Date: Tue, 12 Sep 95 10:55:41 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V7#021
Computer Privacy Digest Tue, 12 Sep 95 Volume 7 : Issue: 021
Today's Topics: Moderator: Leonard P. Levine
Scientology Raid
Grocery Purchases and my Privacy
Essay on Censorship of Pornography
Re: Social Security Number Linking
Re: 20/20 Security Camera Report
Re: 20/20 Security Camera Report
Moderated Group Posting
SSN horror stories
California Court Hearings
Info on CPD [unchanged since 08/01/95]
----------------------------------------------------------------------
From: cpsr-global@Sunnyside.COM
Date: 10 Sep 1995 03:43:51 -0700
Subject: Scientology Raid
Taken from the CPSR-GLOBAL Digest 225
From: "Arjen Zonnevijlle" <arjzon@xs4all.nl>
Date: 09 Sep 1995 19:29:53 + 2:0
Subject: xs4all news-flash - scientology raid
======== Newsgroups: dds.dds,nlnet.misc,soc.culture.netherlands
Subject: xs4all news-flash - scientology raid From: felipe@xs4all.nl
(Felipe Rodriquez) Date: 6 Sep 1995 18:10:45 GMT
***** XS4ALL NEWS-FLASH *****
Dear Friends,
Yesterday, thuesday september 5, 1995, the scientology church raided
the xs4all offices for a seizure. The permission of seizure that
scientology got against xs4all was issued on a false claim, relating to
a remailer that had not been active on xs4all for more than 2 months.
During scientology's visit no word was said about this remailer, as it
was not running at xs4all at all. The only concern seemed to be a
homepage from one of our users (http://www.xs4all.nl/~fonss). This
homepage contained the fishman affidavit, to which scientology claims
copyright. We had no prior notice about this homepage, and never had
the chance to contact the user. According to the user, fonss,
scientology had not contacted him about his page. (the scientologists
that where present at our offices specifically told us that they had
talked to this user, and 'where at his door'.)
We have explained to scientology's legal representation, and to the
scientologists that where present that as a provider we do not accept
responsibility for contents that our users disseminate. Users homepages
are the responsibility of the users themselves, and not of the
internet- provider. This fact is supported by various politicians in
dutch parliament, and by several organisations whom we had previously
consulted about this matter.
After scientology's visit we wrote an email notice to our user, fonss,
explaining him what had happened at the xs4all offices earlier that
day. We also explained our visions regarding his homepage, and that we
would not assume responsibility for it, as it is the users' own
responsibility. We have not asked our user to remove any content from
his homepage, as this is not our business. After our letter the user
voluntarily removed the fishman affidavit, and now has made a hyperlink
to the same document on another site on internet.
After scientology's visit we noticed that a personal snailmail-letter
adressed to one of our staff was missing. The sender of this letter was
called by scientology about 1 hour after the visit to our offices.
Ofcourse we will demand a thourough investigation into this whole case,
first because of the seizure that was issued on false grounds, and then
because of the personal letter that appears to have been stolen.
The whole case has attracted a fair amount of media coverage. We've
been handling journalists most of the day. They seem to be extremely
shocked by this whole situation, and reflect that in their
media-coverage.
--
Felipe Rodriquez - XS4ALL Internet - finger
felipe@xs4all.nl for
http://xs4all.nl/~felipe/ - Frontier Village - pub pgp-key
1024/A07C02F9
Civil rights in Cyberspace:
http://www.xs4all.nl/~felipe/law/index.html
------------------------------
From: actpccpek@aol.com (Actpccpek)
Date: 10 Sep 1995 11:27:18 -0400
Subject: Grocery Purchases and my Privacy
Organization: America Online, Inc. (1-800-827-6364)
Group Members: I have a concern that not only may be of interest to
this group but you may also be able to help me. I am, therefore
requesting you opinions, suggestions and assistance.
One of the local grocery store chains here in Indianapolis is switching
from an old fashioned "check cashing" card to a new "scanned" card.
They euphemistically call it their "Fresh Idea" card. Not only will
this new card carry my personal information for me to write a check for
my purchases, it will also link "what" I buy to "who" I am.
At first, no one at the store would admit that the main purpose of the
new card was to gather market research data. I think that most of them
honestly believed that the new card was simply a faster way to
authorize a check. They seemed genuinely surprised when they learned
that the department that was in charge of the project was NOT the
accounting nor billing nor finance department, but was in fact the
"Market Research" department.
If I expect this store to accept my personal check, then I believe that
they have the right to a reasonable amount of information on me and my
bank. I do NOT believe, however, that they have the right to compile
data on "what" I buy. Although I don't think that the shared data
capability is yet in place, it may not be too far from now that my
membership in Mensa would be revoked because I buy "Professional
Wrestling" magazines. Perhaps an insurance company would someday try
to cancel my health insurance because of my lousy eating habits. Or
perhaps someone else will be cancelled because they buy cigarettes or
liquor.
I discussed my concern with the store manager asking if there was a
procedure in place whereby my wife and I would be able to continue to
to write checks in that store without having, what we consider the
small but significant issue of, our personal lives included into their
database. I was surprised that, although he admitted that many such
questions had been asked of him by other customers, the store did not
have any answer nor procedure to assure privacy for those customers who
shared my concern.
Short of always paying with cash, does anyone in this group have any
suggestions? Has anyone ever encountered a similar situation that was
amiably resolved? Although I know that these "scanned" ID cards are
now in place in store chains all across the country, are there any that
compile such data on unsuspecting customers but also have procedures in
place for those customers (such as myself) that prefer not to be
included?
--
Phil Kingery, Indianapolis, IN, USA
------------------------------
From: Roby.Gamboa@crl.com
Date: 10 Sep 1995 18:27:27 GMT
Subject: Essay on Censorship of Pornography
Organization: CRL Dialup Internet Access
I have written an essay that I feel is incomplete without feedback from
individuals in a number of different groups. The essay concerns the
inappropriateness of government censorship with regard to pornography
and emphasizes the importance of individuals and the community in
determining the 'appropriateness' of pornography in the various media.
Your comments would be greatly appreciated. The essay may be viewed at
http://www.crl.com/~robyg/influence.html
and feedback may be sent to me at the mailto provided or at my e-mail
address below. Thank you for your time.
--
Roby Gamboa
robyg@crl.com
------------------------------
From: gmcgath@condes.MV.COM (Gary McGath)
Date: 10 Sep 1995 21:39:58 GMT
Subject: Re: Social Security Number Linking
Organization: Conceptual Design
Maryjo Bruce <sunshine@netcom.com> wrote: I phoned the number in a
customer service rep job ad in the paper to get info for a friend.
The phone was answered electronically, and I was asked to enter a
SSN. If you didn't you were cut off at the pass. I called back
and used my own SSN. A rep came online. He began a spiel that
included all sorts of personal info about me including my name,
address, phono, current job, and such like, which he needed to
"verify." He seemed amazed that I was upset. He said he had taken
hundreds of calls that day, and nobody else cared. I asked where
he got the information about me, given that I had no relationship
with his firm. He hung up on me.
The probability is 90+% that you were dealing with a scam. A little
further along, if you'd shown yourself sucker enough to "verify" that
information, you probably would have been asked for credit card
information and other such useful stuff -- just to "verify," of
course. When he realized it wasn't going to work, he got rid of you
quick.
--
Gary McGath
gmcgath@condes.mv.com
http://www.mv.com/users/gmcgath
------------------------------
From: Dean Ridgway <ridgwad@PEAK.ORG>
Date: 10 Sep 1995 21:34:56 -0700
Subject: Re: 20/20 Security Camera Report
On September 8th ABC Television on its weekly 20/20 show produced a
piece describing closed circuit TV cameras that are now being
installed in England for public security purposes. The piece was
introduced by Hugh Downs with the question "What is more important
to you, your safety or your privacy?" [...] The officer's voice
states "... they are not big brother ... those cameras are there
to replace the police that I haven't got. ... When crime, disorder
and people's fear become so acute that they are crying out for
something to be done about it then perhaps they have to give up
just a little bit more of those freedoms in order to counteract
it."
Only one thing to say about this:
"They that give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety." Benjamin Franklin, Historical Review
of Pennsylvania, 1759
--
/\-/\ Dean Ridgway | Two roads diverged in a wood, and I-
( - - ) InterNet ridgwad@peak.org | I took the one less traveled by,
=\_v_/= FidoNet 1:357/1.103 | And that has made all the difference.
CIS 73225,512 | "The Road Not Taken" - Robert Frost.
http://www.peak.org/~ridgwad/
PGP mail encouraged, finger for key: 28C577F3 2A5655AFD792B0FB 9BA31E6AB4683126
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 10 Sep 1995 08:34:18 -0500 (CDT)
Subject: Re: 20/20 Security Camera Report
Organization: University of Wisconsin-Milwaukee
Robert Gellman rgellman@cais.com Privacy and Information Policy
Consultant 431 Fifth Street S.E. Washington, DC 20003 202-543-7923
(phone) 202-547-8287 (fax) mailed me personally:
Thanks for the report you posted on the British TV surveillance
program. Just one minor error. The person you identified as Simon
Dadies is actually Simon Davies.
You must be right. I just looked at the tape again, and the reporter
said his name but it was not written on the screen, I just misheard
it.
--
Leonard P. Levine e-mail levine@cs.uwm.edu
Professor, Computer Science Office 1-414-229-5170
University of Wisconsin-Milwaukee Fax 1-414-229-6958
Box 784, Milwaukee, WI 53201
PGP Public Key: finger llevine@blatz.cs.uwm.edu
------------------------------
From: nns@news.hampshire.edu
Date: 11 Sep 1995 16:13:47 GMT
Subject: Moderated Group Posting
Organization: Hampshire College, Amherst MA
I received an ad for a 3 month introductory membership in a service
called Privacy Guard, operated by a company called CUC International, a
Delaware corporation with ossices in Stamford CT.
It seemed like an interesting idea at the time, the company claims it
can get credit reports, medical records, and motor vehicle records so
you can determine whether there are errors in any of these.
When I actually got the initial packet from the company I began to
wonder. The first thing that put me off was the fine print that said my
membership would be automatically renewed at the end of each term
unless I notify I do not wish to renew, with no indication of how long
the term is, nor any reminder of when the introductory term expires or
even that I have accepted an introductory offer. This looks like a deal
designed to trap me into an automatic payment. Supposedly the initial
introductory offer was for three months at a cost of just $1; when I
called them I was told the introductory period would be over on
November 1; less than two months after actually receiving their
packet.
Next I looked at what was enclosed in the packet. There are forms and
envelopes to request information on your Social Security status, your
credit rating, your driving record, and whatever may be on file at
something called the Medical Information Bureau. The Social Sceurity
form seems to be a government form and has an envelope for return to a
Social Security Administration Data Operations Center in Wilkes Barre
PA; this looks legitimate and looks like something you ought to be able
to get just by calling a number that ought to be in the phone book. The
other forms ask for various information which seems appropriate for the
purpose (Social Security number, drivers' license, etc.) but these
forms are to be returned to the Privacy Guard address in Stamford CT.
I am very suspicious of this service. Is there any safeguard that they
are not going to use these requests to build up their own data base
that will allow them to correlate the information from all these
sources?
On the form for requesting the credit information there are also check
boxes for enrollment in a "Credit Alert" service which will inform you
every three months of inquiries into your credit history. On another
page this is worded slightly differently; it says you'll receive
quarterly notification of *most* (my emphasis) inquiries made to your
credit file.
Am I being too paranoid about this? If the credit alert service
entitles me to learn about *most* inquires into my credit record, who
is allowed to make such inquiries without my being notified?
I would appreciate hearing from anyone who can clarify any of this.
What sounded like a useful and interesting service at first now seems
like a risky thing to be involved with.
--
Albert S. Woodhull, Hampshire College, Amherst, MA
awoodhull@hamp.hampshire.edu
woodhull@shaysnet.com
413-549-2962
------------------------------
From: Beth Givens <bgivens@pwa.acusd.edu>
Date: 11 Sep 1995 18:20:48 -0700 (PDT)
Subject: SSN horror stories
Michael
There are a couple places to go for SSN horror stories. Our second
annual report has several such stories. Go into our gopher as
follows:
gopher to gopher.acusd.edu
Then go into 'USD Campuswide Info Servies' and then go into the Privacy
Rights Clearinghouse menu. Go to 'issue papers' and look for 2nd
annual report.
The second place is Robert Ellis Smith's "War Stories" book. He can be
contacted at 'Privacy Journal,' 401-274-7861.
--
Beth Givens Voice: 619-260-4160
Project Director Fax: 619-298-5681
Privacy Rights Clearinghouse Hotline (Calif. only):
Center for Public Interest Law 800-773-7748
University of San Diego 619-298-3396 (elsewhere)
5998 Alcala Park e-mail: bgivens@acusd.edu
San Diego, CA 92110
------------------------------
From: Beth Givens <bgivens@pwa.acusd.edu>
Date: 09 Sep 1995 13:56:17 -0700 (PDT)
Subject: California Court Hearings
September 8, 1995
IMPORTANT NOTICE REGARDING PRIVACY OF AND ACCESS TO CALIFORNIA COURT
RECORDS
From: Beth Givens
Privacy Rights Clearinghouse, Univ. of San Diego
voice: 619-260-4160 fax: 619-298-5681
e-mail: bgivens@acusd.edu
The Judicial Council of California's Subcommittee on Privacy and
Access, of which I am a member, is holding two important hearings in
California during September and October. These hearings allow people to
express their concerns and opinions on the development of computerized
court records vis-a-vis privacy and access.
The hearings are open to all -- Californians as well as those from
other states who wish to be heard on these issues. (Non- Californians
might include representatives of privacy advocacy groups, civil
libertarians, trade associations, and industry).
If you are not able to attend the hearings, you may provide written
testimony, as explained in the notice below. *DEADLINE is October
18th.*
Why are these hearings important? And why is it important for privacy
advocates to express their opinions on the issue of computerization and
electronic dissemination of court records?
There is little to argue about regarding the value to our democratic
society of *public access* to government records. Public records
provide notice to all members of society of the official actions taken
by government, giving the citizens the opportunity to see what their
government is doing. Public records also provide notice of the
"official" status of individuals and property. In short, public records
promote government accountability.
But the tradition of public access to court records may need to be
re-examined vis-a-vis *privacy* in this era of computerization and
telecommunications networks, particularly access to computerized public
records in the aggregate. A recent California appellate court decision
had this to say:
"There is a qualitative difference between obtaining information from a
*specific* docket or on a *specified* individual, [and] from obtaining
docket information on *every* person against whom criminal charges are
pending in the municipal court. ... It is the *aggregate nature* of the
information which makes it valuable to respondent; it is that same
quality which makes its dissemination constitutionally dangerous."
[emphasis added] (Westbrook v. Los Angeles Co. et al., 27 Cal. App. 4th
157 (1994))
The plaintiff, Robert Westbrook, a vendor of criminal background
information doing business as Crimeline, wanted to purchase a computer
tape from the LA Municipal Court System in order to process it and
resell it to interested parties. Typically, purchasers of such
information are commercial information brokers, private investigators
and employment background check firms.
The court ruled against Westbrook in the case, citing privacy
considerations. In addition, the court said that Westbrook's use of the
data over time could amount to the creation of virtual "rap sheets" on
individuals (criminal histories), compilations which are considered
confidential under California law (Penal Code 13300). Contrary to the
Westbrook case, however, other courts have *not prevented* the
unfettered access to and use of computerized public records in the
aggregate.
These hearings are important because they will shape the access to and
use of electronic court records in California, and perhaps other
jurisdictions who study California's court policies, for years to
come.
I hope you will take the time to attend one of these hearings and
present your testimony, or provide written testimony. Please contact me
if you want any additional background information. -- Beth Givens,
Privacy Rights Clearinghouse (bgivens@acusd.edu).
********* OFFICIAL COURT ANNOUNCEMENT FOLLOWS ***********
TO Court Administrators
Executive Officers of the California Trial Courts
Persons and Organizations Interested in Access to Court Data
FROM Subcommittee on Privacy and Access of the
Judicial Council Standing Advisory Committee on Court
Technology
Hon. Judith D. Ford, Chair
DATE August 22, 1995
SUBJECT Invitation to Comment:
Policies on Privacy and Access Rights
In January 1995 the Judicial Council of California established a
Standing Advisory Committee on Court Technology to "promote,
coordinate, and facilitate acquisition and implementation of
information and communication technologies useful and appropriate to
the courts" (Rule of Court 1033(a)).
The Court Technology Committee subsequently established a Subcommittee
on Privacy and Access to draft policies that the Court Technology
Committee will consider for recommendation to the Judicial Council. If
approved and promulgated by the council, the policies would establish
norms governing privacy rights in and access rights to data that is
maintained electronically by the California courts.
To assist it in its drafting effort, the Subcommittee on Privacy and
Access is inviting comment on the following and any other related
issues:
- Given the requirements of California and federal law, how should the
California courts protect privacy rights in their electronic data?
- Given the requirements of California and federal law, how should the
California courts assure access rights to their electronic data?
- How should any new costs of providing access to electronic data be
funded?
- When privacy and access rights are in apparent conflict, how should
the conflict be resolved?
*How to comment:*
Send your comments before October 18, 1995 to:
Administrative Office of the Courts
Attention: Victor Rowley
303 Second Street, South Tower
San Francisco CA 94107-1366
Fax 415/396-9323
You are also invited to attend one of two public hearings that will be
hosted by Judge Judith D. Ford, the chair of the subcommittee.
On Friday, September 29, a hearing will be held in San Francisco at the
Commonwealth Club at 595 Market Street from 9 a.m. until 2 p.m.
On Thursday, October 19, 1995, a hearing will be held in Torrance in
the City Council chambers of Torrance City Hall at 3031 Torrance Blvd.
from 11:30 a.m. until 4:30 p.m.
If you are interested in testifying before the subcommittee, you must
request a place on the hearing agenda in advance. To request a place on
the agenda, please contact Victor Rowley at the above address, or you
may also reach him by telephone at 415/396-9271 or via Internet email
at Victor_Rowley@aoc.jud.state.ca.us.
Each speaker will be allotted ten minutes to address the subcommittee
and will be placed on the agenda on a first-come, first-served basis.
The last hour of the hearing will be available for the testimony of
those who have not contacted Mr. Rowley prior to the meeting. Speakers
who want to testify during this hour should sign up upon arrival at the
meeting site and provide their comments in writing. Each speaker will
be permitted ten minutes to testify. At the hearing, you must provide a
written summary of your comments for the record.
We encourage you to circulate this invitation to comment to others.
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 11 Aug 1995 09:39:43 -0500 (CDT)
Subject: Info on CPD [unchanged since 08/01/95]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the SUBJECT: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit or append to the text except for purely technical
reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V7 #021
******************************
.