Date: Fri, 11 Mar 94 15:02:09 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V4#041
Computer Privacy Digest Fri, 11 Mar 94 Volume 4 : Issue: 041
Today's Topics: Moderator: Leonard P. Levine
Akron Beacon Journal wants your opinion of Clipper
International Employee Privacy Rights
Tanya Harding's Privacy
Re: Privacy and Sexual Crimes
Re: PGP Ideas
CHIPS...
CHIPS...
CHIPS...
CHIPS...
CHIPS...
The Computer Privacy Digest is a forum for discussion on the effect
of technology on privacy. The digest is moderated and gatewayed into
the USENET newsgroup comp.society.privacy (Moderated). Submissions
should be sent to comp-privacy@uwm.edu and administrative requests
to comp-privacy-request@uwm.edu. Back issues are available via
anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp"
with password "yourid@yoursite". The archives are in the directory
"pub/comp-privacy". Archives are also held at ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
From: gfe@vritra.cb.att.com (Gary Ellison)
Date: 10 Mar 1994 17:19:03 GMT
Subject: Akron Beacon Journal wants your opinion of Clipper
Organization: AT&T Bell Laboratories
The Saturday, March 5, 1995 Akron Beacon Journal asks the question:
"Should phones and computers be equipped with chips that translate
transmissions for law enforcement agencies?"
There is a small blurb about Clipper followed by:
"What's your opinion about installing the Clipper Chip? Should law
enforcement officers be given access to computer and phone Transmission?"
Send your letter to:
Voice of the People
Akron Beacon Journal
P.O. Box 640
Akron, Ohio 44309-0640
They ask that you sign (digital won't do :) your letter and add your
address and daytime phone number. They primise not to publish
addresses or phone numbers.
------------------------------
From: lpincus@wppost.depaul.edu
Date: 9 Mar 1994 15:00:32 -0600
Subject: International Employee Privacy Rights
Message for all-of-elsa:
I am an assistant professor of legal studies at DePaul's Business
School and am conducting research in the area of international employee
privacy rights. I am looking for information on employee privacy
rights in the following countries (incl. drug and other testing,
information transfers, surveillance/monitoring, etc., and personal
information): Figi, New Zealand, Australia, Thailand, Nepal and
India. If you have information, please email info or references to
lpincus@wppost.depaul.edu. In addition, I will be travelling to these
countries in Summer, 1994, and would appreciate any contacts in the
area who may be involved in human resources (+ any other info).
Thanks.
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 10 Mar 1994 19:22:16 -0600 (CST)
Subject: Tanya Harding's Privacy
Organization: University of Wisconsin-Milwaukee
I have been given a cut from several electronic boards that are used by
journalists in their electronic interaction. What follows is my edited
compendium of what appeared in these boards. It gives a look at the
varying ethics of members of the working press as they puzzle their way
through these issues.
The material dealt with is the opening (and the possible reading) of
Tonya Harding's email account at the winter Olympics. Her userid and
password were read from a tag she wore around her neck and her
birthdate, very insecure data.
This particular case is is no longer news, but we can expect the same
type of issues to come up again. What are the issues journalists
should consider before accessing an account to which they may quite
easily obtain access information? Journalists find that they have to
walk a fine line between privacy and the public's right to know how
society really functions.
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of Computer Privacy Digest and
Professor of Computer Science | comp.society.privacy.
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
---------------------------------+-----------------------------------------
---------- Cut (and edited) from Several Journalism Boards ---------
The Dallas Morning News reported recently that Michelle Kaufman of the
Free Press, Ann Killion of the San Jose Mercury News and Jere Longman
of The New York Times read Harding's e-mail access code off of her
credentials shown in an enlarged shot on television. The Olympic
system's default structure assigns the user's birthdate as the user's
password until he or she changes it; apparently Harding never did. So
the reporters had her account name and password. They say that at 2
a.m. they logged in to her account, saw that there were 68 messages,
and logged out. They said they were simply trying to see if their
efforts had worked.
Friday, after The News' story was picked up by KRT and distributed
worldwide, other reporters 'fessed up to having cracked Harding's e-
mail. Among them was columnist Dave Barry, who expressed outrage that
anyone would be offended by what the reporters did. Another reporter
told The News that the breach was innocent in that it was analogous to
a reporter's looking on a source's desk and ``reading a letter upside
down.'' The reporter's committee responsible for credentials in
Lillehammer plans to take no action; the Free Press and the Mercury
News backed their reporters; the Times would make no comment.
According to the first report, reading a letter placed openly on a
source's desk is not the same as figuratively waiting until the source
has gone home, rummaging around for a key, and breaking into the file
cabinet to read the letter.
Some reporters have said that what the journalists did was both
unethical and illegal (under both US and local laws). It is not
equivalent to reading a letter upside down on somebody's desk; it is
equivalent to opening somebody's front door and going through their
filecabinet.
A spokesman for the U.S. Olympic Committee said that the USOC was
satisfied that the reporters were not trying to read Harding's mail. He
said he saw no need for the USOC to take any action. ``I think it's an
issue in terms of ethics that belongs in the court of journalism
itself,'' he said. ``We have no cause based on published rules to take
some action, and I will not have my organization drawn into the same
controversy during the last three days of the Olympics when we're not
involved. I think this is an issue that's best left to those who manage
or report the news.''
Dave Barry's editor at The Miami Herald's Tropic magazine, essentially
reiterated Barry's dismissal of reaction to the snooping: ``It seems
like anything you or I would do the same. It's like if someone told you
that if you turn your TV to channel 59 there's some weird movie where
they're beheading chickens and other weird ceremonies. Just to see if
it's true you'd probably turn to channel 59. It's just like if you see
someone's mail upside down on their desk or you see mail sticking out
of their mailbox. You might read it to see what it is. It depends on
what you do with it.''
The executive editor of the Detroit Free Press wrote: ``Obviously, it's
something we don't approve of. It's against our policy, and [the
reporter who did this] regrets it. It shouldn't have been done. But in
my opinion, our reporter is a fine reporter with great integrity. She
realizes she made a mistake. We're reviewing it and will be apologizing
to Tonya.''
Another journalist wrote: ``I find this story most disgusting. I'd
probably fire a journalist, working for my organisation, who thinks
that this peeping into someones privacy is well done behaviour.''
The journalist continued by comparing this behavior to that of a
reporter who opens someone's mailbox, steams open the letters, reads
them and puts them back. Saying that the person didn't have a lock on
the box is no defense to that kind of privacy invasion. I agree with
Alex that this is the kind of behavior 21st century journalists should
be combatting rather than promulgating. Computers have raised a number
of legitimate privacy concerns in the general public. If we fail to
act responsibly, we may well find the door to electronic information
slammed in our face (not to mention the loss to our collective
credibility). We need to come out and publicly condemn these actions
as plainly unethical.
A journalim professor wondered if this was the type of ethics "tenured
professors" teach in j-schools. The answer, he stated, is, of course,
no. But does it matter when top role models in the profession care so
little about ethics themselves?
He stated that to be fair to Dave Barry, singling him out like this is
a little misleading, because it gives the impression that he was a
ringleader. All he did was tell a reporter that he, like several dozen
other journalists, tried the access codes. I'm not sure I'd use the
word "conspiracy"; Barry says it was just a lot of people giving in to
temptation. While that hardly justifies the Olympic journalists'
behavior, I do agree with Barry that it's probably unfair to single out
the three reporters who happened to get caught -- or Barry or anyone
else, for that matter -- for special abuse.
The original poster wrote: My whole purpose in writing the original
note (which was very strongly worded, and which I stand behind
completely) was not to hold up the Times, Free Press and Mercury News
reporters to special ridicule. It was to state categorically that
journalists shouldn't have any special dispensation to rummage around
in electronic mailboxes. That's a very sensitive and important issue
that we must address soon, and I just hope the larger issue doesn't get
lost in a rush to stigmatize individual journalists because they happen
to be good enough to become famous.
Another reporter wrote: In my case, I wasn't following any of this
until the weekend, but it came after reading a commentary in the March
issue of BYTE by Victor J. Cosentino, a lawyer in Washington, D.C., who
wrote that once online, some people totally disregard legally and
socially acceptable behavior.
It is all very easy, he continued, for _anyone_ in cyberspace to think
that they are simply communicating with the monitor in front of them
and not with the whole world. Access someone else's computer? Who
will know? Send out a flame? After all, the box can't punch the
sender in the nose.
As journalists we have a tremendous opportunity to help guide the use
of these new information technologies, even if we trip over a few
electronic potholes. It's a high wire, this balancing act between the
public's right to know and their desire for privacy.
---------- End of cut from Journalism Boards --------------------
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of Computer Privacy Digest and
Professor of Computer Science | comp.society.privacy.
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
---------------------------------+-----------------------------------------
------------------------------
From: swayne@draper.com (A. Steven Wayne)
Date: 11 Mar 1994 19:43:14 GMT
Subject: Re: Privacy and Sexual Crimes
Organization: The Charles Stark Draper Laboratory, Inc.
In article <comp-privacy4.38.6@cs.uwm.edu>, mea@intgp1.att.com (Mark
Anderson) wrote:
swayne@draper.com (A. Steven Wayne) writes: Chuck Weckesser
<71233.677@CompuServe.COM> wrote: Should Rapist's And
Pedophiles Be Forced To Register With The Authorities Every
Time They Move Away?
There are two issues here: the rights of the individual (who I
assume to have been previously convicted) and the security of
society. [A. Steven Wayne chooses the security of society]
Your proposal scares me a little bit, not because you mention it
here in this mailing list, because I think your attitude towards
these types of crimes reflects the norm of society. It's now
becoming acceptable to sacrifice any kind of privacy or liberty if
it prevents just one child from being molested or one woman from
being raped. The nightly TV tabloid^H^H^H^H^H^H^Hnews seems to
create enough hysteria about this crime that if a proposal to place
electronic monitoring devices on these people for the rest of their
lives, there wouldn't be much objection.
For people convicted of these crimes, databases already exist that
allow interested parties access. If you, as a concerned neighbor,
investigated every new neighbor coming into the neighborhood, you
could find out convicted rapists and molesters using the laws
already on the books. Having these people report to the
authorities after they've served their debt to society can have
dangerous side effects. Personally, I'd also want to know about
the murderers, home burglars, and drug dealers moving into my
neighborhood.
But consider it as if the punishment for the sexual crime were life on
parole, as opposed to life in incarceration. Instead of regularly
reporting to a parole officer, the person only had to register with
certain other authorities. Is this exceptionally harsh when viewed
this way?
--
swayne@draper.com
------------------------------
From: michael@stb.info.com (Michael Gersten)
Date: 10 Mar 94 10:46 PST
Subject: Re: PGP Ideas
Replying to someone: To use PGP on my Macintosh, for instance, I
would have to launch my text editor, open and compose a new
document, save it, launch MacPGP, encrypt and save the document
(deleting the original), upload the encrypted message (deleting the
message on my computer), open PINE (or whatever mailreader that I
would use), send the message, and delete the original on my host
computer. Nine steps for a simple message encrypted in a
bulletproof fashion. Recieving and decrypting a message is
similarly complicated.
It's times like this that I really like NeXTStep. All I'd have to do to
encrypt with PGP would be to select the text that I want, and hit a
menu item or command key. Automatically run the encrypter, and replace
the selected text with the encryption. Voilla! One step.
This has been a blatant plug for NeXTStep :-)
--
Michael Gersten michael@stb.info.com
NeXT Registered Developer (NeRD) # 3860 -- Hire me! (Ready _NOW_)
------------------------------
From: sutter@verisoft.com (Paul Sutter)
Date: 10 Mar 1994 11:26:55 +1700
Subject: CHIPS...
Whose privacy are you concerned about? Yours, or the cat's?
Is the chip the privacy issue? Or is it the name/number information in
the database? How easy is it to give false info for the database
(Mickey Mouse, 213-555-1212)?
Could it be made useful without compromising who you are (John Doe,
800-xxx-xxxx)? Yes, it may be expensive to maintain an 800 number just
so that you can be anonymously notified of a lost cat,.... but... I'm
just trying to determine what the real issue is here.
Paul Sutter
Verisoft
------------------------------
From: sbernard@tardis-b4.ethz.ch (Steve Bernard)
Date: 11 Mar 1994 19:19:02 GMT
Subject: CHIPS...
Organization: Swiss Federal Institute of Technology (ETHZ)
Lile Elam (lile@netcom.com) wrote: [...] : Well, I said I didn't
want a chip in this cat and that it was a violation of privacy.
[...]
I was really upset about this. My housemate asked me why and I
said, "It's too close. Don't forget that we are animals too!
Uh, I'm not sure I follow you on this. Has there been any other
precedent where treatment of animals has propogated to humans? I'm
pretty sure we're not putting people to sleep yet because they don't
have a home. What about getting spayed and neutered? This is a good
thing with animals yet I don't think we need worry about that happening
to us.
Below is the brocure contents about the C.H.I.P. program. How do
you feel about it?
To me it sounds like a really good idea. I know people who have lost
valuable pets and perhaps something like this would have helped. Sure,
maybe "Socks" has lost a little privacy, but after the claws and the
gonads...
The same just isn't true with humans. If you lose a child it's a major
event. The police, media, etc are invloved. It's pretty hard to
imagine how this little chip would be of benefit. Anyone not wanting
it could just remove it -- obviously not a good method for permanently
marking criminals and the like. Many of them already have a more
permanent form of ID in their scars and tattoos. (ever see America's
Most Wanted?) Sorry, but I do think you're overreacting. Enjoy your
cat!
Steve Bernard
------------------------------
From: lile@netcom.com (Lile Elam)
Date: 11 Mar 1994 00:01:09 GMT
Subject: CHIPS...
Organization: NETCOM On-line Communication Services (408 241-9760 guest)
What is a identity? If a person doesn't have a identity, do they have
any rights?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Lile Elam | "Remember... No matter where you go, there you are."
lile@netcom.com |
Un*x Admin / Artist | Buckaroo Banzai
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
------------------------------
From: seth@wucs1.wustl.edu (Seth Golub)
Date: 10 Mar 1994 17:53:03 GMT
Subject: CHIPS...
Organization: Washington University, St. Louis MO
Lile Elam <lile@netcom.com> wrote: The microchip contains a unique
I.D. number which can be activated by a special hand-held scanning
device (much like bar codes in grocery stores). In the future, if
your animal becomes lost and is brought to the shelter or a local
participating veterinary hospital, his/her unique I.D. number will
be read by the scanner.
I wonder how close they have to be to scan. With a long range scanner
they could locate a missing animal that had not been brought to a
shelter--or track a person who they believe is with the animal. I
guess the FBI won't need me to have a cellular phone after all.
--
Seth Golub | "One should never underestimate the influence of
seth@cs.wustl.edu | 'breakfastlessness' on the workings of a great
| political mind." - D. Sim
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 11 Mar 1994 11:22:39 -0600 (CST)
Subject: CHIPS...
Organization: University of Wisconsin-Milwaukee
lile@netcom.com (Lile Elam) posted: So, I went to the front desk
and spoke with the Animal Coordinator/Advisor. Everything was
going great and they were impressed that my dad's a veterinarian.
Said it sounded like we could provide Hawk with a wonderful home.
Then the woman said, "All we have to do is implant a microchip in
the animal and you'll be set". Well, I turned pale and said,
"What's this chip and why is it needed?" I was told that it was
used to identify the animal in case it became lost. A identifaction
number is stored on this microchip and can be used to find the
pet's owner and home.
Well, I said I didn't want a chip in this cat and that it was a
violation of privacy.
I am not sure whose privacy is being invaded here. If you feel that
the cat needs this privacy then you have gone too far in my judgement.
I suspect that the cat will not be concerned about this chip, either
physically or mentally. If you feel that _you_ should not be forced to
wear such a chip I will support you completey.
Some years ago, in order to protect my privacy, I registered my phone
under the name "Mehitabel DeCatte" (pronounced "Mehitabel the cat").
Having such a "nom de phone" was legal and was cheaper than having an
unlisted number. Our cat, Mehitabel, did live at our residence with
us, and did not mind the junk phone calls as much as we did. Any call
for Mehitabel, or for Miss DeCatte I knew was not for me and would
generally answer that she was outside climbing a tree or was asleep
under the sofa.
She never complained. I am sure that had such a chip been available at
the time she would have been more pleased with it than she was with the
collar we made her wear with appropriate identification on it.
There are limits to our need for privacy. I feel that Lile Elam's
posting had gone beyond those limits.
--
Leonard P. Levine e-mail levine@cs.uwm.edu
Professor, Computer Science Office 1-414-229-5170
University of Wisconsin-Milwaukee Fax 1-414-229-6958
Box 784, Milwaukee, WI 53201
------------------------------
End of Computer Privacy Digest V4 #041
******************************
.