TUCoPS :: Privacy :: priv_423.txt

Privacy Digest 4.23 11/4/95

PRIVACY Forum Digest     Saturday, 4 November 1995     Volume 04 : Issue 23

            Moderated by Lauren Weinstein (lauren@vortex.com)         
              Vortex Technology, Woodland Hills, CA, U.S.A.
                       ===== PRIVACY FORUM =====              

   	  The PRIVACY Forum digest is supported in part by the 
	      ACM Committee on Computers and Public Policy,
     		     and the Data Services Division 
	           of MCI Communications Corporation.

	TV News Interview Request (Lauren Weinstein; PRIVACY Forum Moderator)
	Monaco taps *every* international call?!?! (Kent Quirk)
	Who owns your name? (Graystreak )
	Caller ID/New Worries (J.P. Kleinhaus)
	France: change in cryptography policy (kaiser@acm.org)
	FBI Unveils National Wiretap Plan (Marc Rotenberg)
	Controversy Over Medical Records Legislation (Monty Solomon)
	Businesses monitoring employee e-mail (Andy Erickson)

 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are by an automatic "listserv" system; for
subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to

All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the listserv system.  Please follow the instructions above
for getting the listserv "help" information, which includes details
regarding the "index" and "get" listserv commands, which are used to access
the PRIVACY Forum archive.  All PRIVACY Forum materials are available
through the Internet Gopher system via a gopher server on site
"gopher.vortex.com".  Access to PRIVACY Forum materials is also available
through the Internet World Wide Web (WWW) via the Vortex Technology WWW 
server at the URL: "http://www.vortex.com".


   Quote for the day:

	"How tall was King Kong?"

			-- Eli Cross (Peter O'Toole)
			   "The Stunt Man" (1980)


Date:    Sat, 4 Nov 95 10:23 PST
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: TV News interview request

Greetings.  I've received a request from a producer for one of the three
major U.S. television networks' evening news programs.  They'd like to do a
privacy story, with a focus on an individual who feels their privacy has
been invaded and what steps they've taken to try protect themselves from
further problems.

I receive queries like this from time to time, and I always point out to the
producers the irony involved: A person who has had privacy problems is
probably about the *least* likely person to want to go on-camera on national

Still, this is an important topic, and as I've often mentioned here in the
Forum, it's crucial that these matters be brought to the attention of the
broader population--and to a large extent that means TV news.  And TV news
is very "people"-oriented--it likes to do stories where the viewers can
focus on individuals rather than generalized concepts.

Are there risks involved with doing such interviews?  Sure.  As someone who
willingly talks to the media about these topics, and has done quite a number
of interviews, I can tell you that when the interview ends and the tape is
"in the can" you're at the mercy of the producer, tape editor, and other
involved folk in terms of how the final product turns out.  You may 
find that an hour of tape is reduced down to a 10 second soundbite in the
aired version, but that's the way it is for most everyone from politicians 
to entertainers who do news interviews.

As you can gather, I consider discussion of these topics in mainstream media
to be valuable, even given some of the negatives in the interview process.
The producer for this particular story is based here in L.A., and since
the main network news bureaus are in L.A. and New York, persons in those
areas would be easiest for them to work with, though other areas may
also be considered.  If you feel you have a relevant story and are
willing to go bigtime public with it, drop me an email note and I'll
put you in touch with the producer, and you two can take it from there.



Date:    Mon, 16 Oct 95 23:19:44 -0500
From:    Kent Quirk <kentq@world.std.com>
Subject: Monaco taps *every* international call?!?!

In the October/November 1995 issue of _The Riviera Reporter_, an English-
language magazine distributed in the French Riviera, there was an article
that disturbed me greatly.

It described the a television interview of a resident of the Principality of
Monaco who was enthusiastic that the local police apparently record every
telephone call.  He encouraged viewers to look on it as a memory aid, and
described how he had forgotten what he was supposed to get his sister for
her birthday.  He called the local police -- they played back the call and
told him what he should buy.

Can anyone verify that this is indeed the case?  I'm told that Monaco has an
incredibly low crime rate.  But, if true, the cost is higher than I'm
willing to pay. 

	- Kent 

Kent Quirk | Email:    kentq@world.std.com
Les Genets | WWW:      http://world.std.com/~kentq/

   [ It's a bit unlikely that you'll be able to get any definitive statement
     specifically regarding Monaco, but some general observations can be
     made.  From a technical standpoint, the smaller the country,
     and the fewer the communications circuits in and out, the easier
     it becomes to monitor substantial percentages of traffic, assuming  
     you wish to do so.  Monaco is certainly a geographically small
     country, but that says nothing about whether or not such monitoring  
     goes on there.

     However, it's worth noting that in many parts of the world, routine
     monitoring of international (and in some cases domestic)
     telecommunications circuits is as old as the telegraph.  Circuits to
     and from given countries, or simply transiting through, have frequently
     been considered to be fair game for routine monitoring activities,
     either in part or in whole.  This continues in a long tradition that
     literally reaches back several centuries (and probably much farther!)
     with international mail and courier messages.  Many, perhaps even most
     governments, regardless of political leanings, have at various times
     felt it was their right, or even their obligation, to keep track of
     what goes on in international communications, much as they endeavor to
     track the flow of physical goods across the borders.  You may agree or
     disagree with this reasoning, but it's not new, or even unusual.

     The greater the percentage of traffic that is non-voice, the more
     practical it is for automated procedures to be used to watch over
     larger numbers of circuits.  Data, fax, telex, and similar
     communications all fall into the easily automated category (I believe
     that something on the order of over half of overall international
     communications traffic now consists of faxes).  It also seems
     reasonable to speculate that developments in continuous-speech,
     speaker-independent speech recognition systems may have evolved
     to the point where they could at least be used for monitoring
     of many circuits for keywords of interest, which would then trigger
     further monitoring by humans.

     But again, all this doesn't answer the fundamental question
     of how much routine monitoring goes on, since it's something
     that most governments would not be exactly anxious to publicize
     if it were occurring.

     For a fascinating historical perspective on this subject and
     related topics, I recommend reading "The Puzzle Palace" (1982)
     by James Bamford.
  					-- MODERATOR ]


Date:    Tue, 17 Oct 95 11:16:46 -0400
From:    Graystreak <wex@media.mit.edu>
Subject: Who owns your name?

[culled from CPSR's EPIC Alert newsletter...]

The Marketry company of Bellvue, Washington is now selling email 
addresses of Internet users obtained from Newsgroup postings. From 
the company's press release:

   "These are email address of individuals who are actively using
   the Internet to obtain and transfer information.  They have
   demonstrated a substantial interest in specific area of information
   on the Internet.  They are regularly accessing information in their
   interest areas from newsgroups, Internet chats and websites. . . .
   The file is anticipated to grow at the rate of 250,000 E Mail 
   addresses per month, all with Interest selections."

What are the interest areas currently available?  "Adult, Computer, 
Sports, Science, Education, News, Investor, Games, Entertainment 
Religion, Pets."  The release notes that "additional interests areas 
will be added, please inquire." Activities of US and non-US Net users 
will be included in the Marketry product.

The Washington Post reported that the president of Markertry, Norm
Swent, would not disclose who the actual owner of the list is. "That
really is confidential information," Swent said, "and we are obviously
bound by confidentiality agreements with the list owner."


   (a) Sit back, let your newsgroup postings get swept up by the data 
   scavengers and watch the junk email pile high on your system, or

   (b) Send email to Marketry and tell them to STOP SELLING PERSONAL
   DATA GATHERED FROM THE NET.  Send email to: listpeople@marketry.com
   and tell your friends to send email.  And tell your friends' friends.

It's your name.  It's your mailbox. Think about it.

	[ It's important to always remember that public postings are just
	  that, *public*.  Entities are free to collect, index, store, and
	  otherwise use such materials quite freely, as long as they don't
	  violate applicable laws (of which very few relate to this area).
	  Of more concern is the use of data collected by servers in the
	  course of essentially "non-public" transactions, such as World
	  Wide Web browsing.  More on that in a future digest.
						-- MODERATOR ]

Date:    Tue, 17 Oct 95 11:30:12 PDT
From:    aa2du@netcom.com
Subject: Caller ID/New Worries


I received a rather disturbing communication enclosed in my latest
NYNEX telephone bill.  This came in the bill for my business account
and I haven't seen it in my residential account bills.  The flyer
describes the the new "Call ID Deluxe Service."

According to NYNEX, the new service allows the user to see
the name and telephone number of the caller, *even if the caller's
number is non-published.* (emphasis NYNEX's)  The flyer does
say that you can block the service using Per-call restrict or All-call
restrict, which is available in NY State.

If the non-business customer is not made aware of this, the implications
for loss of privacy should be obvious to everyone.  I really question
the need for this, but I suppose NYNEX will make more millions as
a result of these actions.  As a final note, NYNEX does say that
they have not yet received Public Service Commission approval for this
latest invasion of our privacy. I urge everyone to contact the NY State
PSC and advise them against approving such a plan.

With regards,

J.P. Kleinhaus
J.P. Kleinhaus, AA2DU  ARRL CAC hudson Div. Rep.  
E-mail: aa2du@netcom.com
Compu$erve:  74660,2606

		[ This is pretty much the case in many areas. 
		  Where CNID or enhanced (name/address CNID) systems
		  are available, efforts to require all non-pub
		  numbers to be blocked by default have been
		  vigorously opposed by local telcos.  The reason
		  is obvious--in major metro areas an extremely
		  high percentage of lines may be non-pub, which
		  would result in very high numbers of lines
		  CNID blocked from day one, reducing the perceived
		  value of the service to potential customers.
					-- MODERATOR ]


Date:    Wed, 18 Oct 95 13:44:52 +0100
From:    kaiser@acm.org
Subject: France: change in cryptography policy

Until recently, the French government has considered cryptographic software
to be war material -- specifically Class II munitions, like a live ground-to-
air missile -- and one was not permitted to use it without the proper license
and along with registering all keys.  This has apparently just changed a bit,
if one can believe an article yesterday in Nice-Matin, the local newspaper
for the Cote d'Azur.  In part it reads (my translation):

	France: Internet will be accessible at the price of a local call

	The government wants to render Internet accessible to everyone in
	France at a cost that is both attractive and uniform for the entire
	country, said Frangois Fillon, minister of information technologies,
	yesterday from an interagency committee on the information


	Finally, the interagency committee was able to specify the
	regulation of encrypting information, indispensable especially for
	encoding bank card numbers on online services.

	Cryptology is no longer war materiel, the government text specifies,
	and when it has to do with protecting a password, an access code, or
	a bank card number, a simple declaration from the vendor will be
	enough, in place of prior authorization.

This obviously begs the question of how good such cryptographic techniques
will be permitted to be (RSA 40-bit?  128-bit?  12-bit?), but perhaps someone
has seen a better newspaper with more details.


+33, FAX +33


Date: 2 Nov 1995 11:21:11 -0500
From: "Marc Rotenberg" <rotenberg@epic.org>
Subject: FBI Unveils National Wiretap Plan

The New York Times reports today that the FBI has proposed "a
national wiretapping system of unprecedented size and scope that
would give law enforcement officials the capacity to monitor
simultaneously as many as one out of every 100 phone lines"
in some regions of the country. ("FBI Wants to Vastly Increase
Wiretapping," NYT, Nov. 2, 1995, at A1)

The story follows the October publication in the Federal Register
of the FBI plans to implement the Communications Assistance
for Law Enforcement Act, the controversial "digital telephony"
bill that was opposed by many groups last year but supported by
an industry association called the "Digital Privacy and Security
Working Group" after the government put up $500,000,000 to pay
for the new surveillance features. (See EPIC Alert 2.12)

The Times article also notes that there is now some question about whether
the law will ever go into effect.  A provision to provide funding was
deleted last week after "several freshman Republicans, including
Representative Bob Barr of Georgia, a former federal prosecutor,
said he objected to the way the money for wiretapping would be raised
and that he had concerns about how the FBI might use such a sweeping
surveillance ability."

The article also says that "The scope of the FBI plan has startled
industry telephone executives, who said it was difficult to estimate
how much it would ultimately cost to carry out the capacity

EPIC is urging the on-line community to object to implementation of
the wiretap plan.  More information can be found at our web page:


Marc Rotenberg


Date:    Wed, 1 Nov 1995 13:46:33 -0500
From:    Monty Solomon <monty@roscom.COM>
Subject: Controversy Over Medical Records Legislation

	[ Editing for length by MODERATOR ]

Begin forwarded message:

Date: Wed, 1 Nov 1995 10:41:37 -0500
From: James Love <love@Essential.ORG>
Subject: Controversy Over Medical Records Legislation

TAP-INFO - An Internet newsletter available from listproc@tap.org
November 1, 1995

-    Senator Robert Bennett and several cosponsors introduce legislation
on medical records privacy.  S. 1360 would allow millions of law
enforcement officials, social workers, graduate students and other health
care researchers, government fraud investigators and probably
congressional staff to obtain access to computer databases with the
medical records for most Americans who pay for care under health insurance
programs.  The Center for Patient Rights, the Massachusetts ACLU, EPIC,
and the Consumer Project on Technology (CPT) have expressed opposition to
the bill, as have several privacy experts. However, the legislation is
enthusiastically endorsed by the Center for Democracy and Technology
(CDT), which was involved in the drafting of the bill, and some other
groups have apparently endorsed the legislation.  The Consumer Project on
Technology is working on a statement about the legislation.  Here is the
statement about the legislation released yesterday by the Massachusetts
ACLU.  jamie <love@tap.org>

... [ ACLU statement removed for length -- you can presumably
      obtain full texts at the contact addresses below  -- MODERATOR ]

TAP-INFO is archived at gopher.essential.org in the Taxpayer Assets 
Project directory, and at http://www.essential.org/tap/tap.html
Subscription requests to tap-info to listproc@tap.org with
the message:  subscribe tap-info your name
Taxpayer Assets Project; P.O. Box 19367, Washington, DC  20036
v. 202/387-8030; f. 202/234-5176; internet:  tap@tap.org

		[ I received an item directly from CDT that supported this
		  legislation, however it was not appropriate for inclusion
		  without some editing for length, and was marked with a
		  "must be distributed in its entirety" label, so it's not

		  I invite the parties on both sides of this issue to submit
		  concise items to the Forum describing their points of view.

						    -- MODERATOR ]


Date:    Thu, 19 Oct 1995 15:28:23 CST
From:    "Andy Erickson" <ANDY@action-lane.com>
Subject: Businesses monitoring employee e-mail

Are there any articles, courtcases, .... anything.... relevant to the 
unethical ... perhaps illegal ... monitoring of employee's electronic 

			[ Articles regarding the current
			  state of the laws in this topic 
			  area are invited.  -- MODERATOR ]


End of PRIVACY Forum Digest 04.23

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2023 AOH