TUCoPS :: Privacy :: priv_715.txt

Privacy Digest 7.15 9/04/98

The following document is from the PRIVACY Forum Archive at 
Vortex Technology, Woodland Hills, California, U.S.A.

For direct web access to the PRIVACY Forum and PRIVACY Forum Radio,
including detailed information, archives, keyword searching, and 
related facilities, please visit the PRIVACY Forum via the web URL:



PRIVACY Forum Digest      Friday, 4 September 1998      Volume 07 : Issue 15

            Moderated by Lauren Weinstein (lauren@vortex.com)         
              Vortex Technology, Woodland Hills, CA, U.S.A.
                       ===== PRIVACY FORUM =====              

                 The PRIVACY Forum is supported in part by
                    the ACM (Association for Computing)     
	         Committee on Computers and Public Policy,      
          "internetMCI" (a service of the Data Services Division         
                  of MCI Telecommunications Corporation), 
	  	  Cisco Systems, Inc., and Telos Systems.
                                 - - -
             These organizations do not operate or control the     
          PRIVACY Forum in any manner, and their support does not
           imply agreement on their part with nor responsibility   
        for any materials posted on or related to the PRIVACY Forum.

	Followup on Netscape Communicator Privacy Concerns
           (Lauren Weinstein; PRIVACY Forum Moderator)
	Re: Caller ID in the Netherlands (Joseph S. Fulda)
	Freedom of Information UK (Keith Parkins)
	Cookie control on the web (Carlos A. Alvarez)
	Radio scanners (Phil Agre)
	Re: Computer hard disc scanning by HM Customs & Excise
	   (Monty Solomon)
	Privacy Survey References (Roger Clarke)
	Internet Privacy Book (Jeremy L. Hart)

 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are by an automatic "listserv" system; for
subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to

All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the listserv system.  Please follow the instructions above
for getting the listserv "help" information, which includes details
regarding the "index" and "get" listserv commands, which are used to access
the PRIVACY Forum archive.  

All PRIVACY Forum materials are available through the Internet Gopher system
via a gopher server on site "gopher.vortex.com".  Access to PRIVACY Forum
materials is also available through the Internet World Wide Web (WWW) via
the Vortex Technology WWW server at the URL: "http://www.vortex.com";
full keyword searching of all PRIVACY Forum files is available via
WWW access.


   Quote for the day:

	"What we've got here, is failure to communicate."

		-- Captain (Strother Martin)
		   "Cool Hand Luke" (Warner Bros.; 1967)


Date:    Wed, 2 Sep 98 12:18 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: Followup on Netscape Communicator Privacy Concerns

Greetings.  As regular readers of this digest will remember, in the previous
PRIVACY Forum Digest I reported on privacy concerns expressed to me by users
of the Netscape Communicator 4.5 pre-release (PRIVACY Forum Digest V07 #14;
http://www.vortex.com/privacy/priv.07.14).  At that time, I expressed
pleasure with the rapid response I received from Netscape, enabling me to
discuss with them the privacy issues surrounding their new "Smart Browsing"
and "DNS Help" type features.

Unfortunately, since my initial report, the situation has become considerably
more murky.  First, it turned out that the e-mail address the Netscape
managers gave me, for people to use to express opinions or concerns about
these features, turned out to be invalid.  Persons who used this address
reported getting back automatic messages explaining that mail to the address
was not read, and were presented with URL information pointing at various web
pages.  I found this surprising, since I had explicitly asked for an e-mail
address that people could use for these specific issues, and the address I
reported was the one the Netscape managers had assured me was correct.  

Another concern also surfaced within hours of my last report.  It turned out
that the release of Netscape 4.0.6 (not a pre-release, but a "regular"
release) included, without visible fanfare to the user, some of the very
features that had been the center of privacy concerns regarding Netscape
4.5.  In particular, the "Smart Browsing" and "Internet Keyword" features
were included, and *enabled* by default in 4.0.6, which most persons thought
was just an upgrade to cure a security problem in 4.0.5.  While it is
possible to turn off these features by digging around in Preferences, users
reported that they couldn't find any help information in the browser, or the
"readme" file, to warn them that such functionality had been added or how to
disable it.  In fact, the first clue most users had of the new features'
existence was when URL entries that used to behave in a known manner instead
started resulting in references to Netscape pages.

It seemed odd that during a long conference call with Netscape about concerns
over 4.5, that nobody there had felt it useful to mention that some of those
same features would be appearing in 4.0.6 within hours.

These problems became known to me within less than a day of the last digest.
I immediately tried to clarify these issues with Netscape.  Unfortunately,
in stark contrast to their original communicativeness, I've been unable to
get useful clarification on these issues.  I have spoken again, several
times, with the Netscape PR person who had been helpful originally, and she
says she's been trying to get answers to my questions and to get the
appropriate manager to call me back.  But so far, those calls have not been
forthcoming, even after numerous attempts.  The PR person did offer me a web
URL that people could use to send notes to Netscape via forms at:


but I explained that an e-mail address provided a much more convenient way
for interested persons to send detailed messages.  Frankly, I don't think
that an e-mail address for people to use for these important privacy issues
should be a complicated matter to arrange.

That's pretty much where it all stands right now.  The PR person has told me
that the original e-mail address they gave me was an oversight, that the
address had worked until recently and the managers apparently weren't aware
of the change.  She also told me that when 4.0.6 was released, a Netscape
press release mentioned the inclusion of the new features that are the main
issues of concern.  She hasn't been able to explain the apparent lack of
online documentation regarding these features at the time of 4.0.6's
release, or the seeming lack of any warnings to users about the fundamental
changes in the ways their URL and other entries would be handled.  She'd
really prefer that I speak to the Netscape managers directly about these
issues, and seems at a loss as to why we can't get answers to these
relatively simple questions.  I agree on both points.

One can't help but get the feeling that Netscape may not be giving these
privacy concerns a high priority.  I hope that's not the case--that instead
this "failure to communicate" is the result of some less crucial
organizational oversight.  But right now, the sound of silence regarding
these matters is not encouraging.  Web browsers are the primary user
interface to the Internet for the vast majority of the world's network
users.  Privacy concerns such as those under discussion are a critical issue
that could make or break people's willingness to use these tools for all
manner of useful applications.  One would expect that Netscape, as a leader
in providing these tools, would enthusiastically promote both public
discussion and feedback regarding these privacy issues.  I still hope they
will choose to do so, and I look forward to hearing from them with
clarification regarding these matters.

I will of course report back when I have more information on this
increasingly complicated privacy saga.

Lauren Weinstein
Moderator, PRIVACY Forum


Date:    Mon, 24 Aug 1998 01:04:10 -0400
From:    Joseph S Fulda <fulda@acm.org>
Subject: Re: Caller ID in the Netherlands

In _Privacy Forum Digest_ Volume 7, Number 14, Daniel van Os tells of
his ease in turning on or off all-call blocking.  All he had to do was
call KPN, the telco in question, and give his number.  He concluded that
but for a follow-up letter sent to one's address of record, this
"apparently means that anyone can enable or disable Caller-ID on any
number."  He adds that "there are other services which ... can be
activated in a similar manner."

I want to point out that telco's, toll-free numbers, and pay lines use
ANI, as readers of this digest know, so the above might not be true.  It
might be possible to turn Caller ID and other services on or off only
*from the phone in question to which one has to have physical access*.

Here in the United States, MBNA America, the credit-card issuing bank
requires much more information of a cardholder before releasing its data
if it is called from any phone other than the one registered as the
cardholder's phone.

Best wishes, Joseph

Joseph S Fulda, CSE, PhD          (212) 927-0662
701 West 177th Street, #21
New York, NY 10033

	[ It is certainly possible that ANI information is being used as an
	  additional authentication step.  However, it's often only a very
	  small bit of additional protection, if any.  As I've learned in
	  discussions with various banks, credit card firms, and others
	  regarding this exact issue, it's common practice to just ignore
	  the ANI information much of the time, to avoid getting into
	  arguments with customers calling from other than the "known" phone
	  numbers.  Sometimes a trivial additional security question will be
	  asked (e.g. your postal/zip code, or mother's maiden name) but
	  often no additional queries at all will be presented.  Automated
	  response systems are often willing to provide a vast amount of
	  data concerning customer accounts, regardless of ANI mismatch,
	  given only an account number and zip code or similar very low
	  security data.

		-- PRIVACY Forum Moderator ]

Date:    Mon, 24 Aug 1998 17:34:09 +0100
From:    Keith Parkins <keith@redkbs.com>
Subject: Freedom of Information UK

Freedom of Information is the other side of the coin to privacy. 
Whilst the citizen desires privacy for themselves they also desire
open access to government information.

In the US there is the presumption in favour of the supply of
information unless just reason can be shown to block access.  In
the UK the presumption is reversed, the information will not be
supplied unless overriding grounds can be found to enable access.

The US has Freedom of Information legislation, the UK does not.

The New Labour government has reneged on its promise to bring in
legislation.  The Minister who was responsible for open
government has been sacked.  The responsibility is now that of
Jack Straw, one of the most reactionary of Home Secretaries and a
strong opponent of civil liberties.

In a parallel development, David Shayler, ex-MI5 agent, has been
arrested in Paris at the request of the British government and is
awaiting extradition to the UK.  Shayler's crime has been to
expose the incompetence and the lack of accountability of MI5. 

These moves are an attempt to silence Shayler.  Shayler was about
to post more revelations on Internet.  Shayler was foolish enough
to give advance notice of his intentions.  The surprise is that
having been on the run for almost a year, Shayler did not make use
of Internet immediately.


	[ The main reason I've included this submission in the digest
	  is to emphasize the differing world views concerning 
 	  information and civil liberties in different nations.
	  The presence of the Internet complicates the
	  analysis of these issues by permeating national borders
	  in a manner and degree never previously experienced.
	  Submissions with more detail regarding this particular
	  story, on all sides of the issue, are invited.	

		-- PRIVACY Forum Moderator ]


Date:    Tue, 25 Aug 1998 10:13:23
From:    "Carlos A. Alvarez" <carlos@theriver.com>
Subject: Cookie control on the web

Many people have concerns about cookies and their privacy.  I am one of
those.  However, I, and many others, visit sites where we either want or
need to enable cookies.  It is a real pain to answer every cookie message,
or to change your preferences just to browse different sites.  And there
are some sites where I want to take some of their cookies, but not all.
For example, the phone book site gives me a cookie to identify my last
lookup city and state, so I don't have to type it again, so I accept that.
But I don't accept the advertising-related cookies.

My solution to this cookie problem is to use a shareware product called
Cookie Pal from Kookabura Software.  A trial is available at www.kburra.com
and registration is cheap.  It allows me to "remember" the cookies I want
or don't want, and handles it all automatically.  Everyone concerned about
cookie issues should be using this, as it solves all the problems at once.

   Carlos Alvarez, Tucson, AZ, USA, Earth, Sol System, Milky Way Galaxy

		[ As a practical matter, I don't feel that "add-on"
		  mechanisms of this sort are the best solution
		  to perceived cookie problems.  To be of general
		  value, detailed cookie controls need to be inherent
		  in the browsers themselves, not an add-on that most
		  people will never install or use.  At the very least,
	          users should be able to specify in their browser
		  preferences/bookmarks those sites from which
		  they are willing to accept cookies.  But this really
	          needs to be a basic browser function to have any
		  significant impact.

				-- PRIVACY Forum Moderator ]


Date:    Tue, 25 Aug 1998 17:51:19 -0700 (PDT)
From:    Phil Agre <pagre@weber.ucsd.edu>
Subject: radio scanners

I don't normally peruse the weekend calendar section of the newspaper
looking for news about privacy, but maybe now I'll have to start.  The
LA Times' calendar section for 8/20/98 includes an article (Steve Hochman,
Scanning the airwaves, pages 30-31) about a Toronto-based company that
has been fielding a service called Mobiltrak.  If you place a Mobiltrak
device alongside a road, it will keep records of what radio stations
the passing drivers are tuned to.  This is not surprising as technology.
The British government has long used such methods to determine which
households are watching the BBC without paying for it.  What's striking
is that the technology is now cheap enough, and demand for the information
is now great enough, that someone is actually doing it commercially.
Radio stations in Toronto and Phoenix, where the system has been deployed
so far, use the system to get instant ratings on their shows.  Retail
stores are supposedly also using the system to determine what stations
their customers listen to, for example to determine where to place ads.

Taken in isolation, of course, the privacy problem with Mobiltrak is
relatively small.  People often do have a sense of violation in cases like
this, even when the data being collected is not identified.  The concern
is from the bigger picture.  It is a relatively simple matter to capture
license plates from passing cars, and numerous technologies now being
deployed are capable of capturing the identities of passing cars in other
ways, for example in the course of toll payment.  When individuals can
be identified in terms of their radio listening habits, possibilities for
abuse arise.  We can all imagine junk mail scenarios.  If the information
can be cross-indexed with information from other media, an entirely
plausible assumption in the near future, then captured radio listening
patterns could result in customized messages in a wide variety of other
venues, many of which could never be traced back to the radio scanner.

More serious potentials for abuse exist as well.  A kid who is listening
to an alternative or hip-hop music station may find extra trouble with
the cops (due to a "profile", say) without ever knowing why.  Even if
individual listeners are not identified, locations that are found to be
frequented by listeners to such stations may find themselves placed under
greater suspicion than any genuine probable cause would justify.  The task
of imagining other potential abuses is left to the reader.

The point here is obviously not that Mobiltrak is inherently evil, or
that it is secretly being fielded for evil purposes.  The point is that it
is part of a much larger pattern that we as a society must contend with as
a whole.  Do we want to routinize this kind of transparency of our lives?
What would it mean to apply fair information practices, or the principles
of the European data protection laws, to this kind of passive, invisible,
RF-based monitoring of our activities?  The issue is significant far
beyond real-time location-based radio demographics, given the increasing
variety and sensitivity of the relationships that people conduct through
the mediation of mobile wireless communications.

Phil Agre


Date:    Fri, 28 Aug 1998 02:13:09 -0400
From:    Monty Solomon <monty@roscom.COM>
Subject: Re: Computer hard disc scanning by HM Customs & Excise

Begin forwarded message:

Date: Sun, 23 Aug 1998 18:46:03 -0400
From: Vin McLellan <vin@shore.net>
Subject: Re: Computer hard disc scanning by HM Customs & Excise

	Reading the comments of the UK Customs and Excise spokesfolk about
their new policy of routinely scanning the digital memories carried by
travellers, one is struck by their apparent naivete, e.g.:

	Nothing bad could be happening since it is all done in the presence
of the traveller. The traveller is allowed to watch.  It's only a "scan"
for appalling digital smut -- although the process, as described, involves
copying the disk (and almost any "scan" allows that, overtly or covertly.)
It makes me wonder if they had any idea of what kind of Pandora's Box they
were opening.

	Two years ago, a gentleman at Hewett-Packard Labs in California --
the former head of R&D at Apple, as I recall -- mentioned on one of the
Internet newsgroups that senior HP executives had been warned by US
intelligence agencies that big-number cash bounties that had been posted
(where and by whom, it was not clear) for anyone who could obtain the
travel laptop of particular US computer industry executives. The targets
were identified by name and position.

	I suspect that the UK bureaucrats who thought up this search for
illicit images never considered that the digital soup they were straining
for porn in this low-level bureaucratic process might be worth $100K or
$500K or $1M on the black market. (They may not have thought about how
useful and productive their data-trap might look to Her Majesty's own intel
chaps either, although many suspect C&E's naivete in that regard was

	Such casually intrusive and randomized search procedures are used
for low-value valuables. (I suspect DeBeer's couriers don't get their wares
pawed by junior staff who can't tell a diamond from a rhinestone.)
Information has always had potentially high value, of course -- but even
the post-industrial societies are still adjusting to the way computers
concentrate and create such value in data.  HM C&E is not likely on the
cutting edge here.  C&E officials have probably been amazed at anger and
passionate resentment many knowledge-workers have shown toward their new

	The C&E baggage inspector who only barely computer-literate is not
likely to realize how profoundly a traveller may feel violated by a process
which, by it's nature, necessarily offers Her Majesty's government an
opportunity to copy one or two Gigabytes of personal and professional
memories -- with the traveller forced to open encrypted files as it they
were just another "locked suitcase."

	At least until this UK initiative raised the possibility of routine
data searches, many of us typically travelled with almost all our personal
messages, diaries, as well as all our professional work for the past two or
three years in a laptop hanging from a shoulder strap. (With my RSA
SecurPC, it seemed safe, as well as readily accessible.)  My outrage at the
invasiveness and indignity of such a search would probably shock someone
who doesn't live and work online, the way I and many others do.

	Corporate execs and couriers may have far more valuable files:
business plans, negotiation options, strategic plans, industrial plans,
prototype products, competitive analyses, corporate records of all types.
(Old and deleted files -- even unsaved data like remote-access passwords
and encryption keys dropped in swap or temp files on a PC -- are often
retrievable from a copy of a hard disk.) A business traveller planning to
negotiate a deal in the City, offer a contract to a British firm, or set up
a plant or office in the UK, may now risk corporate treasure, as well as
personal indignity, in subjecting himself to such a C&E search.

	For some of us, a strip search and sodium pentathol session at the
C&E post would be less invasive -- but even the British bureaucrats who
came up with this policy would probably consider routine truth-serum
interrogations of travellers over the top: unreasonable, uncivil,
disprespectful, and likely to drive off tourists, merchants, bankers, and
traders who bring money and jobs to the UK.

	Most of us, of course, will immediately jump to Cyberspace, where
ready access to encrypted files on a server or website anywhere in the
world leaves them available, but largely secure from government
eavesdroppers (even when the recipient of the data transfer is in a London
hotel!) It only will be a very very stupid smut merchant who gets caught by
C&E's memory trap. On the other hand, damage done to the British economy by
C&E's routine searches of travellers' digital memories may be apparent
rather quickly.

	I know of several large multinational corporations that have
regular couriers who (daily or several times a week) carry sensitive
material -- usually in digital form, on a laptop or Zip disks -- from their
Paris offices to London, where it is encrypted and transmitted to their
corporate offices around the world. These firms, and others with similar
requirements, restrict the size of their French installations (and
investments) too.

	This happens because French law forbids any firm, operating within
France, from using strong encryption for either domestic or international
data transfers... unless they give the French authorities the crypto keys
that would allow the SCSSI to access, copy, and potentially exploit those
messages or data files.

	(French intelligence agencies -- like their counterparts in most
governments today -- are widely suspected of trying to steal commercial and
industrial secrets from non-French businessmen, and using them to benefit
French industrial and commercial interests. France, not being a beneficiary
of the Echelon net like the US and UK, maybe has to try a little harder. In
recent years, rumors have also led many international flyers to believe,
rightly or wrongly, that the first class seats on Air France are wired by
those same French agencies for commercial espionage.)

	Now, I wonder if those corporate couriers will be taking the
Eurostar through the Chunnel next week? The couriers may lug briefcases
full of paper (which C&E is unlikely to read, or Xerox) for a few days.  I
suspect, however, that many of those firms are even now urgently reviewing
their telecom alternatives.  As the recent GILC survey
<http://www.gilc.org/crypto/crypto-survey.html> and the EC's Copenhagen
Hearings <http://www.fsk.dk/fsk/div/hearing/krypt.html> make clear, more
business-sensitive governments abound, even in Europe.

	For the past two years, the dominant policies of the OECD and the
European Commission have been to foster electronic commerce by respecting
the legitimate needs of consumers and businessmen for crypto-enabled
confidentiality.  Some correlations between policy and investment have been
reported. Ireland recently announced what appears to be one of the most
liberal national policies, allowing for the use and trade in
crypto-enhanced software, among the Wassenaar signatories:
<http://www.irlgov.ie:80/tec/html/signat.htm> At the time, a senior Irish
official noted that his government believes that its progressive stance on
corporate requirements for crypto-based confidentiality has led over 700
foreign firms to set up plants and offices in the Emerald Isle.

	It makes you wonder at the cost-benefits of this British government
campaign to nail a few closet perverts?


"Cryptography is like literacy in the Dark Ages. Infinitely potent, for
good and ill... yet basically an intellectual construct, an idea, which by
its nature will resist efforts to restrict it to bureaucrats and others who
deem only themselves worthy of such Privilege."
_ A Thinking Man's Creed for Crypto  _vbm.

 *     Vin McLellan + The Privacy Guild + <vin@shore.net>    *
      53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548


Date:    Sun, 30 Aug 1998 10:04:41 +1000
From:    Roger Clarke <Roger.Clarke@anu.edu.au>
Subject: Privacy Survey References

G'day All

A couple of years back, I flung together a list of references to surveys
that have been published relating to attitudes to privacy.

After being asked the same question recently, I now realise that I've never
put it up on the web.  With some enhancements, it's now up, at:

Improvements greatly appreciated.  Re-posting to other lists invited.

Regards  ...  Roger

Roger Clarke              http://www.anu.edu.au/people/Roger.Clarke/
Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916   mailto:Roger.Clarke@anu.edu.au

Visiting Fellow,   Faculty of Engineering and Information Technology
The Australian National University     Canberra  ACT  0200 AUSTRALIA
Information Sciences Building Room 211       Tel:  +61  2  6249 3666


Date:    Wed, 26 Aug 1998 11:55:51 -0500
From:    "Jeremy L. Hart" <jhart@tenagra.com>
Subject: Internet Privacy Book

by Chris Peterson
Published by Prima Publishing
(ISBN 0-7615-1436-8, 240 pages, $16.95 paperback)

This book explores threats posed by would-be cybersnoops
who seek to invade your personal privacy through electronic
means.  From the e-mail we send our boss to the video games
our kids play after school, computers and the Internet
permeate nearly every aspect of our lives.  These amazing
tools allow us effortlessly to tap into vast reservoirs of
information, letting us review and then buy the latest
best-seller and then scope out our next vacation
destination.  We can even look up the phone number of a
distant cousin through an on-line search engine.  But each
time we log-on, we are revealing a myriad of personal
information to anyone inclined to look.

You may ask, does anyone bother to uncover the details
about your personal life if you are not rich, famous or
both?  The answer is yes; more so than people realize.
From businesses trying to sell products to thieves looking
for personal data to steal, your business can easily become
their business.  This book will show you who is doing the
"cybersnooping," how they are doing it, what they can find
out about you, and how you can protect yourself.

available wherever books are sold, online or off, or
directly from Prima Publishing at 1-800-632-8676. For more
information, please visit the company's web site:

Prima Publishing


End of PRIVACY Forum Digest 07.15

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH