Interesting People mailing list archives
WORTH READING CMU Privacy-Enhanced Search Engine Study
From: "David Farber" <dave () farber net>
Date: Wed, 19 Dec 2007 18:28:46 -0500
From: Mary Shaw [mailto:mary.shaw () gmail com] Sent: Wednesday, December 19, 2007 12:48 PM To: dave () farber net Subject: Re: [IP] Re: WORTH READING CMU Privacy-Enhanced Search Engine Study Dave, You can think of the privacy problem as having two parts: for an end user to understand what a company is promising and to find out whether the company is keeping those promises. Seth seems to be suggesting either that the former is solved and only the latter matters or that it doesn't make sense to work on the former without also solving the latter. Seems to me that both are real problems: United Airlines might have made clear unambiguous statement about their privacy commitments, but most corporate policies are at lease obscure, often unclear and ambiguous. Do end users really understand what is implied by the usual bit about releasing your information to the company's business partners in order to do whatever it is the company is doing with the business partner? Mary Shaw On Dec 18, 2007 7:56 AM, David Farber <dave () farber net> wrote: ________________________________________ From: Seth [sethb () panix com] Sent: Monday, December 17, 2007 6:43 PM To: David Farber Subject: Re: [IP] Re: WORTH READING CMU Privacy-Enhanced Search Engine Study Edward Almasy <ealmasy () axisdata com> wrote:
On Dec 17, 2007, at 1:30 PM, Seth wrote:Rigo Wenning <rigo () w3 org > wrote:Now once the site published the P3P Policy, it is bound by it.What does that mean?It means that they have made a clear, unambiguous statement about what they are doing about privacy, via an established common channel.
United Airlines has made clear, unambiguous statements that they didn't leak my email addresses to spammers. They were _false_, clear, unambiguous statements. That's why I'm questioning the value of just reporting in some other format what a site claims.
While very few people will make direct use of raw P3P information, having a well-defined and unambiguous format will allow developers to implement tools to translate privacy information into plain english and provide end-user-level tools routinely accessible to mere mortals.
Will they provide tools to prevent a company from lying?
The clarity that P3P may help bring to the table is (IMHO) far more important than immediate considerations over whether sites will adhere to their published policies. Once we have the lever that that clarity may help provide, enforcing adherence will become much easier.
There's a lot of clarity about spam now. Adherence to anti-spam policies isn't very good. Seth ------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com ------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- WORTH READING CMU Privacy-Enhanced Search Engine Study David Farber (Dec 19)
- <Possible follow-ups>
- Re: WORTH READING CMU Privacy-Enhanced Search Engine Study David Farber (Dec 19)
- Re: WORTH READING CMU Privacy-Enhanced Search Engine Study David Farber (Dec 21)