Lately, there’s been a lot of talk about privacy and the data that various organizations keep on all of us. A friend of mine just got an e-mail that offered (for a small fee) to let him see his credit record. “Quite frankly,” he said, “I don’t want to know.”
I suggested that it was my understanding that the error rate in these records can be quite high. As a result, he might want to review the data on his credit record to make sure that it’s correct. His response was that any errors could only make him look better. I can see his point. I was in the bank the last time he asked for a loan, and the bank manager erupted into laughter (they eventually had to sedate her).
My personal feeling is that these large databases are the least of our problems. The software you buy often has its own little database with data embedded in it. When I start up the program that controls my scanner/fax/printer/can opener, for instance, I notice that it starts a copy of the Watcom SQL Server. I have to wonder what data it’s tracking and whether I can get at it. I really don’t know how I feel about that. Right now, I don’t think I have a problem if the data is stored on my hard disk. How I’d feel if the data was stored on the Internet, or even on a network drive, is another matter. As masters of the database realm, we have to consider the uses that our work is put to.
CyberSitter, from Solid Oak Software, is another example. This product watches your Internet access and keeps you (or your children, presumably) from accessing both specific sites on the Internet and pages that contain particular phrases or words. Unfortunately, you can’t find out what those sites or words are — the list of sites and phrases is encrypted and not made available to CyberSitter owners (this is typical of most of these kinds of software). For instance, after installing CyberSitter, the product will prevent you from accessing the site for the National Organization for Women. This might or might not be a selling point for you. My problem is that I won’t find out what’s in the CyberSitter database until I try to access a site that’s listed in it.
Furthermore, Solid Oak takes keeping this data secret very seriously. Two reporters who listed portions of the list in an article were threatened with criminal legal action by Solid Oak. A teenager’s Web site has a tool that would allow CyberSitter owners to read their prohibited list site. Solid Oak told the teenager’s ISP (MEDIA3) that CyberSitter would block all access to the ISP. Not only would this prevent CyberSitter users from accessing any site on MEDIA3, but MEDIA3 CyberSitter users would be prevented from picking up their e-mail. One person who sent an e-mail to Solid Oak criticizing CyberSitter’s policies received a letter from the Solid Oak support desk suggesting that he slam an important part of his anatomy in a door. Another lady who sent them 12 critical e-mails got a response of over 400 e-mails sent back to her, again by Solid Oak support. Now, this is customer service.
Had I been part of the team that built the CyberSitter database, I doubt that I would have thought twice about encrypting the database. In fact, if asked, I probably would have said that there wasn’t a problem here at all. As a father who might use the product, I find myself worrying a lot. It’s always interesting to try to sit in the user’s chair.