Date: Sun, 20 Feb 94 20:39:19 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V4#033
Computer Privacy Digest Sun, 20 Feb 94 Volume 4 : Issue: 033
Today's Topics: Moderator: Leonard P. Levine
Re: Clipper Overseas
Re: Clipper Overseas
Smart Cards for London Buses
PGP for Amiga - where to find
Legal and Ethical Aspects of Network Use
Electronic Banking
Support Needed for Common Carriage Provisions of HR3636
Nader to Markey on Telecom Legislation
Computer Privacy Digest FTP
The Computer Privacy Digest is a forum for discussion on the effect
of technology on privacy. The digest is moderated and gatewayed into
the USENET newsgroup comp.society.privacy (Moderated). Submissions
should be sent to comp-privacy@uwm.edu and administrative requests
to comp-privacy-request@uwm.edu. Back issues are available via
anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp"
with password "yourid@yoursite". The archives are in the directory
"pub/comp-privacy". Archives are also held at ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
From: chris@quay.ie (Christopher Davey)
Date: Thu, 17 Feb 1994 15:40:09 GMT
Subject: Re: Clipper Overseas
Organization: Quay Financial Software
Christopher Zguris <0004854540@mcimail.com> writes: I haven't seen
this discussed so I'm going to ask. What are the implications for
Clipper's use on communications between US and foreign countries
and companies? If company A in the US is communicating with Company
B is some other part of the world over a Clipper-encrypted data
link couldn't the NSA legally monitor and decode the communition if
they chose to do so? It's a given that the NSA monitors a lot of
data communications, and I remember reading about the monitoring of
US communications using NSA equipment in foreign countries thereby
by avoiding the issue of monitoring on US soil, so couldn't the
same trick be used to monitor communications in foreign countries
that would also include US links? If we're talking about a
world-wide link than a monitoring link in a foreign node could give
access to the whole thing. How does key escrow affect potential
international users? Anybody care to shed some light on this
subject?
I read a article in the "Independant on Sunday" last weekend, which that
a senior NSA official, James Hearn was in London "with the task of selling
the 16 governments of the European Union and European Free Trade
Association on the virtues of a controversial electronic scrambling
technology" - ie Clipper.
The question in my mind is, are the governments of these independant
countries going to adopt Clipper, if they do not have the ability to
decrypt it ? No way ! And I bet they don't have to go through the escrow
agencies in the US either. In which case, the whole thing seems wide open.
--
Chris Davey Internet: chris@quay.ie
Quay Financial Software Phone : +353 1 6612377 Fax: +353 1 6607592
------------------------------
From: tcj@netcom.com (Todd Jonz)
Date: Fri, 18 Feb 1994 09:49:50 GMT
Subject: Re: Clipper Overseas
Organization: Sanity Cruise Enterprises, Ltd.
Christopher Zguris (0004854540@mcimail.com) writes: If company A in
the US is communicating with Company B is some other part of the
world over a Clipper-encrypted data link couldn't the NSA legally
monitor and decode the communition if they chose to do so?
Sure, assuming that they had the private keys for both companies. But
this would mean that the escrow mechanism for these keys wasn't worth a
damn. That's what's so scary about the whole Clipper proposal.
Imagine if one of the conditions of securing a federally funded home
loan were that you make a copy of your front door key and entrust it to
your local police department for the duration of the loan. Even
assuming that you trust your local police department implicitly as an
organization, if there's even one individual in its employ with access
to that key who can be compromised, you might as well just leave your
front door open.
How does key escrow affect potential international users?
It seems to me that the biggest threat to international users would be
the potential for Clipper to become ubiquitous in the U.S. One
objective of the Clipper proposal is to discourage the private sector
from bringing competitive systems to market. If this tactic is
successful, it would mean that foreign companies wishing to do business
with U.S. firms would have little choice but to jump on the bandwagon.
------------------------------
From: "Mich Kabay / JINBU Corp." <75300.3232@CompuServe.COM>
Date: 16 Feb 94 22:41:04 EST
Subject: Smart Cards for London Buses
Taken from RISKS-FORUM Digest Thursday 17 February 1994 (15:56) FORUM
ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee
on Computers and Public Policy, Peter G. Neumann, moderator
Electronic card system launched on London's buses
--United Press newswire 02/15 1027 via Executive News Service (GO ENS)
on CompuServe.
LONDON (UPI) -- London Transport Minister Steven Norris Tuesday
launched an 18-month trial of an electronic ticketing system on the
city's buses. More than 200 buses operating in the Harrow district
of northwest London have been fitted with a contactless "Smartcard"
reader that validates bus tickets. Government officials said the
trial will be the largest of its type in the world.
The article states that the credit-sized card will be activated by
proximity sensors without requiring any physical contact with the
reader. The card is expected to make boarding the buses easier and
faster as well as reducing fraud.
Perhaps the most significant sentence in the article is the following:
"... the card will help reduce fraud and give bus operators more
information about who is using their services."
I wonder if the system includes audit trails which record details of
who rode which bus when. If so, I hope the software development team
uses adequate quality assurance. RISKS readers will recall that Ross
Anderson recently described a case in the U.K. in which a policeman was
convicted of fraud for having the temerity to complain about what he
claimed were unauthorized withdrawals from his bank account. The court
ruled that the bank's electronic records, which _failed to support_ the
defendant's arguments, were sufficient to convict the suspect.
Any system which records information about personal movements poses
risks when the information is accurate; but inaccurate information can
cause even more trouble.
Can a RISKS reader in the U.K. follow up on this story?
Michel E. Kabay, Ph.D., Director of Education, National Computer
Security Assn
------------------------------
From: wmccarth@tracer.den.mmc.com (Wil McCarthy)
Date: Thu, 17 Feb 1994 20:58:45 GMT
Subject: PGP for Amiga - where to find
Organization: Martin Marietta Astronautics, Denver
I'm looking for a late-model Amiga PGP. Can anyone help?
------------------------------
From: O1_DSELDEN@nelinet.org
Date: Fri, 18 Feb 1994 13:24:26 -0500 (EST)
Subject: Legal and Ethical Aspects of Network Use
Could anyone refer me to some recent literature on legal and ethical
aspects of network use? I am particularily interested in security,
privacy, and issues of libel. Thanks for your help! David
------------------------------
From: hw38921@vub.ac.be (VA DEN AUDENAERDE ALAIN)
Date: 19 Feb 1994 13:20:32 GMT
Subject: Electronic Banking
Organization: Brussels Free Universities (VUB/ULB), Belgium
As I am trying to get a larger view on the problems that might occur
with the large scale introduction of electronic banking and its
possible social consequences, I'd like to know your opinion on what
might happen; would it reinforce alienation of people who are not
familiar with keyboards & screens, what could be the employees reaction
to their new working environment, what about privacy,etc...?
--
hw38921@is1.vub.ac.be (VA DEN AUDENAERDE ALAIN)
Student Communicatiewetenschappen Vrije Universiteit Brussel
------------------------------
From: Michael Ward <mike@essential.org>
Date: Fri, 18 Feb 94 17:11:20 EST
Subject: Support Needed for Common Carriage Provisions of HR3636
Distributed to TAP-INFO, a free Internet Distribution List
(subscription requests to listserver@essential.org). This
material may be freely disseminated.
TAXPAYER ASSETS PROJECT - INFORMATION POLICY NOTE
February 18, 1994
To: Supporters of common carriage (non-discriminatory
access) to cable and video dialtone services
From: Jamie Love, TAP
Re: Action needed to support common carriage provisions of
HR 3636
The attached letter asks the members of the Telecommunications
and Finance subcommittee to improve the common carrier sections
of HR 3636, relating to video services.
The Taxpayer Assets Project (TAP), Consumer Federation of
America, Media Access Project, Computer Professionals for Social
Responsibility, People for the American Way and OMB Watch are
among the groups signing the letter.
If your organization is willing to sign the letter, please
provide us with the following information:
Name:_______________________
Title:__________________________
Affiliation:_______________________
Telephone Number:__________________
Fax number:_________________________
Internet address:______________________
Postal Address:_____________________________
______________________________
Send this information to Ned Daly from TAP, at:
v: 202/387-8030, f: 202/234-5176; internet: ndaly@essential.org
-----------------------------
BACKGROUND ON THE LETTER
TELEPHONE VIDEO DIALTONE PLATFORM
In its present draft, telephone companies entering video markets
in their own service area are required to make 75 percent of
video platform capacity available to non-affiliated entities,
with safeguards against discrimination. This provision is
dropped after 5 years, however, allowing telephone companies to
control the entire video platform. Moreover, Representative
Fields is reportedly prepared to eliminate the 75 percent
requirement, in favor of a provision which would give the F.C.C.
the authority to set the non-affiliated share of the network even
lower.
COMMON CARRIAGE FOR CABLE
HR 3636 also asks the FCC to study the issue of common carrier
requirements on cable television. Attacks on this study are
expected during mark-up on the bill next week.
This letter asks Congress to keep a MINIMUM of 75 percent of the
video platform available to non-affiliated entities, and to
eliminate the 5 year sunset provision, which is very important.
The letter also supports the opening up of cable networks by
imposing common carrier obligations. It is important that we
support these provisions. The EFF letter on its Open Platform
does not apply to cable television or the telephone company video
platform. Thus, these issues are not redundant with the EFF
letter.
The language to eliminate the sunset language is as follows:
Strike, "Subsection (d) of SEC. 654. PROVISION OF AFFILIATED
VIDEO PROGRAMMING".
-----------------------------------------------------
The LETTER
Dear (members of the subcommittee on telecommunications and
finance)
We are writing regarding HR 3636, introduced by Rep. Ed Markey to
express our strong support for provisions that will protect
competition in content markets, by providing common carrier
status to telephone company video platform services and cable
television services. We would like to make the following points.
1. VIDEO PLATFORM CAPACITY AVAILABLE FOR NON-AFFILIATED
COMPANIES.
In its present draft, HR 3636 provides that telephone company
video dialtone services must offer up to 75 percent of the
system's capacity to non-affiliated entities, on terms and
conditions that do not discriminate in favor of the affiliated
companies. While some of us believe that the 75 percent figure
is too low, all of us agree that it should represent a minimum
amount of access for non-affiliated companies.
In its current draft, HR 3636 would sunset this provision in 5
years. We strongly oppose the sunset of this provision after 5
years.
2. COMMON CARRIER OBLIGATIONS FOR CABLE TELEVISION.
HR 3636 now requires the F.C.C. to conduct a study to determine
if it is in the public interest to extend common carrier
obligations to cable operators. We believe that our national
information infrastructure should be based upon open access to
networks on non- discriminatory terms. We strongly support the
study, as a step in broadening access to the nation's cable
systems. However, an even better provision would require the
F.C.C. to extend common carrier obligations to cable within a
fixed time frame.
We urge Congress to take measures to open access to cable and
video platform services, and to insure that carriers are required
to provide open access by anyone who seeks the opportunity to
offer information services.
Thank you for consideration of these suggestions.
Sincerely,
James Love, Taxpayer Assets Project
Brad Stillman, Consumer Federation of America
Andy Schwartzman, Media Access Project
Marc Rotenberg, Computer Professionals for Social Responsibility
Jim Halpert, People for the American Way
Patrice McDermott, OMB Watch
---------------------------------------------------------------------
TAP-INFO is an Internet Distribution List provided by the Taxpayer
Assets Project (TAP). TAP was founded by Ralph Nader to monitor the
management of government property, including information systems and
data, government funded R&D, spectrum allocation and other government
assets. TAP-INFO reports on TAP activities relating to federal
information policy. tap-info is archived at ftp.cpsr.org;
gopher.cpsr.org and wais.cpsr.org
Subscription requests to tap-info to listserver@essential.org with
the message: subscribe tap-info your name
---------------------------------------------------------------------
Taxpayer Assets Project; P.O. Box 19367, Washington, DC 20036
v. 202/387-8030; f. 202/234-5176; internet: tap@essential.org
---------------------------------------------------------------------
------------------------------
From: James Love <love@essential.org>
Date: Fri, 18 Feb 94 19:44:52 EST
Subject: Nader to Markey on Telecom Legislation
Distributed to TAP-INFO, a free Internet Distribution List
(subscription requests to listserver@essential.org). This material may
be freely disseminated.
TAXPAYER ASSETS PROJECT - INFORMATION POLICY NOTE
February 18, 1994
The following letter by Ralph Nader and James Love to
Representative Ed Markey outlines our concerns about (and suggestions
for) telecommunications legislation that will be considered the week
after next by the House Subcommittee on Telecommunications and Finance.
-----------------------------------------------
Ralph Nader, PO Box 19312, Washington, DC 20036
James Love, PO Box 19367, Washington, DC 20036
February 17, 1994
Honorable Edward J. Markey
Chairman, Subcommittee on
Telecommunications and Finance
U.S. House of Representatives
Washington, D.C. 20515
Dear Congressman Markey:
This letter is a follow-up to our statement and oral testimony provided
to the Subcommittee on Wednesday, February 9, 1994, on the subject of
HR 3636 and HR 3626, the two bills which would substantially re-write
the Communications Act of 1934, and re define the rolls and
responsibilities of telephone and cable carriers. It is a mistake for
important legislation such as this is to be compromised by prematurely
eager bipartisanship that gives new meaning to lower common denominator
foreclosure of later improvements. Given this state of affairs, we
outsiders must strive against major odds. So here goes.
We recognize that the Congress and the executive branch have largely
focused on issues relating to carrier jurisdiction, and the creation of
a "level" playing field for carriers. While adjusting industry
disputes is an important issue, we believe th e Subcommittee has not
adequately addressed many large public policy concerns. The following
steps, at the least, should be taken to strengthen the legislation.
CONSUMER REPRESENTATION
1. One of the reasons the current debate over telecommunications
legislation is so tilted toward the issues of interest to industry is
that the carriers are the best organized and best financed participants
in the debate. This focus largely ignores wha t should be the ultimate
purpose of this legislation -- consumer participation, service and
meaningful choice. It is essential that citizen participation be
enhanced through mechanisms that make it easier for consumers to
organize. The Citizen Utility B oard (CUB) model, which provides for
democratically controlled and privately funded consumer groups, should
be included in HR 3636. What do you say, oh sponsor of Cable Cub?
Aggressive leadership by you for this mechanism is the civic equivalent
to the universal solvent.
COMPETITION IN THE LOCAL LOOP
1. HR 3636 goes too far in pre-empting state regulation on the issue
of entry. While it is appropriate for the federal government to set a
national policy which supports competition for delivery of local
switched network services, Congress should not p revent state
governments from imposing reasonable standards for service and
reliability. The states should be able to sanction carriers that
engage in fraudulent business practices or violate consumer privacy.
2. A very important element of any competitive telecommunications
strategy is to encourage the development of a competitive wireless
industry, which can deliver services to consumers without making large
sunk investments in "last mile" facilities. The Federal Communications
Commission (FCC), however, has proposed that incumbent telephone, cable
and cellular companies may acquire up to 100 Mhz of the available 120
Mhz of new Personal Communication Services (PCS) spectrum. Cross
ownership of telephone, cable, and cellular licenses with the new PCS
licenses will greatly decrease competition in local services, and it
should be expressly prohibited by HR 3636.
3. Consumer interests should be protected by giving states the
authority to regulate the rates for the service, and the entire cable
system should operate under strong common carriage rules, ensuring open
and non-discriminatory access.
PRE-EMPTION OF STATE RATE REGULATION
1. The Clinton/Gore Administration's new Title VII proposal, which
was not available to the general public at the time of the
Subcommittee's hearings on HR 3626 and HR 3636, proposes vast
pre-emption of state rate regulation for Title VII services. We
strongly oppose any pre-emption of state authority to protect consumers
through the regulation of rates for carrier services. State
governments have shown restraint in regulating prices for services that
are truly competitive, but they have long exercise d the right to
protect consumers in markets where competition does not exist. The FCC
is ill equipped to second guess state governments on the issue of
defining market power, and it has no claim to experience on the issue
of rate making methodology, havi ng failed to control cable rates.
2. We believe that pre-emption of state rate regulation for wireless
services which passed in the 1992 Budget Reconciliation Act and the
pre-emption of state rate regulation of cable services should be
repealed. The FCC need not interfere with state co mmissions that want
to protect consumers in local markets.
OPEN ARCHITECTURE AND COMMON CARRIAGE
1. The new broadband networks should operate as common carriers.
Common carriage should extend to the entire capacity of the service,
not just the 75 percent required in HR 3636.
2. HR 3636 sunsets the requirement that video platform carrier
provide access to non-affiliated companies in five years. This sunset
provision should be removed.
3. We believe it is time to require the FCC to regulate cable as a
common carrier within a fixed period or time, such as two years. This
is the only step consistent with Congress's professed interest in
opening up networks to greater competition.
4. We oppose provisions that allow telephone or cable companies to
own the "content" which travels through the "conduit." However, if
Congress does allow vertical integration, it must provide the strongest
possible protection against anti- competitive abuses. The best
protection against abuses are found in the language in HR 3626
regarding telephone company entry into electronic publishing. These
protection should be incorporated into the bill, and extended to
affiliated video services.
5, Congress should require the FCC to take steps to ensure that the
so called "set top" controller for the broadband networks be based upon
open architecture and competition. Consumers should be able to
purchase the set top from third party vendors. M oreover, the third
party vendors should be able to provide consumers with their own
interface, allowing consumers greater control over how they access and
locate information. Persons providing information services should have
opportunities to market the ir services through a non-biased "virtual
yellow pages".
NON-COMMERCIAL INFORMATION SERVICES
1. We strongly support the public television proposal that 20 percent
of the capacity of broadband networks be available at no charge for
non-commercial programming.
2. Congress should establish a fund to support non-commercial
information services. All telecommunications carriers and holders of
broadcast license should contribute a fixed percent of revenues to the
fund. Distribution of grants from this fund shoul d be modeled after
the system that has been used in the Netherlands to allocate television
broadcast time.
UNIVERSAL SERVICE
1. Congress should ensure that a program to provide universal service
is in place before it mandates competition at the local loop.
2. The states should determine the level of contribution to the
universal service fund, the definition of universal service, and the
purposes for which the universal fund can be used, subject to minimum
standards set by the FCC.
3. Carriers should not be allowed to make in-kind contributions to
the universal service fund.
PRIVACY
1. The legislation should ensure that carriers protect the privacy of
personal transactions conducted through these services.
We would appreciate hearing your position on these suggestions. A
"DemiRep" mousse is unbecoming to the fighting Ed Markey we once knew
on the Hill.
Sincerely,
Ralph Nader James Love
---------------------------------------------------------------------
TAP-INFO is an Internet Distribution List provided by the Taxpayer
Assets Project (TAP). TAP was founded by Ralph Nader to monitor the
management of government property, including information systems and
data, government funded R&D, spectrum allocation and other government
assets. TAP-INFO reports on TAP activities relating to federal
information policy. tap-info is archived at ftp.cpsr.org;
gopher.cpsr.org and wais.cpsr.org
Subscription requests to tap-info to listserver@essential.org with
the message: subscribe tap-info your name
---------------------------------------------------------------------
Taxpayer Assets Project; P.O. Box 19367, Washington, DC 20036
v. 202/387-8030; f. 202/234-5176; internet: tap@essential.org
---------------------------------------------------------------------
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: Fri, 18 Feb 1994 08:46:30 -0600 (CST)
Subject: Computer Privacy Digest FTP
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy. The digest is moderated and gatewayed into the
USENET newsgroup comp.society.privacy (Moderated). Submissions should
be sent to comp-privacy@uwm.edu and administrative requests to
comp-privacy-request@uwm.edu. Back issues are available via anonymous
ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password
"yourid@yoursite". The archives are in the directory
"pub/comp-privacy". Archives are also held at the address of the
former moderator, Dennis Rears, ftp.pica.army.mil [129.139.160.133].
If you are unfamiliar with the use of the File Transfer Protocon (ftp)
the following short summary might help. On most systems the following
procedure will work, if you have a local command named ftp:
You type: Comment on the command:
ftp ftp.cs.uwm.edu (on your system)
ftp (answer to login request)
your_userid@your_site (answer to password request)
cd pub/comp-privacy (at ftp prompt)
dir (look at what is there)
cd library (at ftp prompt)
dir (look at what is there)
get ConsumerShow.keynote (move document to your filespace)
cd .. (back to main menu)
cd volume4 (at ftp prompt)
dir (look at what is there)
get V4#031 (move document to your filespace)
quit (back to your system)
You will find the two documents in the directory you were in when you
executed the first ftp command. If ftp is unavailable or difficult to
use, send a request for help to: comp-privacy-request@uwm.edu
------------------------------
End of Computer Privacy Digest V4 #033
******************************
.