Date: Thu, 02 Jul 92 17:07:58 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#058 Computer Privacy Digest Thu, 02 Jul 92 Volume 1 : Issue: 058 Today's Topics: Moderator: Dennis G. Rears Re: SSNs and Social Insurance Numbers Re: speakerphone spooks ACM articles CPSR Challenges Virginia SS The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.200]. ---------------------------------------------------------------------- From: Brian Murrey Subject: Re: SSNs and Social Insurance Numbers Organization: Small System Specialists Date: Sat, 27 Jun 92 17:35:52 GMT Not sure if this is still true, but at least 7 years ago the ABC part of the SSN was an indication as to what state the SSN was issued in. I used to do some skip tracing for a major plastic credit company and we had a sheet that identified where the first 3 digits belonged. IE: 303 is Indiana, though many states had 3 or 4 prefixes assigned to them. I also remember that there were two or three "special" prefixes reserved for Railroaders, Government Dependents, and another special group that I can't remember. By knowing what state the SSN came from, we had a lead in tracking the individual down. (Although the lead was usually useless but on ocassion it helped nail someone down to a specific area) I enjoyed skip tracing a lot. I remember tracking a guy down in Germany that had pretty much abused his plactis to the limit before he left. He was shocked as hell when his phone rang and it was me. -- ======================================================================= : Brian Murrey - KB9BVN - QTH Indpls : Fidonet: 1:231/30 317-535-9097 : : UUCP:..towers!brian : Login:Ham Radio Password:Yagi : ======================================================================= ------------------------------ From: Erik Nilsson Date: Mon, 29 Jun 92 10:22:34 PDT Subject: Re: speakerphone spooks In Computer Privacy Digest Tue, 23 Jun 92 Volume 1 : Issue: 054 Daniel P. B. Smith Writes: > Our office AT&T Merlin systems offer a built-in speakerphone mode .... > Potentially, it seems as if the system could be used to eavesdrop on > offices. We have Meridian (Northern Telecom). It had a "Voice Call" feature that definitely could be used to eavesdrop. One of the first things I did was disable this feature, but it seemed to mysteriously turn itself on. Perhaps someone was playing with the phone system (!). Since we upgraded to voicemail, the voice call feature seems to have ceased to exist. I can't even deliberately turn it on now. - Erik erikn@boa.MITRON.TEK.COM (503) 690-8350 fax: (503) 690-9292 ------------------------------ From: Mike Percy Subject: ACM articles Organization: Clemson University Date: Tue, 30 Jun 1992 15:08:16 GMT The most recent Communications of the ACM has a number of very interesting articles about encryption, DES, FBI phone tapping, etc. Recommended reading. Mike Percy | grimlok@hubcap.clemson.edu | I don't know about Sr. Systems Analyst | mspercy@clemson.clemson.edu | your brain, but mine Info. Sys. Development | mspercy@clemson.BITNET | is really...bossy. Clemson University | (803) 656-3780 | (Laurie Anderson) ------------------------------ Organization: CPSR, Washington Office From: Dave Banisar Date: Tue, 30 Jun 1992 21:22:27 EDT Subject: CPSR Challenges Virginia SS CPSR Challenges Virginia SSN Practice PRESS RELEASE June 30, 1992 CPSR Challenges Virginia SSN Practice WASHINGTON, DC -- A national public interest organization has filed a "friend of the court" brief in the federal court of appeals, calling into question the Commonwealth of Virginia's practice of requiring citizens to provide their Social Security numbers in order to vote. Computer Professionals for Social Responsibility (CPSR) alleges that Virginia is violating constitu- tional rights and creating an unnecessary privacy risk. The case arose when a Virginia resident refused to provide his Social Security number (SSN) to a county registrar and was denied the right to register to vote. Virginia is one of a handful of states that require voters to provide an SSN as a condition of registration. While most states that require the number impose some restrictions on its public dissemination, Virginia allows unrestricted public inspection of voter registration data -- including the SSN. Marc A. Greidinger, the plaintiff in the federal lawsuit, believes that the state's registration requirements violate his privacy and impose an unconstitutional burden on his exercise of the right to vote. The CPSR brief, filed in the Fourth Circuit Court of Appeals in Richmond, supports the claims made by Mr. Greidinger. CPSR notes the long-standing concern of the computing community to design safe information systems, and the particular effort of Congress to control the misuse of the SSN. The organization cites federal statistics showing that the widespread use of SSNs has led to a proliferation of fraud by criminals using the numbers to gain driver's licenses, credit and federal benefits. The CPSR brief further describes current efforts in other countries to control the misuse of national identifiers, like the Social Security number. Marc Rotenberg, the Director of the CPSR Washington Office said that "This is a privacy issue of constitutional dimension. The SSN requirement is not unlike the poll taxes that were struck down as unconstitutional in the 1960s. Instead of demanding the payment of money, Virginia is requiring citizens to relinquish their privacy rights before being allowed in the voting booth." CPSR argues in its brief that the privacy risk created by Virginia's collection and disclosure of Social Security numbers is unnecessary. The largest states in the nation, such as California, New York and Texas, do not require SSNs for voter registration. CPSR points out that California, with 14 million registered voters, does not need to use the SSN to administer its registration system, while Virginia, with less than 3 million voters, insists on its need to demand the number. David Sobel, CPSR Legal Counsel, said "Federal courts have generally recognized that there is a substantial privacy interest involved when Social Security numbers are disclosed. We are optimistic that the court of appeals will require the state to develop a safer method of maintaining voting records." CPSR has led a national campaign to control the misuse of the Social Security Number. Earlier this year the organization testified at a hearing in Congress on the use of the SSN as a National Identifier. CPSR urged lawmakers to respect the restriction on the SSN and to restrict its use in the private sector. The group also participated in a federal court challenge to the Internal Revenue Service's practice of displaying taxpayers' SSNs on mailing labels. CPSR is also undertaking a campaign to advise individuals not to disclose their Social Security numbers unless provided with the legal reason for the request. CPSR is a national membership organization, with 2,500 members, based in Palo Alto, CA. For membership information contact CPSR, P.O. Box 717, Palo Alto, CA 94303, (415) 322-3778, cpsr@csli. stanford.edu. For more information contact: Marc Rotenberg, Director David Sobel, Legal Counsel CPSR Washington Office (202) 544-9240 rotenberg@washofc.cpsr.org sobel@washofc.cpsr.org Paul Wolfson, attorney for Marc A. Greidinger Public Citizen Litigation Group (202) 833-3000 ------------------------------ End of Computer Privacy Digest V1 #058 ******************************