- From: Robert Hazeltine <rhazltin@bacall.nepean.uws.edu.au>
- Date: Mon, 26 Feb 1996 11:21:53 +1100 (EST)
- To: Derek Harding <derek@tpdinc.com>
- Cc: Murray Altheim <murray@spyglass.com>, hallam@w3.org, www-html@w3.org
Hi Derek On Sat, 24 Feb 1996, Derek Harding wrote: > At 12:33 PM 25-02-96 +1100, Robert Hazeltine wrote: > > > >Maybe people two generations hence might find the ideas of transferring > >data - both personal and business - without human intervention acceptable > >as a principle. I do not. > > > > be linked with this sort of proposal that allows another systems to > > probe for information on a particular workstation. > > Unless I have misread the proposal, this is not a part of it and is not > being suggested at all! Furthermore nothing in this proposal allows any kind > of "probing" as you seem to believe. (Hence my comment that perhaps you have > misread the proposal). The proposal to provide a mechanism to allow templates within HTML seems innocent enough and the proposal, as I understand it, does not provide a mechanism for unwarranted intrusion into privacy. But that's the rub - it does not provide any security to prevent it either and people seem so conscious of computer security, etc in other respects that I am surprised that the same weight (at the very least) has not been built into this one. Already there are programs that 'roam' the Internet, and I assume that a particular kind of information would not be difficult to target, right? Already there are some "interesting" applications like NetWatcher that can be called on by your local friendly sysop. I do not see much protection of personal information once he/she takes over your session, do you? How long will it be before the scope of such an application is extended and then into the hands of someone who less than scrupulous? I assume that most, probably all, the subscribers to this are quite computer literate and know the strengths and weaknesses of the technology they are using. However, not everyone is in the same position. As I expressed before, there is a volatile mix of technology and ignorance of it in the community at large and used the example of the "Registration Wizard" of Win95 where I see people push buttons without realising the consequences of what they are doing or knowing what the application was designed to do. > As I understand it the proposal is suggesting is that a protocol may be > developed which allows common fields which many users fill in everyday to be > pre-filled automatically should users wish them to be. Users will then be > free to submit the form in the normal way or delete any fields they don't > wish to send, or modify the information prior to submission, or finally, not > any have fields automatically filled in. The practical difficulty here is to determine what data set is going to be used or, just maybe, standardised. As I understand one of the later posting to this group, w3 are going to pass the buck to a standardisation organisation and, while expressing concern for privacy, seem to be maintaining the line that this mechanism of providing templates is safe. If the mechanism is available, it will be used - standardisation or not. From my experience with international standardisatiion bodies, they are more inclined to business information and not personal information, per se. Apart from which that information is designed to be used in a CLOSED computing environment (SWIFT, for example). I do not see why a government delegation (a western government, at least) would even let get to the agenda stage precisely because of the concerns I have raised in this forum. > The proposal does not make *any* provision for automatic submission or > transfer of information in any way shape or form or for any "probing" of > machines either. IMHO, the proposal is not only weak but it is also pernicious because a template mechanism does not provide any protection for the individual from unwittingly disclosing personal information, whether or not the information is encrypted or standardised is irrelevant. As a matter of fact, it simply does not protect. In short, I believe it to be faulty both in conception and design. Even from a systems point of view, it would not stand up to much duress. Rob... Robert Hazeltine r.hazeltine@nepean.uws.edu.au Library Web Support http://www.nepean.uws.edu.au/library/
Received on Sunday, 25 February 1996 20:00:09 UTC