Date: Thu, 18 Jan 96 14:01:07 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V8#007 Computer Privacy Digest Thu, 18 Jan 96 Volume 8 : Issue: 007 Today's Topics: Moderator: Leonard P. Levine New Pro Privacy Web Site Re: Computers See ALL Your Postal Mail Re: Computers See ALL Your Postal Mail Re: Unsolicited email Advertising Employer Request for Kids SSN Re: Spy Viruses Privacy Conferences and Events Info on CPD [unchanged since 11/22/95] ---------------------------------------------------------------------- From: SpyKing Date: 16 Jan 1996 00:53:41 -0500 Subject: New Pro Privacy Web Site A wealth of privacy information and a ton of great links to privacy related resources and utilities. It's definetely worth checking out. URL: http://thecodex.com Check out our WEB SITE - The Codex Privacy Page WWW: http://www.trcone.com/tsa.html The Codex Surveillance & Privacy Newsletter CounterSurveillance Equipment & Privacy Devices Technical Surveillance CounterMeasures (TSCM) Forensic Audio Restoration & Audio/Video Tape Enhancement ------------------------------ From: fyoung@oxford.net (F Young) Date: 16 Jan 96 10:12:59 EST Subject: Re: Computers See ALL Your Postal Mail TOM ALCIERE <73151.3051@CompuServe.COM> said: DCO's file for a period of time. All that's necessary to monitor Aunt Matilda is to command the RBCS to generate similar copies for anything keystroked 123MAIS12345. Bring a letter with your return address ON THE BACK to a post office window and ask the clerk for a stamp. S/he will tell you to put the return address ON FRONT!!! I believe the reason for the Post Office wanting us the put the return address on the front is for processing of returned mail, not to monitor our mail, since it is easy enough to take pictures of both front and back of the letters. However, I can see a privacy issue if the Post Office keeps archives of pictures or records of mail going through their system. Currently, the Canadian postal code system assigns one unique postal code for every four houses in urban residential areas, one unique postal code for rural routes/substations. A few years ago, there were discussions on introducing a 10-digit postal code giving each address a unique code - I believe that plan is either on hold, or abandoned. ------------------------------ From: WELKER@a1.VsDeC.nL.nuwc.navy.mil Date: 17 Jan 1996 08:46:39 -0400 (EDT) Subject: Re: Computers See ALL Your Postal Mail A matter of semantics concerning the post about USPS doing traffic analysis of Aunt Mathilda's mail: I was always taught the the front of the envelope is the side with the flap, and that the intended recipient's address was therefore on the back of the envelope. Thus if a postal clerk instructs you to put your return address on the "front" (s)he is telling you to write it on the "unscanned" side. Nonetheless (not being an expert) I know of no _requirements_ that the return address appear on the same side as the stamp, but I presume USPS would like to make returned mail easier to handle by doing so. ------------------------------ From: donna@mildred.houston.tx.us (hyper-creatrix) Date: 16 Jan 1996 05:05:19 GMT Subject: Re: Unsolicited email Advertising Organization: hyper-creatrix References: wmcclatc@nyx.net says... If so, then what have you done, or what are you planning to do? I do three things: 1) I read the two net abuse groups and regularly add sites that either spam or allow thier customers to do so to my bozo filter to prevent myself from ever seeing them in my inbox. can i add america online for allowing their clueless lot to do such things? i got a post recently from someone on aol whose screen name i didn't recognise, and i also didn't recognise any of the 30+ addresses/screen names in the remainder of the to: field. the sender, an aol looney, was asking me and the other recipients to effectively mailbomb a third party who's screen name i also didn't recognise. i complained to the postmaster and abuse daemons at aol. haven't heard anything since, but also the bozo hasn't sent any more junk mail to me. :) I also encrypt the entore messsage body and reply to the twits (sending the encrypted mess back) and tell them I am unsure what the mess is - but I don't want anything else from them. that's a great solution; i'll add that to my retaliation! :) thanks for the tips! -- donna@mildred.houston.tx.us spam me and you're history! http://gensys.com/~olotcf/ ------------------------------ From: "anonymous" Date: 16 Jan 96 08:16:29 CST Subject: Employer Request for Kids SSN [moderator: a request for anonymity was made by the author.] I am employed by a major medical center (non profit). My employer provided health insurance is self-insured through a separate (for profit $$) company which is a wholly owned by my employer. This separate company also manages the health maintaince contracts that the major medical center has with area businesses. Each year the insurance company sends us a verification sheet containing our primary/secondary insurance information. My signature on this form indicates that the insurance information is correct. My signature on this form also permits release of my medical information from my employer (the major medical center) to this separate ins co (for billing). I then sign no releases when I go to see the doctor. There is also a place on the form for my spouse to sign releasing medical information from the medical center to his insurance company. We no longer sign this form (several years). We believe that we have the right to know what information about use is being sent from the major medical center to our insurance companies. Itemized statements containing ICD-9 codes must be mailed to us and then we submit the claim to our insurance companies. This year's form contains a request for my children's social security numbers. There is no explaination for this request. I have several times in the past complained because this company had released my social security number to organizations (in one case a direct marketer!) without my consent. When I wrote for the policy on keeping this info private, I got the reply "all employees sign confidentiality agreements". This is not a policy at all! Can my health insurance be dropped after 5 years simply because I refuse to provide my children's social security numbers? Where can I write to find out what my rights are? Also, they have taken my spouse's ssn (from our secondary ins) and put it to use on thier own system. In this new use my spouse's social security number will not be private. How can I effectively complain about this? Thanks. ------------------------------ From: fyoung@oxford.net (F Young) Date: 16 Jan 96 09:53:19 EST Subject: Re: Spy Viruses daveb@iinet.net.au (Dave) writes: Sounds like another good reason to use an external modem. If my modem dials out, I get to hear it do so, and see the status lights twitch, in time to kill it if need be. I defy any software to defeat that. I always prefer external modems; if in doubt, just turn off the power to it. Although, your comm software can issue a command to turn off your external modem's speaker. In case of the "virus" in our discussion, if you are not looking at the modem or if you are away from your computer, it may still dial out without you noticing. ------------------------------ From: Susan Evoy Date: 17 Jan 1996 23:16:39 -0800 Subject: Privacy Conferences and Events CPSR Members and Friends, If you are planning to attend one of these conferences, or another that may be related to CPSR's work, please contact CPSR at cpsr@cpsr.org or (415) 322-3778 for easy ways for you to be a presence for CPSR. CONFERENCE /EVENT SCHEDULE [somewhat abridged, moderator CPD] Security, Privacy and Intellectual Property Protection in the Global Information Infrastructure, Canberra, AUSTRALIA, Feb. 7-8. Contact: http://www.nla.gov.au/gii/oecdconf.html A Nation Connected: Defining the Public Interest in the Information Superhighway, Annenberg Center, Rancho Mirage, CA, Feb. 20. Contact: barb.macikas@ala.org 800 545-2433 x3201 312 280-3201 Assoc. for Practical and Professional Ethics, St. Louis, MO, Feb. 29-March 2 Contact: appe@indiana.edu 812 855-6450 812 855-3315 Ethics and Technology Conference, Chicago, IL, March 9, 1996. Contact: lsalche@luc.edu 312 915-7061 312 915-6118 (fax) Computers, Freedom, and Privacy, M.I.T., Cambridge, MA, March 27-30, 1996. Contact: web.mit.edu/cfp96 cfp96-info@mit.edu Rewiring our Networks: Cultural Equity in the 21st Century, Berkeley, CA, March 30-Apr 1. Contact: 510 451-2717 ACM's Special Interest Group on Computer-Human Interaction, Vancouver, BC, CANADA, April 14-18, 1996. Contact: http://www.acm.org/sigchi/chi96/ chi96-office@acm.org 410 263-5382 410 267-0332 (fax) Technological Assaults on Privacy, Rochester, NY, April 18-20, 1996. Paper drafts by Feb. 1, 1996. Contact: privacy@rit.edu 716 475-6643 716 475-7120 (fax) Security and Privacy, IEEE Symposium, Oakland, CA, May 6-8, 1996. Contact: sp96@cs.pdx.edu http://www.cs.pdx.edu/SP96 Visions of Privacy for the 21st Century: A Search for Solutions, Victoria, BC, CANADA, May 9-11, 1996. Contact: http://www.cafe.net./gvc.foi Business Ethics Conference, The Waldorf-Astoria, New York, NY, May 22-23. Contact: 212 339-0345 Graduate Research Ethics Education, A Workshop at Indiana University, Bloomington, IN, June 5-9, 1996. Contact: appe@indiana.edu 812 855-6450 Australasian Conference on Information Security and Privacy, New South Wales, AUSTRALIA, June 24-26. Contact: jennie@cs.uow.edu.au The Privacy Laws & Business, Cambridge, ENGLAND, July 1-3. Contact: 44 181 423 1300 44 181 423 4536 (fax) Conference on Computing and Philosophy, Carnegie Mellon Univ, Pittsburgh, PA, Aug. 8-10. Deadline for submissions: Feb. 19th. Contact: rc2z@andrew.cmu.edu 412 268-7643 http:/www.lcl.cmu.edu/CAAE/CAPpage.html Advanced Surveillance Technologies II. Ottawa, ON, CANADA, Sept. 17. Contact: pi@privacy.org Data Protection and Privacy Commissioners, Ottawa, ON, CANADA, Sept. 18-20. Contact: ------------------------------ From: "Prof. L. P. Levine" Date: 15 Jan 1996 18:40:39 -0600 (CST) Subject: Info on CPD [unchanged since 11/22/95] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the Subject: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Web browsers will find it at gopher://gopher.cs.uwm.edu. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Web: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V8 #007 ****************************** .