At 02:16 AM 9/21/2002 -0700, Blanc wrote:
But researchers at IBM think they have the solution. They have developed an ingenious method to protect our privacy, while still giving companies the information they crave.
That doesn't sound like a solution to me - they haven't provided anything to motivate people to answer honestly, nor do they address the basic problem, which is relying on the good will and good behavior of the marketers - if a website visitor is unwilling to trust a privacy policy which says "We'll never use this data to annoy or harm you", they're likely to be unimpressed with a privacy policy which says "We'll use fancy math tricks to hide the information you give us from ourselves." That's not going to change unless they move the randomizing behavior off of the marketer's machine and onto the visitor's machine, allowing the visitor to observe and verify the correct operation of the privacy technology .. which is about as likely as a real audit of security-sensitive source code, where that likelihood is tiny now and shrinking rapidly the closer we get to the TCPA/Palladium nirvana. So, no, fancy tricks won't solve the basic problem, which is that once you give information to other people, you've got no control over what they do with it. -- Greg Broiles -- gbroiles@parrhesia.com -- PGP 0x26E4488c or 0x94245961