Date: Sun, 05 Mar 95 07:53:02 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V6#024 Computer Privacy Digest Sun, 05 Mar 95 Volume 6 : Issue: 024 Today's Topics: Moderator: Leonard P. Levine Private Idaho 2.0 beta A Word of Warning Re: Compuserve Sued for Delivering "Junk E-Mail" Re: Compuserve Sued for Delivering "Junk E-Mail" Re: The IRS and INS Re: SS Number at College Net Rape American Express Junk e-Mail vs. Junk FAX More on Junk e-Mail EFF Sues to Overturn Cryptography Restrictions Re: Access to Driving Records Son of 1991's S.266 - With a Vengence Re: A True Story Interstate Panopticon Info on CPD [unchanged since 12/29/94] ---------------------------------------------------------------------- From: joelm@eskimo.com (Joel McNamara) Date: 01 Mar 1995 16:42:54 -0800 Subject: Private Idaho 2.0 beta Organization: Eskimo North (206) For-Ever Private Idaho 2.0 beta, a PGP/anonymous remailer utility for use with Windows e-mail software, is now available. I had some unexpected free time, so instead of doing a final release of the 1.5 beta, I incorporated a variety of new features I was planning for version 2.0. The most significant is the ability to send mail through the remailers using their PGP public keys. What was normally a tedious job of doing multiple encryption passes on message blocks is now just a simple couple of mouse clicks. Additionally, there's now limited support for cut-marks, latent time, and substitute subject headers. Plus a variety of other new features you'll find useful. You can download the 2.0 beta (PIDHO20B.ZIP) either from: anonymous ftp - ftp.eskimo.com /joelm or Web page - http://www.eskimo.com/~joelm As always, any bug reports/suggestions/comments are appreciated. -- Joel McNamara joelm@eskimo.com - finger or Web home page for PGP key ------------------------------ From: Jim Silvania Date: 02 Mar 1995 09:36:35 -0500 (EST) Subject: A Word of Warning Thanks for running Braindead In Cyberspace but a word of warning about R Thomas. All those addresses Ralph uses to send for privacy & investigative books are companies owned by Ralph. He's hawking his own goods. Just a word to the wise. -- Jim Silvania silvania@ohionet.org Porter,Wright,Morris & Arthur Columbus, OH ------------------------------ From: rlk@max.tiac.net (Robert Krawitz) Date: 02 Mar 1995 21:19:38 GMT Subject: Re: Compuserve Sued for Delivering "Junk E-Mail" Organization: The Internet Access Company Privacy Rights Clearinghouse wrote: Robert Arkow, a Compuserve subscriber, is suing the service for delivering two unsolicited advertising e-mail messages to his mailbox on December 21, 1994. The suit, believed to be the first of its kind, challenges the right of advertisers to deliver so- called "Junk E-Mail" under the Telephone Consumer Privacy Protection Act of 1991 (TCPA). Arkow argues that the TCPA prohibits the automated calling of "any service for which the calling party is charged for the call." Also named in the suit is Compuserve Visa, the business responsible for the ads. gmcgath@condes.MV.COM (Gary McGath) writes: The implications of this are as frightening (assuming equal probability of success) as those of S. 314. If service providers become responsible for conveying "junk mail," and can be legally held reliable for it, then providers will have to scan all messages and somehow decide which ones are "junk mail." In this case, it appears (judging from the outfit that posted the ad) that Compuserve itself sent the ad, rather than merely carrying it. That's more like the phone company interrupting a long distance call to advertise a new service, perhaps. In this case, the service is using the customer's funds to deliver unwanted advertising to the customer. Worse yet, the criteria used -- that sending mail to a list constitutes "automated calling" -- could outlaw all automated mailing lists, and perhaps all mail programs which batch mail, if they became legal doctrine. Thanks for calling this to our attention. In the case of an automated mailing list, normally the subscriber has to take an explicit action to be placed on the list. I should think that that would constitute consent to receive any mailings that were sent to the list. -- Robert Krawitz Member of the League for Programming Freedom -- mail lpf@uunet.uu.net Tall Clubs International -- tci-request@think.com or 1-800-521-2512 ------------------------------ From: Mark Eckenwiler Date: 02 Mar 1995 23:03:05 -0500 Subject: Re: Compuserve Sued for Delivering "Junk E-Mail" Organization: Saltieri, Poore, Nash, deBrutus & Short, Attorneys at Law Robert Arkow, a Compuserve subscriber, is suing the service for delivering two unsolicited advertising e-mail messages to his mailbox on December 21, 1994. The suit, believed to be the first of its kind, challenges the right of advertisers to deliver so- called "Junk E-Mail" under the Telephone Consumer Privacy Protection Act of 1991 (TCPA). Arkow argues that the TCPA prohibits the automated calling of "any service for which the calling party is charged for the call." If this is a reference to 47 USC sec. 227(b)(1)(a)(iii), then the correct phrase is "for which the *called* party is charged for the call." That's a good reason to doubt Arkow right there, if the mistake is his. I think the text of the statute indicates that Arkow's suit has no merit. To begin with, subsection (b)(1)(A) only applies to a "call . . . using any automatic telephone dialing system or an artificial or prerecorded voice . . . ." An ATDS is defined in (a)(1) as equipment which can "store or produce *telephone* numbers to be called" and can "dial such numbers." Since an email address is not a telephone number, Arkow's claim falls outside the statute. A second, less powerful argument is that a CIS user is not "charged for the call" unless s/he chooses to accept it on the basis of the particularized information available in advance. One can argue that the policy of (b)(1)(A)(iii) is to protect only recipients who have no such advance notice, such as cellular phone users, who are explicitly named in this subsection. The TCPA provisions are aimed at automated dialers, machines that call homes and deliver recorded sales pitches. The law also prohibits unsolicited fax advertisements. The question will be "How similar is junk E-Mail to recorded telemarketing calls or unsolicited fax ads?" The main "prerecorded voice" section is elsewhere, in (b)(1)(B), which prohibits making such calls to "any residential telephone line." Once again, the statute's language is not ambiguous: e-mail simply is not covered. Unsolicited fax ads: This one is a bit fuzzier. Subsection (b)(1)(C) prohibts using a "telephone facsimile machine, computer, or other device to send an unsolicited advertisement to a telephone facsimile machine . . . ." Now, the text obviously draws a distinction between the terms "telephone facsimile machine" and "computer," so at first glance it looks as if junk e-mail isn't covered. However, a TFM is defined in (a)(1)(2) as equipment which can "transcribe text or images, or both, from paper into an electronic signal and to transmit that signal over a regular telephone line" *OR* "transcribe text or images (or both) from an electronic signal received over a regular telephone line onto paper." Note that the law is framed in terms of the equipment's *potential* to perform these acts; there is no requirement that it *actually* transcribe anything onto paper if it receives a call, for instance. In other words, a computer attached to a modem and either a printer or a scanner would seem to qualify as a TFM. Under those circumstances, one can easily imagine a case in which a "TFM" might receive junk e-mail. One last unrelated point: the federal Ninth Circuit (covering CA, AZ, WA, OR, AK, etc.) ruled very recently that subsection (b) is constitutional. ------------------------------ From: wmcclatc@gmu.edu (Bill McClatchie) Date: 03 Mar 1995 16:38:16 -0500 Subject: Re: The IRS and INS Jannick Johnsson writes: Does anybody know if some body has a disagreement with IRS, like not filing your taxes if this is reported to INS, so next time somebody returns from a trip they have you in the computer. Is it possible to find out what INS has in their computer just by asking. I asked the agent once when I returned if I could see what he had on the screen. He said he was not allowed to show it to me. I did verify I was returning to the right the right country!!! I do know the police does not send your name to INS just because you are not paying you ticket or a warrent for your arrest not showing in the court. I am not convicted and do not intent to be, but just curious. Well, i have a relative who works for INS in one of these booths. What she said was "The only place you can get this information is by filing a freedom of information request." The reason for this sounds kind of lame; but the agents can lose their jobs for showing you what information is on their screens, I wouldn't count on them showing it to you. As for what information is in this file, you would probably be surprised. -- Bill McClatchie wmcclatc@gmu.edu ------------------------------ From: johnl@iecc.com (John R Levine) Date: 02 Mar 95 20:50 EST Subject: Re: SS Number at College Organization: I.E.C.C., Cambridge, Mass. Is there anything I can do about this? A federal law known as the Buckley Amendment requires that any college that takes federal money (nearly all of them) use a number other than a student's SSN if the student so requests. They'll moan and groan, but the law is quite clear. I did that at Yale over 10 years ago. Given that the number they assigned me was 000-10-0001, I would conclude that not many people had so requested before I did. -- Regards, John Levine, johnl@iecc.com Primary Perpetrator of "The Internet for Dummies" ------------------------------ From: aca3@netaxs.com (Arthur Anderson) Date: 03 Mar 1995 02:43:37 GMT Subject: Net Rape Organization: Netaxs Internet BBS and Shell Accounts Net Rape; A Warning to All For the most part, the InterNet has been a realm of free and friendly information exchange. Lately, however, things have been changing quite a bit. With all the hype regarding the information superhighway (AKA Infobahn), more and more opportunists are feeding upon the trusting nature of optimistic Net users. Writings and ideas are being stolen, and there's little that can be done about it without sacrificing the ideals of free communication. Personally, I have lost hundreds of dollars and hundreds of hours simply because I risked the trust of someone with an e-mail address. Its important to remember that intelligence and moral character do not necessarily go hand in hand. Cold and unsympathetic people now roam the InterNet, and they can easily sound as warm and friendly as anyone you've ever known. The free, uncensored, and global exchange of information is a wonderful thing. This new environment will change the world in ways we can scarcely imagine. But be careful. Be very careful. Clever criminals can now misguide you with a few simple key- strokes. They can claim whatever you send them, and promptly vanish to seek their own profit (in literature, science, software, entertainment, ... anything). ------------------------------ From: Timothy Charles Greenleaf Date: 03 Mar 1995 01:19:58 -0500 Subject: American Express Organization: Columbia University Greetings everyone... Has anyone heard of American Express doing the following to non-journalists? How detailed and how private should credit card records be? (Forwarded from IRE-L - mailing list for disucssion of computer assisted journalism). Regards, Tim Greenleaf - tcg7@columbia.edu ***************Forwarded Message**************** Urgent Notice! IRE views American Express's zealous compliance with the subpoena of reporters' monthly statements in the Phillip Morris vs. ABC case as highly objectionable and an extremely dangerous precedent. (See WSJ front page 2/24/95) We have cut up and returned our personal and corporate American Express cards and we are urging IRE members and, in fact, all journalists to consider whether they should not consider doing the same. It's more than that American Express has shown an eagerness to invade the privacy of journalists. The firm's wholesale turnover of journalist's expense records could endanger the confidentiality of meetings and contacts with sources. In addition, we encourage you to write to American Express and express your opinions regarding these tactics, whether or not you are a customer. Please feel free to forward this message to whatever forum seems appropriate! -- Rosemary Armao and (314) 882-3364 (v) Tracy Barnett (314) 882-5431 (f) PO Box 838 Internet: Columbia MO 65205 jourtlb@muccmail.missouri.edu ------------------------------ From: Mark Eckenwiler Date: 02 Mar 1995 23:33:39 -0500 Subject: Junk e-Mail vs. Junk FAX Organization: Saltieri, Poore, Nash, deBrutus & Short, Attorneys at Law Robert Arkow, a Compuserve subscriber, is suing the service for delivering two unsolicited advertising e-mail messages to his mailbox on December 21, 1994. The suit, believed to be the first of its kind, challenges the right of advertisers to deliver so- called "Junk E-Mail" under the Telephone Consumer Privacy Protection Act of 1991 (TCPA). Arkow argues that the TCPA prohibits the automated calling of "any service for which the calling party is charged for the call." If this is a reference to 47 USC sec. 227(b)(1)(a)(iii), then the correct phrase is "for which the *called* party is charged for the call." That's a good reason to doubt Arkow right there, if the mistake is his. I think the text of the statute indicates that Arkow's suit has no merit. To begin with, subsection (b)(1)(A) only applies to a "call . . . using any automatic telephone dialing system or an artificial or prerecorded voice . . . ." An ATDS is defined in (a)(1) as equipment which can "store or produce *telephone* numbers to be called" and can "dial such numbers." Since an email address is not a telephone number, Arkow's claim falls outside the statute. A second, less powerful argument is that a CIS user is not "charged for the call" unless s/he chooses to accept it on the basis of the particularized information available in advance. One can argue that the policy of (b)(1)(A)(iii) is to protect only recipients who have no such advance notice, such as cellular phone users, who are explicitly named in this subsection. The TCPA provisions are aimed at automated dialers, machines that call homes and deliver recorded sales pitches. The law also prohibits unsolicited fax advertisements. The question will be "How similar is junk E-Mail to recorded telemarketing calls or unsolicited fax ads?" The main "prerecorded voice" section is elsewhere, in (b)(1)(B), which prohibits making such calls to "any residential telephone line." Once again, the statute's language is not ambiguous: e-mail simply is not covered. Unsolicited fax ads: This one is a bit fuzzier. Subsection (b)(1)(C) prohibts using a "telephone facsimile machine, computer, or other device to send an unsolicited advertisement to a telephone facsimile machine . . . ." Now, the text obviously draws a distinction between the terms "telephone facsimile machine" and "computer," so at first glance it looks as if junk e-mail isn't covered. However, a TFM is defined in (a)(1)(2) as equipment which can "transcribe text or images, or both, from paper into an electronic signal and to transmit that signal over a regular telephone line" *OR* "transcribe text or images (or both) from an electronic signal received over a regular telephone line onto paper." Note that the law is framed in terms of the equipment's *potential* to perform these acts; there is no requirement that it *actually* transcribe anything onto paper if it receives a call, for instance. In other words, a computer attached to a modem and either a printer or a scanner would seem to qualify as a TFM. Under those circumstances, one can easily imagine a case in which a "TFM" might receive junk e-mail. One last unrelated point: the federal Ninth Circuit (covering CA, AZ, WA, OR, AK, etc.) ruled very recently that subsection (b) is constitutional. ------------------------------ From: weh@SEI.CMU.EDU (Bill Hefley) Date: 03 Mar 1995 10:18:53 EST Subject: More on Junk e-Mail Organization: Software Engineering Institute I just had the opportunity to speak on a panel at a marketing conference about our efforts in developing a World-Wide Web site (http://www.sei.cmu.edu) to further our Institute's mission of improving the state of the practice of software engineering. While there, I picked up a glossy newsmagazine/newspaper intended for the direct marketing crowd -- not really my specialty, but it looked to be interesting airplane reading. I was really amazed to see the news blurb about Worldata (http://www.worldata.com/), a Florida company, that claims to be able to send as many as a million and a half e-mail messages to its list of compiled e-mail addresses -- all for a mere 8 to 10 cents a message. They claim to be building a suppression file for those who want to opt out, and also guarantee that mailers won't be flamed. Gee, I wonder how they can guarantee that? Unless they provide an anonymizing service (gee, just think of the possibilities, anonymous e-mail for advertisers), most people will be able to figure out who the advert is for, and can flame the advertiser. But, maybe they're right, I might have to pick up the phone to call and complain to the advertiser--that isn't technically a flame, is it? -- Bill Hefley - Senior Member of the Technical Staff Software Engineering Institute, Carnegie Mellon Univ. Pittsburgh, PA 15213 Office: +1-412-268-7793, Fax: +1-412-268-5758, internet: weh@sei.cmu.edu ------------------------------ From: "Prof. L. P. Levine" Date: 03 Mar 1995 08:51:37 -0600 (CST) Subject: EFF Sues to Overturn Cryptography Restrictions Organization: University of Wisconsin-Milwaukee Taken from Computer underground Digest Wed Mar 1, 1995 Volume 7 : Issue 17 ISSN 1004-042X Date: 21 Feb 1995 23:16:46 -0500 (EST) From: Stanton McCandlish Subject: File 2--EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS First Amendment Protects Information about Privacy Technologies February 21, 1995 San Mateo, California In a move aimed at expanding the growth and spread of privacy and security technologies, the Electronic Frontier Foundation is sponsoring a federal lawsuit filed today seeking to bar the government from restricting publication of cryptographic documents and software. EFF argues that the export-control laws, both on their face and as applied to users of cryptographic materials, are unconstitutional. Cryptography, defined as "the science and study of secret writing," concerns the ways in which communications and data can be encoded to prevent disclosure of their contents through eavesdropping or message interception. Although the science of cryptography is very old, the desktop-computer revolution has made it possible for cryptographic techniques to become widely used and accessible to nonexperts. EFF believes that cryptography is central to the preservation of privacy and security in an increasingly computerized and networked world. Many of the privacy and security violations alleged in the Kevin Mitnick case, such as the theft of credit card numbers, the reading of other peoples' electronic mail, and the hijacking of other peoples' computer accounts, could have been prevented by widespread deployment of this technology. The U.S. government has opposed such deployment, fearing that its citizens will be private and secure from the government as well as from other vandals. The plaintiff in the suit is a graduate student in Mathematics at the University of California at Berkeley named Dan Bernstein. Bernstein developed an encryption equation, or algorithm, and wishes to publish the algorithm, a mathematical paper that describes and explains the algorithm, and a computer program that runs the algorithm. Bernstein also wishes to discuss these items at mathematical conferences and other open, public meetings. The problem is that the government currently treats cryptographic software as if it were a physical weapon and highly regulates its dissemination. Any individual or company who wants to export such software -- or to publish on the Internet any "technical data" such as papers describing encryption software or algorithms -- must first obtain a license from the State Department. Under the terms of this license, each recipient of the licensed software or information must be tracked and reported to the government. Penalties can be pretty stiff -- ten years in jail, a million dollar criminal fine, plus civil fines. This legal scheme effectively prevents individuals from engaging in otherwise legal communications about encryption. The lawsuit challenges the export-control scheme as an ``impermissible prior restraint on speech, in violation of the First Amendment.'' Software and its associated documentation, the plaintiff contends, are published, not manufactured; they are Constitutionally protected works of human-to-human communication, like a movie, a book, or a telephone conversation. These communications cannot be suppressed by the government except under very narrow conditions -- conditions that are not met by the vague and overbroad export-control laws. In denying people the right to publish such information freely, these laws, regulations, and procedures unconstitutionally abridge the right to speak, to publish, to associate with others, and to engage in academic inquiry and study. They also have the effect of restricting the availability of a means for individuals to protect their privacy, which is also a Constitutionally protected interest. More specifically, the current export control process: * allows bureaucrats to restrict publication without ever going to court; * provides too few procedural safeguards for First Amendment rights; * requires publishers to register with the government, creating in effect a "licensed press"; * disallows general publication by requiring recipients to be individually identified; * is sufficiently vague that ordinary people cannot know what conduct is allowed and what conduct is prohibited; * is overbroad because it prohibits conduct that is clearly protected (such as speaking to foreigners within the United States); * is applied overbroadly, by prohibiting export of software that contains no cryptography, on the theory that cryptography could be added to it later; * egregiously violates the First Amendment by prohibiting private speech on cryptography because the government wishes its own opinions on cryptography to guide the public instead; and * exceeds the authority granted by Congress in the export control laws in many ways, as well as exceeding the authority granted by the Constitution. If this suit is successful in its challenge of the export-control laws, it will clear the way for cryptographic software to be treated like any other kind of software. This will allow companies such as Microsoft, Apple, IBM, and Sun to build high-quality security and privacy protection into their operating systems. It will also allow computer and network users, including those who use the Internet, much more freedom to build and exchange their own solutions to these problems, such as the freely available PGP encryption program. And it will enable the next generation of Internet protocols to come with built-in cryptographic security and privacy, replacing a sagging part of today's Internet infrastructure. Lead attorney on the case is Cindy Cohn, of McGlashan and Sarrail in San Mateo, CA, who is offering her services pro-bono. Major assistance has been provided by Shari Steele, EFF staff; John Gilmore, EFF Board; and Lee Tien, counsel to John Gilmore. EFF is organizing and supporting the case and paying the expenses. Civil Action No. C95-0582-MHP was filed today in Federal District Court for the Northern District of California. EFF anticipates that the case will take several years to win. If the past is any guide, the government will use every trick and every procedural delaying tactic available to avoid having a court look at the real issues. Nevertheless, EFF remains firmly committed to this long term project. We are confident that, once a court examines the issues on the merits, the government will be shown to be violating the Constitution, and that its attempts to restrict both freedom of speech and privacy will be shown to have no place in an open society. Full text of the lawsuit and other paperwork filed in the case is available from the EFF's online archives. The exhibits which contain cryptographic information are not available online, because making them publicly available on the Internet could be considered an illegal export until the law is struck down. We are still uploading some of the documents, including the main complaint, so please try again later if what you want isn't there yet. See: http://www.eff.org/pub/EFF/Policy/Crypto/ITAR_export/Bernstein_case/ ftp.eff.org, /pub/EFF/Policy/Crypto/ITAR_export/Bernstein_case/ gopher.eff.org, 1/EFF/Policy/Crypto/ITAR_export/Bernstein_case Press contact: Shari Steele, EFF: ssteele@eff.org, +1 202 861 7700. For further reading, we suggest: The Government's Classification of Private Ideas: Hearings Before a Subcomm. of the House Comm. on Government Operations, 96th Cong., 2d Sess. (1980) John Harmon, Assistant Attorney General, Office of Legal Counsel, Department of Justice, Memorandum to Dr. Frank Press, Science Advisor to the President, Re: Constitutionality Under the First Amendment of ITAR Restrictions on Public Cryptography (May 11, 1978). [Included in the above Hearings; also online as http://www.eff.org/pub/EFF/Policy/Crypto/ ITAR_export/ITAR_FOIA/itar_hr_govop_hearing.transcript]. Alexander, Preserving High-Tech Secrets: National Security Controls on University Research and Teaching, 15 Law & Policy in Int'l Business 173 (1983) Cheh, Government Control of Private Ideas-Striking a Balance Between Scientific Freedom and National Security, 23 Jurimetrics J. 1 (1982) Funk, National Security Controls on the Dissemination of Privately Generated Scientific Information, 30 U.C.L.A. L. Rev. 405 (1982) Pierce, Public Cryptography, Arms Export Controls, and the First Amendment: A Need for Legislation, 17 Cornell Int'l L. J. 197 (1984) Rindskopf and Brown, Jr., Scientific and Technological Information and the Exigencies of Our Period, 26 Wm. & Mary L. Rev. 909 (1985) Ramirez, The Balance of Interests Between National Security Controls and First Amendment Interests in Academic Freedom, 13 J. Coll. & U. Law 179 (1986) Shinn, The First Amendment and the Export Laws: Free Speech on Scientific and Technical Matters, 58 Geo. W. L. Rev. 368 (1990) Neuborne and Shapiro, The Nylon Curtain: America's National Border and the Free Flow of Ideas, 26 Wm. & Mary L. Rev. 719 (1985) Greenstein, National Security Controls on Scientific Information, 23 Jurimetrics J. 50 (1982) Sullivan and Bader, The Application of Export Control Laws to Scientific Research at Universities, 9 J. Coll. & U. Law 451 (1982) Wilson, National Security Control of Technological Information, 25 Jurimetrics J. 109 (1985) Kahn, The Codebreakers: The Story of Secret Writing. New York: Macmillan (1967) [Great background on cryptography and its history.] Relyea, Silencing Science: national security controls and scientific communication, Congressional Research Service. Norwood, NJ: Ablex Publishing Corp. (1994) John Gilmore, Crypto Export Control Archives, online at http://www.cygnus.com/~gnu/export.html EFF Crypto Export Control Archives, online at ftp.eff.org, /pub/EFF/Policy/Crypto/ITAR_export/ gopher.eff.org, 1/EFF/Policy/Crypto/ITAR_export http://www.eff.org/pub/EFF/Policy/Crypto/ITAR_export/ -- Stanton McCandlish
mech@eff.org

Electronic Frontier Foundation

Online Services Mgr. ------------------------------ From: jwarren@well.sf.ca.us (Jim Warren) Date: 03 Mar 1995 19:00:57 +0800 Subject: Re: Access to Driving Records Regarding access to driver records. Date: 02 Mar 1995 22:15:25 -0500 From: Robert Becker To: Multiple recipients of list SPJ-L Subject: Re: Access to driving records Newspapers, like other businesses, can buy the DMV lists in bulk under the federal law. They can then use the information for marketing or other purposes permitted by the statute. But they cannot redisseminate the information to editorial to be used for newsgathering purposes. It is my belief that one way to challenge the constitutionality of the statute is for a publisher to buy the list for marketing, but allow its use for news purposes. If the state then penalizes the paper, either by fining it or denying access subsequently, the paper could claim that the penalty is, in effect, a prior restraint or post-publication punishment for publishing legally obtained information DMV records access *does* vary from state to state, but within the limits of federal law, e.g. the Boxer bill. (Would love to know her driving record :-). -- jim ------------------------------ From: jwarren@well.sf.ca.us (Jim Warren) Date: 04 Mar 1995 06:52:56 +0800 Subject: Son of 1991's S.266 - With a Vengence It appears that Joe McCarthy is back. Bigtime! In the spring of 1991, S.266 was introduced by Mr. Biden (for himself and Mr. DeConcini) containing the following section: SEC. 2201. COOPERATION OF TELECOMMUNICATIONS PROVIDERS WITH LAW ENFORCEMENT It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law. --- I.e., no more private communications. Under pressure, it was deleted. --- But that was *peanuts* - look at this thing! Jim Warren, GovAccess moderator; columnist, MicroTimes/Govt.Tech/BoardWatch jwarren@well.com (well.com = well.sf.ca.us; also at jwarren@autodesk.com) 345 Swett Rd., Woodside CA 94062; voice/415-851-7075; fax/<# upon request> [puffery: James Madison Freedom-of-Information Award, Soc. of Professional Journalists - Nor.Calif.(1994); Hugh Hefner First-Amendment Award, Playboy Foundation (1994); Pioneer Award, Electronic Frontier Foundation (its first year, 1992); founded Computers, Freedom & Privacy confs, InfoWorld, etc.] I got this off another list. Omnibus Counterterrorism Bill S. 390 and H.R. 896 New FBI Charter to Investigate Political Groups February 10, 1995 the Omnibus Counterterrorism Bill was introduced as S. 390 into the Senate and as H.R. 896 in the House. It was initiated by the FBI, and passed on by the Justice Department and the White House. Senators Biden (D-DE) and Specter (R- PA) initiated it in the Senate, Rep. Schumer (D-NY) and Dicks (D-WA) in the House. It has bipartisan support and could get expedited action. SUMMARY * THIS IS A GENERAL CHARTER FOR THE FBI AND OTHER AGENCIES, INCLUDING THE MILITARY, TO INVESTIGATE POLITICAL GROUPS AND CAUSES AT WILL. The bill is a wide-ranging federalization of different kinds of actions applying to both citizens and non-citizens. The range includes acts of violence (attempts, threats and conspiracies) as well as giving funds for humanitarian, legal activity. * It would allow up to 10 year sentences for citizens and deportation for permanent resident non-citizens for the "crime" of supporting the lawful activities of an organization the President declares to be "terrorist", as the African National Congress, FMLN in El Salvador, IRA in Northern Ireland, and PLO have been labelled. It broadens the definition of terrorism. The President's determination of who is a terrorist is unappealable, and specifically can include groups regardless of any legitimate activity they might pursue. * It authorizes secret trials for immigrants who are not charged with a crime but rather who are accused of supporting lawful activity by organizations which have also been accused of committing illegal acts. Immigrants could be deported: 1) using evidence they or their lawyers would never see, 2) in secret proceedings 3) with one sided appeals 4) using illegally obtained evidence. * It suspends posse comitatus - allowing the use of the military to aid the police regardless of other laws. * It reverses the presumption of innocence - the accused is presumed ineligible for bail and can be detained until trial. * It loosens the rules for wiretaps. It would prohibit probation as a punishment under the act - even for minor nonviolent offenses. IMPLICATIONS * Those who remember the McCarran Walter Act will recognize this bill, only in some ways this is broader and potentially more dangerous * This bill is highly political: the President can determine who is a terrorist and change his/her mind at will and even for economic reasons. The breadth of its coverage would make it impossible for the government to prosecute all assistance to groups around the world that have made or threatened to commit violent acts of any sort. Necessarily its choices would be targeted at organizations the government found currently offensive. People to be deported would be chosen specifically because of their political associations and beliefs. * The new federal crime: international terrorism doesn't cover anything that is not already a crime. As the Center for National Security Studies notes: "Since the new offense does not cover anything that is not already a crime, the main purpose of the proposal seems to be to avoid certain constitutional and statutory protections that would otherwise apply." * While many provisions of this bill could well be found unconstitutional after years of litigation, in the mean time the damage could be enormous to the First Amendment and other constitutional rights including presumption of innocence and right to bail. THE BILL HAS BEEN REFERRED TO JUDICIARY COMMITTEES OF EACH HOUSE. ONLY THE NEW YORK TIMES HAS AS YET NOTICED THE BILL - A 2/24/95 ANTHONY LEWIS COLUMN. OTHER PAPERS SHOULD BE ALERTED. FOR MORE INFORMATION: Kit Gage, Washington Liaison, National Lawyers Guild 3321-12th St., NE, Washington DC 20017 202-529-4225, fax 202-526-4611, e-mail: kgage@igc.apc.org <---- End Included Message ----> ------------------------------ From: lkrist@osf1.gmu.edu (Lori Krist) Date: 04 Mar 1995 16:24:00 -0500 Subject: Re: A True Story Patrick Brennan wrote: Not only does he have no concept of the enormous power of large corporate databases to corrupt and degrade individual privacy, he doesn't care! And most perplexingly : he actually defended the company's prerogative to gather information, and the computer's demand to have the information, OVER a PERSON's right to keep the information. Hey, if I haven't done anything wrong, I have nothing to worry about. Companies come before people, anyway. He might as well have come from Mars : I cannot relate to this guy at all. And it scares me that his may represent a substantial segment of the popular opinion. If that is so, then I am glad I've listened to too many liberal college professors. WOW! What an incredible story. It is scary. The thing I find interesting is that not only the "liberal college professors" worry about this issue. There are a substantial number of conservatives (like myself) who also think the govt and business should stay out of most of my affairs. Could it be that I have something in common with these liberals? God help us! -- Lori Krist lkrist@gmu.edu ------------------------------ From: "Prof. L. P. Levine" Date: 05 Mar 1995 07:15:09 -0600 (CST) Subject: Interstate Panopticon Taken from RISKS-LIST: RISKS-FORUM Digest Friday 3 March 1995 Volume 16 : Issue 86 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Interstate Panopticon (Phil Agre) From: Phil Agre Date: 25 Feb 1995 17:59:07 -0800 Subject: Interstate Panopticon The press is starting to notice some of the serious privacy problems with the rapidly advancing proposals for "Intelligent Transportation Systems" in the United States. Here are a couple of relevant articles: Richard Simon, Camera gains more exposure as a device for traffic control, Los Angeles Times, 20 February 1995, pages B1 and B3. This one is about the accelerating use of video cameras on roads in Southern California. In the near term they're mostly to identify the causes of traffic jams. But the Blue Line between Los Angeles and Long Beach will soon have cameras to detect drivers who attempt to circumvent lowered gates to cross the train tracks. And although the state Office of Traffic Safety is concerned about "a growing problem with commuters eating, reading, changing clothes, brushing their teeth and generally paying less than full attention to the road", it says it has no current plans to check up on these things with its cameras. The cameras, in case you're wondering, are in bulletproof containers. Although some of the problems that state traffic officials have identified are genuine, the real difficulty is in their basic philosophy for solving them. Rather than collect information and circulate it in a decentralized fashion that is useful to individual drivers and engineering crews without permitting unlimited accumulation of information that identifies individual drivers, they have set up a general-purpose centralized observation center in downtown Los Angeles. The slippery slope here is steep: as technologies of surveillance are put in place, new applications will always be available that are only one short step beyond what they've been used for so far. I am generally skeptical about visual metaphors for privacy problems, but this is one case where the Panopticon offers a perfectly simple and straightforward model. That's not so clear in another, much bigger and more consequential case: Don Phillips, Big Brother in the back seat?: The advent of the "intelligent highway" spurs a debate over privacy, Washington Post, 23 February 1995, page D10. This article concerns the "privacy principles" being circulated by the Intelligent Transportation Society of America, which is the industry group coordinating the development of a national architecture for transportation automation systems, including systems that track the locations of vehicles for a range of purposes. Although nobody in the United States is currently proposing that the use of these technologies be made mandatory for drivers, it is very likely that they will become unavoidable as a practical matter, since they will probably be used to implement much more widespread roadway toll-collection. The most recent version of these principles that I have seen is dated December 13th 1994, and they are in fact seriously problematic. For example, they only place very loose restrictions on secondary uses of the information by marketers, and they envision no restrictions on the powers of access to ITS travel information that individual states can confer upon local police. You can retrieve a copy by sending a message that looks like this: To: rre-request@weber.ucsd.edu Subject: archive send its-privacy Or you can look at them on WWW at: http://weber.ucsd.edu/~pagre/its-privacy.html I will probably circulate another message about these principles soon. The Phillips article notes that many people are concerned about law enforcement uses of ITS information; ITS America feels that such use is inevitable and simply wishes the public to be informed of this fact -- they wish to focus on knowing "what the rules are" rather than on actual privacy. The tragedy is that it is completely unnecessary for these systems to collect information that identifies individuals. Profound violations of individual privacy are not the price of progress. Rather, they are the price of using old-fashioned technology, neglecting innovations such as public-key cryptography and digital cash that protect privacy without sacrificing functionality. Phil Agre, UCSD ------------------------------ From: "Prof. L. P. Levine" Date: 29 Dec 1994 10:50:22 -0600 (CST) Subject: Info on CPD [unchanged since 12/29/94] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the SUBJECT: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Older archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V6 #024 ****************************** .