The following document is from the PRIVACY Forum Archive at Vortex Technology, Woodland Hills, California, U.S.A. For direct web access to the PRIVACY Forum and PRIVACY Forum Radio, including detailed information, archives, keyword searching, and related facilities, please visit the PRIVACY Forum via the web URL: http://www.vortex.com ----------------------------------------------------------------------- PRIVACY Forum Digest Monday, 8 September 1997 Volume 06 : Issue 12 Moderated by Lauren Weinstein (lauren@vortex.com) Vortex Technology, Woodland Hills, CA, U.S.A. ===== PRIVACY FORUM ===== ------------------------------------------------------------------- The PRIVACY Forum is supported in part by the ACM (Association for Computing Machinery) Committee on Computers and Public Policy, "internetMCI" (a service of the Data Services Division of MCI Telecommunications Corporation), and Cisco Systems, Inc. - - - These organizations do not operate or control the PRIVACY Forum in any manner, and their support does not imply agreement on their part with nor responsibility for any materials posted on or related to the PRIVACY Forum. ------------------------------------------------------------------- CONTENTS Backlash to the Death of Princess Diana? (Lauren Weinstein; PRIVACY Forum Moderator) U-Haul/Credit Cards/Social Security Numbers (M. L. Sproul) EPIC Opposes EHI / Experian (Dave Banisar) Electronic National ID card project in South Korea (Ko Youngkyong) Chip-Based ID: Promise and Peril (Roger Clarke) Amended Complaint Filed in Cleveland Crypto Suit (Peter D. Junger) *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The Internet PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. All submissions should be addressed to "privacy@vortex.com" and must have RELEVANT "Subject:" lines; submissions without appropriate and relevant "Subject:" lines may be ignored. Excessive "signatures" on submissions are subject to editing. Subscriptions are by an automatic list handling system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@vortex.com". Mailing list problems should be reported to "list-maint@vortex.com". All messages included in this digest represent the views of their individual authors and all messages submitted must be appropriate to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "ftp.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the list handling system. Please follow the instructions above for getting the "help" information, which includes details regarding the "index" and "get" commands, which are used to access the PRIVACY Forum archive via the list handling system. All PRIVACY Forum materials are available through the Internet Gopher system via a gopher server on site "gopher.vortex.com". Access to PRIVACY Forum materials is also available through the Internet World Wide Web (WWW) via the Vortex Technology WWW server at the URL: "http://www.vortex.com"; full keyword searching of all PRIVACY Forum files is available via WWW access. ----------------------------------------------------------------------------- VOLUME 06, ISSUE 12 Quote for the day: "And remember my sentimental friend, that a heart is not judged by how much you love, but by how much you are loved by others." -- The Wizard (Frank Morgan) "The Wizard of Oz" (MGM; 1939) ---------------------------------------------------------------------- Date: Sun, 7 Sep 97 22:10 PDT From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: Backlash to the Death of Princess Diana? Greetings. First, my personal condolences to our British readers and the rest of the readership, over the untimely death of Diana, Princess of Wales. Sometimes horrible events like this tend to highlight problems in society of which we're all aware, but that we usually ignore in our everyday lives. In this case, within hours of the accident, politicians and others in Britain, and elsewhere, were publicly calling for new "privacy" laws to help protect public figures from "overenthusiastic" photographers. The behavior of the hardcore "paparazzi" is often deplorable, to be sure. The extent to which they might have contributed to this accident, as opposed to other causative factors, is decidedly unclear at this time, so rushes to judgement from any point of view must be considered unwise. And the same holds true for rushes to new laws inspired by this event that sound to be more "press restriction" legislation than real "privacy" laws. The risks of such legislation interfering with the legitimate investigative needs of journalists, particularly when dealing with political figures, seems very great, unless such laws are extremely carefully crafted. In the U.S. (including right here in Los Angeles), legislators are also now calling for such new laws. Whether such legislation will be able to pass constitutional muster is an open question. But one thing seems very clear--legislation hurriedly introduced in a "kneejerk" reaction to dramatic events is almost always highly problematical, and often does more harm than good. This points up a serious risk for the future. Those in this country who feel that the "Freedom of Speech" 1st Amendment to the U.S. Constitution provides inviolate protection should consider that even the original Constitution and its amendments can be (and have been) changed--that's exactly what the amendments do, of course. The 1st Amendment could potentially be altered with a set of "special circumstances" where it would no longer be applicable. Such a move might not be as unlikely as some might think. Imagine the political climate that could result after an event of the sort which just occurred in Britain, or some mass disaster or terrorist action, where the press, other media, or even the Internet were implicated as being in the communications path that led to the event. The desire to "shoot the messenger" in such a case could be overwhelming, and combined with public emotion, all manner of unwise legislation, up to and including kneejerk modifications of the Constitution, could be conceivable. So from a societal standpoint, it might be wise to look upon the events of the last week, and the public reactions to them, as a reminder of the great extent that our legislative systems, and our lives which are so intertwined with them, can be impacted by singular events of tragic intensity. --Lauren-- Moderator, PRIVACY Forum www.vortex.com ------------------------------ Date: Wed, 13 Aug 1997 21:38:55 -0500 From: MSproul Subject: U-Haul/Credit Cards/Social Security Numbers Today I went to the local U-Haul to rent a small trailer to move a lawn tractor. In the course of filling out the rental agreement I was asked for my drivers license then asked for my social security number which I refused to give. (Texas does not have SSN on the driver's license) The agent then asked for a credit card, which I was planning to use to charge the rental. During the subsequent discussion the agent told me that since the Oklahoma bombing if they don't get a SSN they are required to to get a credit card number as a second form of identification. They can then get the SSN from the credit card issuer. Questions: Is this for real? How wide spread is this? What does U-Haul do with your SSN? How difficult is it for someone (company) to get your SSN when you use your credit card? M. L. Sproul Amarillo, TX [ Under current law, your SSN is part of what's called "credit header" data, and is (no longer) protected under the FCRA (Fair Credit Reporting Act). This means that for all intents and purposes, your SSN is public information. -- MODERATOR ] ------------------------------ Date: Fri, 29 Aug 1997 16:30:13 -0400 From: Dave Banisar Subject: EPIC Opposes EHI / Experian Press Release August 29, 1997 The Electronic Privacy Information Center said today that Experian has misled consumers and ISPs about a new on-line service that will likely increase the amount of SPAM that Internet users receive. In an August 21, 1997 press release Experian claims that "EHI's program as been reviewed by the Electronic Privacy Information Center (EPIC) and the Center for Democracy and Technology (CDT). Both organizations approve of the program's respect for consumer privacy." Contrary to Experian claims, EPIC conducted no formal review of the program, did not approve of the program's practices, and did not consent to the use of EPIC's name in Experian's promotional statements. At a metting in Washington earlier this year, Experian's Ian Oxman was told repeatedely that EPIC would not and could not endorse this program. When word got out that Experian intended to include EPIC's name in the EHI press release, Mr. Oxman was instructed by an email to remove EPIC's name. Marc Rotenberg, director of EPIC, said that "the EHI program fails to uphold basic fair information practices. There is no opportunity for users to correct or inspect their data, nor is there any effort to control secondary use. EHI offers one model for controlling SPAM, but it is hardly ideal." "We are particularly concerned that ISP's would get into the business tracking preferences and sending SPAM to their own customers. The privacy implications are staggering." "We are also less than overwhelmed by Experian's recent success with on-line database management." "We urge ISPs that are want to maintain user trust and show support for consumer privacy not to back the EHI effort," Rotenberg said. - END - ------------------------------ Date: Thu, 04 Sep 1997 05:28:36 +0900 From: Ko Youngkyong Subject: Electronic National ID card project in South Korea Electronic National ID Card Project and Privacy of People in South Korea The era of electronic surveillance system is coming to Korea. Korean government is planning to adopt electronic id system (electronic citizen card system). With this plan, all the information of people would be processed through a huge computer network and the government would have a full access to those information. This privilege would enable the government to censor and to restrict every bit of people's lives. Big Brother may appear in Korea first time in the world. And this depressing scenario may come true just in one year. Many social organizations are actively working to stop this system which dangerously threatens privacy of people. Your interest and active participation in this effort is needed. What is electronic citizen card? Electronic Citizen Card (official name- Citizen Card) is an IC type electronic id card. The card will function as driver's license, medical card, and social security card. On its IC chip, about 40 different kinds of information will be recorded. In the future, the government is planning to combine it with credit cards and other all IC type cards such as key cards and traffic cards. In addition, a huge computer network will be built as well. All the private information, which used to be taken care by different sources, will be combined and taken care by the government. The concentration and centralization of all private information are the core purposes of this new system. The government is pushing the plan through Congress rather fiercely. The cards will be issued starting next April in selected areas and the rest of Koreans will be required to have one by 1999. And no one will be able to decide whether he/she will have the card or not because, without it, no one would be able to drive, get medical service, or identify oneself when approached by police. The government is asserting that this new system is to adopt to the information era of 21st century. But there is a lot of doubts why the Korean government wants to start with digitalization of private information. Possible Problems Violating Privacy Due to leakage of private information Dispersed information system is the most ideal in protecting private information. With the new system, all different networks will be connected to each other and thus will increase the chance of information leakage when the private information get concentrated and centralized under one system. Especially, the concentration of information on wealth, credit, and military will drastically increase danger of leakage. There is no one who believes that such system is safe from possible cracking. It is impossible to avoid a chance of information leakage caused by mishandling or conspiracy of government workers. And if such leakage happens, the possible damage would be detrimental. The Korean government is gambling with the privacy of its people. Censorship and Restriction by the Government With the system, a chance of possible censorship and restriction by the government will increase. Since the government will take care of the personal information, KCIA, police, and other government agencies will have easier access to the people. It is already a known fact that KCIA has secret files on personal information and this new system will facilitate their information gathering process even more. The Korean government is known for its past history of violation on human rights. The electronic citizen card system will enforce the power of governement over its people. Privacy in Korea In protecting privacy of people, Korea is one of the worst places in the world. There are many factors which puts people's privacy in danger. First, everyone is currently required to acquire and to carry citizen cards. If one is approached by a police and asked for the card, one must be able to show it to him/her, otherwise, the police has a right to arrest the person. Second, each individual is issued an id number and being treated as a number by the government. This number is a combination of birthdate, birthplace, and sex.(i.e. 720309-********) The number works as an important access code for one's private information since all the information is reported and gathered under this number. There is no real difference between this id number system and the bar code system of merchandise items. It is known in the first world countries that finger prints are used only to identify criminals or foreigners. But in Korea, everyone over 17 is required to get and to report the finger prints. The government is making excuses that this system is essential in protecting people from crimes and identifying victims in accidents. Nonetheless, this citizen registration system was started to sort out spies and gives impression that the government is treating every citizen as a possible criminal on the first place. The Korean government already has a great deal of private information its hands. The government tend to open up little public information, but on the other hand, the people are required to report 141 different information to the government periodically. In addition, more private information is being gathered by the police and KCIA. The current citizen registration system is extremely powerful and dangerous system violating many aspects of human rights. Citizen Registration Cards, ID number, and finger print system must be revised. Nevertheless, the government is going to enforce the system with this electronic system which will combine and concentrate the private information. There is no doubt that the new system will worsen the human rights conditions in Korea. Electronic Citizen Cards system will transform Korea into an electronic prison. Many Korean organizations are leading a harsh fight to stop this injustice. We request your participation and support in our efforts. Korean NGO Task Force against Electronic National ID Card Tel : +82-02-879-0871 FAX : +82-02-874-2935 E-mail: frontist@member.sing-kr.org WWW: http://kpd.sing-kr.org/idcard/main-e.html ------------------------------ Date: Sat, 6 Sep 1997 11:38:22 +1000 From: Roger Clarke Subject: Chip-Based ID: Promise and Peril Chip-Based ID: Promise and Peril Roger Clarke Invited Address to a Workshop on 'Identity cards, with or without microprocessors: Efficiency versus confidentiality', at the International Conference on Privacy, Montreal, 23-26 September 1997 http://www.anu.edu.au/people/Roger.Clarke/DV/IDCards97.html Abstract Multi-purpose identification schemes in general, and national identification schemes in particular, represent the most substantial of information technologies' threats to individual liberties. This is because they concentrate information, and hence power; and because it is simply inevitable that, at some stage, even in the most apparently stable and free nations, power will be exercised against the interests of individuals, and of the public generally. Miniaturised computer processors (chips), mounted in such carriers as 'credit-cards', coins, rings and watches, are an important tool. They are now entering widespread use as a means for identifying inert objects such as goods on a production-line and in a logistics-chain, and living things such as valuable animals. Chips are being proposed as a means of identifying people as well. They present an opportunity to devise and implement highly repressive identification schemes; and many corporations and countries are in the process of harnessing those potentials. Chips also offer great scope for designing schemes that are privacy-sensitive, and that balance privacy interests against other social and economic interests and law and order concerns. Unfortunately, that scope has to date been almost entirely overlooked or ignored. This paper argues that the simplistic approaches being adopted by the proponents of identification schemes are in the process of destroying public confidence, and hence of undermining the intended return on investment. This paper builds on the author's substantial prior research and publications in the area. It reviews the social and political risks involved in identification schemes. It then identifies ways in which chip-cards may be applied to address those risks, and achieve balance between the interests of individuals, on the one hand, and of the society and State, on the other. Privacy-sensitive design options include: - - 'electronic signature cards' rather than 'id cards'; - - no central storage of biometrics; - - two-way device authentication; - - less identity authentication, and more eligibility authentication; - - fewer identified transaction trails, and more anonymity and pseudonymity; - - multiple single-purpose ids, rather than multi-purpose ids; - - separation between zones within multi-function chips; and - - role-ids as well as person-ids. Public concerns about privacy-invasive and repressive applications of information technology must be reflected not only in the designs implemented by scheme operators, but also in policies implemented by governments. It is argued that the focus on 'data protection' that has been adopted during the period 1970-1995 needs to be rapidly matured into a new orientation towards protection of the interests of people. Insensitive application of intrusive information technologies (including consumer and citizen profiling, matching and linkage among personal databases, video-surveillance, intelligent highways, as well as chip-based identification) is resulting in heightened public concern about the exercise of control over individuals by governments and corporations. Failure to appreciate the intensity of public concerns, to adapt to it, and to apply chip technologies in privacy-enhancing ways, will result in further cleavage between people and their institutions. This will result in decreased compliance by people with schemes about which they are justifiably suspicious, and failure of chip-based and related technologies to deliver on their potential. Contents Introduction Human Identification Identification, Anonymity and Pseudonymity The Assault on Anonymity Dataveillance Risks Threats in Chip-Based Schemes Threats in Multi-Purpose Identification Schemes Threats in Chip-Based Multi-Purpose Identification Schemes Public Policy Options for Chip-Based ID Schemes Design Options for Chip-Based ID Schemes Conclusions References to Other People's Works References to the Author's Own Works Roger Clarke http://www.anu.edu.au/people/Roger.Clarke/ http://www.etc.com.au/Xamax/ Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA Tel: +61 6 288 1472, and 288 6916 mailto:Roger.Clarke@anu.edu.au Visiting Fellow, Faculty of Engineering and Information Technology The Australian National University Canberra ACT 0200 AUSTRALIA Information Sciences Building Room 211 Tel: +61 6 249 3666 ------------------------------ Date: Wed, 03 Sep 1997 06:50:46 -0400 From: "Peter D. Junger" Subject: Amended Complaint Filed in Cleveland Crypto Suit Press Release New Complaint Filed in Suit Challenging Constitutionality of Regulations Forbidding Publication of Software on Internet Suit Seeks to Enjoin Enforcement of Regulations on ``Export'' of Encryption Software Programmers Are Entitled to at Least as Much Constitutional Protection as Pornographers, Professor Claims ---------------------------------------------------------------- Cleveland, Ohio, Tuesday, September 2, 1997 For Immediate Release For More Information Contact: Peter D. Junger (216) 368-2535 Gino Scarselli (216) 291-8601 Raymond Vasvari (216) 622-1780 Or see URL: http://samsara.law.cwru.edu/comp_law/jvc/ To be added to, or removed from, the list of those who were sent this press release, please send e-mail to . _________________________________________________________________ Cleveland, Ohio, September 2. -- In the wake of last week's decision in Bernstein v. U.S. Department of State, in which Judge Patel of the federal district court in San Francisco held that the regulations that forbid the publication of encryption software on the Internet or the World Wide Web without a license from the Department of Commerce ``are an unconstitutional prior restraint in violation of the First Amendment'', lawyers for Professor Peter Junger of Case Western Reserve University Law School, in Cleveland, Ohio, filed a an amended complaint in his suit to enjoin the government from enforcing those same regulations. The regulations, which were initially part of the International Traffic in Arms Regulations (``ITAR'') administered by the Department of State and which are now contained in the Export Administration Regulations (``EAR'') administered by the Department of Commerce, originally required one to apply for and obtain a license under the ITAR before disclosing any cryptographic software in any way to ``foreign persons''. Under the EAR, however, one is permitted to export such software in books and other ``hard copy'', but is still required to obtain a license before publishing the same software on the Internet or the World Wide Web or in other electronic form or media. The amended complaint, which names Secretary of Commerce Daley as the primary defendant, simplifies the issues by focusing only on the new version of the regulations that are set out in the EAR. In that complaint Professor Junger, who wishes to publish a number of encryption programs, written by himself and others, on his World Wide Site as part of the materials used in his course in Computing and the Law, seeks not only relief for himself but also a ``preliminary and permanent injunction enjoining the defendants . . . from interpreting, applying and enforcing the encryption software and technology provisions of EAR against any person who desires to disclose or `export' . . . encryption software and technology.'' The complaint alleges that those encryption regulation violate the freedom of speech and of the press that are protected, particularly from prior restraints such as licensing requirements, by the First Amendment to the United States Constitution as has already been held by Judge Patel in the Bernstein case. The question of whether the export regulations on cryptography should be relaxed is being hotly debated in Congress at the present time and the software industry has expended considerable sums lobbying in favor of weakening or abolishing those regulations, claiming that they cause severe damage to the software industry in the United States and that the restriction on the export of cryptographic software written in the United States is leading to the export of programming jobs from the United States to other countries without such regulations. Professor Junger points out, however, that the case involves far more than the effect of the EAR on the writing and publication of cryptograpic programs by the software industry. ``The government's claim is not that the publication of encryption software is not protected by the First Amendment,'' he says. ``Rather its claim is that no publication of software is protected, because software is functional. ``If the government can constitutionally require me to get a license, which I probably can't get, before I publish encryption software, they could require me to get a licencse before I publish any sort of software. And they just might do that it in order to standardize the programs that are available and limit competition in favour of certain selected large companies. They already have provisions that allow IBM or Microsoft to get a license to export fairly strong encryption programs that are not available to me or to any other individual programmer or small enterprise.'' ``What tends to get overlooked,'' Junger adds, ``is that computer programs are not a floppy disk that one sticks into a computer to make it work. Computer programs are written and published by human beings just as, for example, pornography is. The Supreme Court recently held in Reno v. ACLU that the full protection of the First Amendment extends to pornography in cyberspace. I find it hard to believe that programmers are not entitled to at least as much constitutional protection as pornographers.'' Copies of the amended complaint will shortly be available at and . -30- -- Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH EMAIL: junger@samsara.law.cwru.edu URL: http://samsara.law.cwru.edu ------------------------------ End of PRIVACY Forum Digest 06.12 ************************