Date: Wed, 01 Nov 95 20:42:08 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V7#037
Computer Privacy Digest Wed, 01 Nov 95 Volume 7 : Issue: 037
Today's Topics: Moderator: Leonard P. Levine
Listen to Full Disclosure Live on the WEB
USA Today Rejects CKE, Endo
Re: Copyright Notice
Re: Call Blocking
Re: Call Blocking
Re: Author Profiles at Deja News
Re: Author Profiles at Deja News
Re: Author Profiles at Deja News
Re: Author Profiles at Deja News
Re: Author Profiles at Deja News
Re: Author Profiles at Deja News [let's end this]
Re: Copying Driver's Licenses
Controversy Over Medical Records Legislation
Re: Can you Sue if Credit is Denied for Lack of SSN?
Balancing Voters' Privacy and Access Rights
Info on CPD [unchanged since 08/18/95]
----------------------------------------------------------------------
From: glr@ripco.com (Glen L. Roberts)
Date: 31 Oct 1995 16:40:16 GMT
Subject: Listen to Full Disclosure Live on the WEB
Organization: Full Disclosure
Full Disclosure Live, broadcast live worldwide for 2-1/2 years covering
privacy, surveillance, technology and government can now be heard on
the net. It's encoded with Real Audio. It's at:
http://pages.ripco.com:8080/~glr/fdl1.html
(real audio software for ibm or mac can be downloaded from that page as
well). It works quite well at 14.4! Check it out!
--
Glen L. Roberts, Host Full Disclosure Live
Tech Talk Network: Telstar 302, Ch 21, 5.80 Audio
WWCR Shortwave: 5,065 khz. 8pm est / Sundays.
Articles, Catalog, Downloadable Programs, AUDIO, Links & More:
http://pages.ripco.com:8080/~glr/glr.html
------------------------------
From: Dave Rasmussen <dave@opus.csd.uwm.edu>
Date: 31 Oct 1995 10:53:12 -0600 (CST)
Subject: USA Today Rejects CKE, Endo
Forwarded message:
From: "Marc Rotenberg" <rotenberg@epic.org>
Subject: USA Today Rejects CKE, Endo
Citizens of cyberspace should be pleased by the editorial page of
today's USA Today (10/24/95).
In the top editorial, USA Today discusses the need for strong security
on the net, and then proceeds to trash the Commercial Key Escrow plan
("Clipper II"), noting that "the convenience of the FBI would override
the convenience of the public" and that the system is vulnerable to
abuse.
The CKE editorial concludes, "The best way to promote American business
and to protect American's privacy is to allow the best encryption
programs to be available. It is the responsibility of government to
enforce the laws, not the public's to make it easy at the cost of its
privacy."
In editorial number two, USA Today calls for the adoption of the
"opt-in" approach to protect consumer privacy on the Internet.
As USA Today says, "opt-in does not trample on anyone's rights.
Consumers can still get their catalogs and other direct-mail pitches by
checking a box or clicking a mouse. Companies can still get data for
marketing by asking for it. It would cause some inconvenience for
businesses, which face increased costs to persuade customers to give up
their privacy. But who should bear the burden: the businesses that
glean the profit or the consumers whose information is sold?"
The editorial also faults the voluntary approach recommended by the
Department of Commerce on Monday, saying that "while voluntary
compliance might be preferable in an ideal world, it's not likely to
work in the real world."
"The reality is that the absence of government prodding has resulted in
too many companies doing too little to protect consumers' privacy
rights."
USA Today concludes "If a business wants the privilege of marketing
your most private matters, it should be willing to spend the time it
takes to convince you that you'll benefit."
More information about both CKE and consumer privacy rights is
available at the EPIC web site.
======================================================================
Marc Rotenberg (Rotenberg@epic.org) * +1 202 544 9240 (tel)
Electronic Privacy Information Center * +1 202 547 5482 (fax) 666
Pennsylvania Ave, SE, Suite 301 * HTTP://www.epic.org/
Washington, DC 20003 * info@epic.org
======================================================================
end of forwarded message
--
Dave Rasmussen - Information & Media Technologies (ex-CSD) Client Services
Internet: dave@csd.uwm.edu Phone: 414-229-5133 2m HAM Radio: N9REJ
USmail: Box 413 Bol213, Milwaukee, WI 53201
------------------------------
From: Daniel Veditz <daniel@borland.com>
Date: 31 Oct 1995 11:50:39 -0800
Subject: Re: Copyright Notice
Organization: Borland Intl
Les Earnest wrote: My understanding of the copyright law is
different -- that the copyright belongs to the person who first
puts "copyrightable" material in a permanent form, such as a paper
copy or a magnetic recording. Simply posting an article on Usenet
does not meet this standard.
Usenet by its very nature archives each posting on thousands of
machines, if only for a few days. I am quite sure that the courts will
hold that this is "tangible" enough for copyright even without
considering various permanent or long-term archives that exist. In
this way Usenet is like a newspaper: printed anew each day, read by
thousands, and then thrown out.
I hope that the Congress and courts will address this issue and
clarify our rights and obligations some time soon. As things
stand, I believe, the status of copyright in electronic media is
rather ambiguous.
Amen.
--
Dan Veditz
------------------------------
From: "Dennis G. Rears" <drears@Pica.Army.Mil>
Date: 31 Oct 95 18:02:19 EST
Subject: Re: Call Blocking
Robert Bulmash <prvtctzn@aol.com> writes: So long a the telcos
charge folks to get their number unlisted, we do not know if the
person wants the number listed or not. But we do know that having
an unlisted number is an economic issue.
Very true. To The Phone Company (TPC) it is entirely an economic
issue. Most people are unaware of how regulated phone service is
billed. What follows is a simplified way of how it is done. Go to the
TELECOM digest for more details. TPC is guaranteed a percentage profit
on their regulated service. They take their yearly expected costs
multiply by the percentage profit they are allowed and get the total
amount billed. From there they calculate rates for phone service,
touch tone, etc. These rates often have NOTHING to do with costs.
Most areas still charge for touch tone even though it costs nothing to
provide it. If they got rid of touch tone charges something else goes
up to make for the revenue shortfall. If they got rid of charging for
unlisted numbers the revenue must come from somewhere. When a new
service becomes available, customers generally pay the actual cost plus
a small profit for the service. After all the costs have been paid the
charge will remain.
I would gather if there was no charge for an unlisted number an
overwhelming majority of people would choose not have their number
listed which would cause phone books probably not to be printed which
would result in further loss of revenue.
Furthermore, in some areas of the nation more folks are unlisted,
than listed. So in those areas (Las Vegas - Fort Lee, NJ - etc.)
the default is unlisted.
No. The default is still listed. The default is whatever is
programmed into their computers and their filings with the PUC.
Under Amertiech in the Chicago area, it costs $12.50 to change your
listed number to unlisted. If there `was' anything `special' to do
(other than a single key- stroke), the $12.50 paid for it. What
then is the addittional $1.45 per month `unlisted' charge for?
The charges are historical, if they were to remove them the rates would
go up for other services. Granny would then see her POTS rates go up.
PUC wants to keeps POTS rates as low as possible. It's like the touch
tone charge. I pay 99 cents a line for touch tone. It costs TPC
nothing.
Now, with charges for calls to directory service in place, their is
no reasonable basis to charge consumers for an unlisted number...
unless it is reasonable that the telcos be allowed to use vaporous
rationals to soak the public an any fashion conceivable.
See the discussion above.
Better than an unlisted number, list your number in the directory
under your first and maiden, or first and middle name, and ASK YOUR
TELCO TO REMOVE YOUR ADDRESS FROM THE BOOK..
I have one of my numbers (my main one) under my dog's name.
------------------------------
From: sharborth@hai-net.com
Date: 31 Oct 95 23:28:07 EST
Subject: Re: Call Blocking
Regarding the article on Telephone Odds and Ends, having a private line
with a ficticious name that is not used for "ordering" things WILL NOT
result in "dwindling" telemarketing calls. Having a unlisted,
unpublished number has not lessened the number of calls I have received
from telemarketers. The fact of the matter is, automated calling
systems are on the rise and many telemarketers that still use real
people just give them blocks of numbers to call.
[moderator: I have two phone lines into my home with numbers about
1000 apart (999-3000 and 999-4000 for example). One of these numbers
is published nowhere and is used only to call a University computer.
We never answer it when it rings. On a regular basis that phone will
ring, and then within an hour or so we will get a sales call on our
other, published, line. In every such case, when I answer the phone on
the first ring, there is a fairly long pause before the caller comes
on, a clear marker of the "war dialer" where sequential calls are made
in anticipation of a worker becoming available soon. Since I am a
cheerful fellow, I usually discuss war dialers with the person who
calls, ask where s/he got my name, discuss how they know about our
financial records, ask for the supervisor and spend a quarter hour of
non profit time with them. I am polite and point out to the clerk that
s/he is being impeded in his/her work by the practices of the boss. A
good time is had by all.]
------------------------------
From: Dean Ridgway <ridgwad@PEAK.ORG>
Date: 31 Oct 1995 12:42:29 -0800
Subject: Re: Author Profiles at Deja News
As a final note, they ignored my request for what their position
was on moderated newsgroups where the moderator claims a
compilation copyright that either directly or indirectly (through
the comp. (c)) prevented the archiving of that newsgroup.
I haven't read everything about the "new" copyright laws, but it seems
to me that you could get a lawyer to serve them with papers saying they
are violating your copyright and to cease immediately. I notice in
your message that they are ignoring the copyright issue for compilation
copyrights so maybe they are worried about this.
Standard "not a lawyer" disclaimers apply.
/\-/\ Dean Ridgway | Two roads diverged in a wood, and I-
( - - ) InterNet ridgwad@peak.org | I took the one less traveled by,
=\_v_/= FidoNet 1:357/1.103 | And that has made all the difference.
CIS 73225,512 | "The Road Not Taken" - Robert Frost.
http://www.peak.org/~ridgwad/
PGP mail encouraged, finger for key: 28C577F3 2A5655AFD792B0FB 9BA31E6AB4683126
------------------------------
From: converse@cs.uchicago.edu (timoshenko)
Date: 31 Oct 1995 21:13:37 GMT
Subject: Re: Author Profiles at Deja News
Organization: Univ. of Chicago Computer Science Dept.
I received a response from George Demosthenes Nickas, Customer
Liaison (demos@dejanews.com) that basically said "OK, we'll remove
you, but didn't you realize that by posting to UseNet you opened
yourself up to something just like this. We have no sympathy."
George Demosthenes Nickas <demos@dejanews.com> writes:
Untrue and misquoted. There is a difference between not having
sympathy for someone and not believing in the logic or validity of
their arguments. Our position is certainly the latter, but that
doesn't mean we don't care about your argument specifically, or
privacy/anonymity arguments in general. We *do* care (which is why, as
a courtesy, we removed the text of your posts), we just don't agree.
^^^^^^^^^^^^^^^^
Please note what George is saying here. I also wrote to Deja News
asking to have my profile removed, and got a reply from George saying
that while it was "too painful and expensive" to remove the profile
itself, Deja News would be happy to remove the text of the articles
that I had posted.
This does not address my concern, however. My concern is, in fact,
about the profile of groups posted to, rather than the content of the
text I have posted. I agree in part with Deja News that postings are
public, and therefore it is odd to have an expectation of privacy about
their individual content. It is the personal profile that is currently
available only through this service, and this is exactly what Deja News
is refusing to remove, regardless of their level of "sympathy" or
concern for privacy/anonymity arguments.
--
-------------------------------------------------------------------------------
Tim Converse U. of Chicago CS Dept. converse@cs.uchicago.edu (312) 702-8584
------------------------------
From: chip@unicom.com (Chip Rosenthal)
Date: 01 Nov 1995 07:48:04 GMT
Subject: Re: Author Profiles at Deja News
Organization: Unicom Systems Development, Austin, TX
Alan Miller <ajm@mcs.com> wrote: consider supporting a field in the
article header such as "X-NoArchive: "
They do. It's spelled "Path:".
I'd urge the DejaNews people to publicize their news hostname, so that
people may opt out of selected archiving if they wish. I feel that
would be the responsible thing to do.
This ties back to my CLID analogy -- to quell the privacy woes there,
the company offered the initiator a way to opt out of Caller*ID (the
*67 code here in SWB land.).
--
Chip Rosenthal I won't represent the US in the Summer Olympics.
Unicom Systems Development - http://www.unicom.com/john-hiatt/
PGP key: http://www.unicom.com/personal/chip.html
------------------------------
From: Fred Baube <fbaube@propus.tkk.utu.fi>
Date: 01 Nov 1995 13:15:29 +0200 (EET)
Subject: Re: Author Profiles at Deja News
pshriner@csn.org (Peter Shriner) writes: Of course they aren't
doing it now ;-), but consider what governments, law enforcement
agencies, corporate security depts., human resources depts., etc.
might do with their own version of dejanews.
In "The Puzzle Palace", Bamford suggests that as a rule of thumb,
assume that the NSA is technologic- ally five to ten years ahead of us
mere mortals.
I have little doubt that somewhere in the NSA, or elsewhere in the US
gov't, there's a quiet little office with a nice big budget,
unobtrusively vacuuming up email and news postings and applying
AI-based analysis to it. All for national security, dont'cha know.
Yours paranoiacally,
--
F.Baube(tm) * How is Hallowe'en like Christmas ?
G'town U MSFS '88 * Because 31 (Oct) == 25 (Dec)
fred.baube@utu.fi * [ from Dr Dobb's ]
Information Junkie *
------------------------------
From: rj.mills@pti-us.com (Dick Mills)
Date: 01 Nov 1995 16:45:34 -0500
Subject: Re: Author Profiles at Deja News
In CPD 7:36, Prof. L. P. Levine <levine@blatz.cs.uwm.edu> wrote:
Thus, if I post something with the caviat "not for commercial use"
or some such logo, I have the right to restrict those who wish to
use my material for gain.
In the case of Deja News they clearly intend to do this for profit
and wish to use my postings as the source of that profit.
In a court of law in a dispute over copyright fair use I would be hard
pressed to explain the legal distinction between:
1) A news feed (more or less real time rebroadcaster),
and who runs the service for profit.
2) A news archive which rebroadcasts on demand at a later date,
and who runs the service for profit.
3) A news client program which reorganizes articles into
threads-by-topic, and who licenses the program for profit.
4) The Deja news service which archives and reorganizes articles into
threads-by-author, and who runs the service for profit.
5) An improved news client program which allows me to make
cross-newsgroup-threads-by-author without use of Deja News,
and who licenses the program for profit.
It seems that either all of these or none of these fall under the fair
use doctrine. Are there lawyers out there who can cite case law
specifically regarding Usenet articles and copyrights?
More important than legalities is practicality. http, ftp and gopher
servers can all make a case for copyright protection but the nature of
Usenet news is different. To maintain copy rights it would require
every country in the world, plus vessels at sea, to have compatible
views about copyright law and fair use. All it takes is one node
anywhere in the world to render home country copy rights meaningless.
I think the reality is that it is very foolish to post material on
Usenet and still expect to exercise any meaningful control over its
future use.
--
Dick Mills +1(518)395-5154
http://www.albany.net/~dmills
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 01 Nov 1995 16:02:38 -0500
Subject: Re: Author Profiles at Deja News [let's end this]
Organization: University of Wisconsin-Milwaukee
This has been a good discussion and we will come back to it when more
is learned but let's end it for now. I will accept one more round of
discussion on this for now.
--
moderator cpd
------------------------------
From: douga@gate.net (Doug Andersen)
Date: 01 Nov 1995 03:02:38 -0500
Subject: Re: Copying Driver's Licenses
Organization: CyberGate, Inc. Florida
Maryjo Bruce <sunshine@netcom.com> wrote: I withdrew money from my
savings account (over 10K) yesterday, and the bank copied my
driver's license before they would let me have the money. Do they
have the right to do that? Who can copy it? Who cannot? Whom can
I call to find out....accurately? What are they going to do with
the copy?
They will probably do at least two things. First, they want your DL so
they can protect themselves if you come back at some point and claim
that they gave your money to someone else. Second, if you withdraw
cash (and perhaps even if you didn't) they may be required to file a
report with various government agencies that look for large cash
withdrawals/deposits as a sign of possible drug business.
--
Doug Andersen douga@gate.net
Home Page: http://www.gate.net/~douga
------------------------------
From: Monty Solomon <monty@roscom.COM>
Date: 01 Nov 1995 13:46:33 -0500
Subject: Controversy Over Medical Records Legislation
Begin forwarded message:
Date: 01 Nov 1995 10:41:37 -0500
From: James Love <love@Essential.ORG>
Subject: Controversy Over Medical Records Legislation
-----------------------------------------------------------------
TAP-INFO - An Internet newsletter available from listproc@tap.org
-----------------------------------------------------------------
TAXPAYER ASSETS PROJECT - INFORMATION POLICY NOTE
November 1, 1995
- Senator Robert Bennett and several cosponsors introduce legislation
on medical records privacy. S. 1360 would allow millions of law
enforcement officials, social workers, graduate students and other health
care researchers, government fraud investigators and probably
congressional staff to obtain access to computer databases with the
medical records for most Americans who pay for care under health insurance
programs. The Center for Patient Rights, the Massachusetts ACLU, EPIC,
and the Consumer Project on Technology (CPT) have expressed opposition to
the bill, as have several privacy experts. However, the legislation is
enthusiastically endorsed by the Center for Democracy and Technology
(CDT), which was involved in the drafting of the bill, and some other
groups have apparently endorsed the legislation. The Consumer Project on
Technology is working on a statement about the legislation. Here is the
statement about the legislation released yesterday by the Massachusetts
ACLU. jamie <love@tap.org>
----------------------------
Subject: Privacy Rights Alert
From: American Civil Liberties Union of Massachusetts
jwrclum@aol.com
Re: Privacy Rights Alert
Date: October 31, 1995
c 1995 ACLUMA
We at the American Civil Liberties Union of Massachusetts want to alert
you to the fact that the right to medical privacy of all Americans is
imperiled by a bill just introduced in the U.S. Congress. This bill,
which is claimed to be a "Medical Records Confidentiality Act," in
reality may turn out to be profoundly destructive of your right to
privacy.
Although Part I does contain certain aspects which could help privacy,
Part II undercuts the very fabric of patient-doctor confidentiality.
First, it preempts many state law and common law protections which
currently exist.
Second, it pushes the further computerization of medical records, and
will bring about the creation of "Health Information Services" ---
corporate entities which would receive, process, and serve as
libraries for actual on-line medical records forwarded from hospitals,
clinics, and individual doctors. It appears that this will take place
without any requirement for individual patients' authorization or
consent.
As we all know, computerized data bases are not immune from being
accessed by both unauthorized "outsiders" and unauthorized
"insiders." Centralization of data storage,
especially in electronic form, simplifies its being accessed.
But aside from that, the bill would actually authorize access to the
medical records in these data bases by a host of government and
non-government entities. Each of our medical records would thus become
part of a computerized "lending library" --- an internet of medical
records.
For example, the bill would permit release of your medical records from
"Health Information Services" (the on-line data base holders) and
"Health Information 'Trustees'" (providers, hospitals, health plans,
employers, insurers, and health oversight agencies) to the following
(among others):
- Release to researchers (along with your medical
history, it is possible that identifying information
including your name, address, and phone number would be
sent).
- Nearly-automatic release, to the opposing party in a
lawsuit, of your entire medical history, if your
health, physical or mental, has been raised by you as
an issue in that lawsuit.
- Release to law-enforcement authorities under certain
circumstances.
- Release to Public Health Agencies under certain
circumstances.
- Release based on Judicial Warrant --- you would be
notified by mail within 30 days after execution of the
warrant (90 days or more with the government's ex parte
option).
- Release based on Judicial Subpoena, Grand Jury
Subpoena, or Administrative Agency (e.g. Social
Security) Subpoena --- you would be notified on or
before the date of its execution (or within 90 days
thereafter [or longer] with the government's ex parte
option).
- A special variant of this, where the identity of the
patient is "unknown," would allow the search of records
(plural) in order to identify the person being sought.
[In essence, this would allow "fishing" expeditions,
using a computerized net, into the private lives of
Americans.]
In some of these situations, you, the patient, will only be informed
after the records have been released.
You may, in some circumstances, have the legal right to "attempt to
quash" the subpoena (etc.) by seeking a court's
intervention. However, the standard by which the court is to reach a
decision on this will be mandated by this bill to be a consideration of
whether the government's interest in obtaining the information
outweighs the privacy interest of the individual.
We would encourage you to pull up a copy of the actual bill and view it
yourself. This can be done through the Library of Congress internet
site at http:\\thomas.loc.gov (104th Congress, Senate bill number S
1360 ).
Alternatively, a hard copy by mail can be requested from the U.S.
Senate Documents Room, by faxing to 202-228-2815 a note containing the
bill number and your mailing address.
All our voices need to be heard in order to help make certain that this
bill is not passed by Congress.
Possible actions include:
(1) Letters to your Senators and congresspersons, and to
the House and Senate leadership.
(2) Letters to local newspapers and other media.
(3) Forwarding the contents of this message to places where
you feel it will be of interest and have impact.
This document may be re-distributed freely, provided it
remains in its entirety.
If you value your right to privacy, the time to act is
now....
--
TAP-INFO is an Internet Distribution List provided by the Taxpayer
Assets Project (TAP). TAP was founded by Ralph Nader to monitor the
management of government property, including information systems and
data, government funded R&D, spectrum allocation and other government
assets. TAP-INFO reports on TAP activities relating to federal
information policy.
Subscription requests to tap-info to listproc@tap.org with
the message: subscribe tap-info your name
------------------------------
From: wicklund@Intellistor.COM (Tom Wicklund)
Date: 01 Nov 1995 17:21:28 -0700
Subject: Re: Can you Sue if Credit is Denied for Lack of SSN?
Organization: Fujitsu Computer Products of America, Longmont
straurig@mailgw.sanders.lockheed.com says... A few people
misunderstood the question. They thought the bank was paying *me*
interest, and needed my SSN for tax reporting purposes, as opposed
to a credit account where I pay the *bank* interest. At any rate,
the general consensus was, no, I could not sue for this reason, as
companies can do business with whomever they like, aside from such
issues as race, religion, etc.
For loan interest which is tax deductible (mortgage, home equity loan)
the bank is required to report to the IRS and required to have your
SSN.
For other loan interest, they may still report it since it used to be
deductible and the IRS probably monitors the amount of interest paid on
credit for Congress.
------------------------------
From: jeffs@ncgate.newcollege.edu (Jeff Sonstein)
Date: 01 Nov 1995 12:00:32 -0800
Subject: Balancing Voters' Privacy and Access Rights
This issue of GovAccess exclusively concerns access to information that
is absolutely crucial to grassroots political empowerment -- and
appropriate limits on such access.
My 8 Jul issue, "GovAccess.159: Freedom's Anvil - Preface: Power to the
People," detailed why public access to voter registration information
-- that all professional political campaigns already access and use --
is essential for effective *grassroots* action, and how it can be used
for that purpose.
This issue of GovAccess outlines how access desires of citizen
activists can be reasonably balanced with personal privacy desires of
voters -- those who seek to impose their will upon their (our!) entire
community, city, state and nation.
The following is my monthly column [final draft] for the October issue
of GOVERNMENT TECHNOLOGY, [govtech.net] which has a monthly controlled
circulation to about 60,000 state and local officials -- elected,
appointed, administrative and staff.
--
jim
&&&&&&&&&&&&&&&&&&&&
Balancing Voters' Privacy and Access Rights
by Jim Warren
Small wonder that citizens feel powerless and voters don't bother to
vote. Effective political action appears limited only to wealthy
politicians and well-funded campaign professionals.
Grassroots activism seems to be functionally useless - demolished by
incumbents' choke-holds on access to the body politic.
Last month's column proposed using the public computer networks to
partly redress this outrageous access inequity, between big-bucks
professionals and under-funded grassroots activists.
The most crucial component of effective political advocacy is access to
completely current voters' information. Thus, we urged that such
information be made most-easily available to all advocates, by placing
copies on the computer nets without charge - possible at very little
cost to Registrars, except for those that are profiting from peddling
voter data to those the well-funded.
Recognizing that online access to voter data has serious privacy
issues, we offered polite platitudes and vague suggestions for
balancing privacy rights with the need of the body politic to
communicate with itself.
This column addresses the privacy principles, and offers practical
protection mechanisms.
The Information Privacy Principle
Privacy advocates espouse this policy: "Personal information collected
for one purpose shall not be used for another purpose without the prior
permission of the person whom it concerns" - especially applicable when
personal information is collected by government force, or as
prerequisite to receiving full benefits of citizenship - notably
including the right to vote.
Ignoring the fact that law enforcement, process servers, welfare
workers and perhaps others are authorized to use voter registration
files to check on citizens - who certainly did not register for that
purpose - the question remains:
Does disclosing voter information to political advocates violate this
privacy principle?
Why People Register
Most simplistic, citizens "register to vote" just so they can visit a
polling place on election day and punch holes or fiddle with levers.
More accurately, folks register hoping to impose their will on their
fellow citizens and community - local, state or national.
Most accurately:
People register to vote in order to be empowered participants in the
process of community governance - and an absolutely crucial component
of that process is that those who may be effected by such governance
have fair opportunity for discourse and advocacy with those community
decision-makers, the voters.
Thus, voter files should be open to political advocates - as they are
open to all professional politicians who can afford the costs of
obtaining copies.
True, this means that those who wish to impose their will on others
will suffer from unwanted junk-mail, intruding precinct walkers and
irritating campaign callers. And those who wish to remain hidden - for
their convenience or safety, e.g. battered spouses or child-support
scofflaws - will have to forego the franchise or risk disclosure.
Implementing Equal Access
To implement the least-costly, most-useful equal access to voter data,
any time, from any place, make it available without charge via the
public computer networks.
Do without charge to Registrars by using cooperating public-sector and
private-sector public file-servers - those willing to offer local
dial-up modem access for the Registrar to use, who will implement
appropriate access restraints (below).
Script the Registrar's computer to automatically call each cooperating
public file-server; log in with the password provided to the Registrar
by the file-server's owner; update the file-server's copies of voter
files; then logout, disconnect and dial-in to the next cooperating
server.
Each file-server is responsible for protecting the uploaded copies from
modification by anyone except the Registrar, just as such file-servers
already do with tens of thousands of public files.
Deterring Improper Use
Currently, voter files are often exploited for prohibited personal and
business uses, and online public access will provide tempting targets
for abuse. However, online access can facilitate mechanisms for
deterring abuse - probably much more effective ones than those that
Registrars currently use, since these empower voters to aid in their
own protection:
Each file-server must implement an automated question-and-answer
process that must be completed prior to granting access to voter files.
It should request complete identifying and contact information about
the requester; automatically verify that information to the extent
practical (e.g., via requester's voter registration, online phone
directories, Unix "finger" queries, etc.), and record all details in a
protected public archive open to public review - allowing potent
self-policing by voters.
I.e., just as voters must not remain hidden, so also must those who
request voter information be disclosed!
Details of requests for batches of voter information based on selection
criteria - e.g., all Democrats registered in the last six months in a
specified ZIP-code range - would be included with the requester's id
data.
The independent, cooperating file-servers might also automatically
"seed" each such request with inconsequential name and address
variations, unique to the request, that allow cooperating recipients to
identify the origin of mailing pieces and phone calls originating from
that list - a standard process used by commercial list-purveyors to
identify and prosecute prohibited use.
When data about individual voters is requested - e.g., suspicious
citizens independently checking allegations about "graveyard,"
out-of-district or otherwise-unqualified registrants - the requester
data should include the names of each voter requested, AND complete
details of the request should be automatically emailed by the
file-server to each named voter or their designee, for voters who
provide such email addresses.
There should be prominent notice to requesters that list-seeding and
voter notification may be used.
Democracy and freedom required that all of those who seek political
power - both advocates and voters - must remain identifiable to those
whom their decisions will impact.
&&&&&&&&&&&&&&&&&&&&
"Wherever the Net arises, there arises also a rebel to resist human control
... A network nurtures small failures in order that large failures don't
happen as often. It is ... fertile ground for learning, adaptation, and
evolution ... The only organization capable of unprejudiced growth, or
unguided learning, is a network. All other topologies limit what can
happen."
-- Kevin Kelly, _Out_of_Control_
Mo' as it Is.
--jim
Jim Warren, GovAccess list-owner/editor (jwarren@well.com)
Advocate & columnist, MicroTimes, Government Technology, BoardWatch, etc.
345 Swett Rd., Woodside CA 94062; voice/415-851-7075; fax/<# upon request>
To add or drop GovAccess, email to Majordomo@well.com ('Subject' ignored)
with message: [un]subscribe GovAccess YourEmailAddress (insert your eaddr)
For brief description of GovAccess, send the message: info GovAccess
Past postings are at ftp.cpsr.org: /cpsr/states/california/govaccess
and by WWW at http://www.cpsr.org/cpsr/states/california/govaccess .
Also forwarded to USENET's comp.org.cpsr.talk by CPSR's Al Whaley.
May be copied & reposted except for any items that explicitly prohibit it.
Jeff Sonstein, Networks Administrator
New College of California
50 Fell Street
San Francisco CA 94102
[415] 241-1302 ext. 490
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 18 Oct 1995 13:55:25 -0500 (CDT)
Subject: Info on CPD [unchanged since 08/18/95]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
[new: Ordinary copyrighted material should not be submitted. If a]
[copyright owner wishes to make material available for electronic]
[distribution then a message such as "Copyright 1988 John Doe.]
[Permission to distribute free electronic copies is hereby granted but]
[printed copy or copy distributed for financial gain is forbidden" would]
[be appropriate.]
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the Subject: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit the text except for purely technical reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Web browsers will find it at gopher://gopher.cs.uwm.edu.
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Web: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V7 #037
******************************
.