|
PRIVACY Forum Archive Document
|
PRIVACY Forum Digest Thursday, 13 January 2000 Volume 09 : Issue 05
(http://www.vortex.com/privacy/priv.09.05)
Moderated by Lauren Weinstein (lauren@vortex.com)
Vortex Technology, Woodland Hills, CA, U.S.A.
http://www.vortex.com
===== PRIVACY FORUM =====
-------------------------------------------------------------------
The PRIVACY Forum is supported in part by
the ACM (Association for Computing Machinery)
Committee on Computers and Public Policy,
Cable & Wireless USA, Cisco Systems, Inc.,
and Telos Systems.
- - -
These organizations do not operate or control the
PRIVACY Forum in any manner, and their support does not
imply agreement on their part with nor responsibility
for any materials posted on or related to the PRIVACY Forum.
-------------------------------------------------------------------
CONTENTS
Direct Marketing Association's "Spam Solution"--Useless, or Worse!
(Lauren Weinstein; PRIVACY Forum Moderator)
Supreme Court Rules Unanimously For Driver's License Privacy
(Lauren Weinstein; PRIVACY Forum Moderator)
Re: Web Tracking and Data Matching Hit the Campaign Trail
(Aahz Maruch)
*** Please include a RELEVANT "Subject:" line on all submissions! ***
*** Submissions without them may be ignored! ***
-----------------------------------------------------------------------------
The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond. The
moderator will choose submissions for inclusion based on their relevance and
content. Submissions will not be routinely acknowledged.
All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored. Excessive "signatures" on submissions are
subject to editing. Subscriptions are via an automatic list server system;
for subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com". Mailing list problems should be reported to
"list-maint@vortex.com".
All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations.
The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp ftp.vortex.com",
in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password. The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access. PRIVACY Forum materials may also be obtained automatically via
e-mail through the list server system. Please follow the instructions above
for getting the list server "help" information, which includes details
regarding the "index" and "get" list server commands, which are used to access
the PRIVACY Forum archive.
All PRIVACY Forum materials are available through the Internet Gopher system
via a gopher server on site "gopher.vortex.com/". Access to PRIVACY Forum
materials is also available through the Internet World Wide Web (WWW) via
the Vortex Technology WWW server at the URL: "http://www.vortex.com";
full keyword searching of all PRIVACY Forum files is available via
WWW access.
-----------------------------------------------------------------------------
VOLUME 09, ISSUE 05
Quote for the day:
"Machines don't fix themselves!"
-- Spoor (Bob Hoskins)
"Brazil" (Universal; 1985)
----------------------------------------------------------------------
Date: Wed, 12 Jan 2000 22:37 PST
From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Direct Marketing Association's "Spam Solution"--Useless, or Worse!
Greetings. The Direct Marketing Association (DMA), which has long championed
the notion that self-regulation and "opt-out" programs are the main
solutions to consumer privacy concerns and commercial information gathering,
have just announced their idea of a major step towards cutting back on
unsolicited e-mail spam--their "e-Mail Preference Service"
(http://www.e-mps.org). This site allows users to provide the DMA with
their e-mail address, which DMA says will then be used to purge DMA member
organizations' e-mail mailing lists of those addresses (unless you already
have an existing online business relationship with a member firm, it
seems...) This preference must be renewed at intervals or it will expire.
The reasons why this whole thing is a bad idea are almost too numerous to
list, but let's briefly look at a few of them, shall we?
-- The concept puts the burden on individuals to "opt-out" of receiving
unwanted materials filling their e-mailboxes. Why doesn't the DMA
support "opt-in" programs instead, where users would affirmatively
indicate that they want to receive particular materials? I think we
all know why--most people don't want to see the kind of garbage that
shows up as spam, and the opt-in rate would probably be pretty
darn low...
-- The DMA has a long-standing similar opt-out list for physical mail
advertising. If you've signed up for it in the past, did you notice a
significant decrease in the junk, er, I mean unsolicited mail you
received? No?
The reason the physical mail opt-out list doesn't have much impact for
the average individual is that so much junk mail is generated from
organizations who are not members of the DMA. This is but one fallacy
of many self-regulation proponents' arguments. Self-regulation only
impacts those who choose to play by those guidelines, for everyone
else it's open season.
In the case of spam, the impact of such an opt-out list is likely to be
even less. Most reputable firms and organizations already know (or learn
very quickly!) that sending out unsolicited e-mail spam is one of the
surest ways to create upset or angry recipients, who consider spam an
invasion of their privacy and a waste of their resources. Sending spam
is also a sure-fire method to get any associated sites onto the various
public spam e-mail block lists, which are referenced by vast numbers of
ISPs and individual servers to determine which e-mails they are willing to
accept. No legitimate organization or firm wants to be on those block
lists. (By the way, my own public e-mail block list is always available
via the link at http://www.vortex.com.)
So, most large, established firms, the very ones most likely to be DMA
members, already know better than to send out spam.
You know where this is going... A very large percentage of spam, often
sent through hijacked open e-mail relay servers, promotes illicit pyramid
schemes, multi-level marketing frauds, hardcore pornography, and other
similar "products"--from the sorts of folks who are the least likely to
be DMA members or have any desire to purge addresses that are on the
DMA's list. But they might still have an underhanded use for the DMA's
service! See the next item...
-- For $100/year, the DMA will let non-members upload their e-mail mailing
lists, after which the lists will be returned to them "cleansed" of
addresses on the opt-out list (the actual DMA opt-out list itself is not
made available). Unscrupulous spammers (are there really other kinds?)
could use such a procedure to determine which addresses on their
original lists are likely to be valid. If an address is purged from
the returned list by the DMA processing, that means it existed on the
DMA opt-out list. By feeding vast quantities of addresses through this
system, spammers could end up with "higher quality" spam lists to use for
mailings and to sell to other spammers. Oh boy! The DMA opt-out list
usage agreement would seem to prohibit such a use. Will most spammers
care about that prohibition? Unlikely.
-- The very existence of such an opt-out list could have the effect of
"legitimizing" spam to many observers. "After all, if an address isn't on
the DMA spam opt-out list," they might think, "it must mean that they
want to receive spam!" Right? So by that sort of twisted logic, it's
OK to send them as much garbage as the machines can generate, since
they're not on the list.
But as I've noted, being on the list carries risks as well, and is
unlikely to accomplish much beyond advancing the DMA's public relations
agenda.
Overall, the whole concept seems to be misguided at best. I'd urge
individuals to think very carefully about whether they really want to add
their e-mail addresses to the DMA's opt-out list database. By participating
in the expansion of the list, you're likely to be contributing to the DMA's
"self-regulation" and "opt-out" arguments, while spam will still be flowing
unabated and as disruptive as ever...
--Lauren--
lauren@vortex.com
Lauren Weinstein
Moderator, PRIVACY Forum - http://www.vortex.com
Co-Founder, PFIR: People For Internet Responsibility - http://www.pfir.org
Member, ACM Committee on Computers and Public Policy
------------------------------
Date: Wed, 12 Jan 2000 10:00 PST
From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Supreme Court Rules Unanimously For Driver's License Privacy
Greetings. How about a bit of good news for a change? The U.S. Supreme
Court has ruled unanimously for the validity of the federal 1994 Driver's
Privacy Protection Act, which bars the release of personal data from
driver's licenses except to law enforcement, government agencies, private
investigators, and the like. While the potential for abuse of such data
still exists (particularly within the broad scope of "private investigator"),
the act was designed to stop the practice in the majority of states of
releasing and/or selling driver's license data such as names, photos, social
security numbers, and other related information.
South Carolina had challenged the law, claiming it was an unreasonable
intrusion into states' rights. An appeals court decision in 1998 had
blocked the law's enforcement in a number of states. With the Supreme Court
decision, the way is now clear for the law to take effect throughout the
country.
Unfortunately, there's no obvious way to recall all of the data already
released from licenses over the years, that already fill a wide variety of
commercial databases...
--Lauren--
lauren@vortex.com
Lauren Weinstein
Moderator, PRIVACY Forum - http://www.vortex.com
Co-Founder, PFIR: People For Internet Responsibility - http://www.pfir.org
Member, ACM Committee on Computers and Public Policy
------------------------------
Date: Sun, 9 Jan 2000 07:37:35 -0800 (PST)
From: Aahz Maruch <aahz@netcom.com>
Subject: Re: Web Tracking and Data Matching Hit the Campaign Trail
I'm responding to the message by Oleg Gurvits in PRIVACY V08 #24:
What concerns me (and I think this concern is shared by most PRIVACY
readers, based on the messages I've seen over the years) isn't so much
the targeted marketing to interested people but the potential following
consequences implied by the necessary gathering of data to support that
marketing, some of which have already been seen in the past and can be
taken to new lows with more sophisticated targeting techniques.
For a useful fictional example, see the recent movie _Gattaca_, where
the job interview consists solely of a DNA test.
In other words, I think that there's a valid concern that various types
of "red-lining" (*) are likely to be applied inappropriately. There's
also the separate concern about choice; in the past we have each had the
choice of how much privacy we'd prefer (i.e., the default was privacy
but anyone could choose to live their life in public), but that choice is
now being taken away from us.
On the one hand, I feel somewhat helpless against the continual tide of
eroding privacy and agree that barking about every individual case does
little good. OTOH, I think that only by continually publicizing the
problem do we have any chance to correct it.
(*) For readers who may be unfamiliar with the term, "red-lining"
refers to the practice of discriminating against people solely by
geographic location (i.e. using ZIP code to mark poor, urban locations),
denying (usually) mortgages and insurance to people who would otherwise
qualify.
------------------------------
End of PRIVACY Forum Digest 09.05
************************
Copyright © 2005 Vortex Technology. All Rights Reserved.