[HCoop-Discuss] Draft data confidentiality policies

Nathan Kennedy ntk at hcoop.net
Thu Feb 14 01:47:50 EST 2008 

I am making a wiki page at http://wiki2.hcoop.net/DraftPrivacyPolicy to 
hold these policies, as there were a number of errors in my drafts that 
I hammered out and no doubt they will change more as time goes by; and 
to provide another place to organize commentary.
> About the ANTI-FISA:
> I agree with the sentiment, but I have a question:
> if the US gov passes laws that make it mandatory for us to comply with
> random investigations by random agencies, is there really anything we
> can do about it?
>   
That's really too vague of a question to answer.  In general there are 
procedures for investigations whether they are authorized on by an 
administrative or judicial tribunal, for various purposes.  There are 
many, many ways that the government can obtain any given piece of 
information, but when it comes to private data, it has to establish a 
reason for needing it, usually, probable cause that it is probative of 
some kind of illegality.  This kind of lawful investigation is not what 
I am objecting to.

The big issue with the FISA bill is not that it _requires_ any 
particular additional action by telecom companies to comply with these 
procedures, but it provides blanket immunity for telecom companies that 
ILLEGALLY disclose information to an agency of the USA federal 
government when it requests it without any legal authorization, and when 
doing so is contrary to laws governing use of this private data.  So 
that even if the government and the telecom company are both acting 
illegally, if this was an investigation illegally authorized by the 
executive branch of the government, the telecom company,

The point is that this bill is an assault on the rule of law, which is a 
basic pillar of democratic society.  The rule of law says that just 
because some agency of the government does something (in this case, the 
executive branch of federal government), doesn't mean it is legal, and 
conversely, the government should be answerable when it violates laws.  
The FISA amendment is an attempt to pre-empt any liability for private 
collaborators with illegal government behavior, either at the state or 
federal level.

And in doing so, it provides the executive branch of government with a 
carrot and stick approach towards telecoms to get them to go along with 
whatever it wants, legal or not, by trying to eliminate the consequences 
of joining these agents in breaking the law.  The anti-FISA policy is an 
attempt to defray this by providing private consequences to anyone at 
HCoop who otherwise might be tempted to grab onto this immunity.
> About the privacy policy:
>
>
> Section 1:
> The last part of the sentence appears to be missing.
>   
Yes, mwolson pointed that out.

> Section 2:
> it declares network transmission where no HCoop related party is
> participating as confidential.
>
> Section 4:
>   
>> 4. Stored information that is ordinarily accessible to ordinary users is
>> presumed to be public.
>>     
>
> I think we need a distinction between public to ordinary users and
> public to the world.
>   
Perhaps, but how would you suggest to define this?  Another level of 
confidentiality, with some duties on members not to disclose 
"public-to-members-but-not-the-world" data?

-ntk

More information about the HCoop-Discuss mailing list