Date: Mon, 23 Jan 95 19:10:12 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V6#008 Computer Privacy Digest Mon, 23 Jan 95 Volume 6 : Issue: 008 Today's Topics: Moderator: Leonard P. Levine Re: Tax Forms Display SSN on Mailing Label Is the Post Office Subsidized? Re: Opening Mail Re: Opening Mail Mail Marked "Refused" Offshore Privacy Re: Phone Numbers as IDs Radio Shack Respects My Privacy DOJ Computer Seizure Guidelines Taken from EPIC Alert 2.01 Info on CPD [unchanged since 12/29/94] ---------------------------------------------------------------------- From: daniel@genghis.interbase.borland.com (Dan Veditz) Date: 20 Jan 1995 22:32:34 GMT Subject: Re: Tax Forms Display SSN on Mailing Label Organization: Borland International wrote: It will take until more innocent tax payers have their SSNs used fraudulently that this insensitive practice will stop. It will take until more innocent **Congresscritters** have their SSNs used fraudulently. It'll take tons of us normal folks otherwise. -- Dan ------------------------------ From: Rich24@aol.com Date: 21 Jan 1995 00:44:29 -0500 Subject: Is the Post Office Subsidized? Does the Post Office make money or lose it on those post-paid blow in cards commonly seen in magazines? Would the Post Office reap a bonanza if everyone just dropped all those annoying blow in cards into the mail box with no information filled in? ------------------------------ From: madnix.uucp!zaphod@nicmad.nicolet.com (Ron Bean) Date: 21 Jan 95 11:12 CST Subject: Re: Opening Mail "David C. Frier" writes: Also, the analyses I've seen indicate that first-class mail costs MUCH less than 32 cents a piece to process, and it subsidizes your 6" a day of junk mail. It's strictly a matter of who has the better lobbyists, eh? Do you have references on this? I think the general assumption is that junk mail allows the overhead to be spread out over a larger volume. It's also usually pre-sorted, which saves the Post Office some time. Any evidence to the contrary would be most interesting. -- madnix!zaphod@nicmad.nicolet.com (Ron Bean) uwvax!astroatc!nicmad!madnix!zaphod ------------------------------ From: bear@fsl.noaa.gov (Bear Giles) Date: 23 Jan 95 17:55:47 GMT Subject: Re: Opening Mail Organization: Forecast Systems Labs, NOAA, Boulder, CO USA travis@netrix.com (Travis Low) wrote: Go to the post office which handles your mail and inform them that you are being harassed by a XXX at xxxxx address and you wish this to stop immediately. If I remember correctly, postal inspectors then notify the company that the mailings to you must stop or they will face stiff fines and federal prosecution. However, you must first have followed steps such as printing "REFUSED" clearly on the front of the mailings and having it returned to sender at least once First class mail will be returned to the sender if it can't be delivered; junk mail won't be. Postal carriers have the legal right to drop such mail into the trash can; the direct mailer will never get the refused mail and you'll have no legal grounds for a complaint. That's one reason why the bulk mail rate is lower than first class -- less service. The "obvious" solution is to mail it back to them registered, so they can't deny receiving it, but some companies refuse to accept unexpected registered mail. Can you say "sure you can serve a summons to me, but it will cost more than a few bucks in postage!"? Think any direct marketers would fall into this category? On the bright side, if you mail the first "refused" package back and the stuff keeps coming, the local post office will probably be much more willing to check it (verifying that you have, indeed, written "refused" on the package and mailed it to the proper address), and if the problem continues they can act. -- Bear Giles bear@fsl.noaa.gov ------------------------------ From: "Virginia Matzek" Date: 20 Jan 1995 16:01:13 PACIFIC Subject: Mail Marked "Refused" Organization: California Alumni Assoc. I got myself off the supermarket & other ciruclars by mailing a do-not-send notice to the address on the card that mandatorily accompanies the wad. My mail carrier knows that I don't get the stuff, also. However, you must first have followed steps such as printing "REFUSED" clearly on the front of the mailings and having it returned to sender at least once Can someone please elaborate or be more explicit on the procedure for getting off random junk mailings? If I get an unwanted solicitation for, say, a new credit card from Visa, can I just write REFUSED on it and put it back in the mailbox, or do I have to fill out some kind of card? And does the evil corporation get charged for the cost of sending/resending the mail to me? (I hope so--I'd relish the pleasure of sending THEM junk mail at THEIR expense! Tee hee!) The next time someone wants my signature on a digitizer pad I think I'll just sign with "X". The last time UPS came by our door, my boyfriend decided to scribble something unrecognizable. The UPS guy looked at it, said he couldn't read the signature, and asked him to try again. After three (totally different and thoroughly unconvincing) scribbled tries, the UPS guy gave up and punched my boyfriend's first and last name in on the manual punchpad. A small victory for privacy... +----------------------------------------------------------------+ | Virginia Matzek "I love being a writer. | | Associate Editor What I can't stand is the | | California Monthly paperwork." -- Peter De Vries | | | | vmatzek@alumni.berkeley.edu | | phone: 510/642-5781 fax: 510/642-6252 | +----------------------------------------------------------------+ ------------------------------ From: styvesan@cosricon.com Date: 21 Jan 95 03:41:09 EST Subject: Offshore Privacy Organization: Costa Rica Online In review of Computer Privacy Digest and the concerns of the forum members concerning caller ID blocking. My firm offers a private caller card that completely stops this problem. This card gives complete security to the caller and can be used from any phone. IT IS IMPOSSIBLE TO LOCATE THE CALLERS LOCATION OR NUMBER! If you have interest on this type of privacy or learning more about offshore privacy and the opportunities to operate in a tax-free environment, please contact us directly at: Trans-Atlantic Commercial Internet SJO-966 P.O.B. 025216 Miami, FL 33102 ATTN: Dr. Styvesant J. Fishdt or contact me here at: styvesan@cosricon.com We are an international consulting firm, specializing in legal work for the offshore corporation or individual who wishes to maintain privacy. I will gladly send you a free copy of our international newsletter " Financial Privacy News " Our newsletter also includes a list of our offshore publications for your information. Since I can't reach the Internet directly from Costa Rica, I don't know of the proper forums to sign on. Would you please be so kind to send this where you think it may provide the most information for those who need it. Thanking you in advance and looking forward to hearing from you. -- STYVESANT ------------------------------ From: bear@fsl.noaa.gov (Bear Giles) Date: 23 Jan 95 20:54:38 GMT Subject: Re: Phone Numbers as IDs Organization: Forecast Systems Labs, NOAA, Boulder, CO USA Mike Rollins wrote: With all due respects, I am a name not a number! Granted, but do you have any idea how many John Smiths, Jon Smythes, etc there are in the U.S.? Even "Mike Rollins" is unlikely to be unique. Worse, many of use have "reversible" names. "Giles" is my surname, but I've seen more people on the 'net who have it as their given name. My "legal" first name is also a surname; a coworker once claimed to have known someone with my name, reversed. Because data's occasionally entered incorrectly "Bruce Giles" and "Giles Bruce" are considered equivalent names -- both pass reasonable consistency checks. (Sigh, my middle name has the same property; my parents must have really hated me. :-) Or thought I would need a wide variety of aliases based on all permutations of my name.) Sure, individuals can be distinguished by looking at addresses, birthdays, etc., but it takes time. The additional time for each customer won't be much, but in aggregate it may require an extra 20-30% in staff, corresponding equipment (phone lines, terminals), etc. Or customers may be forced to wait 10 minutes for the "next available representative," instead of only 5 minutes. Phone numbers are convenient because they're relatively unique and there's no question of spelling. Account numbers would be better, but few people remember them unless they're on something like a credit card. (Even that doesn't work for people like me, who generally leave our credit cards at home unless we're specifically planning to make a purchase.) SSN's would also work, for U.S. nationals and resident aliens, but have the same problem as account numbers for others... to say nothing of the people who object to global use of SSNs as identification numbers. Finally, identifying a person by something like a phone number (or any other number) does *not* mean you'll be treated "like a number" (totally indistinguishable from other people) instead of a unique individual. In fact, since it gets the tedious work of identifying you out of the way companies can use it to highly personalize the interactions. (E.g., "Are you satisfied that the improper charge you reported last month was taken care of, Mr. Smith?"). On the other hand, I've dealt with some companies which couldn't be bothered with account numbers or the like, but which clearly had the attitude that if I didn't want to deal with them, someone else would. In the big picture, firms asking for a telephone number is a pretty minor concern because it solves as many problems as it causes. The only systemic problems (I see) are: 1) firms quietly collecting extra information on you -- your home, work and cellular numbers, not just a single point-of-contact #. 2) firms quietly sharing those numbers with other firms. I don't mind firms I actively deal with having my unlisted number, but I don't want them passing it along to others. Unfortunately, the "courtesy" is to help other companies, not the customer. Beyond that, maybe there are a few situations where I honestly do not want to end up on what I see as being the wrong mailing list, or even the wrong telemarketer's calling list. What happens if I do not want anyone to call me back? Well run companies will always have "escape" options. I've done that occasionally, where I would call for general information and when they ask for my account number I respond that I'm just trying to get a rate quote (or whatever). Most well-run companies don't mind this, since it saves *them* time as well. -- Bear Giles bear@fsl.noaa.gov ------------------------------ From: "Prof. L. P. Levine" Date: 23 Jan 1995 15:21:07 -0600 (CST) Subject: Radio Shack Respects My Privacy Organization: University of Wisconsin-Milwaukee In a recent visit to a local Radio Shack I saw, for the first time, a poster on the cash register with a picture of the big boss saying that Radio Shack Respects Your Privacy. He then goes on to discuss their long standing policy of asking for phone numbers. Seems that they might be getting the point, let's watch. -- Leonard P. Levine e-mail levine@cs.uwm.edu Professor, Computer Science Office 1-414-229-5170 University of Wisconsin-Milwaukee Fax 1-414-229-6958 Box 784, Milwaukee, WI 53201 PGP Public Key: finger llevine@blatz.cs.uwm.edu ------------------------------ From: Dave Banisar Date: 20 Jan 1995 21:08:18 EST Subject: DOJ Computer Seizure Guidelines Organization: Electronic Privacy Information Center EPIC Analysis of New Justice Department Draft Guidelines on Searching and Seizing Computers Dave Banisar Electronic Privacy Information Center The Electronic Privacy Information Center (EPIC) has obtained the Department of Justice's recently issued draft "Federal Guidelines for Searching and Seizing Computers." EPIC obtained the document under the Freedom of Information Act. The guidelines provide an overview of the law surrounding searches, seizures and uses of computer systems and electronic information in criminal and civil cases. They discuss current law and suggest how it may apply to situations involving computers. The draft guidelines were developed by the Justice Department's Computer Crime Division and an informal group of federal agencies known as the Computer Search and Seizure Working Group. Seizing Computers A major portion of the document deals with the seizure of computers. The draft recommends the use of the "independent component doctrine" to determine if a reason can be articulated to seize each separate piece of hardware. Prosecutors are urged to "seize only those pieces of equipment necessary for basic input/output so that the government can successfully execute the warrant." The guidelines reject the theory that because a device is connected to a target computer, it should be seized, stating that "[i]n an era of increased networking, this kind of approach can lead to absurd results." However, the guidelines also note that computers and accessories are frequently incompatible or booby trapped, thus recommending that equipment generally should be seized to ensure that it will work. They recommend that irrelevant material should be returned quickly. "[O]nce the analyst has examined the computer system and data and decided that some items or information need not be kept, the government should return this property as soon as possible." The guidelines suggest that it may be possible to make exact copies of the information on the storage devices and return the computers and data to the suspects if they sign waivers stating that the copy is an exact replica of the original data. On the issue of warrantless seizure and "no-knock warrants," the guidelines note the ease of destroying data. If a suspect is observed destroying data, a warrantless seizure may occur, provided that a warrant is obtained before an actual search can proceed. For "no-knock" warrants, the guidelines caution that more than the mere fact that the evidence can be easily destroyed is required before such a warrant can be issued. "These problems . . . are not, standing alone, sufficient to justify dispensing with the knock-and-announce rule." Searching Computers Generally, warrants are required for searches of computers unless there is a recognized exception to the warrant requirement. The guidelines recommend that law enforcement agents use utility programs to conduct limited searches for specific information, both because the law prefers warrants that are narrowly tailored and for reasons of economy. "The power of the computer allows analysts to design a limited search in other ways as well . . . by specific name, words, places. . . ." For computer systems used by more than one person, the guidelines state that the consent of one user is enough to authorize a search of the entire system, even if each user has a different directory. However, if users have taken "special steps" to protect their privacy, such as using passwords or encryption, a search warrant is necessary. The guidelines suggest that users do not have an expectation of privacy on commercial services and large mainframe systems because users should know that system operators have the technical ability to read all files on such systems. They recommend that the most prudent course is to obtain a warrant, but suggest that in the absence of a warrant prosecutors should argue that "reasonable users will also expect system administrators to be able to access all data on the system." Employees may also have an expectation of privacy in their computers that would prohibit employers from consenting to police searches. Public employees are protected by the Fourth Amendment and searches of their computers are prohibited except for ""non-investigatory, work related intrusions" and "investigatory searches for evidence of suspected work-related employee misfeasance." The guidelines discuss the Privacy Protection Act of 1980, which was successfully used in the Steve Jackson Games case against federal agents. They recommend that "before searching any BBS, agents must carefully consider the restrictions of the PPA." Citing the Jackson case, they leave open the question of whether BBS's by themselves are subject to the PPA and state that "the scope of the PPA has been greatly expanded as a practical consequence of the revolution in information technology -- a result which was probably not envisioned by the Act's drafters." Under several DOJ memos issued in 1993, all applications for warrants under the Privacy Protection Act must be approved by a Deputy Assistant Attorney General of the Criminal Division or the supervising DOJ attorney. For computers that contain private electronic mail protected by the Electronic Communications Privacy Act of 1986, prosecutors are advised to inform the judge that private email may be present and avoid reading communications not covered in the warrant. Under the ECPA, a warrant is required for email on a public system that is stored for less than 180 days. If the mail is stored for more than 180 days, law enforcement agents can obtain it either by using a subpoena (if they inform the target beforehand) or by using a warrant without notice. For computers that contain confidential information, the guidelines recommend that forensic experts minimize their examination of irrelevant files. It may also be possible to appoint a special master to search systems containing privileged information. One important section deals with issues relating to encryption and the Fifth Amendment's protection against self-incrimination. The guidelines caution that a grant of limited immunity may be necessary before investigators can compel disclosure of an encryption key from a suspect. This suggestion is significant given recent debates over the Clipper Chip and the possibility of mandatory key escrow. Computer Evidence The draft guidelines also address issues relating to the use of computerized information as evidence. The guidelines note that "this area may become a new battleground for technical experts." They recognize the unique problems of electronic evidence: "it can be created, altered, stored, copied, and moved with unprecedented ease, which creates both problems and opportunities for advocates." The guidelines discuss scenarios where digital photographs can be easily altered without a trace and the potential use of digital signatures to create electronic seals. They also raise questions about the use of computer generated evidence, such as the results of a search failing to locate an electronic tax return in a computer system. An evaluation of the technical processes used will be necessary: "proponents must be prepared to show that the process is reliable." Experts The DOJ guidelines recommend that experts be used in all computer seizures and searches -- "when in doubt, rely on experts." They provide a list of experts from within government agencies, such as the Electronic Crimes Special Agent program in the Secret Service (with 12 agents at the time of the writing of the guidelines), the Computer Analysis and Response Team of the FBI, and the seized recovery specialists (SERC) in the IRS. The guidelines reveal that "[m]any companies such as IBM and Data General employ some experts solely to assist various law enforcement agencies on search warrants." Other potential experts include local universities and the victims of crimes themselves, although the guidelines caution that there may be potential problems of bias when victims act as experts. Obtaining a Copy of the Guidelines EPIC, with the cooperation of the Bureau of National Affairs, is making the guidelines available electronically. The document is available via FTP/Gopher/WAIS/listserv from the EPIC online archive at cpsr.org /cpsr/privacy/epic/fed_computer_siezure_guidelines.txt. A printed version appears in the Bureau of National Affairs publication, Criminal Law Reporter, Vol. 56, No. 12 (December 21 1994). About EPIC The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues relating to the National Information Infrastructure, such as the Clipper Chip, the Digital Telephony proposal, medical record privacy, and the sale of consumer data. EPIC is sponsored by the Fund for Constitutional Government and Computer Professionals for Social Responsibility. EPIC publishes the EPIC Alert and EPIC Reports, pursues Freedom of Information Act litigation, and conducts policy research on emerging privacy issues. For more information email info@epic.org, or write EPIC, 666 Pennsylvania Ave., S.E., Suite 301, Washington, DC 20003. +1 202 544 9240 (tel), +1 202 547 5482 (fax). The Fund for Constitutional Government is a non-profit organization established in 1974 to protect civil liberties and constitutional rights. Computer Professionals for Social Responsibility is a national membership organization of people concerned about the impact of technology on society. For information contact: cpsr-info@cpsr.org. Tax-deductible contributions to support the work of EPIC should be made payable to the Fund for Constitutional Government. _________________________________________________________________________ Subject: DOJ Computer Siezure Guidelines _________________________________________________________________________ David Banisar (Banisar@epic.org) * 202-544-9240 (tel) Electronic Privacy Information Center * 202-547-5482 (fax) 666 Pennsylvania Ave, SE, Suite 301 * ftp/gopher/wais cpsr.org Washington, DC 20003 * HTTP://epic.digicash.com/epic ------------------------------ From: tc@epic.org (Dave Banisar) Date: 22 Jan 1995 12:00:41 -0400 Subject: Taken from EPIC Alert 2.01 Organization: Electronic Privacy Information Center Volume 2.01 January 18, 1995 Published by the Electronic Privacy Information Center (EPIC) Washington, DC info@epic.org ======================================================================= A Portion of the Table of Contents ======================================================================= [1] Nader Speaks to Privacy Advocates [2] European Privacy Directive Moves Forward [6] IRS Initiates New Database System [8] Upcoming Conferences and Events ======================================================================= [1] Nader Speaks to Privacy Advocates ======================================================================= Consumer advocate Ralph Nader urged privacy activists and academics to put a "hard edge on the privacy movement" at a meeting sponsored by the Electronic Privacy Information Center and the Privacy Journal in Washington, DC in mid-January. The conference brought together more than thirty leading privacy experts and advocates from across the country. The group discussed prospects for privacy reform in the new Congress and efforts to support local and international privacy initiatives. Mr. Nader, who thirty years ago won a landmark privacy case against General Motors, said it was time to "name names" and present the "rogues gallery" of privacy violators. He noted that greatest privacy invaders are "super private." "They know everything about you, and you have no idea who they are." Mr. Nader said that privacy advocates need to hold government and corporate privacy violators accountable. "Invasions of privacy are a system of control that must be challenged," said Mr. Nader. The group also heard from Hill staffpeople, members of the Administration and other about prospects for privacy reform. Among the issues discussed were medical record privacy, privacy protection for the information infrastructure, Intelligent Transportation Systems, and consumer privacy. The group agreed to take specific action to oppose the $500 million appropriation for the FBI wiretap bill, to support efforts to improve medical record privacy, and to work together on privacy efforts around the country. ======================================================================= [2] European Privacy Directive Moves Forward ======================================================================= The Council of Ministers of the European Community have adopted a common position on the European data protection directive. As a result, the directive will now go to the European Parliament for a second reading. The directive is considered to be on a fast track for adoption. The directive is significant for European privacy because it will require changes in existing privacy laws and necessitate the adoption of privacy safeguards in the remaining European countries that do not yet have legislation. According to Professor Joel Reidenberg of Fordham Law School, "The common position takes a stronger position on data protection than existing national laws. There are also important implications for the United States. The directive will result in greater scrutiny of countries without a data protection commission and without adequate legislative protections." ======================================================================= [6] IRS Initiates Massive New Database ======================================================================= On December 20, the Internal Revenue Service announced in the Federal Register that it was planning a new database to monitor compliance of taxpayers in a project entitled Compliance 2000. The database would contain information on all individuals in the U.S. who conduct certain financial transactions and would be segmented by different criteria: Any individual who has business and/or financial activities. These may be grouped by industry, occupation, or financial transactions, included in commercial databases, or in information provided by state and local licensing agencies. The new database will combine private and public sector databases in a single searchable entity. A number of federal financial databases from the IRS will be enhanced with state, local and commercial sources. The Federal Register notice describes the non-tax databases: Examples of other information would include data from commercial databases, any state's Department of Motor Vehicles (DMV), credit bureaus, state and local real estate records, commercial publications, newspapers, airplane and pilot information, U.S. Coast Guard vessel registration information, any state's Department of Natural Resources information, as well as other state and local records. In addition, Federal government databases may also be accessed, such as, federal employment files, federal licensing data, etc. Finally, even though the proposed system would use frequently inaccurate "commercial databases" such as direct marketing records, taxpayers would not be able to review their records to ensure that they are accurate and up to date: "This system is exempt from the access and contest provisions of the Privacy Act." EPIC is filing comments asking the IRS to reconsider its use of commercial databases and to ensure that there are greater safeguards on the collection and use of personal information. A copy of the Federal Register notice is available at cpsr.org /cpsr/privacy/epic/IRS_compliance_2000_notice_txt Comments on the proposed system must be received by January 19, 1995, and sent to Office of Disclosure, Internal Revenue Service, 1111 Conn. Ave, NW, Washington, DC 20224. EPIC's Comments are available at cpsr.org /cpsr/privacy/epic/epic_irs_compliance_2000_comments.txt ======================================================================= [8] Upcoming Privacy Related Conferences and Events ======================================================================= Privacy, The Information Infrastructure and Healthcare Reform. Ohio State University, Columbus, OH, Jan. 27. Contact: vberdaye@magnus.acs.ohio-state.edu. Cryptography: Technology, Law and Economics. New York City. Mar. 3, 1995. Sponsored by CITI, Columbia University. Contact: citi@research.gsb.columbia.edu Towards an Electronic Patient Record '95. Orlando, FL. Mar. 14-19, 1995. Sponsored by Medical Records Institute. Contact: 617-964-3926 (fax). Access, Privacy, and Commercialism: When States Gather Personal Information. College of William and Mary, Williamsburg, VA, March 17. Contact: Trotter Hardy 804 221-3826. Computers, Freedom and Privacy '95. Palo Alto, Ca. Mar. 28-31, 1995. Sponsored by ACM. Contact: cfp95@forsythe.stanford.edu. ETHICOMP95: An international conference on the ethical issues of using Information Technology. DeMontfort University, Leicester, ENGLAND, March 28-30, 1995. Contact: Simon Rogerson srog@dmu.ac.uk 44 533 577475 (phone) 44 533 541891 (Fax). National Net '95: Reaching Everyone. Washington, DC. Apr. 5-7, 1995. Sponsored by EDUCOM. Contact: net95@educom.edu or call 202/872-4200. Information Security and Privacy in the Public Sector. Herdon, VA. Apr. 19-20, 1995. Sponsored by AIC Conferences. Contact: 212/952-1899. 1995 IEEE Symposium on Security and Privacy. Oakland, CA, May 8-10. Contact: sp95@itd.nrl.navy.mil. INET '95. Honolulu, HI. June 28-30, 1995. Sponsored by the Internet Society. Contact inet95@isoc.org. Key Players in the Introduction of Information Technology: Their Social Responsibility and Professional Training. July 5-6-7, 1995. Namur, Belgium. Sponsored by CREIS. Contact: nolod@ccr.jussieu.fr. Advanced Surveillance Technologies. Sept. 5, 1995. Copenhagen, Denmark. Sponsored by Privacy International and EPIC. Contact pi@epic.org. (Send calendar submissions to Alert@epic.org) ======================================================================= The EPIC Alert is a free biweekly publication of the Electronic Privacy Information Center. To subscribe, send the message: SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname to listserv@cpsr.org. You may also receive the Alert by reading the USENET newsgroup comp.org.cpsr.announce. Back issues are available via FTP/WAIS/Gopher/HTTP from cpsr.org /cpsr/alert and on Compuserve (Go NCSA), Library 2 (EPIC/Ethics). An HTML version of the current issue is available from epic.digicash.com/epic ------------------------------ From: "Prof. L. P. Levine" Date: 29 Dec 1994 10:50:22 -0600 (CST) Subject: Info on CPD [unchanged since 12/29/94] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the SUBJECT: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Older archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V6 #008 ****************************** .