Date: Wed, 19 Jul 95 15:13:14 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V7#005 Computer Privacy Digest Wed, 19 Jul 95 Volume 7 : Issue: 005 Today's Topics: Moderator: Leonard P. Levine Common Carriers: Social Security Numbers Question about 'fingering...' Anonymous Reading of Public Timber-harvest Plans Re: Social Security Number Abuse by Employer Windows 95 Registration Wizard Info on CPD [unchanged since 12/29/94] ---------------------------------------------------------------------- From: Peter Marshall Date: 17 Jul 1995 09:27:06 -0700 Subject: Common Carriers: Social Security Numbers Organization: Eskimo North (206) For-Ever ---------- Forwarded message ---------- From: Ken Meyering Date: 16 Jul 1995 14:56:14 -0700 To: com-priv@psi.com Subject: COMMON CARRIERS: Social Security Numbers I'm sure that eventually, ISPs will be afforded common carrier status. Not only because its completely impractical to filter traffic, but also because the real "common carriers", the phone companies, will be providing Internet access. Eventually, Internet access will simply be what we used to consider "telephone service". Except, it will be "network access", and interactive. One thing that interests me about the phone companies is their insistence on credit information before delivering service. They request social security number, and do a credit check. I wouldn't be surprised if this becomes a common practice before providing internet access. If this becomes the case, then ISPs will have an "identity database" that identifies userid's by social security number (the same way phone numbers do today). In this case, prosecution of illegal activity will become a much simpler matter. Wouldn't it be horrible if you had to get a "license" to drive on the information highway? I wouldn't put it past the authorities to try. -- Ken Meyering immedia@netwest.com http://www.netwest.com/~immedia ------------------------------ From: grifter@dircon.co.uk (David Griffiths) Date: 17 Jul 1995 18:26:23 GMT Subject: Question about 'fingering...' Organization: The Direct Connection (Call 0181 297 2200 for info) Sorry if this is the wrong place to ask, but I have heard about a system called 'fingering', which I understand is a way of snooping across an individual's activities on the net. Can this be true? I would be very unhappy to think that somebody could be monitoring my every move. Thanks in advance. -- Dave Griffiths. (Grifter@dircon.co.uk) ------------------------------ From: jwarren@well.com (Jim Warren) Date: 18 Jul 1995 12:54:11 -0700 Subject: Anonymous Reading of Public Timber-harvest Plans This just in from a Sacramento hawkeye, re pending Californica legislation: Have you taken a look at SB 1283 (Lewis)? It requires the Dept of Forestry to keep names and addresses of those people who ask for copies of the timber harvest plans, which are public records. The list of names is then a public record and the timber companies can get the names of people who have accessed their THPs. -- Jim Warren, GovAccess list-owner/editor (jwarren@well.com) Advocate & columnist, MicroTimes, Government Technology, BoardWatch, etc. 345 Swett Rd., Woodside CA 94062; voice/415-851-7075; fax/<# upon request> [puffery: James Madison Freedom-of-Information Award, Soc. of Professional Journalists - Nor.Calif.(1994); Hugh Hefner First-Amendment Award, Playboy Foundation (1994); Pioneer Award, Electronic Frontier Foundation (its first year, 1992); founded Computers, Freedom & Privacy confs, InfoWorld, etc.] ------------------------------ From: sarig@teleport.com (Scott Arighi) Date: 19 Jul 1995 13:31:58 GMT Subject: Re: Social Security Number Abuse by Employer Organization: Teleport - Portland's Public Access (503) 220-1016 mccurley@cs.sandia.gov (Kevin S. McCurley) wrote: Can anyone supply me with information about how major corporations treat the social security number of their employees? My employer DOES NOT treat the SSN as private information, and has adopted policies that require me to divulge it to all sorts of people that are not contracturally bound to protect it's privacy. I realize that there are many avenues for people to get ahold of my number, but must I feel that [....] Although not a legal point, I found that my bank would allow *anyone* with my checking account no. and my SS. no. to find out my bank balance -- which I view as a rather private matter. Now use a password on the account in addition to the numbers. In your case, it sounds like any merchant (or friend or not so friend :-)) receiving a check from you could call your employer, get your SS no. and find out your bank balance. -- Scott ------------------------------ From: cpsr-global@Sunnyside.COM Date: 19 Jul 1995 01:17:47 -0700 Subject: Windows 95 Registration Wizard Taken from CPSR-GLOBAL Digest 200 From: stseng@ccgate.hac.com Note: Microsoft is coming under fire for releasing its new Windows software that "reads" the hard drive of the computer it is installed on. Windows '95 then sends the data from the PC back to the main Microsoft office. Here is Microsoft's version of what it is doing --Marsha *********************************************************** 1. Clarification: Microsoft Windows 95 On-line Registration Feature Preserves User Privacy REDMOND, Washington - May 30, 1995 Microsoft today responds to customer confusion with the on-line registration option of Windows 95. Microsoft reassures customers the on-line registration feature preserves user privacy. The confusion began last week when an industry publication incorrectly reported that the on-line registration option sent information on customers' computer systems to Microsoft without consent. This article, and several subsequent posts on the Internet, alleging the unauthorized query and sending of customer information, are not accurate. In fact, the on-line registration option is simply an electronic version of the paper-based registration card that will ship in the Windows 95 product box. Similar to many paper-based registration cards, on-line registration is completely optional and allows customers to provide their system information for product support and marketing purposes. The on-line registration option in Windows 95 provides a more convenient and accurate method for registering than the paper-based card that comes in the product box. This is because the information is gathered directly from the local computer rather than requiring the user to guess their system information, and then type it and send via a separate card. The on-line registration process uses three steps to register customers. Customers are asked to provide information such as Customer Name, Company Name, Address and Phone Number. Customers are then presented the option of providing information about their computer system's configuration. A screen displays a list of the computer system's configuration information - such as the processor type, amount of RAM and hard disk space, and hardware peripherals such as network card, CD-ROM drive, and sound card. This information is gathered by the registration program which queries the system registry of the local computer. Customers must review and explicitly choose to provide the information or it is not sent. Customers are then presented with a list of application programs that reside on the local computer and asked if they would like to provide this information as well. The list of products is gathered by the registration program which looks for a list of programs on the local hard disk. The user must again explicitly choose to provide this information as part of the registration process or it is not sent. Once the user chooses to send the information, the registration process is completed by sending the registration information to Microsoft. On-line registration uses the transport of the Microsoft Network to send the information. The customer does not have to be a Microsoft Network subscriber to register on-line, and once registered, the customer is not a Microsoft Network subscriber. Registering Windows 95 is a separate process from signing up for the Microsoft Network. Contrary to reports, the on-line registration feature does not query serial numbers or product registration information designed to fight software piracy. It also does not query computers on the local or wide-area network. For a list of the exact information gathered by on-line registration, the user can view the REGINFO.TXT file found in the C:\WINDOWS directory of the local computer. The on-line registration feature of Windows 95 is an option for customers that makes registering Windows 95 more accurate and convenient. Providing computer- specific configuration information is strictly up to the customer. The registration information helps Microsoft build better products, as well as offer customers better information on their programs and better product support. ----- End Included Message ----- ------------------------------ From: "Prof. L. P. Levine" Date: 29 Dec 1994 10:50:22 -0600 (CST) Subject: Info on CPD [unchanged since 12/29/94] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the SUBJECT: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Older archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V7 #005 ****************************** .