W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2011

Re: "CSI just called, you're in."

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Tue, 18 Oct 2011 23:08:56 +0200
To: Rigo Wenning <rigo@w3.org>
Cc: public-privacy@w3.org
Message-ID: <17kr97do6eqrnpsargl179fmegkt6nn89h@hive.bjoern.hoehrmann.de>
* Rigo Wenning wrote:
>I think we need further research on the "right to be forgotten" to erase 
>content from the web. But this is tricky. Remember the cancel messages in 
>NNTP? There were cancel-message wars going back and forth. I also don't 
>believe the web can guarantee the total technically guaranteed erasure of 
>content. But there should be ways to make some stuff more difficult to see as 
>it may ruin lifes, even after years. 

Usenet also has the X-No-Archive header which signals that a message
should be kept out of long term archives. It's obviously imperfect as
the messages do not self-destruct and you have semantic problems like
whether the signal is transitive (do you archive replies to messages
with the header set?) but there seems to be enough social pressure to
honour it so it works quite well as far as I am aware. Archives also
tend to offer out-of-medium ways to cancel messages late which may be
necessary as cancels for very old messages might not propagate, so
you might enter a message id in a web form and then have to click on
some confirmation link that arrives via e-mail.

Lack of verification that some entity is legitimately requesting that
a message be canceled is in fact the primary problem with cancels on
Usenet. There have been a number of threads on comp.lang.javascript
recently for instance about how Google is letting its users bury the
group with porn and pill spam that would be utterly trivial to detect
with as little as a keyword filter with a dozen of keywords, but the
social conventions around third party cancels make it difficult to re-
move the Google user spam. Conversely, some people would really like
to remove old messages of theirs, but they no longer control the mail
address they posted it under.

Another interesting aspect with Usenet cancels is that for most other
users the mechanism is largely hidden and when their server decided to
honour a cancel, they most probably would not be able to retrieve the
message anymore. On Wikipedia the dynamics are quite different, it is
easy to see when a user removed some other user's statements, usually
it's easy to access and restore them for everybody, and some editors
have adopted various "proven identity" schemes where they just need to
know a certain secret even if they lose their accounts (they publish
some hash along with instructions how to generate it from a secret on
their user page, the edit along with who made it and when it was made
is logged; if their accounts get hacked, revealing the secret proves
they are likely whoever put the hash there, if that was sufficiently
long ago, they can have their account restored to them, without need
to reveal anything else).

In meatspace we are already a bit farther ahead. It's easy to buy a
telescope and spy on your neighbours, but most people will actually
feel that they are doing something society deems largely unacceptable
if they do so, even if only indirectly through fearing to be found out
much as we tend to turn around, move away, pretend not to have caught
anything when accidentally intruding in some private situation.

Here in Germany, law already protects citizens from abusive use of old
Usenet postings in a similar way: everyone has the right to access the
data someone might hold on them, including where the data is from and
the logic involved in the automated processing of the data. If someone
suspects something fishy going on, like when they are supposed to pay
a premium they did not expect, they principially have the tools to get
to the bottom of it and expose it, allowing society to impose further
restrictions where self-regulation has failed. We also organize things
like many forms on insurance on the principle of solidarity and if you
are a federal minister whose extramarital affair results in a child,
that no longer means you can't lead a conservative party, so there is
not much of an incentive to use such data either, relatively speaking.

(We actually have "Die datenschutzkritische Spackeria", a movement of
slightly satirical "post-privacy" advocates who remind us that there
are multiple angles to address "privacy" issues, highlighting things
as I mentioned them above like solidarity and tolerance that can re-
move the need to, say, segregate audiences as Rigo Wenning mentioned,
to some degree. That does seem important to keep in mind.)
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Tuesday, 18 October 2011 21:09:30 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 18 October 2011 21:09:31 GMT