On Thu, Aug 16, 2001 at 10:46:50PM -0700, Henning Schulzrinne wrote:
> - In PSTN emergency call services, callers know (or should know) that
> dialing 911 or 112 or whatever means that they agree and consent to have
> their calling number and possibly their location revealed to the public
> safety answering point (or the equivalent in other countries).
Could you justify this? If I call 911 from a cell phone today, I do
not expect that my location will be revealed. In fact, I recall a few
years back a very famous case in Boston where a fellow called 911,
passed out, and then nearly died because they couldn't locate him in
time. So, I don't agree that you have informed consent or legitemate
expectation that my location will be revealed, or that I know what the
information will be used for.
For example, does your implied consent extend to implied consent to a
statistical study of from where 911 calls are made? Does it imply
consent to my name being in the court records as the one who made the
call?
> This is thus implied voluntary disclosure, not fundamentally different
> than, say, including your address to your email signature. I'd be
> curious where the law is different in this respect. After all, in almost
> all cases the caller would want to make sure that the location is
> reported accurately, even when the caller is confused, unable to speak
> or in a friend's house without precise knowledge of the current address.
> If you don't like the policy, call the regular police or fire department
> number - thus, this gives you "privacy management".
I don't understand the term "implied voluntary disclosure." It is
either voluntary, in which case I should have a chance to make a
different decision, or it is not, in which case I can't. I think in
the US, it is not voluntary, but it would be a serious mistake to
build US law into code that runs in other countries.
> As far as the working group is concerned, my primary issue is that there
> a circumstances where voluntary disclosure of location information is
> common, either explicitly (e.g., by configuring some piece of software
> to send a header or include an email signature) or implicitly (by
> calling a certain number). I would be curious what kind of 'privacy
> management' people have in mind for these cases. Clearly, it is useful
I think that the privacy requirements here are that either the
information is used only for the immediate purpose (what the EU DPD
calls "necessary for the performance of a contract...protect the vital
interests of the data subject" (article 7), or that there are ways in
which the fair information practices are respected as the data flows.
Adam
-- "It is seldom that liberty of any kind is lost all at once." -HumeReceived on Fri Aug 17 12:19:42 2001
This archive was generated by hypermail 2.1.8 : Thu Jan 22 2004 - 12:32:22 EST