[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"We have to destroy privacy in order to protect privacy"

At 12:39 AM -0700 10/20/98, [email protected] wrote:
>Those who are affected in the first place are US companies who
>are used to collect and process personal data from their customers
>without any embarrassment. They will be excluded from
>the European market, if they do not follow European Data
>Protection rules.

Sounds good to me...a trade war with the Communist Confederation of Europe.

>Until now the US goverment has decided to leave this matter
>to self regulation. However, US industry did not manage to
>come up with an appropriate codex.

Because in these United States we have certain constitutional rights. Some
of those rights include the First and the Fourth Amendments. Taken together
with other rights, the conclusion is this:

The government cannot insist on the form of data stored in data bases.

(There have been unconstitutional, in the opinion of many, encroachments on
this right, and especially of what businesses and others may do with data.
Releasing or selling video rental records, for example.)

To be more concrete, if I compile lists of who is writing articles on
Usenet, I have no obligation to either purge these records or show them to
others or not sell them or _anything_. The government cannot get at my
records except under limited situations.

Europe's "data privacy laws," which I have been critical of for more than
ten years now, are an abomination. While the laws sound well-intentioned,
they effectively give the state the power to sift through filing cabinets
and disk drives looking for violations.

And the laws create much mischief. A node for the Cypherpunks distributed
list probably could not legally be run in many European states (maybe none
of the EEC states now that they are conforming to the same laws). Why not?
Check the provisions on compiling lists and the need for permission from
the compilee, and the need to register the lists with various bureaucrats.

(This example came up several years ago in connection with the U.K.'s data
privacy laws. As the law read, lists of e-mail addresses fell under the
reporting requirements, as did data bases of customers, vendors, and other
such stuff a company might collect.)

Of course, like all bad laws, these laws are only enforced at the
convenience of the state. While Germany may not hassle the Cypherpunks list
operators in Berlin, they may very well use the data privacy laws to force
the Church of Scientology to open up their lists of members, to register
the lists, to purge the lists, etc.

And France will probably use the laws to harass Greenpeace.

Bad laws. Bad to invade file cabinets.

>If industry
>does not comply until the end of the year, FTC promised that
>they will introduce a bill at congress which will comply with
>European data protection standards. On the other hand, the US did
>not even manage to adopt the Guidelines on the Protection
>of Privacy and Transborder Flow of Personal Data by OECD.

Because fucking OECD deals don't take precedence over our Constitution.

>Other countries, in particular those in Eastern and Central
>Europe have, in spite of massive lobbying by D. Aaron, adopted
>laws on data protection and privacy since they do not want
>endanger their future participation in the EU.

These laws on "data protection and privacy" are in many ways laws _against_
privacy. After all, if data are actually private, the authorties won't see
any violations.

"We have to destroy privacy in order to protect privacy."

Let the war with the statists in Europe commence.

--Tim May

Y2K: A good chance to reformat America's hard drive and empty the trash.
Timothy C. May              | Crypto Anarchy: encryption, digital money,
ComSec 3DES:   831-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.