Newsgroups: comp.org.eff.talk
Path: utzoo!utgpu!watserv1!maytag!looking!brad
From: brad@looking.on.ca (Brad Templeton)
Subject: Re: OUTLAW ALL DATABASES!!  Damn right!
Organization: Looking Glass Software Ltd.
Date: Thu, 29 Nov 90 02:59:37 GMT
Message-ID: <1990Nov29.025937.29810@looking.on.ca>
References: <7425@hub.ucsb.edu> <5140@rsiatl.UUCP>

The fact that you can prove that the credit databases are worthless and
erroneous doesn't change the fact that big organizations want them and
pay big bucks for them.

Fact is that these big outfits, procedure and rule oriented as they
are, *need* some sort of security, even if it is false security.  They
would never tolerate giving ordinary employees the right to grant credit
on their own intuitive appraisals of a debtor's credit worth.

Here are some possible ideas I will throw out...


a) A simplified law of database libel.  Pre-set, straightforward fines
for database errors.   Fines are fixed unless malice or criminal negligence
can be shown.   Fines would range from the miniscule for getting spelling
wrong, to a serious fine for invalid credit information to a very serious
fine for invalid criminal conviction info, etc.   For the basic fine, no
proof of damage need be shown (ie. nobody need have accessed the data --
this is a preventantive fine, like many other that exist.)  Plaintiff can
also get real damages, but that needs a trial.

For basic fine, conviction is summary unless contested.  ie. plaintiff
shows database record, demonstrates falsehood of record, defendant makes
no defence, pays fine.  Defendent can, of course, offer a defence that the
information is true.   Fine is split by court and Plaintiff.

With such a law, people who are poor or had nothing better to do would
run around snooping for database errors to get their share of the fine.
In fact, whole firms would exist to seek out the info from anybody selling
or giving away info on other people.

b) Tagged information.  All records must be tagged and digitally signed
as to their origin.  Author of bad record is jointly liable for fine
(or liable as arranged in contract between database vendor and information
supplier)  Information tagged with date as well for expiry.  Any database
with unsigned information makes the database owner liable for such libel.

c) Standard contract of confidentiality:  Definet the law so that there is
an implicit contract of basic confidentiality of information in certain
transactions, such as purchases, subscriptions, trade show attendance,
mail order, video rental, credit card, banking etc.   Naturally the
party giving the information may explicitly waive that implied contract.
If all information must be tagged as to its sources, it's easy to catch
violators of that sort of confidentiality.   I'm not talking about the
full secrecy of a non-disclosure agreement here, just a basic agreement
not to give the information out except as necessary for the business at
hand.  Implied contract must be transitive.  Magazine gets name for
subscription, hands it over to circulation house -- they must also be bound.
-- 
Brad Templeton, ClariNet Communications Corp. -- Waterloo, Ontario 519/884-7473
