On Wed, 26 Jun 2002, Barney Wolff wrote:
Do you really mean that if I'm a business, you can force me to deal with you even though you refuse to supply your real name? Not acceptable.
I don't think that privacy (in the sense of having the right to keep private details of your life from being linked for use unauthorized by you) is ever going to happen if merchants have the right to demand true identities. As a merchant, you have the right to be paid and to be sure of your payment. I don't think you have the right to collect data that you can correlate with every public and business record in the universe and build a profile linked to my identity that says what brand of breakfast cereal I eat, how much a month I spend on sex toys, what kind of books I read, and whether I'm in trouble in divorce court. The problem is that there is no way to check what merchants do with the data once they've got it; customers are prevented from getting into the customer databases and finding out what a merchant's got on them. Merchants have no motive whatsoever to police or restrain their actions in invasion of privacy, and they have a financial motive to link data - so there is no reason to believe that DRM stuff on consumer machines is going to apply to their data handling in the least. I just don't see any possible application of DRM that merchants would allow that protects consumer privacy. So yeah, I think that the right to privacy implies the right to use a pseudonym. For any non-fraudulent purpose, including doing business with merchants who don't know it's a pseudonym. And I think that's a constitutional right, whether the merchants happen to like it or not, just like the right to eat in a restaurant even if the manager don't like colored folks, or picket outside a merchant's business on public property seeking redress of grievances, or tell the truth about a merchant even if it's not flattering to him, or otherwise exercising ordinary civil rights the merchant might prefer you didn't. You can't have privacy without the option of pseudonymity, any more than you can have bread without flour.
I won't give up the right NOT to do business with anonymous customers, or anyone else with whom I choose not to do business.
A few years ago merchants were equally adamant and believed equally in the rightness of maintaining their "right" to not do business with blacks, chicanos, irish, and women. It'll pass as people wake up and smell the coffee. Unfortunately that won't be until after at least a decade of really vicious abuses of private data by merchants who believe in their god-given right to snoop on their customers.
The point about DRM, if I understand it, is that you could disclose your information to me for certain purposes without my being able to make use of it in ways you have not agreed to. At least in theory. But this debate appears largely to ignore differences in the number of bits involved. To violate your privacy I can always take a picture of my screen with an old camera, or just read it into a tape-recorder. I can't do that effectively with your new DVD without significant loss of quality.
Understand that I don't really give a flying crap about the DVD player; if I want a nice movie, I'll get together with some buddies and make one. And I'll let anybody who wants to watch it download it. What I want is the right to prevent my customer records at the bookstore from being correlated with the customer records at my doctor, my dentist, my insurance agent, my therapist, my attorney, my grocery store, my pharmacist, the comics shop, the sex-toy shop, the car dealership, the art gallery, the stained-glass place, the computer store, the video-rental place, my favorite restaurants, and my travel agent, and sold as a nice totally invasive bundle back to the marketing databases of all of the above. This is not a question about "number of bits". I figure the database will have an efficient, no-nonsense representation of all of these things, and a photo of the screen, if it can be scanned back, is just as good as a binary copy. I don't see any way that DRM addresses the privacy concern of database linking. Especially since I expect database linking to be done using specialized software that doesn't have to get inspected by anybody with a motive to prevent it, on "professional" (Non-DRM) machines if necessary. Bear