From: Jeremy Robinson <jpr2108@columbia.edu>
  To  : <cpc@emoglen.law.columbia.edu>
  Date: Mon, 21 Feb 2005 07:29:48 -0500

Re: private versus government data collection

HIPPA is a good start, but it applies only to health information.

A more thorough approach to the protection of privacy is provided by the 
comprehensive data protection laws that have been enacted in countries such 
as Canada, Australia, India and the states of the European Union.  They are 
similar to HIPPA, but much broader in scope and application.

These laws regulate the collection, use and disclosure of personal 
information (defined broadly as any information that allows an individual 
to be identified) in the hands of the private sector.

Generally speaking, the core requirement is that an individual's prior 
knowledge and consent are required for the collection, use or disclosure of 
personal information.

The government can still get at the personal information once it has been 
collected by business (i.e., most of the laws contain, among other things, 
exemptions to the consent requirement for disclosure if it is required by 
law).

Nonetheless, the advantage is that the individual knows what info about him 
or her is out there, has at least consented to its collection, use and 
disclosure and, again generally speaking, can ask to have it deleted from 
at least the data banks of the corporations.

Here is a link to the unofficial version of the Canadian legislation 
(PIPEDA):

<http://www.privcom.gc.ca/legislation/02_06_01_01_e.asp>;

Here is a link to the unofficial version of the EU data protection law 
(Directive 95/94/EC):

<http://aspe.os.dhhs.gov/datacncl/eudirect.htm>;

-Jeremy

--On February 21, 2005 2:15 AM -0500 Jonah Bossewitch <jb2410@columbia.edu> 
wrote:

>
> Hi,
>
> For certain there is no easy way to tease apart the govt vs corporate
> forces.  I think the disneyworld marketing example and the thought police
> beating down the door grossly trivializes the issues.  With the merger
> between media, coperations, and government the threat is real and not
> paranoid or delusional.
>
> This kind if information will no doubt be used to perpetuate and worsen
> the current division of labor in society - helping the rich get richer
> and the poor get poorer.  Mortgage approvals, health care coverage,
> school admissions, and all sorts of other "privileges" we can't yet
> imagine living with or without - are all under the province of
> corporations with access to these data warehouses.
>
> I am wondering if we could talk a little bit about the HIPPA act, and
> whether this could possibly be used as a legislative model for privacy
> protection, or critique it where it falls short:
> http://www.hhs.gov/ocr/hipaa/
>
> /Jonah
>
>
> ----- Original Message ----- From: "Steve McBride" <spm2101@columbia.edu>
> To: <cpc@emoglen.law.columbia.edu>
> Sent: Sunday, February 20, 2005 3:08 PM
> Subject: Re: private versus government data collection
>
>
>>
>> I agree with you Alex.  The line between corporations and government
>> gets  a bit hazy--it looks like a case of one hand washing the other.
>> Lack of  any effective enforcement measures against misuse of
>> information is what  scares me the most.  That leads back to the
>> government as the problem, but  it also points out that there are just
>> not enough people that care about  this behavior to oppose the lobbying
>> power of the data mining companies  and law enforcement.  It looks like
>> until the misuse of this data causes a  huge scandal, the public won't
>> care enough to force change.
>>
>> Steve
>>
>> --On Sunday, February 20, 2005 11:20 AM -0500 ar2308@columbia.edu wrote:
>>
>>>
>>> I would say this an oversimplification of things, and more importantly
>>> the issue is not only the use that the government can make of the all of
>>> this information but also the misuse and defective protection of the
>>> private data by private individuals. added to that is the use that
>>> others can make of the data that readily available for stealing and for
>>> which there is not penalty under American privacy laws, which only bind
>>> the government -excerpt maybe for the fair credit reporting act.
>>>
>>> So its not really either or, and its not what is worse, its the combined
>>> effect of it all.
>>>
>>> Alex
>>>
>>> --On Sunday, February 20, 2005 9:15 AM -0500 Camden Hutchison
>>> <crh2014@columbia.edu> wrote:
>>>
>>>>
>>>> The impression I am getting from reading Robert O?Harrow, Jr.?s book
>>>> is that new data collection technologies raise two distinct social
>>>> issues.  One is that private businesses now have easy access to
>>>> detailed personal information about us.  The other is that the
>>>> federal government increasingly also has access to detailed
>>>> personal information about us.
>>>>
>>>> I am curious as to which of these two issues other students feel is
>>>> the core problem we should be addressing in the class.  My own
>>>> feeling is that government use of our personal information (at
>>>> least when it is being used for national security purposes) is far
>>>> more worrisome than private use of that information.  Like Eben
>>>> said in class, the worst that marketers can do is try to convince
>>>> us to go to Disneyworld.  The government can send men with guns to
>>>> our homes.
>>>>
>>>> -Camden
>>>>
>>>> -----------------------------------------------------------------
>>>> Computers, Privacy, and the Constitution mailing list
>>>>
>>>
>>>
>>>
>>>
>>>
>>> -----------------------------------------------------------------
>>> Computers, Privacy, and the Constitution mailing list
>>>
>>
>>
>>
>>
>>
>> -----------------------------------------------------------------
>> Computers, Privacy, and the Constitution mailing list
>>
>
>
> -----------------------------------------------------------------
> Computers, Privacy, and the Constitution mailing list





-----------------------------------------------------------------
Computers, Privacy, and the Constitution mailing list