Date: Tue, 19 May 92 15:48:15 EST
Errors-To: Comp-privacy Error Handler <comp-privacy-request@PICA.ARMY.MIL>
From: Computer Privacy Digest Moderator <comp-privacy@PICA.ARMY.MIL>
To: Comp-privacy@PICA.ARMY.MIL
Subject: Computer Privacy Digest V1#031
Computer Privacy Digest Tue, 19 May 92 Volume 1 : Issue: 031
Today's Topics: Moderator: Dennis G. Rears
Re: "IF you have nothing to hide..."
[The Jester: Re: "IF you have nothing to hide..."]
Re: "IF you have nothing to hide..."
Re: Caller ID decision
Re: "IF you have nothing to hide..."
Re: Census Bureau Database
Re: Caller ID decision
Re: "IF you have nothing to hide..."
Re: Computer Privacy Digest V1#030
Video records...
Bowers v. Hardwick
Re: "IF you have nothing to hide..."
Risks of electronic auto tracing
The Computer Privacy Digest is a forum for discussion on the
effect of technology on privacy. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy
(Moderated). Submissions should be sent to
comp-privacy@pica.army.mil and administrative requests to
comp-privacy-request@pica.army.mil.
Back issues are available via anonymous ftp on ftp.pica.army.mil
[129.139.160.200].
----------------------------------------------------------------------
From: Bob Philhower <philhowr@unix.cie.rpi.edu>
Subject: Re: "IF you have nothing to hide..."
Date: Tue, 19 May 1992 14:22:52 GMT
In an article blk@mitre.org (Brian L. Kahn) writes:
>
>For example, consider the proposal to put electronic ID markers into
>cars so that toll booths can read off who passes by and bill them at
>the end of the month.
>
>How much of a risk is this?
In another article wrf@ecse.rpi.edu writes:
>
> Here's another thing you could do by linking databases: Find people who
>
> a) left home last year on Memorial Day, and
> b) who bought a home safe, but
> c) who don't have a contract with a burglar alarm company.
>
> All this is determinable from credit card charges. This could provide
> you with something to do next weekend, if you're handy with a drill and
> hammer.
With electronic monitoring at toll booths, we could eliminate the risk
(to you :-) that the person with the safe has other plans this
Memorial day. Also, the officials would have a nice database of
people who would conveniently not challenge a search of their home.
With the current push to weaken evidenciary rules, this could cause a
bit of harassment.
Also, it may interest anyone who once was (or still is) a school-aged
heterosexual male that, given the Meese commission report, your name
could potentially be on a list of possible rapists because your older
brother or the father of one of your friends once subscribed to
Playboy. (And hadn't bought a home safe to keep them in :-)
Robert Philhower (philhowr@unix.cie.rpi.edu)
Rensselaer Center for Integrated Electronics
CII 6111 / Rensselaer Polytechnic Institute / Troy, NY 12180 / USA
------------------------------
Date: Mon, 18 May 92 22:31:11 EDT
From: Brinton Cooper <abc@brl.mil>
Subject: [The Jester: Re: "IF you have nothing to hide..."]
Again, Jester asks WHY the concept of "if you have nothing to hide
then you have nothing to fear" is wrong.
I see his problem. We have a logical inconsistency muddled by unclear
language.
The IMPLICATION of the statement is the problem. What people
actually hear is, "If you have done nothing wrong, then you have nothing
to fear."
We equate having something to hide with having done something
wrong. As nearly all examples implicitly pointed out, these are NOT THE
SAME THING.
I'm a few digests behind, so someone else may have discovered
this in the meanwhile.
_Brint
------------------------------
From: Carl Ellison <cme@ellisun.sw.stratus.com>
Subject: Re: "IF you have nothing to hide..."
Date: 14 May 92 20:18:56 GMT
The proposition behind the trick question is that the government has the
right to spy on us without being equally open and transparent to all
citizens in return.
The flaw is that this proposes a two-class system with the people in the
second-class role. That is reversed from the basis of this country.
Knowledge is power and in our democracy, the power lies in the people not
in the government. It is therefore vital that the government have a
minimum of knowledge about the citizens and that the citizens have a
maximum of knowledge about the government.
Result: prohibit encryption technology in the hands of the government; give
it to the individual citizens only.
After all: aren't we happy that Ollie North's criminal activities were
available for public examination?
------------------------------
Date: Tue, 19 May 1992 10:05:34 -0600
From: "fielden j.a." <fielden@spot.colorado.edu>
Subject: Re: Caller ID decision
In article <comp-privacy1.29.15@pica.army.mil> you write:
>Pulled this one from a mailing list...
>
>Mark N.
>
>
>Subj: PRIVACY WINS OVER CALLER ID in the State of Washington
>Sender: Activists Mailing List <ACTIV-L@UMCVMB.missouri.edu>
>
>>From the Seattle Post-Intelligencer, March 26, 1992 -
>
> PRIVACY WINS OVER CALLER ID
> Phone companies must offer free blocking service
> P-I Staff and News Services
>
>OLYMPIA - Telephone companies offering caller-identification service must
>also offer callers - free of charge - the ability to block display of their
>number or location, a state commission ruled yesterday.
>
> <deleted>
> The companies said an offer of free line-blocking, or automatic blocking
>of the caller's name or number, would doom caller-ID service.
> "Washington has just adopted the most constrictive and conservative
>regulation on called ID in the nation.," said Lisa Bowersock, spokeswoman
>for US West in Seattle.
>
> Companies such as US West wanted permission to charge a monthly or flat
>rate for a line block, while offering a "per-call" blocking ability for
>free.
>
> They said they believe a fee for line-blocking - $2.50 a month was
>mentioned - would sift out those who do not care if they are identified.
>
> At least one company, GTE Northwest, said it would not operate in
>Washington if the commission adopted the rule approved yesterday.
>
> US West is currently installing the system in Denver and Phoenix, then
>will look at expansion into other areas. Bowersock said. "With today's
>ruling, Washington will have a very low priority", she said.
US West has opted not to install in Denver because the PUC ordered them
to offer free call blocking and US-West said they felt they couldn't
make enough profit. Last I heard the PUC was considering ordering
US West to offer both services anyway.
As far as caller id goes I don't mind police, emergency services etc.
having it but frankly I get calls from telemarketers enough without
them getting my number from a caller id if I call for information
or a price quote etc. Yes, I know if I have the service I can block the
calls but I'd rather not get them in the first place.
>
> "There's no incentive for the company to introduce the service," she
>added. "The regulations adopted today won't even allow companies to recover
>the costs of line-blocking for individual customer".
>
>
> That remains to be seen, the commission countered. "There are too many
>unknowns," said Commissioner Richard Casad. He added that the best course
>was to come down on the side of callers.
>
> Industry officials argued that free per-call blocking service - in which
>the called dials three digits before making the call - has worked well in
>other states and provides enough protection for those who do not want their
>number disclosed.
>
Now I could agree with a fee for flat blocking and free per call blocking.
------------------------------
From: James Davies <jrbd@craycos.com>
Subject: Re: "IF you have nothing to hide..."
Date: Tue, 19 May 92 15:53:09 GMT
"If you have nothing to hide, then you have nothing to fear"
Actually, there is a reason that this statement is wrong. What you have
to fear is what I think of as "false positives", in analogy with
medical tests. Just because you are completely clean and legal in
every respect doesn't mean that someone's file on you is correct.
As an example, take drug testing. If you have never taken any drugs,
then the only thing that an employer's urine test can do to you is
bad -- it can falsely show that you have used drugs. In this case,
you have nothing to hide, but you can still be damaged by the test.
Another example: if a credit bureau has an incorrect report in its
files saying that you defaulted on a loan, this can prevent you from
obtaining credit, despite the fact that you have nothing to hide.
Yet another example: if you are at zero risk for AIDS (lifelong celibate,
never taken self-injected drugs, never had a blood transfusion, never
bitten by a mosquito, etc.), an HIV blood test for a health insurance
physical can only harm you, since it could report a false positive and
thus prevent you from being insured. Furthermore, the false positive
could very easily wind up in a nationwide medical database that would
prevent other insurance companies from covering you.
I would submit that people with "nothing to hide" are those most likely
to be unjustly harmed by privacy invasions, and therefore should definitely
oppose them.
------------------------------
Date: Tue, 19 May 1992 11:11:59 EDT
From: jeremy <ELE@psuvm.psu.edu>
Subject: Re: Census Bureau Database
In article <comp-privacy1.30.10@pica.army.mil>, djohnson@nike.calpoly.edu (Dean
N Johnson) says:
>
>During the last census I came across the story that census data was
>used during WW II to identify city blocks where people of Japanese
>heritage lived so they could be conveniently rounded up to be interned
>in camps.
>
>I don't know that it's the truth but it really make me think.
>Especially given the more current story concerning unregistered
>immigrants. I find the Census Bureau's definition of confidentiality
>rather disappointing.
The story of the Census Bureau and the Japanese-Americans is true as far as I
know (there was a recent movie about the event--anyone remember the title?)
The involvement of the US CB is recounted as pages 20-26 in David Burnham's
_The Rise of the Computer State_ (New York: Vintage, 1984). Approximately
112,000 Japanese Americans were involved in what Burnham calls "thhis extraordi
nary
breach in the constitutional rights".
The CB did finally admit their involvement, and have not done anything
like this again...BUT, the more important thing is that today, even
aggreagate data is not private (due to computer cross-matching).
And the CB do provide aggregate data as the previous posters have pointed out,
(in the UK, sometimes for as few as 16 households) (_The Independent_,
April 21, p. 3), although more normaly for 200 households).
>
--
jeremy..
Any replies to: cramptonj@csovax.portsmouth.ac.uk
------------------------------
From: "John Rudd a.k.a. Kzin -- Big Electric Cat" <gt3741b@prism.gatech.edu>
Subject: Re: Caller ID decision
Date: 19 May 92 12:39:57 GMT
In <comp-privacy1.29.15@pica.army.mil> NEELY_MP@darwin.ntu.edu.au
(Mark P. Neely) writes:
>Subj: PRIVACY WINS OVER CALLER ID in the State of Washington
>>From the Seattle Post-Intelligencer, March 26, 1992 -
> PRIVACY WINS OVER CALLER ID
Sounds more like "privacy of the called entity loses to the privacy
of the calling person.
> Phone companies must offer free blocking service
> P-I Staff and News Services
>OLYMPIA - Telephone companies offering caller-identification service must
>also offer callers - free of charge - the ability to block display of their
>number or location, a state commission ruled yesterday.
> The companies said an offer of free line-blocking, or automatic blocking
>of the caller's name or number, would doom caller-ID service.
I think if they're going to allow callers to block their ID, then
it should also be available that callee's totally block out those calls
that have no ID. I know I don't want my call waiting set off by some
bozo who isn't willing to identify themselves to the level I have predefined
by my phone line (I don't have caller ID, but if I did, I'm would consider
this the "requirement to call me"). I certainly don't want my connection
to the net (I leave call waiting on, in case of an important phone call)
interupted by someone who isn't willing to tell me who they are.
> Caller ID is seen by some law enforcement officials and other as a means
>of identifying the source of harassing or obscene telephone call.s Those
>resisting the technology say it raises concerns about callers' privacy
>rights.
My only reply to this would be that Caller ID supports the privacy of
the CALLED person. Since the Caller is the person initiating the action, I
don't think it is unreasonable to slightly lower their privacy level. If they
don't want their privacy lowered, they don't make the phone call in question.
> In hearings around the state, people said they wanted their privacy
>considered before the needs of advancing telephone technology, commission
>Chairwoman Sharon Nelson told telephone officials at yesterday`'s
>proceedings.
And no one stood up for the rights of the Callee? sounds like a bunch
of.. er..sorry.. I probably shouldn't go around to insulting the general
public.
> Industry officials argued that free per-call blocking service - in which
>the called dials three digits before making the call - has worked well in
>other states and provides enough protection for those who do not want their
>number disclosed.
Again, if you're calling me, I have the right to know who is "on the
outside of my door" before I "open my door". I don't want to get calls from
telemarketing people, or certain other sources. And no, telemarketers DO
NOT have a right to call me. I rent my line from the phone company. If
they want to use my line for their business, I have the right to deny that
use. If they don't want to identify themselves, then I see it as basically
the same as a person at the door who wont show sufficient ID.. You simply
don't open your door to them.
The complication being that they may still have interupted something
you were doing, because call waiting can be destructive to your current
line activity. Therefore, having a "ignore these calls totally" setup is
probably the only thing that I'd consider viable. Perhaps the caller, in
that case, should get a message of "This line refuses to accept calls from
callers who block caller ID".
Yes,I know that Long Distance tends to block the ID automagically..
I think that ought to be fixed (and if the LD companies would just support
it, it could be). If not, then the blocked calls should be local calls only.*
At this point, the overhead being generated is probably a little silly,
but again, I feel the rights of the Callee FAR outweigh the rights of the
caller. Afterall, if the Caller doesn't want their privacy invaded, they
simply don't have to make the phone call.
* as an asside, a leading code could be sent that instead of
saying "no ID available", said "this person is or isn't blocking their
ID", separate from the availablility of their ID. Thus, if you're
getting a LD call, and don't get their number, you know it's because of
LD.. because if they were blocking their ID, you'd have weeded them
separately. I'm not sure I'm explaining this clearly.. hope it makes
sense.
> The Washington Association of Sheriffs and Police Chiefs and the
>Washington State Patrol both said they favored charging for the line-block
>to ensure it was not overused. Law enforcement is a major supporter of
>caller-ID technology, believing that when it is widely used the incidence of
>harassing and obscene telephone calls will fall.
With the scheme I'm talking about, if the obscene caller blocked their
ID, the callee wouldn't even get a ring from them. :-)
I also think that the "block of non-ID'd calls" should be abailable to
people who don't have Caller-ID. Just the general principle. I don't have
Caller ID..I don't want it. But if you are blocking your ID, I don't want a
call from you, even if I don't have caller ID.
Hmm.. I wonder how hard it would be to get that passed.. Maybe I should
call the companies involved.
John
--
Discussing whether or not machines can think | John E. Rudd jr.
is about as interesting as discussing whether | gt3741b@prism.gatech.edu
or not submarines can swim. --Dijkstra | (ex- kzin@ucscb.ucsc.edu) | Speaker to Machines
#include<std.disclaim> Send all comments, flames, and complaints to /dev/null.
------------------------------
Date: Tue, 19 May 92 09:27:46 EDT
From: Lawrence V Cipriani <lvc@cbvox1.att.com>
Subject: Re: "IF you have nothing to hide..."
In article <comp-privacy1.29.2@pica.army.mil> karr@cs.cornell.edu (David Karr) writes:
>
>In article <comp-privacy1.19.2@pica.army.mil> ygoland@edison.seas.ucla.edu (The Jester) writes:
>>Would anyone care to provide a concise explination of WHY the
>>previously mentioned rational is wrong?
>
>Because everyone has something to hide from someone. Even you. (Or do you
>claim there is NOTHING you ever do that you would be ashamed for me to have
>a videotape of?)
Too, there are good things we do that if others know about we will be
harassed; for example, making a large donation to a charity. Once some
other "charity" gets wind of it how long will it be before they come
knocking to your door ? That's one reason why many donations to charities
are anonymous.
--
Larry Cipriani, att!cbvox1!lvc or lvc@cbvox1.att.com
"An unarmed people are slaves, or subject to slavery
at any moment." -- Huey P. Newton.
------------------------------
Date: Tue, 19 May 92 09:33:03 PDT
From: Mark Bell <idela!bell@uunet.uu.net>
Subject: Re: Computer Privacy Digest V1#030
>In short this program would be a double edged sword, it
>protects privacy, of EVERYONE. As such some have suggested that I
>not release such a program and while I have argued against them, I
>am normally required to take a circuitious (sp.) route to prove my
>point. I have been looking for a simple, logical answer, to explain
>to them why releasing this program isn't 'wrong'.
For gosh sakes, release it soon! As a Secretary of State said early
in this century, "Gentlemen don't read each other's mail." Since
we live in a world where such gentlemanliness is no longer in vogue
(or even possible?), your program would perhaps help things along.
As for the criminal user? That's a valid problem but I'd defend
bad guy's privacy if that's the price of defending mine. And yours.
After all, governments are the larger threat. This century, governments
have killed three times as many of *their own citizens* as have died
in wars. So get your program out and wish it Godspeed to other places
in the world whose governments aren't as bound by checks and balances
as ours presently is.
Mark Bell
------------------------------
Date: Tue, 19 May 1992 22:02:50 GMT
From: "Mark P. Neely" <NEELY_MP@darwin.ntu.edu.au>
Subject: Video records...
>Charlie Mingo <Charlie.Mingo@p4218.f70.n109.z1.fidonet.org> writes:
"Mark P. Neely" <NEELY_MP@darwin.ntu.edu.au> writes:
> ___ State Attorney John Tanner (Volusia Co, FL) has subpoenaed the
> rental records of two video shopkeepers to identify the individuals
> who rented one of four named explicit films.
>
> Ostensibily, the customers are only wanted as potential witnesses.
> Tanner states that he does not intend to prosecute any citizen whose
> name might be on this list. Both store owners are resisting, citing
> customers' rights to privacy. Tanner maintains people who rent
> material have no expectation of privacy.
> Did this take place in the US or Australia? I believe there is
>a federal law prohibiting the release of video rental records enacted
>after the confirmation hearings for Judge Robert Bork for the US Supreme
>Court in 1987.
My appologies for any confusion...I did *not* write the article. I simply
extracted it from a mainling list that I subscribe to...
The article refers to an incident in America (We don't call lawyers
"attorneys" over here :)
> During the hearings, a local free paper (DC's _City Paper_) managed
>to obtain a list of Bork's rentals (nothing very interesting -- lots of
>1940's-era B classics), and tried to make something of it.
> During the Thomas confirmation hearings in 1991, one of the major
>unanswered questions turned out to be whether the Judge was familiar
>with certain porno movie stars, a question which could easily be answered
>by checking the local video stores. Fortunately, the Judge's records
>were safe from prying eyes, and he now sits upon the Court.
Yes...legislation was implemented _very_ quickly to protect the privacy of
judges (and thus to uphold community respect for the judiciary). It did not go
so far as to extend to _all_ citizens.
Mark N.
------------------------------
Date: Mon, 18 May 92 22:26 EDT
From: michael.scott.baldwin@att.com
Subject: Bowers v. Hardwick
Bryan Morse writes in response to my Bowers v. Hardwick reference:
Wasn't this the case where the police officer had a warrant (based
on other charges), was allowed entry by another member of the household,
and then witnessed the "felonious" act through a partially open doorway?
Yes.
What made this such a landmark case was that it was a rare opportunity
to test such laws. They usually don't come up because enforcement is
so difficult (due to laws regarding privacy). This made for a perfect
test case because the officer did *not* violate the privacy of the
individuals when witnessing the illegal act.
That is *not* why I brought the case up. The very fact that the observed
act is considered "illegal" is what bothers me. *That* is the invasion of
privacy--when the law makes your private life illegal.
The court upheld the position that the officer legitimately entered
the house (for other reasons, remember) and therefore did not violate
anyone's privacy.
No, not on entering the house.
What the court basically said was that laws regarding
"private" conduct were permissible,
*This* is the problem! This doesn't bother you? Let us extend both the law
and the situation: let's say it is considered illegal for same-sex couples to
hold hands in public. An officer sees such an "illegal act" and arrests.
There is no "invasion of privacy" to witness the event, but the very fact that
it is considered illegal give people "something to hide". *I* think it's an
invasion of privacy if I can be arrested for minding my own business, whether
the police have to break down a door or not!
but reemphasized that the enforcement of such could not invade privacy.
Do you have references where the opinion reemphasized this?
In other words, it is not the law itself that invades privacy, but the
enforcement of it. In cases like this where the enforcement does not
invade privacy, the law can be applied.
I think you're missing the point -- the law *itself* is the problem. Besides,
what if the "enforcement" of this law was done via search warrants and phone
taps based on "probable cause". Wouldn't it be perfectly legal then? It
really doesn't make me feel comfortable when you say that my private *acts*
are illegal and don't worry; the police can't violate my privacy on the way
to arresting me for them.
A restatement of my previous summary:
Let me try, without using examples: the definition of what it is that you
have to "hide" rests with the government, not you. If the legal system
creates bankrupt laws that make your private life punishable, then you end
up hiding and fearing for simply living your life and pursuing your own
happiness.
In response to the Jester, yes we do have to watch out for the government
because of laws such as referenced above. The Bill of Rights was written
to protect us from the government, because the writers understood how easy
it is for governments to be evil. They didn't go far enough. If I don't
like a law, I cannot simply ignore it. Why is it that we have so many
invasive laws here, and the populace seems to support most of them?
------------------------------
From: "Richard A. Schumacher" <claris!schumach%convex.com@decwrl.dec.com>
Subject: Re: "IF you have nothing to hide..."
Date: 15 May 92 01:30:02 GMT
>In article <comp-privacy1.19.2@pica.army.mil> ygoland@edison.seas.ucla.edu (The Jester) writes:
>>One of the reasons that many people are against 'intrusive' laws is
>>because they disagree with the rational "If you have nothing to
>>hide, then you don't need to worry." However what I have failed to
>>see is a single cogent explination of WHY the rational of "If you
>>have nothing to hide, then you have nothing to fear" is a bankrupt
>>one. Would anyone care to provide a concise explination of WHY the
>>previously mentioned rational is wrong?
(BTW: The word is "rationale".)
Because people disagree, sometimes violently, about what is worth
hiding. For example, one person might go to absurd lengths to prevent
people from learning the details of how he masturbates even though most
people would probably find it uninteresting. For another example,
many people do not want their tax returns made public even though
they might not reveal anything which is, strictly speaking, illegal.
Is the point now clear? (If you have no emotional need for privacy,
or no appreciation for the need in others, then I suppose that no
argument against the "nothing-to-hide" doctrine will have any force
for you.)
------------------------------
Date: Tue, 19 May 92 12:10:25 EDT
From: Wm Randolph Franklin <wrf@speed.ecse.rpi.edu>
Subject: Risks of electronic auto tracing
If everyone knew where your car was all day then they might:
- determine your customers and suppliers, to steal the former and
undercut, or badmouth you to, the latter,
- know when you're away from home, to break in,
- know how much time you spend on the road, to analyze your business in
general,
- know where to kidnap you, if you're an Exxon exec, or where to hijack
your car if it's valuable, or if you're carrying valuables,
- see that you're visiting someone for no obvious reason, and so see
that you might be in secret negotiations to buy or be bought or hire or
be hired,
- etc etc etc
People malign "security through obscurity", but it's the basis of quite
a lot of security in society. Do you want to totally destroy it?
Finally, I'd feel more accepting of total openness if it started with
the names, photos, and addresses of police, including undercover agents,
CIA employees, senior government officials, etc. Basically what the
government wants is total secrecy about them, and total openness about
us.
Prof. Wm. Randolph Franklin, wrf@ecse.rpi.edu, (518) 276-6077; Fax: -6261
ECSE Dept., 6026 JEC, Rensselaer Polytechnic Inst, Troy NY, 12180
------------------------------
End of Computer Privacy Digest V1 #031
******************************