Date: Tue, 19 May 92 15:48:15 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#031 Computer Privacy Digest Tue, 19 May 92 Volume 1 : Issue: 031 Today's Topics: Moderator: Dennis G. Rears Re: "IF you have nothing to hide..." [The Jester: Re: "IF you have nothing to hide..."] Re: "IF you have nothing to hide..." Re: Caller ID decision Re: "IF you have nothing to hide..." Re: Census Bureau Database Re: Caller ID decision Re: "IF you have nothing to hide..." Re: Computer Privacy Digest V1#030 Video records... Bowers v. Hardwick Re: "IF you have nothing to hide..." Risks of electronic auto tracing The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.200]. ---------------------------------------------------------------------- From: Bob Philhower Subject: Re: "IF you have nothing to hide..." Date: Tue, 19 May 1992 14:22:52 GMT In an article blk@mitre.org (Brian L. Kahn) writes: > >For example, consider the proposal to put electronic ID markers into >cars so that toll booths can read off who passes by and bill them at >the end of the month. > >How much of a risk is this? In another article wrf@ecse.rpi.edu writes: > > Here's another thing you could do by linking databases: Find people who > > a) left home last year on Memorial Day, and > b) who bought a home safe, but > c) who don't have a contract with a burglar alarm company. > > All this is determinable from credit card charges. This could provide > you with something to do next weekend, if you're handy with a drill and > hammer. With electronic monitoring at toll booths, we could eliminate the risk (to you :-) that the person with the safe has other plans this Memorial day. Also, the officials would have a nice database of people who would conveniently not challenge a search of their home. With the current push to weaken evidenciary rules, this could cause a bit of harassment. Also, it may interest anyone who once was (or still is) a school-aged heterosexual male that, given the Meese commission report, your name could potentially be on a list of possible rapists because your older brother or the father of one of your friends once subscribed to Playboy. (And hadn't bought a home safe to keep them in :-) Robert Philhower (philhowr@unix.cie.rpi.edu) Rensselaer Center for Integrated Electronics CII 6111 / Rensselaer Polytechnic Institute / Troy, NY 12180 / USA ------------------------------ Date: Mon, 18 May 92 22:31:11 EDT From: Brinton Cooper Subject: [The Jester: Re: "IF you have nothing to hide..."] Again, Jester asks WHY the concept of "if you have nothing to hide then you have nothing to fear" is wrong. I see his problem. We have a logical inconsistency muddled by unclear language. The IMPLICATION of the statement is the problem. What people actually hear is, "If you have done nothing wrong, then you have nothing to fear." We equate having something to hide with having done something wrong. As nearly all examples implicitly pointed out, these are NOT THE SAME THING. I'm a few digests behind, so someone else may have discovered this in the meanwhile. _Brint ------------------------------ From: Carl Ellison Subject: Re: "IF you have nothing to hide..." Date: 14 May 92 20:18:56 GMT The proposition behind the trick question is that the government has the right to spy on us without being equally open and transparent to all citizens in return. The flaw is that this proposes a two-class system with the people in the second-class role. That is reversed from the basis of this country. Knowledge is power and in our democracy, the power lies in the people not in the government. It is therefore vital that the government have a minimum of knowledge about the citizens and that the citizens have a maximum of knowledge about the government. Result: prohibit encryption technology in the hands of the government; give it to the individual citizens only. After all: aren't we happy that Ollie North's criminal activities were available for public examination? ------------------------------ Date: Tue, 19 May 1992 10:05:34 -0600 From: "fielden j.a." Subject: Re: Caller ID decision In article you write: >Pulled this one from a mailing list... > >Mark N. > > >Subj: PRIVACY WINS OVER CALLER ID in the State of Washington >Sender: Activists Mailing List > >>From the Seattle Post-Intelligencer, March 26, 1992 - > > PRIVACY WINS OVER CALLER ID > Phone companies must offer free blocking service > P-I Staff and News Services > >OLYMPIA - Telephone companies offering caller-identification service must >also offer callers - free of charge - the ability to block display of their >number or location, a state commission ruled yesterday. > > > The companies said an offer of free line-blocking, or automatic blocking >of the caller's name or number, would doom caller-ID service. > "Washington has just adopted the most constrictive and conservative >regulation on called ID in the nation.," said Lisa Bowersock, spokeswoman >for US West in Seattle. > > Companies such as US West wanted permission to charge a monthly or flat >rate for a line block, while offering a "per-call" blocking ability for >free. > > They said they believe a fee for line-blocking - $2.50 a month was >mentioned - would sift out those who do not care if they are identified. > > At least one company, GTE Northwest, said it would not operate in >Washington if the commission adopted the rule approved yesterday. > > US West is currently installing the system in Denver and Phoenix, then >will look at expansion into other areas. Bowersock said. "With today's >ruling, Washington will have a very low priority", she said. US West has opted not to install in Denver because the PUC ordered them to offer free call blocking and US-West said they felt they couldn't make enough profit. Last I heard the PUC was considering ordering US West to offer both services anyway. As far as caller id goes I don't mind police, emergency services etc. having it but frankly I get calls from telemarketers enough without them getting my number from a caller id if I call for information or a price quote etc. Yes, I know if I have the service I can block the calls but I'd rather not get them in the first place. > > "There's no incentive for the company to introduce the service," she >added. "The regulations adopted today won't even allow companies to recover >the costs of line-blocking for individual customer". > > > That remains to be seen, the commission countered. "There are too many >unknowns," said Commissioner Richard Casad. He added that the best course >was to come down on the side of callers. > > Industry officials argued that free per-call blocking service - in which >the called dials three digits before making the call - has worked well in >other states and provides enough protection for those who do not want their >number disclosed. > Now I could agree with a fee for flat blocking and free per call blocking. ------------------------------ From: James Davies Subject: Re: "IF you have nothing to hide..." Date: Tue, 19 May 92 15:53:09 GMT "If you have nothing to hide, then you have nothing to fear" Actually, there is a reason that this statement is wrong. What you have to fear is what I think of as "false positives", in analogy with medical tests. Just because you are completely clean and legal in every respect doesn't mean that someone's file on you is correct. As an example, take drug testing. If you have never taken any drugs, then the only thing that an employer's urine test can do to you is bad -- it can falsely show that you have used drugs. In this case, you have nothing to hide, but you can still be damaged by the test. Another example: if a credit bureau has an incorrect report in its files saying that you defaulted on a loan, this can prevent you from obtaining credit, despite the fact that you have nothing to hide. Yet another example: if you are at zero risk for AIDS (lifelong celibate, never taken self-injected drugs, never had a blood transfusion, never bitten by a mosquito, etc.), an HIV blood test for a health insurance physical can only harm you, since it could report a false positive and thus prevent you from being insured. Furthermore, the false positive could very easily wind up in a nationwide medical database that would prevent other insurance companies from covering you. I would submit that people with "nothing to hide" are those most likely to be unjustly harmed by privacy invasions, and therefore should definitely oppose them. ------------------------------ Date: Tue, 19 May 1992 11:11:59 EDT From: jeremy Subject: Re: Census Bureau Database In article , djohnson@nike.calpoly.edu (Dean N Johnson) says: > >During the last census I came across the story that census data was >used during WW II to identify city blocks where people of Japanese >heritage lived so they could be conveniently rounded up to be interned >in camps. > >I don't know that it's the truth but it really make me think. >Especially given the more current story concerning unregistered >immigrants. I find the Census Bureau's definition of confidentiality >rather disappointing. The story of the Census Bureau and the Japanese-Americans is true as far as I know (there was a recent movie about the event--anyone remember the title?) The involvement of the US CB is recounted as pages 20-26 in David Burnham's _The Rise of the Computer State_ (New York: Vintage, 1984). Approximately 112,000 Japanese Americans were involved in what Burnham calls "thhis extraordi nary breach in the constitutional rights". The CB did finally admit their involvement, and have not done anything like this again...BUT, the more important thing is that today, even aggreagate data is not private (due to computer cross-matching). And the CB do provide aggregate data as the previous posters have pointed out, (in the UK, sometimes for as few as 16 households) (_The Independent_, April 21, p. 3), although more normaly for 200 households). > -- jeremy.. Any replies to: cramptonj@csovax.portsmouth.ac.uk ------------------------------ From: "John Rudd a.k.a. Kzin -- Big Electric Cat" Subject: Re: Caller ID decision Date: 19 May 92 12:39:57 GMT In NEELY_MP@darwin.ntu.edu.au (Mark P. Neely) writes: >Subj: PRIVACY WINS OVER CALLER ID in the State of Washington >>From the Seattle Post-Intelligencer, March 26, 1992 - > PRIVACY WINS OVER CALLER ID Sounds more like "privacy of the called entity loses to the privacy of the calling person. > Phone companies must offer free blocking service > P-I Staff and News Services >OLYMPIA - Telephone companies offering caller-identification service must >also offer callers - free of charge - the ability to block display of their >number or location, a state commission ruled yesterday. > The companies said an offer of free line-blocking, or automatic blocking >of the caller's name or number, would doom caller-ID service. I think if they're going to allow callers to block their ID, then it should also be available that callee's totally block out those calls that have no ID. I know I don't want my call waiting set off by some bozo who isn't willing to identify themselves to the level I have predefined by my phone line (I don't have caller ID, but if I did, I'm would consider this the "requirement to call me"). I certainly don't want my connection to the net (I leave call waiting on, in case of an important phone call) interupted by someone who isn't willing to tell me who they are. > Caller ID is seen by some law enforcement officials and other as a means >of identifying the source of harassing or obscene telephone call.s Those >resisting the technology say it raises concerns about callers' privacy >rights. My only reply to this would be that Caller ID supports the privacy of the CALLED person. Since the Caller is the person initiating the action, I don't think it is unreasonable to slightly lower their privacy level. If they don't want their privacy lowered, they don't make the phone call in question. > In hearings around the state, people said they wanted their privacy >considered before the needs of advancing telephone technology, commission >Chairwoman Sharon Nelson told telephone officials at yesterday`'s >proceedings. And no one stood up for the rights of the Callee? sounds like a bunch of.. er..sorry.. I probably shouldn't go around to insulting the general public. > Industry officials argued that free per-call blocking service - in which >the called dials three digits before making the call - has worked well in >other states and provides enough protection for those who do not want their >number disclosed. Again, if you're calling me, I have the right to know who is "on the outside of my door" before I "open my door". I don't want to get calls from telemarketing people, or certain other sources. And no, telemarketers DO NOT have a right to call me. I rent my line from the phone company. If they want to use my line for their business, I have the right to deny that use. If they don't want to identify themselves, then I see it as basically the same as a person at the door who wont show sufficient ID.. You simply don't open your door to them. The complication being that they may still have interupted something you were doing, because call waiting can be destructive to your current line activity. Therefore, having a "ignore these calls totally" setup is probably the only thing that I'd consider viable. Perhaps the caller, in that case, should get a message of "This line refuses to accept calls from callers who block caller ID". Yes,I know that Long Distance tends to block the ID automagically.. I think that ought to be fixed (and if the LD companies would just support it, it could be). If not, then the blocked calls should be local calls only.* At this point, the overhead being generated is probably a little silly, but again, I feel the rights of the Callee FAR outweigh the rights of the caller. Afterall, if the Caller doesn't want their privacy invaded, they simply don't have to make the phone call. * as an asside, a leading code could be sent that instead of saying "no ID available", said "this person is or isn't blocking their ID", separate from the availablility of their ID. Thus, if you're getting a LD call, and don't get their number, you know it's because of LD.. because if they were blocking their ID, you'd have weeded them separately. I'm not sure I'm explaining this clearly.. hope it makes sense. > The Washington Association of Sheriffs and Police Chiefs and the >Washington State Patrol both said they favored charging for the line-block >to ensure it was not overused. Law enforcement is a major supporter of >caller-ID technology, believing that when it is widely used the incidence of >harassing and obscene telephone calls will fall. With the scheme I'm talking about, if the obscene caller blocked their ID, the callee wouldn't even get a ring from them. :-) I also think that the "block of non-ID'd calls" should be abailable to people who don't have Caller-ID. Just the general principle. I don't have Caller ID..I don't want it. But if you are blocking your ID, I don't want a call from you, even if I don't have caller ID. Hmm.. I wonder how hard it would be to get that passed.. Maybe I should call the companies involved. John -- Discussing whether or not machines can think | John E. Rudd jr. is about as interesting as discussing whether | gt3741b@prism.gatech.edu or not submarines can swim. --Dijkstra | (ex- kzin@ucscb.ucsc.edu) | Speaker to Machines #include Send all comments, flames, and complaints to /dev/null. ------------------------------ Date: Tue, 19 May 92 09:27:46 EDT From: Lawrence V Cipriani Subject: Re: "IF you have nothing to hide..." In article karr@cs.cornell.edu (David Karr) writes: > >In article ygoland@edison.seas.ucla.edu (The Jester) writes: >>Would anyone care to provide a concise explination of WHY the >>previously mentioned rational is wrong? > >Because everyone has something to hide from someone. Even you. (Or do you >claim there is NOTHING you ever do that you would be ashamed for me to have >a videotape of?) Too, there are good things we do that if others know about we will be harassed; for example, making a large donation to a charity. Once some other "charity" gets wind of it how long will it be before they come knocking to your door ? That's one reason why many donations to charities are anonymous. -- Larry Cipriani, att!cbvox1!lvc or lvc@cbvox1.att.com "An unarmed people are slaves, or subject to slavery at any moment." -- Huey P. Newton. ------------------------------ Date: Tue, 19 May 92 09:33:03 PDT From: Mark Bell Subject: Re: Computer Privacy Digest V1#030 >In short this program would be a double edged sword, it >protects privacy, of EVERYONE. As such some have suggested that I >not release such a program and while I have argued against them, I >am normally required to take a circuitious (sp.) route to prove my >point. I have been looking for a simple, logical answer, to explain >to them why releasing this program isn't 'wrong'. For gosh sakes, release it soon! As a Secretary of State said early in this century, "Gentlemen don't read each other's mail." Since we live in a world where such gentlemanliness is no longer in vogue (or even possible?), your program would perhaps help things along. As for the criminal user? That's a valid problem but I'd defend bad guy's privacy if that's the price of defending mine. And yours. After all, governments are the larger threat. This century, governments have killed three times as many of *their own citizens* as have died in wars. So get your program out and wish it Godspeed to other places in the world whose governments aren't as bound by checks and balances as ours presently is. Mark Bell ------------------------------ Date: Tue, 19 May 1992 22:02:50 GMT From: "Mark P. Neely" Subject: Video records... >Charlie Mingo writes: "Mark P. Neely" writes: > ___ State Attorney John Tanner (Volusia Co, FL) has subpoenaed the > rental records of two video shopkeepers to identify the individuals > who rented one of four named explicit films. > > Ostensibily, the customers are only wanted as potential witnesses. > Tanner states that he does not intend to prosecute any citizen whose > name might be on this list. Both store owners are resisting, citing > customers' rights to privacy. Tanner maintains people who rent > material have no expectation of privacy. > Did this take place in the US or Australia? I believe there is >a federal law prohibiting the release of video rental records enacted >after the confirmation hearings for Judge Robert Bork for the US Supreme >Court in 1987. My appologies for any confusion...I did *not* write the article. I simply extracted it from a mainling list that I subscribe to... The article refers to an incident in America (We don't call lawyers "attorneys" over here :) > During the hearings, a local free paper (DC's _City Paper_) managed >to obtain a list of Bork's rentals (nothing very interesting -- lots of >1940's-era B classics), and tried to make something of it. > During the Thomas confirmation hearings in 1991, one of the major >unanswered questions turned out to be whether the Judge was familiar >with certain porno movie stars, a question which could easily be answered >by checking the local video stores. Fortunately, the Judge's records >were safe from prying eyes, and he now sits upon the Court. Yes...legislation was implemented _very_ quickly to protect the privacy of judges (and thus to uphold community respect for the judiciary). It did not go so far as to extend to _all_ citizens. Mark N. ------------------------------ Date: Mon, 18 May 92 22:26 EDT From: michael.scott.baldwin@att.com Subject: Bowers v. Hardwick Bryan Morse writes in response to my Bowers v. Hardwick reference: Wasn't this the case where the police officer had a warrant (based on other charges), was allowed entry by another member of the household, and then witnessed the "felonious" act through a partially open doorway? Yes. What made this such a landmark case was that it was a rare opportunity to test such laws. They usually don't come up because enforcement is so difficult (due to laws regarding privacy). This made for a perfect test case because the officer did *not* violate the privacy of the individuals when witnessing the illegal act. That is *not* why I brought the case up. The very fact that the observed act is considered "illegal" is what bothers me. *That* is the invasion of privacy--when the law makes your private life illegal. The court upheld the position that the officer legitimately entered the house (for other reasons, remember) and therefore did not violate anyone's privacy. No, not on entering the house. What the court basically said was that laws regarding "private" conduct were permissible, *This* is the problem! This doesn't bother you? Let us extend both the law and the situation: let's say it is considered illegal for same-sex couples to hold hands in public. An officer sees such an "illegal act" and arrests. There is no "invasion of privacy" to witness the event, but the very fact that it is considered illegal give people "something to hide". *I* think it's an invasion of privacy if I can be arrested for minding my own business, whether the police have to break down a door or not! but reemphasized that the enforcement of such could not invade privacy. Do you have references where the opinion reemphasized this? In other words, it is not the law itself that invades privacy, but the enforcement of it. In cases like this where the enforcement does not invade privacy, the law can be applied. I think you're missing the point -- the law *itself* is the problem. Besides, what if the "enforcement" of this law was done via search warrants and phone taps based on "probable cause". Wouldn't it be perfectly legal then? It really doesn't make me feel comfortable when you say that my private *acts* are illegal and don't worry; the police can't violate my privacy on the way to arresting me for them. A restatement of my previous summary: Let me try, without using examples: the definition of what it is that you have to "hide" rests with the government, not you. If the legal system creates bankrupt laws that make your private life punishable, then you end up hiding and fearing for simply living your life and pursuing your own happiness. In response to the Jester, yes we do have to watch out for the government because of laws such as referenced above. The Bill of Rights was written to protect us from the government, because the writers understood how easy it is for governments to be evil. They didn't go far enough. If I don't like a law, I cannot simply ignore it. Why is it that we have so many invasive laws here, and the populace seems to support most of them? ------------------------------ From: "Richard A. Schumacher" Subject: Re: "IF you have nothing to hide..." Date: 15 May 92 01:30:02 GMT >In article ygoland@edison.seas.ucla.edu (The Jester) writes: >>One of the reasons that many people are against 'intrusive' laws is >>because they disagree with the rational "If you have nothing to >>hide, then you don't need to worry." However what I have failed to >>see is a single cogent explination of WHY the rational of "If you >>have nothing to hide, then you have nothing to fear" is a bankrupt >>one. Would anyone care to provide a concise explination of WHY the >>previously mentioned rational is wrong? (BTW: The word is "rationale".) Because people disagree, sometimes violently, about what is worth hiding. For example, one person might go to absurd lengths to prevent people from learning the details of how he masturbates even though most people would probably find it uninteresting. For another example, many people do not want their tax returns made public even though they might not reveal anything which is, strictly speaking, illegal. Is the point now clear? (If you have no emotional need for privacy, or no appreciation for the need in others, then I suppose that no argument against the "nothing-to-hide" doctrine will have any force for you.) ------------------------------ Date: Tue, 19 May 92 12:10:25 EDT From: Wm Randolph Franklin Subject: Risks of electronic auto tracing If everyone knew where your car was all day then they might: - determine your customers and suppliers, to steal the former and undercut, or badmouth you to, the latter, - know when you're away from home, to break in, - know how much time you spend on the road, to analyze your business in general, - know where to kidnap you, if you're an Exxon exec, or where to hijack your car if it's valuable, or if you're carrying valuables, - see that you're visiting someone for no obvious reason, and so see that you might be in secret negotiations to buy or be bought or hire or be hired, - etc etc etc People malign "security through obscurity", but it's the basis of quite a lot of security in society. Do you want to totally destroy it? Finally, I'd feel more accepting of total openness if it started with the names, photos, and addresses of police, including undercover agents, CIA employees, senior government officials, etc. Basically what the government wants is total secrecy about them, and total openness about us. Prof. Wm. Randolph Franklin, wrf@ecse.rpi.edu, (518) 276-6077; Fax: -6261 ECSE Dept., 6026 JEC, Rensselaer Polytechnic Inst, Troy NY, 12180 ------------------------------ End of Computer Privacy Digest V1 #031 ******************************