Date: Thu, 24 Sep 92 17:32:51 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#083 Computer Privacy Digest Thu, 24 Sep 92 Volume 1 : Issue: 083 Today's Topics: Moderator: Dennis G. Rears 48 Hours Show on Privacy TONIGHT!!! police files conference Re: Address required on checks Re: Computer Privacy Digest V1#082 CPSR Files Suit Against FBI Over Wiretap Proposal Citibank photo credit card Re: SSN and Airline Antitrust Settlement Computer access to SSN and bank accounts: 48hrs episode Re: Fraud Can Lead to a Term in the Penitentiary, Guys The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.200]. ---------------------------------------------------------------------- From: David Feustel Subject: 48 Hours Show on Privacy TONIGHT!!! Date: Wed, 23 Sep 92 23:58:05 GMT Organization: DAFCO: OS/2 Software Support & Consulting Apparently-To: 48 Hours will be about Invasion of Privacy tonight. -- Dave Feustel N9MYI RE Drug Warriors who enjoy making a "good" bust: I'm sure the Salem Witch Hunters enjoyed their law enforcement achievements too. ------------------------------ From: Nigel Allen Date: Tue, 22 Sep 1992 20:00:00 -0400 Subject: police files conference Here is a press release from the U.S. Department of Justice. National Criminal Justice Information Conference in New Orleans To: City and Assignment desks Contact: Stu Smith of the Office of Justice Programs, U.S. Department of Justice, 202-307-0784 or 301-983-9354 (after hours) WASHINGTON, Sept. 23 -- A national conference on federal-state criminal justice information sharing will be held from Wednesday, Sept. 23, through Saturday, Sept. 26, in New Orleans, the Department of Justice announced today. Jointly sponsored by the Bureau of Justice Statistics (BJS) and the Justice Research and Statistics Association (JRSA), the conference participants will discuss "Federal and State Information Sharing to Effectively Combat Crime and Ensure Justice." Specific topics that will be aired include "New Measures in the Criminal Justice System," "'Weed and Seed' and New Drug and Crime Prevention Initiatives," "Challenges and Reforms to the Justice System in the 90s," "Uses of Incident-based Reporting Systems," "Recent Developments in Criminal History Improvements" and various research issues in corrections, prosecution and law enforcement. Among the approximately 250 people expected to attend will be officials from state and local government and various federal agencies as well as leading criminal justice researchers and scholars. Other participants will be the directors of State Statistical Analysis Centers (SACs) and other members, associate members and guests of JRSA. BJS has provided funding to state justice statistics and information systems through a network of SACs since 1972. There are currently SACs in 48 states, the District of Columbia, Puerto Rico, the Virgin Islands, and the Northern Mariana Islands. The SACs provide a wealth of data about crime and the operation of the criminal justice system to state and local governments, legislatures, and Attorneys General for policy analysis and planning purposes. This year is the 20th anniversary of the SAC program. It also marks the beginning of a new initiative to establish a truly national system of federal, state and local government information-sharing and readily accessible data bases. Additional information about BJS programs and publications may be obtained from the Bureau of Justice Statistics Clearinghouse, Box 6000, Rockville, Md. 20850. The telephone number is 800-732-3277. -30- -- Canada Remote Systems - Toronto, Ontario World's Largest PCBOARD System - 416-629-7000/629-7044 ------------------------------ From: Michael Rosen Subject: Re: Address required on checks Organization: University of Denver, Dept. of Math & Comp. Sci. Date: Thu, 24 Sep 92 04:48:22 GMT Apparently-To: uunet.uu.net!comp-society-privacy No one has mentioned this, but you do have the right to refuse the writing of your credit card number on your check. In fact, it's illegal in some states (I only know of MD). They can only see the credit card as proof of identification/credit and only that. As far as writing a phone number on a credit slip, I usually ignore them when they ask for it and just sign it. If they make a fuss about it I tell them I don't put my phone number on credit slips. My sister had a guy call her and ask her out...he had taken her phone number off the slip when she bought something from the store he worked for...:) Mike -- Michael Rosen "Beer - It does Tau Epsilon Phi - George Washington University a body good." mrosen@nyx.cs.du.edu Michael.Rosen@bbs.oit.unc.edu or @lambada.oit.unc.edu ------------------------------ From: "Patrick A. Townson" Subject: Re: Computer Privacy Digest V1#082 Date: Thu, 24 Sep 92 0:06:21 CDT rudis+@cs.cmu.edu (Rujith S DeSilva) writes: > (1) If a store over-charges me, surely I wouldn't pay income tax on > the refund they give me when I complain? Although I know little about > US tax laws, private email told me that I've to pay tax only the > profit, if any, that I make. Hence the settlement payments should (*) > be free of income tax unless: No, but assuming you also paid the proportionate sales tax on the amount of the overcharge, it would have to be refunded by the government if it already had been paid to the government. So your SSN-ID would be a way to identify you. > (a) You deducted the cost of airline tickets from taxable income > or (b) The settlement is greater than the cost of tickets you bought And either of these conditions may apply, especially (b) unless you want to read the court's mind ahead of time. If the court awards punitive damages, those *are* taxable ... actual damages are not in most instances, unless you previously had taken a tax deduction based on the damages ... then you'd have to reverse the deduction you previously claimed or treat the award as income. Paul Wallich adds: > Although the taxable-income theory may hold, then again the antitrust > settlement is for a claim for actual damages, which, if my memory > serves me, may not be taxable because, after all, you suffered a real > monetary loss at some point in the past (punitive damages, on the > other hand, are apparently taxable). See above. If you took a tax deduction based on the damages, then being compensated for the actual damages requires you to similarly compensate the government. > And IMO the "court requirement" argument is completely specious. If > you put yourself under the jurisdiction of a court and they ask for a > pint of blood or your firstborn child, certainly you have no > obligation to comply. This has to be taken in the context of the case before the court. If you are in court because it is alleged you have mistreated or sexually abused your children (as an example) then the court may well take your child away from you. The question would be the reasonableness of the requirement and/or the relationship it has to the case in dispute. If you are under the jurisdiction of the court you will obey the court or you will appeal for relief from the court's rulings -- you will not, however simply be disobedient or in contempt of the court. I think it would be deemed reasonable for the court to require some universal form of identification (such as SSN) when attempting to adjudicate a complex legal matter involving a large number of people making financial claims. Likewise if the court is hearing a paternity case to detirmine if you can be identified as the father of a child the court may well order you to have blood drawn and tested. So to answer your question, yes the court can demand your child and your blood if those requests are considered reasonable and withstand appeal. > The whole point at issue here is whether the court is legally > authorized to ask for your SSN, just as any other organization may or > may not be legally authorized to ask. Since there may be tax issues involved (you deducted a loss, intend to pay back what was deducted, may get punitive damages, etc) then the court is within its rights to ask for the SSN since this is how the taxing bodies identify you. > If they're not authorized to ask and nonetheless refuse to do business > with you when you don't give it to them, they may be in civil or criminal > trouble. (e.g. people have in the past been jailed for refusing to > accept U.S. currency in payment of a debt.) Produce some cites here please! Questions pertaining to debtors and creditors, along with contracts between the parties are CIVIL matters, never CRIMINAL matters. Police officers are NOT authorized to intervene in civil disputes at any time. I could see possibly a CIVIL court entering an order ('accept that debtor's payment in cash') and then proceeding with a contempt situation if the order was not followed, but what sort of fool would disobey a court's order to accept compensation in cash? ?? Gordon Burditt asks: > Now, for those who say that giving false information is fraud: > what happens if the information is blatantly and obviously false > to anyone who looks at it? Is that giving false information, or > just withholding it? If you can convince the court that your action was intended as a parody on a properly executed document, or theatrical in nature, then you have not given false information. But presumably the store clerk etc catches that in the process of completing the transaction. > Example: on a credit application form, filling in SSN: JUS-TS-AYNO > Example: on a credit card slip, filling in "your phone number" > (literally) on the line marked "phone number". > Example: when an address is asked for on a check, filling in > "Go swim in a toilet". If it gets past the merchant and on to the bank and the bank does not catch it either, then you get out of jail free as the Monopoly game card says. The merchant should catch these things however, and refuse to accept documents inscribed in this way. > Another question: You have a physical address where you *CANNOT* > receive mail. You have a post office box where you can receive mail > (the ONLY place where you can receive mail - mail at work is > disallowed by employer policies of "no personal mail"). > On a credit application, you put the post office box down as your > address. The potential lender demands a physical address. Since you > cannot receive mail there, do you commit fraud if you give it to them > without further comment? No, what you do is you amend the application form slightly to put down both addresses saying on one line MAIL ONLY TO: and the next line STREET ADDRESS IS: . Most credit card processers, banks and merchants are happy to accomodate that request. For example, my checks have my name and PO Box address. Now it may help that I've had my account with the same bank for thirty years, and I am not all that adventurous when it comes to shopping: I visit the same merchants over and over all the time. I'm the only person I know who can cash personal checks for cash or merchandise at the local 7/11 store. Other people in line around me look amazed when I do it. But I have gone to that store for fifteen years at least a few times each week. All sorts of business places, restaurants, etc in my neighborhood have signs saying "we do not accept checks" ... yet they take mine, thank me and urge me to come in again soon. There is something to be said about developing trust with the merchants in your community. I'd never go hungry simply because there are two restaurants in the area where (if I asked politely first of the owner) I could run a tab for a couple weeks at a time until I got money. My check serial numbers are presently four digits beginning with 8 as in 8xxx. People see those and ask how I 'managed' to get the bank to print numbers that high on them. It's simple: Over thirty years of writing checks at one institution got the numbers that high. I started at '101' like everyone else. Brad Miller noted: > From: "Patrick A. Townson" >> No merchant (or any other person to whom you are indebted or propose >> indebtedness) is required to accept *ANYTHING* as payment for the debt >> except the currency of the United States, which it is noted, is legal >> tender for all debts, public and private and generally cannot be >> refused. > Slight correction; this is true if the debt already exists, (in > fact, to refuse legal tender for such a debt cancels it); however, > in a contract (verbal or otherwise) the debt need not be denoted > in dollars, nor need the debt be payable in dollars. This has been > held up in court. Thus if you offer someone 10 grams of gold for > some item (or he requires payment in gold and you agree), he need > not take a (what you deem equivalent) FRN (federal reserve note) > value in place of the gold. You contracted to deliver gold, > therefore, that is what you must deliver. Granted, it is only when indebtedness occurs and no other method of consideration (in other words, payment) has been specified that US currency cannot be refused. And note that contracts do not have to be written down, and if they are printed they need not be in fancy legal language. When you pass through the turnstyle to board a subway train you have become indebted to the Transit Authority. The Transit Authority's 'contract' with you stipulates that BEFORE they will allow you to become indebted (i.e. get on the train, etc) you must agree with them to pay with exact change, or less than a ten dollar bill perhaps. That part of the 'contract' is in the form of a sign on the cashier's window. They require that you make an advance deposit for your future indebtedness; i.e. pay the fare first, THEN go through the turnstyle. Their contract may be in the form of a metal slug called a 'token' or a scrap of paper called a 'ticket' ... but these are perfectly valid contracts. Or as our correspondent points out, the contract may call for some other form of payment instead. Car rental companies are loath to take cash; you must agree with them to pay via charge card or purchase order from your company, etc. And finally, a few words to the smart-alecks who get angry about being forced to pay and decide to retaliate by taking all pennies or nickles in to pay the bill: the merchant (or more likely the tax collector) does NOT have to accept those either! The same laws which govern the acceptance of the currency of the USA as payment of debts specifically says the creditor does NOT have to accept what are termed 'the minor coins of the United States' as payment except to pay debts which are fractional portions of a dollar. Obviously the merchant has to take pennies and nickles to get seventeen cents out of you. He is not required to take hundreds or thousands of dollars in pennies just because you feel like throwing a hissy fit because your taxes are so high or the IRS auditor caught you screwing around. I had someone come in our office once to pay an account I was working on and they brought a bag full of pennies -- a hundred dollars worth, they claimed, although I did not count them. I told them to leave and take their pennies with them, and on the way out to leave the name of their attorney with our receptionist. Why, they asked? Because, I told them, you are going to get sued for the full amount due including the $100 you just now tried to pay. Gee, they showed up an hour later with a money order for the $100 instead ... I asked them 'now that wasn't hard, was it?' :) -- Patrick A. Townson ===> T h e C h e e r f u l I c o n o c l a s t <=== ptownson@eecs.nwu.edu ptownson@eris.berkeley.edu ptownson@cs.bu.edu ------------------------------ Date: Thu, 17 Sep 1992 16:43:51 -0400 From: David A. Banisar Subject: CPSR Files Suit Against FBI Over Wiretap Proposal Resent-Date: Thu, 24 Sep 92 9:12:26 EDT Resent-From: drears@pica.army.mil Resent-To: comp-privacy@pica WASHINGTON, DC, September 17, 1992 Contact: Marc Rotenberg, CPSR Director (202/544-9240) rotenberg@washofc.cpsr.org David Sobel, CPSR Legal Counsel (202/544-9240) sobel@washofc.cpsr.org CPSR Sues FBI For Information About Wiretap Proposal: Seeks Reasons for New Plan Washington, DC - Computer Professional for Social Responsibility filed suit today against the FBI for information about a new wiretap proposal. The proposal would expand FBI wiretap power and give the Bureau authority to set technical standards for the computer and communications industry. The suit was filed after the FBI failed to make the information public. In April, CPSR requested documents from the Bureau about the reasons for the proposal. The FBI denied that any information existed. But when CPSR pursued the matter with the Department of Justice, the Bureau conceded that it had the information. Now CPSR is trying to force the Bureau to disclose the records. The proposal expands the FBI's ability to intercept communications. It would mandate that every communication system in the United States have a built-in "remote monitoring" capability to make wiretap easier. The proposal covers all communication equipment from office phone systems to advanced computer networks. Companies that do not comply face fines of $10,000 per day. The proposal is opposed by leading phone companies and computer manufacturers, including AT&T, IBM, and Digital Equipment Corporation. Many charge that the FBI has not been adequately forthcoming about the need for the legislation. According to CPSR Washington Office director Marc Rotenberg, "A full disclosure of the reasons for this proposal is necessary. The FBI simply cannot put forward such a sweeping recommendation, keep important documents secret, and expect the public to sign off." In a related effort, a 1989 CPSR FOIA suit uncovered evidence that the FBI established procedures to monitor computer bulletin boards in 1982. CPSR is a national membership organization of computer professionals with over 2,500 members based in Palo Alto, California with offices in Washington, DC and Cambridge, Massachusetts and chapters in over a dozen metropolitan areas across the nation. For membership information, please contact CPSR, P.O. Box 717, Palo Alto, CA 94303, (415) 322-3778, cpsr@csli.stanford.edu. ------------------------------ From: usenet_interface@almaden.ibm.com MMDF-Warning: Parse error in original version of preceding line at AED.PICA.ARMY.MIL Subject: Citibank photo credit card Date: 24 Sep 92 15:39:51 GMT MMDF-Warning: Parse error in original version of preceding line at AED.PICA.ARMY.MIL Reply-To: usenet_interface@almaden.ibm.com MMDF-Warning: Parse error in original version of preceding line at AED.PICA.ARMY.MIL Organization: IBM Almaden Research Center I am a late comer to this group...so... Has there been a discussion about Citibank's commercial where they state that their CC's are the most secure? They completely ignore the fact that the thief need only put your CC number onto his CC with his photo...sounds like a sales gimmick to me. ---------------------------------------------------------------------------- | Jeff Schneiter | jeffs@almaden.ibm.com | (408) 927 - 1498 | ---------------------------------------------------------------------------- | "Leaning on the pedestal that holds my self denial | | Firing the pistol that shoots my holy pride | | Sitting here like wet ashes with X's in | | My eyes, and drawing flies" -- Soundgarden _Badmotorfinger_ | ---------------------------------------------------------------------------- ------------------------------ From: James Davies Subject: Re: SSN and Airline Antitrust Settlement Organization: Cray Computer Corporation Date: Thu, 24 Sep 92 16:39:39 GMT Apparently-To: In article lenoil@catalogic.com (Robert Lenoil) writes: >>The claim forms for the Airline Antitrust Settlement ask for `Social Security >>Number or Tax I.D.'. I've read the SSN guidelines posted here regularly, but >>this case seems different. I really don't want to supply my SSN, and I don't >>see why I legally have to...Why should I supply my SSN to certify my claim? > >My guess is that any payment you receive under the settlement is considered >taxable income by the IRS, in which case you'd need to supply your SSN. > >[Moderator's Note: Brint Cooper (abc@brl.mil) also mentioned this. I >think Pat Townson has the best answer; It is required by the court. ._dennis] Since the court is a government agency, they're presumably covered by the Privacy Act, and thus are required to tell you why they're asking for your SSN, what law authorizes them to do so, whether it's optional or mandatory, and what use they will make of it. Just ask, and they're required to tell you. ------------------------------ Date: Thu, 24 Sep 92 13:57:02 EDT From: Joseph M Orost Subject: Computer access to SSN and bank accounts: 48hrs episode Organization: Echo Logic Distribution: usa Followup-To: comp.society.privacy Summary: Computer access to private information Did anybody see the 48hrs episode on CBS on 9/23/92 where they got 2 people's names and addresses and were able to look up their SSN and their credit cards and bank balances via a computer at a private eye's office? Any idea how they did that? Can anybody with a terminal and a modem do the same thing, or is this some kind of "all people" database that one can subscribe to? regards, joe -- Full Name: Joseph M. Orost EMail: joe@babel.ho.att.com Organization: Echo Logic SurfaceMail: 943 Holmdel Rd.; Cruz Plaza; Holmdel, NJ 07733 Phone: +1 (908) 946-1115 ------------------------------ From: Khan Subject: Re: Fraud Can Lead to a Term in the Penitentiary, Guys Organization: University of Illinois at Urbana Date: Thu, 24 Sep 1992 18:23:17 GMT Apparently-To: comp-society-privacy@ux1.cso.uiuc.edu In article "Patrick A. Townson" writes: > >> Sounds like it's time to get a mail drop (with a "real looking" address) >> and have that printed on your checks. ;-) Either that or pay cash (as I >> usually do when confronted with this sort of hardheader sales droid). > >Mail drops are not in and of themselves illegal, although Lord only >knows most are full of deadbeats and con-artists as clients. Naturally >one could say that it is more convenient to receive mail that way, so >I can't say that's the only kind of clients they have. > >Your comment about 'hardheader(?) sales droids' makes me wonder why >you think you are so different and exceptional? The 'droid' is smart >enough to know that people who write checks have been known to bounce >them and be difficult to locate later on. SIGH. The word was intended to be hardheadeD, as I'm certain you were easily able to figure out (after all, YOU are not a hardheaded droid ;-). As for me being "different and exceptional," I think you're reading a little bit too much into my words. I think we've all run into hard headed droids who seem incapable of thinking for themselves (or beyond their "programming.") These droids are the ones who hand your credit card back to you before you've signed the credit card slip, making it impossible for them to verify the signature. Droids will refuse to accept your check because your PO Box address is printed on it, yet they will unquestioning accept that very same check if you hand write a "real looking" address on it without attempting to verify that the address you wrote is correct. Actually, I guess you're right. I *am* different than such a person. ;-) ------------------------------ End of Computer Privacy Digest V1 #083 ******************************