Date: Tue, 18 Apr 95 07:08:00 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V6#038 Computer Privacy Digest Tue, 18 Apr 95 Volume 6 : Issue: 038 Today's Topics: Moderator: Leonard P. Levine Re: Neighbor Peruses My Medical Records Re: Private Medical Records Available Online in Mass. Re: Abolishing the IRS The Memo Line Re: New PGP Enhanced Messaging on h.gp.cs.cmu.edu European Initiative Attention Sysops! Re: Who Reads This Group? Re: Internet Porn Censorship Info on CPD [unchanged since 12/29/94] ---------------------------------------------------------------------- From: bo774@freenet.carleton.ca (Kelly Bert Manning) Date: 13 Apr 1995 04:58:49 GMT Subject: Re: Neighbor Peruses My Medical Records Organization: The National Capital FreeNet In a previous posting, (Richard.Drumn@ncal.kaiperm.org) writes: As a condition of working at a medical center, many organizations have you sign a Confidentiality of Patient, Employee and Organizational Info form (I have enclosed a version). As an employee of a medical institution we are instructed that all interaction at the medical center are confidential -so if by chance you run into a friend while working at the medical center you are not to disclose to others that you saw that friend at the hospital. BC Privacy Commissioner David Flaherty says that we only has to read the paper in the morning, or listen to the radio, to find out what he'll be working on for the next few weeks. In BC, as in all other Canadian provinces, health care is a public matter(there are no private hospitals) and medical information is subject to provincial FOI/POP laws. This morning he would have learned about someone who bought a used filing cabinet bearing a Province of BC Seal(with asset number for inventory), only to discover that it contained hospital records for women, describing among other things, whether they'd had abortions, when, and how many. This follows a recent story about a Vancouver Gynecologist who sold filing cabinets he kept in the basement of his home in an upscale neighbourhood, telling the purchaser to remove the files and leave them stacked in his yard. They ended up blowing around the neighbourhood to the point where people started calling reporters. A few months before that someone called reporters after purchasing a back of used 8" floppy disks at a flea market and discovering that they contained the text of letters processed for a number of docters by a medical transcription service. There is also the story of the Bella Coola bonfire, in which the director of the medical clinic in a small coastal village told a clinic employee to destroy old clinic files. He took them to a beach, heaped them into a pile, set it on ablaze, and left. Beach fires are illegal, apart from being dangerous if left unattended, so the local volunteer fire department was called to hose it down, breaking up the boxes the files were in. After the tide went in and out a few times residents walking along the beach discovered each other's medical files along the high tide line. The director has lost her job, to some degree because of this incident. Commissioner Flaherty extracted a Privacy Code with the force of law from the Government and the BC College of Pharmacists as his price for giving assent to the proposed Pharmanet project, which would be a mandatory prescription registry. At a recent public meeting he stated that he feels that similar codes with the force of law should be set up for other bodies of medical professional. He has also repeated that despite his "acceptance" of the Pharmanet proposal 25% of BC residents surveyed about it are fundamentaly opposed to it and don't want to be part of the registry. It will be interesting to see if Pharmanet really does go ahead in the last few months of the term of an unpopular governing party(NDP) beset by controversy and scandal. Perhaps the 25% figure will become of more interest to NDP MLAs as the deadline for the next election approaches. ------------------------------ From: pes@reatta.camb.inmet.com (Paul Slonaker) Date: 13 Apr 1995 18:51:04 GMT Subject: Re: Private Medical Records Available Online in Mass. Organization: Intermetrics, Inc. pmcvay@interramp.com wrote: Mental Health professionals at Harvard Community Health Plan routinely put detailed psyciatric notes into patients' computerized medical records, making supposedly confidential information available to hundreds of physicians and staff members who work for the health maintenance organization. Cloy D. Tobola wrote: I'm sorry... I don't understand. Do you think that docs take their records home and hide them under the bed??? Nurses, transcriptionists, records clerks, lab techs, visiting nurses, pharmacists, peer review committees, physican therapists, hospital social workers, etc., etc., have ALWAYS had fairly unlimited access to records. The article uses the word "supposedly confidential," but is seems to me that the information is still confidential because it has not left the organization. I think that the key words are "detailed psychiatric notes", which in at least some cases meant a detailed accounting of what was said by the patient to a mental health practitioner. I think that it is reasonable to have a higher expectation of confidentiality for such conversations than for other medical information. If I were a patient in such a situation, and I knew that what I said might be accessed by others, I would be very careful of what I said -- which would counterproductive, to say the least. One specific case of misuse of these records that was cited in the article: a woman felt that her medical concerns were not being taken seriously by her doctor; on pressing the point with him, it came out that he had reviewed her mental health records and had decided that she was a hypochondriac! -- Paul Slonaker ------------------------------ From: "Henry C. Jones" Date: 13 Apr 1995 00:30:37 GMT Subject: Re: Abolishing the IRS Organization: uva You boys might want to look at alt.politics.libertarian, we are also in favor of abolishing the IRS in the name of persomal freedom. ------------------------------ From: "Prof. L. P. Levine" Date: 13 Apr 1995 11:13:35 -0500 (CDT) Subject: The Memo Line Organization: University of Wisconsin-Milwaukee An associate who wishes to remain anonymous sent me this quote researched from a five year old copyrighted news report in the American Banker: Fleet's Investment Account Links Banking to Portfolio Taken from the American Banker - November 8, 1990; Pg. 6; Vol. 155, No. 216 By Lauryn Franzoni, Special to the American Banker Beginning today, Fleet National Bank, Providence, R.I., will offer an integrated investment account that includes a consolidated monthly statement covering both banking and investment services. [snip] A simple research project led to development of the Galaxy Fund group. Several bank management trainees studied the memo lines on personal checks written by bank customers for more than $1,000. At least 70% of those drafts went for noninvestment purchases, such as mortgages and other loan payments. But 22% indicated movement of cash to investment organizations outside the bank. The study showed it was time for the bank to offer competitive products, said Fleet executive vice president Thomas N. Howe. [snip] Us privacy nuts will recognize that the study of the "memo" line of a check written by a private party on that party's Fleet Bank Account is a clear violation of the privacy of the check writer. He or she did not expect that bank officers or management trainees would read anything except the dollar amount and the account number of a submitted check. He or she expectat that they would additionally check only to see that the signature was valid. Bank officers looking to see what I had spent my money on is at best unethical and at worst illegal. I did not quote the entirety of this copyrighted article, but can assure you that nowhere in it is there any discussion of the ethics of the bank's action only a report that this procedure got a good return to the bank for its new type of account. -- Leonard P. Levine e-mail levine@cs.uwm.edu Professor, Computer Science Office 1-414-229-5170 University of Wisconsin-Milwaukee Fax 1-414-229-6958 Box 784, Milwaukee, WI 53201 PGP Public Key: finger llevine@blatz.cs.uwm.edu ------------------------------ From: msattler@jungle.com (Michael Sattler, San Francisco) Date: 16 Apr 1995 13:25:51 -0700 Subject: Re: New PGP Enhanced Messaging on h.gp.cs.cmu.edu Organization: Digital Jungle Consulting Services Rick Busdiecker wrote: PGP Enhanced Messaging (PEM) should not be confused with the Privacy Enhanced Mail standard (PEM). Your Director of Three-Letter Acronyms should be beaten *and* hung by the thumbs. There's just no excuse for this. -----------------------------------------------------------------------+ Michael Sattler San Francisco, California | Digital Jungle Consulting Services http://www.jungle.com/msattler/ | | Cypherpunks write code. Cypherpunks write books. | ------------------------------ From: "Prof. L. P. Levine" Date: 16 Apr 1995 17:26:02 -0500 (CDT) Subject: European Initiative Organization: University of Wisconsin-Milwaukee Taken from CPSR-GLOBAL Digest 131 Date: 15 Apr 1995 10:58:45 -0500 From: marsha-w@uiuc.edu (Marsha-W) From: FOIGUY@aol.com Subject: EUROPEAN INITIATIVE (@) EUROPEAN INITIATIVE COULD THREATEN U.S. RECORD ACCESS By Joel Campbell (please send email to campbell.307@osu.edu) A European Community initiative could have serious implications for future access to U.S. federal and state government records. Jane Kirtley, representing the Reporters Committee for Freedom of the Press, told a NFOIC conference session April 8 that federal and state governments may be forced to adopt policy similar to the EC's Data Protection Initiative if they wish to continue commerce that may involve "individually identifiable data." Under European policy, personal information, including directory-type information, can only be controlled by the subject. The rub is that European nations will require that nations and states provide similar protections where private information is involved in trade and commerce. Government agencies that store and release data may seek protections to help promote international trade. Kirtley said such protections have no precedence in American law. "The ship is already left the dock and we are on the dock waving at the ship," Kirtley warned. Add that prospect to the fact that more than ever before federal officials have been bitten by the "privacy bug." She gave a recent example of the U.S. Postal Service's closure of change-of-address information. While it received 300 letters, most of them opposing the closure, the agency said that the American public wanted their addresses protected. Citing another area of concern, Pusey warned about government's perception that Geographic Information Systems or GIS are profit centers and can be copyright protected. He said he found officials in Texas that have proposed such measures have "astonishing ignorance about the principles of public access." ------------------------------ From: "Prof. L. P. Levine" Date: 16 Apr 1995 17:28:57 -0500 (CDT) Subject: Attention Sysops! Organization: University of Wisconsin-Milwaukee Submitted by a friend, names and numbers have been changed to protect the innocent: I have been running ???? Bulletin Board since 4/21/89. In the beginning, I ran my BBS as a FREE system. As the years went on, I noticed more and more BBS's becoming subscription Bulletin Boards. The reason for this was evident: a) Increasing Costs b) Competition c) Commercial Online Services d) The Internet In March, 1994, I decided to start charging an access fee. I also decided to offer my customers a real easy way to pay. I offered them ????'s BankDraft Pay. The caller signs up for a monthly subscription fee, I get their checking account information and then take the money out of their checking account through the use of an automatic bank draft. It's easy! ???? Bulletin Board, inc. now is connected to the Internet, offering all of the same services as the major Commercial Online Services. We can do this because... we now receive steady monthly income from subscriptions. MY OFFER TO YOUR BBS ==================== Join ????'s BankDraft Pay and start receiving monthly income from your subscribers every week. It is easy! Call ???? Bulletin Board at ???-???-???? and login. Leave a message for the System Operator stating your interest in joining ????'s BankDraft Pay. I will contact you with full details about this great program! ------------------------------ From: sys_srr@afdsb.cca.rockwell.com (S. Rathinam) Date: 13 Apr 1995 16:19:32 GMT Subject: Re: Who Reads This Group? Organization: Rockwell International - Collins Divisions Robert Gellman writes: I have a question about CPD, which I have been reading now for a few weeks. I am curious about the circulation. How many people receive it and how has the circulation changed over time? If you are willing, you might post the answer in the next issue. [moderator: sure. There are just over 1000 people who get it mailed direct, like you do now, and an unknown number of people who read it from the newsgroup. ... This lets me brag that there are about 6000 total readers.] Quoting from the January 1995 Arbitron results: This is a revised set of data from the USENET readership report for Jan 95. It is based on the readership sample information in Brian Reid's report. I [[Franz]] have recomputed total readership to eliminate the statistical error Brian inserted this month. +-- Estimated total number of people who read the group, worldwide. | +-- Actual number of readers in sampled population | | +-- Propagation: how many sites receive this group at all | | | +-- Recent traffic (messages per month) | | | | +-- Recent traffic (megabytes per month) | | | | | +-- Crossposting percentage | | | | | | +-- Cost ratio: $US/month/rdr | | | | | | | +-- % of newsrders | | | | | | | | who read this group. V V V V V V V V 65628 263 73% 118 0.3 2% 0.01 0.40% comp.society.privacy The full report can be seen at http://www.cc.utah.edu/~bf6515/arbitron/jan95_long.html -- Sethu R Rathinam sys_srr%afds.cca.rockwell.com I am not a Rockwell spokesperson rathinam@netins.net ------------------------------ From: Kajae@aol.com Date: 13 Apr 1995 01:54:47 -0400 Subject: Re: Internet Porn Censorship R.N.M.Battel@uel.ac.uk writes: The use of the internet to disseminate pornography, hate-mail etc. interests me a lot, but I despair of the 'tramlines' the discussions going on - like discussing whether or not 'little Johnny' is going to be damaged by paedophile material [what about 'little Jane' in all this?]. [snip] A valid point. But like most things in life, the Internet also revolves around the principle of "the wheel that squeaks the loudest gets the most grease." Most of the people involved in those discussions are either members of various law-enforcement agencies, parents (both who know how the Net works and unfortunately those who don't) who are concerned about restricting access to this media from their children, and pro-privacy/free speech advocates who find a great deal of fault with how that restriction is to be brought about. Consequently, the only points made are the ones expounding the viewpoint of either one or the other of the participants. Those of us with another viewpoint will have to squeak louder. ;) As for "little Jane", while I for one don't dismiss the presence of females on the Internet, I do feel that they too are another faction that needs to make their presence more known if they want more netters to be sensitive to their viewpoints. Err, was there a particularly new direction you wanted this debate to take? For me a more central issue is the nature of the internet itself, and the hype surrounding it. It has been presented as a wonderful new medium for communication, bringing people and peoples together, a tool for radical contracts untramelled by boundaries, capable of turning the world into a global village, a limitless information superhighway for a brave new world of the future [cue orchestra and massed choirs in the background].. [snip] First, it is important to realize that the majority of the hype surrounding the internet is produced either by someone who doesn't use it extensively in some fashion, or by someone who stands to make a profit by having more people who don't use it begin to do so or do so more often. Those of us who dwell in cyberspace as a matter of course fully understand its capabilities and limitations. And what's the reality? That it's used for the same tired old abuses - porn, paedophilia, racism, homophobia - as all the other media. I'm not actually *surprised* that this has happened Nor should you be. Consider the fact that when television first started, you could get air time for less than a dollar an hour (don't try to quote that figure on Superbowl Sunday) and now the medium is monopolized by those few who have the monetary means to influence that particular medium. Back in the old days (like the early '80's) lots of people who cruised cyberspace did so by dialing up to their local BBS (usually for free) and the Usenet was by no means the diverse structure it is today. Now, with the advent of online commercial services such as Prodigy, Delphi, CompuServe, and AOL, we now have millions of people from all across the world interacting with each other in many various ways. And as it happens, some of those ways do happen to include sexually. Since commercial services are inclined to respond to what their paying customers want, the various hierarchies, forums, and web pages are carried. It's time we all faced it - for some strange reason, people just like sex... And just as print has Penthouse, television has The Playboy Channel, film has Deep Throat, and telephones have 1-976-LET-A-GUY-ACTING-LIKE-A-WOMAN-TAKE-YOUR-MONEY, so the internet has the alt.sex.* hierarchy, x-rated web pages, etc. Family groups and various governments have been attempting to crack down on pornography in the various other media unsuccessfully for decades, and now it's just become the internet's turn to get some overdue attention. Considering the overwhelming amount of ignorance they have previously displayed regarding the nature and worldwide structure of the internet, I expect them to be even less successful here than they were in their other endeavors. *HOWEVER*...mention spamming and suddenly it's the end of civilisation as we know it...[snip] Having a woman expose her body in an internationally publicized medium for monitary profit is considered by many to be doomsday's calling card. People tend to react strongly to whatever upsets their sensibilities (case in point). Consider this: Print is a medium that revolutionized communication, as is telecommunication and the various video media. But none of them changed peoples morals, values, or amount of respect for one another as human beings. It didn't even begin to teach them how. It merely presented society with the opportunity to do those things. The internet is no different. Funny, isn't it? Sure makes me wanna cry. Just my 5K's worth... ------------------------------------------------------------- Karl Jackson Kajae@aol.com "Here lies KJ's sig of the week It died well Clever, witty, and meek" ------------------------------------------------------------- ------------------------------ From: "Prof. L. P. Levine" Date: 29 Dec 1994 10:50:22 -0600 (CST) Subject: Info on CPD [unchanged since 12/29/94] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the SUBJECT: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Older archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V6 #038 ****************************** .