From Hit & Run comes Service with a Smile, more coverage of eBay's frightening privacy policies:

The Nation reports that eBay officials have been bragging about their company's exceptionally "flexible" privacy policy:

If you are a law-enforcement officer, all you have to do is send us a fax with a request for information, and ask about the person behind the seller's identity number, and we will provide you with his name, address, sales history and other details--all without having to produce a court order. [...] Tell us what you want to ask the bad guys. We'll send them a form, signed by us, and ask them your questions. We will send their answers directly to your e-mail.

How extraordinarily solicitous of them. Though in the immortal words of Shel Silverstein, some kind of help is the kind of help we all can do without.

I talked about this in February when Joseph Sullivan made his remarks at the CyberCrime2003 conference (eBay is proud to provide transaction information without a subpoena).  In fact, the underlying Nation article is referring to the same event, and bemoaning the lack of coverage of this issue in the US press (the article doesn't mention why they are first writing about it now, considering the conference where Sullivan made the offending remarks took place five months ago). 

I already made the decision never to use eBay because of this; perhaps with increased media coverage, others will make the same decision. 

In my aggregator: 

Ruining email. Yeah, spam is ruining email, but so will the widespread deployment of challenge-response systems for dealing with spam. Patrick Nielsen Hayden posted a first hand account of this problem. I've only ever sent email to one person who had put such a system in place (ironically, I was responding to an email that they had sent to me). I just ignored the challenge email and let it drop. [rc3.org Daily]

I agree; I have received two "challenges" to e-mail, both from individuals who absolutely should have me whitelisted on their accounts.  I ignored both of the challenges because it just irked me (even though both promised that I'd only have to do this once!).  I'm sure that will change as soon as I absolutely need to contact them.  It's rude, though.  It would be one thing if the challenge indicated that I was writing from an e-mail address not in the recipient's whitelist (for example, if I wrote someone from a personal account or something).  I'd understand a business associate not having, say, my address for this domain whitelisted.  But if you are going to create a whitelist (which the challenge system must do in some way, if the challenge will only be issued once), then prepopulate the whitelist with the e-mail addresses of your peers and regular business associates.  Take the initiative up front, rather than requiring your associates to fix your e-mail system for you.  Sheesh.

Interesting piece on Assymetrical Information; Internet Use; 'clickophobes' discusses Net Evaders, people who "avoid the 'net as a matter of principle" (from a Pew Center study). 

What really caught my attention, though, was Mindles H. Dreck's theory about "clickophobes," users who are "otherwise exemplary employees, willing to do whatever is required by their employer except use software."  He continues

They certainly wouldn't refuse to sign a memo or attend a meeting, or grind through some horrendous paper form, but for some reason it is still OK to declare even a mission-critical package too hard, without attending a training session or cracking a manual. "Can someone just print it out for me?" is the lonesome call of the clickophobe.   ...  Another few years and I suspect most employers will consider this a critical professional shortcoming.  [emphasis added in both places]

heh  This is one of my frustrations as well; we build entire systems with hypertext, designed to allow users to navigate seamlessly from one type of information to the next, and I still get "but, can you print it out for me?" questions. 

More frustratingly, I also get that question when I'm preparing discovery responses.   I often create .pst files to respond to discovery requests; I make the file as easy to use as possible, separating the items into user folders with subfolders indicating which searchword led to the hit.  Attorneys should be able to simply look at each message and determine if the hit was legitimate or not, but I still get requests to print all of those e-mails.  I've trained some of the attorneys already, but there are still holdouts.  I simply don't get it; I could print 5,000 pages of e-mails, but would that really be easier to review than something that is very clear, organized, and allows the reviewer to see exactly why the item was included in the search results?  I'm looking forward to the day when "most employers will consider [that "it must be printed" attitude] a professional shortcoming." 

I'm there already.