TUCoPS :: Privacy :: priv_406.txt

Privacy Digest 4.06 3/11/95

PRIVACY Forum Digest     Saturday, 11 March 1995     Volume 04 : Issue 06

            Moderated by Lauren Weinstein (lauren@vortex.com)         
              Vortex Technology, Woodland Hills, CA, U.S.A.
	
                       ===== PRIVACY FORUM =====              

   	  The PRIVACY Forum digest is supported in part by the 
	      ACM Committee on Computers and Public Policy,
  	     and the Data and Information Services Division 
                   of MCI Communications Corporation.         


CONTENTS 
	PRIVACY Forum Status (Good News!)
	   (Lauren Weinstein; PRIVACY Forum Moderator)
	Re: How can files be 100% wiped? (Wm Randolph Franklin)
	Destruction of data (Charles M. Preston)
	Proposed FTC Rules Could Reduce Telemarketing Abuses
	   (Privacy Rights Clearinghouse)
	Compuserve Sued for Delivering "Junk E-Mail"
	   (Privacy Rights Clearinghouse)
	Airline data (Phil Agre)
	American Express sends reporters' data to tobacco companies
	   (Phil Agre)
	EPIC Legislative Update 2.2 (Dave Banisar)
	Alert #1: Fifth Conference on Computers, Freedom and Privacy
	   (Carey Heckman)
	Short Course on Protection and Security on the Information 
	   Superhighway (Dr. Frederick B. Cohen)


 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

-----------------------------------------------------------------------------
The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

ALL submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are by an automatic "listserv" system; for
subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to
"list-maint@vortex.com".  All submissions included in this digest represent
the views of the individual authors and all submissions will be considered
to be distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the listserv system.  Please follow the instructions above
for getting the listserv "help" information, which includes details
regarding the "index" and "get" listserv commands, which are used to access
the PRIVACY Forum archive.  All PRIVACY Forum materials are available
through the Internet Gopher system via a gopher server on site
"gopher.vortex.com".  Access to PRIVACY Forum materials is also available
through the Internet World Wide Web (WWW) via the Vortex Technology WWW home
page at the URL: "http://www.vortex.com".
-----------------------------------------------------------------------------

VOLUME 04, ISSUE 06

   Quote for the day:

	"It's a beautiful day in the neighborhood..."

			-- Mr. Rogers (Fred Rogers)
			   "Mister Rogers' Neighborhood" (1967- )

----------------------------------------------------------------------

Date:    Sat, 11 Mar 95 22:34 PST
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: PRIVACY Forum Status (Good News!)

Greetings.  Many of you will recall back to the latter part of last year,
where in this same virtual space I discussed problems which might have led
in short order to the termination of this digest and its associated
services.  I received an outpouring of responses expressing hope
that this would not transpire, and a number of suggestions regarding
possible solutions; your messages were all greatly appreciated.

I'm now very pleased to announce that the network connectivity problem which
threatened the Forum has been solved, thanks to the intervention of the Data
and Information Services Division of MCI Communications Corporation, which
is now providing the Forum with Internet connectivity via their
"internetMCI" network.  I'd like to express particular thanks to Vinton Cerf
of MCI for making this most positive outcome possible.  Thanks also go to
Frederick Cohen of Management Analytics for his role in the process.  There
were numerous other persons at MCI who were very helpful in bringing this
all about, and thanks to all of them as well!

With the vast growth of the Internet and the increasing workloads on
volunteer moderators, MCI is standing out as a model of corporate
good-citizenship in helping to make it possible for the PRIVACY Forum to
continue for the now truly global network community.  Persons interested in
learning more about MCI's data and information services should definitely
check out the World Wide Web URL: "http://www.mci.com".

Thanks MCI!

And now, back to the Forum...

--Lauren--

------------------------------

Date:    Sun, 26 Feb 1995 22:06:01 -0500
From:    Wm Randolph Franklin <wrf@ecse.rpi.edu>
Subject: re: How can files be 100% wiped?

How can an old disk be cleaned (and still be usable)?

One way would be to store only encrypted data, never plaintext, on
the disk.  In Unix, I recommend Matt Blaze's CFS (Cryptographic
File System).  This is similar to NFS, except that the data is
automatically encrypted/decrypted before being written to/read
from the mounted filesystem.  It's slower than copying plaintext,
but by less than you'd think.  Also, should the computer be turned
off, or a timer expire, the password is needed again to read the
data.

There's still the problem of virtual memory causing plaintext to
be written to the paging disk.  However since the paging space is
a fixed region that is reused so much, this would seem to be a
smaller problem, unless the computer's plug were pulled while the
secret program was running and the paging partition, especially of
the CFS daemon, were analyzed.

A possible solution here might be somehow to lock the process into
memory so that it is never paged out, or even once copied to disk.

--------
 Wm. Randolph Franklin,  wrf@ecse.rpi.edu, (518) 276-6077;  Fax: -6261
 ECSE Dept., 6026 JEC, Rensselaer Polytechnic Inst, Troy NY, 12180 USA

------------------------------

Date:    Sun, 26 Feb 1995 22:38:39 +0900
From:    cpreston@alaska.net (Charles M. Preston)
Subject: Destruction of data

  Here's a quick answer to G. Martin, in a question from Privacy Digest 4.05.

>One area where I keep getting mixed signals on is
>how to *REALLY* remove old data from hard drives, floppies and
>backup tapes.  

>First I was told that reformatting the drives would make the
>data unrecoverable.  Then I was told it wouldn't.  I've heard
>different stories about what really needs to be done to
>absolutely assure that private, personal information can be
>safely wiped from these devices.

You might want to check out an article in Security Management, February,
1995, called "The Data Dilemma" by Charles Preston.  It deals with recovery
of data and how to destroy it.

Easy data recovery will be from --

Diskettes or drives formatted with DOS 5.0 or later where the /U option
wasn't used, and that haven't been written on much.  This leaves all the
data on the media.

Deleted files that have not been overwritten - all of the data is still present.

Temporary files never destroyed due to program or computer fault or
interruption.

Multiple files left on each drive by programs that save versions of the same
"document" automatically or manually.

Large virtual memory areas of the hard disk where random access memory
contents are stored.

Automatic backup copies of "documents" stored by programs.

"Instant-on" areas of the hard drive that store random access memory contents.
	-------------------------------------

Since it is possible that none of these areas have been overwritten yet, and
are generally not known to most computer users, you are probably in greater
danger from easy software searching of these than overwritten media.

Overwriting programs have to be specifically directed to wipe free space and
file slack space on the drive to be effective.  Recent recommendations for
overwriting are that it must be done numerous times over the same areas, and
at least the last pass should be random data.  I don't know of any personal
computer software utilities that offer this.

There are photos in research papers of "visible" data that has been
overwritten once on a typical hard drive.  Low-level formatting only
overwrites once, and with a constant pattern probably easier to "subtract"
from underlying tracks.

Overwriting even once will make the data expensive to recover and usually
not recoverable with a normal computer floppy or hard drive.

Degaussing(strong magnetic fields that destroy patterns on the media) with a
very strong magnetic wand or strong degausser will make the data very
expensive and difficult to recover.

A report from the Institute for Defense Analyses from several years ago
stated that with enough processing power and time, data could be recovered
almost regardless of the method used to erase it.  The same report gave a
rule of thumb about the necessary strength of magnetic fields used to erase
data.  If this holds true for newer media like high-density diskettes and
DAT drives, it may be impossible to adequately erase this media, including
hard drives, with current degaussers.

If you want to really "destroy" data, completely burn the media.  Bear in
mind that there may be toxic gases.

Good encryption, used correctly, will greatly reduce the risk of most files
being recovered from magnetic media, whether they have or haven't been erased.

Charles M. Preston  Information Integrity
cpreston@alaska.net

------------------------------

Date:    Mon, 27 Feb 1995 16:54:10 -0800 (PST)
From:    Privacy Rights Clearinghouse <prc@pwa.acusd.edu>
Subject: Proposed FTC Rules Could Reduce Telemarketing Abuses

The Federal Trade Commission (FTC) has proposed a set of rules
which would ban many deceptive or abusive telemarketing sales
practices.  Although there has been very little publicity about
this rulemaking, it could severely restrict telemarketing
activity and substantially cut down on those annoying sales calls
that always seem to come at the wrong time.  It would also provide
a strong deterrent to scam artists.

The FTC is seeking public comment over the next several weeks on
the proposed rules.  A copy of the proposal can be obtained by
calling 202.326.2222.  The actual text is very long (120 pages),
so interested persons might request a press release which
explains the rules in some detail.  I'm not aware of any online
availability of these materials.

Under the proposed rules, telemarketers would have to tell
consumers at the beginning of each call that it is a sales call
and provide the name of the seller.  The rule would prohibit
telemarketing calls before 8 a.m. or after 9 p.m.  Telemarketers
offering credit or loans, credit repair services, or assistance
to consumers in recovering lost money from prior telemarketing
schemes, would be prohibited from seeking payment until the
services have been rendered.  

Additionally, telemarketers would be required to disclose all
material information about any offer made to a consumer, and
would be required to obtain signed acknowledgement of written
disclosure regarding all prize-promotions and investment
offerings before seeking any payment.  These disclosures must
include information about the retail price of all prizes, odds of
winning, costs of obtaining any prize, and the "No purchase
necessary to win" statement.

The proposed rules also prohibit a variety of specific
misrepresentations, including that a person was selected to
receive a prize, that the telemarketer is affiliated with a
government entity, or that the telemarketer can improve credit
records or obtain loans for customers regardless of credit
record.

Also, telemarketers would be prohibited from calling consumers
more than once every three months to sell the same thing, and
calling consumers who have stated that they do not want to be
called by the telemarketer.  Violations of the proposed rule
could result in civil penalties of up to $10,000 per violation.

There will likely be strong resistance from the telemarketing
industry to these regulations, and attempts to weaken the
proposed rules.  Written comments in support of the rules may be
submitted to the FTC, Office of the Secretary, Room 159,
Washington D.C. 20580, and should be captioned "Proposed
Telemarketing Sales Rule."  The FTC requests that the comments
also be submitted on disk, preferably in a DOS word processer
format, or as a text file.

BTW, the Privacy Rights Clearinghouse has a free publication
entitled "Telemarketing: Whatever Happened to a Quiet Evening at
Home?" that provides tips on cutting down on sales calls.  The
document is available via gopher at gopher.acusd.edu; ftp at
teetot.acusd.edu  cd pub/privacy; WWW at
http://www.manymedia.com/prc/; or e-mail this address for a copy.

=================================================================
   Barry D. Fraser                      fraser@pwa.acusd.edu
   Online Legal Research Associate

   Privacy Rights Clearinghouse         prc@pwa.acusd.edu
   Center for Public Interest Law       telnet teetot.acusd.edu
   University of San Diego                   login:  privacy
   Privacy Hotline: 619-298-3396        BBS: 619-260-4789
   In California:   800-773-7748             host: teetot
                                             login:  privacy
=================================================================

------------------------------

Date:    Mon, 27 Feb 1995 17:03:16 -0800 (PST)
From:    Privacy Rights Clearinghouse <prc@pwa.acusd.edu>
Subject: Compuserve Sued for Delivering "Junk E-Mail"

Robert Arkow, a Compuserve subscriber, is suing the service for
delivering two unsolicited advertising e-mail messages to his
mailbox on December 21, 1994.  The suit, believed to be the first
of its kind, challenges the right of advertisers to deliver so-
called "Junk E-Mail" under the Telephone Consumer Privacy
Protection Act of 1991 (TCPA).  Arkow argues that the TCPA prohibits 
the automated calling of "any service for which the calling party is
charged for the call."  Also named in the suit is Compuserve Visa, 
the business responsible for the ads.

The TCPA provisions are aimed at automated dialers, machines 
that call homes and deliver recorded sales pitches.  The law also 
prohibits unsolicited fax advertisements.  The question will be "How
similar is junk E-Mail to recorded telemarketing calls or
unsolicited fax ads?"

=================================================================
   Barry D. Fraser                      fraser@pwa.acusd.edu
   Online Legal Research Associate

   Privacy Rights Clearinghouse         prc@pwa.acusd.edu
   Center for Public Interest Law       telnet teetot.acusd.edu
   University of San Diego                   login:  privacy
   Privacy Hotline: 619-298-3396        BBS: 619-260-4789
   In California:   800-773-7748             host: teetot
                                             login:  privacy
=================================================================

------------------------------

Date: Sat, 11 Feb 1995 14:44:39 -0800
From: Phil Agre <pagre@weber.ucsd.edu>
Subject: airline data

The New York Times describes an agreement over the collection and management
of operational data from commercial aircraft in the US:

  Matthew L. Wald, Government authorizes airlines to collect data on pilots'
  errors, New York Times, 10 February 1995, pages A1, C4.

The new system routinely collects and stores the data that now (in the US
anyway) is normally only inspected after a plane crashes.  The pilots' union
had been concerned that airlines would use this data to build a case when
they wanted to fire one of its members.  The compromise is that the airlines
would maintain the data but that pilots would have immunity against its being
used to punish them, and that the FAA will have access to the information for
its safety studies.  This will allow the FAA to spot patterns in statistics
that might indicate trouble before a crash.

This is a relatively unusual case of negotiation over technology for tracking
work activities.  It is interesting to contrast the pilots' case to that of
truck drivers, many of whose rigs are now electronically monitored without 
any such protections.  One difference between the two cases is the relative
strength of the ALPA and the Teamsters in their respective industries.
Another is the difference in severity of the public safety issues facing
regulators in the two industries.

Phil Agre, UCSD

------------------------------

Date:    Sat, 25 Feb 1995 18:23:35 -0800
From:    Phil Agre <pagre@weber.ucsd.edu>
Subject: American Express sends reporters' data to tobacco companies

You may recall that Philip Morris, the largest producer of tobacco
products in the United States, has sued ABC television for $10 billion
for a story claiming that tobacco companies manipulate nicotine levels
in cigarettes to keep customers addicted to their products.  Their story
was based in part on the testimony of a former tobacco company manager
who appeared on the show in silhouette.  Philip Morris wanted badly to
know this person's identity, and so they sent subpoenas to 13 companies
to obtain the travel records of the ABC producers who did the reporting.
The subpoenas covered the one-month period during which they worked on
the story.

The Wall Street Journal has now reported an astounding new development:

  Laurie P. Cohen and Alix M. Freedman, American Express sends a
  statement that's quite wrong, The Wall Street Journal, 24 February
  1995, pages A1 and A4.

As you might expect, various media organizations tried to overturn the
subpoenas.  When they failed, 12 of the 13 companies made their own
attempt to get the subpoenas overturned.  But the 13th company, American
Express did not, and instead voluntarily turned over *seven years* worth
of records on those reporters *and* records for a half-dozen reporters
with no connection to the case.

The company admits it made a mistake and expresses concern for its
customers' privacy.  Clearly, though, American Express' public relations
bone was not fully connected to its internal policy and training bones.
I would expect that this list includes several people with both strong
privacy concerns and American Express cards, and I am sure that American
Express would benefit from hearing their views.

Phil Agre, UCSD

------------------------------

Date:    Wed, 1 Mar 1995 00:17:09 -0800
From:    "Dave Banisar" <banisar@epic.org>
Subject: EPIC Legislative Update 2.2

Privacy Legislation 104th Congress
Electronic Privacy Information Center
Last updated 2.23.95

An updated version of this document and the text of the
bills are available from cpsr.org /cpsr/privacy/epic/104th_congress_bills/

Quality Assurance in Drug Testing Act (HR 153). Introduced by Rep. Solomon.
Prohibits random drug tests, requires that employers have explicit written
policies and education, use certified labratories. Referred to Committee on
Commerce.

Individual Privacy Protection Act of 1995 (HR 184) Introduced by Rep. Collins
(D-ILL).Creates national Privacy Commission with authority to oversee
enforcement of Privacy Act. Referred to Committee on Government Reform and
Oversight.

Antitrust Reform Act of 1995 (HR 411). Introduced by Rep. Dingell (D-MI). 
Telecommunications reform bill. Includes section ordering FCC to conduct
privacy survey of new technologies and places limits on use of Customer
Propriety Number Information (CPNI). Referred to Committee on Commerce.

Postal Privacy Act of 1995 (HR 434) Introduced by Rep. Condit (D-CA).
Prohibits Post Office from selling personal information to direct marketers.
Referred to Committee on Government Reform and Oversight

Fair Health Information Practices Act of 1995 (HR 435). Introduced by Rep.
Condit (D-CA). Health Care privacy bill. Sets limits of access,use and
dissemination of personal medical information. Referred to Committee on
Commerce and 2 other committees.

Consumer Reporting Reform Act of 1995 (HR 561). Introduced by Rep. Gonzales
(D-TX). Updates 1970 Fair Credit Reporting Act to require better accuracy,
less expensive credit reports, limit use of credit records for direct
marketing and prohibit most uses of reports by employers. Referred to the
Committee on Banking and Financial Services.

***Bills that will negatively affect privacy***

The Taking Back Our Streets Act of 1995 (HR 3). Introduced by Rep. McCollum.
Republician Crime Bill. Includes provision to substantially limit judicial
sanctions for illegal searches (exclusionary rule). Referred to Committee on
the Judiciary. Hearings held 1/19/95

FBI Counterintelligence Act of 1995 (HR 68). Introduced by Rep. Bereuter.
Authorizes easier access to credit reports by FBI for "national security
purposes." Referred to Committee on Banking and Financial Services

Interstate Child Support Enforcement Act (HR 195) Introduced by Rep. Roukema
(R-NJ).  Extends access to federal, state, local and commerical databases for
purposes of enforcing child support. Increases use of Social Security Numbers.
Creates database of new hires. Referred to Committee on Ways and Means and 3
other committees.

Social Security Account Number Anti-Fraud Act (HR 502). Introduced by Rep.
Calvert (R) Amends the Social Security Act to require the Secretary of Health
and Human Services to establish a program to verify employee social security
information, and to require employers to use the program using 800# to verify
employee. Referred to Ways and Means.

Immigration Reform Act of 1995 (HR 560). Introduced by Gallegly. Requires
introduction of new tamperproof id cards for immigrants.
Referred to the Committee on the Judiciary.

Act to enforce Employer Sanctions law (HR 570). Introduced by
Beilenson. Requires issues of new Social Security Card which is
"counterfeit-resistant ... contains fingerprint identification,
barcode validation, a photograph, or some other identifiable feature."
Card will be sole identification allowed for work authorization. Referred to
Committee on Ways and Means and Judiciary Committees.

Exclusionary Rule Reform Act of 1995 (HR 666). Introduced by Rep.
McCollum (R-FL). Allows introduction of evidence obtained by
illegal search or siezure that violates 4th Amend, statute or
rule of procedure if "objective belief" that search or siezure legal.
May allow illegal wiretaps, house searches to be used. Does not 
apply to IRS and BATF. Rejected amendment by Watt (D-NC) to replace language
with that of 4th Amendment. Passed by House Feb 8, 1995.

Criminal Alien Deportation Improvements Act of 1995 (HR 668). Introduced by
Smith (R-TX). Authorizes wiretaps for investigations of
llegal immigration. Passed by House Feb 10. Referred to Senate 
Judiciary Committee.

Illegal Immigration Control Act of 1995 (HR 756). Introduced by Hunter.
Authorized Wiretaps for illegal immigration investigations,
false id. Requires issuence of "enhanced" Social Security cards to
all citizens and resident aliens by year 2000 that will include photo, SSN,
and are machine readable. Orders Attorney General to create databases for
verification. Referred to Committee on Judiciary.

Child Support Responsibility Act of 1995 (HR 785). Introduced by Johnson
(R-Conn). Makes SSN of parents public record by requiring their use on birth
cirtificates and marriage liscenses. Referred to the Committee on Ways and
Means.

Paperwork Reducation Act of 1995 (HR 830). Introduced by 
Controversal provision to benefit West Publishing limiting access
to public records removed after Internet campaign by TAP. Passed
by House Feb. 22 (418-0). House Report 104-37. See S. 244 below.

Communications Decency Act of 1995 (HR 1004). Introduced by Johnson
(SD). Same as Exon bill (see S. 314 below). Referred to Commerce and
Judiciary Committees.

****************************************************************
Senate Bills
****************************************************************

Violent Crime Control and Law Enforcement Improvement Act of 1995 (S. 3).
Senate Republician Crime Bill. Introduced by Dole. Includes provision to
substantially limit judicial sanctions for illegal searches (exclusionary
rule). Allows wiretapping for immigration, and false documents, allows
participation of foreign governments in domestic wiretapping and disclosure of
info to foreign law enforcement agencies.   Referred to Committee on the
Judiciary

Family Health Insurance Protection Act (S. 7). Introduced by Senator
Daschle(D-SD). Democratic Health Care Bill. Sets national standards for
transfer, privacy of medical records. Referred to Committee on Finance.

Exclusionary Rule Limitation Act of 1995 (S. 54). Introduced by Thurman. (See
HR 666 above).

Paperwork Reduction Act of 1995 (S. 244) Introduced by Sen. Nunn (D-GA).
Renews 1980 Paperwork Reduction Act. Sets OMB as controller
of information policy in government. Sets standards for collection, use,
protection of statistical information.  Referred to Committee on Government
Affairs. Approved by Committee Feb. 14.

Immigrant Control and Financial Responsibility Act of 1995 (S. 269).
Introduced by Sen. Dole and Simpson. Creates national registry for 
workplace verification. Increases use of wiretaps for immigration
purposes. Referred to the Committee on the Judiciary

Communications Decency Act of 1995 (S. 314). Introduced by Sen. Exon
(D-NE). Revises Communications Act to make transmittal of sexually
oriented communications a crime. Makes anonymous communications that 
are "annoying" a crime. Senate Committee on Commerce, Science and
Transportation. See EPIC alert 2.03 for more information.

Interstate Child Support Responsibility Act of 1995 (S. 456). Introduced by
Bradley (D-NJ). Creates databank of new hires. Allows datamatching with SSA
for verification. Increases use of SSN.
Referred to the Committee on Finance.

------------------------------

Date:    Wed, 1 Mar 1995 03:07:22 -0800
From:    ceh@LELAND.STANFORD.EDU (Carey Heckman)
Subject: Alert #1: Fifth Conference on Computers, Freedom and Privacy

* WHY CFP
* WHAT'S NEW FOR '95?
* EARLY REGISTRATION DEADLINE: FEBRUARY 24
* PAEAN TO UNSUNG HEROES
* THE WHOLE WORLD WILL BE WATCHING
* CONNECTING TO CFP'95

WHY CFP

Never has the need for a conference on computers, freedom, 
and privacy been so urgent.

New laws are being proposed. New commercial ventures are 
being launched. New arrests are being made. New conceptions 
(and misconceptions) are being spread by newspapers, 
magazines, books, and broadcast media. New lawsuits are being 
filed. New databases are being created.

In short, new threats are emerging and new crises are brewing,
all while new opportunities are evolving.

Exploring and better understanding the definition of our 
rights at this crucial crossroads of the Information Age 
requires a balanced public forum that includes participants 
from computer science, law, business, research, information, 
library science, health, public policy, law enforcement, 
public advocacy, and others.

That's the Fifth Conference on Computers, Freedom and 
Privacy. March 28-31, 1995. Burlingame, California.

WHAT'S NEW FOR '95?

If you have attended a previous Conference on Computers, 
Freedom and Privacy, you have some idea of the high quality 
and diversity of people the conference attracts as speakers 
and attendees. CFP'95 continues that tradition, but breaks 
new ground as well.

Topics: CFP'95 covers the critical issues of the day, 
including those that touch on freedom of speech, privacy, 
access to public records, freedom of association, and fair 
access to computer and telecommunications technologies. The 
program gives particular emphasis to how the growth of 
computer and data communications into the mainstream expands 
and threatens our freedoms.

Speakers: With more than half of the CFP'95 Program Committee 
new to organizing the conference, it should come as no 
surprise that CFP'95 is far from a gathering of the usual 
suspects.

Among this year's featured speakers are John Morgridge, chairman 
of Cisco Systems; Roger Wilkins a Pulitzer Prize-winning 
commentator for National Public Radio and Professor of History 
and American Culture at George Mason University; Margaret Jane 
Radin, a Stanford Law School professor and expert on property 
law and political philosophy; and Esther Dyson, founder of EDventure 
Holdings, editor of Release 1.0., co-chair of the National
Information Infrastructure Advisory Council's Information Privacy 
and Intellectual Property Subcommittee, and among the leading 
experts on computers, software, and computer communications in 
Eastern Europe and the former Soviet Union.

Also included in the CFP'95 program are

  *  Kent Walker, the Assistant United States Attorney who
     led the investigation and arrest of Kevin Mitnick.

  *  Brock Meeks, the journalist who defended himself from
     an Internet libel lawsuit earlier this year.

  *  Pamela Samuelson, the University of Pittsburgh law professor
     who co-authored the manifesto urging a radical redefinition
     of legal protection for computer software.

  *  Roger Karraker, the director of the Santa Rosa Junior
     College journalism program where the tension between
     free speech and sexual harassment on computer bulletin
     boards became a national news story.

  *  Virginia Rezmierski, the advisor on policy to the Vice
     Provost for Information Technology at the University of
     Michigan where Jake Baker was indicted for publishing a
     story on the Internet.

Formats: The issues discussed at CFP'95 have two or more 
sides, and rather than have panel of speakers after panel of 
speakers, the session formats have been designed to showcase 
different perspectives and stimulate audience interaction.

For example, Thursday afternoon features a Socratic forum on free 
speech and responsibility, led by professional moderator Professor 
Kim Taylor-Thompson of Stanford Law School. A Socratic forum assembles 
experts from various disciplines who role play themselves in a 
hypothetical scenario. The moderator fires questions and stokes 
discussion between the experts to create a bright light of information 
(as well as some white hot heat of controversy).

EARLY REGISTRATION DEADLINE: FEBRUARY 24

Register this week to save as much as $175 in registration 
fees. You can do this by mail, phone, fax, or electronic 
mail. See the contact information below for how to get 
registration information.

PAEAN TO UNSUNG HEROES

Each Conference on Computers, Freedom, and Privacy is a non-
profit, non-commercial event. CFP'95 is no exception. 
Volunteer Coordinator Judi Clark has already assembled a 
remarkable corps of volunteers who will be staffing the 
registration desk, making sure sessions go smoothly, taking 
photographs, and a host of other indispensable functions.

Many thanks in advance to Judi and the rest of the volunteers 
for making CFP'95 possible.

THE WHOLE WORLD WILL BE WATCHING

Media Coordinator Scott Nicholas reports active press interest in CFP'95.
Requests for press credentials have already been received from national
newspapers, newsweeklies, broadcast media, foreign publications, and a
variety of trade magazines. Past CFPs have attracted CNN, the New York
Times, The Washington Post, and USA Today.  

CONNECTING TO CFP'95

Registration and other information about CFP'95 is readily 
available from many sources:

By WWW:        URL=http://www-techlaw.stanford.edu/CFP95.html
By Gopher:     www-techlaw.stanford.edu
By FTP:        www-techlaw.stanford.edu
By Email:      Info.CFP95@forsythe.stanford.edu
By Fax:        (415) 548-0840
By Telephone:  (415) 548-9673

------------------------------

Date:    Sat, 11 Mar 1995 10:02:10 -0500 (EST)
From:    fc@all.net (Dr. Frederick B. Cohen)
Subject: Short Course on Protection and Security on the Information Superhighway

There will be a short course held on March 29 and 30, in New York (with
other cities to follow in the May-June time frame) on protection in the
emerging NII (info superhighway) computing environment.

For full details, see:
URL:			http://all.net:8080
email:			jerry_fireman@fireman.com
call:			810-540-5610
fax:			810-540-3506

The course runs for 2 days and includes a copy of the newly released book:
	Protection and Security on the Information Superhighway
	(by Fred Cohen - published by John Wiley and Sons NY)
FC

------------------------------

End of PRIVACY Forum Digest 04.06
************************

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH