Date: Thu, 01 Sep 94 08:54:47 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V5#029
Computer Privacy Digest Thu, 01 Sep 94 Volume 5 : Issue: 029
Today's Topics: Moderator: Leonard P. Levine
Credit Reports
Advertising on the Net
Electronic Cash
Post Office Boxes
Internet White Pages
Satellite Imaging for Targeted Marketing?
Re: Credit Reporting
DM News Article
WA State DOT "Congestion Pricing" Project
Re: Online Stalking
Big Brother on the Autobaun
Re: SSN Dial In Database
Re: Bank Account Numbers
Posted in Error
Monthly Posting
---------------------------------------------------------------------
Housekeeping information is located at the end of this Digest.
----------------------------------------------------------------------
From: "BETH GIVENS" <B_GIVENS@USDCSV.ACUSD.EDU>
Date: 29 Aug 1994 22:12:26 -0700 (PDT)
Subject: Credit Reports
Zaf asked how to go about getting one's credit report. You are welcome
to sign onto the Privacy Rights Clearinghouse gopher -- gopher
gopher.acusd.edu. Our fact sheet number 6 contains information on how
to get your credit report. Each of the three credit reporting bureaus
has a toll-free number to call (TRW, Equifax, and Trans Union). A
recorded message gives you the information you need to go ahead and
order your report. We recommend starting with TRW, since the report is
free.
--
Beth Givens, PRC
------------------------------
From: Robert Ellis Smith <0005101719@mcimail.com>
Date: 29 Aug 94 12:04 EST
Subject: Advertising on the Net
FROM THE AUGUST ISSUE OF PRIVACY JOURNAL
0005101719@mcimail.com
The vice president of a major New York advertising agency has ventured
into the world of the Internet in a cautious way that he presumably
hopes will not disturb the natives. In the past, attempts to bring
advertising to the computer- message and research network, whose
spontaneity and openness are zealously protected by its millions of
users, have been met with electronic hostility.
Martin Nisenholtz of the established ad agency Ogilvy & Mather has a
title that itself would alienate 'net users: senior vice president and
director of interactive ventures. This summer he published guidelines
for effective advertising on the Internet.
To date the government-founded network has been commercial free, but
Nisenholtz considers electronic ads inevitable. Several of the firm's
clients want to advertise on the Internet, he says. His suggestions:
* Don't send intrusive messages, only those requested or those relevant
to a recipient's previous inquiries.
* Post ads only if the topics are relevant to the news group or
discussion.
* Marketers should be free to post offers, but only if they fully
disclose their identities and the terms of the deal.
* Don't rent or sell a consumer's personal information without
permission. On the Internet there is no expectation of commercial use
of personal information, as there is in direct-mail sales.
* Marketers should be able to conduct research on consumers' buying
habits, but only with consent.
* Marketers should not gather data surreptitiously.
"The market is huge," says Nisenholtz. One reason is that an
interactive service can provide verification of regular readership and
use, even by age, sex, residence, affluence, or other indicators.
Another advantage to advertisers is that specific messages can be sent
to identified households or offices.
One of the first breakthroughs that will bring advertising to the
Internet came this summer with the use of encrypted methods for making
secure credit-card payments over electronic networks.
Nisenholtz says he is trying to distinguish between the Internet and
blatantly commercial-oriented on-line services like Prodigy and America
On-Line and to forge "a middle ground between being completely
non-commercial and a complete free-for-all." But Mike Godwin, counsel
of the Electronic Frontier Foundation, an Internet watchdog, says that
the guidelines don't prevent anyone from doing anything. And besides,
"no set of rules is going to be enforceable because the 'net is not
hierarchically oriented. There's no one to police it." And that,
apparently is why users like it.
------------------------------
From: William Hugh Murray <75126.1722@compuserve.com>
Date: 30 Aug 94 07:42:06 EDT
Subject: Electronic Cash
-- [ From: William Hugh Murray * EMC.Ver #2.0 ] --
>....MIGHT THE PROGRESS OF PEOPLE SUCH
AS DAVID CHAUM BE IN VAIN, GIVEN THE TENDENCIES OF GOVERNMENT, AND THE
HUMANS OF WHICH IT IS CONSISTED?".
That government's will resist electronic cash is a given. They are
concerned that it will interfere with tax collection and with the
sovereign's traditional "right" to issue currency.
That they will also resist the use of strong cryptography is equally
clear. This resistance is even more fundamental since strong
cryptography will enable not only the above but because it will
interfere with the necessary surveillance of the goverened. While
government assert the right to control encryption by law, this right is
at best limited and perhaps non- existant. It is not even clear that
they could do it if they tried.
It is not clear that control of cryptography is the line of resistance
against electronic cash that the government will pursue. A more likely
path would be the less disputed right to control the minting of
currency. Singapore has attempted to pre-empt control of electronic
cash by issuing their own cards and by assuming control of the
telecommunications infrastructure. Nonetheless, short of cutting off
all communication with the outside world, a more private money will
drive a government money from the market. (No government has ever
succeeded in repealing Gresham's law.)
It may well be that it will be that is the efforts of the government
that will prove to be futile.
--
William Hugh Murray New Canaan, Connecticut
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 30 Aug 1994 12:11:50 -0500 (CDT)
Subject: Post Office Boxes
Organization: University of Wisconsin-Milwaukee
In alt.privacy we see the following dialog:
Newsgroups: alt.privacy
From: an86579@anon.penet.fi
X-Anonymously-To: alt.privacy
Organization: Anonymous contact service
Reply-To: an86579@anon.penet.fi
Date: 30 Aug 1994 01:22:50 UTC
Subject: Post Office Boxes
Hi, I am not sure if this has been discussed on this newsgroup, so
forgive me if it has. I have used a PO Box for several years due to
privacy concerns. I am a SWF, and don't want my home address readily
accessible. WELL, I just learned that all one has to do to attain the
home address of a PO Box holder is fill out a form and pay two
bucks. Most people don't know this anyway (though more will now!)
but I think that this is very uncool.
Newsgroups: alt.privacy
Message-ID: <349@asj.win.net>
References: <012414Z30081994@anon.penet.fi>
Reply-To: jmoyle@asj.win.net (John Moyle)
From: jmoyle@asj.win.net (John Moyle)
Date: 30 Aug 1994 06:10:23 GMT
Subject: Re: Post Office Boxes
Although I don't like it from a business stand point, I am sure you
will be happy to know that this has changed. You can still follow
the same process for a business PO Box however the physical addresses
for the PO Boxes of private citizens are no longer availible.
I know that you can treat the PO Box as an address, for example use a
mailing address like this:
John Jones
1620 East Capitol Drive #1422
Shorewood WI 53211
and never indicate that 1620 East Capitol Drive is, in fact, the
Shorewood Post Office and 1422 is your box number. (the name and
actual box number are false, the address is correct) Letters get to
you just fine. According to the above, there is no way to get your
home address or even to see that this is not it. Hmm...
--
Leonard P. Levine e-mail levine@cs.uwm.edu
Professor, Computer Science Office 1-414-229-5170
University of Wisconsin-Milwaukee Fax 1-414-229-6958
Box 784, Milwaukee, WI 53201
------------------------------
From: Shawn Leard <71370.2551@compuserve.com>
Date: 31 Aug 94 10:48:35 EDT
Subject: Internet White Pages
Could someone please post the e-mail address to be taken off the
Internet White Pages?
Thanks,
Shawn Leard
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 1 Sep 1994 07:50:03 -0500 (CDT)
Subject: Satellite Imaging for Targeted Marketing?
Organization: University of Wisconsin-Milwaukee
From RISKS-LIST: RISKS-FORUM Digest Weds 31 August 1994 Volume 16 :
Issue 37 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann,
moderator
Date: 30 Aug 1994 13:18:31 -0500 (EST)
From: Denis Haskin <DWH@epub.ziff.com>
Subject: Satellite imaging for targeted marketing?
A 25 Aug 1994 article in the *San Jose Mercury News* discusses BADGER
(Bay Area Digital GeoResource), an "electronic library of maps, census
data, property lines and environmental features."
This is a project funded by NASA and involves Bay Area cities+towns, a
company called Smart Valley, NASA Ames, Lockheed, and other companies
to "create a shared data base of geographic information about the Bay
Area and the software to help cities use it to identify polluters,
prevent power failures or plan land-use policies."
Sounds pretty benign until you get to the discussion of use of this
data by private companies for identifying potential customers, to wit:
Organizers say private companies might make use of the mapping
service as well. For example, a satellite photo that located
swimming pools could be cross-referenced to a property-tax map
to create a data base of pool owners. That could be useful to
pool-cleaning services.
With high-resolution satellite images, roofers might be able to
locate homeowners with aging wood shake roofs.
The risks to personal privacy are, I think, obvious.
--
Denis Haskin, Sr. Mgr., Production Engineering, Information Access Company,
10 Presidents' Landing, Medford, MA 02155 dwh@epub.ziff.com 617 393 3649
------------------------------
------------------------------
From: Terrence P Maher <mahert@bluejay.creighton.edu>
Date: 29 Aug 1994 09:33:22 -0500 (CDT)
Subject: Re: Credit Reporting
Question was: Does someone know how to get a copy of ones credit
report? Any help would be appreciated.
Answer: All you need to do is call a credit bureau listed in your
local yellow pages. They have to provide you a copy, and, in certain
cases, they have to provide it to you for free.
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 29 Aug 1994 13:10:53 -0500 (CDT)
Subject: DM News Article
Organization: University of Wisconsin-Milwaukee
DM News is a weekly trade newspaper that calls itself "the weekly
newspaper of record for direct marketers." A commentary by Ray Schultz
in the August 15th issue discusses the opinions of direct marketeers
and of privacy advocates with respect to the privacy of the databases
they use. In this review of his commentary I have quoted the
italicized portions of his remarks, and paraphrased the rest:
Discussing the fact that Toyota matches it customer names against
Prodigy's list and then sends eMail to the "hits", he points out that a
professional privacy psycho (his term) might ask:
(italics) How can two separate firms I'm doing business with be allowed
to compare notes on me, especially Prodigy, which has its hooks in me
right up the kiskas? (sic) I should be asked for my consent in each
and every case. (end italics)
Discussing Chase Manhattan beginning a prospecting database for certain
offers:
(italics) What right does Chase have to hold my name on their computers
as a noncustomer? Don't J.C. Penny and the NRA have similar things?
The next thing you know the Ku Klux Klan wil be ID'ing me as a
nonmenber. (end italics)
Discussing a cooperative arrangement of two corporations to combine
databases to enhance and model data:
(italics) I know Polk - its the one with the auto list. I don't want
those Big Brother types seeing my name, even third hand.... What if
someone sends me pornography, or an ecologically unsound offer? They
should pay me for the use of my name.... (end italics)
Discussing the fact that a firm offers a service for mounting catalogs
on the Internet - the cataloger can determine how much time the viewer
spends on each page, whether he orders or not:
(italics) Is there anything they can't find out about me? I know how
these data rapists work: I can see them offering a list of "lingerie
no-buyers, male, spent 20 minutes looking." We need a data-control
czar. (end italics)
He ends with a tongue in cheek comment about how crazy these privacy
advocates are. I believe his intent is to warn his industry about
improper practice. Even the list buyers are beginning to know that
they are going very far and are risking legislation to control them.
As a personal note, it is strange how the private sector seems to be
unable to control itself without the threat, and often finally the
imposition, of government controls. They then view with alarm the
restrictions the government imposes on them. Can the shakers and
movers in the data collection industry not look at the history of the
railroads, the aviation industry and others and realize that policing
themselves is worth the effort?
(footnote: I believe that "kiskas", probably better written as kishkas,
is yiddish for entrails.)
--
Leonard P. Levine e-mail levine@cs.uwm.edu
Professor, Computer Science Office 1-414-229-5170
University of Wisconsin-Milwaukee Fax 1-414-229-6958
Box 784, Milwaukee, WI 53201
------------------------------
From: Peter Marshall <rocque@connected.com>
Date: 29 Aug 1994 11:15:39 -0700 (PDT)
Subject: WA State DOT "Congestion Pricing" Project
Proposal for the "Puget Sound Congestion Pricing" project was initiated
by United Infrastructure Washington, Inc., and describes "a phased
approach to introducing the concept of congestion pricing in the urban
growth areas of Puget Sound," involving use of "peak period fees."
Enabling same is use of "automatic vehicle identification," which
involves vehicle-mounted "small battery-powered radio transponders" and
an "electronic toll and traffic management system." According to the
project description, "Roadside attenae will read the AVI tags and
transmit account numbers and tolls to a computer, where motorists'
accounts will be debited...."
Phase 1 costs are estimated by the proposer at $32.5 million.
The proposer is described as a "permanent joint venture of Bechtel and
Kiewit," with members of their "team" including MFS Network
Technologies, Evergreen Policy Group, and Preston, Gates and Ellis.
In response to some preliminary questions about the evident privacy
implications of the proposal, DOT sources referred to what they
described as visual surveillance of vehicles and perhaps of plate
numbers to determine number of occupants; noted their expectation that
the "privacy question" would predictably come up, but stated that it
would be dealt with through upcoming negotiations with the proposer,
referring further privacy-related questions to UIW, Inc.
More to come.... Happy motoring; leave the driving to us, etc.
--
Peter Marshall
------------------------------
From: "David A. Honig" <honig@buckaroo.ics.uci.edu>
Date: 29 Aug 1994 16:45:34 -0700
Subject: Re: Online Stalking
Organization: UC Disneyland, in the Kingdom of Bren
"BETH GIVENS" <B_GIVENS@USDCSV.ACUSD.EDU> writes: Regarding "What
can one do with an e-mail address...Try to stalk me? Haha." We got
a call on the Privacy Rights Clearinghouse hotline last year from a
woman who was being stalked via e-mail at her job. The stalker
worked on the same campus and also made his presence known in the
building in which she worked. Because of the persistence of the
messages and the threats they contained, she left her job and moved
to another city. -- Beth Givens, PRC
How could the stalker send email and not incriminate herself? The
stalker would need to be root to go around the mailers and systems can
be set up to log who becomes root, unless the stalker is cleverer than
the rest of the sysops.
--
David A. Honig, informivore
Prof. D. Denning: fool, fascist or Faust? Only the NSA knows for sure..
"Necessity is the plea for every infringement of human freedom. It is
the argument of tyrants; it is the creed of slaves." -- William Pitt
------------------------------
From: wb8foz@netcom.com (David Lesher)
Date: 30 Aug 1994 01:58:26 GMT
Subject: Big Brother on the Autobaun
Organization: NRK Clinic for habitual NetNews Abusers - Beltway Annex
Clarinet reports in:
Germany - Toll-Road Technology Planned 08/29/94
Date: 29 Aug 94 18:57:06 GMT
That DeTeMobil, operator of the GSM phone system, is proposing
an automatic GPS-based toll-charging system. They would
"require all German motorists to install a GPS positioning
unit with GSM data facilities in their cars."
The privacy aspects are overwhelming.
I find this especially surprising in Germany. Since WWII, they have had
a very strong pro-privacy stance. In fact, a recent Post article on the
increasing use of private video surveillance in Great Britain pointed
out it would NEVER be accepted on the Continent.
--
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close...........(v)301 56 LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433
------------------------------
From: poivre@netcom.com (Poivre)
Date: 31 Aug 1994 04:52:44 GMT
Subject: Re: SSN Dial In Database
Organization: NETCOM On-line Communication Services (408 261-4700 guest)
Todd Leonard (todd@meaddata.com) wrote:
Glen Roberts (glr@ripco.com) wrote: Now, there is something
new. SSN-BASE, a public, free, interactive SSN database. It's
easy to check out. Just call from your modem (2400 baud):
(708) 838-3378.
I tried this service. First, I entered a number that "looked like"
a SSN, to which it replied something to the effect of "I've never
heard of that, but I'll add it to the database". Next I tried
000-00-0000, and then 123-45-6789, both of which were found,
leading me to suspect somebody before me had tried the same
experiment.
I tried this service too. It just has SSNs in it. I think it will be
far more useful if it contained names to go along with those numbers.
Look up via number and it'll give you the name. Look up the name and
it will give you the number. Enter new SSNs by requiring a name field
to be filled, etc etc etc.
--
. . . . . . . . . . . . . . . . . . . . . . . . . .
poivre@netcom.com : #include <disclaimer.h>
:
. . . . . . . . . . . . . . . . . . . . . . . . . .
------------------------------
From: skypatrl@crl.com (Albert Zhou)
Date: 30 Aug 1994 21:55:06 -0700
Subject: Re: Bank Account Numbers
Organization: CRL Dialup Internet Access (415) 705-6060 [login: guest]
wayne@arrow.HIP.berkeley.edu (Wayne Christian) writes: This is
incorrect EFT is controlled by a similar set of laws as credit
cards. You have 60 days to dispute a transfer. You simply contact
your bank and inform them that a EFT was not authorized. The bank
will investigate and can leave the charge on if there is enough
evidence that the charge was correct.
If the bank decides not to give you money back, then you have to try to
collect it, possibly taking them to court. If it's a small amount, you
probably don't want to spend a lot of legal fees to pursue it. So you
lose money.
If you it's a charge on the credit card, you can simply refuse to pay.
To get money from you, the credit card company has to initiate legal
actions against you. If it's small amount, or if they don't think they
can won, they'll just forget about it. So you DON'T lose money.
See the difference?
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 31 Aug 1994 18:40:20 -0500 (CDT)
Subject: Posted in Error
Organization: University of Wisconsin-Milwaukee
A very long posting appeared three times in this newsgroup, twice as
an error on the part of the poster and once correctly posted. The
author had included an "Approved:" line in his posting as an oversight
and has indicated it will not happen again.
I hope that I have the grace to act as well as he did the next time I
blow it.
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 31 Aug 1994 18:54:53 -0500 (CDT)
Subject: Monthly Posting
Organization: University of Wisconsin-Milwaukee
The paragraphs below are the boilerplate text normally printed at the
bottom of the eMailed copy of the Computer Privacy Digest. As a result
they would never be seen by the readers of the comp.society.privacy
newsgroup were it not for this posting. People who read this as a
newsgroup should simply post contributions. As a moderated newsgroup,
attempts to post to the group are normally turned into eMail to the
submission address below. People who read the digest eMailed to them
generally need only use the Reply feature of their mailer to
contribute. All contributions are acknowledged within 24 hours of
submission. An article is printed if it is relevant to the charter of
the digest. If selected, it is printed within two or three days. The
moderator reserves the right to delete extraneous quoted material. He
may change the subject line of an article in order to make it easier
for the reader to follow a discussion. He will not, however, alter or
edit or append to the text except for purely technical reasons.
Boilerplate text follows:
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
Back issues are available via anonymous ftp on ftp.cs.uwm.edu
[129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The
archives are in the directory "pub/comp-privacy".
People with gopher capability can access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
Back issues are available via anonymous ftp on ftp.cs.uwm.edu
[129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The
archives are in the directory "pub/comp-privacy".
People with gopher capability can access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Archives are also held at ftp.pica.army.mil [129.139.160.133].
End of Computer Privacy Digest V5 #029
******************************
.