Of course, nothing can stop Amazon from entering your credit card data and/or address into another program. They need to see this data in order to perform their normal business functions, and anyone can read it off the screen and type it into another computer. But the point is, they can't do it to the entire database. Amazon has millions
This is naive approach. Even if we assume that amazon would in *fact* agree to this mechanized enforcement of corporate policies, and that tcpa owners/creators are not colluding (open source doesn't mean shit - check the history of pgp vulnerabilities) and that policies are foolproof (think "bug-free software") and that amazon is not running SSL proxies in front of its servers on separate machines (as they probably do now so it's sniffable plaintext inside) and that there will never be a tap on data/address bus (or is tcpa protecting the whole RAM somehow ?) and that no one will offer $10000 off-the-screen reading OCR software with attached device that emulates fingers on the keyboard and reads the entire database in a week (rent-a-tap ?), even if we assume all that, a dream where the server *becomes the business* ("amazon" is someone who buys the domain name and the server), how do you imagine to convey the advantage of all this to the unwashed masses ? It is much cheaper and equally effective to run advertizing campaign that claims that data is secure than to actually implement it in some technological way which no one can understand. The first time a braindead exec of e-tailer introduces tcpa/drm the competition will come up with "tcpa plus" or "ypzd secure" that will sound and feel much more secure and yet let them sell lists and beat the competition. It works - most americans believe in magic properties of the greek word "democracy". The technology, once outside of comprehension of your average sheep, is irrelevant. It's waste of money.
Note that, as with the earlier DRM analysis, the TCPA in this example exists to help Amazon prove to people that they are behaving honestly.
This proof would require understanding of what tcpa is. All people who do actually understand that can protect their privacy just fine today without any additional tcpa needed. I'm starting to believe that there is some truth in stereotyping of engineers as total incompetents in bipedal interactions. ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com