Date: Wed, 03 Jun 92 16:03:23 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#041 Computer Privacy Digest Wed, 03 Jun 92 Volume 1 : Issue: 041 Today's Topics: Moderator: Dennis G. Rears Re: California Drivers Lic & SSN Re: My view on Caller ID Re: Call waiting and Caller ID Privacy of Individual in the Comp. Era Article in Tech Review Privacy Issues & the US West "Community LInk" Gateway Re: Isn't personal privacy a little overrated ? Re: My view on Caller ID Re: An Alternative to Call Blocking Re: "An Alternative to Call Blocking" in CPD V1#040 The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.200]. ---------------------------------------------------------------------- From: Matthew Lyle Subject: Re: California Drivers Lic & SSN Date: 3 Jun 92 12:49:28 GMT egdorf@zaphod.lanl.gov (Skip Egdorf) writes: >In article idela!bell@uunet.uu.net (Mark Bell) writes: > California now seems to have a law that one has to submit a Social > Security number for driver's license renewal. Does anyone have any > advice on how this can be avoided? [story of NM DMV deleted] >Maybe other states are as enlightened as New Mexico. Or was that just maybe >a bug/feature of hte New Mexico computer system that will be "fixed" >four years from now? Texas requires the SSN, but it is not on the drivers license, just in their computers in Austin. One thing I found most interesting... Texas requires fingerprints (thumbprints, actually) on a drivers license application. -- Matthew Lyle matt@oc.com matt@utdallas.bitnet OpenConnect System Carrollton (Dallas), Texas (214) 490-4090 ------------------------------ From: Bruce Klopfenstein Subject: Re: My view on Caller ID Date: 3 Jun 92 14:42:59 GMT dpenner@ee.ualberta.ca (Darren E. Penner (Dokken)) writes: > I must say that as a subscriber to Caller ID I can see NO reason in the world > anyone has a Right to keep their phone number a secret from me. These people > are using a resource which I PAY to have installed in my house and as such, > I believe that they should be forced to identify themselve to use this > resource. Then by all means be sure to give out YOUR telephone number to EVERYONE you call. I'm sure you have "nothing to hide" and you won't be answering your phone anymore anyway with your Caller ID box showing all those un- familiar numbers you'll be getting calls from once everyone else has your number. I can't believe I bothered to respond to this except to point out that no matter how fond you are of Caller ID, there are no absolutes. There simply are times when we don't want to give up our privacy. Bruce K. ------------------------------ From: "david.g.lewis" Subject: Re: Call waiting and Caller ID Date: Wed, 3 Jun 1992 15:43:45 GMT In article rsw@cs.brown.edu (Bob Weiner) writes: >In article dpenner@ee.ualberta.ca (Darren E. Penner (Dokken)) writes: >> >> Just a note to the uninformed people spreading all sorts of rumers about >> call waiting and caller ID. >> >> You WILL NEVER see the number from a person if you are using the line. This >> is becuase the callers ID is sent between the First and Second Rings. "NEVER" is a dangerous word, as rsw@cs.brown.edu notes... >This seems to imply that someone will never use caller-ID on an ISDN >circuit, in which the separate D channel (data channel) is used for call >setup and tear down control. Whether one or more B channels were in use >would then be irrelevant as to whether one could be presented with the >caller-ID info for another call. Calling Line Indentification Presentation is indeed undergoing standardization as an ISDN supplementary service, and (as michael.scott.baldwin@att.com pointed out) is currently implemented on at least the 5ESS(R) switch version of ISDN BRI. In addition (as I believe Al Varney has noted), Bellcore has issued a Technical Advisory for Caller ID on Call Waiting, TA-NWT-000575, CLASS(SM) Feature: Calling Identity Delivery on Call Waiting FSD 01-02-1090. David G Lewis AT&T Bell Laboratories david.g.lewis@att.com or !att!houxa!deej Switching & ISDN Implementation ------------------------------ From: STG colleague Subject: Privacy of Individual in the Comp. Era Date: 3 Jun 92 15:00:08 GMT I friend who can not post from the UK has asked me to post the following for her. Please reply directly to her if possible since she cannot read the group. Alternatively I will pass on to her any exchanges. Thank you very much. M. Gottesman ************* I would like information on employee privacy in the workplace. Is it fair that telephone calls are being logged into databases and that calls are monitored. Also, what about the monitoring of keystokes for productivity assessment? I would be grateful for any comments, experiences, or feedback. Thank you. Erika Barr (Msc London School of Economics) e-mail BARR@VAX.LSE.AC.UK ********** ------------------------------ From: "Herb Brody"@bloom-picayune.mit.edu Subject: Article in Tech Review Date: Wed, 3 Jun 1992 15:19:51 GMT I am a Senior Editor at MIT's Technology Review magazine, and I'm writing an article on the issue(s) of computers and privacy. I'd appreciate some comments from readers of this newsgroup. Some of the following questions may have something of a "devil's advocate" flavor, but that's just to provoke some impassioned responses. *What, specifically, are the biggest threats to privacy posed by computers/telecommunications right now? *To what extent should "ordinary people" (as opposed to those who "live" on networks like the Internet) be concerned with these threats? *Why is it so imperative that e-mail be kept absolutely private (with cryptography, e.g.), whereas paper envelopes can be steamed open by anyone who wants, and people send millions of postcards that have no protection whatsoever? *What actions should be taken, and by whom, to ensure that the inevitable spread of computers and networking will not encroach on individual's privacy? What laws should be passed? What regulations put in place? What customs established? *What questions should I be asking? Who should I talk to? Thanks for any thoughts on this topic. ALL RESPONSES ARE "ON THE RECORD" UNLESS YOU STIPULATE OTHERWISE. Herb Brody, Senior Editor MIT Technology Review HBRODY@MIT.EDU 617-253-8283 ****************************************************************** Technology Review covers technology and its implications for an intellectually sophisticated, but not necessarily technically knowledgeable, audience of almost 100,000 ****************************************************************** ------------------------------ Date: Wed, 3 Jun 92 09:22:50 PDT From: peter marshall Subject: Privacy Issues & the US West "Community LInk" Gateway An unidentified company, intending to become an ISP on the US West-CLM "Community Link" gateway in Minnesota, recently submitted the following comments to the Minnesota PUC. These followthe 4/6/92 submisssion of an earlier report to the PUC by an Advisory Panel on Privacy Issues. According to the present comments submitted, "Although the panel has dealt effectively with the issues surrounding privacy, it has avoided questions of ownership of data generated by users of Community Link." This company's position, therefore, focuses on what they call "the property rights of the service provider." Their position is that Congressional policy mitigates[sic]toward computer literacy and private development of an information society,...a gigantic network that is transparent to the user. Such a redirection of focus has its rewards but only if privacy is reinvented. Included within the pricetag of a new tomorrow is a restructuring of the social definition of "privacy...." Government--including the Commission--will shift focus to dissuading misuse of...information, not its collection or use. Unilateral state actions which inhibit the new tomorrow are an affront to the Supremacy Clause.... End users are customers of the respective service, and the service provider owns the data that is collected on its behalf. A compilation of facts about transactions with customers is beyond the reach of the Commission. Any part of it may be sold to others without approval of the customer.... Facts from which profiles may be generated are beyond the reach of the Commission. Profiles...may be sold to others without approval of the customer.... Note the emphasis on purported Federal policy and on the well-known "Feist" copyright case, which this information service provider attempts to apply to questions of information privacy in a commercial information gateway situation that involves multiple players and thus multiple interests. As the fat lady has not yet sung at the Minnesota PUC on these issues, and as US West and CLM look to another gateway in Seattle by next fall, these Minnesota proceedings should be well worth monitoring. -- Peter Marshall(rocque@lorbit.uucp) "Lightfinger" Rayek's Friendly Casino: 206/528-0948, Seattle, Washington. ------------------------------ From: John Nagle Subject: Re: Isn't personal privacy a little overrated ? Date: Wed, 03 Jun 92 18:21:07 GMT jgro@netcom.com (Jeremy Grodberg) writes: >[An important component of the current debate is the disparity of >information, and profit from it. If everyone could freely find out >everything about anyone, then the privacy issue would be quite >different. I agree, and think that's the way it should be. In Sweden, you can go to a public records office and look up anybody's dossier. This seems to work. I object more to the disparity of information power than to lack of privacy. The California Department of Motor Vehicles used to provide the driving record and address of anyone to anyone who requested it. After a Tylenol-scare sort of crisis (some nut got the address of some actress he was obsessed with and killed her) the state legislature restricted the dissemination of DMV information to individuals. But banks, insurance companies, credit bureaus, and almost any "institution" can still get that data quickly and without asking the driver's permission. It's that disparity that is a bad thing, not the disclosure. Having an unlisted address might be supported for individuals as it is for corporations. Corporations must provide an address at which they receive mail, and any mail delivered to that address is deemed to be delivered to the corporation. For many small corporations, that address is some lawyer who represents the corporation, not the address of an officer of the company. Individuals should be accorded the same courtesy. In California, cops already are, and IRS agents are just now getting similar anonymity. John Nagle ------------------------------ From: David Ratner Subject: Re: My view on Caller ID Date: 3 Jun 92 18:10:07 GMT dpenner@ee.ualberta.ca (Darren E. Penner (Dokken)) writes: >I must say that as a subscriber to Caller ID I can see NO reason in the world >anyone has a Right to keep their phone number a secret from me. These people >are using a resource which I PAY to have installed in my house and as such, >I believe that they should be forced to identify themselve to use this >resource. What about when I want to make an anonymous phone call, like - anonymous police suspect line If I were to place a call to the police with a tip, info, etc, I wouldn't necessarily want them to know who I am. That's the whole reason the police info lines are "anonymous". - complaints to an organization, etc. Maybe I want to complain, but I don't want my name known. - calling an organization/business for information I don't want them to get my number and add it to their list of "who to bug by tele-marketing" Furthermore, I disagree with your opinion that just because YOU installed the service means that no one has the right to hide from you. Why does the fact that you paid for something revoke MY privacy? It shouldn't. My privacy remains my right regardless of what you do or don't do. >[ rest deleted ] -- * * *** * * | Dave "Van Damme" Ratner * * * * * * / \ ratner@cs.ucla.edu * * * * *** \ / *** *** *** * * | "Wham Bam, thank you Van Damme!" ------------------------------ From: "Life..." Subject: Re: An Alternative to Call Blocking Date: Wed, 3 Jun 1992 18:38:28 GMT preece@urbana.mcd.mot.com (Scott E. Preece) writes: >Why not just require each local company to assign each subscriber TWO >numbers, not related to each other algorithmically (or, at least, one >of them not derivable from the other). Instead of having call blocking >send no number, have it send the alternate number, which is uniquely >assigned to the caller but is not a number that someone can call back >to? This retains the ability to identify harrassing callers (enhances >it, since you could then eliminate real blocking and always have a >traceable number attached to any incoming call. It retains the ability >to recognize calling numbers as calls you want to grab or ignore[)]. >And it doesn't seem like it should cost much to implement. Typically you cannot just dial up someone at the telco, give them a number, and expect them to give you a name. I'd expect that such blocked calls with unique numbers would run across the same boundaries we have on finding out who is making harassment calls now. You tell them the time and date of the call, they go through their list, but you would need to get a search warrant in order to find out exactly who is making the calls. (This is what I was told over the phone with LT&T.) They could warn the caller for me, but I wouldn't get the name or number. I'd expect the same thing would be set up regarding these block IDs. >Since the space of numbers is limited, you might want to use simply make >the new numbers 1 digit longer and use a new prefix to identify them >(a letter, perhaps, if the standard allows that). Well, you can take advantage of the way the numbers are currently used. The second digit of area codes are always a 0 or a 1. I don't think any prefixes start with a 0 or 1 either. Put a new value in those positions other than 0 or 1, then allocate the new number around them. >scott preece >uucp: uunet!uiucuxc!udc!preece, arpa: preece@urbana.mcd.mot.com -- /// ____ \\\ | CAUTION: | |/ / \ \| | | Avoid eye contact. In case of contact, flush \\_|\____/|_// | mind for 15 minutes. See a psychiatrist if \_)\\/ | irritation persists. Not to be taken gberigan `-' cse.unl.edu | seriously. Keep out of sight of children. ------------------------------ From: Erik Nilsson Date: Wed, 3 Jun 92 11:51:57 PDT Subject: Re: "An Alternative to Call Blocking" in CPD V1#040 > Why not just require each local company to assign each subscriber TWO > numbers .... Instead of having call blocking send no number, have > it send the alternate number .... This is very similar to GTE's "Protected Number Service," which is apparently implemented as a variant on their "Teen Line" service. Of course, this service doesn't address many privacy concerns with CNID. For example, a unique identifier is still attached to a phone, so the same assumptions about calling behavior will be made by CNID recipients. GTE Northwest presented PNS to the Oregon PUC in their CNID investigation. The PUC permitted GTE-NW offer PNS, but rejected GTE-NW's argument that PNS was in any way a substitute for strong blocking options (free per-line and per-call, with charges allowed if you want to turn per-line off and on frequently). - Erik Nilsson ------------------------------ End of Computer Privacy Digest V1 #041 ******************************