Computer Privacy Digest Thu, 14 Jul 94 Volume 5 : Issue: 005
Today's Topics: Moderator: Leonard P. Levine
Privacy of E-Mail and Other Data in the Workplace
Improved CPSR Web Pages
New National ID Card Proposal
Subjective Questionnaires re Privacy
Re: CID is not the same as 800 or 911 ANI
Re: Question About CallerID
Re: Question About CallerID
RE: Caller ID - Unblocking Per Line Block
Re: Video Camera on Utility Poles
Re: Clipper security and other lies
The Computer Privacy Digest is a forum for discussion on the effect
of technology on privacy. The digest is moderated and gatewayed into
the USENET newsgroup comp.society.privacy (Moderated). Submissions
should be sent to comp-privacy@uwm.edu and administrative requests
to comp-privacy-request@uwm.edu. Back issues are available via
anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp"
with password "yourid@yoursite". The archives are in the directory
"pub/comp-privacy". Archives are also held at ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
From: hsdjpl1@rcinet.res.utc.com
Date: 11 Jul 1994 18:24:22 GMT
Subject: Privacy of E-Mail and Other Data in the Workplace
Organization: UTRC
I am looking for references (or opinions) on the subject of E-Mail
privacy and/or data privacy in the workplace.
Does (should) a company have unlimited rights to intercept, monitor an
and view data placed on its systems or networks (by employees)?
Have there been any court rulings on this issue?
Replies to hsdjpl1@rcinet.utc.com (John Lashnits)
Thanks in advance...
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 13 Jul 1994 08:35:07 -0500 (CDT)
Subject: Improved CPSR Web Pages
NEWS RELEASE
7/12/94
Computer Professionals for Social Responsibility (CPSR)
P.O. Box 717
Palo Alto, CA 94302
415-322-3778
415-322-4748 (FAX)
E-mail: cpsr-info@cpsr.org
FOR IMMEDIATE RELEASE
CPSR ANNOUNCES WEB SERVER WITH 60 NEW PAGES OF INFORMATION
Palo Alto, July 12, 1994. Computer Professionals for Social
Responsibility (CPSR) is pleased to announce the availability of its
redesigned World-Wide Web (WWW) server, now with 60 new hypertext pages
of timely and important information for Internet users and the general
public. The CPSR Home Page can be found at:
URL: http://www.cpsr.org/home
with hypertext browsers like Mosaic and Lynx.
WWW grew from the need of physicists at the European Particle Physics
Laboratory (CERN) to communicate with pictures and text to colleagues
around the world in hypertext, non-linear format. Since its beginning
in 1989, WWW has allowed people to link their electronic documents and
images to other documents on computers around the world. Estimates say
there were, as of May 1994, over 4,500 hypertext Web server computers
capable of linking documents on the 10,000 computer networks comprising
the world-wide Internet.
CPSR's Web Pages cover issues related to the organization's mission to
provide the public and policymakers with realistic assessments of the
power, promise, and problems of information technology. These issues
include the National Information Infrastructure, Civil Liberties and
Privacy, Computers in the Workplace, Technology Policy and Human Needs,
Gender and Minority Issues, Reliability and Risks of Computer-Based
Systems and Community Networking. There are also links to many reports
and other sources of information. All links are provided with
descriptive narratives, and are not just lists of files. CPSR will
continually update their pages to insure the accuracy and usefulness of
this resource.
CPSR was founded in 1981 by a group of computer scientists concerned
about the use of computers in nuclear weapons systems. CPSR has since
grown into a national public-interest alliance of information
technology professionals and other people. Currently, CPSR has 22
chapters in the U.S. and affiliations with similar groups worldwide.
The National Office is in Palo Alto, California.
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 13 Jul 1994 15:57:50 -0500 (CDT)
Subject: New National ID Card Proposal
from Risks-Forum Digest Weds 13 July 1994 [16:23] Forum on Risks to
the Public in Computers and Related Systems ACM Committee on Computers
Date: 12 Jul 1994 20:11:46 -0500
From: David Banisar <Banisar@epic.org>
Subject: New National ID Card Proposal
CBS Evening News just reported that Clinton has "tentatively signed
off" on a National ID card recommended to him by a commission on
immigration reform. The ostensible reason for the card is for
employment and immigration. Each card will contain a name, photo, mag
stripe with info and a "verified SSN." It was supported by Senator Alan
Simpson of Wyoming, a long-time supporter of ID cards. Gov. Pete Wilson
of California has apparently offered to make California a test-bed for
the proposal. The proposal was opposed by Xavier Beccera, a
Congressman from California. A previous effort to impose a national ID
card was rejected by Congress in 1986.
EPIC is working with Privacy International to investigate this report.
PI has led successful campaigns against national ID cards in Australia,
New Zealand, and the Philippines.
In Australia, the PI-led campaign led to the dissolution of both houses
of the federal Parliament in 1987 after hundreds of thousands marched
in protest. The Australian campaign brought together groups from all
parts of the political spectrum from the Communist Party to the
Libertarian Alliance, farmers and conservation groups, rock stars,
academics, large businesses such as banks and mining corporations, but
the overwhelming support came from the public who created the biggest
civil protest in Australian history.
David Banisar (banisar@epic.org) Electronic Privacy Information Center
666 Penn. Ave, SE #301, Washington, DC 20003 202-544-9240 (v)
202-547-5482 (f)
------------------------------
From: weh@SEI.CMU.EDU (Bill Hefley)
Date: 13 Jul 1994 23:03:47 EDT
Subject: Subjective Questionnaires re Privacy
Organization: Software Engineering Institute
As an adjunct to some work that I'm presently doing with advanced
automation, I'm interested in exploring some perceptions of users with
respect to privacy concerns.
I've found few studies that looked at these areas, but would be
interested in knowing of any references to such studies or examples of
questionnaires that have been used in the past.
--
Bill Hefley Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213 U.S.A.
Office: +1-412-268-7793, Fax: +1-412-268-5758, internet: weh@sei.cmu.edu
------------------------------
From: jwendel@ccnet.com (Jesse Wendel)
Date: 11 Jul 1994 19:21:47
Subject: Re: CID is not the same as 800 or 911 ANI
Organization: Kid SmartWare, Inc.
Michael Travers <mt@media.mit.edu> writes: ... In the Boston area,
the recently introduced caller-id system only has a line-blocking
feature that DOES block 911 calls. They say this will be fixed
sometime in late 1995. In the meantime, you have to choose between
privacy and safety.
Is this true!!! A working caller-id system that actually blocks 911?
How/why is this tolerated? Any fatalities or near misses yet?
Can you provide sources/verification?
Thanks.
------------------------------
From: makyen@netcom.com (makyen)
Date: 12 Jul 1994 13:19:15 GMT
Subject: Re: Question About CallerID
Organization: NETCOM On-line Communication Services (408 261-4700 guest)
kadokev@rci.ripco.com (Kevin Kadow) writes: At least in Chicago,
not only will Caller ID give the number, but CID with name gives
the name for any caller, listed or unlisted, who they've got around
to entering into their database- unfortunately the database seems
to be consistently a few months behind reality.
In California, the PUC ruled that if the local carrier is going
to provide CID to customers then it must do the following:
Two types of line categories:
A. CID is normally blocked
Can unblock on a per-call basis with correct
*## code, as spec'ed by Bellcore (*68 as I
recall).
B. CID is normally unblocked
Can block with correct *## code, as spec'ed
by Bellcore (*67 as I recall).
Upon setup of CID service all lines must be assigned to A & B
as follows:
All currently unlisted numbers placed in category A.
All currently listed numbers placed in category B.
A charge is permitted to change from A to B.
Based on this ruling, PacBell, the largest provider in California,
has stated that they will _NOT_ provide CID service because complying
with the PUc ruling would be too expensive. I have heard PacBell
complain about this ruling because "other 800 line providers
are not required to do this".
makyen
------------------------------
From: snyderra@dunx1.ocs.drexel.edu (Bob Snyder)
Date: 12 Jul 1994 18:25:22 -0400
Subject: Re: Question About CallerID
Organization: Drexel University (Computing Services)
Bernie Cosell <bernie@fantasyfarm.com> wrote: But there's an
interesting standoff [at least here in Bell Atlantic land]. One
option you can purchase is "refused blocked calls". So you, with
your unpub number, may discover that you're caught between a rock
and a hard place: either you give out your unpub number, or you
can't call the person _at_all_.
This is, IMHO, a fairly good trade off. You can protect your number,
but I don't have to take the call.
As far as I know, BA provides this service for free, if you have Caller
ID. At least, that's the case for Bell Atlantic - New Jersey. It
doesn't make sense to have the service without Caller ID.
However, you can still call the person without revealing your number:
Use a pay phone.
--
Bob Snyder N2KGO MIME, RIPEM mail accepted
snyderra@dunx1.ocs.drexel.edu finger for RIPEM public key
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
------------------------------
From: Lynne Gregg <lynne.gregg@mccaw.com>
Date: 11 Jul 94 16:28:00 PDT
Subject: RE: Caller ID - Unblocking Per Line Block
kadokev@rci.ripco.com (Kevin Kadow) stated: Personally, I am in
favor of BOTH per call and line blocking, with *67 doing nothing on
a line with line blocking enabled, and another code (*68?) enabling
caller-id sending if it was disabled. All at no charge.
I agree, both per line and per call options should be made available to
consumers. Several States and Service Providers support "unblocking"
as you describe as "caller-id sending". Then, *82 is generally used.
Regards,
Lynne
------------------------------
From: cntrspy@netcom.com (Executive Protection Assoc)
Date: 13 Jul 1994 00:07:20 GMT
Subject: Re: Video Camera on Utility Poles
Organization: NETCOM On-line Communication Services (408 261-4700 guest)
Glen Roberts (glr@ripco.com) wrote: It might not be widespread yet,
however, my sources tell me that they are one of the most popular
surveillance items (to the law enforcement markert place). What
are they? Remote control, pan, tilt, zoom, video cameras (some of
the literature I've seen also says they have audio). They are
mounted inside a utility transformer (looks like a Edison
Transformer on a telephone pole). Also, telephone splicing boots
and boxes.
Actually they can be had for as little as $5K for the Telco splice boot
and about $10-12K for the transformer. Pan tilt and zoom are
controlled via the DTMF pad on a hand held radio, signal can be fed
either via 24Gig microwave or a spare pair at 56Kbs with a high
sampling rate. They are also VERY popular with our foreign clients,
especially with an 880 Nms Infrared flood light source. Will light up
a country or city intersection and take GREAT quality video !
They have been around for at least 8 years that I know of.
We use them for our High risk clients.
--
Chris Hall
Chief Operating Officer
Executive Protection Associates, Inc.
Worldwide Investigations, Privacy Protection, Off-Shore Banking and
Trust Agents. Second Passport and Economic Citizenship Agents.
Opinions Expressed are those of the author and NOT those of E.P.A.I.
------------------------------
From: lupienj@wal.hp.com (John Lupien)
Date: 13 Jul 94 17:41:58 EDT
Subject: Re: Clipper security and other lies
patchman writes: Subject: What's a Cop to Do? Greetings Cyberati,
My question regarding the Clipper is this: If a law enforcement
official suspects illegal activity behind electronic enemy lines,
what would he/she do for surveillance if he/she didn't have the
Clipper?
A better question might be "what would the cop do if they DID have
Clipper?" Unless the suspect is not only crooked but stupid, they won't
be using Clipper for sensitive communications. And in fact, geven that
Clipper is a manifestly insecure system, nobody who wants security,
whether for licit or illicit reasons, will use it for sensitive
communications unless they are either stupid or they don't really care
that much about the security of the sensitive conversation. Unless I
am quite sure that the channel I am using can be decrypted ONLY by my
trusted correspondent, then use of that channel for sensitive
correspondence is simply untennable. The notion that the law
enforcement community needs Clipper to catch "bad guys" is apparently a
red herring: many electronic eavesdropping mechanisms exist which do
not require wiretapping, and wiretapping is relatively ineffective for
catching any but the stupidest of crooks. I rather doubt that any crook
smart enough to know that they want to encrypt sensitive phone calls is
dumb enough to use an encryption mechanism that the government can
decrypt. Given that, it would appear that the real purpose behind the
Clipper proposal is an attempt to prevent people from using effective
encryption mechanisms, which is an effort which seems doomed to failure
from the get-go, as in fact strong and effective encryption is already
available and in use, world-wide.
--
John R. Lupien lupienj@wal.hp.com
------------------------------
End of Computer Privacy Digest V5 #005
******************************