Date: Sat, 12 Sep 92 12:30:36 EST
Errors-To: Comp-privacy Error Handler <comp-privacy-request@PICA.ARMY.MIL>
From: Computer Privacy Digest Moderator <comp-privacy@PICA.ARMY.MIL>
To: Comp-privacy@PICA.ARMY.MIL
Subject: Computer Privacy Digest V1#077
Computer Privacy Digest Sat, 12 Sep 92 Volume 1 : Issue: 077
Today's Topics: Moderator: Dennis G. Rears
Re: SSN as College ID
Re: Teletrac
Re: Databases & Ethics
The Computer Privacy Digest is a forum for discussion on the
effect of technology on privacy. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy
(Moderated). Submissions should be sent to
comp-privacy@pica.army.mil and administrative requests to
comp-privacy-request@pica.army.mil.
Back issues are available via anonymous ftp on ftp.pica.army.mil
[129.139.160.200].
----------------------------------------------------------------------
From: "Glenn S. Tenney" <tenney@netcom.com>
Subject: Re: SSN as College ID
Date: Tue, 8 Sep 92 18:43:53 PDT
My son went to a local junior college last summer. Of course,
they wanted his SSN for his ID#. Equally obviously we refused.
They kindly assigned him a number and questioned why giving
it out would bother us -- it is confidential 'you know'.
They posted class lists on each classroom door and... You
guessed it... These printed lists included names and SSNs!
Some confidentiality!!
btw. My son is 15, so I was there and able to firmly request
his SSN not be used. I would think that most people would
just give in.
--
Glenn Tenney AA6ER
voice: (415) 574-3420 fax: (415) 574-0546
tenney@netcom.com
------------------------------
Date: Tue, 8 Sep 92 18:57 PDT
From: John Higdon <john@zygot.ati.com>
Organization: Green Hills and Cows
Subject: Re: Teletrac
From: "K. Kadow" <technews@iitmax.iit.edu> writes:
> I was talking to a local police officer (chicago metro. area) and he
> said that they are now endorsing Teletrac instead of the Lo-Jack
> system.
>
> The console for the Teletrac system includes functions to
> activate the automobile transmitter remotely,
So how long is it going to be before such devices will be a mandatory
part of each automobile sold in the US? And when can we expect laws
that make it a felony to disable even your own unit?
It is a law enforcement dream: if you want to know the whereabouts of
anyone, you can at least keep track of his car from a convenient
central location. Computers could even be used to record the movement
of each automobile and save that information indefinitely. The suspect
claims he went to the grocery store the evening of the 12th? Just pull
up the records and see.
--
John Higdon | P. O. Box 7648 | +1 408 264 4115
john@zygot.ati.com | San Jose, CA 95150 | M o o !
------------------------------
From: Dan Sorenson <viking@iastate.edu>
Subject: Re: Databases & Ethics
Organization: Iowa State University, Ames IA
Date: Sat, 12 Sep 1992 01:04:11 GMT
hughes@swine.cs.uiuc.edu (Eric Hughes) writes:
>I think this is a good topic for this group. I think that more money is spent
>on research which may violate privacy than on reasearch for appropriate limits
>to privacy.
I changed the cross-posting to take out comp.databases.ingress, and
added comp.society.privacy -- the extra help there should be beneficial.
>I'd like to see researchers in the area of databases take the initiative in
>this area. I think the problem can be divided into two questions:
> 1. What are the limits of privacy?
A question that has been debated in the halls of government,
academia, and in local taverns around the world. I kind of like the idea
of what a "reasonable" person would consider the limits, as this allows
the law to reflect public sentiment as societal mores change. I don't
think anybody needs to know the details of my sex life, for example, and
the reasonable person would agree. However, my police record may be
quite necessary information for certain things, and hence could be viewed
when it is reasonable to do so. Such situations might include being hired
for a particular job, or when purchasing a handgun. It is not anybody's
business when I'm purchasing groceries. "Reasonable" is also flexible.
The danger here is to keep government and police from doing what they see
as reasonable; my long hair may justify, to them, the reasonable conclusion
tha I'm some sort of societal threat and need to be kept under constant
surveillance. It requires some restraint on the part of everybody.
> 2. How do we make database applications that respect these limits?
We don't. Simply, this is not a design problem as I see it. It
is a policy problem. Any database application is just there for storing
information in a manner that makes it easy to retrieve according to some
criterion. One should not design the application to not store the
information or to make it impossible to retrieve it, but of course some
security should be built in to allow only selected groups to access the
sensitive information. One method is password access, another is to
make the sensitive databases readable only to a certain group, or
whatever. The policy part comes in when Joe User decides to start
snooping into the records of his neighbor, or gives away information
that has no business being given away for a particular reason. The only
way to stop this is to either keep Joe User from having access to that
information, or to not store it. The former is policy-related as policy
will dictate who gets access to what, and the latter should be thought
of when the need the database should fill is defined. There's no need
for my bank account database to hold my college grades, so naturally it
wasn't included in the specs.
In any event, the only input I'll get on this is to give the
management-types a rough estimate of how much longer the project will
take if I implement various security schemes, how risky it is to hold
that information, and also to ask how and why that information needs
to be retrieved. This gives me some freedom in the design stage, but
all in all it's never going to be my decision.
<Dan Sorenson, DoD #1066 |"I see angels on Ariels in leather and>
<z1dan@exnet.iastate.edu | chrome, Swooping down from heaven to >
<viking@iastate.edu | carry me home." --- R. Thompson >
<ISU thinks I need more education, which they provide for a fee.>
------------------------------
End of Computer Privacy Digest V1 #077
******************************