Date: Thu, 16 Feb 95 07:20:06 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V6#018 Computer Privacy Digest Thu, 16 Feb 95 Volume 6 : Issue: 018 Today's Topics: Moderator: Leonard P. Levine Innacurate Personal Information Re: Phone Users Slam Dunked Re: Requests for Home Phone Numbers Equifax Promises to Improve Privacy Protection Looking for Phones to Auto-block Caller-ID DigiCash Press Release Unemployment Fraud in Germany Re: Tracking of News and WWW Routes Overview of legislation Re: Radio Shack and Privacy Re: Radio Shack and Privacy Re: Radio Shack and Privacy Re: Radio Shack and Privacy Re: Radio Shack and Privacy "Cyber-bate" at Washington University Transcript of NYC Clipper Debate Re: Post Office Partially Limits Address Access Re: How Can I Change This? Re: How Can I Change This? Mailing Lists & Personal Information Letter to Jesse Helms in Re UN Sponsored Gun Control Info on CPD [unchanged since 12/29/94] ---------------------------------------------------------------------- From: Kajae@aol.com Date: 11 Feb 1995 12:42:53 -0500 Subject: Innacurate Personal Information rcs@cs.arizona.edu (Richard Schroeppel) writes: A couple of people have suggested that, whenever a credit bureau mails out a report, they should cc the reportee; the requester pays for the extra copy. This seems fair, and it may be a good idea. There are two downsides to be aware of. I don't know how they balance out...[snip] The IRS has announced a goal of collecting enough information about us to form a personal profile...[snip] It's one thing to be in the Who's Who when you want to, but quite another to be required to report the information and swear to it. I agree. Perhaps an alternative in addition to this would be an idea that a previous poster had that we make credit bureaus compete for our reports, and penalize them for innacuracies by threatening to take our report elsewhere. This of course would be predicated on the fact that 1) we as individuals would have to be legally enpowered to have ultimate posession of that information and 2) there would have to be an optimum number of credit bureaus (between 1 and 4?) to provide enough competition between bureaus so that they would be forced to provide customers with good service, while not so many as to encite confusion or provide increased opportunity for fraud. We'll need our beloved Congress to pass the appropriate legislation for that. Now, any ideas about how to convert credit reporting into more of an individual consume r-oriented market? That would seem to be the next logical step, and if we can solve those two problems, we can move on to eliminating the deficit... :-) Accuracy of the report would ultimately have to fall on us. It shouldn't be too hard to keep credit info straight, since banks and credit card companies already send us monthly statements, and we can always hold on to our reciepts for large cash purchases. I imagine it could be at the individuals discretion as to how closely they want XYZ credit bureau to track their spending habits, but if at the beginning or end of each month when we sit down to balance our checkbooks and reconcile the credit cards, ATM cards, savings accounts & such, we fixed billing snafus then had XYZ credit bureau verify it with us and our respective financial agencies so that all parties are in agreement as to what's what where, accuracy shouldn't be the hassle it is today. As far as the IRS is concerned (and for some reason I always grit my teeth when I cut the government some slack) the estimate for tax fraud is, IMHO, rather outrageous, and I personally detest the notion of someone getting away with all of their income and then some while all my beloved government agencies can manage to extract their aggregate 30% or better from my paycheck without fail. Perhaps if my above suggestion was a reality, the IRS could take our W2's, cross reference them against our YTD credit report (which would also include property holdings and such) and greatly simplify our end of the annual tax reporting ritual while providing them with their profile - true, accurate, and in the posession of the most interested party: us. Hmph. Why does that sound entirely too simple to work? ------------------------------ From: tomkaiser@aol.com (Tomkaiser) Date: 12 Feb 1995 12:43:44 -0500 Subject: Re: Phone Users Slam Dunked Organization: America Online, Inc. (1-800-827-6364) Its that kind of activity that validates this group, however deregulation and divestiture caused this to happen intentionally and accidently many times, hurting the carriers involved and their customers. A small private detective would have to either become a reseller or front some substantial capital to deal with the rboc's who would do the local connection (until that becomes a free for all, it has started here in NY already). Lets hope nobody tries it! -- Tom Kaiser (Tomkaiser@aol.com) ------------------------------ From: mjh9@lehigh.edu Date: 12 Feb 1995 20:49:42 -0500 Subject: Re: Requests for Home Phone Numbers There is also a nuance of difference between alias and false name. An alias is a name that you choose to use for a particular purpose, as opposed to a false name made to disassociate yourself from something. The legal right of canadians to use any alias they choose in most financial transactions has been widely publicized over the decades. My first recollection of reading this was as a teenager in the 60s. Paul Robinson writes This is also a right that exists "south of the border" in the U.S. [snip] Generally, if a person decides that they want to change their name, all they have to do is to inform people of their new name; they can, if they wish, file a court petition to do so, which is almost always routinely granted, but that is typically done only because they want it to be a matter of public record, or if the person having their name changed is a minor, in which case it is required. I have a question about using an alias in the U.S. I work in our campus post office (which handles both campus and U.S. Mail), and often put mail in the mail in student's boxes. One thing that my supervisor has told me on several occasions, it that I must make sure that the name on the mail matches the the name on the box that it is addressed to. In one sense this makes sense, students come and go, so boxes change from one person to another each semester. However, this makes it almost impossible to receive mail under an alaids that the post office is not aware of. Is this policy used anywhere else, and is it even legal? Any input is appreciated. But I suppose something you might consider possibly fraudulent would be the case where someone intentionally uses the last name of someone they know in place of their own. Of course, some people do use alaises frodulently, and we try to protect against that at the post office. It seems that it is rather common for people to try to cheat the Music Destributor companies (BMG, Columbia House...) by using alaises. I guess that the post office would then become involved as the fraud is occuring through the mail. -- Mario Hendricks mjh9@lehigh.edu ------------------------------ From: "Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com> Date: 13 Feb 95 07:44:59 EST Subject: Equifax Promises to Improve Privacy Protection From the Associated Press news wire via CompuServe's Executive News Service: APn 02/09 0411 BRF--Credit Reports WASHINGTON (AP) -- Equifax Credit Information Services Inc., one of the nation's largest consumer credit reporting agencies, has agreed to settle Federal Trade Commission charges over the accuracy and privacy of its reports. The FTC had alleged that Equifax violated the Fair Credit Reporting Act by failing to ensure "the maximum possible accuracy" of the consumer information it compiles and sells to employers and creditors nationwide. The story continues with the following key points: * When subjects disagreed with their credit records, Equifax was accused of not checking into the facts of their cases. * Equifax was also accused of failing to apply adequate controls over release of subject information. * Equifax has promised to improve its procedures: A proposed settlement the FTC announced Wednesday would require Equifax to take steps to ensure the accuracy of its information, improve procedures for handling disputes and follow the reporting act's privacy provisions. * The public have 60 days to submit comments to the FTC. -- M.E.Kabay,Ph.D., Director of Education, Natl Computer Security Assn (Carlisle, PA); Mgmt Consultant, LGS Group Inc. (Montreal, QC) ------------------------------ From: jeffn@meaddata.com (Jeff Nye) Date: 13 Feb 1995 17:05:18 GMT Subject: Looking for Phones to Auto-block Caller-ID Organization: Mead Data Central, Dayton OH My phone line has caller ID and I would prefer not to pay a monthly fee to have it blocked. I'd like to block caller ID by default on all outgoing calls, which in my area, means dialing "*67" before each outgoing call. My computer's telecommunications software allows a "dial-prefix" to be prepended to all outgoing calls. Does anyone know of any telephones which do this? -- Jeff Nye ------------------------------ From: DigiCash Info Date: 14 Feb 1995 19:20:14 +0100 Subject: DigiCash Press Release ********************* FOR IMMEDIATE RELEASE ********************* Tuesday, February 14, 1995 London, England copyright (c) 1995 by DigiCash bv **************************************** DIGICASH ANNOUNCES COST BREAKTHROUGH IN SECURE CHIP TECHNOLOGY FOR SMART CARDS DigiCash also works together with MasterCard on EMV compliant technical testbed **************************************** DigiCash bv, Amsterdam, has developed new technology allowing low-cost chips to meet the security and integrity requirements for widespread use of smart cards. "It's generally agreed that off-line transactions like credit card and stored value need public-key cryptography for security; but since public-key chips are inherently more complex and significantly more costly, most systems have been built with less secure cryptography and may need to be redone. Now we have provided a way to use public key on the least expensive and most proven chips available" said David Chaum, Managing Director of DigiCash, who revealed and demonstrated the technology for the first time at Smart Card '95 (14-16 February, 1995) in London, England. A chip, with public-key based stored value, costs under $1 U.S. It can accept multiple additional applications, at any time during the card's life, including loyalty schemes, coupons, tokens, tickets, and memberships. In addition DigiCash has worked together with MasterCard International, N.Y.C., to develop a technical testbed integrating DigiCash's underlying technology into a card conforming to the joint Europay, MasterCard, Visa (EMV) Specification. MasterCard has been working to ensure that the EMV specification can be implemented in an unambiguous and cost effective way based on multifunctional applications, in particular the association's stored value application. The new technology, still going by its code name "Blue" obtains its economy through a minimal requirement for silicon. It is currently implemented as firmware for the micro-controller chips produced in greatest volume: Motorola SC-24 and SGS-Thompson ST301/601, with masks for other silicon suppliers under discussion. Blue requires only 1k bytes (the smallest configuration available) of EEPROM memory, which is a main factor in the cost of chips for smart cards. Blue also provides significant advantages in addition to public key cryptography. Most chips, for instance, can irrevocably scramble the valuable data they store when power is interrupted unexpectedly, such as could be caused by power failure or by a user removing the card too early. Blue solves this problem fully and protects all the chip's data. Other cards reveal the card identity and data content to any reader or anyone tapping communications. Blue, however, encrypts everything communicated while revealing only necessary information and only to readers with corresponding keys. The development draws on DigiCash's 5 years of leadership in payment and chip card mask technology, and improves on the firm's innovative technology for public-key payment of highway-speed road tolls (see summary of existing products below). It is expected to be released in a form compatible with ecash, DigiCash's software- only solution to Internet payments. This would give any ecash user the option -- since only a pc connected to the Internet is required to use ecash -- of being able to obtain and carry their ecash on a smart card. DigiCash will be supplying the technology through licensing arrangements, some of which are already in advanced stages of negotiation. Licensees can have chips produced directly by silicon suppliers and then make cards themselves, or have cards made by any of the numerous companies that put chips in cards. Inexpensive starter-kits and development packages will be supplied by DigiCash. For more information please contact: Paul Dinnissen DigiCash bv Kruislaan 419 1098 VA Amsterdam The Netherlands Tel: +31 20 665 2611 Fax: +31 20 668 5486 info@digicash.nl http://www.digicash.com/ *************************************** BACKGROUND ON RELATED PRODUCTS/PROJECTS *************************************** CAFE: smart card and card-accepting electronic wallet project--Consortium founded and chaired by David Chaum of DigiCash; simulation, mask and first readers developed by DigiCash; trial this Spring at the EC headquarters building; technology trial in participation with related open special interest group, and partially funded by the EC. DyniCash: highway-speed road-toll collection system using smart cards--Chip card inserts into battery-powered dashboard unit; reflected backscatter microwave technology by industry leader Amtech; prepaid mode has user privacy; open and/or closed pricing schemes; tested extensively in Japan; non- exclusive licensing of the payment technology. Ecash: software only electronic cash system for internet/email--Users download software that can make and receive payments; protects users' money like travellers checks and privacy like coins; world-wide experiment with three thousand users; Macintosh, MS-Windows and X-Windows; any WWW browser; user software free with issuer licensing. Facility Card: complete facility management smart-card/reader system--Cash replacement, access control, and time/attendance system; now in schools, hospitals, industry, offices, recreation; card store "tokens" allowing complex time, budget, and discount rules; interfaces to vending, point-of- sale, access control, copiers, phones, gaming; downloadable & upgradeable readers work on-line and/or off-line; sold through VAR's. (Amtech, DigiCash, DyniCash, ecash (lower case "e"), Facility card, MasterCard, Motorola, and Thompson are trademarks.) ------------------------------ From: "Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com> Date: 15 Feb 95 07:27:21 EST Subject: Unemployment Fraud in Germany From the Reuters news wire via CompuServe's Executive News Service: RTw 02/12 0733 Germany works with neighbours to cut jobless fraud BONN, Feb 12 (Reuter) - Germany wants to swap information with its neighbours to crack down on people who improperly draw unemployment benefits while really working abroad, German Labour Minister Norbert Bluem was quoted as saying on Sunday. "I am negotiating to start a data network with our neighbouring countries," Bluem told the Bild am Sonntag newspaper. Key points: * Roughly 10-15% of the people working outside Germany register as unemployed. * There may be a "mutual reporting system by the end of the year." -- M.E.Kabay,Ph.D., Director of Education, Natl Computer Security Assn (Carlisle, PA); Mgmt Consultant, LGS Group Inc. (Montreal, QC) ------------------------------ From: oct1@ukc.ac.uk Date: 15 Feb 95 18:29:54 GMT Subject: Re: Tracking of News and WWW Routes Organization: University of Kent at Canterbury, UK. alamar@ctp.org (Nathaniel Irons) writes: Specifically with the WWW, most current browsers transmit a variable called HTTP_From that contains your email address and name. It's the same information that gets plunked into the relevant fields when you click on a Mailto URL. If you don't want to be logged, don't fill out that info. Then all they'll get is an IP address, which may be bad enough Try pointing your Web browser to: http://www.uiuc.edu/~ejk/WWW-privacy.html and then to: http://www.uiuc.edu/cgi-bin/info to find out what info about *you* is being sent. -- OT ------------------------------ From: "Prof. L. P. Levine" Date: 11 Feb 1995 08:05:41 -0600 (CST) Subject: Overview of legislation Organization: University of Wisconsin-Milwaukee Subject: EPIC Alert 2.02 Volume 2.02 February 6, 1995 Published by the Electronic Privacy Information Center (EPIC) Washington, DC info@epic.org [7] Overview of New Congressional Privacy Legislation EPIC has produced an overview of current privacy legislation in the 104th Congress. Bills that improve privacy protections or negatively affect privacy are summarized. The summary will be updated regularly as new legislation is introduced or pending bills are revised. A summary will appear in the next issue of the EPIC Alert. Copies of the new bills are available for retrieval from the EPIC Archive at cpsr.org. Also included are floor statements on the legislation when available and updates on the status of the bills. To obtain the overview and copies of the house and Senate bills, ftp/gopher/wais to cpsr.org /cpsr/privacy/epic/104th_congress_bills/ The EPIC Alert is a free biweekly publication of the Electronic Privacy Information Center. To subscribe, send the message: SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname to listserv@cpsr.org. You may also receive the Alert by reading the USENET newsgroup comp.org.cpsr.announce. ------------------------------ From: carols@world.std.com (Carol Springs) Date: 12 Feb 1995 18:37:58 GMT Subject: Re: Radio Shack and Privacy Organization: The World Public Access UNIX, Brookline, MA M. Schwartz wrote: I haven't had problems with a Radio Shack in years. I always pay cash and when they ask for my personal information, instead of saying "you can't have it", I say: "I don't want to be on your mailing list. There's no logical response to that so they just shut-up. No logical response, true. But when I used that one on a Radio Shack clerk who was selling me a phone, he then said that my giving him the info would "activate the warranty" on the purchase. I wonder how many times that particular piece of bogosity has worked for him. (It didn't on me.) Someone later supplied me with an appropriate response to the line about the warranty. I should have looked the guy straight in the eye, new telephone in hand, and said, "I don't have a phone." -- Carol Springs carols@world.std.com ------------------------------ From: m.sargent@genie.geis.com Date: 12 Feb 95 19:53:00 UTC Subject: Re: Radio Shack and Privacy RE: Radio Shack and Privacy Apparently, Tandy Corp., parent organization of Radio Shack, decided to take a different approach in gathering customer information when they launched their chain of The Incredible Universe stores. For those not familiar with The Incredible Universe, they bill themselves as the world's largest electronics/appliance store. The stores *are* huge, and are they are decidedly different from such "warehouse" outlets as Sam's. TIU is flashy neon and chrome. A greeter welcomes you into the store with the phrase "Welcome to the show!" There is a stage in the center of the main room, and local groups perform there on many weekends. It's as much an entertainment experience as a shopping experience. However, NOBODY gets past the front desk and into the showroom without an identification card. The card is free (unlike Sam's), but you must fill out a form to get one. The card is bar-coded, and before you're let into the showroom, your card must be scanned by the greeter using a hand- held bar-code reader. That's right, you can't even go browsing without that fact being registered. Besides the main showroom there are many smaller rooms - ones for small electronics, new hi-tech products, video games, computer software, etc. Each purchase of a product must be made within that room. You must present your ID card and have it re-scanned for each purchase, even if you're paying cash. Your purchase is then placed into a plastic bag which is heat-sealed, and the ticket is stapled to the front of the bag. When you leave, each bag is checked (for tampering, I assume) and each ticket is marked. If, for example, you bought some blank video tapes, the latest version of Doom, a caller ID box, and a toaster, your ID card would have been scanned five separate times. The upshot of all this is that Tandy has found a way to gather customer information, without appearing to ask for it. They are also able to examine a customer's buying habits. Are you someone who browses often but rarely makes a purchase? Do you spend a lot of time looking around? (They know exactly when you entered the store, and the time of each purchase.) Do you only go there when you've already decided on a purchase? Obviously, no one shops at The Incredible Universe against their will. But how many of the people who do shop there even realize what data they may unwitting be providing. -- Matt Sargent [ m.sargent@genie.geis.com ] ------------------------------ From: jonsg@diss.hyphen.com (Jon Green) Date: 13 Feb 1995 09:54:59 +0000 (GMT) Subject: Re: Radio Shack and Privacy AriadneM@scruznet.com (A. Marina Fournier) writes: I want the right to know what mailing-list firms have my info and to be asked *each and every time in advance* before it can be distributed. I want the right to review and restrict such information and its distribution. In the UK, you don't have a right to know who knows you, but we have a half-way house: the professional organisation for mail-order companies (I forget its name, unfortunately) has an arrangement whereby you can write in and request that your name not be "featured" in their members' mailing lists, and removed from those in which it languishes already. They have just begun to offer the same service for telemarketing databases. For the record, I don't want the ability to edit each and every mail-order DB and its personal details as they apply to me: life's too short to spend my time fire-fighting against misinformation and misapprehension. I'd rather just not receive the stuff in the first place. That's not to say it's a bad thing to have the facility, though. I certainly _do_ want that ability as it applies to credit reference agencies! I want the post office to have a box to check that says your COA will not be released to any firms for advertising. Thanks for asking. I've just done the same thing here. The Royal Mail postal redirection form (apart from charging you gbp30 for each surname on it) does indeed have such a box. In addition, they _do_ mail your previous address to ensure that you're not redirecting fraudulently, and there's a check box on the form which allows you to withhold your new address from being included on that security check. I was impressed - seems like they got it right. -- jonsg@hyphen.com jon@sundome.demon.co.uk PGP key available on request --- Opinions here are mine, not Hyphen's ------------------------------ From: "Vinod Narayanan" Date: 13 Feb 95 09:03:00 -0500 Subject: Re: Radio Shack and Privacy I picked up a thermometer from radio shack on saturday. They did not ask me for a phone number, even though I payed using a credit card. However, I noticed that the receipt had a valid looking phone number and a name. I have to cross-check the phone book to see if the name is indeed valid. If they went from asking for your number to arbitrarily using a name and number in their database, it does not look like they are getting the right message! --vinod vinod@watson.ibm.com "Keep it simple: as simple as possible, but no simpler" -- A. Einstein ------------------------------ From: privacy@interramp.com Date: 12 Feb 95 14:47:41 PDT Subject: Re: Radio Shack and Privacy Organization: PSI Public Usenet Link writes: This thread, however, is about *returning* merchandise for refunds. Discussions about looking for loopholes, not to mention lying in the marketplace, hardly seem worth the bandwidth. Surely a civilized society with democratic and free institutions can devise better solutions against threats to privacy than loopholes and lying. Otherwise this is all just a waste of time. Mr. Resch is correct. Loopholes and lying are cop-outs and are sub-optimal solutions. The principal reason why I am involved in the privacy field (and participate in these conferences) is to encourage intelligent and honest solutions that will enhance one's privacy. Certainly, there is an anarchic/iconoclastic attitude out there that tries to justify lying and manipulation. I am not trying to change individuals who share that philosophy. I am trying to educate those who wish to make real social change, for the betterment of all privacy seekers. -- John Featherman Editor Privacy Newsletter PO Box 8206 Philadelphia PA 19101-8206 Phone: 215-533-7373 E-mail: privacy@interramp.com ------------------------------ From: "Danyel A. Fisher" Date: 10 Feb 1995 22:14:53 -0600 (CST) Subject: "Cyber-bate" at Washington University Washington University, in St. Louis MO, recently played host to Stewart Baker (general counsel, NSA 1992-1994) and J.P. Barlow (co-founder, EFF) during an hour-long debate about the future of privacy, cyberspace, and the Clipper Chip. We will shortly have available interviews with both participants (discussing their background and other interests) as well as a transcript of the debate. We have signed approval to allow distribution through electronic media, and wanted to know whether comp.society.privacy would find this interesting or valuable, when it becomes available. -- Sometimes, you meet a person.| Danyel Fisher |To a pessimist, the world I am one of those people. | daf1@cec.wustl.edu |is full of happy surprises ------------------------------ From: dilute@panix.com (Ronald Abramson) Date: 12 Feb 1995 10:57:50 -0500 Subject: Transcript of NYC Clipper Debate Organization: PANIX Public Access Internet and Unix, NYC Late last week we posted the transcript of the Clipper Chip debate that was held in New York on Jan. 19. It is posted in talk.politics.crypto The panelists were Stewart Baker (formerly of the NSA), Michael Nelson (White House), James Kallstrom (FBI), Daniel Weitzner (Center for Democracy and Technology) and WIlliam Whitehurst (Director of Security, IBM). For people interested in the Clipper Chip, this transcript should prove interesting. -- Ron Abramson Chair, Committee on Computer Law Association of the Bar of the City of New York ------------------------------ From: fd@wwa.com (Glen L. Roberts) Date: 12 Feb 1995 19:16:18 GMT Subject: Re: Post Office Partially Limits Address Access Organization: WorldWide Access - Chicago Area Internet Services 312-282-8605 708-367-1871 Taken from EPIC Alert 2.02 Volume 2.02 February 6, 1995 Published by the Electronic Privacy Information Center (EPIC) Washington, DC info@epic.org The U.S. Postal Service announced on December 28 its final rule on access to names and addresses. The agency announced it was eliminating the service that allows anyone to obtain the new address of any individual for a $3.00 fee. The Postal Service, however, left intact its service that provides the addresses of all postal customers to large mailers such as direct marketers. All MAILERS THAT is. Mark your letter "ADDRESS CORRECTION REQUESTED" and they will provide the information to you. The notice states "Congress has not given the Postal Service the function of serving as a national registration point for the physical whereabouts of individuals." HR 434, The Postal Privacy Act of 1995, (introduced by Rep. Gary Condit) requires that the Postal Service inform individuals of the uses of information contained in Change of Address cards and mandates that customers be offered an option to not have their names and addresses forwarded. -- Glen L. Roberts, Editor, Full Disclosure Host Full Disclosure Live (WWCR 5,065 khz - Sundays 7pm central) email postal address to fd@wwa.com for catalog on privacy & surveillance. Does 10555-1-708-356-9646 give you an "ANI" readback? With name? ------------------------------ From: mcinnis@austin.ibm.com (Mickey McInnis) Date: 13 Feb 1995 17:40:47 GMT Subject: Re: How Can I Change This? lauras@holly.ColoState.EDU (Laura Sizemore) writes: Is there anyone out there who knows how to change your name on the system when someone types, "finger (your login name)" There might be a way to do this without going to the sysadmin, but try asking the system administrator to change the name entry for your id. This is usually stored in the /etc/passwd file. This should fix all the ways to find your name via standard unix commands. i.e. Even if you fix "finger", your name still appears on your newsgroup posts. Depending on how your system is set up, there might be other ways to get your name entry from /etc/passwd. If they are reluctant to remove your name entirely, you could try changing the first name to initials, or "Laurance" or some such. You could also ask them to change it to "account 3249" or some such. If they are still unwilling to remove or disguise your name, try working your way through the bureaucracy, or even getting one of the local or college newsrags or TV stations interested in this "scandal". i.e. "Local School Refuses to Protect Identity of Female Students, etc." Try the local bureaucrats first, you might find a sympathetic ear. If necessary point out the danger of stalkers, etc. and the potential for liability or embarassment to the University if something happens. -- Mickey McInnis - mcinnis@austin.ibm.com ------------------------------ From: "chris (c.) carpinello" Date: 15 Feb 1995 20:41:10 +0000 Subject: Re: How Can I Change This? Organization: Bell Northern Research, Inc. lauras@holly.ColoState.EDU (Laura Sizemore) writes: Is there anyone out there who knows how to change your name on the system when someone types, "finger (your login name)" I know I can't do anything about the login name itself, unless I go directly to the Uni's administration, but I would like to keep my full "in Real Life" name that is revealed under the finger command private. I'm becoming a bit weary of guys trying to pick me up on line ... Try using "chfn" (change finger name). If your system is running NIS (yellow pages) then use "ypchfn". -- Chris ------------------------------ From: Sarah Holland <70620.1425@compuserve.com> Date: 13 Feb 95 23:58:34 EST Subject: Mailing Lists & Personal Information Recently, I've been subscribing to more mailing lists. I have noticed with some lists, a number of other Compuserve addresses appear if I click on the address button in WinCim. While, of course, the Internet is not based on privacy, this still gives me access to everyone (theoretically) on Compuserve who subscribes to particular mailing lists. I can, with 5 mouse clicks, select all Compuserve HotWired subscribers and make them a group, and then send email to all of them. Actually, I'm not sure it gives me *all* Compuserve subscribers -- the Top Ten list only has 4 other subscribers, while 2020world Digest has 27. I think the issue is that when one subscribes to a mailing list, one doesn't expect that one's email address will be sent out to other people without having first posted! It's not a big problem, of course... -- Sarah Holland Fort St. James, BC 70620.1425@compuserve.com ------------------------------ From: Shawn Leard <71370.2551@compuserve.com> Date: 12 Feb 95 20:02:14 EST Subject: Letter to Jesse Helms in Re UN Sponsored Gun Control The following is a copy of a letter I believe you will find this of great interest!! Sincerely, Shawn Leard From alerts@gatekeeper.nra.org Date: 19 Jan 1995 02:32:24 -0500 From: NRA Alerts To: Multiple recipients of list Subject: INFO: Letter to Jesse Helms in Re UN Sponsored Gun Control January 11, 1995 The Honorable Jesse A. Helms Chairman Committee on Foreign Relations Dirksen Senate Office Building Room 450 United States Senate Washington, D.C. 20510 RE: Report of the Disarmament Commission, General Assembly, 49th Session of the United Nations. Dear Senator Helms: The National Rifle Association recently received a copy of the report of the Disarmament Commission of the United Nations, part of which concerns the regulation of conventional and small arms on a worldwide basis. A copy is attached for your information. For obvious reasons, we believe this report has substantial implications for those who advocate gun control measures in the United States, clearly contrary to the protections afforded Americans under the Second Amendment of the United States Constitution. As reported last May in the media, the U.N. objectives were made clear: So quietly that even the gun lobby hasn't noticed, the United Nations is beginning to set its sights on global gun control. The U.N. Disarmament Commission has adopted a working paper, a basis for future debate, that proposes tighter controls on the gun trade in the United States and other member nations as a way of combating international arms trafficking. The little-noted move represents the first U.N. effort to foster regulation of the multibillion-dollar trade in small arms. The working paper declares that governments individually "find themselves impotent" to deal with global arms trafficking, and proposes "harmonization" of gun-control standards around the world to make trafficking easier to spot and prevent. For one thing, it says, "the arms permitted for civilian use . .. should be subject to controls at all points in the chain, from production and-or acquisition up to the time they are sold to an individual. From then on they should remain subject to monitoring and control." Any "harmonization" would inevitably mean tightening controls on the loosely regulated U.S. gun business, and would be opposed by the National Rifle Association and other U.S. pro-gun organizations. Andrew Molchan, director of the U.S. National Association of Federally Licensed Firearms Dealers, said he was unaware of the U.N. move, but doesn't like the sound of it. "It's politics as usual," he said, "the Colombians blaming their internal problems on American law. ... The domestic arms trade is irrelevant to what's happening internationally." Associated Press, May 24, 1994 We believe the United States is taking a very active role in further follow-up work on the studies to be conducted on the subject by the U.N. We would very much appreciate it if you and your staff would make an immediate inquiry to the Administration, particularly to the Department of State and our representatives to the United Nations, to ascertain precisely what further follow-up action is being undertaken by the United Nations on this report, and the nature and degree to which the United States is participating in such follow-up work. If the United Nations is conducting studies or engaging in research, then we would respectfully request that you undertake whatever measures necessary to ensure that non-governmental organizations (NGO's), such as sporting groups in the United States (like the NRA), Australia and elsewhere are fully consulted, and their views obtained by any United Nations consultants, experts or staff who are gathering such information on behalf of the Commission or the General Assembly. If you agree with us that this is an important matter to investigate, and if the Administration is unresponsive in obtaining a fair and equitable inclusion of the views of the shooting and sporting NGO's, then we would respectfully suggest that this matter be fully pursued in terms of the Committee s oversight process, as well as concurrently through the appropriations oversight process, by denying the Executive Branch any authorizing or appropriations authority to participate in the U.N. activities related to the Commission s work on small arms used by the civilian population in the United States. We would be pleased to come up and explain our views on this matter in greater detail, and we would welcome a call from your staff . Thank you again for your courtesy in examining this matter. We look forward to hearing from you at your earliest possible convenience on the action you would like to take on our request. Cordially yours, Tanya K. Metaksa Executive Director Institute for Legislative Action National Rifle Association of America -- This information is presented as a service to the Internet community by the NRA/ILA. Many files are available via anonymous ftp from ftp.nra.org, via WWW at http://www.nra.org, via gopher at gopher.nra.org, and via WAIS at wais.nra.org Be sure to subscribe to the NRA mailing lists. Send the word help as the body of a message to listproc@NRA.org Information can also be obtained by connecting to the NRA-ILA GUN-TALK BBS at (703) 934-2121. ------------------------------ From: "Prof. L. P. Levine" Date: 29 Dec 1994 10:50:22 -0600 (CST) Subject: Info on CPD [unchanged since 12/29/94] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the SUBJECT: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Older archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V6 #018 ****************************** .