Date: Mon, 07 Dec 92 18:11:51 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#109 Computer Privacy Digest Mon, 07 Dec 92 Volume 1 : Issue: 109 Today's Topics: Moderator: Dennis G. Rears Re: Digital Licenses in NY State Re: Digital Licenses in NY State Re: Digital Licenses in NY State Re: Digital Licenses in NY State Re: Computer Privacy Digest V1#106 Re: Fully automated speeding tickets Re: Privacy in VA Re: moderator misinformation Re: SSN and privacy The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.133]. ---------------------------------------------------------------------- From: Mitch Collinsworth Subject: Re: Digital Licenses in NY State Date: 4 Dec 1992 11:50:28 -0500 Organization: Cornell University Program of Computer Graphics, Ithaca, NY In article shearson!jenny!mjohnsto@uunet.uu.net (Mike Johnston) writes: >Today's (12/3/92) New York Times carried a small article in the Metro >section describing NY's new licenses. In a nutshell, drivers will >have *both* their pictures and signatures digitally stored on the >state's computers. This makes me nervous. I read an article in my AAA club's newsletter in September about this and was planning to post a message here outlining it and my objections to having a digital copy of my signature stored in gov't computers. But then a few days later I walked into the polling place for the primary election and was presented with a new form of sign-in book in which I was instructed to sign below my name. The book was clearly the output of a laser printer. My name appeared twice, once in type and once in a pixel reproduction of my signature. I decided it was already too late... >This is really getting to be too much. Needless to say, I voted for the candidate who said we need to reduce government rather than the one who wanted to expand it. Interestingly, when I returned in November for the general election, I found the familiar old sign-in method which had my name on a card of its own and the original ink version of my signature from each time I had voted there in the past, each on succeeding lines. -Mitch Collinsworth mitch@graphics.cornell.edu ------------------------------ From: Mike McNally Subject: Re: Digital Licenses in NY State Organization: University of Michigan EECS Dept., Ann Arbor, MI Date: Fri, 4 Dec 1992 15:40:17 GMT In article Mike Johnston writes: > >Today's (12/3/92) New York Times carried a small article in the Metro >section describing NY's new licenses. In a nutshell, drivers will >have *both* their pictures and signatures digitally stored on the >state's computers. This makes me nervous. [...] >My biggest problem is this: I don't want my picture and signature >digitally stored on NY's computers, where it can easily be transmitted >to anyone the state deem's fit to receive it. This could include >the Federal Government, other State's and various agencies within >our own state. I won't even get into the ramifications of having >my SIGNATURE stored where someone can replicate it, perfectly, every >time they need to. > >It seems the privacy issues here have either been ignored or swept >under the carpet. It seems to me that elementary logic has either been ignored or swept under the carpet.. The very interesting thing about this post is that while I'm sure the author earnestly believes this is a privacy issue, his privacy is not in any significantly greater jeopardy because the stroage media employed by the NY state DMV has changed. The real issue is paranoia towards digital technology and its applications. Unless the author earnestly believes that photocopies and fascimiles of his motor vehicle permit cannot now be easily transmitted to "the Federal Government, other State's and various agencies within [his] own state," I I fail to see how digital storage of information that is already kept throws his personal privacy into serious danger. -mcnally. ------------------------------ From: Carl Oppedahl Subject: Re: Digital Licenses in NY State Date: Fri, 4 Dec 1992 17:19:57 GMT Organization: PANIX Public Access Unix, NYC In shearson!jenny!mjohnsto@uunet.uu.net (Mike Johnston) writes: >Today's (12/3/92) New York Times carried a small article in the Metro >section describing NY's new licenses. In a nutshell, drivers will >have *both* their pictures and signatures digitally stored on the >state's computers. This makes me nervous. >The reasons given are 'easier storage and retrieval and will result in >more secure and higher-quality licenses and ID's'. Also noted is that >duplicate licenses will be available within three weeks WITHOUT visiting >the DMV. This is probably the hardest part of all to believe, as anyone >who's ever tried to get ANYTHING from Motor Vehicles will attest. >My biggest problem is this: I don't want my picture and signature >digitally stored on NY's computers, where it can easily be transmitted >to anyone the state deem's fit to receive it. This could include >the Federal Government, other State's and various agencies within >our own state. I won't even get into the ramifications of having >my SIGNATURE stored where someone can replicate it, perfectly, every >time they need to. So here's an idea. When you go to the DMV to renew your next license, they are going to ask you to write on some special writing pad with a stylus, so that they can digitally capture your signature. Most people, I suppose, will sign the same signature they put on everything else, including their checks. But does the law require this? Presumably not. So instead of signing "firstname lastname" on the writing pad, why not sign "firstname DMV lastname". And put one or two distinctive loops or whirls on the firstname and lastname portions as well. Then, whoever might be tempted to misuse the digitally stored signature will pick somebody else to harm. Carl Oppedahl AA2KW (intellectual property lawyer) 30 Rockefeller Plaza New York, NY 10112-0228 voice 212-408-2578 fax 212-765-2519 ------------------------------ Subject: Re: Digital Licenses in NY State Date: Fri, 4 Dec 1992 19:28:13 -0600 (CST) From: Ron Bean Content-Type: text Content-Length: 1150 Mike Johnston writes: >.............. I won't even get into the ramifications of having >my SIGNATURE stored where someone can replicate it, perfectly, every >time they need to. Perhaps you could sign your DL in such a way as to make it appear different from your usual signature. I don't mean that you should sign a bogus name-- just use your own name but make the first letter a different shape, or leave out your middle initial if you normally include it, or include it if you normally don't, or anything else to make it unique. As long as you're not trying to defraud anyone, it's still a valid signature. Since other organizations (such as UPS) are digitising signatures, a better strategy might be to get in the habit of *dating* everything you sign (although the date could still be cut off or altered). This wouldn't prevent anyone from comitting fraud in your name, but it would make it possible for you to say later, "That signature was copied from my driver's license", and be able to prove it. ================== zaphod@madnix.UUCP (Ron Bean) uwvax!astroatc!nicmad!madnix!zaphod ------------------------------ Date: Fri, 4 Dec 92 8:06:47 EST From: "John DiLeo, CSB" Subject: Re: Computer Privacy Digest V1#106 In Issue #106, our esteemed moderator said: [Moderator's Note: New Jersey has banned the use of photo radar. ._dennis ] In Maryland, photo radar units have recently appeared on Interstate 95. The units that I have seen so far have been in marked State Police vehicles parked between the median guardrails, so they have been relatively easy to spot. I think that it is important to note, however, that this was never mentioned to the public, and noone made any sort of issue of it; they simply appeared. --John DiLeo dileo@brl.mil ------------------------------ From: "P.Debenham" Subject: Re: Fully automated speeding tickets Organization: Cripps Computing Centre, University of Nottingham Date: Fri, 4 Dec 92 14:14:39 GMT Apparently-To: comp-society-privacy@uknet.ac.uk Radar triggered speeding cameras are already in use in a number of places. In the Australian state of Victoria they are used with the right for the person accused to see the photograph taken before being forced to pay up. The UK has changed its laws to allow similar cameras but what your rights are to see the original data (ie the photo) I do not know. One test report for a week recently logged (correctly) that about 60% of drivers were at least 10mph over a 40mph speed zone. Neither of these schemes currently issue tickets without human examination of the photographs but I have do know that such a scheme is being tested here in England already. Given our parliaments general lack of ability to cope with privacy related issues involving technology I am sure that once working such cameras will get the go ahead. ------------------------------------------------------------------------------ Peter Debenham, Physics Dept., University of Nottingham ------------------------------ Date: Fri, 4 Dec 1992 21:28:24 -0500 From: MICHAEL LAUREN SHERMAN Subject: Re: Privacy in VA Organization: Lehigh University > >Yea, radar detectors are illegal in VA. In fact, only VA and DC ban radar >detectors. Personally, I wouldn't live in a state which says I can't own a >radio receiver, not to mention that it's overbuilt, over crowded and you can't >get anywhere on a Saturday because of traffic. If you're going to be working >in DC, I'd look into moving to Maryland. But that's just my opinion. > Agreed, the problem is that if you have a radar detector, especially a built in like my father has, and live in Md. but are often in Va. I imagine it may be quite a pain in the ass (I never really asked him if this was the case) Also, any truth to the rumor that the cops can tell if it is on or not. If not my advice is get a built in and turn it off before the cop gets to the car. -- MICHAELLAURENSHERMANMICHAELLAURENSHERMANMICHAELLAURENSHERMANMICHAELLAURENSHERMA N I THOUGHTS OF THE WEEK: 1 Float like a M I MICHAEL LAUREN SHERMAN C Butterfinger, stink like a beet I H 215-758-0207 H 2. If you uncle Jack was on a horse andC A E he was done but couldn't get of on his H E MLSA@LEHIGH.EDU A own, would you help your uncle Jack A ------------------------------ From: John De Armond Subject: Re: moderator misinformation Date: Sat, 05 Dec 92 04:51:04 GMT Organization: Dixie Communications Public Access. The Mouth of the South. Paul Wallich writes: >In many states, New York among them, medical records belong by law >to the patient. This means that the patient can legally control >access to the records (modulo what insurance companies insist on >knowing) and can compel a physician to turn those records over to >the patient or another physician. The question of who owns medical >records or phone records (or any number of other items of personal >information) is not nearly as settled as the moderator's notes might >make it appear. >From a post made earlier in the year in another group: ]Russell Lawrence, russ@wpg.com uunet!wpg!russ wrote ] ]According to a survey of state laws conducted in 1989 ][out-of-date, perhaps] and published in the March/April, 1989 ]issue of _Hippocrates_ [aka _IN Health Magazine_]: ] ]NY statutes guarantee patient access to doctor records, hospital ]records and mental health records. States with similar laws ]guaranteeing across-the-board access include: Alaska, California, ]Colorado, Connecticut, DC, Florida, Georgia, Hawaii, Illinois, ]Indiana, Massachusetts, Michigan, Minnesota, Montana, Nevada, New ]Jersey, South Dakota, West Virginia, and Wisconsin. ] ]PA and Ohio had no law concerning patient access to doctor ]records, but legally guaranteed patient access to hospital ]records. Both states allowed patient access to mental health ]records with a provision for supervision in cases where ]those records might be deemed harmful to the patient. The ]absence of a law guaranteeing access might be a stumbling ]block for patients who are timid, but it's easily overcome ]by assertive people. ] ]I can vouch for the NY laws, but personally haven't read the ]statutes in PA and Ohio. >[Moderator's Note: I stand partially corrected. The point I was making >is that there are many records that people think belong to then when in >reality they belong to somebody else. ._dennis ] In reality all it says is we still have a lot of work to do to get the necessary laws passed to protect our personal information. John -- John De Armond, WD4OQC |Interested in high performance mobility? Performance Engineering Magazine (TM) | Marietta, Ga |Interested in high tech and computers? jgd@dixie.com |Write me about PE Magazine Need Usenet public Access in Atlanta? Write Me for info on Dixie.com. ------------------------------ From: John F Carr Subject: Re: SSN and privacy Organization: Massachusetts Institute of Technology Date: Sat, 5 Dec 1992 18:13:06 GMT In article Michael Gersten writes: >How does this cause problems? Well, call up the utilities, and identify >yourself by the SSN (you only have it if you are that person, or >empowered to work for them, after all, they're private, right?) Another example: MIT often requires only a student ID number for authentication (for undergraduates, this is usually the SSN). Want to check someone's account balance or registration status? All you need is the ID number. They don't even ask for your name. (Males may need a female accomplice, and vice versa, in case they notice the sex of the name on the computer screen and it doesn't match the sex of the person asking the questions.) More problems arise when the information becomes directly accessible over a computer system, with no human interversion. MIT is developing a system to make registration information available from workstations on the campus net. -- John Carr (jfc@athena.mit.edu) ------------------------------ End of Computer Privacy Digest V1 #109 ******************************