Date: Fri, 11 Aug 95 10:00:58 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V7#012 Computer Privacy Digest Fri, 11 Aug 95 Volume 7 : Issue: 012 Today's Topics: Moderator: Leonard P. Levine Re: Caller-ID Info RE: Caller ID Blocking RE: Caller ID Blocking Re: Phone Won't Stop Ringing? Web Access and Mailing Lists Request for Data/Info for Technology-scan Research Re: Information Collection at Sears Re: Warning on Using Win95 BBS Users File Class Action Lawsuit Info on CPD [unchanged since 08/01/95] ---------------------------------------------------------------------- From: Jon Miller Date: 09 Aug 1995 00:21:34 -0600 (MDT) Subject: Re: Caller-ID Info Caller-ID is the system by which the Calling Party's Number (CPN) is transmitted through the various exchanges by means of a modern switching system (Chaneling Signal System 7 aka SS7). To block the receipt and decoding of the CPN at the terminating end, either per-line blocking by request or per-call blocking (*67) provides a privacy indicator (perhaps like a 'bit') that disables the final display. Recently after balancing individual privacy interests (the right to speak and remain anonymous) versus the right to know who is calling (the right to listen and know who is speaking) the FCC decided to permit simultaneous implementation of Caller-ID and call blocking across interstate lines. Those most interested in the development of Caller-ID are the businesses whose services such as mail order sales, customer service, etc would be directly benefited. However there are many to whom the invasion of the expectations of privacy could be uncomfortable, unprofitable or even dangerous. How about a battered spouse providing contact with a minor while in hiding to the battering spouse? I am considering the possibilities of a class-action concerning these issues. Please feel free to contact me: -- Jon Miller, Esq. Martin & Mehaffy, LLC 1655 Walnut St., Ste 300 Boulder, CO 80302 voice: (303) 442-3375 fax: (303) 444-8398 email: jonmillr@csn.org ------------------------------ From: Lynne Gregg Date: 08 Aug 95 14:35:00 PDT Subject: RE: Caller ID Blocking Jim Molini posted: I wouldn't count on special prefixes working to block caller ID from your end unless my phone company was willing to put it in writing. It may also not stop 800 numbers that record calling numbers. It's true. ANI or the number transported on an 800 number call is *NOT* blockable. Calling Party Number (CPN) is different and is used in Caller ID delivery. CPN *is* blockable. As Jim noted, Anonymous Call Rejection service and consumer practices of not answering blocked calls can interfere with completion of the call. -- Regards, Lynne Gregg ------------------------------ From: ranck@joesbar.cc.vt.edu () Date: 09 Aug 1995 23:10:13 GMT Subject: RE: Caller ID Blocking Organization: Virginia Tech, Blacksburg, Virginia jmolini@inetcom.net wrote: Is there any reason why you don't just call the phone company and have your number removed from the system entirely. I did this in Houston. Very nice. The only trouble is, this option is not available evrywhere. It varies from state to state dpending on what the local BOC could talk the PUC into. By the way, there is another problem with the *67 sequence in many locations. If you happen to have a caller-id block on your line the *67 toggles it off. In other words, using *67 on a line that does not normally give caller-id will make it give caller-id for that call. -- Bill Ranck ------------------------------ From: Menkus@DOCKMASTER.NCSC.MIL Date: 08 Aug 95 14:54 EDT Subject: Re: Phone Won't Stop Ringing? Your issue today carries a forwarded item about Ribrock TN. (Despite my email address, I am in the extreme SE corner of TN.) I have lived in TN off and on since 1952. I think that I know it very well, but I never have heard of Ribrock. I have checked the official State Government map and there is no indication of it. I like the story, but its credibility is weakned by the difficulty in verifying its location. I mean no offense by raising this issue. Do well. -- BELDEN MENKUS menkus@dockmaster.ncsc.mil POB 129, Hillsboro TN 37342 (615) 728-2421 [moderator: Mr. Menkus is right. The story probably is not true although many of us would like to do as she did. In fact however, she did far more damage to other lives than anyone did to her, the greatest number of which were not responsible for the phone mixup. Makes a great story though.] ------------------------------ From: gmcgath@condes.MV.COM (Gary McGath) Date: 09 Aug 1995 10:49:42 GMT Subject: Web Access and Mailing Lists Organization: Conceptual Design In accessing the MacTech Magazine WWW site, I was surprised to discover that its statement of "Terms and Conditions" includes the following: You understand and agree that, unless you notify MacTech to the contrary by calling 805-494-9797, MacTech may publish your name and other consumer information in one or more directories which may be accessed by other Internet users; in addition, unless you notify MacTech to the contrary as provided above, MacTech may make such information available to third parties from time to time. Using a log of people accessing one's Web page to build a mailing list, particularly one which will be made available to third parties, is a practice I haven't heard of before, and strikes me as distinctly annoying. Does anyone know of other sites that do this? -- Gary McGath gmcgath@condes.mv.com PGP Fingerprint: 3E B3 62 C8 F8 9E E9 3A 67 E7 71 99 71 BD FA 29 ------------------------------ From: "Jurgen Gielen" Date: 09 Aug 1995 13:01:30 +0100 (CET) Subject: Request for Data/Info for Technology-scan Research I'm Jurgen Gielen, a student at the University of technology at Eindhoven (the Netherlands). I'm doing an research on (information)technology with a high privacy impact. For this research I'm doing a technology-scan. This means that I'm searching for (new) technologies or (new) applications which are or can be a treat to one's privacy. Some topics I'm investigating on are multimedia, cordless telephone's, direct marketing and registrations, PC\TV and more. I want to compile some sort of list in which I enumerate the technologies and applications and their threats. If you have something interesting for me like articles, research reports or places/magazines where I might find inter- esting stuff, please e-mail me at my number: J.P.J.Gielen@stud.tue.nl and I will be grateful to you. At the end of this year I will send a summery of my report to this forum. -- Jurgen Gielen ------------------------------ From: ferguson@dma.org (Frank C. Ferguson) Date: 11 Aug 1995 13:58:58 GMT Subject: Re: Information Collection at Sears Organization: Dayton Microcomputer Association; Dayton OH donath@hweng.syr.ge.com wrote: One thing I've wondered about at Sears is signing for a charge card. When signing, they electronically capture the signature by using a stylist and signing on a special tablet. How secure are these signatures? No signature on paper is secure either. It can be scanned into a computer. I guess we should lock ourselfs into a room and never come out into the cruel, hostile, criminal world. ------------------------------ From: "Prof. L. P. Levine" Date: 10 Aug 1995 17:17:51 -0500 (CDT) Subject: Re: Warning on Using Win95 Organization: University of Wisconsin-Milwaukee Taken from RISKS-LIST: Risks-Forum Digest Thursday 10 August 1995 Volume 17 : Issue 24 From: bradsi@microsoft.com (Brad Silverberg, Sr VP Microsoft Corp) Date: 05 Aug 95 15:31:00 PDT Subject: Re: Warning on Using Win95 (RISKS-17.21) The FACTS: These stories are NOT TRUE. 1. A user may choose to register by the paper card, electronically, or not at all. It is completely the user's choice. The online registration application is an electronic version of the paper registration card that traditionally comes with all Microsoft products. The intent is to offer customers a convenient and helpful way to register. The registration application must be explicitly run by the user and the user supplies, completely on a voluntary basis, similar information that he would with the paper registration card. When the user runs the app, it asks for the typical information, such as name, address, company, as well as system configuration info for that PC (things such as type of CPU, RAM, hard disk space, etc.) and what products the user may have installed. This is done only with the user's consent and not required to complete the registration. There is no default answer to the question of whether to include the system information or not: it requires an explicit Yes by the user. What's more, if the user says No to the system info, then the app does not even bother asking about the product info (and doesn't send it); if the user says Yes to the system info, then the user is led to the product info screen and has to explicitly say Yes to it too. The app does not send any user info that the user is not aware of and not explicitly agreed to. In particular, the app does not send any files such as config.sys, autoexec.bat, or the registry -- just the info that was on the screen and that the user said Yes to. Nor does the registration application look out on the network. It only looks at the PC the app is being run on. 2. MSN is involved with the registration application only in that it uses the MSN transport to upload the registration information. You don't have to be an MSN member to register, and once you register you are not an MSN member. 3. MSN does NOT transmit the user's directory structure or file names. MSN only uploads the version of the Win95 build and the language that is being used on the computer, and any other user initiated information, such as BBS postings and email. MSN uploads the build and language info so that its on the fly upgrades are synched up with the version of Win95 on the PC being upgraded and in the right language. MSN is not uploading any other information about the user's PC or files. In addition, we have set up a section on our Windows web page for "clarifications" -- where we place our responses or position on topics such as press reports, rumors, etc. The web address is: http://www.microsoft.com/windows/pr/clarifications.htm. We've posted our FAQ on the regwiz rumor there (http://www.microsoft.com/windows/pr/regwq&a.htm). Feel free to redistribute or point people to it. Thanks! [My sincere apologies to Microsoft, and to Paul Saffo who was a completely innocent bystander. He did not write the piece in RISKS-17.21, and I should either have not run it or else run it without his identity, because he did not submit it to RISKS. Thanks to Brad for making the effort to clarify the issues. I always greatly appreciate first-hand accounts in RISKS. PGN] [The FAQ is too long for RISKS, but is available for anonymous FTP in RISKS-17.24msfaq . PGN] ------------------------------ From: "Prof. L. P. Levine" Date: 10 Aug 1995 08:59:19 -0500 (CDT) Subject: BBS Users File Class Action Lawsuit Organization: University of Wisconsin-Milwaukee Taken from the Computer underground Digest Wed Aug 9, 1995 Volume 7 : Issue 66 ISSN 1004-042X From: john.bailey@CCCBBS.CINCINNATI.OH.US(JOHN BAILEY)(by way of Date: 08 Aug 1995 20:15:27 -0400 Subject: File 1--CINCINNATI ELECTRONIC BULLETIN BOARD SYSTEM USERS - - - - - - - - - P R E S S R E L E A S E - - - - - - - - For IMMEDIATE Release 8/7/95 Contact: Scott T. Greenwood Peter D. Kennedy 513/684-0101 Computer Users Fight Back: CINCINNATI ELECTRONIC BULLETIN BOARD SYSTEM USERS FILE CLASS ACTION LAWSUIT AGAINST SHERIFF SIMON LEIS Seven subscribers to a Cincinnati electronic bulletin board system filed a class action lawsuit today in federal court against Sheriff Simon L Leis, Jr., and other law enforcement officials. On June 16, 1995, members of the Hamilton County Computer Crimes Task Force raided the offices of the Cincinnati Computer Connection BBS and seized the entire computer system, including all the private electronic mail of the subscribers. This is the first user class action challenging a government seizure of computer material. According to the search warrant used to justify the raid, the Task Force was seeking 45 computer image files on a system that contained hundreds of thousands of public and private messages. The seven subscribers represent a class of thousands of users of the Cincinnati Computer Connection electronic bulletin board. The lead plaintiff is Steve Guest, a 36-year old computer system analyst who runs his own business, in large part using the Cincinnati Computer Connection BBS. Other plaintiffs include Denise and Ben Kelley, active bulletin board users and grandparents of seven; Nelda Sturgill, a registered nurse who used the bulletin board to keep up with medical news and to swap recipes; and Randy Bowling, who suffers from a speech impediment caused by a head injury, who used CCC BBS as his primary way to communicate and to study computer science. "The faces of the CCC subscribers were the faces of Greater Cincinnati - working men and women, retirees, mothers, fathers, grandparents and children, Republicans, Democrats and Independents," the lawsuit alleges. The users of the system claim that the wholesale seizure of the computer bulletin board system violated their constitutional right to free speech and association and that the seizure of their private e-mail violated their right to privacy and federal law. "The Task Force used a drift net to troll for a tiny amount of supposed 'computer porn,'" said Cincinnati civil rights lawyer Scott T. Greenwood, who represents the plaintiffs. "In the process, they netted an enormous amount of entirely irrelevant material, and shut down a constitutionally-protected forum for speech and association." "We believe that the law prohibits the indiscriminate seizure of private electronic communications," said Peter D. Kennedy, an Austin, Texas attorney who also represents the plaintiffs, and who represented Steve Jackson Games when that company sued the U.S. Secret Service for illegally seizing its electronic bulletin board system in 1990. "It is a fundamental principle of law that, even during legitimate investigations, the government must limit its searches and seizures to things related to the crime under investigation. Here, the Task Force took everything, including thousands of innocent persons' private mail and public notices." Greenwood added, "Whether the sheriff and the computer 'net police' like it or not, the Bill of Rights is not optional just because they don't like it or understand it. Shutting down a computer system and seizing people's private communications makes a mockery of the First Amendment." The lawsuit claims that Sheriff Leis and the Task Force violated the First Amendment, the Fourth Amendment, several provisions of the federal Electronic Communications Privacy Act of 1986, and Ohio common law privacy rights, and seeks actual damages, statutory damages, and punitive damages on behalf of the seven plaintiffs and the entire class. For further information, contact: Scott T. Greenwood Peter D. Kennedy Greenwood & Associates George, Donaldson & Ford LLP 2301 Carew Tower, 441 Vine St 114 W. 7th Street, Suite 1000 Cincinnati, Ohio 45202 Austin, Texas 78701 (513) 684-0101 (512) 495-1400 stgrnwd@iac.net pkennedy@io.com ------------------------------ Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send a one-line message: SUB CUDIGEST your name Send it to LISTSERV@VMD.CSO.UIUC.EDU The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CUDIGEST Send it to LISTSERV@VMD.CSO.UIUC.EDU (NOTE: The address you unsub must correspond to your From: line) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu:80/~cudigest/ ------------------------------ From: "Prof. L. P. Levine" Date: 11 Aug 1995 09:39:43 -0500 (CDT) Subject: Info on CPD [unchanged since 08/01/95] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the SUBJECT: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V7 #012 ****************************** .