[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Privacy Marketing



>         Reply to:   RE>Privacy Marketing
>
>Nick -
>
>I read your well-reasoned and articulate post just after sending my own (much
>less complete) one which largely contradicts your view.
>
>Either future is plausible.  I think the key issue here is risk.  The
>commercial market for transaction detail exists today.  Call it a mature
>industry.  The market for individual digital privacy has been identified at a
>general level, but, as you point out, has not exactly crystallized.  Call it
>an embryonic industry.
>
>Does the former need to die in order for the latter to gain ground?  Probably
>not.  There's a lot of mutual dependence here.  Each needs the other to be
>relevant - kind of a Yin/Yang thing.  Depending upon how the regulatory
>environment shapes up, it may be quite possible that both are thriving
>businesses in the future, with transaction service providers enjoying revenue
>streams from both selling data and selling anti-data (privacy).   Look at
>Caller ID and Caller ID Blocking services for an historical precedent.
>
>- Art
>
>
>Art Hutchinson                                        E-mail:
>[email protected]
>Senior Consultant                                        Phone: (617) 654-0635
>Northeast Consulting Resources, Inc.        FAX: (617) 654-0654
>One Liberty Square                                     WWW: http://www.ncri.com
>Boston, MA 02160

This dovetails into a conversation currently going on in inside the
cypherpunks alias, here is a reply I posted to a query about Transaction
Models, and security or anomymous status of the transaction initiator or
closer.


--- Snip ---


>I must disagre here and side with *gasp* FC.

Ughhh, Me too..., Dr. Fred scores 2 Points!

>If your so called *secure* server happens to get broken into by grace of
>god, you want to know at least where the attack came from. If Netscape
>wants to hide internet hostnames they would to well setting up to DNS
>servers, one for internal resolutions where IPs resolve to their real
>hostname, and one in front of the firewall that resolves all IP's to
>unkown.netscape.com.


I think there are reallty two bigger conceptual issues up for bashing about
here, and they are different. It is unlikely that they can be by the same
protocol... They both are valid transaction models and must be met.

The one - Authentication Based transactions, i.e. I am doing *stuff* from a
"known" system or "authenticated channel". These transactions are based
upon a level of trust that I say I am who I am and that my "tresources" are
as they are protrayed to be. Clearly there is an electronic trail generated
here. This is the "credit card" model.

and

The other, -  What I now call "Unauthenicated transactions" are based upon
the actual resource's being authenticated rather than myself being
authenticated.

-----

Hence if you follow this model to extrapolate that these two types of
"environments" exist, that of "known and trusted users" and that of
"unknown users, but trusted cash". They are inb and of itself what will
drive the need to both collect and enforce privacy for both types of
transactions.

IMHO - Anything less just wont fly long term. This concept of collecting
client data has to be a part of the "Known Entity" Transaction Models and
relegated to stay within that context. "Unknown Entity" transaction
processing will have to be made avalaiable as well with anonimity being
insured as part of the process model.


Todd





Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
[email protected]

(415) 324-4318


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----