TUCoPS :: Privacy :: priv_231.txt

Privacy Digest 2.31 9/26/93

PRIVACY Forum Digest       Sunday, 26 September 1993       Volume 02 : Issue 31

          Moderated by Lauren Weinstein (lauren@vortex.com)
            Vortex Technology, Woodland Hills, CA, U.S.A.
                     ===== PRIVACY FORUM =====

   	  The PRIVACY Forum digest is supported in part by the 
	      ACM Committee on Computers and Public Policy.

	Re: consciousness and the DMV (Darren Senn)
	DES is a dead dog... (Alan Wexelblat)
	CPSR Alert 2.01 (Dave Banisar) [Extracts by MODERATOR]
	Recent Journal Articles on Computers and Privacy? (Bruce Jones)
	Wiretap Article (Dorothy Denning)

 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

ALL submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are by an automatic "listserv" system; for
subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to
"list-maint@vortex.com".  All submissions included in this digest represent
the views of the individual authors and all submissions will be considered
to be distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the listserv system.  Please follow the instructions above
for getting the listserv "help" information, which includes details
regarding the "index" and "get" listserv commands, which are used to access
the PRIVACY Forum archive.  All PRIVACY Forum materials are also
available through the Internet Gopher system via a gopher server on
site "gopher.vortex.com".

For information regarding the availability of this digest via FAX, please
send an inquiry to privacy-fax@vortex.com, call (818) 225-2800, or FAX
to (818) 225-7203.


   Quote for the day:

	"Uh, just one more thing..."

		-- Variations on this line were spoken
		   by Columbo (Peter Falk) in virtually 
		   every episode of "Columbo" (1971-1978, 1989-1990).


Date:    Mon, 30 Aug 1993 08:32:38 -0800 (PDT)
From:    sinster@scintilla.santa-clara.ca.us (Darren Senn)
Subject: Re: consciousness and the DMV

Thus spake Mel Beckman:
> [...] While there may be isolated
> cases of abuse, as there are with most every law, the problem is not the law
> but individuals who overstep their authority.

I disagree.  The problem definately _is_ with the law.  To be specific,
paragraphs (a) and (f) are the problem:

> From:    Henry Unger <hunger@hitech.com>
>      (a) [...] However, if a
> physician and surgeon reasonably and in good faith believes that
> the reporting of a patient will serve the public interest, he or
> she may report a patient's condition even if it may not be
> required under the state department's definition of disorders
> characterized by lapses of consciousness pursuant to subdivision
> (d).
>      (f) A physician and surgeon who reports a patient diagnosed
> as a case of a disorder characterized by lapses of consciousness
> pursuant to this section shall not be civilly or criminally
> liable to any patient for making any report required or
> authorized by this section. (Amended by Stats 1987 ch 321 S1;
> Stats 1990 ch 911 S2, eff. 1/1/91.)

These two prevent any recourse on the part of the patient for dealing with
these overenthusiastic medical staffs.

Darren Senn          Phone: (408) 988-2640      Snail: 620 Park View Drive #206
sinster@scintilla.santa-clara.ca.us                       Santa Clara, CA 95054


Date:    Wed, 8 Sep 93 13:13:12 -0400
From:    "Alan (Gesture Man) Wexelblat" <wex@media.mit.edu>
Subject: DES is a dead dog...

> From: Philip Zimmermann <prz@columbine.cgd.ucar.EDU>
> Subject: Re: DES Key Search Paper (fwd)
> Michael Weiner presented a paper at Crypto93 that describes a fast DES key
> search engine that uses a special inside-out DES chip that he designed.
> This chip takes a single plaintext/ciphertext pair and quickly tries DES
> keys until it finds one that produces the given ciphertext from the given
> plaintext.  Weiner can get these chips made for $10.50 each in quantity, and
> can build a special machine with 57000 of these chips for $1 million.  This
> machine can exhaust the DES key space in 7 hours, finding a key in 3.5 hours
> on the average.  He works for Bell Northern Research in Ottawa, and says
> they have not actually built this machine, but he has the chip fully
> designed and ready for fabrication.
> This is a stunning breakthrough in the realization of practical DES
> cracking.  BTW-- note that PEM uses straight 56-bit DES.
> -prz


Date:    Mon, 13 Sep 1993 12:55:03 EST
From:    Dave Banisar <banisar@washofc.cpsr.org>
Subject: CPSR Alert 2.01 [Extracts by MODERATOR]

	[ I have extracted items of interest to this forum from 
	  the complete CPSR Alert text.  Readers wishing to
   	  obtain the entire publication should contact
	  CPSR directly.  -- MODERATOR ]

  CPSR Alert 2.01

      @@@@  @@@@   @@@   @@@@        @    @     @@@@  @@@@  @@@@@
      @     @  @  @      @  @       @ @   @     @     @  @    @
      @     @@@     @    @@@       @@@@@  @     @@@   @@@     @
      @     @        @   @  @      @   @  @     @     @  @    @
      @@@@  @     @@@    @   @     @   @  @@@@  @@@@  @   @   @

     Volume  2.01                               September 10, 1993

                          Published by the
           Computer Professionals for Social Responsibility
                          Washington Office

                          Editor: Dave Banisar


                       CPSR Washington Office Staff:
          Director: Marc Rotenberg (rotenberg@washofc.cpsr.org)
           Legal Counsel: David Sobel (sobel@washofc.cpsr.org)
         Policy Analyst: Dave Banisar (banisar@washofc.cpsr.org)


  [3] National Performance Review Highlights.

  The NPR, a massive study on streamlining government headed by Vice
  President Albert Gore, has endorsed the creation of a Privacy
  Protection Board and the development of uniform privacy protection
  practices.  It has also recommended the development of a Digital
  Signature Standard by January 1994.

  Other information technology recommendations include implementing
  nationwide, integrated electronics benefits transfer, developing
  integrated electronic access to government (including information
  kiosks and a government wide electronic bulletin board system), the
  development of a national law enforcement/public safety network,
  government wide electronic mail and indexes for environmental and
  trade data. It also calls for the establishment of a government
  information infrastructure.

  A spokesman in the Vice President's office told the Alert that the
  specifics of the recommendations would be released within a few
  weeks. Government sources have indicated that many of the
  information technology recommendations originated at the National
  Institute of Standards and Technology. An electronic copy of the NPR
  is available from the CPSR Internet Library. See below (#8) for


  [4] Gov't Panel Questions Clipper Chip Proposal

  After two days of sometimes tumultuous hearings, a government
  advisory board chartered to advise the administration and Congress
  on computer security and privacy issued two resolutions questioning
  many of the aspects of the Clinton Administration's controversial
  new encryption scheme, the Clipper Chip. The National Institute of
  Standards and Technology's Computer System Security and Privacy
  Advisory Board (CSSPAB) expressed continued concern over many
  aspects of the proposal including the lack of a convincing statement
  expressing the problems that the Clipper is supposed to solve, the
  need to look for possible alternatives to the proposal, the legal,
  economic, export controls issues, and software implementation of the
  proposal. In addition, the board also expressed concern  that the
  Clipper proposal could negatively impact the availability of
  cost-effective security products to the US government and industry
  and that it may not be marketable or usable worldwide.

  In a second resolution, the board unanimously called for a public
  debate of the proposal and recommended that Congress take an active
  role in determining US cryptography policy. It also recommended that
  any new policy must address the interests of law enforcement and
  intelligence, US industry and citizens' privacy and security in the
  US and worldwide.

  At the hearings, Geoff Greiveldinger from the Department of Justice
  reported that the key escrow agents will be announced within a few
  weeks after a briefing for members of  Congress. Sources inside the
  administration indicate that the administration may have decided to
  eliminate from consideration outside organizations holding the keys
  and is leaning towards the Department of the Treasury as one of the
  key holders. In addition, NIST Deputy Director Ray Kammer announced
  that the Data Encryption Standard (DES) will be recertified for
  government, non-classified use for another five years. The paperwork
  has been sent to Secretary of Commerce Ron Brown, who is expected to
  sign it within two weeks.

  The Clipper proposal was introduced April 16, 1993 and has been
  strongly opposed by both civil liberties groups and industry. The
  proposal calls for use of a secret encryption chip designed by the
  National Security Agency for non-classified voice and data
  transmission. The keys for the chip would be split and held in
  escrow by two government agencies. NIST has submitted the Clipper
  proposal for public comment. The FIPS was published in the Federal
  Register at Volume 58, page 40791 (July 30, 1993) and is also
  available in electronic form from the CPSR Internet Library
  FTP/WAIS/Gopher cpsr.org /cpsr/crypto/clipper/call-for-comments.
  Comments are due to NIST by September 28, 1993 to the  Director,
  Computer Systems Laboratory, ATTN: Proposed FIPS for Escrowed
  Encryption Standard, Technology Building, room B-154, National
  Institute of Standards and Technology, Gaithersburg, MD 20899. Other
  background material on the Clipper proposal and other cryptography
  issues is also available from the CPSR Internet Library.

  CPSR has created an archive of comments on the proposal and has
  asked people to electronically submit a copy of their comments to

   A 450 page source book of materials on crypto policy is available
  from CPSR for $50.00. Contact banisar@washofc.cpsr.org for more


  [5] Public Interest NII Coalition Meets in DC

  The third meeting of the Telecommunications Policy Roundtable took
  place on September 7 at the Carnegie Endowment for International
  Peace in Washington, DC.  Representatives from more than 60 public
  interest organizations gathered to discuss the development of a
  public interest agenda for the NII.  CPSR President Eric Roberts,
  Board member Todd Newman, and Seattle Chapter stalwart Doug Schuler
  flew in from the West Coast to attend the meeting.

  Larry Irving, Assistant Secretary of Commerce and head of the
  National Telecommunication Information Administration spoke to the
  group about the administration's plans for the National Information
  Infrastructure.  Mr. Irving said that he believed that universal
  service will be one of the critical goals.  He also said that the
  administration seeks to development a competitive marketplace for
  information services and to establish necessary consumer safeguards.

  The TPR proposed a set of public interest policy principles and
  prepared a document titled "Renewing the Commitment to Public
  Interest Communications Policy. " The policies covered freedom of
  communication, vital civic sector, universal access, competitive
  markets, privacy protection, equitable workplace, and democratic
  decision-making.  (A copy of the draft document is available from
  the CPSR archive).

  A formal press conference is scheduled for Thursday, October 7 at
  the National Press Club.  The next meeting of the TPR will be
  Tuesday, October 5.  For more information, contact Jeff Chester,
  Center for Media Education (cme@access.digex.net)


  [6]  California Passes Landmark Information Access Bill

  The California Assembly  on September 8 voted 78 to 0 for a bill to
  make California legislative information available though the
  Internet. The bill (AB1624) was previously approved by the state
  Senate and now goes to Governor Pete Wilson,  who has 12 days to
  veto it before it becomes law.

  The bill requires  electronic distribution of the legislative agenda
  and requires the  " Legislative Council...to make available to the
  public, by means of access by way of the largest non-propriety,
  non-profit cooperative public computer network, specified
  information concerning bills, [and] the proceedings of the houses."
  It goes into effect January 1, 1994.

  The grassroots battle to pass this bill was led by Micro Times
  columnist and CPSR member Jim Warren. Using electronic networks, he
  organized a massive national fax , telephone and letter writing
  campaign to support the bill. It was opposed by LOGI-TECH, an
  information provider that sells legislative data.


  [7] Wisconsin Looking for Privacy Advocate

  From: oravec@cs.wisc.edu (Jo Ann Oravec)

  Privacy Advocate... Madison, Wisconsin

  The State of Wisconsin is seeking a person responsible for support
  and advocacy in development and implementation of state and local
  government policies that protect personal privacy. This position
  reports to the Privacy Council.  Background in business and
  government application of information technology.  Salary $33,000
  per year plus excellent benefits.  Applicants should submit a
  detailed resume and a statement outlining their perspectives and
  approaches to privacy concerns to Mary Becker (608-266-0058, FAX
  608-264-9500), Department of Administration, 9th Floor, 101 E.
  Wilson, P.O. Box 7869, Madison, WI  53707-7869. Materials must be
  received before 4:30 PM on September 27, 1993.


  [8] The CPSR Internet Library

  CPSR has set up an archive of materials on privacy, cryptography,
  information access, the National Information Infrastructure and
  other related issues. Recent additions to the archive include the
  entire National Performance Review report, and the full text of the
  Freedom of Information Act and the Federal Privacy Act of 1974.

  NPR /cpsr/clinton/npr
  FOIA /cpsr/foia/foia.txt
  Privacy Act of 1974 /cpsr/privacy_law/privacy_act_1974.txt

  The archive also archives materials from Privacy International,
  the US Privacy Council, the Taxpayers Assets Project and the
  Cypherpunks cryptography group. To access the archive,
  FTP/WAIS/Gopher cpsr.org.


  [9] Upcoming Events

  International Privacy Roundtable, sponsored by Privacy International
  and the University of Manchester Law School- Manchester, England.
  September 29, 1993. Contact: simon davies

  National Computer Security Conference, sponsored by NIST and NSA.
  Baltimore Convention Center, Baltimore, MD. September 20-23, 1993
  Contact NIST 301-975-2762.

  CPSR Annual Meeting,Seattle, WA.  October 16-17,  Contact: Aki
  Namioka (aki@atc.boeing.com)

  Computers Freedom and Privacy 4.  Chicago, Ill. March 1993. Contact:
  George Trubow, 312-987-1445 (cfp94@jmls.edu)


  To subscribe to the alert, send a message to listserv@gwuvm.gwu.edu
   "subscribe cpsr <your name>" (without quotes or brackets) to
  listserv@gwuvm.gwu.edu. Back issues of the Alert are available at
  the CPSR Internet Library FTP/WAIS/Gopher cpsr.org /cpsr/alert

  Computer Professionals for Social Responsibility is a national,
  non-partisan, public-interest organization dedicated to
  understanding and directing the impact of computers on society.
  Founded in 1981, CPSR has 2000 members from all over the world and
  22 chapters across the country. Our National Advisory Board includes
  a Nobel laureate and three winners of the Turing Award, the highest
  honor in computer science. Membership is open to everyone.

  For more information, please contact: cpsr@cpsr.org



Date:    Tue, 14 Sep 1993 11:18:06 -0700
From:    bjones@weber.ucsd.edu (Bruce Jones)
Subject: Recent Journal Articles on Computers and Privacy?

I am tentatively scheduled to teach a course on computers and
networks for the Department of Communication at UCSD.  The course
will be organized around the Internet and current cultural, social,
economic, and political debates: privacy, commercialization and
privatization, anonymity/identity, computer networks and the
changing nature of work, electronic publishing and copyright, etc.

I am looking here for references to recent journal articles covering 
current privacy and computer network concerns that I might use in a
course reader for this upper-division course.

Thank you,

Bruce Jones 			Communication Department
bjones@ucsd.edu/bitnet		University of California, San Diego
(619) 534-0417/4410		9500 Gilman Drive
FAX (619) 534-7315		La Jolla, Ca. 92093-0503


Date:    Fri, 24 Sep 1993 16:49:45 -0400 (EDT)
From:    denning@cs.georgetown.edu (Dorothy Denning)
Subject: Wiretap Article

The following article on wiretap laws and procedures was written in
response to the many questions and misunderstandings that have arisen
about wiretaps in the context of escrowed encryption as well as Digital
Telephony.  This article may be distributed.

Dorothy Denning

	[ I have included the introductory portion of the paper below.
	  The entire text (~33K bytes) has been placed into the
	  PRIVACY Forum archives.  To access:

	    Via Anon FTP: From site "ftp.vortex.com": /privacy/wiretap-laws.Z
					          or: /privacy/wiretap-laws

	    Via e-mail: Send mail to "listserv@vortex.com" with
	                the line:

			    get privacy wiretap-laws

		        as the first text in the BODY of your message.

	    Via gopher: From the gopher server on site "gopher.vortex.com"
		in the "*** PRIVACY Forum ***" area under "wiretap-laws".

							-- MODERATOR ]


                        WIRETAP LAWS AND PROCEDURES

                   Donald P. Delaney, Senior Investigator
                           New York State Police

                  Dorothy E. Denning, Professor and Chair
             Computer Science Department, Georgetown University

                      John Kaye, County Prosecutor
                      Monmouth County, New Jersey

        Alan R. McDonald, Special Assistant to the Assistant Director
        Technical Services Division, Federal Bureau of Investigation 

                           September 23, 1993

1.  Introduction

Although wiretaps are generally illegal in the United States, the
federal government and the governments of thirty seven states have been
authorized through federal and state legislation to intercept wire and
electronic communications under certain stringent rules which include
obtaining a court order.  These rules have been designed to ensure the
protection of individual privacy and Fourth Amendment rights, while
permitting the use of wiretaps for investigations of serious criminal
activity and for foreign intelligence.

This article describes the legal requirements for government
interceptions of wire and electronic communications and some of the
additional procedures and practices followed by federal and state
agencies.  The legal requirements are rooted in two pieces of federal
legislation: the Omnibus Crime Control and Safe Streets Act (Title III
of the Act (hereafter "Title III")), passed in 1968, and the Foreign
Intelligence Surveillance Act (FISA), passed in 1978.  Title III
established the basic law for federal and state law enforcement
interceptions performed for the purpose of criminal investigations,
while FISA established the law for federal-level interceptions
performed for intelligence and counterintelligence operations.  We will
first describe Title III interceptions and then describe FISA


End of PRIVACY Forum Digest 02.31

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2023 AOH