Date: Thu, 18 Nov 93 16:09:34 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V3#078 Computer Privacy Digest Thu, 18 Nov 93 Volume 3 : Issue: 078 Today's Topics: Moderator: Dennis G. Rears GAO report Communications Privacy Re: Computer Bulletin Boards should NOT be censored. Re: Computer Bulletin Boards should NOT be censored. Re: Is there an effective way to stop junk phone calls? Re: California Driver License and SSN Re: Ownership and Privacy The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.133]. ---------------------------------------------------------------------- cc: comp-privacy@PICA.ARMY.MIL From: KH3@cu.nih.gov Date: Wed, 10 Nov 1993 18:26:57 EST Subject: GAO report Communications Privacy GAO recently issued a report "Communications Privacy: Federal Policy and Actions", GAO/OSI-94-2, dated November 4, 1993, that may be of interest to members of your group. The report focused on the following issues: --The need for information privacy in computer and communications systems--through such means as encryption, or conversion of clear text to an unreadable form--to mitigate the threat of economic espionage to U.S. industry; --federal agency authority to develop cryptographic standards for the protection of sensitive, unclassified information and the actions and policies of the National Security Agency (NSA), Department of Defense, and of the National Institute of Standards and Technology (NI ST), Department of Commerce, regarding the selection of federal cryptographic standards; --roles, actions, and policies of NSA and the Department of State related to export controls for products with encryption capabilities and industry rationale for requesting liberalization of such controls; and --the Federal Bureau of Investigation's (FBI) legislative proposal regarding telephone systems that use digital communications technology. I have placed an electronic version of the report named OSI-94-2.TXT in the GAO-REPORTS anonymous FTP directory at NIH (cu.nih.gov) or (ftp.cu.nih.gov). Joe Sokalski, GAO--Los Angeles kh3@cu.nih.gov ------------------------------ From: Donald Burr Subject: Re: Computer Bulletin Boards should NOT be censored. Date: 17 Nov 1993 13:11:48 -0800 Organization: Regional Access Information Network Hmm, this looks like something interesting to start a discussion on. Following are MY viewpoints on the issue -- feel free to keep the ball rolling. Lyle Lexier writes: >Computer Bulletin Boards should not be censored. People should have freedom >of speech in saying or writing what they want to say, even if the material has >to do with sexual or racial matters. >Do you agree with this statement? I will keep your names confidential, but >I will poll X - yes, and Y - no and the reason why YES or NO was chosen. >send your responses to lexier@sfu.ca Though I am a strong proponent of freedom of speech (for example, I strongly disagree with censoring of USENET, i.e. the alt.sex.* type postings, nudity and sex gifs, etc.) however, BBS's are another matter. I do not believe that external authorities (i.e. the FBI, FCC, etc.) should censor BBS's, because this would be in violation of freedom of speech. HOWEVER, I do believe that the individual SYSOPS of each BBS should decide which is appropriate and which is not. I live in Santa Barbara, CA, a town with a pretty active BBS scene. Sadly, many of the real good BBS's have gone to hell in a handbasket because they have just gone out of control -- the sysops became lax in their "no profanity" laws, users start getting cocky and post more obscene material, and the signal to noise ratio of the BBS drops tremendously (i.e. there is now more "noise" [profanity, etc.] than there is "signal" [i.e. worthwhile messages]) There are some BBS's where profanity, etc. is inappropriate -- for example, in the nationwide nets such as FidoNet, which are accessed mainly by "family- oriented" systems. You don't want your kids to be exposed to that profane kind of stuff. also many adults find it distasteful or profane, and we should not condemn them becaus of the way they were raised (traditional family values, etc.) nor should we force them to be exposed to this kind of stuff. (I also include materials such as sexually explicit pictures, GIFs, stories, etc. in my definition of "profane.") I believe there is a "right" way to handle this. Most states define a "adult" as an individual being over 21. California is one of these, I believe. Many of the local BBS's have "adult-only" areas, where you are required to send in some sort of proof of age (driver's license, perhaps) in order to gain access to them. This is a good thing, IMHO, because the information ITSELF is not censored -- it is just not made available to people of an inappropriate age. (just like you aren't allowed to buy liquor until you're 18, or go to R-rated movies until you're of age.) -- Donald Burr (aka Captain Picard, Picard, Picards, and SuperTribble) EMAIL: picard@rain.org; AMERICA ONLINE: CapnPicard A Trekker, and DAMN proud of it! -+- Want FREE Unix for 386/486? EMAIL ME!! "We're just two lost souls / Swimming in a fish bowl" -- Pink Floyd ------------------------------ From: Bernie Cosell Subject: Re: Computer Bulletin Boards should NOT be censored. Organization: Fantasy Farm Fibers Date: Thu, 18 Nov 1993 02:14:20 GMT In article , Lyle Lexier writes: } Computer Bulletin Boards should not be censored. People should have freedom } of speech in saying or writing what they want to say, even if the material has } to do with sexual or racial matters. } } Do you agree with this statement? I will keep your names confidential, but } I will poll X - yes, and Y - no and the reason why YES or NO was chosen. I don't mean to be negative, but I think these sorts of surveys/polls are massive wastes of time and effort. Not only is the audience almost certainly skewed [we're hardly a crosssection of the US] the sampling is totally uncontrolled, making the "results" little more than random noise. [or, perhaps, a foregone conclusion if you're careful about where you post your request]. In terms of this forum, I think the only reasonable purpose for such a question is to *discuss* it, not to *vote* on it. And reasoned discourse certainly serves the topic better than just a collection of un-argued, un-examined "sound Bytes" [the reasons why]. [I assume that for the "reason why" you're not expecting two or three megabytes per 'voter' of reasoned discourse on the pros and cons of the matter, no?] As such, I'll just respond... Repeating your thesis: } Computer Bulletin Boards should not be censored. People should have freedom } of speech in saying or writing what they want to say, even if the material has } to do with sexual or racial matters. I disagree. I think that the folks that own and operate bulletin boards ought to be free to run them *precisely* as they please, just so long as they make the ground rules clear up front. As long as you're using someone *else's* equipment, I think it is A-OK that they insist that you play by their rules, but that once you agree on the rules they should only be changeable by mutual consent [that is, treat such as matters of contract law]. If you don't like their rules, as long as you're free to go to some other forum or start your own, I claim you've gotten all that you're entitled to in terms of "freedom of speech". Now, this is not to make light of the legal situation in the US: there are a lot of complicated legal matters having to do with "limited public forums", when liability attaches to a sysop [for things like libel or distribution of pornographic materials], wiretap laws, etc. But if you're just asking a *moral* question: as a matter of principle I'm very much in the "freedom of the press is for those who own them" camp. /Bernie\ -- Bernie Cosell cosell@world.std.com Fantasy Farm Fibers, Pearisburg, VA (703) 921-2358 ------------------------------ From: laine@ctp.bilkent.edu.tr Subject: Re: Is there an effective way to stop junk phone calls? Date: Wed, 17 Nov 1993 20:58:35 Organization: Youngstown State/Youngstown Free-Net >In article >pete ritter writes: > >>At long last, federal law now requires telemarketers to remove from their >>call lists, anyone who requests it. The law also requires them to give >>the name of the telemarketing firm, its address and telephone number if >>you request it. >> > In article Tom Evert writes: >Good advise! This law is called the Telephone Consumer Protection Act >of 1991. Interesting reading - especially the part under "Findings"! > But still nobody has told us poor illiterates where to find a copy of this law. Anyone? ------------------------------ From: Nevin Liber Subject: Re: California Driver License and SSN Date: 18 Nov 1993 02:28:06 -0700 Organization: University of Arizona CS Department, Tucson AZ In article , Bob Sherman wrote: >Errrr, excuse me, but there are many ways for you to use the roads your >taxes pay for without needing a drivers license. You can for example ride >a bike, use public transportation, take a taxi, ride as a passenger in >a car while someone else does the driving, run, jog, walk etc.. All of the >above are better done on a paved roadway than through the woods.. Plus there are many ways that we all indirectly use roads. Do you buy food at a supermarket that is trucked in? If someone breaks into your house, wouldn't it be nice if the police drive over to save you or your belongings? Etc., etc. -- Nevin ":-)" Liber nevin@cs.arizona.edu (602) 293-2799 ------------------------------ From: Rob Kling Subject: Re: Ownership and Privacy Newsgroups: comp.society.privacy Date: 18 Nov 93 16:30:18 GMT Hi ... you might find parts of this paper helpful for your paper. /Rob Kling =========================== Fair Information Practices with Computer Supported Cooperative Work Rob Kling Department of Information & Computer Science and Center for Research on Information Technology and Organizations University of California at Irvine, Irvine, CA 92717, USA kling@ics.uci.edu May 12, 1993 (v. 3.2) Based on a paper which appears in SIGOIS Bulletin, July 1993 --------------------- The term "CSCW" was publicly launched in the early 1980s. Like other important computing terms, such as artificial intelligence, it was coined as a galvanizing catch-phrase, and given substance through a lively stream of research. Interest quickly formed around the research programs, and conferences identified with the term advanced prototype systems, studies of their use, key theories, and debates about them. CSCW offers special excitement: new concepts and possibilities in computer support for work. CSCW refers to both special products (groupware), and to a social movement by computer scientists who want to provide better computer support for people, primarily professionals, to enhance the ease of collaborating. Researchers disagree about the definition of CSCW, but the current definitions focus on technology. I see CSCW as a conjunction of certain kinds of technologies, certain kinds of users (usually small self-directed professional teams), and a worldview which emphasizes convivial work relations. These three elements, taken together, differentiate CSCW from other related forms of computerization, such as information systems and office automation which differ as much in their typical users and the worldview describing the role of technology in work, as on the technology itself (Kling, 1991). CSCW is the product of a particular computer-based social movement rather than simply a family of technologies (Kling and Iacono, 1990). The common technologies that are central to CSCW often record fine grained aspects of people activities in workplaces, such as typed messages, notes, personal calendar entries, and videotapes of personal activity. Electronic mail is the most popular of the CSCW technologies (Bullen and Bennett, 1991) and is a useful vehicle for examining some of the privacy issues in CSCW. Many electronic mail messages contain personal communications which include opinions and information which many senders would prefer not to be public information. However, most electronic mail system users I have spoken to are ignorant of the conditions under which their transmissions will be maintained as private communications by their own organizations. (They often assume that their electronic communications will be treated as private by their organizations. Others are extremely sensitive to the possible lack of privacy/security of email transmissions.) Discussions of computerization and privacy are highly developed with respect to personal record systems which contain information about banking, credit, health, police, schooling, employment, insurance, etc. (Kling and Dunlop, 1991:Section V). Definitions of personal privacy have been examined in extensive literature about personal privacy and record-keeping systems. Analysts have been careful to distinguish security issues (e.g., lock and keys for authorized access) from privacy issues -- those which involve people's control over personal information. There has also been significant discussion of the interplay between privacy and other competing social values. The privacy issues in CSCW both have important similarities and differences when compared with the issues of personal record systems. We can gain helpful insights by building on this body of sustain thinking about privacy and record systems to advance our understanding of privacy issues in CSCW. Another related and helpful set of inquiries examines the surveillance of workers in measuring activities related to quality of service and individual productivity (Attewell, 1991; Kling and Dunlop, 1993). Some of the most intensive fine grained electronic monitoring involves listening to the phone calls of service workers such as reservationists, and fine-grained productivity counts, such as the number of transactions that a worker completes in a small time period. While all managers have ways of assessing their subordinates' performance, clerks are most subject to these fine grained forms of electronic surveillance. The CSCW community has focussed on professionals as the key groups to use groupware and meeting support systems. Consequently, electronic monitoring has seemed to be implausible. The computing community is beginning to be collectively aware of the possible privacy issues in CSCW applications. Professionals who use CSCW can lose privacy under quite different conditions than clerks who have little control over the use of electronic performance monitoring systems. And personal communications, like electronic mail or systems like gIBIS which supports debates, record personally sensitive information under very different conditions than do information systems for regulatory control such as systems of motor vehicle, health and tax records. The use of email raises interesting privacy issues. In the case of email, privacy issues arise when people lose control over the dissemination of their mail messages. When should managers be allowed to read the email of their subordinates? One can readily conjure instances where managers would seek access to email files. These can range from curiosity (such as when a manager wonders about subordinates' gossip, and requests messages which include his name in the message body), through situations in which a legal agency subpoenas mail files as part of a formal investigation. A different, but related set of issues can occur when a manager seeks mail profiles: lists of people who send more than N messages a day, lists of people who read a specific bulletin board or the membership of a specific mailing list. CSCW systems differ in many ways that pertain to informational control. For example, systems such as email and conferencing systems retain electronic information which can be reused indefinitely with little control by the people who were writing with the system. One can imagine cases in which managers may wish to review transcripts of key meetings held by computer conferencing to learn the bases of specific decisions, who took various positions on controversial issues, or to gain insight into their subordinate's interactional styles. Other systems, such as voice and video links, are often designed not to store information. But they can raise questions about who is tuning in, and the extent to which participants are aware that their communication systems is "on." In the literature about computerization and privacy, similar questions have been closely examined -- regulating the duration of records storage, the conditions under which people should be informed that a third party is seeking their records, and conditions under which individuals may have administrative or legal standing in blocking access to their records (See Dunlop and Kling, 1991, Section V). One of the peculiarities of CSCW in contrast with traditional record keeping systems is the nature of the social settings in which systems are being developed and explored. Most personal record systems are developed in relatively traditional control-oriented organizations. In contrast, most CSCW applications have been developed in academic and industrial research labs. These settings are protective of freedom of speech and thought and less authoritarian than many organizations which ultimately use CSCW applications. In fact, relatively few CSCW applications, other than email and Lotus Notes, are used by the thousands of people in traditional organizations (Bullen and Bennett, 1991). Further, CSCW systems are primarily designed to be used by professionals rather than technicians and clerks. Professionals generally have more autonomy than clerks, who are most subject to computerized monitoring (Attewell, 1991). As a consequence, many CSCW developers don't face problems of personal privacy that may be more commonplace when prototype systems are commercialized and widely used. These contrasts between R&D with CSCW and the likely contexts of application should not impede us from working hard to understand the privacy issues of these new technologies. CSCW applications are able to record more fine grained information about peoples' thoughts, feelings, and social relationships than traditional record keeping systems. They can be relatively unobtrusive. The subject may be unaware of any scrutiny. In R&D labs, we often have norms of reciprocity in social behavior: monitoring can be reciprocal. However, in certain organizations, monitoring may follow a formal hierarchy of social relations. For example, supervisors can monitor the phone conversations of travel reservationists and telephone operators, but the operators cannot monitor their supervisors. The primary (publicized) appropriations of "private email" have been in military organizations, NASA, and commercial firms like Epson, rather than in university and industrial laboratories. CSCW creates a new electronic frontier in which people's rights and obligations about access and control over personally sensitive information have not been systematically articulated. I believe that we need to better understand the nature of information practices with regard to different CSCW applications that balance fairness to individuals and to their organizations. It is remarkable how vague the information practices regulating the use of the few commonplace CSCW applications are. Yet we are designing and building the information infrastructures for recording significant amounts of information about people thoughts and feelings which are essentially private and not for arbitrary circulation, without the guidelines to safeguard them. People who use computer and telecommunications applications need to have a basic understanding about which information is being recorded, how long it is retained (even if they "delete" information from their local files, who can access information about them, and when they can have some control over restricting access to their information. In the late 1970s the U.S. Privacy Protection Study Commission developed a set of recommendations for Fair Information Practices pertinent to personal record keeping systems (PPSC, 1977:17-19). A concern of Commission members was to maximize the extent to which record systems would be managed so that people would not be unfairly affected by decisions which relied upon records which were inaccurate, incomplete, irrelevant or not timely. Commission members believed that record keeping systems in different institutional settings should be regulated by different laws. For example, people should have more control over the disclosure of their current financial records than over the disclosure of their current police records. On the other hand, the Commission proposed that each institutional arena should be governed with an explicit set of Fair Information Practices. In a similar way, different families of CSCW applications or different institutional settings may be most appropriately organized with different Fair Information Practices. In the case of CSCW applications, fairness may have different meanings than in the case of decisions based upon personal records systems. We need fearless and vigorous exploratory research to shed clear light on these issues. This rather modest position contrasts strongly with that taken by Andy Hopper of Olivetti, one of the panelists at this plenary session on CSCW'92. He was enthusiastic about the use of "active badges" (Want, Hopper, Falcao, and Gibbons, 1992) and insisted on discussing only their virtues. He argued that one can imagine many scenarios in which people are harmed by some uses of a particular technology, but that discussing such scenarios is usually pointless. Hopper's 1992 co-authored article about active badges examines some of the privacy threats their use can foster. But on the plenary panel he was critical of people who asked serious questions about the risks, as well as the benefits of new CSCW technologies. In this way, he took a position similar to that taken by spokespeople of many industries, including such as automobiles, who have delayed serious inquiries and regulatory protections for environmental and safety risks by insisting on unambiguous evidence of harm before investigating plausible problems. The active badge systems which Hopper described seem to be regulated by Fair Information Practices in his own research laboratory (e.g., no long term storage of data about people's locations, reciprocity of use, discretion in use). These sorts of Fair Information Practices may be required to help insure that active badges are a convenient technology which do not degrade people's working lives. Other kinds of information practices, such as those in which location monitoring is non-reciprocal, and non-discretionary may help transform some workplaces into electronic cages. Hopper and his colleagues briefly mention such possibilities in their 1992 ACM TOIS article about active badges. And their article deserves some applause for at least identifying some of the pertinent privacy problems which active badges facilitate. However they are very careful to characterize fine grained aspects of the technological architecture of active badges, while they are far from being comparably careful in identifying the workplace information practices which can make active badges either primarily a convenience or primarily invasive. I believe that CSCW researchers should be paying careful attention to social practices as well as to technologies. Richard Harper's (1992) ethnographic study of the use of active badges in two research labs illustrates the kind of nuanced analyses which we need, although Harper also glosses the particular information practices which accompanied the use of active badges in the two labs. Unfortunately, delays in understanding some risks of emerging technologies have led the public to underestimate the initial magnitude of problems, and to make collective choices which proved difficult alter. Our design of metropolitan areas making individually operated cars a virtual necessity is an example. In the early stages of use, the risks of a new family of technologies are often hard to discern (See Dunlop and Kling, 1991, Part VI). When major problems develop to the point that they are undeniable, amelioration may also be difficult. I characterized CSCW, in part, as a social movement (Kling and Iacono, 1990). Most of us who study, develop, or write about CSCW enthusiastically, (and sometimes evangelistically) encourage the widespread use of these new technologies. However, as responsible computer scientists, we should temper our enthusiasms with appropriate professional responsibility. CSCW applications open important organizational opportunities, but also opens privacy issues which we don't understand very well. The new ACM Ethical Code (ACM, 1993) also has several provisions which bear on privacy issues in CSCW. These include provisions which require ACM members to respect the privacy of others (Section 1.7), to improve public understanding of computing and its consequences (Section 2.7), and to design and build information systems which enhance the quality of working life (Section 3.2). The ACM's code is rather general and does not give much specific guidance to practitioners. The CSCW research community is well positioned to conduct the kinds of research into the social practices for using these technologies which could shape meaningful professional guidelines for their use in diverse organizations. Will we take a leadership role in helping to keep CSCW safe for users and their organizations? ================================= Note: I appreciate discussions with Jonathan Allen, Paul Forester, Beki Grinter, and Jonathan Grudin which helped clarify some of my key points. REFERENCES 1. Association of Computing Machinery. 1993. "ACM Code of Ethics and Professional Conduct." Communications of the ACM. 36(2)(Feb.):99-103. 2. Attewell, Paul. "Big Brother and the Sweatshop: Computer Surveillance in the Automated Office" in Dunlop and Kling 1991. 3. Bullen, Christine and John Bennett. 1991. Groupware in Practice: An Interpretation of Work Experience" in Dunlop and Kling 1991. 4. Dunlop, Charles and Rob Kling (Ed). 1991. Computerization and Controversy: Value Conflicts and Social Choices. Boston: Academic Press. 5. Harper, Richard H.R. "Looking at Ourselves: An Examination of the Social Organization of Two Research Laboratories" Proc. CSCW '92: 330-337. 6. Kling, Rob. 1991. "Cooperation, Coordination and Control in Computer-Supported Work." Communications of the ACM 34(12)(December):83-88. 7. Kling, Rob and Charles Dunlop. 1993. "Controversies About Computerization and the Character of White Collar Worklife." The Information Society. 9(1) (Jan-Feb:1-29. 8. Kling, Rob and Suzanne Iacono. 1990. "Computerization Movements" Chapter 19, pp 213-236 Computers, Ethics and Society, David Ermann, Mary Williams & Claudio Guitierrez (ed.) New York, Oxford University Press. 9. Privacy Protection Study Commission. 1977. Personal Privacy in an Information Society, U.S. Government Printing Office, Washington D.C. (briefly excerpted in Dunlop and Kling, 1991.) 10.Want, Roy, Andy Hopper, Veronica Falcao and Jonathan Gibbons. 1992. "The Active Badge Location System" ACM Transactions on Information Systems. 10(1)(January): 91-102. ------------------------------ End of Computer Privacy Digest V3 #078 ******************************