TUCoPS :: Privacy :: priv0806.txt

Privacy Digest 8.06 4/18/99

<head><TITLE>PRIVACY Forum Archive Document - (priv.08.06) </TITLE></head>
<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#660099" alink="#ff0000">

<table border=0 cellpadding=0 cellspacing=0 width=100%>

<td bgcolor="#ffffcc" width=30%>

<table border=0 cellpadding=4 cellspacing=0 width=100%>

<a href="/reality.html"><img src="/spkr1.gif" border=0 align=middle></a>
<font size=-1 face="Arial, Helvetica, sans-serif"><b>RealAudio</b></font><br>
A Moment of Sanity & Fun!<br>

<font size=-1 face="Arial, Helvetica, sans-serif">
<font color="#ff0000"><b>& UNREALITY TRIVIA QUIZ!</b></font>

<table border=0 cellpadding=0 cellspacing=0 width=100%>

<table border=0 cellpadding=4 cellspacing=0>

<a href="/reality.html"><i>LISTEN</i> or <i>INFO!</i></a></td>







<td align=center>

<font size=+2><b>PRIVACY Forum Archive Document</b></font><br>

<A href="/privacy"><h3>PRIVACY Forum Home Page</h3></A><p>
<A href="http://www.vortex.com"><h4><i>Vortex Technology Home Page</i></h4></A><p>
<A href="/privmedia"><h4>Radio, Television, and Press Contact Information</h4></A><p>



PRIVACY Forum Digest      Sunday, 18 April 1999      Volume 08 : Issue 06

            Moderated by Lauren Weinstein (lauren@vortex.com)         
              Vortex Technology, Woodland Hills, CA, U.S.A.
                       ===== PRIVACY FORUM =====              

                 The PRIVACY Forum is supported in part by
               the ACM (Association for Computing Machinery)     
	         Committee on Computers and Public Policy,      
		 Cable &amp; Wireless USA, Cisco Systems, Inc., 
                           and Telos Systems.
                                 - - -
             These organizations do not operate or control the     
          PRIVACY Forum in any manner, and their support does not
           imply agreement on their part with nor responsibility   
        for any materials posted on or related to the PRIVACY Forum.

	AltaVista to Begin "Selling Out" Search Results
           (Lauren Weinstein; PRIVACY Forum Moderator)
	"What's Related?" and the Unabomber Manifesto
           (Lauren Weinstein; PRIVACY Forum Moderator)
        Privacy and "Dr. Death" (Lauren Weinstein; PRIVACY Forum Moderator)
        Support for the FDIC's "Know Your Customer" Proposal
           (Lauren Weinstein; PRIVACY Forum Moderator)
	License Plate Camera Surveillance in California
           (Lauren Weinstein; PRIVACY Forum Moderator)
	Health Care Financing Administration Database 
           (Dennis S. Davies, P.T.)
	Industry mergers and personal information (Larry Sontag)

 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are via an automatic list server system;
for subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to

All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the list server system.  Please follow the instructions above
for getting the list server  "help" information, which includes details
regarding the "index" and "get" list server commands, which are used to access
the PRIVACY Forum archive.  

All PRIVACY Forum materials are available through the Internet Gopher system
via a gopher server on site "gopher.vortex.com".  Access to PRIVACY Forum
materials is also available through the Internet World Wide Web (WWW) via
the Vortex Technology WWW server at the URL: "http://www.vortex.com";
full keyword searching of all PRIVACY Forum files is available via
WWW access.


     Quote for the day:
	"Even smiling makes my face ache."

	    -- Dr. Frank-N-Furter (Tim Curry)
	       "The Rocky Horror Picture Show" (20th Century Fox; 1975)


Date:    Sat, 17 Apr 99 19:44 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: AltaVista to Begin "Selling Out" Search Results

Greetings.  I'm sorry to report that one of my top favorite (up to now,
anyway) search engines apparently is about to become far less useful--and
lose its status as an unbiased information source--as AltaVista
(Digital/Compaq) has announced that they're about to start selling top
placements in search results.  It won't surprise longtime readers of this
digest to hear that this is being done in league with our old "friend" and
cookie defender DoubleClick (a massive centralized banner ad operator), who
is already promoting to their customers the ability to buy their way to the
top of AltaVista's previously unbiased results. 

You may recall my past reports regarding the discussions I've had with
DoubleClick regarding privacy concerns, e.g. over their handling of keywords
passed to them by AltaVista and other sites, their use of cookies, and
issues revolving around their display of adult-oriented and offshore
gambling banner ads in response to innocent keyword combinations.  Now it
appears that banner ads are not enough--actual search results will
apparently now be "polluted" by monetary considerations.

AltaVista claims that they'll make efforts to be sure that the paid search
responses will be "relevant" to the keywords entered (500 keywords are
apparently on the initial purchase list), and they've said that they will
indicate which results have been so purchased.  This latter move could at
least avoid the hazard that Amazon.com faced when it was revealed that paid
book reviews had at the time been given prominent placement without being so

It looks as if users will now need to do a number of additional searches on
AltaVista, making profuse use of the "-" negation operator to try subtract
out the product placements (if this even turns out to be possible), if they
want to get past the commercials to the "real" results of their queries.

AltaVista will be the largest of the major search engines to try this tactic
of infusing search result information content with commercial bias.  Time
will tell how successful they are, and if users will be willing to play
along.  I have nothing against the support of sites via advertising.
However, given the sensitive privacy issues already surrounding search
engines and their handling of user query information for commercial purposes,
a policy of effectively suppressing (or forcing to a lower priority, where
they are less likely to be seen) the honest results of a search with paid
placement search results is, to say the least, unfortunate.

If AltaVista manages to squeeze more revenue out of this procedure, will
other major search engines follow suit?  Or will "honest" search results,
uncontaminated by paid placement considerations, become a major attraction
for other search engines?

Stay tuned.

Lauren Weinstein
Moderator, PRIVACY Forum


Date:    Sat, 17 Apr 99 20:07 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: "What's Related?" and the Unabomber Manifesto

Greetings.  In past issues of the PRIVACY Forum Digest, I've reported on
privacy concerns regarding Netscape's "What's Related?" functionality in
their current browsers.  I've also referenced in the digest a technical
report regarding that system, written by the folks at "interhack.net" 
(a network consulting firm) who did a detailed analysis of these issues.

In a turn of events that can only be described as bizarre, the authors of
that report, after some rather "spirited" communications with Netscape
regarding their original report, found their site listed in the
Netscape/Alexa "What's Related?" database as being related to the terrorist
Unabomber, through a returned "What's Related?"  database link to the
infamous "Unabomber Manifesto."  For a period of time, that was the *only*
link returned for their site!  Since there is no obvious logical line of
reasoning to associate these two entities, one possible interpretation of
this link would be an attempt to associate the generally negative appraisal
of "What's Related?" in their report with the anti-technology rhetoric of
the Unabomber.  As you might imagine, the authors of the report were none
too pleased with this association.  They've made a complete chronology
(interesting reading!) of the situation (along with links to the original
report) available at: 


It's of enough concern when we learn that major search engines (e.g.
AltaVista) are about to start selling search result placements.  It's of
equal concern if users need to be worried that other search results,
returned by other search engines, might potentially be skewed by unobvious
forces not related to an unbiased analysis of the sites in question,
even if monetary considerations are not the factor involved.

If search engines begin to lose the trust of their users, one of the net's
most powerful category of tools may be reduced to nothing more than
automated pitchmen using every means possible, no matter how biased, to try
pull the yokels into the tent.  In that case, it will not only be a serious
loss for us all, but will also create the potential for a sort of 
"information pollution" on a scale we've never seen before.

Lauren Weinstein
Moderator, PRIVACY Forum


Date:    Sat, 17 Apr 99 22:34 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Privacy and "Dr. Death"

Greetings.  We normally think of privacy as a concern of life, a facet
of the multitude of activities that make up the various sundry aspects
of our daily lives.  But privacy can be an aspect of death as well,
and indeed even of the gray area between life and death where
some persons may reside, sometimes in agony, for long periods.

So the issue of Dr. Jack Kevorkian, recently convicted of second degree
murder and handed down a sentence of 10 to 25 years in prison, is an
extremely appropriate topic for here in the PRIVACY Forum.  Kevorkian,
popularly called "Dr. Death" by some in the media, has been a champion of
physician-assisted suicide, and euthanasia, for many years.  A fascinating
fellow with a perhaps surprisingly well-developed sense of humor, his very
public tactics have aroused great emotional reactions on all sides of these
issues.  In the case of the murder conviction, in which the members of the
family who had asked for his help were not permitted to testify during the
actual trial phase (they were only permitted to speak during the penalty
phase), Kevorkian taped his performing a voluntary euthanasia procedure,
portions of which were later aired on CBS's "60 Minutes" program.

Will history view Kevorkian as a visionary toward sensible policies in these
areas, as a man willing to put his own interests, indeed his own life, in
the background to champion an important cause that he felt was being
ignored?  Or will he be viewed as a "loose cannon"--a fanatic with a martyr
complex--a man sneaking around in the night with a "bag of poison," as he
was described by the prosecutor in the case?

The issue of how much privacy we have, or should have, to make our own
decisions at times of terrible illness is something that could affect any of
us.  But what of possible abuses of euthanasia?  What *is* society's
appropriate role in such matters?

What do you think?

Lauren Weinstein
Moderator, PRIVACY Forum


Date:    Sun, 18 Apr 99 09:28 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Support for the FDIC's "Know Your Customer" Proposal

Greetings.  I reported here in the PRIVACY Forum Digest previously on the
Federal Deposit Insurance Corporation's "Know Your Customer" proposal, which
would have established a broad range of rules to encourage financial
institutions to monitor customer accounts for income sources and unusual
patterns of transactions, in an effort to track down various significant
criminal activities (especially money laundering and the like).  

The proposal generated an unprecedented (by almost two orders of magnitude)
response to its comment period--but not all of the responses were negative.
In fact, out of the more than 254,000 comments received, it has been reported
that 72 (that's 72 absolute, not 72,000) of them were in favor of the plan.

Not too surprisingly, the current proposal has been withdrawn for now.

Lauren Weinstein
Moderator, PRIVACY Forum


Date:    Sun, 18 Apr 99 09:43 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: License Plate Camera Surveillance in California

Greetings.  An emerging area of privacy concerns is the mushrooming
of surveillance cameras in public places.  These are often placed
with laudable goals in mind, and with promises that information
gathered will only be used for specific purposes.  But as in so
many areas of information collection, the risk of what I 
call "data creep"--information collected for one purpose ending
up being used for something else--is always present.

We may be on the verge of yet another example of this problem.  Here in
California, the state capital of Sacramento is planning to use 19 cameras
along Interstate Highway I-5 (an increasingly typical sort of placement for
traffic management purposes) to photograph drivers' license plates.  The
idea is to determine who is traveling during rush hours and from what zip
codes they come, to aid in traffic planning.

I'm all for less congestion on the freeways!  But the potential privacy
problems with such a system, regardless of stated goals, are prime examples
of "data creep" waiting to happen, especially if such systems become highly
automated and widely deployed--possibilities that currently available
technologies certainly make increasingly practical.

Lauren Weinstein
Moderator, PRIVACY Forum


Date:    Sat, 03 Apr 1999 04:39:05 -0700
From:    "Dennis S. Davies, P.T." &lt;davies@primenet.com&gt;
Subject: Health Care Financing Administration Database

I have practiced physical therapy for 25 years and have seen many major
changes in my profession.  The most important of the changes of the past
five years has been the government's intrusion into standard methods of

The most recent intrusion however, is an intrusion into the lives of the
clients of federal and state chartered home health agencies.  HCFA (the
Health Care Financing Administration--the administrator of
Medicare--pronounced "hecfa") now requires that a 17 page questionnaire be
filled out on all clients of home health agencies.  This questionnaire is
required to be completed at the beginning, mid-term, and discharge of each
client.  The initial questionnaire is nine to 17 pages long depending on the
agency's decision on size of print, etc.  Many cases do not require the
mid-term questionnaire because the length of services do not exceed 60
days.  The discharge questionnaire is eight to 13 pages long depending on
the same printing criteria.

I have several concerns but the most important one is the intrusion that
these questionnaires cause into the lives of every person receiving
services from a home health agency.  The questionnaires contain
information about the client's financial ability to pay for services;
medical history including open wounds and medications; medical risk
factors including obesity; living arrangements including sanitation and
people living with the client; mental status of the client including
depression, suicidal thoughts and tendencies; psychiatric care; and even
toilet habits.  All of this information is linked to the client by their
social security number and is added to HCFA's data base every thirty

I am further concerned that the clients of home health agencies do not
know that this information is being gathered and sent to a central data
base.  They sign a simple "release of information" clause and probably
assume that it covers simple and basic information that the insurance
company needs to process the claim.

I believe that every client of a home health agency should be able to
choose if their personal information is included in HCFA's data base and
that HCFA should not cause that services be denied if the information is

I have written to my congressmen.  Who else should I contact concerning

	[ The need to collect data on medical services is obviously an
	  important requirement to understand the funding of such services,
	  which are a major component of government spending.  However, when
	  such detailed data is permanently linked to specific individuals,
	  rather than maintained in aggregate or "anonymous" formats, the
	  potential for privacy problems related to that data is of course
	  much greater.  Often it seems that such data is linked to
	  individuals because it's viewed as the simplest procedure, and/or
	  because the entities involved don't feel that they will be doing
	  anything privacy-invasive with that data.  But of course, data
	  once collected can be used for other purposes later, and those who
	  are collecting the data should not alone be making such decisions.

		-- PRIVACY Forum Moderator ]


Date:    Wed, 07 Apr 1999 16:00:32 -0700
From:    kaspur@iname.com (Larry Sontag)
Subject: Industry mergers and personal information

Mega bank mergers pose an invisible threat to the financial well being and
privacy of everyone, but especially for senior citizens.  Privacy rights
supporters reveal hidden repercussions of mammoth bank mergers with other
financial institutions including investment firms and insurance companies.
Practically no one is aware of the fact that when large financial entities
merge, they also combine the contents of their vast databases, engaging in
cross correlation and sharing of information.  For example, a bank customer
may receive an inheritance or large insurance award and deposit it in their
money market account.  

If their bank has recently merged with a large investment firm, they may
soon receive solicitations from that firm seeking to capture the new found
wealth.  The elderly, who often receive insurance or other assets, are
frequent targets of these marketing efforts.  If they are not prepared or
highly astute in financial matters, these "opportunities" may be very
seductive and lure them into speculative or unsafe ventures they should not
be in.  

This has happened already with NationsBank, which marketed complex,
uninsured investments of derivative hedge funds to a targeted group of
unsophisticated senior citizens who merely wanted to renew their insured
CDs.  The bank, which admitted no legal violations, paid fines and penalties
totaling nearly $7 million dollars to the SEC and other regulators, and over
$35 million dollars in a class action lawsuit to its customers.

Customers shopping for insurance or other products may also be affected, as
the banks are free to share credit information with their affiliates without
the legal requirements for informing customers spelled out in the Fair Credit
Reporting Act.  This law requires that anyone turned down for a loan or
insurance must be notified and given the name of the credit reporting
agencies used in the determination of eligibility so that they can request a
free report and possibly correct any mistakes in their files.  They must
also be told of any other reasons for being denied.  

Because nearly a third of all credit files contain serious mistakes,
according to a recent PIRG study and over 70% have some errors, this ability
to check on one's personal records is vital to the financial well-being of
average citizens.  With the merger of large diverse institutions, an
insurance or investment application may be evaluated internally with banking
information.  Likewise a loan may be denied because a person's medical
records showed that they had some kind of illness or condition that the bank
feels makes the person too great a risk.  Extenuating circumstances or
mistakes may never be revealed because the customer is never told the source
of the negative information used to judge his application. 

Furthermore, if DNA tests are done on a person and they reveal a genetic
weakness, this information might be used to deny banking or insurance
services to an entire generation or family line.  Once personal information
is shared, a customer has no ability to demand treatment for that
information under the Fair Credit Reporting Act.  They may never be given
the opportunity to check on the accuracy of their records, nor would they
even know what records are being used.

Banks also share their customers' information with outside marketing
companies.  Because the data is so valuable, banks freely sell it for
whatever the market will bear.  With the merger of large financial and
insurance institutions, the amount of information, including medical data
available on any one customer is staggering.  Banks are required to allow
customers to request that their personal information not be shared with
affiliates, but this requirement is usually buried deep in applications and
is almost never used.  Furthermore, legislation seeking to regulate and
limit this practice has stalled in Congress due to the enormous lobbying
power of the banking industry.  

No one should expect the government to come to their rescue in this matter
and therefore, it is recommended that all banking customers write a simple
letter to their bank requesting that their accounts be excluded from sharing
with any affiliates or outside marketing companies.  They should also
request a confirmation letter and ask how long this opt-out will last.  As a
follow-up, people should take a financial and medical inventory of their
affairs, especially with the Y2K problems looming in the not to distant
future and the potential for corruption of their files.  Furthermore, they
should make sure that they have paper copies of all important documents
showing ownership, equity, payments, medical data, and anything else that
would affect their financial or medical well-being should these records be
lost or damaged in the computers.

Larry Sontag
Author of "It's None of Your Business: 
A Consumer's Handbook for Protecting Your Privacy"


End of PRIVACY Forum Digest 08.06
<A href="/privacy"><h3>PRIVACY Forum Home Page</h3></A><p>
<A href="http://www.vortex.com"><h4><i>Vortex Technology Home Page</i></h4></A><p>
<A href="/privmedia"><h4>Radio, Television, and Press Contact Information</h4></A><p>

<font size=-2>Copyright &copy; 2000 Vortex
Technology.  All Rights Reserved.</font> 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH