Date: Fri, 14 Oct 94 15:34:24 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V5#049
Computer Privacy Digest Fri, 14 Oct 94 Volume 5 : Issue: 049
Today's Topics: Moderator: Leonard P. Levine
Re: SSN on driver's license in MO
Re: SSN on driver's license in MO
Re: Skip Tracer Finds Old Friends
Re: AOL Sells its Subscriber List
Re: AOL Sells its Subscriber List
Re: AOL Sells its Subscriber List
Re: AOL Sells its Subscriber List
How Direct Mail Works
Fingerprint Systems?
Re: Shareware Campaign Tool
Computers, Freedom and Privacy Conference 3/95
Social Responsibility Conference 7/95
Info on CPD, Contributions, Subscriptions, FTP, etc.
----------------------------------------------------------------------
From: gmcgath@condes.mv.com (Gary McGath)
Date: 13 Oct 1994 07:14:48 -0400
Subject: Re: SSN on driver's license in MO
Organization: Conceptual Design
Here's my contribution to the state-by-state information on SSN's on
driver's licenses:
In New Hampshire, you can simply request not to have your SSN included
on your driver's license. No hassle.
It's nice living in a reactionary, uncaring state like New Hampshire.
--
Gary McGath
gmcgath@condes.mv.com
------------------------------
From: Bill Parker <billp@snark.wizard.com>
Date: 13 Oct 1994 09:58:31 -0700
Subject: Re: SSN on driver's license in MO
Organization: @wizard.com - Las Vegas Access
Seth Golub (seth@cs.wustl.edu) wrote: heard that it was possible to
avoid this, so when I went down to get my license I was prepared to
deal with ignorant drones as long as was necessary to get a
different number.
You can do this in Nevada as well...
check a box on a form if I objected to using my SSN as my license
number. I checked the box, and I got a different number. No
hassle.
Here is the catch. The 12 digit number I have on my license can be
converted to my social security number by a simple math formula. It
may be this was in your state as well. Legislation is being introduced
in Nevada next year to make the alternative number TRULY random, with
no ties to your SSN.
--
Bill
------------------------------
From: haynes@cats.ucsc.edu (James H. Haynes)
Date: 13 Oct 1994 17:14:10 GMT
Subject: Re: Skip Tracer Finds Old Friends
Organization: University of California, Santa Cruz
Hmm, maybe some of those 60s radicals who have come out of hiding after
20 years or more should go into business as consultants, teaching
people how to not be found.
--
haynes@cats.ucsc.edu
------------------------------
From: millera@mcs.com (Alan Miller)
Date: 13 Oct 1994 09:43:43 -0500
Subject: Re: AOL Sells its Subscriber List
Organization: Bob's Bass House; We Got Bass!
Mark E Anderson +1 708 979 4716 <mea@intgp1.att.com> wrote: Here's
some of the things I found on AOL on the MARKETING PREFS window.
The main mechanism for taking your name off the list was rather
confusing and required you to put an X in one of the boxes. It
appeared that marking this box only stopped them from "renting"
your address to a specific list of products and services. This
means I have to write a letter, find a couple of envelopes and
stamps, walk to the mailbox, and hope the letter doesn't get "lost
in the mail."
No, see the explanations below.
MAIL PREFERENCE SERVICE
This doesn't relate to AOL at all, it's a separate service by the
Direct Marketing Association. Basically, they build a list of people
who don't want to receive unsolicited ads in the mail. Companies that
rent out lists can then compare the list(s) that they rent out to this
one and remove names that are on the "don't send me ads" list from
theirs. This actually makes their list more valuable, as it no longer
contains the people with the lowest chances of buying. As a side note,
I heard a rumor recently that this list is actually also used as a
listing of people more likely to be interested in personal security and
privacy products.
AMERICA ONLINE MAILING LIST POLICY
This should be the only thing you need to check relating to AOL
mailings. This will remove you from their list, but won't have any
effect on other mailings that you get from other companies' lists.
TELEPHONE PREFERENCE SERVICE
This is the same as the Mail preference service above, but for those
"I'd like to talk to you about your insurance" calls instead of for
mailings.
--
Alan Miller \\ millera@mcs.com
<a href="http://www.mcs.net/~millera/home.html">AJM's WWW page</a>
------------------------------
From: PHILS@RELAY.RELAY.COM (Philip H. Smith III, (703) 506-0500)
Date: 14 Oct 94 09:40:46 EDT
Subject: Re: AOL Sells its Subscriber List
mea@intgp1.att.com (Mark E Anderson) said (re AOL selling or
renting its subscriber list): What's the difference between selling
and renting a customer list?
There's a big difference. Selling means "Hi, here's a tape with the
info, give me a big check". Renting means (at least, in my experience)
"Hi, here's a set of mailing labels, give me a smaller check". Yes,
the renter could sit down and enter all the data on all the labels; but
they're (a) expressly forbidden to do so, and (b) it's hardly
cost-effective.
nowakp@hfsi.hfsi.com (Paul Nowak) said (re security clearances):
Actually they are more concerned with your character and lying
about the kind of company you keep is very indicative ... as is
telling the truth. They don't so much care that you smoked pot 30
years ago as they are that you're trying ot hide that fact ... and
could face extortion because of it.
I hope that's true today. It wasn't 40 years ago, when my father
worked for a subsidiary of the CIA as a translator: they were told
explicitly that being openly homosexual somehow made you MORE subject
to extortion than being secretly gay. He (nor I) could never make
sense of that alleged logic, but it was policy. Perhaps sanity has won
in the last 40 years in at least that area.
------------------------------
From: jyoull@tuba.bgsu.edu (Jim Youll)
Date: 14 Oct 1994 17:07:17 GMT
Subject: Re: AOL Sells its Subscriber List
Organization: Bowling Green State University
mea@intgp1.att.com (Mark E Anderson) writes: Here's some of the
things I found on AOL on the MARKETING PREFS window. The main
mechanism for taking your name off the list was rather confusing
and required you to put an X in one of the boxes. It...
Ditto on the confusion. It was pretty strange having to TYPE the letter
X into a little box on the screen. That should be a button. Maybe it's
a software thing? In any case my impression was that now AOL will not
release my name to anyone... i hope.
MAIL PREFERENCE SERVICE
For many people, advertising mail is informative and provides value,
convenience and fun. However, direct marketing companies recognize
that some people do not like to receive advertising mail.
If you want to reduce the amount of national advertising mail you
receive at home, send your name and address to the Direct Marketing
Association's Mail Preference Service (MPS):
This stuff helps limit ALL the junk mail you receive, not just things
that originated at AOL... so in that respect it was sort of nice of
them to leave instructions around if you want to curb even more junk
mail.
I didn't have any problem with that. Not everyone knows what the mail
preference service is all about... does it work? I wouldn't count on it
being absolute, but maybe it won't hurt.... someone once suggested that
sending your name to the mail preference service could make you an
attractive target for junk mail, because your mailbox wouldn't be
nearly as cluttered as your neighbor's... :)
What's the bit about junk mail providing "fun"? Am I missing
something?
------------------------------
From: Bruce Steinberg <bruces@sco.COM>
Date: 14 Oct 94 12:32:33 PDT
Subject: Re: AOL Sells its Subscriber List
Concerned about the recent posting I read on comp.risk (and
subsequently picked up on comp.society.privacy) regarding AOL selling
its subscriber list, I forwarded it last night without comment to a
number of friends who use AOL themselves.
One respondent in particular provided the following opinions and
information. (I have edited all headers and interpolated messages for
reasons of privacy and ease of reading the basic flow of the complete
dialogue.)
I haven't looked into the issue any further than this, but simply
wanted to share this exchange with the original newsgroups.
FYI, Bruce
////////////////
Subject: Re: AOL Sells its Subscriber List
<sigh>
Anybody who has read Steve Case's recent letter on this subject would
know that most of this information will *not* be included - the San
Jose Mercury published false information. In any case, everyone can
easily have their name completely excluded from the list. I know I've
already done so.
........
Thanks for the quick response; I was hoping for some reaction from my
aol.com pals. If this is really benign stuff, I'd suggest it might be
advisable for AOL to get some presence lurking and responding on a few
of the relevant and widely read newsgroups (e.g., this originally
appeared on comp.risks, and was subsequently picked up on
comp.society.privacy, both sober and seriously moderated groups).
........
Subject: Re: AOL Sells its Subscriber List
It might be. In the meantime, here's what I've got. Take it for whatever you
feel it's worth.
------------------------------
From: Mike Crawford <crawford@scipp.ucsc.edu>
Date: 13 Oct 1994 12:06:06 -0700
Subject: How Direct Mail Works
I used to be in the direct mail business... or rather I was a
programmer for a software company that was in essence a company that
sold software via direct mail. Perhaps I can shed a little light on
the AOL business with the following article I originally posted on
misc.legal.
(someone asked if it was legal to use business reply mail envelopes to
complain to direct mailers)
richardb50@aol.com (RichardB50) writes: None that I'm aware of. It
may give you some satisfaction, but it probably won't stop anyone
from sending you junk mail since in most cases the senders are
working from purchased lists and they don't have the time or
resources to edit them.
In fact, lists are almost always rented, and the senders of the mail do
not get to keep your name. They sign contracts to forbid them from
reusing the names. This is enforced by planting "seed names" in the
list - one friend of mine has his mother in his list. Whenever mom
gets a letter sent to a certain name, she forwards it to my friend who
checks out whether the mailing was authorized. The big mailers use
mail verification services that have PO boxes scattered about the
country, both to catch cheats and to verify that the mailings have been
sent and not dumped in a landfill.
A great deal of the direct mail you receive is meant less to actually
sell you something than it is meant to "acquire" your name. A mailing
is sent selling some inexpensive and attractive thing. If you respond,
the mailer can legitimately keep your name for his own list. He saves
future rental costs - ten cents per name per use - and he has
identified you as a "direct mail buyer", someone who opens your mail
and buys from the offers therein. The mailer will then concentrate his
offers on the captured names to sell more expensive items, or perhaps
look up the phone numbers to call you directly.
Further, the mailer can now rent your name to others, making ten cents
per each use. Doesn't it make you feel good, knowing that people
you've never even met are making a dime per mailing by selling your
good name? The more they know about you, the more they make. Usually
the small house lists are more valuable, as they have more narrowly
specified sorts of people on them. My friend above sold a list of
inexpensive Macintosh software utilities, and made a substantial
fraction of his businesses gross receipts from renting the list.
America Online has recently revealed that they sell (probably really
rent... they're not so stupid as to give away the family jewels) lists
of subscribers, with info about buying habits, etc.
(Now, AOL says that they do not divulge user's online activity, and I
am sure they do not supply details of buyer's incomes with their
lists. What list suppliers usually do, though, is supply
"selections". One can specify that one wants a list of people in a
particular income range, or people that are at business addresses, or
home addresses, or people whose zip codes match particular criteria.
"90210" might be a good zip code for Rolls Royce ads, while 95060
(Santa Cruz) would be good for selling surfboards. It is possible to
rent lists from various sources, which allow one to select various
criteria, and pick out just names that occur on all the lists, in order
to select prospects with very exacting specifications. For example,
using AOL and the voter registration lists - available for just $200 in
Santa Cruz, one could select all the registered republican Macintosh
Users, or registered Democratic Windows users).
If you write to a mailer to say "Take me off your mailing list," well,
I have to say, you're usually out of luck. Most likely you're not on
their mailing list, and you'll be ignored. If you're lucky, you're on
their "house" list and they will usually take you off (it increases the
value of the list to remove people who aren't "buyers"). But if you
never buy anything direct mail, you'll never be on the house lists of
the people who mail to you.
They might just be obnoxious and _put_ you on their list
You're one hope is to write to the Mail Preference Service at the
Direct Marketing Association. You'll be put in a list which is used to
filter the mailing lists. Some work and expense is required to
actually do this filtering, so it will take some time for your name to
drop off the lists, and it will only be removed from those lists who go
to the trouble of filtering.
Worse, your name will still be used for mailing. The mail preference
list is one of the most lucrative lists in the business! The people
one are _buyers_! How can this be, you ask incredulously. The list
gets high responses to offers of security and privacy products, the
sort of things that are purchased by people who don't wish to be
bothered.
What can you do? Support legislation to require the kinds of controls
over computer information that they have in Europe. In the US, you can
at best ask to be removed from the databases, and they don't have to
accede to your request. My understanding is that in Europe you cannot
be put into such a marketing list without your prior consent. There
have been efforts to bring this to the US, but the Direct Marketing
Association has squashed it, hard.
I remember reading about one particularly frustrated fellow who
taped junk mail business reply envelopes to bricks and mailed them
back. Good luck.
This won't work. The post office just trashes them. They will send
envelopes containing bits of metal, though. My friend's got a little
display on the wall of his office of all the wierd stuff people have
sent in his BRE's - spent bullets, brass hinges, rambling letters
written by mentally ill folk, virulently racist literature and
cartoons. I have another friend who used to save the lead foil that
was placed over wine bottle corks - she put the lead foil into BRE's.
I've always contemplated the idea of printing a BRE label with a laser
printer and using it to make a convincing "business reply box". One
would just have to enter the business' address and permit number into a
template. Perhaps if it was done well enough the post office would
send such a box. But this would probably be a violation of postal
laws.
--
Mike Crawford | Call Congress toll free at 1-800-768-2221. When the
crawford@scipp.ucsc.edu | operator answers, ask for your Senator or Rep.
------------------------------
From: kerberr@news.latimes.com (Ross Kerber)
Date: 13 Oct 1994 20:28:13 -0500
Subject: Fingerprint Systems?
Organization: UTexas Mail-to-News Gateway
Hello -- I'm a reporter for the LA Times and I'm doing a story on
companies involved with fingerprint ID systems. I would appreciate any
comments and/or thoughts on the issues associated with such systems.
For example, would it be easier to build and manage a system for
welfare recipients, gun permits, etc., than it would be to build a
database for criminal ID by police on the street? (Since clients of a
gov. agency would be entered into a single database, and would be
supplying their (presumably real) names along with the print, would
that make it easier to search the database than it would be to run a
cold search on a print against a database of, say, wanted felons?)
I'm also curious if anybody knows of automated fingerprint ID systems
being used or considered by government agencies, or business firms.
I'm interested in both technical and social issues related to the
development of these systems.
I'd prefer that replies be sent to my email address, as it's difficult
for me to access newsgroups.
--
Ross Kerber
Staff Writer / Los Angeles Times
voice: 714 966 7830
fax : 714 966 7711
kerberr@news.latimes.com
------------------------------
From: Bill Parker <billp@snark.wizard.com>
Date: 14 Oct 1994 09:00:08 -0700
Subject: Re: Shareware Campaign Tool
Organization: @wizard.com - Las Vegas Access
Gordon Burditt (gordon@sneaky.lonestar.org) wrote: I found this
little tidbit interesting. Is it really possible to go to the
polls and determine, in the middle of an ongoing election, who has
voted and who hasn't? Why? How does one do this without
disrupting the process of voting? (In areas where I vote, this
information is kept manually in several large computer-printed list
of eligible voters, divided alphabetically by last name. It may be
computerized
In Nevada the answer is yes. Before 1994 pollwatchers (people
authorized by a candidate, incumbent, or political party to keep an eye
on things) had access to the roster books a total of 4 times during
election hours (7AM to 7PM) and could take down the name, party, etc.
of any information in the roster book.
After problems with elections in Clark County in 1993, the legislature
passed election reform measures which now require election workers to
update a list once an hour of all the people who have voted in a given
polling center. The pollwatchers (or any other person) may examine
this list and take whatever they like from it. Pollwatchers are no
longer allowed to examine the roster books in Clark County.
ballots isn't done, but there's not supposed to be a one-to-one
correspondence between voter and ballot to keep individual votes
private. Taking the lists away from the election workers during
the election will definitely bog down the voting process.)
Individuual votes are indeed private, and looking at the list of people
who voted will not tell you HOW they voted, but if they did or not.
FYI, where I was at, we did not have one person examine the list of
people who voted in the primary election (Sept 6). However, you can
use the information to develop how much of a part. party voted.
--
| email: billp@wizard.com |
| (or snark.wizard.com) |
| RIME: route to ->383 |
------------------------------
From: email list server <listserv@Sunnyside.COM>
Date: 12 Oct 1994 23:21:11 -0700
Subject: Computers, Freedom and Privacy Conference 3/95
The following note summarizes a Call for Papers which may be of some
interest for people on this Forum. The entire document may be found
using gopher in:
gopher.cs.uwm.edu/computer-privacy/z-library/freedom-privacy-3-95
Call for Participation - CFP'95
The Fifth Conference on Computers, Freedom and Privacy
Sponsored by the ACM SIGCOMM, SIGCAS, SIGSAC and Stanford Law School
28 - 31 March 1995
San Francisco Airport Marriott Hotel, Burlingame, California
INVITATION
This is an invitation to submit session and topic proposals for
inclusion in the program of the Fifth Conference on Computers, Freedom
and Privacy. Proposals may be for individual talks, panel discussions,
debates, or other presentations in appropriate formats. Proposed topics
should be within the general scope of the conference, as outlined
below.
SCOPE
The advance of computer and telecommunications technologies holds great
promise for individuals and society. From convenience for consumers and
efficiency in commerce to improved public health and safety and
increased participation in democratic institutions, these technologies
can fundamentally transform our lives. New computer and
telecommunications technologies are bringing new meanings to our
freedoms to speak, associate, be left alone, learn, and exercise
political power.
At the same time these technologies pose threats to the ideals of a
just, free, and open society. Personal privacy is increasingly at risk
from invasion by high-tech surveillance and eavesdropping. The myriad
databases containing personal information maintained in the public and
private sectors expose private life to constant scrutiny. Political,
social, and economic fairness may hinge on ensuring equal access to
these technologies, but how, at what cost, and who will pay?
Technological advances also enable new forms of illegal activity,
posing new problems for legal and law enforcement officials and
challenging the very definitions of crime and civil liberties. But
technologies used to combat these crimes can threaten the traditional
barriers between the individual and the state.
Even such fundamental notions as speech, assembly and property are
being transformed by these technologies, throwing into question the
basic Constitutional protections that have guarded them. Similarly,
information knows no borders; as the scope of economies becomes global
and as networked communities transcend international boundaries, ways
must be found to reconcile competing political, social, and economic
interests in the digital domain.
The Fifth Conference on Computers, Freedom and Privacy will assemble
experts, advocates and interested people from a broad spectrum of
disciplines and backgrounds in a balanced public forum to explore and
better understand how computer and telecommunications technologies are
affecting freedom and privacy in society. Participants will include
people from the fields of computer science, law, business, research,
information, library science, health, public policy, government, law
enforcement, public advocacy, and many others.
The entire document may be found using gopher in:
gopher.cs.uwm.edu/computer-privacy/z-library/freedom-privacy-3-95
------------------------------
From: nolod@ccr.jussieu.fr
Date: 13 Oct 1994 14:48:28 +0000
Subject: Social Responsibility Conference 7/95
The following note summarizes a Call for Papers which may be of some
interest for people on this Forum. The entire document may be found
using gopher in:
gopher.cs.uwm.edu/computer-privacy/z-library/social-responsibility .
CALL FOR PAPERS
KEY PLAYERS IN THE INTRODUCTION OF INFORMATION TECHNOLOGY : THEIR
SOCIAL RESPONSIBILITY AND PROFESSIONAL TRAINING
COMPUTER PROFESSIONALS, USERS, DECISION MAKERS
NAMUR (Belgium) - 5-6-7 Juillet 1995
INTRODUCTION
The advances and diversification of techniques in information
Technology (IT) together with the progressive changes in the social,
economic and cultural context, raise questions, from a new perspective,
of identity and responsibility among the different groups involved in
the development of IT and the spread of its application in society.
How may the roles and functions of members of the IT professions be
defined ? Today, Computer Scientists recognise that the nature and
responsibilities of their profession are constantly becoming more
diverse. However these responsibilities can only be defined taking
account of those exercised by other key players concerned with
computerisation ; managers and decision makers (politicians,
economists, financiers), users of IT systems, educators, trainers and
ergonomists.
There is a growing consensus that teaching at school and university
level is still too focused upon technical education and
specialisation. Education or training, particularly that for computer
professionals, must recognise the social and human dimensions of their
professional activity. Such preparation, which will allow computer
scientists and other professionnal users of IT systems to fully
discharge their responsibilities, raises new questions in terms of its
content and pedagogical approach.
"Identity", "Responsibility" and Training" will be the three themes to
be addressed in the course of the colloquium.
The entire document may be found using gopher in:
gopher.cs.uwm.edu/computer-privacy/z-library/social-responsibility .
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 26 Sep 1994 12:45:51 -0500 (CDT)
Subject: Info on CPD, Contributions, Subscriptions, FTP, etc.
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions generally are acknowledged within 24 hours of
submission. An article is printed if it is relevant to the charter of
the digest. If selected, it is printed within two or three days. The
moderator reserves the right to delete extraneous quoted material. He
may change the subject line of an article in order to make it easier
for the reader to follow a discussion. He will not, however, alter or
edit or append to the text except for purely technical reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V5 #049
******************************
.