TUCoPS :: Privacy :: priv0824.txt

Privacy Digest 8.24 12/31/99

<head><TITLE>PRIVACY Forum Archive Document - (priv.08.24) </TITLE></head>
<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#660099" alink="#ff0000">

<table border=0 cellpadding=0 cellspacing=0 width=100%>

<td bgcolor="#ffffcc" width=30%>

<table border=0 cellpadding=4 cellspacing=0 width=100%>

<a href="/reality.html"><img src="/spkr1.gif" border=0 align=middle></a>
<font size=-1 face="Arial, Helvetica, sans-serif"><b>RealAudio</b></font><br>
A Moment of Sanity & Fun!<br>

<font size=-1 face="Arial, Helvetica, sans-serif">
<font color="#ff0000"><b>& UNREALITY TRIVIA QUIZ!</b></font>

<table border=0 cellpadding=0 cellspacing=0 width=100%>

<table border=0 cellpadding=4 cellspacing=0>

<a href="/reality.html"><i>LISTEN</i> or <i>INFO!</i></a></td>







<td align=center>

<font size=+2><b>PRIVACY Forum Archive Document</b></font><br>

<A href="/privacy"><h3>PRIVACY Forum Home Page</h3></A><p>
<A href="http://www.vortex.com"><h4><i>Vortex Technology Home Page</i></h4></A><p>
<A href="/privmedia"><h4>Radio, Television, and Press Contact Information</h4></A><p>



PRIVACY Forum Digest     Friday, 31 December 1999     Volume 08 : Issue 24


            Moderated by Lauren Weinstein (lauren@vortex.com)         
              Vortex Technology, Woodland Hills, CA, U.S.A.
                       ===== PRIVACY FORUM =====              

                 The PRIVACY Forum is supported in part by
               the ACM (Association for Computing Machinery)     
	         Committee on Computers and Public Policy,      
		 Cable &amp; Wireless USA, Cisco Systems, Inc., 
                           and Telos Systems.
                                 - - -
             These organizations do not operate or control the     
          PRIVACY Forum in any manner, and their support does not
           imply agreement on their part with nor responsibility   
        for any materials posted on or related to the PRIVACY Forum.

	 The Year's Not Quite Over Yet... 
	    (Lauren Weinstein; PRIVACY Forum Moderator)
	 Yahoo Sued for $4 Billion in Privacy Policy Battle
	    (Lauren Weinstein; PRIVACY Forum Moderator)
	 Check Processing Surprises 
	    (Lauren Weinstein; PRIVACY Forum Moderator)
	 Re: Cell Phones to be Tracked for Traffic
	    (Lauren Weinstein; PRIVACY Forum Moderator)
	 FTC announces Privacy Committee (Craig Partridge)
	 Clarification to issues raised regarding Topica-Esosoft partnership
	    (Ariel Poler)
	 Re: Web Tracking and Data Matching Hit the Campaign Trail
	    (Oleg Gurvits)

 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are via an automatic list server system;
for subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to

All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the list server system.  Please follow the instructions above
for getting the list server  "help" information, which includes details
regarding the "index" and "get" list server commands, which are used to access
the PRIVACY Forum archive.  

All PRIVACY Forum materials are available through the Internet Gopher system
via a gopher server on site "gopher.vortex.com".  Access to PRIVACY Forum
materials is also available through the Internet World Wide Web (WWW) via
the Vortex Technology WWW server at the URL: "http://www.vortex.com";
full keyword searching of all PRIVACY Forum files is available via
WWW access.


     Quote for the day:

        "The suspense is terrible... I hope it'll last." 

	     Willy Wonka (Gene Wilder)
	     "Willy Wonka &amp; the Chocolate Factory" (Warner Bros.; 1971)

Date:    Wed, 29 Dec 99 19:38 PST
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: The Year's Not Quite Over Yet...

Greetings.  Well, I had thought that the previous PRIVACY Forum Digest
could close out the year, but the press of events has forced me
to squeeze in one more issue, and it *will* be the last of 1999.
"This time for sure!"

Again, all the best for the new year!

Lauren Weinstein
Moderator, PRIVACY Forum - http://www.vortex.com
Co-Founder, PFIR: People for Internet Responsibility - http://www.pfir.org
Member, ACM Committee on Computers and Public Policy


Date:    Wed, 29 Dec 99 19:34 PST
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Yahoo Sued for $4 Billion in Privacy Policy Battle

Greetings.  If anybody doubted that the perceived value of personal data is
a key factor in the big-money Web deals, you need doubt it no longer.  We've
talked here in the PRIVACY Forum in the past about the problems inherent in
privacy policies, especially when one company buys out another.  

Now we have perhaps a textbook illustration of how insane the current
situation really is, in the absence of laws mandating that individuals have
reasonable control over the personal information they provide during online
registrations and the like.

Yahoo, Inc. (http://www.yahoo.com) has been sued for $4 billion (that's
Billion with a "B") by a firm called Universal Image Inc. (doing business on
the net under names such as chalkboardtalk.com), who had a deal to provide
educational videos to, and receive user registration data from,
Broadcast.com.  Keep in mind that Broadcast.com (which recently began
terminating their support for Realaudio/Realvideo in favor of Microsoft's
Windows-oriented "Media Player" system) was relatively recently bought by
Yahoo.  The suit reportedly was originally filed some months ago, but was
just amended to include the large dollar amounts, along with other requests
to the court concerning accusations against Yahoo.

The lawsuit, which Yahoo considers to be "opportunistic" in nature, claims
that Yahoo is in breach of contract for not running Universal Images' videos
as specified in the original contract with Broadcast.com, and for not
providing Universal Images with the promised user registration data. 

Depending upon which side you listen to, the cause of this problem 
is reported to be either that:

a) Yahoo's privacy policy is stricter than Broadcast.com's was,
   and Yahoo wants to protect its tens of millions of claimed 
   users from the release of personal information.

or (from the suit's arguments):

b) Yahoo is accused of destroying data against a judge's prior orders,
   wants the rest of the information all for itself, and is giving users
   a false sense of security through their privacy policy.

The next hearing on this matter is scheduled for Jan. 5, 2000.

According to Larry Friedman, a lawyer for Universal Images, the Yahoo
privacy policy violates the Broadcast.com contract with Chalkboard.com.  He
also reportedly has suggested that the reason Yahoo bought Broadcast.com in
the first place was only for its user data.

A judge in Dallas is reported to have granted a temporary restraining order
that prohibits Yahoo from publishing its privacy policy until the suit is
resolved.  As of right now, however, what appears to be their standard
privacy policy is still viewable at their site.

With personal information being treated as just another commodity, this sort
of event seemed inevitable.  And of course, left out in the cold amidst this
tug-of-war are the current and past Web users of Yahoo and the former
Broadcast.com, who have no idea at all regarding what might end up happening
to the data they've provided in the past, or that they might provide
in the future.

Lauren Weinstein
Moderator, PRIVACY Forum - http://www.vortex.com
Co-Founder, PFIR: People for Internet Responsibility - http://www.pfir.org
Member, ACM Committee on Computers and Public Policy


Date:    Tue, 28 Dec 99 14:58 PST
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Check Processing Surprises

Greetings.  Most people would agree that it's not outrageous to expect both
reasonable privacy and high accuracy in your routine financial transactions,
such as paying bills.  On the privacy front, some financial institutions
continue to be taken to task for their marketing based on the personal
information that they possess on their customers.  But when even simple
sorts of transactions may be error-prone without suitable explanations,
there may be a basis for even greater concerns about the overall situation.

Do you ever neglect to carefully verify whether checks you write are
actually paid for the amounts you write on them?  Do you expect your bank to
bother even *looking* at what you wrote on your checks when they're paid?
If you've answered "yes" to either of these questions, you might want to be
a bit more conscientious in the future.

For example, in a number of specific cases brought to my direct attention,
and in other anecdotal cases, "Discover" (Discover Financial Services) credit
card holders have found that payment checks were deposited by Discover for
the incorrect amounts.  (Discover is a business unit of Morgan Stanley Dean
Witter &amp; Co.)

In each of these situations, the erroneous amount matched both on the card
holder's Discover statement and in their checking account that was used for
the payment.  In at least one case I know of, checks that were clearly
written for particular amounts were incorrectly processed two months in a
row--both of them deposited for too large an amount, putting the payer's
checking balance at risk of significant problems.

The types of errors seen were the sort that might be typically attributed to
poor OCR (optical character recognition) scanning, e.g. misplaced decimal
points, or a "1" being scanned as a "7".

While Discover supervisory personnel openly admitted to me that they were
having problems in this area, some of even larger dollar magnitudes than I
cited, a Discover Financial Services corporate communications representative
whom I contacted denied any such problems beyond "normal" financial
institution error rates.  She was unwilling to provide any information
concerning their check processing procedures and would not disclose whether
their check reading is done by humans or OCR, nor even if processing is
performed in-house (they apparently consider this to be top secret
compartmented information!)

What's particularly interesting about all this is what it reveals about the
state of quality control by the banks themselves.  Once a payee has "coded"
a check for a particular amount (the numbers added on the lower right
portion of the check), that check apparently will usually fly through the
banking system without any additional validation of what was actually
written on it by the payer.  The coding is accepted as is, and the amount is
withdrawn from the payer's account, even if it is completely different than
the amount specified by that payer.  The banking system view seems to be
that any other verifications would be inefficient and would slow down
processing unacceptably, and of course from their standpoint it's always
easier to try "fix" customer problems after the fact rather than to take
pro-active steps to prevent them.

So, if you've been laboring under the illusion that the amount you write on
your checks necessarily is the same as what will be paid, you might want to
make a special effort to verify that the two really do match up.  You never
know when you might "discover" an error.

Lauren Weinstein
Moderator, PRIVACY Forum - http://www.vortex.com
Co-Founder, PFIR: People for Internet Responsibility - http://www.pfir.org
Member, ACM Committee on Computers and Public Policy


Date:    Wed, 29 Dec 99 20:12 PST
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Re: Cell Phones to be Tracked for Traffic

Greetings.  In the previous PRIVACY Forum Digest 
(http://www.vortex.com/privacy/priv.08.23), I discussed the
irony of a project to use cell phone location information to derive auto
traffic speed and related data, while officials at the same time try to
discourage the use of cell phones while driving.

Several PRIVACY Forum readers have since suggested that perhaps there was no
need for the phones to actually be in use, since (as has been discussed here
in the PRIVACY Forum Digest in the past) cell phones are routinely in very
brief communications with cell base stations at intervals (e.g. a burst
every five minutes), whenever they are powered on.

Just to clarify, this project is indeed using *active* calls (inbound or
outbound) to derive the density of location data that it needs for its
automobile traffic data collection.  The amount of data available from the
"non-call" phone transmissions is not considered adequate for this
application.  I have confirmed this information directly with one of the
main persons working on the project.

So, the irony I suggested does appear to stand!

Lauren Weinstein
Moderator, PRIVACY Forum - http://www.vortex.com
Co-Founder, PFIR: People for Internet Responsibility - http://www.pfir.org
Member, ACM Committee on Computers and Public Policy


Date:    Wed, 29 Dec 1999 08:01:25 -0500
From:    Craig Partridge &lt;craig@bbn.com&gt;
Subject: FTC announces Privacy Committee

The FTC is asking for nominations by Jan 5th for their advisory
committee on online access and security, which is charged with
providing "advice and recommendations to the Commission regarding
implementation of certain fair information practices by domestic
commercial Web sites -- specifically providing online consumers
reasonable access to personal information collected from and
about them and maintaining adequate security for that information."

The committee will have public meetings on Feb 4, Feb 25, Mar 31 
and Apr 28 of 2000.

More info at http://www.ftc.gov/acoas/index.htm

    [ There was very short notice given by the FTC of this process.  The
      official announcement calling for the nominations ostensibly seeks
      a broad range of participants.  However, it appears that only
      persons with significant financial resources need apply, since the
      positions are unpaid, and participants must physically attend
      all of the meetings and cover their own travel expenses.

		-- PRIVACY Forum Moderator ]


Date:    Tue, 28 Dec 1999 16:45:02 -0800
From:    "Ariel Poler" &lt;ariel@get.topica.com&gt;
Subject: Clarification to issues raised regarding Topica-Esosoft partnership

I would appreciate the opportunity to address the issues that have been
raised in this forum 

[ http://www.vortex.com/privacy/priv.08.22 -- PRIVACY Forum Moderator ] 

regarding the recent partnership between Topica and Esosoft - in which
Topica will be hosting mailing lists that Esosoft has been servicing to date.

Although we attempted to provide clear and timely information
regarding the transition, including how to prevent a list from being
transferred if someone so desired, in retrospect it is clear that we
should have worked more closely with Esosoft to give list owners
additional time and more information, particularly given the
holidays. We sincerely apologize for any confusion that resulted and
will be sure to provide clearer communication and lengthier transition
times in the future. In the meantime, our customer support team is
giving top priority to addressing any remaining issues resulting from
this transition. Additionally, we are facilitating alternatives for
Esosoft list owners who prefer to stay with a fee-based hosting
provider - including staying on with Esosoft for a period of time.

I would like to emphasize that once at Topica, list owners have
complete ownership and control of their lists. They control whether
the list appears in our directory or not, whether the archives are
publicly readable or not, and whether anyone can subscribe to the list
or just those approved by the owner. Additionally, if for some reason
a list owner no longer wants his/her list hosted at Topica, he/she can
easily delete it from our system (including the list's entry in our
directory, the archives, and the subscribers). The freezing of list
commands during the transition from Esosoft to Topica was done solely
for the purpose of keeping the Esosoft and Topica versions of the
lists in synch. Once the transition was accomplished, all the list
commands were reinstated.

Lastly, I would like to address the issue of content ownership. As our
terms of service clearly state, "Topica does not claim ownership of
the Content you transmit through Topica's Service". We have no
intention, nor the right, to use the content in any way other than to
provide our services. Our terms and conditions grant Topica a
non-exclusive license to the content "solely for the purpose of
providing Topica's hosting, archiving, subscription, and promotion
services". Without this license, we could not legally offer our
services. Additionally, our terms and conditions state that Topica's
rights to the content are only in effect as long as the list is hosted
at Topica.

I hope that the above information helps clarify the issues that were
raised in this forum. We are working hard at Topica to service the
email list community and eagerly welcome feedback on how we could do a
better job.


Ariel Poler
CEO, Topica Inc.


Date:    Thu, 30 Dec 1999 01:25:13 -0500
From:    Leggy &lt;gurvits@idt.net&gt;
Subject: Re: Web Tracking and Data Matching Hit the Campaign Trail

My name is Oleg Gurvits. I am a subscriber to Dave Farber's IP list and
have read the article "Web Tracking and Data Matching Hit the Campaign
Trail" there.

I completely and totally disagree with all the privacy issues raised in
that article, and with many other privacy-related issues usually raised
in discussions. I do not think that what Bush and McCain are doing is an
intrusion of my privacy. I do not think that when for-profit companies
were doing what Bush and McCain are doing that is an intrusion of my
privacy. Moreover, I welcome it.

The reasons? Plain and simple. As long as all they are doing is making
OFFERS, that does not preclude me from choosing to accept them or not.
Bush and McCain are not implicitly redirecting me to their websites.
They are giving me a banner that I am free to click on and free to
ignore. The presence of the banner does not form my opinion. (Most of
the hype on their websites won't influence me either, but that's a
separate question.)

Why is it so disturbing to many people that the banners are not random
but tailored according to their past Web behavior? They are presenting
an offer to you because they think you will be likely to accept it. But
the actual decision is yours and yours only, Bush and McCain are NOT
making it for you.

Same goes for commercial companies. If they target their offers to me
according to my past behavior, I will get better offers from them. I do
not want any generic promotions - mostly, generic offers are useless to
me. But if a company is smart enough to get my name from a database
based on a criteria that I have shopped for computer books before and
offer me a discount on a computer part, that's much better than me
getting a generic discount on a baby seat for my minivan (I don't have
children or own a minivan). And again, it is my choice to whether
actually accept the deal.

Therefore, I think that anyone who disables their cookies, doesn't view
sites with JavaScript code or Java applets and doesn't fill out online
forms so that their information cannot be collected is just a little too

If a person is worried that the mere presence of an offer can prompt her
or him to take it, she or he has more general problems than the privacy
issue. No one should assume that the best way to deal with temptation is
to ban it. The strong-minded still want to have the choice of being
marketed to.

The regulations the government can pass are the worst way to deal with
it. The government has proven, case after case, to know very little of
the computer industry. The government in any form cannot move with the
speed the computer industry is moving. It does not move fast enough even
to catch up. I am afraid that what we will see is regulations passed on
the principle "let's ban it for now until we have time to deal with it,"
or regulations based on the general fear derived from not understanding
the subject or getting caught up in it too fast.

Finally. Don't get me wrong - I support everyone who is against spam, as
long as they are against it because it requires them to perform an
action they would not have had to do otherwise (even if it's just
deleting a message). I am personally against generic spam and generic
junk mail. I do not dislike targeted marketing, though, because I
discovered that generally, the offers I get are worth the hassle of
dealing with it.

I am not speaking for any company or political platform in this note.
These are my personal views, which I have held for as long as I've been
on the Net. The note is intentionally a little too harsh, and anyone who
is offended is welcome to take it up with me - just send me an email at

		[ Additional comments from readers would 
		  also be welcome here at privacy@vortex.com.

			  	    -- PRIVACY Forum Moderator ]


End of PRIVACY Forum Digest 08.24
<A href="/privacy"><h3>PRIVACY Forum Home Page</h3></A><p>
<A href="http://www.vortex.com"><h4><i>Vortex Technology Home Page</i></h4></A><p>
<A href="/privmedia"><h4>Radio, Television, and Press Contact Information</h4></A><p>

<font size=-2>Copyright &copy; 2000 Vortex
Technology.  All Rights Reserved.</font> 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2023 AOH