Date: Fri, 15 Sep 95 17:44:35 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V7#022 Computer Privacy Digest Fri, 15 Sep 95 Volume 7 : Issue: 022 Today's Topics: Moderator: Leonard P. Levine Re: 20/20 Security Camera Report WWW access records Concerns about BC "PharmaNet" Computer System Re: Grocery Purchases and my Privacy Re: Grocery Purchases and my Privacy Re: Grocery Purchases and my Privacy Re: Grocery Purchases and my Privacy Re: Grocery Purchases and my Privacy Re: Privacy Guard Re: Privacy Guard RSA Crypto Software on Web for Download and Evaluation AOL and the FBI Computers and the Law Conference Open Letter to Geoff Greiveldinger Info on CPD [unchanged since 08/01/95] ---------------------------------------------------------------------- From: WELKER@a1.vsdec.nl.nuwc.navy.mil Date: 12 Sep 1995 10:47:09 -0400 (EDT) Subject: Re: 20/20 Security Camera Report On September 8th ABC Television on its weekly 20/20 show produced a piece describing closed circuit TV cameras that are now being installed in England for public security purposes ... She compares the system with that in the US where most cameras are installed by private parties for business reasons but points out that one such camera provided a picture of what might well have been the truck used in the Oklahoma bombing ... It would seem to me that personal privacy interests might be protected by having a "grass roots" camera network, possibly organized by local neighborhood watch organizations. Thus the government is not in custody of the tapes, and individual volunteers can review them for useful info in response to police requests. Those worried about spying neighbors can deal with it on a case by case basis without having to fight city hall. I wonder how Watergate would've turned out if "Deep Throat" had been caught on a parking lot surveillance tape? Or the burglars, for that matter. ------------------------------ From: rseoeg@site33.ping.at (Moss-Jusefowytsch OEG) Date: 14 Sep 1995 20:38:00 +0100 Subject: WWW access records Records are kept of website access. This may lead to embarassing results. A post in alt.current-events.clinton.whitewater contains a copywritten letter from someone who maintains a Web site concerning Whitewater. Apparently people from White House computers were accessing his site and downloading his files, all of which showed up in his auditing records. He wrote a letter to the White House asking for clarification about their statement that they did not monitor anti-Clinton activity on the Internet. Two concerns here: government monitoring and web access records. Chris Mathews P.S. Sites involved were "Washington Weekly" (http://www.federal.com), "The Whitewater Scandal Home Page" (http://www.cs.dartmouth.edu/~crow/whitewater/) "Whitewater & Vince Foster" (http://www.cris.com/~dwheeler/n/whitewater/whitewater-index.html) www.federal.com apparently contains the specific letter, but, as I don't have web access, cannot confirm. [moderator: The following are some excerpts from this copyrighted letter. [...] Virginia M. Terzano White House Office of the Press Secretary The White House [...] It has come to my attention that several dissident sites on the World Wide Web have been visited by White House computers this week. Apparently, all information regarding Whitewater, Foster, and Mena has been transferred to White House computers. [...] have been visited by White House computers ist1.eop.gov, ist6.eop.gov, ist7.eop.gov, and gatekeeper.eop.gov between August 28 and August 31, and a total of 128 files have been transferred to those White House computers. For all sites, this constitutes a significant increase over previous access by White House computers. In light of this information, I have the following questions: (1) Does this constitute "casual browsing" by White House staff, or is it, in light of the considerable time and effort spent during regular business hours, part of a monitoring or intelligence operation? (2) For what purpose is the information transferred to the White House used? (3) Does the White House keep information from these web sites on file, and does the White House keep a file on the persons responsible for these web sites? (4) Is the April 9 statement by David Lytel of the White House Office of Science and Technology to Amy Bauer of Copley News Service that the administration does not monitor anti-Clinton activity on the web still operative? ] ------------------------------ From: klassen@sol.UVic.CA (Melvin Klassen) Date: 12 Sep 95 19:57:09 GMT Subject: Concerns about BC "PharmaNet" Computer System Organization: University of Victoria, Victoria B.C. CANADA In response to a newspaper editorial about the "PharmaNet" system in British Columbia, Canada, which is a computer system for cross-province tracking the distribution of prescription drugs, the following "letter to the editor" was written. It seems to allay the "security" and "privacy" issues raised in the editorial. Source: Victoria (BC, Canada) "Times-Colonist", September 10, 1995. Your Aug. 31 editorial ["The first question: Who wants to know?"] implies that pharmacists (we dismissed with the "druggist" label decades ago) now have easy access to "... open a PharmaNet file and find out if you're taking drugs for alcohol dependence". That just isn't true. Pharmacists have no more access to confidential patient-information that they ever had, and even that is very strictly controlled by legislation. Pharmacists have been dealing with extremely sensitive patient-information for as long as the profession has been around, and in B.C., there has never been a single complaint of that access being abused. PharmaNet makes that access even more restricted. With the new system, every patient-record inquiry is permanently recorded in the system. Your personal pharmacy records are available to you, through a request to the College of Pharmacists of British Columbia. If you want to know who has looked at your file, you can now easily find that out; all pharmacists know this. Also, as a result of the implementation of PharmaNet, the regulations have changed such that the misuse of patient-records is now considered professional misconduct, and if found guilty by the College, a pharmacist may lose his or her license to practice. In fact, no other health professional is subject to such extreme regulation and limitation with respect to access to patient-records. If, given all of these restrictions, you still feel that you want tighter control of access to your personal files, you now have the right to assign a "key word" to your own file. The use of the "key word" is not for the pharmacist, as you state, but rather for the patient. Once this is done, no pharmacist can look at your records unless you give them that "key word" in the course of getting your prescription filled. Robert John Kucheran, Executive Director, BCPA, Richmond, British Columbia, Canada. ------------------------------ From: Andrew_Hastings@transarc.com Date: 12 Sep 1995 17:34:42 EDT Subject: Re: Grocery Purchases and my Privacy Phil Kingery noted his concerns with a scanned check cashing card introduced by an Indianapolis-area supermarket. Giant Eagle supermarkets (which has the largest market share in the Pittsburgh area) has introduced a similar scanned check cashing card called the "Giant Eagle Advantage." To obtain a card, you fill out an application that requests your name, address, telephone number, and SSN. The card can be used as a check cashing card and video rental card at any participating Giant Eagle (many of which are franchises). In this week's advertising circular, Giant Eagle introduced a requirement that you present the card in order to receive discounted prices on any of the advertised specials. Without the card, you pay full price. Federal law prevents Giant Eagle from disclosing to third parties the names of the videos you rent. No law prevents Giant Eagle from disclosing information about your purchases. I had not applied for the Giant Eagle Advantage card for obvious reasons. I was dismayed to learn of Giant Eagle's tactics to encourage use of the card. The sad thing is that I'm sure most customers won't give it a second thought. -- Andrew Hastings ------------------------------ From: "Jongsma, Ken" Date: 12 Sep 95 17:18:00 MDT Subject: Re: Grocery Purchases and my Privacy [Author raises privacy concerns regarding store electronic check card] First, the store has always had this capability. They could have hired someone to do nothing but record the name on the check and cross correlate that with the transaction details. It has now become economic for them to do so. If you value your transaction privacy, you can always stop by an ATM and withdraw the cash you'll need to use at the store. Many stores have ATMs on premise. A local discount/grocery store did this some years back. (Those in the Midwest may be familiar with the Meijer chain.) They were using a flimsy plastic card with the name of the check cashier typed on the card. It also had a proprietary number that linked the card to a paper application file containing the bank and drivers license numbers. The registers were programmed with card numbers that were no longer acceptable. You didn't have to have one of these cards to cash a check, but it avoided the hassle of showing a drivers license and waiting for the clerk to record the number. A few years ago, the chain converted to a machine readable card with a twist. You could fill out a standard application and use the card just as a check card or you could also give them your bank name and account number and use the card as a debit card, good only at Meijer. Few if any stores in town accepted debit cards at the time, so this was a major change. For the first 6-12 months, the only debit card accepted was the Meijer card. Then they opened things up to allow the use of any local ATM card, negating the need for a Meijer unique card. In the check card mode, it really wasn't much different than the old card. Instead of having the clerk key your check card number into the register, you swiped the card in the card reader. The information requested was the same as before, the natural assumption being that the data was now online and could be correlated with the transaction. In the debit card mode, it worked just like an ATM card. The only difference being that Meijer could if they chose to, associate a name with an address and zipcode. As soon as they started accepting local ATM cards, I gave them back their proprietary card for the privacy concerns you cite. Since my name is recorded on my ATM card, I suppose they could still do some correlation if they wanted to, but I never worried about it that much to deal just in cash ------------------------------ From: hrick@gate.net (Rick Harrison) Date: 13 Sep 1995 09:52:28 -0400 Subject: Re: Grocery Purchases and my Privacy Organization: Cybergate, Inc. I do NOT believe, however, that they have the right to compile data on "what" I buy. I do not share your opinion. I feel that they _do_ have a right to compile this data. They own the store, for heaven's sake. I once managed a retail health food store with a very small clientele; I knew which days of the week and month would see the onslaught of the major bread-eaters and the largest vitamin purchasers, and I used this information to keep the right amount of inventory in the store at the right times. Did I violate a certain microbiotic customer's right to privacy by knowing that she came in to buy seaweed every other Thursday? Or did the information enable me to serve her better? If the grocery store that tracks your purchases later sends you coupons for items that you routinely buy, in order to encourage your continued patronage of their store as opposed to ther stores in the area, have you been harmed or helped? -- Rick Harrison (hrick@gate.net) P O Box 54-7014, Orlando FL 32854 USA ------------------------------ From: Jason Good Date: 15 Sep 1995 10:27:04 GMT Subject: Re: Grocery Purchases and my Privacy Organization: Dept of Computer Science, University of York In the UK, the two major gorcery chains (Tesco and Sainsbury) have issued "loyalty" cards. These have no use for ID purposes, but are used to accumulate discounts and for mailing promotional vouchers. These are being used in connection with traditional supermarket customer analysis techniques (cctv, product tracking etc) to monitor buying patterns, see the effectiveness of particular campaigns, etc. All purchases are itemized from barcodes, and presumably stored to build the kind of profile Phil Kingery mentioned. A recent mailing from Tesco said something to the effect 'if you have special dietary needs, such as being a vegetarian, let us know by phoning this number and we'll ensure you aren't sent inappropriate vouchers'. So, the stores have my purchasing details, know what credit/debit cards I use to pay with, and have my postal code. Thus they have at least as accurate a profile of my lifestyle as any other institution. I am sure that their major reason for harvesting this data is for inventory planning and pricing, but I have no idea what other uses this data may be put to. Given the strong cashflow these stores have, I suspect it won't be long before this card turns into a food charge card, and if the stores are thinking along these lines they will also be in a position to sell this data as credit reference material. And most people seem to think these nice, kind stores are just trying to give us discounts... -- Jason Good jason@minster.york.ac.uk http://dcpu1.cs.york.ac.uk:6666/jason/ HCI Group, Dept. of Computer Science, University of York, York, UK ------------------------------ From: Ellis Weinberger Date: 15 Sep 1995 15:38:42 GMT Subject: Re: Grocery Purchases and my Privacy Organization: University of London Computer Centre The answer is to pay cash. ------------------------------ From: Lane Lenard Date: 12 Sep 95 17:22:56 -0500 Subject: Re: Privacy Guard Albert S. Woodhull wrote: I received an ad for a 3 month introductory membership in a service called Privacy Guard, operated by a company called CUC International, a Delaware corporation with ossices in Stamford CT. It seemed like an interesting idea at the time, the company claims it can get credit reports, medical records, and motor vehicle records so you can determine whether there are errors in any of these. When I actually got the initial packet from the company I began to wonder[...] I had some similar reservations re: Privacy Guard, although it does provide a service to people who might not otherwise think about taking these steps, or not know how to go about taking them. What struck me, though, was that when I received my package of credit bureau info, it came in a large envelope that said something like, "Here's the private information you requested" in large print on the outside of the envelope. It seemed to me that raising an obvious red flag like this (as opposed to sending it in a plain brown envelope) was just asking for trouble from some unscrupulous individual who might see the envelope in a mailbox and be tempted to steal it. It seems that marketing needs have gotten the best of privacy concerns in this case. ------------------------------ From: daf1@cec.wustl.edu (Danyel A Fisher) Date: 13 Sep 1995 21:47:00 -0500 Subject: Re: Privacy Guard Organization: Washington University, St. Louis MO Regarding that letter from Hampshire college, regarding a service a guy was offered to "search down medical and official records to verify there are no errors on them." So, let me double check this: You _pay_them_ for the privelege of you signing away your rights to privacy on your medical records, Social Security records, credit reports, bank statements and whathaveyou. In exchange, they tell you that your name is spelled right on each form. STOP! DO NOT FILL ANYTHING OUT. It sounds like their membership is a genuine real thing service. They will, in fact, check that your name is spelled right (or whathaveyou) on each of these forms. They charge a fee to make it look like a service. On the other hand, they seem to be simply collecting large quantities of private data by asking consumers to sign away their right of privacy. Somehow, it seems like a scam. In fact, I can see _no_ merit whatsoever to this service as described; I can see a lot of danger to it. It is impressive that the "service" is so open about themselves.... I guess the obvious warnings are that - they send you the forms to fill out. What is to stop you from filling them out yourself, requesting your own records, and getting your own social security records, etc? - why does their service have "terms"? This should be a one-time check, from the way you described it. The auto-resubscribe seems like nothing more than a way to drain a few extra bucks off their gullible members. And remember, folks.... privacy remains the one right you can all-too-easily sign away.... -- Sometimes, you meet a person.| Danyel Fisher |To a pessimist, the world I am one of those people. | daf1@cec.wustl.edu |is full of happy surprises ------------------------------ From: RSA Secure Team Date: 09 Sep 1995 00:27:53 GMT Subject: RSA Crypto Software on Web for Download and Evaluation Organization: RSA Data Security, Inc. RSA Data Security, Inc. announces the availability of a free evaluation version of its new file protection software, RSA Secure(tm) for Windows. It can be downloaded from their World Wide Web site (http://www.rsa.com) or retrieved via anonymous FTP to ftp.rsa.com (/pub/crypto/eval/rsa_eval.exe). RSA Secure was named "Best Encryption Product" in the June 1995 InfoSecurity News Readers Trust Awards. Key features of RSA Secure include: (1) Full integration with the Windows File Manager; (2) Automatic encryption and/or decryption via the RSA AutoCrypt(tm) List; (3) Emergency Access(tm) to encrypted files; (4) Multiple trustees for Emergency Access. This version is designed for Windows 3.1 and Windows for Workgroups 3.1x. An evaluation version for Windows 95 is scheduled for release in early 1996, and a version for the Macintosh is scheduled for release in Q4'95. For further information, either visit the Web site or send email to rsasecure@rsa.com. ------------------------------ From: rseoeg@site33.ping.at (Moss-Jusefowytsch OEG) Date: 15 Sep 1995 22:47:00 +0100 Subject: AOL and the FBI Apparently America Online monitors private e-mail and passes information on to the FBI. This is a copy of telecom15.383.1@eecs.nwu.edu, written by the moderator of comp.dcom.telecom Chris Mathews The FBI made dozens of arrests and searched 120 homes and personal computers on Wednesday as part of an investigation into child pornography on America OnLine. Management of America OnLine has, over a two year period, supplied the FBI with the names and addresses of users 'suspected' of 'being involved in' child pornography and/or arranging sex with children. The raids on Wednesday marked the first time federal agents were called upon by an online service to investigate the behavior of their subscribers in private chat rooms. Attorney General Janet Reno spoke in support of the actions of America OnLine and FBI agents, noting, "We are not going to permit exciting new technology to be misused to exploit and injure children." The raids were conducted throughout the day Wednesday in 57 of the 94 FBI districts in the United States. They were mostly concentrated on the east coast, however arrests and confiscation of computer equipment took place all over the country in such diverse cities as Miami, New York, Dallas and Trenton, NJ. Carlos Fernandez, an FBI spokesperson in Washington, DC said that 'quite a few more arrests are expected in the next several days' and that the Bureau would wait until those arrests had been effected before discussing the case in detail. Pam McGraw, a spokesperson for America OnLine, based in Viennna, VA admitted that the company monitored email and private conversations seeking out persons who use their network to transmit pornographic material. She said they always provide the FBI with the names of users suspected of involvement in child pornography. Ms. McGraw also discussed an online 'neighborhood watch' program in effect on AOL where users are encouraged to oberve each other's activities and report on them to management of the online service. Although child pornography certainly is not allowed in public areas of AOL, according to Ms. McGraw it 'usually is transmitted in email between users, or in private chat rooms'. She did not indicate how AOL's interception of email for the purpose of examining it for 'pornography' or their monitoring of private conversations between subscribers could be reconciled with various privacy laws, apparently because it can't be. FBI spokesperson Fernandez said the federal investigation of AOL users showed that child pornographers are turning to online networks 'more and more' to lure curious children. He said, "the utilization of online services and bulletin board systems is rapidly becoming one of most prevalent tech- niques for individuals to create and share pornogrpahic pictures of children as well as to identify and recruit children into sexually illicit relation- ships." Raids and arrests of other AOL subscribers 'suspected of being involved in child pornography' will continue over the next few days until all the user-suspects have been located. I don't know about you, but I'm going to purge all the AOL sofware from my computer today. Child porn does not interest me in the least, but having AOL scanning my mail and checking up on my in private conversations with other users there is of great concern. It is hard for me to imagine how any online service could violate the trust of their users in this way, by getting into their email and personal files, regardless of the intentions. We have known for some time that AOL was 'cooperating' with federal agents in their investigation of child pornography, but until the massive raids and arrests commenced on Wednesday followed by AOL's admission that the 'evidence' was found in email and private chat, we did not know the extent to which AOL was abusing their subscribers in the process of cooperating. PAT ------------------------------ From: sales@sug.org (Charles Sumner) Date: 12 Sep 1995 22:15:03 GMT Subject: Computers and the Law Conference Organization: Sun User Group Contact: Charles Sumner Sun User Group (617) 232-0514 SUN USER GROUP CONFERENCE HELPS DEFINE CYBERCRIME Speakers from the FBI and the Electronic Frontier Foundation will be featured at the second annual "Computers & The Law" Conference, November 12-15, Tampa, Florida. This November 12 through 15, the Sun User Group will sponsor the second annual "Computers & The Law" symposium in Tampa, Florida. As computers and the Internet invade more and more corners of everyday life, the once distinct areas of technology, security, legislation, and law enforcement begin to collide -- often with disastrous results. In an effort to help members of these professions deal with a rapidly changing world, the Sun User Group founded the "Computers & The Law" conference. This year's conference is a unique forum in which members of these once diverse fields can meet to share experiences and ideas, and address the growing connections between their professions. Last year's symposium was critically acclaimed and this year's, with featured speakers from the FBI's Economic Espionage Unit and the Electronic Frontier Foundation, is expected to be even more successful. [... shortened by moderator ...] To register, or for more information on the conference or the Sun User Group, contact the Sun User Group via email at conference@sug.org, on the World Wide Web Page at http://sug.org, or by calling 617/232-0514. ------------------------------ From: "Prof. L. P. Levine" Date: 13 Sep 1995 08:01:58 -0500 (CDT) Subject: Open Letter to Geoff Greiveldinger Organization: University of Wisconsin-Milwaukee Taken from RISKS-LIST: Risks-Forum Digest Tues 12 September 1995 Volume 17 : Issue 34 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Date: 08 Sep 1995 22:11:13 -0700 From: Carl Ellison Subject: Open letter to Geoff Greiveldinger, DoJ [key escrowed, export] NIST (the National Institute of Standards and Technology) held a two-day public meeting on 6-7 September, 1995 to discuss Software Key Escrow as a possible means of achieving export of cryptography. In the morning of 7 Sept, Goeff Greiveldinger of the Department of Justice gave a description of the kinds of crimes which DoJ wants to use wiretapping to solve. He closed this litany of lawbreaking with the assertion that software manufacturers don't want to provide products which allow such lawbreakers to keep their criminal evidence hidden from law enforcement. I'm sorry to disillusion you, Geoff, but I *do* want to make such systems. Would you have Ryder stop renting trucks because some terrorist decided to fill one with explosives and kill many innocent children? Would you have Americans stop making automobiles because bank robbers have been known to use cars for getaways? Would you have all new buildings constructed with FBI microphones in every wall because some criminals meet in private rooms in order to plan crimes? When an American company sweeps its conference room for bugs, finds some and destroys them, it doesn't matter whether those bugs were planted by industrial spies or the FBI. The company has a right to eliminate them. When that company ties two such conference rooms together by video-conference equipment and encrypts the line between them using strong link encryption, it is performing the same defensive operation in cyberspace. It is protecting itself from spies and it doesn't matter that the wiretaps it frustrates might be illegal ones by industrial spies or legal ones by the FBI. The right to attempt to achieve privacy is a long-standing one in this country and not one to allow to be lost. When I design and build systems for privacy for my customers, I am providing products for law-abiding, honest people. I am aware of criminals, of course. Criminals are the threats against whom I protect my customers. These criminals are usually not in the government but that doesn't mean that I believe I should offer my honest customers up for a strip-search in cyberspace. The law enforcement agencies of this free country have no right to expect blanket access to the ciphertext of citizens. It will take legislation to get that right and I will do everything in my power to keep such legislation from passing. Barring such legislation, I will make sure that honest American citizens have cryptography with which to attempt to maintain their privacy, even from the government. We have the right to attempt to keep a secret from government agencies and continuous demonstration of that right is an important part of this free country. On the other hand, I am sympathetic to law-enforcement officers. I have several friends in that business. I have asked my friends and acquaintances who do surveillance (2 IRS agents investigating organized crime for tax evasion; 2 undercover cops in Boston's highest drug neighborhood; 1 DEA agent in the midwest) if they ever encounter encrypted communications or files. They don't. Neither does anyone in their offices. Of course, even if they did it would remain so important to preserve our right to attempt to keep secrets from the government that their frustration would just have to be accepted. The fact that this isn't a real problem makes my decision that much easier. I am left with no moral qualms at all. In summary, criminals are so few that I will not design for them. I will not treat my vast majority of honest users as if they were criminals just because some criminal might someday use my product and frustrate you. ObRisk: We run the risk of losing our fundamental right to attempt to keep a secret from the government -- a practice we need to preserve in order to protect ourselves from criminals in cyberspace. There are powerful forces in the US government attempting to cajole us into giving up that right. [see http://www.clark.net/pub/cme/html/nist-ske.html for more on this subject] ------------------------------ From: "Prof. L. P. Levine" Date: 11 Aug 1995 09:39:43 -0500 (CDT) Subject: Info on CPD [unchanged since 08/01/95] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the SUBJECT: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V7 #022 ****************************** .