Date: Mon, 03 Oct 94 15:48:53 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V5#043 Computer Privacy Digest Mon, 03 Oct 94 Volume 5 : Issue: 043 Today's Topics: Moderator: Leonard P. Levine Re: Eastwood Door Problem Re: Eastwood Door Problem Re: Eastwood Door Problem Re: Eastwood Door Problem Re: Eastwood Door Problem Re: Eastwood Door Problem Re: Eastwood Door Problem Re: Eastwood Door Problem Re: Post Office Boxes Background Check For Job Shareware Campaign Tool Re: How to Verify Your Phone Number CARDIS '94: Smart Card Research Conference Genetic Testing Information 2020 World - Erroneous Assumptions Info on CPD, Contributions, Subscriptions, FTP, etc. ---------------------------------------------------------------------- From: Dave Moore <72074.1740@compuserve.com> Date: 30 Sep 1994 16:55:21 -0400 (EDT) Subject: Re: Eastwood Door Problem Having worked for many, many, years in facilities that do just what you proposed; I had to comment. Your assignment as stated was somewhat contradictory. You said: A condominium, let's call it Eastwood, is planning to electrify the outside locking of its door system. What will be installed is electrical latches controlled by computers The data points are collected only to help detect the perpetrators of theft and vandalism and to secure the structure. They are not collected to identify the comings and goings of the residents, The first section said "Outside Doors". The second section said "Comings and Goings". This is the contradiction. Because of fire codes, you can't require people to key out. (This ignores high security DOD installations). Therefore, you can only collect "entry" data. At best, you can also tell when a door was opened for exit, but you can't tell by whom. The other factor that is ignored is "piggy backing" or "tail gating". Unless you install a special gate, you have to expect that when two or more people arrive at a door, only one person's key will be used and recorded. All others immediately present will simply enter through the now open door. One facility I worked at used a rotating gate that only allowed one person at a time inside to avoid tailgating. The recording software also generated a security alert if the same key were used for entrance within a short (less than 1 minute) period of time. You could make security go nuts by immediately leaving and coming in again. Piggy backs can also occurr during exits, in which case no entry key at all will be recorded. Again, this can be avoided with rotating exit only doors. -- David Moore ------------------------------ From: elvey-matthew@CS.YALE.EDU (Matthew Elvey) Date: 30 Sep 1994 20:13:30 -0400 Subject: Re: Eastwood Door Problem I haven't seen the assignment. It would seem to me that student #5's technical analysys was important and well done. The others did not include it, or in one case, did, but failed to note that the cost was negligible. No student considered the practical aspects of system security. "The only people that should have a right to request this information is(are) the tenants and the police department." Like most, this student has not discussed important details. the data _will_ only be available to tenants and police and the data _should_ only be available to tenants and police are very different statements. Could a Private Investigator bully his way into getting access? Or crack into the system? Possible, even probable. (also, people have the right to ask for just about anything, but their requests shuldn't all be granted!) ------------------------------ From: Christopher Zguris <0004854540@mcimail.com> Date: 30 Sep 94 21:27 EST Subject: Re: Eastwood Door Problem Why does information need to be stored at all? Enter the valid key codes (and whatever restrictions they may have) into the computer and leave it at that. The security system is merely access control, when or if a key is used is not important. If I have a valid key I should get in, it's nobody's business -- and no records need be kept -- of when I come and go. This is not Spy-Vs-Spy where the transaction record saves the day, nothing secret is going on that requires record-keeping of ths kind. The only justification I can see is for future use by someone or some agency that wants to find out about me, and I _certainly_ don't see that as a valid reason. Keep the system simple like the manual key it is supposed to replace and leave it at that. Why is it _everything_ digital _must_ keep logs? I suspect that if tenents were told that their _every_ entry and exit would be tracked down to the second, down to the particular door they used, and that information were to be kept around for a couple years readily available indexed to their digital key they would not be pleased with this new "safe" system. -- Christopher Zguris czguris@mcimail.com (just another happy MCI customer) ------------------------------ From: bernie@fantasyfarm.com (Bernie Cosell) Date: 01 Oct 1994 03:39:22 GMT Subject: Re: Eastwood Door Problem Organization: Fantasy Farm, Pearisburg, VA "Prof. L. P. Levine" writes: A condominium, let's call it Eastwood, is planning to electrify the outside locking of its door system. What will be installed is electrical latches controlled by computers which have loaded into their memories a list of some 600 numbers assigned to the 250 owners of units in the complex. ... I (a college professor) gave this problem to my class in Computer Ethics. What follows are some of the responses by students in my class. I am presenting them here in order to open discussion in this privacy forum. I think the topic should be of interest. I'd have to say that NONE of the examples you posted addressed the issues, particularly. [I'm sure your students wouldn't be happy taking a course from _me_ :-)]. Just looking quickly at the problem, I see three immediate issues that I think weren't really addressed: 1) why *should* the information be ephemeral? 2) Is the information really 'private' anyway?, and 3) what about what is done in similar non-computer-mediated situations? On 1: each student did some kind of cost analysis and made a decision [but on what basis?] that some particular length of retention would be cost effective. In particular, they seemed to _start_ with the presumption that the data ought not to be 'permanent', and worked on the question of 'how long'. I'm more curious about why they shouldn't have started by considering whether it would be improper to keep the information forever. Technical arguments won't wash -- I see that just as a dodge to avoid confronting the ethical question. And the ethical question is VERY hard, I'd say. If even the most adamant privacy fanatic would agree that the data has to be kept for a _little_ while for security reasons, then picking any particular expiration time feels _very_ arbitrary to me. Why six months instead of six years? What difference does it make [from an _ethics_ point of view]? On 2: This is another [generally unpopular] aspect of "privacy" that I come back to often in our discussions on these matters: what "privacy" should we expect in public activities? Why should there be a presumption of privacy in going from the street into a private building? What if someone was just sitting on a bench in front making note of the people who came and went, and when they came and went. Would such a record [of a clearly public activity] be unethical? Would it violate ones privacy for a third party to dare to _notice_ that you were out on the [public] street? Note that I'm careful here NOT to talk about what happens _inside_ the complex; that is private property and *is* private. But until the doors close behind you, you were "in public", and it isn't clear to me just how much privacy you ought to _expect_; and more importantly how much privacy you ought to be able to *demand* [should it be illegal for me to have noticed that you went into the building a 2AM last Thursday? Should I have to undergo some strange medical procedure if I can't manage to "forget" that fact in some period of time. It appeared that the students, by and large, _assumed_ that such information *was* 'private', but I don't think it is as easy as that and, indeed, some discussion of that very basic underlying assumption would be called for. As the folks here have long-since gotten tired of hearing, I generally believe that ones actions in public are, well, _public_ and so the a priori expectation is that if you do something in public it *will* be noticed, it *will* be recorded. Which leads to (3): there seem to be plenty of analogues about which one could think [if not do some research]. In many ways, I find it either amusing or depressing [depending on my mood] that computer folk so often believe that they are blazing trails, when it seems that that's rarely the case. On this matter, for example, fancy apartment buildings and apartment-hotels have had doormen, locked doors, registers to sign in [and more modernly, closed-circuit cameras watching the lobby]. As far as I know, no one has ever promised that any of THAT information is less than "forever". -- Bernie Cosell bernie@fantasyfarm.com Fantasy Farm Fibers, Pearisburg, VA (703) 921-2358 --->>> Too many people; too few sheep <<<--- ------------------------------ From: psw@maestro.mitre.org (Phil Wherry) Date: 30 Sep 94 20:45:34 EDT Subject: Re: Eastwood Door Problem Thanks for sharing your students' insights into the apartment building lock system. I'm curious: did any of your students address the issue that records, once kept, may not be released under the same privacy protections under which they were collected? (In other words, how does one guard against the situation in which the policy changes after data is collected?) -- Phil Wherry ------------------------------ From: pstemari@cbis.COM (Paul J. Ste. Marie) Date: 03 Oct 1994 15:17:28 GMT Subject: Re: Eastwood Door Problem Organization: Wireline Bill Create - CP&M, CBIS "Prof. L. P. Levine" writes: A good question might be asked. "How long should the data be kept, who should be allowed to see it before it is deleted, and under what conditions should the data be made available?" I (a college professor) gave this problem to my class in Computer Ethics. What follows are some of the responses by students in my class. I am presenting them here in order to open discussion in this privacy forum. I think the topic should be of interest. It is very interesting to note that none of the responses questioned the utility of maintaining this information. With presumeably 600 people coming and going daily from 250 units, it's highly doubtful that any useful information could be derived in the event of a breakin. -- Paul J. Ste. Marie This space psmarie@cbis.com ------------------------------ From: "anonymous" Date: 02 Oct 1994 10:36:52 -0500 (CDT) Subject: Re: Eastwood Door Problem Organization: University of Wisconsin-Milwaukee An interesting problem (because my condo complex has such a key system -- and I am unsure how long they keep the records). One thing has been overlooked by all your students -- people who enter the building without using their key, for ex by entering the building in back of a card-carrying person. How do you account for that person being in the building? Can you, even? Interesting debate. ------------------------------ From: "anonymous" Date: 02 Oct 1994 10:37:13 -0500 (CDT) Subject: Re: Eastwood Door Problem Leonard, a very fine discussion on Computer Privacy Digest regarding the "Eastwood" condominium project. Let me discuss a few thoughts: 1.) The Board of Directors or Homeowner's Association must first adopt a written plan concerning the installation of the door opening device. This must include full disclosure of what records will be kept, for what purpose and who will be able to obtain those records and under what circumstances. Obviously, obiedence to a Court Order would be one example. 2.) The official policy of the Board or Association must be duly ratified by the members. Once thse tow items are in place, then the collection of the record keeping is more or less a ministerial act. I recommend that since access to a from a location is involved, the minimum retention period be no less than the local statue of limitations for personal property crimes (misdeameanors) for tresspass, theft, etc. In many jurisdictions this is a minimum of one year, to which I would add at least three months for administrative purposes. In the event of a major crime such as burglary, rape, robbery. It may very well be that to destroy the log would be a criminal act in itself. The log under these circumstances would be considered evidence in any felony proceeding. They must be preserved until the status of limitation for the particular crime as passed. In the case of murder where there is no statue, the log can be turned over to the Court for safekeeping, such as registering a will. It would be then kept in the safe of the Superior Court until such time as the Court decided what to do with it. Logs of this nature can be easily compressed with any of the commercial and public domain compressors such as LHA, ARJ or ZIP. I would estimate that over 80% file size reduction would be achieved. If all of these logs were then collected over a period of months, or years, for a nominal sum, they could be transferred to CD-ROM for archive purposes. If the CD ROM could hold about 750 Megs of *compressed* data, it would probabily hold every record of every entry for 20+ years! If security and privacy are a concern regarding the compressed data, ZIP for example does have a failrly good "encryption" or garbble with password option. ------------------------------ From: Mike Crawford Date: 02 Oct 1994 13:55:45 -0700 Subject: Re: Post Office Boxes In California, businesses are required to provide a street address. I am not sure who collects this information - whether it is the resale license, the business license, or the franchise tax board, but the purpose is to discourage fraudulent businesses which have a PO box and no other way to track down or arrest them. I believe the state will provide this information to anyone. There is an exception for people who run businesses out of their homes. hmmm... I think maybe the actual law says that the street address has to be on any literature the business distributes. I'm hazy about this, but check it out. -- MIke Crawford crawford@scipp.ucsc.edu ------------------------------ From: lindline@rice.edu (Ann Lindline) Date: 02 Oct 1994 21:16:22 GMT Subject: Background Check For Job Organization: Rice University, Houston, Texas A friend just told me that one of her roommates works for a major defense contractor (one we've all heard of, but I shall not name). As a condition of employment, the contractor required that not only the employee but also all the roommates go through background checks. My friend had to fill out forms supplying info about place of birth, address, education, *social security number*, and other info. I plan to get more details about the kind of info requested/required. My friend thought it was weird, but didn't seem very indignant. I think all the roommates actually find it a bit exciting that this guy has a job he's not allowed to discuss with them. My friend had never heard of the company before, and probably wouldn't have cared about the guy's job, but of course the mystery makes them all curious. In fact, one of the roommates received a follow-up call/letter from the company that he must come to the company for an interview before the employee can be approved. All the roommates wonder if this person's Chinese ethnicity (but American citizenship, I think) is the reason for the interview. Is this legal? If you want to work for certain government agencies, I know you have to submit to, and subject your family and friends to, a lot of poking and prying into backgrounds. Is working for a defense contractor basically the same as working for the government? What rights to refuse would these roommates have? Any feedback is much appreciated. -- Ann Lindline Rice University ------------------------------ From: profile@netcom.com (Profile Software) Date: 03 Oct 1994 02:37:22 GMT Subject: Shareware Campaign Tool Organization: NETCOM On-line Communication Services (408 261-4700 guest) PROFILE SOFTWARE 703 Market Street Suite 1308 San Francisco, CA 94103 Walk a Precinct Electronically Political Software for the Masses For Immediate Release Saturday, September 24, 1994 Contact: Charlie Gallie Profile Software (415)512-9660 (415)512-9661 FAX profile@netcom.com San Francisco--Profile Software announces the release of Precinct Walker version 2.3 a DOS Shareware database program for campaign volunteers to walk a precinct by telephone. Precinct Walker takes advantage of the millions of home computers available to help organize a candidates supporters, get absentee ballot applications out, raise funds, recruit other volunteers, collect information and get out the vote. This is a Shareware product and the requested single user registration fee is $25.00, but users can download the entire program for free and determine whether this tool will be useful to them. Precinct Walker can be used for organizing voters for any candidate or cause. Huge volume discounts are available for any campaign or cause wishing to purchase multiple licenses. The intent is that this program will be used by campaigns across the country, whether they pay for it or not, to organize the grassroots that seems more apathetic and cynical than usual. Democrats have historically developed precinct organizations to get out their voters. This program attempts to use all of the new technology to automate the fund raising, voter identification, distribution of applications for absentee ballots, and get out the vote efforts. The next release of Precinct Walker, free to all registered users, and available in early October, will have a new get out the vote (GOTV) module. This fax-in function will allow a volunteer to produce a list of the voters in their precinct and to go to the polls and determine who has voted. This list can then be faxed in to the headquarters where it will be automatically read into a computer and automatically translated from fax to data and the files can be brought up to the minute. With this automatic update of the computer files volunteers can be assigned to call voters who have not voted by the time the voter said they usually vote. This program can be downloaded off of the Electronic Information Highway using the Internet. Users are encouraged to copy this program and give it to their friends for evaluation. They are encouraged to copy it to their favorite Bulletin Board Systems or Electronic Mail Systems. Our hope is that it will be tried by as many people as possible. This program is not only a first attempt to electioneer in cyberspace, but to distribute the software the same way. As David Wilhelm, chairman of the Democratic National Committee, and the Democratic National Committee(DNC) said in their recent press release: In addition to the $2 million contribution to the DCCC, the DNC will contribute $8 million to State Democratic Coordinated Campaigns. Democratic Coordinated Campaigns across the country help Democratic candidates best use their campaign resources through joint efforts to update voter files, oversee voter registration and absentee voter drives, purchase generic and GOTV advertising, and most importantly, run professional election day operations. "With historically low turnout in midterm elections, it is crucial to energize Democratic base voters," said Wilhelm. "That's where coordinated campaigns come into play. By working together in a coordinated grassroots effort, Democrats can best identify and contact our voters now with the goal of turning out as many of our supporters as possible on election day." All of which Precinct Walker can easily do. This software was originally designed so homeless people could be put to work raising funds for a Democratic Presidential candidate. For volunteers or campaigns unable to access the Network, Precinct Walker is available by calling, faxing, or writing Profile Software. Additional software programs are available from Profile Software including a program called Philly, a fund raising event manager. Additional information is available from Profile Software, 703 Market Street, Suite 1308, San Francisco, CA 94103 (415)512-9660 Tel (415)512-9661 FAX profile@netcom.com Email. This program can be downloaded by FTP at ftp.netcom.com. The program is in the directory ftp/pub/profile. It will also be available on CompuServe, AOL, and the Well as soon as possible. -30- Please feel free, in fact encouraged, to distribute this announcement in all appropriate places. ------------------------------ From: johnny@.interramp.com Date: 03 Oct 94 09:38:42 PDT Subject: Re: How to Verify Your Phone Number Organization: PSI Public Usenet Link I said earlier: If you dial 1-800-MY-ANI-IS (1-800-692-6647), you should be able to ascertain/verify the number you are calling from. This technique is particularly useful when calling from a pay phone (that accepts incoming calls but is missing a listed number) or when calling from an unlisted phone that you want to crack. [MODERATOR: This does not work from my phone in 414 land.] To the moderator and the forum member: Sorry, there was a typo. 1-800-MY-ANI-IS converts to: 1-800-692-6447 not 1-800-692-6647, as originally posted. My gracious thanks to Ed Frankenberry for making this observation. If the corrected number still does not work, please let me know. I have found this number to work from many phones around the country. However, I do not know whether it works from all phones or geographic areas. I also don't know who the sponsor of this service is or how long it will be available. I certainly encourage everyone to try it from their locations and send feedback to me on your success/failure. Thanks, -- John Featherman Privacy Newsletter PO Box 8206 Philadelphia PA 19101-8206 [moderator, a similar note was posted by wolit@lust.mh.att.com (Jan Wolitzky) and glr@rci.ripco.com (Glen L. Roberts)] ------------------------------ From: jjq@dice.ucl.ac.be (Jean-Jacques Quisquater) Date: 03 Oct 1994 14:34:38 GMT Subject: CARDIS '94: Smart Card Research Conference Organization: Laboratoire de Microelectronique - Universite Catholique de Louvain --------------------------------------------------------- CARDIS First Smart Card Research and Advanced Applications Conference Lille - France October 24-26, 1994 --------------------------------------------------------- PROGRAM COMMITTEE Martin Abadi, Ross Anderson, Benjamin Arazi, Todd Arnold Jacques Berleur, William Caelli, David Chaum, Vincent Cordonnier, Mark Cummings, Amos Fiat, Andr'e Gamache, Marc Girault, Louis Guillou, Joseph Hope, John Kennedy, Philippe Maes, Roger Needham, Jean-Jacques Quisquater, Laurent Sourgen, Doug Tygar, Michel Ugon, Klaus Vedder, Robert Warnar CONFERENCE PROGRAM --- CARDIS '94: --- --------------------------------------------------------- Monday, October 24, 1994 10:00-13:30 Registration, welcome coffee and lunch --------------------------------------------------------- 13:30-13:45 Introduction to CARDIS '94 (V. Cordonnier, J.-J. Quisquater) 13:45-14:30 Session 1: Invited paper about smart cards and society 14:30-16:00 Session 2: Security Making smartcard systems robust Ross Anderson (UCL, Cambridge) The RADAR concept using neural networks T. Alexandre (RD2P-LIFL, Lille) A security language for the card: The S-shell J.-M. Place and P. Trane (RD2P, Lille) --------------------------------------------------------- 16:00-16:30 Coffee break --------------------------------------------------------- 16:30-18:00 Session 3: Panel Future operating systems for smart cards? --------------------------------------------------------- Tuesday, October 25, 1994 08:30-09:00 Welcome coffee --------------------------------------------------------- 09:00-09:45 Session 4: Survey Architectures for smart cards J.-J. Quisquater (UCL, Louvain-la-Neuve) 09:45-10:45 Session 5: Conditional access for multimedia services OSCAR: Open and Secure Control of Access and Rights for broadcast and switched networks G. Mar'echal (Philips, Brussels) Equicrypt, an equitable access to multimedia services B. Macq, J.-Y. Mert`es and J.-J. Quisquater (UCL, Louvain-la-Neuve) --------------------------------------------------------- 10:45-11:15 Coffee break --------------------------------------------------------- 11:15-12:45 Session 6: Models of security Probabilistic authentication analysis J. Domingo-Ferrer (URV, Tarragona) An authorization model for personal databases C. Radu, M. Vandenwauver, R. Govaerts and J. Vandewalle (KUL, Leuven) Towards testability in smart card operating system design P. H. Hartel (U. of Amsterdam) and E. K. de Jong Frz (QC consultancy) --------------------------------------------------------- 12:45-14:15 Lunch --------------------------------------------------------- 14:15-15:00 Session 7: Invited paper about electronic cash 15:00-16:30 Session 8: Electronic cash A fast off-line electronic currency protocol for smart cards Lei Tang and J. D. Tygar (CMU, Pittsburgh) Off-line cash tranfer by smart cards S. Brands (CWI, Amsterdam) SCALPS, Smart Card Applied to Low Payment System J.-F. Dhem, J.-J. Quisquater and D. Veithen (UCL, Louvain-la-Neuve) --------------------------------------------------------- 16:30-17:00 Coffee break --------------------------------------------------------- 17:00-18:00 Session 9: Panel Research, progress and normalization: Is it compatible? --------------------------------------------------------- 20:00-... Banquet --------------------------------------------------------- --------------------------------------------------------- Wednesday, October 26, 1994 08:30-09:00 Welcome coffee --------------------------------------------------------- 09:00-10:30 Session 11: Servers for smart cards A universal server for smart cards P. Durant, J. Berube, G. Lavoie, A. Gamache, P. Arduoin, M.-J. Papillon and J.-P. Fortin (UL, Quebec) Wordwide smart card services J.-J. Vandewalle (R2DP, Lille) and A. Gamache (UL, Quebec) A smartcard fault-tolerant authentication server L. Blain and Y. Deswarte (LAAS, Toulouse) --------------------------------------------------------- 10:30-11:00 Coffee break --------------------------------------------------------- 11:00-12:15 Session 12: Panel From smart cards to nomadic objects Moderator: Vincent Cordonnier 12:15-12:30 Final remarks and closing --------------------------------------------------------- 12:30-... Lunch --------------------------------------------------------- The city of LILLE is about 150 miles away from PARIS. It can be reached: - From Paris by either motorway (two hours) or train (one hour). - From most european countries by train, motorway or plane. The conference will take place at the University of Sciences and Technology of Lille. Accomodation can be provided either on the campus or in the center of the city. The organization committee will provide maps and help for hotel reservation and travels. ACCOMODATION We have a 50 bedrooms pre-reservation in the ASCOTEL * * hotel located on the campus, a few meters away from the conference building. The university has an agreement with the hotel for special prices: Single 215 FF Double 250 FF Triple 300 FF Breakfeast (buffet) 38 FF Meals 85 FF CARDIS - ASCOTEL Boulevard Paul Langevin F-59650 VILLENEUVE D'ASCQ FRANCE TEL 33 20 43 82 82 FAX 33 20 05 39 93 --------------------------------------------------------- HOTEL RESERVATION FORM - CARDIS (To be mailed directly to the hotel) NAME ............................................ DATE OF ARRIVAL ................................. DATE OF DEPARTURE................................ ROOM RESERVATION SIMPLE DOUBLE TRIPLE PAYMENT BY CASH CHECK CREDIT CARD (The VISA credit card is the only one accepted by the hotel) Reservation: You must pay the first night to confirm your reservation --------------------------------------------------------- CONFERENCE REGISTRATION The registration form must be returned to: Vincent Cordonnier - CARDIS RD2P - Hopital Calmette CHRU de Lille F-59037 LILLE CEDEX FRANCE Email : cardis@rd2p.lifl.fr REGISTRATION FEES Participants : 1000 FF or 220 US$ including: Participation to the sessions Proceedings Tuesday night banquet Coffee breaks. Students or young researchers: 500 FF or 110 US$ Same services excepted the banquet. Payment can only be done by cash or check (The conference is not allowed to accept credit cards, even smart cards!) REGISTRATION FORM - CARDIS (To be mailed directly to V. Cordonnier) SURNAME .......................................................... FIRST NAME .......................................................... COMPANY .................................................. ADDRESS .......................................................... .......................................................... POSTAL CODE..........................CITY........................ COUNTRY .................................................. TEL ..................................FAX..................... EMAIL .................................................... Registration fee must be joined to this form ------------------------------ From: gmd@unislc.slc.unisys.com (Merrill Dodge) Date: 03 Oct 1994 19:22:12 GMT Subject: Genetic Testing Information Organization: Unisys Corporation SLC Yesterdays news contained considerable raving about some new genetic discovery of a gene that predisposes to breast and ovarian cancers. This gene can be used as a marker to see which women might be susceptible to these diseases in the future. No mention of any possible treatement as yet. The privacy issue I see is that insurance providers could use genetic testing, like this example, to deny people benefits. They would cite the marker as evidence of a "pre-existing condition" and thus deny coverage. Is there any legislation in place prohibiting insurance companys from using genetic information in benefit approval or payment? Would physicians who encounter genetic information about a patient be compelled to provide that information to insurance companies or employers even though such information could be used to deny that patient treatment or service? Could an insurance company, knowing that a policy holder could pass along a genetic disease, although the policy holder themself is unafflicted, deny maternity benefits to that policy holder. Would the risk of a yet unconcieved baby with a likelyhood of defect be more than they would want to take? I imagine this could also be used by employers to deny employment to applicants for fear that this would put company plans for insurance, disability and death benefits in jeopardy. I'm curious as to what other members of this group know or question about this topic. -- Merrill Dodge gmd@unislc.unisys.com ------------------------------ From: Paul Robinson Date: 30 Sep 1994 12:27:30 -0500 (EST) Subject: 2020 World - Erroneous Assumptions Organization: Tansin A. Darcos & Company, Silver Spring, MD USA Kurt Dahl announced his 2020 World Columm for the Seattle Times and a corresponding listserver for general chitchat on the same subject. He offers some suggestions including some comments that I hope are merely to raise people's consiousness, because some of the assumptions could be dangerous to people if taken as a serious suggestion. One concept here is so flat out wrong that it bears direct examination: It's the year 2020, your daughter Emily is 9 years old, and she can't read or write. Is this your worst nightmare about our schools come true? Nope, Emily just doesn't need to read or write anymore. The written word is a means to an end and not an end in itself. We use it to communicate with large groups and to preserve ideas, but we prefer the spoken word. In 2020world, with the ability to create, store and send audio and video as easily as written words, why would we need to read and write? 1. There are technical concepts and ideas that are not succeptible to the "MTV Generation" 30-second sound bite concept. When was the last time you heard about how the Soviets had supplied the Cubans in Africa with Calcium Cyanide, an odorless, colorless, tasteless gas that in small doses kills in 30 seconds, and in tiny doses causes instant permanent irreversible brain damage? If you waited for it on the TV news, you never saw it; the simple reason being that there are no pictures to show. 2. Yes, graphics and drawings can assist the printed word, but they cannot surpass it. For one thing, the average person can read faster than they can hear; two to three times as fast. The average 30 minute nightly newscast has about the information equivalent of the front page of one newspaper, which the average reader can get most of the information in 5 minutes, and get in depth in ten. 3. With training, people can learn to read as fast as 1,000 words per minute. There is no way video can increase the rate of retention of ideas because reading and visual analysis are done by two different halves of the brain. Read material can be stored and retained longer than visual material. Also, the average person only notices about 1/2 of what appears before them in an image, thus images would have to be made less complicated to be able to carry the information. 4. Text material takes less resources than graphic material does. One can display the entire text of, say, the Bible on an 8086 XT or any earlier computer, with 2 meg of storage space (or less if compression is used). To translate the Bible into images covering its entire text or into sound would require much more expensive equipment including graphics display and speech cards, plus graphics designers and speakers. 5. I can go to a library and pick up a copy of Upton Sinclair's "The Jungle" and read it, even if I pick up an original copy as published in 1906. I can't read a disk from a 1975 TRS-80 or even a 1983 Apple II because the technology has changed. It's estimated the government is losing the equivalent of millions of pages of information every year because the technology to read old tapes and disks is becoming obsolete, and because the media used to store the material is deteriorating. Books printed on acid-free paper and stored in low-light rooms (not high technology; easy for almost any library to provide), can last hundreds of years. 6. There is a risk with electronic media in that paper can be examined for alterations; electronic media can be altered in undetectable ways. I am waiting for some bright prosecutor to figure out that he can create fake video of crimes and use it to indict people on a government's list of undesirables; it's pretty hard to convince a jury that the movie of you robbing a convenience store or bank is actually a fake which has been created from wholecloth. 7. Video production requires more expensive equipment than words. Also, creating images takes longer than writing words to describe them. This makes writing much cheaper to produce than video. (I already pointed out that speech will always be slower than writing; good speech can reach 150 words per minute vs. an ordinary 300 wpm for a good reader, or as much as 1,000 for someone trained in speed reading.) 8. Words can be edited and synopsized textually with much less effort (and cost) than it takes to edit a sound recording or a video image. Typing a paragraph and revising it on a video screen is going to take less time than editing a 25 word sound bite on a tape or video editing system. Contrary to his original words, editing sound or video is _an order of magnitude_ more complicated than editing text. More information can be packed into a $6.95, 300-page paperback that can be produced in 50,000 copies for about $150,000 than can be done in a 2 hour movie that would cost $29.95 and require $75,000,000 to produce. 9. I can't do a grocery list by video. If it's recorded, I can't move around the entries as I'm in the store. If I have a grocery list encompassing 200 items, I can check off items as I find them; I can't do that with a tape recorded list. 10. Increases in technology have demanded _more_ education and better literacy. We still can't program computers by images; we have to have written words. 11. People without the capability to discover the actual background information of an issue are held hostage to those who can obtain it; those who have the information can set the dialog for the discussion of the issue. This is why many organizations that have agendas that the general public would oppose if they knew them have been so successful in spreading lies and half-truths about the issue in question or their actual intent; because in some cases you have to find the written materials to know what is going on, and in some cases you have to have a technical background to understand the issue. If the only way you can get information is via pictures and audio commentary, you are severely handicapped to those who can also add to their information via written materials. But what about education? Video can do anything books can do; well-produced video can do many things better. Which is the better way to learn about the Civil War -- reading a text for 10 hours or watching 10 hours of Ken Burns' PBS production on the Civil War? I automatically am suspect of anything released on PBS since I know its biases. What would be more interesting, in reading 10 hours of books, would be to find out what was removed when the video was made. The reading time for 10 hours can probably cover 600 pages of text, or in terms of coverage, probably at least twice the breadth of material that the Civil War series covered. Further, with the reduced cost of written materials over video, it is possible to find alternative viewpoints and more accurate material. For example, in all of the video (movies or cartoons) I've ever seen which attempt to depict the famous 1869 spike being laid at Promontory Point, Utah to signify the railroads being joined from coast to coast, it shows a man striking a hammer upon the spike. The books I've read indicate that, when the first try was made, the crowd laughed because the man missed the spike, as did the second man's attempt. The minor little issues like these, which show the in-and-out day-to-day reality of life is the sort of thing that works well in the printed word; it doesn't film well in video. 2020 is 26 years from now. Moving backward, 26 years ago was 1968. What has happened since then? The moon landing was 1 1/2 years away; Disco; The Internet; VCRs; Microwave Ovens; Gasoline Shortages. In 1967 people bought fewer books and read less than they do now. With more and more things being invented and discovered, this requires more material to cover it, not less. But there is one point he is correct upon; the average 9-year-old will be less educated than the 6-year-old of today because the public schools will be more expensive and less effective than they are now. By the time someone comes out of college, his 2-year or 4-year degree won't even be the functional equivalent of the high-school diploma of 1950. --- Paul Robinson - Paul@TDR.COM Reports on Security Problems: To Subscribe write PROBLEMS-REQUEST@TDR.COM Voted "Largest Polluter of the (IETF) list" by Randy Bush ------------------------------ From: "Prof. L. P. Levine" Date: 26 Sep 1994 12:45:51 -0500 (CDT) Subject: Info on CPD, Contributions, Subscriptions, FTP, etc. Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions generally are acknowledged within 24 hours of submission. An article is printed if it is relevant to the charter of the digest. If selected, it is printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the subject line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Older archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V5 #043 ****************************** .