The following document is from the PRIVACY Forum Archive at Vortex Technology, Woodland Hills, California, U.S.A. For direct web access to the PRIVACY Forum and PRIVACY Forum Radio, including detailed information, archives, keyword searching, and related facilities, please visit the PRIVACY Forum via the web URL: http://www.vortex.com ----------------------------------------------------------------------- PRIVACY Forum Digest Tuesday, 20 September 1994 Volume 03 : Issue 17 Moderated by Lauren Weinstein (lauren@vortex.com) Vortex Technology, Woodland Hills, CA, U.S.A. ===== PRIVACY FORUM ===== The PRIVACY Forum digest is supported in part by the ACM Committee on Computers and Public Policy. CONTENTS PRIVACY Forum materials now available via WWW (Lauren Weinstein; PRIVACY Forum Moderator) Electronic signatures (Bill Hensley) Access surveillance (Diane Henderson) Some privacy notes (Phil Agre) Database Marketing (Mark Stalzer) ACTION: Fight US bills: SB 2375 & HR 4922 (Shabbir J. Safdar) Patient Privacy at Risk (FWD) (David Banisar) *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The Internet PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. ALL submissions should be addressed to "privacy@vortex.com" and must have RELEVANT "Subject:" lines; submissions without appropriate and relevant "Subject:" lines may be ignored. Excessive "signatures" on submissions are subject to editing. Subscriptions are by an automatic "listserv" system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@vortex.com". Mailing list problems should be reported to "list-maint@vortex.com". All submissions included in this digest represent the views of the individual authors and all submissions will be considered to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "ftp.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the listserv system. Please follow the instructions above for getting the listserv "help" information, which includes details regarding the "index" and "get" listserv commands, which are used to access the PRIVACY Forum archive. All PRIVACY Forum materials are available through the Internet Gopher system via a gopher server on site "gopher.vortex.com". Access to PRIVACY Forum materials is also available through the Internet World Wide Web (WWW) via the Vortex Technology WWW home page at the URL: "http://www.vortex.com/". For information regarding the availability of this digest via FAX, please send an inquiry to privacy-fax@vortex.com, call (818) 225-2800, or FAX to (818) 225-7203. ----------------------------------------------------------------------------- VOLUME 03, ISSUE 17 Quote for the day: "There's going to be a fire!" -- Young boy watching fire truck go by. "Fahrenheit 451" (1966) ---------------------------------------------------------------------- Date: Tue, 20 Sep 94 23:37 PDT From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: PRIVACY Forum materials now available via WWW Greetings. I'm pleased to announce that all PRIVACY Forum materials are now available via the Internet World Wide Web (WWW). This includes the introductory information writeup file and all archive materials, including papers, all back issues of the digest, and other files. Egads, there even seems to be a picture of the moderator in the information file--how the blazes did that get in there? WWW access to the PRIVACY Forum materials (along with other eclectic topics) is via the Vortex Technology home page at the URL: http://www.vortex.com/ --Lauren-- ------------------------------ Date: Sun, 4 Sep 94 00:10:30 -0500 From: bhensley@ocdis01.tinker.af.mil (Contractor Bill Hensley) Subject: Electronic signatures Am item I thought might be of interest to readers of both the Privacy and Risks forums. Apologies in advance to dual subscribers who get it twice. At a local store called Service Merchanise today, my wife and I bought a new watch band with our trusty AX card. The clerk brought it to us to sign on a nifty pad with attached pen. She *dropped* it on the counter, it landed upside down, and the the nifty pad had an FCC Class A sticker on it. Turns out that when you sign the two-part credit card form, you also get your signature recorded "for our records", as the clerk explained. No, it was not stored, she said, but it was sent to HQ. We signed the credit card form without using the nifty pad. Why get worked up about this? There is RISK in compromise of your signature, I would imagine. I also feel that this is a classic case of someone collecting and storing information about us that there is really no reason for them to collect. Are they planning to create a way to compare the digitized signatures to credit card signers in real time? Why not wait a few years for crypo-based signatures? Of course, this does not even address Service collecting this information on the sly (I think that might be for a posting to a business ethics forum... :). Regards, Bill Hensley TRW Military Electronics and Avionics Division bhensley@ocdis01.tinker.af.mil bhensley@oceo.trw.com Usual disclaimers: Not TRW's opinion, etc. ------------------------------ Date: Tue, 6 Sep 1994 07:27:58 -0400 From: Subject: Access surveillance I hope some members of the list will be able to give us assistance on this question. We would like to find examples of institutional policies relating to privacy/confidentiality issues with respect to electronic (transaction) records created by the use of building access cards which contain personal ID on their magnetic strip. This seems to be a topic which has not received much attention in the literature. We are also interested in examples of institutional policies dealing with privacy issues related to other aspects of electronic surveillance especially dealing with transaction records. If your institution has such policies, we would appreciate receiving a copy or information on how we could get a copy. PLEASE REPLY TO ME NOT THE LIST (I am not a current subscriber). Thanks, Diane Henderson Diane Henderson Faculty of Information Studies University of Toronto 140 St. George St. Toronto, Ont. Canada M5S lAl Phone (416) 978-7071 Fax (416) 978-5762 hender@fis.utoronto.ca [ This topic is of general interest to PRIVACY Forum as well. I'd appreciate it if persons responding to this item also send copies to the Forum. -- MODERATOR ] ------------------------------ Date: Mon, 5 Sep 1994 18:37:31 -0700 From: Phil Agre Subject: Some privacy notes [ From RISKS DIGEST 16.39 -- MODERATOR ] The September issue of *Smithsonian* magazine includes a long article on "ubiquitous computing" research at Xerox, with some attention to the moral issues relating to tracking and monitoring. The 5 Sep 1994 issue of *Business Week* has a cover story on database marketing. Like most *Business Week* cover stories it's a superficial rehash of items you might have seen elsewhere. But it might be useful as a summary. Finally, here is a wonderful quotation from a much longer article by Edwin McDowell, ``The scrambling is on for off-season tourism'' (*The New York Times*, 5 Sep 1994, business section, pp. 17-18) on off-season tourism marketing: "Another reason for the growing success of off-season strategies is that "states have become a lot more sophisticated with their data bases", said James V. Cammisa Jr., a travel industry consultant in Miami. "They know where the peaks and valleys in their tourism operations are, and they know how to market the off-season effectively. "Kentucky's data base showed that only 350,000 of the 2.5 million Canadians who drove through the state last year stayed overnight. "Our research showed that 83 percent of them come from January to June, headed for Florida, South Carolina and the beaches of Alabama and Mississippi", said Robert Stewart, the Commissioner of Travel Development for Kentucky. To entice more of them, Kentucky officials will soon hold a press conference in Toronto and Canadians will be offered a card giving them discounts at hotels, restaurants and attractions along three of Kentucky's interstate highways. "Also for the first time, Kentucky is using direct mail to bolster anemic winter occupancy rates in its 15 resort parks that offer overnight accommodations year-round." (page 18) This kind of database marketing is worth thinking about in the context of rapidly advancing proposals for thoroughgoing instrumentation of cars and roads under the rubric of "intelligent vehicle-highway systems", particularly given that most of the marketing organizations mentioned in the article are in fact government agencies using commercial methods for the benefit of private businesses. Phil Agre, UCSD ------------------------------ Date: Tue, 6 Sep 1994 13:44:22 +0800 From: stalzer@macaw.hrl.hac.com Subject: Database Marketing [ From RISKS DIGEST 16.39 -- MODERATOR ] The cover story of the current issue of Business Week (5 Sep 1994), a conservative business magazine (sorry, Phil), is on Database Marketing. The goal of Database Marketing is to build detailed customer profiles so that a company can target advertisements to specific customers for products and services. This approach is highly successful: response rates are double digit as opposed to 2%--3% for junk mail. The data collection process starts with a customer's past purchases. Other sources include surveys, rebate requests, and warranty cards. American Express scans a customer's individual transactions to find patterns and to suggest local places that take the card. Many hospitals sell the names and addresses of families with newborns. The data is then combined with public records, such as drivers' licenses, auto registrations, and property tax rolls. Ohio sold its drivers' license and car registration lists for $375,000 to TRW. What results is a detailed profile of each customer. The computing technology used to mine a database for prospects includes parallel processing and neural networks. Neural nets are trained to look for people likely to buy a product or service given the parameters in the database, e.g., what combination of income level, investment activity, and credit-card spending is most likely to be seen among people who are in the market for mortgages? The net is applied against each profile in a process called "drilling down." This is a compute intensive operation and companies are starting to resort to parallel processing or workstation clusters. Indeed, it's estimated that a large portion of the projected growth in commercial parallel processing, from $400M today to $5B in 98, will be for database marketing applications. When asked about the privacy issues, one marketer responded that the loss of privacy is offset by the convenience to the customer of highly selective advertising. I'll forgo the commentary and simply refer the interested reader to the original source for more details and anecdotes. Mark Stalzer, mas@acm.org [ I have a copy of a recent editorial from a direct marketing industry trade publication. The author of the piece literally characterizes privacy advocates as crazy. He lists a number of examples of database matching for marketing, all of which many readers of this digest would consider to be serious problems, and does his best to make fun of anyone who could possibly consider them to be actual problems. This attitude tends to reinforce the view that self-regulation of direct marketing database operations may be a hopelessly naive idea. -- MODERATOR ] ------------------------------ Date: 11 Sep 1994 23:44:50 -0400 From: shabbir@panix.com (Shabbir J. Safdar) Subject: ACTION: Fight US bills: SB 2375 & HR 4922 ********************************************************** DISTRIBUTE WIDELY (though no later than October 1, 1994) ********************************************************** [If you've only got 2 minutes, skip down to the "What You Can Do" section.] [Washington insiders say the phone calls and faxes (especially to Rep Jack Brooks) are starting to attract significant attention, and many people prophesize that the bill won't even have time to pass this session. Thanks for your efforts!] The FBI's Wiretap bills (also known as the DT - Digital Telephony bills) mandate that *all* communications carriers must provide wiretap-ready equipment so that the FBI can more easily implement their court-ordered wiretaps more easily. The costs of re-engineering all communications equipment will be borne by the government, industry and consumers. The bill is vague and the standards defining "wiretap ready" do not exist. Furthermore, the FBI has yet to make a case which demonstrates that they have been unable to implement a wiretap. There are fewer than 1,000 court ordered surveillances per year. Even if all of them are wiretaps, and even if all of them require the changes mandated by this legisation, are we as a nation prepared to build eavesdropping features into the phones of 250 million people, in order to justify these wiretaps? None of these wiretaps has been demonstrated to be unimplementable, nor has it been proven that the cases could not be made with other methods of electronic surveillance. The Voters Telecomm Watch (VTW) does not believe the FBI has made a compelling case to justify that all Americans give up their privacy. Furthermore, the VTW does not believe the case has been made to justify spending 500 million Federal dollars over the next 4 years to re-engineer equipment to compromise privacy, interfere with telecommunications privacy, and fulfill an unproven government need. WHAT YOU CAN DO =============== You can help stop this legislation before it is too late! Phone/Fax/Write to each of the people below. It should take about two minutes a piece. . Rep. Jack Brooks (his Judiciary Committee must approve the bill before it can be voted upon by the full House) DC Phone: (202) 225-6565, TX Phone: (409) 839-2508 DC Fax: (202) 225-1584 Also try Judiciary Comm. fax at (202) 225-3951 US Mail: RHOB 2449, Washington DC 20515 . Senator Patrick Leahy (the Senate sponsor of the bill) DC Phone: (202) 224-4242, VT Phone: (802) 863-2525 DC Fax: (202) 224-3595 US Mail: SR 433, Washington DC 20510 email: senator_leahy@leahy.senate.gov . Rep. Don Edwards (the House sponsor of the bill) DC Phone: (202) 225-3072, CA Phone: (408) 345-1711 DC Fax: (202) 225-9460 US Mail: 2307 RHOB, Washington DC 20515 . Your two Senators . Your Representative Tell them you are opposed to the FBI's Wiretap legislation. Feel free to use the sample communique below: SAMPLE COMMUNIQUE ================= Dear __________, The recent Digital Telephony bills (HR 4922 & SB 2375) disturb me greatly. The FBI has not yet made their case to the public that we need to build wiretap functionality into the telephones of 250 million people to justify wiretaps which have not yet been proven to be difficult to implement. The bills would clearly compromise the privacy of all Americans with no counterbalancing benefit to either law enforcement or the public. The FBI has not demonstrated the need, and the cost is uncalculated, but is known to be at least 500 million tax dollars. Furthermore, the standards are undefined, as are the bodies that would enact these standards. For these reasons, I am opposed to the Digital Telephony bills (HR 4922 & SB 2375). Sincerely, _______________________ If you get a response from your legislator, drop us a note at vtw@vtw.org. We track legislator positions on privacy-related issues such as this one. For more information about the Digital Telephony bills, check the Voters Telecomm Watch gopher site (gopher.panix.com) or contact Steven Cherry, VTW Press Contact at (718) 596-2851 or stc@vtw.org. VTW posts a Digital Telephony FAQ monthly to several Usenet newsgroups including comp.org.cpsr.talk and comp.org.eff.talk. Look for it or contact us at vtw@vtw.org for a copy. [ In general, I am not enthusiastic about the use of "form" letters to try influence legislation. Whether or not they actually have an effect through sheer bulk is of course an issue, but letters which are not immediately characterized as being part of organized campaigns may be more useful regardless of the cause. Persons who are in *favor* of HR 4922 & SB 2375 are of course invited to respond to items such as the one above, right here in PRIVACY Forum. A discussion including all sides of complex issues is always best, but depends on persons with the alternate points of view to come forward. -- MODERATOR ] ------------------------------ Date: Tue, 20 Sep 1994 09:30:07 -0500 From: David Banisar Subject: Patient Privacy at Risk (FWD) Fwd from the Coalition for Patient Rights (CPRMA@aol.com) Alert Patient Privacy at Risk Contact the ACLU The ACLU appears on a list of endorsers of the Wofford/Dodd amendment which amends one of the Senate health care reform bills. Major portions of W/D would have a severely adverse impact on the confidentiality of medical records. Although W/D has been rendered partly obsolete as newer health care reform bills are advanced under new names and new coalitions, many of its principal features remain intact in the new bills. It has become a reference point. It is for this reason that the signature of the ACLU on a list of endorsers of W/D (on a document entitled "Wofford/Dodd Fact Sheet") is so troubling and so damaging. The amendment creates federal standards for the disclosure of personally identifiable health care information and establishes a framework for a national health care data network. On the surface, the goals seem good. Who wouldn't be for establishing strict federal guidelines to ensure privacy where none existed before? For that matter, why not support a data network that would allow a treating physician to have immediate access to all pertinent medical information? Clearly we have to look beyond the advertisement and into the details of the bills for the answers to these questions. For example, in Sec. 508(a) of Mitchell 3 (the bill offered by the Senate majority leader), the "health information network service" is made the agent of the provider. This means that once a third party bureaucratic agency receives the information electronically, it is deemed the same as the health care provider in making decisions about the release of the information. Sensitive medical information, including intimate psychological information, would be available electronically to an increasing number of people legally--not to mention the well-documented risks of illegal access. Among those with enhanced access would be law enforcement officials and government agencies. Even researchers could access personally identifiable health information, if an institutional review board holds that the project is "of sufficient importance to outweigh the intrusion into the privacy of the person who is the subject of the information." The patient has no right to refuse such disclosure even though it includes his or her name. There are many examples of person-identified medical information, including sensitive personal information, that have been shared with health care providers with the expectation of privacy that would now be legally accessible to many third parties. The argument is made that this kind of access already exists, so why not codify it. The logic is faulty. It is true we already have serious problems protecting the privacy of medical records in this country. Legally sanctioning medical access to an ever enlarging list of third parties is not the solution. It will only compound an already serious problem. A compelling argument has been made that the establishment of a national health care data network that requires all providers to disclose information about every patient contact would violate the Fourth Amendment's prohibition of "unreasonable searches and seizures" of the person. Many organizations have raised serious concerns about Wofford/Dodd, including the American Psychiatric Association, the American Psychoanalytic Association, Coalition for Patient Rights, National Organization of Women, and the AIDS Action Council. We hope that the ACLU joins us in support of genuine privacy legislation. We hope that there was an error when it appeared on a short list of supporters of Wofford/Dodd (June 10, 1994) Call your state chapter of the ACLU. It is listed as Civil Liberties Union of (your state) in the white pages. Let them know of your concern.If possible, also fax Laura Murphy Lee at the ACLU in Washington (202-546-0738) and let her know your concern regarding the position of the ACLU in supporting W/D. This alert is provided by the Coalition for Patient Rights, Massachusetts (617, 433-0114). ------------------------------ End of PRIVACY Forum Digest 03.17 ************************