BT 2006 trials of Phorm

Ian Batten ukcrypto at chiark.greenend.org.uk
Fri, 6 Jun 2008 15:25:57 +0100 

On 06 Jun 08, at 1503, Paul Vigay wrote:
>

Let's go for the devil's advocacy, shall we?


> [Snippety snip]
>
>> sure I can see what the problem would be.  Why do you think bank
>> statements are uniquely or, at least, obviously invasive?  What
>> information  is on them that is likely to cause a problem?
>
> OK, instead of bank statements, how about the results of that  
> embarrassing
> medical test you had last week.... ?

The vast majority of peoples' medical records aren't that  
interesting.  Hence the vanishing small number of people opting out of  
NHS records: they regard any slight increase in utility and being  
worth any large decrease in privacy.  There are, of course, people  
whose medical records _would_ cause them difficulty, and I have 93C3'd  
my records partly in solidarity with them.  But I would be totally  
unconcerned, at a personal level, about arbitrary read-only access to  
my medical records, and I bet you the same applies to a solid majority  
of the population.

>
> or your ISP sending email login details on a postcard?

That would be bad, but that's information with direct utility.  I  
don't care about your knowing the password to my IMAP account as a  
fact: what I care about is what happens when you use it.    Which is  
my point: people understand rapidly the consequences of data leakage  
when that data can be used to do them harm, but they don't understand  
the abstract concept of information which they can't see a direct  
damaging use for.

>
> or your gay/lesbian club membership details?

If you're a closeted gay but nonetheless join a club that sends out  
membership details, you should be more careful.  But again, my first  
point applies: that may affect `other people', but it doesn't affect  
me.  I can think of things I receive in the post which would be useful  
to people, and those I'd like to keep private; but most of it's stuff  
that has no practical value to harm me, and that's a harder case to  
make.

>
> or, to get back onto the bank account one, your bank card PIN on a  
> postcard?

See email login details.

>
>
> There are loads of cases there people want to keep personal  
> information
> private - and you shouldn't need to justify it to other people  
> either. The
> mere fact an individual wishes something to be private, should be  
> respected
> by others, without having to defend their choice.

I think you misunderstand my position.  I'm making the opposite  
argument: a lot of people _don't_ have a strong urge to keep this  
information private, so should they be allowed to trade that  
information for marginal benefits?

ian