Publication: The Daily Telegraph Date: August 13, 1996 Author: Wendy M. Grossman Title: "New site rekindles privacy debate" *This is the text of the article as submitted, before editing. To quote, please refer to the published version.* Somewhere in Oregon there is a guy driving around with a licence plate on his car that reads, “WENDY.” I know this because Oregon computer consultant Aaron Nabil paid $222 to the Oregon Department of Motor Vehicles (DMV) to buy a magnetic tape copy of the state’s database of licence plates, wrote a script, and put the whole thing on the World-Wide Web (http://www.i.net/aaron/dmv.html). Enter a licence plate number and you’ll get back the name and address of the car’s registered owner along with a description of the car and a few other ancillary details. Nabil has done nothing illegal. According to a 1973 Oregon public disclosure law, the DMV database is open to the public, and anyone may walk into any DMV office, pay $4, and retrieve a record. Nonetheless, the criticism (and the praise) started almost as soon as his database went up on the Web about 10 days ago. The result may be reconsideration of the law by the Oregon legislature. In the meantime, the fuss has been enough to cause Nabil, whose home page includes links to the libertarian party and the national speed trap Web server, to disconnect the database temporarily “to think things over.” The Oregon DMV database is only one of many sources of public data that are springing up on the Web, most of them American. Sites like Four11 (http://four11.com), Switchboard (http://www.switchboard.com), and 555-1212 (http://www.555-1212.com) offer searching of various collections of phone books, email directories, and zip code information. These sites are all resolutely non-commercial and prohibit the use of retrieved data by marketers. They are often used by people searching for long-lost friends, university roommates, or school friends, although it’s easy to imagine less benign purposes. Most systems provide a means for visitors to remove or update their own listings. In this country, public access to this type of personal data is much more tightly controlled. The DVLA in Swansea, for example, says that while it will release a few details from individual records on written request for £2.50, the person requesting the information has to give an acceptable reason. Requests discovered to be false are turned over to the Data Protection Registrar for investigation and prosecution. The same is true of large databases such as the phone book, which is copyright to BT, and the postcode address file (PAF), which belongs to the Royal Mail. PAF (a registered trademark) contains the full addresses and postcodes of all the UK’s 24 million households. This is the database that lies behind the software products such as GB Address or Quick Address which allow telemarketers to take only your name and post code and from them generate your full address. The British telephone directories are available online directly via the BT service PhoneBase or through a relatively small number of resellers nationwide such as Tel-Me. Reverse searches -- searching for a name and address from an input telephone number -- are not allowed. You could, if sufficiently motivated, assemble your own phone book for distribution, but the data protection laws would require you to have the permission of everyone whose details appeared in the database. In theory either of those large databases could be made available via the Internet by the copyright holders or a designated licensee. They could not, as happened in Oregon, be picked up by a member of the public and placed online, at least not legally. But while Britain is more protective of data than the US, Privacy International director Simon Davies, says that Britain has never had the kind of public discussion of the use of personal data in the face of new technologies that has been held in other countries. Except in one area: the question of corporate directorships, where a variety of scandals and exposes have fostered public discussion and an understanding that it is in the public interest for such data to be accessible. “The fundamental point,” says Davies, “is that when we accept the idea of a publicly accessible database, we do so with a certain set of conditions in mind. Whenever those conditions change, we should revisit the debate.” Copyright (c) Wendy M. Grossman 1996 *This is the text of the article as submitted, before editing. To quote, please refer to the published version.*.