-----BEGIN PGP SIGNED MESSAGE----- Hi, Duncan Frissell wrote:

At 08:25 AM 2/5/96 -0500, Frank Willoughby wrote:

...

If the Privacy Act were rewritten to be as strict as the BDSG, businesses would have a (mandatory) legal requirement to:

[...] Unfortunately, it would also:

* Require government registration of computers and databases containing information about people (whether these computers are used by business or individuals). This eases regulation of computers and future confiscation.

This is not true. Individuals are not required to register anything, the BDSG simply does not apply do them (see. Par. 1 Section (2) ). Businesses are required to register (besides their address and the kind of business they do) a person who is responsible for any personal information they want to keep and a general description of the kind of data they intend to keep (see Par. 32 Sect. (2) ). Computers are hardly mentioned anywhere in the BDSG, in fact, most of it applies to any method of processing personal information. It doesn't matter if a business keeps data printed on paper or stored in a computer.

* Reduce market efficiency by making it harder to match buyers and sellers (because neither could easily find out about he other) thus causing higher prices and poorer people.

Oh well. In the past buyers and sellers have always found each other without keeping large databases. Most buyers are quite capable of finding appropriate sellers (that's what advertisement and commercials are good for). The goal of the BDSG is to give the individual control of information kept about him. An example: The Deutsche Bundesbahn issues so-called 'BahnCards'. If you buy a BahnCard you can use the Bundesbahn-trains for half the normal price. Until a couple of months ago, the Bundesbahn gave all the information they got from their BahnCard customers to the Citybank AG. The Citybank AG sent their junkmail to all Bahncard customers and tried to make them get a credit-card. This was in violation of the BDSG. And I still know where to get a credit-card if I want one.

* Do nothing to protect personal information from the government which would get to collect more of it than ever in the course of enforcing data protection laws.

Oh yes it does. The same rules (or even stricter ones) that apply to businesses apply to all government organizations. If any government organization (even the police) violates the BDSG you have the right to file a lawsuit against the organization (or the individual who violated your rights).

If you don't want people to know things about you, don't tell them.

You sometimes have no choice. Those of you capable of understanding german might take a look at http://www.fh-ulm.de/bvd/gesetz.html Bye, Peter NB: I subscribe to this list through a digest only. Please CC: me on followups. - -- Peter Conrad | "They say time is the fire in which we burn." Am Heckenberg 1 | Dr. Soran, Star Trek - "Generations" 56727 Mayen Germany Email: p_conrad@informatik.uni-kl.de,conrad@unix-ag.uni-kl.de -----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQCVAgUBMRiPe7FFskV8RCVHAQEMwQP7B6/QSo0E8bAiPcusg9+Etzx+WdIi6nuP WVvnJ7RWrwoScnPkRJs7uaBfCpedFu3TZX7RyOm6bVAX4mwFe/dtqhBxcy8U3lQg fqa3WUAhyBNPcr6tF38sVocKs6hWRiw+KckzvnCx9grJpqVHz6kvimAcVOIg027O Zzk8jyopYDw= =PBa7 -----END PGP SIGNATURE-----