From privacy@cv.vortex.com Sat Oct 3 01:37:21 1992 Return-Path: Received: from cv.vortex.com by csrc.ncsl.nist.gov (4.1/NIST) id AA09731; Sat, 3 Oct 92 01:36:51 EDT Posted-Date: Fri, 2 Oct 92 21:50 PDT Received-Date: Sat, 3 Oct 92 01:36:51 EDT Received: by cv.vortex.com (Smail3.1.26.7 #2) id m0mb1Rm-0001wGC; Fri, 2 Oct 92 21:50 PDT Message-Id: Date: Fri, 2 Oct 92 21:50 PDT From: privacy@cv.vortex.com (PRIVACY Forum) Subject: PRIVACY Forum Digest V01 #21 To: PRIVACY-Forum-List@cv.vortex.com Status: R PRIVACY Forum Digest Friday, 2 October 1992 Volume 01 : Issue 21 Moderated by Lauren Weinstein (lauren@cv.vortex.com) Vortex Technology, Topanga, CA, U.S.A. ===== PRIVACY FORUM ===== The PRIVACY Forum digest is supported in part by the ACM Committee on Computers and Public Policy. CONTENTS PRIVACY Brief (Moderator--Lauren Weinstein) More on credit reports etc. for sale (Bruce Jones) Genetic Infomation and Privacy (Gary Chapman) Genetic Privacy (cont'd) (Marc Rotenberg) FBI Wiretap Scheme Examined (Nikki Draper) Sacramento, CA privacy conference (Bruce R. Koball) *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. ALL submissions should be addressed to "privacy@cv.vortex.com" and must have RELEVANT "Subject:" lines. Submissions without appropriate and relevant "Subject:" lines may be ignored. Subscriptions are by an automatic "listserv" system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@cv.vortex.com". Mailing list problems should be reported to "list-maint@cv.vortex.com". All submissions included in this digest represent the views of the individual authors and all submissions will be considered to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "cv.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the listserv system. Please follow the instructions above for getting the listserv "help" information, which includes details regarding the "index" and "get" listserv commands, which are used to access the PRIVACY Forum archive. For information regarding the availability of this digest via FAX, please send an inquiry to privacy-fax@cv.vortex.com, call (310) 455-9300, or FAX to (310) 455-2364. ----------------------------------------------------------------------------- VOLUME 01, ISSUE 21 Quote for the day: "No manager ever got fired for buying IBM." -- Old IBM advertising slogan ---------------------------------------------------------------------- PRIVACY Brief (from the Moderator) A recent report via ITN shows that Great Britain is in the process of increasing reliance on automated traffic ticketing systems. These systems automatically take photographs of vehicles declared to have exceeded speed limits, along with recording date, time, speed, and related information. Interestingly, the photos shown were all of the *rear* end of the vehicles, clearly showing the license plates but showing essentially nothing of the driver. One must assume that in Great Britain the issue of who was actually driving the vehicle is not considered relevant. A police spokesman also made a comment to the effect that they get convictions 100% of the time for automated tickets. Great Britain is currently changing their fines for speeding violations to a system based on the driver's income. This can result, for a driver with a good income, in fines up to 900 pounds (or even higher) for speeding only a few miles per hour over the posted limits! Automated ticketing systems have been tried in various areas of the U.S. and are currently deployed in some areas here. Concerns about their reliability and due process have so far limited their widespread deployment in this country. ------------------------------ Date: Mon, 28 Sep 92 09:17:59 -0700 From: bjones@weber.ucsd.edu (Bruce Jones) Subject: More on credit reports etc. for sale Dan Ellis mentions a "Geoffrey Rothvader" as the author of a book on computer access to private records. For those of you who might want to follow up on the book, the correct spelling of his name is Jeffrey Rothfeder, and he is an editor for Business Week magazine. Mr. Rothfeder was interviewed on a WGBH/PBS NOVA special called "We Know Where You Live" (1990) where he talked about getting access to Quayle's records. It should be pointed out that Rothfeder was able to gain access because he is in fact an employee of McGraw Hill (which ownes Business Week) - not that this makes his observations any less chilling. His sound bites on the NOVA special sounded like he was pretty critical of the information "super-bureaus" so his book might be worth reading. According to "melvyl" - the Univ. of Calif library catalog, Roghfeder is also the author of *Minds over Matter* - a book on computers and artificial intelligence. bj ------------------------------ Date: Tue, 29 Sep 1992 09:39:30 -0400 From: "(Gary Chapman)" Subject: Genetic Infomation and Privacy The New York Times reports today (9/29, page C2) that a survey commissioned by the March of Dimes reveals that a majority of the people surveyed do not consider genetic information to be exclusively private. Respondents apparently said, in the majority, that information about potential defects in a person's genetic makeup should be revealed not only to spouses and other family members, but also to insurance companies and employers. The article says that the public appears "extremely optimistic" about the prospects for gene therapy, or the ability to treat genetic disorders with biotechnology. Over 80 per cent of the respondents were enthusiastic about the concept of gene therapy, although the article notes that about 60 per cent admitted they knew nothing about it. A little over 40 per cent of people surveyed said that they would welcome the use of genetic alteration to "improve the physical characteristics that children would inherit," or to improve intelligence. The article mentions that scientists attributed this figure to the widely shared view that intelligence is an inherited trait, although there is little evidence for this view, and no identified gene for intelligence. Fifty-eight per cent of the people interviewed believed that an insurer has a right to know about genetic abnormalities, and 33 per cent believed that an employer has the same right. Only eight states have passed laws that prohibit discrimination against people with abnormal results on a genetic test, and, the article says, most of those are directed only at people with sickle cell anemia. Gary Chapman Coordinator The 21st Century Project Computer Professionals for Social Responsibility Cambridge, Massachusetts chapman@lcs.mit.edu ------------------------------ Date: Wed, 30 Sep 1992 10:47:47 EDT From: Marc Rotenberg Subject: Genetic Privacy (cont'd) This is a short clarification of the message posted yesterday about the March of Dimes survey on genetic privacy. The survey was described in a New York Times article that appeared on September 2, 1992. According to the Times article, 57% of the respondents said that "someone other than a patient had a right to know that the person had a genetic defect." *Of that 57%,* 98% said that a spouse or fiance had a right to know, 58% said an insurer had a right to know, and 33% percent said an employer had a right to know. Of all respondents then, if asked whether someone other than the patient has the right to know about genetic defects, the numbers would be as follows: "Right to know about genetic defects?" Yes No Spouse/fiance 56 44 Employer 33 67 Insurer 19 81 These numbers do not appear to support the article's conclusion that the majority of Americans support widespread access to genetic information. I contacted the Lou Harris organization this morning. We should have a copy of the complete poll results later this week. Marc Rotenberg CPSR Washington office rotenberg@washofc.cpsr.org ------------------------------ Date: Wed, 30 Sep 1992 17:05:06 PDT From: "(Nikki Draper)" Subject: FBI Wiretap Scheme Examined FOR IMMEDIATE RELEASE Contact: Nikki Draper (415) 322-3778 Computer Public Advocacy Group To Examine FBI Wiretap Scheme at October Annual Meeting. Palo Alto, Calif., October 1, 1992 -- Computer Professionals for Social Responsibility (CPSR), the national public interest organization based here, will take an in-depth look at its recent suit against the Federal Bureau of Investigation (FBI) during CPSR's 1992 Annual Meeting, October 17th and 18th at Stanford University in Palo Alto, Calif. CPSR Legal Counsel, David Sobel, will talk about the FBI suit for the first time since it was filed and moderate a panel discussion on the politics of cryptography at the annual meeting. The CPSR annual meeting is a provactive two-day conference that addresses critical issues facing society as a result of information technology. CPSR filed suit against the FBI in September, after the Bureau failed to make public documents that would justify the need for its new wiretap proposal. The FBI proposal would redesign the telephone network to make wiretapping easier. Recognizing the importance of cryptography policy, CPSR catalyzed a national debate earlier this year, as to whether or not the FBI and National Security Agency (NSA) should be involved in setting the technical standards for the computer and communications industry. The panel discussion will include a screening and discussion of film clips from the movie, Sneakers. Panelists include, Joan Feigenbaum, Technical Staff, Computing Principles Research, ATT Bell Labs, John Gilmore, founder of Cygnus Support, and Dave Banisar, CPSR Policy Analyst. CPSR's annual meeting will bring together computer scientists from across the country to examine the relationship between politics and technology. Other topics include: * Teledemocracy & Citizen Participation: Beyond the Electronic Town Meeting, This session is an election year look at the dangers and the opportunites of electronic democracy. Speaker, Susan G. Hadden, professor in the LBJ School of Public Affairs, University of Texas at Austin, an expert on telecommunications and citizen participation. * Everything's Digital! Media Convergence: Hope, Hype or Hell? This session examines the social implications of multimedia convergence which is the merging of computer, telephone, and video technology. Panel discussion with David Bunnell, Editor, New Media, Denise Caruso, Editor, Digital Media, and Howard Rheingold, Whole Earth Review * Envisioning Technology Policy in a Democratic Society; A panel of technologists looks at the development of American technology policy. Panelists include, Gary Chapman, The 21st Century Project, Judy Stern, CPSR/Berkeley, Claire Zvanski, SEIU Local 790. President of Interval Research, Dave Liddle, will be the keynote speaker at CPSR's awards banquet Saturday evening. Liddle will be speaking on the Computing in the 21st Century. IBM researcher, Barbara Simons will be presented with the 1992 Norbert Wiener Award for Social and Professional Responsibility in Computing. Founded in 1981, CPSR is a national, non-profit, public interest organization of computer scientists and other professionals concerned with the impact of computer technology on society. With offices in Washington, D.C. and Boston, CPSR's members provide the public and policy makers with expert testimony and assessments on the power, promise, and limitations of computer technology. For more information about CPSR call 415-322-3778 or send email to cpsr@csli.stanford.edu. ------------------------------ Date: Wed, 30 Sep 1992 16:42:12 -0700 From: Bruce R Koball Subject: Sacramento, CA privacy conference. Privacy in the Information Age: Balancing the Right to Privacy and the Right of Access Sponsored by Government Technology Magazine, Sacramento, California Produced by Government Technology Conference, Sacramento and Riley Information Services Inc., Toronto, Canada This one day conference and training session will be held at the Sacramento Convention Centre on November 16th, 1992. The conference will deal with many of the seminal privacy issues facing society today. It will address subjects and issues of importance to both the public and private sectors. An array of privacy experts and professional from the public and private sectors in California and from Washington, D.C. and Canada will gather to debate the issues driving privacy today and offer possible solutions. The sessions will be interactive with discussion and questions from the audience urged. Following is a short synopsis of the topics and speakers for the one day agenda. Opening Session: 8:30am The State of Privacy in California Today: Speaker: A. A. Pierce, Undersecretary, Business, Transportation and Housing Agency, State of California Keynote Address: A New Privacy Balance for the 90s: What the Public Wants, What a Free Society Needs. Speaker: Alan F. Westin, Professor of Public Law and Government, Columbia University and author of Privacy and Freedom. Professor Westin will discuss recent survey data on privacy concerns of citizens and analyze the recent public attitudes to privacy as seen in relation to the forces of developing technology and society's demands for wider openness. How will all these competing demands be met so all social needs are satisfied? Panel: What are the Dangers of Eroding Privacy? The debate goes on as to what extent should there be privacy regulation in our society. If we are to do this comprehensively how will we accomplish this goal? But do we really need extensive regulation or any at all? This will be a point/counterpoint session between Professor Goeroge Trubow of John Marshall Law School in Chicago and Jim Warren, Founder of Computer, Freedoms and Privacy Conferences and Columnist for MicroTimes Panel: Balancing the Right of Acccess and the Right to Privacy. Freedom of Information laws endow on the citizen the basic right of access to government information, the right to know what it's government is doing and why. But there is also the right to protect the privacy of the individual, creating competing interests. Speakers: Ronald L. Plesser, lawyer, Piper and Marbury, Washington, D.C. and former General Counsel, US Privacy Commission. Webster Guillory, Chairman, National Organization of Black County Officials Peter Gillis, Director, Information Management Practices, Treasury Board Secretariat, Federal Government of Canada Panel: Privacy and Fair Information Practices: Practical Guidelines Professor George Trubow and privacy expert Thomas B. Riley, Toronto, Canada, will present actual Guidelines that can be used in the workplace whether it be the public or private sector. Luncheon Address: Dr. Ann Cavoukian, Assistant Commissioner/Privacy, Office of the Information and Privacy Commissioner/Ontario, Toronto, Ontario, Canada "Investigating Privacy Complaints: A Canadian Experience." In Canada there exists the Office of Privacy Commissioner which not only takes complaints and appeals from the public in their dealings with the Privacy Act but serves to act as an important forum to identify key privacy issues? What can be learned from this experience? Panel: Privacy, Security and Electronic Records: What are the Ground Rules While security is a central issue in protecting privacy, there is also the question of what constitutes an electronic record? There is much regulatory confusion on this subject and speakers will work to address the complex matrix. Speakers: Joseph Pujals, State Information Security Manager, Department of Finance, CA Robert Gellman, Chief Counsel, House of Representatives Subcommittee on Information, Washington, D.C. Panel: Data Matching and Tracking of Files: What are the Privacy Rights? How Far Should we Go? Should data matching and tracking be allowed? What is the greater good or is there an important compromise? What are specific examples of such practices and how are they being handled? Speakers: Evan Hendricks, Publisher, Privacy Times, Washington, D.C. Kathleen M. Lucas, Plaintiff Counsel for Barbara Luck - Luck vs. Southern Pacific, San Francisco Chris Hibbert, Manager, Software Development Xanadu Corporation and member, Computer Professionals for Social Responsibility. Panel: Privacy and Electronic Networks: Caller ID and Telemarketing. Junk mail, junk fax, telemarketing, caller ID. Do you want it? Do you need it? If not-what can you do about it? Speakers: Ken McEldowney, Executive Director, Consumer Action, San Francisco Evelyn Pine, Executive Director, Computer Professionals for Social Responsibility Beth Givens, Project Director, Centre for Public Interest Law, University of California, San Diego John Schweizer, Manager, Consumer Affairs, Pacific Bell Closing remarks at 4:45pm will be delivered by Tom Riley who will offer a synthesis of issues presented for the day and a prognosis for the future. Conference Cost: $199. To register for the conference or to obtain a promotional brochure with fuller information please phone: Deborah Furlow, Government Technology Conference, Sacramento, CA, (916)363-5000. ------------------------------ End of PRIVACY Forum Digest 01.21 ************************