Date: Tue, 17 Jan 95 08:32:46 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V6#006 Computer Privacy Digest Tue, 17 Jan 95 Volume 6 : Issue: 006 Today's Topics: Moderator: Leonard P. Levine Re: Opening Mail Re: Opening Mail Re: Opening Mail Re: Opening Mail Corporate e-Mail Privacy Policies Re: Signature Digitizers Re: Signature Digitizers Re: Tax Forms Display SSN on Mailing Label Current Status/options, was Re: CallerID Opinion Police and Privacy Inns Law ? Request for Privacy/Free Speech URLs Info on CPD [unchanged since 12/29/94] ---------------------------------------------------------------------- From: "David C. Frier" Date: 13 Jan 1995 10:39:52 -0500 Subject: Re: Opening Mail Organization: Express Access Online Communications, USA On 12 Jan 1995, Travis Low wrote: A correction to an earlier post: I believe the post office does not get any taxpayer dollars, but rather, its income derives only from user fees (stamps, etc.). In fact, I believe that junk mail subsidizes first class mail. If this is so, then the post office has scant motivation to stem this tide. The post office gets a government-granted monopoly on mail service, which may be even better than a $$ subsidy, eh? They can make you put 32 cents postage on that FedEx letter, too. Also, the analyses I've seen indicate that first-class mail costs MUCH less than 32 cents a piece to process, and it subsidizes your 6" a day of junk mail. It's strictly a matter of who has the better lobbyists, eh? -- David -=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=- Life is complex: part real, part imaginary. #*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*# GB/CM d++(-) H- s+:+ g+ p+ w+ a37 v++ C+++$ N++ U--- W+ M-- -po+ Y+ f t-- j++3 tv- b+++ B--- e+ h---- u** y++++ r+++ n--- ------------------------------ From: "Dennis G. Rears" Date: Fri, 13 Jan 95 10:48:38 EST Subject: Re: Opening Mail ddg@cci.com (D. Dale Gulledge) writes: It is not the offer arriving in the mail that is an invasion of privacy. The personal information that they are using for their mailing lists is. travis@netrix.com (Travis Low) writes: It is also the *pile* of offers that are an invasion of privacy. How does this invade your privacy? I agree it is a nuisance but invasion of privacy. Just toss it. I get 6" of mail per day, since my way-deceased father was a direct marketer's dream. All attempts to stop the flow of junk mail have failed. How long have you tried to get his name off the lists? This seems hard to believe because most catalog companies will remove names as soon as they find out a person is dead. It costs them real money to send it out. I can see one issue of a catalog being sent after notice is recieved because of the time lag involved in printing out mail labels. I can get an unlisted phone number and distribute it in a controlled fashion. Why not my address? You can. The difference is you give your address to more people than your phone number. Anyone who provides you with service or goods that bills you has it. Also just like some telemarketers will call any number in a switch the same with bulk mail advertising. I have both a PO box and a regular address. My pet peeve is the weekly mailing of supermarket circulars. At my Post Office the large trash cans are full of these by 10:00 AM of the day they are delivered. I believe I should have the option to refuse all direct mail marketing. You don't. Your belief is irrelavant. Check with the Post Office. You don't have the right to refuse it. I tried, I talked with the postmaster and he showed me the Postal Regulations. A correction to an earlier post: I believe the post office does not get any taxpayer dollars, but rather, its income derives only from user fees (stamps, etc.). In fact, I believe that junk mail subsidizes first class mail. If this is so, then the post office has scant motivation to stem this tide. True. I have heard estimates that the cost of mailing a first class letter would increase by 50% if junk mail didn't exist. dennis P.S. BTW, what does this have to do technology and privacy (the charter of this group)? ------------------------------ From: keywest54@aol.com (KEYWEST54) Date: 16 Jan 1995 10:35:18 -0500 Subject: Re: Opening Mail Organization: America Online, Inc. (1-800-827-6364) The US Post Office is the worst offender as a junk mail source. The Postal Service sells the change of address cards submitted to a "clearinghouse". This is why the junk (et al) seems to follow you everywhere. A good book on this subject is Who Owns Information? by Barbara Branscomb. ------------------------------ From: travis@netrix.com (Travis Low) Date: 16 Jan 1995 19:16:56 GMT Subject: Re: Opening Mail Organization: Netrix Corporation Forwarded Post..... From: hughn@ssd.fsi.com (Hugh Niewoehner) It is also the *pile* of offers that are an invasion of privacy. I get 6" of mail per day, since my way-deceased father was a direct marketer's dream. All attempts to stop the flow of junk mail have failed. The information is repropagated within weeks. (Though the datum that my father and his wife are dead seems to perpetually escape the mail houses.) The next time I move, I will change all of my credit cards and I will not file a change of address with the post office. Please pardon the direct reply but my company service provider has problems posting to USENET. 1st. a qualifer, my wife worked ten years at the post office as an LSM operator and happily departed there a management trainee. She told me that if a company sends you repeated mailings after you have told them you want it to stop. Go to the post office which handles your mail and inform them that you are being harassed by a XXX at xxxxx address and you wish this to stop immediately. If I remember correctly, postal inspectors then notify the company that the mailings to you must stop or they will face stiff fines and federal prosecution. This is true of both personal and company mail. It envolves something about federal harassment laws. However, you must first have followed steps such as printing "REFUSED" clearly on the front of the mailings and having it returned to sender at least once. Ask at the PO for specifics, they should be willing to give them to you. If not, ask for the Office Post Master. Remember, as far as the PO is concerned, if you don't tell them otherwise they assume you want this mail. Feel free to forward this to the newsgroup if you wish. =============================================================== |Hugh Niewoehner | FlightSafety International | |Sr. Engineer - Avionics Systems | Simulator Systems Division | |hughn@ssd.fsi.com | Broken Arrow, OK 74012 | |-------------------------------------------------------------| | My statements are my own and not those of FSI-SSD. | | Whether I believe them or not is open to debate. | =============================================================== ------------------------------ From: bthayer@cs.ida.org (Brad Thayer) Date: 13 Jan 95 14:07:19 GMT Subject: Corporate e-Mail Privacy Policies Organization: Institute for Defense Analyses Our company is beginning to develop a policy on electronic media privacy including e-mail and saved e-mail files (long overdue in my opinion). Early drafts imply that basically nothing is private, as long as the company has a business reason to examine the files. I am bothered by this and would like to hear from others on their companies policies on this issue. In particular, I would like to see if there is a consensus on e-mail being treated as phone conversations are, ie, private unless specific legal reasons exist for tapping them. I really don't want to stir up the issue of whether even this is legit - I can only fight one issue at a time. Please either post to these groups or e-mail me directly. If I get a sufficient response, I will summarize and post the results back to the net. Thanks in advance for your insights. -- Bradley D. Thayer, Ph. D., Rebel without a cause bthayer@ida.org (e-mail) 1801 N. Beauregard st. 703-845-2295 (voice) Alexandria, VA 22311 703-845-6911 (fax) Is a glass half-empty or half-full? Depends on whether you are thirsty or not. ------------------------------ From: "Vinod Narayanan" Date: 13 Jan 95 09:20:07 -0500 Subject: Re: Signature Digitizers I confronted a Sears employee when asked to sign on the tablet and was told that Sears was now "paperless" on charges - the store keeps no paper record of the transaction (which apparently was true, the printer only printed one receipt - mine, instead of the two copies that have become the norm) Service Merchandise seems to have adopted a similar policy, when I last shopped there couple of months back. When I refused to sign on the digitizer, the clerk called the manager, who tried to tell me that the "signature does not go to the computer". After a few minutes of discussion about the veracity of that statement, he had the clerk print out a duplicate receipt, which I signed for them to keep. Had I signed the digitizer, they would not have had a paper copy of my signature. It appears that the store has no means of reproducing the receipt with my signature; the signature is uploaded directly to some "central" database. -- vinod email: vinod@watson.ibm.com ------------------------------ From: Paul Robinson Date: 13 Jan 1995 14:56:12 -0500 (EST) Subject: Re: Signature Digitizers Organization: Tansin A. Darcos & Company, Silver Spring, MD USA On 9 Jan 1995, mcdunbar wrote: On another subject... I called the local cable company to get service installed. They wanted my SSN. "David C. Frier" , writes: They'll use it as a quick & dirty ID/security check if you call to order new services or pay-per-view events. You request something that costs extra, they ask you for your SSN, if they match you get what you wanted. Not very secure but probably better than nothing. Any ideas what would be better (and the proto-human clerkoids who answer the phone for the cable companies must be able to operate the system)? You could probably give them a made-up 9-digit sequence as long as you're sure you'd remember it when you needed it. Or, more likely, which is becoming common for automated ordering of Pay Per View, is to assign an event a telephone number (an 800 number is used where Caller-ID isn't available) and when you call that number, your phone number is cross referenced against your account to know who is to be enabled for the service. Using phone numbers is simple enough and should be non-intrusive, since if there is a problem they can't handle right away, they would need to call you back anyway. ------------------------------ From: privacy@interramp.com Date: 14 Jan 95 11:22:35 PDT Subject: Re: Tax Forms Display SSN on Mailing Label Organization: PSI Public Usenet Link writes: Just got my 1040 stuff in the mail, and there it is, plain as day right above my address: my SSN. Personally, I think that's a bit public... Does the SSA have any sort of rules on other govt. agencies "displaying" an individual's SSN? [signed] Kevin who's lucky that the number was there; there must be at least 42 Kevin Rosses at this address... In the Fall, I spoke to Robert Veeder, the "Privacy Advocate" for the Internal Revenue Service. He informed me that the IRS is "looking into" solving this issue, but that it may not be resolved for a few more years. He suggested that some sort of bar code might replace the SSN. Please note that most state governments and city governments use the same practice for their tax collections. My suggestion is that we start a grassroots movement to remove these practices. I will be developing a form letter that individuals can send to their legislators. It will take until more innocent tax payers have their SSNs used fraudulently that this insensitive practice will stop. If you know of such occurrences, please send them to me, as I am compiling a list of abuses to foward to the appropriate lawmakers. -- John Featherman Privacy Newsletter PO Box 8206 Philadelphia PA 19101-8206 215-533-7373 privacy@interramp.com ------------------------------ From: dannyb@panix.com (danny burstein) Date: 14 Jan 1995 15:42:01 -0500 Subject: Current Status/options, was Re: CallerID Opinion Organization: mostly unorganized doug@cc.ysu.edu (Doug Sewell) writes: [after a lot of back and forthing discussing the usual points about caller id, doug said the following:] As for a blocked-call defeater, it's my understanding from talk in comp.dcom.telecom.tech and other places that the CNID information is not sent down the line from the switch if the information is blocked, it stops there. If this is the case, then modifying a CNID box to ignore the block bit won't do it. It's hard to tell whether this offer is a scam, or technological ignorance, or based on an old CNID spec. Calling Number ID (CNID) -is- sent ALL THE WAY across the phone link. If you have privacy enabled, it gets stopped at the FINAL central office which then sends out a "privacy" indicator to the called number. So there's nothing the person being called can do to break through this and figure out who is calling. The data stream just isn't there. There are two useful options to handle privacy enabled phone calls: a) in -some- areas, the local telco offers a service called (something like) "anonymous call rejection". If you have this, then people calling you with their privacy flag in place will get a message, from your local telco, to the effect of "the person you are calling will not take blocked calls. please hang up and redial without it in place." Note that you will -not- get a ring or any other notification that they tried calling. b) Also, there are some CNID boxes which have this function built in. I have the CD1000 from SEARS (yes, Sears), $80, made by Colonial Data Technologies of New Milford, Ct., and manufactured in CHina. I can toggle it to give a similar message when any "private" calls come in. My phone -will- give a single ring (the "pre-cnid ring") and then the box picks up. IMPORTANT: I have toggled -OFF- the blocker because many of the no-name coin phones in this area are set up for CNID disable, which meant a lot of people calling me couldn't get through. -- Knowledge may be power, but communications is the key dannyb@panix.com (or dburstein@mcimail.com) ------------------------------ From: WHMurray@DOCKMASTER.NCSC.MIL Date: 15 Jan 95 18:35 EST Subject: Police and Privacy VANCOUBER -- Every year, some police officers in every province are accused of misusing confidential information that they are authorized to obtain, and the RCMP says it cannot figure out how to tighen security. I recall a visit to the headquarters of the state police of a small but populous northeastern US state. They snickered whtn they told me that inquiries into their system were dramatically higher in those communities where auto insurance companies were domiciled. The implication was that police officers were moon-lighting by selling information to the insurance companies. They were outraged at all suggestions for ending this abuse. All suggestions met with the objection "That might discourage an officer from making an inquiry that would save his life." In another headquarters in a southern state, I was told that access to the central system was restricted "only to sworn officers," of which the state only had a small army. The FBI is simply unable to comprehend why congress opposed their proposal for a national police information system. They cannot understand why CLIPPER and the wire tap law inspire such popular fear. The police have no interest in the security of their systems; it is not consistent with their view of the purpose of the system. Rather, it is a nuisance imposed on them by the political authorities as the price for having the system. Even when they consent to it, their view of it is so distorted as to exclude much of what the citizen might otherwise reasonably expect. The citizen's right to privacy will never make their list. Much of what we would consider abusive, they see as perfectly legitimate. Computers are now so cheap that any hope of civilian control to curb police abuse is gone forever. The FBI no longer has to ask congress for funds; they fund what they want out of RICO funds. -- William Hugh Murray New Canaan, Connecticut ------------------------------ From: SDBM18A@prodigy.com (Charlie Allen) Date: 17 Jan 1995 07:18:04 GMT Subject: Inns Law ? Organization: Prodigy Services Company 1-800-PRODIGY I cought the end of an NPR story on Inns Law. (sp?) I thought this would be the place to find out about it. The story was a little shocking to say the least.Had Big-Bro stamped on it. If you have insight on this please post. Thanks, Charlie. ------------------------------ From: hayden@krypton.mankato.msus.edu (Robert A. Hayden) Date: 16 Jan 1995 18:58:26 GMT Subject: Request for Privacy/Free Speech URLs Organization: Mankato State University -----BEGIN PGP SIGNED MESSAGE----- On the request of a few law-related professors and other faculty, I'm trying to put together a web page that brings together resources from all over the net that are related to issues of free speech, privacy, libel, censorship, etc. If you have a few URLS with materials related to the above, I'd appreciate it if you could drop them in an emailee to me. Basically, any URL that ends up pointing to issues of rights and rules on the net, and possibly related software (such as PGP and the like). Thanks much :-) -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLxq8aTokqlyVGmCFAQGPXwP+LpyRgw+fuV4HXzt3ObGyu4ME8XsgBbRz Z2yyhVsbeK9DnhJuYPRiaHGjOmO3rl+9qmjisxbmQA8YkmKIyIGB8ViP7RKLoUlg vCUzr00AbQHc9SZKuuQCyOSHirDNZfc/3A92U1MsEXZl/gACoNxOq3+uSqyE9LWu bQrXW4xbl+0= =2H+w -----END PGP SIGNATURE----- -- ____ Robert A. Hayden <=> hayden@krypton.mankato.msus.edu \ /__ -=-=-=-=- <=> -=-=-=-=- \/ / Finger for Geek Code Info <=> I am Pentium of Borg \/ Finger for PGP Public Key <=> you will be approximated ------------------------------ From: "Prof. L. P. Levine" Date: 29 Dec 1994 10:50:22 -0600 (CST) Subject: Info on CPD [unchanged since 12/29/94] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the SUBJECT: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Older archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V6 #006 ****************************** .