EFF endorsed "real privacy protections"
The EFF has endorsed "real privacy protections", but I have doubts
that their approach is strong enough to achieve the goal of protecting
privacy.
The basic philosophical flaw is that they don't recognize that real
privacy requires anonymity.
There are parking garages in the US and Europe which require the
motorist to enter the car's license plate number into a digital
system. Other parking garages take a photo of every car that enters,
or every car that leaves, which would imply recording the car's
license plate number.
When considering a proposed privacy protection law, we should
challenge it with this question: would it be absolutely forbidden for
the parking lot ever to make any of those license plate numbers
available to any government agency, except under direction of a
specific, narrow court order?
We we talk about deleting records to protect privacy, we must ask
about any backup systems that might hold these license plate numbers
past the time that the car has exited. Are they a security hole that
threatens motorists' privacy?
Of course, sending any of that data to a cloudy system which could
store a copy outside of the parking lot itself would totally destroy
the privacy of those motorists.
Massachusetts has established a toll collection system that saves data
about motorists' travel in order to bill them. Those operating the
system would argue that this is permitted because the system "needs"
to hold on to that data in order to collect the tolls. Given the
choice of that particular system of billing, retaining the data that
long would appear necessary.
If the law accepts such a weak standard of "the minimum necessary", it
won't protect privacy. A real standard of respect for privacy would
prohibit that system of billing. We know that it is possible to
collect tolls without recording who pays them. That being so, collecting
the identity of those who pass the toll station should be forbidden.
</li>