Re: ACTION-255: Work on financial reporting text as alternative to legal requirements

Alan, 

On Monday 01 October 2012 13:52:56 Alan Chapell wrote:
> It would be helpful if you and others were able to provide some
> more thoughts on the specific harms that you see out there - so
> that as industry innovates, we can keep those ideas in mind. Thus
> far, I've heard very little on that front.

I think we talked about the harms many times already. I'm ready to 
repeat them. If you really want to understand the issue deeply, 
there is no way around Beate Rösslers "The Value of Privacy, Polity 
Press 2005". She mainly concludes that the main reason for privacy 
is to avoid the forced reduction of autonomy (of decision making and 
opinion building). There are two high level categories:

1/ Consumer protection
Data secretly collected and used to discriminate for optimizations 
of all sorts. My preferred one is about plane tickets that you 
select during work-hours. In the evening you negotiate with your 
wife. She agrees. At 10pm you try to book your flight and it is $30 
more. You won't renegotiate the flight with your wife. Now log out, 
use a different browser and a new profile and the flight is still at 
its initial price. As a consumer, you want to be able to influence 
the reaction of the system you are confronted with. You can do 
either by DNT or blocking tools. I can show you how easy it is. If 
this is still an issue in 5 years, this may even be more damaging to 
the industry than DNT ever could be.

2/ Democratic values
In confirmation of Godwin's law let me tell you that I think that 
totalitarianism doesn't need computers. But it makes life easier for 
them. The concentration of high amounts of personal data in few 
hands is a risk in the power balance. We've been through that 
discussion for governments in the seventies. We have governmental 
privacy laws and FOIA (the EU countries only start slowly to adopt 
the latter). But the internet has changed things and now massive 
amounts of personal data are in private hands. Here also go chilling 
effects ( http://en.wikipedia.org/wiki/Panopticism Foucault is 
central). Even worse than any possible governmental censorship is 
the self censoring of the people because they fear to be watched. 
This is the key assertion of the 1984 decision of the German 
constitutional court on data self determination.

To burn it down to PCMCP, the former Egyptian government would have 
loved to determine whether an someone is inside Egypt or outside. 
All the world hailed the Internet for helping the revolution. The 
help was effective because the above was not easy. 

So there are real reasons. I tried to collect some of them. My 
favorite is the dog-shit case. A woman entered a bank with a (rather 
young) kid on her hand. The kid had dog-shit under the shoe and 
sullied the carpet. The folks in the bank used the video logs 
combined with the ATM logs to find the accounting information, real 
name and address of that woman. They invoiced 110€ for the cleaning 
of the carpet and took it directly from the identified account.

This small misuse may inspire you what you could do if you know the 
entire search history of a person. Or the entire clickstream of the 
last 2 years. For the moment, the possible manipulation is used for 
commercial profit, but we already see the beginning of the use of 
all this in elections. 

It is therefore essential that somebody can just indicate to the 
system not to be recorded. And that the system just does not record, 
or at least throws away after a very short time. So DNT is just a 
tiny tool, a little aspect in this overall picture. But it could be 
a useful tool. Now you may understand that recording the same 
information for accounting or PCMCP (a pure use limitation that is) 
is not sufficient for most people. 

Note that the EU folks can simply ignore this debate as they have 
laws anyway that prohibits you to collect (retain for Roy) or store 
that retargeting - information without a right out of consent or out 
of legal permissions. So this is a debate for the unregulated 
market. How far does commerce go to save democracy? An interesting 
question. For the moment it is just the consumer protection dialog 
we have. And the PCMCP case is good, because it shows that there can 
be a conflict between 1/ and 2/ above, because of measures for 
consumer protection that can only be achieved with more control and 
data collection about consumers. 

Best, 

Rigo

Received on Monday, 1 October 2012 20:27:53 UTC