Date: Fri, 17 Nov 95 14:07:22 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V7#042 Computer Privacy Digest Fri, 17 Nov 95 Volume 7 : Issue: 042 Today's Topics: Moderator: Leonard P. Levine Re: Unsolicited email Advertising Re: Unsolicited email Advertising Re: Unsolicited email Advertising Re: Uncolicited email Advertising Re: Unsolicited email Advertising Re: S. 1360 - Medical Privacy Corporate Privacy Shop Re: Phone Number Privacy Survey About Privacy on the Internet Stopping Junk Mail Re: United Way uses SSN now Re: United Way uses SSN now Re: United Way uses SSN now Re: United Way uses SSN now Re: United Way uses SSN now Telemarketing Re: Company Network email Reading Re: Company Network email Reading Re: Copyright Notice Re: Copyright Notice Re: Copyright Notice Health Privacy Legislation - Part III Review of IITF Privacy Working Group White Paper Info on CPD [unchanged since 08/18/95] ---------------------------------------------------------------------- From: jeff@cher.heurikon.com (Jeffrey Mattox) Date: 15 Nov 1995 17:06:27 GMT Subject: Re: Unsolicited email Advertising Organization: Heurikon Corporation Would this work? Since most junk mailer routines probably grab the addresses from the header, what if you used a bogus Reply-To address and then included your real and correct email address in your signature? -- Jeffrey Mattox -- jeff@heurikon.com Cartoon of the day: http://www.heurikon.com ------------------------------ From: Seth Tager Date: 16 Nov 1995 11:59:20 -0500 Subject: Re: Unsolicited email Advertising Organization: Brown University Gary McGath wrote: A law which protects you from feeling annoyed would stomp on free communication. If sending unsolicited E-mail were a crime, then I could not use E-mail to contact an old friend whom I hadn't seen in years. Or if the law were that unsolicited E-mail is permitted with limitations on mailing list size and/or content, then it's guaranteed that as soon as someone sent out an alert against a deadly piece of legislation that some politician really wanted, that person would find his computer raided, his disks and laser printer seized, and himself threatened with prosecution. What's wrong with prohibiting people from sending mass mailings that are for direct commercial advantage? This wouldn't stop all spamming but it would cut down on the most annoying and egregious. I'm afraid that once people start to think of the web as a free advertising platform it will become a useless tool. -- Seth ------------------------------ From: peter@nmti.com (Peter da Silva) Date: 16 Nov 1995 18:35:38 GMT Subject: Re: Unsolicited email Advertising Organization: Network/development platform support, NMTI Gary McGath wrote: The number of people being annoyed does not convert annoyance into force or fraud; if it did, then one would have to accept the premise that a book or article which annoyed a sufficiently large number of readers could justifiably be censored. "Emotional harm" cannot be a justification for criminalization in a free society. How about theft? The annoyance factor of junk email is minimal. Yes, minimal. It's not even as annoying as telemarketers. It's not a privacy issue. It's not an "emotional harm" issue. It's a matter of simple theft of services. The problem with junk email is that it's not paid for by the sender. It's paid for by the recipient. It's like junk fax (consumes paper) or telemarketing calls to cellphones and 800 numbers, all of which are now illegal most places. It's legal to cold-call me at 7AM just as I get into the shower. It's not legal if I'm driving to work. Not because it's more or less annoying, but because it costs me money. But in any case it's got nothing to do with privacy, so it's off topic for this forum. -- Peter da Silva (NIC: PJD2) `-_-' 1601 Industrial Boulevard Bailey Network Management 'U` Sugar Land, TX 77487-5013 +1 713 274 5180 "Har du kramat din varg idag?" USA Bailey pays for my technical expertise. My opinions probably scare them ------------------------------ From: jcr@mcs.com (John C. Rivard) Date: 16 Nov 1995 15:11:48 -0600 Subject: Re: Uncolicited email Advertising Organization: very little gmcgath@condes.MV.COM (Gary McGath) wrote: If you regard first-time unsolicited E-mail as so heinous an assault on your person that you want to prosecute the person who did it, then you should at least take some reasonable precautions against letting your E-mail address be known to strangers. For example, just by posting to a newsgroup, you're letting many people know your address. Letting people know your email address is not the same as inviting them to send you unsolicited junk advertising. As an analogy, having your phone or fax number published in the paper phone book does not render this law unenforceable. The mania of today is that if somebody does something which we don't like, we look for a law to keep him from doing it. This has resulted in a society in which we are all criminals in more ways than we can know. I agree with a lot of what you say here, but I don't think it really applies in this case. This is not a "new" law, and I don't personally think that its application in this way is so novel--the law's purpose was to prevent people from unsolicited advertising using the RECEIVER'S resources at the RECIEVER'S expense. Have we reached the point where people can't deal with annoyance except by calling the cops? You can deal with many annoyances by only THREATENING to call the cops. I think that is the point and the strength of this and many other laws. -- John C. Rivard  Opinions expressed yadda yadda--you know the drill ------------------------------ From: haz1@kimbark.uchicago.edu (Bill) Date: 17 Nov 1995 16:03:26 GMT Subject: Re: Unsolicited email Advertising Organization: The University of Hell at Chicago Bruno Wolff III wrote: One way to handle unsolicited email is to use a mail filter that checks the digital signature of all incoming mail and discard all messages that don't come from a source permitted to send you mail. Skipping the point that digital signatures aren't widely used yet, and instead reading this idea as using the sender's email address to sort and discard, this is still not an acceptable solution if you post at all to USENET. It's considered very bad form to post followups that are irrelevant to most readers, and email is used instead for such replies. Anyone who read your post could be sending you a legitimate reply, and the mail filter you propose would blithely toss those in the trash along with the real junk mail. There has to be a better solution. Filtering out known email-SPAMers and sites that don't bother to verify who they're giving accounts to helps, but will not be enough in the long run. Constructive suggestions? -- Bill (haz1@midway.uchicago.edu) ------------------------------ From: jwarren@well.com (Jim Warren) Date: 15 Nov 1995 08:24:26 -0800 Subject: Re: S. 1360 - Medical Privacy Jamie Love from Ralph Nader's group just posted a lengthy comment/analysis of the privacy problems re Senate Bill 1360. This excerpts his lead, plus ending pointers to where full information can be obtained. -- Jim Warren, GovAccess list-owner/editor (jwarren@well.com) Advocate & columnist, MicroTimes, Government Technology, BoardWatch, etc. === These were our comments at today's hearing on S. 1360. We did not testify. (only one opponent of the bill was permitted to testify today). jamie Comments of Consumer Project on technology on S. 1360 - the Medical Records Confidentiality Act of 1995 submitted to the Senate Committee on Labor and Human Resources* James P. Love November 14, 1995 Introduction The following comments of the Consumer Project on Technology (CPT) outline our suggestions for improvements in S. 1360, the Medical Records Confidentiality Act. While we join others in applauding the sponsors of S. 1360 for focusing attention on the important issue of privacy of medical records, we cannot support the bill as introduced. ... ... The Consumer Project on Technology has created an Internet discussion list for this issue, called med-privacy, which available for subscriptions from listproc@essential.org. Send a note to listproc@tap.org, with the message: subscribe med-privacy yourfirstname yourlastname Our World Wide Web page has additional information, and is located at: http://www.essential.org/cpt/privacy/privacy.htm. The Consumer Project on Technology (CPT) is a project of the Center for Study of Responsive Law. The CPT was created by Ralph Nader this year to study a number of issues related to new technologies, including telecommunications regulation, pricing of pharmaceutical drugs, intellectual property rights, and the impact of computers on privacy. The URL for CPT is http://www.essential.org/cpt/cpt.html. ---------------------------------------------------------------------- James Love, love@tap.org P.O. Box 19367, Washington, DC 20036; v. 202/387-8030; f. 202/234-5176 Consumer Project on Technology; http://www.essential.org/cpt/cpt.html Taxpayer Assets Project; http://www.essential.org/tap/tap.html ------------------------------ From: placidego@aol.com (Placidego) Date: 15 Nov 1995 11:47:20 -0500 Subject: Corporate Privacy Shop Organization: America Online, Inc. (1-800-827-6364) Leading manufacturer of high tech spy devices announces unique internet web site. Name of Site: Spyzone.com URL: http://www.spyzone.com E-mail: spyzone@webscope.com General Description:Spyzone This is NOT a game! This is the real world of spy versus spy, corporate espionage, counter intelligence, surveillance, and ultra-high tech detection systems. The products, services and information contained in this site are designed to protect you, your business and anything that you consider valuable from theft, corruption or misuse. The majority of this site is open to the general public however, parts of the site are restricted to law enforcement personnel. The Counter Spy Shop of London has always been referred to as the place where "James Bond" shops. For nearly half a century, governments, corporations, key executives, law enforcement officials and people who have a great deal to loose have come to CCS for solutions to their critical security problems. CCS products have been featured in such films as "Silence of the Lambs", "Sneakers", "Miami Vice" as well as being covered in news features on all major networks and many premiere publications such as Fortune, Time Magazine and the New York Times. This site is not only a source of product and service solutions but also provides a dynamic link to many other highly interesting security related sites. Goods and Services Offered: Covert Audio Interception Wiretap and Bug Detection Electronic Surveillance and Counter Surveillance Electro Optical Surveillance and Night Vision Micro Video Photo Optical Systems Audio Surveillance Radio and Satellite Communications Explosive and Contraband Detection Body and Vehicle Armor Voice Stress Analysis Tracking, Locating and Kidnap Protection Personal Protection Riot Control Information Protection Disaster Recovery Computer Security Voice, Fax and Data Encryption Business Opportunities within the high-tech security field Publishing of security related materials and information guides Consulting services with regard to security ------------------------------ From: Chris Kocur Date: 15 Nov 1995 20:59:16 GMT Subject: Re: Phone Number Privacy Organization: JCPenney eichin@mit.edu wrote: On a recent CD, folk singer Christine Lavin included a song actually titled "*69" about a similar, though different in the details, scenario... interesting from the "raising public awareness" perspective at least. I have the *69 feature and have used it to stop prank callers. I subscribed to the service before caller id came to my area. The service changed as soon as the phone company started offering caller id. It used to be it would just dial the number back, and if it was not a toll call you had no way of telling what the number was. Now that caller id is in place (which I did not subscribe to), when I dial *69, it first tells me the number and asks if I want to go ahead and place the call. So I get the number without even having to call the person back. Just wanted to let you know that with some *69 systems the suspicious spouse doesn't have to wait for the bill or alert the other person by calling them in order to find out who they are. -- Regards, Chris #include I can be do it quick; I can do it well; I can do it cheap -- pick any two. -- Red Adair ckocur@jcpenney.com (work), ckocur@plano.net (home) ------------------------------ From: gita@Glue.umd.edu (Rajesh N. Raghavan) Date: 15 Nov 1995 22:03:17 -0500 Subject: Survey About Privacy on the Internet Organization: Project Glue, University of Maryland, College Park I am conducting a survey as part of a graduate level MIS class that I am taking. This survey will be used as part of the data for my research paper on the Internet and our rights to privacy. I would appreciate it if you could respond to this survey. Thank you very much in advance for your response. The survey follows: 1) Do you feel that you privacy is being violated when you use the internet? 2) Should the government regulate the Internet 3) Would you feel comfortable sending email about a confidential issue, say an impending corporate merger, over the internet 4) Would you feel comfortable sending your credit card information while doing business over the Internet 5) Do you demand or expect privacy over the Internet 6) Do you think we need infrastructure that supports privacy eg., proper encryption technology and the enforcemnet of constitutional protection that already exist for privacy and free speech You may send your responses to gita@eng.umd.edu ------------------------------ From: conduit@alpha.c2.org Date: 15 Nov 1995 19:25:09 -0800 (PST) Subject: Stopping Junk Mail I live in Ohio in the United States. A few local bulk-rate junk mailers don't seem interested in removing me from their computerized mailing lists. They send mail every month or two. I feel that if I don't want the mail to enter my home, then I shouldn't have to receive it. So I have some questions: - Do I have a right to forbid certain people or groups to send me mail? Since I can bar solicitors, et al from my property, it seems that I should be able to forbid mailers from entering the same space, and that my home should be free from unwanted intrusion. - If I have such a right, how do I assert it when mailers don't care? - If I don't have such a right, then, in the spirit of those "Distribution by Microsoft Network permitted only for a fee of $1000" USENET signature lines, is there anything to prevent me from turning junk mail into a profit center by delivering a notice like this one via certified mail to the obnoxious junk mailers? NOTICE: Company X, located at 987 Corporate Behemoth Drive, Anytown, OH 49999 (hereinafter called "Company X") is hereby notified that beginning on the date of receipt of this letter by Company X, Company X may not mail or cause to be mailed any unsolicited advertising material to 1234 Wavy Willow St., Anytown, OH 49999-9999 (hereinafter called "My Home Address") except under the following terms: Each piece of unsolicited advertising mail mailed or caused to be mailed to My Home Address by Company X constitutes an agreement by Company X to pay a $100.00 handling and disposal fee, plus collection expenses, including any legal expenses deriving therefrom, payable to the owner of My Home Address. Unsolicited advertising mail mailed or caused to be mailed by Company X to My Home Address after receipt of this letter by Company X constitutes agreement by Company X to the terms of this notice. Since it's unlikely that checks from Company X would just start appearing in the mail, the idea would be to recover in small claims court if the junk mailings persist. Thanks for any information, -- ------------------------------ From: gmcgath@condes.MV.COM (Gary McGath) Date: 16 Nov 1995 12:27:00 GMT Subject: Re: United Way uses SSN now Organization: Conceptual Design wrf@ecse.rpi.edu (Wm. Randolph U Franklin) wrote: The United Way pledge form that my employer, Rensselaer Polytechnic Institute, a private university, sent me has my SSN printed on it along with my name. RPI probably printed the forms, so that United Way doesn't know my SSN, unless I contribute. Gee, that's a dilemma: should I give away money and thereby spread my SSN around, or keep my money and also keep my SSN a little more secret? One simple solution: Tell RPI that you will contribute money to United Way directly, but will not use their form because of inappropriate use of a federal ID number for private purposes. -- Gary McGath gmcgath@condes.mv.com http://www.mv.com/users/gmcgath ------------------------------ From: Richard_Meeder@atlmug.org (Richard Meeder) Date: 16 Nov 95 01:03:14 -0400 Subject: Re: United Way uses SSN now Organization: Atlanta Macintosh Users Group wrf@ecse.rpi.edu (Wm. Randolph U Franklin) wrote: The United Way pledge form that my employer, Rensselaer Polytechnic Institute, a private university, sent me has my SSN printed on it along with my name. RPI probably printed the forms, so that United Way doesn't know my SSN, unless I contribute. Gee, that's a dilemma: should I give away money and thereby spread my SSN around, or keep my money and also keep my SSN a little more secret? I would keep the money and to hell with there form, your employer violated your privacy by giving them your SSN number. It would certainly concern me! ------------------------------ From: glr@ripco.com (Glen L. Roberts) Date: 16 Nov 1995 16:22:06 GMT Subject: Re: United Way uses SSN now Organization: Full Disclosure wrf@ecse.rpi.edu (Wm. Randolph U Franklin) wrote: The United Way pledge form that my employer, Rensselaer Polytechnic Institute, a private university, sent me has my SSN printed on it along with my name. RPI probably printed the forms, so that United Way doesn't know my SSN, unless I contribute. Gee, that's a dilemma: should I give away money and thereby spread my SSN around, or keep my money and also keep my SSN a little more secret? The issue of employer's providing insurance companies or others employee SSNs came up on Full Disclosure Live recently. I am curious if there aren't any state employment record confidentality laws that might prohibit businesses from disclosing information (including SSN) without consent. Anyone have any ideas? -- Glen L. Roberts, Host Full Disclosure Live Privacy, Surveillance, Technology and Government! Tech Talk Network, WWCR Shortwave: 5065 khz. 8pm est/Sundays. Real Audio: 7 days/week, 24 hrs a day: http://pages.ripco.com:8080/~glr/glr.html -- ------------------------------ From: jmcging@access.digex.net (John McGing) Date: 16 Nov 1995 16:33:13 -0500 Subject: Re: United Way uses SSN now Organization: Digital Express, Maryland wrf@ecse.rpi.edu (Wm. Randolph U Franklin) writes: I think that Death certificates often have the deceased's SSN on them. Dunno whether this is required by law, or whether the relevant government flunky just heavily suggests, w/o actually stating, that this is required. Once you are dead, you loose your right to privacy. The SSN on a death certificate is used to feed into an automated death reporting system that is used by various government agencies, fed and state, to ensure that benefits by various agencies are terminated. As to being required, I suspect that it is but probably via a requirement imposed by the feds on the states to have such a rule.law in order to get access to various fed databases. -- ------------------------------------------------------------------ jmcging@access.digex.net Nobody knows the troubles I've seen JOHN.PF on GEnie Team OS/2 .... and nobody cares! http://www.access.digex.net/~jmcging ------------------------------ From: lffield@pipeline.com (Lynelle Ffield) Date: 16 Nov 1995 17:24:57 -0500 Subject: Re: United Way uses SSN now Organization: The Pipeline 'wrf@ecse.rpi.edu (Wm. Randolph U Franklin)' wrote: I think that Death certificates often have the deceased's SSN on them. Dunno whether this is required by law, or whether the relevant government flunky just heavily suggests, w/o actually stating, that this is required. In Snohomish County, Washington, the funeral director fills out part of the death certificate re: the end disposition of the body. He told me that they regularly send a copy of the death cert to the soc. sec. administration, so that they will know to stop sending the social security checks. They use the soc.sec. # that way. -- Lynelle ------------------------------ From: anonymous Date: 15 Nov 1995 15:46:29 -0800 Subject: Telemarketing Organization: California Senate please post this anonymously, thank you [moderator: done.] I've been looking for creative solutions to the nuisance problem of telemarketing. One solution to unwanted telemarketing is the creation of a "don't call me" list wherein people can designate that they don't wish to be telemarketed. Then, rather than rely on local or state law enforcement to prosecute offenders, allow the individual the ability to prosecute the offender through small claims court. Any reactions to this idea? Thanks. ------------------------------ From: WELKER@a1.vsdec.nl.nuwc.navy.mil Date: 16 Nov 1995 11:06:04 -0400 (EDT) Subject: Re: Company Network email Reading sanders@pipeline.com (John C. Sanders) said: We use Word Perfect Office for internal email where I work and we have a LAN over which the email runs. A friend and I were having a discussion about the issue of whether or not the LAN system administrator/supervisor has the capability to see, monitor, review, save the email of all employees. My friend says he has such a capability if he chooses to use it. It seems doubtful to me... The administrator(s) have filesystem level access to the server. Your mail is stored as a set of WordPerfect documents, therefore any LAN administrator with a copy of WordPerfect can read your mail. This is over and above the capability of using a packet sniffer to trap your raw text, which can be done by anyone who has physical access to the network. If you are using WordPerfect's password facility, there is commercial software availabe which can break it in a _very_ short period of time (see the PGP manual for details). The LAN administrator is therefore one of the most trusted ("key") employees in the company, or at least he'd better be. The LAN administrator is usually also responsible for redirecting misrouted email, therefore he has to be able to read messages in order figure out who they're really for. Of course, it is possible to separate "email" and "LAN" administration functions, but then there are two people who can read your mail... I read an article recently in one of the trade pubs (_Communications Week_, I think) where a CEO at a major systems house (Sun, HP or some such) stated that he NEVER used email for anything remotely sensitive, because at least half of his employees knew how to hack it (must be a Unix shop - grin). Perversely enough, this could be a legitimate argument for outsourcing the LAN manager's job -- his employer could be made to assume liability for any compromises of your company's information, or you could make him a bonded employee, or some such thing. I don't know the legal issues involved. The only way to prevent the administrator(s) from be able to routinely read the mail is "defense in depth" using public key encryption, both of the network packets (kerberos?), and individual mail messages (PGP?). The technologies exist today, but most companies aren't interested in spending the money -- the benefits of sharing _everything_ currently outweigh the costs of securing _some things_. ------------------------------ From: Richard Beels <71333.2551@compuserve.com> Date: 16 Nov 95 12:16:42 EST Subject: Re: Company Network email Reading sanders@pipeline.com (John C. Sanders) said: We use Word Perfect Office for internal email where I work and we have a LAN over which the email runs. A friend and I were having a discussion about the issue of whether or not the LAN system administrator/supervisor has the capability to see, monitor, review, save the email of all employees. My friend says he has such a capability if he chooses to use it. It seems doubtful to me, though. This would make this LAN administrator/supervisor very powerful if he had access to everybodies email, especially the email of key people in the organization. Could a LAN administrator/supervisor have this capability and not know it? Can anyone cite any articles or other sources of information on this topic? I haven't used WPO in a few years but what you describe is very easy to do for a user with rights to the admin directory. If the secruity is set to low, you can just assign the account a password and get in, if it's set to high, you need to swap the user's preference file out with yours and you're in. Note that the supervisor could always reset your usercode's password, login, get your mail and then just say that, "There was a system problem, and I had to reset some peoples passwords" or just wait for you to complain that you can't login and then reset your password then. In the new WPO, now called GroupWise, it's a bit more difficult to spoof into another's email account if security is set to High but it can be done but it is very difficult and you need to understand some internals of how GW works. -- Richard Beels - CompuServe NetWire Sysop 71333.2551@compuserve.com ------------------------------ From: Christopher Stacy Date: 15 Nov 1995 14:07:11 -0500 Subject: Re: Copyright Notice les@Steam.Stanford.EDU (Les Earnest) said: Yes, but typing something into a computer doesn't necessarily record it locally in a "fixed, readable" form. As I tried to explain previously, in the copyright law (U.S. code 17) the word "fixed" is not an adjective; it's a verb indicating the general concept "to write down". When you post a newsgroup article, the words are "fixed" onto a computer disk somewhere. That medium of expression is covered by the law both explicitly ("magnetic") and implicitly ("now known or later developed, from which they can be perceived, reproduced, or otherwise communicated, either directly or with the aid of a machine or device"). The word "local" does not appear in the law; that requirement is purely some invention of yours. Who owns the copyright if some other computer on the Internet is the first to record the work on its disk? It has been explained numerous times here that the author need not be the owner of typewriter (or disk drive or whatever). It does not matter who owns the computer; the author owns the copyright. And what if the person who typed it in is merely recording an oral statement made by someone else? This is a different issue, which has also been addressed before. ------------------------------ From: michaelm@nairobi.eecs.umich.edu (Michael McClennen) Date: 15 Nov 1995 22:01:40 GMT Subject: Re: Copyright Notice Organization: University of Michigan EECS Dept., Ann Arbor, MI The arguments advanced here are silly, since they completely ignore what I see as the intent of the law. I would guess (although I'm not a lawyer or a legislator) that the intent is that copyright is automatically granted to a work as soon as it appears in a form such that everyone can agree upon the exact content. Thus, a verbal utterance is not automatically copyrighted, since two people who heard it may remember it differently. However, as soon as that utterance is recorded on a magnetic tape, written down, or typed into a computer, there is an unambiguous record of the content and thus an automatic copyright to the author. Now who the "author" is may in some cases be disputable, but that's a different matter. The exact ownership of the computer (or the tape recorder, the pen, etc.) does not enter into the question. -- Michael McClennen michaelm@eecs.umich.edu ------------------------------ From: peter@nmti.com (Peter da Silva) Date: 16 Nov 1995 18:38:16 GMT Subject: Re: Copyright Notice Organization: Network/development platform support, NMTI Les Earnest wrote: Yes, but typing something into a computer doesn't necessarily record it locally in a "fixed, readable" form. What does "locally" have to do with it? Computers don't own copyrights, people do. If I call my ISP and write my great american novel there I might be stupid (don't assume privacy on any computer you can't control) but it's still *me* fixing the data into a tangible medium, not my ISP. -- Peter da Silva (NIC: PJD2) `-_-' 1601 Industrial Boulevard Bailey Network Management 'U` Sugar Land, TX 77487-5013 +1 713 274 5180 "Har du kramat din varg idag?" USA Bailey pays for my technical expertise. My opinions probably scare them ------------------------------ From: Robert Gellman Date: 15 Nov 1995 17:31:41 -0500 (EST) Subject: Health Privacy Legislation - Part III This is the third in a series of postings with excerpts from studies of health privacy. These studies show uniformly that health records have inadequate legal protection today. From "Health Data in the Information Age: Use, Disclosure, and Privacy" by the Institute of Medicine (1994). Legal and ethical confidentiality obligations are the same whether health records are kept on paper or on computer-based media. Current laws, however, have significant weaknesses. First, and very important, the degree to which confidentiality is required under current law varies according to the holder of the information and the type of information held. Second, legal obligations of confidentiality often vary widely within a single state and from state to state, making it difficult to ascertain the legal obligations that a given health database organization will have, particularly if it operates in a multistate area. These state-by-state and intrastate variations and inconsistencies in privacy and confidentiality laws are well establishing among those knowledgeable about health care records law. . . . Third, current laws offer individuals little real protection against redisclosure of their confidential health information to unauthorized recipients for a number of reasons. Once patients have consented to an initial disclosure of information (for example, to obtain insurance reimbursement), they have lost control of further disclosure. Information disclosed for one purpose may be used for unrelated purposes without the subject's knowledge or consent (sometimes termed secondary use). For instance, information about a diagnosis taken from an individual's medical record may be forwarded to the Medical Information Bureau in Boston, Massachusetts . . . and later used by another insurance company in an underwriting decision concerning life insurance. Redisclosure practices represent a yawning gap in confidentiality protection. Comment: Current health privacy controls are completely inadequate. We need uniform federal legislation to keep things from getting worse. + + + + + + + + + + + + + + + + + + + + + + + + + + Robert Gellman rgellman@cais.com + + Privacy and Information Policy Consultant + + 431 Fifth Street S.E. + + Washington, DC 20003 + + 202-543-7923 (phone) 202-547-8287 (fax) + + + + + + + + + + + + + + + + + + + + + + + + + + ------------------------------ From: David@InterAccess.com (David J. Loundy) Date: 15 Nov 1995 15:54:15 -0600 Subject: Review of IITF Privacy Working Group White Paper Published in the Chicago Daily Law Bulletin, November 9, 1995 at p. 6. Past articles archived at http://www.leepfrog.com/E-Law/ Task Force Develops Privacy Principles Copyright 1995 by David Loundy Reprinted with permission Growth in the "Information Infrastructure" is producing a growth in concern over personal privacy. With the increasing use of computer technology comes an increasing ability to gather, store, match and retrieve personal information. Some of this is information people would like to keep private. Some of the information is not sensitive in and of itself, but can lead to detailed, potentially intrusive, and uncontrollable profiles when many individual pieces of information are collected into a coherent picture. Privacy on the National Information Infrastructure (NII) (which encompasses the Internet, cable, television, and telephones) is enough of a concern that the U.S. Department of Commerce formed the Information Infrastructure Task Force Privacy Working Group (the "Privacy Working Group") to look at how certain information about NII users should be protected. At the end of October, the Privacy Working Group released a "White Paper" entitled "PRIVACY AND THE NII: Safeguarding Telecommunications-Related Personal Information" (available over the Internet at gopher://www.ntia.doc.gov:70/00/policy/privwhitepaper.txt). This report is concerned largely with only a subset of information, specifically Telecommunications-Related Personal Information (TRPI). TRPI refers to information such as: to whom you have made phone calls, when, and for how long, but does not include the contents of the call. It would include what movies you request by pay-per-view cable. It would also include the "header" information from an e-mail message, but not the message itself. In some cases, as the Privacy Working Group points out, the distinction between transactional and actual content information may be meaningless-- if you know the title of the movie watched on cable, you may already have a fairly good idea about its content. The Privacy Working Group report points out that, without a certain level of protection, people will not want to use the NII, and thus the communications networks will not advance, bringing all of the wonders we have been promised that they will bring. The report also points out that, while protections exist for some types of transactional data, often the level of protection is either inadequate, nonexistent, or does not apply uniformly to all types of service providers-- even when the services provided are essentially the same. For example, federal law protects access to lists of what movies you have rented (18 U.S.C. $2710), but arguably this protection does not extend to movies ordered by wireless cable, direct broadcast satellite, or perhaps by any Internet delivery mechanisms which may be developed in the future. Unequal privacy obligations may also put one type of service provider at a competitive disadvantage compared to another competitor providing a similar service, but employing a different medium. Another limitation is that the Privacy Working Group report addresses only private sector collections of information. This is a significant limitation, especially in light of the perception that more people fear privacy invasions by the government much more than they fear privacy invasions by the private sector. The Privacy Working Group report states that there are two principles which should be employed when examining privacy protection on the National Information Infrastructure. Using these principles, discussed below, voluntary industry compliance should be solicited, and only if that fails should legislation be passed which establishes at least a minimum level of privacy protection. The first principle is "provider notice." This principle states that each service provider should inform its customers about what TRPI is being collected and for what purposes that information will be used. Once this disclosure is made, the provider could use this customer information in any way already disclosed, and the customer can either accept the degree of disclosure, or do business with a provider who will ensure a greater level of privacy. For the notice to be adequate, the Privacy Working Group found that the notice should (i) be conspicuous, (ii) be in language the particular consumer can understand, and (iii) provide sufficient information to allow the consumer to decide whether or not to accept service under the given terms. Any notice by a provider should also clearly instruct the customer that a choice about his or her privacy is required, and it should allow the customer time to respond before the customer's information is used for a purpose other than any use which may be required to provide service. The second principle is "customer consent." This principle states, in order for a provider to use sensitive information, explicit customer consent should first be required from the customer. Any consent requirement, and any provisions as to how this consent is to be given, should depend on the type of TRPI at issue. For sensitive information, such as health care and financial information, authorization to use the information should be obtained before the information is used-- an "opt in" approach. For less sensitive information, the customer should be given notice that the information will be used unless the consumer takes active steps to prevent its use-- an "opt out" approach. By using these two methods, the Privacy Working Group believes that industry will allow consumers greater protection for their most sensitive information, yet it will also keep transaction costs lower for NII providers. The Privacy Working Group said that by encouraging industry to employ the notice and consent principles, market forces will see that consumer's privacy needs are met. Further, this will happen with a minimum of government intervention while providing a maximum of flexibility for service providers, which, in turn, will promote the growth of the NII. The Privacy Working Group refers to this as its "contractual approach" to privacy protection. While the Privacy Working Group's principles would provide a good minimum level of protection, even the Privacy Working Group itself acknowledges that this approach may not ultimately work. This voluntary approach assumes that the marketplace will be sufficiently competitive to allow customers to chose an alternative provider, an option that may not be readily available in the current market for services such as video and local telephone service. The contractual approach would also break down when privacy is available to NII users only at a premium, thus excluding poor and low income consumers. For these reasons, the Privacy Working Group suggests that, if industry will not comply with its two privacy principles voluntarily, then the principles should be imposed on the service providers through legislation. Unfortunately, by making the notice and consent minimums voluntary, consumers will know only that their privacy rights have been violated once it is too late. The Privacy Working Group report even cites examples of companies not following their own privacy protection guidelines. Merely asking for compliance in developing privacy policies-- when most customers will not even be able to tell who has violated such policies-- does not provide enough protection. It is also important that other privacy concerns be addressed which were not discussed in the Privacy Working Group white paper. The Privacy Working Group's principles are good ones, but they may not carry enough bite, and they must be applied to more than just private companies if users are to feel their privacy is protected when transacting business and communicating over the NII. ________________________________________________________________________ David J. Loundy | E-Mail: David@InterAccess.com | WWW: http://www.leepfrog.com/E-Law/ Paradise is exactly like | where you are right now | Researching car-jackings, drive by shootings only much, much, better | and other over-used metaphors on the --Laurie Anderson | Information SuperHighway. ________________________________________________________________________ ------------------------------ From: "Prof. L. P. Levine" Date: 18 Oct 1995 13:55:25 -0500 (CDT) Subject: Info on CPD [unchanged since 08/18/95] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. [new: Ordinary copyrighted material should not be submitted. If a] [copyright owner wishes to make material available for electronic] [distribution then a message such as "Copyright 1988 John Doe.] [Permission to distribute free electronic copies is hereby granted but] [printed copy or copy distributed for financial gain is forbidden" would] [be appropriate.] Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the Subject: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Web browsers will find it at gopher://gopher.cs.uwm.edu. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Web: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V7 #042 ****************************** .