Slashdot Mirror
Hollings Introduces Privacy Bill
Dynedain writes "Senator Disney (aka Hollings) is apparently trying to get on techies' good side. ZDnet is reporting he is proposing a bill for 'net privacy' requiring opt-in agreements when companies want to sell 'sensitive' information (medical history, sexual preference, etc.) and opt-out agreements when selling non-sensitive (buying habits). US Chamber of Commerce is opposing this." Another article on Newsbytes notes that there are likely to be several privacy bills floating around, offering different levels of actual protection.
I've seen him referred to as "Senator Hollings (D-Disney)".
Best Slashdot Co
The Direct Marketing Association (DMA) said it continues to support industry self-regulation on privacy.
As much as I dislike legislation over industry participation, I'd have to agree with this type of legislation. The DMA has done far too little for too long to keep going with "industry regulation".
Sorry, DMA, you've run out of chances.
If I weren't nailed to the penis, I'd be pushing up the daisies!
Now /. has another guy to have a love/hate relationship with.
Anyways, he's not trying very hard. All information that could be shared should be opt-out. Sharing very private information, like medical histories, is already well protected, and people's tendency to not notice opt-out options for buying habits and such will do nothing to stem the flow of spam and junk mail. Oh well.
...unless it gives 24-hour time. Or if it also displays the date. Or if someone keep screwing with it and all.
In any case, I wonder what his motivation is for this proposed bill. Is Disney interested in protecting their own digital privacy? Perhaps he's planning on expanding the bill to include much of the implications of the CBPTDA or whatever it was called...perhaps Disney thinks that such a law could warrant "mandated privacy devices" that would have the same effect.
After his last proposal, I cannot trust Hollings no matter what he offers.
STOP MISUSING APOSTROPHES, YOU MORONS!!!
The idea that the opt-in is for 'sensitive' information and opt-out for 'non-sensitive' information should apeal to most people.
The problem lies in what is 'sensitive' information and 'non-sensitive' information.
It can vary wildly based on context and how the data is processed (the old, unique Id is the only directly identifing feature but link it to too many data references and you have the complete individual).
If you think about it, the proposal can never be policed.
ERR 411[Max number of witty sigs reached]
I dont see why your buyers habbits should have to opt opt. They should opt in as well. I buy something online They should ask me if I want my information spread to other companies or not. and Not just send the information and have me ask them to stop. By that time I realize I am on the list my Data would be spread to hundreds of sources and I have to opt out of each one.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
So let me get this straight, the enforcement agency would be the FTC? They're under staffed and over lobbied as it is. I predict preferential treatment and spotty enforcement. Tha't's assuming that there would be any enforcement at all of course.
The Direct Marketing Association (DMA) said it continues to support industry self-regulation on privacy.
Well what a f**king suprise that is!
"I fear the Greeks, even when bringing gifts"
-Virgil (70-19 BC)
Please email all complaints to root@127.0.0.1 and the issue will be dealt with in due time.
> The Direct Marketing Association (DMA) said it continues to support industry self-regulation on privacy.
I get the feeling they've already mailed out 50,000,000 emails and 40,000,000 smail mail flyers to convince the public of this.
"Old man yells at systemd"
Bravo! Finally, a government official who DOESN'T want all our information to be completely public...hopefully, this one won't support the "Passport/National ID" thing that has been getting some attention lately...
GOD DAMNIT , MODERATE ME!
Hollings seems like a pretty smart guy, he knows where the money is. I bet he knows that privacy is at best an illusion and at worst non-existant. This is just a play to get people off his back.
From the article:
The U.S. Chamber of Commerce, however, disagreed. The organization opposes Hollings' proposal, saying it would hinder online commerce and would open a plethora of class-action lawsuits.
"This proposal is nothing more than a solution in search of a problem," Bruce Josten, executive vice president of the organization, said in a statement.
Someone please spam this guy.
heh. you could get married once in a lifetime, but for running after FP, you must be a flaming geek :D
That's what I get for posting half asleep. That should, of course, be "all information that could be shared should be opt-in.
Ugh.
Is the /. crowd in favor of privacy legislation or do we take a Libertarian viewpoint on this as well and call privacy legistlation an affront to free speech?
Viddy well my droogs, you don't want to be hypocritical here.
Privacy bills like this will have a huge impact on the consumer's protection, but also have a huge cost to growing internet companies.
nuclear iraq bioweapon encryption cocaine korea terrorist
ok links Thank you Google!
"If a quarter is two bits, then a dollar's a byte." -R Deric Miller
..it's possible to be on both the bad and good sides of an individual, group, community, etc.
Replace the Privacy with Piracy, and you get the former CPDBODJTO (you know what I mean). Hey, at least a lot of his sound bites are already written.
When this bill actually comes out, we'll have to make sure there are NO RIDERS on it. This would be a perfect opportunity to do so, since this proposed legislation has a chance to pass.
Karma? Karma? I don't need no stinkin' karma.
I must say that I'm impressed that Senator Hollings would propose this bill, but I believe he is accurate when he says "Privacy fears are stifling the development and expansion of the Internet as an engine of economic growth."
My concern with this bill is who will actually enforce it if it becomes law? It's nice to have theoretical privacy, but will it really work in practice? And if it turns out to be enforceable, what stops the disreputable businesses from relocating outside of the US?
www.timcoleman.com is a total waste of your time. Never go there.
What makes you think that you have some inherent right to "online privacy" or "online freedom"? I don't see that in the bill of rights or the constitution itself, do you?
That's because you can't fucking read. The Constitution is a document that gives powers to government. If the power isn't listed, then the government doesn't have it. No where is the power to infringe upon "online privacy" listed. Therefore the government does not have that power.
The founders figured there would be dumbasses like you sooner or later, which is why the anti-federalists demanded that the 9th and 10th amendments be included. Unfortunately, even their great wisdom could not predict the depths of idiocy into which you and your kind have sunk, where simple phrases like "shall not be infringed" and "reserved to the states, or respectively the people" are beyond your comprehension.
What problems does the dept. of commerce see with this bill? It would be nice to have uniform standards, similar to how credit card info is protected by law.
-- Adam
Nope, Eisner is sweating bullets that someone will access Walt's medical data and find out that he was scheduled for revival in 2001, but that some one named M. Eisner MD, delayed the procedure till a date (in true MD handwriting) that looks suspiciously like "hell freezes over"
You either believe in rational thought or you don't
Listen, if Hollings is sponsering this bill because he wants to "make-up" with the tech-community, then the worst thing the tech-community can do is continue to boycott him.
Make the message clear, that the community will support good bill but go ape-shit crazy on bad ones. If he gets a bad reaction still, he's just going to write off the tech community as a special interest group that he has no chance of winning over. In that case, he'll say screw you to all of us and just go on taking blood money from disney.
Don't make it personal, it's simply politics. We just have to play the game.
int func(int a);
func((b += 3, b));
and opt-out agreements when selling non-sensitive (buying habits
Since when are buying habits not sensitive? What if you're buying cream at the pharmacy for your genital warts? What if you're buying a particular product for your spouse, or for a friend? What if you're ordering porno over the net? (They don't ship it in brown paper covers to your house because nobody cares whether anyone else sees it or not) What if you're buying a drug for a medical condition that you'd rather nobody knew about? Sure, Mr. Jones, we don't have access to your medical records, but we see you've been buying AZT, and various magazines and books written by people infected with HIV as support tools. Hmmm.....
Sexual preference, medical history, and lots of other things are tied to what you buy. I don't see how they can say that buying habits aren't sensitive.
-- Truth goes out the door when rumor comes innuendo. -- Groucho Marx
Sensitive private characteristics:
Sexual Preference: Heterosexual
Medical History: Pretty healthy, alcoholism runs in family.
Crinimal record: One speeding ticket, not much else.
Yeah, those are pretty private
Non-sensitive private information: /., weightlifting websites, finance, and geeky websites. straight pr0n.
Buying habits: Alcohol, Straight Pr0n, exercise stuff & vitamins, no medicine
Web browsing habits:
Whoa. My non-sensitive information is extremely suggestive of my sensitive information, wouldn't you think? What gives? Is it more complicated to make all privacy information opt-in? It seems like it would be less complicated to the irony nazi.
Bringing irony to the Slash-masses
This got me thinking that when you go into a store, in the very least, employees and gauge the demographics they are catering to, and adjust the way the store operates accordingly.
You have to admit, much of the information they want when you buy (where ya from, how old are you) is 'casually' available in physical stores. Online retailers have no such luxery of asking their sales force (cause there is none) who's buying, so I really dont think it's asking to much for the companies to want the provision of that kind of information to be standard procedure when buying online.
The physical retailers can provide this information based on sales data, the retailers physical location, and by virtue of the sales force being physically located where the buyer is. Virtual retailers arn't asking for anything new, other than potentially the granularity (IE, you live in this zipcode instead of you shop in this zipcode.)
The Direct Marketing Association (DMA) said it continues to support industry self-regulation on privacy.
I support segreating 'opt-in', 'opt-out' not by what information is collected, but by what you are allowed to do with that information. 'opt-out' collection should allow retailers to do internal aggregated sales analytics, while you MUST provide 'opt-in' collection when you wish to use that information to proactively contact the customer.
"Old man yells at systemd"
Could there be a connection?
Use the anology my mother often did, if I had to tell [everyone in China] not to bug me, I'd spent more than a lifetime doing so. Ergo, the time of my life isn't worth squat to the people who'd waste it, but they'll be happy to tell me how much they value me as a customer, yada yada yada.
If [everyone in China] had to wait until I said "ok" to each of them, I'm allowed to pick and choose, and if I do opt-in, they should value me much more as a potential customer rather than just wossname somewhere on the list. Granted this is US law and has nothing to do with China, but there's enough people pestering me already that it's a problem.
BTW, just got some auto-downloading email-spam yesterday, two of them. So now you don't even have to visit websites to get that sort of invasion.
A feeling of having made the same mistake before: Deja Foobar
This law injects the government into internet technology through detailed definitions of privacy, sensitive vs non sensitive, etc. much like the DMCA (whatever it's called now) injects government into internet technology and definition of digital rights. Once the government gets into the habit of regulating, it won't stop. You might like government mandated privacy, now. But what happens when government changes the definition of "sensitive information", probably due to lobbying pressure.
Both these laws create a power axis between congress and lobbyists that leaves out the people in general and technologists in particular. Oppose all these laws.
Sen. Hollings (D-Di$ney) writes a bill called SSSCA. Technology industry hates it. EFF sounds an alert.
Hollings clarifies SSSCA, renames it CBDTPA, and introduces it in committee. It explicitly prohibits interference with fair use. But the technology industry still hates it. EFF sounds an alert. Some Slashdot readers claim that Hollings renamed it to cause confusion. They begin to refer to Hollings's policeware bills as "The Hollings Bill".
Hollings introduces a new bill that Slashdot readers may like better. EFF likes it. But now the term "Hollings Bill" has become ambiguous, making it harder to talk about future versions of what is now called the CBDTPA.
Or is this new bill part of the CBDTPA family? As Dimensio suggested, does Hollings intend to add the CBDTPA as a rider to this bill?
Will I retire or break 10K?
Slashdotter:
"Face it, the days of copyright are numbered. Information wants to be free!"
"We need really strong privacy protection, because I wouldn't want to live in a world that didn't have it."
Big corporation:
"Face it, the days of privacy are numbered. Information wants to be free!"
"We need really strong copyright protection, because I wouldn't want to live in a world that didn't have it."
So, what's the difference?
--Dave Rickey
It all comes down to whom do you trust with your private information, and what information you yourself deem to be private.
Individuals are going to have to decide this for themselves. Trusting the government or advertising drones or Microsoft to keep your information private implies rather a lot of trust. Have you met these people? Told them about that time in 4th grade where you experimented with the chronic? Who knows stuff like that? Your closest companions at best.
Privacy must be individually taken, kept and defended. It's not a gift to be handed down from on high. Each person must learn to defend their privacy on their own, and determine just what they consider private.
Hate spam? Find a way to fight it, and keep your e-mail to yourself (or at worst, make up a free one). Don't believe the registration cards. Use a fake name on your phone number, or keep it unlisted. Give no one your SSN unless they can provide proof of needing it. Make sure you know what constitutes real proof. Never say hello twice when answering your phone. Turn off cookies. Set up trusted host lists.
It's hard, yes. Joe Public won't know how to do it. OTOH, Joe Public may not care, or may not spend 10 hours a day cruising the net, or may never buy anything from anyone online.
Know the risks, take pains to minimize them, and stay vigilant. It's the only real way to keep your privacy.
Do not touch -Willie
Eisner is sweating bullets that someone will access Walt's medical data and find out that he was scheduled for revival in 2001
Myth Busters! Walter Elias Disney wasn't frozen but instead cremated two days after he died.
Will I retire or break 10K?
the SSSCA/Cable-thingy-whatever-confusing-name bill is to damn evil to ever get me on his good side. I don't care if he proposes a give $1 million to everyone bill...I will still hate him(though I would like the money :-) )
I am the Alpha and the Omega-3
If a private individual or corporation resorts to the courts, then it becomes a government action.
Fight Spammers!
Heh, that wasa pretty good troll...you should've logged in first.
I agree with the spirit of Hollings' proposed bill (and it pains me to say that). However, my "ideal" online privacy law would be:
1. Companies are forbidden to share/sell/reveal, intentionally or not, any information that a consumer gives to the company or authorizes the company to obtain unless expressly authorized by the consumer. So, anything that you give the company can not be shared with anyone else unless you give them permission to do so.
2. Companies are forbidden to share/sell/reveal, intentionally or not, any information created through consumers' transactions with the company that can be associated with a partifular consumer unless expressly authorized by the consumer. In other words, Company X can tell a marketing company that Y consumers purchased Product Z. They can NOT say that Consumer A purchased Product Z unless Consumer A authorizes it. If the company creates the data, they can use it, but can only associate the data with particular consumers with permission.
3. Any permission given for a company to use your data must be an informed decision. The company must provide to the consumer who they will share the data with (specific comapnies), what data will be shared, what the receiving company will do with the data, and what the company will get for sharing the data. This information must be provided to the consumer before she agrees to give permission, not something that can get received "on request" later after agreeing.
4. Companies that violate these three premises will be fined by the government and there will be a procedure set in place for consumers to collect damages.
Hopefully, this would prevent companies from playing fast and loose with your information and force them to make sure that their systems are secure (note the "intentionally or not" would cause the company to violate this "law" if some third party, such as a cracker, gets the data).
Self-regulation doesn't work. There will always be someone who will violate the "regulations" that the industry comes up with. The only solution is a legislative solution.
You deserve neither!
Fight Spammers!
n/t
Holling's move makes more sense than you realize.
I commented several months ago about this but couldn't find it using the search engine, so I'll just repeat, roughly, what I said earlier.
Privacy advocates and advocates of Content Use Restriction (DRM) have a shared goal.
You, the liberty loving individual, don't want big bad governments and corporations using data about you without your permission. You want control over that data.
Purveyors of digitized content don't want tiny bad people "pirates" using their data without their permission. They want control over that data.
A rock-solid data tagging and protection system, (you know, the impractical kind) would provide a means to meet not only the needs of individuals seeking ownership and protection of their own data from duplication, but would simultaneously provide similar technology to media distributors seeking ownershop and protection of their data from duplication.
When I first realized this I was kind of taken aback, because, like many here, I've always place a higher value on the protection of my data than on the protection of someone else's data. That same disconnect will continue to confuse many advocates on both sides of the issue.
My own view is pragmatic: if it were easily possible to protect data this way, fine. But it's not. Once it's out there, it's beyond your control, just as for millenia, your spoken and written words have been able to disseminate beyond your control.
"Provided by the management for your protection."
Without being able to find the text of the bill and read through it a couple of times, I'm concerned that there's more hidden in there than the news stories would indicate. Without some insight into how the bill would work, how he's proposing enforcement and implementation methods and oversight, what's to keep it from becoming just one more Christmas tree bill with access control features tagged on for good measure?
This makes single-issue voting pretty tricky. I had my doubts about some of the calls to "vote the bum out" over the CBDPTA(?) nonsense simply because my political views are more in line with the (D) side of the aisle. I'm glad I'm in NC now and don't have to make *that* choice.
...gives the right time twice a day
I actually have a hunch about this. I made a comment about the Disney backed bill earlier and someone replied that it probably was less our lobbying than Intel's money behind the policy-makers. I don't know if I agree, but it is certainly worthy of ponderance. Given that, I cannot help but wonder if he had previously received campaign moulah from a tech company (not saying Intel, but someone like Intel) that got really peeved with him and thus quit supporting him.
Is there some soft-money involved here? It would be great if I could just say he just wants our votes and is trying to make friends, but he should know better really after his previous attitude. He should realize he can't get our trust back. Of course, maybe the voters of South Carolina are more likely to forgive and forget than I am.
Liora
When you look at this bill and the DRM bill he's proposed, on thing is clear: this bill is the legislative equivalent of getting a big kiss on the lips right before you take it up the bum.
Whatever happened to JonKatz?
OPT in on everything is required and a federal fine of $1000.00 per incident of releasing the unauthorized information and every use of it thereafter.
I can hear the marketing dweebs already... "OMG you'll destroy marketing, and all bssnisses, the world will spiral into oblivion if we dont know you buy generic toiler paper every other thursday with your debit card!"
again I say.... Bullcrap.. the world will continue, we will still see commercials, and things will continue EXCEPT they have to actually ask for the information now... it's like businesses are allowed to not have manners...
Do not look at laser with remaining good eye.
Then when he gets all the techies to support this bill, he'll attach the SSSCA/CDBITPA as a rider. Then what? Gonna do a 180?
I find it suspicious that after such a pro-corporation bill, he's proposing a pro-consumer one. Either he has a bizarre set of values or he's trying to gain favor for some reason. Either way, I think his past track record should speak for itself. There are other privacy bills; perhaps Mr. Rick Boucher will propose one that's worthy. He seems to be the only congressperson with any sense of technology/privacy issues at all.
rooooar
Why does Eisner have such a similar name to Disney anyway? It's only two tyops away.
Is this like those really dodgy vampire movies where we find out that "Mr. Alucard" is actually Dracula under a pseudonym?
"Why did they cancel my favorite Sci-Fi show? I downloaded ALL the episodes!"
I don't see how the "selling" of medical information is legal at all. I worked for a company who made software for the health care industry, and there's some serious laws regarding protection of medical information. Both parties sending and receiving any information must have written signed guarentees that the information will be kept private. This act is the Health Care Protection and Acountability Act (HIPAA).
A simple opt-in (ala Yahoo! i'm asuming here) wouldn't abide by the laws set forth in HIPAA.
I'm surprised Hollins even brings medical information to the Internet. Most medical facilities I worked with had stricit protocols or strict seperation regarding sensitive data and the Internet. If any information was sent at all, it was either via FAX, hardcopy, or on a secure connection (via CarbonCopy, or similar program).
The only people who need my medical information are my health care providers.
How is this a good bill? On the plus side, yeah, we have to give someone permisssion to sell our "critical" data. But who's to say that won't be buried in an EULA?
And as Yahoo! has recently proved, automatically opting people in to recieve spam (since that's what the 2nd part of this legislations basically proposes, after all... they sell your info, you get spam) and making them opt-out leads to people getting bent out of shape. Why should companies get the right to ASSUME that I want to recieve spam from whoever they feel like hawking my info to?
A privacy law with teeth would have opt-ins across the board, and a clause saying that each opt-in must be clearly labelled as such, with no "bundling" of opt-ins implicit in any other action.
AHHHHHHH! I'm burning with goodness again!
- Reakk, Sluggy Freelance
he will take this pivacy bill, tone down the cbtp-blah, smuch them together and call it the "Internet economic relief and proliferation act" (IERPA)
since that seems to be a common theme in his bills.
I am the Alpha and the Omega-3
If he needs techies' support, then that means the CBTPA is not guaranteed passage in Congress. Furthermore, it means that after having pursued ALL OTHER special interests in the US, he's STILL come up short of the support he needs for passage, and that he's gone to techies as a very last resort.
:)
This is a good sign
This space left intentionally blank.
Just wait for it to get out of committee and have Hollings tack on an amendment that looks amazingly like the CBDTPA. Senator Leahy killed the CBDTPA by refusing to let it out of committee. Hollings could have had a change of heart, and suddenly become interested in individual privacy rights - but I wouldn't bet that way.
[Insert pithy quote here]
Remember that the US Senate is one of the great bastions of political gamesmanship.
:)
It's probably a safe bet that Hollings hasn't suddenly switched his basic pro-media position. If that's so, then this bill may well be a maneuver to counteract someone else's bill.
For instance, in the recent campaign finance reform debates, the opponents of CFR floated a *better* bill, that they knew would not pass, as a way to divide the support for a CFR bill that might pass. This could well be a similar maneuver.
Pay close attention to the men behind the curtains.
With reasonable men I will reason; with humane men I will plead; but to tyrants I will give no quarter. -- William Lloyd
The incredible state of almost is where this comes from. I suppose some compromise will have to happen, but in an ideal world, to me, things would opt-in, and any change would be required to be very explicit and specific. That is, if one opts into Company A for XYZ, even Company A can't bug one about JKL as that was not opted into.
I'm not entirely sure I want law for privacy, as omissions in it might be seen as an invitation to do questionable things. But then having no law seems to be doing the same.
Perhaps a law of reciprocity? If someone want information about me, first they must supply me with the equivalent about them. For any limit they want on what I do with that, I get to put a limit on what they do with my information - and it need not be the same limit (since I'm not doing what they are, most likely). Dream world? Yep, alas.
I don't subscribe to RMS's GNUtopian vision.
I understand that this senator is trying everything he can to please his employer (obviously not the US gov't), but he also doesn't seem to remember how he got there; on the vote of the people.... I will admit, he is scurrying around, getting his name noticed, but it isn't necessarily a positive thing to have your name popping up on a weekly basis because your employer (Disney) yanked your string....
...we are from the government - we are here to help...
Is it any coincidence that Hollings is the spokesman for all of these bills that are harmful to consumers, but loved by Hollywood? Quite simply, no one in South Carolina cares. I live in South Carolina and I haven't heard any media converage about this.
Hollings is the spokesman for this because he won't take any heat from his constituants. As long as he brings the pork back to Charleston, he'll keep getting re-elected. (Let's face it, getting re-elected to the Senate in South Carolina isn't that difficult.) South Carolina is perhaps the least techonologically savvy states in the country (#1 in percentage of population living in mobile homes, #1 in rates of STD infection, #51 in SAT scores.) People here are too concerned with the damn Confederate flag to notice.
My point is that Disney has lots of other Senators in their pocket. It's just that only Hollings can be so blatant about it.
Opt out for purchasing info?
No thanks. Opt in, maybe.
The only person who should be making money off my purchasing info is *me*.
Privacy bills are generally a good thing. We Slashdotters would rather bash Fritz Hollings for the other legislative idiocy he's been trying to pass.
Note: Do yourself a favor and don't actually click on the Fritz Hollings link.
The real problem with privacy legislation is that the law needs to define clearly something that is very context-sensitive and subjective.
More amusing and insightful than informative, NPR's David Weinberger a week or so ago ran this commentary about how as a digital society we are losing the subtle art of determining the context of information.
In case the link gets /.ed, the fundamental points are these:
How do we handle this as a society? How should I know? I had hoped we had elected people smarter than I to figure it out, but after seeing Enron and now Hollings, I'm beginning to despair of that notion...
He looked at me and said, "Kid, we don't like your kind, and we're gonna send your fingerprints off to Washington."
It doesn't really matter if I need to opt-in. The day after the Bill is signed into Law, Lawyers will add the following line to the click-through licenses on their spyware products. "I here by grant full access to all personal data...."
I imagine the motivation behind this is so that the bill can later be amended to include CBPTDA provisions. By doing so, if they fail to pass the legislations he and those that support him can reign fire down on the opposition by saying they are anti-privacy. It is cases like this that make a line-item veto authority for the president very attractive.
"The U.S. Chamber of Commerce, however, disagreed....saying it would hinder online commerce and would open a plethora of class-action lawsuits."
I must say, I really despise this argument. Doing the right thing, even with regards to law, should not be put on the backburner simply because it's regarded as "too much trouble."
The fact of the matter is, would you really be upset if every spammer on the web was hit with multiple class-action suits? Do you really think the economy would be harmed if I got a little less pr0n in my inbox every day?
Didn't think so.
"Isn't that the sweetest little well-balanced undergraduate-level philosophy of life."
Here's how I see the privacy issue. First off, sensitive personal information should never be shared without explicit, up front consent -- not just a lick through.
On the issue of less sensitive information, I think we will eventually have two choices. The first is to simply accept that our information is being shared and continue to use the service without additional fees. The second is that we do not allow our information to be shared in which case the content providers, such as Yahoo, will have to find some way to make money -- ie - charging for access and other services.
I hate having my data sold/being spammed as much as the next guy, but I wonder if banning this won't have the same effect as banning crypto export: they'll just develop and do it outside our borders. Then even federal law has no jurisdiction to stop them. For example, large US based web service provider could set up a shell company in the Bahamas which runs its website, collects all the marketable data, and sells it...
The problem with laws on the Internet is that they're not of a larger scale than just a nation, so the only way to deal with privacy violations, spam, etc. is: 1) on a global basis or 2) a technical solution or 3) to have people not be stupid and give out sensitive information. Since (2) doesn't apply, and (1)'s not going to happen any time in the near future, (3) is the only way to go?
Given his track record, I have to assume Holling's latest initiative is merely a smokescreen for CBDTPA/SSSCA. I can't wait to see the Disney ammendments.
Isn't is possible that Hollings sincerely believes that the internet is not living up to its promise as a vehicle for economic growth, and he somehow has come to believe that he has been chosen to spur that growth? And that by some good fortune he has been blessed with superior sight and insight into how to do that?
The biggest question to you now is whether to mod this post up as funny or down as flamebait...
"never ascribe to malice that which can be written off as incompetence"
He looked at me and said, "Kid, we don't like your kind, and we're gonna send your fingerprints off to Washington."
That's funny, all of our Unix workstations have root's mail aliased to helpdesk@mail, so your advice would actually work...
Any unsoliticed mail, whether snail or email, that offends you or that you did not request should result in an automatic $500 dollar fine upon filing a complaint. If enforced strenuously by the government, spam and junk mail goes away in months.
Never happen though, too many liberals rely on weakminded individuals awed by full color lies sent to them each election year to allow this to happen.
You should be here in August, when Congress is out of session.
Best Slashdot Co
How do you define internal? Are subsiduaries internal? Are alliances internal? If company A sends a consultant team to company B for 1 year, are they internal employees? If I sign a nondiscosure agreement that makes me a temporary employee, am I internal? What's internal and what's external is extremely vague in the corporate world.
Now if only google can find me the woman of my dreams...
His brain was kept intact to be inserted into a ultra-sophisticated Ninja android whose purpose is to flip out and kill people!
The preliminary work with the animatronics of the Hall of Presidents and that home of the future thing were just the beginning. The additional work with that Robin Williams, voiced Time-Travel Robot thing is a closer step...
Soon, Walt will return for us to bow down to his greatness! Otherwise, he will just flip out and kill people, just like a real Ninja!
It's funny, laugh.
---
.sig seperator
---
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
How's this for a cynical hypothesis?
Disney doesn't care about the stuff that will be "sensitive." They would like to trade in the stuff that will be "non-sensitive." Opt-out doesn't hurt them too much, because few enough people will exercise it; but opt-in would damage their interests a lot. By passing a law that makes that stuff opt-out, they take the steam out of any future efforts to make it opt-in: "We don't need any more laws, marketing information is already regulated enough!"
I run a website that uses slashchode. Now, this asks for certain bits of information. I don't have any intention of doing anything with this information and I'm not any sort of commercial entity. Am I to be held to the same standards about opt-in and opt-out agreements?
This sig has been temporarily disconnected or is no longer in service
Here is an older version of a similar bill which was sponsored by Hollings in 2000.
If this does for privacy what his "Consumer Broadband and Digital TV Promotion Act" does for my digital equipment then you can pretty much wave goodbye to your privacy!
legislation will fix things so that only wealthy corporations can
"trade" personal information?
Regards,
proclus
Good Bill? Bad Bill?
No bill, please. Like all bills, somebody has to pay, and it should be neither you *nor* me.
I don't want companies to use my information without my permission, and I want to be able to give my permission. Hollings' mistake is in thinking that it's his right to tell business owners how they're going to run their business, and telling me, in effect, what business practices I'm allowed to deal with.
Get off my back!
If aspiration is a virtue, achievement cannot be a vice.
This bill gives a little bit that what we want, but continues to take more away. Infact, it insures that those things would be leagle. And some idetifies of our personal information as non personal.
They will still be selling our infoarmion, it just insures they can sell it, and offers and opt out.
There should be a law that makes it completly illeagle to sell peoples information. Not the other way arround.
ok, I'll stop now before I get to mad . .
The spirit of resistance to government is so valuable on certain occasions that I wish it to be always kept alive
This is a very simple debate if you look at the type of data being collected. A vocal majority of web users know that a good deal of information about them is tracked every time they go to a website or their favorite porn site. Most are content with allowing this information to be tracked as well as long as it is under the premise of being anonymous. When a site tries to tie in personal information, that is where the line needs to be drawn and opt-in needs to be specifically required (without questionable tactics such as pre-checking boxes allowing the user to be mailed by 3rd-parties).
People are willing to give up a lot of information about themselves when you promise that the data will be anonymous or in aggregate format, and for the most part, companies have no problem with this. The ire of the masses is resounding when companies don't use this information in the manner intended or attempt to use it to create marketing profiles per user. I don't mind buying things, but I also do not want "HOT!!! DEALS!" crammed in my inbox and down my throat.
So to Senator Hollings, I ask that instead of laying more restrictions on companies that will either get blown off or result in a plethora of legalese every time you sign up for a mailing list, he should focus more on making sure that his proposal is simple and understandable by both parties (COPA is a good example of how ALL personal data should be handled).
Hammer of Truth
They can't tell me your sexual preference ...
That would explain why I get emails about "Jenny and her HOT Asian Whore-Friends!", "XXX Man-On-Man Action!", and "Getting Down On The Farm!" all in the same day.
Tuus crepidae innexilis sunt.
Never confuse volume with power.
ZDnet is reporting he is proposing a bill for 'net privacy' requiring opt-in agreements when companies want to sell 'sensitive' information (medical history, sexual preference, etc.) and opt-out agreements when selling non-sensitive (buying habits
An interesting observation I just made:
When the data belongs to the consumer, Hollings (D-Disney) wants the data to be copyable. He'd be committing political suicide to not ask for at least some restrictions, so he introduces bills like this. As for the 'non-sensitive' opt-out data, I don't consider opt-out to be a restriction at all. I'll still get the spam, and (especially seeing how email spammers work) it's not exactly easy to trust anybody to honor opt-out requests.
BUT...when the data belongs to a corporation, he doesn't want it to be copyable at all. Witness the DMCA and the SSSCA/CBDTPA.
Now. Try and tell me he isn't biased against consumers and towards corporations.
I pledge allegiance to the flag...
of the Corporate States of America...
Do you believe in death after life?
why do we need laws to tell us what information is too sensitive and what isn't?
you know what? if you get asked about your religion and it offends you... DON"T ANSWER.
if you know of a site that tracks you and you don't want them to sell that information... DON'T SHOP THERE.
and you know what? maybe, just maybe, the free market will regulate itself when people stop shopping at intrusive vendors.
this is _not_ government's job. this bill will not stop spam. most legit companies already have well defined privacy policies on their websites so you know what you're getting yourself into.
all in all, this bill accomplishes actively nothing, and yes it is nothing more than a front to appease opponents of his other bills...
Will he just attach his stupid new copyright bill to this privacy bill in the dead of night?
"I don't think it's selfish, to eat defenseless shellfish." -NOFX
The problem is that ithis isn't a privacy bill... quite the contrary. It's a bill that allows the government to stick its nose into how you run your web site.
If they want to pass a privacy bill, they should put restrictions on the IRS, and limit what they can do with all the information they collect about you. Fact is, every bit of information on your tax return, every expense receipt, every source of income can be shared with any federal or state law enforcement agency that wants it.
"Before any company can collect, use, disclose or sell sensitive information, they would need the consent of individuals, a procedure known as "opt-in."
So your aunt Tudie downloads some stupid purple gorilla 'buddy' with some ass-crack EULA and inadvertently "opts in" to diclosing her medical history. Now a company known for its abuse of privacy can freely share confidential information that is currently under federal protection.
This isn't a bill to protect privacy - it is an assault on what little privacy is left.
http://seattletimes.nwsource.com/html/businesstech nology/134438173_passport18.html
As if things couldn't get any worse...
Several countries already have legislation to control these matters. Norway has a system where anyone who wants to register personalized sensitive information (which mostly coincide with what Hollings thinks constitutes sensitive information) has to get a permit. The feeling is that company X does not need to know the religious beliefs of their customers, and if they feel they do, they should be able to put forward a good case citing why.
In addition, there are various rights individuals just cannot sign away. One of these is the more or less absolute right to demand deletion from pretty much every non-government database.
Solutions exist to these problems. The US just needs to find them.
Thank you. The last point is key. All opt-ins should require a seperate acceptence screen, independent of any EULA.
It's time for the law to make reasonable assumptions about the people it serves. Nobody has the time to read EULA's. They're ubiquitous. Any terms like these need to be surfaced, written in standard english and accepted individually.
Lawyers today know that the longer you make a EULA, the less likely anyone is to read it. So, by making the wording as horrendous as possible, while adding as many terms as their imagination allows, they can effectively get any user (who actually has USEFUL things to do) to sign away anything.
It's yet another example of the deadweight economic loss that lawyers inflict on the economy.
Scythe
he is still a pig f*cker. This bill does not hurt his dealings with hollywood and serves as a suck-up. He is a politician, the worst kind of cheating, manipulating scum.
This comment does not represent the views or opinions of the user.
It did take a look
s +C oward+woman+of+dreams&btnG=Google+Search
http://images.google.ca/images?hl=en&q=Anonymou
It's a shopping cart btw but if you look at the actual page there is a woman on it.
It stands for Consumer Broadband and Digital Television Promotion Act.
Let's design a standart form (much like
the nutritional values on food packages)
that easily point out all main privacy,
copyrights and license fees issues
almost on a blink of an eye.
All EULAs without the standart form would be
invalids
Whadayatink?
My buying habits might be something I care deeply about keeping secret ( for instance if I work ar Ford and buy only Chevys ) let's treat all data as sensitive.
Eat at Joe's.
The government, on the other hand, will do such things as take away my books and computers, shut me up and/or lock me up, then label me a terrorist and provide me with a home for life at taxpayer's expense courtesy of Bush / "At Her Majesty's Pleasure" (if you're in Britain).
Actually, it's closer to the truth to say that the CoC and the DMA are problems desperately seeking to evade a solution.
There is a serious imbalance here in intellectual property right. Media and software companies impose draconian licenses to prohibit even common-sense personal uses of data we pay for, drug companies claim proprietary rights over genes found in nature and research paid for with tax money, the executive branch of the government routinely invokes some vague executive privilege to keep secret evidence of wrongdoing on the grounds that it might impede future wrongdoing -- and then these turkeys want to turn around and say that we, as customers and citizens, have no right to control our own personal data?
This isn't just unfair, it's a scam. Moreover, there is already legal precedent to cite in defense of individual control over one's personal information. If Big Flipping Corporation wanted to use my photograph to market their products, they would not legally be able to do so without my consent (and, trust me, some serious royalty payments). And that's just my picture, which is not really integrally me in a more than superficial sense. But then, we are told that Big Flipping Corporation can use my gender, race, religious and political beliefs, and a list of my purchases at Amazon.com to market their (and others') products without my permission? Um, not to put too fine a point on it, but bullshit.
The really disturbing thing here is the level of arrogance involved. Yes, of course I realize that "customer service" is just a noise that comes out of the colons of marketing people, but there's some truth to the idea. In a free market (or what passes for one), it is not my privilege to purchase goods and services from a company -- it is their privilege. It would be refreshing if these corporate titans, full of their own Reagan-era hogwash, would clue into the fact that making money is morally neutral of itself, and does not entitle them to special privileges or to erode the foundations of personal privacy and liberty in the name of "creating jobs" or "fueling the economy" or whatever they're calling the accumulation of shareholder wealth these days.
I submit to them that if I want companies to stop calling me, stop sending me spam, and, for that matter, stop sending me paper junk mail, and definitely to stop using my personal information -- in short, if I demand that they stop harrassing me -- I have a right to force their compliance, and bigod, for once, Senator Disney has my support on something even if it doesn't go nearly far enough.
Proud member of the Weirdo-American community.
I highly suspect this is a red herring bill that would have some obscure line burried somewhere deep on page 1096 that would also pass that peice of shit legislation he proposed not too long ago to require digital rights management in all hardware.
Either that or that he would make it so this bill--if passed-- would make it impossible to enact/enforce unless his other less popular proposal is also passed.
A wolf in sheep's clothing, I say, until some has the chance to see the fine print in the final version. He has lost my confidence and support since his reputation, in my view, is forever tarnished until I see something that restores it.
Note: I'm not in the US, but US decisions have a way of being passed off as law in the EU... so this still concernes me.
I'm a techie, AND I DON'T WANT "PRIVACY". I want _balance_. If someone has information about me, I want access to information on them. I DON'T want the RIAA/whoever to be able to make any deals with ANYONE behind closed doors.
Total Societal Transparency.
Let _everyone_ know everything, if they want to. If a corporation has data on its customers, then the corporation should not be allowed any meetings behind closed doors.
Extreme example for illustrative purposes: surveillance cameras everwhere. Oh no! people cry... BUT: make the network Public Access, so that anyone, not just a privileged few, can tap in and keep an eye on what people are doing - and don't forget, other people will be able to see you watching, so don't be a perv.... i.e. it's a self-correcting way to run a society.
See David Brin's book, "The Transparent Society: Will Technology for us to choose Between Freedom And Privacy?".
Chapter one is available on-line here - I suggest all Techies read it rather than believing Privacy is necessarily a good thing.
If the choice becomes "Privacy or Freedom", I'm for Freedom.
How far would the RIAA or the WTO get if every person on earth was potentially privy to every bit of their meetings? All they usually currently give out is what they say happened, after the fact...
Privacy is what gives them their political edge. We should be fighting to destroy privacy, not uphold it.
And to be fair, we shouldn't want to hold onto our own privacy either. Paraphrasing Brin: "People always want privacy for themselves and accountability from other people - some people, even quite well-meaning and intelligent people [me: EFF?], do not see that their own position is illogical, asking for greater openness from others, and privacy for themselves"
Maybe Hollings has cottoned on to that, and is chucking away at the naive techies right now...
Choice of masters is not freedom.
So, perhaps what we need to find out is: How can an individual make it so their personal information is considered to be Intellectual Property? I suppose you'd have to not give it up voluntarily, but maybe there's something there. :)
When I was a kid, we only had one Darth.
You actually think HIPAA will protect patient privacy? Think again.
Darn right. The government has no business knowing my medical info, either. I work for a major health care facility, and the article I linked scared and completely surprised the people I've shown it to.
Constitutionally Correct
Ever heard of a "rider" or an amendment??
talk about a "poison pill", send this bill up with pieces or the whole of the CBPTDA (or whatever its named)attached as riders or amendments. Now: vote for it an you just voted in the CBPTDA. Vote against it, and you've just voted against on-line privacy.
This bill overrides some stronger state laws.
Might that actually be it's objective - to
pre-empt stronger ones?
Just my back brain gibber...
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
Sorry Senator, the cat's already out of that bag...
Computer Science is Applied Philosophy
Does R stand for "Media"?
He can tell me who bought this legislation and how they are directly benefiting from it!
Hypothetical Scenario: Does Disney not need to buy personal information (maybe they collect enough on their own?), so they are going to use it to prevent others from access to such information to prevent them from competing?
I don't claim to know in anyway the above is true, but it would seem possible. I'm certainly not stupid enough to believe that after Mister Hollings publically demonstrates what a whore he is with his so-called Consumer Broadband and Digital Television Promotion Act that he's suddenly interested in protecting the rights of the people of the United States.
If I were in Congress I'd vote against this Bill based on who's the owner of the rock it crawled out from under.
So read the friggin' EULA!
And to everyone who whines, "Oh, they're too long, I don't have the time, wah wah wah" -- if you're reading slashdot, just how valuable can your time be?
Never take moderation advice from sigs, including this one.
What evidence do we have that he should be trusted as to what his bill will do. It's easy to slip in "friendly amendments".
... it would be quite difficult to attempt to blacken his name to me. If it came to a choice between him and a man who ... oh ... defecated in church pews, why I'd hold my nose, and vote for his opponent.
Until I have definite proof, I'm going to assume that this bill is booby-trapped. My not seeing the trap only proves that I'm not a good lawyer. Well, I knew that already. I'm no lawyer at all. But it's going to be a very long time before I ever trust anything put forward by this (ahem) character.
E.g., privacy is all well and good, but privacy for who? Since corporations are considered persons, could this bill be really designed to prevent the airing of incriminating documents? I don't know. I doubt that any of us do. But after his last couple of efforts
I think we've pushed this "anyone can grow up to be president" thing too far.
We have prepared a section-by-section analysis of this bill that can be found here.
Enjoy!
True. And the converse is also, if you care. But if you pay cash, they don't even get to know where you're from, and buying at a physical store doesn't lead to increased spam, or even junk mail. And physical store purchses don't get correlated between different companies, etc. The analogy between online and offline sales is very weak.
>and buying at a physical store doesn't lead to increased spam, or even junk mail.
You're kidding, right? Many stores request contact information if you want a warranty, and then just start forwarding promos and flyers to your house.
Don't be naive.
"Old man yells at systemd"
Then what?
So the US signs a contract with MS that says you have to have Passport to deal with your government. Then the Gov. says it will only accept certain interactions electronically. That means you HAVE to buy a copy of Windows to, say, file your taxes if you're over $50K AGI, --- And agree to the MS EULA ---
I'm all for "free markets" but the fact is today's martket isn't competitive. You MUST do any number of things that you simply cannot opt-out from buying, EULA and all.
"But Sir, we haven't sold any sensitive informations about your sexual preference! We have just sold everyone the non-sensitive informations about your buying habits of our coprophilia gay porn. And now you claim that the non-sensitive informations could possibly harm your career as a TV pastor? How ridiculous! And as I have already told you, your buying habits of our penis enlargement techniques is not a medical history since these are only natural and herbal techniques, you can't sue us, Sir."
~shiny
WILL HACK FOR $$$
screw that.
we can protect ourselves without legistlation for privacy. we do that by making choices. if microsoft continues down the road of selling our info, and turning into one big desktop advertisement, then we can choose alternatives.
if there's blanket legistlation to make things illegal and across the board "protection" mechanisms on my PERSONAL computer....then that's screwed.
i'll gladly do without legistlated protection of privacy (i'll take care of it myself), but i don't want legislated hardware copy protection.
this is not even a choice. i say no to both.
so no, there's no reason to like Fritz on any issue.
Then your problem is with the law requiring you to use Passport, not with opt-in permissions appearing in the EULA per se. Don't change the subject.
Never take moderation advice from sigs, including this one.
Who paid for this?
-9mm-
Govt. deciding what is "sensitive" in the interests of privacy is an oxymoron.
But enuf dum sheeps go for the bait whenever some pandering Senator comes out four-square and offers a bill. I guess we are supposed to give Hollings credit for meaning well, but why doesn't he just take the hint and retire, instead?
--rgb
So you buy on-line with a credit card. Visa, MC, etc., along with the credit-reporting companies, are more than willing to sell back "profile" information of those who bought stuff from them via credit card.
I am the complaince officer at a large heathcare organization, and I can tell you this:
1. We are forbidden by federal law to release your medical info unless it's to save your life, or because a judge told us to
2. We are forbidden by federal law to give that info to anyone who COULD sell that info: basically, they have to sign a binding contract with us (an example would be a pharmacy, like wallgreens, who gets your private info, but by virtue of them using that info - it's ours - they cannot release it)
3. We are required by federal law to encrypt all data that travels outside our own intranets, and all data inside our network must be provably secure (e.g. best practice)
4. We are required to to regualar and proactive audits of ALL access to health info, and that all access leaves an audit trail.
4. I personally will have the head of any of OUR employees that releases ANYONE's personal data obtained from out data : )
I don't think we should put too much trust into this guy. He tried to hand everyone's computers on a silver platter to the entertainment industry, and if this does pass, he could end up using it as a "you owe us" kind of thing.
Why yes I am paranoid! Thanks for asking!
Screw what EVER this senator says. He has already proven he want's to screw us, I wouldn't agree with any of the spew coming from his mouth.
Vote NO on hollings. Bad decisions, bad legislation, bad leadership, crappy business ideals.
Show this bastard that it don't matter what political party you are, but your just plain ruined if you screw with technology.
Dear mr hollings,
Bugger off.
He is using FUD tactics.
Howabout requiring the signing of opt-in agreements to allow the government to release personal (ie medical, financial) information about yourself? But wait! Unlike the private sector, the government is a an all-benevolent entity that is entitled to certain prerogatives by virtue of the fact that 1) it's the answer to all of life's problems and 2) has been Mr. Holling's bread and butter for decades! I don't trust liberals with "privacy" issues.
i say we make him "ambassador to whichever country the taliban is hiding in this month."
Well, that would be opt-in. I just mean that we should be classifying what you have to do, not based on _what_ data is collected, but a kind of earmarked 'intention' for use stated up front at collection time. If they wanna sell, opt-in. If they wanna mail you, opt-in. If they want to build multidimentional databases to analyse their consumer demographics (no selling, no contacting you, no sharing, no partnering), opt-out. I dont want _anything_ sold ever, but I do want them to be able to use my geographic location and age, gender, sexual orientation, etc, anything else, in order for them to know who they're attempting to serve.
"Old man yells at systemd"
Sorry Fritz, this bill just doesn't offset the CBDTPA, and until that bill is withdrwn, you'll not get my support on this. The CBDTPA has much farther reaching implications than the privacy issues. I'll make you a deal, I'll tell ya anything you want to know about me, if you withdraw the CBDTPA. Acronyms: Conned By Disney To Push Agenda Crooks Buy Democrat To Push Agenda
Being an ultra-sophisticated Android Ninja sorta precludes being a mammal. Of course, since only Disney employees will bow down to him, he will have to fight all of the time, just a like a real Ninja.
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
The Devil is in the detail. The combination of endorsing opt-out and preempting state laws ctually makes this bill an attack on privacy. We eed to go to something like the EU system; your data should belong to you unleess and until you authorize someone else to use them. From my perspective, all of my personal data are sensitive, including my addresses and my telephone numbers.
http://Zap2it.com, an desperation alternative to tvguide.com online, is cleverly set up so that any communication with them via their website automatically signs you up for company propaganada UNLESS you check the opt-out box. More typically, of course, that's an opt-in box that comes prechecked. Either way, you have to click the mouse to avoid being signed up, but this fine print is sure set up to manipulate you into thinking you've committed to nothing, since it's not marked. Yet another demonstration of why any opt-out process is crap. If I want them to write to me, I'll tell them so. Anything else is a sleazy trick used by the likes of amazon, yahoo, and godiva.
The bill would require businesses to provide consumers with a way to access their information, and to correct any inaccuracies in the data held about them.
Nobody in the world wants a business to know personal things about them, whether it be their address, their shopping habits, or their religion. If the bill lets customers "correct" the data, I think somebody in marketing is going to be really surprised to find out that 80% of their customers are named "John Smith", have no shopping-preferences, and live in zip code 12345.
I found this obscure note tacked on the end that if nothing else in the bill appealed to you, you might still want to see on a future bill:
(d) DEVELOPMENT OF INTERNET PRIVACY PROGRAM- The Institute shall encourage and support the development of one or more computer programs, protocols, or other software, such as the World Wide Web Consortium's P3P program, capable of being installed on computers, or computer networks, with Internet access that would reflect the user's preferences for protecting personally-identifiable or other sensitive, privacy-related information, and automatically execute the program, once activated, without requiring user intervention.
Wouldn't it be nice to see most browsers configured with P3P warning messages whenever non-P3P sites tried to get you to give up your info.
I own my own domain, and control all the e-mail addresses on it. I gave an address to Abit so that they could contact me RE: a hardware problem(abit@mydomain.cc), I started getting SPAM to abit@, so I redirected it to the first public e-mail address I found on their website. They now get their own spam. I hope they're happy.
Synergy is your friend
Enclosed are two pencils. Could you please occupy yourself with them, say, for a couple of years, and stay out of the way of your colleagues who work for the interests of those who elected them?
Thank you.
Those who can, do. Those who can't, write technology blogs.
no joke, my employer emailed that story to the whole company, only without the enron bit at the end.
just wanted to make sure everyone remembers what a heartless bastard he is, i guess.