Date: Mon, 14 Feb 94 11:17:50 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V4#030
Computer Privacy Digest Mon, 14 Feb 94 Volume 4 : Issue: 030
Today's Topics: Moderator: Leonard P. Levine
Re: WA state bill could censor VR and multimedia
Re: Privacy in Mailing Lists
Re: Privacy in Mailing Lists
Re: WA state bill could censor VR and multimedia
Re: Privacy Acts - Ireland, Iceland
Re: Privacy in Mailing Lists
Re: Data Encryption and Privacy -- PGP Issues
PUBLIC SUBMISSION - PLEASE PRINT
Re: WA state bill could censor VR and multimedia
The Computer Privacy Digest is a forum for discussion on the effect
of technology on privacy. The digest is moderated and gatewayed into
the USENET newsgroup comp.society.privacy (Moderated). Submissions
should be sent to comp-privacy@uwm.edu and administrative requests
to comp-privacy-request@uwm.edu. Back issues are available via
anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp"
with password "yourid@yoursite". The archives are in the directory
"pub/comp-privacy". Archives are also held at ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
From: Paul Robinson <PAUL@TDR.COM>
Date: Sun, 13 Feb 1994 23:32:14 -0500 (EST)
Subject: Re: WA state bill could censor VR and multimedia
From: Paul Robinson <PAUL@TDR.COM>
Organization: Tansin A. Darcos & Company, Silver Spring, MD USA
-----
> NEW SECTION. Sec. 706 (1) A license is required for the commercial
> use of virtual reality technology for entertainment or purposes
> other then bona fide education, training, research, and
> development.
>
> NEW SECTION. Sec 702. (4) ``Virtual Reality'' means any
> computer or other electronic technology that creates an enhanced
> illusion of three-dimensional, real-time or near-real-time interactive
> reality through the use of software, specialized hardware, holograms,
> gloves, masks, glasses, computer guns, or other item capable
> of producing visual, audio, and sensory effects of verisimilitude
> beyond those available with a personal computer.
What are the requirements? Is it a requirment on having a license to
operate the technology or is it a license on the particular programs. As
this appears it seems that the only things it could apply to would be
places similar to video game arcades; it seems to try to avoid licensing
things like Nintendo or video games in the home, even though _that_ is
where all the complaints about too much violence are coming from.
If a video game arcade requires a license, then it sounds more like a
subterfuge to impose another tax than any concern over the effects of
video games on kids.
I'm not a lawyer, but because I've been concerned about restrictions on
content, I've tried to keep up with the issue. Here is what I understand
to be the situation with respect to restricting the content of something
visual:
If it is a license requiring the individual games to be licensed, it's
overbroad and would not stand court challenge. This is well-settled since
the 1960s with motion pictures: if a state or local jurisdiction has a
licensing, rating or censorship board, the only thing it can do is either
approve a particular work or go to court to have it banned. And since
the case of _Miller v. California_ the only grounds a local community can
have for banning material is if it is obscene.
To be 'obscene' requires it contain material which is 'primarily prurient
(sexually exciting) in nature' e.g. 'dirt for dirt's sake', it must have
'no socially redeeming value' (which is why most porno books have some sort
of editorial in the front section), and violate local standards. Failure
to meet all three tests renders the work non-obscene and non-bannable.
Violence alone is not sufficient to be obscene.
I suspect that a system for licensing places that have these games where
the content of the games is being examined would be struck down as a
violation of the 1st Amendment. I think that it would be very difficult
to create a licensing system which is constitutionally valid, since the
reason for the desire to license these works is a dislike of the
(non-obscene) content. And content is the explicit provision the First
Amendment has taken away from the states as a thing they would be able to
regulate.
Also, since the license law excludes the level of 'personal computers' if
the arcade system is less than or equal to anything sold for individual
use, is it no longer objectionable? Anyone seen the speed of an Alpha AXP
Risc processor in the single-user desktop or a Pentium (80586)? Want to
bet it's easy to argue that the effective processing power of these
Virtual Reality systems is less than or equal to that of an 80586, which
*is* a personal computer, or that - a lot sooner than people think - the
technology available for Personal Computers will equal the stuff being
used in VR systems? Usually the only difference between a personal
computer and an arcade game machine is the arcade machine has additional
chips and circuitry to do fast graphics.
My personal favorite among computer games is 'DOOM' from ID Software,
which is about 3 meg and can be downloaded from several internet sites
including ftp.uwp.edu. On an 80386 it's a nice game; the game's FAQ
indicates the 'frame rate' is faster on a 486 than movies or TV. Play
that game for a while and tell me where it isn't a very effective 'virtual
reality' game. ID's original game Wolfenstein 3d was groundbreaking
technology but still looked like a simulation in some areas. DOOM uses
much better graphics and the image in many aspects appears real. Yet what
are the main playing pieces in the game? A shotgun and a chainsaw! Yet
this game is outside of what this law allegedly wants to go after.
Also, since the game distinguishes between programs run on personal
computers, which can be VERY powerful, and allegedly faster ones, there
may be grounds to argue that the 14th amendment is being violated since
two different uses of computers are being treated differently, one
requiring a license and the other not, even though both are using the same
technology.
In short, I think it's really a subterfuge to put more taxes on video game
arcades and if anyone challenged it in court, their lawyer might have a good
chance of getting the law struck down as unconstitutional.
---
Paul Robinson - Paul@TDR.COM
Voted "Largest Polluter of the (IETF) list" by Randy Bush <randy@psg.com>
-----
The following Automatic Fortune Cookie was selected only for this message:
Ernesto Miranda's conviction was overturned due to the police not
informing him of his rights. A few years after this, two men got involved
in a bar fight, and one of them killed the other. The police advised the
man of his rights, using the so-called "Miranda" warning. The man he
killed *was* Ernesto Miranda!
------------------------------
From: "Peter M. Weiss" <PMW1@PSUVM.PSU.EDU>
Date: Sat, 12 Feb 1994 07:56:15 -0500 (EST)
Subject: Re: Privacy in Mailing Lists
Organization: Penn State University
When one subscribes to a Revised LISTSERV, here is a typical message
which is created at the time of subscription based upon the list's
definitions.
Also note that e-mail distributions to a list are sometimes archived via
other mechanisms into anonymous FTP/Gopher sites, where the FROM/SENDER
field is easily viewable.
There are various options that the list-owner/subscriber can do to
make retrieval of subscriber addresses more difficult (though not
impossible).
/Pete (pmw1@psuvm.psu.edu) -- co-owner INFOSYS, TQM-L, LDBASE-L, et -L
--
Peter M. Weiss "The 'NET' never naps" +1 814 863 1843
31 Shields Bldg. -- Penn State Univ -- University Park, PA 16802-1202 USA
Date: Sat, 12 Feb 1994 07:54:56 -0500
From: BITNET list server at PSUVM (1.7f) <LISTSERV@PSUVM.PSU.EDU>
Subject: Your subscription to list xxxxx-L
To: Pete Weiss <PMW1@PSUVM.BITNET>
Reply-To: xxxxx-L-Request@PSUVM.PSU.EDU
X-LSV-ListID: xxxxx-L
Dear networker,
Your subscription to list xxxxx-L has
been accepted.
Note: your distribution options have been defaulted as per the "SET xxxxx-L
REPRO" command.
You may leave the list at any time by sending a "SIGNOFF xxxxx-L" command to
LISTSERV@PSUVM.BITNET (or LISTSERV@PSUVM.PSU.EDU). Please note that this
command must NOT be sent to the list address (xxxxx-L@PSUVM) but to the
LISTSERV address (LISTSERV@PSUVM).
The amount of acknowledgement you wish to receive from this list upon
completion of a mailing operation can be changed by means of a "SET xxxxx-L
option" command, where "option" may be either "ACK" (mail acknowledgement),
"MSGACK" (interactive messages only) or "NOACK".
Contributions sent to this list are automatically archived. You can obtain a
list of the available archive files by sending an "INDEX xxxxx-L" command to
LISTSERV@PSUVM.BITNET (or LISTSERV@PSUVM.PSU.EDU). These files can then be
retrieved by means of a "GET xxxxx-L filetype" command, or using the database
search facilities of LISTSERV. Send an "INFO DATABASE" command for more
information on the latter.
Please note that it is presently possible for other people to determine that
you are signed up to the list through the use of the "REVIEW" command, which
returns the network address and name of all the subscribers. If you do not wish
your name to be available to others in this fashion, just issue a "SET xxxxx-L
CONCEAL" command.
More information on LISTSERV commands can be found in the LISTSERV reference
card, which you can retrieve by sending an "INFO REFCARD" command to
LISTSERV@PSUVM.BITNET (or LISTSERV@PSUVM.PSU.EDU).
Virtually,
The LISTSERV management
------------------------------
From: kilgore@obelisk.pillar.com (Stan Hall)
Date: Sat, 12 Feb 94 09:55:03 CST
Subject: Re: Privacy in Mailing Lists
Organization: Pillar Communications, Oklahoma City, Ok
"Prof. L. P. Levine" <levine@blatz.cs.uwm.edu> writes:
> Mailing lists may not be secure. Even allowing someone to use one,
> without allowing him or her to read it, can reveal some of the names of
> those in it. If you do not trust your moderator to keep the data
> secure and you are concerned, you can not stay on a list. There is no
> security to an unmoderated list. I am interested in the judgements of
> this group.
I want to thank you for bringing this to everyones attention.
Additionally it would be a good idea that when a user subscribes
to a mailing list that the automated reply would notify the user if
the membership list is public of private information.
Why do you say that there is no security to an unmoderated list? I
find that it totally depends on the the software that runs the
list. I am running a few mailing list and I am sure that there is
only one way to have access to the membership list. That is to have
access to the directory where the mailing list address is kept.
I do believe that there may be a security compromise via the
"Return-Receipt-To:" header on one of my mailing lists. The major
list that I run is sent out as a digest daily and all headers except
for "From:", "To:", "Date:", and "Message-Id:" are elimated and I cannot
imagine any possible compromises that this system would allow.
Of course as you stated, any security measures are of no use unless you
have can trust the moderator (or list maintainter).
Stan Hall
--
kilgore@obelisk.pillar.com (Stan Hall)
Pillar Communications BBS, Oklahoma City, OK -- +1 405 942 8794
------------------------------
From: wbe@psr.com (Winston Edmond)
Date: Sat, 12 Feb 1994 17:36:29 GMT
Subject: Re: WA state bill could censor VR and multimedia
Organization: Panther Software and Research
Robert Jacobson <cyberoid@u.washington.edu> writes:
There is a bill at the state level: (excerpts from ``Public Health &
Safety Act 1994'' bill, SBR 6174)
NEW SECTION. Sec. 706 (1) A license is required for the commercial
use of virtual reality technology for entertainment or purposes
other then bona fide education, training, research, and
development.
where VR is defined:
NEW SECTION. Sec 702. (4) ``Virtual Reality'' means any computer
or other electronic technology that creates an enhanced illusion of
three-dimensional, real-time or near-real-time interactive reality
through the use of software, specialized hardware, holograms,
gloves, masks, glasses, computer guns, or other item capable of
producing visual, audio, and sensory effects of verisimilitude
beyond those available with a personal computer.
Ah, but what's "available with a personal computer" is a moving target. It
looks like VR gear sold for use with, or operated by, a personal computer is
not restricted. Similarly, if you buy a VR unit for your enjoyment at home,
that's not "for the commercial use of [VR]" and wouldn't be covered.
It looks more like they're working on a way to tax/license/control VR-capable
video game units at amusement parks/parlors/etc.
How bad this is in practice also depends on how hard and how expensive it is
to get a license. Still, it'd be better to dump this law and work with the
worried folks who see VR as a threat to find a more appropriate solution or
to help them understand the technology.
-WBE
------------------------------
From: cpsr@access.digex.net (Dave Banisar)
Date: 12 Feb 1994 18:06:32 -0500
Subject: Re: Privacy Acts - Ireland, Iceland
Organization: Express Access Online Communications, Greenbelt, MD USA
matyas@scs.carleton.ca (Vaclav Matyas) writes:
>Does anyone know whether or not (resp. what kind of and where to get
>them in electronic form, if possible) do Ireland and Iceland have
>Privacy Acts ?
Both Iceland and Ireland have Privacy Acts.
Iceland - Protection of Personal Records Act, No. 121 (28 December 1989)
Ireland -Data Protection Act 1988 (13th July 1988)
I'm not aware of an electronic version of either of these acts. The best
source I've seen is Wayne Madsen, Handbook of Personal Data Protection
(stockton press 1992) which contains the english translations of nearly
every act in the world.
Dave Banisar
CPSR/Privacy International Washington Office
------------------------------
From: bernie@fantasyfarm.com (Bernie Cosell)
Date: Sun, 13 Feb 1994 03:57:42 GMT
Subject: Re: Privacy in Mailing Lists
Organization: Fantasy Farm, Pearisburg, VA
In article <comp-privacy4.29.3@cs.uwm.edu>, "Prof. L. P. Levine" writes:
} Earlier this month I received the following request in the Computer
} Privacy Digest input box: (The userid is deleted.)
} I would like to request a mailing list of subscribers who
} participate in your bulletin board system. Please send info to:
}
} I sent the author a response indicating that if it was submitted as a
} request for posting, I would be glad to ask each of you if you wanted
} to send the author a mailing permitting the author to set up a separate
} list. I indicated that such a global request of a Privacy list was
} especially insensative.
} From: rrb@deja-vu.aiss.uiuc.edu (Bill Pfeiffer)
} Date: Tue, 8 Feb 1994 16:55:09 -0600 (CST)
}
} I get these requests all the time. Seems that bitnet listservers
} have that command built in to them and some find it to be
} commonplace.
Actually, he understates the situation. I believe that most of the
automated mailing-list maintainers support a "give me a list of the
folk on the list" command [listservers are the most common, but there
are several others floating around these days].
} Other intrusions into your privacy also may exist. ...
I don't quite understand. Why is the existence of your email address,
when you've freely sent it out to join a public mailing list, a big
privacy matter? _any_ sort of privacy matter? I may just be looking
at this wrong, but I've never considered email addresses to be particularly
confidential information.
} Mailing lists may not be secure. Even allowing someone to use one,
} without allowing him or her to read it, can reveal some of the names of
} those in it. If you do not trust your moderator to keep the data
} secure and you are concerned, you can not stay on a list. There is no
} security to an unmoderated list. I am interested in the judgements of
} this group.
My two cents is that if worrying about the security of the list of
email addresses on a public mailing list is the biggest privacy-challenge
you're concerned about at the moment, then you've got a pretty tidied
up, secure world! I'm not sure I would even dignify such a thing
as a "privacy" matter.
/Bernie\
--
Bernie Cosell bernie@fantasyfarm.com
Fantasy Farm Fibers, Pearisburg, VA (703) 921-2358
------------------------------
From: greg@ideath.goldenbear.com (Greg Broiles)
Date: Sun, 13 Feb 94 00:41:42 PST
Subject: Re: Data Encryption and Privacy -- PGP Issues
Organization: iDEATH
-----BEGIN PGP SIGNED MESSAGE-----
close@lunch.asd.sgi.com (Diane Barlow Close) writes:
> Does PGP infringe or doesn't it? Are there exceptions or aren't there?
I haven't seen ViaCrypt PGP mentioned here yet; it is the standard MS-DOS
version of PGP, modified to use RSA libraries licensed from Public
Key Partners. Its output is compatible with that of the freeware PGP.
Source code is available for the freeware PGP, but is not available for
ViaCrypt PGP.
I believe that ViaCrypt is selling ViaCrypt PGP for DOS for approx $100;
they are supposed to be working on versions for the Mac and Unix.
To contact them:
ViaCrypt
2104 W. Peoria Ave.
Phoenix, AZ 85029
(602) 944-0773
(602) 943-2601 fax
I have no connection with ViaCrypt; I did purchase their version of
PGP, since it's a useful program and I don't want to worry about
legal hassles stemming from my use of the product.
-----BEGIN PGP SIGNATURE-----
Version: 2.4
iQCVAgUBLV3ppn3YhjZY3fMNAQHPuwP/VOk8FmZv6Dc/l2x2+AJ4GJ+hzf57GHGt
IF5JPGsG+KUyHzL1mLmBFqNrzRAAwP+3PoEYjWjJzprOTdBeXM4SD/+zF/TF/M86
5IF75aCtgdJgrSkbZRflX7IOmjBzZcILFo1wiUiZwhntI7mjPXL5iVr3CrNyYGNf
e4CiGgH1rHA=
=lTH9
-----END PGP SIGNATURE-----
--
Greg Broiles ".. has bizarre Cyberanarchist theories relating
greg@goldenbear.com to human punishment." -- L. Detweiler
------------------------------
From: Chuck Weckesser <71233.677@CompuServe.COM>
Date: 13 Feb 94 12:27:29 EST
Subject: PUBLIC SUBMISSION - PLEASE PRINT
Topic: FOR PUBLIC SUBMISSION
Should Rapist's And Pedophiles Be Forced To Register With The Authorities Every
Time They Move Away?
First, let's put a brake on the emotions now. All of here on the digest know how
repugnant the crimes that rapist's and pedophiles commit are. This is NOT the
subject of this post.
I read in yesterday's paper that my state wants *ALL* persons either convicted
or *ACCUSED* of rape to register with the police every time they move. Same with
pedophiles. I am giving serious thought to whether or not there are any privacy
implications here.
The emotional part of me says yes, register them ASAP!! But I am concerned about
a slippery slope that could lead to registering even non-violent criminals.
Please note that what I have just mentioned is, according to the article I have
read, extremely common, especially in Japan and Singapore particularly, a
country which does not give a tinker's damm about privacy to begin with.
I am very interested in feedback from other members of the digest as to whether
rapist's and pedophiles should be forced to register their names and places of
address *AND* work with the authorities.
In addition, should the same standard (assuming you agree with the above) apply
to *accused* rapist's and pedophiles??
Frankly, I will have to give this issue much more thought before submitting an
answer. However, it was in the paper, I thought my colleagues here on the Digest
might find this tidbit interesting and we can all throw it out for debate.
What's your vote folks?
Kind Regards,
Chuck
------------------------------
From: Paul Robinson <PAUL@TDR.COM>
Date: Sun, 13 Feb 1994 23:32:14 -0500 (EST)
Subject: Re: WA state bill could censor VR and multimedia
From: Paul Robinson <PAUL@TDR.COM>
Organization: Tansin A. Darcos & Company, Silver Spring, MD USA
-----
> NEW SECTION. Sec. 706 (1) A license is required for the commercial
> use of virtual reality technology for entertainment or purposes
> other then bona fide education, training, research, and
> development.
>
> NEW SECTION. Sec 702. (4) ``Virtual Reality'' means any
> computer or other electronic technology that creates an enhanced
> illusion of three-dimensional, real-time or near-real-time interactive
> reality through the use of software, specialized hardware, holograms,
> gloves, masks, glasses, computer guns, or other item capable
> of producing visual, audio, and sensory effects of verisimilitude
> beyond those available with a personal computer.
What are the requirements? Is it a requirment on having a license to
operate the technology or is it a license on the particular programs. As
this appears it seems that the only things it could apply to would be
places similar to video game arcades; it seems to try to avoid licensing
things like Nintendo or video games in the home, even though _that_ is
where all the complaints about too much violence are coming from.
If a video game arcade requires a license, then it sounds more like a
subterfuge to impose another tax than any concern over the effects of
video games on kids.
I'm not a lawyer, but because I've been concerned about restrictions on
content, I've tried to keep up with the issue. Here is what I understand
to be the situation with respect to restricting the content of something
visual:
If it is a license requiring the individual games to be licensed, it's
overbroad and would not stand court challenge. This is well-settled since
the 1960s with motion pictures: if a state or local jurisdiction has a
licensing, rating or censorship board, the only thing it can do is either
approve a particular work or go to court to have it banned. And since
the case of _Miller v. California_ the only grounds a local community can
have for banning material is if it is obscene.
To be 'obscene' requires it contain material which is 'primarily prurient
(sexually exciting) in nature' e.g. 'dirt for dirt's sake', it must have
'no socially redeeming value' (which is why most porno books have some sort
of editorial in the front section), and violate local standards. Failure
to meet all three tests renders the work non-obscene and non-bannable.
Violence alone is not sufficient to be obscene.
I suspect that a system for licensing places that have these games where
the content of the games is being examined would be struck down as a
violation of the 1st Amendment. I think that it would be very difficult
to create a licensing system which is constitutionally valid, since the
reason for the desire to license these works is a dislike of the
(non-obscene) content. And content is the explicit provision the First
Amendment has taken away from the states as a thing they would be able to
regulate.
Also, since the license law excludes the level of 'personal computers' if
the arcade system is less than or equal to anything sold for individual
use, is it no longer objectionable? Anyone seen the speed of an Alpha AXP
Risc processor in the single-user desktop or a Pentium (80586)? Want to
bet it's easy to argue that the effective processing power of these
Virtual Reality systems is less than or equal to that of an 80586, which
*is* a personal computer, or that - a lot sooner than people think - the
technology available for Personal Computers will equal the stuff being
used in VR systems? Usually the only difference between a personal
computer and an arcade game machine is the arcade machine has additional
chips and circuitry to do fast graphics.
My personal favorite among computer games is 'DOOM' from ID Software,
which is about 3 meg and can be downloaded from several internet sites
including ftp.uwp.edu. On an 80386 it's a nice game; the game's FAQ
indicates the 'frame rate' is faster on a 486 than movies or TV. Play
that game for a while and tell me where it isn't a very effective 'virtual
reality' game. ID's original game Wolfenstein 3d was groundbreaking
technology but still looked like a simulation in some areas. DOOM uses
much better graphics and the image in many aspects appears real. Yet what
are the main playing pieces in the game? A shotgun and a chainsaw! Yet
this game is outside of what this law allegedly wants to go after.
Also, since the game distinguishes between programs run on personal
computers, which can be VERY powerful, and allegedly faster ones, there
may be grounds to argue that the 14th amendment is being violated since
two different uses of computers are being treated differently, one
requiring a license and the other not, even though both are using the same
technology.
In short, I think it's really a subterfuge to put more taxes on video game
arcades and if anyone challenged it in court, their lawyer might have a good
chance of getting the law struck down as unconstitutional.
---
Paul Robinson - Paul@TDR.COM
Voted "Largest Polluter of the (IETF) list" by Randy Bush <randy@psg.com>
-----
The following Automatic Fortune Cookie was selected only for this message:
Ernesto Miranda's conviction was overturned due to the police not
informing him of his rights. A few years after this, two men got involved
in a bar fight, and one of them killed the other. The police advised the
man of his rights, using the so-called "Miranda" warning. The man he
killed *was* Ernesto Miranda!
------------------------------
End of Computer Privacy Digest V4 #030
******************************
.