Hi Adam,
> I think that opt-in vs. opt-out is an oversimplified model of the
> privacy issues that we face. I would strongly prefer that we try to
> ensure that the requirements encompass or address some instance of the
> fair information practices (notice, consent, limits on collection and
> use, quality requirements, security, openness, accountability.) Some
> of these (accountability) are hard to meaningfully encode, although
> p3p may offer ways to encode the idea of "go here to ask questions or
> raise complaints."
>
> The notice and consent practices mean that we're looking at something
> like opt-in, but even opt-in means "ok, here's my data, have fun."
> We can do better.
I agree that opt-in vs. opt-out is a simplification - I just wanted to
get a feel from the group what we are looking at. I wanted to define a
a starting point.
My feeling is, the model should be opt-in to start with, then we should
build on top of this.
Thanks,
John L.
Received on Thu Aug 30 11:28:49 2001
This archive was generated by hypermail 2.1.8 : Thu Jan 22 2004 - 12:32:22 EST