From: Peter Conrad <conrad@unix-ag.uni-kl.de>
Date: Thu, 8 Feb 1996 01:26:00 +0800
To: cypherpunks@toad.com
Subject: Re: Fair Credit Reporting Act and Privacy Act
Message-ID: <199602071139.MAA05424@pizza.unix-ag.uni-kl.de>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hi,

Duncan Frissell wrote:
>At 08:25 AM 2/5/96 -0500, Frank Willoughby wrote:
>
>>If the Privacy Act were rewritten to be as strict as the BDSG, businesses
>>would have a (mandatory) legal requirement to:
>>
[...]
>Unfortunately, it would also:
>
>*  Require government registration of computers and databases containing
>information about people (whether these computers are used by business or
>individuals).  This eases regulation of computers and future confiscation.

This is not true. Individuals are not required to register anything, the
BDSG simply does not apply do them (see. Par. 1 Section (2) ).
Businesses are required to register (besides their address and the kind
of business they do) a person who is responsible for any personal
information they want to keep and a general description of the kind of
data they intend to keep (see Par. 32 Sect. (2) ).
Computers are hardly mentioned anywhere in the BDSG, in fact, most of it
applies to any method of processing personal information. It doesn't
matter if a business keeps data printed on paper or stored in a computer.

>*  Reduce market efficiency by making it harder to match buyers and sellers
>(because neither could easily find out about he other) thus causing higher
>prices and poorer people.

Oh well. In the past buyers and sellers have always found each other
without keeping large databases. Most buyers are quite capable of finding
appropriate sellers (that's what advertisement and commercials are good
for).  The goal of the BDSG is to give the individual control of information
kept about him.
An example: The Deutsche Bundesbahn issues so-called 'BahnCards'. If you
buy a BahnCard you can use the Bundesbahn-trains for half the normal price.
Until a couple of months ago, the Bundesbahn gave all the information they
got from their BahnCard customers to the Citybank AG. The Citybank AG
sent their junkmail to all Bahncard customers and tried to make them get
a credit-card. This was in violation of the BDSG. And I still know where
to get a credit-card if I want one.

>*  Do nothing to protect personal information from the government which
>would get to collect more of it than ever in the course of enforcing data
>protection laws.

Oh yes it does. The same rules (or even stricter ones) that apply to
businesses apply to all government organizations. If any government
organization (even the police) violates the BDSG you have the right to
file a lawsuit against the organization (or the individual who violated
your rights).

>If you don't want people to know things about you, don't tell them.

You sometimes have no choice.
Those of you capable of understanding german might take a look at

http://www.fh-ulm.de/bvd/gesetz.html

Bye,
	Peter

NB: I subscribe to this list through a digest only. Please CC: me on
    followups.
- -- 
Peter Conrad    | "They say time is the fire in which we burn."
Am Heckenberg 1 |                        Dr. Soran, Star Trek - "Generations"
56727 Mayen
Germany

         Email: p_conrad@informatik.uni-kl.de,conrad@unix-ag.uni-kl.de

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAgUBMRiPe7FFskV8RCVHAQEMwQP7B6/QSo0E8bAiPcusg9+Etzx+WdIi6nuP
WVvnJ7RWrwoScnPkRJs7uaBfCpedFu3TZX7RyOm6bVAX4mwFe/dtqhBxcy8U3lQg
fqa3WUAhyBNPcr6tF38sVocKs6hWRiw+KckzvnCx9grJpqVHz6kvimAcVOIg027O
Zzk8jyopYDw=
=PBa7
-----END PGP SIGNATURE-----