Date: Sat, 01 Apr 95 09:54:31 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V6#033
Computer Privacy Digest Sat, 01 Apr 95 Volume 6 : Issue: 033
Today's Topics: Moderator: Leonard P. Levine
Re: Proving your Citizenship
Re: Big Modem is Watching
Re: Is Reading E-Mail Legal?
Re: Abolishing the IRS
Re: Abolishing the IRS
Relationship of Exon/Gorton to Privacy
Censorship & Kiddie Porn
Bank Withdrawal Information
Re: Can My Neighbor Peruse my Medical Records?
Sears, Visa & Privacy
Journalist's Query on Workplace Surveillance
Info on CPD [unchanged since 12/29/94]
----------------------------------------------------------------------
From: pnk@dlep1.itg.ti.com (Pete Karculias)
Date: 30 Mar 1995 23:31:09 GMT
Subject: Re: Proving your Citizenship
Organization: Texas Instruments
msmithn@129.174.1.13 says... I was born in Puerto Rico, a U.S.
commonwealth whose citizens are U.S citizens, to U.S. citizen
parents who were in the U.S. military assigned at a U.S. military
base in Puerto Rico. That wasn't good enough to prove my
citizenship at a SSN office.
Of course people born abroad who have at least one US citizen parent
are US citizens. But you have to _prove_ the facts. The easiest way
is to file a report of a birth abroad with the nearest US consulate.
This provides the necessary documentation to satisfy the buearucrats.
My son was born in the Philippines while I was stationed there. He
used the US passport he was issued as an infant for routine stuff until
he wanted to join the Peace Corps. They required original
documentation. The consular report was filed away somewhere, but they
found it promptly.
Lesson: If you have a child born abroad, be sure to report it to the US
Consular office. The birth certificate is not sufficient to prove
citizenship.
--
_____________________________________
Pete Karculias pnk@dlep1.itg.ti.com
------------------------------
From: Shawn Leard <71370.2551@compuserve.com>
Date: 30 Mar 95 17:47:00 EST
Subject: Re: Big Modem is Watching
does anybody know of software for DOS or Windows that would limit
access to sub directories (via prior configuration), and notify the
user if restrictions are violated by the currently running
program(s), like some of the anti-virus software does? Note that
read and write violations need to be reported, and that we are not
trying to guard against (extremely) malicious software like
viruses.
There is a security program I use called WatchDog by Fisher
International that will perform a lot of tasks like what you are
interested in while in the back ground and on the fly.
You could for example encrypt every directory with a different password
and whenever you want to access said directory you must log-in first.
So as if one of the on-line providers tried to read any private data
they would only be able to do this only if they log-in and knew the
password or you stayed logged into it when you went on-line. Also
WatchDog has an audit trail to record everything.
--
Shawn Leard
------------------------------
From: Jim Cooper <w2jc@ritz.mordor.com>
Date: 31 Mar 1995 02:37:38 -0500
Subject: Re: Is Reading E-Mail Legal?
Organization: Mordor International BBS
eck@panix.com (Mark Eckenwiler) wrote: ahoffman@li.net sez: Can
someone give me a definitive authoritative answer regarding the
exact status of if it is legal for system admins to read mail. Is
e-mail covered in any law such as the electronic communicatiosn
privacy act or the omni-bus crime bill? (I'm specifially referring
to Internet providers).
The current Communications "Decency" law which just passed the Senate
and was sponsored by Sen. Exon would REQUIRE service providers to
monitor EVERY email and article to guarantee that none of them violated
Big Bro's sense of "decency"...
--
Jim Cooper w2jc@ritz.mordor.com w2jc@dorsai.org
**********************
"The part that frightens the hell out of me is the goverment deciding
where technology goes."
- Senator Patrick Leahy, on the FBI's proposed Digital Telephony
surveillance legislation, in "Proposed wiretap law set off debate over
Justice role", Kevin Power, _Government_Computer_News, Apr. 10, 1994
*******************************************************************
------------------------------
From: Leonard A DiMenna <ldimenna@osf1.gmu.edu>
Date: 30 Mar 1995 21:48:22 -0500 (EST)
Subject: Re: Abolishing the IRS
With Reguards to letting the state goverments collect taxes for the
IRS, there are some state goverments that can't balance their own
budjets. How can you give them the responsiblity to collect money
that's not theirs? I believe that by giving the states more to do, its
one more thing that can go wrong. It ends up costing the state tax
payers more money.
------------------------------
From: horowitz@nosc.mil (Alan M. Horowitz)
Date: 31 Mar 1995 22:59:40 GMT
Subject: Re: Abolishing the IRS
Organization: NCCOSC RDT&E Division, San Diego, CA
There was a US Supreme Court decision which directly addressed this
point. The Sixteenth Amendment isn't the authorizing action for the US
federal income "tax", because it *isn't* a _tax_. It's an Excise.
Taxes are laid against things. That is to say, if you spend the money
and no longer have it, they can't tax you for it.
Excises are laid against actions. In this case, the action of receiving
the income. Even if you spend it, you still had gone through the
receipt of it.
That is what is being assessed.
This is settled law.
------------------------------
From: /DD.ID=OVMAIL1.WZR014/G=DANIEL/S=STICKA/@EDS.DIAMONDNET.sprint.com
Date: 31 Mar 1995 09:15:16 -0500
Subject: Relationship of Exon/Gorton to Privacy
A lot of time has been spent in this digest discussing the Exon/Gorton
ammendment and the Communications Decency Act. I agree that this is an
important issue of freedom of speech, censorship, etc., but what does
it have to do with privacy? The letter from the ACLU seemed a bit
outside the charter of this discussion group.
--
Dan Sticka OVMAIL1.WZR014@EDS.COM
------------------------------
From: cpsr-global@Sunnyside.COM
Date: 31 Mar 1995 02:02:30 -0800
Subject: Censorship & Kiddie Porn
Taken from CPSR-GLOBAL Digest 118
From: srm@c2.org (Richard Mateosian)
Date: 30 Mar 1995 11:53:08 -0600
Subject: Censorship & kiddie porn
Emotional harm? Suppose Johnny chances on a bit of photographic
kiddieporn. He may be startled, intrigued, amused or disgusted --
but I think it most unlikely (despite all contemporary hysteria and
myth) that he will suffer emotional harm.
As I understand the kiddie porn argument, the harm to children comes
from being used in the production of the stuff, not from viewing it.
The calls for censorship of the net are ostensibly aimed at attacking
the problem from the demand end, thereby removing the suppliers'
incentive to abuse more children.
I heard Phil Zimmermann accepting an award last night at the CFP. He
said that the kiddie porn issue had become the new red baiting. He
found it a measure of the success of the tactic that he had to begin
his advocacy of personal privacy and cryptography by saying "Of course,
I'm against child pornography." ...RM
------------------------------
From: ahipc1j.dpeer01@eds.com (Don Peer)
Date: 31 Mar 1995 15:23:45 GMT
Subject: Bank Withdrawal Information
Organization: Electronic Data Systems
A story in the St. Paul Pioneer Press (3/30/95) (I believe it was from
the AP) told of how banks sell the names of recent depositors to
investment companies. Main points:
- Legal in most states.
- Large deposits will trigger your name to be sold to investment houses.
- Approaching rollover of 401K will also trigger your name to be released.
The article suggests the best way to combat the problem is to write a
letter to your bank asking that info not be released.
Editorial: As usual, the default is wrong. Banks should not be selling
your personal info without express written permission from you.
------------------------------
From: donwil@BIX.com (Don Wilson)
Date: 31 Mar 1995 01:37:31
Subject: Re: Can My Neighbor Peruse my Medical Records?
Organization: Don Wilson
"conducted a survey of Fortune 500 companies and found that half of
them had used medical records to make hiring decisions, often
without informing the potential employee."
How does the company acquire the medical records if the potential
employee has not given permission for the release of the medical
records?
--
Don Wilson
------------------------------
From: Sarah Holland <70620.1425@compuserve.com>
Date: 31 Mar 95 20:12:05 EST
Subject: Sears, Visa & Privacy
I drove into the "big city" (Prince George, British Columbia, Canada)
yesterday to do some shopping. Along with a number of books and dog
treats, I also bought a shirt at Sears, which I paid for with my visa
card.
When I was snipping the tags off of it today, I noticed that it still
had its security tag on it -- a little thingie that warned that
improper removal would cause a permanent ink stain. I thought I'd stop
by the local Sears catalog outlet and see if they could remove it.
The clerk couldn't remove it, and after I mentioned that I really
didn't think much of driving 4 hours to have it removed (her first
suggestion), she called the store to see if they could make any
suggestions. They said they could send another one out, and I could
return this one at the catalog outlet. She asked to see my receipt, I
gave it to her, and she started reading off numbers on it to the person
she had on the phone. After giving several different numbers, she then
started on a number that sounded very familiar -- my Visa number! There
were several kids in the store filling out a credit card application,
and I decided I wouldn't say anything just then because it may not be
obvious that it was a credit card number -- at least until she got to
the end 4 numbers, 0795, and said "oh, 07 95 must be the expiry date."
Immediately after, she asked me for my name.
After the other customers left, I asked her if she'd realized that
she'd just read off my visa number, expiry date, and name, and she said
that yes, she did realize that -- giving me a puzzled look. I explained
further that this meant that anyone who remembered that could use my
credit card, and she said that that was unlikely, because the people
who had been in the store didn't look very intelligent, and remembering
all those numbers would be hard.
Somehow, I don't think that security measures of hoping everyone in the
store seems unintelligent are *really* that effective...
--
Sarah Holland
------------------------------
From: NEWI32D@prodigy.com (Mark Frankel)
Date: 01 Apr 1995 05:43:17 GMT
Subject: Journalist's Query on Workplace Surveillance
Organization: Prodigy Services Company 1-800-PRODIGY
I am researching a magazine article for an American mass-market
publication about the rising number of U.S. companies that are finding
reasons and ways to electronically monitor their employees while on the
job. If you have personal knowledge or experience of being on the
receiving end of on-the-job surveillance--whether video, audio or
computer-based-- by your employer AND the incident occured in the New
York metropolitan area, please e-mail me directly. Please include a
brief summary of what happened to you. If it sounds appropriate, I'll
message you back with a request for more info.
--
Mark F.
Newi32D@prodigy.com
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 29 Dec 1994 10:50:22 -0600 (CST)
Subject: Info on CPD [unchanged since 12/29/94]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the SUBJECT: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit or append to the text except for purely technical
reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V6 #033
******************************
.