Date: Sat, 01 Apr 95 09:54:31 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V6#033 Computer Privacy Digest Sat, 01 Apr 95 Volume 6 : Issue: 033 Today's Topics: Moderator: Leonard P. Levine Re: Proving your Citizenship Re: Big Modem is Watching Re: Is Reading E-Mail Legal? Re: Abolishing the IRS Re: Abolishing the IRS Relationship of Exon/Gorton to Privacy Censorship & Kiddie Porn Bank Withdrawal Information Re: Can My Neighbor Peruse my Medical Records? Sears, Visa & Privacy Journalist's Query on Workplace Surveillance Info on CPD [unchanged since 12/29/94] ---------------------------------------------------------------------- From: pnk@dlep1.itg.ti.com (Pete Karculias) Date: 30 Mar 1995 23:31:09 GMT Subject: Re: Proving your Citizenship Organization: Texas Instruments msmithn@129.174.1.13 says... I was born in Puerto Rico, a U.S. commonwealth whose citizens are U.S citizens, to U.S. citizen parents who were in the U.S. military assigned at a U.S. military base in Puerto Rico. That wasn't good enough to prove my citizenship at a SSN office. Of course people born abroad who have at least one US citizen parent are US citizens. But you have to _prove_ the facts. The easiest way is to file a report of a birth abroad with the nearest US consulate. This provides the necessary documentation to satisfy the buearucrats. My son was born in the Philippines while I was stationed there. He used the US passport he was issued as an infant for routine stuff until he wanted to join the Peace Corps. They required original documentation. The consular report was filed away somewhere, but they found it promptly. Lesson: If you have a child born abroad, be sure to report it to the US Consular office. The birth certificate is not sufficient to prove citizenship. -- _____________________________________ Pete Karculias pnk@dlep1.itg.ti.com ------------------------------ From: Shawn Leard <71370.2551@compuserve.com> Date: 30 Mar 95 17:47:00 EST Subject: Re: Big Modem is Watching does anybody know of software for DOS or Windows that would limit access to sub directories (via prior configuration), and notify the user if restrictions are violated by the currently running program(s), like some of the anti-virus software does? Note that read and write violations need to be reported, and that we are not trying to guard against (extremely) malicious software like viruses. There is a security program I use called WatchDog by Fisher International that will perform a lot of tasks like what you are interested in while in the back ground and on the fly. You could for example encrypt every directory with a different password and whenever you want to access said directory you must log-in first. So as if one of the on-line providers tried to read any private data they would only be able to do this only if they log-in and knew the password or you stayed logged into it when you went on-line. Also WatchDog has an audit trail to record everything. -- Shawn Leard ------------------------------ From: Jim Cooper Date: 31 Mar 1995 02:37:38 -0500 Subject: Re: Is Reading E-Mail Legal? Organization: Mordor International BBS eck@panix.com (Mark Eckenwiler) wrote: ahoffman@li.net sez: Can someone give me a definitive authoritative answer regarding the exact status of if it is legal for system admins to read mail. Is e-mail covered in any law such as the electronic communicatiosn privacy act or the omni-bus crime bill? (I'm specifially referring to Internet providers). The current Communications "Decency" law which just passed the Senate and was sponsored by Sen. Exon would REQUIRE service providers to monitor EVERY email and article to guarantee that none of them violated Big Bro's sense of "decency"... -- Jim Cooper w2jc@ritz.mordor.com w2jc@dorsai.org ********************** "The part that frightens the hell out of me is the goverment deciding where technology goes." - Senator Patrick Leahy, on the FBI's proposed Digital Telephony surveillance legislation, in "Proposed wiretap law set off debate over Justice role", Kevin Power, _Government_Computer_News, Apr. 10, 1994 ******************************************************************* ------------------------------ From: Leonard A DiMenna Date: 30 Mar 1995 21:48:22 -0500 (EST) Subject: Re: Abolishing the IRS With Reguards to letting the state goverments collect taxes for the IRS, there are some state goverments that can't balance their own budjets. How can you give them the responsiblity to collect money that's not theirs? I believe that by giving the states more to do, its one more thing that can go wrong. It ends up costing the state tax payers more money. ------------------------------ From: horowitz@nosc.mil (Alan M. Horowitz) Date: 31 Mar 1995 22:59:40 GMT Subject: Re: Abolishing the IRS Organization: NCCOSC RDT&E Division, San Diego, CA There was a US Supreme Court decision which directly addressed this point. The Sixteenth Amendment isn't the authorizing action for the US federal income "tax", because it *isn't* a _tax_. It's an Excise. Taxes are laid against things. That is to say, if you spend the money and no longer have it, they can't tax you for it. Excises are laid against actions. In this case, the action of receiving the income. Even if you spend it, you still had gone through the receipt of it. That is what is being assessed. This is settled law. ------------------------------ From: /DD.ID=OVMAIL1.WZR014/G=DANIEL/S=STICKA/@EDS.DIAMONDNET.sprint.com Date: 31 Mar 1995 09:15:16 -0500 Subject: Relationship of Exon/Gorton to Privacy A lot of time has been spent in this digest discussing the Exon/Gorton ammendment and the Communications Decency Act. I agree that this is an important issue of freedom of speech, censorship, etc., but what does it have to do with privacy? The letter from the ACLU seemed a bit outside the charter of this discussion group. -- Dan Sticka OVMAIL1.WZR014@EDS.COM ------------------------------ From: cpsr-global@Sunnyside.COM Date: 31 Mar 1995 02:02:30 -0800 Subject: Censorship & Kiddie Porn Taken from CPSR-GLOBAL Digest 118 From: srm@c2.org (Richard Mateosian) Date: 30 Mar 1995 11:53:08 -0600 Subject: Censorship & kiddie porn Emotional harm? Suppose Johnny chances on a bit of photographic kiddieporn. He may be startled, intrigued, amused or disgusted -- but I think it most unlikely (despite all contemporary hysteria and myth) that he will suffer emotional harm. As I understand the kiddie porn argument, the harm to children comes from being used in the production of the stuff, not from viewing it. The calls for censorship of the net are ostensibly aimed at attacking the problem from the demand end, thereby removing the suppliers' incentive to abuse more children. I heard Phil Zimmermann accepting an award last night at the CFP. He said that the kiddie porn issue had become the new red baiting. He found it a measure of the success of the tactic that he had to begin his advocacy of personal privacy and cryptography by saying "Of course, I'm against child pornography." ...RM ------------------------------ From: ahipc1j.dpeer01@eds.com (Don Peer) Date: 31 Mar 1995 15:23:45 GMT Subject: Bank Withdrawal Information Organization: Electronic Data Systems A story in the St. Paul Pioneer Press (3/30/95) (I believe it was from the AP) told of how banks sell the names of recent depositors to investment companies. Main points: - Legal in most states. - Large deposits will trigger your name to be sold to investment houses. - Approaching rollover of 401K will also trigger your name to be released. The article suggests the best way to combat the problem is to write a letter to your bank asking that info not be released. Editorial: As usual, the default is wrong. Banks should not be selling your personal info without express written permission from you. ------------------------------ From: donwil@BIX.com (Don Wilson) Date: 31 Mar 1995 01:37:31 Subject: Re: Can My Neighbor Peruse my Medical Records? Organization: Don Wilson "conducted a survey of Fortune 500 companies and found that half of them had used medical records to make hiring decisions, often without informing the potential employee." How does the company acquire the medical records if the potential employee has not given permission for the release of the medical records? -- Don Wilson ------------------------------ From: Sarah Holland <70620.1425@compuserve.com> Date: 31 Mar 95 20:12:05 EST Subject: Sears, Visa & Privacy I drove into the "big city" (Prince George, British Columbia, Canada) yesterday to do some shopping. Along with a number of books and dog treats, I also bought a shirt at Sears, which I paid for with my visa card. When I was snipping the tags off of it today, I noticed that it still had its security tag on it -- a little thingie that warned that improper removal would cause a permanent ink stain. I thought I'd stop by the local Sears catalog outlet and see if they could remove it. The clerk couldn't remove it, and after I mentioned that I really didn't think much of driving 4 hours to have it removed (her first suggestion), she called the store to see if they could make any suggestions. They said they could send another one out, and I could return this one at the catalog outlet. She asked to see my receipt, I gave it to her, and she started reading off numbers on it to the person she had on the phone. After giving several different numbers, she then started on a number that sounded very familiar -- my Visa number! There were several kids in the store filling out a credit card application, and I decided I wouldn't say anything just then because it may not be obvious that it was a credit card number -- at least until she got to the end 4 numbers, 0795, and said "oh, 07 95 must be the expiry date." Immediately after, she asked me for my name. After the other customers left, I asked her if she'd realized that she'd just read off my visa number, expiry date, and name, and she said that yes, she did realize that -- giving me a puzzled look. I explained further that this meant that anyone who remembered that could use my credit card, and she said that that was unlikely, because the people who had been in the store didn't look very intelligent, and remembering all those numbers would be hard. Somehow, I don't think that security measures of hoping everyone in the store seems unintelligent are *really* that effective... -- Sarah Holland ------------------------------ From: NEWI32D@prodigy.com (Mark Frankel) Date: 01 Apr 1995 05:43:17 GMT Subject: Journalist's Query on Workplace Surveillance Organization: Prodigy Services Company 1-800-PRODIGY I am researching a magazine article for an American mass-market publication about the rising number of U.S. companies that are finding reasons and ways to electronically monitor their employees while on the job. If you have personal knowledge or experience of being on the receiving end of on-the-job surveillance--whether video, audio or computer-based-- by your employer AND the incident occured in the New York metropolitan area, please e-mail me directly. Please include a brief summary of what happened to you. If it sounds appropriate, I'll message you back with a request for more info. -- Mark F. Newi32D@prodigy.com ------------------------------ From: "Prof. L. P. Levine" Date: 29 Dec 1994 10:50:22 -0600 (CST) Subject: Info on CPD [unchanged since 12/29/94] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the SUBJECT: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Older archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V6 #033 ****************************** .