TUCoPS :: Privacy :: priv_321.txt

Privacy Digest 3.21 11/6/94

PRIVACY Forum Digest     Sunday, 6 November 1994     Volume 03 : Issue 21

          Moderated by Lauren Weinstein (lauren@vortex.com)
            Vortex Technology, Woodland Hills, CA, U.S.A.
                     ===== PRIVACY FORUM =====

   	  The PRIVACY Forum digest is supported in part by the 
	      ACM Committee on Computers and Public Policy.

	Risks in VAP? (Jim Guyton)
	Calling Card Privacy? (Charles R. Trew)
	Lies, damn lies, and statistics (Geoff Kuenning)
        Re: MCI Employee Charged in $50 Million Calling Card Fraud
           (Barry Gold)
	Drivers license as universal ID? (John Sullivan)
	Discover Card "Fraud" Mailing 
	   (Lauren Weinstein; PRIVACY Forum Moderator)
	HTTP, New Browsers, & Privacy (Ed Kubaitis)
	Orwell was off by 499 channels, and what to do about it
           (Curt Bramblett)
	Intelligent Transportation Systems (Phil Agre)

 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

ALL submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are by an automatic "listserv" system; for
subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to
"list-maint@vortex.com".  All submissions included in this digest represent
the views of the individual authors and all submissions will be considered
to be distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the listserv system.  Please follow the instructions above
for getting the listserv "help" information, which includes details
regarding the "index" and "get" listserv commands, which are used to access
the PRIVACY Forum archive.  All PRIVACY Forum materials are available
through the Internet Gopher system via a gopher server on site
"gopher.vortex.com".  Access to PRIVACY Forum materials is also available
through the Internet World Wide Web (WWW) via the Vortex Technology WWW home
page at the URL: "http://www.vortex.com/".

For information regarding the availability of this digest via FAX, please
send an inquiry to privacy-fax@vortex.com, call (818) 225-2800, or FAX
to (818) 225-7203.


   Quote for the day:


		-- Charles Foster Kane (Orson Welles)
		   "Citizen Kane" (1941)


Date: Fri, 04 Nov 1994 14:13:42 -0700
From: Jim Guyton <guyton@lewis.cs.colorado.edu>
Subject: Risks in VAP?

From Netnews:

   Newsgroups: boulder.general,co.general,cu.general
   From: raney@teal.csn.org (Scott Raney)
   Subject: Don't know who to vote for?  Try VAP!
   Message-ID: <CyEvtu.6KE@csn.org>
   Organization: The Voting Assistance Program
   Date: Sat, 29 Oct 1994 01:51:29 GMT

   The Voting Assistance Program is now on-line and ready to help you
   determine which candidates most closely match your description of the
   ideal elected official.  Getting your VAP report is easy:

   1) Email to form@vap.org to get the form on which you'll describe your
   ideal elected official.

   2) Fill out the form, and email it back to score@vap.org.  A computer
   program will match your description with all of the candidates for the
   Colorado state legislature, and will email back a report showing you
   which candidates most closely match your ideal elected official.

   For this limited demonstration run, only data for the candidates for
   Colorado state legislature (both House and Senate) is available.
   Voters from all states and foreign countries are encouraged to try the
   system, however, and to make suggestions on how to improve it.

   This is a free public service, and no voter data will be released.
   Your description of the ideal elected official will only be seen by
   the computer program that does the scoring.  If you have questions
   about VAP, please email to faq@vap.org to get the Frequently Asked
   Questions list.

   * Scott Raney  303-447-3936            Remember: the better you look, *
   * raney@metacard.com                   the more you'll see -- Lidia   *


Date:    28 Oct 1994 17:29:17 GMT
Subject: Calling Card Privacy?

The pre-paid phone calling card is a major growth area in the
telecommunications business.  Customers pre-pay for the phone cards in
amounts from $5.00 to $50.00. The cards have a unique code number which is
entered after the customer dials an 800 number to access the system. The
cards are sold at supermarkets, convenience stores, check cashing stores,
etc.  In most situations, customers do not have to give their name to
purchase these cards, just cash. However, one of the largest and fastest
growing check cashing chains, ACE - America's Cash Express, is requiring
customers to give their Social Security number to purchase their phone
cards. This obviously allows direct tracing of any calls made on the card by
the customers. A spokeswoman for the company said that this was so the
company could expedite a refund if the card was lost.  Thanks, but I'll take
my chances, and my business, elsewhere.


Date:    Mon, 24 Oct 94 22:17:42 -0700
From:    desint!geoff@uunet.uu.net (Geoff Kuenning)
Subject: Lies, damn lies, and statistics

This is a bit out of date, since the DT bill was passed by an ignorant
Senate despite our best efforts to point out the flaws.  But unlike
Dorothy Denning, I can't let some of the FBI claims pass unexamined.

Dr. Denning writes:

> FBI Director Louis Freeh reported that a recent informal survey by the
> FBI identified 183 instances where law enforcement was frustrated by
> technological impediments.  This figure includes orders for dialing
> information as well as call content, but excludes those instances where
> court orders were never sought or served on carriers because the
> impediments were known in advance.
> Director Freeh predicted that loss of a viable electronic surveillance
> technique would result in a substantial loss of life; a substantial
> increase in corruption and economic harm to business, industry, and
> labor unions caused by the growth/emergence of organized crime groups;
> a substantial increase in the availability of illegal drugs; a
> substantial increase in undetected and unprosecuted public corruption
> and fraud against the government; a substantial increase in undetected
> and unprosecuted terrorist acts and murders; and a substantial increase
> in acquittals and hung juries resulting from lack of direct and
> persuasive evidence.  He estimated the economic harm to be in the
> billions of dollars.  He predicted "dire consequences to effective law
> enforcement, the public safety, and the national security if no binding
> solution to [the problem of maintaining a wiretap capability] is
> obtained."

Okay, let's take Director Freeh's claims at face value.  He certainly
likes the word "substantial."  How about loss of life?  If, on the
average, every undone wiretap would have saved a life (most unlikely,
since by his own admission many of the 183 instances involved only pen
registers, and it's reasonable to assume that knowing the number
dialed will not prevent a death), then this would have cut out 183
murders in the U.S.  Of course, Director Freeh doesn't give us a time
frame for the 183 instances.  Let's assume a year.  Anybody got annual
murder statistics for the country?  I know that L.A. alone is running
around 700.  Nationwide, 183 is a drop in the bucket.  Nothing to
sneer at, if you're a victim, but definitely something to worry about
when we're talking about the Big Brother organization who spied on
John Lennon and Leonard Bernstein, and who now wants us to pay
billions to enable wiretapping.

The same simple analysis can be applied to every one of Director
Freeh's claims, so I'll spare you the math, except for one final note.
The Director claims the economic harm will be in the billions (again,
in the interests of maximizing his hyperbole, he doesn't specify a
time frame).  It's not hard to calculate $1,000,000,000 / 183 and get
$5,464,480.  Okay, maybe I'm being unfair because the Director was
assuming many more than 183 wiretaps, now that he has DT.  (Does that
make you feel safer?  Luciano Pavarotti, the well-known terrorist,
probably doesn't.)  But then again, the Director did pluralize

All in all, I'm not impressed.  These people have a history of
admiring and emulating the techniques of despots.  They have a history
of ignoring, circumventing, and criticizing the protections of the
Constitution.  And Dr. Denning doesn't question any of it.  No thanks.

	Geoff Kuenning   geoff@itcorp.com   uunet!desint!geoff


Date:    Wed, 26 Oct 94 11:19:27 PDT
From:    Barry Gold <barryg@sparc.SanDiegoCA.NCR.COM>
Subject: Re: MCI Employee Charged in $50 Million Calling Card Fraud

In Volume 03 : Issue 20, Monty Solomon <monty@roscom.COM> quotes:

    <discussion of (extensive & expensive) fraud snipped>
> I think it is time to have another massive crackdown, similar to
> Operation Sun Devil a few years ago.  Let's start getting really
> tough on hackers and phreaks.
> Patrick Townson
(author of the quoted article?)

Hmmm.  You mean, like the *really brilliant* seizure of Steve Jackson
Games' computers in OSD?

I hope the Secret Service is better at protecting the president than
they have shown themselves to be at dealing with computer crime

Make no mistake, we need some protection against massive fraud of this
kind.  But I doubt if ill thought out "crackdowns" like OSD are the
right answer.  And in fact, the article appears to show that the
internal security of service providers like MCI are probably better
equipped than the Secret Service to do this job.

Let the service providers--who understand the technical issues(*)--find
the phreaks and crackers.  Then bring in the cops (and SS, if needed)
to arrest the perps.

(*) if they don't, they better learn fast.  They have the biggest
financial incentive to get it right: losses of the type described in
the article if they don't catch the perps, and possible damages if
they pull the kind of stupid stunt OSD did.  (And private companies
can have punitive damages assessed against them, which the SS managed
to escape in the SJG case.)


Date: Thu, 27 Oct 1994 15:05:53 -0500
From: sullivan@geom.umn.edu
Subject: Drivers license as universal ID?

[ From RISKS-FORUM Digest; Volume 16 : Issue 51  -- PRIVACY Forum MODERATOR ]

Minnesota is just introducing a new drivers license, with new security
features, as well as a bar code and a magnetic stip (with full name, date of
birth, and license number).  The photo and signature are digitized, and
presumably stored by the state as well as being printed on the card.  I
learned about the new licenses from an article in City Pages, a free weekly
here in the Twin Cities.

The new licenses are produced (for $1.29 apiece) by Deluxe (the check
printers).  About 4000 drivers had to go back to have their pictures retaken
because they were transmitted at night from one computer to another over
"incompatible phone lines" [whatever that means] and billions of bits went
"screaming into the ether".  Deluxe blames a subcontractor.

Since the magstripe can hold about 256bytes, there have been discussions
about what else might be stored there.  Things like a list of cars and guns
registered in your name, perhaps.  Or, people receiving food stamps or
welfare might use their license to obtain their benefits, either at a
food-store cashier or from an ATM.

Don Gemberling, director of MN's Public Information Policy Analysis Divison,
evidently did raise the privacy issues during the planning process, noting
that a "universal personal identifier ... has been consistently resisted in
this country".  Alice Gonzalo (assistant director of DVS, the state Driver
and Vehicle Services Division) notes that DVS already sells driver's license
information, sorted by different fields.  (One could buy a list of
Minnesotans over 6'3", for instance.)

There is already a national database of drivers with commercial licenses,
called AAMVANET, and there are plans to expand this to all drivers.
In Wisconsin, a driver's license can be suspended for failure to pay
fines unrelated to driving (like library fines).

MN dept of Administration's Bob Schroeder says
    In my opinion, the driver's license has nothing to do with driving.
    How many times have you pulled it out because an officer asked you
    for it?  You pull it out much more because someone at a store of a
    check-cashing place wants to know who you are.  It has less to do
    with driving and more to do with being a universal identifier, a
    way for you to be identified over the long term.  Business really
    relies on the state to establish this sort of identifier for them.

John Sullivan    sullivan@geom.umn.edu

	[ The push for a "universal" ID of some sort in the U.S. is gaining
	  additional steam from the anti-immigrant hysteria sweeping this
	  country (and the rest of the world, for that matter).  It has
	  manifested itself in a particularly illogical form as California
	  Proposition 187, one of the least well thought out ballot 
	  measures I've seen in a very long time.  I prefer to call it
	  the "lawyer's full employment act", since it's unlikely to do
	  much more than give lots of lawyers lots of work, since many
	  of its provisions are clearly unconstitutional or would
	  violate federal law and existing Supreme Court decisions.

	  Gov. Wilson of California has apparently already expressed
	  his willingness to see his state used as a testbed for
	  a universal ID card.  Whether you consider this to be
	  a good idea or not depends on your point of view, of course.
	  Discussion would be welcome in this forum.


Date:    Sun, 6 Nov 94 11:20 PST
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Discover Card "Fraud" Mailing

It appears that the Discover Card folks have sent out a mass mailing asking
most (or all) of their cardholders to provide their social security number
and mother's maiden name on a form that already includes their Discover Card
account number--ostensibly to help eliminate fraud.  Outside of the fact
that using this widely available data for fraud control purposes is an
increasingly discredited idea, the additional dangers of asking people to
put all the identifying information for their account on one form, in an
envelope prominently addressed to their "fraud" control department, seems
like a misguided idea, for obvious reasons.

Another oddity: One would think that when the card was originally issued
that same data would have already been obtained--why would they suddenly be
trying to obtain it now, and with a BULK class mailing no less, which many
folks will probably simply throw in the trash assuming it's advertising!

Curious, to say the least.



Date: 30 Oct 1994 20:10:31 GMT
From: Ed Kubaitis - CCSO <ejk@uiuc.edu>
Newsgroups: comp.infosystems.www.misc
Subject: HTTP, New Browsers, & Privacy
Organization: University of Illinois at Urbana

A little known feature of the HTTP protocol and new browsers that
support it seems to open the door to unsolicited direct mail, junk
mail, perhaps even blackmail. See Niels Mayer's recent post:


Apparently, the HTTP protocol has a little known feature to
allow browsers to identify their users to any HTTP server
the user visits. Recent browsers that allow users to configure
their name or email address now have what they need to support
this feature. The following browsers *do* automatically provide
this information:

   o MCom Netscape beta 0.9 (X, Macintosh)
   o NCSA Mosaic for Macintosh 2.0 alpha 8

Other browsers may do so as well. To check if your browser is
handing out this information, open


This CGI script displays client/server information available
when the script is invoked. If you see a line with 'HTTP_FROM'
and your email address, name, or account, then your browser
*does* supply it to every site you visit.

To me, there seems to be a very serious potential for abuse
of this information. I hope that browser developers, if they
choose to support this HTTP feature, take pains to do so only
with the user's knowledge and consent. Something along the
lines of a Yes/No popup with the question

   Automatically give this info to any site I visit?

My guess is that any browser asking this question would not
get many affirmative responses.

    Ed Kubaitis - ejk@uiuc.edu

	[ Further information indicates that future versions of the
	  Netscape browser will probably be distributed with the
	  name/address feature defaulting to off.  A good idea.

	  Some people don't realize, however, that the entire Internet
	  inherently provides origin site information for all TCP/IP
	  connections and UDP packets.  Most sites quite sensibly log much
	  of this information for security control purposes, since it
	  provides one of the few ways to help track down the increasingly
	  widespread network hacking problems.  In most cases, origin
	  sitename is available (though due to nameserver problems,
	  sometimes only an IP number appears).  However, for single-user
	  workstations, the site ID is essentially the same as a person
	  identifier in many cases.

	  These aspects of the Internet are similar in some ways to the
	  controversial telephone calling number identification (CNID)
	  services.  However, there are significant differences.  While CNID
	  in its usual implementations provides a phone number for the
	  caller's precise location at the moment (which might be their
	  office, home, a friend's house, a doctor's office, etc.), the
	  provision of an Internet sitename is more of a "logical" address
	  that remains the same regardless of from where the user might be
	  logged-in to their system.  It tends to be substantially less
	  intrusive as a result.  We'll explore this issue in more detail in
	  the near future.

	  The overall issue of controlling the use and distribution of user
	  data collected in the process of providing services is an
	  important one that has been little addressed by appropriate
	  legislation.  More on this below.



Date:    Fri, 4 Nov 1994 07:30:10 -0500
From:    zzbramblettc@acad.winthrop.edu (CURT BRAMBLETT 
Subject: Orwell was off by 499 channels, and what to do about it

This item is forwarded from TeleComReg because it raises interesting and 
serious privacy issues.

     Curt Bramblett

-- ---- ------- ------- - -- ------ - ---- --- - -------- --- ----- ---
From:	SMTP%"telecomreg@relay.adp.wisc.edu"  3-NOV-1994 10:59:15.88
To:	zzbramblettc
Subj:	Orwell was off by 499 channels, and what to do about it

reposted for: PAGRE@WEBER.UCSD.EDU 
[Dave Moon asked me to send this to telecomreg -- it's a revised version of a
message that I originally sent to Risks and Communet. -- PA]

The NYT has an article about Bell Atlantic's video plans:

  Edmund L. Andrews, A launching pad for a video revolution, New York Times,
  27 October 1994, pages C1, C6 [business section].

The point of the article is that BA wants to deliver video to customers, and
is teaming up with people from Hollywood to obtain the content.  An important
issue for us, though, is the privacy aspects of the scheme.  A few quotes will
probably give the idea:

  "Company executives, convinced that they must distinguish themselves from
  today's established cable programmers [and so they plan to] offer more
  customized entertainment and shopping.

  "Thus, the company has tied together a computer system that could, almost
  like Orwell's Big Brother, monitor the movies that a person orders and then
  suggest others with the same actors or themes.

  "Going a step further, the system would enable advertisers to send
  commercials directly to customers known to have bought particular kinds
  of merchandise.  Thus, people who bought camping equipment from a video
  catalogue might start seeing commercials for outdoor clothing."
  ... "The scale of the new center ... makes clear how serious Bell Atlantic
  is about this venture."

If this sort of thing is really what people want, of course, then that's 
their perfect right.  But advocates for other visions of technology can do
plenty to ensure that people make informed choices.  One is to inform people
(in honest but vivid terms) that their program selections and purchases 
are being recorded, kept, and used for secondary purposes -- and that this
practice is central to the business.  Another is to keep on building things
like the Internet and community networks -- and redouble efforts to publicize
them by telling clear, powerful stories about them.  The point is to show 
that privacy-enhancing and *genuinely* interactive technologies exist, and
that they are useful, accessible, democratic, entertaining and convenient.

As my colleague Francois Bar emphasizes, this sort of end-user experimentation
is crucial for defining the architectures of the future.  Bell Atlantic and
its brethren are creating top-down, privacy-invasive, 500-channel visions 
of the future -- even though they haven't worked very well in pilot tests in
real communities -- because that's the business model they know.  We can try
to suppress the Risks associated with this model, but that's like shoveling
the tide back into the ocean -- a lot of work.  Another approach to pursue 
in parallel is to create alternatives that offer *both* democratic values
*and* a lucrative business model for the people who can supply the necessary
infrastructure.  BA et alia have heard of computer networking, of course --
the point is to create mass demand for it.

This process starts with experimentation and continues with public relations.
Here's a plan.  If you're doing something terrific with networks, volunteer 
to demonstrate it in your local school.  Get some great stories ready to tell
about it.  Invent some great buzzwords and sound bites.  Then write a press
release about the upcoming demo.  Include some of the stories in it.  Make 
the press release quote you as uttering your great sound bites.  Mail or fax
it to all the newspapers and TV stations in your area -- especially the small
ones.  (Or, if you have a bit of money, call up PR Newswire's 800 number and
get them to do it for you.)  And make it available on the net as a model for
others to follow.

Phil Agre, UCSD

	[ My personal belief is that there is really very little serious
	  interest by the large communications firms in providing
	  sophisticated computer networking to the masses (to business yes,
	  to the masses no).  The popular view of where the real money lies
	  in the "information superhighway" (how I cringe every time I hear
	  that term) is in pay-per-view entertainment of various sorts.
	  When the telcos and big cable MSOs talk about 500 channel cable
	  systems, they don't mention that most of those channels would be
	  taken up with pay-per-view movies and home shopping services!

	  Interestingly, the field tests of such systems to date have been
	  generally fairly negative.  People may say that they want all these
	  fancy systems, but in practice there are quite low limits on what
	  most are willing to pay for them.  A tremendous amount of money
	  is going to be lost by entities trying to rush into this area--
	  which makes it doubly important that regulated rate payers (e.g.
	  ordinary telco subscribers) be financially isolated from these

	  The privacy issues relating to these entertainment and information
	  systems are "simply" another aspect of the overall topic of how
	  information collected by services regarding the choices, opinions,
	  buying habits, etc. of their users will be controlled.

	  This isn't a new problem even in the cable TV industry, and has
	  already been widely recognized in the videotape rental industry. 

	  As more and more of our day-to-day activites are "tracked"
	  in the systems we use, these issues will come to impact
	  virtually every facet of our lives.

	  It seems unlikely that anything short of legislatively mandated
	  rules will provide effective protections for consumers in these
	  and related areas.


Date:    Wed, 2 Nov 1994 17:08:13 -0800
From:    Phil Agre <pagre@weber.ucsd.edu>
Subject: Intelligent Transportation Systems

You've probably heard about Intelligent Transportation Systems (until
recently called Intelligent Vehicle-Highway Systems).  At least in the
United States, it's a joint industry-government program which envisions
employing massive amounts of computing and networking to distribute traffic
information, collect tolls, and eventually automate driving altogether.
You can probably imagine most of the potential problems.  (See also
previous articles and debate in Risks Digest 15.35 and 15.41, and Privacy
Digest 2.34.)

Industry (through a non-profit organization called ITS America) and the US 
government (through the Department of Transportation) have been developing
what they call an "architecture" -- not a set of technical standards, 
just some basic decisions about how ITS will work and how the pieces 
will fit together.  This is a pretty political activity, since different
companies have interests in defining the technology to correspond to their
own strengths.  A wide variety of risks, including privacy risks, are
definitely being taken into consideration, but it still remains to be seen
how substantively.  In particular, it remains to be seen whether privacy
will be provided for simply through data security (which is important but
isn't nearly the same thing as privacy) or by making users' anonymity a
core principle of the architecture (for example, through cryptography-based
schemes like digital cash).

The process has gotten pretty advanced, and I'm told that a new round 
of reports on it will soon be issued, though I don't yet have the details.
will be held in Washington on 15-17 March 1995 at the Sheraton-Washington
Hotel.  Perhaps most importantly, ITS America technical committees will be
meeting at this conference, and I gather from the conference program that
these meetings will be open to all conference attendees.  These committees
are important because, once technical standards are set, it'll be difficult
if not impossible to change ITS in any fundamental way because actual
systems will begin proliferating that depend on the standards, thereby
creating a large and well-organized interest group.

That's why you might wish to do a bit of homework (such as checking whether
your local university library has the proceedings of previous years' IVHS
America conferences), attend this conference, participate (politely, of
course) in the technical committee meetings, see for yourself if you think
the process is being conducted responsibly, and report back to the net

The address I have here for conference registration is: Registrar, ITS
America, 400 Virginia Avenue SW Suite 800, Washington DC 20024-2730, phone
(202) 484-4847 fax (202) 484-3483.  The early registration deadline is
13 February 1995.

Phil Agre, UCSD


End of PRIVACY Forum Digest 03.21

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH