[SIMSOFT] Protecting Privacy with Translucent Databases
David Wagner
daw at mozart.cs.berkeley.edu
Sat Aug 3 16:35:59 EDT 2002
R. A. Hettinga wrote:
>Protecting Privacy with Translucent Databases
>
>Last week, officials at <http://www.yale.edu/>Yale University complained to
>the FBI that admissions officers from
><http://www.princeton.edu/index.shtml>Princeton University had broken into
>a Yale Web site and downloaded admission decisions on 11 students who had
>applied to both schools. [...]
>Unfortunately, the security on the Yale Web site was atrocious: all anybody
>needed to look up a student's record was that student's name, social
>security number (SSN), and date of birth. [...]
[ proposes a solution ]
I'm glad commentators are beginning to point out that
more care should be put into protected personal information.
However, solution proposed in this article seems to me to
be more complicated than necessary.
I can't find any legitimate reason why colleges should need your
SSN when deciding whether to admit you. They get away with it because
they can, but that doesn't mean they are right to do so.
It seems to me that a much more privacy-friendly solution would be
to simply refrain from asking for sensitive personal information like
SSN and date of birth -- name and a random unique identifier printed
on the application form ought to suffice. (If SSN is later needed
for financial aid purposes, it could be requested after the student
decides to matriculate.)
Am I missing anything?
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list