Date: Tue, 21 Sep 93 17:01:15 EST
Errors-To: Comp-privacy Error Handler <comp-privacy-request@PICA.ARMY.MIL>
From: Computer Privacy Digest Moderator <comp-privacy@PICA.ARMY.MIL>
To: Comp-privacy@PICA.ARMY.MIL
Subject: Computer Privacy Digest V3#042
Computer Privacy Digest Tue, 21 Sep 93 Volume 3 : Issue: 042
Today's Topics: Moderator: Dennis G. Rears
Re: Finding out the Caller's Number (was ANI)
Re: Finding out the Caller's Number (was ANI)
Re: Caller ID/ANI Thread
program for UK Privacy Conference, Sept 30
Subpoenas issued to PGP companies
Computer Privacy Digest V3#040
Re: Privacy Bill?
The Computer Privacy Digest is a forum for discussion on the
effect of technology on privacy. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy
(Moderated). Submissions should be sent to
comp-privacy@pica.army.mil and administrative requests to
comp-privacy-request@pica.army.mil.
Back issues are available via anonymous ftp on ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
From: "david.g.lewis" <deej@cbnewsf.cb.att.com>
Subject: Re: Finding out the Caller's Number (was ANI)
Organization: AT&T
Date: Mon, 20 Sep 1993 17:48:25 GMT
In article <comp-privacy3.39.1@pica.army.mil> varney@ihlpe.att.com writes:
> At least for 800 calls, I wouldn't object to an ANI-block
>mechanism. (I must acknowledge I work for a part of AT&T that could
>benefit from any mandated new features.) Even better would be a
>"presentation restricted" indicator in the ANI field, as the Caller-ID
>information contains.
Of course - then all the LECs are mandated to purchase new software for
all their 5ESS(R) switches, 1ESS(TM) switches, 1AESS(TM) switches,
4ESS(TM) switches, new MF senders for all the remaining 5XBs, etc.,
etc., etc. Helps AT&T Network Systems' income no end... Although I
would claim it would be a Big Deal to build and deploy it.
> As a rate-payer, I would expect the users of
>this feature to pay for it, either in monthly charges, per-use charges
>(whether the call was answered or not) or a fixed charge for every
>BLOCKED attempt to call an 800 number that will not accept non-ANI
>calls. Each of these should use minimal network resources; either the
>calls should be blocked in the LEC network or some fraction of the
>charges should be shared with the IXC for use of the IXC network.
I don't see how the calls could be blocked within the LEC network, as
the subscriber information (accept or reject calls with ANI
presentation restricted) would be either within the 800 service
provider network or in the 800 customer CPE. Except for the special
case where the originating LEC is also the 800 service provider, I
would expect the call would have to be delivered to the 800 service
provider for ultimate offering to the 800 customer, who can accept or
reject it as they wish.
Furthermore, I would guess that IXCs would be rather averse to this
concept, as they pay access charges to the originating LEC for
uncompleted calls in addition to using network resources to attempt to
set up the call. Unless the fraction of the charges shared with the
IXC fully coveres the access charge plus a delta, this feature is
mandating a loss of revenue on the part of the IXC.
>[Moderator's Note: Any idea of the total costs that would be incurred
>by various telecom entities in blocking ANI? ._dennis ]
Well, throwing out some possibilities... There's the per-ANI delivery
revenue that's lost - $.01 to $.02 per call. There's the cost incurred
for calls cleared because ANI is blocked - $.02 to $.06 in access
charges (assuming the time taken to accept the call setup from the LEC,
offer it to the customer, and complete clearing when the customer
rejects the call is less than one minute), and some additional fraction
in network resource usage - for the sake of argument, let's assume that
cost is the same as the LEC cost recovered by the access charge, $.02 -
$.06. There's the revenue lost due to these calls being cleared -
anywhere from about $.12 to $.25 per minute.
Now, let's make some wild-guess assumptions. Assume 5% of people block
ANI delivery when calling 800 numbers. Assume 75 million 800 calls are
made a day. (Basis - AT&T carries on the order of 150 million calls a
day, on the order of 40% of those calls are 800 calls, and AT&T has on
the order of 80% of the 800 market; these are the last published
numbers I've heard in the 800 number portability frenzy, and I have no
idea if they're at all accurate anymore, but they're close enough for
government work.) Assume 800 customers receiving 5% of the 800 traffic
reject calls which have no ANI information. Assume all 800 customers
are receiving ANIs and paying $.01 per call. Assume access charges and
800 service provider costs are each $.04 per cleared call, and 800
service provider revenue is $.20 per minute on 800 calls. Assume the
average completed 800 call lasts 3 minutes. These assumptions could be
played up or down, but hey, we're talking very rough order of magnitude
here.
We then get 75M * .05 or 3.75 million 800 calls on which ANI will be
blocked (marked restricted and not sent to the 800 customer). Of these
calls, 187,500 will be rejected by the 800 customer, representing
187,500 * $.08 or $15,000 in unrecovered costs and 187,500 * $.60 or
$112,500 in lost revenue. The remainder of the calls with ANIs blocked
results in $35,625 in lost revenue, so we're looking at about $160k/day
additional costs and lost revenues. Over, say, 250 business days a
year, we're talking about a $40 million hit on the bottom line of the
800 business.
That's ongoing costs, of course; there's also the cost to the industry
of building and deploying the capabilities to provide the blocking. I
wouldn't even care to hazard a guess as to how much that would cost to
the LECs, 800 service providers, and CPE providers. But what is
basically being discussed here is a capability which would require the
telecom industry to incur some upfront capital and development costs to
enable it to incur higher operational costs and reduce revenues. Oh,
yeah, that'll go over great.
>Al Varney - my opinion only
Ditto - my opinion and SWAGs only.
David G Lewis AT&T Bell Laboratories
david.g.lewis@att.com or !att!goofy!deej Switching & ISDN Implementation
------------------------------
Date: Mon, 20 Sep 93 21:50:42 EDT
From: Brinton Cooper <abc@arl.army.mil>
Subject: Re: Finding out the Caller's Number (was ANI)
Organization: The US Army Research Laboratory
One part of the debate on CNID/ANI centers on the public's alleged
mis-perception that an individual's privacy is absolutely protected when
that individual makes a toll-free (800) call.
FACT 1: The recipient of an 800 knows the number from which every such
call was made.
FACT 2: FACT 1 is a matter of public record via the tariff process.
FACT 3: Whether FACT 2 constitutes a "sufficient" level of public
disclosure is debatable. One's opinion is surely tied in with
a significant set of other personal issues and opinions.
FACT 4: The resolution of the issue in FACT 3 is not likely to be
settled in this forum any time soon, if ever.
FACT 5: No new facts have entered this debate in several weeks.
STRONGLY HELD OPINION: It is always good for the public to know about
such rules as the tariffing of the release of calling numbers to
holders of 800 numbers. It is good for the public to be aware
that this is a controversial subject. It is good for the public
to reflect upon and participate in the debate.
INESCAPABLE CONCLUSION: If everyone (including me) who posted to this
debate would write one thoughtful letter to the editor of a widely-
read newspaper summarizing the debate and stating his/her opinion,
the public would be well-served and this forum could discuss
something new.
DISCLAIMER: This is not a suggestion that debate be limited. It is not
a call for cloture. It is merely a suggestion on how to improve
the quality of life on this forum.
__Brint
------------------------------
Date: Mon, 20 Sep 1993 20:21:56 -0400
From: David Lesher <wb8foz@scl.cwru.edu>
Subject: Re: Caller ID/ANI Thread
Reply-To: wb8foz@skybridge.scl.cwru.edu
Newsgroups: comp.society.privacy
Organization: NRK Clinic for habitual NetNews abusers - Beltway Annex
I have a technical query to close out the thread.
I seem to recall that a Rochecter Tel sub called the 800-stopper ANI #,
and got readback, then "*67"ed, and called again - this time NOT
getting one.
Anyone have a technically - valid explanation?
--
A host is a host from coast to coast..wb8foz@skybridge.scl.cwru.edu
& no one will talk to a host that's close............(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433
------------------------------
Path: privint.demon.co.uk!user
From: davies@privint.demon.co.uk (Simon Davies)
Subject: program for UK Privacy Conference, Sept 30
Organization: Privacy International, London Office
Date: Mon, 20 Sep 1993 22:27:07 GMT
PROGRAMME
INTERNATIONAL DEVELOPMENTS IN PRIVACY
AND DATA PROTECTION
30th SEPTEMBER, 1993, MANCHESTER, UK
A roundtable hosted jointly by Privacy International
&
the Law School of the University of Manchester
8.30 AM Welcome.
8.45 Information Infrastructure and Telecommunications Privacy issues
Professor Marc Rotenberg, Georgetown University Law School, U.S.A.
Discussion
9.30 Privacy developments in the United States : An overview and
discussion.
Evan Hendricks, Privacy Times, Washington DC
10.15 Privacy developments in Canada : an overview and discussion.
Tom Riley, Riley Information Systems, Toronto
11.00 Break
11.15 Interactive technology and smart cards in the Health Sector : The
Australian experience and international parallels.
Simon Davies, School of Law, University of New South Wales, Australia.
Discussion
12.00 Cryptography issues and the Clipper Chip proposal
David Banisar, Computer Professionals for Social Responsibility
(CPSR), Washington DC.
Discussion
Other sessions include :
Implications of the European Commission data protection
directive
The establishment of
guidelines for handling police files
in emerging democracies in Central and Eastern Europe
Weaknesses in the UK Data Protection Act
8.30 AM - 2.00 PM, Thursday 30th September 1993
Room 2.22, The Law School, University of Manchester,
Oxford Road, Manchester, M13 9PL
This programme will include a small number of papers and formal
presentations, but will primarily be a forum for general discussion
of the issues. A number of key international experts will be present
at the meeting.
The conference is free for all Privacy International members,
independent experts, and privacy and consumer advocates.
A fee of 50 (US$75) will apply to representatives of government
organisations or companies.
8.30 AM - 2.00 PM, Thursday 30th September 1993
Room 2.22, The Law School, University of Manchester,
Oxford Road, Manchester, M13 9PL
For more information, please contact :
Simon Davies at Privacy International in London on
(44) 81 402 0737 or fax (44) 81 313 3726
(email : Davies@privint.demon.co.uk )
or
Dave Banisar at Privacy International in Washington on
(1) 202 544 9240, fax (1) 202 547 5482
(email : Banisar@washofc.cpsr.org )
-------------------------------------------------
Simon Davies
Privacy International
Morgan Towers, Bromley, BR1 3QE U.K.
Ph (44) 81 402 0737 fax (44) 81 313 3726
email davies@privint.demon.co.uk
internet connection donated to Privacy International
by Demon Internet, London
-----------------------------------------------
------------------------------
From: Carl Oppedahl <oppedahl@panix.com>
Subject: Subpoenas issued to PGP companies
Date: 21 Sep 1993 09:56:25 -0400
Organization: PANIX Public Access Internet and Unix, NYC
The New York Times (Sept. 21, 1993, page D1, col. 1) reports that
a federal grand jury in San Jose, Cal. has issued subpoenas to
two software publishers selling privacy programs. According to
the story, the subpoenas relate to whether distribution of
Pretty Good Privacy (PGP) has violated State Department
export control regulations.
Quoting from the article:
The legitimacy of the export regulations is also disputed
by legal scholars who argue that they restrict speech.
"The right to speak P.G.P. is like the right to speak
Navajo," said Eben Moglen, a professor of law at Columbia
University. "The Government has no particular right to
prevent you from speaking in a technological manner even
if it is inconvenient for them to understand."
P.G.P. has been controversial since it was written by a
programmer, Philip Zimmerman, because it uses a coding
formula that many researchers believe strong enough to
protect data from even the N.S.A.'s high-speed code-cracking
computers. The formula was developed by three computer
scientists: Ronald Rivest, Adi Shamir and Leonard Adelman.
--
Carl Oppedahl AA2KW (patent lawyer)
1992 Commerce Street #309
Yorktown Heights, NY 10598-4412
voice 212-777-1330
------------------------------
Date: Tue, 21 Sep 93 14:05:17 EDT
From: Bryon Propst <bryon@boa.meaddata.com>
Subject: Computer Privacy Digest V3#040
Is the U.S. Government really going to become this irrational in its
phobia that the common citizen may actually obtain true privacy in
their communications? What has happened to our government over the
last 200 years? We once believed that what the private citizen did was
his own business until there was physical evidence that they were
harming another's Constitutional rights. Now, you believe that you
have the right to "take a preventative stance toward crime and
corruption...". Sounds good, but where does that lead us? To invading
ALL areas of our citizens lives that were once deemed private, in the
hope that you may find a potential infraction?!?
Our forefathers are doing backflips.
So would I if I wasn't so scared....
----- Begin Included Message -----
[Moderator's Note: The included message was the article about Austin
Code Works and PGP. It was in the second to last digest. ._dennis ]
------------------------------
From: "Theodore L. Dysart" <dysart@parrot.wpi.edu>
Subject: Re: Privacy Bill?
Date: 21 Sep 1993 20:51:10 GMT
Organization: Worcester Polytechnic Institute
In article <comp-privacy3.37.2@pica.army.mil> peterson@CS.ColoState.EDU (james peterson) writes:
>I have recently been hearing about a privacy bill being considered
>by Congress. Does anyone have the text of this bill to post?
I am doing a paper on e-mail privacy and I looked into this legislation.
It is sponsored by Senator Paul Simon, and it is called "The privacy for
consumers and workers act" As explained to me by his aide, it does the
following:
If an organization declares that it has the right to read/review
your e-mail, it must do so all the time. If they do not review
mail on a regular basis, but retain the right to, they must make
you aware of the fact that they have "opened" your mail.
It doesn't stop them from doing it, but at least you must be informed. 8)
The aide told me that it was unavailable in an on-line format, but they
are happy to send it to you. (took about 2 wks.)
We voluntered to do some surveys or research for the office, but their
interest was more directed towards Unions. (The brochure with the record
from the hearing included an extensive statement from the Union at the
Sharaton Hotel in Boston.)
Ted.
-------------------------------------------------------------------------------
_/_/_/_/_/ _/_/_/_/ _/_/ |Thodore L. Dysart | Also Student Conductor for
_/ _/ _/ _/ |dysart@wpi.wpi.edu| the WPI Glee Club and Head
_/ _/_/_/ _/ _/ | Sales Rep. for | Chef for the WPI Baker's
_/ _/ _/ _/ | WIN Enterprise | Dozen - Available for
_/ _/_/_/_/ _/_/ | (508)753-1522 | Special Occasions 792-9119
------------------------------
End of Computer Privacy Digest V3 #042
******************************