TUCoPS :: Privacy :: priv_608.txt

Privacy Digest 6.08 6/12/97

PRIVACY Forum Digest      Thursday, 12 June 1997      Volume 06 : Issue 08

            Moderated by Lauren Weinstein (lauren@vortex.com)         
              Vortex Technology, Woodland Hills, CA, U.S.A.
                       ===== PRIVACY FORUM =====              

                 The PRIVACY Forum is supported in part by
                    the ACM (Association for Computing)     
	         Committee on Computers and Public Policy,      
          "internetMCI" (a service of the Data Services Division         
      of MCI Telecommunications Corporation), and Cisco Systems, Inc.
                                 - - -
             These organizations do not operate or control the     
          PRIVACY Forum in any manner, and their support does not
           imply agreement on their part with nor responsibility   
        for any materials posted on or related to the PRIVACY Forum.

    	      * PRIVACY Forum Five Year Anniversary Issue *

	Texas Drivers in the Privacy Pothole 
	   (Lauren Weinstein; PRIVACY Forum Moderator)
	Big Brother Under the Hood?
 	   (Lauren Weinstein; PRIVACY Forum Moderator)
	FTC Hearings Spur "Coincidental" Interest in Privacy
 	   (Lauren Weinstein; PRIVACY Forum Moderator)
	Hygiene Guard (Phil Agre)
	Government Database Access Now Issue in Japan (James Love)
	Wells Fargo & privacy: selling CC usage (Dan Ellis)
	Survey says "Censor! (Brock N. Meeks)
	Maine Bill Seeks to Limit Social Security Number Access
	   (Monty Solomon)

 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are by an automatic "listserv" system; for
subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to

All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the listserv system.  Please follow the instructions above
for getting the listserv "help" information, which includes details
regarding the "index" and "get" listserv commands, which are used to access
the PRIVACY Forum archive.  

All PRIVACY Forum materials are available through the Internet Gopher system
via a gopher server on site "gopher.vortex.com".  Access to PRIVACY Forum
materials is also available through the Internet World Wide Web (WWW) via
the Vortex Technology WWW server at the URL: "http://www.vortex.com";
full keyword searching of all PRIVACY Forum files is available via
WWW access.


   Quote for the day:

	"I don't do requests."

		-- Ben Richards (Arnold Schwarzenegger)
		   "The Running Man" (TriStar; 1987)


Date:    Wed, 11 Jun 97 14:39 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Texas Drivers in the Privacy Pothole

Greetings.  In yet another example of "public record" data running
amok, drivers in Texas will no doubt be pleased to learn that their names,
addresses, birthdays, license plate numbers, and a variety of other
data, are now publicly available on the Internet.  And of course,
broad searching capabilities based on a variety of criteria are included!

No longer need the potential thief follow that luxury vehicle all the way
back to a residence.  No need for the sickie who harasses young women to
follow his next lovely target all the way home.  And that guy you accidently
cut off on the freeway?  He may not have bothered you at the time, but he
can come by to "visit" you later, perhaps in the middle of the night while
you're sleeping.  Use your imagination for more interesting scenarios.  Yes,
thanks to database lookups, all of these folks could apparently just copy
down your license number, then look up the address and other info at their
leisure.  Now, that's progress!

It's not clear who bears the most blame regarding the availability of this
data: the state of Texas, for considering this information to be public
record, or Public Link Corp. of Dallas (www.publiclink.com), for putting it
on the net as a "public service" (with more to come, we're promised).

While theoretically Public Link restricts access to this database to persons
with a Texas driver's license (a license number is needed to establish an
access "account"), procedures for reading the information directly via web
URLs, bypassing the login procedures, have already been widely disseminated
around the net, along with suggested "famous Texans" for lookup.  And of
course, account information for accessing the database via normal
login is also circulating widely.

When public record data just sat on index cards in the back room of the
Hooterville courthouse, it represented a minimal threat to personal
privacy.  But as municipalities now try to convert their databases
into profit centers, that same data is becoming one of the most potent
threats to individual privacy, and in some cases personal safety as well.

Moderator, PRIVACY Forum


Date:    Wed, 11 Jun 97 14:50 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Big Brother Under the Hood?

It appears that we may now be poised on the brink of yet another automotive
privacy pit.  We've seen comments in the past about the range of privacy
problems related to many automated toll collection systems, and about
"traffic control" cameras that seem to spend an awful lot of their time
pointed at other than traffic.  But now come calls for airline-style "black
boxes" to be installed in new cars, ostensibly in conjunction with airbags
for "deployment data collection".  

The idea is to gather information on vehicle speeds and "other parameters"
at time of impact, to better assess airbag effectiveness and problems.
Those other parameters would apparently include data such as vehicle
speed, whether or not occupants were wearing seatbelts, and so on.  It
doesn't take a great deal of imagination to visualize the next step in this
particular technological chain, since there appear to be no legal
restrictions on how data collected by such systems might be used.  Will we
next be faced with automatic reporting of vehicle speeds to roadside
transponders?  Or systems that automatically record "unsafe" driving
practices for later readout and action?  

Few persons are aware that some cars on the road *already* include
systems that record some of these very parameters.  In fact, a current
lawsuit involves an accident where the driver claims she was
wearing a seatbelt at the time, but the car's black box is calling
her a liar.

Regardless of how one feels about promoting safer driving, do we really
want to head down this particular road?  If it works in the car, how
about in the workplace?  Or at home?  As the old proverb says,
the road to Hell may indeed be paved with good intentions, especially
in this arena.

Moderator, PRIVACY Forum


Date:    Wed, 11 Jun 97 15:04 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: FTC Hearings Spur "Coincidental" Interest in Privacy

OK, call me skeptical if you want.  But do you find it just a wee bit
suspicious that as Federal Trade Commission hearings on privacy issues get
underway, we're treated to a flurry of press releases from organizations
suddenly pledging their dedicated concern to individual privacy issues?
First it was our old friend Lexus-Nexus, along with a number of their fellow
information database service providers (not all of them, of course!).  Now
it's arch-rivals Netscape and Microsoft, promising nifty new software to
allow web users to "control" how their personal information is gathered and
used (only applicable amongst participating sites, one must assume). 

Could it be that these formidable enterprises are concerned that maybe,
perhaps, finally, we're on the verge of taking the first baby steps towards
establishing in law individual rights to control personal information?  So
suddenly they all come rushing out with their "the industry can police
itself" arguments and pleadings, as if the entire "industry" were all one big
happy family who all voluntarily followed the same rules for the public good?

Almost any industry moves to improve the abominable situation regarding
personal information abuse would be welcomed.  But they cannot by any
stretch of the imagination be considered to be a substitute for legislative
actions to establish uniform standards, in federal law, that would give
individuals reasonable rights to control the information they provide in the
course of business and other transactions.  It would be dead wrong to let
industry pronouncements sidetrack or otherwise derail these hearings,
studies, and particularly legislative efforts, which are crucial to helping
assure that the early 21st century doesn't become a 20-year delayed version
of "1984".

Moderator, PRIVACY Forum


Date:    Wed, 21 May 1997 07:39:12 -0700 (PDT)
From:    Phil Agre <pagre@weber.ucsd.edu>
Subject: Hygiene Guard

I'm not sure whether to report this one to Privacy Forum or Dave Barry.
The 5/20/97 Wall Street Journal (page B1) brings news of a new product
called Hygiene Guard.  The article describes it like so:

  Employees wear a credit-card size badge.  When entering the bathroom,
  a device mounted on the ceiling sends a signal to the badge and it
  begins to blink.  To stop the blinking, the employee must pump the
  soap dispenser, which is wired with sensors, and then stand in front
  of the sink for at least 15 seconds.  ...

  NetTech acknowledges there's no way the system can tell whether actual
  washing occurs -- or even whether the water is on or soap is in the
  dispenser.  As long as the sequence is completed, the badge is cleared.
  If not, an infraction is logged in a central computer.

  The system also tips bosses to miscreants who don't enter the lavatory
  all day, or who use it too much.

Although it's hard to take this system very seriously, it is only one
of a vast number of systems being developed to track human behavior.  We
usually think of tracking as something very centralized, since it calls
to mind metaphors of the secret police.  I think it's more accurate to see
tracking technologies as species that are adapted to a huge diversity of
niches in the ecosystem of technology, architecture, and power relations.
A machine that tracks how often someone is using the bathroom is no joke
in a world where people are quite routinely compelled to defile themselves
on assembly lines because the management won't let them go to the bathroom
for another three hours.

Phil Agre

		[ It certainly could be argued that if systems such
		  as the one described were in widespread use, 
		  restroom privacy would be all washed up.



Date: Fri, 30 May 1997 13:36:44 -0400 (EDT)
From: James Love <love@tap.org>
Subject: Government Database Access Now Issue in Japan 

Last August, Kazuaki Okabe invited me to visit several cities in Japan, to
discuss citizen efforts to obtain access to government databases.  This is
Okabe's report of the new citizens movement to obtain access to government
databases in Japan.  

    James Love  <love@cptech.org> | http://www.cptech.org

---------- Forwarded message ----------
Date: Mon, 26 May 1997 05:34:49 -0400 (EDT)
From: Kazuaki Okabe <kokabe@igc.apc.org>
To: Multiple recipients of list <japan-us-foi@essential.org>
Subject: Government Database Access Now Issue in Japan

"Why do we have to pay 450,000yen ($4,000) for a directory of high
ranking government officials?" the argument started. Someone in the
mailing list found the outrageous price for a CD-ROM containing
addresses and phone numbers of officials in national, prefectural, and
local governments in Japan. It is published by not a private company,
but Ministry of Finance's Government Printing Office.

"Outrageous!" "Unbelievable!" others shouted. Some others introduced
that a CD-ROM of more than 50 volumes of United States Code is only
$37. Some say, "taxpayers are ripped of by our government!"  Other
proposes, "we should let the U.S. government produce our government's

These are some of the discussions going on in the recently established
Environmental Policy Change Mailing Lists (e-forum). Created by a
militant think-tank researcher Teiichi Aoyama, the Lists organizes
powerful discussion and communication among civic activists,
environmental consultants, researchers, journalists, and concerned
government officials.

While the main focus is on environmental issues, another strong focus
is access to the government information, which is crucial for any
serious discussion of public participation in government processes.

In the discussion lists, we found:

1) Many of the government's white paper CD-ROMs are 10,000yen ($83) each.

2) A CD-ROM for securities and company reports filed with Ministry of
Finance is whopping 776,699yen ($6,500). (In Japan where there is no
independent Security Exchange Commission, security and company reports
are submitted to the Finance Ministry. In the U.S. such data is
provided for free over the Internet from EDGAR database.)

3) Subscription to satellite weather information is 1,000,000yen/month
($8,300) for binary data and 20,000yen/month ($167) for text data. The
original source of its information is the government's Meteorological
Agency but distributed by private agency Kishocho Shien Center.

4) The text of all Japanese laws costs 100,000yen ($830) in magnetic
tape, more if you use it for home page or printed form. The equivalent
U.S. Code is free on the Internet and $37 in CD-ROM format.

5) The Database for Congressional minutes (equivalent of U.S.'s
Congressional Record) is only available to government agencies, not
even to Congressional representatives.

When James Love of Nader group Consumer Project on Technology came to
Japan last summer to share his experiences of government databases
access campaign in the United States, the response of the Japanese
audience was more or less "the Japanese government uses only paper."
Many of us thought the government database issue is far away in the
future. We heard Love's message as preparation for the future.

But now we found out that the issue is right here now. The issue did
not exist last year because very few know the government had databases.

Recently Mr. Haga of Shintoku, Hokkaido, joined the Lists. He
successfully made  his town council put its meeting minutes on the
town's home page. This is the first case of online public access to any
legislative record in Japan.

People in the Lists are planning to have an open forum with government
officials to discuss public access to the legislative record.

In order to join the e-forum lists, send email to Aoyama at:
You and your computer have to read two-bytes code Japanese characters.


Aki Okabe
4640 California St., San Francisco, CA94118, USA
Phone: 415-387-6253, Fax: 415-379-9815
Internet: kokabe@igc.apc.org
          ZZS64943@biglobe.ne.jp (Japanese characters acceptable)


Date:    Mon, 19 May 1997 10:41:25 PDT
From:    "Dan Ellis" <dpwe@ICSI.Berkeley.EDU>
Subject: Wells Fargo & privacy: selling CC usage

This issue is orthogonal to the problems of supermarket banking raised by 
Lauren, but while we're knocking Wells Fargo..

I have a credit card attached to my Wells Fargo bank account.  I greatly 
appreciate the ability to check the balance over the Web, which is well 
implemented IMO. In fact, it's about the only reason I've kept the account 
open after getting a little "Notice of new terms" flyer in with my bill a 
few months ago.  9 pages of six-point type, most of the changes were a 
revised arbitration mechanism and new interest rates, but an item on the 
last page under "CREDIT INFORMATION" caught my eye:  Where previously I had 
agreed only to let the bank offer me services based on the account 
information, the revised agreement read:

"You agree that the Bank may provide your name, address and other 
 information about you to its affiliates or to third parties to provide 
 services relating to your account or to offer other products and 

I shouldn't be shocked that Wells Fargo is thinking about selling my buying 
patterns as a new income stream, but I was displeased, and also fascinated 
that this was a new development - something they had thought too brazen or 
too inappropriate to write into the original contract.  I wrote to them to 
object, but my letter has been ignored...

Anybody know a good credit card company with online balance access that is 
sympathetic to its customers' desires for privacy?

  Dan Ellis.

		[ Wells Fargo says that they do maintain a list of persons
		  who do not wish to have this information provided to third
		  parties.  You need to call their customer service number
		  and explicitly ask to be added.  The default (no surprise)
		  is indeed to release the information.


Date: Thu, 15 May 1997 14:16:47 -0700 (PDT)
From: "Brock N. Meeks" <brock@well.com>
Subject: Survey says "Censor!"

RADNOR, Pa., May 13 /PRNewswire/ -- Despite the fact that 29 percent, or
nearly one-third, of all Americans access the Internet, 4 of 5 say they are
concerned about what can be found, and who might find it, while cruising the
Information Superhighway.

In a recent nationwide telephone survey of a random sample of Americans ages
18 and older conducted by Chilton Research Services, 80 percent of
respondents answered "Yes" when asked, "Do you think that the government
should take steps to control access to pornographic or sexually explicit
material on the Internet to protect children and teens under 18 years of

A significantly higher percentage of women than men favored government
intervention.  More than 88 percent of women invite censorship or some other
action, while 71 percent of men feel such steps are warranted.

Respondents were similarly divided by economic and education levels.  In all
demographic categories a resounding majority wants to limit youngsters'
access to sexually explicit material on the Internet, but some groups feel
more strongly than others.  For instance, among households with incomes below
$35,000 annually, 85 percent want Uncle Sam to step in.  Among respondents
with household incomes above $50,000 the percentage drops to 71 percent.
Similarly, 9 in 10 respondents with a high school diploma or less said the
government should control access, while 7 in 10 who had at least attended
college want such action taken.

In addition to worrying what their children might see on the Internet,
Americans worry about what others might be able to learn about their private
lives.  Better than 5 of every 6 respondents (84 percent) said they are
concerned about unauthorized or illegal access to personal and financial
information through the Internet.  A solid majority (65 percent) of all
respondents said they were "very concerned," while another 19 percent
admitted to being "somewhat concerned."

Fewer than 10 percent of respondents were "not at all concerned."  Those with
less than a high school education and those over 65 years of age expressed
less concern, possibly because these groups are not as likely as others to
use the Internet.

The Chilton EXPRESS telephone omnibus survey was conducted among a sample of
1,000 American men and women ages 18 and older, between April 16 and April
20, 1997.  The margin of error is +/- 3 percent.

Chilton Research Services, an ABC-owned company, was established in 1957. The
company offers full research and consulting services to consumer products
companies, business and industry, telecommunications and media, non-profit
organizations and government agencies.


Date:    Tue, 3 Jun 1997 00:38:52 -0400
From:    Monty Solomon <monty@roscom.COM>
Subject: Maine Bill Seeks to Limit Social Security Number Access

Excerpt from ACLU News 06-01-97

          Maine Bill Seeks to Limit Social Security Number Access

AUGUSTA, Maine -- What's in a Social Security number? Plenty, according to
civil liberty advocates who are now trying to persuade state legislators to
curb access to the nine-digit number by governmental agencies and private

According to a report in the Bangor Daily News, the Social Security number
has become the key identifier used by state and federal governments as well
as credit card companies, banks and credit rating agencies and even hospitals
to link people up with personal information.

Civil liberties groups and privacy advocates fear that increasingly, personal
information is being linked to the Social Security number, giving businesses
and governmental agencies as well as ordinary people access to an alarming
amount of personal histories and information they don't need and shouldn't

The Maine Civil Liberties Union, for example, points to a published report
last year that trade in health information has become a $40 billion-a-year

''Our expectation of privacy simply has been reduced in the last couple of
decades,'' Bill Coogan, president of the MCLU and an associate professor of
political science at the University of Southern Maine, told the News.

One bill facing the Maine Legislature and likely an uphill battle would
prohibit, with few exceptions, businesses and state agencies in Maine from
collecting and storing Social Security numbers, the paper said. The only
exemptions would be instances where Social Security numbers are required by
the federal law and for employers who need to collect the numbers from

Rep. John Vedral III, R-Buxton, a self-described personal privacy advocate
who has sponsored the bill, LD 1524, said he has seen how easily information
is transferred from place to place and worries about its use and misuse.

Vedral told the News that he has been asked and has refused to give his
Social Security number at a car rental agency and at two Maine hospitals, but
still got service, leaving him to wonder just how necessary Social Security
numbers are for the businesses. He was even asked for his Social Security
number to get a courtesy card at the library at USM.


End of PRIVACY Forum Digest 06.08

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH