EU to Investigate Passport Privacy Concerns

mvdwege writes: "Well, it appears that the old fight between the US and the EU over privacy regulations is about to enter a second round. In response to a letter by a Member of the European Parliament, the Commission has stated that it will start investigating Microsofts possible breach of the EU privacy regulations. The Register has a nice summary."

You Know You've Lost When...

[donnacha]

The guy asking these questions, Erik Meijer MEP, probably realized the game was up when the Parliament issued it's preliminary answers in only one format... Microsoft Word.

in related news...

[__aawsxp7741]

the US government is trying to stop the European Commission's antitrust case against Microsoft.

Personal Data Need to be Regulated

[guttentag]

The government needs to start treating companies that collect sensitive consumer information like banks. They are in fact banks of valuable information that must be protected and regulated.

Banks and financial institutions are subject to strict federal regulations in the U.S. with regard to:

• information they disclose to third parties
• information (advice/sales pitches) they provide their customers

These institutions are monitored, and employees/institutions who violate the regulations are investigated and prosecuted (slapped with fines or jail time).

At the moment, there are a number of companies that collect sensitive information from consumers, and regardless of what they claim they are doing with that information, no one has any way of knowing if they are honoring those claims. Most public companies would leap at the opportunity to tell consumers whatever they wanted to hear if

1. the company could profit from it
2. consumers had no way of knowing the truth

The government needs to define regulations for this industry, it needs to be able to monitor the industry and it must have the power to enforce the regulations through fines and incarceration.

The companies in this industry will oppose regulation, claiming that the costs associated with monitoring and compliance would put them out of business *bullshit-the-cost-of-not-being-able-to-prostitute -your-data-will-put-them-out-of-business* Excuse me; I must be coming down with a cold. As I was saying, they will insist upon being allowed to regulate themselves. They must not be permitted to persuade the politicians of this.

Ask your representative or senator to consider what life would be like today if banks and brokerages were not regulated. Then tell them that this is far more serious, because while money can be refunded, information cannot be stuffed back into Pandora's Box once it is released.

Two very simple principles of Data Protection

[dunstan]

Two very simple principles of data protection are:

Personal data must not be released to a third party without the consent of the party who has given the data

Personal data must not be used for a purpose other than that for which it was collected

Now let's judge Passport against these:

As soon as somebody signs for a Passport account they start getting spam from third parties

As soon as somebody signs for a Passport account they start getting spam

Now, this isn't some precious view about what a pity junk email is - this is a basic breach of fundamental principles of privacy and data protection being perpetrated by a corporation with a large amount of trade in every EU country (and elsewhere in the world).

If they want to trade in the EU and make money here, they have to obey our laws. And our laws on privacy and data protection aren't that onerous - all that is asked is that if you collect personal data that you don't hand it out willy nilly, and that you use it for the purpose for which it was collected. Is that an unreasonable restraint on trade?

Dunstan