My first thought is what is the threat model here? What are you trying to defend against?
It reminds me a little of ZKS Freedom, which is a GREAT technology for anonymization (Freedom scrambles IP addresses using cryptography), but how much security does anonymization really buy you? Probably not much.. in fact it probably increases your security risks since it removes accountability from the equation.
You kinda have the same thing happening here. I can see how, in principle, something like this would be useful for preventing DoS attacks, or even messing up hackers trying to get in, but at the same time it looks like you're making the job of auditing usage of the network a LOT more difficult, and that creates a big security risk (not to mention removes accountability from network users).
There are a couple issues w/ this company:
Invicta is the Latin word for "invicible". ANY security vendor who claims they are invincible is selling snake oil..
The phrase "unbreakable security" appears multiple times on their home page. Pluheze - "unbreakable security"? See point #1.
It looks like they're going to fall back on protecting their "technology" with "patents", which is NEVER a good sign.
I agree w/ the earlier posts, this looks like (at best) security through obscurity.. (+ the word "cyber" is so mid-1990s)..
The problem with companies like Microsoft is that they define themselves too narrowly. Software is defined by how useful it is to its users. If you're a company that's producing software for, say, 3 customers and a closed-source model in which you have centralized response to customer concerns is probably appropriate.
If, on the other hand, you have desktop operating system software distributed across like a billion computers across all the world, then there's no way any one company (even if you're Microsoft) can respond to all the needs of all its customers. Open source is the only appropriate model in this case.
Even Microsoft knows this - they license the source code to Windows to their largest customers (on very strict terms) for precisely this reason..
Desktop OSes are a commodity - Microsoft should open source windows (for the sake of security if nothing else), file it under the heading "commodity abandonware", and move on...
In a lot of ways, this is an article about transaction costs. The author talks about how both opt-in and opt-out result in the same economic equilibrium, but since opt-in more closely models a consumers privacy rights, it achieves economic equilibrium in less time and more efficiently (since there are lower transaction costs involved).
This property is highly characteristic of Coasian systems, and in this case, Coasian analysis would indicate that consumers should own their own personal information, not companies that collect it.. I make more extensive arguments on this here: http://www.paulsholtz.com/papers/transaction_costs/
The posts about "opt-ing" in the profits marketers receive from selling personal information are right on the money - When dealing w/ interactive media like the Internet, the transaction costs are so low that it is more efficient for individual consumers to own and control their personal information, instead of letting companies (like the DMA) control it for them.
So all this discussion about banner ads, and why they suck or why they can still work or why interruption-based advertising may or may not work is interesting, but I think for starters there is a more fundamental question that should be asked:
Why do you have advertising in the first place?
In any economic system, there is an obvious need to connect buyers with the appropriate sellers (and vice versa); advertising is probably the most important vehicle we use (in the media) to accomplish this goal. It doesn't matter if the end goal is direct response (like direct marketing) or just to lay a "subminal" signal like w/ TV (or even print and radio). If advertising is connecting buyers with sellers in a relevant fashion, it is doing its job...
Next question:
How does advertising work?
Advertising works when various organizations (be they ad networks, ad distributors, direct marketers or the Nielsen companies) collect personal information (at some level of resolution) and use it to communicate a message that sellers have to buyers.
Last Question:
Is this model ever going to work on the Internet (or any other form of interactive, electronic media)?
Yes, its true that marketers can collect and correlate "lots" of personal information using Internet technology. But its also true that the Internet dramatically reduces transaction costs to the point where it may be cheaper for individual consumers to own and manage thier own personal information, rather than allowing organizations (like ad networks, direct marketers) own and make decision regarding the use of personal information
On the Internet, it is cheaper for individual consumers to own personal information than it is for organizations to own this information
Advertising can only exist in world (media) where organizations (not individuals) own personally identifying information
Advertising can only exist in media that have extremely high interaction costs associated w/ them (like TV) -- the Internet has astronomically LOW interaction costs -- therefore advertising, as a model for connecting buyers and sellers, can never work on the Internet.
That does not mean that it is impossible to connect buyers and sellers using the Internet.. there are LOTS of ways this can happen, but it only works efficiently (in an economic sense) if individual consumers own their own personal information (and this can never happen in a world where advertising exists).
You're right that you can't copyright a fact, but that's missing the point that copyright law exists to create "ownership" over "property" (and define what the bounds of that property are).
Clearly you can own things besides just "ideas" ("ideas" here representing that which is covered by copyright - in fact, you can very obviously argue that you don't really own an idea in the first place - at least not once you've communicated it to someone, but then again I'm not here to argue for or against IP law).
The fact that it IS possible to create a body of law and technology to protect "intellectual" property rights suggests that something similar should also possible for "personal information" property right (i.e., privacy).
People instinctively view their personal information as their "property" - if they did not, identity "theft" could not exist as a crime (and yet it IS a crime and it is a VERY lucrative crime). That which is not owned cannot be stolen, and since identities are routinely stolen in today's economy, I would argue that individual property rights exist (or SHOULD exist) over personal information.
Most people might not want to know your health history or DNA, but there ARE some people who will.. Your employer and your insurance company came readily to mind..
The degree to which you are able to keep your medical history secret can have a real financial impact on your life in this case. I remember reading a case recently about a woman who had contracted cancer and was paying for treatment via her insurance company. When the bank (which owned her mortgage) found out about the cancer from the insurance company, it forclosed her mortgage and so now you have a person who not only has cancer, but is homeless as well.
It is, I think, an argument against information "wanting" to be free..
The transaction costs would be high, unless the micropayment happens using some "invisible" vehicle, like you suggest..
I've always wondered if in some grand master plan, this isn't what companies like Amex have planned w/ their Blue card.. Plug the card into the reader, the content provider/Web validates your identity using two-factor authentication and bills you micropayments as you surf from site to site (assuming the content sites in question are set up to authenticate visitors + bill micropayments in this way)..
There is a bill pending in the US Congress (HR 112) that would likely impact these types of tracking devices:
A BILL To prohibit the making, importation, exportation, distribution, sale, offer for sale, installation, or use of an information collection device without proper labeling or notice and consent.
SECTION 1. SHORT TITLE.
This Act may be cited as the `Electronic Privacy Protection Act'.
SEC. 2. PROHIBITIONS RELATING TO INFORMATION COLLECTION DEVICES.
What I find most disturbing about this is that MS is trying to convince US policymakers that open source is bad and needs to be reined in. This attitude is completely and totally irresponsible (as is claiming that open source stifles innovation) and is really a brand-new low for MS...
I also find it bitterly ironic, since open source represents the most poignant antidote to the Microsoft monopoly. I never understood how breaking the company into two was supposed to stimulate competition. Maybe this works if you're breaking up an oil company. It barely worked in the case of AT&T. And I don't really see how it would serve to constrain the behavior of a software monopoly like MS..
To really displace Windows on the desktop, OSes like Linux need to support the same broad range of desktop business apps that Windows does.. Businesses buy Windows b/c Windows runs Office applications, not b/c its Windows..
Porting Office to Linux would probably be the single strongest way to validate Linux and to stimulate competition with Windows as an OS standard (and THAT, I believe, is the purpose of antitrust? To stimulate competition??)
Just don't expect a port like that w/o active prodding from the gov on the grounds of antitrust, or better yet, anti-trust mandated open-sourcing of Office..
As an added bonus, opening the source to MS applications MIGHT just makes them a little more secure. How many security bugs are discovered in products like IE every week?? If this source were open to public review, it might stand a chance of being a little more stable and secure..
However, at the 50,000-foot level, I agree with you. Both copyright protection and privacy protection boil down to controlling secondary uses of information, a problem that is notoriously difficult to solve.
The specific techniques involved in either case, however, differ. In copyright, you see a lot DRM-type software. In privacy, it seems to more about laws, and protections (in the forms of auditing and permissioning and other security measures) around large database systems.
I use the example of a Web site with 10,000 personal profiles to model how this information might be shared "publicly and openly" (much like intellectual property, at least on the Web today, is currently distributed). I also use this example to show how this public and open approach (or, like you suggest, giving up on any form of information control and just letting information "be free") is not necessarily to most economically efficient. Open and public sharing of personal profiles leads to identity theft and a host of other nefarious uses..
I know all about mailing lists and how valuable they can be. But when retailers and advertisers and other players trade mailing lists, the information is still not "open", "public" or "free" in the sense you are (I think) interpreting it. If nothing else, these companies have a strong economic incentive NOT to let this information get into the wrong hands, and to a greater or lesser extent, this works "somewhat" to the advantage of the consumer (since otherwise the information would be totally free and identity theft would be totally rampant).
(Remember that simple economics can often exert as much control as software or laws)
In any case, identity theft STILL is not *super-rampant* on the Internet nor anywhere else (and it probably never will be *rampant*, although it will always be a risk), which suggests that the privacy problem on the Internet is not one where there is *NO* control over personal information, and it does not stem from the fact that there are no technical "controls" over personal information possible on the Internet. Indeed, there is still a TREMDENOUS amount of control over the personal information on the Internet and there ALWAYS will be.
The privacy problem, by and large, stems from that fact that individual consumers (who supply the personal information) are not included in the overall value chain as personal information is sold and traded. A quintessential example is Amazon and their database of customer buying habits. The reason people have a problem w/ Amazon's new policy is (a) Amazon takes the position that it (not the consumers) owns the purchasing profiles and (b) that it can decide what to do w/ those profiles.
If an economic, legal or technical (I don't care which, take your pick!) architecture were contrustructed whereby individuals would "own" their personal information and they could control how Amazon handles this information after a transaction is completed, there would be no privacy problem.
The notion of consumer property rights over personal information is not so far-fetched.. it's part of the new HIPAA health care legislation that is rolling into effect over 2002-2004.
The issues of protecting personal data and of protecting copyrighted information are similar
in that both cases essentially boil down to a question of secondary uses of "protected" information and (at least on the Internet) there is currently substantial ambiguity over who owns the information in question and what rights the information owner has over that information (and its subsequent secondary use/distribution).
Do your name, address and phone number belong to you (ie., can you exercise property rights over your personal information)? Or do they belong to the company to whom you disclosed this information in the course of transacting business? In general, American law today is more supportive of the latter case. This is because until recently, it was prohibitively expensive for individual consumers to express property rights over personal information. "Customer interaction" with corporations had been limited (largely) to customer service rep calls, and those calls cost a company $7-8 a pop. In a world w/ high transaction costs associated with the expression of preferences over the use of personal information, it makes sense for the corporations to "own" the personal information and use it however they see fit (which may include selling it to marketers, etc)
Nevertheless, there are obvious inefficiencies when companies are allowed to exercise property rights over personal info they collect, especially in a highly internetworked world. An excess of junk mail is an obvious (though rather inoccous) example. More sinister examples are not hard to concieve of.. Moreover, as society becomes increasingly mobile (moving between residences frequently, maintaining different residencies simultaneously), it becomes economically more efficient for individual consumers to control their own personal information.
The Internet makes it easier for companies to collect information on consumers, but it also makes it easier for consumers to control the information that is collected (all they have to do is log on to the Web site in question and express their preferences; (as well as trust that the Web site in question REALLY will abide by those preferences)). In the online world, I think, it makes sense to allow consumers to express property rights over personal information.
I think as far as "information flows" go, both cases (copyright and privacy) are a little different as well. In copyright, if I publish something on the Web, it might give 1 in every 10 readers some kernel of a new idea or perspective, and they in turn can be inspired to use that information to publish their own works, etc and so.. (this effect works, in some degree, in film and music as well). In general, the net effect is that the economy in general can flourish more robustly the more freely intellectual property can be allowed to circulate..
With personal information, though, there is no positive externality to sharing it widely. Imagine a Web site where the names, addresses, phone numbers and credit card numbers of 10,000 online consumers is published. Aside from some obvious criminal uses, such a Web site would have no real (positive) economic value..
The idea that free information is always good is a seductive one, but it is wrong. Like the previous posted said, "free information in general is a good thing", but in this case (privacy) we see the exception to the "in general" rule..
In general, I don't totally agree w/ everything the author says, for a number of reasons (one probably being that I'm not a libertarian!) But I
think its interesting b/c this is one of the few articles that notes the connection between transaction costs and privacy.
Transaction costs lie at the very heart of privacy economics. In the offline world, it's too expensive to express preferences over the use of
personal information. You'd have to call up every company you do business with and talk to a customer service rep. That call costs the company like $7-8, and that's too much cost for too little value (if all you're doing is trying to express preferences, check audit trails, etc)
On the Internet, the cost of that transaction plummets to sub-pennies. Per the Coase Theorem, when transaction costs plummet, a corresponding
reassignment of property rights is usually required. In this case, the property right over personal information would shift from the company
collecting the personal info to the consumer to whom it belongs. This shift in property (privacy) rights would reestablish a "happy" economic
equilibrium that got jolted out of place when the Internet (and corresponding massive drops in transaction costs) hit..
So that's why I've always been a fan of the Larry Lessig-style "property rights" over personal information.. I also disagree that you can't assert property rights over info shared w/ a Web site, and then not assert them when talking to a journalist or walking around in public.
I think you can do that (have property rights over Web site info but not over reporters or general public behavior) That's b/c I think you're talking about two entirely different forms of privacy. The journalist, or the form of monitoring that goes on when I'm in public, serve to regulate my behavior.. it's kinda the *government* angle on privacy and its an
enforcement of social norms.
On the other hand, when info is shared w/ a Web site, it winds up (often) getting sold on down the value chain where at some point it winds up on some list brokers phone list and I get a call on my cell phone. That call costs me money to answer and reject and if the info was being sold in the first place, I should have gotten a cut of the sale to start with. In this (economic) context of privacy, the assignment of property (privacy) rights to consumers is necessary to reestablish economic equilibrium, per the Coase
Theorem..
In 1998, I co-founded a company called PrivacyRight (www.privacyright.com) that is helping deliver on this concept of property rights over personal information.. Check out the Web site sometime..
I've also written papers on the topic of property rights over personal information..
Slashdot Mirror
It reminds me a little of ZKS Freedom, which is a GREAT technology for anonymization (Freedom scrambles IP addresses using cryptography), but how much security does anonymization really buy you? Probably not much.. in fact it probably increases your security risks since it removes accountability from the equation.
You kinda have the same thing happening here. I can see how, in principle, something like this would be useful for preventing DoS attacks, or even messing up hackers trying to get in, but at the same time it looks like you're making the job of auditing usage of the network a LOT more difficult, and that creates a big security risk (not to mention removes accountability from network users).
There are a couple issues w/ this company:
I agree w/ the earlier posts, this looks like (at best) security through obscurity.. (+ the word "cyber" is so mid-1990s)..
Paul Sholtz
If, on the other hand, you have desktop operating system software distributed across like a billion computers across all the world, then there's no way any one company (even if you're Microsoft) can respond to all the needs of all its customers. Open source is the only appropriate model in this case.
Even Microsoft knows this - they license the source code to Windows to their largest customers (on very strict terms) for precisely this reason..
Desktop OSes are a commodity - Microsoft should open source windows (for the sake of security if nothing else), file it under the heading "commodity abandonware", and move on...
--Paul Sholtz
This property is highly characteristic of Coasian systems, and in this case, Coasian analysis would indicate that consumers should own their own personal information, not companies that collect it.. I make more extensive arguments on this here: http://www.paulsholtz.com/papers/transaction_costs /
The posts about "opt-ing" in the profits marketers receive from selling personal information are right on the money - When dealing w/ interactive media like the Internet, the transaction costs are so low that it is more efficient for individual consumers to own and control their personal information, instead of letting companies (like the DMA) control it for them.
Why do you have advertising in the first place?
In any economic system, there is an obvious need to connect buyers with the appropriate sellers (and vice versa); advertising is probably the most important vehicle we use (in the media) to accomplish this goal. It doesn't matter if the end goal is direct response (like direct marketing) or just to lay a "subminal" signal like w/ TV (or even print and radio). If advertising is connecting buyers with sellers in a relevant fashion, it is doing its job...
Next question:
How does advertising work?
Advertising works when various organizations (be they ad networks, ad distributors, direct marketers or the Nielsen companies) collect personal information (at some level of resolution) and use it to communicate a message that sellers have to buyers.
Last Question:
Is this model ever going to work on the Internet (or any other form of interactive, electronic media)?
Yes, its true that marketers can collect and correlate "lots" of personal information using Internet technology. But its also true that the Internet dramatically reduces transaction costs to the point where it may be cheaper for individual consumers to own and manage thier own personal information, rather than allowing organizations (like ad networks, direct marketers) own and make decision regarding the use of personal information
I've written a paper on this topic here:
http://www.paulsholtz.com/papers/transaction_costs /
The point is:
That does not mean that it is impossible to connect buyers and sellers using the Internet.. there are LOTS of ways this can happen, but it only works efficiently (in an economic sense) if individual consumers own their own personal information (and this can never happen in a world where advertising exists).
Clearly you can own things besides just "ideas" ("ideas" here representing that which is covered by copyright - in fact, you can very obviously argue that you don't really own an idea in the first place - at least not once you've communicated it to someone, but then again I'm not here to argue for or against IP law).
The fact that it IS possible to create a body of law and technology to protect "intellectual" property rights suggests that something similar should also possible for "personal information" property right (i.e., privacy).
People instinctively view their personal information as their "property" - if they did not, identity "theft" could not exist as a crime (and yet it IS a crime and it is a VERY lucrative crime). That which is not owned cannot be stolen, and since identities are routinely stolen in today's economy, I would argue that individual property rights exist (or SHOULD exist) over personal information.
Now you just have to convince the DMA of this..
The degree to which you are able to keep your medical history secret can have a real financial impact on your life in this case. I remember reading a case recently about a woman who had contracted cancer and was paying for treatment via her insurance company. When the bank (which owned her mortgage) found out about the cancer from the insurance company, it forclosed her mortgage and so now you have a person who not only has cancer, but is homeless as well.
It is, I think, an argument against information "wanting" to be free..
I've always wondered if in some grand master plan, this isn't what companies like Amex have planned w/ their Blue card.. Plug the card into the reader, the content provider/Web validates your identity using two-factor authentication and bills you micropayments as you surf from site to site (assuming the content sites in question are set up to authenticate visitors + bill micropayments in this way)..
A BILL To prohibit the making, importation, exportation, distribution, sale, offer for sale, installation, or use of an information collection device without proper labeling or notice and consent.
SECTION 1. SHORT TITLE.
This Act may be cited as the `Electronic Privacy Protection Act'.
SEC. 2. PROHIBITIONS RELATING TO INFORMATION COLLECTION DEVICES.
http://thomas.loc.gov/cgi-bin/query/C?c107:./temp/ ~c107vURqcq
or you can go to the Library of Congress Home Page and search for H.R. 112..
I also find it bitterly ironic, since open source represents the most poignant antidote to the Microsoft monopoly. I never understood how breaking the company into two was supposed to stimulate competition. Maybe this works if you're breaking up an oil company. It barely worked in the case of AT&T. And I don't really see how it would serve to constrain the behavior of a software monopoly like MS..
To really displace Windows on the desktop, OSes like Linux need to support the same broad range of desktop business apps that Windows does.. Businesses buy Windows b/c Windows runs Office applications, not b/c its Windows..
Porting Office to Linux would probably be the single strongest way to validate Linux and to stimulate competition with Windows as an OS standard (and THAT, I believe, is the purpose of antitrust? To stimulate competition??)
Just don't expect a port like that w/o active prodding from the gov on the grounds of antitrust, or better yet, anti-trust mandated open-sourcing of Office..
As an added bonus, opening the source to MS applications MIGHT just makes them a little more secure. How many security bugs are discovered in products like IE every week?? If this source were open to public review, it might stand a chance of being a little more stable and secure..
The specific techniques involved in either case, however, differ. In copyright, you see a lot DRM-type software. In privacy, it seems to more about laws, and protections (in the forms of auditing and permissioning and other security measures) around large database systems.
I know all about mailing lists and how valuable they can be. But when retailers and advertisers and other players trade mailing lists, the information is still not "open", "public" or "free" in the sense you are (I think) interpreting it. If nothing else, these companies have a strong economic incentive NOT to let this information get into the wrong hands, and to a greater or lesser extent, this works "somewhat" to the advantage of the consumer (since otherwise the information would be totally free and identity theft would be totally rampant).
(Remember that simple economics can often exert as much control as software or laws)
In any case, identity theft STILL is not *super-rampant* on the Internet nor anywhere else (and it probably never will be *rampant*, although it will always be a risk), which suggests that the privacy problem on the Internet is not one where there is *NO* control over personal information, and it does not stem from the fact that there are no technical "controls" over personal information possible on the Internet. Indeed, there is still a TREMDENOUS amount of control over the personal information on the Internet and there ALWAYS will be.
The privacy problem, by and large, stems from that fact that individual consumers (who supply the personal information) are not included in the overall value chain as personal information is sold and traded. A quintessential example is Amazon and their database of customer buying habits. The reason people have a problem w/ Amazon's new policy is (a) Amazon takes the position that it (not the consumers) owns the purchasing profiles and (b) that it can decide what to do w/ those profiles.
If an economic, legal or technical (I don't care which, take your pick!) architecture were contrustructed whereby individuals would "own" their personal information and they could control how Amazon handles this information after a transaction is completed, there would be no privacy problem.
The notion of consumer property rights over personal information is not so far-fetched.. it's part of the new HIPAA health care legislation that is rolling into effect over 2002-2004.
Paul Sholtz
PrivacyRight - www.privacyright.com
Do your name, address and phone number belong to you (ie., can you exercise property rights over your personal information)? Or do they belong to the company to whom you disclosed this information in the course of transacting business? In general, American law today is more supportive of the latter case. This is because until recently, it was prohibitively expensive for individual consumers to express property rights over personal information. "Customer interaction" with corporations had been limited (largely) to customer service rep calls, and those calls cost a company $7-8 a pop. In a world w/ high transaction costs associated with the expression of preferences over the use of personal information, it makes sense for the corporations to "own" the personal information and use it however they see fit (which may include selling it to marketers, etc)
Nevertheless, there are obvious inefficiencies when companies are allowed to exercise property rights over personal info they collect, especially in a highly internetworked world. An excess of junk mail is an obvious (though rather inoccous) example. More sinister examples are not hard to concieve of.. Moreover, as society becomes increasingly mobile (moving between residences frequently, maintaining different residencies simultaneously), it becomes economically more efficient for individual consumers to control their own personal information.
The Internet makes it easier for companies to collect information on consumers, but it also makes it easier for consumers to control the information that is collected (all they have to do is log on to the Web site in question and express their preferences; (as well as trust that the Web site in question REALLY will abide by those preferences)). In the online world, I think, it makes sense to allow consumers to express property rights over personal information.
I think as far as "information flows" go, both cases (copyright and privacy) are a little different as well. In copyright, if I publish something on the Web, it might give 1 in every 10 readers some kernel of a new idea or perspective, and they in turn can be inspired to use that information to publish their own works, etc and so.. (this effect works, in some degree, in film and music as well). In general, the net effect is that the economy in general can flourish more robustly the more freely intellectual property can be allowed to circulate..
With personal information, though, there is no positive externality to sharing it widely. Imagine a Web site where the names, addresses, phone numbers and credit card numbers of 10,000 online consumers is published. Aside from some obvious criminal uses, such a Web site would have no real (positive) economic value..
The idea that free information is always good is a seductive one, but it is wrong. Like the previous posted said, "free information in general is a good thing", but in this case (privacy) we see the exception to the "in general" rule..
Paul Sholtz
PrivacyRight, Inc. - www.privacyright.com
Transaction costs lie at the very heart of privacy economics. In the offline world, it's too expensive to express preferences over the use of personal information. You'd have to call up every company you do business with and talk to a customer service rep. That call costs the company like $7-8, and that's too much cost for too little value (if all you're doing is trying to express preferences, check audit trails, etc)
On the Internet, the cost of that transaction plummets to sub-pennies. Per the Coase Theorem, when transaction costs plummet, a corresponding reassignment of property rights is usually required. In this case, the property right over personal information would shift from the company collecting the personal info to the consumer to whom it belongs. This shift in property (privacy) rights would reestablish a "happy" economic equilibrium that got jolted out of place when the Internet (and corresponding massive drops in transaction costs) hit..
So that's why I've always been a fan of the Larry Lessig-style "property rights" over personal information.. I also disagree that you can't assert property rights over info shared w/ a Web site, and then not assert them when talking to a journalist or walking around in public.
I think you can do that (have property rights over Web site info but not over reporters or general public behavior) That's b/c I think you're talking about two entirely different forms of privacy. The journalist, or the form of monitoring that goes on when I'm in public, serve to regulate my behavior.. it's kinda the *government* angle on privacy and its an enforcement of social norms.
On the other hand, when info is shared w/ a Web site, it winds up (often) getting sold on down the value chain where at some point it winds up on some list brokers phone list and I get a call on my cell phone. That call costs me money to answer and reject and if the info was being sold in the first place, I should have gotten a cut of the sale to start with. In this (economic) context of privacy, the assignment of property (privacy) rights to consumers is necessary to reestablish economic equilibrium, per the Coase Theorem..
In 1998, I co-founded a company called PrivacyRight (www.privacyright.com) that is helping deliver on this concept of property rights over personal information.. Check out the Web site sometime..
I've also written papers on the topic of property rights over personal information..
Paul Sholtz
PrivacyRight, Inc. - www.privacyright.com