Date: Tue, 18 Oct 94 10:10:08 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V5#050
Computer Privacy Digest Tue, 18 Oct 94 Volume 5 : Issue: 050
Today's Topics: Moderator: Leonard P. Levine
SSN on Drivers Licence in Alaska
Privacy over the Internet: Myth or Reality
Psycho-Social Factors in Info Security
Helping Teach Kids CyberEthics
Re: Helping Teach Kids CyberEthics
CompuServe Ethics Guide
Re: How to Verify Your Phone Number
Mail Preference Service
EFF Statement on Passage of Digital Telephony Act
Info on CPD, Contributions, Subscriptions, FTP, etc.
----------------------------------------------------------------------
From: Peter Dolan <fxpcd@camelot.acf-lab.alaska.edu>
Date: 15 Oct 94 18:07:27 -0800
Subject: SSN on Drivers Licence in Alaska
Up here in Alaska the slot for your SSN says optional. Or at least it
did when I got my license 6 years ago. I don't think it's changed
since then.
------------------------------
From: AB0448A@american.edu (Amadou D. Barry)
Date: 15 Oct 94 22:58:12 EDT
Subject: Privacy over the Internet: Myth or Reality
Organization: The American University
The Internet is ubiquitous and everybody is using it (students, experts
in different fields of research, businessman/woman, etc). Because of
this free flow of information over the Internet, many people are
concerned about privacy over the Internet. Furthermore, the Internet
has been viewed by US Vice President Gore as the backbone of the future
NII(National Information Infrastructure). Therefore, it is important
before adopting this new facility to consider the privacy issue over
the Internet. Being a netter, do you think that your privacy is
protected or compromised? Are you aware that personal information can
be tapped or viewed by someone else without your knowledge? Do you
compromise your privacy rights in exchange to the Internet services?
--
Amadou Barry
Free flow of information with responsibility .
------------------------------
From: Bob Bales <74774.1326@CompuServe.COM>
Date: 16 Oct 1994 14:12:17 GMT
Subject: Psycho-Social Factors in Info Security
Organization: National Computer Security Association
When implementing an information security program, it is important to
achieve the appropriate balance between policy and procedure, education
and awareness, and the implementation of technical safeguards. Fail to
achieve this balance and your program is doomed.
Another issue that can spell disaster is failure to consider how your
program will be received by your people. At last years National
Computer Security Conference in Baltimore, the best paper went to Dr.
Mich Kabay, for his work on the psycho-social factors in InfoSec. His
paper provides an outstanding framework for understanding the issues,
as well as providing concrete recommendations for dealing with them in
an appropriate manner.
If you have not seen this paper, I'd be happy to send it to you upon
request. Just send me an EMail that I can simply "reply" to and you'll
have a copy forthwith.
--
Bob Bales | CompuServe InfoSec Forum: GO NCSA
Natl Computer Security Assoc| Phone: 717-258-1816
10 South Courthouse Avenue | Fax: 717-243-8642
Carlisle, PA 17013 | Email: 74774.1326@compuserve.com
------------------------------
From: Bob Bales <74774.1326@CompuServe.COM>
Date: 16 Oct 1994 16:12:17 GMT
Subject: Helping Teach Kids CyberEthics
Organization: National Computer Security Association
The National Computer Security Association and the Computer
Ethics Institute are among the sponsors of the National Computer
Ethics and Responsibilities Campaign (NCERC).
The NCERC Guide to Computer Ethics has been developed to provide
useful information on a wide range of ethical issues. Among the
articles is one entitled "Ten Questions Parents Should Ask Their
Children". It is intended to help parents overcome the
communications barrier with their cyber-literate offspring. Many
parents are intimidated by the technology, and too often abdicate
their oversite responsibility in this crucial area of their
childs life.
To receive a copy of this interesting article, send me an EMail
to which I can reply. I'll respond promptly.
--
Bob Bales | CompuServe InfoSec Forum: GO NCSA
Natl Computer Security Assoc| Phone: 717-258-1816
10 South Courthouse Avenue | Fax: 717-243-8642
Carlisle, PA 17013 | Email: 74774.1326@compuserve.com
[moderator, I asked permission to post the response. Mr Bales
responded with the following, which I took for assent. The posting
follows this post.]
Our real interest is to get the information to as many people as
possible. On the other hand, we depend on a certain level of
support/funding to allow us to keep producing good stuff. I'd say
let's post it so it gets max distribution; if you are able, include
reference to the campaign and "for more information about the complete
NCERC Guide to Computer Ethics, send an EMail request to Bob Bales at
74774.1326@compuserve.com "; how's that sound?
--
Bob
------------------------------
From: "(NCSA) Bob Bales" <74774.1326@compuserve.com>
Date: 17 Oct 94 09:52:57 EDT
Subject: Re: Helping Teach Kids CyberEthics
Computer Ethics Campaign Information and Article
The National Computer Security Association (NCSA) and the Computer
Ethics Institute are co-sponsors of the National Computer Ethics
and Responsibilities Campaign (NCERC).
Information about the NCERC can be obtained in a dedicated
display area, GO CETHICS, on the CompuServe Information Service.
In addition to the display area, NCSA has established a section
within the NCSA InfoSecurity Forum (GO NCSAFORUM) for discussion
of issues and concerns relating to ethics and privacy. Your
involvement is encouraged!
The NCERC Guide to Computer Ethics has been developed to support
the campaign. All files within the guide are available as
individual files within Library 2 of the NCSA InfoSecurity Forum. In
addition, the guide (including 16 informative articles) is available
as a paper document. If you are interested in receiving more
information about purchasing this document, and providing support
for the campaign, send your request via EMail to:
74774.1326@compuserve.com
TEN QUESTIONS PARENTS SHOULD ASK THEIR CHILDREN
Peter S. Tippett, Ph.D., M.D.
Symantec's Peter Norton Group
Board Member, Computer Ethics Institute
1. Do you legitimately own all of the software, games, and programs
you have or use?
Software Piracy, Clarifying Questions:
Are any of your programs or software bootlegged or pirated copies?
Where are the manuals, boxes, license agreements for the programs
you have or use?
Where did you get that game? (program?, floppy?, software?)
When programs first start running on your computer, whose name
comes on the screen as the "owner" or "licensed-to."
2. Where did the contents of your report / project / homework come
from -- does any of it belong to someone else?
Did you write/create/author what you're passing off as your own
work?
Where did you get the text and images you're using?
If you copied text and images from another source, did you have
permission?
If you didn't need permission from the "owners" of the information
you're using, did you credit them for the material?
3. Do you ever use other people's computer, disk-space or
processing capability, or look at or copy their files or
information, without their knowledge or permission?
4. Do you have any prank programs, computer viruses, worms, trojan
horse programs, bombs, or other malicious software?
Malicious Software: Clarifying Questions:
Do you use bulletin boards or systems that contain these things, or
have friends or acquaintances who do?
Do you write or create any software like this or deal with people
who do?
Malicious Software: Explanation of the Problem
5. Do you have any computer graphics files, clips, movies,
animations or drawings that you would be embarrassed about?
Do you have them legitimately (Piracy)
Are they things you would be comfortable showing me? Showing your
grandmother?
Do you have any pictures, video clips, sound clips, articles, text,
or other software or files which contain pornography, violence,
dangerous instructions other distasteful material?
Do you access or view any of these kinds of things when using the
net?
6. Do you have any newsletters, plans, guidelines, or "how-to"
documents or files that you would not be comfortable showing to
your mother?
Making Bombs, breaking into systems, stealing telephone access,
stealing computer access, stealing passwords, pornographic or
violent text, guides, descriptions, ......
Do you create, contribute to or receive anything like this?
7. Do you ever connect your computer to a telephone, use a modem,
or otherwise use a network?
Clarifying Questions:
Do you use E-Mail (electronic mail)?
Do you use Bulletin Boards (BBS) (electronic bulletin board
systems)?
Is your computer ever connected to other computers?
Do you use a Modem?
Explanation:
There is nothing either unethical or illegal about using networks
or connecting computers to telephones. But, you should be aware
that when computers are somehow part of a computer network, then
they are not just used for "computing," but also for
"communication" in a very broad sense of the word. Since
"communication," by definition, always includes someone else, and
since ethics, or lack of it, relates mainly to our interactions
with others, the networking of computers, by any means, leads to
many, many more potential ethical dilemmas for a computer user,
than non-network computing.
The Questions above this one are all possible with both networked
or non-networked computers. Whereas the questions below this
mostly make sense for people who use networked computers. But,
even for those issues related to the questions above, being
connected to a network makes it easier to stray into trouble.
8. Who do you associate with when you use the Net?
BBS, Internet, CompuServe, Delphi, Fidonet, America On-line...
E-Mail, Discussion Groups, Gangs, Influence
Just as you would like to steer your children (and friends) away
from bad influences in their daily lives, so should you attempt to
discern the character of their cyber-friends
9. Do you ever use an assumed name, a handle, or an alias instead
of your real name?
Do supply a false information about yourself when using a bulletin
board, a news group, a message group, or forum, any part of the
net, or when using e-mail or when otherwise communicating?
Do you use your real age & sex when communicating with your
computer?
Do you use any false information like addresses, or phone numbers
or use someone else's credit card number when using your computer?
Do you ever send messages or e-mail in such a way that the
recipient cannot tell that you sent it?
Have you ever modified data, text, messages, or other computer
information so that it looks like someone other than you created it
or made the changes?
What are you trying to hide by not using your real name?
Are you trying to pretend you are something or someone you are not?
10. Do use telephone, video, cable-TV, computer network, bulletin
board, or other network services without paying for them?
------------------------------
From: "(NCSA) Bob Bales" <74774.1326@compuserve.com>
Date: 17 Oct 94 09:53:58 EDT
Subject: CompuServe Ethics Guide
Info about the entire ethics guide:
National Computer Ethics and Responsibilities Campaign (NCERC)
Guide to Computer Ethics
Table of Contents
The National Computer Security Association (NCSA) and the Computer
Ethics Institute are co-sponsors of the National Computer Ethics and
Responsibilities Campaign (NCERC).
Information about the campaign can be obtained in a dedicated display
area, GO CETHICS, on the CompuServe Information Service. This area
features a wide variety of information about such issues as
establishing an EMail policy, software piracy, The Ten Commandments of
Computer Ethics, and information about what you can do to become
involved.
In addition to the display area, NCSA has established a section within
the NCSA InfoSecurity Forum (GO NCSAFORUM) for discussion of issues and
concerns relating to ethics and privacy. Your involvement is
encouraged!
The NCERC Guide to Computer Ethics has been developed to support the
campaign. All files within the guide are available as individual files
within Library 2 of the NCSA InfoSecurity Forum (GO NCSAFORUM) as
follows:
File Name Article Description
ETH00.TXT NCERC Overview and Guide Introduction
ETH01.TXT Ten Questions Parents Should Ask Their Children
ETH02.TXT End User's Five Basic Tenets of Responsible Computing
ETH03.TXT Four Values for Computing
ETH04.TXT Considerations for Conduct
ETH05.TXT Unacceptable InterNet Activity
ETH06.TXT Ten Commandments of Computer Ethics
ETH07.TXT Code of Fair Information Practices
ETH08.TXT Electronic Commerce - Business CyberEthics
ETH09.TXT Privacy Policy for Corporate Electronic Messaging
ETH10.TXT Computer Ethics Theory
ETH11.TXT Common Fallacies of the Computer Generation
ETH12.TXT New and Improved Marketing Rules for the InterNet
ETH13.TXT Personal Responsibility in the On-Line World
ETH14.TXT Protecting Privacy
ETH15.TXT Ethics and Virtuality
ETH16.TXT Teaching Computer Ethics to Children
To order the paper copy of the Guide to Computer Ethics, complete the
order form below:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
BOOK ORDER FORM
Item No. Book Title Price
ETHICSGD NCERC Guide to Computer Ethics $ 12.00
Tax (PA residents only add 6%): ________________
Shipping Charges (See below): ________________
Total: ________________
Shipping: US - UPS ground $3/book
Next Day $20/book
Second Day $15/book
Canada - $15/book
Other - Air $20/book
Name: ____________________________________________________
Org: ____________________________________________________
Street
Address: ____________________________________________________
____________________________________________________
Ci/St/Zip: ____________________________________________________
Phone: ________________________ Fax: ____________________
Make checks payable to NCSA, or
Charge to ( ) VISA or ( ) MasterCard ( ) AMEX
Number: ____________________________________________
Exp date: ______________________
MAIL TO:
National Computer Security Association
10 South Courthouse Avenue
Carlisle, PA 17013
Phone 717-258-1816 or FAX 717-243-8642
------------------------------
From: dawson@world.std.com (Keith Dawson)
Date: 16 Oct 1994 21:28:23 GMT
Subject: Re: How to Verify Your Phone Number
Organization: The World Public Access UNIX, Brookline, MA
otto@vaxb.acs.unt.edu wrote: 1-800-MY-ANI-IS ... worked just fine for
me in 817 land.
from 508 land dialing that number got me "We're sorry, we cannot
complete your call as dialed."
--
Keith Dawson dawson@world.std.com
On the Internet no one knows you're a Turing machine.
------------------------------
From: hudspeth@jarhead (Todd Hudspeth)
Date: 18 Oct 94 09:14:51 CDT
Subject: Mail Preference Service
Can anyone give any direction as to how to contact (address, telephone
number, etc.) the Direct Marketing Association's Mail Preference
Service (MPS)? Are there several MPSs' or is there a primary focal
point?
Todd A. Hudspeth
Security Administrator
CSC
MSFC/NASA
hudspeth@jarhead.msfc.nasa.gov
telephone: (205) 544-8649
fax: (205) 544-8990
[moderator: this was covered in issue 48 of volume 5 Wed, 12 Oct 94.
It is in the third item. I am sending a copy of that number to you as
a separate mailing. I will post your question however, with a short
reply since the second part of the question still needs to be asked.]
------------------------------
From: mech@eff.org (Stanton McCandlish)
Date: 08 Oct 1994 14:23:09 -0500
Subject: EFF Statement on Passage of Digital Telephony Act
Organization: UTexas Mail-to-News Gateway
EFF Statement on and Analysis of Digital Telephony Act
------------------------------------------------------
October 8, 1994
Washington, DC - Congress late Friday (10/7) passed and sent to the
President the Edwards/Leahy Digital Telephony Legislation (HR 4922/S
2375). The bill places functional design requirements on
telecommunications carriers in order to enable law enforcement to
continue to conduct electronic surveillance pursuant to a court order,
though the bill does not expand law enforcement authority to conduct
wiretaps. Moreover, the design requirements do not apply to providers
or operators of online services such as the Internet, BBS's,
Compuserve, and others. The bill also contains significant new privacy
protections, including increased protection for online personal
information, and requirements prohibiting the use of pen registers to
track the physical location of individuals.
Jerry Berman, EFF's Policy Director, said: "Although we remain
unconvinced that this legislation is necessary, the bill draws a hard
line around the Internet and other online networks. We have carved
cyberspace out of this legislation".
Berman added, "The fact that the Internet, BBS's, Prodigy, and other
online networks are not required to meet the surveillance capability
requirements is a significant victory for all users of this important
communications medium."
Privacy Protections for Online Personal Information Increased
-------------------------------------------------------------
The bill adds a higher standard for law enforcement access to online
transactional information. For maintenance and billing purposes, most
online communications and information systems create detailed records
of users' communication activities as well as lists of the information,
services, or people that they have accessed or contacted. Under
current law, the government can gain access to such transactional
records with a mere subpoena, which can be obtained without the
intervention of a court. To address this issue, EFF pushed for the
addition of stronger protections against indiscriminate access to
online transactional records.
Under the new protections, law enforcement must convince a court to
issue an order based on a showing of "specific and articulable facts"
which prove that the information sought would be relevant and material
to an ongoing criminal investigation.
Berman said: "The new legal protections for transactional information
are critical in that they recognize that these records are extremely
sensitive and deserve a high degree of protection from casual law
enforcement access. With these provisions, we have achieved for all
online systems a significantly greater level of protection than exists
today for any other form of electronic communication, including the
telephone."
EFF to Continue to Monitor Implementation
-----------------------------------------
Berman added: "There are numerous opportunities under this bill for
public oversight and intervention to ensure that privacy is not
short-changed. EFF will closely monitor the bill's implementation, and
we stand ready to intervene if privacy is threatened."
In the first four years, the government is required to reimburse
carriers for all costs associated with meeting the design requirements
of the bill. After four years, the government is required to reimburse
carriers for all costs for enhancements that are not "reasonably
achievable", as determined in a proceeding before the FCC. The FCC
will determine who bears the costs in terms of the impact on privacy,
costs to consumers, national security and public safety, the
development of technology, and other factors. If the FCC determines
that compliance is not reasonably achievable, the government will
either be required to reimburse the carrier or consider it to be in
compliance without modification.
Berman said: "EFF is committed to making a case before the FCC, at the
first possible opportunity, that government reimbursement is an
essential back-stop against unnecessary or unwanted surveillance
capabilities. If the government pays, it will have an incentive to
prioritize, which will further enhance public accountability and
protect privacy."
EFF Decision to Work on Legislation
-----------------------------------
Since 1992 EFF, in conjunction with the Digital Privacy and Security
Working Group (a coalition of over 50 computer, communications, and
public interest organizations and associations working on
communications privacy issues, coordinated by EFF) has been successful
at stopping a series of FBI Digital Telephony proposals, which would
have forced communications companies to install wiretap capability into
every communications medium. However, earlier this year, Senator Leahy
and Rep. Edwards, who have helped to quash previous FBI proposals,
concluded that passage of such a bill this year was inevitable. Leahy
and Edwards stepped in to draft a narrow bill with strong privacy
protections, and asked for EFF's help in the process.
"By engaging in this process for the last several months," Berman
noted, "we have been successful in helping to craft a proposal that is
significantly improved over the FBI's original bill in terms of
privacy, technology policy, and civil liberties, and have, in the
process, added significant new privacy protections for users of
communications networks. We commend Representative Edwards, Senator
Leahy, and Representatives Boucher and Markey for standing up for civil
liberties and pushing for strong privacy protections."
The Electronic Frontier Foundation (EFF) is a non-profit public
interest organization dedicated to achieving the democratic potential
of new communications technology and works to protect civil liberties
in new digital environments.
Other Privacy Protections Added by the Bill
-------------------------------------------
The bill also adds the following new privacy protections
* The standard for law enforcement access to online transactional records
is raised to require a court order instead of a mere subpoena.
* No expansion of law enforcement authority to conduct electronic
surveillance.
* The bill recognizes a citizen's right to use encryption.
* All authorized surveillance must be conducted with the affirmative
intervention of the telecommunications carrier. Monitoring
triggered remotely by law enforcement is prohibited.
* Privacy advocates will be able to track law enforcement requests
for surveillance capability, and expenditures for all surveillance
capability and capacity added under this bill will be open to
public scrutiny.
* Privacy protections must be maintained in making new technologies
conform to the requirements of the bill, and privacy advocates may
intervene in the administrative standard setting process.
* Information gleaned from pen register devices is limited to dialed
number information only. Law enforcement may not receive location
information.
Analysis of and comments on major provisions of the bill
--------------------------------------------------------
A. Key new privacy protections
1. Expanded protection for transactional records sought by law
enforcement
Senator Leahy and Rep. Edwards have agreed that law enforcement access
to transactional records in online communication systems (everything
from the Internet to AOL to hobbyist BBSs) threatens privacy rights
because the records are personally identifiable, because they reveal
the content of people's communications, and because the compilation of
such records makes it easy for law enforcement to create a detailed
picture of people's lives online. Based on this recognition, the draft
bill contains the following provisions:
i. Court order required for access to transactional records instead of
mere subpoena
In order to gain access to transactional records, such as a list of to
whom a subject sent email, which online discussion group one subscribes
to, or which movies you request on a pay-per view channel, law
enforcement will have to prove to a court, by the showing of "specific
and articulable facts" that the records requested are relevant to an
ongoing criminal investigation. This means that the government may not
request volumes of transactional records merely to see what it can find
through traffic analysis. Rather, law enforcement will have to prove to
a court that it has reason to believe that it will find some specific
information that is relevant to an ongoing criminal investigation in
the records that it requests.
With these provisions, we have achieved for all online systems, a
significantly greater level of protection than currently exists for
telephone toll records. The lists of telephone calls that are kept by
local and long distance phone companies are available to law
enforcement without any judicial intervention at all. Law enforcement
gains access to hundreds of thousands of such telephone records each
year, without a warrant and without even notice to the citizens
involved. Court order protection will make it much more difficult for
law enforcement to go on "fishing expeditions" through online
transactional records, hoping to find evidence of a crime by accident.
ii. Standard of proof much greater than for telephone toll records, but
below that for content
The most important change that these new provisions offer, is that law
enforcement will (a) have to convince a judge that there is reason to
look at a particular set of records, and (b) have to expend the time
and energy necessary to have a US Attorney or DA actually present a
case before a court. However, the burden or proof to be met by the
government in such a proceeding is lower than required for access to
the content of a communication.
2. New protection for location-specific information available in
cellular, PCS and other advanced networks
Much of the electronic surveillance conducted by law enforcement today
involves gathering telephone dialing information through a device known
as a pen register. Authority to attach pen registers is obtained merely
by asserting that the information would be relevant to a criminal
investigation. Courts have no authority to deny pen register requests.
This legislation offers significant new limits on the use of pen
register data.
Under this bill, when law enforcement seeks pen register information
from a carrier, the carrier is forbidden to deliver to law enforcement
any information which would disclose the location or movement of the
calling or called party. Cellular phone networks, PCS systems, and
so-called "follow-me" services all store location information in their
networks. This new limitation is a major safeguard which will prevent
law enforcement from casually using mobile and intelligent
communications services as nation-wide tracking systems.
i. New limitations on "pen register" authority
Law enforcement must use "technology reasonably available" to limit pen
registers to the collection of calling number information only.
Currently, law enforcement is able to capture not only the telephone
number dialed, but also any other touch-tone digits dialed which
reflect the user's interaction with an automated information service on
the other end of the line, such as an automatic banking system or a
voice-mail password.
3. Bill does not preclude use of encryption
Unlike previous Digital Telephony proposals, this bill places no
obligation on telecommunication carriers to decipher encrypted
messages, unless the carrier actually holds the key. The bill in no
way prohibits citizens from using encryption.
4. Automated remote monitoring precluded
Law enforcement is specifically precluded from having automated, remote
surveillance capability. Any electronic surveillance must be initiated
by an employee of the telecommunications carrier.
5. Privacy considerations essential to development of new technology
One of the requirements that telecommunications carriers must meet to
be in compliance with the Act is that the wiretap access methods
adopted must protect the privacy and security of each user's
communication. If this requirement is not met, anyone may petition the
FCC to have the wiretap access service be modified so that network
security is maintained. So, the technology used to conduct wiretaps
cannot also jeopardize the security of the network as a whole. If
network-wide security problems arise because of wiretapping standards,
then the standards can be overturned.
6. Increased Public Accountability
All law enforcement requests for surveillance capability and capacity,
as well as all expenditures paid by law enforcement to
telecommunications carriers and all modifications made by carriers to
comply with this bill, will be accountable to the public. The
government is also required to pay for all upgrades, in both capability
and capacity, in the first four years, and all costs after four years
for incorporating the capability requirements in the costs for meeting
those requirements are not 'reasonably achievable'. A determination of
whether compliance after four years is reasonably achievable will be
made by the FCC in an open and public proceeding. Government
reimbursement for compliance costs will permit the public the
opportunity to decide whether additional surveillance capability is
necessary.
In all, the reimbursement requirements combined with the reporting
requirements and the open processes built in to this bill, law
enforcement surveillance capability, capacity, and expenditures will be
more accountable to the public than ever before.
B. Draconian provisions softened
In addition, the surveillance requirements imposed by the bill are not
as far-reaching as the original FBI version. A number of procedural
safeguards are added which seek to minimize the threatens to privacy,
security, and innovation. Though the underlying premise of the Act is
still cause for concern, these new limitations deserve attention:
1. Narrow Scope
The bill explicitly excludes Internet providers, email systems, BBSs,
and other online services. Unlike the bills previously proposed by the
FBI, this bill is limited to local and long distance telephone
companies, cellular and PCS providers, and other common carriers.
2. Open process with public right of intervention
The public will have access to information about the implementation of
the Act, including open access to all standards adopted in compliance
with the Act, the details of how much wiretap capacity the government
demands, and a detailed accounting of all federal money paid to
carriers for modifications to their networks. Privacy groups, industry
interests, and anyone else has a statutory right under this bill to
challenge implementation steps taken by law enforcement if they
threaten privacy or impede technology advancement.
3. Technical requirements standards developed by industry instead
of the Attorney General
All surveillance requirements are to be implemented according to
standards developed by industry groups. The government is specifically
precluded from forcing any particular technical standard, and all
requirements are qualified by notions of economic and technical
reasonableness.
4. Right to deploy untappable services
Unlike the original FBI proposal, this bill recognizes that there may
be services which are untappable, even with Herculean effort to
accommodate surveillance needs. In provisions that still require some
strengthening, the bill allows untappable services to be deployed if
redesign is not economically or technically feasible.
Background Information
----------------------
* The Bill:
ftp.eff.org, /pub/EFF/Policy/Digital_Telephony/digtel94.bill
gopher.eff.org, 1/EFF/Policy/Digital_Telephony, digtel94.bill
http.eff.org/pub/EFF/Policy/Digital_Telephony/digtel94.bill
All other files available from
ftp.eff.org, /pub/EFF/Policy/Digital_Telephony/Old/
gopher.eff.org, 1/EFF/Policy/Digital_Telephony/Old
http.eff.org/pub/EFF/Policy/Digital_Telephony/Old/
* EFF Analysis of Bill as Introduced: digtel94_analysis.eff
* EFF Statement on Earlier 1994 Draft of Bill: digtel94_old_statement.eff
* EFF Analysis of Earlier 1994 Draft: digtel94_draft_analysis.eff
* EFF Statement on Announcement of 1994 Draft: digtel94.announce
* EFF Statement on Announcement of 1993 Draft: digtel93.announce
* Late 1993/Early 1994 Draft: digtel94_bill.draft
* EFF Statement on 1992 Draft: digtel92_analysis.eff
* EFF Statement on 1992 Draft: digtel92_opposition.announce
* Late 1992 Draft: digtel92_bill.draft
* Original 1992 Draft: digtel92_old_bill.draft
For more information Contact
----------------------------
Jerry Berman Policy Director <jberman@eff.org>
Jonah Seiger Project Coordinator <jseiger@eff.org>
+1 202 347 5400 (voice)
+1 202 393 5509 (fax)
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 26 Sep 1994 12:45:51 -0500 (CDT)
Subject: Info on CPD, Contributions, Subscriptions, FTP, etc.
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions generally are acknowledged within 24 hours of
submission. An article is printed if it is relevant to the charter of
the digest. If selected, it is printed within two or three days. The
moderator reserves the right to delete extraneous quoted material. He
may change the subject line of an article in order to make it easier
for the reader to follow a discussion. He will not, however, alter or
edit or append to the text except for purely technical reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V5 #050
******************************
.