Date: Mon, 24 Apr 95 15:51:53 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V6#039
Computer Privacy Digest Mon, 24 Apr 95 Volume 6 : Issue: 039
Today's Topics: Moderator: Leonard P. Levine
Cellular 911 Calls
ACLU Files Amicus Brief in U.S. v Thomas (AABBC Case)
Databases and Privacy
Cordless Surveillance Illegal in FL
Israeli Wiretapping Scandal
Social Security Frauds
Could what you post be used to profile you?
Stop Wiretap Plan/Save $500 Million
Who (Secretly) Reads Your Email?
Info on CPD [unchanged since 12/29/94]
----------------------------------------------------------------------
From: PHILS@RELAY.RELAY.COM (Philip H. Smith III, (703) 506-0500)
Date: 19 Apr 95 08:13:38 EDT
Subject: Cellular 911 Calls
Taken from EDUCOM: FCC PROPOSES CHANGES IN CELLULAR 911 SERVICE
A significant portion of the explosive growth in cellular phone
services is due to people who buy them to feel safer -- women who
worry about traveling alone in their cars, etc. But now it turns
out that 911 calls made from cellular phones are treated
differently and the FCC is considering requiring cellular providers
to improve their service. While calls made from wired phones are
routed to a centralized dispatch center, cellular calls are often
routed other places, such as a state-police barracks. And the
automated tracking system that identifies where the call is coming
from is useless with cellular technology. The cellular industry is
protesting the FCC's proposal, which would require cellular
providers to give 911 calls priority over other calls and have
technology in place within five years to identify the location from
which the call was made. They point out that 25 million devices
have already been sold, making retrofitting the phones a
nightmare. "We sat on our fat fannies 11 years ago whe
There is an obvious privacy risk, although one whose benefits are also
great.
------------------------------
From: ACLU Information <infoaclu@aclu.org>
Date: 21 Apr 1995 16:29:11 -0400
Subject: ACLU Files Amicus Brief in U.S. v Thomas (AABBC Case)
For Immediate Release
April 17, 1995
ACLU Files In Groundbreaking Computer Obscenity Case;
Friend-of-the-Court Brief Seeks to Overturn Tennessee Conviction
NEW YORK, April 17 -- The American Civil Liberties Union, seeking to
secure the future of free communication on the Internet, has filed a
friend-of-the-court brief in what is believed to be the first case
involving the cross-country prosecution and conviction of computer bulletin
board operators.
In its brief, filed with the U.S. Court of Appeals for the Sixth Circuit
in Tennessee, the ACLU urges the court to overturn the conviction of Robert
Thomas and Carleen Thomas of Milpitas, California. The Thomases own and
operate a computer bulletin board that specializes in the posting of
sexually explicit words and pictures.
The couple was indicted and convicted in the U.S. District Court in
Tennessee because a U.S. postal inspector learned of their bulletin board
and filed a fake application seeking access to its contents. Once he
obtained access, the postal inspector downloaded several pictures from the
California-based bulletin board, which a U.S. Attorney then deemed to be
žobscenež under the "local community standards" of Tennessee.
In its brief, which was also filed on behalf of the ACLU affiliates in
Tennessee and Northern California and the National Writers Union, Feminists
for Free Expression and the Thomas Jefferson Center for the Protection of
Free Expression, the ACLU charges that the government is engaged in a
"clumsy attempt to censor communications in cyberspace through application
of an obscenity law and standards wholly inappropriate for this new
medium."
"Computer networks have created vast new fora for the exchange of ideas,"
the ACLU's brief said. "They have created new communities with new
opportunities for people with similar interests to communicate with each
other.
"Until now," the brief continues, "computer networks have been faithful to
the values of the First Amendment. They have fostered, encouraged and even
nurtured the robust exchange of ideas.In this case the government seeks to
use a criminal law never intended to apply to computer communications, to
put a brake on that development, to stifle the explosive creativity and
breadth of expression occuring on computer networks."
The full text of the ACLUžs brief in Thomas vs. United States of America
is available in the ACLU's Free Reading Room, a gopher site (address below)
in the Court section, under National Office litigation.
--
ACLU Free Reading Room | American Civil Liberties Union
gopher://aclu.org:6601 | 132 W. 43rd Street, NY, NY 10036
mailto:infoaclu@aclu.org| "Eternal vigilance is the
ftp://ftp.pipeline.com | price of liberty"
------------------------------
From: Barry Gold <barryg@sparc.sandiegoca.attgis.com>
Date: 21 Apr 1995 23:53:06 GMT
Subject: Databases and Privacy
Organization: AT&T GIS (San Diego, CA)
I have suggested the following on our internal bulletin-board
(also submitted to Lauren's Privacy Forum)
I think that the ability of large databases to cross-correlate data
about individuals is one of the top 3 current threats to privacy.
It seems likely that Congress will enact some sort of privacy
legislation in a few years, but it will probably be half-baked and
bass-ackward, given the history of government attempts to define
privacy. (For example, they frequently exempt themselves!)
I believe that AT&T GIS should be ahead of the curve on this one,
instead of waiting until privacy legislation looks likely to pass and
then trying to mold it into something we can live with. I think we
should already have privacy standards in place that we can point to
and say:
Look, we're already doing something about this. Why don't you
try our solution?
I believe that we should do the following:
1. Establish a policy, defining how database users should protect
user's privacy.
2. Apply that policy to our own databases, with respect to both
associates and customers.
3. Offer a discount to customers who contract to use the Database
in accordance with that policy. (If we were still the *only*
provider of terabyte-sized database products -- as TDAT was in
the '80s -- I would suggest we make appropriate privacy
agreements a *condition* of sale, but I think we no longer
have the market strength to do that.)
Just to get the ball rolling, here are some suggestions towards a
privacy policy:
. Information about individuals shall be used only for the
purpose it was gathered for. Information about associates will
not be used for marketing or sold to outside organizations;
information gathered from purchases will be used only for marketing
other products the customers may be interested in -- and in
particular not be used to deny a customer access to a product or
service.
Exceptions shall require the written permission of the subject to
whom the information applies.
. Individuals shall be given the option to stop receiving mailed
marketing offers. This "opt out" shall be handled either by a
call to a toll-free number or by sending in a prepaid or
business-reply notice.
. Invididuals shall be given the option to have their names
deleted from any lists sold outside the organization that
collected it, with the same "opt out" possibilities.
. Individuals shall not be contacted for telemarketing purposes
unless they have either:
a) given their permission to be so contacted
b) been given an "opt out" (as above) and sufficient time has
elapsed to be reasonably sure they have not exercised it.
. When information about individuals is sold outside the
organization, or used for any purpose other than the one given
the individual when the information was collected, the subject
shall be notified of this sale/use. To reduce the transaction
cost of such notification, subjects may be sent a "batch" of
notifications once a year.
. Taxpayer ID # shall not be used as an identifying key; it is
neither unique nor universal and such use is very far outside
the purpose for which it was created.
--
Barry.Gold@SanDiego.NCR.COM
GCS d-- H s-:+ g+ p1 a+ w+ V C++ US/V+ P+ L 3- E+ N+ K- W M- V-- -po+
Y+ t 5+ j++ R+ G' tv n+ y+++ b+++ !D B e u+ h-0-- f r++
------------------------------
From: "Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com>
Date: 23 Apr 95 09:26:07 EDT
Subject: Cordless Surveillance Illegal in FL
Taken from the Associated Press news wire via CompuServe's Executive
News Service:
APn 04/14 1303 BRF--Cordless Surveillance
TALLAHASSEE, Fla. (AP) -- Police must have court approval to
intercept cordless phone conversations and use them as evidence,
the state Supreme Court ruled.
The decision Thursday came in the case of Joyce and Edgardo Mozo,
who were arrested on drug charges in 1991 after a conversation
police overheard on a cordless phone.
The Mozos were charged with possession of cocaine and marijuana
after detectives heard Mrs. Mozo tell an unidentified man there
was just "powder. No rock" available.
Key points from the article:
o Detectives using scanner randomly were looking for criminal
activity.
o Action "violated the Security of Communications Act."
o Evidence thrown out of court.
o Appeals to higher courts are anticipated.
--
M.E.Kabay,Ph.D., Mgmt Consultant, LGS Group Inc. (Montreal, QC);
Director of Education, Natl Computer Security Assn (Carlisle, PA)
------------------------------
From: "Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com>
Date: 23 Apr 95 11:50:46 EDT
Subject: Israeli Wiretapping Scandal
Taken from the Associated Press news wire via CompuServe's Executive
News Service:
APn 04/22 1749 Israel-Wiretapping
By DIANNA CAHN
Associated Press Writer
JERUSALEM (AP) -- Police arrested the publisher and
editor-in-chief of Israel's second-largest newspaper
Saturday on suspicion of illegal wiretapping.
The arrest was part of year-old wiretapping investigation
involving Maariv and the leading Israeli newspaper Yedioth
Aharonoth. Legislators have demanded tighter regulations on
wiretapping by state and private organizations.
Apparently "The investigation began in April 1994 after an executive
at a woman's magazine filed a complaint with police that her home
telephone was tapped."
Two, private investigators, Rafi Fridan and Yaakov Tsur were convicted last
year of tapping "over 400 telephone, cellular phone and fax lines." Among
the lines tapped were some "belonging to the country's president, the
defense ministry, other government offices, members of parliament, attorneys
and businessmen as well as a large number of newspaper and broadcast editors."
--
M.E.Kabay,Ph.D., Mgmt Consultant, LGS Group Inc. (Montreal, QC);
Director of Education, Natl Computer Security Assn (Carlisle, PA)
------------------------------
From: "Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com>
Date: 23 Apr 95 11:51:11 EDT
Subject: Social Security Frauds
Taken from the Associated Press news wire via CompuServe's Executive
News Service:
APn 04/16 1219 Social Security
By JENNIFER DIXON
Associated Press Writer
WASHINGTON (AP) -- To catch illegal aliens, fugitives from justice
and child-support scofflaws, the federal government will soon
scour state motor vehicle records for drivers with phony Social
Security numbers.
Criminals and others seeking a new identity often use false
Social Security numbers to get a driver's license or a state-issued
identification card.
The phony documents can then be used to obtain welfare, health
care and other public benefits as well as check-cashing and credit
cards, Social Security officials said.
Key points from the article:
o Search begins May 8.
o Robert Ellis Smith interviewed (he is publisher of the Privacy
Journal and a regular contributor to COMPUTER PRIVACY DIGEST).
Explains that 15 states plus D.C. "require driver's license
applicants to provide Social Security numbers...."
o "More than a dozen states display the number on the license;
three states prohibit the use of Social Security numbers for
drivers' licenses; and the balance make it optional or don't
ask for the number, Smith said."
o States sell DMV info to insurance and other companies.
o If more states use SSN on licenses, will increase fraud by making
real numbers available.
o Evan Hendricks (publisher of the Privacy Times) criticizes plan
because it is turning the SSN into a national identifier.
--
M.E.Kabay,Ph.D., Mgmt Consultant, LGS Group Inc. (Montreal, QC);
Director of Education, Natl Computer Security Assn (Carlisle, PA)
------------------------------
From: phanssen@uniwa.uwa.edu.au (Paul Hanssen)
Date: 24 Apr 1995 11:42:40 GMT
Subject: Could what you post be used to profile you?
Organization: The University of Western Australia
Isn't it possible for somone (e.g. the government or a private
database provider) to get an internet site with a news feed
and write a program to sort all incoming articles by person?
This information could then be used to make up a profile
of likes/dislikes and opinions of that person, whether true or not.
This profile could then be used by corporations for marketing
purposes or by the government to add to a file they
may or may not have on you.
Am I sounding a bit paranoid ??
--
Paul Hanssen
phanssen@uniwa.uwa.edu.au
------------------------------
From: "Marc Rotenberg" <rotenberg@epic.org>
Date: 19 Apr 1995 04:08:14 -0700
Subject: Stop Wiretap Plan/Save $500 Million
=============================================================
THE CAMPAIGN TO STOP THE WIRETAP PLAN
(AND SAVE $500 MILLION)
wiretap@epic.org
"As a means of espionage, writs of assistance and general
warrants are but puny instruments of tyranny and oppression
when compared with wire-tapping."
- Justice Brandeis, 1928
"Where in the US Constitution does it say that the federal
government has the right to tap your phone?"
- Wired, November, 1994
In a case reported last year a federal judge threw out all
evidence obtained from FBI wiretaps in what was described as
the most expensive white-collar investigation in Kansas City
history. The 96-page report of the reviewing
magistrate concluded that the FBI's affidavit "presented a
disturbing pattern of material misstatements, overstatements
and omissions designed to mislead the issuing district
court." The outcome is a "stunning repudiation of FBI
tactics."
- Kansas City Star, Feb 9, 1994
CONTENTS (Updated April 18, 1995)
[1] What You Can Do
[2] Background on Wiretap Plan
[3] Activities in Congress
[4] Budget Excerpt on Wiretap Plan
[5] Recent Developments: Freeh in Congress, EPIC in Merc
[6] Sample letter to Congress
[7] Organizations Opposed to Funding
[8] Wiretap Resources
=============================================================
[1] What You Can Do
=============================================================
- Contact your representative and urge the elimination of
funding for the "Telephone Carrier Compliance" program
contained in the appropriation for the Department of Justice.
(Sample letter follows.)
- Contact the House Subcommittee on Appropriations, Chaired
by Congressman Hal Rogers (R-KY). Urge Mr. Rogers and the
Subcommittee to oppose funding for the Telephone Carrier
Compliance program. (Sample letter follows.)
- Call 800/651-1489 to arrange for the delivery of Western
Union Mailgrams(r) to your representative and to the Chairman
and Ranking Minority on the House Subcommittee on
Appropriations ($10 charge). The Mailgrams will help ensure
that the Appropriations Subcommittee gives careful
consideration to the proposal.
- Write a letter to the editor of your local paper. Explain
the problem with the wiretap plan and why you believe funding
is a bad idea. Also, call your local talk radio station.
- Forward this message to others who might be concerned
about the wiretap plan. Or simply tell friends to send
email to wiretap@epic.org or call 800/651-1489.
- Send information about responses you receive from Members
of Congress to wiretap@epic.org
Thanks for your efforts. You can make a difference.
=============================================================
[2] Background on Wiretap Plan
=============================================================
The wiretap plan, also known as the Communications Assistance
for Law Enforcement Act of 1994, will require
telecommunications carriers and manufacturers of
telecommunications equipment to make it easy to wiretap the
nation's communication system. The key provisions of the bill
requires that new communication systems be designed to:
- Isolate a particular electronic communication
- Isolate call-identifying information
- Deliver intercepted information to a remote government
monitoring location
- Deliver information to the government without disclosing
the government's activity
The proposal faced strong opposition from industry and civil
liberties organizations last year. But the bill went forward
after the government offered to pay companies $500,000,000 to
make the proposed changes.
FBI Director Lou Freeh argued that the legislation was
necessary to preserve crime-fighting abilities of law
enforcement. But critics charge that the plan will be costly,
unwieldy, and leave the nation's telephone system more
vulnerable to criminal misuse.
Last year EPIC brought suit against the FBI to obtain records
relating to the program. To date none of the documents
disclosed to the public have established the need for a
nationwide program to reengineer the telephone network.
Earlier documents obtained from FBI field offices found that
no technical obstacles to wiretapping were encountered.
The wiretap plan has also been linked to the controversial
Clipper Chip proposal, announced by the National Security
Agency in 1993. Both the Clipper technical standard and the
wiretap legislation were developed jointly by the FBI and the
NSA.
Clipper also faced strong opposition from industry and civil
liberties groups. The White House reportedly backed off
Clipper after a petition signed by 47,000 Internet users was
delivered to the President last year.
Although $500m was authorized last year for the wiretap
program, Congress must now decide whether to appropriate the
funds for the program. Already there is some indication that
Congress may be reluctant to fund the program. The Office of
Management and Budget (OMB) recommended a funding by an
increase in civil fines rather than a new appropriation in
anticipation of criticism about the expenditure. Of course,
the money that is raised by civil fines could be used for other
programs or to reduce the deficit. OMB also asked only for
$100m for the first year, when it was expected that the
government would seek $125m.
Public opposition to the funding now will also make it more
difficult for the government to seek new restrictions on
private communications later, such as limitations on
encryption or surveillance requirements for Internet
communications.
Let Congress know that you object to spending $500,000,000
to make it easy to wiretap private communication!
=============================================================
[3] Action in Congress
=============================================================
The funding of a federal program is a two-step process. First
the oversight committee authorizes the expenditure of funds.
Next the appropriations committee allocates the funds.
Because Congress is in a budget-cutting mood, the
appropriations committee are looking closely at ideas for
reducing spending. Therefore, the Appropriations
subcommittee will play a critical role in the decision
whether to fund the wiretap plan.
The Congressional subcommittee that will consider funding for
the Telephone Carrier Compliance Program is the House
Subcommittee on Appropriation for Commerce, State, Justice.
The members of the subcommittee are:
Chairman Harold Rogers (R-5th KY), House Appropriations
Subcommittee, H-309 Capitol, Washington, DC 20515 202/225-
3351 (tel) 202/225-0940 (fax)
Rep. Jim Kolbe (R-5th AZ), 205 CHOB, Washington, DC 20515
202/225-2542 (tel) 202/225-0378 (fax)
Rep. Charles H. Taylor (R-11th NC), 231 CHOB, Washington, DC
202/225-6401 (tel) 202/225-0519 (fax)
Rep. Ralph Regula (R-16th OH), 2309 RHOB, Washington, DC
20515 202/225-3876 (tel) 202/225-3059 (fax)
Rep. Michael Forbes (R-1st NY), 502 CHOB, Washington, DC
20515 202/225-3826 (tel) 202/225-3143 (fax)
Chairman Bob Livingston (R-1st LA), House Appropriations
Committee, H-218 Capitol, Washington, DC 20515 202/225-2771
(tel)
Rep. Alan B. Mollahan (D-1st WV), 2427 RHOB, Washington, DC
20515 202/225-4172 (tel) 202/225-7564 (fax)
Rep. David E. Skaggs (D-2nd CO), 1124 LHOB, Washington, DC
20515 202/225-2161 (tel) 202/225-9127 (fax)
Rep. Julian C. Dixon (D-32nd CA), 2252 RHOB, Washington, DC
20515 202/225/7084 (tel) 202/225-4091 (fax)
Rep. David R. Obey (D-7th WI), House Appropriations
Committee, 1016 LHOB, Washington, DC 20515 202/225-2481
(tel)
If any of these members represent your district, it is
particularly important to write and express your opposition
to the Telephone Carrier Compliance program.
=============================================================
[4] Budget Excerpt on Wiretap Plan
=============================================================
(From the Budget of the United States FY1996, Appendix,
Federal Bureau of Investigation, p. 666)
Telephone Carrier Compliance
"The Communications Assistance for Law Enforcement Act
of 1994 authorizes the Attorney General to pay
telecommunications carriers for costs directly associated
with modifying equipment to perform court-authorized
wiretap. Activities eligible for reimbursement include
modifications performed by carriers in connection with
equipment, facilities, and services installed or deployed to
comply with the Act. In particular, telecommunications
carriers are required to expeditiously isolate and enable
intercept of all wire and electronic communications, provide
access to call-identifying information that is reasonably
available to the carrier, deliver the intercepts and call-
identifying information to the government, and provide these
services unobtrusively so as to minimize interference to
subscriber services."
"The program, administered by the Federal Bureau of
Investigation, is funded through a surcharge of approximately
30% imposed on civil monetary penalties and criminal fines.
For 1996, the Federal Bureau of Investigation will use $100
million in increased fines and penalties to finances the
telephone carrier compliance."
(P. 66)
Effect of offsetting collection from non-federal sources is
that there are no new net outlays.
'Improving Technology - Digital Telephony: On October 25, the
President signed the Communications Assistance for Law
Enforcement Act, ensuring the Government's ability to conduct
court-authorized wiretaps as the nation converts from analog
to digital communications technology. The budget proposes
$100 million to reimburse telecommunications carriers for
modifying equipment, facilities, and services to continue
enabling the Government to conduct wiretaps. The needed
funds would come from a 30-percent surcharge ion civil
monetary penalties and criminal fines (presuming that the
need authorizing legislation is enacted."
=============================================================
[5] Recent Developments: Freeh in Congress, EPIC in Merc
=============================================================
[FREEH TESTIMONY IN CONGRESS]
On March 30, 1995, FBI Director Louis J. Freeh testified
before the House Committee on the Judiciary Subcommittee on
Crime. Freeh had this to say about funding for the wiretap
plan and encryption:
"Another issue looms on the horizon that ultimately could be
as devastating to the fight against drugs by law enforcement
as any other factor. If lost, the effect will be so profound
that I believe law enforcement will be unable to recover. In
1968, Congress passed legislation giving law enforcement the
court-authorized wiretap. It has become a technique crucial
to the fight against drugs, terrorism, kidnapping and
sophisticated white-collar crime. The ability to conduct
court- authorized electronic surveillance is fundamental to
our ability to protect both public safety and national
security.
"Last year, after careful deliberation, Congress passed
legislation to ensure continuing access to criminal
conversations in the face of the incredible advance of
telecommunications technology. Had Congress not done so, we
would have lost the ability to access, pursuant to court
order, criminal conversations. All that remains on the access
issue is funding consistent with the authorization to ensure
carrier compliance. I have been advised that the
Administration will soon be sending legislation to address
this funding issue.
"Even though access is all but assured, an even more
difficult problem with court-authorized wiretaps looms.
Powerful encryption is becoming commonplace. The drug cartels
are buying sophisticated communications equipment. Unless
the issue of encryption is resolved soon, criminal
conversations over the telephone and other communications
devices will become indecipherable by law enforcement.
"This, as much as any issue, jeopardizes the public safety
and national security of this country. Drug cartels,
terrorists, and kidnappers will use telephones and other
communications media with impunity knowing that their
conversations are immune from our most valued investigative
technique.
"This is an extremely difficult issue. We are working hard to
address adequately the important law enforcement, national
security, commercial, and privacy concerns associated with
this matter. I anticipate that as we proceed with solving
this issue, we will be consulting with Congress."
[EPIC LETTER IN SAN JOSE MERCURY NEWS, APRIL 8, 1995]
"Don't Make Wiretapping Any Easier"
"There are several points to clarify in the April 1
report on the Electronic Privacy Information Center's
campaign to squelch funding for the FBI wiretap plan.
"First, we do not object to court authorized wiretaps.
We oppose the effort to require that such wiretaps be made
easy. There is nothing in the Constitution or the original
federal wiretap law that created such an obligation. The
reason is obvious. The Fourth Amendment is intended to
protect the public from abuse by government, not to coerce
the public to make the work of the government easy.
"Second, we do not accept the FBI's contention that
digital technologies have frustrated law enforcement
investigations. Wiretapping in the United States is at an
all-time high. Law enforcement also routinely searches
through telephone records in electronic form, a process made
far easier as a result of the growth of digital networks.
Cellular phones are easily overheard, and remote monitoring
technologies are vastly improved.
"It's therefore no surprise that in a series of
documents obtained by EPIC under the Freedom of Information
Act, FBI field offices repeatedly responded 'no problems
encountered' when queried about the impact of new
technologies by FBI Headquarters.
"Third, the wiretap bill is cut of the same cloth as the
Clipper proposal. Both proposals were developed by the same
federal agencies with the same goal. Both seek the holy
grail of absolute surveillance, an aim the US government has
never previously pursued.
"Fourth, it is almost inconceivable that in this era of
dramatic budget cuts and down-sizing of federal services, the
Congress should appropriate such a staggering sum of money to
fund an untested, widely criticized, inherently flawed
proposal for surveillance of the nation's communications
infrastructure. One does not have to be a strong believer in
privacy or civil liberties to see the folly behind this plan.
"Readers interested in learning more about the wiretap
bill should send email to wiretap@epic.org.
Marc Rotenberg, director
Electronic Privacy Information Center
=============================================================
[6] Sample letter to Congress
=============================================================
(This is a sample letter to Congress on the wiretap funding.
Feel free to make changes and to add your own points. If
you're too busy, call the Privacy Hotline at 800/651-1489.
Copies of the letter will be sent to your representative and
to Congressman Hal Rogers (R-KY), chair of the Subcommittee
on Appropriations, and Congressman Alan Mollohan (D-WV),
ranking minority member of the Subcommittee.)
Dear Congressman
I am writing to you to oppose funding for the Telephone
Carrier Compliance program -- the wiretap plan -- contained
in the budget for the Department of Justice.
I believe that it is a mistake for the government to
spend hundreds of millions of dollars to wiretap the
information highway.
I am also concerned that this program will make the
telephone system more vulnerable to misuse. We need good
technology for privacy and security, not wiretapping and
surveillance.
The experience with the Clipper chip already proved that
government proposals for electronic surveillance will be very
unpopular with American business and the American public.
I understand that the Department of Justice is trying to
hide the cost for this program by spending civil fines
received by the government. I think this is wrong. Funds
collected by the government are taxpayer dollars.
Congress should decide how that money should be spent.
Funding should be available for appropriate law
enforcement activities, but the wiretap program is too
expensive and just a bad idea. Also, with many government
programs being cut back, it is a bad time to launch a new
program that is so controversial.
Privacy is an important American value. A vote to
reduce government surveillance is a vote to support basic
American freedoms.
Thank you for considering my views. Please let me know
how you plan to vote on the funding for the wiretap program.
Sincerely yours,
=============================================================
[7] Organizations Opposed to Funding of Telephone Carrier
Compliance Program
=============================================================
American Civil Liberties Union (info@aclu.org)
Computer Professionals for Social Responsibility (cpsr@cpsr.org)
also Computer Professionals for Social Responsibility
Palo Alto Civil Liberties Working Group
Electronic Frontier Foundation (info@eff.org)
Electronic Privacy Information Center (info@epic.org)
Libertarian Party
Privacy International (pi@privacy.org)
US Privacy Council
Voters Telecomm Watch (vtw@vtw.com)
(If your organization opposes funding for the wiretap plan,
send email to wiretap@epic.org)
=============================================================
[8] Wiretap Resources
=============================================================
EPIC Web Page on the Wiretap Campaign
http://cpsr.org/cpsr/privacy/epic/wiretap/wiretap.html
The Communications Assistance for Law Enforcement Act of 1994
ftp://cpsr.org/cpsr/privacy/epic/wiretap/1994_telephony_law.txt
FBI Director Freeh's Congressional Testimony on CALEA and
banning encryption
ftp://cpsr.org/cpsr/privacy/epic/wiretap/freeh_testimony_3_30.txt
============== END WIRETAP UPDATE 4-18-95 ==================
_________________________________________________________________________
Marc Rotenberg (Rotenberg@epic.org) * 202-544-9240 (tel)
Electronic Privacy Information Center * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301 * ftp/gopher/wais cpsr.org
Washington, DC 20003 * HTTP://epic.digicash.com/epic
------------------------------
From: Deborah Barett <debarett@well.sf.ca.us>
Date: 21 Apr 1995 00:18:29 -0700
Subject: Who (Secretly) Reads Your Email?
Hi,
I felt this FAQ might interest you. If I'm wrong, I apologize.
Deborah Barett
-----BEGIN PGP SIGNED MESSAGE-----
*** Frequently Asked Questions About E-Mail Privacy ***
by
Andre Bacard, Author of
(The) COMPUTER PRIVACY HANDBOOK
"The Scariest Computer Book of the Year"
[FAQ Version April 12, 1995]
============================================================
This article offers a nontechnical overview of possible
threats to YOUR e-mail privacy, and it suggest two key
steps that you can take to guard your privacy. I have
written this especially for persons with a sense of
humor. You may distribute this (unaltered) FAQ for non-
commercial purposes.
===========================================================
Can people (secretly) read your e-mail?
Very likely yes. Most electronic mail is notoriously
UNPRIVATE. E-mail is less secure, and in many ways more
dangerous, than sending your personal or business
messages on a postcard.
Who secretly reads your e-mail?
A MACWORLD survey found that roughly 25% of the
businesses contacted admitted that they eavesdrop on
employee computer files, e-mail, or voice mail. This 25%
excludes unauthorized e-mail monitoring. When I asked a
Silicon Valley C.E.O. if he uses e-mail, he said: "Hell
no, Andre. Half the nerds in my company can hack e-mail.
E-mail is a party line!"
Internet e-mail, the kind that brought you this FAQ, is
child's play for some people to intercept. Your typical
e-mail message travels through many computers. At each
computer, people can access your personal and business
correspondence.
It's a safe bet that administrators (not to mention
hackers) on Bulletin Board Systems, college campus
systems, commercial information services, and Internet
hook-up providers can read your e-mail. Of course most
snoops will deny they're reading your e-mail because they
want to continue doing so.
Doesn't my password protect me?
Charles Piller, in his excellent article entitled "Bosses
With X-Ray Eyes," reports on a study MACWORLD made of
Macintosh software. Here is part of Piller's conclusion:
"All the major electronic-mail and groupware
products that combine messaging, file
management, and scheduling (such as
WordPerfect Office) allow the network
administrator to change passwords at any time,
then read, delete, or alter any messages on
the server. With few exceptions,
network-monitor programs such as AG Group's
LocalPeek, Farallon Computing's Traffic Watch
II, and Neon Software's NetMinder, allow
astute managers to read files transmitted over
the net. In short, these tools are only
slightly less invasive than others
specifically designed for surveillance and
used primarily on mainframe systems."
Unix, Dos and other software networks are just as easy
for administrators to manipulate. Who is to stop your
Internet hook-up provider or any network supervisor from
using or distributing your password?
Doesn't my e-mail vanish after I read and "delete" it?
In many cases, NO! Many Internet providers and network
administrators "archive" (store) your incoming and
outgoing mail on a computer disk for six months or more
AFTER you think that you've deleted your mail. If someone
sues you (for example, in a divorce), he or she may be
able to subpoena and READ your previous correspondence.
Of course, unauthorized snoops might chose to read your
archive for their own reasons.
What motivates a snoop?
Maybe he's a thief who sells company business plans or
customer lists. Perhaps she's the office intriguer trying
to play people against you. Possibly he's a computer
stalker like the fellow who shot actress Rebecca Schaffer
to death. Conceivably she's a blackmailer. Maybe he's an
old-fashioned voyeur. Information is power. Snoops want
power.
Whatsamatter, I've got nothing to hide. Why do I need e-mail
privacy?
Show me an e-mail user who has no financial, sexual,
social, political, or professional secrets to keep from
his family, his neighbors, or his colleagues, and I'll
show you someone who is either an extraordinary
exhibitionist or an incredible dullard. Show me a
corporation that has no trade secrets or confidential
records, and I'll show you a business that is not very
successful.
Robert Ellis Smith, Publisher of the PRIVACY JOURNAL,
quips, "An employee with nothing to hide may well be an
employee with nothing to offer."
Privacy, discretion, confidentiality, and prudence are
hallmarks of civilization.
OK, maybe I could use e-mail privacy. What can I do?
There are two big, practical steps that you can take.
First, use PGP (Pretty Good Privacy) software to encrypt
your e-mail (and computer files) so that snoops cannot
read them. PGP is the de facto world standard software
for e-mail security. Second, use anonymous remailers to
send e-mail to network news groups or to persons so that
the recipient (and snoops) cannot tell your real name or
e-mail address.
Where can I learn more about these privacy tools?
Two excellent places to start are the Usenet news groups
alt.security.pgp and alt.privacy.anon-server.
Also, I've written FAQs about Anonymous Remailers and PGP
(Pretty Good Privacy). See below.
Anything else I should know?
Yes. YOUR privacy and safety are in danger! Prolific
bank, credit and medical databases, computer matching
programs, cordless & cellular phone scanners, the Clipper
Chip Initiative, the Digital Telephony law, and (hidden)
video surveillance are just a few factors that threaten
every law abiding citizen. The COMPUTER PRIVACY HANDBOOK
gives many chilling examples. In short, our anti-privacy
society serves criminals and snoops computer data about
YOU on a silver platter.
If you want to protect YOUR privacy, I urge YOU to
support groups such as the Electronic Frontier Foundation
<membership@eff.org> and the Electronic Privacy
Information Center <info@epic.org>.
Andre, have you written other privacy-related FAQs?
I'm circulating an (1) Anonymous Remailer FAQ, (2) E-Mail
Privacy FAQ, and (3) PGP (Pretty Good Privacy) Software
FAQ. To get these FAQs, send me this:
To: abacard@well.sf.ca.us
Subject: Send FAQs Info
Message: [Ignored]
****************************************************************
Bacard wrote "The Computer Privacy
"Privacy permits you Handbook: A Practical Guide to E-Mail
to be yourself." Encryption, Data Protection, and PGP
Privacy Software" [for novices/experts].
Introduction written by Mitchell Kapor, Creator of Lotus 1-2-3
and Co-founder of the Electronic Frontier Foundation.
Book Available from Bookstores or:
Peachpit Press, 2414 Sixth Street, Berkeley, CA 94710
Call (800) 283-9444 or (510) 548-4393
ISBN # 1-56609-171-3
*****************************************************************
-----BEGIN PGP SIGNATURE-----
Version: 2.7
iQCVAwUBL4tEvN6pT6nCx/9/AQHnHAQAsuh3OWSofVvJYp8aZSLi2/T/DXCI4pL9
q6+WFQvd96MK6DhH6M8bD6yPgXe7K6qWktjht+6SnHNIwAwTc1ikd3UFbunfkP2u
0QCRg+eestjfGTeiw65Fcc6IiPq0zRYT+G+d+NnwOGlxDISO4+2Z2fXPS57MDCqk
1cfmDFLEq+Q=
=lk6W
-----END PGP SIGNATURE-----
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 29 Dec 1994 10:50:22 -0600 (CST)
Subject: Info on CPD [unchanged since 12/29/94]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the SUBJECT: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit or append to the text except for purely technical
reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V6 #039
******************************
.