Re: 3 Proposals: session ID, business-card auth, customer auth

Terje Norderhaug ([email protected])
Mon, 24 Jul 1995 20:29:32 -0800


At 3:29 PM 7/24/95, Koen Holtman wrote:
>Terje Norderhaug:
>>If we want to give the user full control of the profile, it should be in a
>>standard format so it can be edited by a tool running on the users hardware
>>(or a standard editor available on the web).
>
>Typically, this profile would be stored in the databases of multiple
>marketing departments, not in my local profile file. By editing my
>local profile, I won't be able to prevent getting snail mailed special
>offers for books about gardening.
>
>The only way to prevent this is to make pooling of logfiles by
>determined profilers as difficult as possible.

Wrong. There are a number of others ways other that technology to protect
privacy. Some places uutside US, e.g. Scandinavia, there are legal
limitations on creating databases with information of people. We might
consider to support some coexistence between legal ways and technical ways
to ensure privacy. However, my opinion is that we should _minimize_ the
need for legislation by appropriate technological design.

>> This would allow
>>privacy protection such as limiting the ability for service providers to
>>build large databases of profiles.
>
>Nope. It does not limit the ability of service providers to store any
>information you send them in the marketing database. If you send it,
>they can archive it, regardless of whether you promise to send it
>again next time.

You misunderstood the point. As the profiles are distributed to each user,
it is possible to eliminate the central storage of much of the information
and still keep most of the advantages for the users such as customization.
Enforcing such elimination can be executed by technological design alone or
in combination with a minimized legislation. The point is that a
distributed architecture for profiles allows privacy protection based on
limiting the ability to have central storages of information by
technological, normative or legal means.

-- Terje <[email protected]>
<URL:http://www.ifi.uio.no/~terjen/>