Date:       Tue, 26 Apr 94 14:41:19 EST
Errors-To:  Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From:       Computer Privacy Digest Moderator  <comp-privacy@uwm.edu>
To:         Comp-privacy@uwm.edu
Subject:    Computer Privacy Digest V4#058

Computer Privacy Digest Tue, 26 Apr 94              Volume 4 : Issue: 058

Today's Topics:			       Moderator: Leonard P. Levine

               NSA remarks at "Lawyers and the Internet"
                          Bankruptcy and SSN's
                              Visa Privacy
                    Re: Helpful Police face Lawsuit
             Re: Credit check only with Permission Granted
                              Re: HR 1900
                      Re: Long Distance Companies
                   Re: Lord Have Mercy On Us All :-(
                   Re: Solicitation via the Internet

   The Computer Privacy Digest is a forum for discussion on the effect 
  of technology on privacy.  The digest is moderated and gatewayed into 
  the USENET newsgroup comp.society.privacy (Moderated).  Submissions 
  should be sent to comp-privacy@uwm.edu and administrative requests 
  to comp-privacy-request@uwm.edu.  Back issues are available via 
  anonymous ftp on ftp.cs.uwm.edu [129.89.9.18].  Login as "ftp" 
  with password "yourid@yoursite".  The archives are in the directory 
  "pub/comp-privacy".   Archives are also held at ftp.pica.army.mil
  [129.139.160.133].
----------------------------------------------------------------------

From: milles@fi.gs.com (Stevens Miller)
Date: 26 Apr 1994 17:08:02 GMT
Subject: NSA remarks at "Lawyers and the Internet"
Organization: self

I'm a computer programmer and attorney who is a member of the Committee
on Technology and the Practice of Law, a task force assembled by the
Association of the Bar of the City of New York.  Last Friday we held a
conference on "Lawyers and the Internet."  Approximately 200 lawyers
attended.

Speaking in favor of the Clipper proposal was Stuart Baker of the NSA.
I won't repeat his substantial arguments, but his formal approach
(which Mike Godwin tells me is becoming a standard component of the
government's pro-Clipper road show) is worth some attention.  Parroting
his own words at CFP, Baker told us:

- The debate over the Clipper proposal is "really just a culture clash
among net-heads."

- Those opposing the proposal are late-coming counter-culturists, "who
couldn't go to Woodstock because they had to do their trig homework."

- Opponents envision themselves as would-be "cybernauts in bandoliers
and pocket-protectors."

I quote these remarks (as best I can from memory; my hands were shaking
too much to write clearly at this point) to make it clear that our
government's representative has reached a conclusion about the
community opposing its plan.  He has concluded that the members of that
community are so beneath his respect that it is more appropriate to
make fun of them than it is to respond to their views.  As Godwin
pointed out later, the NSA really just doesn't care what anyone says.
That, he said, is why Baker repeatedly invokes the spectre of
child-molestation as the chief evil Clipper will prevent; by that
invocation is much meritorious debate deflected.  Baker replied to this
by emphasizing the reality of the pedophilia potential of networks,
telling us that many users of networks "are teenaged boys with inept
social skills."

Regardless of the law-enforcement potential of this plan, it is worth
noting that an official spokesman for the government endorses it by
pointing out that its opponents valued their studies more highly than
they did rock and roll.  That because the popular image of the bookworm
can be juxtaposed against that of Rambo in a funny way, bookworms don't
have to be taken seriously.

That if you play with computers as a youngster, your community, your
parents and your own brain can't save you.  That the government must
protect you from your own ineptitude, whether you want its help or
not.

The message was pretty clear:  Stuart Baker doesn't care what you say,
but he wants the power to listen.

---
Stevens R. Miller			|"The complete truth is not the
(212) 227-1594				| prerogative of the human judge."
sharp@echonyc.com			|
New York, New York			| - Supreme Court of Israel


------------------------------

From: austin@netcom.com (Tony Austin)
Date: 24 Apr 1994 17:06:16 GMT
Subject: Bankruptcy and SSN's
Organization: NETCOM On-line Communication Services (408 241-9760 guest)

I received in the mail today a letter from the U.S. Bankruptcy Court
that an ad agency I did some work for is summarily bankrupt.

A few days later I got another letter stating that the owner, as well
as his wife, were bankrupt too.

Included in the letter was the name and address of the parties involved
as well as their Social Security Numbers.

So it looks that when you go bankrupt you bare your soul and SSN number
to the world. All of which is public record.

-- 
Tony Austin


------------------------------

From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 25 Apr 1994 20:18:27 -0500 (CDT)
Subject: Visa Privacy
Organization: University of Wisconsin-Milwaukee

I am the co-author of a book called "A Foreign Visitor's Survival Guide
to America".  It has been suggested that I use the Freedom of
Information act to obtain a list of people applying for visas to come
to the United States to create a mailing list of people to send
advertisements to.  I would like any opinions on the ethics of doing
this.  

--
Marilyn Levine

[moderator: Marilyn Levine is my wife.  She has no direct Internet
access.  Please address mailings to me at the address above or post.]


------------------------------

From: khinedi@bu.edu (Kareem Hinedi)
Date: 24 Apr 1994 22:38:43 GMT
Subject: Re: Helpful Police face Lawsuit
Organization: Boston University

    Prof. L. P. Levine (levine@blatz.cs.uwm.edu) wrote: The San
    Francisco Examiner recently published a story entitled: [deleted a
    story about the SFPD releasing private information and in the
    process assisted someone in committing a felony]

I just wanted to mention that about two or three years ago, the SFPD
was accused of providing private information to a foreign government
intelligence agency (Israel I believe).  A class action lawsuit was
filed on behalf of the individuals whose information was "stolen" but I
don't know what the outcome of the lawsuit was.

-- 
Kareem A. Hinedi
Boston University School of Public Health
BU Medical Center Box 741
80 E. Concord Street
Boston, MA 02118


------------------------------

From: rivaud@coyote.rain.org (L. E. de Rivaud)
Date: 24 Apr 1994 16:50:35 -0700
Subject: Re: Credit check only with Permission Granted
Organization: rain.org

I used to work for a BMW dealer who ran credit checks on people all the
time without their prior consent.  That is common practice in the biz.

    Tony Austin (austin@netcom.com) wrote: I called TRW in Orange
    County, California today. I asked how safe my credit information
    and social security number is. They told me that noone can look at
    your credit report unless you grant them permission.

    A fine and a civil lawsuit was mentioned as well. Subsequently I
    feel a lot safer. Is this a false feeling of security?


------------------------------

From: rfrank@kaiwan.com (Ronald E. Frank)
Date: 24 Apr 1994 20:15:52 -0700
Subject: Re: HR 1900
Organization: The Mushroom Factory

    jonescpp@aol.com wrote:

    Scenario #1

    An airplane crashes.  There was no communication with the aircraft
    or crew prior to the crash.  The investigation of the crash will be
    severely hampered because there is no "Black Box".  House
    Resolution 1900, if passed, will require each crew member to be
    notified in writing as to electronic monitoring of their
    performance. This will include the type of monitoring device used,
    the data to be collected and the hour and day of the week of the
    monitoring.

I can't speak for the other scenarios, but HR 1900 would have no effect
in this one.  Pilots are required to know Federal Aviation Regulations,
and those regulations specify the conditions under which Flight Data
Recorders and Cockpit Voice Recorders must be installed.  The pilot in
command is responsible for ensuring compliance with these regulations.
Ergo, every pilot is already "notified in writing as to electronic
monitoring of their performance".

Scratch one off of Mr. Jones' parade of horribles.

Ron


------------------------------

From: tenney@netcom.com (Glenn S. Tenney)
Date: 25 Apr 1994 01:54:06 -0800
Subject: Re: Long Distance Companies

    dom@hermes.dna.mci.com (Eric Kessner) wrote: The long distance
    companies use the SSN in the same way almost every other business
    uses it, as a "unique" identifier for a customer. I'm strongly
    against using SSNs for privacy reasons and have convinced the team
    I work with not to expect that people will necessarily give it to
    them when asked, or even worse, might just make one up. So, for at
    least the projects I'm working on here at MCI, no one will tell you
    that you must give them your SSN because the "computer needs it" :)

In the SF Bay Area, if you want cellular phone service from GTE, they
ask for your SSN on the application form.  A few years ago I tried to
get service from them without including the ssn... turns out if you
didn't put it on the form, they threw the form away without processing
it!

After contactin the PUC, GTE said that they HAD to have the SSN or they
COULD NOT DO A CREDIT CHECK (utter BS) so they would give you service,
but only with a $1,000 cash deposit.   When I told the PUC that this
was not true, they said there was nothing they could do since GTE
officially told them it was true.

Sigh...

---
Glenn Tenney
tenney@netcom.com   Amateur radio: AA6ER
(415) 574-3420      Fax: (415) 574-0546


------------------------------

From: vapspcx@cad.gatech.edu (S. Keith Graham)
Date: 25 Apr 1994 23:33:29 -0400
Subject: Re: Lord Have Mercy On Us All :-(
Organization: Free Agent

    Black Unicorn <unicorn@access.digex.net> writes: tim werner said:
    The police are a Good Thing when they are protecting me from fraud,
    theft, and physical attack.

    The most efficent police are those under a dictator.  They will
    protect you from fraud, theft and physical attack too.  Are they a
    good thing?

    The communications network doesn't really bother me, The formation
    of a group dedicated to empowering law enforcement with high
    technology does.

I suppose that police officers wearing animal skins and walking to
crime scenes, are the only ones incapable of violating the rights of
citizens??

Kevlar vests save officers lives.  Cars let them pursue criminals.
Radios let them intercept criminals.  Genetic samples let them verify
the identity of a criminal much more accurately than many eye
witnesses.  Video cameras in cars protect both the officer and, in some
cases, the general public.  Radar spots people sneaking into the
country.

And some of the technology, like non-lethal "take-down" weapons, will
make it more likely for a citizen (guilty or innocent) to make it to
court, and have their say.

The law enforcement officials should use any technique that does not
infringe on the rights of the general public, and is cost effective.
Otherwise, they are wasting my tax money, and/or allowing a criminal to
go free.

However, Clipper (and the FBI Telephony proposal) meets neither
criteria.

Other technologies qualify; the loss of the wiretap will undoubtably be
compensated by some other technology.    Denying the police other
technologies is like asking them not to wear their kevlar vests, or to
ride horses to chase speeders on the interstate.

Keith Graham
vapspcx@cad.gatech.edu


------------------------------

From: nevin@cs.arizona.edu (Nevin Liber)
Date: 26 Apr 1994 01:27:12 -0700
Subject: Re: Solicitation via the Internet
Organization: University of Arizona CS Department, Tucson AZ

    Earlier someone wrote: "Thank you for the information but I look
    quite unfavorably on people who swipe my name/address off of Usenet
    distribution lists and then use it for other means."

    By "other means" is a direct solicitation.

But what if he grabbed it off something like the MIT usenet addresses
database?  Is he violating your request?  Is MIT?  If it is MIT
(replace MIT with MIT or similar service provider; I don't wish to pick
on them; I just don't know of others), you cannot reasonably expect
their automated tools to figure this out.  Which means, unfortunately,
that the burden is on us to make sure our personal information isn't
abused.  

--
Nevin ":-)" Liber       nevin@cs.arizona.edu    (602) 293-2799
						 +++ (520)
						 after 3/95
				     office:    (602) 621-1685


------------------------------


End of Computer Privacy Digest V4 #058
******************************
.