Date: Mon, 03 Oct 94 15:48:53 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V5#043
Computer Privacy Digest Mon, 03 Oct 94 Volume 5 : Issue: 043
Today's Topics: Moderator: Leonard P. Levine
Re: Eastwood Door Problem
Re: Eastwood Door Problem
Re: Eastwood Door Problem
Re: Eastwood Door Problem
Re: Eastwood Door Problem
Re: Eastwood Door Problem
Re: Eastwood Door Problem
Re: Eastwood Door Problem
Re: Post Office Boxes
Background Check For Job
Shareware Campaign Tool
Re: How to Verify Your Phone Number
CARDIS '94: Smart Card Research Conference
Genetic Testing Information
2020 World - Erroneous Assumptions
Info on CPD, Contributions, Subscriptions, FTP, etc.
----------------------------------------------------------------------
From: Dave Moore <72074.1740@compuserve.com>
Date: 30 Sep 1994 16:55:21 -0400 (EDT)
Subject: Re: Eastwood Door Problem
Having worked for many, many, years in facilities that do just what you
proposed; I had to comment.
Your assignment as stated was somewhat contradictory. You said:
A condominium, let's call it Eastwood, is planning to electrify the
outside locking of its door system. What will be installed is
electrical latches controlled by computers
The data points are collected only to help detect the perpetrators
of theft and vandalism and to secure the structure. They are not
collected to identify the comings and goings of the residents,
The first section said "Outside Doors". The second section said
"Comings and Goings". This is the contradiction.
Because of fire codes, you can't require people to key out. (This
ignores high security DOD installations). Therefore, you can only
collect "entry" data. At best, you can also tell when a door was
opened for exit, but you can't tell by whom.
The other factor that is ignored is "piggy backing" or "tail gating".
Unless you install a special gate, you have to expect that when two or
more people arrive at a door, only one person's key will be used and
recorded. All others immediately present will simply enter through the
now open door. One facility I worked at used a rotating gate that only
allowed one person at a time inside to avoid tailgating. The recording
software also generated a security alert if the same key were used for
entrance within a short (less than 1 minute) period of time. You could
make security go nuts by immediately leaving and coming in again.
Piggy backs can also occurr during exits, in which case no entry key at
all will be recorded. Again, this can be avoided with rotating exit
only doors.
--
David Moore
------------------------------
From: elvey-matthew@CS.YALE.EDU (Matthew Elvey)
Date: 30 Sep 1994 20:13:30 -0400
Subject: Re: Eastwood Door Problem
I haven't seen the assignment.
It would seem to me that student #5's technical analysys was important
and well done. The others did not include it, or in one case, did, but
failed to note that the cost was negligible.
No student considered the practical aspects of system security.
"The only people that should have a right to request this information
is(are) the tenants and the police department."
Like most, this student has not discussed important details. the data
_will_ only be available to tenants and police and the data _should_
only be available to tenants and police are very different statements.
Could a Private Investigator bully his way into getting access? Or
crack into the system? Possible, even probable.
(also, people have the right to ask for just about anything, but their
requests shuldn't all be granted!)
------------------------------
From: Christopher Zguris <0004854540@mcimail.com>
Date: 30 Sep 94 21:27 EST
Subject: Re: Eastwood Door Problem
Why does information need to be stored at all? Enter the valid key
codes (and whatever restrictions they may have) into the computer and
leave it at that. The security system is merely access control, when or
if a key is used is not important. If I have a valid key I should get
in, it's nobody's business -- and no records need be kept -- of when I
come and go. This is not Spy-Vs-Spy where the transaction record saves
the day, nothing secret is going on that requires record-keeping of ths
kind. The only justification I can see is for future use by someone or
some agency that wants to find out about me, and I _certainly_ don't
see that as a valid reason. Keep the system simple like the manual key
it is supposed to replace and leave it at that. Why is it _everything_
digital _must_ keep logs?
I suspect that if tenents were told that their _every_ entry and exit
would be tracked down to the second, down to the particular door they
used, and that information were to be kept around for a couple years
readily available indexed to their digital key they would not be
pleased with this new "safe" system.
--
Christopher Zguris
czguris@mcimail.com
(just another happy MCI customer)
------------------------------
From: bernie@fantasyfarm.com (Bernie Cosell)
Date: 01 Oct 1994 03:39:22 GMT
Subject: Re: Eastwood Door Problem
Organization: Fantasy Farm, Pearisburg, VA
"Prof. L. P. Levine" writes: A condominium, let's call it Eastwood,
is planning to electrify the outside locking of its door system.
What will be installed is electrical latches controlled by
computers which have loaded into their memories a list of some 600
numbers assigned to the 250 owners of units in the complex. ...
I (a college professor) gave this problem to my class in Computer
Ethics. What follows are some of the responses by students in my
class. I am presenting them here in order to open discussion in
this privacy forum. I think the topic should be of interest.
I'd have to say that NONE of the examples you posted addressed the
issues, particularly. [I'm sure your students wouldn't be happy taking
a course from _me_ :-)]. Just looking quickly at the problem, I see
three immediate issues that I think weren't really addressed: 1) why
*should* the information be ephemeral? 2) Is the information really
'private' anyway?, and 3) what about what is done in similar
non-computer-mediated situations?
On 1: each student did some kind of cost analysis and made a decision
[but on what basis?] that some particular length of retention would be
cost effective. In particular, they seemed to _start_ with the
presumption that the data ought not to be 'permanent', and worked on
the question of 'how long'. I'm more curious about why they shouldn't
have started by considering whether it would be improper to keep the
information forever. Technical arguments won't wash -- I see that just
as a dodge to avoid confronting the ethical question. And the ethical
question is VERY hard, I'd say. If even the most adamant privacy
fanatic would agree that the data has to be kept for a _little_ while
for security reasons, then picking any particular expiration time feels
_very_ arbitrary to me. Why six months instead of six years? What
difference does it make [from an _ethics_ point of view]?
On 2: This is another [generally unpopular] aspect of "privacy"
that I come back to often in our discussions on these matters: what
"privacy" should we expect in public activities? Why should there
be a presumption of privacy in going from the street into a private
building? What if someone was just sitting on a bench in front
making note of the people who came and went, and when they came and
went. Would such a record [of a clearly public activity] be
unethical? Would it violate ones privacy for a third party to dare
to _notice_ that you were out on the [public] street? Note that
I'm careful here NOT to talk about what happens _inside_ the
complex; that is private property and *is* private. But until the
doors close behind you, you were "in public", and it isn't clear to
me just how much privacy you ought to _expect_; and more
importantly how much privacy you ought to be able to *demand*
[should it be illegal for me to have noticed that you went into the
building a 2AM last Thursday? Should I have to undergo some
strange medical procedure if I can't manage to "forget" that fact
in some period of time.
It appeared that the students, by and large, _assumed_ that such
information *was* 'private', but I don't think it is as easy as that
and, indeed, some discussion of that very basic underlying assumption
would be called for. As the folks here have long-since gotten tired of
hearing, I generally believe that ones actions in public are, well,
_public_ and so the a priori expectation is that if you do something in
public it *will* be noticed, it *will* be recorded.
Which leads to (3): there seem to be plenty of analogues about which
one could think [if not do some research]. In many ways, I find it
either amusing or depressing [depending on my mood] that computer folk
so often believe that they are blazing trails, when it seems that
that's rarely the case. On this matter, for example, fancy apartment
buildings and apartment-hotels have had doormen, locked doors,
registers to sign in [and more modernly, closed-circuit cameras
watching the lobby]. As far as I know, no one has ever promised that
any of THAT information is less than "forever".
--
Bernie Cosell bernie@fantasyfarm.com
Fantasy Farm Fibers, Pearisburg, VA (703) 921-2358
--->>> Too many people; too few sheep <<<---
------------------------------
From: psw@maestro.mitre.org (Phil Wherry)
Date: 30 Sep 94 20:45:34 EDT
Subject: Re: Eastwood Door Problem
Thanks for sharing your students' insights into the apartment building
lock system. I'm curious: did any of your students address the issue
that records, once kept, may not be released under the same privacy
protections under which they were collected? (In other words, how does
one guard against the situation in which the policy changes after data
is collected?)
--
Phil Wherry
------------------------------
From: pstemari@cbis.COM (Paul J. Ste. Marie)
Date: 03 Oct 1994 15:17:28 GMT
Subject: Re: Eastwood Door Problem
Organization: Wireline Bill Create - CP&M, CBIS
"Prof. L. P. Levine" <levine@blatz.cs.uwm.edu> writes: A good
question might be asked. "How long should the data be kept, who
should be allowed to see it before it is deleted, and under what
conditions should the data be made available?"
I (a college professor) gave this problem to my class in Computer
Ethics. What follows are some of the responses by students in my
class. I am presenting them here in order to open discussion in
this privacy forum. I think the topic should be of interest.
It is very interesting to note that none of the responses questioned
the utility of maintaining this information. With presumeably 600
people coming and going daily from 250 units, it's highly doubtful that
any useful information could be derived in the event of a breakin.
--
Paul J. Ste. Marie This space psmarie@cbis.com
------------------------------
From: "anonymous" <levine@blatz.cs.uwm.edu>
Date: 02 Oct 1994 10:36:52 -0500 (CDT)
Subject: Re: Eastwood Door Problem
Organization: University of Wisconsin-Milwaukee
An interesting problem (because my condo complex has such a key system
-- and I am unsure how long they keep the records).
One thing has been overlooked by all your students -- people who enter
the building without using their key, for ex by entering the building
in back of a card-carrying person. How do you account for that person
being in the building? Can you, even?
Interesting debate.
------------------------------
From: "anonymous" <levine@blatz.cs.uwm.edu>
Date: 02 Oct 1994 10:37:13 -0500 (CDT)
Subject: Re: Eastwood Door Problem
Leonard, a very fine discussion on Computer Privacy Digest regarding
the "Eastwood" condominium project. Let me discuss a few thoughts:
1.) The Board of Directors or Homeowner's Association must first adopt
a written plan concerning the installation of the door opening device.
This must include full disclosure of what records will be kept, for
what purpose and who will be able to obtain those records and under
what circumstances. Obviously, obiedence to a Court Order would be one
example.
2.) The official policy of the Board or Association must be duly
ratified by the members.
Once thse tow items are in place, then the collection of the record
keeping is more or less a ministerial act.
I recommend that since access to a from a location is involved, the
minimum retention period be no less than the local statue of
limitations for personal property crimes (misdeameanors) for tresspass,
theft, etc.
In many jurisdictions this is a minimum of one year, to which I would
add at least three months for administrative purposes.
In the event of a major crime such as burglary, rape, robbery. It may
very well be that to destroy the log would be a criminal act in
itself. The log under these circumstances would be considered evidence
in any felony proceeding. They must be preserved until the status of
limitation for the particular crime as passed.
In the case of murder where there is no statue, the log can be turned
over to the Court for safekeeping, such as registering a will. It would
be then kept in the safe of the Superior Court until such time as the
Court decided what to do with it.
Logs of this nature can be easily compressed with any of the commercial
and public domain compressors such as LHA, ARJ or ZIP. I would estimate
that over 80% file size reduction would be achieved. If all of these
logs were then collected over a period of months, or years, for a
nominal sum, they could be transferred to CD-ROM for archive purposes.
If the CD ROM could hold about 750 Megs of *compressed* data, it would
probabily hold every record of every entry for 20+ years!
If security and privacy are a concern regarding the compressed data,
ZIP for example does have a failrly good "encryption" or garbble with
password option.
------------------------------
From: Mike Crawford <crawford@scipp.ucsc.edu>
Date: 02 Oct 1994 13:55:45 -0700
Subject: Re: Post Office Boxes
In California, businesses are required to provide a street address. I
am not sure who collects this information - whether it is the resale
license, the business license, or the franchise tax board, but the
purpose is to discourage fraudulent businesses which have a PO box and
no other way to track down or arrest them.
I believe the state will provide this information to anyone. There is
an exception for people who run businesses out of their homes.
hmmm... I think maybe the actual law says that the street address has
to be on any literature the business distributes. I'm hazy about this,
but check it out.
--
MIke Crawford
crawford@scipp.ucsc.edu
------------------------------
From: lindline@rice.edu (Ann Lindline)
Date: 02 Oct 1994 21:16:22 GMT
Subject: Background Check For Job
Organization: Rice University, Houston, Texas
A friend just told me that one of her roommates works for a major
defense contractor (one we've all heard of, but I shall not name). As
a condition of employment, the contractor required that not only the
employee but also all the roommates go through background checks. My
friend had to fill out forms supplying info about place of birth,
address, education, *social security number*, and other info. I plan
to get more details about the kind of info requested/required.
My friend thought it was weird, but didn't seem very indignant. I
think all the roommates actually find it a bit exciting that this guy
has a job he's not allowed to discuss with them. My friend had never
heard of the company before, and probably wouldn't have cared about the
guy's job, but of course the mystery makes them all curious.
In fact, one of the roommates received a follow-up call/letter from the
company that he must come to the company for an interview before the
employee can be approved. All the roommates wonder if this person's
Chinese ethnicity (but American citizenship, I think) is the reason for
the interview.
Is this legal? If you want to work for certain government agencies, I
know you have to submit to, and subject your family and friends to, a
lot of poking and prying into backgrounds. Is working for a defense
contractor basically the same as working for the government? What
rights to refuse would these roommates have?
Any feedback is much appreciated.
--
Ann Lindline
Rice University
------------------------------
From: profile@netcom.com (Profile Software)
Date: 03 Oct 1994 02:37:22 GMT
Subject: Shareware Campaign Tool
Organization: NETCOM On-line Communication Services (408 261-4700 guest)
PROFILE SOFTWARE
703 Market Street Suite 1308
San Francisco, CA 94103
Walk a Precinct Electronically
Political Software for the Masses
For Immediate Release
Saturday, September 24, 1994
Contact: Charlie Gallie
Profile Software
(415)512-9660
(415)512-9661 FAX
profile@netcom.com
San Francisco--Profile Software announces the release of Precinct
Walker version 2.3 a DOS Shareware database program for campaign
volunteers to walk a precinct by telephone.
Precinct Walker takes advantage of the millions of home computers
available to help organize a candidates supporters, get absentee
ballot applications out, raise funds, recruit other volunteers,
collect information and get out the vote. This is a Shareware product
and the requested single user registration fee is $25.00, but users
can download the entire program for free and determine whether this
tool will be useful to them. Precinct Walker can be used for
organizing voters for any candidate or cause. Huge volume discounts
are available for any campaign or cause wishing to purchase multiple
licenses. The intent is that this program will be used by campaigns
across the country, whether they pay for it or not, to organize the
grassroots that seems more apathetic and cynical than usual.
Democrats have historically developed precinct organizations to get out
their voters. This program attempts to use all of the new technology
to automate the fund raising, voter identification, distribution of
applications for absentee ballots, and get out the vote efforts.
The next release of Precinct Walker, free to all registered users, and
available in early October, will have a new get out the vote (GOTV)
module. This fax-in function will allow a volunteer to produce a list
of the voters in their precinct and to go to the polls and determine
who has voted. This list can then be faxed in to the headquarters
where it will be automatically read into a computer and
automatically translated from fax to data and the files can be brought
up to the minute. With this automatic update of the computer files
volunteers can be assigned to call voters who have not voted by the
time the voter said they usually vote.
This program can be downloaded off of the Electronic Information
Highway using the Internet. Users are encouraged to copy this program
and give it to their friends for evaluation. They are encouraged to
copy it to their favorite Bulletin Board Systems or Electronic Mail
Systems. Our hope is that it will be tried by as many people as
possible. This program is not only a first attempt to electioneer in
cyberspace, but to distribute the software the same way.
As David Wilhelm, chairman of the Democratic National Committee, and
the Democratic National Committee(DNC) said in their recent press
release:
In addition to the $2 million contribution to the DCCC, the DNC will
contribute $8 million to State Democratic Coordinated Campaigns.
Democratic Coordinated Campaigns across the country help Democratic
candidates best use their campaign resources through joint efforts to
update voter files, oversee voter registration and absentee voter
drives, purchase generic and GOTV advertising, and most importantly,
run professional election day operations. "With historically low
turnout in midterm elections, it is crucial to energize Democratic base
voters," said Wilhelm. "That's where coordinated campaigns come into
play. By working together in a coordinated grassroots effort,
Democrats can best identify and contact our voters now with the goal of
turning out as many of our supporters as possible on election day."
All of which Precinct Walker can easily do. This software was
originally designed so homeless people could be put to work raising
funds for a Democratic Presidential candidate. For volunteers or
campaigns unable to access the Network, Precinct Walker is available
by calling, faxing, or writing Profile Software.
Additional software programs are available from Profile Software
including a program called Philly, a fund raising event manager.
Additional information is available from Profile Software, 703 Market
Street, Suite 1308, San Francisco, CA 94103 (415)512-9660 Tel
(415)512-9661 FAX profile@netcom.com Email. This program can be
downloaded by FTP at ftp.netcom.com. The program is in the directory
ftp/pub/profile. It will also be available on CompuServe, AOL, and the
Well as soon as possible.
-30-
Please feel free, in fact encouraged, to distribute this announcement
in all appropriate places.
------------------------------
From: johnny@.interramp.com
Date: 03 Oct 94 09:38:42 PDT
Subject: Re: How to Verify Your Phone Number
Organization: PSI Public Usenet Link
I said earlier: If you dial 1-800-MY-ANI-IS (1-800-692-6647), you
should be able to ascertain/verify the number you are calling
from. This technique is particularly useful when calling from a
pay phone (that accepts incoming calls but is missing a listed
number) or when calling from an unlisted phone that you want to
crack.
[MODERATOR: This does not work from my phone in 414 land.]
To the moderator and the forum member:
Sorry, there was a typo. 1-800-MY-ANI-IS converts to:
1-800-692-6447
not 1-800-692-6647, as originally posted.
My gracious thanks to Ed Frankenberry for making this observation.
If the corrected number still does not work, please let me know. I
have found this number to work from many phones around the country.
However, I do not know whether it works from all phones or geographic
areas. I also don't know who the sponsor of this service is or how
long it will be available.
I certainly encourage everyone to try it from their locations and send
feedback to me on your success/failure.
Thanks,
--
John Featherman Privacy Newsletter PO Box 8206 Philadelphia PA
19101-8206
[moderator, a similar note was posted by wolit@lust.mh.att.com (Jan
Wolitzky) and glr@rci.ripco.com (Glen L. Roberts)]
------------------------------
From: jjq@dice.ucl.ac.be (Jean-Jacques Quisquater)
Date: 03 Oct 1994 14:34:38 GMT
Subject: CARDIS '94: Smart Card Research Conference
Organization: Laboratoire de Microelectronique - Universite Catholique de Louvain
---------------------------------------------------------
CARDIS
First Smart Card Research and Advanced Applications Conference
Lille - France
October 24-26, 1994
---------------------------------------------------------
PROGRAM COMMITTEE
Martin Abadi, Ross Anderson, Benjamin Arazi, Todd Arnold
Jacques Berleur, William Caelli, David Chaum, Vincent
Cordonnier, Mark Cummings, Amos Fiat, Andr'e Gamache, Marc
Girault, Louis Guillou, Joseph Hope, John Kennedy,
Philippe Maes, Roger Needham, Jean-Jacques Quisquater,
Laurent Sourgen, Doug Tygar, Michel Ugon, Klaus Vedder,
Robert Warnar
CONFERENCE PROGRAM --- CARDIS '94: ---
---------------------------------------------------------
Monday, October 24, 1994
10:00-13:30 Registration, welcome coffee and lunch
---------------------------------------------------------
13:30-13:45 Introduction to CARDIS '94
(V. Cordonnier, J.-J. Quisquater)
13:45-14:30 Session 1: Invited paper about smart cards and society
14:30-16:00 Session 2: Security
Making smartcard systems robust
Ross Anderson (UCL, Cambridge)
The RADAR concept using neural networks
T. Alexandre (RD2P-LIFL, Lille)
A security language for the card: The S-shell
J.-M. Place and P. Trane (RD2P, Lille)
---------------------------------------------------------
16:00-16:30 Coffee break
---------------------------------------------------------
16:30-18:00 Session 3: Panel
Future operating systems for smart cards?
---------------------------------------------------------
Tuesday, October 25, 1994
08:30-09:00 Welcome coffee
---------------------------------------------------------
09:00-09:45 Session 4: Survey
Architectures for smart cards
J.-J. Quisquater (UCL, Louvain-la-Neuve)
09:45-10:45 Session 5: Conditional access for multimedia services
OSCAR: Open and Secure Control of Access and Rights for
broadcast and switched networks
G. Mar'echal (Philips, Brussels)
Equicrypt, an equitable access to multimedia services
B. Macq, J.-Y. Mert`es and J.-J. Quisquater (UCL, Louvain-la-Neuve)
---------------------------------------------------------
10:45-11:15 Coffee break
---------------------------------------------------------
11:15-12:45 Session 6: Models of security
Probabilistic authentication analysis
J. Domingo-Ferrer (URV, Tarragona)
An authorization model for personal databases
C. Radu, M. Vandenwauver, R. Govaerts and J. Vandewalle (KUL, Leuven)
Towards testability in smart card operating system design
P. H. Hartel (U. of Amsterdam) and E. K. de Jong Frz (QC consultancy)
---------------------------------------------------------
12:45-14:15 Lunch
---------------------------------------------------------
14:15-15:00 Session 7: Invited paper about electronic cash
15:00-16:30 Session 8: Electronic cash
A fast off-line electronic currency protocol for smart cards
Lei Tang and J. D. Tygar (CMU, Pittsburgh)
Off-line cash tranfer by smart cards
S. Brands (CWI, Amsterdam)
SCALPS, Smart Card Applied to Low Payment System
J.-F. Dhem, J.-J. Quisquater and D. Veithen (UCL, Louvain-la-Neuve)
---------------------------------------------------------
16:30-17:00 Coffee break
---------------------------------------------------------
17:00-18:00 Session 9: Panel
Research, progress and normalization: Is it compatible?
---------------------------------------------------------
20:00-... Banquet
---------------------------------------------------------
---------------------------------------------------------
Wednesday, October 26, 1994
08:30-09:00 Welcome coffee
---------------------------------------------------------
09:00-10:30 Session 11: Servers for smart cards
A universal server for smart cards
P. Durant, J. Berube, G. Lavoie, A. Gamache, P. Arduoin,
M.-J. Papillon and J.-P. Fortin (UL, Quebec)
Wordwide smart card services
J.-J. Vandewalle (R2DP, Lille) and A. Gamache (UL, Quebec)
A smartcard fault-tolerant authentication server
L. Blain and Y. Deswarte (LAAS, Toulouse)
---------------------------------------------------------
10:30-11:00 Coffee break
---------------------------------------------------------
11:00-12:15 Session 12: Panel
From smart cards to nomadic objects
Moderator: Vincent Cordonnier
12:15-12:30 Final remarks and closing
---------------------------------------------------------
12:30-... Lunch
---------------------------------------------------------
The city of LILLE is about 150 miles away from PARIS. It can be reached:
- From Paris by either motorway (two hours) or train (one hour).
- From most european countries by train, motorway or plane.
The conference will take place at the University of
Sciences and Technology of Lille. Accomodation can be
provided either on the campus or in the center of the city.
The organization committee will provide maps and help for
hotel reservation and travels.
ACCOMODATION
We have a 50 bedrooms pre-reservation in the ASCOTEL * *
hotel located on the campus, a few meters away
from the conference building. The university has an
agreement with the hotel for special prices:
Single 215 FF
Double 250 FF
Triple 300 FF
Breakfeast (buffet) 38 FF
Meals 85 FF
CARDIS - ASCOTEL
Boulevard Paul Langevin
F-59650 VILLENEUVE D'ASCQ
FRANCE
TEL 33 20 43 82 82 FAX 33 20 05 39 93
---------------------------------------------------------
HOTEL RESERVATION FORM - CARDIS
(To be mailed directly to the hotel)
NAME ............................................
DATE OF ARRIVAL .................................
DATE OF DEPARTURE................................
ROOM RESERVATION SIMPLE DOUBLE TRIPLE
PAYMENT BY CASH CHECK CREDIT CARD
(The VISA credit card is the only one accepted
by the hotel)
Reservation: You must pay the first night to
confirm your reservation
---------------------------------------------------------
CONFERENCE REGISTRATION
The registration form must be returned to:
Vincent Cordonnier - CARDIS
RD2P - Hopital Calmette
CHRU de Lille
F-59037 LILLE CEDEX
FRANCE
Email : cardis@rd2p.lifl.fr
REGISTRATION FEES
Participants : 1000 FF or 220 US$ including:
Participation to the sessions
Proceedings
Tuesday night banquet
Coffee breaks.
Students or young researchers: 500 FF or 110 US$
Same services excepted the banquet.
Payment can only be done by cash or check (The conference
is not allowed to accept credit cards, even smart cards!)
REGISTRATION FORM - CARDIS
(To be mailed directly to V. Cordonnier)
SURNAME
..........................................................
FIRST NAME
..........................................................
COMPANY ..................................................
ADDRESS
..........................................................
..........................................................
POSTAL
CODE..........................CITY........................
COUNTRY ..................................................
TEL
..................................FAX.....................
EMAIL ....................................................
Registration fee must be joined to this form
------------------------------
From: gmd@unislc.slc.unisys.com (Merrill Dodge)
Date: 03 Oct 1994 19:22:12 GMT
Subject: Genetic Testing Information
Organization: Unisys Corporation SLC
Yesterdays news contained considerable raving about some new genetic
discovery of a gene that predisposes to breast and ovarian cancers.
This gene can be used as a marker to see which women might be
susceptible to these diseases in the future. No mention of any possible
treatement as yet.
The privacy issue I see is that insurance providers could use genetic
testing, like this example, to deny people benefits. They would cite
the marker as evidence of a "pre-existing condition" and thus deny
coverage. Is there any legislation in place prohibiting insurance
companys from using genetic information in benefit approval or payment?
Would physicians who encounter genetic information about a patient be
compelled to provide that information to insurance companies or
employers even though such information could be used to deny that
patient treatment or service?
Could an insurance company, knowing that a policy holder could pass
along a genetic disease, although the policy holder themself is
unafflicted, deny maternity benefits to that policy holder. Would the
risk of a yet unconcieved baby with a likelyhood of defect be more than
they would want to take?
I imagine this could also be used by employers to deny employment to
applicants for fear that this would put company plans for insurance,
disability and death benefits in jeopardy.
I'm curious as to what other members of this group know or question
about this topic.
--
Merrill Dodge
gmd@unislc.unisys.com
------------------------------
From: Paul Robinson <PAUL@tdr.com>
Date: 30 Sep 1994 12:27:30 -0500 (EST)
Subject: 2020 World - Erroneous Assumptions
Organization: Tansin A. Darcos & Company, Silver Spring, MD USA
Kurt Dahl announced his 2020 World Columm for the Seattle Times and a
corresponding listserver for general chitchat on the same subject. He offers
some suggestions including some comments that I hope are merely to raise
people's consiousness, because some of the assumptions could be dangerous
to people if taken as a serious suggestion.
One concept here is so flat out wrong that it bears direct examination:
It's the year 2020, your daughter Emily is 9 years old, and she
can't read or write. Is this your worst nightmare about our
schools come true? Nope, Emily just doesn't need to read or write
anymore.
The written word is a means to an end and not an end in itself. We
use it to communicate with large groups and to preserve ideas, but
we prefer the spoken word. In 2020world, with the ability to
create, store and send audio and video as easily as written words,
why would we need to read and write?
1. There are technical concepts and ideas that are not succeptible to
the "MTV Generation" 30-second sound bite concept. When was the last
time you heard about how the Soviets had supplied the Cubans in Africa
with Calcium Cyanide, an odorless, colorless, tasteless gas that in
small doses kills in 30 seconds, and in tiny doses causes instant
permanent irreversible brain damage? If you waited for it on the TV
news, you never saw it; the simple reason being that there are no
pictures to show.
2. Yes, graphics and drawings can assist the printed word, but they
cannot surpass it. For one thing, the average person can read faster
than they can hear; two to three times as fast. The average 30 minute
nightly newscast has about the information equivalent of the front page
of one newspaper, which the average reader can get most of the
information in 5 minutes, and get in depth in ten.
3. With training, people can learn to read as fast as 1,000 words per
minute. There is no way video can increase the rate of retention of
ideas because reading and visual analysis are done by two different
halves of the brain. Read material can be stored and retained longer
than visual material. Also, the average person only notices about 1/2
of what appears before them in an image, thus images would have to be
made less complicated to be able to carry the information.
4. Text material takes less resources than graphic material does. One
can display the entire text of, say, the Bible on an 8086 XT or any
earlier computer, with 2 meg of storage space (or less if compression
is used). To translate the Bible into images covering its entire text
or into sound would require much more expensive equipment including
graphics display and speech cards, plus graphics designers and
speakers.
5. I can go to a library and pick up a copy of Upton Sinclair's "The
Jungle" and read it, even if I pick up an original copy as published in
1906. I can't read a disk from a 1975 TRS-80 or even a 1983 Apple II
because the technology has changed. It's estimated the government is
losing the equivalent of millions of pages of information every year
because the technology to read old tapes and disks is becoming
obsolete, and because the media used to store the material is
deteriorating. Books printed on acid-free paper and stored in
low-light rooms (not high technology; easy for almost any library to
provide), can last hundreds of years.
6. There is a risk with electronic media in that paper can be examined
for alterations; electronic media can be altered in undetectable ways.
I am waiting for some bright prosecutor to figure out that he can
create fake video of crimes and use it to indict people on a
government's list of undesirables; it's pretty hard to convince a jury
that the movie of you robbing a convenience store or bank is actually a
fake which has been created from wholecloth.
7. Video production requires more expensive equipment than words.
Also, creating images takes longer than writing words to describe
them. This makes writing much cheaper to produce than video. (I
already pointed out that speech will always be slower than writing;
good speech can reach 150 words per minute vs. an ordinary 300 wpm for
a good reader, or as much as 1,000 for someone trained in speed
reading.)
8. Words can be edited and synopsized textually with much less effort
(and cost) than it takes to edit a sound recording or a video image.
Typing a paragraph and revising it on a video screen is going to take
less time than editing a 25 word sound bite on a tape or video editing
system. Contrary to his original words, editing sound or video is _an
order of magnitude_ more complicated than editing text. More
information can be packed into a $6.95, 300-page paperback that can be
produced in 50,000 copies for about $150,000 than can be done in a 2
hour movie that would cost $29.95 and require $75,000,000 to produce.
9. I can't do a grocery list by video. If it's recorded, I can't move
around the entries as I'm in the store. If I have a grocery list
encompassing 200 items, I can check off items as I find them; I can't
do that with a tape recorded list.
10. Increases in technology have demanded _more_ education and better
literacy. We still can't program computers by images; we have to have
written words.
11. People without the capability to discover the actual background
information of an issue are held hostage to those who can obtain it;
those who have the information can set the dialog for the discussion of
the issue. This is why many organizations that have agendas that the
general public would oppose if they knew them have been so successful
in spreading lies and half-truths about the issue in question or their
actual intent; because in some cases you have to find the written
materials to know what is going on, and in some cases you have to have
a technical background to understand the issue. If the only way you
can get information is via pictures and audio commentary, you are
severely handicapped to those who can also add to their information via
written materials.
But what about education? Video can do anything books can do;
well-produced video can do many things better. Which is the better
way to learn about the Civil War -- reading a text for 10 hours or
watching 10 hours of Ken Burns' PBS production on the Civil War?
I automatically am suspect of anything released on PBS since I know its
biases. What would be more interesting, in reading 10 hours of books,
would be to find out what was removed when the video was made. The
reading time for 10 hours can probably cover 600 pages of text, or in
terms of coverage, probably at least twice the breadth of material that
the Civil War series covered.
Further, with the reduced cost of written materials over video, it is
possible to find alternative viewpoints and more accurate material.
For example, in all of the video (movies or cartoons) I've ever seen
which attempt to depict the famous 1869 spike being laid at Promontory
Point, Utah to signify the railroads being joined from coast to coast,
it shows a man striking a hammer upon the spike. The books I've read
indicate that, when the first try was made, the crowd laughed because
the man missed the spike, as did the second man's attempt. The minor
little issues like these, which show the in-and-out day-to-day reality
of life is the sort of thing that works well in the printed word; it
doesn't film well in video.
2020 is 26 years from now. Moving backward, 26 years ago was 1968.
What has happened since then? The moon landing was 1 1/2 years away;
Disco; The Internet; VCRs; Microwave Ovens; Gasoline Shortages. In
1967 people bought fewer books and read less than they do now. With
more and more things being invented and discovered, this requires more
material to cover it, not less.
But there is one point he is correct upon; the average 9-year-old will
be less educated than the 6-year-old of today because the public
schools will be more expensive and less effective than they are now.
By the time someone comes out of college, his 2-year or 4-year degree
won't even be the functional equivalent of the high-school diploma of
1950.
---
Paul Robinson - Paul@TDR.COM
Reports on Security Problems: To Subscribe write PROBLEMS-REQUEST@TDR.COM
Voted "Largest Polluter of the (IETF) list" by Randy Bush <randy@psg.com>
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 26 Sep 1994 12:45:51 -0500 (CDT)
Subject: Info on CPD, Contributions, Subscriptions, FTP, etc.
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions generally are acknowledged within 24 hours of
submission. An article is printed if it is relevant to the charter of
the digest. If selected, it is printed within two or three days. The
moderator reserves the right to delete extraneous quoted material. He
may change the subject line of an article in order to make it easier
for the reader to follow a discussion. He will not, however, alter or
edit or append to the text except for purely technical reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V5 #043
******************************
.