Date: Thu, 11 Jun 92 11:52:02 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#046 Computer Privacy Digest Thu, 11 Jun 92 Volume 1 : Issue: 046 Today's Topics: Moderator: Dennis G. Rears photo credit cards Re: SSN's and blood Re: SSN's and blood Re: Privacy and blood Re: Can I lose the rights to my name and address? Another side of privacy Re: SSN's and blood Re: How to defeat call block (and how to guard against it) The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.200]. ---------------------------------------------------------------------- Subject: photo credit cards From: "Wm. Randolph Franklin" Date: Tue, 09 Jun 92 13:39:09 -0400 Photos on credit cards are not new. In the mid 1970s, my card from Cambridge Trust (I think) had my photo on the back. The bank did the photo; I don't know if they kept a copy. This was before credit cards had magnetic stripes on the back; I don't know what the advent of stripes did to the photos. -------- Prof. Wm. Randolph Franklin, wrf@ecse.rpi.edu, (518) 276-6077; Fax: -6261 ECSE Dept., 6026 JEC, Rensselaer Polytechnic Inst, Troy NY, 12180 ======= LOST MAIL: Mail sent to me between F5-29-92 and M6-1-92 might ======== ======= have been lost in a disk crash. Please resend it. Sorry. ======== ------------------------------ Subject: Re: SSN's and blood Date: 9 Jun 92 11:01:39 EDT (Tue) From: "John R. Levine" >The earlier posters both neglected to report whether or not the red >cross actually GOT their SSNs out of them. Of course they didn't. Neither the Boston nor the Philadelphia Red Cross got my SSN, and both sent me donor ID cards with different substitute IDs. The Boston ID is the first three letters of my last name followed by my date of birth. The Philadelphia ID is a number starting with five zeros. When I gave the Philadelphia bloodmobile people my Boston ID they couldn't use it, since their system only uses digits. As I mentioned in a previous message, if the Red Cross is serious about a national excluded donor database, they might start by using consistent IDs. There are certainly donors who have no SSN to give, e.g. foreign student spouses, so they should have thought of that even without the privacy issue. Regards, John Levine, johnl@iecc.cambridge.ma.us, {spdcc|ima|world}!iecc!johnl ------------------------------ From: Jeff Hibbard Subject: Re: SSN's and blood Date: Tue, 9 Jun 92 18:04:03 GMT tmkk@uiuc.edu (Khan) writes: > Seems pretty silly to me. Not only is it a misuse of the SSN, but suppose > AIDS Mary, who got infected and is now bitter and wants revenge on the > world, decides to give blood in the hope of infecting others. She > gives blood once, they test it, find out it has AIDS. Her SSN is added > to the list. She gives blood again, only this time they refuse since her > SSN is on the list. She catches on quickly, and gives a fake SSN the > next time. They accept her blood. I don't want to get involved in the main dispute about whether or not the Red Cross should use SSNs, but the above argument is irrelevant. The database (at least around here) is checked by people in the lab during the course of processing the blood, which happens long after the donor is gone. If they get a hit in the database, the blood is discarded, but the donor has no way of knowing this. No Red Cross employee likely to be in contact with the donor even knows that the blood was discarded, and they will cheerfully accept another donation from her the next time she comes in (only to have people in the lab discard it again). There is no information available to the donor which would enable her to "quickly catch on." > I sure hope they test each and every > donation, since she has easily circumvented the system. And since they have > to test each and every donated pint *anyway*, what's the point in keeping > the stupid database? Yes, they test each and every donation, but the tests are not (and cannot be made) absolutely perfect. The database is maintained in the hope of catching some of the dangerous units of blood which falsely test negative. Given the FATAL consequences of transfusing infected blood, I feel that even the relatively small number of additional units caught by maintaining the database is worth the effort (although they could probably accomplish the same thing without using SSNs). ------------------------------ Date: Tue, 9 Jun 92 12:42 PDT From: John Higdon Subject: Re: Privacy and blood "Robert L. McMillin" writes: > Irony of ironies: William Dannemeyer, (R-Anaheim, CA), arch- > conservative and nationally famous homophobe had the temerity to suggest > in 1985 that a database of all HIV-positive people should be kept in > order to prevent these same from donating blood. At the time, this > caused quite a stir among homosexuals (or at least, the more vocal > ones). [...] > Normally I don't agree with much Dannemeyer has to say, but I frequently > find that the propaganda put out by some of the more obnoxious elements > of the homosexual community to be downright dangerous for themselves, if > to no one else. I suspect that Dannemeyer's intention with respect to such a database had less to do with the control of AIDS than it did to do with having a convenient means of identifying those dreaded homosexuals. If you understood current blood-donating practices, you would see why such a database is excess baggage. People in "high risk" categories are simply asked to not donate blood. This means that even though I may be HIV-, as a member of a "high risk" subset of the population, my donation would be discarded without even testing it. Furthermore, ALL collected blood is tested. Our blood supply today is exceedingly safe; having a computerized database of gay people would not make it safer, but could certainly be injurious to the lives of the people on the list. There is a tendancy to dismiss out of hand rantings by "obnoxious" and "vocal" groups, but where there is smoke there is fire. Try to take each thing for what it is and not let your prejudices get the better of you. > Just last year, I read a so-called 'saf-er sex guide' > published via sci.med.aids that suggested that sex with multiple > partners, fistf-cking, and prostitution, were all acceptable practices > that "can be done with minimal risk of AIDS," and that warnings against > these practices "are based on moralism not medicine." Oh really? Mentioning this is typical of the tactics of those who want to have the edge of emotionalism to bolster an inherently weak argument. We need much less emotionalism and rhetoric and much more science and practicality guiding our actions as members of a society. You may view homosexuals as mindless animals, but most of us (not some, most) consider our actions very carefully as do most heterosexuals. I, for one, cannot believe that you would not consider (even for a moment) that someone such as Dannemeyer, confirmed homophobe, just might have another purpose in mind from that stated when he proposes to keep a little list. Throughout his career as of late he has attempted one dirty trick after another to rid society of the homosexual menace. What could be better than a major list in just the right hands to ensure that members of the gay community would be denied jobs, housing, or any of the necessities of life? He has publically stated this as one of his goals. -- John Higdon | P. O. Box 7648 | +1 408 723 1395 john@zygot.ati.com | San Jose, CA 95150 | M o o ! ------------------------------ From: Jim Haynes Subject: Re: Can I lose the rights to my name and address? Date: 9 Jun 92 21:06:27 GMT Source-Info: From (or Sender) name not authenticated. ^^^^ ^^ ^^^^^^ ^^^^ ^^^ ^^^^^^^^^^^^^ That subject line reminded me of the story about Clarence Saunders. He invented the supermarket, and named his "Piggly Wiggly". Well, in various legal and financial problems he lost the right to the name. So he opened another market named "Clarence Saunders, Sole Owner of My Name". Later he went on to build the Keedoozle automated store, which was then after a year changed to a conventional supermarket called "Zizz-Buzz" -- haynes@cats.ucsc.edu haynes@cats.bitnet "Any clod can have the facts, but having opinions is an Art." Charles McCabe, San Francisco Chronicle ------------------------------ Date: Tue, 9 Jun 92 16:07:20 PDT From: Jim Warren Subject: Another side of privacy It is difficult to strike a balance between the just desires of individuals for personal privacy, and the just needs of a community to have an informed accounting of the consequences of the actions of its individual members. The problem with privacy is that there are those who intentionally use it to cover their wrong-doing. Further, it shields those who are casually irresponsible from being held accountable. The following exemplifies the adverse side of privacy. It is not from an Evil Corporation, nor a Naive Computer Neophyte, nor from a Person Who Disprespects Privacy. Instead, it's from a mostly-consultant who is an experienced computer pro, and someone who has long-illustrated deep concern for ethical and civil-liberties issues. Aside: This is similar to women who receive obscene or threatening phone calls, but [a] can't get the local cops (or courts) to monitor the line, and [b] are prohibited from having Caller ID to aid their personal defense against anonymous electronic intruders in their homes. Police won't furnish protection (or don't have the resources), and the law supresses the tools for self-defense against unwanted intrusion. Result: Phone-owners' privacy in their own homes is degraded or forfeited in order to protect the privacy of anonymous, covert callers. --jim -----------posted with the author's explicit prior permission------------- From autodesk!uucp Mon Jun 8 09:31:59 1992 Subject: Freedom To: jwarren@well.sf.ca.us I have a problem with certain privacy concerns (this time I am on the anti-privacy side). I have court judgements against some southern CA slime bags (you want a definition, their BUSINESSES will not identify themselves when you call them, they answer "corporate" and if you ask who you have reached repeatedly, they will hang up on you). I think I have a RIGHT to know where they live and work so I can serve them with legal papers. Remember, they have already LOST the suit, their day in court is over. But without going to court AGAIN for a seperate order, I cannot pull their credit records (privacy). BS! This is just a makework thing for attornies and PIs. You see, I can get the credit report illegally for $30 (instead of $8 if I had a right to it). What a crock! Do you agree? Worse yet, all this privacy BS has given us 3 seperate ID numbers. The DMV wants driver's license number and birthdate, the credit guys want SSN. I am all for a law-abiding guy trying to keep his private affairs private, but when you have lost in court, those same laws keep you from having to pay up. BS I say. Do you agree? I am not sure I have an implementation, but I sure would work on one if there were any reason to believe it would do some good. Dave Dave Gomberg GOMBERG@UCSFVM Internet node UCSFVM.UCSF.EDU (415)731-7793 Seven Gateview Court, San Francisco CA 94116-1941 ------------------------------ Date: 10 Jun 92 03:59:32 GMT From: "Marc T. Kaufman" Subject: Re: SSN's and blood tmkk@uiuc.edu (Khan) writes: >In article stevef@wrq.com (Steve Forrette) writes: >>In article johnl@iecc.cambridge.ma.us (John R. Levine) writes: .-->The local red cross wanted my ssn when I gave blood. They got really .-->ugly when I refused. .->The people at the Red Cross can be remakably dense, particularly .->considering that all their blood comes from unpaid volunteers. I donate both .->here in Boston and at my beach house near Philadelphia. Both wanted my SSN. .>In California, there is a statewide database of people who should be .>excluded from donating blood for any reason. It is of course useful these .>days for donors with AIDS, but the database predates the AIDS epidemic. .Seems pretty silly to me. Not only is it a misuse of the SSN, but suppose .AIDS Mary, who got infected and is now bitter and wants revenge on the .world, decides to give blood in the hope of infecting others. She .gives blood once, they test it, find out it has AIDS. Her SSN is added .to the list. She gives blood again, only this time they refuse since her .SSN is on the list. She catches on quickly, and gives a fake SSN the .next time. They accept her blood. I sure hope they test each and every .donation, since she has easily circumvented the system. And since they have .to test each and every donated pint *anyway*, what's the point in keeping .the stupid database? Yes, every pint is tested, but testing is not 100% foolproof, and trying to weed out bad blood before even taking it is useful. There are reasons for refusing to accept blood that involve conditions that won't show up on a test, such as a history of malaria or sickle cell anemia. If you don't like SSNs as an ID, perhaps we should develop automated genotyping, and record the genetic pattern of anyone who should not give blood. Then we could refuse blood from your relatives, too. -- Marc Kaufman (kaufman@CS.Stanford.EDU) ------------------------------ From: "Life..." Subject: Re: How to defeat call block (and how to guard against it) Date: Wed, 10 Jun 1992 05:57:28 GMT varney@ihlpf.att.com (Alan L Varney) writes: >perry@drycas.club.cc.cmu.edu writes: >>How to defeat call block for those who have caller ID. >> >>I have used this several times, so this method is based on fact, and works >>in Baltimore, Maryland. I post this so that people who use call block will >>be aware of this 'loophole'. >: >>3) Hang up and wait for call back. This should not be very long since the >>person who answered the phone in step 3 will hang up after nobody is there. >> >>4) Phone rings, and the 'blocked number' appears unblocked. > I'm not saying you are wrong, you understand. But *69 calls are >from your phone to the other person's phone. If Caller-ID shows up on >the "ring-back" to you (just before the call is made to the other party), >that must be an unusual implementation. Some places have the option that, if the number is busy, to have the system watch the line for when it becomes free. When it does, it will ring both sides of the call (as both typically would be on-hook). I believe this is re-inventing something old and charging for it, but it is one of the features they are implementing here. Gonna be hell on BBS's and radio stations holding contests. Still, it sounds like it might work. Be simple for the telco to fix that though. If you happen to have 2 lines, you can get a better reading from that trick. Use the code to dialback, then immediately dial with the other line (block it). Even if it hasn't been picked up yet off the first call, the second will be busy. Then setup the dialback. Hang up first phone, second will ring, with their number. (Possible that your number is showing on the dialback on their end though... wanna give a prank caller your private-line number? Maybe if it is your dedicated computer line. He tries calling back, he gets carrier in his ear.) >And your number will be >sent to the *69-ed party, who can use the same mechanism (if it works) >on you.... No problem, as they obviously knew your number first anyway. Unless it was someone who dialed a wrong number by accident when dialing the local movie theatre blocked to avoid being culled into a database. But then they wouldn't be doing any heavy breathing on your line. >Al Varney - just my opinion -- /// ____ \\\ | CAUTION: | |/ / \ \| | | Avoid eye contact. In case of contact, flush \\_|\____/|_// | mind for 15 minutes. See a psychiatrist if \_)\\/ | irritation persists. Not to be taken gberigan `-' cse.unl.edu | seriously. Keep out of sight of children. ------------------------------ End of Computer Privacy Digest V1 #046 ******************************