Date: Mon, 22 Jul 96 20:08:23 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V9#005 Computer Privacy Digest Mon, 22 Jul 96 Volume 9 : Issue: 005 Today's Topics: Moderator: Leonard P. Levine Re: Unsolicited email Re: Unsolicited email Re: Unsolicited email Re: Unsolicited email Re: Unsolicited email Re: Privacy of eMail Address Re: Privacy of eMail Address Looking for Internet Privacy Stories Ripem Info on CPD [unchanged since 11/22/95] ---------------------------------------------------------------------- From: notme@nothere.com Date: 15 Jul 1996 22:56:54 GMT Subject: Re: Unsolicited email Organization: Netcom References: mhorne@ucla.edu (Mark Horne) wrote: With increasing frequency I have been receiving unsolicited email from persons attempting to sell some product or service. I suspect that my address is being culled from Usenet posts. I'd suggest not using a real email name in the header. While that's a bit of a pain, I've decided that I'd rather do that, then continue to get added to mailing lists. For the same reason, I decided to enclose my email address in a block of a's. If somebody wants to go the trouble of manually adding my email address to a list which I'll ignore, more power to them. :) By the same token, if somebody makes a program smart enough to stip it out automatically, good for them. But I'm not going to make it easy. :) -- Email to: (ignoring the a's :) aaaaaaaaaaaaaaaaa aejm@sprynet.coma aaaaaaaaaaaaaaaaa ------------------------------ From: bo774@FreeNet.Carleton.CA (Kelly Bert Manning) Date: 17 Jul 1996 07:23:15 GMT Subject: Re: Unsolicited email Organization: National Capital Freenet, Ottawa, Canada Mark Horne (mhorne@ucla.edu) writes: "Unsolicited email of a commercial nature will be read, responded to, and/or disposed of for a fee of $1,000 (USD). The transmission of an unsolicited commercial message to the above electronic mail address constitutes agreement to these terms." The difficulty I see is proving someone collected my address after this "contract" is added to my signature line. On the other hand, it may also scare off many of these junk email operators. Comments? I don't think that someone data mining usenet archives for addresses will be scared because I can't imagine that they actually read any of the posts or apply any sort of disclaimer search software. Some of these creeps claim to have compiled lists of 100000s of IDs through such careful "research". I expect that the research begins and ends with a sort and duplicate merge of IDs. Why not telnet to any member of the National(:-) Public Telecommunications Network(such as this node), login as guest, fill in an online application, mail the signed copy, wait for the ID to be activated, and use that for posting, after typing a SIG such as the one below. Also, when using the freeport poster, never use "append to", select an editor and edit posts. I'm not sure how you would get an order to produce documents from a court in the USA, but where I live it is a simple matter of filing a notice of claim in the court registry, accompanied by a request for a judges order to produce documents. If you start fresh with a new ID/node and consistently use your sig then failure on their part to produce documents will leave the balance of evidence/presumption on your side. Note that this is civil law, not criminal law, so "reasonable doubt" just won't buy them anything. You could probably use your sig to get action if an ISP seems uncooperative about pulling the plug on an e-mail spammer, because once advised of the offer they would probably share some liability for any repeat spamletters sent to you. I find the best way to shut down the spamletter operators is to look for bona fide reply IDs in the body of the newsletter and complain to the ISP, eg. abuse@aol.com. A "legitimate" company that finds it's reply IDs hosed after advertising in a spamletter might find itself in a position to seek damages from the spammer. I believe that there are many legal precedents for obtaining judgements against junk phone callers and snail mailers. Hasn't the founder of Private Citizen Inc. won several cases against junk phone callers. He talks politely to them about how their offer sounds "really good", but he just is concerned about dealing with some unknown party over the phone, so they offer some details about who they(the junk calling boiler room) are. He checks this against his list of orgs he's already advised of his standard offer. If they are new he tells them about it. If they are a repeat caller he tells them that they were warned before and that they now owe him money. He then collects it. Note that you do not have to perform any kind of service or use a "reasonable" rate, although my rate is based on what I get paid if my employer calls me at home. An Ontario woman won a judgement for almost $800 against "Columbia House" after they refused to comply with here initial request to stop sending her crap mail and ignored her first few invoices for minor amounts. Getting exasperated she sent them another invoice with a warning that the next piece of junk they sent her would cost them $750, waited till it arrived, filed a small claim action, and collected every penny. Have you reviewed news.admin.net-abuse.misc or news.admin.net-abuse.email? -- notice: by sending advertising/solicitations to this account you will be indicating your consent to paying me $70/hour for a minimum of 2 hours for my time spent dealing with it ------------------------------ From: dan@dvl.co.nz (Dan Langille) Date: 17 Jul 1996 19:00:42 GMT Subject: Re: Unsolicited email Organization: DVL Software Limited References: mhorne@ucla.edu (Mark Horne) wrote: The difficulty I see is proving someone collected my address after this "contract" is added to my signature line. On the other hand, it may also scare off many of these junk email operators. Comments? I am also getting unsolicited mail. To multiple addresses, all of which arrive here in my intray. I too suspect Usenet. Apart from complaining to the send and their postmaster, there's not much I feel I can do. It's really annoying considering I have to mail for this junk mail and then again to complain about it. As for scaring them off, I don't think they actually look at the sigs. I think someone is running a program over the collected messages and extracting the addresses. As for proving before/after, given that I'm part of a wider domain, I could just change my address (say to "langille@dvl.co.nz") and at the same time add the contract to the sig. But that is not an option for everyone. Perhaps just changing the name, say to "D Langille " I would like to do something more about junk mail. It should not continue. -- Dan Langille DVL Software Limited - Wellington, New Zealand ------------------------------ From: Pete Morgan-Lucas Date: 18 Jul 1996 14:48:41 -0700 Subject: Re: Unsolicited email Organization: Natural Environment Research Council References: Mark Horne wrote: With increasing frequency I have been receiving unsolicited email from persons attempting to sell some product or service. I suspect that my address is being culled from Usenet posts.//Snip// The difficulty I see is proving someone collected my address after this "contract" is added to my signature line. On the other hand, it may also scare off many of these junk email operators. Comments? As you say, proving they saw your 'contract' would be problematic. Most of the "Screen-scrapers" who build address-lists from Usenet postings etc. just run a script that searches for strings with an @-symbol in them, and assume that this is a mail-address. They most certainly do *not* have some human actually browsing newsgroups, so your attempt to prove your "contract" was ever viewed by the sender is fraught with difficulty. And bearing in mind the well-established trading of email address-lists that goes on these days, it could easily be that the person who screen- scraped your mail address in the first place, and the person who ultimately junkmails you, could be separated by several steps and a whole host of intermediate companies. No easy answer, i'm afraid! //Pete Morgan-Lucas// "Do not disengage overdrive at speeds below 120MPH" ------------------------------ From: ratner@sacajawea.cs.ucla.edu (Dave Ratner) Date: 19 Jul 96 16:20:36 GMT Subject: Re: Unsolicited email Organization: University of California, Los Angeles References: mhorne@ucla.edu (Mark Horne) writes: The difficulty I see is proving someone collected my address after this "contract" is added to my signature line. On the other hand, it may also scare off many of these junk email operators. Comments? I too have been plagued with increasing numbers of unsolicited email, sometimes to accounts that I maintain but never use (meaning that they are getting the address from somewhere other than Usenet). However, even if they were coming from Usenet posts, I have to assume that email addresses are collected automatically, and therefore would be uneffective in scaring off potential junk email operators. Additionally, since there other methods of obtaining addresses other than from Usenet posts, I see the difficulty that you point out as being almost impossible to prove in any legal sense. Nevertheless, I am considering such measures...even if it helps just a little. -- Please send money, | Dave Ratner | "Nun sacciu, nun vidi, nun beer, or a signed PhD | ratner@cs.ucla.edu | ceru e si ceru durmivu" ------------------------------ From: skg@sadr.com (Keith Graham) Date: 16 Jul 1996 00:22:17 GMT Subject: Re: Privacy of eMail Address Organization: MindSpring Enterprises References: Mich Kabay <75300.3232@CompuServe.COM> writes: As far as the damage to the author's privacy is concerned, I suggest you do a search using DejaNews (http://www.dejanews.com) to see if the complainant has ever, in fact, posted anything to the USENET using the specific user ID you (wrongly, in my opinion) posted in public. If they have, it seems to me (as a non-lawyer) that they wouldn't have much of a case for damages even though you erred in posting without permission. Since this is a privacy question, I'd like to point out that saying "I've received email from _____@______._____" is not against the copyright law. So while posting the entire message might be against the copyright law, that's not the place to look if you want to protect your own privacy. -- Keith Graham skg@sadr.com ------------------------------ From: pjkrupin@aol.com (P J Krupin) Date: 20 Jul 1996 13:40:25 -0400 Subject: Re: Privacy of eMail Address Organization: America Online, Inc. (1-800-827-6364) References: A copyright does belong to a person on creation of a creative work, and an e-mail letter is a creative work. Forwarding or posting the e-mail would be a violation unless you acquired permission prior to forwarding or posting. Best advice when you want to use someone's writing is to get permission before using it. You need to probably explain how your going to use it, and then be faithful to your stated purpose. There are fair use exceptions in copyright laws, but it's far better to work with an author, or owner, rather than risk reprisal and all the entanglements that go with it. -- Paul J. Krupin Direct Contact Publishing ------------------------------ From: Joel McNamara Date: 22 Jul 1996 10:35:26 -0700 Subject: Looking for Internet Privacy Stories I'm compiling what I hope will be the definitive source of worldwide case studies that demonstrate the benefits of Internet privacy tools. These stories will have a human focus, and clearly show the importance of PGP, anonymous remailers, and other tools to cultural, economic, and political processes. The goal is to have a body of accounts that show Internet privacy technologies being used to benefit society. These stories will be published on a Web page, and can be used by privacy advocates to contrast against government claims that encryption and other tools will solely benefit criminals. If there are enough compelling stories, they may eventually find their way into a book. If you have a story to tell, or know someone who does, I'd like to hear it. It doesn't have to be an exciting "rebels in the jungle" account either. In many ways, the everyday "slice of life" stories may be more important in showing the value of electronic privacy. Confidentiality will be maintained, of course. For details see: http://www.eskimo.com/~joelm/privacy.html -- Joel McNamara joelm@eskimo.com ------------------------------ From: "howard b.schwartz, m.d." Date: 22 Jul 1996 16:36:26 -0500 Subject: Ripem does anyone know the latest version of ripem for dos/windows95 and where to get it? [Ripem is the encryption program developed by mark riordin at michigan state university,and is an implementation of pem (privacy enhanced mail)] ------------------------------ From: "Prof. L. P. Levine" Date: 15 Jul 1996 13:43:37 -0500 (CDT) Subject: Info on CPD [unchanged since 11/22/95] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the Subject: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Web browsers will find it at gopher://gopher.cs.uwm.edu. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Web: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V9 #005 ****************************** .