Date: Thu, 01 Sep 94 08:54:47 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V5#029 Computer Privacy Digest Thu, 01 Sep 94 Volume 5 : Issue: 029 Today's Topics: Moderator: Leonard P. Levine Credit Reports Advertising on the Net Electronic Cash Post Office Boxes Internet White Pages Satellite Imaging for Targeted Marketing? Re: Credit Reporting DM News Article WA State DOT "Congestion Pricing" Project Re: Online Stalking Big Brother on the Autobaun Re: SSN Dial In Database Re: Bank Account Numbers Posted in Error Monthly Posting --------------------------------------------------------------------- Housekeeping information is located at the end of this Digest. ---------------------------------------------------------------------- From: "BETH GIVENS" Date: 29 Aug 1994 22:12:26 -0700 (PDT) Subject: Credit Reports Zaf asked how to go about getting one's credit report. You are welcome to sign onto the Privacy Rights Clearinghouse gopher -- gopher gopher.acusd.edu. Our fact sheet number 6 contains information on how to get your credit report. Each of the three credit reporting bureaus has a toll-free number to call (TRW, Equifax, and Trans Union). A recorded message gives you the information you need to go ahead and order your report. We recommend starting with TRW, since the report is free. -- Beth Givens, PRC ------------------------------ From: Robert Ellis Smith <0005101719@mcimail.com> Date: 29 Aug 94 12:04 EST Subject: Advertising on the Net FROM THE AUGUST ISSUE OF PRIVACY JOURNAL 0005101719@mcimail.com The vice president of a major New York advertising agency has ventured into the world of the Internet in a cautious way that he presumably hopes will not disturb the natives. In the past, attempts to bring advertising to the computer- message and research network, whose spontaneity and openness are zealously protected by its millions of users, have been met with electronic hostility. Martin Nisenholtz of the established ad agency Ogilvy & Mather has a title that itself would alienate 'net users: senior vice president and director of interactive ventures. This summer he published guidelines for effective advertising on the Internet. To date the government-founded network has been commercial free, but Nisenholtz considers electronic ads inevitable. Several of the firm's clients want to advertise on the Internet, he says. His suggestions: * Don't send intrusive messages, only those requested or those relevant to a recipient's previous inquiries. * Post ads only if the topics are relevant to the news group or discussion. * Marketers should be free to post offers, but only if they fully disclose their identities and the terms of the deal. * Don't rent or sell a consumer's personal information without permission. On the Internet there is no expectation of commercial use of personal information, as there is in direct-mail sales. * Marketers should be able to conduct research on consumers' buying habits, but only with consent. * Marketers should not gather data surreptitiously. "The market is huge," says Nisenholtz. One reason is that an interactive service can provide verification of regular readership and use, even by age, sex, residence, affluence, or other indicators. Another advantage to advertisers is that specific messages can be sent to identified households or offices. One of the first breakthroughs that will bring advertising to the Internet came this summer with the use of encrypted methods for making secure credit-card payments over electronic networks. Nisenholtz says he is trying to distinguish between the Internet and blatantly commercial-oriented on-line services like Prodigy and America On-Line and to forge "a middle ground between being completely non-commercial and a complete free-for-all." But Mike Godwin, counsel of the Electronic Frontier Foundation, an Internet watchdog, says that the guidelines don't prevent anyone from doing anything. And besides, "no set of rules is going to be enforceable because the 'net is not hierarchically oriented. There's no one to police it." And that, apparently is why users like it. ------------------------------ From: William Hugh Murray <75126.1722@compuserve.com> Date: 30 Aug 94 07:42:06 EDT Subject: Electronic Cash -- [ From: William Hugh Murray * EMC.Ver #2.0 ] -- >....MIGHT THE PROGRESS OF PEOPLE SUCH AS DAVID CHAUM BE IN VAIN, GIVEN THE TENDENCIES OF GOVERNMENT, AND THE HUMANS OF WHICH IT IS CONSISTED?". That government's will resist electronic cash is a given. They are concerned that it will interfere with tax collection and with the sovereign's traditional "right" to issue currency. That they will also resist the use of strong cryptography is equally clear. This resistance is even more fundamental since strong cryptography will enable not only the above but because it will interfere with the necessary surveillance of the goverened. While government assert the right to control encryption by law, this right is at best limited and perhaps non- existant. It is not even clear that they could do it if they tried. It is not clear that control of cryptography is the line of resistance against electronic cash that the government will pursue. A more likely path would be the less disputed right to control the minting of currency. Singapore has attempted to pre-empt control of electronic cash by issuing their own cards and by assuming control of the telecommunications infrastructure. Nonetheless, short of cutting off all communication with the outside world, a more private money will drive a government money from the market. (No government has ever succeeded in repealing Gresham's law.) It may well be that it will be that is the efforts of the government that will prove to be futile. -- William Hugh Murray New Canaan, Connecticut ------------------------------ From: "Prof. L. P. Levine" Date: 30 Aug 1994 12:11:50 -0500 (CDT) Subject: Post Office Boxes Organization: University of Wisconsin-Milwaukee In alt.privacy we see the following dialog: Newsgroups: alt.privacy From: an86579@anon.penet.fi X-Anonymously-To: alt.privacy Organization: Anonymous contact service Reply-To: an86579@anon.penet.fi Date: 30 Aug 1994 01:22:50 UTC Subject: Post Office Boxes Hi, I am not sure if this has been discussed on this newsgroup, so forgive me if it has. I have used a PO Box for several years due to privacy concerns. I am a SWF, and don't want my home address readily accessible. WELL, I just learned that all one has to do to attain the home address of a PO Box holder is fill out a form and pay two bucks. Most people don't know this anyway (though more will now!) but I think that this is very uncool. Newsgroups: alt.privacy Message-ID: <349@asj.win.net> References: <012414Z30081994@anon.penet.fi> Reply-To: jmoyle@asj.win.net (John Moyle) From: jmoyle@asj.win.net (John Moyle) Date: 30 Aug 1994 06:10:23 GMT Subject: Re: Post Office Boxes Although I don't like it from a business stand point, I am sure you will be happy to know that this has changed. You can still follow the same process for a business PO Box however the physical addresses for the PO Boxes of private citizens are no longer availible. I know that you can treat the PO Box as an address, for example use a mailing address like this: John Jones 1620 East Capitol Drive #1422 Shorewood WI 53211 and never indicate that 1620 East Capitol Drive is, in fact, the Shorewood Post Office and 1422 is your box number. (the name and actual box number are false, the address is correct) Letters get to you just fine. According to the above, there is no way to get your home address or even to see that this is not it. Hmm... -- Leonard P. Levine e-mail levine@cs.uwm.edu Professor, Computer Science Office 1-414-229-5170 University of Wisconsin-Milwaukee Fax 1-414-229-6958 Box 784, Milwaukee, WI 53201 ------------------------------ From: Shawn Leard <71370.2551@compuserve.com> Date: 31 Aug 94 10:48:35 EDT Subject: Internet White Pages Could someone please post the e-mail address to be taken off the Internet White Pages? Thanks, Shawn Leard ------------------------------ From: "Prof. L. P. Levine" Date: 1 Sep 1994 07:50:03 -0500 (CDT) Subject: Satellite Imaging for Targeted Marketing? Organization: University of Wisconsin-Milwaukee From RISKS-LIST: RISKS-FORUM Digest Weds 31 August 1994 Volume 16 : Issue 37 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Date: 30 Aug 1994 13:18:31 -0500 (EST) From: Denis Haskin Subject: Satellite imaging for targeted marketing? A 25 Aug 1994 article in the *San Jose Mercury News* discusses BADGER (Bay Area Digital GeoResource), an "electronic library of maps, census data, property lines and environmental features." This is a project funded by NASA and involves Bay Area cities+towns, a company called Smart Valley, NASA Ames, Lockheed, and other companies to "create a shared data base of geographic information about the Bay Area and the software to help cities use it to identify polluters, prevent power failures or plan land-use policies." Sounds pretty benign until you get to the discussion of use of this data by private companies for identifying potential customers, to wit: Organizers say private companies might make use of the mapping service as well. For example, a satellite photo that located swimming pools could be cross-referenced to a property-tax map to create a data base of pool owners. That could be useful to pool-cleaning services. With high-resolution satellite images, roofers might be able to locate homeowners with aging wood shake roofs. The risks to personal privacy are, I think, obvious. -- Denis Haskin, Sr. Mgr., Production Engineering, Information Access Company, 10 Presidents' Landing, Medford, MA 02155 dwh@epub.ziff.com 617 393 3649 ------------------------------ ------------------------------ From: Terrence P Maher Date: 29 Aug 1994 09:33:22 -0500 (CDT) Subject: Re: Credit Reporting Question was: Does someone know how to get a copy of ones credit report? Any help would be appreciated. Answer: All you need to do is call a credit bureau listed in your local yellow pages. They have to provide you a copy, and, in certain cases, they have to provide it to you for free. ------------------------------ From: "Prof. L. P. Levine" Date: 29 Aug 1994 13:10:53 -0500 (CDT) Subject: DM News Article Organization: University of Wisconsin-Milwaukee DM News is a weekly trade newspaper that calls itself "the weekly newspaper of record for direct marketers." A commentary by Ray Schultz in the August 15th issue discusses the opinions of direct marketeers and of privacy advocates with respect to the privacy of the databases they use. In this review of his commentary I have quoted the italicized portions of his remarks, and paraphrased the rest: Discussing the fact that Toyota matches it customer names against Prodigy's list and then sends eMail to the "hits", he points out that a professional privacy psycho (his term) might ask: (italics) How can two separate firms I'm doing business with be allowed to compare notes on me, especially Prodigy, which has its hooks in me right up the kiskas? (sic) I should be asked for my consent in each and every case. (end italics) Discussing Chase Manhattan beginning a prospecting database for certain offers: (italics) What right does Chase have to hold my name on their computers as a noncustomer? Don't J.C. Penny and the NRA have similar things? The next thing you know the Ku Klux Klan wil be ID'ing me as a nonmenber. (end italics) Discussing a cooperative arrangement of two corporations to combine databases to enhance and model data: (italics) I know Polk - its the one with the auto list. I don't want those Big Brother types seeing my name, even third hand.... What if someone sends me pornography, or an ecologically unsound offer? They should pay me for the use of my name.... (end italics) Discussing the fact that a firm offers a service for mounting catalogs on the Internet - the cataloger can determine how much time the viewer spends on each page, whether he orders or not: (italics) Is there anything they can't find out about me? I know how these data rapists work: I can see them offering a list of "lingerie no-buyers, male, spent 20 minutes looking." We need a data-control czar. (end italics) He ends with a tongue in cheek comment about how crazy these privacy advocates are. I believe his intent is to warn his industry about improper practice. Even the list buyers are beginning to know that they are going very far and are risking legislation to control them. As a personal note, it is strange how the private sector seems to be unable to control itself without the threat, and often finally the imposition, of government controls. They then view with alarm the restrictions the government imposes on them. Can the shakers and movers in the data collection industry not look at the history of the railroads, the aviation industry and others and realize that policing themselves is worth the effort? (footnote: I believe that "kiskas", probably better written as kishkas, is yiddish for entrails.) -- Leonard P. Levine e-mail levine@cs.uwm.edu Professor, Computer Science Office 1-414-229-5170 University of Wisconsin-Milwaukee Fax 1-414-229-6958 Box 784, Milwaukee, WI 53201 ------------------------------ From: Peter Marshall Date: 29 Aug 1994 11:15:39 -0700 (PDT) Subject: WA State DOT "Congestion Pricing" Project Proposal for the "Puget Sound Congestion Pricing" project was initiated by United Infrastructure Washington, Inc., and describes "a phased approach to introducing the concept of congestion pricing in the urban growth areas of Puget Sound," involving use of "peak period fees." Enabling same is use of "automatic vehicle identification," which involves vehicle-mounted "small battery-powered radio transponders" and an "electronic toll and traffic management system." According to the project description, "Roadside attenae will read the AVI tags and transmit account numbers and tolls to a computer, where motorists' accounts will be debited...." Phase 1 costs are estimated by the proposer at $32.5 million. The proposer is described as a "permanent joint venture of Bechtel and Kiewit," with members of their "team" including MFS Network Technologies, Evergreen Policy Group, and Preston, Gates and Ellis. In response to some preliminary questions about the evident privacy implications of the proposal, DOT sources referred to what they described as visual surveillance of vehicles and perhaps of plate numbers to determine number of occupants; noted their expectation that the "privacy question" would predictably come up, but stated that it would be dealt with through upcoming negotiations with the proposer, referring further privacy-related questions to UIW, Inc. More to come.... Happy motoring; leave the driving to us, etc. -- Peter Marshall ------------------------------ From: "David A. Honig" Date: 29 Aug 1994 16:45:34 -0700 Subject: Re: Online Stalking Organization: UC Disneyland, in the Kingdom of Bren "BETH GIVENS" writes: Regarding "What can one do with an e-mail address...Try to stalk me? Haha." We got a call on the Privacy Rights Clearinghouse hotline last year from a woman who was being stalked via e-mail at her job. The stalker worked on the same campus and also made his presence known in the building in which she worked. Because of the persistence of the messages and the threats they contained, she left her job and moved to another city. -- Beth Givens, PRC How could the stalker send email and not incriminate herself? The stalker would need to be root to go around the mailers and systems can be set up to log who becomes root, unless the stalker is cleverer than the rest of the sysops. -- David A. Honig, informivore Prof. D. Denning: fool, fascist or Faust? Only the NSA knows for sure.. "Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves." -- William Pitt ------------------------------ From: wb8foz@netcom.com (David Lesher) Date: 30 Aug 1994 01:58:26 GMT Subject: Big Brother on the Autobaun Organization: NRK Clinic for habitual NetNews Abusers - Beltway Annex Clarinet reports in: Germany - Toll-Road Technology Planned 08/29/94 Date: 29 Aug 94 18:57:06 GMT That DeTeMobil, operator of the GSM phone system, is proposing an automatic GPS-based toll-charging system. They would "require all German motorists to install a GPS positioning unit with GSM data facilities in their cars." The privacy aspects are overwhelming. I find this especially surprising in Germany. Since WWII, they have had a very strong pro-privacy stance. In fact, a recent Post article on the increasing use of private video surveillance in Great Britain pointed out it would NEVER be accepted on the Continent. -- A host is a host from coast to coast.................wb8foz@nrk.com & no one will talk to a host that's close...........(v)301 56 LINUX Unless the host (that isn't close).........................pob 1433 is busy, hung or dead....................................20915-1433 ------------------------------ From: poivre@netcom.com (Poivre) Date: 31 Aug 1994 04:52:44 GMT Subject: Re: SSN Dial In Database Organization: NETCOM On-line Communication Services (408 261-4700 guest) Todd Leonard (todd@meaddata.com) wrote: Glen Roberts (glr@ripco.com) wrote: Now, there is something new. SSN-BASE, a public, free, interactive SSN database. It's easy to check out. Just call from your modem (2400 baud): (708) 838-3378. I tried this service. First, I entered a number that "looked like" a SSN, to which it replied something to the effect of "I've never heard of that, but I'll add it to the database". Next I tried 000-00-0000, and then 123-45-6789, both of which were found, leading me to suspect somebody before me had tried the same experiment. I tried this service too. It just has SSNs in it. I think it will be far more useful if it contained names to go along with those numbers. Look up via number and it'll give you the name. Look up the name and it will give you the number. Enter new SSNs by requiring a name field to be filled, etc etc etc. -- . . . . . . . . . . . . . . . . . . . . . . . . . . poivre@netcom.com : #include : . . . . . . . . . . . . . . . . . . . . . . . . . . ------------------------------ From: skypatrl@crl.com (Albert Zhou) Date: 30 Aug 1994 21:55:06 -0700 Subject: Re: Bank Account Numbers Organization: CRL Dialup Internet Access (415) 705-6060 [login: guest] wayne@arrow.HIP.berkeley.edu (Wayne Christian) writes: This is incorrect EFT is controlled by a similar set of laws as credit cards. You have 60 days to dispute a transfer. You simply contact your bank and inform them that a EFT was not authorized. The bank will investigate and can leave the charge on if there is enough evidence that the charge was correct. If the bank decides not to give you money back, then you have to try to collect it, possibly taking them to court. If it's a small amount, you probably don't want to spend a lot of legal fees to pursue it. So you lose money. If you it's a charge on the credit card, you can simply refuse to pay. To get money from you, the credit card company has to initiate legal actions against you. If it's small amount, or if they don't think they can won, they'll just forget about it. So you DON'T lose money. See the difference? ------------------------------ From: "Prof. L. P. Levine" Date: 31 Aug 1994 18:40:20 -0500 (CDT) Subject: Posted in Error Organization: University of Wisconsin-Milwaukee A very long posting appeared three times in this newsgroup, twice as an error on the part of the poster and once correctly posted. The author had included an "Approved:" line in his posting as an oversight and has indicated it will not happen again. I hope that I have the grace to act as well as he did the next time I blow it. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ From: "Prof. L. P. Levine" Date: 31 Aug 1994 18:54:53 -0500 (CDT) Subject: Monthly Posting Organization: University of Wisconsin-Milwaukee The paragraphs below are the boilerplate text normally printed at the bottom of the eMailed copy of the Computer Privacy Digest. As a result they would never be seen by the readers of the comp.society.privacy newsgroup were it not for this posting. People who read this as a newsgroup should simply post contributions. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. People who read the digest eMailed to them generally need only use the Reply feature of their mailer to contribute. All contributions are acknowledged within 24 hours of submission. An article is printed if it is relevant to the charter of the digest. If selected, it is printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the subject line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. Boilerplate text follows: The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. Back issues are available via anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The archives are in the directory "pub/comp-privacy". People with gopher capability can access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. Back issues are available via anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The archives are in the directory "pub/comp-privacy". People with gopher capability can access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Archives are also held at ftp.pica.army.mil [129.139.160.133]. End of Computer Privacy Digest V5 #029 ****************************** .