TUCoPS :: Privacy :: priv_407.txt

Privacy Digest 4.07 3/24/95

PRIVACY Forum Digest     Friday, 24 March 1995     Volume 04 : Issue 07

            Moderated by Lauren Weinstein (lauren@vortex.com)         
              Vortex Technology, Woodland Hills, CA, U.S.A.
	
                       ===== PRIVACY FORUM =====              

   	  The PRIVACY Forum digest is supported in part by the 
	      ACM Committee on Computers and Public Policy,
     		     and the Data Services Division 
	           of MCI Communications Corporation.


CONTENTS 
	 Perhaps privacy is not what it seems (Steve Mann)
	 Re: How can files be 100% wiped? [linux encrypted swap]
	    (eichin@mit.edu)
	 How much is "enough"? (Tom Zmudzinski)
	 Privacy issues in intelligent transportation systems
	    (Phil Agre)
	 Is Caller ID to be mandantory nationally, April, 1995?
	    (Jim Warren)
	 FCC delaying draconian CNID measures (Phil Agre)


 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

-----------------------------------------------------------------------------
The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are by an automatic "listserv" system; for
subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to
"list-maint@vortex.com". 

All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the listserv system.  Please follow the instructions above
for getting the listserv "help" information, which includes details
regarding the "index" and "get" listserv commands, which are used to access
the PRIVACY Forum archive.  All PRIVACY Forum materials are available
through the Internet Gopher system via a gopher server on site
"gopher.vortex.com".  Access to PRIVACY Forum materials is also available
through the Internet World Wide Web (WWW) via the Vortex Technology WWW 
server at the URL: "http://www.vortex.com".
-----------------------------------------------------------------------------

VOLUME 04, ISSUE 07

   Quote for the day:

	"Rules are rules."

		"FBR" Agent Sullivan (Arte Johnson) 
		"The President's Analyst" (1967)
		

----------------------------------------------------------------------

Date:    Sun, 12 Mar 95 14:57:19 -0500
From:    Steve Mann <steve@media.mit.edu>
Subject: Perhaps privacy is not what it seems

What would happen if all credit card records were accessible by everyone?
Strange is it may seem, could it be that this might *enhance* privacy,
because it would make us fully aware of just how much is know about us?

Perhaps because it might also encourage people to look at the source of
the problem rather than the symptom.  Perhaps it would get people
looking at alternatives like digicash, and using technology to protect
their privacy rather than law.  Instead of having technology continue
to invade privacy more and more, and using law to hold it back, perhaps
the technology itself could be used to enhance privacy.

> attempt to get the subpoenas overturned.  But the 13th company, American
> Express did not, and instead voluntarily turned over *seven years* worth
> of records on those reporters *and* records for a half-dozen reporters
> with no connection to the case.

Is it possible, perhaps, that American Express did privacy a service here?
Taking this action to the extreme limit, suppose they put the records
on the World Wide Web?  Wouldn't this eliminate the selling of credit
records?  (Once they are freely available their market-value would
take a drastic decrease, a and it would be very hard to make money from
them.)  Perhaps it would also allow people to clearly see exactly how much
is known and therefore how much is not private.

Similarly, with the wiretap bill, suppose instead that anyone could tap
anyone else's phone line (say by dialing #, and then that person's phone
number).  Wouldn't this actually *help* privacy by causing people to
obtain telephones with built-in encryption rather than asking Big Brother
to protect their privacy with privacy-laws?

Perhaps a definition of what we mean by the word ``privacy'' would be
useful, since so many people seem to be using this word in so many
different ways.

		[ Uh, much as I'm tempted to comment here, I'll bite my
		  tongue and leave it to the readership to respond to the
		  "privacy" concepts suggested above...  -- MODERATOR ]
		
------------------------------

Date:    Sun, 12 Mar 95 18:16:11 -0500
From:    eichin@mit.edu
Subject: re: How can files be 100% wiped? [linux encrypted swap]

>> There's still the problem of virtual memory causing plaintext to
>> be written to the paging disk.  However since the paging space is

Someone in Sweden just announced patches to Linux 1.2.0 for encrypting
the swap area; he claims an overhead of about 20ms/4K for the more
secure version, 2ms/4K for a weaker one. I haven't started using it
myself, yet, but I can certainly think of applications for it. (It is
still in alpha test, but it is an example of what can be done...)

>> A possible solution here might be somehow to lock the process into
>> memory so that it is never paged out, or even once copied to disk.

Some operating systems support a "plock" system call to lock a page in
memory. If the system is paging in the first place, though, excessive
use of it could be detrimental to overall performance.

					_Mark_ <eichin@cygnus.com>
					Cygnus Support, East Coast

------------------------------

Date:    Tue, 14 Mar 95 17:32:02 EST
From:    "Tom Zmudzinski" <zmudzint@CC.IMS.DISA.MIL>
Subject: How much is "enough"?

In-Re: How can files be 100% wiped?
On Tue, 14 Feb 1995, G Martin <gmartin@freenet.columbus.oh.us>
posted to PRIVACY Forum Digest V04 #05

>       I am very confused about something and I'm hoping that
>  someone on this list can help me get to the truth.  I'm going to
>  be teaching a class on Internet to a group of parents in a few
>  months.  These parents have indicated to me that security/privacy
>  issues are a big deal to them (and truthfully they're a big deal
>  to me too).  One area where I keep getting mixed signals on is
>  how to *REALLY* remove old data from hard drives, floppies and
>  backup tapes.

   As others have said, if you want 100% assurance that the data is
   gone, burn the media (and if it's mylar, watch out for cyanide!)
   However, if you are willing to live with some Risk (do you have a
   choice?  You're living on a planet that attracts rocks!) you can
   try the following:

   1.  Get yourself the biggest "refrigerator magnet" (the rubbery kind)
       you can.  They have incredible coercivity!  (It's not the
       strength of the magnetic field but the _rate_of_change_ of the
       field that wipes data, and those oh so smooth "rubber" magnets
       are "rougher" than the mountains of the Moon in terms of their
       magnetic domains.)
   2.  (Optionally) deformat the disk using a "diskwipe" utility.
   3.  Demount the media and wipe your rubber magnet over the surface
       in an overlapping and crossing pattern.
   4.  Remount the media and try to read it (it had better fail --
       or else you're back in the toxic waste disposal business).
   5.  Format it.
   6.  Repeat steps 2 through 5 until feelings of paranoia go away.

   Is it bulletproof?  No, but someone has to *really* want that data!

In-Re: Destruction of data
On Sun, 26 Feb 1995, cpreston@alaska.net (Charles M. Preston)
posted to PRIVACY Forum Digest V04 #06

>> A report from the Institute for Defense Analyses from several years
>> ago stated that with enough processing power and time, data could be
>> recovered almost regardless of the method used to erase it.  The same

   Unfortunately, "with enough processing power and time" one might do
   nearly anything.  "Enough" is a pseudo-superlative.  The reality is
   that if the media is overwritten "enough" (there's that word again!),
   the data is lost in Chaos.  That's why *NO* amount of "processing
   power and time" is enough to extract, say, the first word ever
   spoken from the random noise around us.  Eventually (another
   pseudo-superlative), the signal will drop below the noise level.

>> report gave a rule of thumb about the necessary strength of magnetic
>> fields used to erase data.  If this holds true for newer media like
>> high-density diskettes and DAT drives, it may be impossible to
>> adequately erase this media, including hard drives, with current
>> degaussers.

   I'll agree that today's degaussers are suspect, especially if you're
   talking about single pass usage.  But it's not exactly news that
   we've been in a technology race for as long as there's been a Human
   Race.  This is just one more battle to be fought and lost.

   And here's something chilling for your Thought For The Day file:

         There is a small, but unacceptable, probability that Comet
         Swift-Tuttle will hit the Earth on 14 August 2126 (and a MUCH
         better chance come 3044 AD).  Swift-Tuttle is approximately
         five miles in diameter, somewhat LARGER than Comet Alverez,
         the flying iceberg currently thought to have finished the
         dinosaurs.  Now, are you certain you don't want to invest some
         of your children's tax dollars in space defense technology?

		[ I've certainly got those dates circled in red
		  in my day planner...  -- MODERATOR ]

------------------------------

Date: Thu, 16 Mar 1995 22:05:12 -0800
From: Phil Agre <pagre@weber.ucsd.edu>
Subject: privacy issues in intelligent transportation systems

-------------------------------------------------------------------------
Intelligent Transportation Systems in the United States
Serious Privacy Issues -- Opportunity for Public Comment
March 1995
Please pass this file to anybody who might be interested.
-------------------------------------------------------------------------

Intelligent Transportation Systems (ITS) is a very large program 
organized by industry and government to apply computer and communications
technologies to transportation.  If ITS lives up to its proponents' 
hopes then it will eventually affect virtually everybody.  ITS systems 
are already implemented in many American states and other countries,
particularly for automated toll collection, and numerous others can 
be expected soon.  Architectures, standards, and regulatory frameworks 
for US national ITS systems are being formulated through a long, complex
private-public partnership process that is already well under way.
Although ITS promises to bring many benefits, if implemented incorrectly
it can also pose a grave threat to personal privacy by making extensive
information on individuals' travels available to governments, marketing
organizations, and others.

The second half of this file contains the most recent draft of the
"privacy principles" for ITS, now being circulated for comments by the
industry group ITS America.  If you do have any comments then I encourage
you to submit them to ITS America; 400 Virginia Avenue SW, Suite 800;
Washington DC 20024-2730.

I also strongly encourage you to obtain a copy of the November 1994 report
on the DOT/ITS America national architecture plan from Mr. George Beronio;
Federal Highway Administration; HTV-10 Room 3400; US Department of
Transportation; 400 7th St SW; Washington DC 20590.  For more information,
see http://weber.ucsd.edu/~pagre/its-issues.html

I am circulating the draft ITS privacy principles on my own initiative 
and not as a representative of ITS America, the University of California,
or any other organization.  The comments that follow reflect my own views.

Here are some issues to consider:

 * What will prevent states from giving local police broad powers to
   use ITS information for law enforcement purposes?  Do the democratic
   processes in state legislatures provide enough protection, or should
   the architecture for ITS systems resist abuse through anonymity and
   other measures?  What does "ambushed" mean, and what if anything does
   "reasonable expectation" mean in practice?

 * Is an opt-out system sufficient to prevent abuse of ITS information by
   marketers?  Do opt-out systems work well enough in other areas, such as
   secondary uses of personal mailing addresses and associated demographic
   information?  What specific guidelines might be required to ensure
   that the opt-out is "user friendly" enough?  Would an opt-in system
   be preferable?  Such a system would set the default differently, so
   that your personal ITS information would not be available to marketing
   organizations without your express consent.

 * Should ITS systems collect individually identifiable information at
   all?  That is, should the architecture be designed so that databases
   end up containing personal travel information that is indexed in some
   form that can be merged with personal information from other sources?
   Or should the system be entirely anonymous?

 * To what lengths should ITS implementers be required to go in order to
   provide drivers with the option of using ITS anonymously?  How easy
   should it be to pay with cash -- or with digital cash?

 * Should ITS privacy guidelines have the force of law?  Which ones?  What
   would these laws be like, what level of government would be responsible
   for them, and how would they be enforced?  If the guidelines do not
   have the force of law, what guarantee is there that ITS implementers
   will follow them in a substantive way?

 * Who should be liable when ITS information is employed to violate an
   individual's privacy?  ITS developers?  States?  Both?  What statutory
   framework is required to ensure that violated individuals can pursue
   and receive adequate legal remedies?
   
 * How is the adequacy of ITS privacy safeguards to be determined?  Who
   will make this determination?  Will there be an ongoing evaluation?
   By whom?

 * Is it practical to specify privacy guidelines without detailed
   reference to the ITS system architecture?  How could the guidelines
   specify relevant aspects of the architecture more precisely without
   sacrificing adaptability to a wide range of settings?  Are restrictions
   on the architecture required to ensure privacy, or does it suffice to
   formulate guidelines like these independently of the development of the
   architecture?

 * Should ITS development be permitted to proceed before privacy
   requirements are adequately defined, widely discussed, and broadly
   approved?  Have these requirements been adequately articulated thus
   far in the process?

 * Are the guidelines clear enough?  Are any passages vague or ambiguous?

 * Does the Freedom of Information Act really require a balance between
   privacy and right to know?  Or does privacy take priority?

 * Does the requirement for "visibility" (also known as "transparency")
   need to be defined more precisely?  What guidelines might be needed
   to ensure that information about ITS data flows are available to the
   general public in a useful form?

 * Is it alright to permit non-ITS organizations to make unlimited use of
   ITS information that does not identify individuals?  Can we envision
   any types of non-individualized information whose use the public has an
   interest in regulating?

 * In the paragraph on secondary uses, is the expression "information
   absent personal identifiers" restrictive enough?  What about
   information without personal identifiers but with identifiers for
   particular automobiles?  What about information with identifiers for
   particular "smart cards" or bank account numbers?  Might there be other
   types of information that permit individual identities to be readily
   reconstructed through merger with other sources?
   
 * The word "appropriate" appears four times.  Does this notion need to
   be spelled out more specifically?  Can this be done without introducing
   excessive inflexibility?  How?

 * Who should have an opportunity to comment on these guidelines?  Should
   the comments be publicly available?  How?

 * Is it reasonable that these guidelines are being developed by a private
   organization rather than by the government?  What initiatives, if any,
   should the government be taking to ensure privacy protection in this
   area?

Although many of my views can be inferred from the way I have framed 
my questions, you are obviously free to draw your own conclusions about
these matters and any others I might not have mentioned.  I encourage you
to communicate your views and to help make the issues known to the broad
public that they affect.  Public awareness is now virtually nil, and this
is clearly unacceptable for an issue with the potential for such profound
and pervasive consequences.

  -- Phil Agre
     pagre@ucsd.edu
     http://communication.ucsd.edu/pagre/agre.html

			----------------------------

ITS America

Draft Final
Intelligent Transportation Systems
Fair Information and Privacy Principles

These fair information and privacy principles were prepared in 
recognition of the importance of protecting individual privacy in
implementing Intelligent Transportation Systems.  They have been adopted 
by ITS America in "draft final" form.  The Privacy Task Group of the Legal 
Issues Committee will present these principles for review and comment
to organizations and groups interested in privacy and ITS outside of ITS
America during 1995.  They will then be submitted for final adoption to
the ITS America Legal Issues Committee, Coordinating Council, and Board of
Directors.

The principles represent values and are designed to be flexible and
durable to accommodate a broad scope of technological, social, and
cultural change.  ITS America may, however, need to revisit them
periodically to assure their applicability and effectiveness.

These principles are advisory, intended to educate and guide
transportation professionals, policy makers, and the public as they
develop fair information and privacy guidelines for specific intelligent
transportation projects.  Initiators of ITS projects are urged to publish
the fair information privacy principles that they intend to follow.
Parties to ITS projects are urged to include enforcible [sic] provisions
for safeguarding privacy in their contracts and agreements.

 * INDIVIDUAL CENTERED. Intelligent Transportation Systems (ITS) 
must recognize and respect the individual's interests in privacy and
information use.

ITS systems create value for both individuals and society as a whole.
Central to the ITS vision is the creation of ITS systems that will fulfill
our national goals.  The primary focus of information use is to improve
travelers' safety and security, reduce travel times, enhance individuals'
ability to deal with highway disruptions and improve air quality.
Traveler information is collected from many sources, some from the
infrastructure and some from vehicles, while other information may come
from the transactions -- like electronic toll collection -- that involve
interaction between the infrastructure and vehicle.  That information 
may have value in both ITS and non-ITS applications.  The individual's
expectation of privacy must be respected.  This requires disclosure and
the opportunity for individuals to express choice.

 * VISIBLE.  Intelligent transportation information systems will be built
in a manner "visible" to individuals.

ITS may create data on individuals.  Individuals should have a means of
discovering how the data flows operate.  "Visible" means to disclose to
the public the type of data collected, how it is collected, what its uses
are, and how it will be distributed.  The concept of visibility is one of
central concern to the public, and consequently this principle requires
assigning responsibility for disclosure.

 * COMPLY. Intelligent Transportation Systems will comply with state and
federal laws governing privacy and information use.

 * SECURE.  Intelligent Transportation Systems will be secure.

ITS data bases may contain information on where travelers go, the routes
they use, and when they travel, and therefore must be secure.  All ITS
information systems will make use of data security technology and audit
procedures appropriate to the sensitivity of the information.

 * LAW ENFORCEMENT.  Intelligent Transportation Systems will have an
appropriate role in enhancing travelers' safety and security interests,
but absent consent, government authority, or appropriate legal process,
information identifying individuals will not be disclosed to law
enforcement.

ITS has the potential to make it possible for traffic management 
agencies to know where individuals travel, what routes they take, and
travel duration.  Therefore, ITS can increase the efficiency of traffic
law enforcement by providing aggregate information necessary to target
resources.  States may legislate conditions under which ITS information
will be made available.  Absent government authority, however, ITS 
systems should not be used as a surveillance means for enforcing traffic
laws.  Although individuals are concerned about public safety, persons 
who voluntarily participate in ITS programs or purchase ITS products have 
a reasonable expectation that they will not be "ambushed" by information
they are providing.

 * RELEVANT.  Intelligent Transportation Systems will only collect
personal information that is relevant for ITS purposes.

ITS, respectful of the individual's interest in privacy, will only 
collect information that contain [sic] individual identifiers which are
[sic] needed for the ITS service functions.  Furthermore, ITS information
systems will include protocols that call for the purging of individual
identifier information that is no longer needed to meet ITS needs.

 * SECONDARY USE. Intelligent Transportation Systems information coupled 
with appropriate individual privacy protection may be used for non-ITS
applications.

American consumers want information used to create economic choice 
and value, but also want their interest in privacy preserved.  ITS
information is predictive of the types of goods and services that 
interest consumers, for example the right location for stores, hospitals,
and other facilities.  However, that same information might also be used
to disadvantage and harm a consumer.  Therefore, the following practices
should be followed.

   * ITS information absent personal identifiers may be used for ITS and
other purposes.

   * Other unrelated uses of ITS information with personal identifiers may
be permissible if individuals receive effective disclosure and have a user
friendly means of opting out.

   * Data collectors will only provide personal information to private
organizations that agree to abide by these privacy principles.

 * FOIA.  Federal and State Freedom of Information Act (FOIA) obligations
require disclosure of information from government maintained databases.
Database arrangements should balance the individual's interest in privacy
and the public's right to know.

In determining whether to disclose ITS information, governments should,
where possible, balance the individual's right to privacy against the
preservation of the basic purpose of the Freedom of Information laws to
open agency action to the light of public scrutiny.  ITS travelers should
be presumed to have reasonable expectations of privacy for personal
identifying information.  Pursuant to the individual's interest in
privacy, the public/private frameworks of organizations collecting data
should be structured to resolve problems of access created by FOIA.

------------------------------

Date:    Sun, 19 Mar 1995 09:45:32 +0800
From:    jwarren@well.sf.ca.us (Jim Warren)
Subject: Is Caller ID to be mandantory nationally, April, 1995  ?

Would you like to know who's electronically knocking on your bedroom door
in the middle of the night?

Would you like to remain entirely undisturbed by anyone who's unwilling to
identify themselves to you when they try to contact you or electronically
enter your home?

Would you like for the computer system you call to be able to verify that
the call is coming actually from your phone number - rather than from some
vile computer cracker who's somehow obtained your user-id and password?

Would you like computer systems to selectively allow access to "sensitive"
or "adult(?)" material via a call coming from your phone, identified as a
mature(?) adult, while blocking access requests via your young teen-ager's
phone that might be identified as such?

And would you like to selectively keep some people whom you decide to visit
electronically, no matter the time nor location at which you decide to
contact them, from knowing who you are - for personal privacy or for
nefarious purposes (or both)?

Okay.  I just received a Spring, 1995, junkmail catalog from Hello Direct,
a telephone add-ons company.  For some reason that's probably fantesy, I
had the impression they were somehow associated with Pacific Bell, though I
found no mention of it in this edition of their catalog.  (800-444-3556;
now you know everything I know about 'em.)

An ad for a Caller ID blocking device on page 45 stated:

"Mark your calendar.  In April, 1995, Caller ID will be a 'done deal,'
nationwide.  You may or may not have Caller ID service from the phone
company today.  But in April, every telephone company coast-to-coast will
be required to offer it, by law.

"Your number can be legally displayed, for anyone you call who has Caller
ID service and a phone with Caller ID functionality. ... While you could
get a call-blocking service from the phone company, you'd have to keep
paying for it every month.  For a tidy fifty bucks, this clever little
device does the trick just as well - no monthly service needed."

(Unsurprisingly, the catalog also offered ID receiving units, as well as
this ID transmission blocker. :-)

I don't know whether this is true, partly-true (e.g., for interstate calls)
or only sometimes true depending on which state you're in, as is now the
case.

Can anyone cite a federal statute or regulation - probably from the FCC -
mandating such national service?  Would love to have the exact citation and
text of any such mandate.

--jim
Jim Warren, GovAccess moderator; columnist, MicroTimes/Govt.Tech/BoardWatch
 jwarren@well.com (well.com = well.sf.ca.us; also at jwarren@autodesk.com)
 345 Swett Rd., Woodside CA 94062; voice/415-851-7075; fax/<# upon request>

[ From the PRIVACY Forum Moderator: 

  First off, "Hello Direct" is not associated with Pacific Bell, unless
  there's some secret connection I've never heard of!

  The $50 CNID blocking device mentioned is actually a device to 
  automatically dial *67 at the beginning of every call, to activate
  the per-call CNID blocking feature that the FCC mandated be 
  available *for free* to all subscribers [but see below]...

  The FCC did *not* mandate CNID be available everywhere.  What the FCC
  actually mandated is that CNID data be passed between local telcos and
  IXCs ("long distance companies") on interstate calls starting that date.
  They also mandated that before that be done local telcos must provide free
  per-call blocking (i.e. *67) for their subscribers, regardless of whether
  or not CNID display services were being offered to subscribers in that
  area.  They also mandated that the privacy indication triggered by the use
  of per-call CNID blocking must be honored by all receiving local telcos.

  Note that:
   
   1) This says nothing about the actual providing of CNID to subscribers.
      If the local telco decides they don't want to provide the ability
      for their subscribers to receive CNID, that's OK.

   2) It says nothing about intrastate calls, which may still be under
      tighter controls (potentially with per-line CNID blocking still
      available).  There are some technical issues revolving around the
      question of providing per-line blocking for intrastate calls and
      only per-call blocking for interstate calls.

   3) It says nothing about calls to 800 or 900 numbers, which use
      ANI for caller (line) identification and are not affected by
      CNID restrictions.  The issue of 800 numbers in particular is a
      thorny one, since the party paying for the call does need some
      way to track abusive and other usage.

   4) Many state PUCs (and other entities) have apparently filed suits against
      the FCC regarding their ruling, particularly where the ruling would
      preempt the states' own rules for providing of per-line CNID blocking (at
      least as far as interstate calls are concerned).

   5) Many local telcos seem quite confused about what's going on, and it
      has long seemed unlikely that the April implementation date would be
      fully met, especially since neither many local telcos, nor most IXCs,
      have said anything to their subscribers about use of *67 in those areas
      where CNID services are not being offered.

   NEWS FLASH!  See the next message in this digest for important news 
   regarding this topic area!

   I should add that I also saw that same writeup in the "Hello Direct"
   catalog.  By the way, one of the Caller ID boxes in their catalog,
   showing a name display, is displaying the name "Will Robinson".
   I guess someone really might be "Lost in Space".

	-- MODERATOR ]

------------------------------

Date:    Wed, 22 Mar 1995 17:25:18 -0800
From:    Phil Agre <pagre@weber.ucsd.edu>
Subject: FCC delaying draconian CNID measures

A friend on the net has pointed out to me that the March 20th 1995 
"daily digest" of the FCC (http://fcc.gov:70/0/Daily_Digest/dd032095.txt
or gopher fcc.gov) includes the following text, which is listed as an
addendum that was released March 17th but not included in that day's
summary:

    CALLER ID. Effective March 17, stayed effectiveness of
    Sections 64.1601 and 64.1603 of the Commission's rules in 
    the matter of  Rules and  Policies Regarding Calling
    Number Identification Service -- Caller ID. (CC Docket 91-
    281 by Order [FCC 95-119] adopted March 17 by the
    Commission)

Although the full text does not seem to be available yet, the point seems
to be that the FCC is backing off its ill-considered attempt to override
state privacy protections for consumers whose phone systems employ Caller
Number Identification (CNID, "Caller ID").  Nothing is wrong with CNID 
as such, and many supporters of CNID also support the necessary privacy
features.  The imporant thing is to ensure that people can easily block
and unblock the sending of CNID from their own phone lines ("per line" 
not just "per call").  Otherwise, CNID turns from a device that allows
people to regulate their own privacy (by deciding which outgoing calls
should identify them and which incoming calls to accept) to a device that
generates marketing information.  For a long time, many CNID proponents
denied that marketing applications were a significant motivation for 
CNID.  Now that numerous business CNID software applications are becoming
available (contact Rochelle Communications at (512) 339-8188), one more
commonly hears arguments (for example from Peter Huber in Forbes, 6/6/94)
that opponents of poorly designed CNID are anti-technological paranoiacs.
Most recently, reports have been pouring in (see the most recent EPIC
Alert) of badly implemented CNID blocking in several states that has
revealed thousands of phone numbers that should have been protected.
Clearly it's time to call "time out" on CNID and determine whether privacy
protection is being treated as a crucial functionality to CNID or as an
obstacle to its most profitable implementation.

Phil Agre, UCSD

  [ From the PRIVACY Forum Moderator:

    I've included below the sections referenced in the above text.  Note
    that based on a reading of just this material, there's no way to
    determine if the stay is related to technical difficulties in
    implementing the order by the original date (e.g., SS7 problems) or
    relates to a broader reconsideration of the issues in light of various
    actions and events which have occurred since the order.

    One can only hope it is the latter.

		-- MODERATOR ]

   	      -----------------------------------

64.1601  Delivery Requirements and Privacy Restrictions

     (a)  Delivery.  Common carriers using Signalling System 7
     and offering or subscribing to any service based on
     Signalling System 7 functionality are required to transmit
     the calling party number associated with an interstate call
     to interconnecting carriers.

     (b)  Privacy.  Originating carriers using Signalling System
     7 and offering or subscribing to any service based on
     Signalling System 7 functionality will only recognize *67
     dialed as the first three digits of a call (or 1167 for
     rotary or pulse-dialing phones) as a caller's request for
     privacy on an interstate call.  No common carrier
     subscribing to or offering any service that delivers calling
     party number may override the privacy indicator associated
     with an interstate call.  The terminating carrier must act
     in accordance with the privacy indicator unless the call is
     made to a called party that subscribes to an ANI or charge
     number based service and the call is paid for by the called
     party.  

     (c)  Charges.  No common carrier subscribing to or offering
     any service that delivers calling party number may (i)
     impose on the calling party charges associated with per call
     blocking of the calling party's telephone number, or (ii)
     impose charges upon connecting carriers for the delivery of
     the calling party number parameter or its associated privacy
     indicator.

     (d)  Exemptions.  64.1601 shall not apply to calling party
     number delivery services (i) used solely in connection with
     calls within the same limited system, including (but not
     limited to) a Centrex, virtual private network, or private
     branch exchange system; (ii) used on a public agency's
     emergency telephone line or in conjunction with 911
     emergency services, or on any entity's emergency assistance
     poison control telephone line; or (iii) provided in
     connection with legally authorized call tracing or trapping
     procedures specifically requested by a law enforcement
     agency.

64.1603  Customer notification.  

     Any common carrier participating in the offering of services providing
     calling party number, ANI, or charge number on interstate calls must
     notify its subscribers, individually or in conjunction with other
     carriers, that their telephone numbers may be identified to a called
     party.

     Such notification must be made not later than April 12, 1995, and
     at such times thereafter as to ensure notice to subscribers.  The
     notification shall inform subscribers how to maintain privacy by
     dialing *67 (or 1167 for rotary or pulse-dialing phones) on
     interstate calls.  For ANI or charge number services for which
     such privacy is not provided, the notification shall inform
     subscribers of the restrictions on the reuse or sale of
     subscriber information.

------------------------------

End of PRIVACY Forum Digest 04.07
************************

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH