|
The following document is from the PRIVACY Forum Archive at Vortex Technology, Woodland Hills, California, U.S.A. For direct web access to the PRIVACY Forum and PRIVACY Forum Radio, including detailed information, archives, keyword searching, and related facilities, please visit the PRIVACY Forum via the web URL: http://www.vortex.com ----------------------------------------------------------------------- PRIVACY Forum Digest Thursday, 20 November 1997 Volume 06 : Issue 16 Moderated by Lauren Weinstein (lauren@vortex.com) Vortex Technology, Woodland Hills, CA, U.S.A. http://www.vortex.com ===== PRIVACY FORUM ===== ------------------------------------------------------------------- The PRIVACY Forum is supported in part by the ACM (Association for Computing) Committee on Computers and Public Policy, "internetMCI" (a service of the Data Services Division of MCI Telecommunications Corporation), Cisco Systems, Inc., and Telos Systems. - - - These organizations do not operate or control the PRIVACY Forum in any manner, and their support does not imply agreement on their part with nor responsibility for any materials posted on or related to the PRIVACY Forum. ------------------------------------------------------------------- CONTENTS The ATM Debit Card Switcheroo (Lauren Weinstein; PRIVACY Forum Moderator) New gadget at Mobil stations, automatic ID? (Mike Gardiner) The Hazards of Humour... (Robert Taylor) PROFS: Court Decision 10/22/97 (Eddie Becker) "Son of CDA" Ignores Supreme Court Ruling, ACLU Says (Emily Whitfield) Technology and Privacy: The New Landscape (Phil Agre) *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The Internet PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. All submissions should be addressed to "privacy@vortex.com" and must have RELEVANT "Subject:" lines; submissions without appropriate and relevant "Subject:" lines may be ignored. Excessive "signatures" on submissions are subject to editing. Subscriptions are by an automatic list handling system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@vortex.com". Mailing list problems should be reported to "list-maint@vortex.com". All messages included in this digest represent the views of their individual authors and all messages submitted must be appropriate to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "ftp.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the list handling system. Please follow the instructions above for getting the "help" information, which includes details regarding the "index" and "get" commands, which are used to access the PRIVACY Forum archive via the list handling system. All PRIVACY Forum materials are available through the Internet Gopher system via a gopher server on site "gopher.vortex.com". Access to PRIVACY Forum materials is also available through the Internet World Wide Web (WWW) via the Vortex Technology WWW server at the URL: "http://www.vortex.com"; full keyword searching of all PRIVACY Forum files is available via WWW access. ----------------------------------------------------------------------------- VOLUME 06, ISSUE 16 Quote for the day: "They're here already! You're next!" -- Dr. Miles J. Binnell (Kevin McCarthy) "Invasion of the Body Snatchers" (Allied Artists; 1956) ---------------------------------------------------------------------- Date: Thu, 20 Nov 97 19:46 PST From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: The ATM Debit Card Switcheroo Greetings. Longtime readers of this digest know that I have rather mixed feelings about massive Wells Fargo Bank when it comes to security and privacy issues. When they were among the first to institute user-selected passcodes to control telephone access to accounts, I publicly applauded. On the other hand, I've condemned their moves to terminate neighborhood bank branches in favor of noisy, crowded, and privacy-unfriendly "supermarket branches". So it's been a mixed bag. Unfortunately, that bag just got substantially more moldy. Wells is in the process at this time of the unsolicited replacing of apparently millions of current ATM cards with what they call "ATM and Check Cards". What these really are is combined ATM and *debit* cards (apparently Wells doesn't like using the word "debit"--it doesn't appear anywhere in the literature that accompanies the cards). These cards, which are branded with the MC credit card logo, replace customers' current ATM cards, which customers are informed will "expire shortly". Customers need to call a toll-free number from their home phone (obviously for ANI phone number verification--which essentially is a non-blockable caller-ID) to activate their new cards. Also buried in the pile of material accompanying the card, is a number to call if for some reason the customer would prefer to keep using their old non-debit ATM card instead. (This second number is actually just the normal Wells toll-free customer service number--you need to work your way to an operator to "cancel" the new card.) Wells Fargo customers (and customers of other banks) might well want to consider refusing these sorts of debit cards--or making sure you never use them except in an ATM. While the card seems to add convenience at first glance, in reality it is a big step *backwards* toward PIN-less access by others to your money, with a range of potential problems--it could actually be more dangerous than a conventional credit card! A debit card of the kind Wells is distributing is used like a credit card. Anywhere a MC would be accepted, the new card can be used. The banks promote this as a major value of the card (along with some credit-card like "purchase protection" programs). But just like with a real credit card, no PIN is needed for purchases, only a signature. And not even the signature is required for telephone purchases, again, just like a conventional credit card. But unlike credit cards, the debit card doesn't result in a bill mailed to you later, rather, it draws money immediately from your checking account. Banks love this--it's like instant money with no float (the merchant pays the same percentage for accepting the debit card as he or she would for a normal credit card purchase). But with a "real" credit card, you have a chance to go over your bill and search for erroneous purchases *before* paying. Sure, it's a hassle if someone uses your credit card number for unauthorized purchases, but a debit card usable without a PIN opens up a whole new dimension. The problem of course is that since the debit card draws immediately from your checking account, without the protection of a PIN, anyone who has ever seen your debit card, and has the number and expiration date, could use it for purchases which will immediately draw down your checking account. When you get your monthly checking statement, these purchases will be itemized--but the money has *already* long since been pulled from your checking account by the time you get the statement. Folks who check their account status online every day will be in better shape, but most people don't do this and shouldn't need to. Having your checking account suddenly go dropping down toward zero has an important side-effect. The legitimate checks you've written can start merrily bouncing, unless you're fortunate enough to have plenty of money in an associated "overdraft" account of some sort. Wells suggests that there are protections built into their debit card system. You're not responsible for purchases made by unauthorized parties if you notify Wells what's going on. That's well and good, but hardly compensates for the hassle of bounced checks with potentially numerous entities that can result from misuse of your debit card numbers. Wells also points out that there is a daily limit on debit card activity. This is true, but as far as I can tell that limit has no obvious relationship to the amount of money in the checking account. In cases I've seen myself, the assigned daily limit was up to 10 times the average account balance! PIN-less access of this sort to checking accounts is full of problems. The account can be accessed without a physical check, without a PIN, and without your immediate knowledge. For anyone who has "real" credit cards, ones which bill and are paid conventionally, there seems to be little benefit (for the customer!) to a debit card of this sort, at least compared with the negatives and potential hassles that could result. Even persons without real credit cards might wish to think long and hard about the wisdom of using a card that could so easily result in their checking account being drained and their checks being bounced. The irony of all this is that at a time when what we really need is some form of PIN protection on conventional credit cards, the introduction (especially unsolicited) of a PIN-less financial instrument of this sort can only be viewed as a very bad idea. The losses that are certain to accrue will no doubt be handled like the untold millions in credit card losses each year, via higher costs and bank fees for merchants and other customers alike. --Lauren-- Lauren Weinstein Moderator, PRIVACY Forum http://www.vortex.com ------------------------------ Date: Wed, 12 Nov 1997 23:39:55 -0500 (EST) From: Mike Gardiner <mwg@mail.msen.com> Subject: New gadget at Mobil stations, automatic ID? I stopped at a Mobil station the other day, and noticed a new assembly bolted to the pumps. Being a gadget-type, I asked the cashier what the new gear was for. I suppose by now I should learn to assume stupidity on the part of new technology, but I was still surprised and unsettled by the answer I got. The new gear is an antenna assembly that interacts with a small transmitter that you carry in your car, they recommend that you stick it to your dash with velcro. When you pull up to the pump, it reads your transmitter (transponder?) and by the time you get out of the car to pump gas, all the approvals have been done, you just select your gas grade and go. The pump is active while you are there, and goes inactive when you pull away. You gas is charged to the credit card you selected when you applied for the transmitter. The cashier couldn't understand why I thought this was frightening. My avoidance of credit cards and their Speedpass device (a small plastic tube that you wave past a sensor on the pump, proximity-card style, which also charges a credit card selected at signup time) was likewise a mystery. The question I got was "what could anyone do with that information?" Beyond my standard "You'd be amazed." I didn't even try to explain it. I have taken to avoiding credit cards for gas unless I am tapped out of cash precisely because of the neat little travelog it leaves on your bill, and I'm making a point of using a small group of ATMs to avoid the same effect on my bank statements. Aside from the privacy implications, if you forget about the transmitter when your car is stolen, you could get an incredible shock the following month when your credit card bill arrives in a crate, if your provider does not have fraud-spotting software (which is a whole 'nother can of worms) to limit the damage. A high credit limit in such a situation could be real nasty. Then there's what low-tolerance fraud-spotting software could do to an out-of-pattern road trip. Depending on the range and directionality of the transmitter, a sufficiently unscrupulous techie might be able to set up a personal spotting point to trigger the transmitters when cars pass by. Want to find someones car? Buzz the lot with a tranceiver and wait for your victims' gas pass to trigger, then you only have to look at a few cars to find it. I can see cars getting smashed windsheilds just for the gas pass. Stick it in your pocket and you could fuel several cars in a few hours. This is quite an opposite to their Go card, essentially a limited purpose cash card that I get when they have them. The cards are handy when I am in a hurry or the weather is rotten, and they preserve privacy in that I introduce the registration card to Mr. Shredder, so that the only useful information that can be found is the station that sold them, and I'm not sure about that. Drawback: the card is like cash in that if stolen, remaining value goes with it. The gas version of the pre-paid phone card, except that the value spends at actual cost of materials purchased. The fact that registration is not forced may be why the cards are not presently on sale. The real sad thing is, I expect this to become very popular, in the grand tradition the public grabbing any small convenience without considering the price to be paid. I'll stick to cash and equivalents, thanks. ------------------------------ Date: Mon, 03 Nov 1997 08:43:48 -0800 From: Robert Taylor <rtaylor@vanhosp.bc.ca> Subject: The Hazards of Humour... A cautionary tale... Every week, I receive a number of humourous emails from many friends and associates. These range from jokes you could tell at the family table to some which are extremely rude. The best of these I pass along to my own distribution list, which comprises friends both inside and outside my organization. I recently received a phone call from a friend who is on this list. It seems that he received from me some politically incorrect humour, which he found most hilarious. He distributed it on to some folks in his office, people he thought were of like mind. Some days later, he received a call from his human resources department, and was called in to see the director. His union representative was also there. He was told that one of the recipients (unidentified) had complained about the content of the email, and that this constituted sexual harassment. He had to email everyone in the office to whom he had sent on the material, apologise for it, and promise never to do it again. He also has an official letter of reprimand in his file, which will stay there for 18 months. Since he forwarded it on directly, the message header identified me (my email address) as the source of the material. In this same meeting, the human resources director said that he was considering contacting MY human resources department and issuing a complaint against me. The union representative suggested that it would be inappropriate to extend the action outside of the corporation, so it has (apparently) been dropped. When I pass any sort of internet humour along, I always cut and paste it into a new email window, which strips all source headers from the message. I also sent an email to people on my distribution list pointing out that some of the material I forwarded could be considered improper, and asking them to email me to confirm that they still wanted to receive it. I have kept copies of the confirmations. So far, there have been no further complaints. Robert Taylor Senior Support Analyst Vancouver General Hospital ------------------------------ Date: Fri, 24 Oct 1997 01:39:06 -0400 (EDT) From: Eddie Becker <ebecker@cni.org> Subject: PROFS: Court Decision 10/22/97 Public Citizen Press Release 10/23/97 For immediate release: Contact: Michael Tankersley (202) 588-7728 October 22, 1997 Brian Dooley (202) 588 7703 FEDERAL COURT RULES AGENCIES CANNOT ROUTINELY DESTROY ELECTRONIC RECORDS National Archivist Criticized for not Preserving Valuable Records Washington, D.C. -- Researchers won a major victory today when U.S. District Judge Paul L. Friedman of the District of Columbia ruled the Archivist of the United States was wrong to allow federal agencies to routinely destroy the electronic versions of word processing and electronic mail records. The ruling came in a suit initiated by Public Citizen and other plaintiffs in December, 1996, challenging the National Archives "General Records Schedule 20." Archivist John Carlin's General Record Schedule 20 gave blanket approval for all federal agencies to destroy all types of electronic mail and word processing records if paper copies exist, without any review of the value of the electronic records. In December 1996, the Archivist and the Executive Office of the President asserted that this Schedule authorized the wholesale destruction of thousands of electronic mail and word processing documents created on computers of the Office of the United States Trade Representative and other agencies. Michael Tankersley, an attorney with Public Citizen Litigation Group and the lead counsel for the plaintiffs, welcomed today's ruling: "This decision thwarts the Archivist's effort to abdicate his responsibility to distinguish between electronic records that are valuable and those that are not, and will help insure that the historically valuable electronic records are preserved." In today's decision, Judge Friedman held that General Records Schedule 20, which has "a potential impact on every computer used by the federal government," is null and void because the Archivist abdicated his statutory responsibility when he adopted such a sweeping schedule. The Archivist's claim that he had the authority to approve the wholesale destruction of all types of electronic records, regardless of their content or purpose, was "irrational on its face" and inconsistent with the Archivist's responsibility "to insure the protection and preservation of valuable government records," Judge Friedman stated. Judge Friedman declared that electronic records often have "unique and valuable features not found in paper print-outs of the records," and the Archivist had breached his statutory duty by giving agencies "carte blanche to destroy" such records without considering their administrative, legal, research and other value. Judge Friedman found that the Archivist's decision to adopt a General Schedule that not only covered agencies' housekeeping or administrative records, but also allowed the destruction of program records concerning each agency's unique mission, was unprecedented and improper. Plaintiffs in the suit are Public Citizen, the American Historical Association, the Organization of American Historians, the National Security Archive, the American Libraries Association, the Center for National Security Studies, journalist Scott Armstrong, and researcher Eddie Becker. The defendants are Archivist of the United States John Carlin, the Executive Office of the President, the Office of Administration and United States Trade Representative. # # # Michael Tankersley Public Citizen Litigation Group 1600 20th Street, NW Washington, DC 20009 tankers@citizen.org ------------------------------ Date: Thu, 13 Nov 1997 14:40:23 -0500 (EST) From: Emilyaclu@aol.com Subject: "Son of CDA" Ignores Supreme Court Ruling, ACLU Says ACLU Says New Internet Censorship Statute Ignores Landmark Supreme Court Ruling FOR IMMEDIATE RELEASE: Thursday, November 13, 1997 Contact: Emily Whitfield, (212) 549-2566 WASHINGTON--New legislation aimed at banning online material deemed "harmful to minors" would run roughshod over the landmark Supreme Court decision affirming free speech on the Internet, the American Civil Liberties Union said today. The ACLU, which led the successful battle to defeat the unconstitutional Communications Decency Act (CDA), said S. 1482, like the CDA, would restrict adults from accessing constitutionally protected speech. The bill was introduced earlier this week by Sen. Dan Coats, R-IN, an original sponsor of the ill-fated CDA. Under the statute, commercial online distributors of material deemed "harmful to minors" could be punished with up to six months in jail and a $50,000 fine. The definition could include the virtual bookstore amazon.com or a promotional site for a Hollywood movie, as well as Internet Service Providers (ISPs) such as Microsoft and America Online, the ACLU said. And unlike the CDA, the statute applies only to web sites, not to chat rooms, e-mail or news groups. "By claiming that the bill addresses only web sites involved in commercial distribution, Senator Coats says he is ^Qhunting with a rifle,' but in fact, he has lobbed another virtual grenade into the heart of the Internet" said Ann Beeson, an ACLU National Staff Attorney and member of the legal team that defeated the CDA. Any business merely displaying material without first requiring a credit card or other proof of age could be found liable under the statute, which criminalizes commercial distribution of words or images that could be deemed "harmful to minors," even if no actual sale is involved, Beeson said. "This is the equivalent of having to pay a fee every time you want to browse in the bookstore or watch a trailer for an R-rated movie," Beeson said. "As the Supreme Court noted in its landmark decision, requiring a credit card or other age verification would impose a severe financial and logistical burden, even on commercial websites." The ACLU said there were serious constitutional problems as well with the bill's definition of "harmful to minors." In addition to using a vague definition of what constitutes "harmful material," the bill does not make any distinction between material that may be harmful to a six-year-old but valuable for a 16-year-old, such as safer-sex information, said Chris Hansen, an ACLU Senior Staff Attorney and member of the Reno v. ACLU legal team. Further, Hansen pointed out, unlike other "harmful to minors" statutes that have been upheld in the courts, the bill does not define whose community standard will be used to determine what material is harmful. "Invariably, those who decide what is harmful to a minor are going to be the least tolerant members of a given community -- such as the group in Oklahoma who sought to remove the award-winning film ^QThe Tin Drum' from local libraries and video stores," Hansen said. The Supreme Court's landmark decision striking down the CDA was issued on June 26 of this year, 16 months after the law was enacted and the ACLU filed its challenge. In a ringing affirmation of online free speech, the Court said that ^Qthe interest in encouraging freedom of expression in a democratic society outweighs any theoretical but unproven benefit of censorship.' "While we rejoiced in the Supreme Court's decision last June, we knew that the battle was not yet over," said Solange Bitol, legislative counsel on First Amendment issues for the ACLU's Washington National Office. "When Congress returns to session in the New Year, we will be ready for Round Two in the battle to protect our free speech rights." ------------------------------ Date: Thu, 6 Nov 1997 07:58:36 -0800 (PST) From: Phil Agre <pagre@weber.ucsd.edu> Subject: Technology and Privacy: The New Landscape Technology and Privacy: The New Landscape edited by Philip E. Agre, University of California, San Diego Marc Rotenberg, Electronic Privacy Information Center MIT Press, 1997 Hardcover ISBN: 0-262-01162-X $25.00 Available through the EPIC Bookstore: http://www.epic.org/bookstore/ Excerpts from the introduction can be found at: http://communication.ucsd.edu/pagre/landscape.html MIT Press Web site: http://mitpress.mit.edu/ --- Privacy is the capacity to negotiate social relationships by controlling access to personal information. As laws, policies, and technological design increasingly structure people's relationships with social institutions, individual privacy faces new threats and new opportunities. Over the last several years, the realm of technology and privacy has been transformed, creating a landscape that is both dangerous and encouraging. Significant changes include large increases in communications bandwidths; the widespread adoption of computer networking and public-key cryptography; mathematical innovations that promise a vast family of protocols for protecting identity in complex transactions; new digital media that support a wide range of social relationships; a new generation of technologically sophisticated privacy activists; a massive body of practical experience in the development and application of data-protection laws; and the rapid globalization of manufacturing, culture, and policy making. The essays in this book provide a new conceptual framework for the analysis and debate of privacy policy and for the design and development of information systems. The authors are international experts in the technical, economic, and political aspects of privacy; the book's strength is its synthesis of the three. The book provides equally strong analyses of privacy issues in the United States, Canada, and Europe. ------------------------------ End of PRIVACY Forum Digest 06.16 ************************