Hello Paul,
> The assumption here doesn't work
I'm not sure which assumption ... and actually, I still would assert that the model that I have come up with can address your requirements as well ... ;-)
> Once you give somebody your social security number, you have given
> them your social security number. It doesn't matter what happens
> after that, the information is out there.
Exactly! We are in complete agreement here ...
> Similarly with any other information.
Yep ... complete agreement!
> Therefore any systems of voluntary based disclosure will not work.
Will not work for what purposes? You *do* outline a couple of specific purposes below, but there are many more ways in which our personal information is used and exchanged.
> The problem isn't how we share information, it is how we protect
> our digital identities from abuse.
Agreed ... but I see it as both problems needing to be addressed. The automated processes which ensure that those who need things can get them, and those who don't ... don't. ;-)
> If I go to Expedia.com today, guess what, it knows me by name and
> greets me by name!. Moreover everytime I do anything on the NET my
> info is being grabbed. Just watch those cookies from
> doubleclick.com. They recently had to make mea culpa privacy
> declarations for following you all over the net! and getting sued
> for it. Theree cheers for the people suing them.
Yep ... this can actually be looked at as several parties who were involved in this "invasion" of privacy. I'm surprised that the browser vendors don't catch more flack for not educating the end-user about what cookies are being used for, and for not making the *default* of the browser to reject them!
> I think any of these schemes that seem to imply you will be in
> charge of disclosing your information are total fantasy.
To each his own ... my model is based on extending and enhancing the way that we work today, and applying technology to optimize and automate the process.
> Moreover we don't want some kind of free market system of my
> daughter for your stock picks exchange of info, we want important
> information protected from abuse.
Hmmm ... I have to think about the daughter part ... you lost me.
But as for the protection from abuse, I agree completely ... and that it what the process is designed to provide ...
> We want a digital identity that cannot be compromised and that sits
> in a digital identity vault. You don't exchange it.
Hmmm ... sounds really good. But who owns the vault?
You see, as soon as I have put my most personal information into a (supposedly) secure "vault" that is owned and operated by someone else ... well, there you have it ... I just made my personal information (potentially) public. And if they have the ability to read the values to verify information, etc. then I'm even worse off ... because that means that entity has the "keys" to all my personal information. Who is it that you are going to trust like this?
> It should not be necessary to give people all the info being
> currently requested in order to make a commercial transaction on
> the internet.
You are correct here! I believe that there are several methodologies that can be applied to provide better solutions than we have today ... much better solutions. I think that acting through a "community" is one very good solution that provides a good answer that is beneficial to both sides of transactions ... and is being researched and developed in many of the best Universities and labs around the world - Lucent, AT&T, etc. And even at commercial companies like ZeroKnowledge.
> Failure to protect this info soon will result in Congress passing
> legislation. I can assure you this is going to happen after just
> one attack on the financial system of this country by the hackers.
I do agree that many sites and companies are running as fast as they can to gather all the data they can, because the game is going to end for them before long ... both legally and technologically ... ;-)
Scott C. Lemon |
