Date: Thu, 16 Feb 95 07:20:06 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V6#018
Computer Privacy Digest Thu, 16 Feb 95 Volume 6 : Issue: 018
Today's Topics: Moderator: Leonard P. Levine
Innacurate Personal Information
Re: Phone Users Slam Dunked
Re: Requests for Home Phone Numbers
Equifax Promises to Improve Privacy Protection
Looking for Phones to Auto-block Caller-ID
DigiCash Press Release
Unemployment Fraud in Germany
Re: Tracking of News and WWW Routes
Overview of legislation
Re: Radio Shack and Privacy
Re: Radio Shack and Privacy
Re: Radio Shack and Privacy
Re: Radio Shack and Privacy
Re: Radio Shack and Privacy
"Cyber-bate" at Washington University
Transcript of NYC Clipper Debate
Re: Post Office Partially Limits Address Access
Re: How Can I Change This?
Re: How Can I Change This?
Mailing Lists & Personal Information
Letter to Jesse Helms in Re UN Sponsored Gun Control
Info on CPD [unchanged since 12/29/94]
----------------------------------------------------------------------
From: Kajae@aol.com
Date: 11 Feb 1995 12:42:53 -0500
Subject: Innacurate Personal Information
rcs@cs.arizona.edu (Richard Schroeppel) writes: A couple of people
have suggested that, whenever a credit bureau mails out a report,
they should cc the reportee; the requester pays for the extra
copy. This seems fair, and it may be a good idea. There are two
downsides to be aware of. I don't know how they balance
out...[snip] The IRS has announced a goal of collecting enough
information about us to form a personal profile...[snip] It's one
thing to be in the Who's Who when you want to, but quite another to
be required to report the information and swear to it.
I agree. Perhaps an alternative in addition to this would be an idea
that a previous poster had that we make credit bureaus compete for our
reports, and penalize them for innacuracies by threatening to take our
report elsewhere.
This of course would be predicated on the fact that 1) we as
individuals would have to be legally enpowered to have ultimate
posession of that information and 2) there would have to be an optimum
number of credit bureaus (between 1 and 4?) to provide enough
competition between bureaus so that they would be forced to provide
customers with good service, while not so many as to encite confusion
or provide increased opportunity for fraud. We'll need our beloved
Congress to pass the appropriate legislation for that. Now, any ideas
about how to convert credit reporting into more of an individual
consume r-oriented market? That would seem to be the next logical
step, and if we can solve those two problems, we can move on to
eliminating the deficit...
:-)
Accuracy of the report would ultimately have to fall on us. It
shouldn't be too hard to keep credit info straight, since banks and
credit card companies already send us monthly statements, and we can
always hold on to our reciepts for large cash purchases. I imagine it
could be at the individuals discretion as to how closely they want XYZ
credit bureau to track their spending habits, but if at the beginning
or end of each month when we sit down to balance our checkbooks and
reconcile the credit cards, ATM cards, savings accounts & such, we
fixed billing snafus then had XYZ credit bureau verify it with us and
our respective financial agencies so that all parties are in agreement
as to what's what where, accuracy shouldn't be the hassle it is today.
As far as the IRS is concerned (and for some reason I always grit my
teeth when I cut the government some slack) the estimate for tax fraud
is, IMHO, rather outrageous, and I personally detest the notion of
someone getting away with all of their income and then some while all
my beloved government agencies can manage to extract their aggregate
30% or better from my paycheck without fail. Perhaps if my above
suggestion was a reality, the IRS could take our W2's, cross reference
them against our YTD credit report (which would also include property
holdings and such) and greatly simplify our end of the annual tax
reporting ritual while providing them with their profile - true,
accurate, and in the posession of the most interested party: us.
Hmph. Why does that sound entirely too simple to work?
------------------------------
From: tomkaiser@aol.com (Tomkaiser)
Date: 12 Feb 1995 12:43:44 -0500
Subject: Re: Phone Users Slam Dunked
Organization: America Online, Inc. (1-800-827-6364)
Its that kind of activity that validates this group, however
deregulation and divestiture caused this to happen intentionally and
accidently many times, hurting the carriers involved and their
customers. A small private detective would have to either become a
reseller or front some substantial capital to deal with the rboc's who
would do the local connection (until that becomes a free for all, it
has started here in NY already). Lets hope nobody tries it!
--
Tom Kaiser (Tomkaiser@aol.com)
------------------------------
From: mjh9@lehigh.edu
Date: 12 Feb 1995 20:49:42 -0500
Subject: Re: Requests for Home Phone Numbers
There is also a nuance of difference between alias and false name.
An alias is a name that you choose to use for a particular purpose,
as opposed to a false name made to disassociate yourself from
something. The legal right of canadians to use any alias they
choose in most financial transactions has been widely publicized
over the decades. My first recollection of reading this was as a
teenager in the 60s.
Paul Robinson <paul@tdr.com> writes This is also a right that
exists "south of the border" in the U.S. [snip] Generally, if a
person decides that they want to change their name, all they have
to do is to inform people of their new name; they can, if they
wish, file a court petition to do so, which is almost always
routinely granted, but that is typically done only because they
want it to be a matter of public record, or if the person having
their name changed is a minor, in which case it is required.
I have a question about using an alias in the U.S. I work in our
campus post office (which handles both campus and U.S. Mail), and often
put mail in the mail in student's boxes. One thing that my supervisor
has told me on several occasions, it that I must make sure that the
name on the mail matches the the name on the box that it is addressed
to. In one sense this makes sense, students come and go, so boxes
change from one person to another each semester. However, this makes it
almost impossible to receive mail under an alaids that the post office
is not aware of. Is this policy used anywhere else, and is it even
legal? Any input is appreciated.
But I suppose something you might consider possibly fraudulent
would be the case where someone intentionally uses the last name of
someone they know in place of their own.
Of course, some people do use alaises frodulently, and we try to
protect against that at the post office. It seems that it is rather
common for people to try to cheat the Music Destributor companies (BMG,
Columbia House...) by using alaises. I guess that the post office
would then become involved as the fraud is occuring through the mail.
--
Mario Hendricks
mjh9@lehigh.edu
------------------------------
From: "Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com>
Date: 13 Feb 95 07:44:59 EST
Subject: Equifax Promises to Improve Privacy Protection
From the Associated Press news wire via CompuServe's Executive News
Service: APn 02/09 0411 BRF--Credit Reports WASHINGTON (AP) --
Equifax Credit Information Services Inc., one of the nation's
largest consumer credit reporting agencies, has agreed to settle
Federal Trade Commission charges over the accuracy and privacy of
its reports. The FTC had alleged that Equifax violated the Fair
Credit Reporting Act by failing to ensure "the maximum possible
accuracy" of the consumer information it compiles and sells to
employers and creditors nationwide.
The story continues with the following key points:
* When subjects disagreed with their credit records, Equifax was accused
of not checking into the facts of their cases.
* Equifax was also accused of failing to apply adequate controls over
release of subject information.
* Equifax has promised to improve its procedures:
A proposed settlement the FTC announced Wednesday would
require Equifax to take steps to ensure the accuracy of its
information, improve procedures for handling disputes and
follow the reporting act's privacy provisions.
* The public have 60 days to submit comments to the FTC.
--
M.E.Kabay,Ph.D., Director of Education, Natl Computer Security Assn
(Carlisle, PA); Mgmt Consultant, LGS Group Inc. (Montreal, QC)
------------------------------
From: jeffn@meaddata.com (Jeff Nye)
Date: 13 Feb 1995 17:05:18 GMT
Subject: Looking for Phones to Auto-block Caller-ID
Organization: Mead Data Central, Dayton OH
My phone line has caller ID and I would prefer not to pay a monthly fee
to have it blocked. I'd like to block caller ID by default on all
outgoing calls, which in my area, means dialing "*67" before each
outgoing call.
My computer's telecommunications software allows a "dial-prefix" to be
prepended to all outgoing calls. Does anyone know of any telephones
which do this?
--
Jeff Nye <jeffn@meaddata.com>
------------------------------
From: DigiCash Info <info@digicash.com>
Date: 14 Feb 1995 19:20:14 +0100
Subject: DigiCash Press Release
*********************
FOR IMMEDIATE RELEASE
*********************
Tuesday, February 14, 1995
London, England
copyright (c) 1995 by DigiCash bv
****************************************
DIGICASH ANNOUNCES COST BREAKTHROUGH IN
SECURE CHIP TECHNOLOGY FOR SMART CARDS
DigiCash also works together with MasterCard
on EMV compliant technical testbed
****************************************
DigiCash bv, Amsterdam, has developed new technology allowing low-cost
chips to meet the security and integrity requirements for widespread
use of smart cards. "It's generally agreed that off-line transactions
like credit card and stored value need public-key cryptography for
security; but since public-key chips are inherently more complex and
significantly more costly, most systems have been built with less
secure cryptography and may need to be redone. Now we have provided a
way to use public key on the least expensive and most proven chips
available" said David Chaum, Managing Director of DigiCash, who
revealed and demonstrated the technology for the first time at Smart
Card '95 (14-16 February, 1995) in London, England. A chip, with
public-key based stored value, costs under $1 U.S. It can accept
multiple additional applications, at any time during the card's life,
including loyalty schemes, coupons, tokens, tickets, and memberships.
In addition DigiCash has worked together with MasterCard International,
N.Y.C., to develop a technical testbed integrating DigiCash's
underlying technology into a card conforming to the joint Europay,
MasterCard, Visa (EMV) Specification. MasterCard has been working to
ensure that the EMV specification can be implemented in an unambiguous
and cost effective way based on multifunctional applications, in
particular the association's stored value application.
The new technology, still going by its code name "Blue" obtains its
economy through a minimal requirement for silicon. It is currently
implemented as firmware for the micro-controller chips produced in
greatest volume: Motorola SC-24 and SGS-Thompson ST301/601, with masks
for other silicon suppliers under discussion. Blue requires only 1k
bytes (the smallest configuration available) of EEPROM memory, which is
a main factor in the cost of chips for smart cards.
Blue also provides significant advantages in addition to public key
cryptography. Most chips, for instance, can irrevocably scramble the
valuable data they store when power is interrupted unexpectedly, such
as could be caused by power failure or by a user removing the card too
early. Blue solves this problem fully and protects all the chip's data.
Other cards reveal the card identity and data content to any reader or
anyone tapping communications. Blue, however, encrypts everything
communicated while revealing only necessary information and only to
readers with corresponding keys.
The development draws on DigiCash's 5 years of leadership in payment
and chip card mask technology, and improves on the firm's innovative
technology for public-key payment of highway-speed road tolls (see
summary of existing products below). It is expected to be released in a
form compatible with ecash, DigiCash's software- only solution to
Internet payments. This would give any ecash user the option -- since
only a pc connected to the Internet is required to use ecash -- of
being able to obtain and carry their ecash on a smart card.
DigiCash will be supplying the technology through licensing
arrangements, some of which are already in advanced stages of
negotiation. Licensees can have chips produced directly by silicon
suppliers and then make cards themselves, or have cards made by any of
the numerous companies that put chips in cards. Inexpensive
starter-kits and development packages will be supplied by DigiCash.
For more information please contact:
Paul Dinnissen
DigiCash bv
Kruislaan 419
1098 VA Amsterdam
The Netherlands
Tel: +31 20 665 2611
Fax: +31 20 668 5486
info@digicash.nl
http://www.digicash.com/
***************************************
BACKGROUND ON RELATED PRODUCTS/PROJECTS
***************************************
CAFE: smart card and card-accepting electronic wallet
project--Consortium founded and chaired by David Chaum of DigiCash;
simulation, mask and first readers developed by DigiCash; trial this
Spring at the EC headquarters building; technology trial in
participation with related open special interest group, and partially
funded by the EC.
DyniCash: highway-speed road-toll collection system using smart
cards--Chip card inserts into battery-powered dashboard unit; reflected
backscatter microwave technology by industry leader Amtech; prepaid
mode has user privacy; open and/or closed pricing schemes; tested
extensively in Japan; non- exclusive licensing of the payment
technology.
Ecash: software only electronic cash system for internet/email--Users
download software that can make and receive payments; protects users'
money like travellers checks and privacy like coins; world-wide
experiment with three thousand users; Macintosh, MS-Windows and
X-Windows; any WWW browser; user software free with issuer licensing.
Facility Card: complete facility management smart-card/reader
system--Cash replacement, access control, and time/attendance system;
now in schools, hospitals, industry, offices, recreation; card store
"tokens" allowing complex time, budget, and discount rules; interfaces
to vending, point-of- sale, access control, copiers, phones, gaming;
downloadable & upgradeable readers work on-line and/or off-line; sold
through VAR's.
(Amtech, DigiCash, DyniCash, ecash (lower case "e"),
Facility card, MasterCard, Motorola, and Thompson are
trademarks.)
------------------------------
From: "Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com>
Date: 15 Feb 95 07:27:21 EST
Subject: Unemployment Fraud in Germany
From the Reuters news wire via CompuServe's Executive News Service:
RTw 02/12 0733 Germany works with neighbours to cut jobless fraud
BONN, Feb 12 (Reuter) - Germany wants to swap information with its
neighbours to crack down on people who improperly draw unemployment
benefits while really working abroad, German Labour Minister
Norbert Bluem was quoted as saying on Sunday.
"I am negotiating to start a data network with our neighbouring
countries," Bluem told the Bild am Sonntag newspaper.
Key points:
* Roughly 10-15% of the people working outside Germany register as
unemployed.
* There may be a "mutual reporting system by the end of the year."
--
M.E.Kabay,Ph.D., Director of Education, Natl Computer Security Assn
(Carlisle, PA); Mgmt Consultant, LGS Group Inc. (Montreal, QC)
------------------------------
From: oct1@ukc.ac.uk
Date: 15 Feb 95 18:29:54 GMT
Subject: Re: Tracking of News and WWW Routes
Organization: University of Kent at Canterbury, UK.
alamar@ctp.org (Nathaniel Irons) writes: Specifically with the WWW,
most current browsers transmit a variable called HTTP_From that
contains your email address and name. It's the same information
that gets plunked into the relevant fields when you click on a
Mailto URL. If you don't want to be logged, don't fill out that
info. Then all they'll get is an IP address, which may be bad
enough
Try pointing your Web browser to:
http://www.uiuc.edu/~ejk/WWW-privacy.html
and then to:
http://www.uiuc.edu/cgi-bin/info
to find out what info about *you* is being sent.
--
OT
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 11 Feb 1995 08:05:41 -0600 (CST)
Subject: Overview of legislation
Organization: University of Wisconsin-Milwaukee
Subject: EPIC Alert 2.02
Volume 2.02 February 6, 1995
Published by the
Electronic Privacy Information Center (EPIC)
Washington, DC
info@epic.org
[7] Overview of New Congressional Privacy Legislation
EPIC has produced an overview of current privacy legislation in the
104th Congress. Bills that improve privacy protections or negatively
affect privacy are summarized. The summary will be updated regularly
as new legislation is introduced or pending bills are revised. A
summary will appear in the next issue of the EPIC Alert.
Copies of the new bills are available for retrieval from the EPIC
Archive at cpsr.org. Also included are floor statements on the
legislation when available and updates on the status of the bills.
To obtain the overview and copies of the house and Senate bills,
ftp/gopher/wais to cpsr.org /cpsr/privacy/epic/104th_congress_bills/
The EPIC Alert is a free biweekly publication of the Electronic
Privacy Information Center. To subscribe, send the message:
SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname
to listserv@cpsr.org. You may also receive the Alert by reading the
USENET newsgroup comp.org.cpsr.announce.
------------------------------
From: carols@world.std.com (Carol Springs)
Date: 12 Feb 1995 18:37:58 GMT
Subject: Re: Radio Shack and Privacy
Organization: The World Public Access UNIX, Brookline, MA
M. Schwartz <quartz@ix.netcom.com> wrote: I haven't had problems
with a Radio Shack in years. I always pay cash and when they ask
for my personal information, instead of saying "you can't have it",
I say: "I don't want to be on your mailing list. There's no
logical response to that so they just shut-up.
No logical response, true. But when I used that one on a Radio Shack
clerk who was selling me a phone, he then said that my giving him the
info would "activate the warranty" on the purchase. I wonder how many
times that particular piece of bogosity has worked for him. (It didn't
on me.)
Someone later supplied me with an appropriate response to the line
about the warranty. I should have looked the guy straight in the eye,
new telephone in hand, and said, "I don't have a phone."
--
Carol Springs carols@world.std.com
------------------------------
From: m.sargent@genie.geis.com
Date: 12 Feb 95 19:53:00 UTC
Subject: Re: Radio Shack and Privacy
RE: Radio Shack and Privacy
Apparently, Tandy Corp., parent organization of Radio Shack, decided to
take a different approach in gathering customer information when they
launched their chain of The Incredible Universe stores.
For those not familiar with The Incredible Universe, they bill
themselves as the world's largest electronics/appliance store. The
stores *are* huge, and are they are decidedly different from such
"warehouse" outlets as Sam's. TIU is flashy neon and chrome. A greeter
welcomes you into the store with the phrase "Welcome to the show!"
There is a stage in the center of the main room, and local groups
perform there on many weekends. It's as much an entertainment
experience as a shopping experience.
However, NOBODY gets past the front desk and into the showroom without
an identification card. The card is free (unlike Sam's), but you must
fill out a form to get one. The card is bar-coded, and before you're
let into the showroom, your card must be scanned by the greeter using a
hand- held bar-code reader. That's right, you can't even go browsing
without that fact being registered.
Besides the main showroom there are many smaller rooms - ones for small
electronics, new hi-tech products, video games, computer software,
etc. Each purchase of a product must be made within that room. You
must present your ID card and have it re-scanned for each purchase,
even if you're paying cash. Your purchase is then placed into a plastic
bag which is heat-sealed, and the ticket is stapled to the front of the
bag. When you leave, each bag is checked (for tampering, I assume) and
each ticket is marked. If, for example, you bought some blank video
tapes, the latest version of Doom, a caller ID box, and a toaster, your
ID card would have been scanned five separate times.
The upshot of all this is that Tandy has found a way to gather customer
information, without appearing to ask for it. They are also able to
examine a customer's buying habits. Are you someone who browses often
but rarely makes a purchase? Do you spend a lot of time looking
around? (They know exactly when you entered the store, and the time of
each purchase.) Do you only go there when you've already decided on a
purchase?
Obviously, no one shops at The Incredible Universe against their will.
But how many of the people who do shop there even realize what data
they may unwitting be providing.
--
Matt Sargent [ m.sargent@genie.geis.com ]
------------------------------
From: jonsg@diss.hyphen.com (Jon Green)
Date: 13 Feb 1995 09:54:59 +0000 (GMT)
Subject: Re: Radio Shack and Privacy
AriadneM@scruznet.com (A. Marina Fournier) writes: I want the right
to know what mailing-list firms have my info and to be asked *each
and every time in advance* before it can be distributed. I want
the right to review and restrict such information and its
distribution.
In the UK, you don't have a right to know who knows you, but we have a
half-way house: the professional organisation for mail-order companies
(I forget its name, unfortunately) has an arrangement whereby you can
write in and request that your name not be "featured" in their members'
mailing lists, and removed from those in which it languishes already.
They have just begun to offer the same service for telemarketing
databases.
For the record, I don't want the ability to edit each and every
mail-order DB and its personal details as they apply to me: life's too
short to spend my time fire-fighting against misinformation and
misapprehension. I'd rather just not receive the stuff in the first
place. That's not to say it's a bad thing to have the facility,
though. I certainly _do_ want that ability as it applies to credit
reference agencies!
I want the post office to have a box to check that says your COA
will not be released to any firms for advertising. Thanks for
asking.
I've just done the same thing here. The Royal Mail postal redirection
form (apart from charging you gbp30 for each surname on it) does indeed
have such a box. In addition, they _do_ mail your previous address to
ensure that you're not redirecting fraudulently, and there's a check
box on the form which allows you to withhold your new address from
being included on that security check. I was impressed - seems like
they got it right.
--
jonsg@hyphen.com
jon@sundome.demon.co.uk
PGP key available on request --- Opinions here are mine, not Hyphen's
------------------------------
From: "Vinod Narayanan" <vinod@watson.ibm.com>
Date: 13 Feb 95 09:03:00 -0500
Subject: Re: Radio Shack and Privacy
I picked up a thermometer from radio shack on saturday. They did not
ask me for a phone number, even though I payed using a credit card.
However, I noticed that the receipt had a valid looking phone number
and a name. I have to cross-check the phone book to see if the name is
indeed valid.
If they went from asking for your number to arbitrarily using a name
and number in their database, it does not look like they are getting
the right message!
--vinod
vinod@watson.ibm.com
"Keep it simple: as simple as possible, but no simpler" -- A. Einstein
------------------------------
From: privacy@interramp.com
Date: 12 Feb 95 14:47:41 PDT
Subject: Re: Radio Shack and Privacy
Organization: PSI Public Usenet Link
<resch@cpcug.org> writes: This thread, however, is about
*returning* merchandise for refunds. Discussions about looking for
loopholes, not to mention lying in the marketplace, hardly seem
worth the bandwidth. Surely a civilized society with democratic
and free institutions can devise better solutions against threats
to privacy than loopholes and lying. Otherwise this is all just a
waste of time.
Mr. Resch is correct. Loopholes and lying are cop-outs and are
sub-optimal solutions. The principal reason why I am involved in the
privacy field (and participate in these conferences) is to encourage
intelligent and honest solutions that will enhance one's privacy.
Certainly, there is an anarchic/iconoclastic attitude out there that
tries to justify lying and manipulation. I am not trying to change
individuals who share that philosophy. I am trying to educate those who
wish to make real social change, for the betterment of all privacy
seekers.
--
John Featherman
Editor
Privacy Newsletter
PO Box 8206
Philadelphia PA 19101-8206
Phone: 215-533-7373
E-mail: privacy@interramp.com
------------------------------
From: "Danyel A. Fisher" <daf1@cec.wustl.edu>
Date: 10 Feb 1995 22:14:53 -0600 (CST)
Subject: "Cyber-bate" at Washington University
Washington University, in St. Louis MO, recently played host to Stewart
Baker (general counsel, NSA 1992-1994) and J.P. Barlow (co-founder,
EFF) during an hour-long debate about the future of privacy,
cyberspace, and the Clipper Chip.
We will shortly have available interviews with both participants
(discussing their background and other interests) as well as a
transcript of the debate. We have signed approval to allow
distribution through electronic media, and wanted to know whether
comp.society.privacy would find this interesting or valuable, when it
becomes available.
--
Sometimes, you meet a person.| Danyel Fisher |To a pessimist, the world
I am one of those people. | daf1@cec.wustl.edu |is full of happy surprises
------------------------------
From: dilute@panix.com (Ronald Abramson)
Date: 12 Feb 1995 10:57:50 -0500
Subject: Transcript of NYC Clipper Debate
Organization: PANIX Public Access Internet and Unix, NYC
Late last week we posted the transcript of the Clipper Chip debate that
was held in New York on Jan. 19.
It is posted in talk.politics.crypto
The panelists were Stewart Baker (formerly of the NSA), Michael Nelson
(White House), James Kallstrom (FBI), Daniel Weitzner (Center for
Democracy and Technology) and WIlliam Whitehurst (Director of Security,
IBM).
For people interested in the Clipper Chip, this transcript should prove
interesting.
--
Ron Abramson
Chair, Committee on Computer Law
Association of the Bar of the City of New York
------------------------------
From: fd@wwa.com (Glen L. Roberts)
Date: 12 Feb 1995 19:16:18 GMT
Subject: Re: Post Office Partially Limits Address Access
Organization: WorldWide Access - Chicago Area Internet Services 312-282-8605 708-367-1871
Taken from EPIC Alert 2.02 Volume 2.02 February 6, 1995 Published
by the Electronic Privacy Information Center (EPIC) Washington, DC
info@epic.org The U.S. Postal Service announced on December 28 its
final rule on access to names and addresses. The agency announced
it was eliminating the service that allows anyone to obtain the new
address of any individual for a $3.00 fee. The Postal Service,
however, left intact its service that provides the addresses of all
postal customers to large mailers such as direct marketers.
All MAILERS THAT is. Mark your letter "ADDRESS CORRECTION REQUESTED"
and they will provide the information to you.
The notice states "Congress has not given the Postal Service the
function of serving as a national registration point for the
physical whereabouts of individuals."
HR 434, The Postal Privacy Act of 1995, (introduced by Rep. Gary
Condit) requires that the Postal Service inform individuals of the
uses of information contained in Change of Address cards and
mandates that customers be offered an option to not have their
names and addresses forwarded.
--
Glen L. Roberts, Editor, Full Disclosure
Host Full Disclosure Live (WWCR 5,065 khz - Sundays 7pm central)
email postal address to fd@wwa.com for catalog on privacy & surveillance.
Does 10555-1-708-356-9646 give you an "ANI" readback? With name?
<a href="http://ripco.com:8080/~glr/glr.html"> </a>
------------------------------
From: mcinnis@austin.ibm.com (Mickey McInnis)
Date: 13 Feb 1995 17:40:47 GMT
Subject: Re: How Can I Change This?
lauras@holly.ColoState.EDU (Laura Sizemore) writes: Is there anyone
out there who knows how to change your name on the system when
someone types, "finger (your login name)"
There might be a way to do this without going to the sysadmin, but try
asking the system administrator to change the name entry for your id.
This is usually stored in the /etc/passwd file.
This should fix all the ways to find your name via standard unix
commands. i.e. Even if you fix "finger", your name still appears on
your newsgroup posts. Depending on how your system is set up, there
might be other ways to get your name entry from /etc/passwd.
If they are reluctant to remove your name entirely, you could try
changing the first name to initials, or "Laurance" or some such. You
could also ask them to change it to "account 3249" or some such.
If they are still unwilling to remove or disguise your name, try
working your way through the bureaucracy, or even getting one of the
local or college newsrags or TV stations interested in this "scandal".
i.e. "Local School Refuses to Protect Identity of Female Students,
etc." Try the local bureaucrats first, you might find a sympathetic
ear. If necessary point out the danger of stalkers, etc. and the
potential for liability or embarassment to the University if something
happens.
--
Mickey McInnis - mcinnis@austin.ibm.com
------------------------------
From: "chris (c.) carpinello" <ccarp@bnr.ca>
Date: 15 Feb 1995 20:41:10 +0000
Subject: Re: How Can I Change This?
Organization: Bell Northern Research, Inc.
lauras@holly.ColoState.EDU (Laura Sizemore) writes: Is there anyone
out there who knows how to change your name on the system when
someone types, "finger (your login name)" I know I can't do
anything about the login name itself, unless I go directly to the
Uni's administration, but I would like to keep my full "in Real
Life" name that is revealed under the finger command private. I'm
becoming a bit weary of guys trying to pick me up on line ...
Try using "chfn" (change finger name). If your system is running NIS
(yellow pages) then use "ypchfn".
--
Chris
------------------------------
From: Sarah Holland <70620.1425@compuserve.com>
Date: 13 Feb 95 23:58:34 EST
Subject: Mailing Lists & Personal Information
Recently, I've been subscribing to more mailing lists. I have noticed
with some lists, a number of other Compuserve addresses appear if I
click on the address button in WinCim.
While, of course, the Internet is not based on privacy, this still
gives me access to everyone (theoretically) on Compuserve who
subscribes to particular mailing lists. I can, with 5 mouse clicks,
select all Compuserve HotWired subscribers and make them a group, and
then send email to all of them.
Actually, I'm not sure it gives me *all* Compuserve subscribers -- the
Top Ten list only has 4 other subscribers, while 2020world Digest has
27.
I think the issue is that when one subscribes to a mailing list, one
doesn't expect that one's email address will be sent out to other
people without having first posted! It's not a big problem, of
course...
--
Sarah Holland
Fort St. James, BC
70620.1425@compuserve.com
------------------------------
From: Shawn Leard <71370.2551@compuserve.com>
Date: 12 Feb 95 20:02:14 EST
Subject: Letter to Jesse Helms in Re UN Sponsored Gun Control
The following is a copy of a letter I believe you will find this of
great interest!!
Sincerely,
Shawn Leard
From alerts@gatekeeper.nra.org
Date: 19 Jan 1995 02:32:24 -0500
From: NRA Alerts <alerts@gatekeeper.nra.org>
To: Multiple recipients of list <rkba-alert@gatekeeper.nra.org>
Subject: INFO: Letter to Jesse Helms in Re UN Sponsored Gun Control
January 11, 1995
The Honorable Jesse A. Helms
Chairman
Committee on Foreign Relations
Dirksen Senate Office Building
Room 450
United States Senate
Washington, D.C. 20510
RE: Report of the Disarmament Commission, General Assembly,
49th Session of the United Nations.
Dear Senator Helms:
The National Rifle Association recently received a copy of
the report of the Disarmament Commission of the United Nations,
part of which concerns the regulation of conventional and small
arms on a worldwide basis. A copy is attached for your
information. For obvious reasons, we believe this report has
substantial implications for those who advocate gun control
measures in the United States, clearly contrary to the
protections afforded Americans under the Second Amendment of the
United States Constitution. As reported last May in the media,
the U.N. objectives were made clear:
So quietly that even the gun lobby hasn't noticed, the United
Nations is beginning to set its sights on global gun control.
The U.N. Disarmament Commission has adopted a working paper, a
basis for future debate, that proposes tighter controls on the
gun trade in the United States and other member nations as a way
of combating international arms trafficking.
The little-noted move represents the first U.N. effort to foster
regulation of the multibillion-dollar trade in small arms.
The working paper declares that governments individually "find
themselves impotent" to deal with global arms trafficking, and
proposes "harmonization" of gun-control standards around the
world to make trafficking easier to spot and prevent. For one
thing, it says, "the arms permitted for civilian use . .. should
be subject to controls at all points in the chain, from
production and-or acquisition up to the time they are sold to an
individual. From then on they should remain subject to monitoring
and control."
Any "harmonization" would inevitably mean tightening controls on
the loosely regulated U.S. gun business, and would be opposed by
the National Rifle Association and other U.S. pro-gun
organizations.
Andrew Molchan, director of the U.S. National Association of
Federally Licensed Firearms Dealers, said he was unaware of the
U.N. move, but doesn't like the sound of it. "It's politics as
usual," he said, "the Colombians blaming their internal problems
on American law. ... The domestic arms trade is irrelevant to
what's happening internationally."
Associated Press, May 24, 1994
We believe the United States is taking a very active role in
further follow-up work on the studies to be conducted on the
subject by the U.N. We would very much appreciate it if you and
your staff would make an immediate inquiry to the Administration,
particularly to the Department of State and our representatives
to the United Nations, to ascertain precisely what further
follow-up action is being undertaken by the United Nations on
this report, and the nature and degree to which the United States
is participating in such follow-up work.
If the United Nations is conducting studies or engaging in
research, then we would respectfully request that you undertake
whatever measures necessary to ensure that non-governmental
organizations (NGO's), such as sporting groups in the United
States (like the NRA), Australia and elsewhere are fully
consulted, and their views obtained by any United Nations
consultants, experts or staff who are gathering such information
on behalf of the Commission or the General Assembly.
If you agree with us that this is an important matter to
investigate, and if the Administration is unresponsive in
obtaining a fair and equitable inclusion of the views of the
shooting and sporting NGO's, then we would respectfully suggest
that this matter be fully pursued in terms of the Committee s
oversight process, as well as concurrently through the
appropriations oversight process, by denying the Executive Branch
any authorizing or appropriations authority to participate in the
U.N. activities related to the Commission s work on small arms
used by the civilian population in the United States.
We would be pleased to come up and explain our views on this
matter in greater detail, and we would welcome a call from your
staff .
Thank you again for your courtesy in examining this matter.
We look forward to hearing from you at your earliest possible
convenience on the action you would like to take on our request.
Cordially yours,
Tanya K. Metaksa
Executive Director
Institute for Legislative Action
National Rifle Association of America
--
This information is presented as a service to the Internet community
by the NRA/ILA. Many files are available via anonymous ftp from
ftp.nra.org, via WWW at http://www.nra.org, via gopher at gopher.nra.org,
and via WAIS at wais.nra.org
Be sure to subscribe to the NRA mailing lists. Send the word help
as the body of a message to listproc@NRA.org
Information can also be obtained by connecting to the NRA-ILA GUN-TALK
BBS at (703) 934-2121.
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 29 Dec 1994 10:50:22 -0600 (CST)
Subject: Info on CPD [unchanged since 12/29/94]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
Contributions generally are acknowledged within 24 hours
of submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the SUBJECT: line of an article in order to make it easier
for the reader to follow a discussion. He will not, however, alter or
edit or append to the text except for purely technical reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V6 #018
******************************
.