Date: Sun, 31 Jul 94 09:24:51 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V5#015 Computer Privacy Digest Sun, 31 Jul 94 Volume 5 : Issue: 015 Today's Topics: Moderator: Leonard P. Levine DMV records available to anyone who wants to subscribe Digital Telephony Bill - Latest Status Bank of Canada opposes widespread availability of cash machines CNN Report on Aurora, Ill. Re: Is License Plate No. a Key to Personal Info? Re: Is License Plate No. a Key to Personal Info? Re: Many Phone Taps are now Legal Re: Government E-Mail Directive Monthly CPD Message --------------------------------------------------------------------- Housekeeping information is located at the end of this Digest. ---------------------------------------------------------------------- From: bfolensbee@aol.com (Bfolensbee) Date: 29 Jul 1994 22:59:03 -0400 Subject: DMV records available to anyone who wants to subscribe Organization: America Online, Inc. (1-800-827-6364) There are a number of commercial "information providers" which can be subscribed to and the ones I have seen include not only DMV records but info on your property, neighbors, any type of publicly filed information such as bankruptcies, tax liens, judgements against you, whatever. It always amazes me what is available on most people in this country that they have no idea someone can access. ------------------------------ From: jdevoto@apple.com (Jeanne A. E. DeVoto) Date: 30 Jul 1994 03:27:52 -0700 Subject: Digital Telephony Bill - Latest Status Organization: Apple Computer, Inc., Cupertino, California [Article by Brock Meeks, originally posted to the wired conference on the WELL and reposted here with permission]: --------------------------------------------------------- CyberWire Dispatch // Copyright (c) 1994 // Jacking in from the "Just Nationalize It" Port: Washington, DC -- The most recent draft of the FBI's digital wiretap bill turns control of the nation's communications network over to the Justice Department. It's a twisted policy that, in essence, ponies up more than $500 million in an effort to nationalize all telephone and electronic communications networks, a move that's unprecedented in U.S. history. For although private companies retain control over profits and revenues, this bill puts them at the technological beck and call of the Justice Department. Think of it as Attorney General Janet Reno moving her lips, but it's FBI Director Louis Freeh making all the noise. The July 19 draft of the FBI bill obtained by Dispatch, gives the Justice Department the authority to make technological demands of the nation's communications networks that must be complied with or risk severe penalties. However, the bill specifically states that law enforcement agencies can't dictate a "specific design or system configurations," but that's little comfort. The bill gives the government the authority to dictate -- forever - -specific capabilities each communications company has to met or be held in contempt, forced to pay as much as $10,000 for every day they can't met the government's demands of easy wiretap access to their customer's conversations, electronic mail messages, faxes or file transfers. The draft also dramatically expands the scope of the bill, from just "common carriers" (which are mainly your local and long distance telephone companies) to a new category of "telecommunications carriers." This new category, penciled in at the insistence of the telephone companies facing the threat of having to bear the entire burden for making the FBI's job easier, includes "any person or entity engaged in the transmission or switching of wire or electronic communications for value for unaffiliated persons, but does not include persons or entities engaged in providing information services." This means all networks, including the one that delivered this Dispatch article to your electronic mailbox, will now have to be "wiretap ready," according to FBI blueprints. The only companies that escape are free BBSs and systems that must prove they are information services rather than communications services. Just how America Online, Prodigy and CompuServe will deal with this is unknown, since systems like these split the fence between information providers and communications facilitators. If this bill is passed, the Attorney General has one year to draw up its easy wiretap access battle plan and present it to the industry. Included in that plan must be a written notice of the maximum capacity required to "accommodate all the communications interceptions, pen registers and trap and trace devices" the Attorney General "estimates" the government will need. All "telecommunications carriers" then have 3 years to comply with those requests. The catch is, the Justice Department can "periodically" provide updates to that original plan, which "increases the maximum capacity" first stated. For each upgraded estimate, the industry has 3 years to cooperate or get hammered. If a carrier fails to comply, the Justice Department can order compliance, up to and including ordering manufacturers to redesign their products so they can be installed on U.S. communications networks -- yes, that includes the amorphous Internet, at least on the U.S. side. Noncompliance carries the possible fine of $10,000 per day. However, the current bill takes away the veritable "Thor's Hammer" authority from Justice, that is, the ability to shut down a carrier's network for not complying with the bill. Standards? We Don't Need No Stinking Standards ========================== Just to make sure that all this "easy use wiretap" software gets codified, there will be standards written. This means every public telephone network and communications system, will, forever, now come with built in eavesdropping capability, courtesy of Uncle Sam. The bill doesn't actually demand that wiretap access be written into the standards, but the sub-text of the bill clearly intends for them to be there. "The absence of specifications or standards for implementing" wiretap access won't be considered an excuse for carriers to claim noncompliance, the bill says. Enter the Federal Communications Commission. Under this bill, the FCC is made out to be court of last resort for any wiretap standards disputes. "[I]f industry associations or bodies fail to issue specifications or standards, any person may petition" the FCC to "establish... specifications or standards" that implement easy wiretap access, the bill says. In other words: If industry tanks on creating specs, Uncle Sam, impersonating the above referenced "any person" will compel the FCC to write the damn things. The FBI gets its wiretap software written voluntarily or by force. They don't care which route they have to take. Of course, the FCC is woefully equipped to write standards; they are enforcers after all of such standards, not creators of them. So, in order to help out with this egregious task, the bill allows the FCC to assess and collect fees that it will levy against telecommunications carriers for, well, there's no nice way to say this, doing their fucking job. And get this, the FCC gets to use that penalty tax money to help it pay for writing the wiretap rules. You gotta love these bill writing wonks for creating: Self-help Agency Funding or "Bigger Appropriations Through Fines." The Bottom Line ============== What's it going to cost to allow the FBI to eavesdrop from virtually any "remote" location of their choice, as the bill states? The first bite from the taxpayer wallet is a healthy $500 million in the first 3 years. (Remember, now, FBI Director Louis Freeh, as late as last month, was on television telling the world this electronic Trojan Horse would cost only $300 million.) However, the bill contains a "blank check" clause, which allows the government (Hint: This is really you and me) to continue paying for upgrades to this wiretap software from 1999 "and thereafter" in "such sums as may be necessary to carry out the purpose of this act." You can thank the telephone companies for this clause. Without the endless credit line, they said they would fight the bill with all their resources. Now they'll just whimper a lot and roll over. Although the telephone still oppose the bill on principle -- they just don't like the government telling them to do anything -- they're just happy not to have to pay for this themselves. As long as every other telecommunications company gets stung and the taxpayer foots the bill, well, hell, they can live with it. Besides, they have bigger fish to fry, like squeezing Congress to let them into the long distance market where they can really make some coin. So, what we get now from the telephone industry -- trust me on this -- is token opposition to the FBI bill. "This thing is beginning to smell like law," said a telephone company executive familiar with his industries efforts on the bill. Dispatch suggested a more colorful "smells like" phrase. The executive simply smiled. All Said And Done ================ The bill, while not the final version, is "pretty damn close," a congressional staffer said. The fight over language hasn't been pretty and it's likely to continue to be ugly until the final bill is submitted, which will be before the August recess. "We will have a bill one way or another," another congressional staffer said. The staffs of Senator Patrick Leahy (D-Vt.), Sen. Joe Biden (D.-Del) and Rep. Don Edwards (D-Cal.) have all had a crack at melding this bill. EFF's been in there fighting, too. In fact, EFF's legislative liaison cancelled a trip to Japan to stay and "fight" for better language in the bill, according to a message he posted online. If that's the case, someone needs to fight harder. There is, however, some evidence of EFF's fingerprints on this bill. The bill specifically states, for example that "any law enforcement agency" is NOT authorized to "prohibit the adoption of any feature or service by providers of wire or electronic communication service." This means that if your "telecommunications provider" provides some kind of encryption capability -- even non-government approved encryption -- this bill doesn't force you to turn over the encryption keys to the cops. And in the area of transactional data, the bill limits the cops to just getting your telephone number and address, without the ability to scavenge through all your private transactions and billing records. This ends the threat of the bill having the effect of turning the telephone network into "a nationwide surveillance tool" of the FBI, as EFF Executive Director Jerry Berman said previous versions of the bill would allow. Just remember, as this bill stands, the FBI bought your privacy rights for a mere $500 million-plus. That cheap at twice the price. Meeks out... [end reposted article] -- ======== jeanne a. e. devoto =========================================== jdevoto@apple.com | You may not distribute this article under a jdevoto@well.sf.ca.us | compilation copyright without my permission. ========== Clipper: Just Say No - as many times as it takes. =========== ------------------------------ From: ua602@freenet.victoria.bc.ca (Kelly Bert Manning) Date: Fri, 29 Jul 94 21:54:29 PDT Subject: Bank of Canada opposes widespread availability of cash machines A document recently obtained under Canada's Access to Information act has revealed that the Bank of Canada opposes the widespread availability of automated bank machines(gas stations, beer stores, drug stores, supermarkets, consumer electronics, etc.) dispensing $20 bills because they make the canadian currency system "inefficient". Apparently there are about 53 bills in circulation for every $1000 of currency, putting the Canadian Dollar in 18th position according to this measure of "efficiency". The bank would like to replace the $2 bill with a coin, and get more people to use $50 and $100 bills. It will also retain the $1000 banknote, which had been scheduled for removal from circulation. It sees the popularity of $20s dispensed by bank machines as a major obstacle to improved "efficiency" of the monetary system. Above all it would like to replace the widespread use of these machines for obtaining spending money with credit cards, checks, and debit cards, all of which happen to be traceable and which could be used to obtain information about individual buying habits and which are usually recorded in computer systems. Other proposals in the document were not released. ------------------------------ From: "Prof. L. P. Levine" Date: Fri, 29 Jul 1994 14:27:14 -0500 (CDT) Subject: CNN Report on Aurora, Ill. Organization: University of Wisconsin-Milwaukee The following was taken (without permission) from alt.privacy, an unmoderated discussion group: From: klootzak@stein4.u.washington.edu (Michael Stuyt) Newsgroups: alt.privacy Subject: CNN Report: Aurora, Ill. Date: 26 Jul 1994 17:27:48 GMT Organization: University of Washington Interesting report on CNN Headline News last night about landlords in Aurora, Ill. Apparently, on advice of the local police, landlords have begun to request arrest records as part of the screening process for potential tenants. Note: arrest NOT conviction. So as part of the rental process, the potential tenant has to get a copy of their arrest record from the local station. They interviewed a landlord, with the expected 'see, look at this apartment that was used as a drug lab', an advocate for housing, she touched upon the privacy issue, and a cop. Thoughts? From: glr@ripco.com (Glen Roberts) Newsgroups: alt.privacy Subject: Re: CNN Report: Aurora, Ill. Organization: RCI, Chicago, IL We covered this topic on Full Disclosure Live the last two weeks. A landlord that uses a tenant rating service, called in and said that he loved the service, because he didn't have to worry about the responsility of picking tenants.. he just told them, that had to have a 6 or 7 rating to get an apt... and that was the end of his worry. Is life better if you let OTHERS take responsibility for you? The police thing is worse... the Chicago Tribune article on it, put the focus on LANDLORDS doing the JOB of the POLICE! If the police did their job, the landlord would't need to participate in this plan. ------------------------------ From: oppedahl@panix.com (Carl Oppedahl) Date: 29 Jul 1994 13:03:46 -0400 Subject: Re: Is License Plate No. a Key to Personal Info? Organization: Oppedahl & Larson harris.jarnold@ic1d.harris.com (Jon Arnold) writes: While watching channel 6 late news last night, they did a short clip on the fact that in Florida, if you get a vehicle's license plate number, you are *readily able* to get the owner's name, date of birth, *social security number*, address, etc. I can't believe this!?! The example used in the clip was that if for example somebody cut you off while driving and you got the license number, you could go to any tax collector's office and simply ask for the information, and they are *required* to give it to you. There MUST be more to the story than this!?! The clip went on to say that this law was repealed in California a few years ago because some woman was stalked & killed by somebody who got information about her this way. Is there a bright side to this law? Surely it can't be as "open" as the news clip suggests? All the more reason to set up one of those $100 corporations to own your car, and presumably your home as well. -- Carl Oppedahl AA2KW Oppedahl & Larson (patent lawyers) Yorktown Heights, NY oppedahl@patents.com ------------------------------ From: Jeff Hupp Date: Fri, 29 Jul 1994 17:57:12 Subject: Re: Is License Plate No. a Key to Personal Info? Organization: Gensys Technologies, Inc. harris.jarnold@ic1d.harris.com (Jon Arnold) writes: While watching channel 6 late news last night, they did a short clip on the fact that in Florida, if you get a vehicle's license plate number, you are *readily able* to get the owner's name, date of birth, *social security number*, address, etc. I can't believe this!?! The example used in the clip was that if for example somebody cut you off while driving and you got the license number, you could go to any tax collector's office and simply ask for the information, and they are *required* to give it to you. Well, here in Houston, Texas (Harris County) there is a $2.00 charge per plate number searched. -- Jeff Hupp | Public education, | it's a bug, not a I speek for myself, don't you? | feature. ------------------------------ From: johan@netcom.com (Johan Strandberg) Date: Fri, 29 Jul 1994 14:08:10 -0800 Subject: Re: Many Phone Taps are now Legal Chuck Weckesser writes: [A cordless phone] available from the Sharper Image (A Uniden model) operates on the 900 mghz range, making "accidential" interception impossible. Ha! My cordless headphones operate in the 900 MHz range too and every time they are slightly de-tuned I get treated to numerous phone calls. And I don't even try... -- Johan Strandberg ------------------------------ From: binskeep@crl.com (Bob Inskeep) Date: 29 Jul 1994 15:24:21 -0700 Subject: Re: Government E-Mail Directive Organization: CRL Dialup Internet Access 415-705-6060 [login: guest] Dan Newcombe (newcombe@aa.csc.peachnet.edu) wrote: huggins@quip.eecs.umich.edu (Jim Huggins) writes: shown each time I used it, but I disregarded them.) The theory being, of course, that IBM wasn't paying for Internet access so that I could talk for free with my girlfriend (now my wife). I thought that for Internet access, places paid one flat annual fee. So what difference does it make. It would seem you'd be getting your moneys worth if people used it more and more. My opinion exactly. The Govt usually pays a flat rate for a system, the cost is there whether or not the system is on, off, in use, idle, personal or work mail. I suspect several reasons for limiting the use of Gov systems for email or private postings (though I see many, many gov or mil domains on usenet postings). One could be the view that it is fraud waste and abuse of Gov Equipment. The other being that an employee is paid to work, not send private email. Let the press find out about such use..there would be heck to pay..too many questions to answer. ------------------------------ From: "Prof. L. P. Levine" Date: Sun, 31 Jul 1994 09:13:35 -0500 (CDT) Subject: Monthly CPD Message Organization: University of Wisconsin-Milwaukee The paragraphs below are the boilerplate text normally printed at the bottom of the eMailed copy of the Computer Privacy Digest. As a result they would never be seen by the readers of the comp.society.privacy newsgroup were it not for this posting. People who read this as a newsgroup should simply post contributions. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. People who read the digest eMailed to them generally need only use the Reply feature of their mailer to contribute. All contributions are acknowledged within 24 hours of submission. An article is printed if it is relevant to the charter of the digest. If selected, it is printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the subject line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. Boilerplate text follows: The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. Back issues are available via anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The archives are in the directory "pub/comp-privacy". People with gopher capability can access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. Back issues are available via anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The archives are in the directory "pub/comp-privacy". People with gopher capability can access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Archives are also held at ftp.pica.army.mil [129.139.160.133]. End of Computer Privacy Digest V5 #015 ****************************** .