On Wed, 14 Feb 1996, Timothy C. May wrote:
(Tim Philp's idea that this would only apply to "corporations" or "businesses" (not clear which he means) misses the point. Am I, for example, a business? Having such laws kick in at some well-defined threshold would simply shift the nature of the information-gatherers...for example, they's subcontract out the record-keeping to a raft of smaller, linked entities. Then you'd have to prosecute people and companies for accessing illegal data banks, etc.)
I think that the reason that this was not clear was because it was not central to my argument. I was not "really" suggesting that only corporations be included by this law. I do realise what a corporation is and that some very small entities can be a corporation. What my central thesis was that people who take information from me for one purpose, ie health care, hydro, internet provision, etc, should be required to keep this information confidential. If I detect a violation of this confidentiality, I should have an expectation of some legal recourse. If I apply for a credit card and use it to buy a hockey glove (how Canadian eh) I should not expect to be on the mailing list of every sporting goods operation in North America! I should be able to expect that my doctor's files on me will be kept confidential. This is certainly an area where you cannot provide false information as medical records must be accurate to provide for future care. Again, I am not suggesting prior restraint. I simply want to sue the bastards who violated my expectation of privacy. Warm Regards, Tim Philp