Re: ACTION-255: Work on financial reporting text as alternative to legal requirements

In case it wasn't clear - other responses below…   (:


On 10/1/12 4:51 PM, "Alan Chapell" <achapell@chapellassociates.com> wrote:

>Hi Rigo - 
>
>I appreciate your taking the time - and the willingness to engage in
>dialog. However, you really did not directly answer my questions. You are
>providing high level examples of privacy issues - most of which will not
>be addressed by DNT unless we radically change our approach.
>
>
>
>On 10/1/12 4:27 PM, "Rigo Wenning" <rigo@w3.org> wrote:
>
>>Alan, 
>>
>>On Monday 01 October 2012 13:52:56 Alan Chapell wrote:
>>> It would be helpful if you and others were able to provide some
>>> more thoughts on the specific harms that you see out there - so
>>> that as industry innovates, we can keep those ideas in mind. Thus
>>> far, I've heard very little on that front.
>>
>>I think we talked about the harms many times already. I'm ready to
>>repeat them. If you really want to understand the issue deeply,
>>there is no way around Beate Rösslers "The Value of Privacy, Polity
>>Press 2005". She mainly concludes that the main reason for privacy
>>is to avoid the forced reduction of autonomy (of decision making and
>>opinion building). There are two high level categories:
>>
>>1/ Consumer protection
>>Data secretly collected and used to discriminate for optimizations
>>of all sorts. My preferred one is about plane tickets that you
>>select during work-hours. In the evening you negotiate with your
>>wife. She agrees. At 10pm you try to book your flight and it is $30
>>more. You won't renegotiate the flight with your wife. Now log out,
>>use a different browser and a new profile and the flight is still at
>>its initial price. As a consumer, you want to be able to influence
>>the reaction of the system you are confronted with. You can do
>>either by DNT or blocking tools. I can show you how easy it is. If
>>this is still an issue in 5 years, this may even be more damaging to
>>the industry than DNT ever could be.
>
>How is DNT going to stop this practice? If I'm buying my tickets via
>Delta.com, Delta is a 1st party and would not be subject to a DNT signal
>for these purposes.
>>
>>2/ Democratic values
>>In confirmation of Godwin's law let me tell you that I think that
>>totalitarianism doesn't need computers. But it makes life easier for
>>them. The concentration of high amounts of personal data in few
>>hands is a risk in the power balance.
>
>I agree - concentration of data in a small number of players is
>problematic. How do you see DNT addressing this issue? In fact, I think
>one can make a plausible argument that DNT will concentrate data in a
>smaller number of entities. I believe that's a horrible outcome that many
>in this group may be missing and/or choosing to ignore.
>
>>We've been through that
>>discussion for governments in the seventies. We have governmental
>>privacy laws and FOIA (the EU countries only start slowly to adopt
>>the latter). But the internet has changed things and now massive
>>amounts of personal data are in private hands. Here also go chilling
>>effects ( http://en.wikipedia.org/wiki/Panopticism Foucault is
>>central). Even worse than any possible governmental censorship is
>>the self censoring of the people because they fear to be watched.
>>This is the key assertion of the 1984 decision of the German
>>constitutional court on data self determination.
>>
>>To burn it down to PCMCP, the former Egyptian government would have
>>loved to determine whether an someone is inside Egypt or outside.
>>All the world hailed the Internet for helping the revolution. The
>>help was effective because the above was not easy.
>>
>>So there are real reasons. I tried to collect some of them. My
>>favorite is the dog-shit case. A woman entered a bank with a (rather
>>young) kid on her hand. The kid had dog-shit under the shoe and
>>sullied the carpet. The folks in the bank used the video logs
>>combined with the ATM logs to find the accounting information, real
>>name and address of that woman. They invoiced 110€ for the cleaning
>>of the carpet and took it directly from the identified account.
>
>That's an unfortunate scenario. However, that same video tape, etc was
>also used to identify the person who helped rob that bank a few days
>later. And similar records were used to help someone who didn't receive
>the proper credit to his account.
>
>My point - There are going to be legitimate exceptions for the use of
>data. And each exception should be weighed on the merits - benefit to
>creating the exception vs risks of keeping the exception. My issue with
>your approach is that you aren't really explaining what you think the harm
>is to allowing my specific exception.
>>
>>This small misuse may inspire you what you could do if you know the
>>entire search history of a person. Or the entire clickstream of the
>>last 2 years. For the moment, the possible manipulation is used for
>>commercial profit, but we already see the beginning of the use of
>>all this in elections.
>>
>>It is therefore essential that somebody can just indicate to the
>>system not to be recorded. And that the system just does not record,
>>or at least throws away after a very short time. So DNT is just a
>>tiny tool, a little aspect in this overall picture. But it could be
>>a useful tool. Now you may understand that recording the same
>>information for accounting or PCMCP (a pure use limitation that is)
>>is not sufficient for most people.
>
>What are these people you cite? Are you representing the interests of
>consumers in the same way that Jeff and John are?
>> 
>>
>>Note that the EU folks can simply ignore this debate as they have
>>laws anyway that prohibits you to collect (retain for Roy) or store
>>that retargeting - information without a right out of consent or out
>>of legal permissions. So this is a debate for the unregulated
>>market. How far does commerce go to save democracy? An interesting
>>question. For the moment it is just the consumer protection dialog
>>we have. And the PCMCP case is good, because it shows that there can
>>be a conflict between 1/ and 2/ above, because of measures for
>>consumer protection that can only be achieved with more control and
>>data collection about consumers.
>>
>>Best, 
>>
>>Rigo
>>
>>
>>
>
>
>
>

Received on Monday, 1 October 2012 21:28:40 UTC