Date: Wed, 26 Apr 95 15:18:43 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V6#040
Computer Privacy Digest Wed, 26 Apr 95 Volume 6 : Issue: 040
Today's Topics: Moderator: Leonard P. Levine
Re: Could What You Post be Used to Profile You?
Censorship and Freedom of Speech
Re: Privacy "Remailer" for Phones
California Digital Signature Bill
Who (Secretly) Reads Your Email?
The Tools of Freedom and Privacy - and their Demolition
Yeltsin Edict on Cryptography
Info on CPD [unchanged since 12/29/94]
----------------------------------------------------------------------
From: sls477@ku-eichstaett.de (MARTIN VIRTEL)
Date: 25 Apr 1995 13:00:24 GMT
Subject: Re: Could What You Post be Used to Profile You?
Organization: KU Eichstaett (FRG)
phanssen@uniwa.uwa.edu.au (Paul Hanssen) writes: .. and write a
program to sort all incoming articles by person? This information
could then be used to make up a profile of likes/dislikes and
opinions of that person, whether true or not.
Some people I know in Germany tried it, filtering out adresses of
people's contributions to newsgroups (yes, some germans put their
adress into the .signature), and then grouping them by the subjects of
the conferences they posted to. They then contacted adress brokers and
offered the data gathered (NOT explaining the way they gathered it...).
These adresses are worth around 2-5 dollars apiece, they were told.
so much for that
--
Martin
------------------------------
From: Leonard A DiMenna <ldimenna@osf1.gmu.edu>
Date: 26 Apr 1995 09:15:21 -0400 (EDT)
Subject: Censorship and Freedom of Speech
How do you decide which is censorship and which is freedom of speech?
It is very reasonable that certain people shouldn't have access to
areas that have adult matieral. Who descides what is moral and what
isn't? There is no black and white only shades of gray.
------------------------------
From: fd@wwa.com (Glen L. Roberts)
Date: 26 Apr 1995 19:48:16 GMT
Subject: Re: Privacy "Remailer" for Phones
Organization: WorldWide Access - Chicago Area Internet Services
PruRE (prure@aol.com) wrote: I want to get around "caller ID". Is
anyone aware of a service that accomplishes for a phone call the
same thing that remailer does for email? Thanks!
1-900-STOPPER does it for $1.95/min
--
Glen L. Roberts, Editor, Full Disclosure
Host Full Disclosure Live (WWCR 5,065 khz - Sundays 7pm central)
email POSTAL address to glr@ripco.com for catalog on privacy & surveillance.
<a href="http://ripco.com:8080/~glr/glr.html"> </a>
------------------------------
From: Privacy Rights Clearinghouse <prc@teetot.acusd.edu>
Date: 24 Apr 1995 13:49:29 -0700 (PDT)
Subject: California Digital Signature Bill
Those interested in on-line privacy should be aware of a bill in the
California Legislature. A.B. 1577, sponsored by Debra Bowen, addresses
the issue of digital signatures. There are versions of the same bill
under consideration in Oregon, Washington, and Utah as well.
Evidently, the bill would provide for a certification procedure that
would be used to verify the digital signature of anyone who has had
their signature "certified." The bill would provide for a
publicly-accessible database of certificates, which could be accessed
by anyone wishing to verify a digital signature.
We have looked over the bill and, while we believe something along
these lines is essential to prevent widespread fraud and
misrepresentation in on-line activities, we are concerned that this
specific bill raises several serious privacy concerns.
The public database idea may be particularly intrusive. This sounds
like a direct marketer's dream: a fully accessible database of e-mail
addresses that are certified authentic and reliable for on-line sales
up to an expressed amount. Will it be possible to access the
repository and compile a list of e-mail addresses which could then be
used for marketing purposes? For example, could a list of all
certificates with "recommended reliance limits" above $1000 be culled
from these repositories? If other information is included in the
certificate, would direct marketers be able to search for all e-mail
addresses, say, in a certain zip code or area code?
There may be other privacy problems with A.B. 1577. We would like to
hear comments from anyone regarding this bill. If you wish, we can
forward your comments to Assemblywoman Bowen's office.
The legislative counsel's digest of the bill is attached. The full
text of the bill (about 30 pages worth) are available on the Net from:
gopher sen.ca.gov [Under the Bills, Codes, & Analyses..]
http://www.sen.ca.gov [Under the sen.ca.gov gopher
interface]
gopher mother.com [Under California/Assemblywoman Debra
Bowen/Bills: 1995-96 Session]
If you have comments, please contact the Privacy Rights
Clearinghouse: voice 800.773.7748
(outside California 619.298.3396)
e-mail prc@acusd.edu
LEGISLATIVE COUNSEL'S DIGEST
AB 1577, as introduced, Bowen. Digital signatures.
Existing statutes do not generally govern the
authenticity and verification of electronic or similar
data intended to act as a signature, except in the case
of electronic fund transfers in nonconsumer situations
which provides for security procedures related to
verification of authenticity of orders.
This bill would add the California Digital Signature
Act. A digital signature would be a sequence of bits
meeting certain encryption requirements, that would be as
valid as if it had been written on paper, except in the
case of a digital signature that would make a negotiable
instrument payable to bearer, which would be void except
to effectuate a funds transfer or a transaction between
financial institutions. The bill would further set forth
the effect of certain actions taken with respect to
digital signatures.
The bill would provide for the issuance of a
certificate by a certification authority that would
contain information to verify a digital signature of a
subscriber. The bill would provide for a database of
certificates by repositories.
The bill would provide for the licensure of
certification authorities by the Office of Information
Technology, and for the recognition of repositories. The
bill would require the office to be a repository. The
bill would provide for fees, and would impose related
duties on the office.
The bill would set forth provisions governing and
limiting the liability of certification authorities and
repositories.
The bill would make it a misdemeanor for a person to
knowingly or intentionally misrepresent to a
certification authority his or her identity, name,
distinguished name, or authorization when requesting
suspension of a certificate, thereby imposing a
state-mandated local program.
====================================================================
Barry D. Fraser fraser@acusd.edu
Online Legal Research Associate
Privacy Rights Clearinghouse prc@acusd.edu
Center for Public Interest Law Gopher gopher.acusd.edu
University of San Diego Select "USD Campus-Wide Info"
Privacy Hotline: 619-298-3396 BBS: 619-260-4789
In California: 800-773-7748 host: teetot
login: privacy
====================================================================
------------------------------
From: Deborah Barett <debarett@well.sf.ca.us>
Date: 21 Apr 1995 00:18:29 -0700
Subject: Who (Secretly) Reads Your Email?
-----BEGIN PGP SIGNED MESSAGE-----
*** Frequently Asked Questions About E-Mail Privacy ***
by
Andre Bacard, Author of
(The) COMPUTER PRIVACY HANDBOOK
"The Scariest Computer Book of the Year"
[FAQ Version April 12, 1995]
============================================================
This article offers a nontechnical overview of possible
threats to YOUR e-mail privacy, and it suggest two key
steps that you can take to guard your privacy. I have
written this especially for persons with a sense of
humor. You may distribute this (unaltered) FAQ for non-
commercial purposes.
===========================================================
Can people (secretly) read your e-mail?
Very likely yes. Most electronic mail is notoriously
UNPRIVATE. E-mail is less secure, and in many ways more
dangerous, than sending your personal or business
messages on a postcard.
Who secretly reads your e-mail?
A MACWORLD survey found that roughly 25% of the
businesses contacted admitted that they eavesdrop on
employee computer files, e-mail, or voice mail. This 25%
excludes unauthorized e-mail monitoring. When I asked a
Silicon Valley C.E.O. if he uses e-mail, he said: "Hell
no, Andre. Half the nerds in my company can hack e-mail.
E-mail is a party line!"
Internet e-mail, the kind that brought you this FAQ, is
child's play for some people to intercept. Your typical
e-mail message travels through many computers. At each
computer, people can access your personal and business
correspondence.
It's a safe bet that administrators (not to mention
hackers) on Bulletin Board Systems, college campus
systems, commercial information services, and Internet
hook-up providers can read your e-mail. Of course most
snoops will deny they're reading your e-mail because they
want to continue doing so.
Doesn't my password protect me?
Charles Piller, in his excellent article entitled "Bosses
With X-Ray Eyes," reports on a study MACWORLD made of
Macintosh software. Here is part of Piller's conclusion:
"All the major electronic-mail and groupware
products that combine messaging, file
management, and scheduling (such as
WordPerfect Office) allow the network
administrator to change passwords at any time,
then read, delete, or alter any messages on
the server. With few exceptions,
network-monitor programs such as AG Group's
LocalPeek, Farallon Computing's Traffic Watch
II, and Neon Software's NetMinder, allow
astute managers to read files transmitted over
the net. In short, these tools are only
slightly less invasive than others
specifically designed for surveillance and
used primarily on mainframe systems."
Unix, Dos and other software networks are just as easy
for administrators to manipulate. Who is to stop your
Internet hook-up provider or any network supervisor from
using or distributing your password?
Doesn't my e-mail vanish after I read and "delete" it?
In many cases, NO! Many Internet providers and network
administrators "archive" (store) your incoming and
outgoing mail on a computer disk for six months or more
AFTER you think that you've deleted your mail. If someone
sues you (for example, in a divorce), he or she may be
able to subpoena and READ your previous correspondence.
Of course, unauthorized snoops might chose to read your
archive for their own reasons.
What motivates a snoop?
Maybe he's a thief who sells company business plans or
customer lists. Perhaps she's the office intriguer trying
to play people against you. Possibly he's a computer
stalker like the fellow who shot actress Rebecca Schaffer
to death. Conceivably she's a blackmailer. Maybe he's an
old-fashioned voyeur. Information is power. Snoops want
power.
Whatsamatter, I've got nothing to hide. Why do I need e-mail
privacy?
Show me an e-mail user who has no financial, sexual,
social, political, or professional secrets to keep from
his family, his neighbors, or his colleagues, and I'll
show you someone who is either an extraordinary
exhibitionist or an incredible dullard. Show me a
corporation that has no trade secrets or confidential
records, and I'll show you a business that is not very
successful.
Robert Ellis Smith, Publisher of the PRIVACY JOURNAL,
quips, "An employee with nothing to hide may well be an
employee with nothing to offer."
Privacy, discretion, confidentiality, and prudence are
hallmarks of civilization.
OK, maybe I could use e-mail privacy. What can I do?
There are two big, practical steps that you can take.
First, use PGP (Pretty Good Privacy) software to encrypt
your e-mail (and computer files) so that snoops cannot
read them. PGP is the de facto world standard software
for e-mail security. Second, use anonymous remailers to
send e-mail to network news groups or to persons so that
the recipient (and snoops) cannot tell your real name or
e-mail address.
Where can I learn more about these privacy tools?
Two excellent places to start are the Usenet news groups
alt.security.pgp and alt.privacy.anon-server.
Also, I've written FAQs about Anonymous Remailers and PGP
(Pretty Good Privacy). See below.
Anything else I should know?
Yes. YOUR privacy and safety are in danger! Prolific
bank, credit and medical databases, computer matching
programs, cordless & cellular phone scanners, the Clipper
Chip Initiative, the Digital Telephony law, and (hidden)
video surveillance are just a few factors that threaten
every law abiding citizen. The COMPUTER PRIVACY HANDBOOK
gives many chilling examples. In short, our anti-privacy
society serves criminals and snoops computer data about
YOU on a silver platter.
If you want to protect YOUR privacy, I urge YOU to
support groups such as the Electronic Frontier Foundation
<membership@eff.org> and the Electronic Privacy
Information Center <info@epic.org>.
Andre, have you written other privacy-related FAQs?
I'm circulating an (1) Anonymous Remailer FAQ, (2) E-Mail
Privacy FAQ, and (3) PGP (Pretty Good Privacy) Software
FAQ. To get these FAQs, send me this:
To: abacard@well.sf.ca.us
Subject: Send FAQs Info
Message: [Ignored]
****************************************************************
Bacard wrote "The Computer Privacy
"Privacy permits you Handbook: A Practical Guide to E-Mail
to be yourself." Encryption, Data Protection, and PGP
Privacy Software" [for novices/experts].
Introduction written by Mitchell Kapor, Creator of Lotus 1-2-3
and Co-founder of the Electronic Frontier Foundation.
Book Available from Bookstores or:
Peachpit Press, 2414 Sixth Street, Berkeley, CA 94710
Call (800) 283-9444 or (510) 548-4393
ISBN # 1-56609-171-3
*****************************************************************
-----BEGIN PGP SIGNATURE-----
Version: 2.7
iQCVAwUBL4tEvN6pT6nCx/9/AQHnHAQAsuh3OWSofVvJYp8aZSLi2/T/DXCI4pL9
q6+WFQvd96MK6DhH6M8bD6yPgXe7K6qWktjht+6SnHNIwAwTc1ikd3UFbunfkP2u
0QCRg+eestjfGTeiw65Fcc6IiPq0zRYT+G+d+NnwOGlxDISO4+2Z2fXPS57MDCqk
1cfmDFLEq+Q=
=lk6W
-----END PGP SIGNATURE-----
------------------------------
From: jwarren@well.sf.ca.us (Jim Warren)
Date: 26 Apr 1995 09:54:02 +0800
Subject: The Tools of Freedom and Privacy - and their Demolition
Hi all -
Although this at first glance appears to only concern the world's most
widespread (free) cryptography program, PGP, in fact, most of it
concerns our nation and whether our government will permit our citizens
to retain any of the substantive freedoms on which it was founded.
Author John Perry Barlow is one of the co-founders of the Electronic
Frontier Foundation (and a former chair of the Republican Central
Committee of his WY county's Repub Party ... but also a lyricist for
the Grateful Dead :-).
The person who forwarded it to his *large* international
"interesting-people" mailing list, Dave Farber, is an internationally
renown computer and networking scientist who has served and is serving
on several of the federal government's and Congress' most major
computer security commissions.
I find this compelling reading.
I wonder if one or two mad bombers in Oklahoma should be justification
for turning this nation into a surveillance society that will make
Singapore and the old KGB envious? Clinton and the FBI leadership are
using it to justify massive expansion of surveillance systems -
endangering 280-million people because of the actions of less than a
dozen in Oklahoma and New York.
It seems like those several allegedly rejected militia members have
placed the top on the coffin of freedom and privacy, and government
leaders are now preparing to nail it shut, exactly as the bombers
apparently most-feared - a far greater reason even, for the public
horror and mourning of our nation, than the insane death and
destruction they created.
How much will we, the People, give up - how much more will the
government take - of our freedom and privacy, in the pursuit of the
unattainable delusion of "peace in our time"?
--
jim
Posted-Date: Wed, 26 Apr 1995 05:03:52 -0400
Date: 26 Apr 1995 05:03:54 -0400
From: farber@central.cis.upenn.edu (David Farber)
Subject: A Pretty Bad Problem -- Forward to PGP User's Guide by Phil
Zimmerman [with permission from John B.]
To: interesting-people@eff.org (interesting-people mailing list)
A Pretty Bad Problem
Forward to PGP User's Guide by Phil Zimmerman
by John Perry Barlow
I love irony, and there lies in this book an irony as striking as any I
know. It is this: that a computer program with the cute li'l ol' name
of Pretty Good Privacy, written by an apparently unformidable gnome on
a tight budget, now terrifies a security monolith that required half a
century, uncounted billions of dollars, and the collective IQ's of a
few thousand geniuses to develop.
This book and the software it describes, as brief and modest as its
author, could very well be the root tendril that will grow into the
National Security State and shatter it. It that is true, it's probably
only a little hyperbolic to claim that you are holding a work as
liberating as Common Sense, or, viewed through another set of bunker
slits, as socially disruptive as Mein Kampf.
That doubtless sounds like a pretty disruptive statement itself, but
it's not unconsidered. It seems to me that the combination of
distributed digital technology and robust encryption has brought
informatized society to a very sharp balance point between two lousy
choices. On one side lies a technological foundation upon which the
most massive totalitarianism could be built. On the other is a jungle
in which any number of anarchic guerrillas might hide, upon whom little
order could ever be imposed.
Assuming I'm not simply raving here, what leads me to this conclusion?
Have things really gotten this weird? I honestly believe they may
have.
At present most of us unwittingly leave a highly visible and nearly
indelible trail in Cyberspace. Every time we make a modern financial
transaction, use the telephone, send an e-mail message, we leave a path
of bits from which anyone who's interested and properly equipped can
assemble the detailed informational ghosts of our naked selves. If you
have something you'd rather hide, don't hide it there.
Furthermore, the tools of surveillance are becoming far more
sophisticated and conducive to centralization. Massive pattern
recognition engines can be applied to the Net from, say, Washington, DC
or Beijing, and specifically tuned to recognize certain kinds of
activities. Or even beliefs.
Any government that can automatically generate an intimate profile of
every one of its citizens is a government endowed with a potential for
absolute power that will eventually, to use Lord Acton's phrase,
corrupt absolutely. Few civil liberties are likely to survive such
capacities in the hands of the increasingly panicky authoritarians who
run the embattled old bureaucracies of the Meat World.
Worse, their panic may be justified. An equally apprehensive and
growing lot of cyber-libertarians now have at their disposal tools as
unbalancingly powerful in their power to conceal as are the other
side's in the service of revelation. One of these sabots goes by the
mild name of Pretty Good Privacy.
Any number of citizens armed with PGP and such of its relations as
digital cash and anonymous Net remailers can simply vanish from the
governmental radar. They are at greater liberty than ever before to
conduct any endeavor, including something that, as Phil frankly puts it
at the beginning of this book, "shouldn't be illegal, but is." They can
exempt themselves from taxes and yet maintain precise accounting
records. In many ways, they can effectively resign from the community
of the governed and enter a condition in which their actions ordered by
conscience and culture alone.
And we may get a chance to find out just how well these are going to
work as the primary templates for social order. There is no question
that the patterns of unwritten code that arise from culture can work
when the society in question is small, simple, or highly homogeneous.
For example, I come from a part of Wyoming where something like the
Code of the West is still more important than the law or its
instruments. It works pretty well. I don't have a key to my house, and
through many years in the cattle business, I signed few contracts and
was never knowingly cheated.
Something similar obtains in Japan, a much larger and more complex
society which is nevertheless monocultural enough to resist chaos far
more by general consent than by any order that police might enforce.
And it is nearly crime free.
The emergent social orders of both Japan and Wyoming strongly support
the idea that a less legalistic approach to the vicissitudes of life
among the humans will work. What it less well known is whether it is
possible to return to such a condition and whether truly diverse
societies, such as we have in America, can ordered primarily by
cultural norms.
Present evidence from both the former Soviet Union and the former
Yugoslavia is not so promising. After 70 years of the most heroic
efforts to force order by imposed regulation, the great iron lid is
off. And it is no Rousseauvian paradise to which the Russians have
returned. They appear to be governed less by ethics than by criminals
who would probably govern better if they were organized. Meanwhile the
Balkans have returned to a state of tribal bloodshed that indicates
that a strong sense of community, as expressed in cultural immune
response, can be more disruptive than ordering.
But what are the choices? Do we allow matters to continue along their
present technological trajectory, eventually endowing our government
(and practically any marketing organization) with a magnifying window
into the least of our lives? Do we allow ourselves to become intimately
vulnerable to faceless bureaucracies to whom we will be incredibly well
known yet remain faceless ourselves? We have gone too far that way
already. But what can prevent a further tumble toward that dark
horizon?
Do we try to hide our trails behind laws (favored by Europeans) that
would define what might be the appropriate contents for a database? Do
we endow government with the ability to define forbidden knowledge? I
don't have much enthusiasm for this solution, which sounds to me rather
like having a Peeping Tom install one's window blinds, I do not trust
government with the ability to regulate information, especially
information that contains within it such a long lever of control as
those things about yourself you'd rather no one knew.
There are always special circumstances - grave matters of national
security, they will insist. - in which it will seem obvious to our
guardians that the sanctity of such laws is secondary to the greater
public interest. Indeed, this is how we have been doing things in
America for a long time. The Bill of Rights continues to apply only
when the government feels no pain from its application.
It's a tough choice, but I think I would prefer to give people the
means to control their own information. I think it is best that this
virus of liberty is loose on the Net.
I would prefer to let my fellow citizens detach their economic
transactions from their identities, despite the looming possibility
that an anonymous economy will consider taxes voluntary. I would even
rather extend to people the general condition of anonymity, hoping they
will not use it much, knowing that without identity, there is little
impetus for responsibility, and that without responsibility, the Social
Contract is abrogated.
While I have focused so far on the ability of PGP to conceal, it is the
area of identity that this software may make its most positive
contribution. Even as digital technology can make us to visible, the
absence of real bodies places a garment of ambiguity on everyone who
interacts on the Net. If community requires identity, what is to be
done about the ease by which the virtual can take on one another's
identities?
To this dilemma, PGP provides an unambiguous solution: digital
signature. Using the signing techniques enabled here, you can send and
receive files with great assurance that they were generated by their
purported authors and that their contents have not been altered. Once
you are in the habit of authenticating your own words, no one may
pretend to speak or act as you. You can be assured that you will only
have to be responsible for your own actions and not the misdeeds of
some phantom wearing your name.
For the rest of what PGP enables, ambivalence is the only appropriate
response. Still, I would at least rather everyone know how to use the
tools whose operation this book describes, though I fervently hope they
will be somewhat circumspect about actually using them. Just as an
armed populace may be more resistant to certain excesses of
governmental zeal, so might a populace armed with the ultimate
defensive weapon, the ability to disappear, countervail against the
all-seeing electronic eye.
We had best be armed with something. It seems certain to me that any
government that can see everything we do all the time will sooner or
later feel compelled to add omnipotence to omniscience, which are, in
the Virtual Age, much the same thing anyway.
Maybe we will feel compelled to start using them. Maybe there will be
anarchy, maybe even chaos. But chaos at least has an open
architecture. Chaos has always been the native home of the infinitely
possible. And among the possibilities I imagine is that human beings
will turn out to be better, less paranoid, less worthy of inspiring
paranoia, than many of us think.
In the end, it doesn't matter much what they think or I think. The
genie of guerrilla cryptography is out of the bottle. No one, not even
its maker, can stuff it back in or keep it within what America
laughably calls its borders. The genie is all over the Net. It's in
your hands as you hold this book. Summon it with a conscience. But be
prepared to summon it if you must.
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu
Date: 21 Apr 1995 13:14:15 -0500 (CDT)
Subject: Yeltsin Edict on Cryptography
Organization: University of Wisconsin-Milwaukee
[Translated by Gregory S. Tseytin <tseytin@hm.spb.su>, Wed, 19 Apr
1995. Note: this is a preliminary translation, and Tseytin states he
may not be fully competent to translate legal terms. This translation
will probably be revised by subsequent translators]
EDICT OF THE PRESIDENT OF THE RUSSIAN FEDERATION
ABOUT ARRANGEMENTS FOR ENFORCING LEGAL ORDER IN THE AREA OF
DEVELOPMENT, PRODUCTION, SALES AND USE OF CRYPTOGRAPHIC INSTRUMENTS, AS
WELL AS RENDERING SERVICES IN INFORMATION ENCRYPTION
In order to secure unconditional fulfillment of the Law of the Russian
Federation "About federal bodies for government communications and
information", as well as to intensify the struggle against organized
crime and to enhance protection of information and telecommunication
systems of the bodies of state power, Russian structures for banking
and finance, enterprises and organizations I decree:
1. The Programme for creation and development of information and
telecommunication system for special assignments for the benefit of
bodies of state power shall have the status of Presidential programme.
The Center for Presidential programmes at the Administration of the
President of the Russian federation jointly with the Federal agency for
government communications and information attached to the President of
the Russian Federation shall arrange for finishing and implementation
of the programme.
2. To forbid use by government organizations and enterprises in their
information and telecommunication systems of encryption instruments,
including cryptographic instruments in support of authenticity of
information (electronic signature), and protected technical devices for
storing, processing and transmission of information which have no
certificate from the Federal agency for government communications and
information attached to the President of the Russian Federation, as
well as giving government contracts to enterprises, organizations using
said technical and encrypting instruments having no certificate from
the Federal agency for government communications and information
attached to the President of the Russian Federation.
3. To advise the Central bank of the Russian federation and the Federal
agency for government communications and information attached to the
President of the Russian Federation to take necessary actions with
respect to commercial banks evading mandatory use of protected
technical instruments for storing, processing and transmission of
information, having a certificate from the Federal agency for
government communications and information attached to the President of
the Russian Federation, in their informational interaction with
subdivisions of the Central bank of the Russian Federation.
4. For improvement of informational security of the Russian Federation
and intensification of the struggle against organized crime, to forbid
activities of legal and physical persons related to development,
production, sales and use of encryption instruments as well as
protected technical devices for storing, processing and transmission of
information, rendering services in information encryption, without
licenses issued by the Federal agency for government communications and
information attached to the President of the Russian Federation, in
accordance with the Law of the Russian Federation "About federal bodies
for government communications and information".
5. The State customs committee of the Russian Federation shall take
actions to stop import into the territory of the Russian Federation of
cryptographic instruments of foreign make without a license from the
Ministry for external economic relations of the Russian Federation
issued with the consent of the Federal agency for government
communications and information attached to the President of the Russian
Federation.
6. The federal counterintelligence service of the Russian Federation
jointly with the Federal agency for government communications and
information attached to the President of the Russian Federation, the
State tax service of the Russian Federation and the Department of tax
police of the Russian Federation shall carry out detection of legal and
physical persons violating the requirements of this edict.
7. To advise the Office of the Procurator-General of the Russian
Federation to intensify procurator supervision of enforcement of the
Law of the Russian Federation "About federal bodies for government
communications and information" regarding development, production,
sales and use of cryptographic instruments as well as rendering
services in information encryption in Russian Federation, subject to
licensing and certification by the Federal agency for government
communications and information attached to the President of the Russian
Federation.
8. To establish the Federal center for protection of economic
information at the Federal agency for government communications and
information attached to the President of the Russian Federation (within
the personnel quota for this agency) with the mission of development
and implementation of manifold programs of safeguarding security of
economic information of Russian structures for banking, finance and
other economically significant structures.
The director-general of the Federal agency for government
communications and information attached to the President of the Russian
Federation shall approve within 2 months the Statute of the said
center.
9. This edict takes effect since the day of its publication.
President of the Russian Federation
B.Yeltsin
Moscow, Kremlin
3 April, 1995
no. 334
--
<A HREF="http://www.eff.org/~mech/"> Stanton McCandlish
</A><HR><A HREF="mailto:mech@eff.org"> mech@eff.org
</A><P><A HREF="http://www.eff.org/"> Electronic Frontier Foundation
</A><P><A HREF="http://www.eff.org/1.html"> Online Services Mgr. </A>
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 29 Dec 1994 10:50:22 -0600 (CST)
Subject: Info on CPD [unchanged since 12/29/94]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the SUBJECT: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit or append to the text except for purely technical
reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V6 #040
******************************
.