Date: Thu, 21 Sep 95 10:52:34 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V7#025
Computer Privacy Digest Thu, 21 Sep 95 Volume 7 : Issue: 025
Today's Topics: Moderator: Leonard P. Levine
Re: Legality of Unsolicited Advertising Faxes
Re: Police Cameras
Re: Groceries and Privacy
Re: Groceries and Privacy
Shockwave Rider, a Recommended Read
European Governments Agree to Ban Strong Crypto
Re: Knowing Where you Browse?
Welfare Reform blows Privacy
Security, Privacy and Marketing on the Web
Info on CPD [unchanged since 08/01/95]
----------------------------------------------------------------------
From: eck@panix.com (Mark Eckenwiler)
Date: 19 Sep 1995 07:30:53 -0400
Subject: Re: Legality of Unsolicited Advertising Faxes
Organization: Saltieri, Poore, Nash, deBrutus & Short, Attorneys at Law
Maybe I just overlooked it, but I didn't see anything in the previously
posted new regs that relates to unsolicited faxes.
FYI, the legality of unsolicited ad faxes -- they ain't -- is addressed
directly in a federal statute, 47 USC sec. 227. The ban has been
upheld in at least one federal circuit (the Ninth, in the [Moser?]
decision from early 1995).
------------------------------
From: WELKER@a1.vsdec.nl.nuwc.navy.mil
Date: 19 Sep 1995 09:44:42 -0400 (EDT)
Subject: Re: Police Cameras
This is worse than police cameras because, at least ostensibly,
police- operated cameras are subject to controls, under
jurisdiction of the courts, etc. Spying for which police would
need a warrant (eavesdropping, snooping, searching) individuals are
often allowed to do without justification. Civilian-monitored
cameras are a greater threat to privacy than police- monitored
ones.
Since the individuals may do this in any event your argument appears
spurious. If the civilians are monitoring the cameras as part of a
government-sanctioned program, the usual rules of evidence would
continue to apply. I contend that it is better for communities to
police themselves than have an outside agency come in and do it for
them. If you don't think you can get along with your neighbors, don't
live in the neighborhood. You have the right live in a house in the
country, just like I have the right to video tape the street outside my
house and show those tapes to anybody I want. I think my ego can
withstand having a neighbor send a tape of me scratching my butt to
"America's Funniest Home Videos". N.B.- I don't advocate
"eavesdropping, snooping, searching" by anybody else; that's in a
different league than the subject being discussed. I also believe
(though I doubt the law supports me) that I should have the right to
surround my house with a 20-foot electrified fence and hedge, and to
plant land mines on my lawn -- so go ahead and snoop around my house!
Sans these, I can still make tapes of your snooping -- it cuts both
ways.
------------------------------
From: Robert Gellman <rgellman@cais.cais.com>
Date: 19 Sep 1995 13:52:15 -0400 (EDT)
Subject: Re: Groceries and Privacy
I offer a few thoughts about the current threat on the collection of
personal information by grocery stores through frequent shopper cards.
First, when a local store started this type of promotion, there were
many discounts offered for card holders. After a year or so, when
everyone signed up, the number of discounts appeared to be
significantly reduced.
Second, I have a possible response for those who are unhappy about the
tracking of data. Of course, you can always pay cash. But you can do
better. Obtain a duplicate shopper card from a friend who has one.
Pay cash and use the card to obtain any available discounts. The
result is that you get the discounts and the store gets bad data. This
doesn't work if you need to pay by check, but disrupting the
availability of accurate data without committing fraud could undermine
the entire effort if enough people did it.
+ + + + + + + + + + + + + + + + + + + + + + + + +
+ Robert Gellman rgellman@cais.com +
+ Privacy and Information Policy Consultant +
+ 431 Fifth Street S.E. +
+ Washington, DC 20003 +
+ 202-543-7923 (phone) 202-547-8287 (fax) +
+ + + + + + + + + + + + + + + + + + + + + + + + +
------------------------------
From: dklein@pluto.njcc.com (Dorothy Klein)
Date: 19 Sep 1995 19:45:54 GMT
Subject: Re: Groceries and Privacy
Organization: New Jersey Computer Connection, Lawrenceville, NJ
Ellis Weinberger (ew3@soas.ac.uk) wrote: The answer is to pay
cash.
barthele@ux1.cso.uiuc.edu (barthelemy kevin) writes: I'm pissed.
What I buy and when is nobody's business but mine. If going to
cash for all purchases is the answer, then I'm right there. Can
anyone suggest a way to short-circuit this Orwellian nightmare?
Used to be, you got the sale circular and clipped coupons. Now, the
coupons are on the "club card", which can also be a "check cashing
card". Here in NJ, some supermarkets are casual about signing people
up for the temporary card (SuperFresh), and others (ShopRite) stick
laminated "permanent" cards right to the "application".
If you only want the card for discounts, it doesn't matter if the
information is correct -- your bank will never see it. So, if it
bothers you for the store to correlate your name, address, and answers
to the nosy questions to your purchases, wage a campaign of
disinformation. (What, you think everyone's truthful to those nosy
clipboard-carrying surveyors who stop every tenth customer and pester
them for personal information in public places?) Figure out what
bothers you most about the process, and jigger it. Use your pet's
name, misspell your street address, give your phone number as
555-whatever. Give a SSN with a field that's all zeroes, or "forget"
what it is. Demographically, you can earn less than 10K per year, yet
own all the latest electronic gizmos, if you like. If you don't mess up
the address too badly, the permanent card will get to you. Until it
does, or if it doesn't, use the temporary card. Stretch the truth or
shatter it, it's up to you.
The programs that do the correlation are largely stupid. "Fifi Smythe"
living at 123B Maine Street will not match with Jane Smith at 123 Main
Street. Junk mail, credit apps, whatever, addressed to 123B Maine, or
to Fifi, is easily traced to its source. The club-card's name and
address need not match that of the credit-card/ ATM card you use to
pay, though using a card creates a possible link between the alter-ego
and the real you. (Hmm -- makes me suspicious about the "$5 off your
$20 purchase if you use your MasterCard" promotions!)
The store still gets internal correlation for their marketing -- Fifi
stocks up on specials, Fifi never buys baby stuff, Fifi didn't come to
our store when the supermarket down the street ran their canned-goods
sale, Fifi buys lots of frozen dinners but little fresh meat. They get
your business, and a record of purchases in response to their
promotions. What they don't get is the possible intrusive correlation
with the real _you_.
Dishonest? About as dishonest as pushing a "club card" as a
convenience for the shopper, as representing permanent personal
data-snooping and cross-database correlations as "serving our
customers better".
--
Sincerely,
Dotty Klein, data guerilla
------------------------------
From: "Jongsma, Ken" <kjongsma@p06.dasd.honeywell.com>
Date: 19 Sep 95 12:57:00 MDT
Subject: Shockwave Rider, a Recommended Read
Some 20 or so years ago, an English author by the name of John Brunner
wrote a novel called Shockwave Rider. For those that are interested in
the possibilities of excessive Government surveillance using computer
based tracking, I highly recommend this book. It's a fun read and also
makes some very topical points.
I won't spoil the story except to say that it concerns one individual
that fought the system. The author's conclusion: The most damage comes
from having data available to only certain individuals. This leads to
mistrust of the system and political favoritism.
The book is likely out of print but should be available in some larger
libraries.
--
Ken
------------------------------
From: rja14@cl.cam.ac.uk (Ross Anderson)
Date: 20 Sep 1995 12:22:12 GMT
Subject: European Governments Agree to Ban Strong Crypto
Organization: U of Cambridge Computer Lab, UK
According to an article in `Communications Week International', the
34-nation Council of Europe has agreed to outlaw strong encryption
products which do not make keys available to governments.
The article, `Euro-Clipper chip scheme proposed', is on the front page
of the magazine's issue 151, dated 18th September, which arrived in my
mail this morning.
It relates that the policy was approved on the 8th September at
Strasbourg by the Council, and coincides with an attempt by the
European Commission to propose a pan-European encryption standard. The
Council - unlike the Commission - has no statutory powers to enforce
its recommendations. However, Peter Csonka, the chairman of the
committee that drafted the document (and an administrative officer at
the Council's division of crime problems) says that `it is rare for
countries to reject Council of Europe recommendations'.
The proposal would make telecomms operators responsible for decrypting
traffic and supplying it to governments when asked. It would also
`change national laws to enable judicial authorities to chase hackers
across borders'.
Opposition to this measure was expressed by Mike Strezbek, VP
responsible for European telecomms at JP Morgan, who said that his
organisation `will challenge any attempt to limit the power of our
network encryption technologies very strongly'.
Czonka said that the Council had given consideration to business
interests but had tries to strike a balance between privacy and
justice. However, `it remains possible that cryptography is available
to the public which cannot be deciphered,' his document says. `This
might lead to the conclusion to put restrictions on the possession,
distribution, or use of cryptography.'
Apparently another international organisation, the OECD, has called a
conference of its members in December to devise a strategy on
encryption.
I for one will be making clear to my MP that his stand on this issue
will determine how I cast my ballot at the next election. I note that
John Major stated in a 1994 parliamentary written reply to David Shaw
MP that the government did not intend to legislate on data encryption.
I am disppointed that government policy has changed to the point of
supporting the Council of Europe, and that this change has sneaked
through during the parliamentary recess.
--
Ross Anderson
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 20 Sep 1995 11:16:58 -0500 (CDT)
Subject: Re: Knowing Where you Browse?
Organization: University of Wisconsin-Milwaukee
Hi. My name is Mark Nixon, I am a European-based freelance writer.
I am currently researching an article concerning privacy on the
web. I would like your help. I have heard that web browsers
maintain a record of each site that an individual visits during a
session and that this record can be accessed from a remote server
to which the individual is connected (providing marketers with a
neat way of constructing personal profiles). Is this true and do
you know where can I find more information about this 'in-built'
facility? Thankyou for your time Cheers...Mark
Your note is the first I have heard about this. I am aware that my
browser does keep a history list, but know only that the remote site
gets a report from the system about my site, not my personal account.
If it becomes clear that my browser can be ordered to report history to
the remote site by some command at that end then I (and many others)
will want to know it.
I will post your question (and this response) to CompPrivDigest.
Anybody out there know if a browser can be remotely ordered to report
its history?
------------------------------
From: Robert Ellis Smith <0005101719@mcimail.com>
Date: 21 Sep 95 09:07 EST
Subject: Welfare Reform blows Privacy
A part of the welfare reform bill just passed by the Senate affects all
of us - whether or not we're receiving welfare. It has been approved
by the Senate and the House without any press attention - except in
Privacy Journal and in an article by Simson G arfinkel in the San Jose
Mercury.
Section 517 of the bill requires EVERYBODY to provide a Social Security
number to get a drivers license or renew, to register a vehicle, to get
a marriage license, to get divorced, or to get a professional license.
The Privacy Act presently permits state s to do this for motor vehicle
registration. The welfare reform bill REQUIRES this.
This. of course, will vastly increase the chances of misuse of Social
Security numbers, for credit-card fraud, proof of legal immigration, or
total "theft of identity." It will move us closer to being enumerated
by a mandatory national ID number.
Further, Section 513 of the bill requires all employers to fill out a
form for each person newly hired - with Social Security numbers and the
nature of the work - and file it with the state. It will then be sent
to Washington for inclusion in a new centr al databank of newly hired
persons. The bill creates a massive new database for tracking the
current whereabouts of most Americans.
All of this has little to do with welfare - and so most people don't
know this is in the welfare reform bill, but it does have a lot to do
with tracking down parents not making child-support payments. In the
name of finding "deadbeat Dads," we'll accept just about anything.
People who are outraged by this should write or call their members of
Congress, as well as the chair of the Senate Finance Committee, Senator
Roth of Delaware, and the chair of the House Ways and Means Committee,
Rep. Bill Archer of Texas. There is a sli m chance that this could be
deleted in the House-Senate conference on the bill, HR 4. Or they can
urge that the President veto the bill, a slim possibility.
--
Robert Ellis Smith, Privacy Journal
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 17 Sep 1995 08:23:43 -0500 (CDT)
Subject: Security, Privacy and Marketing on the Web
Organization: University of Wisconsin-Milwaukee
Taken from PRIVACY Forum Digest Friday, 15 September 1995 Volume 04 :
Issue 20 Moderated by Lauren Weinstein (lauren@vortex.com) Vortex
Technology, Woodland Hills, CA, U.S.A.
From: Denman F. Maroney <MARONEY@DMBB.com>
Date: 12 Sep 1995 12:13:24 -0400
Subject: Security, Privacy and Marketing on the World Wide Web
The World Wide Web was conceived and created as a distributed
hypermedia environment, a means for people to ride trains of thought
across paragraphs, documents and computers around the world. It has
evolved as a hub of commercial activity on the Internet. This is
indicated by the proliferation of web sites that sell advertising.
The currency of advertising is audience ratings (and related measures).
The price of commercial time in a TV show, for example, is set based on
the show's projected ratings. Similarly, the price of a page ad in a
magazine is set based on the publication's projected readership.
The web does not have ratings. Web clients browse web servers with
ease, but web servers identify web clients with difficulty. The closest
thing to ratings on the web is server logs, which log the IP addresses
of clients that access server files. Server logs do not produce ratings
because, among other difficulties, (1) web clients are not people, (2)
web files are not documents but multiples thereof, and (3) cached web
file accesses are not logged.
Elaborating briefly on each of these points, (1) the number of clients
associated with a given IP address may range from one for an individual
with a SLIP or PPP account to 2,000,000 or more for a proxy server like
AOL or Prodigy; (2) when a client accesses a document comprised of
(say) an HTML file and 12 in-line images, the server logs 13 hits; and,
(3) cached file accesses are not logged because they are accessed
indirectly from the client's computer or proxy server rather than
directly from the web site.
Several companies including A.C. Nielsen, I/PRO, NetCount and WebTrack
have launched web site audience measurement services. But, in reality
these are log processing not audience measurement services, because
none of them has solved these problems.
Some sites try to skirt these problems by asking or requiring their
visitors to register. This solution is unsatisfactory because some
people do not register, and others register more than once because they
forget their passwords. A central registry launched by a joint venture
of Nielsen and I/PRO alleviates the problems of registrants forgetting
or using multiple passwords but still does not oblige people to
register.
Suppose HTTP were modified in such a way as to enable web servers to
identify and track the behavior of individual users. This would make
the Web the best measured of all commercial media. Other commercial
media are measured by means of periodic survey sampling. National
television audiences for example are measured by means of a nationally
projectable sample of some 5,000 people who consent to have "people
meters" installed in their homes for a period of years. Magazine
audiences are measured by means of a national sample of some 20,000
people who consent on one occasion to be interviewed personally and
fill out a questionnaire. If web servers could measure all users
individually and continuously, the web would be measured by means of
continuous census taking instead of periodic survey sampling. From
marketers' perspective, this would be the best of all possible worlds.
No more sampling error. No more non-sampling error. No more
discontinuous measurement. The ultimate in database marketing.
Web users might be less enthusiastic. In fact they might be very put
off by the prospect of web behavior monitoring. Would playboy.com
continue to be among the most heavily visited web sites if all its
visitors knew they were being watched? Not likely. Would people
hesitate to visit web sites that espoused particular political
ideologies if they thought they might be spied on by federal agents?
Very likely. Would people hesitate to visit sites that sell products
and services if they thought the behavioral data so generated would
trigger email solicitations from those sites or be sold to other sites
to similar ends? They might very well.
Accurate web measurement offers many potential benefits as well. Web
marketers could use audience data to tailor sites to fit users'
interests. For example, they might find some areas are visited less
often than others and edit those areas accordingly. They might find
some areas are favored by some users and program those areas to greet
those users on arrival (dynamic page generation already does this to an
extent). Consumers who let marketers know what kinds of products and
services they are interested in might be glad to receive highly
targeted information about those things. If you're shopping for a car,
for example, you might welcome a message from a car maker offering you
a special deal on exactly the sort of car you want.
Very soon the information exchanged through the web will include
currency. The financial service and network industries are hard at
work on making the Internet secure for financial transactions. It
strikes me that there is a conjunction between the efforts at Internet
security by these industries and the efforts at audience measurement by
web marketers and research suppliers. The question is how to make the
Internet secure and transparent and protect people's privacy at the
same time. In principle, behavior should not be monitored, and
behavioral data should not be exchanged, without users' knowledge and
consent. The question is how to implement this principle.
One solution might be to create a commercial version of HTTP, a place
where web users could go to engage in commercial activity. This would
be analogous to a central registry but would apply to a designated area
of the Web instead of just selected sites. When users entered this
area, they could know or be told that their behavior could be monitored
for commercial purposes. To be admitted, they would have to show their
license or password.
A potential problem wilth this from marketers' perspective is that the
area could become a commercial dumping ground, the Web equivalent of a
home shopping channel or ad well, and as such repel a sizable segment
of consumers and prospects.
Marketers are also concerned that users would be put off by repeated
warnings or labels about behavior monitoring. Whose responsibility is
it to post such warnings or labels? Internet access providers? Online
service providers? Information providers? An independent entity? Some
combination of these? What should the warnings or labels say? Where and
how often should they appear?
Another solution might be to let web users relinquish or recover their
anonymity at any time by entering or revoking a PIN. In this way users
could go wherever they wanted on the web and disclose their identity to
exchange certain kinds of information. Of course, this is exactly what
is contemplated to effect secure financial transactions on the web. The
point is that it might be fruitful to design the process from an
audience measurement as well as transaction security perspective.
Bottom line, web servers and clients ? marketers and consumers in the
context of this post ? ought to be able to exchange information to
their mutual benefit. Is this possible? How?
I would like to hear directly from anyone with suggestions. Thank
you.
Denman Maroney
Asso. Media Director, New Technologies
DMB&B Inc.
1675 Broadway
New York NY 10019
email maroney@dmbb.com
tel. 212.468.3918
fax 212.468.3770
P.S. I will be out of the country from Sept. 20 until Oct. 16
and so will be unable to respond to any mail I get during that
period.
[ This article should help to focus the wide range of privacy issues
relating to the use of Web (and other Internet) resources. Many
persons have had concerns about this area for quite sometime.
When I heard that the most popular Web search engine, "Lycos", was now
partially owned by a major direct marketing firm (as part of the
creation of "Lycos, Inc."), I made a query regarding their policies in
this area. I received a response back from their CEO stating that they
did not keep records concerning individual users accessing information
(i.e. they do not require registration, though presumably site access
info is collected as is standard for virtually all servers), and any
audit data collected is used only in aggregrate form for marketing and
product development purposes.
On the other hand, there are firms involved in providing Web
statistical information and log analysis who are apparently claiming
that they can turn server logs into direct marketing databases--right
now. One can easily imagine the potential problems and pitfalls that
could result--technical, legal, political, and so on.
Will it get to the point where the simple random or errant click of a
"netsurfer", or incorrect search engine query response, results in
users being added to new marketing lists--perhaps for items in which
they have no interest or might even find objectionable? Will user
access log data become simply another commodity to buy, sell, trade,
use and abuse? Will users find themselves the victims of unscrupulous
operations which might embarrass, blackmail, or otherwise threaten them
with disclosure of which Web pages they've browsed? Should logs of Web
usage be accorded at least as much privacy under the law as videotape
rental records?
The Web could become a truly fantastic tool for "consensual" marketing
of all sorts. The combination of text, audio, graphics, and video is
perfect for providing all sorts of useful services, many of which
people will be more than happy to pay for. But the key word is
"consensual".
If we don't act *now* to deal with the privacy issues of these systems
during this dawn of the true "information age", and put appropriate
legislative safeguards into place, we could end up creating an
infrastructure for privacy abuses of which George Orwell would never
have dreamed in his deepest nightmares.
Comments?
-- PRIVACY Forum Digest MODERATOR ]
^A^A^A^A
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 17 Sep 1995 08:23:43 -0500 (CDT)
Subject: 4th Amendment & Encryption
Organization: University of Wisconsin-Milwaukee
Taken from PRIVACY Forum Digest Friday, 15 September 1995 Volume 04 :
Issue 20 Moderated by Lauren Weinstein (lauren@vortex.com) Vortex
Technology, Woodland Hills, CA, U.S.A.
From: dlh@marsmedia.com (Dlh)
Date: 2 Sep 1995 12:59:58 EDT
Subject: 4th Amend. & Encryption
The fourth amendment to the U.S. constitution forbids unreasonable
searches and seizures and guarantees citizens security in their
persons, papers, and effects. Relying on commonsense ideas about
what's "reasonable", courts have interpreted this language to mean that
one is entitled to privacy where he has sought privacy and taken steps
to secure his privacy. Katz v. U.S., 389 U.S. 347, 88 S.Ct. 507
(1967); Berger v. New York, 388 U.S. 41, 87 S.Ct. 1873 (1967); U.S. v.
Gerena, 662 F.Supp. 1218 (D.Conn. 1987); Smith v. State of Maryland,
283 Md. 156, 389 A.2d 858 (1977); Smith v. Maryland, 99 S.Ct. 2577,
442 U.S. 735, 61 L.Ed.2d 220 (1979); Kemp v. Block, 607 F.Supp. 1262
(D.C.Nev. 1985).
In order to protect oneself from government intrusion, it is necessary
that one express himself in a manner that exhibits a clear intention
and expectation that the expression is made in private. The definition
of "private conversation" under the Federal statute prohibiting
eavesdropping and interception in electronic communications at 18
U.S.C. section 2510 (2). If the communication can be accessed by
third parties, it is not a private communication, and is thus available
for anyone who wishes to do so, to intercept it. It is irrelevant to
the analysis of whether a communication is private, whether or not such
third party actually did perceive the communication - privacy is
destroyed if they could have done so.
Under federal law and the laws of all of the states as required by the
federal statute, interception of the private electronic communication
of another is a felony and subjects the offender to civil penalties as
well. 18 U.S.C. sections 2511, 2520. The statutes require the
interception to have been made intentionally (that is, not
inadvertently or accidentally) without the consent of any party to the
communication. State laws can be more restrictive, and in Maryland,
Ill., Mich., and half a dozen other states, the consent of each and
every party to the communication is required.
It is axiomatic that the Internet and its various manifestations and
incarnations are not secure communications media. Anyone having access
to any intermediate node on the virtual connection path can intercept a
packet (although the entire communication may not be routed along the
same virtual circuit in the packet-switching network) and read it IF IT
IS IN CLEAR TEXT. There is no way to assert privacy in the electronic
communication that travels over the 'net except by encryption.
The Federal Government wants to restrict the ability to encrypt
information because it wants law enforcement agents to be able to
intercept electronic communications without having to get warrants to
do so, as they now can. By restricting the ability of citizens to
extend the scope of their privacy rights over the communications on the
net, law enforcement's ability to conduct unrestricted surveillance is
enhanced, and to be able to use the evidence so obtained without
warrants against persons accused of offenses in court. A warrantless
search on the net, or any computer connected to the net is acceptable
under current law, for the purposes of motions to suppress evidence in
criminal proceedings; that is, the evidence cannot be suppressed
because of assertions of violations of due process by reason of
violation of the fourth amendment search and seizure clause by law
enforcement.
I believe that the only way to assert a right to privacy on a public
data network is by encryption. Encryption and concomitant security of
the password/key (e.g., non-escrowed) is the only way to assert that
one had a constitutionally-protected right to privacy in the electronic
communication so protected. For the purposes of suppression motion, it
does not matter whether the communication can be unencrypted, only that
the parties to the communication took steps reasonably designed to
ensure privacy and to clearly indicate their expectation that the
communication be a private communication.
=== === === === === === ===
Daniel L. Hawes, Attorney at Law -- Practice Limited to Civil
Litigation. Matters relating to Computer and Telecommunications
Technology and Domestication and Execution of Foreign Judgments
(internet) dlh@marsmedia.com; (voice)703-352-8684; (fax)703-352-5930;
(mail) 10312 Cleveland Street, P.O. Box 846, Fairfax, Va. 22030-0846
------------------------------
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 11 Aug 1995 09:39:43 -0500 (CDT)
Subject: Info on CPD [unchanged since 08/01/95]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the SUBJECT: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit or append to the text except for purely technical
reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V7 #025
******************************
.