Date: Thu, 08 Sep 94 21:10:43 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V5#032
Computer Privacy Digest Thu, 08 Sep 94 Volume 5 : Issue: 032
Today's Topics: Moderator: Leonard P. Levine
Access Surveillance
Teaching Privacy at the University
NETCOM/FBI Spying - Business as Usual
Some Privacy Notes
Database Marketing
Anti-Clipper T-shirts
Re: Ethicomp95 2nd Call
Re: West Publishing - Permanent Injunction Regarding Legal Text
Re: Internet White Pages
Re: DSS, Now Official
---------------------------------------------------------------------
Housekeeping information is located at the end of this Digest.
----------------------------------------------------------------------
From: <HENDER@fis.utoronto.ca>
Date: 06 Sep 1994 07:27:58 -0400
Subject: Access Surveillance
Organization: Faculty of Information Studies
I hope some members of the list will be able to give us assistance on
this question.
We would like to find examples of institutional policies relating to
privacy/confidentiality issues with respect to electronic (transaction)
records created by the use of building access cards which contain
personal ID on their magnetic strip. This seems to be a topic which has
not received much attention in the literature. We are also interested
in examples of institutional policies dealing with privacy issues
related to other aspects of electronic surveillance especially dealing
with transaction records.
If your institution has such policies, we would appreciate receiving a
copy or information on how we could get a copy.
PLEASE REPLY TO ME NOT THE LIST (I am not a current subscriber).
Thanks,
Diane Henderson
Diane Henderson
Faculty of Information Studies
University of Toronto
140 St. George St.
Toronto, Ont. Canada M5S lAl
Phone (416) 978-7071
Fax (416) 978-5762
hender@fis.utoronto.ca
------------------------------
From: KAY A SCHAFER <k.schafe@msuacad.morehead-st.edu>
Date: 06 Sep 94 20:01:13 EDT
Subject: Teaching Privacy at the University
This digest has convinced me that it is very important for citizens of
all nations to become more informed on privacy issues. As a college
instructor I am interested in introducing a new course with a title
such as "Information Gathering and Privacy in the Computer Age". Do
any of the readers of this Digest know of a college which currently has
such a course? In what field of study is it taught? If you are a
college professor and/or specialize in the privacy area do you have
ideas of possible texts for such a course?
I am teaching at a university in the United States in the political
science and legal studies areas. I would like to discuss specific
areas of privacy rights (credit records, medical records, government
documents, etc.) as well as looking at privacy as a value competing
with other values in our society. I would also like to discuss how
computerization makes collection of greater quantities of information,
sharing of information with other agencies and remote access to
information without permission (or knowledge) possible. (Like any
tool, computers can be put to good, bad or neutral uses, and how we
classify a particular instance of information gathering depends on the
circumstances.)
------------------------------
From: glr@ripco.com (Glen Roberts)
Date: 07 Sep 1994 02:52:46 GMT
Subject: NETCOM/FBI Spying - Business as Usual
Organization: Ripco Internet BBS, Chicago (312) 665-0065
Sneak preview from Full Disclosure #32:
Some of you may be aware of the FBI subpeona for email transactions of
lewiz@netcom.com.
I called Netcom Communications to ask them about it. They had me talk
to Kathy Thompson with a PR firm representing Netcom Communications.
She wouldn't discuss the particulars of lewiz@netcom.com, and said they
were "not open to talking about it."
However, in general she said that it was "business as usual," and that
they have an ongoing program to "track and pursue any people breaking
the law using internet." The implication was this was an ongoing
program between netcom and the FBI. Additionally, she indicated that it
was very "common place" and likened it to monitoring telephone networks
for illegal activity (court ordered wiretaps are of course extremely
rare).
She took back an offer for the President of Netcom to appear on Full
Disclosure Live.
I have no reason to believe that lewiz@netcom.com is, or has violated
any laws. I believe that the FBI has a pie-in-the-sky idea that by
reading his email they can track down Kevin Mitnick. (My conclusion
from his postings on the net).
--
Glen L. Roberts, Editor, Full Disclosure Magazine
Host Full Disclosure Live (WWCR 5,810 khz - Sundays 7pm central)
email glr@rci.ripco.com for information on The Best of Full Disclosure,
four volumes to blow your mind. Voice/Fax on demand: (708) 356-9646
email for uuencoded .TIF of T-Shirt Honoring the FBI
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 07 Sep 1994 14:18:59 -0500 (CDT)
Subject: Some Privacy Notes
Organization: University of Wisconsin-Milwaukee
from RISKS-LIST: RISKS-FORUM Digest Tuesday 6 September 1994 Volume
16 : Issue 39 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED
SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann,
moderator
Date: 05 Sep 1994 18:37:31 -0700
From: Phil Agre <pagre@weber.ucsd.edu>
Subject: Some privacy notes
The September issue of *Smithsonian* magazine includes a long article
on "ubiquitous computing" research at Xerox, with some attention to the
moral issues relating to tracking and monitoring.
The 5 Sep 1994 issue of *Business Week* has a cover story on database
marketing. Like most *Business Week* cover stories it's a superficial
rehash of items you might have seen elsewhere. But it might be useful
as a summary.
Finally, here is a wonderful quotation from a much longer article by
Edwin McDowell, ``The scrambling is on for off-season tourism'' (*The
New York Times*, 5 Sep 1994, business section, pp. 17-18) on off-season
tourism marketing:
"Another reason for the growing success of off-season strategies is
that "states have become a lot more sophisticated with their data
bases", said James V. Cammisa Jr., a travel industry consultant in
Miami. "They know where the peaks and valleys in their tourism
operations are, and they know how to market the off-season
effectively.
"Kentucky's data base showed that only 350,000 of the 2.5 million
Canadians who drove through the state last year stayed overnight.
"Our research showed that 83 percent of them come from January to
June, headed for Florida, South Carolina and the beaches of Alabama
and Mississippi", said Robert Stewart, the Commissioner of Travel
Development for Kentucky. To entice more of them, Kentucky officials
will soon hold a press conference in Toronto and Canadians will be
offered a card giving them discounts at hotels, restaurants and
attractions along three of Kentucky's interstate highways.
"Also for the first time, Kentucky is using direct mail to bolster
anemic winter occupancy rates in its 15 resort parks that offer
overnight accommodations year-round." (page 18)
This kind of database marketing is worth thinking about in the context
of rapidly advancing proposals for thoroughgoing instrumentation of
cars and roads under the rubric of "intelligent vehicle-highway
systems", particularly given that most of the marketing organizations
mentioned in the article are in fact government agencies using
commercial methods for the benefit of private businesses.
Phil Agre, UCSD
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 07 Sep 1994 14:20:34 -0500 (CDT)
Subject: Database Marketing
Organization: University of Wisconsin-Milwaukee
from RISKS-LIST: RISKS-FORUM Digest Tuesday 6 September 1994 Volume
16 : Issue 39 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED
SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann,
moderator
Date: 06 Sep 1994 13:44:22 +0800
From: stalzer@macaw.hrl.hac.com
Subject: Database Marketing
The cover story of the current issue of Business Week (5 Sep 1994), a
conservative business magazine (sorry, Phil), is on Database
Marketing. The goal of Database Marketing is to build detailed
customer profiles so that a company can target advertisements to
specific customers for products and services. This approach is highly
successful: response rates are double digit as opposed to 2%--3% for
junk mail.
The data collection process starts with a customer's past purchases.
Other sources include surveys, rebate requests, and warranty cards.
American Express scans a customer's individual transactions to find
patterns and to suggest local places that take the card. Many
hospitals sell the names and addresses of families with newborns. The
data is then combined with public records, such as drivers' licenses,
auto registrations, and property tax rolls. Ohio sold its drivers'
license and car registration lists for $375,000 to TRW. What results
is a detailed profile of each customer.
The computing technology used to mine a database for prospects includes
parallel processing and neural networks. Neural nets are trained to
look for people likely to buy a product or service given the parameters
in the database, e.g.,
what combination of income level, investment activity, and
credit-card spending is most likely to be seen among people who are
in the market for mortgages?
The net is applied against each profile in a process called "drilling
down." This is a compute intensive operation and companies are starting
to resort to parallel processing or workstation clusters. Indeed, it's
estimated that a large portion of the projected growth in commercial
parallel processing, from $400M today to $5B in 98, will be for
database marketing applications.
When asked about the privacy issues, one marketer responded that the
loss of privacy is offset by the convenience to the customer of highly
selective advertising. I'll forgo the commentary and simply refer the
interested reader to the original source for more details and
anecdotes.
Mark Stalzer, mas@acm.org
------------------------------
From: normh@crl.com (Norman J Harman)
Date: 08 Sep 1994 10:56:40 -0700
Subject: Anti-Clipper T-shirts
Organization: CRL Dialup Internet Access (415) 705-6060 [login: guest]
Information and opposition to the Clipper proposal is strong on the
Internet. But it is far too unknown to the 'outside' community.
Everyone concerned by this issue should inform all the people they know
of its implications. One way to increase awareness and show your
opinion is to wear it:).
I would like to offer an anti Clipper/Skipjack T-shirt. They would be
white with black printing and cost approximately $5.00 plus $2.90
shipping to US locations. That is the cost to produce one shirt. I am
trying to spread awareness not make money.
I need to know if people are interested in this idea and what should
the shirts say?
Two quick ideas are:
"Skip Skipjack"
or
"Just Say No to Clipper"
Please send comments, suggestions, and questions to normh@crl.com. If
more than a few people are interested I will go ahead and have the
shirts made and post how to get one.
A worthy cause is better if it benefits another good cause so the
shirts will be silk-screened by Zerolith, part of a non-profit
organization that employs, shelters, and assists homeless youth. If
you would like to talk with Zerolith or donate money directly here is
how to contact them.
Zerolith
3075 21st Street
San Francisco, CA 94110-2626
415.641.1014 voice
415.641.1474 fax
--
Norman J. Harman Jr. o o Smiley Systems
normh@crl.com \__/ San Francisco, CA
------------------------------
From: Simon Rogerson <srog@de-montfort.ac.uk>
Date: 08 Sep 1994 15:12:39 +0100 (BST)
Subject: Re: Ethicomp95 2nd Call
----------
ETHICOMP95
----------
An international conference on the ethical issues of using Information
Technology
Organised by
De Montfort University, UK and
Southern Connecticut State University, USA
To be held at
De Montfort University, Leicester, UK - 28-30
March 1995
Co-directors
Simon Rogerson, Department of Information
Systems,
De Montfort University
Terrell Ward Bynum, Director Research Center on
Computing and Society, Southern Connecticut State
University
SECOND CALL FOR PAPERS
CONFERENCE THEME
----------------
The programme of events for ETHICOMP95 provides an excellent forum for
stimulating debate on fundamental issues relating to the development
and use of Information Technology and Information Systems. There will
be an opportunity to consider approaches based on the different
cultures / countries of both conference presenters and conference
delegates. The three-day conference consists of three parallel themes.
Each theme will comprise a series of papers and workshops.
There will be three broad themes within the conference programme
ETHICAL DEVELOPMENT
This is concerned with the use of development methodologies and the
consideration of ethical dilemmas, user education and professionalism.
ETHICAL TECHNOLOGY
This is concerned with the advances in technologies and the likely
ethical issues they raise as they are applied to business and societal
problems.
ETHICAL APPLICATION
This is concerned with developing ethical strategies which allow
technology to be exploited in an ethically acceptable way.
SUBMISSIONS
-----------
INTENTION TO SUBMIT
There are two types of submissions invited; PAPERS and WORKSHOP ITEMS.
An indication of an intention to submit is invited in advance of the
submissions. This should provide a very brief description (for
example, the working title) of the submission, which theme and whether
it is a Paper or Workshop Item together with name, contact address,
telephone, fax and email.
PAPERS
Papers should be original and not submitted to, or accepted by, any
other conference or journal. Papers should be a maximum of 5000 words.
Three copies should be sent in camera-ready form.
WORKSHOP ITEMS
These can be either a review of state of the art or position papers on
current research or other activity. These submissions should be a
maximum of 2000 words. Workshop items will form the basis for exchange
of ideas in a participative environment. Three copies should be
submitted in camera-ready form.
REVIEW PROCESS AND PUBLICATION OF PRESENTED SUBMISSIONS
All submissions will be blind reviewed by a referee committee.
Submissions accepted for conference presentation will be published in
the Conference Proceedings and provided to attending conference
delegates.
IMPORTANT DATES
Notification of intention to submit
30 SEPTEMBER 1994
Deadline for PAPER submissions
15 NOVEMBER 1994
Notification of PAPER acceptance
15 JANUARY 1995
Deadline for WORKSHOP ITEM submissions
1 DECEMBER 1994
Notification of WORKSHOP ITEM acceptance
20 JANUARY 1995
ALL SUBMISSIONS SHOULD BE DIRECTED TO:
Simon Rogerson
Co-Director ETHICOMP95
Department of Information Systems
De Montfort University
The Gateway
Leicester
LE1 9BH
UK
Tel: +44 533 577475
Fax: +44 533 541891
Email: srog@dmu.ac.uk
PLEASE SHARE THIS CALL FOR PAPERS WITH OTHER COLLEAGUES AND RELATED
NETWORKS.
FURTHER INFORMATION regarding registration procedures and costs will be
available shortly. To receive this information please email Simon
Rogerson requesting to be put on the mailing list.
------------------------------
From: rfrank@kaiwan.com (Wandervogel)
Date: 06 Sep 1994 21:39:20 -0700
Subject: Re: West Publishing - Permanent Injunction Regarding Legal Text
Organization: The Mushroom Factory
"Prof. L. P. Levine" <levine@blatz.cs.uwm.edu> wrote: From: Gregory
Miller JD <gam@inherent.com> Friday morning, Minnesota Public
Radio reported that West Publishing Co. of Eagan, Minn. has
obtained a permanent injunction against On Point Solutions, Inc., a
CD-ROM producer. According to the sound bite by a West attorney,
OPS had produced CD-ROM's from what West claimed were copyrighted
materials.
If the news report is accurate, those of you attempting to sway
Atty Genl Reno and others in this battle over who owns public
domain material (Yes, I wrote that as I intended :-) have another
point to raise.
I assume that everyone's familiar with *West vs. Mead* (US 1986)
(pagination copyrightable).
About a year ago, I heard that West was claiming copyright for those
reporters for which they've been designated as the official reporter,
and that the government would have to buy them back if it wanted to
change providers. I vaguely recall that a federal reporter or database
was in issue.
I've been out of the business for several years (I just ordered West's
new computer law casebook in the hope of catching up), but I'd be
interested in a summary of what's happening, if anyone would care to
post or mail one.
Ron.
------------------------------
From: parris@sbt.tec.sc.us
Date: 07 Sep 1994 15:44:20 +0000 (GMT)
Subject: Re: Internet White Pages
Organization: SC Board for Tech $ Comp Ed
hedlund@teleport.com (M. Hedlund) Regarding getting into or out of
the Internet White Pages, how (without risking including myself)
might I discover whether or not I am already listed?
Would a message to "delete" produce a reply telling me I was not
there?
------------------------------
From: bentley@access3.digex.net (Mark Bentley)
Date: 08 Sep 1994 12:55:42 GMT
Subject: Re: DSS, Now Official
Organization: Express Access Online Communications, Greenbelt, MD USA
Shawn Leard (71370.2551@compuserve.com) wrote:
DSS Dangers
- Via NIST announcement as of 20 May 1994 the DSS has become official.
- All federal agencies will now have to use DSS or receive a wavier.
- At this point there is no "off the self" software any federal agency
can purchase that uses the DSS.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
I don't think this is correct. AT&T sells an el-gamal based DSS
package called "Secret Agent." It's been around for some time (they
bought the rights from a small Chicago-based company last year).
Regards,
Mark
------------------------------
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
Back issues are available via anonymous ftp on ftp.cs.uwm.edu
[129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The
archives are in the directory "pub/comp-privacy".
People with gopher capability can access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Archives are also held at ftp.pica.army.mil [129.139.160.133].
End of Computer Privacy Digest V5 #032
******************************
.