Date: Mon, 23 Nov 92 17:07:16 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#103 Computer Privacy Digest Mon, 23 Nov 92 Volume 1 : Issue: 103 Today's Topics: Moderator: Dennis G. Rears Re: Passport Records (none) Re: Technophiliacs - cont. Re: Technophiliacs - cont. Electronic devices Small town versus computer privacy Comp Priv Digest The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.200]. ---------------------------------------------------------------------- From: Harry Erwin Subject: Re: Passport Records Organization: TRW Systems Division, Fairfax VA Date: Fri, 20 Nov 1992 18:33:47 GMT Stewart Rowe writes: >This morning, the New York Times said (approximately) >"In the '50s and '60s the State Department Passport Office >investigated the political views of many people." > >My question is, does anyone know what they are doing NOW, and >what kinds of records they keep? These were the notorious "alpha files," which were maintained by the Passport Office in cooperation with the FBI's spying under Hoover. Most (almost all?) were discarded in the aftermath of the discoveries about Hoover. The folks in the Passport Office were digging through Clinton's records in the hope that his files were still extant. Apparently they weren't to be found, although it is likely they existed at one time. Those people spied on _everyone_. Cheers, -- Harry Erwin Internet: erwin@trwacs.fp.trw.com ------------------------------ From: elee@bonnie.ics.uci.edu Subject: (none) Date: 20 Nov 92 19:14:46 GMT MMDF-Warning: Parse error in original version of preceding line at AED.PICA.ARMY.MIL To: comp.society.privacy From: Eric J. Lee 11-19-92 This is part of the ICS 131 bboard posting requirement. In following the discussion by Tom Wicklund on this bboard, I read his comments on the advantages and disadvantages of using the magnetic strip on driver's license cards as identification. True, this will make it very convenient for grocery market clerks to validate personal checks, and they may indeed become careless about it. However, I believe that it is still a good idea. There must be some level of responsibility placed on workers, and a level of responsibility placed on citizens. If someone loses his or her card, he or she should be responsible for (as with credit cards) cancelling it immediately. This way, cards can be assumed valid, and check-outs at markets can be sped up. Competent users (those who don't lose their cards) shouldn't have to wait up for services to insure less competent users' security. The other interesting point being discussed on the bboard was that of exactly what information is stored on the magnetic stripe that isn't visibly printed on the card. I would sure like to know, and who exactly is capable of reading and using this information. Could the strip contain information such as a person's credit record? If so, a person with bad credit could conceivably be denied access to certain privileges that he would not have been had the magnetic stripe not been issued. In this case, I believe that authorities that can read the stripe should not make any disqualifications based on it, because this would give anyone who has an older license that doesn't have the stripe on it an advantage. Another possibility would be to ensure that everyone has the new driver's license or I.D. card with stripe; though this could take years to implement. Eric J. Lee John Tillquist's section, M 9:00 - 9:50 ------------------------------ From: Steve Johnson Subject: Re: Technophiliacs - cont. Organization: TRW Systems Division, Fairfax VA Date: Sat, 21 Nov 1992 00:46:56 GMT Apparently-To: comp-society-privacy@uunet.uu.net DRWIER@SCSMTA.SWITCH.CH (DRWIER) writes: [stuff deleted] >IMHO we have to SLOW down A LOT, and get away from the details, >and get away from the technology we create to get a more global >and balanced and more humane perspective. >Or are there other ways? Perhaps longer vacations (i.e., more than two crummy weeks a year), long service leave (i.e., a PAID sabatical). Oops, almost forgot; we have to stay competitive so make sure you get in those 50 plus hours a week. But I digress.... -- ------- Any views expressed are those of myself and not my employer. -------- Steven C. Johnson, WB3IRU / VK2GDS | TRW | johnson@trwacs.fp.trw.com FP1 / 3133 | [129.193.172.90] ------------------------------ From: The Wolfe of the Den Subject: Re: Technophiliacs - cont. Reply-To: news@wolves.durham.nc.us Organization: Wolves Den UNIX Date: Mon, 23 Nov 1992 05:07:06 GMT In DRWIER@SCSMTA.SWITCH.CH (DRWIER) writes: >No, technophiliacs is not a joke. It is an attempt to become >aware of the "hidden side effects" of all technology on both >a personal as well as social level. I'm not anti-technology. I can see that you consider this a serious condition, but I was one of the ones to ask if this was serious, since the way it was written and some of the item you mentioned as examples have a style and effect very similar to some fairly classic satire of technology articles that have been seen by quite a number of folks who watch this sort of question as an avocation or profession. Allow me to say that I have my doubts about your NOT being "anti-technology". The whole concept throws such a view on technology that it really can't be seen as anything but anti-technology by some points of view. >IMHO we have to SLOW down A LOT, and get away from the details, >and get away from the technology we create to get a more global >and balanced and more humane perspective. >Or are there other ways? It is my opinion that there are folks who react to technology the way that you are outlining, but that is certainly not the only way that folks react to technology. There are folks who use the technology with a great deal of fear or distrust, and some who won't use the technology at all if it can be avoided. And then there are those who seem to take all the technology in stride. I have seen some folks who will react to a new piece of technology with an "interesting" reaction - they look at the new technique or tool, evaluate it very quickly, and decide whether or not it is immediately applicable to the stuff they are doing currently. If it is, they start using it, if it isn't they note the fact that they've seen this technique for possible future reference. Toeffler's "Future Shock" has, IMO, turned out to be rather an overrated malady. Certainly, some folks show all the classic symptoms, and the culture is suffering an effect, but it is not nearly as pronounced as was once feared. But I don't recall if it was predicted that some folks would find a way to deal with the phenomenon. I think that some folks have found a way to function fully and balancedly to technology, but they aren't being noticed and the techniques they use to cope aren't being studied or taught to enough other folk. To tie this into computer/social privacy: One of the main (negative) impacts on privacy is the inclusion of personal data into computer systems, without adequate means of checking the accuracy or for correcting errors in that data. Folks have proposed some sort of legislative remedy for this situation, but they haven't come up with any really workable plan that isn't more obnoxious that the current situation. Perhaps some of these meta-stable individuals could be convinced to serve as arbitrators/ombudsmen for auditing/correcting data in all the various databases out there? -- Usenet Net News Administrator @ The Wolves Den (G. Wolfe Woodbury) news@wolves.durham.nc.us news%wolves@cs.duke.edu ...duke!wolves!news "The flame war is a specific Usenet art form." --me [This site is not affiliated with Duke University. (Idiots!) ] ------------------------------ Date: Sat, 21 Nov 1992 18:32:55 -0500 (EST) From: Joseph Demasi Subject: Electronic devices I wonder if anyone out there can tell me where I can find files on how to make electronic bugging devices, for phones mainly. Ill be happy with any files that deals with construction of such devices. Thanks. -------------------------------------------------------------- It's 104 miles to Chicago, we've got a full tank of gas, half a pack of cigarettes, it's dark, and we're wearing sunglasses. Hit it. -The Blues Brothers -------------------------------------------------------------- Joseph DeMasi jd4o@andrew.cmu.edu ------------------------------ From: Robert Grumbine Subject: Small town versus computer privacy Organization: Grebyn Timesharing Date: Mon, 23 Nov 1992 02:54:26 GMT Apparently-To: uunet!comp-society-privacy In this group, posters have suggested that in times before major urbanization people lived mostly in small towns where the grapevine effectively meant that everything was known about everyone. This is mentioned in connection with the present developments with computers and privacy issues they may raise, where even with large populations it becomes again possible for everything to be known. The people who put this forward tend to believe that the proper conclusion is that since it was once (stipulated to be) true in small towns with people as the medium, that there is nothing to be concerned about with it (again stipulated) true for large groups with computers as the medium. I've thought about this for some time now, and have refined my thoughts a bit. The important differences between the old time (postulated) small town (lack of) privacy and the computer age counterpart lie in scope (both space and time), and reciprocity. Consider the small town situation. Everybody (all several hundred) in the town knew what books you were checking out of the library, how much alcohol you were drinking, how often you went to church, and so forth. Anything you did that seemed worth talking about, was, and to anyone in the town. (I question whether this was ever really the case, and I've lived in small towns, but we'll take this picture as given.) But, the scope in space was limited. Although everybody _in_ the town knew that you read questionable books (Marx, say), nobody _outside_ the town knew. The spatial scope was limited. The temporal scope was also limited in that only things which seemed worth talking about _at the time_ were propagated into the grapevine. So if everybody in town is reading Marx, then the fact that you did too was not passed along especially. If, ten years after the fact, it becomes undesirable to have read Marx, everyone can individually deny it since it was never worth remarking on. The memories are limited. There was also the element of reciprocity. Even though everybody knew that you read Marx, say, you knew that Fritz was fooling around, Enid was stringing along several guys, and the like. You knew who knew your failings, and you knew theirs. A balance could then be struck (and usually was, I submit). If someone decided to vandalize your house because you were X, you knew most likely who had done it and could respond one way or another. If the balancing methods failed, you could leave town. In the 'old' days, this represented a fresh start (and accounted for no trivial part of the westward migration in the US) as nobody in the new town knew you. The computerized lack of privacy presently developing in the US is missing the balances that were available in the old small towns. The spatial scale is unlimited. There's no place to go where people can not look up your 'misdeed'. The temporal scale is also unbounded. Your actions, regardless of their present triviality, can be recorded and used ex post facto at some time when the activity is deemed improper. There is no reciprocity either. You do not know specifically who has electronically investigated you, nor do you know anything about them. Should someone vandalize your house because of information from the electronic files, you have no means of specific response. (Theoretically you still have the usual recourse to the police, but they have no way to follow up as there is no way for them to narrow the search either.) The simplistic response is to say that everyone should simply live their lives so that they are always above reproach. This, even for saints, is impossible. If nothing else, the range of feelings on the part of the people passing judgement ensures that there will be situations in which you are certain to have transgressed (in somone's judgement) the realm of acceptable behavior. With respect to the war in Vietnam, it is obvious that the (now) proper thing to have done is to neither have registered or avoided registration, and to neither have fought in the war, nor avoided fighting in the war, nor to have protested the war. Every US man who was draft age during the war has therefore done the wrong thing. Nor are the things which may excite hostility necessarily things you have control over. In Nazi Germany, it was fatal to be Jewish or have Jewish relatives. Back to the obvious difference between the small town and the electronic domain. Scale. The small town contained only a few hundred people. Extremists of a type that represent only, say, one in a thousand of the population (say 250,000 people in the US) would likely not be present in the town. If they were in your town, then you could either leave the town, or rely on the fact that there was only one of them in the town (and therefore they would be less active). Either way, scope combined with scale to limit the effective- ness of the extremist. In the electronic domain, your 'village' contains millions of people. Chances are that there are hundreds of one in a thousand extremists who can know about you. Further, the extremists are linked by the electronic network so that they are no longer being dissipated by the community. A brief argument might be raised that this also links the would be targets. In practice, I doubt it is effective. This becomes a case where the defense against extremists is something that should be done by everyone, and could be done by anyone. In those situations, it is generally done by noone. (A mundane example is cleaning the office coffee pot, check the frequency with which this is done in decentralized situations versus the number of people involved. It drops the more people there are.) This is offered as a problem statement. I don't have the solutions. The things that leap to mind, informing people who requested what information about them (at the expense of the requestor), imposing a statute of limitations on databases, and such, I don't see any good way of implementing. In the case of the databases, I'm skeptical that it is even possible. Organizations which have payed to collect data are unlikely to be inclined to destroy it just because somebody else thinks it is too old. Enforcement also seems difficult to impossible. Your thoughts? Bob Grumbine rmg3@grebyn.com ------------------------------ Date: Mon, 23 Nov 92 19:28 GMT From: Robert Ellis Smith <0005101719@mcimail.com> Subject: Comp Priv Digest Date: Nov. 23, 1992 FROM: Robert Ellis Smith On 11 Nov 92, Chris Nelson and the moderator asked for a source for the different privacy laws on the books in each state. PRIVACY JOURNAL, PO Box 28577, Providence, RI 02908, has published COMPILATION OF STATE AND FEDERAL PRIVACY LAWS since 1974. The 1992 edition costs $29. The book includes 600 laws, on Social Security numbers, electronic surveillance, credit records, health, financial, schools, Caller ID, personnel, criminal records, and much more. There's a state-by-state chart on each category. Our monthly newsletter, PRIVACY JOURNAL, answers virtually every question that comes up on the Computer Privacy Digest. It's available for a special rate of $65 a year for Digest participants -- from PRIVACY JOURNAL, 401/274-7861. Reach the publisher via MCI mail at rsmith, 510-1719. The newsletter is also available on NEWSNET (800/345-1301 for an hourly fee. Call or write for a sample and a list of available books and special reports. Robert Ellis Smith [Moderator's Note: Thanks. When I get around to it, I will order it. If no one beats me to it, I will publish a review of it. ._dennis ] ------------------------------ End of Computer Privacy Digest V1 #103 ******************************