Definition
The definition should be a fairly obvious one - you only have the right to revoke information you have published, anything more would be copyright or libel enforcement via the backdoor.
Privacy campaigners have long advocated that we should own our data, and we should be able to do what we like with it. So why has an attempt to put this into law caused a minor panic? A Michigan Senator has introduced a Bill giving individuals the right to request the removal of personal data from websites. Last week, Facebook …
Surely one could phrase the law such that it is the author's responsibility to respect the privacy of others. If I give personal information to a third party under an assumption of privacy, and they publish it on Facebook, I'll be pissed off with the third party, not Facebook. However, if Facebook publish stuff that I've previously given to them under assumptions of privacy, that's different.
Quite separate is the question of what to do once the information has been published. However, the law usually takes the position that if you weren't allowed to publish it in the first place then others aren't allowed to publish it after you do. It's a bit like handling stolen goods.
Every time I hear Google's "Don't be evil", I think of the Martians in the film Mars Attacks shouting "We come in peace!" as they engage in wholesale slaughter. An absurd correlation to an absurd movie, but "Don't be evil" is an absurd slogan for a company.
Facebook is at least as pernicious as it evolved from a couple dozen universities to the monstrosity it is today. People fail to realise that Google's and Facebook's customers are the advertisers, and the users are in fact the product they sell.
"People fail to realise that Google's and Facebook's customers are the advertisers, and the users are in fact the product they sell."
True 'nuf, as it goes, but OTOH you can't run a Facebook for nothing, and users disdain to pay for such stuff with anything so vulgar as actual money.
As a result, what they end up paying with is their personal data, an aggregation of which can be swapped for money.
In this sense, the personal data you give is the currency with which you pay for your 'free' stuff. If people didn't expect to get everything for free and everyone was prepared to pony up some actual currency to the likes of Facebook, they wouldn't need to be hawking your social graph out the back door in order to pay for their air conditioning.
"A bigger problem, surely, is that personal information is so weakly defined in HR 5108 that it would be used to censor reporting.
"European privacy legislation is already used in this way: it's had a chilling effect as celebrities use it to keep even established, previously reported facts from being reprinted."
I disagree. There needs to be a public interest defence that allows reporting of certain "private" information (e.g. the sort of things that British MPs had been purchasing out of their expenses). However, I am sick, disgusted and aggressively disinterested in the prurient bile published as "news" by the likes of The Sun and The Star here in the UK. If celebrity A sleeps with B, it's between them and their loved ones. I don't want to know.
I'd like to own all my data. Yes I do. But I care much more about not needing to give out any personal information in the first place than trying to get it back after I had to give it out for some reason. Most reasons are fairly senseless, attempts to ``pin someone down'' often for very little reason at all, and for the cases where there is a reasonable reason, we need to try and find ID technology that does what is wanted (say, enable tracking down a loan defaulter) without having to give out the information ``just in case''. If that sounds ludicrous, it's because we don't have the infrastructure that can do that, yet. But we need it, and the need will get worse, if we don't want to end up in a continuous surveilance state, commercial, quango-run, or both. Because just like large amounts of money, heaps of info tend to converge and become more.
So no, this law isn't going to help anybody much but it'll create a lot of hassle nonetheless. But at least somebody, somewhere, is thinking about privacy, if in the wrong way, from the wrong angle, and coming up with the wrong fix. What else is new?
Here's the thing, when it comes to reporting the traditional indignant yarn spun is that "the public has a right to know". Too often the system lets that slide and never actually asks the question, what does the public have a right to know? Clearly there are bounds and like any right they stop when they interfere with rights of another. Does the public have a _right_ to know how many squares I use to wipe my arse? No. If someone posts that I use 3.16228 squares after steak and 3.46410 squares after a Jalfrezi, so long as they aren't asking me to wait while they get the count right, who cares?
I guess in the end it comes down to a reasonable expectation of privacy and you certainly have every right to rescind any posts you make. The sticking point with Facebook et al. is all in the expectation and Facebooks constant changing of the rules. In the long run it probably won't matter and Facebook will either get their act together or change into Fadebook as users expectations go elsewhere.
I think of "social networking" the same way I think of "social disease", and take steps to protect myself from the likes of !GooMyFaceYouTwit.
Start with a basic firewall (your DSL modem will work in a pinch), dump Windows for a Mac or Linux/BSD system, religiously keep your system(s) patched, and throw in a few tools like AdBlockPlus, FlashBlock, NoScript and BetterPrivacy. Perfect? No, probably not ... but you'll be a hell of a lot less likely to have your identity pinched than your friends, family & neighbors.
Privacy starts at home. Educate yourself. Learn why you have drapes allowing you to see out whenever you like, but still block the outside world from seeing in.
I think this policy should apply to the major credit reporting bureaus and other companies internal databases. Its MY name and address, you have no right to buy, sell or trade it. If companies were required to pay residuals every time they bought, sold or traded personal information the data mining companies would be out of business over night.
Absolutely yes, but I'm betting it will never happen. The default should be "Possession is 9 points of the law" and they should be required to store our personal data on our OWN storage (of course with checksums to prevent tampering), and they (even including the guys with silent black helicopters) should be required to ask nicely whenever they want to see or use our personal data--and say WHY.
Good luck, Mr Phelps.
People should expect none, unless they are dealing with an organisation which has an expectation of trust, e.g. government, hospital, bank.
If you supply your private information to anyone who asks for it, then it won't be private for very long.
If you told MyTweetFace what you look like, where you live and what your sexual perversions are, then don't be surprised when they either sell or publish that information.
The Web commercial imperative requires that companies harvest saleable information and sell it. Peoples personal is harvestable and saleable. However, there is a whole set of additional and inferrable data to be derived. Protecting 'personal' data is a first step.
However, in the uncompetitive world that is the WWW if you want to make use of a service then it is almost inevitable that you must give over personal data - or you don't get the service. The T&C will allow the supplier certain use rights within the law. How much would HR 5108 do about the 'inferrable data' which is just as saleable?
The only defenses for those interested in privacy are not to use the web services, use "paid for" services that give you control over "your data" or become sufficiently web savvy to recognise the risks. Otherwise, put up with it or back legislation to punish the worst excesses of the unconvicted.
When you have governments & commerce throwing personal data around like confetti one can easily become de-moralized and say FIA.