Date: Mon, 04 May 92 12:49:38 EST
Errors-To: Comp-privacy Error Handler <comp-privacy-request@PICA.ARMY.MIL>
From: Computer Privacy Digest Moderator <comp-privacy@PICA.ARMY.MIL>
To: Comp-privacy@PICA.ARMY.MIL
Subject: Computer Privacy Digest V1#011
Computer Privacy Digest Mon, 04 May 92 Volume 1 : Issue: 011
Today's Topics: Moderator: Dennis G. Rears
Re: Cordless phones
Re: Cordless Phones
Re: Cordless phones
Re: Federal law and SSNs
Re: Should political speech be censored online?
COMM DAILY on Privacy Panel Report on Community LInk
FBI Interest in Mailing Lists
The Computer Privacy Digest is a forum for discussion on the
effect of technology on privacy. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy
(Moderated). Submissions should be sent to
comp-privacy@pica.army.mil and administrative requests to
comp-privacy-request@pica.army.mil.
Back issues are available via anonymous ftp on ftp.pica.army.mil
[129.139.160.200].
----------------------------------------------------------------------
From: Skipper Smith <skipper@motaus.sps.mot.com>
Subject: Re: Cordless phones
Date: Fri, 1 May 1992 21:51:30 GMT
In article <comp-privacy1.7.2@pica.army.mil> ugtalbot@KING.MCS.DREXEL.EDU (George Talbot) writes:
>Craig DeForest writes:
>>But, if you want privacy, you *don't* shout so that everyone within ten
>>miles can hear it. If you want privacy, you don't broadcast your conversation.
>
>>If people don't want me to hear their conversation, they ought not to
>>be shooting photons at me!
>
> I don't think that I agree with you. I have a cordless phone.
>The major use I have it for is so that I can sit outside of my
>apartment and still use the phone on a nice day. The regular phone
>wire will not reach, and consequently I would have sit inside to use
>the phone. You seem to be of the opinion that if my conversation is
>transmitted over copper wire, then I have a right to privacy, but if
>it's transmitted over the air, then I don't.
>[...]
>
>George T. Talbot
>ugtalbot@mcs.drexel.edu
For those people who are paranoid about people snooping in on their cordless
phone calls but don't want to be tied down to a corded phone, Motorola started
producing (about three months ago or so) a cordless phone with a simple
coding of the signal. I don't know what type of coding it is, but it will
definately stop the casual snooper (kind of like a lock on the door). Since
the coding scheme is public knowledge, it won't stop anyone who is really
serious. For those people who are REALLY paranoid, you will have to wait for
the next version :-).
Since the phones are produced by a different segment, I am afraid that I don't
know where they are sold or who they are sold by.
--
Skipper Smith | skipper@wmtowdc.sps.mot.com
Motorola Technical Training | 8945 Guilford Rd Ste 145
All opinions are my own, not my employers | Columbia, MD 21046
------------------------------
Date: Fri, 1 May 92 21:15:52 PDT
From: Michael McClary <michael@xanadu.com>
Subject: Re: Cordless Phones
Date: Sat, 2 May 92 04:15:45 GMT
In article <comp-privacy1.3.3@pica.army.mil> davep@u.washington.edu (David Ptasnik) writes:
[expresses concern about Craig DeForest's post about listening in on
wireless telephone conversations]
>If your neighbors are
>talking, is it OK to turn a shotgun mike on them? After all, they are
>shooting sound waves at you. If they don't want you to hear, they should
>be whispering in the basement with the water running. Tough issue.
The real question is, can they reasonably expect privacy when they hold
the conversation?
Courts and legislatures often try to define this when deciding whether
information gathered by police, without a warrant, is admissable in court.
Rulings I've heard about:
- (Non-cellular) radio telephones: public
- Conversations in the open, with person within normal earshot: public
- Conversations in the open, with nearest person far enough away that a
telescopic microphone would be necessary: private (Michigan state law)
- Intact papers discarded in trash: public (US Supreme court)
- Shredded papers discarded in trash: private (US Supreme court)
I generally assume that, if the government would require a policeman to have
a warrant if he wants to use the interception in court, listening in would be
prying.
------------------------------
Date: Mon, 4 May 92 07:44:46 EDT
From: Tom Olin <adiron!tro@uunet.uu.net>
Subject: Re: Cordless phones
George T. Talbot (ugtalbot@mcs.drexel.edu) writes:
The phone companies (if it's a long distance call) sometimes
transmit phone calls using microwave towers. If this is the case, do I lose
my right to privacy when I call long distance?
Sure does look like it. It would be nice if nobody ever listened to anything
they weren't supposed to, even if in a public place. Unfortunately, reality
doesn't work that way.
I am of the opinion that it is impolite and possibly even immoral to listen
in upon another's private conversation without being invited.
Perhaps so, but let's not start legislating manners. ("Hey, get your elbows
off that table! Okay, buddy, you're going to jail!")
If I have a computer, or an account on a computer, I do not expect that
everything I will type there will be for public consumption.
If others have access to it, do you still store personal information on it?
Privacy is not something that a person should have to jealously guard in
fear that another will find some way to take it away. Privacy should be an
expression for the respect that people have for one another.
Maybe that's the way it should be, but we're living in the real world here.
Sorry. I can't expect any privacy if I undress in front of a picture window.
Might be nice, but it won't happen.
Privacy is something that you *have* to protect, to whatever degree is
reasonable for your desire for it. Unenforceable and nonsensical laws cannot
protect privacy any more than they can make the world flat.
Tom Olin tro@partech.com uunet!adiron!tro (315) 738-0600 Ext 638
PAR Technology Corporation * 220 Seneca Turnpike * New Hartford NY 13413-1191
------------------------------
From: egdorf@zaphod.lanl.gov (Skip Egdorf)
Subject: Re: Federal law and SSNs
Date: Fri, 1 May 1992 22:12:11 GMT
In article <comp-privacy1.1.4@pica.army.mil> jmjoy@eiffel.cs.psu.edu (John M. Joy) writes:
>Would anyone happen to have the section of U.S. Federal law handy
>(presumably some part of PPRA) which requires institutions normally
>using an individual's Social Security account number as identifier to
>use a GenSym identifier instead, on the request of the individual?
Sorry, I know of no such law. Perhaps the following is useful:
(transcription errors are mine)
Public Law 93-579
The Privacy Act of 1974
Section 7
(a) (1)
It shall be unlawful for any Federal, State, or local
government agency to deny any right, benefit, or
privilege provided by law because of such individual's
refusal to disclose his social security number.
(a) (2)
The provisions of paragraph (1) of this subsection
shall not apply with respect to -
(a) (2) (A)
Any disclosure which is required by Federal statute, or
(a) (2) (B)
The disclosure of a social security number to any
Federal, State, or local agency maintaining a system of
records in existence and operating before January 1,
1975, if such disclosure was required under statute or
regulation adopted prior to such date to verify the
identity of an individual.
(b)
Any Federal, State, or local government agency which
requests an individual to disclose his social security
account number shall inform that individual whether
that disclosure is mandatory or voluntary, by what sta-
tutory or other authority such number is solicited, and
what use will be made of it.
As I (not a lawyer) read this:
(a) (1) Govt can't mess around with me over my SSN ...
(2) Unless
(A) A Federal LAW says to use the SSN
(B) Federal, State, or local LAW said its ok when such law
was passed prior to 1974.
(b) In either case, they must tell you just what law they are talking
about so that you can see if they are legal.
It seems that the first place to start is to ask to see the disclosure
required by (b). Initially you have no way to know if their request for
your SSM is legal (mandated by law as described in (a)) without such a
disclosure. Note that the law requires them to provide this information.
After you find out what law covers the situation, you can either refuse
or give your SSN as appropriate. If they are not covered by a law that
explicitly allows the use of the SSN, you are not supposed to be denied
any right for your failure to provide your SSN.
They WILL try to squirrel out of this one because they often are not
covered and are attempting to snow you. The first hint will be that
they can't find the disclosure form or whatever that tells their
statutory authority basis. They may have run into your (our) type before
and attempt a second level snow job. For example: Any University of New
Mexico students out there pull out your Student Catalog. In the early 80's,
UNM added a paragraph as their disclosure. It says that the SSN was mandated
by the Regents of the Univ. of NM. Sigh... That's not a law. They are not
legally able to use your SSN as a student ID. They do it anyway.
Now if only someone would get damaged by this... Say some hacker type steals
a bunch of UNM SSNs, breaks into TRW's credit computers and ...
It would be nice to get someone to recognize the law with a nice fat lawsuit.
Skip Egdorf
hwe@lanl.gov
------------------------------
Date: Fri, 1 May 92 20:45:10 PDT
From: Michael McClary <michael@xanadu.com>
Subject: Re: Should political speech be censored online?
I'm responding to the moderator's posting, as quoted by
brad@looking.clarinet.com (Brad Templeton)
>> [Moderator's Note: I was the moderator of telecom-privacy. A couple
>> of points: His submission was an announcement and a copy of his
>> platform. To me there was little difference between his submission and
>> advertising which is generally prohibited from the net.
As I thought I understood it, advertising which is:
- restricted to a single announcement of a product or event.
- posted only to groups where reader interest may be expected.
is explicitly permitted by the normal ettiquete of usenet.
I would expect Glen's candidacy and platform to be of interest to the
readers of this group, so, at a minimum, a single announcement would be
appropriate and within the guidelines.
A reasonably terse Q&A exchange with Glen on his position on privacy-law
issues also seems to me to be appropriate material for this newsgroup.
[Moderator's Note: The platform doesn't belong in this forum. The last
thing we want is every person running on privacy issues to send a 10K
platform to the list. I welceom discussion on any technical privacy
issue from anyone. _Dennis ]
------------------------------
Date: Sun, 3 May 92 09:21:27 -0700
From: Peter Marshall <ole!rwing!peterm@uunet.uu.net>
Subject: COMM DAILY on Privacy Panel Report on Community LInk
The 4/21/92 issue of COMM DAILY reported that the "Advisory panel on
privacy issues related to use of US West's Community Link videotext
gateway in Minn. has been able to agree on many issues proposed by US
West and Community Link/Minitel, provider of gateway services," but
that "there's still some disagreement."
COMM DAILY's item noted that "In report to PUC, which requested study
of privacy issues, panel supported decision by Community Link
Assoc.(CLMA)not to disclose subscriber usage data except under certain
conditions.... Panel members disagreed, however, on how to notify
subscribers about uses to which information on their access could be
used..., and all but US West and CLMA supported on-line notice to
subscribers o privacy concerns."
The trade pub. cited US West spokesman Ron Dulle's view that "question
is one of balance between what consumer needs to know and how much
up-front information can be put on screeens without disturbing
service."
Importantly, COMM DAILY noted "This is first time such panel has
considered privacy issues related to gateways."
Meanwhile, a 4/27 NARUC newsletter noted "Texas PUC Votes to Publish
Proposed Rule Change Concerning Telecommunication Privacy Issues." The
proposed rule includes "polling of telephone customers statewide to
determine their preference as to what information about themselves, if
any, they would allow to be released for marketing purposes."
Peter Marshall
------------------------------
Date: Sun, 3 May 92 13:29:09 PDT
From: peter marshall <lorbit!rocque@uunet.uu.net>
Subject: FBI Interest in Mailing Lists
Apparently interested in accessing mailing lists for investigatory
purposes, the FBI reportedly recently approached two large mailing list
firms, Donnelly Marketing and Metromail, as reported in the 4/20/92 DM
[Direct Marketing] NEWS.
Other firms were apparently also approached by the FBI, with a source
indicating the agency "showed 'detailed awareness' of the products they were
seeking...."
The DM NEWS item indicated that the FBI had utilized Metromail's MetroNet
address lookup service for a period of two years, reportedly to confirm
addresses of those sought to be located for interviewing purposes.
It has been suggested that the FBI's current effort represents an attempt
to employ mailing lists for law enforcement purposes for the first time
since an apparent 1984 attempt to purchase such lists on the part of the
IRS.
As reported here earlier, staff of the Washington PUC, interested in
developing a rulemaking to restrict utilities' marketing lists of subscriber
data, indicated that in a recent WA State case involving US West's Marketing
Resources Group and US West Communications, current customers for MRG's list
products included the CIA.
These recent developments involving LEO and investigatory interests
in mailing lists also echo earlier attention to the similar information
products and services of so-called "information brokers' or "superbureaus,"
whose clients also often include LEOs and investigatory agencies. The same
developments also suggest a linkage to uses by similar interests of expanded
data on individuals facilitated by initial delivery of calling name and/or
number via so-called CallerID and its equivalents.
Peter Marshall
--
Peter Marshall(rocque@lorbit.uucp)
"Lightfinger" Rayek's Friendly Casino: 206/528-0948, Seattle, Washington.
------------------------------
End of Computer Privacy Digest V1 #011
******************************