Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Privacy :: priv_408.txt

Privacy Digest 4.08 4/8/95




PRIVACY Forum Digest     Saturday, 8 April 1995     Volume 04 : Issue 08

            Moderated by Lauren Weinstein (lauren@vortex.com)         
              Vortex Technology, Woodland Hills, CA, U.S.A.
	
                       ===== PRIVACY FORUM =====              

   	  The PRIVACY Forum digest is supported in part by the 
	      ACM Committee on Computers and Public Policy,
     		     and the Data Services Division 
	           of MCI Communications Corporation.


CONTENTS 
	Data Mining (Phil Agre)
	NIST Digital Signatures (Lim Chiang)
	EPIC Alert 2.05 [Decency Act] (Dave Banisar)
	Destruction of data (Charles M. Preston)
	Destruction of data [more] (Charles M. Preston)
	Misleading privacy claims (Charles M. Preston)
        Medical Records Access (Valerie F. Gerberich)
	Re: Perhaps privacy is not what it seems (Cliff Sojourner)
        Protection of Youth Against Trashy and Smutty Literature
	   (Jim Warren)
	More on "Communications Decency Act" 
           (Lauren Weinstein; PRIVACY Forum Moderator)


 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

-----------------------------------------------------------------------------
The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are by an automatic "listserv" system; for
subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to
"list-maint@vortex.com". 

All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the listserv system.  Please follow the instructions above
for getting the listserv "help" information, which includes details
regarding the "index" and "get" listserv commands, which are used to access
the PRIVACY Forum archive.  All PRIVACY Forum materials are available
through the Internet Gopher system via a gopher server on site
"gopher.vortex.com".  Access to PRIVACY Forum materials is also available
through the Internet World Wide Web (WWW) via the Vortex Technology WWW 
server at the URL: "http://www.vortex.com".
-----------------------------------------------------------------------------

VOLUME 04, ISSUE 08

   Quote for the day:

	"Bombs away, pretzel boy."

		-- Military Commander (Lloyd Bridges)
		   "Rolled Gold Pretzels" Television Commercial (1995)

----------------------------------------------------------------------

Date:    Fri, 24 Mar 1995 16:02:22 -0800
From:    Phil Agre <pagre@weber.ucsd.edu>
Subject: data mining

Perhaps a bit out of date but still very interesting: The 8/16/94 Wall Street
Journal includes an article about the use of "data mining" by companies with
large amounts of customer transaction data.  The full reference is:

  Laurie Hays, Using computers to divine who might buy a gas grill, Wall
  Street Journal, 16 August 1994, pages B1, B4.

The prototype of this kind of processing is American Express, which is
reported to have half a terabyte of information about its customers' 
charges on its 35 million cards.  The idea is to find patterns that predict
what product categories individual purchasers might be interested in, and 
then send them advertisements accordingly.  This kind of processing is ideal
for massively parallel computers, and many makers of such machines are doing
well.  (Thinking Machines Corporation, unfortunately, is not one of them.  
The same issue of WSJ reports on its imminent bankruptcy filing.  This is
ironic, given that American Express was one of its first important customers
outside the military-government-research world.)  From the numbers in the
article, it sounds like the number of companies using these techniques is in
the hundreds and growing rapidly.

What I find most interesting here is the set of cultural assumptions that 
goes into the data searches.  For example, people who recently bought outdoor
patio furniture are pitched gas grills.  A woman who buys her dresses at 
Saks is pitched Saks shoes.  A bank analyzed customers' financial situations
and pitched home equity loans to those who were likely to pay them back.  In
each case, a certain amount of social reasoning has gone into the algorithms,
based on assumptions about normal or average behavior and the connections in
people's lives between different categories of commodities.

All of the examples in the story involve companies mining information on their
own customers, though perhaps setting up partnerships with other companies to
fashion offers to them.  No mention is made of mined information being sold.
Maybe that's because people would be too offended to hear of such information
being sold, or maybe it's because it's advisable to keep the practice quiet.
In any case it's hard to believe there's no market for it.

The data-mining techniques are used for other purposes as well, including
fraud detection and inferring bad batches of parts from patterns of warranty
service.  (That one is my favorite.)

Some employees are reported resisting the new technology, though the one 
case the article reports doesn't have specifically to do with data mining,
just with high-tech logistics in mass retailing.  It seems reasonable to 
guess that the resistance comes from deskilling: if restocking decisions are
taken away from local store managers (and this is definitely the trend) then,
other things being equal, the skill levels and thus the salaries of those
store managers tends to go down.

The massive aggregation of data in things like marketing databases and some
proposed intelligent vehicle-highway systems leads to new questions about
privacy.  If any given fact about me is innocuous, or at least innocuous
enough that I'm willing to let a company store it in exchange for credit or
automatic toll collection etc, it doesn't follow that ten thousand facts about
me are equally innocuous.  How to even conceptualize, much less regulate, this
phenomenon of emergent personal information?

In many cases, the problem is actually harder.  If you've just bought patio
furniture then you might want a gas grill: this surmise only requires a few
facts about you.  But heretofore those few facts had a sort of anonymity; they
were lost in the enormous crowd of other, equally arbitrary facts.  But with
massively parallel processing, it becomes possible for numerous individual
facts to take on individual consequences.  It's one thing if your charge slip
for patio furniture (or plastic surgery, or condoms) gets processed and filed
in a huge pile with a million others, but it's quite another thing if someone
pulls out your charge slip and says "hey, this person might want to hear from
a dating service!" or whatever.  Can we even say that someone's privacy has
been invaded here?  We need new words for these things, rather than stretching
the word "privacy" to cover all information-related offenses to human dignity
under the sun.

Phil Agre, UCSD

------------------------------

Date:    Mon, 27 Mar 1995 16:18:00 +1000
From:    Lim Chiang <Chiang.Lim@saa.sa.telememo.au> (Tel 02 746 4832)
Subject: NIST Digital Signatures

Can anyone direct me to documents describing the implementations of
digital signatures and NIST's digital signature standard.

If there is any information regarding central agencies/organisations
generating the public and private key pairs, the issuing of such and
the certificates, the auditing of organisations' and users' use of
the key pairs, etc., please indicate where such information is also
available.

With appreciation,
Chiang Lim
Standards Australia
X.400: S=LIM; O=SAA; P=SA; A=TELEMEMO; C=AU
Internet: lim@saa.sa.telememo.au

------------------------------

Date:    Mon, 27 Mar 1995 02:54:36 -0800
From:    banisar@epic.org (Dave Banisar)
Subject: EPIC Alert 2.05 [Decency Act]

  [ Extracted from EPIC Alert 2.05 by PRIVACY Forum Moderator ]

=======================================================================
[1] Senate Committee Approves "Decency" bill
=======================================================================

The Senate Commerce Committee voted on March 23 to incorporate a
revised version of S. 314, the Communications Decency Act of 1995,
into the telecommunications reform legislation. The amendment makes
every person who creates, makes or solicits "any comment, request,
suggestion, proposal or other communication which is obscene, lewd,
lascivious, filthy, or indecent" subject to criminal prosecution.  The
bill also gives the FCC sweeping new authority to regulate on-line
communications, and curtails First Amendment rights that currently
exist for print communication.

In a revision pushed by online providers, commercial carriers may
avoid liability if they do not exercise editorial control over
content, or if they take a series of good faith steps to comply with
the statute.  A provision criminalizing anonymous messages that
"annoy, abuse, threaten, or harass" was also removed.

However, users of on-line services, content providers, electronic
publishers, and journalists face new restrictions on speech and
private communications. For this reason, there is still considerable
opposition to the bill.  Civil liberties groups believe that the bill
is unconstitutional.

The Senate Commerce Committee approved the amendment, sponsored by
Senator Slade Gorton (R-WA), unanimously by voice vote. The entire
bill was approved by the Committee 17-2, subject to amendments. The
bill now goes to the full Senate, where more amendments are expected
to be added.

The legislation has generated considerable controversy. Earlier this
week, the presidents of the major computing societies in the US - ACM,
IEEE, SIAM, CPSR and AAAI - wrote to Senator Exon expressing concern
about the effects on the development of computer networks if the
legislation was enacted. An Internet petition calling for the
withdrawal of the legislation gathered over 100,000 signatures in only
a few weeks and Senators on the Telecommunications subcommittee
received a large number of calls, faxes and email messages on the
bill.

The bill is expected to be considered by the full Senate in the next
few months.

=======================================================================
[2] EPIC Statement on Communications Decency Act
=======================================================================

EPIC STATEMENT ON COMMUNICATIONS DECENCY ACT
March 24, 1995

The Electronic Privacy Information Center opposes the Communications
Decency Act as adopted by the Senate Commerce Committee on March 24,
1995.  We believe that the bill is an unconstitutional restriction on
free expression, personal privacy, and intellectual freedom.

EPIC has urged Senator Exon and his staff to explore all
non-legislative solutions before further action on this bill.
Comprehensive hearings are still necessary. We recognize that there is
a genuine concern about the type of materials that are available to
children via the Internet.  EPIC also believes that a thoughtful,
long-term solution to this problem will require the participation of
parents and schools, and the development of good technical and
educational measures. We do not believe that the contents of private
communication or the expression of public opinion should be regulated
by the government

The National Center for Missing and Exploited Children has produced a
fine publication for parents and others who are concerned about these
issues. This brochure, "Child Safety on the Information Highway," was
written by Lawrence J. Magid, a syndicated columnist for the Los
Angeles Times. Mr. Magid encourages parents to take an active interest
in the on-line activities of their children, and opposes passage of
the Communications Decency Act.  For a copy of the brochure, contact
The National Center for Missing & Exploited Children 2101 Wilson Blvd,
Suite 550, Arlington, VA 22201-3052 or call 1-800-The-LOST
(1-800-843-5678).

EPIC will continue to oppose the Communications Decency Act.  We urge
others to do the same.

------------------------------

Date:    Tue, 28 Mar 1995 10:13:12 +0900
From:    cpreston@alaska.net (Charles M. Preston)
Subject: Destruction of data 

I'd like to mention that the Security Management article on destruction of
data is available in text format on CompuServe in the NCSA forum, Library
22, as sm9502.zip.  This is the one referenced in Privacy Digest 04-06.  I
hope to have it formatted as an HTML document in a few days, so it will be
more widely available.

I have recently come across a program designed to overwrite a Windows
(virtual memory) swap file semi-automatically, and a version of Linux has an
option for keeping its swap file encrypted.   The note didn't say how the
encryption key was stored.  

Tom Zmudzinski (Privacy Digest 04-07) mentions, regarding recovery of data,
that saying "with enough processing power and time" is not a useful way to
discuss the subject.  I thought the IDA report was very useful in several
regards.

First, many people are not aware that "overwritten" or degausser erased data
may be recoverable at all.  Second, it's very helpful when deciding "how
much is enough" to have some guidelines as to the level of risk.  

The report states that it takes a magnetic field 5 times the coercivity of
the media to make large scale recovery impractical, and defines
"impractical".  It also states
   
"there is no known process or equipment that will completely erase Type II
magnetic media (coercivity 350-750 Oe)"  

All high density floppy disks fall into this group. Many hard drives and
tape backup products, including DAT, 8 MM, and video tape, have even higher
coercivity.

Here's an example of needing to know "how much is enough".
 
Let's say someone in the business world depends on current software file
overwriting options for extremely valuable data.  The two leading U.S.
utility software vendors have products that overwrite files 7 times when you
use their highest security - "US Department of Defense" settings.  A
commercial data recovery firm told me they have recovered data that has been
overwritten 7 times.

To summarize: If the people who want your data don't have a lot of money and
expertise, overwrite -all- the file storage locations and don't worry about
it.  Otherwise, you need expert help to consider not only erased data
recovery, but your overall security situation.  Smart opponents won't attack
your strongest area.

Charles M. Preston  Information Integrity
cpreston@alaska.net

------------------------------

Date:    Tue, 28 Mar 1995 10:44:00 +0900
From:    cpreston@alaska.net (Charles M. Preston)
Subject: Destruction of data [more]

Discussions of when data is really gone from magnetic media (Privacy Digest
04-05,06,07) are helpful to people partly because program documentation is
incomplete.  To avoid filling their manuals with ugly fudge words like
"almost", "maybe", "under most circumstances", the two leading U.S. utility
software companies have this to say about their overwriting programs:

Company 1
XXX protects the confidentiality of deleted data by erasing it completely
from a hard or floppy disk.....Once you wipe a file or disk, you can no
longer recover or read the data by any means.

Company 2
YYY protects confidential data by erasing it from the disk so that it is
unrecoverable, even using the most sophisticated hardware and software
recovery techniques.

These claims are not unusual.  Some software companies have continued to
claim strong security features that other commercial software could crack in
a second or two.

All of us deal with risks every day, but to deal with them rationally it's
nice to have a good idea what the real level of risk is.
 
Charles M. Preston  Information Integrity
cpreston@alaska.net

------------------------------

Date:    Tue, 28 Mar 1995 11:20:08 +0900
From:    cpreston@alaska.net (Charles M. Preston)
Subject: Misleading privacy claims

Some months ago in a leading health magazine I saw an announcement that a
"home AIDS test" would be available.  This wasn't really a home test, since
a sample had to be sent to the company for determination.  Confidentiality
was supposed to be maintained because the person with suspected AIDS had a
special ID number to inquire about the test results.  But the inquiry was
through an 800 number.

I called and FAXed the magazine to ask if they could caution readers that
all callers' numbers are available to the company furnishing the 800
service.  I explained that phone records and other seemingly routine records
are not well protected in many companies.  An employee of the company
probably could match the time of the call, ID, and phone number.

People can and have done this sort of thing for blackmail, to furnish
information to extremist groups, and for other reasons.  If the testing
company wanted to, for less than $300 for a CD-ROM, they could pull up a
name and address for any published number in a matter of seconds.

I don't think that is the kind of confidentiality many people would prefer
after testing positive for HIV.

So far, I have not seen any kind of notice in the magazine.

Shortly after that, I saw an announcement for confidential AIDS counseling
from a U.S. Government agency using, of course, a convenient 800 number.

Charles M. Preston  Information Integrity
cpreston@alaska.net

------------------------------

Date:    Fri, 7 Apr 1995 19:37:04 -0700 (MST)
From:    "Valerie F Gerberich" <65393@ef.gc.maricopa.edu>
Subject: MEDICAL RECORDS ACCESS

Did you know that there is a leading credit information warehouser
(Equifax) that is now proposing to create a mega-database comprised of
your/our medical records?  Their reply is that they are doing it to make
it easier for hospitals and doctors to have access to pertinent medical
information about you, especially in the situation where a hospital needs
to know your allergic status, past medical history, etc, before they treat
you in a manner that may adversely affect you.  

That is all well and good, but what about our privacy.  Will they do the
same thing with that information as they did with our credit information? 
They just recently lost a lawsuit against them that dealt with the manner
in which they (mis)handled our credit history.  They allowed access to it
in an unfavorable manner.  Do you want that to happen to your medical
information also?

I don't know about you, but I want my medical information kept highly
confidential.  People can and will refuse you insurance should they have
information about you that is not positive.  You can bet that Equifax will
harvest this database for all it's worth, selling it's contents to whoever
is willing to pay.  I am sure the insurance companies would pay good money
to avoid giving insurance to someone with the slightest blemish on their
medical history.  Take this scenario:  I had two high risk pregnancies,
although the outcome was good, the costs were astronomical, but, I have no
intention of having anymore children.  Do you think any insurance company
would give a care?  No, they would see that, they would see that I was
still very young, and think "Hmmm...she is still in prime child bearing
years, and it just is not a good risk."  The insurance industry already
has some access to this kind of information, but this would just make it
too easy for them.  It is unfair to reject someone for insurance, but they
get away with it....why make it any easier.   I say NO to this, and I hope
that there is some way that they are unable to do this.

------------------------------

Date:    30 Mar 95 17:01:00 -0800
From:    SOJOURNER_CLIFF@tandem.com
Subject: Re:  Perhaps privacy is not what it seems

Steve Mann's point is well taken.  Later in the same issue, the debate
about CNID continues.  There is a parallel.  In both cases, the
product defect (anonymity and privacy) has become a feature.

Remember the trouble Mr. Bell had convincing people to install
telephones in their houses.  The problem was that "it was like opening
your front door and letting anyone walk in".  You couldn't tell who
was calling until you answered.  (Why, some lower class person might
telephone and you'd actually have to be civil to them.)

That product defect is now a feature.  People are demanding anonymity
in telephone use, despite attempts to fix the defect.

The situation with credit card records is similar.  Purchase records
used to be private.  The marketers decided that product feature was a
defect.

If we had a workable, anonymous digital cash system I'd use it.  As it
stands now, I'm off of credit cards and checks and on cash for most
things.  (Ever try to pay the mortgage or buy an airline ticket or
rent a car with cash?) And I'd sure like to get rid of all the junk
mail (~5 pounds a week) and marketer's cold calls (4 last night (!),
usually 1 a day).

Cliff

------------------------------

Date:    Wed, 5 Apr 1995 23:16:53 +0800
From:    jwarren@well.sf.ca.us (Jim Warren)
Subject: Protection of Youth Against Trashy and Smutty Literature

"Those who cannot remember the past are condemned to repeat
it"
              Santayana, _The Life of Reason_

In 1926, seven years before the National Socialists achieved
absolute power, a bill similar to Exon amendment was passed
in the German Reichstag.  I quote the following passage from
page 266 of _Purity in Print_ (Scribner's: 1968) by Paul S. Boyer:

  The purity crusade now found a focus in the "Act for the
  Protection of Youth Against Trashy and Smutty Literature,"
  a national censorship bill proposed to the Reichstag late
  in 1926.  This _Schmutz und Schund_ (Smut and Trash) bill,
  as it was dubbed, aroused fears in German literary and
  intellectual circles, but the Minister of the Interior
  soothed the apprehensive with assurances that it
  "threatens in no way the freedom of literature, [the]
  arts, or [the] sciences," having been designed solely for
  the "protection of the younger generations."  It was aimed
  only at works which "undermine culture" and purvey "moral
  dirt," he added, and had been devised "not by
  reactionaries, but by men holding liberal views..."  On
  December 18, 1926, after a bitter debate, the _Schmutz und
  Schund_ bill passed the Reichstag by a large majority.
  The Catholic Center and the Nationalist parties were
  strong in it support, the Socialists divided.  In
  accordance with the provisions of the new law, the
  Interior Minister appointed boards of censorship for each
  of the Federal states.  These eight-member panels,
  including representatives from publishers', authors', and
  booksellers' groups as well as from youth, welfare, and
  educational organizations, were empowered to prohibit the
  advertising, display, or sale to minors of any book deemed
  morally objectionable.

Presented for your information by,
David Dubin@notes.pw.com
[via pys@well.com]

------------------------------

Date:    Sat, 8 Apr 95 20:29 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: More on "Communications Decency Act"

Greetings.  As you can see from some preceeding items, controversy continues
over the issues surrounding the provisions of the "Communications Decency
Act".  While recent changes may be good news for information service
providers (though the borderline between "transmitting information" and
"creating information" seems to open up a can of worms), the lumping
together of a variety of non-obscene speech types by the provisions would
still seem likely to conflict with existing First Amendment protections.

However, there seems to be considerable agreement that *some* sort of
controls need to be in place in some situations, at least to bring
computer-based communications into line with existing telephone conversation
legislation.  And there would also seem to be agreement by most observers
that some mechanism to help prevent minors from accessing material online
that they are not supposed to obtain through other venues is also
desirable.  

To agree that Senator Exon's provisions seem to be the wrong way to deal
with the problems is not to say that there aren't problems in need of
solutions in this area.

During a question and answer period after a speech to the American Society
of Newspaper Editors on April 7, 1995 (yesterday), President Clinton briefly
addressed this topic.  I've included this exchange below.

--Lauren--

			--------------------

	     Q	You alluded to our being in the Information Age.  Many
of us in this room are investigating and developing ways of
disseminating information electronically.  There are thousands outside
this room who are doing the same.  What role, if any, does the federal
government have in censoring or regulating that information and news?
	     
	     THE PRESIDENT:  Let me begin by saying I support what
you're doing and I've tried to bring the White House up to date
electronically.  You know, we have a pretty sophisticated e-mail
operation.  And now you can take a tour of the White House and all the
federal agencies on the Internet and find out more than you ever wanted
to know.  So we're trying to be there for you in virtual reality land.
	     
	     I guess you're asking me about the bill that Senator Exon
introduced on trying to regulate obscenity through the e-mail system, or
through the electronic superhighway.  To be perfectly honest with you, I
have not read the bill.  I am not familiar with its contents, and I
don't know what I think.  I do believe -- about this specific bill.
(Laughter.)  I'll tell you what I think about the issue.
	     
	     I believe that insofar as that governments have the legal
right to regulate obscenity that has not been classified as speech under
the First Amendment, and insofar as the American public widely supports,
for example, limiting access of children to pornographic magazines, I
think it is folly to think that we should sit idly by when a child who
is a computer whiz may be exposed to things on that computer, which in
some ways are more powerful, more raw and more inappropriate than those
things from which we protect them when they walk in a 7-Eleven.
	     
	     So as a matter of principle, I am not opposed to it.  I
just can't comment on the details of the bill, because I do not know
enough about it.  And I do not believe in any way, shape or form that we
should be able to do on e-mail, or through the electronic superhighway,
in terms of government regulation of speech, anything beyond what we
could elsewhere.  I think the First Amendment has to be uniform in its
application.
	     
	     So I'm not calling for a dilution of the First Amendment.
But if you just imagine, those of us who have children and who think
about this, you just think about what's the difference in going in the
7-Eleven and hooking up to the computer.  I think that we have to find
some resolution of this.  And within the Supreme Court's standards,
which are very strict, I am not -- am philosophically opposed to some
action.

------------------------------

End of PRIVACY Forum Digest 04.08
************************


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH