Date: Mon, 26 Jun 95 13:15:33 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V6#058
Computer Privacy Digest Mon, 26 Jun 95 Volume 6 : Issue: 058
Today's Topics: Moderator: Leonard P. Levine
Re: Where in the world is PGP?
IITF Privacy Principles Final Version
International Nautilus
Re: ID Cards in the UK
IRS Cracks Wrong Dentist's Computer to get Patient List
China, U.S., and the Net
USPS Question and FBI Question for the List
Conferences/Events of Interest to CPSR
Cincin OH Cops Illegally Raid BBSs
Info on CPD [unchanged since 12/29/94]
----------------------------------------------------------------------
From: Bob <brink@jax.gttw.com>
Date: 23 Jun 95 17:39:57 EST
Subject: Re: Where in the world is PGP?
Organization: Jax Gateway to the World
bongo@teleport.com says... I can't seem to find any info on the
mit.edu site, or any pgp newsgroups. Can someone steer me right?
Thanks,
try http://bs.mit.edu:8001/pgp-form.html
------------------------------
From: CFRANZ@ntia.doc.gov
Date: 23 Jun 1995 19:12:35 -0400
Subject: IITF Privacy Principles Final Version
The Information Infrastructure Task Force's Information Policy
Committee Privacy Working Group has recently issued the final version
of its Principles for Providing and Using Personal Information.
Comments and questions should be referred to Jerry Gates, Chair of the
Working Group at ggates@info.census.gov.
The file (ascii and html) is located at iitf.doc.gov
You can ftp, telnet (login = gopher), gopher or www there. Look in New
Items or speeches, papers/papers and documents, or iitf
committees/information policy committee
Comments on the principles should be addressed to the email address
above. Report any problems accessing the document to me at
nii@ntia.doc.gov
Regards
--
Charles W. Franz
cfranz@ntia.doc.gov
Telecom Policy Analyst
webmaster@ntia.doc.gov
National Telecommunications
and Information Administration
4892 HCHB
http://www.ntia.doc.gov
Washington, D.C. 20230 202-482-1835
FAX: 482-0979
------------------------------
From: david creffield <oje@porky.demon.co.uk>
Date: 24 Jun 95 10:27:48 GMT
Subject: International Nautilus
Organization: Myorganisation
anyone know of an ftp site in europe when i can obtain nautilus, the
voice encryption prog?
------------------------------
From: dave.moore@tcbbs.cais.com (DAVE MOORE)
Date: 24 Jun 95 19:07:00 -0400
Subject: Re: ID Cards in the UK
Organization: The Tech Connect BBS / Tech Connect Computers / 703-590-5198
Recently the UK Government has published a Green Paper on the
introduction of ID cards. These cards are likely to be compulsory
and intelligent in that they will hold computer readable
information and may even be capable of being updated if SMART Card
technology is used.
There are a many societal and ethical issues associated with the
use of ID cards particularly if they are sophisticated and
computerised. I am seeking help to:
1. Compile a comprehensive list of issues
2. Produce a directory of ID cards used around the world
3. Collect information about problems and advantages from other
countries that have national ID cards
One problem with any kind of mandatory high tech anything is that they
tend to have a very high failure rate amongst those who don't like
them. I've found that my driver license mag strip fails after
*accidental* exposure to magnetic fields and high temperatures.
Beepers, pagers, smart cards etc must be protected from high voltages
commonly occurring around Van de Graf generators and Tesla coils. I
can't see a law making it illegal for you bits to fail. Stuff
Happens.
------------------------------
From: wrf@speed.ecse.rpi.edu (Wm Randolph Franklin)
Date: 26 Jun 1995 03:46:30 GMT
Subject: IRS Cracks Wrong Dentist's Computer to get Patient List
Organization: ECSE Dept, Rensselaer Polytechnic Institute, Troy, NY, 12180 USA
(Paraphrased from the Albany NY Times Union, Sat 24 June 95, page B-1)
Facts:
The IRS accessed the computer of local dentist Alan Goldman to get his
list of patients, to send them letters telling the patients to pay the
IRS any money they owed to Goldman. However, Goldman is square with
the IRS.
Goldman rented office space to another dentist, Michael Kole, who is
running a separate business. Kole does owe the IRS $132K. However,
the IRS didn't send Kole's patients this notice. The IRS says that it
got the list from Kole, but Kole denies this. Also, Kole has no access
to Goldman's computer, according to Goldman. Goldman is worried that
these letters to his patients will cost him business.
The IRS denies that it broke into Goldman's computer, saying that it
would have obtained a court order if necessary. However, the IRS does
like to stage surprise attacks to get assets and info, since it's
afraid that they will disappear if the taxpayer is warned.
The IRS sent out a "Release of Levy", but the patients will have to
file with the IRS to get refunded. Meanwhile Goldman doesn't get the
money.
Opinions, and why I crossposted to several groups:
- (c.security.misc) You need more security than you might think,
including against insiders.
- I call this a cracking since the IRS secretly obtained info from a
computer w/o the owner's knowledge.
- (c.s.privacy) Here's another data point for those who think that if
you haven't done anything wrong, then you have nothing to hide.
Goldman did nothing wrong, but should have hidden his medical records
better.
- (sci.med) To patients: Even if your doctor won't abuse your records,
what about other people who might have access in the doctor's office?
- (misc.taxes) When the IRS is angry, they pull out all the stops.
--
Wm. Randolph Franklin, wrf@ecse.rpi.edu, (518) 276-6077; Fax: -6261
ECSE Dept., 6026 JEC, Rensselaer Polytechnic Inst, Troy NY, 12180 USA
More info: (1) finger -l wrf@ecse.rpi.edu
(2) http://www.ecse.rpi.edu/homepages/wrf/
------------------------------
From: "BRENDZA, TOM" <BRENDZA@gould-tm.mhs.compuserve.com>
Date: 26 Jun 95 10:41:45 EDT
Subject: China, U.S., and the Net
The following is an excerpt from Edupage 6/25/95. I find little
comfort in the knowledge that both The United States and Communist
China are approaching the Internet in the same onerous fashion. Make
no mistake--it is for the same reasons.
Best,
Tom Brendza
-----------
BEIJING PLANS TO "MANAGE" INTERNET
China's Minister of Posts and Telecommunications says the country will
attempt to "manage" access to information available over international
computer networks. "China, as a sovereign state, will also increase
its control over information." He acknowledged that monitoring content
on the Internet might prove to be difficult. China has begun to expand
commercial access to the Internet in recent months, hoping to catch up
technologically with other countries. (Wall Street Journal 6/23/95
B7B)
To subscribe to Edupage: send a message to: listproc@educom.edu and in
the body of the message type: subscribe edupage Sergei Prokofiev
(assuming that your name is Sergei Prokofiev; if it isn't, substitute
your own name). ... To cancel, send a message to: listproc@educom.edu
and in the body of the message type: unsubscribe edupage.
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 26 Jun 1995 08:32:45 -0500 (CDT)
Subject: USPS Question and FBI Question for the List
Organization: University of Wisconsin-Milwaukee
from Society for Professional Journalism:
About 15 months ago my students discovered that the U.S. Postal Service
had changed its rules for providing forwarding addresses to third
parties.
Perviously, postal clerks would provide the forwarding address upon
payment of a small fee, $2 I think, and the submission of a small
written card containing the request. This was construed to be an FOIA
request.
Then about 15 months ago the higherups in D.C. decided that such
requests for information on forwarding addresses would not be answered.
They cited privacy, stalkers and all the usual stuff. My students at
that time did a comprehensive piece for Quill on the topic.
My question: has there been any developments on this point that anyone
is aware of? Also, how can postal service bureaucrats amend the FOI Act
unilatterally?
Second question: when my students recently filed FOIA requests on
themselves as part of a class learning exercise, the FBI told them that
they had to submit almong other things, a full set of fingerprints?
Has anyone else heard this? I thought there had been a D.C. court case
that loosened the FBI restrictions not tightened them.
Regards from Denver.
Jay Brodell
brodellj@mscd.edu
------------------------------
From: Susan Evoy <evoy@pcd.Stanford.EDU>
Date: 20 Jun 1995 11:58:34 -0700
Subject: Conferences/Events of Interest to CPSR
CPSR Members and Friends,
If you are planning to attend one of these conferences, or another that
may be related to CPSR's work, please contact CPSR at cpsr@cpsr.org or
(415) 322-3778 for easy ways for you to be a presence for CPSR.
CONFERENCE /EVENT SCHEDULE [an excerpt of the list, moderator of
CPD]
Health Care, Privacy & Cyberspace, Albany, New York, June 21-22.
Contact: ds3789@albany.edu
17th International Conference of Data Protection and Privacy Commissioners,
Copenhagen, DENMARK, Sept. 6-8. Contact: 45 33 14 38 44 45 33 13 38 43 (fax)
Computer: Politisches Medium? Medium der Politik?, Bremen, GERMANY,
September 15-16.
Contact: res@informatik.uni-bremen.de49 421 218 3308 (fax)
International Cryptography Institute 1995: Global Challenges, Washington, DC
Sep. 21-22. Contact: denning@cs.georgetown.edu
800 301 MIND (US only) 202 962-9494 202 962-9495 (fax)
Managing the Privacy Revolution, Washington, DC, Oct. 31-Nov. 1
Contact: 201 996-1154
Technological Assaults on Privacy, Rochester, NY, April 18-20, 1996.
Paper drafts by Feb. 1, 1996.
Contact: privacy@rit.edu 716 475-6643 716 475-7120 (fax)
------------------------------
From: rickclapp@aol.com (Rick Clapp)
Date: 25 Jun 1995 23:30:07 -0400
Subject: Cincin OH Cops Illegally Raid BBSs
Organization: America Online, Inc. (1-800-827-6364)
Article from : The Marysville Tribune, Marysville Ohio
Source: Cincinnati Ohio, AP feed.
*************Article TEXT: ************************
Cincinnati (AP) - Computer users questioned whether Hamilton County
Sheriff Simon Leis Jr. Had authority to join police in cofiscating
computers in a pornography INVESTIGATION.
More than 100 people who participated in regional and national
"bulletin boards" to communicate by computer met thursday. They
protested and discussed the two state, three county raid last Friday by
the county's regional Electronics Computer Intelligence Unit.
The task force served search warrants at three locations in Hamilton
County, one location in neighboring Clermont County (** emailer's
note: that is the South side of Dayton**) and one in Kenton County,
KY. The task force, an alliance of police in the participating
counties seized various items of computer hardware and software.
No charges have been filed.
"We're still in the process of going through it," Col. Dan Wolfangel, a
spokesman for Leis, said Friday.
Sheriff's officers said they are investigating complaints that computer
users were using electronic networks to relay pornographic images,
including some involving children.
But several computer users said they think leis and other police
agencies overstepped their authority an dviolated the user's rights by
investigating messages that should be private and were sent into
people's homes.
One computer user, Steve Guest, said the group should try and educate
Leis and other police officials to the privacy issues involved.
"I don't know if education is the key," Guest said. "I don't know if
education is possible. But somehow we have to set a precedent that our
personal files are sacred."
Leis declined an invitation to attend the meeting. He has no comment
about the case, Wolfangel said.
Computer users said they will contact state lawmakers about the issue.
Bob Emerson, operator of Cincinnati Computer Connections, a
Bulletin-Board exchange that briefly chut down by last week;'s raid.
has hired lawyer Louis Sirkin.
When The task force seized Emerson's 70,000 file system, it interupted the
networking of at least 5,000 users. Like the other four computer
operators, Emerson, a Clermont County resident was not arrested or charged
with any crime.
**************End of article******************
COMMENTARY & NOTES
>From a letter sent to me on this issue:
>>>Just want to let you know, that as a native of Ohio, Ohio law
enforcement officials have been 'raiding' people's homes and taking
computers for over a decade now, expecially in the Cincinnati 'no-smut'
zone. The Cincinnati area (where I lived for 5 long years) has several
ordenances which no sooner are they declaired unconstitutional, they
are reinstated with slightly different words. (once, the new laws were
passed within 10 MINUTES of the old ones being declaired
unconstitutional.) The Religious Right has a firm grip on the area, so
much that it is usually illegal to sell ANYTHING adult-rated. There
are no adult movie theathers in that area, as well as no adult book
stores, at least none that stay open for more than a few weeks before
the authorities shut it down under one of the unconstitutional laws.
BTW, as a lawyer, you would probably understand when I say that it
takes an average of 6 months to get a law declaired unconstitutional in
Ohio, and during that time the law can be in effect (there are no
restraining orders). As for fighting fire with fire, since the law is
the law, and it is so until declaired unconstitutional, and not a
moment sooner, the law enforcement officers are within their 'rights'
to take whaever they want, whenever they want. That's how those laws
are written in Cincinnati (I know, 3 of them were declaired
unconstitutional for that reason alone while I lived there). Of course,
they haven't run into anyone who is willing to fight fire with fire
yet, because the majority of the folks in Cincinnti are members of the
Religious Right and believe that enforcing their religious beliefs on
others via the law of the land is a good thing to do. Personlly, I
think THAT sort of attitude is unconstitutional.<<<
ALSO:::
I'm taking the following from the book SysLaw by Lance Rose & Joohnthan
Wallace. The Electronic Communications Privacy Act (ECPA) prohibits not
just unauthorized interception of messages in transmission, but also
unathorized access to messages in storage on a computer system. A
government agent must get a warrant to obtain any message less than 180
days old. For older messages, the agent may obtain a court order
authorizing the seizure upon proving that the private messages sought are
necessary for an investigation...
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 29 Dec 1994 10:50:22 -0600 (CST)
Subject: Info on CPD [unchanged since 12/29/94]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the SUBJECT: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit or append to the text except for purely technical
reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V6 #058
******************************
.