Date: Fri, 01 May 92 16:21:06 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#008 Computer Privacy Digest Fri, 01 May 92 Volume 1 : Issue: 008 Today's Topics: Moderator: Dennis G. Rears Privacy & US West Minnesota Gateway[CONTINUED] Privacy and US West "Community Link" Gateway[CONTINUED] Federal Govt. Use of the SS Re: Call for new moderator? Re: Cordless phones Re: Cordless Phones Re: Cordless phones The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.200]. ---------------------------------------------------------------------- Date: Mon, 27 Apr 92 10:13:20 -0700 From: sumax!cs.washington.edu!ole!rwing!peterm (Peter Marshall) Subject: Privacy & US West Minnesota Gateway[CONTINUED] Mr. Neumeister and the RUD-OAG...recommended that baseline privacy safeguards be put into place before...the service was authorized.... The Commission will...require that CLM Associates include in its marketing materials and in its informational materials...a description of what it considers to be permissible users of the data gathered on individuals through Community Link. The Commission will also memorialize, as a formal requirement, CLM Associates' pledge that it will not compile individual consumer profiles of Community Link subscribers, for marketing or other purposes.... _______________________________________________________________________________ [from a 3/19/92 letter on privacy issues to Community Link ISPs from a US West Community Link Product Manager]: "A positive [checkoff procedure]would probably result in a signfiicant reduction in the number of end users on the list, negatively impacting the value of any marketing efforts utilizing the customers[sic]name and address." "Should ISPs be restricted in their use of...[information from users]? If...restricted, the information could not be used in the same manner as information obtained from customers that conduct business in person, by mail, by phone, etc." "Insuring that the customer see the privacy statement first thing, every time the user logs on[,]could give the impression that Community Link ISPs may not be conducting business properly...." I would encourage you to express your issues and concerns to the panel...so that they can be included in the report...." ______________________________________________________________________________ [from a 3/26/92 reply to the US West letter from Minitel Development Corp.'s Market Development Manager]: ...MDC is conducting a test of BILL&PAY Minitel and developing the concurrent mrket roll-out strategy of this on-line information service.... We seek to provide ease-of-use for the end user, while maintaining our right to as much information about this individual as possible.... Most people who want information--or don't care either way--are typically not a pro-active personality type. These people generally don't mind being included on any lists made available....most people understand that, once they have given out personal information, it may be used in a variety of ways.... ------------------------------ Date: Mon, 27 Apr 92 09:20:44 PDT From: sumax!uunet!lorbit!rocque (peter marshall) Subject: Privacy and US West "Community Link" Gateway[CONTINUED] [preceding posts covered Minnesota background information, comments by Community Link ISPs, and Advisory Panel report's recommendations] ------------------------------------------------------------------------- From the Minnesota PUC's 12/4/91 Order establishing Advisory Panel, etc.: ..Subscriber access to the gateway will be free. Any US West subscriber with a computer and a telephone modem can gain access by obtaining an password. Normally, however, subscribers will be charged for...minutes of use by the information service providers.... This filing involves a new service, a new telecommunications provider, and entity offering a service whose regulatory status is unclear. The filing therefore raises a number of serious and novel issues.... Nationally, the regulatory status of videotex gateway services is still evolving. The...(FCC)currently views such services as "enhanced services," i.e., services which are not core monopoly services and are not subject to federal regulation. Under this view, shareholders would bear the full risk and reap the full benefit of US West's participation in this partnership. US West, however, has made an FCC filing arguing that a...gateway it provides in another jurisdiction is more properly classified as a basic service. Under this view, ratepayers would face the...risks and incur the... benefits.... Community Link clearly has the potential for consolidating in one data bank information that used to be in several...(e.g., those belonging to banks, stockbrokers, travel agencies), as well as information that was not previously in any data bank(grocery purchases, bus schedule inquiries, placement of and responses to classified advertising. This raises significant privacy and security issues.... [CONTINUED] -- Peter Marshall(rocque@lorbit.uucp) "Lightfinger" Rayek's Friendly Casino: 206/528-0948, Seattle, Washington. ------------------------------ From: Dave Banisar Date: Thu, 30 Apr 1992 21:22:28 EDT Subject: Federal Govt. Use of the SS Federal Govt. Use of the SSN Following up on "Institutional use of the SSN" Even though the Privacy Act prohibits the use of the Social Security Number, it also has a wide loophole known as the "routine use" exception. In this exception, the agency which wishes to use the SSN must publish a notice in the Federal Register citing reasons for it. I did a recent LEXIS search which pulled up over 1300 routine use exceptions filed. This loophole has swollowed the law. Dave Banisar CPSR Washington Office/US Privacy Council ------------------------------ From: Nancy Ann Duxbury Subject: Re: Call for new moderator? Date: Fri, 1 May 1992 01:52:43 GMT Apparently-To: comp-society-privacy@uunet.uu.net In article scasterg@magnus.acs.ohio-state.edu (Stuart M Castergine) writes: >If the moderator for this group has employment conflicts that conflict >with his duties as moderator, perhaps we need another moderator. > >On this group in particular, I feel uncomfortable thinking that our >posts are going through some sort of government censor before being >approved. > >I hate to criticise while not being willing to walk in his shoes, but >I don't have the ability to be a moderator for this group. This is >only a student account and, in any case, I have no idea how moderating >a newsgroup works. > >My own system, waltham.columbus.oh.us, has only a uucp feed, and >*very* limited news capabilities. I tend to agree that a new moderator or perhaps no moderator would be a solution that could satisfy all parties. People who believe in principles of privacy should also have strong beliefs in freedom of expression, as both are fundamental elements of a working democracy. A new moderator would certainly allow for an opening of debate on many related issues, and leave no room for reprecussions against those who's postings could jeopardize their employment. Are there any other opinions on this? - Bill Currie duxbury@sfu.ca [Moderator's Note: You make the assumption that any debate has been stifled. As I said in a previous post I will not censor anything that belongs in this forum. Dennis ] ------------------------------ Subject: Re: Cordless phones Date: 30 Apr 92 23:07:30 EDT (Thu) From: "John R. Levine" >>If people don't want me to hear their conversation, they ought not to >>be shooting photons at me! > > I don't think that I agree with you. I have a cordless phone. >The major use I have it for is so that I can sit outside of my >apartment and still use the phone on a nice day. The regular phone >wire will not reach, and consequently I would have sit inside to use >the phone. You seem to be of the opinion that if my conversation is >transmitted over copper wire, then I have a right to privacy, but if >it's transmitted over the air, then I don't. > > The phone companies (if it's a long distance call) sometimes >transmit phone calls using microwave towers. Actually, there are a lot of cases where local calls are transmitted by microwave as well. But in this issue there has to be some tradeoffs, both in expectation of privacy and in a distinction between what is rude and what should be illegal. There's a broad range of radio transmitters with a broad range of privacy expectations. At one end are baby monitors that transmit somewhere in a radio broadcast band, so that you can pick them up with any broadcast receiver. At the other end are telco microwave transmissions which are typically sending a multiplexed digitally encoded data stream in a tightly focussed beam. For the baby monitor case it is ludicrous to have any expectation that the transmissions will remain private, while in the telco microwave case it is quite reasonable to expect that they will. The distinction is how hard it is for someone to listen in either deliberately or accidentally. Cordless phones fall pretty close to the baby monitor -- there are only a handful of frequencies used by cordless phones (about 10) and the possibility of someone else nearby picking up his phone and accidentally overhearing what you say is not in the least far fetched. One the other hand, as far as I know the only equipment normally able to receive and decode telco microwave transmissions is telco microwave equipment, and it has to be more or less in line with the transmission's line of sight. Sure, it's tacky and rude to listen to someone else's conversation, but that's a far cry from saying it should be illegal. It's rude to listen to a private conversation on the subway as well, but at rush hour it's usually unavoidable. Passing laws that decree that certain kinds of transmissions, most notably cellular phones, are private when millions of people already have the equipment to listen to them (old UHF TV sets) is just pissing into the wind. Regards, John Levine, johnl@iecc.cambridge.ma.us, {spdcc|ima|world}!iecc!johnl ------------------------------ Date: Fri, 1 May 1992 08:27:59 -0500 Subject: Re: Cordless Phones From: Scott Coleman Reply-To: tmkk@uiuc.edu I've been watching the discussion on cordless phones with some interest. I have a cordless phone, but I do not use it. It sits at the bottom of my electronic junk box in my closet. I refuse to use it because it is so incredibly easy for anyone with a $50 scanner to pick up cordless phone conversations from as far away as 2 miles. Perhaps when cordless phones which employ encryption between the base and handset come down in price, then I'll buy one and use it, but not until. For the same reason, I don't use a cellular phone. As for rights and expectations of privacy: in an ideal world, cordless calls would be just as private as wired calls. Everyone would be saintly, and would never stoop to listening in. In the real world, you have to ACTIVELY protect what's left of your privacy. Just as you must guard your SSN, you have to protect the privacy of your communications. Nobody is going to do it for you. Yes, it morally wrong to listen in. Yes, it's illegal to listen in (in the cease of cellular). Yes, you have the RIGHT to privacy in this situation. But it IS going to happen - such laws are virtually impossible to enforce. An expectation of privacy on a cordless or cellular call is simply not realistic in the real world. Someone mentioned microwave transmission of phone calls. I'm not particularly worried about that. My understanding is that such transmissions are pretty much line-of-sight and narrow beam. If you don't live right beneath the path of such signals, you haven't a ghost of a chance of picking them up. And even if you can, aren't those signals multiplexed in some fashion to make better use of the available bandwidth? Someone correct me if this impression is incorrect. --- --- Scott Coleman tmkk@uiuc.edu Wayne and Garth must be Forth programmers - they use the NOT operator postfix. ------------------------------ From: Carl Ellison Subject: Re: Cordless phones Date: 1 May 92 14:09:29 GMT In article ugtalbot@KING.MCS.DREXEL.EDU (George Talbot) writes: >Craig DeForest writes: >>But, if you want privacy, you *don't* shout so that everyone within ten >>miles can hear it. If you want privacy, you don't broadcast your >>conversation. [ copper wire vs. radio; microwave towers; parabolic mikes picking up conversations in the open air ] >[...] do I lose my right to privacy when I call long distance? I should >think not. I am of the opinion that it is impolite and possibly even >immoral to listen in upon another's private conversation without being >invited. There are differences between "impolite", "immoral", "illegal" and "impossible". Even copper wire carrying voice radiates photons. When I want privacy from such impolite people, I use encryption -- not laws or appeals to morality. I would recommend that others do the same. ------------------------------ End of Computer Privacy Digest V1 #008 ******************************