Date: Mon, 26 Jul 93 16:18:20 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V3#003 Computer Privacy Digest Mon, 26 Jul 93 Volume 3 : Issue: 003 Today's Topics: Moderator: Dennis G. Rears Re: Slowdown Re: PGP Not Guilty Plea in 'Fake ATM' case. First Person broadcast on privacy at work British Columbia INFORMATION POLICIES IN THE 90'S Legislation computer activity America Online censorship Re: America Online censor Credit Reports and National Call for papers: Computer Network Use and Abuse Conference The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.133]. ---------------------------------------------------------------------- Date: Mon, 26 Jul 93 16:11:22 EDT From: Computer Privacy List Moderator Subject: Re: Slowdown Thanks to all who responded (50+). Not a single person responded who hadn't seen my message :-). It seems as if I have not lost any network connectivity. dennis ------------------------------ Date: Wed, 21 Jul 93 18:12:30 PDT From: Mark Healey Subject: Re: PGP Does anybody know where to get a copy of PGP ------------------------------ Date: Thu, 22 Jul 1993 13:04:07 -0400 (EDT) Subject: Not Guilty Plea in 'Fake ATM' case. From: Paul Robinson Organization: Tansin A. Darcos & Company, Silver Spring, MD USA ----- {Washington Post} Digest, Page C2, 7/20: "A 28-year old college student pleaded not guilty to federal charges he helped set up a fake automated teller machine in a shopping mall to bilk unwitting bank customers. Charles R. Lyons, a student at Hunter College in New York City, was charged with conspiracy to commit bank fraud and to produce counterfeit ATM cards. Two other men were arrested earlier." ------------------------------ From: tmis1692@altair.selu.edu Subject: First Person broadcast on privacy at work Date: 22 Jul 93 23:55:44 -0600 Organization: Southeastern Louisiana University What did you think of last nights Maria Schriver story about privacy in the workplace? I thought the thing about private e-mail was a bit of a stretch. After all it is the employers computer and it is the employers right to know what is there. Simply, don't put your private information in the company's computer. Kevin Calmes - TMIS1692@selu.edu ------------------------------ Date: Thu, 22 Jul 93 17:18:02 PDT From: Kelly Bert Manning Subject: British Columbia INFORMATION POLICIES IN THE 90'S I would be interested in getting any feedback that people have about the background of Thomas B. Riley. A remark of his describing BC's FOI/P act as "the best in the world", has been widely published here in BC. This description seems a bit strong to me, based on my own reading of it and the responses I've had to my personal privacy concerns about property tax rolls, voter lists, and motor vehicle and drivers licence databases. I haven't been able to find any publications indexed under his name in either the Public Library, or the University of Victoria Library. If you think that this might make a suitable post please contact Riley Info. Serv. Inc. at the address given at the bottom to obtain permission. The Major Conference & Training Session of 1993 on Government Information Policy INFORMATION POLICIES IN THE 90'S: THE DAWN OF FREEDOM OF INFORMATION AND PRIVACY PROTECTION IN BRITISH COLUMBIA A two-day conference and training session November 15 and 16, 1993 Robson Square Conference Center Vancouver, British Columbia Produced by Riley Information Services Inc. in partnership with: . Information and Privacy Branch, Ministry of Government Services . BC Freedom of Information and Privacy Association (FIPA) . Information Management Practices Policy Division, Treasury Board Secretariat of Canada . Canadian Access and Privacy Association By the time of this conference and training session, BC's Freedom of Information and Protection of Privacy Act will be newly proclaimed and in operation. This two-day conference and training session will explore the ins and outs of BC's landmark statute, offer the insights of experts with hands-on experience in other jurisdictions, and deliver practical training specific to British Columbia. EVENT HIGHLIGHTS This is the event of the year for getting briefed, trained, and educated in BC's Minister of Government Services will be followed by two informative days of practical hands-on sessions with information experts from government and the private sector. TOPICS TO BE ADDRESSED Sessions will deal directly with all the issues and skills vital to anyone who will be administering, managing or using the new law, including: . expert instruction on obtaining information through the Act and protecting legitimate confidentiality, . understanding the balance between freedom of information and privacy, . administrative practices; processing requests; fees and time limits; practical tips on administering the statute, . applying the Act's expectations, . privacy practices under the Act: audits and implementation of fair information practices, . understanding the third party process under the law, . the appeal system: how it works, and experiences in other jurisdictions . the impact of new technologies on FOI and privacy, . how information laws have paved the way for electronic delivery of government services and more open government GUEST SPEAKERS AND PANELISTS OPENING SPEAKER: The Honourable Lois Boone, Minister of Government Services . BARRY JONES, MLA, member, Cabinet-Caucus Committee on Information and Privacy . TOM WRIGHT, Information and Privacy Commissioner, Ontario . ROBERT BOTTERELL, Director, Information and Privacy, Ministry of Government Services . PETER GILLIS, Director, Information Management Practices, Policy Division, Treasury Board Secretariat of Canada . THOMAS B. RILEY, International Freedom of Information and Privacy expert . MURRAY RANKIN, Barrister; former BC Government Special Advisor on Information and Privacy Legislation . PROF. COLIN BENNETT, University of Victoria, author of "Regulating Privacy" . DARRELL EVANS, Executive Director, BC Freedom of Information and Privacy Association ...and many more from the public and private sectors who will offer unique insights and practical information on what the new legislation means to you. REGISTER NOW Cost: Early bird registration, paid by August 15, 1993: $400.00 or regular price after August 15: $450.00. To register contact Riley Information Services Inc. at(416) 593-7352. Suite 2207, 633 Bay St., Toronto, Ontario, M5G 2G4. -- Kelly Bert Manning, Victoria, BC, Canada ------------------------------ Organization: The American University - University Computing Center Date: Fri, 23 Jul 1993 13:30:12 EDT From: Wanlapa Sriwancharoen Subject: Legislation computer activity ***** Should there be any legistration for monitering anyone computer activity on network by any law enforcement agency?***** ------------------------------ From: Richard Roda Subject: America Online censorship Date: 23 Jul 1993 20:30:16 GMT Organization: University of North Carolina at Asheville Thus utters Ryan Miller >You haven't seen anything until you've seen censorship on America Online. >Here's a couple examples: > A guy posts an article in the "Howard Stern" (radio personality) forum >about his upcoming movie which is titled "Fartman". His message was >removed without notice. He posted the same message with "F-Man" and the >message remained. > My account just got DEACTIVATED (I can't log on) because of two >incidences in the chat rooms (like IRC). In one instance, I was in a >"Women 4 women" forum (I'm a guy) and said "So, any lesbian nazi hookers >from hell here?". I promptly was disconnected and received a warning >mail. Just recently I said the word "Piss" in a sentence in one of the >chat rooms. Now my account is deactivated. Folks, the word piss is in >Second Kings in the Bible (if you don't believe me I'll look it up in my >King James Version for you and quote you the exact verse). >What are your feelings or experiences with this? I would find a new online service in short order, and encourage those that did not like censorship to do likewise (Using PGP encrypted mail, so they won't censor it :-). Then those who like censorship can stay on America Online, and if they aren't enough of them around, they will go out of business. -- Richard E. Roda, Computer Science at UNCA. | Snail Mail: The opinions expressed above are mine alone. | Richard Roda PGP v2.2 public key available by E-Mail or | P.O. Box 8172 finger roda@ivy.cs.unca.edu | Asheville, NC 28814 ------------------------------ From: Richard Roda Subject: Re: America Online censor Date: 23 Jul 1993 20:30:19 GMT Thus utters mnelson@eis.calstate.edu (Mark S. Nelson) >To be fair however, I must say that some people deserve to be taken >off-line. There are too many people who feel that just because they're >much more anonymous on a computer, that they should have complete freedom >to harass and annoy. To cite one example mentioned, if someone walks into >a 'real' women's discussion group and asks, "are there any lesbian, Nazi >hookers from hell here", they would probably receive a quick boot in the >ass, but most certainly would not be tolerated. The same should apply in >virtual discussions. It seems to me that a chat area titled, Women for >Women is pretty clear. If I was sysop, I'd kick you off-line as well. Why not have these electronic discussion bases have a killfile? Then the people can decide what they will and will not hear, and a sysadmin or sysop will not have to "Boot" people offline. In the case of the sysop, however, I can understand booting people off because the phone lines are a limited resource and the sysop is footing the bill for the service. -- Richard E. Roda, Computer Science at UNCA. | Snail Mail: The opinions expressed above are mine alone. | Richard Roda PGP v2.2 public key available by E-Mail or | P.O. Box 8172 finger roda@ivy.cs.unca.edu | Asheville, NC 28814 ------------------------------ From: Dave Banisar Date: Sat, 24 Jul 1993 14:13:08 EST Subject: Credit Reports and National Credit Reports and National Security Last week, the Senate Intelligence Committee approved a provision that allows for FBI access to credit reports using only a letter instead of a judical warrant in cases that they say involved national security. There is concern that this will be subject to abuse and that the necessity has not been proven. Several privacy and consumer groups sent this letter opposing the provision. I was unable to easily find the actual text but will get it after I come back from vacation. Dave Banisar CPSR Washington Office July 12, 1993 The Honorable Dennis Deconcini Chairman Senate Select Committee on Intelligence United States Senate SH-211 Hart Senate Office Building Washington, DC 20510-6475 Dear Chairman DeConcini; We are writing to voice our strong opposition to the Administration's legislative proposal to amend the Fair Credit Reporting Act (FCRA) to allow the Federal Bureau of Investigation (FBI) to obtain consumer credit reports in foreign counterintelligence cases. The FBI seeks a national security letter exemption to the FCRA to obtain personal information from consumer reporting agencies without a subpoena or court order. A national security letter gives the FBI the authority to obtain records without judicial approval and without providing notice to the individual that his or her records have been obtained by the Bureau. Similar FBI proposals were rejected in previous years after Congressional leaders expressed concern over the civil liberties issues raised. Although the current draft proposal is more comprehensive than those circulated in previous years, the changes and additions do not alter significantly the central character of the proposal. The Administration's 1993 proposal includes explicit limits to'dissemination of obtained information within the goverrment, penalties for violations including punitive damages, and reporting requirements. These provisions are positive changes from the legislation put forward in previous years, but they do not save the proposal from its intrinsic flaws. Therefore, the reasons for our fundamental opposition to the current proposal remain the same: 1) the FBI has not demonstrated a compelling need for access to consumer credit reports; and 2) legislation that implicates civil liberties should be addressed separately and not as part of the authorization process. There are only two instances in which Congress has authorized the FBI, in counterintelligence investigations, to obtain information about individuals pursuant to a national security letter but without a subpoena, search warrant or court order. First, the Electronic Communications Privacy Act (ECPA) of 1986 included a provision requiring common carriers to disclose subscriber information and long distance toll records to the FBI in response to a national security letter. Second, congress included in the 1987 Intelligence Authorization Act an amendment to the Right to Financial Privacy Act (RFPA) that requires banks to provide customer records to the FBI in response to a similar letter. In that case, the FBI presented to Congress its case for obtaining financial records in foreign counter- intelligence cases and the difficulty of obtaining those records without a court order. in both instances when congress has previously authorized the national security letter, Congress recognized that the procedure departs dramatically from the procedure necessary to obtain a court order. The FBI's current proposal seeks similar access to individuals' credit records held by consumer reporting companies. The FBI has yet to adequately justify its need to add such highly personal, sensitive information to the narrow category of records subject to the national security letter exemption. The Bureau claims obtaining credit reports will allow it to more easily determine where a subject of an investigation banks -- information the FBI claims will help them effectuate their ability to access bank records under the RFPA. We opposed the national security letter exemption in the RFPA and do not endorse the FBI's slippery slope approach to ensuring that they can more easily obtain financial information in foreign counterintelligence cases. This information can be and is routinely gained without credit reports. We do not believe convenience is a sufficient justification for this significant exception to the law. The FBI further argues that obtaining banking information through a credit report is preferred because it is actually leas intrusive than those investigative methods that would otherwise be used. While we too are frustrated that other information- gathering techniques are frequently too intrusive, our objections to the other techniques do not lead us to endorse yet another technique that is also intrusive and that weakens existing privacy law. Finally, we object to using the authorization process as the vehicle for pursuing this change. The national security latter exemption, because it diminishes the due process and privacy protections for individuals, must be given the most careful consideration. The FBI's proposal should be introduced as separate legislation on which public hearings can be held. only in this way can the Committee test thoroughly the FBI's case for the exemption and hear from witnesses who object to the change. We urge you to reject the FBI's proposal in its current form. We are available to work with you on this issue. Sincerely, Janiori Goldman Michelle Meier Privacy and Technology Project Consumers Union American civil Liberties Union Marc Rotenberg Evan Hendricks Computer Professionals for U.S. Privacy Council Social Responsibility cc: Members, Senate Select Committee on Intelligence The Honorable George J. Mitchell Senate Majority Leader The Honorable Donald W. Riegle, Jr., Chairman Senate Committee on Banking, Housing and Urban Affairs The Honorable Patrick J. Leahy, Chairman Subcommittee on Technology and the Law ------------------------------ Date: Mon, 26 Jul 93 11:21:21 EDT From: Paul Higgins Subject: Call for papers: Computer Network Use and Abuse Conference CALL FOR PAPERS The National Conference of Lawyers and Scientists (NCLS) invites proposals for original papers to be presented at a two-and-a- half-day invitational conference on "Legal, Ethical, and Technological Aspects of Computer and Network Use and Abuse." The conference, which will include 40 participants representing a diverse set of perspectives and areas of expertise, will be held in southern California in mid-December 1993. Up to three successful applicants will receive travel expenses and room and board at the conference. Papers will be included in the conference proceedings and may be published subsequently in a book or journal symposium. The conference will focus on the ways in which the law, ethics, and technology can contribute to influencing and enforcing the bounds of acceptable behavior and fostering the development of positive human values in a shared computer environment. Primary attention will be on unwanted intrusions into computer software or networks, including unauthorized entry and dissemination of viruses through networks or shared disks. Discussions will deal with such issues as access to information, privacy, security, and equity; the role of computer users, academic institutions, industry, professional societies, government, and the law in defining and maintaining legal and ethical standards for the use of computer networks; and a policy agenda for implementing these standards. Papers are invited on any aspect of the conference theme. Especially welcome would be papers reporting on empirical research, surveys of computer users, and case studies (other than those that are already well-known). Interested persons should submit a summary or outline of no more than 500 words, together with a brief (one-page) resum and a statement (also brief) of how one's expertise or perspective might contribute to the meeting. Proposals will be reviewed by an advisory committee convened by NCLS and successful applicants will be asked to prepare papers for the meeting. Papers must be the original work of the author, not previously published, in good academic form, and between about 5,000 and 8,000 words (25-30 double-spaced pages) in length. Deadline for receipt of proposals is 5 p.m. Eastern Time, September 15, 1993. Applicants who are selected to prepare papers will be informed by October 1, 1993. Draft papers will be due December 3, 1993. Final versions of the papers, revised in light of conference discussions, will be due approximately two months after the conference. NCLS is an organization sponsored jointly by the American Association for the Advancement of Science and the American Bar Association, dedicated to improving communication between members of the legal and scientific/technical professions and exploring issues at the intersection of law, science, and technology. Funding for this meeting has been provided by the Program on Ethics and Values Studies of the National Science Foundation. For further information please contact Deborah Runkle, Directorate for Science & Policy Programs, American Association for the Advancement of Science, 1333 H Street, NW, Washington, DC 20005. Phone: 202-326-6600. Fax: 202-289-4950. E-mail: values@gwuvm.gwu.edu. ------------------------------ End of Computer Privacy Digest V3 #003 ******************************