Date: Tue, 18 Apr 95 07:08:00 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V6#038
Computer Privacy Digest Tue, 18 Apr 95 Volume 6 : Issue: 038
Today's Topics: Moderator: Leonard P. Levine
Re: Neighbor Peruses My Medical Records
Re: Private Medical Records Available Online in Mass.
Re: Abolishing the IRS
The Memo Line
Re: New PGP Enhanced Messaging on h.gp.cs.cmu.edu
European Initiative
Attention Sysops!
Re: Who Reads This Group?
Re: Internet Porn Censorship
Info on CPD [unchanged since 12/29/94]
----------------------------------------------------------------------
From: bo774@freenet.carleton.ca (Kelly Bert Manning)
Date: 13 Apr 1995 04:58:49 GMT
Subject: Re: Neighbor Peruses My Medical Records
Organization: The National Capital FreeNet
In a previous posting, (Richard.Drumn@ncal.kaiperm.org) writes: As
a condition of working at a medical center, many organizations have
you sign a Confidentiality of Patient, Employee and Organizational
Info form (I have enclosed a version). As an employee of a medical
institution we are instructed that all interaction at the medical
center are confidential -so if by chance you run into a friend
while working at the medical center you are not to disclose to
others that you saw that friend at the hospital.
BC Privacy Commissioner David Flaherty says that we only has to read
the paper in the morning, or listen to the radio, to find out what
he'll be working on for the next few weeks. In BC, as in all other
Canadian provinces, health care is a public matter(there are no private
hospitals) and medical information is subject to provincial FOI/POP
laws.
This morning he would have learned about someone who bought a used
filing cabinet bearing a Province of BC Seal(with asset number for
inventory), only to discover that it contained hospital records for
women, describing among other things, whether they'd had abortions,
when, and how many.
This follows a recent story about a Vancouver Gynecologist who sold
filing cabinets he kept in the basement of his home in an upscale
neighbourhood, telling the purchaser to remove the files and leave them
stacked in his yard. They ended up blowing around the neighbourhood to
the point where people started calling reporters.
A few months before that someone called reporters after purchasing a
back of used 8" floppy disks at a flea market and discovering that they
contained the text of letters processed for a number of docters by a
medical transcription service.
There is also the story of the Bella Coola bonfire, in which the
director of the medical clinic in a small coastal village told a clinic
employee to destroy old clinic files. He took them to a beach, heaped
them into a pile, set it on ablaze, and left.
Beach fires are illegal, apart from being dangerous if left unattended,
so the local volunteer fire department was called to hose it down,
breaking up the boxes the files were in. After the tide went in and out
a few times residents walking along the beach discovered each other's
medical files along the high tide line. The director has lost her job,
to some degree because of this incident.
Commissioner Flaherty extracted a Privacy Code with the force of law
from the Government and the BC College of Pharmacists as his price for
giving assent to the proposed Pharmanet project, which would be a
mandatory prescription registry. At a recent public meeting he stated
that he feels that similar codes with the force of law should be set up
for other bodies of medical professional.
He has also repeated that despite his "acceptance" of the Pharmanet
proposal 25% of BC residents surveyed about it are fundamentaly opposed
to it and don't want to be part of the registry. It will be interesting
to see if Pharmanet really does go ahead in the last few months of the
term of an unpopular governing party(NDP) beset by controversy and
scandal. Perhaps the 25% figure will become of more interest to NDP
MLAs as the deadline for the next election approaches.
------------------------------
From: pes@reatta.camb.inmet.com (Paul Slonaker)
Date: 13 Apr 1995 18:51:04 GMT
Subject: Re: Private Medical Records Available Online in Mass.
Organization: Intermetrics, Inc.
pmcvay@interramp.com wrote: Mental Health professionals at Harvard
Community Health Plan routinely put detailed psyciatric notes into
patients' computerized medical records, making supposedly
confidential information available to hundreds of physicians and
staff members who work for the health maintenance organization.
Cloy D. Tobola <ctobola@rrnet.com> wrote: I'm sorry... I don't
understand. Do you think that docs take their records home and hide
them under the bed??? Nurses, transcriptionists, records clerks,
lab techs, visiting nurses, pharmacists, peer review committees,
physican therapists, hospital social workers, etc., etc., have
ALWAYS had fairly unlimited access to records. The article uses
the word "supposedly confidential," but is seems to me that the
information is still confidential because it has not left the
organization.
I think that the key words are "detailed psychiatric notes", which in
at least some cases meant a detailed accounting of what was said by the
patient to a mental health practitioner. I think that it is reasonable
to have a higher expectation of confidentiality for such conversations
than for other medical information. If I were a patient in such a
situation, and I knew that what I said might be accessed by others, I
would be very careful of what I said -- which would counterproductive,
to say the least.
One specific case of misuse of these records that was cited in the
article: a woman felt that her medical concerns were not being taken
seriously by her doctor; on pressing the point with him, it came out
that he had reviewed her mental health records and had decided that she
was a hypochondriac!
--
Paul Slonaker
------------------------------
From: "Henry C. Jones" <hcj@galen.med.virginia.edu>
Date: 13 Apr 1995 00:30:37 GMT
Subject: Re: Abolishing the IRS
Organization: uva
You boys might want to look at alt.politics.libertarian, we are also in
favor of abolishing the IRS in the name of persomal freedom.
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 13 Apr 1995 11:13:35 -0500 (CDT)
Subject: The Memo Line
Organization: University of Wisconsin-Milwaukee
An associate who wishes to remain anonymous sent me this quote
researched from a five year old copyrighted news report in the American
Banker:
Fleet's Investment Account Links Banking to Portfolio
Taken from the American Banker - November 8, 1990; Pg. 6; Vol.
155, No. 216
By Lauryn Franzoni, Special to the American Banker
Beginning today, Fleet National Bank, Providence, R.I., will offer
an integrated investment account that includes a consolidated
monthly statement covering both banking and investment services.
[snip]
A simple research project led to development of the Galaxy Fund
group. Several bank management trainees studied the memo lines on
personal checks written by bank customers for more than $1,000.
At least 70% of those drafts went for noninvestment purchases,
such as mortgages and other loan payments. But 22% indicated
movement of cash to investment organizations outside the bank. The
study showed it was time for the bank to offer competitive
products, said Fleet executive vice president Thomas N. Howe.
[snip]
Us privacy nuts will recognize that the study of the "memo" line of a
check written by a private party on that party's Fleet Bank Account is
a clear violation of the privacy of the check writer.
He or she did not expect that bank officers or management trainees
would read anything except the dollar amount and the account number of
a submitted check. He or she expectat that they would additionally
check only to see that the signature was valid. Bank officers looking
to see what I had spent my money on is at best unethical and at worst
illegal.
I did not quote the entirety of this copyrighted article, but can
assure you that nowhere in it is there any discussion of the ethics of
the bank's action only a report that this procedure got a good return
to the bank for its new type of account.
--
Leonard P. Levine e-mail levine@cs.uwm.edu
Professor, Computer Science Office 1-414-229-5170
University of Wisconsin-Milwaukee Fax 1-414-229-6958
Box 784, Milwaukee, WI 53201
PGP Public Key: finger llevine@blatz.cs.uwm.edu
------------------------------
From: msattler@jungle.com (Michael Sattler, San Francisco)
Date: 16 Apr 1995 13:25:51 -0700
Subject: Re: New PGP Enhanced Messaging on h.gp.cs.cmu.edu
Organization: Digital Jungle Consulting Services
Rick Busdiecker wrote: PGP Enhanced Messaging (PEM) should not be
confused with the Privacy Enhanced Mail standard (PEM).
Your Director of Three-Letter Acronyms should be beaten *and* hung by the
thumbs. There's just no excuse for this.
-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com> San Francisco, California |
Digital Jungle Consulting Services http://www.jungle.com/msattler/ |
|
Cypherpunks write code. Cypherpunks write books. |
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 16 Apr 1995 17:26:02 -0500 (CDT)
Subject: European Initiative
Organization: University of Wisconsin-Milwaukee
Taken from CPSR-GLOBAL Digest 131
Date: 15 Apr 1995 10:58:45 -0500
From: marsha-w@uiuc.edu (Marsha-W)
From: FOIGUY@aol.com
Subject: EUROPEAN INITIATIVE (@)
EUROPEAN INITIATIVE COULD THREATEN U.S. RECORD ACCESS
By Joel Campbell
(please send email to campbell.307@osu.edu)
A European Community initiative could have serious implications for
future access to U.S. federal and state government records.
Jane Kirtley, representing the Reporters Committee for Freedom of the
Press, told a NFOIC conference session April 8 that federal and state
governments may be forced to adopt policy similar to the EC's Data
Protection Initiative if they wish to continue commerce that may
involve "individually identifiable data."
Under European policy, personal information, including directory-type
information, can only be controlled by the subject. The rub is that
European nations will require that nations and states provide similar
protections where private information is involved in trade and
commerce. Government agencies that store and release data may seek
protections to help promote international trade. Kirtley said such
protections have no precedence in American law.
"The ship is already left the dock and we are on the dock waving at the
ship," Kirtley warned.
Add that prospect to the fact that more than ever before federal
officials have been bitten by the "privacy bug." She gave a recent
example of the U.S. Postal Service's closure of change-of-address
information. While it received 300 letters, most of them opposing the
closure, the agency said that the American public wanted their
addresses protected.
Citing another area of concern, Pusey warned about government's
perception that Geographic Information Systems or GIS are profit
centers and can be copyright protected. He said he found officials in
Texas that have proposed such measures have "astonishing ignorance
about the principles of public access."
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 16 Apr 1995 17:28:57 -0500 (CDT)
Subject: Attention Sysops!
Organization: University of Wisconsin-Milwaukee
Submitted by a friend, names and numbers have been changed to protect
the innocent:
I have been running ???? Bulletin Board since 4/21/89. In the
beginning, I ran my BBS as a FREE system. As the years went on, I
noticed more and more BBS's becoming subscription Bulletin Boards.
The reason for this was evident:
a) Increasing Costs
b) Competition
c) Commercial Online Services
d) The Internet
In March, 1994, I decided to start charging an access fee. I also
decided to offer my customers a real easy way to pay. I offered
them ????'s BankDraft Pay.
The caller signs up for a monthly subscription fee, I get their
checking account information and then take the money out of their
checking account through the use of an automatic bank draft. It's
easy!
???? Bulletin Board, inc. now is connected to the Internet,
offering all of the same services as the major Commercial Online
Services. We can do this because... we now receive steady monthly
income from subscriptions.
MY OFFER TO YOUR BBS
====================
Join ????'s BankDraft Pay and start receiving monthly income from
your subscribers every week. It is easy!
Call ???? Bulletin Board at ???-???-???? and login. Leave a message
for the System Operator stating your interest in joining ????'s
BankDraft Pay. I will contact you with full details about this
great program!
------------------------------
From: sys_srr@afdsb.cca.rockwell.com (S. Rathinam)
Date: 13 Apr 1995 16:19:32 GMT
Subject: Re: Who Reads This Group?
Organization: Rockwell International - Collins Divisions
Robert Gellman <rgellman@cais.cais.com> writes: I have a question
about CPD, which I have been reading now for a few weeks. I am
curious about the circulation. How many people receive it and how
has the circulation changed over time? If you are willing, you
might post the answer in the next issue.
[moderator: sure. There are just over 1000 people who get it
mailed direct, like you do now, and an unknown number of people who
read it from the newsgroup. ... This lets me brag that there are
about 6000 total readers.]
Quoting from the January 1995 Arbitron results:
This is a revised set of data from the USENET readership report for Jan
95. It is based on the readership sample information in Brian Reid's
report. I [[Franz]] have recomputed total readership to eliminate the
statistical error Brian inserted this month.
+-- Estimated total number of people who read the group, worldwide.
| +-- Actual number of readers in sampled population
| | +-- Propagation: how many sites receive this group at all
| | | +-- Recent traffic (messages per month)
| | | | +-- Recent traffic (megabytes per month)
| | | | | +-- Crossposting percentage
| | | | | | +-- Cost ratio: $US/month/rdr
| | | | | | | +-- % of newsrders
| | | | | | | | who read this group.
V V V V V V V V
65628 263 73% 118 0.3 2% 0.01 0.40% comp.society.privacy
The full report can be seen at
http://www.cc.utah.edu/~bf6515/arbitron/jan95_long.html
--
Sethu R Rathinam sys_srr%afds.cca.rockwell.com
I am not a Rockwell spokesperson rathinam@netins.net
------------------------------
From: Kajae@aol.com
Date: 13 Apr 1995 01:54:47 -0400
Subject: Re: Internet Porn Censorship
R.N.M.Battel@uel.ac.uk writes: The use of the internet to
disseminate pornography, hate-mail etc. interests me a lot, but I
despair of the 'tramlines' the discussions going on - like
discussing whether or not 'little Johnny' is going to be damaged by
paedophile material [what about 'little Jane' in all this?]. [snip]
A valid point. But like most things in life, the Internet also
revolves around the principle of "the wheel that squeaks the loudest
gets the most grease." Most of the people involved in those
discussions are either members of various law-enforcement agencies,
parents (both who know how the Net works and unfortunately those who
don't) who are concerned about restricting access to this media from
their children, and pro-privacy/free speech advocates who find a great
deal of fault with how that restriction is to be brought about.
Consequently, the only points made are the ones expounding the
viewpoint of either one or the other of the participants.
Those of us with another viewpoint will have to squeak louder. ;) As
for "little Jane", while I for one don't dismiss the presence of
females on the Internet, I do feel that they too are another faction
that needs to make their presence more known if they want more netters
to be sensitive to their viewpoints. Err, was there a particularly new
direction you wanted this debate to take?
For me a more central issue is the nature of the internet itself,
and the hype surrounding it. It has been presented as a wonderful
new medium for communication, bringing people and peoples together,
a tool for radical contracts untramelled by boundaries, capable of
turning the world into a global village, a limitless information
superhighway for a brave new world of the future [cue orchestra and
massed choirs in the background].. [snip]
First, it is important to realize that the majority of the hype
surrounding the internet is produced either by someone who doesn't use
it extensively in some fashion, or by someone who stands to make a
profit by having more people who don't use it begin to do so or do so
more often. Those of us who dwell in cyberspace as a matter of course
fully understand its capabilities and limitations.
And what's the reality? That it's used for the same tired old
abuses - porn, paedophilia, racism, homophobia - as all the other
media. I'm not actually *surprised* that this has happened
Nor should you be. Consider the fact that when television first
started, you could get air time for less than a dollar an hour (don't
try to quote that figure on Superbowl Sunday) and now the medium is
monopolized by those few who have the monetary means to influence that
particular medium. Back in the old days (like the early '80's) lots of
people who cruised cyberspace did so by dialing up to their local BBS
(usually for free) and the Usenet was by no means the diverse structure
it is today. Now, with the advent of online commercial services such
as Prodigy, Delphi, CompuServe, and AOL, we now have millions of people
from all across the world interacting with each other in many various
ways. And as it happens, some of those ways do happen to include
<gasp> sexually. Since commercial services are inclined to respond to
what their paying customers want, the various hierarchies, forums, and
web pages are carried. It's time we all faced it - for some strange
reason, people just like sex...
And just as print has Penthouse, television has The Playboy Channel,
film has Deep Throat, and telephones have
1-976-LET-A-GUY-ACTING-LIKE-A-WOMAN-TAKE-YOUR-MONEY, so the internet
has the alt.sex.* hierarchy, x-rated web pages, etc. Family groups and
various governments have been attempting to crack down on pornography
in the various other media unsuccessfully for decades, and now it's
just become the internet's turn to get some overdue attention.
Considering the overwhelming amount of ignorance they have previously
displayed regarding the nature and worldwide structure of the internet,
I expect them to be even less successful here than they were in their
other endeavors.
*HOWEVER*...mention spamming and suddenly it's the end of
civilisation as we know it...[snip]
Having a woman expose her body in an internationally publicized medium
for monitary profit is considered by many to be doomsday's calling
card. People tend to react strongly to whatever upsets their
sensibilities (case in point). Consider this: Print is a medium that
revolutionized communication, as is telecommunication and the various
video media. But none of them changed peoples morals, values, or
amount of respect for one another as human beings. It didn't even
begin to teach them how. It merely presented society with the
opportunity to do those things. The internet is no different.
Funny, isn't it?
Sure makes me wanna cry.
Just my 5K's worth...
-------------------------------------------------------------
Karl Jackson Kajae@aol.com
"Here lies KJ's sig of the week
It died well
Clever, witty, and meek"
-------------------------------------------------------------
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 29 Dec 1994 10:50:22 -0600 (CST)
Subject: Info on CPD [unchanged since 12/29/94]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the SUBJECT: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit or append to the text except for purely technical
reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V6 #038
******************************
.