Date: Mon, 15 Jun 92 17:59:56 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#049 Computer Privacy Digest Mon, 15 Jun 92 Volume 1 : Issue: 049 Today's Topics: Moderator: Dennis G. Rears Re: Privacy and blood Re: Another side of privacy Re: Concerns About New Phone Service Re: Drivers Licenses w/photos and SSNs Fundamentals of a Legal System Re: is personal privacy overrated ? Re: is personal privacy overrated ? Is there an archive for privacy materials? Re: Photo-Credit Cards The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.200]. ---------------------------------------------------------------------- From: hibbert@xanadu.com (Chris Hibbert) Subject: Re: Privacy and blood Organization: Xanadu Operating Company References: Date: Fri, 12 Jun 92 20:06:13 GMT G. Wolfe Woodbury writes: >The risk to privacy here is that those who have opinions and lifestyles >that are less tolerated than others are perceived as having less of a >right to privacy than others. Note that this really means that noone gets any privacy! "WE need to be able to monitor everyone's behavior in order to know who we should expose to public ridicule. Don't worry if you haven't done anything wrong. We only reveal information about people who aren't living the way we think they should. YOU don't have anything to hide, do you?" Chris -- hibbert@xanadu.com AMIX: CHibbert uunet!xanadu!hibbert MCIMail: CHibbert ------------------------------ From: bear@tigger.cs.Colorado.EDU (Bear Giles) Subject: Re: Another side of privacy Date: Fri, 12 Jun 1992 02:26:55 GMT I don't think the example you give qualifies as 'privacy.' Privacy is simply restricting the level of interaction to a level acceptable to all parties involved. To use the example of my magazine publisher friend, he is more than willing to accept written correspondence but does not wish to have a (possibly) hostile stranger greet him as he returns home from work. At the same time, he doesn't harass people with subscription requests (like _Byte_ did to me for several years). Privacy is _not_ hiding from creditors or others with a legitimate interest in contacting you. I can legitimately use a fake name when subscribing to a magazine since the only 'level of interaction' I want is to receive periodic copies of the magazine, nothing more. I _cannot_ legitimately use a fake name when ordering a credit card because they have their own legitimate interest in finding me to ensure payment. Calling a company running from its responsibility an example of privacy run amok breaks the second rule. It is an example of _abuse_ of the privacy laws, not an example of excessive 'privacy.' (Also, it illustrates how private individuals are becoming second- class citizens. XYZ company can request information on Joe Smith without explanation (and I have a credit report which clearly shows inquiries made without my knowledge or consent) but individuals do not have reciprocal rights, even in clearly justified circumstances). Bear Giles bear@fsl.noaa.gov ------------------------------ From: Barry Margolin Subject: Re: Concerns About New Phone Service Date: 12 Jun 92 22:37:26 GMT In article NIEBUHR@bnlcl6.bnl.gov (Dave Niebuhr, BNL CCD, 516-282-3093) writes: >In today's {Newsday} there's an article about a concern from the head of the >State Consumer Protection Board regarding Call Return. The intro goes into >a scenario where the phone is ringing while the homeowner is bringing in a >bag or bags of groceries and misses the call (the radio ad is even better >with the sound of breaking glass). > >This scenario was provided by a psychologist who described another scene >that affected him where he called a "highly disturbed individual, a convicted >felon" calling him back via *69 after the psychologist had called him. > >I quote here: "To my astonishment, this individual was on the line ... He >was able to access my private unlisted phone in my home by pressing a code >furnished by ... the telephone company." I don't understand the psychologist's concern. He wanted to talk to th disturbed individual, and succeeded. Why is he now bothered that "this individual was on the line"? It's not the case that the disturbed individual now knows the doctor's home phone number (that's a concern with Caller ID, which is why people are calling for the ability to prevent your number from being delivered) and can call him night and day. He can only call the doctor right after the failed call. (Does the Call Return information ever time out? Perhaps it should.) -- Barry Margolin System Manager, Thinking Machines Corp. barmar@think.com {uunet,harvard}!think!barmar ------------------------------ From: "Life..." Subject: Re: Drivers Licenses w/photos and SSNs Date: Fri, 12 Jun 1992 03:24:47 GMT So far, I don't have my SSN on my driver's licence. When I got mine updated (4/10/91) it changed slightly. They gave me the same number in the License No. box, except that the hyphen I had was replaced with a pair of zeros. That changes it from an Alpha-2digit-hyphen-4digit number to an Alpha-8digit number. What I noticed was the first letter was also the first letter of my first name, then the two digits which is the county number where I got my first licence, and then an xyxy digit sequence, which also happens to match the pattern of the last 4 digits of my SSN, but not the same numbers. However, the total length of the lic.# is now the same as a SSN, possibly in forseeing the use of SSN as lic.#. I don't drive but occasionally, when necessary. I mainly use it as a photo I.D., especially as the other photo I.D. I have is my University I.D., which _does_ include my SSN, plus a prefixed letter and suffixed 3 digits. From the last time I saw an I.D. booth for new students, I looked at the form you fill in. The 9 boxes to fill in with digits doesn't say anything about it being your SSN. It looks like it would be easy for me to go to a booth, fill in a different number, and get a new I.D. to replace the one I have. Nebraska has another I.D. that one can get, less cost (free? dunno), that businesses are obligated to accept in lieu of a driver's licence. I don't know if they require SSN on that one, or indeed on the driver's licence yet, although the change in lic.# leads me to that conclusion. I don't know if this alternate I.D. is available in other states. -- /// ____ \\\ | CAUTION: | |/ / \ \| | | Avoid eye contact. In case of contact, flush \\_|\____/|_// | mind for 15 minutes. See a psychiatrist if \_)\\/ | irritation persists. Not to be taken gberigan `-' cse.unl.edu | seriously. Keep out of sight of children. ------------------------------ Date: Sun, 14 Jun 1992 17:07:56 GMT From: Mark P. Neely Subject: Fundamentals of a Legal System I came across an article which I thought Usenet readers (especially those in the US) might find of interest! It is extracted from the August 1989 edition of _Australian Law News_, with the quotes taken from an article printed on pp13-15. The article is based on a speech given by US Supreme Court Justice Anthony M. Kennedy: Title: Lawyers must Understand Fundamentals of the Law, Judge Says. The essense of the speech was Justice Kennedy urging lawyers to look beyong the more immediate aspects of delivering legal services to understand and protect the philosophical and ethical precepts on which the law rests. To quote: "Justice Kennedy said the four elements on which the law and a legal system rested were: . that government rested on the consent of the people . that government protected a core of personal rights - today called human rights . that there must be an enduring structure which guaranteed the first two elements . that there be an obligation on each citizen to obey the law and to transmit the rule of law to a subsequent generation. "Justice Kennedy outlined the historical background to the concept of rule by consent and said: 'The consent of which we speak is a very ancient one. It is a consent to a system, it is a consent to a social order.' He continued: "It does not derive from any contract that was created at some particular historic time; it does not involve a contract at all, because in American constitutional theory and in constitutional theories of most western democracies, government does not exist as a party to make a contract with the people; it is created by the people". "So this consent is fundamental and it may not be withdrawn unless the Government is not preserving the other elements of the rule of law...All of us can identify laws that we dislike. This does not give us the right to withdraw consent". Kennedy discussed several truisms as he saw them surrounding the upholding of the rule of law, one of which was that personal rights must be guaranteed by the Government He notes that it is dangerous for any one person or generation to compile an exhaustive list of human rights. But nevertheless, the basics are as follows: (a) There must be, at a minimum, protection for the rights of expression, of conscience, of speech and belief, in all their forms. (b) There must be freedom from arbitrary and evasive physical restraint by the Government (c) There must be freedom from classification based on race, creed, colour, sex, national origin and religion (d) There must be the right to own and acquire property. He then goes on to comment that the Constitution of the United States was written in the same style - it talks about life liberty and property. Any comments? ------------------------------ From: bear@tigger.cs.Colorado.EDU (Bear Giles) Subject: Re: is personal privacy overrated ? Date: Fri, 12 Jun 1992 01:57:01 GMT Someone asked for clarification, and return e-mail bounced.... There is a form you can fill out to request a P.O. Box holder's name and street address. I have heard it is supposed to only be used for P.O. Boxes used for business purposes, but my friend said he checked into it and discovered it could be used for personal boxes as well. (He falls under the 'business' category anyway). If you stop and think about it, this makes sense. It's very hard to file legal papers on a P.O. Box -- their is a huge potential for fraud here. BTW, I have used this form when responding to help-wanted ad's in the paper. I do _not_ like sending my resume to a POB without a company name or phone number. There is another form for requesting the last-known-(mailing)-address of _anyone_. I suspect they require a reasonable starting address (e.g., city of residence within last 12-18 months), but they'll track down the forwarding addresses. Bear Giles bear@fsl.noaa.gov [Moderator's Note: I have had a PO Box (P.O Box 210, Wharton, NJ 07885) for about 6 years. I have also moved 5 times in that time period. I have never notified the Post Office of my change of address. Moral of story is that you can count on the Post Office having a good street address for a Box holder. _Dennis ] ------------------------------ From: John Artz Subject: Re: is personal privacy overrated ? Reply-To: jartz@mitre.org Date: Fri, 12 Jun 1992 12:38:16 GMT In article , pw@panix.com (Paul Wallich) writes: [stuff deleted here] |> Just what _are_ the benefits to individuals of the unrestricted flow |> of information about them? Clearly that is the heart of the issue. I think there are many benefits to the individual of unrestricted information flows. I will give one example and then generalize the point I am trying to make. If I join a grocery store shoppers club that collects data on all my purchases, I might be reluctant to have that information dissemminated because it may reflect badly on me or I might be damaged in some way. For example if I buy two bottles of wine every day and every girlie magazine on the shelf, I might be reluctant to have that information shared with my friends, neighbors, and prospective employers. Clearly I would fear being exposed as a drunken pervert, etc, etc. However, I claim that it is restricted information flows that leads to this problem. If everybody's purchases were know, we might find out that 20 million people have purchasing habits just like mine. If I am in the company of 20 million other people I might be less afraid of being exposed. My point here is that lack of information leads to supposition, inuendo (sp?), even superstition and prejudice. We always see people on the television comming forward to announce their problems to the world in case somebody else is in a similar situation. Not knowing about other people leads us to feel isolated and often unintegrated into the fabric of society. Thus, I believe that free flowing information does provide potentially large benefits to the individual. Before anyone dismisses this as laize faire lunacy, let me add that I initially compared free flowing information as a philosophical goal to the individual's right to vote. Without boring you with the history of the right to vote, let me say that it has not come easily to everyone and still many people in our society don't have the right to vote (young people and felons come to mind). This is a philosophical direction not a social imperative that should be adopted or rejected in the next two weeks. John M. Artz, Ph.D. jartz@mitre.org +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ A crisis is just the end of an illusion. -- Gerald Weinberg +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ------------------------------ From: Michael Hart Subject: Is there an archive for privacy materials? Date: 15 Jun 92 16:30:48 GMT Distribution: na I'd like to know if there is an archive for privacy/computer related materials available, and if so, it's name/IP address? thanx [Moderator's Note: Yes. It is updated about every month. The name of the machine is ftp.pica.army.mil [129.139.160.200]. FTP in with a username of anonymous and password=your_email_address. CD into pub/privacy. This directory also contains the old telecom-privacy digests. I have just updated it. _Dennis ] -- | Michael G. Hart mhart@blackjack.dt.navy.mil | |--------------------------------------------------------------------| | You think _I_ speak for the government or the navy? HAH! | | Aviation, computers, quality improvement, Northern Exposure, money | ------------------------------ From: "Jolly C. Pancakes" Subject: Re: Photo-Credit Cards Date: Sat, 13 Jun 1992 02:18:24 GMT In article ranck@vtvm1.cc.vt.edu (Wm. L. Ranck) writes: >Well, they probably figure that it will cut down on card fraud. People >who deal in stolen cards won't be able to get as much out of a card with >the owner's picture on it. Of course this sort of depends on how hard >it will be to remove/replace the picture on the card. Having the picture on the card might not mean a thing, either. We had a case here recently where a field service engineer from HP was murdered in a downtown parking garage by a couple of fine youths, who then high-tailed it to the DMV where an accomplice (read: girlfriend) issued a new license in the murdered man's name - reporting his as "lost". The murderer was actually stopped by state police for speeding the next day and no one questioned why a 17 yr old black guy's picture was on the license of a man described as white and 35 yrs old, with a Lithuanian name. (The saddest thing is that the engineer might have survived if he had had a car with a trunk, instead of the typical field service station wagon with a back end full of equipment. The same gang grabbed two other guys, including a doctor from Hopkins and stuffed them in their trunks.) -- jcpatilla jcp@islay.dco.dec.com My otter is sleek and fat, he wears a bowler hat. His tailor in Savile Row can fit him with style. He likes champagne and eels, keeps them in wicker creels - he's THE finest fellow you have seen in a while! ------------------------------ End of Computer Privacy Digest V1 #049 ******************************