Background

In the last class on PartFour I proposed the idea of regulating forgetting, forcing data keepers to sunset data. Eben raised First Amendment issues with that proposal, which I think are compelling. However, there may be other sorts of information practices which could be mandated through regulation on government and third parties that may not raise such concerns and that would be useful for providing some protection against losing our identity to those who aggregate information about our lives. Perhaps we can use this space to think of a set of information practices that we would like to see codified, and discuss whether this is a worthwhile exercise at all.

Proposals

To start us off, in 1973 the US Department of Health, Education and Welfare released a code of fair information practices. See, Simson Garfinkel, Database Nation 13 (2000). The code had five tenants:

• There should be no secret databanks.
• There must be a procedure for a person to access their record.
• The data should not be disseminated without the person's consent.
• There must be a procedure for a person to correct misinformation.
• There should be a responsibility imposed on organizations to ensure the accuracy of the data.

Another resource could be the Fair Credit Reporting Act.

-- JustinColannino - 15 Feb 2009