Date: Wed, 08 Jun 94 13:42:22 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V4#076 Computer Privacy Digest Wed, 08 Jun 94 Volume 4 : Issue: 076 Today's Topics: Moderator: Leonard P. Levine Re: California Cordless Phone Penal Code Re: Crackdown on Italian BBSes Continues Re: Privacy Through Foreign Investing Terminology & Foreign Investing license plates The Law & Hate Talk The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. Back issues are available via anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The archives are in the directory "pub/comp-privacy". Archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------------------------------------------- From: cburian@ux4.cso.uiuc.edu (Christopher J Burian) Date: 7 Jun 1994 04:32:14 GMT Subject: Re: California Cordless Phone Penal Code Organization: University of Illinois at Urbana glr@ripco.com (Glen Roberts) writes: California Penal Code: Section 623.6 Eavesdropping on confidential communication transmitted between cordless phones; Punishment. (a) Every person who, maliciously and without the consent of all ^^^^^^^^^^^ So, eavesdropping without evil intent must be OK. Chris Burian ------------------------------ From: rochus@lebesgue.de (Rochus Wessels) Date: 7 Jun 1994 08:09:34 GMT Subject: Re: Crackdown on Italian BBSes Continues Organization: Westfaelische Wilhelms-Universitaet Muenster, Germany "Prof. L. P. Levine" writes: Giovanni Pugliese and his wife were charged for the possession of "illegally copied software and electronic equipment suitable to falsification." What is "electronic equipment suitable to falsification" or the lawyer's definition of this? Any electronic equipment suitable to alter data? -- Rochus Wessels |``Whenever you are looking for a helping hand - rochus@math.uni-muenster.de | you will find it at the end of your right arm.'' ------------------------------ From: cntrspy@netcom.com (Executive Protection Assoc) Date: 7 Jun 1994 20:29:20 GMT Subject: Re: Privacy Through Foreign Investing Organization: NETCOM On-line Communication Services (408 261-4700 guest) Vincent.Cate@FURMINT.NECTAR.CS.CMU.EDU wrote: Privacy and security are particularly important in banking. Many countries are very interested in protecting privacy and have laws to do so. For example, many countries will put a banker in jail if he gives out information about a client or an account. The United States is not so interested in privacy, and does not have such laws. In the US, random people can easily get a copy of your credit history. People really interested in privacy must use banks in other countries. Sorry, but in my experience Switzerland is not that great on Banking Privacy, Especially with the United States. There are much better options off-shore in other areas. I notice from the book list (and caution the reader) that some of the information in the listed books is out of date (and sometimes seriously out of date). Check with a professional before you move anything around, especially if you live in the "good old USA" as the rules are a real pain in the rear. -- Chris Hall Operations Director Executive Protection Associates, Inc. Executive Protection, Privacy Protection Strategies for Fortune 500 Executives and Other Interested parties. Off-shore investment and Second Passport agents. ------------------------------ From: "Willis H. Ware" Date: 7 Jun 94 14:56:52 PDT Subject: Terminology & Foreign Investing I want to point out a semantic problem that arises frequently, and did in the excellent foreign investment article. In the so-called "privacy law" of the U.S. and other countries, the intent of the laws and various administrative bodies that go with the laws is to control how information about people is used. Such information need not be confidential [e.g., mailing lists, customer lists, video rental lists] but may be; privacy law attempts to bound its use whether the personal information is sensitive or not. Thus, the term "confidentiality" -- which can connote "secrecy" -- is not a synonym for "privacy" in precise use, and "security" is yet a 3rd term different from both. In a sentence: If the security controls in an information system fail, confidentiality could be breached and a privacy infraction, occur. Thus, the author of your excellent discussion really should say that: Many countries are very interested in protecting confidentiality (or secrecy) [of bank information] and have laws to do so. The same problem comes up in well known software products for the protection of electronic mail. For instance, PGP is commonly called "Pretty Good Privacy" and PEM, "Privacy Enhanced Mail". Each is a product to assure confidentiality or secrecy of e-mail and perhaps the names should be changed to "Pretty Good Protection" and "Protection Enhanced Mail." The security mechanism to provide the secrecy is encryption. While this may seem to be nit picking, the distinction becomes very important in discussing public policy, especially with legislators who well understand what privacy law is all about. It is also important in international discussions because Europe [for instance] is well covered by privacy law, privacy protection boards, privacy commissioners, etc. The OECD and the EC have published privacy policy positions. Thus, in many circumstances, the terminology will have to be carefully controlled to assure that the dialogue is clear in intent and without ambiguity. The distinction will similarly be important in discussions of healthcare reform in which confidentiality, privacy, and security are three quite separate issues. For example: Healthcare information may well be declared confidential by law. This will mean that it is regarded as sensitive and access to it and dissemination of it must be controlled. Healthcare information will be used for many purposes. What the country will allow usage to be, or will accept usage to be, or law will establish usage to be, is the privacy aspect of the public policy issue. Security -- or security safeguards collectively -- is the technical and other means to assure that confidentiality is assured, that access and dissemination is controlled, and hence, that privacy restrictions on use guaranteed. Willis H. Ware RAND Santa Monica, CA ------------------------------ From: Elephants are for hugging Date: 8 Jun 1994 10:33:47 -0500 (EST) Subject: license plates dhughes@robins.af.mil (Dolly Hughes) said: I was under the impression that you couldn't just go to DMV and ask to find a name and address. It's illegal in several states and it began with California after the dead of actress Rebecca Schaffer. Her killer used DMV to locate her home and shot her at her front door. This is an interesting point. Here in Virginia, you can take any license plate number to the DMV and obtain the owners's identity, address, and possibly other info for ~3-5 dollars. This issue came to the news recently with anti-choice activist using license plates to identify the patients and staff of abortion clinics. Barbara Boxer (CA) and John Warner (VA) were considering legislation to prohibit this, but it is not clear to me that results in this matter were obtained. ______________________________________________________________________ Jon Shickel | stu_jfshicke@vax(1).acs.jmu.edu (internet) | "Better Living through @jmuvax (bitnet) | Chemistry" __________________________________________________________________________ ------------------------------ From: kadie@EFF.ORG(Carl M. Kadie) Date: 5 Jun 1994 18:51:04 -0400 Subject: The Law & Hate Talk Joel M Snyder wrote: In any case, the larger problem with this post is a dive into "amateur lawyer" which seems to happen so often in USENET news. This paragraph begins with "TCOE [Tulare County Office of Education] is bound by the First Amendment" (which we know not to be true), Of course, it is bound by the First Amendment. In the U.S., *all* government agents are bound by the First Amendment. It is part of their charter. The only question is what does this bound entail in this case? stomps through a whole series of very complex issues involving use of public facilities, with a variety of incorrect statements, ending with "The courts have found that publicly funded universities could not remove Internet listservs based on objection the content of those listservs..." (which we know not to be true) You are correct that (to the best of my knowledge) no such case has come up yet, but there has been some legal action: In _UWM Post v. Board of Regents of University of Wisconsin_, 774 F. Supp. 1163 (E.D. Wis. 1991)], the University of Wisconsin--Eau Claire disciplined a student under the UW Hate Speech Rule for sending a message that stated, "Death to all Arabs ! Die Islamic scumbagsl" on a university computer system to an Iranian faculty member. The federal district judge said the university acted illegally because the UW Hate Speech Rule was unconstitutionally vague and broad. Also, the November 24, 1993 _Chronicle of Higher Education_ reports that: "A graduate student at the University of Texas at Dallas has filed a $2-million lawsuit against the university, charging that its officials violated his First Amendment rights by barring him from the Internet and the campus computer network." And then, of course, in noncomputer media, there are many cases on what is called the Public Forum Doctrine. - Carl ANNOTATED REFERENCES (All these documents are available on-line. Access information follows.) ================= law/uwm-post-v-u-of-wisconsin ================= * Expression -- Hate Speech -- UWM Post v. U Of Wisconsin The full text of UWM POST v. U. of Wisconsin. This recent district court ruling goes into detail about the difference between protected offensive expression and illegal harassment. It even mentions email. ================= news/dec_19_1993 ================= Includes the text of the _Chroncle_ article. ================= faq/media.control ================= * University Control of Media q: Since freedom of the press belongs to those who own presses, a public university (or other government agency) can do anything it wants with the media that it owns, right? a: No. Like any organization, the U.S. government must work within its ================= If you have gopher, you can browse the CAF archive with the command gopher gopher.eff.org These document(s) are also available by anonymous ftp (the preferred method) and by email. To get the file(s) via ftp, do an anonymous ftp to ftp.eff.org (192.77.172.4), and then: cd /pub/CAF/law get uwm-post-v-u-of-wisconsin cd /pub/CAF/news get dec_19_1993 cd /pub/CAF/faq get media.control To get the file(s) by email, send 3 email message to ftpmail@decwrl.dec.com Include the line(s): connect ftp.eff.org cd /pub/CAF/law get uwm-post-v-u-of-wisconsin connect ftp.eff.org cd /pub/CAF/news get dec_19_1993 connect ftp.eff.org cd /pub/CAF/faq get media.control -- Carl Kadie -- I do not represent EFF; this is just me. =Email: kadie@eff.org, kadie@cs.uiuc.edu = =URL: , = ------------------------------ End of Computer Privacy Digest V4 #076 ****************************** .