Date: Thu, 23 Feb 95 10:23:44 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V6#020 Computer Privacy Digest Thu, 23 Feb 95 Volume 6 : Issue: 020 Today's Topics: Moderator: Leonard P. Levine Privacy Rights Clearinghouse Gopher Changes German Phone Taps Down New Evidence in French Bugging Scandal NSC E-Mail Private Idaho 1.5 Beta Release What Does City Hall Have on Me? Re: Cordless Phone Privacy Question Regarding Wiretapping Re: Privacy and Mirror Snoops Re: Credit Card Receipt and Phone Number Re: Phone Users Slam Dunked Re: Mailing Lists & Personal Information Finnish Anonymity Compromised by Interpol Re: Cordless Phone Privacy Symposium on Medical Records Re: Recent Break-ins and Collections of Credit Card Numbers ACLU cyber-liberties Alert: Axe the Exon Bill! Info on CPD [unchanged since 12/29/94] ---------------------------------------------------------------------- From: Privacy Rights Clearinghouse Date: 20 Feb 1995 18:55:42 -0800 (PST) Subject: Privacy Rights Clearinghouse Gopher Changes We at the Privacy Rights Clearinghouse would like to announce several changes to the legislative materials on our gopher site. Additionally, we want to invite anyone who is interested to review these changes and give us feedback. Previously, we attempted to provide a comprehensive review of pending bills that had privacy implications in both the California state legislature and in Congress. We provided weekly updates on the status of each of those bills. Due to staff reductions, only a brief description of privacy- related bills will be available on the gopher, and they will not be updated on a weekly basis. We hope that these changes will not place a hardship on those of you who have taken advantage of our legislative materials in the past. Anyone interested in a particular bill may call the sponsor's office or local representative for a copy. Full texts of many privacy related federal bills are also available on the Internet via EPIC's gopher (gopher.cpsr.org). You can contact us at the Clearinghouse for assistance in finding this information. We wish to invite readers to take a look at our materials online and let us know what you think. We want to hear your opinions of our legislative updates (and of the gopher site in general, for that matter), both good and bad. These materials may be accessed by gophering to gopher.acusd.edu At the main menu, select "USD Campus-Wide Information System" then select "Privacy Rights Clearinghouse." To send us feedback, just Email it to prc@pwa.acusd.edu Your comments will be much appreciated. ================================================================= Barry D. Fraser fraser@pwa.acusd.edu Online Legal Research Associate Privacy Rights Clearinghouse prc@pwa.acusd.edu Center for Public Interest Law telnet teetot.acusd.edu University of San Diego login: privacy Privacy Hotline: 619-298-3396 BBS: 619-260-4789 In California: 800-773-7748 host: teetot login: privacy ================================================================= ------------------------------ From: "Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com> Date: 21 Feb 95 08:15:14 EST Subject: German Phone Taps Down >From the Reuters news wire via CompuServe's Executive News Service: RTw 02/15 1057 Fewer German phones tapped now after bugging boom BONN, Feb 15 (Reuter) - The spread of legal wiretapping in Germany slowed down in 1994 after a six-year bugging boom that more than doubled the number of telephones under surveillance, a leading liberal politician said on Wednesday. The article provides the following statistics: * 1994: 3,730 wiretaps * 1993: 3,964 * 1987: 1,805. M.E.Kabay,Ph.D., Director of Education, Natl Computer Security Assn (Carlisle, PA); Mgmt Consultant, LGS Group Inc. (Montreal, QC) ------------------------------ From: "Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com> Date: 21 Feb 95 08:15:00 EST Subject: New Evidence in French Bugging Scandal >From the Reuters news wire via CompuServe's Executive News Service: RTw 02/18 1219 New evidence in French bugging scandal PARIS, Feb 18 (Reuter) - A French judge has received new evidence that anti-terrorist police at President Francois Mitterrand's palace illegally bugged the phones of journalists and politicians, the daily Le Monde said on Saturday. Le Monde said five computer diskettes containing records of numerous wiretaps were handed over anonymously to the office of Judge Jean-Paul Valat who is probing the mid-1980s scandal. According to the report in Le Monde as described in this Reuter story: * Over 5,000 records list who asked for which wiretap. * Subjects of the wiretaps included "two staff journalists at Le Monde, lawyers, politicians and actress Carole Bouquet." * Wiretaps extended to friends and relatives of the primary subjects. * "The National Commission on Security Intercepts confirmed last year that the anti-terrorist unit had bugged private citizens in what it called `serious abuses.'" M.E.Kabay,Ph.D., Director of Education, Natl Computer Security Assn (Carlisle, PA); Mgmt Consultant, LGS Group Inc. (Montreal, QC) ------------------------------ From: "Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com> Date: 21 Feb 95 08:15:19 EST Subject: NSC E-Mail >From the Washington Post news wire via CompuServe's Executive News Service: WP 02/15 Judge Orders Opening of NSC E-Mail Records; Agency Ruled Subject To Access Guidelines By Toni Locy Washington Post Staff Writer A federal judge ruled ...[14 Feb]... that the National Security Council must preserve its electronic mail records and make them available to the public as long as they do not deal with advice given to the president on sensitive national security matters. .... The judge ordered the NSC to create new guidelines by Feb. 27 for preserving and releasing its records. According to the author, the lawsuit began in 1989 when "historian and former Washington Post reporter Scott Armstrong, the National Security Archive and others" sued to prevent the White House from deleting e-mail archives which apparently deal with the Iran-Contra scandal. M.E.Kabay,Ph.D., Director of Education, Natl Computer Security Assn (Carlisle, PA); Mgmt Consultant, LGS Group Inc. (Montreal, QC) ------------------------------ From: joelm@eskimo.com (Joel McNamara) Date: 22 Feb 1995 04:31:35 GMT Subject: Private Idaho 1.5 Beta Release Organization: Eskimo North (206) For-Ever The beta version of Private Idaho 1.5 is now available for testing. Private Idaho is a freeware PGP/anonymous remailer utility for use with Windows e-mail packages. The first version of Private Idaho only worked with Eudora. This version will work with most available Windows mail programs. Additional enhancements include "encrypt to self," support for Eric (i.e. Soda) and Anon.penet type remailers, and a cleaner interface. You can download the beta release from: anonymous ftp - ftp.eskimo.com /joelm/pidho15b.zip or WWW - http://www.eskimo.com/~joelm Bug reports and suggestions welcomed. Thanks! -- Joel McNamara joelm@eskimo.com finger or http://www.eskimo.com/~joelm for PGP key ------------------------------ From: donath@hweng.syr.ge.com (Kurt Donath) Date: 21 Feb 1995 13:45:45 GMT Subject: What Does City Hall Have on Me? Organization: Martin Marietta Internal Information Systems I'm wondering what is available about me through the local city/county government? Any tips on where to find this information and what is available? Is there a FAQ that has this information? Thanks -- Kurt Donath donath@hweng.syr.ge.com ------------------------------ From: jac@cis.ohio-state.edu (Jim Clausing) Date: 21 Feb 1995 10:20:20 -0500 Subject: Re: Cordless Phone Privacy Organization: The Ohio State University Dept. of Computer and Info. Science Lane Lenard writes: I'm doing some research on cordless phone snooping and have heard that there are "monitoring enthusiast clubs" in which members share monitoring techniques. There is even supposed to be a monthly magazine called "Monitoring Times" that gives eavesdropping techniques. Does anybody know anything about these clubs and/or this magazine? Also, what is the current legal status of cordless phone snooping? Am I correct in assuming that it is now illegal as of the passage of the recent Digital Telephony legislation? Okay, I will now get on my soapbox, since this starts off sounding like an attack on those evil scanner owners. I am a scanner owner and a Monitoring Times subscriber. There are indeed groups of scanner enthusiasts around. There are even occasionally (rarely) articles in MT about eavesdropping techniques. So, what. I tend to listen to local fire frequencies, in part because my wife is a nurse and may end up treating the victims of these tragedies. I also listen to local law enforcement because you don't always get the whole story from the media. I listen to air traffic at the old Air National Guard base near by because their planes are always flying over my house. I also own a shortwave and listen to the BBC, is there a problem here? With the passage of the recent bill it is indeed now illegal to listen to cordless phones. I still believe all of these laws are a crock, but my opinion obviously didn't carry as much weight in Washington as the cellular phone lobby and their ilk. Since 1934 it has been illegal to discuss what you heard over the air if you were not the intended recipient. The real problem with cordless and cellular phones was that the industry wanted you to forget that you were actually transmitting a radio signal. The other problem is that while the technology exists (has for a long time) to make communication over the airwaves secure, it was LAW ENFORCEMENT and MONEY (from the cellular phone industry) that pressured the legislature into this "Emperor's new clothes" denial of reality. The real privacy problem here is that the government now says that I cannot listen to radio signals that you are broadcasting THROUGH MY HOUSE. If you don't want me to hear it, don't broadcast it through my airspace. Most intelligent people realize that if there is an antenna attached then for some distance around people can pick it up (including on your baby monitor), so they shouldn't be saying anything there that they don't want the world to hear. By the way, if you want to know the frequencies for cordless phones, I have them at home and will be happy to send them to you, they are public information. If you want more information about Monitoring Times (or its sister publication Sattelite Times) call the publisher, Grove Enterprises in Brasstown, NC (I don't have the 800 number in front of me). I still believe the best way to protect privacy is to educate people and not to mindlessly make it illegal to notice when your neighbor does something stupid. I will close this rant by pointing those of you with Web access to the parable by Perry Metzger at http://draco.centerline.com:8080/~franl/privacy/parable.html I now descend from my soapbox and don my asbestos underwear. -- Jim Clausing jac@cis.ohio-state.edu CIS Dept. (614)292-8234 Ohio State University fax: (614)292-2911 ------------------------------ From: Michael Benedek Date: 20 Feb 1995 12:28:18 -0800 Subject: Question Regarding Wiretapping Organization: University of Washington Pardon me if this is not an appropriate usergroup on which to post this question: If the government is tapping your phone line, is there anyway, theoretically to make an untraceable phonecall or send an untraceable computer transmission? Thanks in advance. ------------------------------ From: jimray@halcyon.com (james ray) Date: 21 Feb 1995 14:19:33 +0200 Subject: Re: Privacy and Mirror Here is my question. The manegment of the institution I work at is unwilling to confront the individual who did this. This is a result of union relations. I feel however that this was a personal privacy violation. I want to find ot if there are laws or even case law which defines the security of memos ect which are dug out of memory on computers. I wrote this memo directly onto a disk and never saved it onto the hard drive. Apart from the copy I printed ut the only other place I intednded for it to exist was on my own disk. I did not know this mirror aspect of PC Tools existed untill after my memo was spread arount the unit. Since managment would not do anything I want to get a lawer and persue actions against managment if it is truly something which can be pursued. Managment has had many problems with the computer security of the unit for the past 5 years and have not done anything to prevent the individual for the practices. if you need any more information I will be happy to tell you more of the story. Dan Burbank ------------------------------ From: kp47@umail.umd.edu Date: 22 Feb 1995 22:05:10 GMT Subject: Snoops Organization: University of Maryland, College Park Does anyone out there know 1)if there is such a thing as snoopware (that is a means by which one person in a network can observe or somehow keep tabs on others in the same group?) 2) what kinds, specifically, there are and 3) how can one determine if he/she is being "observed"? Perhaps this query is too "local" in subject for this board--if so, my apologies. Many thanks for any info. ------------------------------ From: privacy@interramp.com Date: 20 Feb 95 23:20:41 pdt Subject: Re: Credit Card Receipt and Phone Number Organization: PSI Public Usenet Link writes: I'm not familiar with all the legal and commercial issues, but my guess is that a merchant can impose whatever requirements they choose before accepting a check. It is up to the purchaser to comply or take their business elsewhere. Mr.Barnett, Many states have laws regarding what merchants may or may not require for check acceptance. In Pennsylvania, merchants may require phone number, address, driver's license number or other forms of identification. They may also seek a major credit card and may record the name of card issuer and expiration date. Merchants aren't required to accept any personal check. They may not record a credit card number as a condition for accepting a personal check. For credit cards, a valid card and signature only, according to Pennsylvania's new credit card law. -- John Featherman Editor Privacy Newsletter PO Box 8206 Philadelphia PA 19101-8206 Phone: 215-533-7373 E-mail: privacy@interramp.com ------------------------------ From: bo774@freenet.carleton.ca (Kelly Bert Manning) Date: 21 Feb 1995 05:25:42 GMT Subject: Re: Phone Users Slam Dunked Organization: The National Capital FreeNet, Ottawa, Ontario, Canada In a previous posting, Tomkaiser (tomkaiser@aol.com) writes: Its that kind of activity that validates this group, however deregulation and divestiture caused this to happen intentionally and accidently many times, hurting the carriers involved and their customers. A small private detective would have to either become a reseller or front some substantial capital to deal with the rboc's who would do the local connection (until that becomes a free for all, it has started here in NY already). Lets hope nobody tries it! But they wouldn't have to set up their own alternate long distance operation. Private Dicks have demonstrated that it is easy to find someone to take a bribe at the old line telco's. Now if they can't they can just shop around for someone working at some alternate long distance company who will slam the targetted phone over and pass along the calling details. The fees private dicks collect may not be up to setting up an operation like this, but they are sufficient to corrupt people. A case on CBC's "fifth estate" described how a loonie had spent $50K tracing a woman, even finding ways to get her new non-published number despite access audits added to Bell Ontario's online systems. ------------------------------ From: ranck@earn.net (Bill Ranck) Date: 21 Feb 1995 10:15:34 GMT Subject: Re: Mailing Lists & Personal Information Organization: Universite Paris-Sud, France. Sarah Holland <70620.1425@compuserve.com> wrote: I think the issue is that when one subscribes to a mailing list, one doesn't expect that one's email address will be sent out to other people without having first posted! It's not a big problem, of course... Gary McGath (gmcgath@condes.MV.COM) wrote: On my recently started book review mailing list, I send the mailings to myself, and BCC everyone else on the list. Everyone's privacy is thus guaranteed. Just something which other people who have mailing lists might consider doing in order to avoid the problem mentioned. While Gary's solution is nice, it requires him to manually maintain the list. Mailing list servers should allow you to set your subscription to "hide" your name/address. I know that Listserv has this feature. To use it, you send the command "set conceal" from the subscribed userid and then only the list owner can see who you are. For example, if you send a "review " to a Listserv server the result will give you the name and e-mail address of everyone subscribed *except* hidden subscribers. The review will say how many hidden subscribers exist. You should be aware that not all mailing list software has this feature. Listserv and Listproc do, but majordomo apparently does not. There is a lot of other mailing list software out there so some others may also. Send a "help" command to the server that runs your favorite lists and see if there is a conceal option. -- * Bill Ranck +33.1.69.41.24.26 ranck@earn.net * * Technical Staff, European Academic & Research Network (EARN) Orsay, France * ------------------------------ From: "Prof. L. P. Levine" Date: 21 Feb 1995 07:49:50 -0600 (CST) Subject: Finnish Anonymity Compromised by Interpol Organization: University of Wisconsin-Milwaukee Taken from the Computer underground Digest Sun Feb 19, 1995 Volume 7 : Issue 14 ISSN 1004-042X Date: 19 Feb 1995 21:41:12 -0600 (CST) From: David Smith Subject: File 1--Finnish anonymity compromised by Interpol (fwd) ---------- Forwarded message ---------- From--an0@anon.penet.fi (The Anonymous Administrator) Organization--Anonymous contact service Reply-To--an0@anon.penet.fi Date--Sat, 18 Feb 1995 12:03:58 UTC Subject--Anon.penet.fi compromised! I am pretty shocked! Based on a request from Interpol, the Finnish police have gotten a search&seizure warrant on my home and the anon.penet.fi server, and gotten the real mail address of a user that has allegedly posted material stolen from the Church of Scientology. Fortunately I managed to prevent them from getting more than this one, single address. There is going to be a very high-level public debate on how it is possible that a country that prides itself on honoring human rights and privacy very strongly has allowed this to happen. Maybe we can use the publicity to stop this from happening again. But in this situation, I find it pretty understandable that some of you might want all traces of your ID removed. I have now added the alias "remove@anon.penet.fi" to my server. If you want to be removed, just send a (possibly empty) message to that address. But I am hoping it won't be empty. I am hoping that you do outline *why* you have needed the server, and what you think about the actions of the Finnish authorities. The messages will be anonymized using the normal anon.penet.fi procedure, and used to support the demand for a re-interpretation of the privacy laws in Finland. If you *don't* want to be removed, but still want to send a comment, you can use the addresses anon-support@lists.otol.fi (if you are *for* keeping the server) and anon-against@lists.otol.fi (if you are *against* the server). If you want to be anonymous, use anon-support@anon.penet.fi and anon-against@anon.penet.fi. Julf (admin@anon.penet.fi) ------------------------------ From: casc@hpax.cup.hp.com (Cas Caswell) Date: 21 Feb 1995 16:40:25 GMT Subject: Re: Cordless Phone Privacy Organization: Hewlett-Packard Lane Lenard (llenard@pipeline.com) wrote: I recall (it's been awhile) seeing some discussions on this over in the ham groups (rec.radio.* or rec.amature.* or?? as I said, it's been awhile). Monitoring of any broadcast is something some folks get off on. There are monitoring pubs that discuss finding navigation aids... so it's not just listening for the latest neighborhood scandle. Also, what is the current legal status of cordless phone snooping? Am I correct in assuming that it is now illegal as of the passage of the recent Digital Telephony legislation? I thought, and I'm not a bonafide expert and won't pretend to play one on the net..., that this piece of work covered Cell Phone freqs only. Be that as it may, depending on the illegallity of an activity to protect you from someone participating in it, is not the wisest course of action (IMO). If using cordless or cell phones, you would be safest to say only those things you wouldn't mind shouting out in a crowded room (with people you don't trust in it). In otherwords... credit card numbers, voice mail passwords, vacation plans (I'm leaving the state for 3 days on Feb 31 ... and no one will be checking my home), extra marital affairs, and negotiating the price of non-legal activities are probably things you shouldn't discuss.... With that said, it seems the 900 Mhz cordless phones are now offering spread spectrum broadcasts which should make the monitoring more difficult. Remember that until the FCC outlaws Ham operations, many of these technologies operate in portions of the RF spectrum that lie real close to Ham bands, so if my legal ham receiver happens to drift outside the band a bit... who's to know? The FCC don't care (now if my transmit happens to slip, that they do care about, but enforcement is tough). By the way, have one of those cordless baby monitors? You know, the ones that let you listen to hear if junior is fussing in the other room.... they tend to leak too... so discussing your swis bank account... or the fact that neighbor x is a *&(*^ for whatever, may not be staying within your own walls. -- ======================================================================= cas caswell "Fac ut gaudeam" casc@cup.hp.com By the way: I said it.... not my company. ======================================================================= ------------------------------ From: "Prof. L. P. Levine" Date: 22 Feb 1995 19:34:52 -0600 (CST) Subject: Symposium on Medical Records Organization: University of Wisconsin-Milwaukee Taken from RISKS-LIST: RISKS-FORUM Digest Tuesday 21 February 1995 Volume 16 : Issue 83 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Date: 18 Feb 1995 18:28:29 -0800 From: Phil Agre Subject: symposium on medical records A symposium is coming up that has tremendous consequences for the privacy of sensitive personal medical records -- Toward an Electronic Patient Record '95, 14-19 March 1995 in Orlando, Florida. The basic idea is to put all of your medical records on-line in a centralized repository, accessible to any medical professional who needs them. This is great when the folks in the emergency room need your records in a hurry, but it's not so great when your records are also available to insurance companies and marketers, not to mention private investigators who are willing to push the law a little bit. Right now the outlook for serious privacy protections on computerized medical records is not so good. As a result, I think it would be excellent if any net citizens were to attend this symposium and report back to the net community. I would particularly direct your attention to a meeting of the Standards Subcommittee on Access, Privacy and Confidentiality of Medical Records, which is to be held on Sunday March 12th and will be open to the public. It isn't good enough for privacy to be protected by vague principles and guidelines after the systems have been designed. Privacy capabilities such as patients' control over their personal information must be built into the technical standards, and if you can be in Florida in March then you can help out by informing the net community about the progress of those standards. More generally, the standards for a whole generation of privacy-sensitive systems are being set right now -- Intelligent Transportation Systems are another example -- and I think it's important for the net community to track the standard-setting process, publicizing problems and intervening to make sure that the new generation of standards makes full use of the new generation of privacy technologies -- especially technologies such as digital cash that are based on public-key cryptography. In the case of medical records, some of the people designing the systems actually are aware of the existence of these new privacy technologies. The hard part is making sure that real privacy protection is actually built into the standards despite the probable pressure of various economic interests to the contrary. The symposium is organized by the Medical Records Institute. MRI is on the Web at http://www.nfic.com/mri/mri.html But I particularly recommend the 36-page paper version of the conference announcement since it includes information about the exhibitors -- valuable raw material for research by privacy advocates. MRI's e-mail address is 71431.2030@compuserve.com and their paper address is 567 Walnut Street, PO Box 289, Newton MA 02160 USA. -- Phil Agre, UCSD ------------------------------ From: wmcclatc@gmu.edu (Bill McClatchie) Date: 21 Feb 1995 23:41:31 -0500 Subject: Re: Recent Break-ins and Collections of Credit Card Numbers "Vinod Narayanan" wrote: Todays NY times had a story about the apprehension of Mr.Mitnick for various computer related breakins. There are various risks to be considered in this incident, including some that Mr.Mitnick did not anticipate, but one particular item caught my attention. [snip] I would have expected at least one of the following measures to be taken: - Move the credit card numbers physically to a separate system, which cannot be accessed directly from the hosts connected to the networks, maybe on a daily basis. - Use some strong encryption, with the key being stored on a separate system, and all decryption being done on a separate system. I think the reason that they stored the numbers in one file was to make it easier to do a mass billing every month. They probably have a seperate file for each different level of payment. This sort of information should have definately been kept somewhere else. I agree, they should have kept this information on another system, prefereably one that wass not accessable from the outside world unless someone at netcom plugged in a modem. Now, we may think that this is a risk associated only with online providers who collect your credit card numbers for access to accounts. However, this is not the case. As more and more merchants come on-line, it is likely that their databases are accessible directly from the network also. These databases may or may not be accessable. Hopefully Netcom will have demonstrated the need to keep this information on seperate systems than the ones connected to the Internet. Also, I think that this information is stored in a different manner, with the information organized by customer phone numbers and names. I don't think that they keep a customers credit card number in the file since there is no need to do so, and many people don't always use the same card. I think the basic lesson is that we all need to be aware of the higher risk associated with on-line collections of sensitive data. This sort of awareness should be used with all transactions we enter into. Do you know how many people each year still give their credit card numbers to complete strangers, just becuase they were asked for it? Bill McClatchie wmcclatc@gmu.edu ------------------------------ From: ACLU Information Date: 23 Feb 1995 10:48:53 -0500 Subject: ACLU cyber-liberties Alert: Axe the Exon Bill! **ACLU CYBER-LIBERTIES ALERT** FIGHT ONLINE CENSORSHIP! AXE THE EXON BILL! The American Civil Liberties Union urges you to contact the members of the U.S. Senate Commerce Committee and your own Senators to ask them to oppose the efforts to turn online communications into the most heavily censored form of American media. In a clumsy effort to purge sexual expression from the Internet and other online networks, the self-described "Communications Decency Act of 1995" (S.314, introduced by Senator Exon on 2/2/95) would make ALL telecommunications service providers liable for every message, file, or other content carried on their networks. Senator Exon is planning to attach the bill to Senator Pressler's new telecommunications legislation, which is targeted for action in early March. The Exon proposal would severely restrict the flow of online information by requiring service providers to act as private censors of e-mail messages, public forums, mailing lists, and archives to avoid criminal liability. The ACLU believes that online users should be the only censors of the content of the information they receive. **The Exon proposal broadens existing law by subjecting service providers, as well as the individuals who actually send messages, to criminal liability for any "obscene, lewd, lascivious, filthy, or indecent" message transmitted over their networks.** If enacted into law, this vague and overly broad legislation could have the following draconian effects: * The Exon proposal would prohibit communications with sexual content through private e-mail between consenting adults, and would inhibit people from making comments that might or might not be prohibited. * Under the Exon proposal, service providers would pay up to $100,000 or spend up to 2 years in jail for prohibited content produced by subscribers on other networks, over which they had no control. * The Exon proposal would expand current restrictions on telephone access by minors to dial-a-porn services to include online access to indecent material, requiring service providers to purge "indecent" material from public bulletin boards and discussion groups to avoid accidental viewing by a minor. In effect, online providers would be forced to offer to adults only that content that is "suitable for minors." S. 314 is nearly identical to an amendment Senator Exon successfully attached to last year's Senate version of the telecommunications law overhaul. Last year's bill died for unrelated reasons, but the Senate Commerce Committee is determined to pass new telecommunications legislation this year that could easily include the Exon proposal. The ACLU opposes the restrictions on speech imposed by this legislation because they violate the First Amendment's guarantee of free expression. Forcing carriers to pre-screen content violates the Constitution and threatens the free and robust expression that is the promise of the Net. The Constitution requires that any abridgement of speech use the least restrictive means available -- the language of the Exon proposal is clearly the most restrictive because it sweeps broadly against a wide array of protected material involving sexual expression. Stop the information superhighway from becoming the most censored segment of communications media! ACT NOW: Urge members of the Senate Committee on Commerce, Science, and Transportation: *To oppose the Exon proposal, or any Senate or House variation. *To drop the Exon proposal BEFORE it goes to the Senate floor. *To hold full hearings on the Exon proposal and to review it thoroughly before it goes to the Senate floor. *To reject any effort to attach the Exon proposal to the Senate telecommunications legislation. THE EXON PROPOSAL COULD BE LAW WITHIN WEEKS IF WE DON'T ACT TODAY. Send your letter by e-mail, fax, or snail mail to: Senator Larry Pressler, S.D. Chairman, Committee on Commerce, Science, and Transportation SR-254 Russell Senate Office Building Washington, DC 20510-6125 (202) 224-5842 (phone) (202) 224-1630 (fax) e-mail: larry_pressler@pressler.senate.gov To maximize the impact of your letter, you should also write to the members of the Senate Commerce Committee and to your own Senators. A sample letter is attached. Majority Members of the Senate Commerce Committee Senator Bob Packwood, Ore. SR-259 Russell Senate Office Building Washington, DC 20510-3702 (202) 224-5244 (phone) (202) 228-3576 (fax) Senator Ted Stevens, Alaska SH-522 Hart Senate Office Building Washington, DC 20510-0201 (202) 224-3004 (phone) (202) 224-1044 (fax) Senator John McCain, Ariz. SR-111 Russell Senate Office Building Washington, DC 20510-0303 (202) 224-2235 (phone) (202) 228-2862 (fax) Senator Conrad Burns, Mont. SD-183 Dirksen Senate Office Building Washington, DC 20510-2603 (202) 224-2644 (phone) (202) 224-8594 (fax) Senator Slade Gorton, Wash. SH-730 Hart Senate Office Building Washington, DC 20510-4701 (202) 224-3441 (phone) (202) 224-9393 (fax) e-mail: senator_gorton@gorton.senate.gov Senator Trent Lott, Miss. SR-487 Russell Senate Office Building Washington, DC 20510-2403 (202) 224-6253 (phone) (202) 224-2262 (fax) Senator Kay Bailey Hutchison, Tex. SH-703 Hart Senate Office Building Washington, DC 20510-4303 (202) 224-5922 (phone) (202) 224-0776 (fax) e-mail: senator@hutchison.senate.gov Senator Olympia J. Snowe, Maine SR-174 Russell Senate Office Building Washington, DC 20510-1903 (202) 224-5344 (phone) (202) 224-6853 (fax) Senator John Ashcroft, Mo. SH-705 Hart Senate Office Building Washington, DC 20510-2504 (202) 224-6154 (phone) (202) 224-7615 (fax) Minority Members of the Senate Commerce Committee Senator Ernest F. Hollings, S.C. SR-125 Russell Senate Office Building Washington, DC 20510-4002 (202) 224-6121 (phone) (202) 224-4293 (fax) Senator Daniel K. Inouye, Hawaii SH-772 Hart Senate Office Building Washington, DC 20510-1102 (202) 224-3934 (phone) (202) 224-6747 (fax) Senator Wendell H. Ford, Ky. SR-173A Russell Senate Office Building Washington, DC 20510-1701 (202) 224-4343 (phone) (202) 224-0046 (fax) e-mail: wendell_ford@ford.senate.gov Senator J. James Exon, Neb. SH-528 Hart Senate Office Building Washington, DC 20510-2702 (202) 224-4224 (phone) (202) 224-5213 (fax) Senator John D. (Jay) Rockefeller IV, W. Va. SH-109 Hart Senate Office Building Washington, DC 20510-4802 (202) 224-6472 (phone) (202) 224-1689 (fax) Senator John F. Kerry, Mass. SR-421 Russell Senate Office Building Washington, DC 20510-2102 (202) 224-2742 (phone) (202) 224-8525 (fax) Senator John B. Breaux, La SH-516 Hart Senate Office Building Washington, DC 20510-1803 (202) 224-4623 (phone) (202) 224-2435 (fax) Senator Richard H. Bryan, Nev. SR-364 Russell Senate Office Building Washington, DC 20510-2804 (202) 224-6244 (phone) (202) 224-1867 (fax) Senator Byron L. Dorgan, N.D. SH-713 Hart Senate Office Building Washington, DC 20510-3405 (202) 224-2551 (phone) (202) 224-1193 (fax) You can also write or fax your own Senator at: The Honorable ______________________ U.S. Senate Washington, D.C. 20510 Senate directories including fax numbers may be found at: gopher://ftp.senate.gov:70 gopher://una.hh.lib.umich.edu:70/0/socsci/polscilaw/uslegi Additional information about the ACLU's position on this issue and others affecting civil liberties online and elsewhere may be found at: gopher:\\aclu.org:6601 OR request our FAQ at infoaclu@aclu.org -----------------------------------------------cut here---------------------------------------------------------- SAMPLE LETTER Dear Senator _______: I am writing to urge you to oppose the restrictions on speech that would be imposed by the legislation introduced by Senator Exon, known as the Communications Decency Act of 1995, S.314, introduced on 2/2/95. The Exon proposal would severely restrict the flow of online information by requiring service providers to act as private censors of e-mail messages, public forums, mailing lists, and archives to avoid criminal liability. I believe that online users should be the only censors of the content of the messages they receive. I urge you to: *Oppose the Exon proposal, or any Senate or House variation. *Drop the Exon proposal BEFORE it goes to the Senate floor. *Hold full hearings on the Exon proposal and review it thoroughly before it goes to the Senate floor. *Reject any effort to attach the Exon proposal to the Senate telecommunications legislation. Sincerely, [name] -- ACLU Free Reading Room | American Civil Liberties Union gopher://aclu.org:6601 | 132 W. 43rd Street, NY, NY 10036 mailto:infoaclu@aclu.org| "Eternal vigilance is the ftp://ftp.pipeline.com | price of liberty" ------------------------------ From: "Prof. L. P. Levine" Date: 29 Dec 1994 10:50:22 -0600 (CST) Subject: Info on CPD [unchanged since 12/29/94] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the SUBJECT: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Older archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V6 #020 ****************************** .