Re: PGP Corporation Beta License Agreement

[Jon Callas <jon () pgp com>]

In-Reply-To: <F28aLCQEw78GhUiMJen00003135 () hotmail com>

> Can any one enlighten me on this statement in the PGP Corporation Beta 
> License Agreement?
>
> YOU HEREBY EXPRESSLY CONSENT TO PGP'S PROCESSING OF YOUR 
PERSONAL DATA 
> (WHICH MAY BE COLLECTED BY PGP OR ITS DISTRIBUTORS) ACCORDING 
TO PGP'S 
> CURRENT PRIVACY POLICY.
>
> This is one of those touchy situations with trust. If you read the Privacy 
> policy, non-personal information is spelled out clearly. But not where does 
> it state what "YOUR PERSONAL DATA" means.

The privacy policy, at <http://www.pgp.com/privacy.php> says, "Personal 
information is any information associated with your name or personal identity. Non-
personal information is data about usage patterns, reported in aggregate, which is 
not associated with a specific personal identity." Do we need to put an example 
there?

What that statement means is that if, for example, you buy something from us, we 
would use your personal address to ship you a package.

Some people have found this confusing, thinking that "PGP" refers to the software, 
not the company. We're revising the license for a later beta or the real release, so 
as to be clearer about this. We'll be sure to use "PGP Corporation" to be explicit.

If there are other things we can do to make it clearer that we make a commitment to 
protect your privacy, please let me know. It's hard to get these things right, and 
we're trying to eschew boilerplate, as boilerplate licenses frequently have things in 
them none of us like. Send me mail, let me know what you find confusing, and I'll 
look at it personally.

    Jon

-- 
Jon Callas              
CTO, CSO                
PGP Corporation         
3460 West Bayshore
Palo Alto, CA 94303