Date: Wed, 06 May 92 17:02:03 EST
Errors-To: Comp-privacy Error Handler <comp-privacy-request@PICA.ARMY.MIL>
From: Computer Privacy Digest Moderator <comp-privacy@PICA.ARMY.MIL>
To: Comp-privacy@PICA.ARMY.MIL
Subject: Computer Privacy Digest V1#014
Computer Privacy Digest Wed, 06 May 92 Volume 1 : Issue: 014
Today's Topics: Moderator: Dennis G. Rears
The End
Re: Free TRW Credit Report
Re: Modem Tax (N
Is e-mail private?
New phone technology, privacy, and the FBI
Re: Cordless Phones
A wierd way to run a mail system
Re: Call for a new moderator? NO!
The Computer Privacy Digest is a forum for discussion on the
effect of technology on privacy. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy
(Moderated). Submissions should be sent to
comp-privacy@pica.army.mil and administrative requests to
comp-privacy-request@pica.army.mil.
Back issues are available via anonymous ftp on ftp.pica.army.mil
[129.139.160.200].
----------------------------------------------------------------------
Date: Tue, 5 May 92 13:42:07 -0700
From: "Robert L. McMillin" <rlm@ms_aspen.hac.com>
Subject: The End
Flipping past yet another channel on cable yesterday, I came across
someone hawking one of my favorite hokums: apocalyptic predictions.
(Maybe it was the End of The World Channel... the program was "Biblical
Prophesy Today", approximately.) Fine, you may say, but what does this
have to do with technology and privacy? Well, the connection is that
the vintage blather these guys sold had it that ATMs and their PIN
numbers, along with credit cards, etc., will soon perform identity
verification using some kind of implantation system, whereby You Won't
Be Able To Buy Anything Unless You Have The Implant (dramatic music goes
here), which of course will be the Mark Of The Beast, and therefore a
Sign of The End Times. It was all very amusing.
The videotape cost $29.95, as I recall. Pretty good markup on
previously blank tape, eh?
(Really, now, do they honestly believe that people en masse would allow
themselves to be mutilated in order to do what they do now with paper
money? Maybe these people should withdraw all their money from the bank
and buy a clue...)
---
Robert L. McMillin | Voice: (310) 568-3555
Hughes Aircraft/Hughes Training, Inc. | Fax: (310) 568-3574
Los Angeles, CA | Internet: rlm@ms_aspen.hac.com
------------------------------
From: Garrett S Fitzgerald <Sarek@world.std.com>
Subject: Re: Free TRW Credit Report
Date: Tue, 5 May 1992 16:43:17 GMT
Apparently-To: uunet!comp-society-privacy
In article <comp-privacy1.10.9@pica.army.mil> michael@xanadu.com (Michael McClary) writes:
>Note, by the way, that many banks and credit-card providers make the
>last month-or-so of your account history available over the phone to
>anyone who can touch-tone in the account number and your zipcode or
>SS number.
Well, Fleet Bank, when they send you your statement, gives you an
extra code to punch in for your account information. Nice of them...
--------------------
"A foolish consistency is the hobgoblin of little minds."
Sarek of Vulcan
a.k.a. Garrett Fitzgerald `:-)
Sarek@world.std.com
------------------------------
Date: Tue, 5 May 1992 16:53 EDT
From: MCULNAN@guvax.georgetown.edu
Subject: Re: Free TRW Credit Report
People have commented on the amount of information TRW requires before
they will provide you with your credit report. The research I have
done over the past two years on direct marketing and the experience of
one of my colleagues/horror stories in the press suggests that 1) TRW
*may* need a lot of information to positively identify you due to
problems they have had with mixed files in the past and 2) if you do
provide this information to them, it is unlikely they will learn
anything new about you that they don't already have in their marketing
database.
TRW maintains an extensive marketing database on individuals from
which it sells mailing lists. The source of this information includes
public records (drivers license, deeds, USPS change of address
information), credit reports, and information it has purchased from
mail order companies.
Names and addresses may be selected based on such factors as exact
age, height, weight or whether or not you wear glasses (from drivers
license records), information about a home mortgage (amount, type),
recording date and whether or not the transaction was a purchase or a
refinance (deed/tax assessor records), whether you are a "new mover,"
the distance of your move and whether it is local, regional or
out-of-state as well as the date (USPS change of address information),
whether you are a credit shopper, an active credit shopper, your
purchasing power (credit report) and whether you shop by direct mail,
are a multi-category buyer, recent purchase date, and category of
purchases (e.g. collectors, crafts, high tech, sports, etc. etc)
(information purchased from unspecified third parties).
TRW is not the only company in this business. There are a number of
large direct marketing firms which sell similar types of lists.
We would all be able to exert much more control over the secondary use
of our personal information if public records came with a check-off
box, allowing each person to decided whether or not he/she wanted to
received solicitations because they bought a house or car, moved and
changed their address, or got a drivers license. Currently you can
only ask these companies not to resell your name by writing to them
directly or by signing up for the DMA's Mail Preference Service.
Mary Culnan
School of Business Administration
Georgetown, University
MCULNAN @ GUVAX.GEORGETOWN.EDU
------------------------------
From: Charlie Mingo <Charlie.Mingo@p4218.f70.n109.z1.fidonet.org>
Date: Wed, 06 May 1992 03:23:41 -0500
Subject: Re: Modem Tax (N
Lars Poulsen <lars@spectrum.cmc.com> writes:
> mc/G=Brad/S=Hicks/OU=0205925@mhs.attmail.com writes:
>> You can call from anywhere in the continental US to CompuServe's
>> mainframes in Columbus, Ohio for TWENTY FIVE CENTS PER HOUR. Can you
>> make any other long-distance phone call for $0.25 per hour? And the
>> government enforces this inequity by law.
>
> I am fairly certain that this statement is counter-factual. As far as
> I know, CIS charges several dollars per hour for such connections.
The argument is really one of semantics. CompuServe charges $.25/hour
(in addition to the $12.50/hour connect fee) for connections made through
it's own CPN packet switched network. This compares with a $3/hour
surcharge for calls made through Telenet/Tymnet.
Of course, you are really paying for your long distance fees in the
form of the $12.50/hour connect charge. Some services (America Online)
purport not to charge you anything for the call, and bill you "only"
for the connection. Since you cannot use CPN's $.25/hour service to
call anyone else, it matters little whether you pretend it's one fee or
two.
If you use CompuServe's CPN network to call any other information
provider, the charge is in the range of $4.50 to $5.50/hour. Thus,
you really should think of CompuServe charging you $8/hour for the
connection, and $4.75/hour to carry your call.
------------------------------
Date: Wed, 6 May 92 07:08:15 -0700
From: vikrum@milton.u.washington.edu (Vikram Madan)
Subject: Is e-mail private?
Date: Wed, 6 May 1992 14:02:04 GMT
I was reading the discussion about privacy and the cordless phone and I was
just wondering ... how private a medium is e-mail legally? Is it illegal to
tap into someones e-mail and read it and if so what legal repercussions can
the wrong-doer face? Its happened once with me that someone trying to show
his hacking skills managed to divert my e-mail and was reading them regulary
(just to prove he could do it) I didnt press any charges or anything but what
does the law say on this issue if I had wanted to do so?
Thanks,
vikrum.
------------------------------
From: "Brantley E. Riley" <brantley@lucy.umd.edu>
Subject: New phone technology, privacy, and the FBI
Date: 6 May 92 15:10:41 GMT
Hello all -
With all this discussion of cordless phones and privacy, I thought it
would be worthwhile to discuss the privacy issue as it relates to
other types of phone technology.
I was concerned to read in the local paper on Monday about proposed
legislation being backed by the FBI and Justice Department. The bill would
"block telephone companies from introducing new technologies until they
develop ways to let the [FBI] eavesdrop." The bill would also "require
that new communications technologies be vetted by FBI specialists before
any advances could be offered to the public" and "require telephone
customers to pay for the bureau's snooping."
The article was an editorial in the Op/Ed section of the paper, so it
didn't go into great detail on the bill (who was sponsoring it, etc.),
but the editorial did go on to describe briefly the difficulties in
tapping fiber-optics and digital phone systems. The editorial was
clearly opposed to the proposed law.
So, I'd like some feedback on this issue... what do people think? I am
wholeheartedly opposed to the entire idea, and it frightens me to think
that it has been seriously proposed and supported.
Does anyone have more details on the bill (who is sponsoring it, when
it was introduced, actual wording)?
brantley
(All references are from an editorial titled "Unwarranted FBI phone
snooping" that appeared in the Monday, May 4th issue of the Baltimore
Evening Sun.)
--
"Have I told you this before?" "No, we only met about half an hour ago."
"So little time to pass?" said Merlyn, and a big tear ran down to the end of
his nose. -- T.H. White, _The Once and Future King_
***** brantley@umd5.umd.edu *****
------------------------------
From: Mark E Anderson <mea@ihlpl.att.com>
Date: Wed, 6 May 92 12:06 CDT
Subject: Re: Cordless Phones
From: Anthony Rzepela <garzepel@KING.MCS.DREXEL.EDU>
> How much privacy can we afford? That is the new, evil question.
This is a good question. I guess it all comes down to what is
the downside of losing privacy. Like the old saying "If you
have nothing to hide, you have nothing to fear."
The only legitimate use of privacy is to protect secure information
that can be used by competitors to gain a market advantage. Other
than that, the only reason for privacy is to protect something that
someone has to hide from the government or insurance companies.
The nothing-to-hide-nothing-to-fear argument has been widely used
to stretch our 4th Amendment rights to where the police can set
up road blocks, make you pee in a cup, and maybe eventually randomly
search your house on a hunch. Why should communications and purchases
be treated any differently?
If I were running an insurance company and my salary and career was
based on the earnings per share, I would push as hard as I could
to find out everything there is to know about the people who I am
insuring. It only makes sense to charge those who have a higher
potential of abusing costs by smoking or eating fried foods or red
meat to pay more into the system. From a business point of view, this
makes alot of sense.
There is little that can stop invasion of privacy. The momentum has
already been formed and the only saving grace will be when those that were
most instrumental in eroding our privacy get burned themselves by
their own actions. By then, it may be too late.
In the meantime, I freely talk on my cordless and cellular phones caring
little about those who may be listening in. . If someone is that lonely
to listen to my mundane conversations, then they're the ones with the
real problem.
Until someone can stop the thought process in the vast majority of
Americans that anything is OK because
if-you-have-nothing-to-hide-you-have-nothing-to-fear, the erosion
of privacy will never stop. Your only recourse is protect yourself
and be aware of what is going on.
Mark Anderson
------------------------------
Subject: A wierd way to run a mail system
Date: Wed, 6 May 92 13:31:03 EDT
From: "John R. Levine" <johnl@iecc.cambridge.ma.us>
I just got this bounce message from a machine at AT&T having responded to
a message someone sent to comp.compilers. It appears that their mailer
uses employees' SSNs as the internal acccount ID and thoughtfully blats
the SSN on any mail bounce message. The original message had a different
return address in the text at the end, so we'll see if that works better.
Doesn't AT&T have privacy guidelines?
Regards,
John Levine, johnl@iecc.cambridge.ma.us, {spdcc|ima|world}!iecc!johnl
[Moderator's Note: For obvious reasons I have replaced the actual SSN
with X's. _Dennis]
Forwarded message:
|From spdcc!cbnewsf.att.com!postmaster Wed May 6 13:16:30 1992
|Message-Id: <9205061651.AA16124@ursa-major.spdcc.com>
|From: postmaster@cbnewsf.att.com
|Date: Wed, 6 May 92 12:47 EDT
|To: iecc!johnl@ursa-major.spdcc.com
|
|>From postmaster Wed May 6 12:47 EDT 1992
|Mail to `pevzner' alias `ssn=XXXXXXXXX' from `att!ursa-major.spdcc.com!iecc!johnl' failed.
|The command `exec post -x -o '%^24name %20ema %^city, %+state' -- ssn=053769177' returned error status 100.
|The error message was:
|post: ssn=XXXXXXXXX: Not found
[message followed]
------------------------------
Date: Wed, 6 May 92 16:40:40 EDT
From: Brinton Cooper <abc@brl.mil>
Subject: Re: Call for a new moderator? NO!
William Pfeiffer <wdp@airwaves.chi.il.us> supports Dennis Rears's
continued moderation of this forum but adds:
> but try
> to find a more condusive computer connection. Even if YOU are 100% honest
> (as I believe you to be) who's to say what commander has 'root'
> access to your army system and is keeping nice little diaries about all
> that we discuss here. After all, Privacy and our rights there-to
> would be very interesting reading for some in the Government
> Intelligence community.
This is a logical contradiction. If this is an open forum (freedom of
speech is the issue which began this thread), then Dennis's commander,
having Internet access, can keep his/her little diaries quite
adequately. You should believe strongly that the "Government
Intelligence Community" probably reads every word of these postings.
Either we have a public forum, or we don't, and that isn't affected one
iota by whether it originates from *.army.mil, *.edu, or
public-access.org.
_Brint
[Moderator's Note: I really *WANT* this discussion to end! As I said
before I will *NOT* allow anyone to tell me what *NOT* to post. If push
comes to shove I will post from another machine. _Dennis]
------------------------------
End of Computer Privacy Digest V1 #014
******************************