TUCoPS :: Privacy :: priv0902.txt

Privacy Digest 9.02 1/5/00

<head><TITLE>PRIVACY Forum Archive Document - (priv.09.02) </TITLE></head>
<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#660099" alink="#ff0000">

<table border=0 cellpadding=0 cellspacing=0 width=100%>

<td bgcolor="#ffffcc" width=30%>

<table border=0 cellpadding=4 cellspacing=0 width=100%>

<a href="/reality.html"><img src="/spkr1.gif" border=0 align=middle></a>
<font size=-1 face="Arial, Helvetica, sans-serif"><b>RealAudio</b></font><br>
A Moment of Sanity & Fun!<br>

<font size=-1 face="Arial, Helvetica, sans-serif">
<font color="#ff0000"><b>& UNREALITY TRIVIA QUIZ!</b></font>

<table border=0 cellpadding=0 cellspacing=0 width=100%>

<table border=0 cellpadding=4 cellspacing=0>

<a href="/reality.html"><i>LISTEN</i> or <i>INFO!</i></a></td>







<td align=center>

<font size=+2><b>PRIVACY Forum Archive Document</b></font><br>

<A href="/privacy"><h3>PRIVACY Forum Home Page</h3></A><p>
<A href="http://www.vortex.com"><h4><i>Vortex Technology Home Page</i></h4></A><p>
<A href="/privmedia"><h4>Radio, Television, and Press Contact Information</h4></A><p>



PRIVACY Forum Digest      Wednesday, 5 January 2000      Volume 09 : Issue 02


            Moderated by Lauren Weinstein (lauren@vortex.com)         
              Vortex Technology, Woodland Hills, CA, U.S.A.
                       ===== PRIVACY FORUM =====              

                 The PRIVACY Forum is supported in part by
               the ACM (Association for Computing Machinery)     
	         Committee on Computers and Public Policy,      
		 Cable &amp; Wireless USA, Cisco Systems, Inc., 
                           and Telos Systems.
                                 - - -
             These organizations do not operate or control the     
          PRIVACY Forum in any manner, and their support does not
           imply agreement on their part with nor responsibility   
        for any materials posted on or related to the PRIVACY Forum.

	British Looking to Slow (and Track?) Cars via Satellite
	   (Lauren Weinstein; PRIVACY Forum Moderator)
	U.S. Customs Service to Expand Airport Body X-Ray Scanner Usage
	   (Lauren Weinstein; PRIVACY Forum Moderator)
	Re: Banks and check amounts (John R. Levine)
	Re: Web Tracking and Data Matching Hit the Campaign Trail
	Re: Web Tracking and Data Matching (Timothy Hinds)

 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are via an automatic list server system;
for subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to

All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the list server system.  Please follow the instructions above
for getting the list server  "help" information, which includes details
regarding the "index" and "get" list server commands, which are used to access
the PRIVACY Forum archive.  

All PRIVACY Forum materials are available through the Internet Gopher system
via a gopher server on site "gopher.vortex.com".  Access to PRIVACY Forum
materials is also available through the Internet World Wide Web (WWW) via
the Vortex Technology WWW server at the URL: "http://www.vortex.com";
full keyword searching of all PRIVACY Forum files is available via
WWW access.


     Quote for the day:

	"Let's play something else..."

                    -- Thomas Crown (Steve McQueen)
		       "The Thomas Crown Affair" (MGM/UA; 1968)			


Date:    Tue, 4 Jan 2000 16:44 PST
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: British Looking to Slow (and Track?) Cars via Satellite

Greetings.  In one of the more misguided and potentially dangerous ideas
I've seen in quite awhile, the British government is considering the
installation of devices on all autos which would automatically limit their
speed via GPS-linked systems programmed with local speed limit data.  Deputy
Prime Minister John Prescott is reportedly in charge of this evaluation. 
A prototype device for this function has already been developed.

While the safe-driving groups who are promoting this concept no doubt have
admirable motives, the risks are obvious.  While it could be argued that
most speeding is "casual" in nature, there are certainly times when drivers
are in life-critical situations where exceeding the speed limit may be a
necessary tradeoff.  Cases such as reaching a hospital in an emergency,
escaping from potential carjackers, and other unfortunate situations are
examples.  While it's certainly true that speeding even in those situations
*does* involve risks, there simply are times when human assessment of a
situation must be in control.  Imagine the outcry the first time that an
infant or mother dies when such a system prevents them from rapidly reaching
medical care.  In another scenario, the "impact" of pulling out into the
opposing traffic lane for (legal) passing, only to find a hard limit on
speed, could also be rather dramatic.

Another point--since the temptation to tamper with such a device would be
significant, it seems logical that practical implementation of such systems
would need to include some form of logging system to track operations, which
presumably could be interrogated at vehicle inspection/licensing times, etc.
The variety of data that such a GPS-based system could maintain is very
extensive, introducing a range of directly privacy-related issues.

While speed governors are not uncommon in the trucking industry, their
application to passenger vehicles, especially in conjunction with
the tracking capability of GPS, seems to be both unwise and unsafe.

Lauren Weinstein
Moderator, PRIVACY Forum - http://www.vortex.com
Co-Founder, PFIR: People for Internet Responsibility - http://www.pfir.org
Member, ACM Committee on Computers and Public Policy


Date:    Sun, 2 Jan 2000 20:32 PST
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: U.S. Customs Service to Expand Airport Body X-Ray Scanner Usage

Greetings.  The PRIVACY Forum has previously discussed the issues of 
"body scanners" (using either x-rays or non-ionizing radiation such as 
microwaves, as in http://www.vortex.com/privacy/priv.05.20).  The U.S. 
Customs Service has announced an expansion of the program that already has
"low dose" x-ray body scanners in use at six major airports around the 
country.  The plan is to have such units operational at all major U.S. 
airports by this June.  

Concerns about these scanners have been raised both due to the radiation
exposure involved ("low dosage" notwithstanding) and due to the units'
ability to display "private parts" with considerable clarity (though
apparently not in sufficient detail to show body scars, for example).

The scanners are not currently planned for routine passenger use, but rather
for situations where particular passengers are singled out for suspicion of
carrying contraband, as an alternative to physical pat-downs.  According to
Customs, passengers would still have the alternative of a physical search,
but Customs says that many persons have objected to being touched during
those searches, believing that they were being specifically targeted due to
sex, race, or physical characteristics.

Lauren Weinstein
Moderator, PRIVACY Forum - http://www.vortex.com
Co-Founder, PFIR: People for Internet Responsibility - http://www.pfir.org
Member, ACM Committee on Computers and Public Policy


Date:    1 Jan 2000 00:41:05 -0500
From:    johnl@iecc.com (John R. Levine)
Subject: Re: banks and check amounts

It's absolutely true that banks make no effort to verify any of the
information on incoming checks beyond what's coded on the stripe at
the bottom.  I'm evidently one of the three people left in the world
who balances his checkbook every month, and once or twice I've found
checks where the amount was coded wrong.  Usually the error is only a
penny or 10 cents (evidently my 1 and 2 look similar) but in one case
it was off by $50 due to a 4 being coded as a 9.  I dropped by the
bank to complain, they weren't at all surprised and instantly credited
my account.  I'm not sure whether they tried to recover the $50 from
the payee's bank or not.

But really, getting the amounts wrong is the least of our problems.
Almost without exception, they don't look at the handwriting or
signature, either.  If someone forges your account number in MICR ink
at the bottom of a check, writes a check with a scribbled signature
completely unlike yours, and cashes it, your bank will pay it.  This
is a major change from traditional banking practice -- until the
advent of automated check sorting in the 1950s, bank accounts didn't
have numbers, the only printed number on most checks was the Fed's
routing number for your bank, and the only way to tell who wrote the
check was for a clerk at your bank to look at the signature.  There
are still a few tiny banks that look at signatures, but for the most
part, the last human who looks at your check is the clerk at the
payee's bank who codes the amount.  And through the magic of OCR, even
that human is going away.

John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869
johnl@iecc.com, Village Trustee and Sewer Commissioner, http://iecc.com/johnl, 
Member, Provisional board, Coalition Against Unsolicited Commercial E-mail


Date:    Sat, 01 Jan 2000 19:12:41 +0800
From:    private@mariana.net
Subject: Re: Web Tracking and Data Matching Hit the Campaign Trail

I believe Mr. Gurvits is missing the point. By collecting the information
companies (and others) can indeed provide us with more relevant information,
which is good. However that same information can also be used for many other
purposes, not all of which are benign. Many of which are harmful, or
potentially harmful. 

The main issue, which Mr. Gurvits ignores, is choice. If I want the benefits,
then I should explicitly allow the collection of the data. I should also be
explicitly informed how the information will be used, who has access to it,
what steps the company is taking to ensure against unauthorized access and
for how long it will be stored. The collection and use of data about
individuals and their habits should depend upon the individual. Always.

Date:    Mon, 03 Jan 2000 15:10:24 -0500
From:    Timothy Hinds &lt;tim@thinds.com&gt;
Subject: Re: Web Tracking and Data Matching

Mr. Weinstein,

Your recent invitation to let you know my views on Web Tracking and Data
Matching give me the opportunity also to let you know that I very much
appreciate the work you do on the PRIVACY Forum Digest.  Your summaries and
updates are invaluable.  Please keep up the good work.

I am deeply concerned about the amount of data matching that is being done
today on the 'net and the vast expansion of it likely in the future, absent
meaningful restrictions or regulation.  In short, "There oughta be a law!"
We desperately need legal protection against the gathering and use of
personal information without the permission of the subject whose
information is being used, bought, and sold.  

Until such legal protections emerge, I advocate the use of technological
solutions to fight the technological abuses of our privacy.  One intriguing
tool is "Freedom" from Zero Knowledge Systems, of which I believe you are
aware.  It has recently been released out of beta, and I plan to adopt it
in order to maintain some degree of online privacy through the use of
multiple identities ("nyms" in ZKS's parlance).  

While technological defenses are philosophically more compatible on the
surface with my conservative/libertarian beliefs, I see a legitimate, in
fact essential, role for government's police powers here.  The U.S.
Constitution &amp; Bill of Rights are clearly designed to limit government's
unnecessary intrusion into the lives of the citizenry.  However, they also
clearly provide for government's wielding of what the Bible calls "the
sword" in defense of the lives and property of the people.  Indeed, both
Biblically and constitutionally, only the state can exercise police power
with ultimate legitimately.  Private police and armies will always be
subject to the appearance, and the fact, of motivation by private
interests.  Individual States within the U.S. could act here with
legitimacy, but not with effectiveness, given the national and even
international scope of the data correlation and web tracking efforts and
organizations.  Hence, reluctant as I am to call for the federal government
to do ANYTHING, I believe it must enact legislation to protect the privacy
rights of our citizens.

Thanks for asking.  - Timothy Hinds, thinds@acm.org.

		[ Thank you for your message.  I am in general very
		  unenthusiastic about the various services promising
		  "anonymizing" capabilities.  Since they require people to
		  take explicit actions to use them, they will never impact
		  most persons, nor do they address the root causes of the
		  problems in any manner.  I am also unconvinced of their
		  reliability, and am concerned that they may well give
		  users a false sense of security.  The problems related to
		  abuse of such systems by persons with genuinely libelous,
		  fraudulent, criminal, or just plain evil motives are also 
		  potentially very serious issues.

		  Some degree of federal legislative action is an absolute
		  necessity to even starting to get a handle on these
		  problems, even though it's true that legislative
		  approaches are also never without some degree of risk.

			-- PRIVACY Forum Moderator ]

End of PRIVACY Forum Digest 09.02
<A href="/privacy"><h3>PRIVACY Forum Home Page</h3></A><p>
<A href="http://www.vortex.com"><h4><i>Vortex Technology Home Page</i></h4></A><p>
<A href="/privmedia"><h4>Radio, Television, and Press Contact Information</h4></A><p>

<font size=-2>Copyright &copy; 2000 Vortex
Technology.  All Rights Reserved.</font> 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH