TUCoPS :: Privacy :: priv_603.txt

Privacy Digest 6.03 2/10/97

PRIVACY Forum Digest      Monday, 10 February 1997      Volume 06 : Issue 03

            Moderated by Lauren Weinstein (lauren@vortex.com)         
              Vortex Technology, Woodland Hills, CA, U.S.A.
                       ===== PRIVACY FORUM =====              

               The PRIVACY Forum is supported in part by the          
                 ACM (Association for Computing Machinery)
	         Committee on Computers and Public Policy,      
          "internetMCI" (a service of the Data Services Division         
      of MCI Telecommunications Corporation), and Cisco Systems, Inc.
                                 - - -
             These organizations do not operate or control the     
          PRIVACY Forum in any manner, and their support does not
           imply agreement on their part with nor responsibility   
        for any materials posted on or related to the PRIVACY Forum.

	 Crypto Export [Phil Karn] Interview on PRIVACY Forum Radio
	    (Lauren Weinstein; PRIVACY Forum Moderator)
	 Update on "Your Signature for Sale?"
	    (Lauren Weinstein; PRIVACY Forum Moderator)
	 Yahoo! promotes privacy -- well, at least they make an attempt
	    (Dave McComb)
	 HTTP cookies still taste bad (Howard Goldstein)
	 EU card (Phil Agre)
	 FBI Issues Scaled Back Surveillance Capacity Notice (Bob Palacios)
	 Virginia Bill on Collection of Information from Landlords
	    (Dave Banisar)
	 Proposed satellite monitoring of car movements in Sweden
	    (Feliks Kluzniak)
	 Maryland Motor Vehicles Department Sells Privacy Down the River
	    (Monty Solomon)
	 Berkeley Student Takes 3.5 Hours to Crack RSA 40-bit Key
	    (John van Heteren)

 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are by an automatic "listserv" system; for
subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to

All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the listserv system.  Please follow the instructions above
for getting the listserv "help" information, which includes details
regarding the "index" and "get" listserv commands, which are used to access
the PRIVACY Forum archive.  

All PRIVACY Forum materials are available through the Internet Gopher system
via a gopher server on site "gopher.vortex.com".  Access to PRIVACY Forum
materials is also available through the Internet World Wide Web (WWW) via
the Vortex Technology WWW server at the URL: "http://www.vortex.com";
full keyword searching of all PRIVACY Forum files is available via
WWW access.


   Quote for the day:

	"In my experience there's no such thing as luck."

		-- Obi-Wan ("Ben") Kenobi (Alec Guinness)
  		   "Star Wars" (20th Century Fox/Lucasfilm; 1977)


Date:    Mon, 10 Feb 97 16:03 PST
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Crypto Export [Phil Karn] Interview on PRIVACY Forum Radio

Greetings.  A new installment of PRIVACY Forum Radio is available for your
listening pleasure.  This segment features my interview with Phil Karn
(known to many in the TCP/IP world by his ham call sign "KA9Q") of Qualcomm,
Inc.  We discuss the status of his lawsuit against the U.S. federal
government seeking permission to export the machine readable version of a
crypto source code package that can currently only be exported legally in
printed form--even though the same code is involved.  It's a fascinating
look at a case which is at the very leading edge of the crypto export
controversy.  As always, follow the web links from www.vortex.com to PRIVACY
Forum and PRIVACY Forum Radio to access the segment and prior PRIVACY Forum
Radio interviews.

Moderator, PRIVACY Forum


Date:    Mon, 10 Feb 97 16:14 PST
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Update on "Your Signature for Sale?"

Greetings.  Since the recent distribution of my "Your Signature for Sale?"
piece recently, I've received a great number of responses and personal
anecdotes.  For right now, there are two points I'd like to pass along.

First, some persons making inquiries to UPS have apparently been told that
the UPS signature display software doesn't allow printing out of the
recipient's signature.  Outside of the fact that conventional Windows
functions, drivers, and "background" programs can be used to capture and
print the contents of virtually any Windows application's screens, it seems
to clearly be the case that the UPS software itself does include a signature
print function.  By the way, I'd like to thank the person who faxed me a
copy of the full UPS ad (from "The Economist", and subsequently seen in
other publications) which promotes that signature printing function twice in
the ad text plus again with a picture of a printer...

Second, as I had suggested would probably be the case, some persons have
indeed reported problems getting their UPS delivery persons to accept an "X"
or similar "non-signature" to receive their packages, even though such
actions were explicitly suggested to me by UPS management.  If your local
UPS driver refuses to turn over a package under these circumstances, you
should insist on the issue being immediately escalated to a supervisor and
if necessary to management at UPS headquarters in Atlanta.  At a certain
level up the chain of command you should be able to find someone who will
verify that such non-signatures *are* acceptable on the automated signature

More on this developing story to come...

Moderator, PRIVACY Forum


Date: Mon, 20 Jan 1997 17:50:46 -0500
From: Dave McComb <mccomb@InterWorld.com>
Subject: Yahoo! promotes privacy -- well, at least they make an attempt

   [ From Risks-Forum Digest; Volume 18 : Issue 78  -- MODERATOR ]

When Yahoo!'s People Search page (http://www.yahoo.com/search/people/)
first premiered, it allowed you to look up information based on first
name, last name, city, state, and phone number.  Yahoo! has since
removed the reverse phone number lookup, stating in their FAQ:

What happened to the "search by telephone number" feature?

We have elected to discontinue the reverse lookup feature because of
privacy concerns that have been
raised by users. 

However, this is not actually the case -- it's still there, just in a
different form.

You see, Yahoo! also allows users to suppress information about themselves,
by entering their phone number
(http://www.yahoo.com/search/people/suppress.html).  When you enter your
phone number, you get a listing containing your name and full address.  By
using this, you can still perform a reverse phone number lookup.

-Dave mccomb@interworld.com  Manager, Network & Security  


Date: 21 Jan 1997 02:46:09 GMT
From: hgoldste@mpcs.com (Howard Goldstein)
Subject: HTTP cookies still taste bad (Andersson, RISKS-18.77)

   [ From Risks-Forum Digest; Volume 18 : Issue 78  -- MODERATOR ]

Anders Andersson (Leaking WWW surfer interest profiles, RISKS-18.77)
observes the possibility that the ad.doubleclick.net site, from a firm that
sells space on a couple of dozen large web sites (*The New York Times*
advertising column, 20 Jan 1997), may be in a position to save keyword lists
submitted for search on the Alta-Vista search engine.

What Anders Andersson may not have noticed was that when the browser called
up the doubleclick site it returned more than an image; it also returned a
cookie that doubleclick retrieves on subsequent accesses to its affiliated
systems to develop a profile of Andersson's likes, dislikes, and usage
habits.  [See my item in RISKS-18.19 for more on these stealthy cookies.]

Seems one without too much trouble could compile an incredibly detailed
profile of an individual given one's footprints through webspace, coupled
with one's search engine habits for those inconvenient times when the
footprints don't lead to doubleclick's sites.  A most valuable marketing

Howard Goldstein <hgoldste@bbs.mpcs.com>


Date:    Wed, 22 Jan 1997 04:55:32 -0800 (PST)
From:    Phil Agre <pagre@weber.ucsd.edu>
Subject: EU card

The Times (London) for 22 January 1997 carries an article by Leyla Linton
entitled "EU card could be passport to open all doors".  (My access to
the article is through an online version that was forwarded to me over
the Internet, so I don't have a page number for it.)  The smart card,
says the article, "could act as an identity document, driving licence and
electronic purse", "and, eventually, could be used as a passport or even
as a house key".  "The card has been supported by the European Commission
and several member states, and could be introduced alongside a single
currency."  The proposal is "to be published in detail next month".  The
article focuses on apoplectic opposition to the proposal from Conservative
British MP's who oppose Britain's accelerating integration with Europe;
a spokesman the Conservative government also expressed opposition, as did
the civil rights organization Liberty.

What first struck me about the proposal is its resemblance to so-called
"one card" systems that are being widely implemented on American college
campuses.  These cards combine many or all of the functions currently
assigned to a range of other identification cards, such as library cards,
plus additional functionalities.  A "one card" system being implemented
on some California State University campuses, for example, derives its
funding from a bank card and telephone card; the university expects to
raise large sums by swinging a large portion of its 300,000+ students
to a single bank and/or telephone service provider.  The card is then
envisioned as extending to other purposes such as dormitory keys.  

From a business point of view, a college campus is an attractive site for
the implementation of such technologies because a campus is a microcosm
of a whole society; it includes an enormous range of activities including
housing, food service, entertainment, parking, administrative functions,
vending, and so on.  The CSU system, however, as one probably expects, has
been designed and implemented with essentially no attention to privacy.  I
attended a statewise meeting of CSU student governments (California State
Student Association) at which CSU authorities assured that "one card"
information was "fully protected by law", but then did not challenge a
later assertion from an expert on privacy law that this "full protection"
only applied to that narrow range of academic records that are covered by
the Buckley Amendment.

The danger of a "one card", of course, is that it will provide the basis
for the creation of a centralized dossier covering an ever-broader range
of a student's activities, either through the literal creation of a single
centralized database or (more likely) through the establishment of common
identifiers and interoperable systems that allow data to be matched easily
across different subsystems.  College campuses, in this way, threaten
to become practice grounds for the establishment of a dossier society.
In the case of CSU, it was clear that the real initiative for the system,
including its architecture and public relations strategy, was originating
not with the CSU administators but with the proposed system's vendor, IBM.

The EU proposal deserves similar attention.  DId this idea originate with
the European Commission and the MEP's who introduced the proposal, or did
it originate with vendors?  Has any attention been paid to privacy issues?
Europe has a head start in this area because of the generally very good
European Data Protection Directive, together with the functioning privacy
commissioners' offices in several European countries.  But the EU proposal
may be a more serious matter than the data protection model can address.
The data protection model of privacy regulation, after all, presupposes
that personal information is captured and stored in databases; it simply
requires that the whole process be done with appropriate notification,
documentation, and security.  A Europe-wide "one card" system can easily
become a centralized dossier, even with the strictest data protection.
In addition to the constraints of data protection, therefore, it becomes
important for privacy protection to be built into the architectures of
this emerging generation of integrated identification systems.  Technical
proposals for this purpose are numerous and well-understood, including
digital cash and pseudoidentity schemes that could be implemented on a
smart card.  Actually implemnting these alternative technicals proposals
on a large scale would be a significant challenge, both as a matter of
infrastructure and the detailed development of policy and administrative
procedures.  But it is certainly better than creating the dossier society
by default, just because that is the logical extension of the traditional
practices of computer system design.

Phil Agre


Date: Fri, 17 Jan 1997 19:30:07 -0500
From: Bob Palacios <cdt-edit@cdt.org>
Subject: FBI Issues Scaled Back Surveillance Capacity Notice

   [ Excerpt extracted from CDT POLICY POST Volume 3, Number 1 by MODERATOR ]


On Tuesday, January, 14 1997, the FBI issued a revised notice of proposed
surveillance capacity as required by the 1994 Communications Assistance for
Law Enforcement Act (CALEA - a.k.a. Digital Telephony).  The notice details
projected increases in law enforcement wiretapping and other electronic
surveillance activity in the coming years.

While the latest notice appears far less expansive than the FBI's first
capacity notice issued in October of 1995, and while this notice, by
including the unprecedented release of baseline surveillance information on
a county-by-county basis, goes a long way towards satisfying some of CDT's
objections to the first notice, many serious issues remain.  Specifically:

* Does the county-by-county approach of the latest surveillance capacity
  request correspond to law enforcement's real needs?

* What is the expected cost for meeting the FBI's proposed capacity

* The latest capacity request lumps together interceptions of call
  content and interceptions of dialing information (through pen register
  and trap and trace devices). Does this increase surveillance
  capacity available to law enforcement?

* Most importantly, issues of surveillance CAPABILITY remain on the
  table.  The FBI has taken a broad view of CALEA and has proposed
  technical standards which, in CDT's view, go far beyond the scope of
  CALEA and would dramatically increase law enforcement surveillance
  authority. These issues are currently being negotiated in industry
  standards setting bodies and will be a major issue in 1997.


Date:    Thu, 6 Feb 1997 15:43:44 -0500
From:    Dave Banisar <Banisar@epic.org>
Subject: Virginia Bill on Collection of Information from Landlords

      To: Interested Persons
      From: David Banisar, Esq. (banisar@epic.org)
      Electronic Privacy Information Center (http://www.epic.org/)
      Re: Virginia Senate Bill SB 1012
      Date: February 6, 1997


On January 27, the Virginia Senate approved by a vote of 37-2 a bill that
would require landlords, managers of condominiums, storage facilities and
others to annually provide a comprehensive list of the names, addresses, and
the automobile, boat and aircraft registration information of all their
tenants, lessees and others to the local tax commissioners of the Virginia
government.  The legislation is intended to assist the state in the
assessment of personal property taxes.  The bill poses a grave threat to the
privacy of Virginia residents.  It raises the question of whether Virginia
should be ab le to coerce private citizens into acting as state informants by
requiring them to provide this personal information on persons with whom
they have a busine ss relationship to the state government.

Overview of the Bill

The bill covers "every person owning, managing, or operating, any apartment
house, condominium, cooperative-housing facility, office building, shopping
center, trailer camp or trailer court, self-storage facility, marina, or
privately owned or operated airport in the Commonwealth."  Counties having a
population of more than 1,000 people per square mile may require such
information from any person leasing houses for rent.  The bill substantially
expands an existing 1950's era law to include condominiums, cooperative-
housing facilities, and self-storage facilities.

The legislation would require that the person or business provide the "name
and address of every tenant, lessee, owner, or other person permitted to
occupy or use space at such facility"; the "year, make, model, state and
license plate number of any motor vehicle garaged, housed or parked on the
premises"; and the "state and registration number of any watercraft or
aircraft at the facility."  Previously, the law only covered the names of
people who were renting space for aircraft and boats.

Failure to provide such information is classified as a "Class 4
misdemeanor."  Under Virginia Code 18.2-11, the punishment can be a fine up
to $250 for each tenant.  The bill allows owners, managers, and operators to
"require, as a condition to leasing, selling, licensing, or otherwise
granting any rights or interest in space at such facility, that any tenant,
renter, or such other person provide the owner, manager, or operator of such
facility with the information required to be provided pursuant to this


The bill raises questions about the role of the state government in
mandating that individuals and businesses act as informers for the
government and provide personal information about their clients to
government officials.

The bill also raises grave privacy concerns about the creation of a state
database of all residents and others with a business relationship in
Virginia, whether or not they are subject to tax liabilities.

The bill will place a substantial burden on landlords, leasing companies,
universities, and others to collect information on their clients.  It will
likely damage their relationships with their clients, as they must act as
defacto informants of the state, collecting and providing this information to
the government.

The General Assembly should not only reject this bill, but also consider
eliminating the existing requirements currently in A758.1-3901 of the Code of
Virginia, which this bill amends.

Legislative Status and Contact Information

01/17/97 Senate: Presented & ordered printed 973650681
(by State Senator Richard J. Holland (D-15, Windsor). Office (804) 786-7392)
01/17/97 Senate: Referred to Committee on Finance
01/22/97 Senate: Reported from Finance (16-Y 1-N)
01/23/97 Senate: Constitutional reading dispensed (39-Y 0-N)
01/23/97 Senate: VOTE: CONST. READING DISPENSED (39-Y 0-N)
01/24/97 Senate: Read second time and engrossed
01/27/97 Senate: Read third time and passed Senate (37-Y 2-N)
01/27/97 Senate: VOTE: PASSAGE (37-Y 2-N)
01/27/97 Senate: Communicated to House
01/28/97 House: Placed on Calendar
01/29/97 House: Read first time
01/29/97 House: Referred to Committee on Finance
02/05/97 House: Assigned to Finance sub-committee: 2

The bill is expected to be considered by the House of Delegates in the near
future.  Individuals who are interested in this legislation should contact
their state delegate immediately.  The number for leaving messages at the
Virginia General Assembly constituent hotline is 1-800-889-0229.

David Banisar (Banisar@epic.org)                *    202-544-9240 (tel)
Electronic Privacy Information Center           *    202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301             *    HTTP://www.epic.org
Washington, DC 20003
PGP Key: http://www.epic.org/staff/banisar/key.html


Date: Wed, 29 Jan 1997 20:39:29 +0100 (MET)
From: Feliks Kluzniak <feliks@carlstedt.se>
Subject: Proposed satellite monitoring of car movements in Sweden

   [ From Risks-Forum Digest; Volume 18 : Issue 81  -- MODERATOR ]

The new issue of "Dagens IT", no. 3, dated 28 Jan - 3 Feb 1997 (a Swedish
paper aimed at information technology professionals), contains an item that
might be of some interest to those RISKS readers who followed discussions
about automatic highway toll booths in the US and related subjects.

My (probably imperfect) translation follows.
  Car users will be be put in "feetcuffs"
  (written by Margaretha Sundstroem)
With the help of a new satellite system car users might pay different taxes,
depending on when and where they drive.  This is what the State
communications commission is said to be discussing.

According to (the newspaper) "Dagens Politik", the State communications
commission is discussing a proposal to use satellites for determining car
taxes in the future.  It is proposed that all of Sweden's 3.5 million cars
should be equipped with a little reader fastened to the instrument board.
Car users would then buy cards that can be inserted into the reader.  The
card would communicate with a satellite that would register where you drive
and for how long.  The car tax would then be withdrawn from the card.
The proposal has been put forward by the State institution for communication
analysis.  They estimate that just the Stockholm (tax) authorities would be
able to earn six billion crowns by using this system.
The costs for car users would thereby increase.

 - - - - 

The reference to "feetcuffs" (by analogy to "handcuffs" - ankle
shackles?)  is an allusion to radio transmitters that are irremovably
fastened to the ankles of some criminals in this country so that the
authorities can monitor their compliance with the rules of house arrest.

The word "communication" is meant to include car traffic etc.  The word
"billion" is given in its US meaning: a thousand million.

The risks?  Apart from the risks of having very complex systems
automatically determine how much you have to pay, there are the usual
privacy considerations. Some cry out "big brother".  Others say you are
already in this situation if you carry a cellular phone.

Feliks Kluzniak,  Carlstedt Research & Technology, Gothenburg

	[ Cellular phone privacy issues aside, the last time I checked,
	  there were no laws requiring persons to carry cellular phones, or
	  to leave them activated as they travel from location to location.
	  The proposed vehicle tracking system would certainly fall into a
	  completely different category of privacy problems.



Date:    Mon, 10 Feb 1997 02:25:11 -0500
From:    Monty Solomon <monty@roscom.COM>
Subject: Maryland Motor Vehicles Department Sells Privacy Down the River

Excerpt from ACLU News 02-06-97

Maryland Motor Vehicles Department Sells Privacy Down the River

BALTIMORE -- The practice of selling personal information by the Maryland
Motor Vehicles Administration has raised lots of money as well as privacy
concerns, the Washington Times reports.

Over the past two years, MVA has grossed $5.7 million dollars by selling
people's driver's license records to independent companies. Baltimore's MVA
sells records either in bulk, giving 10,000 records for $500, or individually
at $5 a piece.

Bankers, retailers, private investigators and insurance companies have all
been known to purchase thousands of records from MVA and use the lists for
subscription programs through mail solicitation.

The amount of money that MVA raises is relatively small, and not a
"compelling" justification for violating people's privacy rights, said Susan
Goering, the executive director of the American Civil Liberties Union in

"It's bad enought that private concerns are [selling records], but to have
the government making use of our personal information is outrageous," Goering
said. "I think the role of government is to protect people from the invasions
of privacy that already exist."

Until now, the choice about the distribution of one's information has
existed, but not been publicized in Maryland. Out of the 3 million people
that have drivers' licenses, only 6,018 have made that choice since 1985.

"It's bad enough that privacy concerns are compromised by this practice, but
the fact that people aren't informed about the option of sealing their
records is even worse," Goering said.


Date: Thu, 30 Jan 1997 12:59:35 -0800
From: John van Heteren <vanhet@sirius.com>
Subject: Berkeley Student Takes 3.5 Hours to Crack RSA 40-bit Key

   [ From TELECOM Digest; Volume 17 : Issue 26  -- MODERATOR ]

      Thought you'd be interested in the following article that I found at:

      John van Heteren

Berkeley -- It took UC Berkeley graduate student Ian Goldberg only three
and a half hours to crack the most secure level of encryption that the
federal government allows U.S. companies to export. 

Yesterday (1/28) RSA Data Security Inc. challenged the world to decipher
a message encrypted with its RC5 symmetric stream cipher, using a 40-bit
key, the longest keysize allowed for export. RSA offered a $1,000
reward, designed to stimulate research and practical experience with the
security of today's codes.

Goldberg succeeded a mere 3 1/2 hours after the contest began, which
provides very strong evidence that 40-bit ciphers are totally unsuitable
for practical security.

"This is the final proof of what we've known for years: 40-bit
encryption technology is obsolete," Goldberg said.

RSA's RC5 cipher can however be used with longer keysizes, ranging from
40 to 2,048 bits, to provide increasing levels of security.

U.S. export restrictions have limited the deployment of technology that
could greatly strengthen security on the Internet, often affecting both
foreign and domestic users, Goldberg said.

"We know how to build strong encryption; the government just won't let
us deploy it. We need strong encryption to uphold privacy, maintain
security, and support commerce on the Internet -- these export
restrictions on cryptography must be lifted, " he said.

Fittingly, when Goldberg finally unscrambled the challenge message, it
read: "This is why you should use a longer key."

The number of bits in a cipher is an indication of the maximum level of
security the cipher can provide, Goldberg said. Each additional bit
doubles the potential security level of the cipher. A recent panel of
experts recommended using 90-bit ciphers, and 128-bit ciphers are
commonly used throughout the world, but U.S. government regulations
restrict exportable U.S. products to a mere 40 bits.

Goldberg used UC Berkeley's Network of Workstations (NOW) to harness the
computational resources of about 250 idle machines. This allowed him to
test 100 billion possible "keys" per hour -- analogous to safecracking
by trying every possible combination at high speed. This amount of
computing power is available with little overhead cost to students and
employees at many large educational institutions and corporations.

Goldberg is a founding member of the ISAAC computer security research
group at UC Berkeley, which is led by assistant professor of computer
science Eric Brewer. In the fall of 1995 the ISAAC group made headlines
by revealing a major security flaw in Netscape's web browser.


End of PRIVACY Forum Digest 06.03

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH