Text archives Help


Re: [projectvrm] on privacy policies and ecosystems


Chronological Thread 
  • From: JB Clark < >
  • To: John Wunderlich < >
  • Cc: Coach < >, ProjectVRM list < >
  • Subject: Re: [projectvrm] on privacy policies and ecosystems
  • Date: Thu, 8 Oct 2015 14:11:20 -0700

On Thu, Oct 8, 2015 at 10:24 AM, John Wunderlich < " target="_blank"> > wrote:
As many others have said, privacy policies serve the same role as product warranties. They shield the vendor from risk. That will continue to be the case, and thinking otherwise is wishful thinking. Lawyers, litigation and regulation mean that companies have a fiduciary responsibility to manage their risks.

John, there's a significant difference.  In sales of goods, for over a century, commercial law in most Western legal systems sets some minimum liability for all sellers of products, that no clever lawyer disclaimer or 'limited warranty' can remove.  

This rule grew up from attempts to avoid liability that were so outrageous -- "hey, we posted a disclaimer, so it's not our problem our widget blew off your fingers" -- that lawmakers were moved to create a minimum floor of responsibility.  

In software and virtual goods, and in privacy, there is no floor of minimal protection in US law.  Ensuring this was a very deliberate move by software companies, as uniform commercial laws were being updated around 1999.  (Not true in some other countries. The Germans, for example, blinked at those arguments and replied, nope, doesn't matter, sale or "license", there are minimum liabilities.) 

Politically, you could say that we have no minimum protection for privacy and software in US law, because we haven't hit the "outrageous" threshold yet.  As may be apparent, European sensibilities about this are different than the commerce-uber-alles US model.  

When I buy an ice cream cone at the local store, I
don't have to read a fine print "hand washing before
touching food policy" and "standing in line policy"
and "counting your change to give you the correct
amount policy."  I expect a person working in that
business to comply with the norms of the location
where they operate.
 Offline I can tell what norms a business complies
with based on its location, language spoken, and
other cues.  Online I should be able to count on
whatever tool works "my end" of the network connection
to enforce my norms.

Don, not sure I see the analogy.  The FDA and state health dep't do not rely on consumer-supplied self-policing, for those wash-your-hands norms.   The gov't actively regulates, tests and sometimes closes restaurants.   

What "tool on my end" would supply the missing privacy norms measurement, in the case of a consumer evaluating online business transactions?   

cordially, Jamie
@JamieXML

Archive powered by MHonArc 2.6.19.

§