Computer Privacy Digest Thu, 14 Jul 94 Volume 5 : Issue: 005 Today's Topics: Moderator: Leonard P. Levine Privacy of E-Mail and Other Data in the Workplace Improved CPSR Web Pages New National ID Card Proposal Subjective Questionnaires re Privacy Re: CID is not the same as 800 or 911 ANI Re: Question About CallerID Re: Question About CallerID RE: Caller ID - Unblocking Per Line Block Re: Video Camera on Utility Poles Re: Clipper security and other lies The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. Back issues are available via anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The archives are in the directory "pub/comp-privacy". Archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------------------------------------------- From: hsdjpl1@rcinet.res.utc.com Date: 11 Jul 1994 18:24:22 GMT Subject: Privacy of E-Mail and Other Data in the Workplace Organization: UTRC I am looking for references (or opinions) on the subject of E-Mail privacy and/or data privacy in the workplace. Does (should) a company have unlimited rights to intercept, monitor an and view data placed on its systems or networks (by employees)? Have there been any court rulings on this issue? Replies to hsdjpl1@rcinet.utc.com (John Lashnits) Thanks in advance... ------------------------------ From: "Prof. L. P. Levine" Date: 13 Jul 1994 08:35:07 -0500 (CDT) Subject: Improved CPSR Web Pages NEWS RELEASE 7/12/94 Computer Professionals for Social Responsibility (CPSR) P.O. Box 717 Palo Alto, CA 94302 415-322-3778 415-322-4748 (FAX) E-mail: cpsr-info@cpsr.org FOR IMMEDIATE RELEASE CPSR ANNOUNCES WEB SERVER WITH 60 NEW PAGES OF INFORMATION Palo Alto, July 12, 1994. Computer Professionals for Social Responsibility (CPSR) is pleased to announce the availability of its redesigned World-Wide Web (WWW) server, now with 60 new hypertext pages of timely and important information for Internet users and the general public. The CPSR Home Page can be found at: URL: http://www.cpsr.org/home with hypertext browsers like Mosaic and Lynx. WWW grew from the need of physicists at the European Particle Physics Laboratory (CERN) to communicate with pictures and text to colleagues around the world in hypertext, non-linear format. Since its beginning in 1989, WWW has allowed people to link their electronic documents and images to other documents on computers around the world. Estimates say there were, as of May 1994, over 4,500 hypertext Web server computers capable of linking documents on the 10,000 computer networks comprising the world-wide Internet. CPSR's Web Pages cover issues related to the organization's mission to provide the public and policymakers with realistic assessments of the power, promise, and problems of information technology. These issues include the National Information Infrastructure, Civil Liberties and Privacy, Computers in the Workplace, Technology Policy and Human Needs, Gender and Minority Issues, Reliability and Risks of Computer-Based Systems and Community Networking. There are also links to many reports and other sources of information. All links are provided with descriptive narratives, and are not just lists of files. CPSR will continually update their pages to insure the accuracy and usefulness of this resource. CPSR was founded in 1981 by a group of computer scientists concerned about the use of computers in nuclear weapons systems. CPSR has since grown into a national public-interest alliance of information technology professionals and other people. Currently, CPSR has 22 chapters in the U.S. and affiliations with similar groups worldwide. The National Office is in Palo Alto, California. ------------------------------ From: "Prof. L. P. Levine" Date: 13 Jul 1994 15:57:50 -0500 (CDT) Subject: New National ID Card Proposal from Risks-Forum Digest Weds 13 July 1994 [16:23] Forum on Risks to the Public in Computers and Related Systems ACM Committee on Computers Date: 12 Jul 1994 20:11:46 -0500 From: David Banisar Subject: New National ID Card Proposal CBS Evening News just reported that Clinton has "tentatively signed off" on a National ID card recommended to him by a commission on immigration reform. The ostensible reason for the card is for employment and immigration. Each card will contain a name, photo, mag stripe with info and a "verified SSN." It was supported by Senator Alan Simpson of Wyoming, a long-time supporter of ID cards. Gov. Pete Wilson of California has apparently offered to make California a test-bed for the proposal. The proposal was opposed by Xavier Beccera, a Congressman from California. A previous effort to impose a national ID card was rejected by Congress in 1986. EPIC is working with Privacy International to investigate this report. PI has led successful campaigns against national ID cards in Australia, New Zealand, and the Philippines. In Australia, the PI-led campaign led to the dissolution of both houses of the federal Parliament in 1987 after hundreds of thousands marched in protest. The Australian campaign brought together groups from all parts of the political spectrum from the Communist Party to the Libertarian Alliance, farmers and conservation groups, rock stars, academics, large businesses such as banks and mining corporations, but the overwhelming support came from the public who created the biggest civil protest in Australian history. David Banisar (banisar@epic.org) Electronic Privacy Information Center 666 Penn. Ave, SE #301, Washington, DC 20003 202-544-9240 (v) 202-547-5482 (f) ------------------------------ From: weh@SEI.CMU.EDU (Bill Hefley) Date: 13 Jul 1994 23:03:47 EDT Subject: Subjective Questionnaires re Privacy Organization: Software Engineering Institute As an adjunct to some work that I'm presently doing with advanced automation, I'm interested in exploring some perceptions of users with respect to privacy concerns. I've found few studies that looked at these areas, but would be interested in knowing of any references to such studies or examples of questionnaires that have been used in the past. -- Bill Hefley Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 U.S.A. Office: +1-412-268-7793, Fax: +1-412-268-5758, internet: weh@sei.cmu.edu ------------------------------ From: jwendel@ccnet.com (Jesse Wendel) Date: 11 Jul 1994 19:21:47 Subject: Re: CID is not the same as 800 or 911 ANI Organization: Kid SmartWare, Inc. Michael Travers writes: ... In the Boston area, the recently introduced caller-id system only has a line-blocking feature that DOES block 911 calls. They say this will be fixed sometime in late 1995. In the meantime, you have to choose between privacy and safety. Is this true!!! A working caller-id system that actually blocks 911? How/why is this tolerated? Any fatalities or near misses yet? Can you provide sources/verification? Thanks. ------------------------------ From: makyen@netcom.com (makyen) Date: 12 Jul 1994 13:19:15 GMT Subject: Re: Question About CallerID Organization: NETCOM On-line Communication Services (408 261-4700 guest) kadokev@rci.ripco.com (Kevin Kadow) writes: At least in Chicago, not only will Caller ID give the number, but CID with name gives the name for any caller, listed or unlisted, who they've got around to entering into their database- unfortunately the database seems to be consistently a few months behind reality. In California, the PUC ruled that if the local carrier is going to provide CID to customers then it must do the following: Two types of line categories: A. CID is normally blocked Can unblock on a per-call basis with correct *## code, as spec'ed by Bellcore (*68 as I recall). B. CID is normally unblocked Can block with correct *## code, as spec'ed by Bellcore (*67 as I recall). Upon setup of CID service all lines must be assigned to A & B as follows: All currently unlisted numbers placed in category A. All currently listed numbers placed in category B. A charge is permitted to change from A to B. Based on this ruling, PacBell, the largest provider in California, has stated that they will _NOT_ provide CID service because complying with the PUc ruling would be too expensive. I have heard PacBell complain about this ruling because "other 800 line providers are not required to do this". makyen ------------------------------ From: snyderra@dunx1.ocs.drexel.edu (Bob Snyder) Date: 12 Jul 1994 18:25:22 -0400 Subject: Re: Question About CallerID Organization: Drexel University (Computing Services) Bernie Cosell wrote: But there's an interesting standoff [at least here in Bell Atlantic land]. One option you can purchase is "refused blocked calls". So you, with your unpub number, may discover that you're caught between a rock and a hard place: either you give out your unpub number, or you can't call the person _at_all_. This is, IMHO, a fairly good trade off. You can protect your number, but I don't have to take the call. As far as I know, BA provides this service for free, if you have Caller ID. At least, that's the case for Bell Atlantic - New Jersey. It doesn't make sense to have the service without Caller ID. However, you can still call the person without revealing your number: Use a pay phone. -- Bob Snyder N2KGO MIME, RIPEM mail accepted snyderra@dunx1.ocs.drexel.edu finger for RIPEM public key When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. ------------------------------ From: Lynne Gregg Date: 11 Jul 94 16:28:00 PDT Subject: RE: Caller ID - Unblocking Per Line Block kadokev@rci.ripco.com (Kevin Kadow) stated: Personally, I am in favor of BOTH per call and line blocking, with *67 doing nothing on a line with line blocking enabled, and another code (*68?) enabling caller-id sending if it was disabled. All at no charge. I agree, both per line and per call options should be made available to consumers. Several States and Service Providers support "unblocking" as you describe as "caller-id sending". Then, *82 is generally used. Regards, Lynne ------------------------------ From: cntrspy@netcom.com (Executive Protection Assoc) Date: 13 Jul 1994 00:07:20 GMT Subject: Re: Video Camera on Utility Poles Organization: NETCOM On-line Communication Services (408 261-4700 guest) Glen Roberts (glr@ripco.com) wrote: It might not be widespread yet, however, my sources tell me that they are one of the most popular surveillance items (to the law enforcement markert place). What are they? Remote control, pan, tilt, zoom, video cameras (some of the literature I've seen also says they have audio). They are mounted inside a utility transformer (looks like a Edison Transformer on a telephone pole). Also, telephone splicing boots and boxes. Actually they can be had for as little as $5K for the Telco splice boot and about $10-12K for the transformer. Pan tilt and zoom are controlled via the DTMF pad on a hand held radio, signal can be fed either via 24Gig microwave or a spare pair at 56Kbs with a high sampling rate. They are also VERY popular with our foreign clients, especially with an 880 Nms Infrared flood light source. Will light up a country or city intersection and take GREAT quality video ! They have been around for at least 8 years that I know of. We use them for our High risk clients. -- Chris Hall Chief Operating Officer Executive Protection Associates, Inc. Worldwide Investigations, Privacy Protection, Off-Shore Banking and Trust Agents. Second Passport and Economic Citizenship Agents. Opinions Expressed are those of the author and NOT those of E.P.A.I. ------------------------------ From: lupienj@wal.hp.com (John Lupien) Date: 13 Jul 94 17:41:58 EDT Subject: Re: Clipper security and other lies patchman writes: Subject: What's a Cop to Do? Greetings Cyberati, My question regarding the Clipper is this: If a law enforcement official suspects illegal activity behind electronic enemy lines, what would he/she do for surveillance if he/she didn't have the Clipper? A better question might be "what would the cop do if they DID have Clipper?" Unless the suspect is not only crooked but stupid, they won't be using Clipper for sensitive communications. And in fact, geven that Clipper is a manifestly insecure system, nobody who wants security, whether for licit or illicit reasons, will use it for sensitive communications unless they are either stupid or they don't really care that much about the security of the sensitive conversation. Unless I am quite sure that the channel I am using can be decrypted ONLY by my trusted correspondent, then use of that channel for sensitive correspondence is simply untennable. The notion that the law enforcement community needs Clipper to catch "bad guys" is apparently a red herring: many electronic eavesdropping mechanisms exist which do not require wiretapping, and wiretapping is relatively ineffective for catching any but the stupidest of crooks. I rather doubt that any crook smart enough to know that they want to encrypt sensitive phone calls is dumb enough to use an encryption mechanism that the government can decrypt. Given that, it would appear that the real purpose behind the Clipper proposal is an attempt to prevent people from using effective encryption mechanisms, which is an effort which seems doomed to failure from the get-go, as in fact strong and effective encryption is already available and in use, world-wide. -- John R. Lupien lupienj@wal.hp.com ------------------------------ End of Computer Privacy Digest V5 #005 ******************************