Date: Thu, 27 Jan 94 12:03:29 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V4#023
Computer Privacy Digest Thu, 27 Jan 94 Volume 4 : Issue: 023
Today's Topics: Moderator: Leonard P. Levine
Re: SSN on Payroll Checks
Re: SSN on Payroll Checks
Public Hearings on Privacy in DC
Proposed CPD post re Buckley Amendment
US Senate FTP Site On Line
Re: Crypto Experts Oppose Clipper Chip
Re: Data Encryption and Privacy
The Computer Privacy Digest is a forum for discussion on the effect
of technology on privacy. The digest is moderated and gatewayed into
the USENET newsgroup comp.society.privacy (Moderated). Submissions
should be sent to comp-privacy@uwm.edu and administrative requests
to comp-privacy-request@uwm.edu. Back issues are available via
anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp"
with password "yourid@yoursite". The archives are in the directory
"pub/comp-privacy". Archives are also held at ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
From: Dave Gomberg <GOMBERG@UCSFVM.UCSF.EDU>
Date: Mon, 24 Jan 94 20:54:42 PST
Subject: Re: SSN on Payroll Checks
I feel the whole SSN thing reeks of paranoia. Accordingly I have
retreived the so-called explanation of why you should worry, and am
responding to it from the point of view of someone who digs out info
about you all the time.
> Why you should resist requests for your SSN
>When you give out your number, you are providing access to information
about yourself.<
No, you are giving out info about the Social Security system. Info
about yourself is things like name, date of birth, mother's name, place
of birth, etc. These have nothing to do with your ssn.
>You're providing access to information that you don't have the ability
or the legal right to correct or rebut. You provide access to data
that is irrelevant to most transactions but that will occasionally
trigger prejudice. Worst of all, since you provided the key, (and did
so "voluntarily") all the info discovered under your number will be
presumed to be true, about you, and relevant.<
Believe me cookie, we get the info with or without the ssn. When you
conceal the ssn, you give me the message you are someone with something
to hide. The heck with you. There are plenty of folks out there who
will pay their bills.
>A major problem with the use of SSNs as identifiers is that it makes
it hard to control access to personal information. Even assuming you
want someone to be able to find out some things about you, there's no
reason to believe that you want to make all records concerning yourself
available.<
This point has a germ of truth. There is no way to say it is ok if
this person has my bill payment history but they should not be given my
bank balance. If you want that, you want more data, not less.
>When multiple record systems are all keyed by the same identifier, and
all are intended to be easily accessible to some users, it becomes
difficult to allow someone access to some of the information about a
person while restricting them to specific topics.<
See above. But this points to more identifiers, one for each field.
How many folks want a different id number for each of the possible
things a potential creditor would legitimately want to know? And what
borrower or creditor would want to deal with that mess. The heck with
it. If you don't want to give me the info, do without the apartment.
>Unfortunately, far too many organizations assume that anyone who
presents your SSN must be you.<
This is bs. Pure and simple. What does it mean?????
>When more than one person uses the same number, it clouds up the
records. If someone intended to hide their activities, it's likely
that it'll look bad on whichever record it shows up on. When it
happens accidentally, it can be unexpected, embarrassing, or worse.
How do you prove that you weren't the one using your number when the
record was made?<
As far as it goes, this is true. But you get far more trouble from
incomplete, misleading records than you ever do from plain false
ones. And you prove it wasn't you by saying so. Then the burden
devolves on the company to prove it WAS YOU. My record is now clean
(check it and see), but it took a while to acheive that.
If this list is about ssns, I quit. SSNs as an issue are garbage, for
the lunatic fringe. They should meet the NRA. Dave
Dave Gomberg, role model for those who don't ask much in their fantasy lives.
GOMBERG@UCSFVM Internet node UCSFVM.UCSF.EDU fax-> (415)731-7797
For info on West Coast Live send email to West_Coast_Live-Request@netcom.com
------------------------------
From: johnl@iecc.com (John R Levine)
Date: Tue, 25 Jan 94 17:26 EST
Subject: Re: SSN on Payroll Checks
Organization: I.E.C.C., Cambridge, Mass.
>Let me ask why I care if someone (or lots of folks) knows my SSN?
Does it have anything to do with Social Security directly, or would the
drawbacks apply to any powerful identifier? If any powerful
identifier, why is it more important than my name and dob? Please
advise.<
The basic problem is that far too many organizations assume that anyone
who presents your name and SSN must be you, making it easy to
impersonate you for credit theft and other fraudulent purposes.
Another, growing, problem is that keying records by SSN makes it
possible to easily combine records from otherwise unrelated databases.
This aids organizations that compile dossiers of personal information
without your knowledge or consent. (Lest this sound paranoid, when's
the last time TRW or Equifax asked your permission to compile a file
full of credit card, banking, and employment information about you?)
Regards,
John Levine, johnl@iecc.com, jlevine@delphi.com, 1037498@mcimail.com
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: Thu, 27 Jan 1994 11:10:54 -0600 (CST)
Subject: Public Hearings on Privacy in DC
Organization: University of Wisconsin-Milwaukee
The following is taken from the EFFector Online, issue 07.02, Jan. 25,
1993, A Publication of the Electronic Frontier Foundation, ISSN
1062-9424:
Public Hearings on Privacy in DC
--------------------------------
US OFFICE OF CONSUMER AFFAIRS
PUBLIC HEARINGS ON INFORMATION AGE PRIVACY
Washington, DC: January 26-27, 1994.
Public Invited to Participate.
Representatives from the public, private and non-profit sectors will
present their views on personal privacy and data protection in the
information age at public hearings of a U.S. Government task force in
early 1994.
The hearings will be open meetings of the Privacy Working Group,
chaired by Patricia Faley, Acting Director of the United States Office
of Consumer Affairs (USOCA). The Working Group is part of a task force
set up by the Clinton Administration to consider how to spur
development of an "information superhighway." Officially known as the
National Information Infrastructure (NII), the "data highway" will be
capable of exchanging data, voice and images electronically within a
vast network of individuals, businesses, government agencies and other
organizations around the world. Ensuring ready access to information is
the goal of the Administrative initiative, but protecting individual
privacy is essential to its success.
The public meeting will examine privacy issues relating to such areas
as law enforcement, financial services, information technology, and
direct marketing. The previous California meeting, January 10th and
llth, was hosted by Jim Conran (Director, California Department of
Consumer Affairs) in Sacramento The Washington, DC meeting, January
26th and 27th, will be held at the U.S. Department of Commerce
Auditorium, 14th & Constitution Ave. NW. Registration begins at
8:30am, meetings at 9am.
The public is invited to attend, question speakers and to make brief
comments, but space is limited. Concise written statements for the
record should be sent to "Privacy," USOCA, 1620 L Street NW, Washington
DC 20036 or faxed to (202)634-4135.
United States Office of Comumer Affairs
1620 L Street NW
Washington, D.C. 20036-5605
Contact:
George Idelson (USOCA)
+1 202 634 4344
Patricia Faley (USOCA)
+1 202 634 4329
------------------------------
From: Haim Mendelson <FMENDELSON@GSB-LIRA.STANFORD.EDU>
Date: Mon, 24 Jan 1994 23:49:54 -0800 (PST)
Subject: Proposed CPD post re Buckley Amendment
Robert Ellis Smith's post identifies two FERPA loopholes. However,
the coverage of FERPA is quite broad. First, FERPA defines "education
records" as "those records, files, documents, and other materials which
(i) contain information directly related to a student; and (ii) are
maintained by an educational agency or institution or by a person
acting for such agency or institution". The term "education records"
does not include the "records of instructional, supervisory and
administrative personnel and educational personnel ancillary thereto
which are in the sole possession of the maker thereof and which are not
accessible or revealed to any other person except a substitute". Thus,
the "sole possession" exemption is lost when the possessor reveals the
contents of the records in question to anybody other than a
substitute. If the Professor indeed disclosed the content of the
records to others, as stated by the student, it would be difficult for
the institution to claim this exemption.
The second loophole is of a different nature: disclose of information
from education records without the student's written consent is
allowed to "other school officials, including teachers within the
educational institution or local educational agency, who have been
determined by such agency or institution to have legitimate
educational interests". This does not allow disclosure to individuals
who are not "school officials", and again the student's original post
suggests that information from his records was disclosed to
"outsiders"; if these individuals are not school officials (usually
within the same institution), the exemption does not apply. Even with
respect to school officials, disclosure is not automatically OK. The
institution should have a written policy that, among other things,
defines what constitutes "legitimate educational interest", though I
suspect the policy will define it in very broad terms.
One aspect I would urge the student to consider is the toll of fighting
the institution where he is studying. Unless he feels very strongly
about it, he may be better off not fueling a vicious cycle of
adversity, even if he was not the one who initiated it.
Haim Mendelson
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: Thu, 27 Jan 1994 11:28:00 -0600 (CST)
Subject: US Senate FTP Site On Line
Organization: University of Wisconsin-Milwaukee
The following is taken from the EFFector Online, issue 07.02, Jan. 25,
1993, A Publication of the Electronic Frontier Foundation, ISSN
1062-9424:
Senate FTP Site Online
----------------------
A new FTP site has been put on line to hold the publicly available
documents and press releases of our Senators.
Chris Casey <chris_casey@kennedy.senate.gov> of the office of Sen.
Edward Kennedy says "Some progress is being made here on the Hill. The
Senate now has an anonymous ftp server running. It's sparsly
populated, only Kennedy and Stevens have posted anything so far, but I
imagine the rest will find their way shortly. At least it's a start.
The fact that the Senate has an anonymous ftp server is not a secret,
but I don't think it's widely known either."
You can access the server by FTPing to ftp.senate.gov, logging in as
"anonymous" (without the quotes) and giving your email address as
password.
The site's general information bulletin is as follows:
Welcome to the United States Senate's Anonymous FTP Server
(ftp.senate.gov). This service is provided by the Office of the U.S.
Senate Sergeant at Arms and the Senate Committee on Rules and
Administration.
This server contains general information files about the United States
Senate in the directory "general". Directories are also provided for
specific Senators' offices, in alphabetical order by two-letter state
abbreviations, and for Senate committees and other Senate offices. If
an office is not included in the directory, this indicates no files
have been posted by that office.
No files can be uploaded to this system. Please direct questions about
a specific Senate office's use of this service to the Senate office in
question. General inquiries not involving a specific Senate office can
be directed via Internet e-mail to: ftpadmin@scc.senate.gov
Subdirectories for Senator's offices are structured as follows:
/member/state_abbrev./senator's_name/releases/filename
or
/member/state_abbrev./senator's_name/general/filename
The "releases" subdirectories contain press releases and related
materials, and "general" subdirectories contain information of
long-term interest such as office contacts.
As of Jan. 24, 1994, the site was not being used very extensively, but
individual Senators' directories contained various informational files,
such as the following:
Ted Stevens (AK):
member/ak/stevens/releases
-rw-r--r-- 1 1 1321 Jan 21 16:16 Childhood_Immunizations
-rw-r--r-- 1 1 828 Jan 21 16:16 Inman_Statement
-rw-r--r-- 1 1 3152 Jan 05 11:45 Ketchikan_Subcontractors
-rw-r--r-- 1 1 3488 Jan 21 16:16 Seafood_Inspection
-rw-r--r-- 1 1 1910 Jan 21 16:17 new_staff
-rw-r--r-- 1 1 1661 Jan 21 16:17 tongass_timber
Edward Kennedy (MA):
member/ma/kennedy/general
-rw-r--r-- 1 1 138842 Jan 13 13:49 S1150_Goals_2000
-rw-r--r-- 1 1 1011 Dec 13 15:04 on-line_access
-rw-r--r-- 1 1 133477 Dec 27 10:08 s1040.txt
member/ma/kennedy/releases
-rw-r--r-- 1 1 3591 Jan 14 15:23 Human_Radiation_Experimentation
-rw-r--r-- 1 1 1664 Jan 05 11:11 Statement_on_Firearms_Proposal
-rw-r--r-- 1 1 16188 Dec 15 14:19 major_accomplishment_93
-rw-r--r-- 1 1 14523 Jan 13 11:58 national_health_reform_debate
-rw-r--r-- 1 1 1298 Dec 15 14:18 worker_retraining_grant
Please express your interest in this first small step, and encourage
your Senators to utilize this new Congressional Internet resource. Ask
your Representatives to look into the possibility of a similar system
for the House.
[Computer Privacy Digest Moderator's note: Rather than logging in with
the userid 'anonymous', this system (and many systems like it) permits
a login with the userid 'ftp'. This is a small difference, but it does
not contain the (incorrect) presumption that no one knows who you are.]
------------------------------
From: news@cbnewsh.att.com
Date: Tue, 25 Jan 94 05:19:17 GMT
Subject: Re: Crypto Experts Oppose Clipper Chip
Organization: NCR, an AT&T Company, Pleasanton CA
[ Letter deleted ]
P.S. Renaming it "Tessara" isn't good enough ....
--
# Bill Stewart NCR Corp, 6870 Koll Center Pkwy, Pleasanton CA 94566
# Email: bill.stewart@pleasantonca.ncr.com billstewart@attmail.com
# Phone: 1-510-484-6204 Beeper: 1-510-224-7043
# ViaCrypt PGP Key IDs 384/C2AFCD 1024/9D6465
From: bcm!synercom.hounix.org!mattair@rice.edu (Charles Mattair)
Subject: Re: GTE and new Fed Compliance
Organization: Synercom Technology, Inc. Houston, TX, USA
Date: Tue, 25 Jan 1994 18:49:00 GMT
Keith Doyle <keithd@netcom.com> wrote:
>Here's a curious note I just got from GTE:
>new federal regulations require GTE to provide the billing name and
address of the customer if the telecommunications company handling the
call requests that information.<
This isn't strictly true - they have always provided this information.
>If you wish to deny release of your billing name and address,
completely fill in the circle labeled "deny" on the attached
Authorization Form and return it to GTE in the enclosed envelope by
February 18, 1994.<
>So what do you suppose prompted this? Is there a privacy issue going
on here?<
This is the final [if anything is final WRT Federal regulations] round
of a battle between the FCC and the phone companies.
I had a two month fight with Southwestern Bell regarding their policies
about selling BNA [Billing Name and Address] to essentially anybody.
My position was they could sell listing name and address - my phone is
listed in a fake name with no published address - whereas theirs was
they would sell BNA until otherwise prohibited. Three layers of SWB
management and several phone calls to the PUC finally got me to the
tariff section of the FCC.
It developed the FCC had promulgated a rule to deny SWB's behaviour but
it was stayed pending IXC/LEC comments. The problem is exactly as GTE
describes: if an IXC/LEC accepts a calling card call billable to a BNA
blocked number, they have no way of billing or contacting the debtor
other than thru the cards issuer.
from what I remember - the stay was issued almost a year ago - the FCC
block on BNA delivery was unconditional. So it would appear we have a
compromise. You get to choose. I'm not sure but the rule may have
also blocked any release of BNA other than for billing purposes,
regardless of your choice.
Hazy $0.02 worth
--
Charles Mattair (temporarily - work) mattair@synercom.hounix.org
<standard.disclaimer>
In a mature society, "civil servant" is semantically equivalent to
"civil master." - Robert Heinlein, _The Notebooks of Lazarus Long_
------------------------------
From: close@lunch.asd.sgi.com (Diane Barlow Close)
Date: 25 Jan 1994 19:16:07 GMT
Subject: Re: Data Encryption and Privacy
Organization: Self employed, eh.
gene michael stover <gangrene!gene@netcom.com> writes:
>I'll answer your last question first (and then amble into an answer
for everything else): ``It is absolutely *IMPOSSIBLE* to penetrate a
system using PGP, correct?''<
>*Not* correct.<
>There currently exist many algorithms for cryptanalysing (decrypting
without the key) a PGP message, but they are very expensive to use on
the average message. There's nothing to prevent me from putting one of
these programs on a spare computer and feed it a PGP message and
letting it go. In a few (or a few million ;-) years, I'd probably have
the decryption.<
> [stuff deleted]<
>My guess is that PGP is fine. Same with the three systems you
currently use. If the details of the commercial systems are kept secret
by the manufacturer, I would suggest you drop them and use PGP because
``security through obscurity'' isn't [Kerckhoff's principle, improved
by paraphrasing ;-].<
Interesting. In misc.consumers I raised some questions about an
article originally posted in misc.invest.real-estate and everyone there
was very gung-ho on PGP. Now someone also points out to me that PGP
implements the RSA public-key encryption algorithm, and there is a
patent on the use of RSA for digital communication, and that includes
email. Apparently, if you use PGP to encrypt or sign email which you
then send to someone else, and you have not obtained a license for use
of the patent from the patent holders, you are "infringing" the
patent. So, before you use it, you should think seriously about the
legal, ethical, and financial consequences of doing so. That makes my
questions about the following post even more pertinent.
I have submitted the following to the privacy digest and also to RISKS
because the issues cross both the risk and the privacy lines. I'm not
trying to pick on Michael Bridgeman or his company; I think that his
company is merely the starting point in a discussion about the risks
and effects that becoming part of the information highway and using the
Internet for personal or financial information raises. Michael
cancelled his original article before I could go back and retrieve a
copy to include it in its entirety here (the RISKS of posting to the
Internet, eh? :-). So what follows is about 3/4 of his original
posting; only the contact info has been removed:
Michael Bridgeman <infotech@clt.fx.net> writes:
>Infotech is an Information Provider and we have recently begun
providing our services via the Internet. An partial list of some of our
services include:<
>Individual Credit Reports * Business Credit Reports * Dun & Bradstreet
Pre-Tenant Background Check * SS# Locator Service * National Change of
Addr Difficult Phone Numbers * Nationwide Marriage, Divorce and Death
Records Criminal Records Search * Arrest & Convictions Records * Bank
Acct Search Real Property Search * Workers Comp Claims * Consumer
Affairs Reports Corporation Search * Tax Lien Search * Corp. Bankruptcy
Search * Business Name Search * DMV Records * Registered Voter Search *
Nationwide Warrants<
> And MUCH MORE!<
>Most requests are turned around with 24-48 hrs (depending upon complexity
and depth of report needed) Reports can be delivered via Internet, US Mail,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Fax or Overnight. Infotech Adheres to the Fair Credit Reporting Act.
Payment may be made via Visa, Mastercard or in advance of services.<
> All information is kept in the strictest confidence and PGP delivery
is also available ... [rest deleted]<
I am now aware that PGP stands for a very good encryption mechanism,
but I still feel that there are risks in using the Internet for
delivery of such personal information. Although PGP is "available",
nowhere in the post does it say that he is going to use it all the time
for delivery of personal data. And what about the patent infringement
risk issue, raised above?
I've been on the Internet for a long time (since '81) and I certainly
will be the first to say that I don't follow every little nuance and
new development, so it'll probably come as no surprise that *I* hadn't
heard of PGP before. How many Internet newbie landlords are going to
recognize that PGP means "worlds greatest encryption scheme"? :-)
Besides, unless PGP is the ONLY way the info is sent via the Internet,
the data won't be safe, and then you have to worry about both parties
possessing a PGP license. Otherwise, sending things via e-mail is just
like posting them to a newsgroup as far as privacy goes.
Personally, my biggest concern wasn't so much the passage of personal
data through the system, encrypted or not, but the ease of faking
e-mail so that some unscrupulous person could easily give you a fake
e-mail address and personal data of another person to retrieve a copy
of *that other person's* credit report. I wonder what kind of
safeguards they have in place to prevent this, or to make sure that
those who contact them via e-mail really are who they say they are?
According to what I've read on misc.consumers and elsewhere, you can
simply register with any of the credit reporting services as a
landlord, and you don't even need an SSN# - just a name and address.
$50 and a name and address. Scary, isn't it? So what's to prevent
"anyjoe" from getting anyone's credit data through the Internet, now?
With security there's not just protection of data, there's
authentication. The old "how do I know that you're who you say you
are" question.
And, concern #3, if he has this data on his Internet site, how safe is
it? How many security precautions has he taken on that site to protect
the data? Unix machines on the Internet are notorious for having
security holes that need to be plugged.
A lot of questions and so far no answers! :-) Comments anyone?
--
Diane Barlow Close
close@lunch.asd.sgi.com
I'm at lunch today. :-)
------------------------------
End of Computer Privacy Digest V4 #023
******************************
.