taylor@hplabsc.UUCP (Dave Taylor) (09/20/86)
This article is from David Chase <rbbb@RICE.EDU> and was received on Wed Sep 17 11:53:36 1986 It seems (certainly here in Texas) that more and more organizations require what I thought was confidential information (the most frequent example of this is the social security number, which I am told is private information and reasonably easy to abuse). It also happens that whenever these people make the request, you are NOT in any position to bargain (for example, you cannot get your power turned on, or you are unable to interview for employment on campus at U Texas). Does anyone have any experience with this sort of thing? What gives an organization the right to require private information (what authorization should I demand to see before releasing it)? How safe is this information once it has been given to some organization? What recourse does an individual have if an organization does release this information, causing real or potential harm? A friend in the "credit industry" tells me that the penalties for abusing credit information are quite stiff, but this doesn't seem like it will protect against simple negligence on the part of the organization (TRW, for instance). After reading some articles and flames on the pending Electronic Communications Privacy Act, I feel even less confident that someone with my information intends to make any real effort to protect it. One person pointed out that by making interception a "big crime", people transmitting information on my behalf or about me are freed from the worry of negligence suits (that is, you are not negligent if you do not take steps to prevent a big crime, simply because it is a "big crime"). I haven't mentioned "computers" in this letter, but it is clear that they are involved because they are usually the record-keeping tools. If the computers involved aren't secure, then it is unlikely that the information that they contain will be secure. David