those data. And if you're about to collect sensitive data (about religion, politics beliefs, sexual practices...) you need to obtain a special authorization: they check what uses you'll do with that data.
    Moreover, the company that collects data is responsibile for them, so that even if these data "accidentally" leak to someone else, the company is responsible for what happens.

    We don't have privacy policies, we have privacy LAWS.

    Ciao,
    Rob!
  • It depends on your definition of "won" and "lost."

    If your definition is, who was legitimately chosen by the American people, then according to the presse's recount [orlandosentinel.com], Gore won Florida handilly [msn.com] by any recount standard (save that which allows only machine recounts and thereby propogates systemic errors such systems entail, with no possible check or balance).

    The Usurper, George W. Bush, is in office because of a supreme court willing to throw the constitutional process to the wind in order to pay back political favors 7 of the 9 justices owed the Republicans in general and the Reagan/Bush/W faction in particular.

    By the "democratic" definition George W. Bush and the GOP lost, resoundingly.

    Now, if you define victory as he who assumes power by whatever means then, yes, The Usurper won, just as Milosevic won (until recently), just as Stalin won, just as Idi Amin won.

    The problem with accepting such a nondemocratic outcome without complaint is that it encourages future such actions by one or the other party. It is important for us, the people (who were the only real losers in the last election), to be in the Usurper's face, to call him such to his face and make it clear, in no uncertain terms, that we know what he did, that he is illegitimate, and that he'd better not even think of trying to shove his right wing agenda down our unwilling throats unless he wants to face widespread, vocal, and disruptive discontent.

    The alternative is to encourage both parties to rely on increasingly undemocratic means to subvert the electorial process, until the behavior becomes so outrageious and so eggregious that people do rise up in violent reaction, which is the last thing any sane mind would want. Far better to voice our discontent loudly now and strongly discourage any such future behavior on the part of either party.

    Be sheeple and lose your democracy, be a vocal, nominally free citizen, and at least you have a chance, however small, of preserving it.
  • Cauliflowered ears, burst eyes - it's a regular thing.

    And this is something to be proud of? It's just as inane and idiotic when the europeans sacrifice the use of their bodies for a game as when americans do it.

    This is like watching two morons debate who is the stupider of the two.

    LK
  • Lot's of self server BS deleted, but just to clarify...

    So rather than blaming Clinton for the illegal things that we know he did, like lying to a grand jury and obstructing justice; rather than blaming Clinton for being a total self-serving piece of shit who possibly broke the law for soliciting contributions from foreign governments and a quid pro quo to his multi-millionaire supporter - you choose to blame the Republicans.

    No. I blame Clinton and the GOP for different things in all those. Except the topic that I was talking about, the quid pro quo to the millionaire. In that case it is exclusively the realm of the GOP that deserves blaim for wasting my tax dollars as even Rabid Right Wing Ideologue Dan Burton admits that there was absolutely no hint of a crime being commited.

    Don't let your obviously extreme bias lead you to conclusions that are baseless with regard to what I was actually chatting about.

    --

  • It's time for the U.S. Congress to debate the privacy issue and make some real reforms.

    No can do. The docket is full of meetings discussing whether Clinton should have pardoned a multi-millionare supporter.

    It doesn't appear to matter that the pardon cannot be revoked and Clinton did nothing illegal, only immoral. Good to see our tax dollars spent on what we are interested in, eh?

    It's like the GOP is trying to shoot themselves in the foot this time.

    --

  • Here in the U.S., no such legal recourse exists.

    Actually that is incorrect. If a company places a privacy statement in their advertising, and fails to adhere to it they become liable under US commercial codes for breaking a contract with thier customers. The FTC regularly fines companies that engage in such practices.

  • The point the study was making was that, just because there are better privacy laws in France, the fact that web site companies abuse these laws means there is still less privacy at some of these sites.
    To quote from the consumer report:

    "A special opt-out procedure that seems to
    appear on many French websites raised an
    interesting point. The procedures made it very
    cumbersome for consumers to act on their right
    to opt out of mailing lists. Several of the sites
    tested did not provide the usual method of
    opting out of further emails - by ticking a
    certain box, for example, while placing an
    order. Instead, at some point during the
    transaction, the sites alerted consumers,
    although rarely in a prominent place, to their
    rights under Article 36 of the French
    Information & Liberty Law of 1978. In order to
    prevent a company from using the consumer's
    information or from sending him or her further
    information in the future, it is necessary to
    send a postal letter to the company. This was
    the case with the sites www.lalibrairie.com and
    www.avecbebe.com. The two French sites
    www.rouge-blanc.com and www.nature-bio.
    com, notably did not make a reference to
    this law on their websites, nor did they
    provide opt-out choices."

    What the consumer organization is saying is that until European governments actually enforce the laws they have, the laws provide no more privacy than US web sites are providing, despite US web sites operating in a nation with fewer relevant regulations.

    I hope someone in France takes rouge-blanc and nature-bio to court for a significant penaly in a well enough publicized case that web sites begin to take the privacy seriously.
  • Here in the U.S., no such legal recourse exists.

    Sure there is... if a company violates its privacy policy you have every right to sue them.

    I like the US policies better anyway. Let the market decide how valuable your privacy is. If you have Store A and Store B selling the same product and A has a strong privacy policy and higher prices and B has cheaper prices and a weak privacy policy, why shouldn't people have the ability to make this tradeoff?
  • People who winge and moan and CCTV cameras are obviously either, paraniod, have something to hide, or just plain stupid.

    The irony here is that you, in all probability, have no clue why this statement alone provides all the reasoning for not having 24x7 cctv monitoring in public spaces. While I also have nothing to hide, what I am more concerned with is that my opposing cctv monitoring will have all the 'Right Thinking' groupthink types classifying me as a paranoid, criminal or a moron.

    When I enter a private space I know that I know that I am likely to be monitored. This is the price I, and others, pay upon entering someone else's space. But I draw the line whenever I am in a public space. I also know that high crime areas benefit from the inclusion of cctv monitoring and I agree with the temporary installation of those devices in those areas. After all, there are only so many police available. But to monitor everywher all the time is much too close to a police state to be reasonable.

  • One of the major problems facing pro-privacy activists today is a certain type of corporate spin. Major advertisers in the U.S. have created a PR campaign whose goal is convincing people that notice about how your privacy is being violated (typically buried in a dozen pages of fine legal print) is more important than actually having privacy. The PR campaign is designed to push the idea that a privacy policy is what is really needed, not actual privacy.

    If the company is honest about what they intend to do with my data, I have no complaints. If I don't like it, I'll simply take my business elsewhere. I imagine, given the litiguous climate in the US, that consumers could easily sue in response to a violation of a stated privacy policy.

    What does bother me is when the government forceably gathers information from me. Businesses I can choose to avoid, but the government has guns.
  • by mpe ( 36238 )
    I live in France, I OWN my personnal datas (I can ask any company owning some to delete it or not resell/give it). I can sue any company not following this guideline.

    Except that it isn't a "guideline" it's the law of the land.
    Thus any "privacy policy" would be either stating "we obey the law" (redundant) or trying to come up with some creative language to justify breaking the law...
  • If the US government tried to implement that, we would be kicking and screaming about government control of the Internet, and make instant comparisons to China.
  • ...on the other side of the ocean.

    I moved from Sweden to the US five years ago. It's funny how at both sides of the Atlantic a lot of people are sick of their oppresive country, and yearn for the freedom and decency of the opposite side.

    I don't find Swedens privacy record impressive at all. The government demands to know pretty much everything about your life, and it's not afraid to use that information. Many of it's employees also have access to a lot of it.

    How about this: In Sweden, your tax return is public information, with your entire income, where it came from as well as that HIV treatment deduction. I could go on.

    There is also a law on computer registers, which makes most web sites illegal, since people's names are not allowed to be stored there. It is of course ingored and laughed at. Not too dissimilar from the scenario where a company ignores it's own privacy policy.

    Personally I prefer companies to abuse my info than the state. At least they can't put me in jail based on it.

    I also doubt that these online privacy measures, however nice they might be in theory, will work in any serious way. After all, information wants to be free.
  • Are we honestly expected to believe the privacy policies of people who have signed the paychecks for people who were convicted of espionage? Yes, I'm referring to just about every national government on earth.
  • Ok, to take the easiest example to blow you out of the water...If MS retain the ability to get every manufacturer who wishes to ship any MS software to pay for a windows licence for each processor (and hence 90% of machines+ ship with Whistler) and they track all the world's Whistler's users data and sell it and statistics from it you are going to tell me that good old US competition is going to sort it out? The question is what should be regulated and what should not, and the laws of rhe real world should apply, i.e. this is equivalent to building a tracking device into all Cars and reselling that data and should be regarded as spying or stalking.

    If your legal system does not provide any level of defence you must read every single piece of fine print on every site to discover if you agree with their policies or not AND checkup against an external source to find out if they honour them and any history. I'd rather spend my time surfing the net knowing that I have a level of privacy by default (at least on servers/companies who I know are under a suitable legal system).

  • The problem with the entire privacy argument is that both sides have trouble understanding each other AND like many important issues cases are easily conceived that clearly support either side.

    To address the particular cases you quote, I would fear for the privacy of the area locals if the police installed CCTV. The aims for using the system would be noble and true, however the poliemen would be prone to spend more time watching the cameras and more time busting people "we know are up to no good" for anything they catch them on camera doing (e.g. loitering because their is nothing to do!). When they see people walking home drunk, wearing a "legalise it"/DeCSS T-Shirt or even just meeting another group of people to exchange something and then walking away they will start to look at them as possible suspects. Their privacy has been invaded although all they have done is A: taken advantage of licensed premises adding plenty to the public coffers; B: Visibly used their right to free expression or C: Seen an old friend and exchanged business cards. When I am out in public I expect to be caught for any crimes I commit which are not victimless and that I still have my fundamental civil liberties e.g. a policeman cannot stop and search me randomly or routinely or even stand there and watch/follow me for an hour randomly or routinely....he needs a reason.

    In the case of the Swiss protection for prostitutes, one must only ask what footage will be shown if any VIP walks down that street or talks to someone. If the area is simply a "shopping mall" than I think CCTV is appropriate. However if it is public streets which are used nefariously (or even legally if that's Swiss law) alternative solutions should be found, by whatever means necessary. If not, you better watch out and think carefully about anything you do as it may be shown back and used against you and context is a hard thing to prove!

  • Sorry, but its only a matter of time before Pacman, Defender et al work their way into the olympics! :)
  • Let's be honest here, American football has a lot more force involved than rugby. I mean, put your best rugby team against any professional American football team in either game, and they'd be hurt pretty bad. Just a size/strength issue, which is why we wear the armor...
    --
  • I know it sounds confusing, but if you didn't wear armour, you wouldn't need it to defend yourself. As players use stronger armour, players need stronger armour to defend themselves!

    It's not about the armor; it's the size, strength, and weight. The armor has gotten stronger over the years because it simply as had to. The average linemen in pro football weighs well over 300 lbs, stands a good deal over 6 feet, and is expected to benchpress around 400 lbs. Without the armor you'd see a couple of deaths each season. Hell, I've watched rugby, and I've watched American football, there's no comparison in the scale of force involved.
    --
  • Last time I looked in the back of my PC, I saw that all the components came from Taiwan, Korea and China, not the USA.

    They were designed in the US; other countries just cloned them.

    It took a Finn to develop the greatest software, and the "second in command" is a Brit! (Alan Cox).

    UNIX was invented in the US too; the Finns and Brits just cloned it too.
    --
  • Good point. In fact, the people who actually do the studies are usually careful to point out that theirs is just one study of many, that it only applies under such-and-such circumstances and is affected by such-and-such factors, it is just one little step in understanding a complicated topic, etc., etc. All of which gets lost by the time the study is reduced to a sound bite.

    People often complain that the information obtained over the web is, on average, less reliable than that obtained through traditional media. Perfectly true, but traditional media is not without glib oversimplifications, garbled data, misleading factoids, reporters with questionable objectivity, and simple self-serving lies. One hopes that being exposed to diverse, contradictory sources of information will make people more critical of their sources and less subject to manipulation.

    __________________

  • (Better) Regulations in the EU are needed because markets aren't competitive, so companies can screw the consumer at their pleasure. You're missing the fact that in the US the market (at least in principle) should take care of selecting companies with preferred privacy policies. Even without regulations, companies that screw too much with denying privacy will (should) be selected out. So it is true that privacy policies in the US is voluntary but it is also true that companies have to keep an eye at not pissing consumers off too much. Hence the result, from personal experience, that you have more protection in the US than in europe even without explicit government regulations.
  • Especially after reading this [stallman.org] in which Richard Stallman explains how a law put itself above the individual rights in Britain.
    So, how can we ask a state to protect its citizens' privacy if it doesn't recognize it as a right?
    --
  • > So, instead of creating a possibility of distraction for the > childs and spending more money for policemen, they wanted to > install cameras to monitor everybodys movements. Nobody did want to become policeman in this area. > What a direct and senseful approach for a social problem. > The crime rate doubled for what reasons? > Because they didn't installed the cameras? Not exactly : The young understood that they had won : Nobody would monitor them and no cop would come. It had become an outlaw district. So, the crime rate increased because they felt "allowed" to play even more. > Cellulars are a greater risk for privacy, unlike walking in > public, you mustn't use them. We agree on this point. Good. > Monitoring everybody in public places is a restriction on > others liberty. It is public and the one who monitors does it for public purposes. It is contextually okay, IMHO. > I fear robbery less than the loss of privacy and > self-determination. Look around you : You already lost it, and they manged to implant in your brain the opposite feeling. > Not that the latter is more possible, but You might have heard > of the person in GB whose suicide was recorded by a > surveillance camera and broadcasted on tv. No, i don't have the television. I nver listen to faits-divers, I lived enough among them. > AFAIK, the only result of installing cameras has been that > criminality has migrated to other areas were no cameras were > installed. So ? At least some epicenters were dilluted, weren't they ? > Maybe you should read George Orwells "1984". Will it change my life or make me optimistic ?
    --
  • While the RIP act (not a bill - chillingly, it's a real law now) is incredibly draconian and is an outright attack on the online populus, we can take a little comfort in that it has strong enemies:
    • The Human Rights Act
    • The Data Protection Act. In particular, our Data Protection Registrar has promised to prosecute any bosses that contravene the DP act under the auspices of the RIP act. Your privacy is safe with her.
    As far as privacy goes, this is a consumer-oriented study, so really it's more about what businesses will do with your information, under the juristiction of the Data Protection act. The RIP act is more about MI5 spooks trying to snoop on you from the comfy chairs in GCHQ.
  • A privacy policy which says, "We keep all your information private", when in fact the company sells everything it knows about you to the highest bidder, is also a perfectly valid (though untruthful) privacy policy.

    What they mean is "We keep all your information private" as in private property . That is, we'll sell it, not publish it.

    -Craig

    --
  • The problem is fairly simple, actually. Citizens of the EU, and to a lesser extent Canadians, have more legal rights to privacy, with the minor exceptions of the UK and Turkey, than do citizens of the USA.

    But most major websites in the USA practice better privacy due to consumer pressure and our continual willingness to sue over anything, whereas EU corporations have fewer problem customers to deal with.

    This will change over the next three years, as Bush loosens privacy regulations and enforcements, while the EU cracks down on such abuses.

    So, to sum up: you get more perceived privacy today in the USA, but over the next few years you'll get more real privacy in the EU.

    Canadians, of course, will get the best of both worlds. Luckily for me I'm a dual citizen of both Canada and the USA, so I can sue like an American badger to enforce my Canadian rights on American sites.

  • by ciurana ( 2603 ) on Friday January 26, 2001 @07:50AM (#479724) Homepage Journal

    I have been very fortunate in having had the chance of living in several different countries. So far I can say that, based on experience, privacy is better safeguarded in European countries.

    I think the two countries where I lived and where privacy was part of the national agenda were Leichtenstein and Switzerland. I have become very disillusioned with the state of affairs in the US when it comes to this fundamental right. The Americans could learn a lot from the Swiss.

    As for privacy on-line, we must all be proactive in protecting it. Some things I routinely do:

    • Install JunkBuster [junkbuster.com] and keep your blocking files up to date.
    • Use bogus information whenever you are asked to register to a site (the guys from the nyt.com must be wondering why so many Salvadoreans read the Film section on Fridays)
    • If you're purchasing something, and have the option to do it on-line or over the phone, go over the phone. Check if the call desk uses a different entry system than the web-based system. If so, chances are better that your payment infos are a bit more protected.
    • Sign up with someone like BrightMail [brightmail.com] to filter all unwanted spam. It's free and it *works*
    • In the real world: Refuse to give your social security number or other identifying information unless it's clearly stated by the person asking what they'll use it for. My HMO wanted the infos; I sent them to hell. I still got my medical care.
    • If you have the stomach for it, get a or make a good fake ID. There are several titles from the Paladin Press [paladinpress.com] that can guide you on that one. Make sure that you use this for non-official business only.

    I think that, bottom line, being street smart about your wanderings on- and off-line is the best protection for your privacy. Don't disclose any information that isn't compulsory.

    Cheers!

    E
  • by FreeUser ( 11483 ) on Friday January 26, 2001 @08:03AM (#479725)
    It's time for the U.S. Congress to debate the privacy issue and make some real reforms.

    There is really nothing to debate, from the point of view of either the people or congress.

    We the people know we should have privacy, and that the practice of selling our personal data without our explicit permission (for each and every sale individually) should be illegal, with penalties containing some real bite, including heavy fines and jail time for the offendors. There is really little if anything to debate.

    Likewise, on the congressional side, members of both parties have whored themselves out to their campaign contributors (not just their personal campaigns, but to those who contribute large sums of soft money to their party's funds). Present among these in no small number are the very firms who make so much money at our expense, selling our privacy at wholesale rates to whomever comes their way. So there is nothing for them to debate: they aren't going to turn around and screw those who pay them so well.

    Now, there is reason for a boistrous debate between congresses position and that of the people, but alas, since congress makes the laws, and the people have such a short attention span that they need have little fear of voter backlash for ignoring us, it is unlikely that the poeple would win such a debate in anything more than an abstract and theoretical way.

    The only thing government truly fears are masses in the street, protesting, day after day, week after week. The only reason they fear this is because such actions represent the clearly implied threat of "shape up or face a toppled government or, worse, armed revolt."

    Unfortunately, we the American people have been indoctrinated for thirty years that protesting is "stupid," "uncool," "pointless," "ineffective," and even "counter productive." None of this is true, of course, but it is almost universally beleieved. This makes it hard to get people on the street for issues they do care about in large numbers. Doing so day after day, week after week, for a period long enough to effect real change in policy, has become next to impossible.

    Add to that that both The Usurper and his erstwhile opponent, Al Gore, as well as our previous president, Bill Clinton, all persue equally reprehensible policies when it comes to encryption, privacy, search and seizure, and consumer rights in general. While the Usurper is shoving his right wing agenda down our collective throats and taking actions which will probably ignite a new cold war and thereby benefit the bottom line of numerous defense companies who have him in their pocket (against the express will of the American people as the, mostly unreported, press [orlandosentinel.com] conducted recount [msn.com] has demonstrated), it should be noted that, with respect to the issues most important to the technical community, such as privacy, freedom of speach, and intellectual property, Ralph Nader was indeed correct in saying that the only difference between Al Gore and The Usurper is the speed with which their knees hit the ground when in the presence of their corporate paymasters.
  • by gallir ( 171727 ) on Friday January 26, 2001 @07:49AM (#479726) Homepage
    Furthermore, every company in Spain, small or large, that maintains any kind of customers database, must be registered and obey strict regulations regarding the non-disclosure and protection of the data.

    Spamm is prohibited in Spain, the regular ticket (how do you say, fine?) is about u$s 50.000 if a company is found guilty.

    Also, any video camera that is located in public areas must be registered, approved and controlled by goverment agencies. Companies have a short period of time for keeping those videos or images, they have to be destroyed after the time has expired.

    I don't know how this works in USA, but according to the amount of USA companies' spamms I am receiving every day, I don't believe USA is more "sensitive" than Europe regarding with privacy issues.

    Try registering yourself in some large USA companies with a fake name (or in some conferences), and wait for a couple of hours before receiving new spams directed to that fake name.

    --ricardo

  • by mirko ( 198274 ) on Friday January 26, 2001 @07:49AM (#479727) Journal
    I lived in some districts in which young people usually feel bored and will burn any car on the parking in order to have some fun.
    Once, the firemen came and the car's tank exploded while they were extinguisshing it.
    the fireman lost his leg.
    In the same place, there are dealers across all the place and the police office has a thick iron curtain (that I have not often seen open).
    It has also been closed for 2 months several years ago as some people just burnt a car below it abd it had become too dangerous to work in.
    When asked about setting some camera in this place, people just cried it was violating their rights. The police canceled this project and the crime rate has since doubled.
    Did the people who protested know that their cellular phone was worse for their privacy?
    I since moved to Switzerland and I heard about some cameras to be placed in a specific area of Bien in order to protect the prostitutes who were regularly aggressed. They specified they would not take any record but just use this to halp a single agent to monitor the whole area.
    People also protested.

    So they say : "La liberte des uns s'arrete la ou commence celle des autres" (one's liberty ends where one another's begin). I think cameras are a matter of social progress in public areas. We do need them : who wouldn't fear knowing his children are wandering in a dangerous, non-monitored area? No comments.
    --
  • by osgeek ( 239988 ) on Friday January 26, 2001 @08:01AM (#479728) Homepage Journal
    Despite constaint complaints that you read about the US in /., it's obvious from its successes and the corresponding successes of its people that it does a lot things "the right way" relative to the rest of the world.

    Privacy is definitely not one of those things. The US needs to wake up about who owns information on private citizens. The citizens own it, and that should never be remotely questioned.
    • Unless you have been invited or are have a "reasonable" (non-commercial) expectation that I want to see you, do not come knocking on my front door.
    • Unless you have been given explicit permission to call me for business reasons, do not call my house.
    • Unless you have been given explicit permission to mail/email me for business reasons, do not send me mail/email.
    My mailing address, phone number, and email address are all mine, damnit, and if I don't give you written or recorded verbal approval to use it, you cannot use it for marketing research or sales. You cannot sell my information. Unless you have a valid need (like for issuing safety recalls), you shouldn't even keep my information on file.

    The sooner Americans latch on to the idea that corporations don't own our information, we do - the sooner that we'll remove these leeches from society.

    Yes, I know, I'm usually pro-business, but this is about privacy, and I think that privacy interests supercede business interests
  • by The-Zaphod ( 306293 ) on Friday January 26, 2001 @07:36AM (#479729)
    Privacy, has long since been a dead horse. Not just on the Internet, but in our everyday lives. I can not speek for those overseas but I am will to venture, that they ar just as bad as we are. There is an entire town in England that is wired with outside CCD caramra's with police stations every few blocks to monitor everyones movement. Here in america we are tracked by our banks, supermarkets, video stores, credit cards and our phone calling habits. Almost all of these have No privacy statement at all, and most do not even know that they are gathering and analyzing our habits.

    The main problem with Internet and web privacy is that the internet allows for one to visit or shop or browse a much larger base of information, thus allowing for a greater degree of data to be gathered. This is the lure of Market Makerers everywhere. When it comes to internet privacy it is up to the user to make sure that they are aware of the infomation being gathered and to protect themselves from unwanted storage.

    Even with a company's Privacy Police on a web site that strickly states that the information will never be used or sold to outside vendors for any reason, we can not be assured of that. As is the case with pets.com, who recently filed for banckrupcty protecting and is try to sell of its massive customer database. Privacy groups are attempting to block this sale and hopefulyl will succed.

    I beleive that in order to prevent the unwanted and often unanounced trading of our personal information that there should be steps taken to allow the user to better understand what information is being gathered. I for one would like to see that the entire cookie issue be redone. No more encryption on the cookies themselfs. Thus allowing me to actually see what EXACTLY they are storing on my system and what is being sent back to them. No more just posting that :we only store your user name and preferances" then hide the actual data in a encrypted cookie. Of course they do want to do that because it would open there infomation up for viewing by other marketers as well. But there should be a happy medium there somewhere.

    We as a whole have to fight together and unifidly to help stop this and to ensure our privacy both online and off. If we just sit back and observe without doing something proactive to prevent it it will only get worse.

    The ZAphod!
  • by PapaLazarou ( 309630 ) on Friday January 26, 2001 @07:43AM (#479730)
    Mr Blair is fond of telling us that the UK has to become the world leader in on-line businessm, but the RIP bill means that the government/police/any big business that fancies a bit of a shufty, can have read any e-mail passing out of the country, or any other e-mail they feel like if it's hustified by 'the safety or economic wellbeing of the country'

    Even if you decide to encrypt it, they can just request the key. "Forgotten" it? That's 5 years in jail. Tell anyone they're asking for it? Another 10 years.

    I think it's pretty clear who has the worst privacy.

    Of course - The USA has been reading them all for years using echelon




    Hello Dave
    Is Dave there please
    Your my wife now Dave
  • by laetus ( 45131 ) on Friday January 26, 2001 @07:26AM (#479731)
    Sure, maybe their "survey" found some of the best policies on US sites, but that's totally voluntary.

    At least the EU has regulations, so if a site is not abiding by privacy regulations, there is some legal recourse.

    Here in the U.S., no such legal recourse exists.

    It's time for the U.S. Congress to debate the privacy issue and make some real reforms.
    ----------------------------------
  • by pallex ( 126468 ) on Friday January 26, 2001 @07:22AM (#479732)
    ...The yanks get an early start with the Indecent communications legislation...oh, they`ve stumbled, the civil rights groups put a stop to that... And heres Echelon..what can stop this Brave New World order...

    Here come the plucky Brits with their RIP act..things are looking bad for the yanks (and the british subjects, but screw them!)...

    The French now, calling the stewards attention to Echelon...they`re not happy, not happy at all...

    But whats this? Carnivore? DMCA? The yanks are back in front!! Is there no stopping them? Have they no shame?!
  • by pivot_enabled ( 188987 ) on Friday January 26, 2001 @08:23AM (#479733)
    I sent this in for Slashdot to post as an article. They chose not to (understandably). But I do think it is very relevant to the privacy issue. Read it through to see why.



    A couple of years ago I received a letter from a collection agency. Gee Mr. Anderson you owe us $1000 on this account. I didn't recognize the claimed creditor or account, so, being an innocent 'babe of the woods' type I thought "I'll just call them and point out that it's not my account" - All done! Right? Wrong! I call and am told that while the balance is $1000 they would graciously offer to settle this for me for a mere $300. What a deal! After I pointed out that this was not my account and therefore this was, in fact, a very bad deal, I was once again told this was a bargain and I should accept it regardless.

    Needless to say I rejected their very gracious blackmail offer and instead opted to write them and the three major credit bureaus to inform them that this was not my debt. The credit bureaus proceeded to investigate and 2 out of three deleted the entry in 30 days as required by the FCRA (Fair Credit Reporting Act) when in fact they can not verify the debt. The last bureau deleted the entry in 45 days after a gentle reminder from me.

    This was nearly two years ago and logic would dictate that there's nothing more to be said about it. Unfortunately the FCRA doesn't require logic and the FTC apparently does not enforce it.

    Two days ago I received a new request from a new debt collection agency requesting that I pay $1500 on this same account! No doubt they would settle for $50 and a kiss but this is a major issue of principle. Where does it stop?

    I am therefore trying a new tack and one which SlashDot readers will likely appreciate and also find very disconcerting. I have created a special website for this particular agency at http://pinnacle.avarix.com . After spending a few dollars I gathered all the information I could about the agency and its principals. At the site are the agency's real address as opposed to the PO box they provide. The CEO's real address(s) and date of birth and the last four digits of his SSN. I bought that for around $40 or so. Shocked? You should be and I hope that laws will be passed to stop my, and their, misuse of personal information, but until then, turnabout is fair play!

    Maybe by getting the wolves to join we can encourage European style privacy protection (you own your personal information). If everyone has a vested interest in protecting their personal data we have a chance of changing the law. I think that if everyone took this approach we could shift the sentiment at the political level. I am sure that SlashDot readers will have some very interesting insights.

  • by Jhon ( 241832 ) on Friday January 26, 2001 @07:43AM (#479734) Homepage Journal
    This is a prime example of how ALL 'studies' need to be scrutinized.

    How often in the popular press do we read or hear of "a new study shows" that Fruit Loops cause cancer, or you can devolop venereal warts from "virtual sex" or [insert your own claim here]. There are also studies that show just how "right" or "correct" is any given side of an issue (abortion, gun control, whatever)

    How often do we take the time to look up criteria used by these studies?

    The scary part is that most people don't and they will happily believe what they see in print or watch on the nightly news -- without question.

    We don't need big-brother. We have CNN.

    -jhon
  • by Betcour ( 50623 ) on Friday January 26, 2001 @07:23AM (#479735)
    I live in France, I OWN my personnal datas (I can ask any company owning some to delete it or not resell/give it). I can sue any company not following this guideline.

    Every web site has to register with a gov. agency what datas are collected and how they are used.

    Now I'm curious to know how a privacy policy on a US web site can give me more protection than that...

Factorials were someone's attempt to make math LOOK exciting.

Working...