Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

WORTH READING CMU Privacy-Enhanced Search Engine Study

From: "David Farber" <dave () farber net>
Date: Wed, 19 Dec 2007 18:28:46 -0500
 

 

From: Mary Shaw [mailto:mary.shaw () gmail com] 
Sent: Wednesday, December 19, 2007 12:48 PM
To: dave () farber net
Subject: Re: [IP] Re: WORTH READING CMU Privacy-Enhanced Search Engine Study

 

Dave,

You can think of the privacy problem as having two parts: for an end user to
understand what a company is promising and to find out whether the company
is keeping those promises.

Seth seems to be suggesting either that the former is solved and only the
latter matters or that it doesn't make sense to work on the former without
also solving the latter. 

Seems to me that both are real problems: United Airlines might have made
clear unambiguous statement about their privacy commitments, but most
corporate policies are at lease obscure, often unclear and ambiguous.  Do
end users really understand what is implied by the usual bit about releasing
your information to the company's business partners in order to do whatever
it is the company is doing with the business partner? 

Mary Shaw



On Dec 18, 2007 7:56 AM, David Farber <dave () farber net> wrote:


________________________________________
From: Seth [sethb () panix com]
Sent: Monday, December 17, 2007 6:43 PM
To: David Farber
Subject: Re: [IP] Re:  WORTH READING  CMU Privacy-Enhanced Search Engine
Study 

Edward Almasy <ealmasy () axisdata com> wrote:

On Dec 17, 2007, at 1:30 PM, Seth wrote:

Rigo Wenning <rigo () w3 org > wrote:

Now once the site published the P3P Policy, it is bound by it.


What does that mean?


It means that they have made a clear, unambiguous statement about
what they are doing about privacy, via an established common
channel.


United Airlines has made clear, unambiguous statements that they
didn't leak my email addresses to spammers.  They were _false_, clear, 
unambiguous statements.  That's why I'm questioning the value of just
reporting in some other format what a site claims.


While very few people will make direct use of raw P3P information,
having a well-defined and unambiguous format will allow developers 
to implement tools to translate privacy information into plain
english and provide end-user-level tools routinely accessible to
mere mortals.


Will they provide tools to prevent a company from lying? 


The clarity that P3P may help bring to the table is (IMHO) far more
important than immediate considerations over whether sites will
adhere to their published policies.  Once we have the lever that 
that clarity may help provide, enforcing adherence will become much
easier.


There's a lot of clarity about spam now.  Adherence to anti-spam
policies isn't very good.

Seth

-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com

 

-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: