PRIVACY Forum Digest Monday, 14 October 1996 Volume 05 : Issue 19 Moderated by Lauren Weinstein (lauren@vortex.com) Vortex Technology, Woodland Hills, CA, U.S.A. ===== PRIVACY FORUM ===== ------------------------------------------------------------------- The PRIVACY Forum is supported in part by the ACM (Association for Computing Machinery) Committee on Computers and Public Policy, "internetMCI" (a service of the Data Services Division of MCI Telecommunications Corporation), and Cisco Systems, Inc. - - - These organizations do not operate or control the PRIVACY Forum in any manner, and their support does not imply agreement on their part with nor responsibility for any materials posted on or related to the PRIVACY Forum. ------------------------------------------------------------------- CONTENTS "Caller-ID" Interview now available on PRIVACY Forum Radio (Lauren Weinstein; PRIVACY Forum Moderator) More Personal Information Databases (Lauren Weinstein; PRIVACY Forum Moderator) Re: Blood and Privacy? (John R. Levine) FedEx monitoring of cellular phone call locations (Bernard Glassman) Unclear on the Concept -- Opinions (Peter Langston) Re: CUC; PrivacyGuard (Joseph S Fulda) Canadian proposal for tracking of non-convicts (Phil Agre) Fingerprints? (Bruce Jones) Disney World Past Guest Search (Phil Agre) White House Releases New Clipper Proposal (Marc Rotenberg) Possible information scam (Phil Agre) National ID Card Web Pages (Dave Banisar) CFP: NPS issue on Cyberspace CFP: 7th Conference on COMPUTERS, FREEDOM & PRIVACY (3/11-14/97) (Jim Warren) *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The Internet PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. All submissions should be addressed to "privacy@vortex.com" and must have RELEVANT "Subject:" lines; submissions without appropriate and relevant "Subject:" lines may be ignored. Excessive "signatures" on submissions are subject to editing. Subscriptions are by an automatic "listserv" system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@vortex.com". Mailing list problems should be reported to "list-maint@vortex.com". All messages included in this digest represent the views of their individual authors and all messages submitted must be appropriate to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "ftp.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the listserv system. Please follow the instructions above for getting the listserv "help" information, which includes details regarding the "index" and "get" listserv commands, which are used to access the PRIVACY Forum archive. All PRIVACY Forum materials are available through the Internet Gopher system via a gopher server on site "gopher.vortex.com". Access to PRIVACY Forum materials is also available through the Internet World Wide Web (WWW) via the Vortex Technology WWW server at the URL: "http://www.vortex.com"; full keyword searching of all PRIVACY Forum files is available via WWW access. ----------------------------------------------------------------------------- VOLUME 05, ISSUE 19 Quote for the day: "I want... I want... I want everything I've ever seen in the movies!" -- Leo Bloom (Gene Wilder) "The Producers" (Crossbow / Avco Embassy; 1968) ---------------------------------------------------------------------- Date: Mon, 14 Oct 96 12:25 PDT From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: "Caller-ID" Interview now available on PRIVACY Forum Radio Greetings. An interview with Beth Givens of San Diego's "Privacy Rights Clearinghouse" is now available for playback via PRIVACY Forum Radio. During this approximately 20 minute program, Beth and I discuss the history, current status, and future of the controversial telephone "Caller-ID" services. To access, simply follow the links through the PRIVACY Forum to PRIVACY Forum Radio via: http://www.vortex.com I hope you find the interview interesting. Thanks much. --Lauren-- ------------------------------ Date: Mon, 14 Oct 96 13:27 PDT From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: More Personal Information Databases Greetings. As you probably have seen over the last few weeks, the topic of personal information databases has rather suddenly become a "hot topic" in the mainstream media, propelled partially by the Lexis-Nexis "P-TRAK" controversy. The Federal Trade Commission is reportedly considering placing Social Security Numbers (SSN) and some other related data back into the "protected" status of the Fair Credit Reporting Act [FCRA] (that is, removing SSN from the "publicly available" credit header category). There are also reports that Congressional efforts that were on track to *weaken* the FCRA may have been halted or reversed by the resulting public outcry. But it's worth emphasizing again that we need comprehensive study and legislation to begin broadly addressing the entire privacy area; it is simply not possible for these problems to be addressed one service at a time. As I pointed out originally, "P-TRAK" does not represent the most onerous of available databases. Lexis-Nexis *did* block name to SSN lookups (though not the reverse), and has provided mechanisms to allow people to request removal (which may or may not be effective in the long run--time will tell). But they are at least trying. There are other services which promote the availability of vast arrays of personal information that many people would (erroneously) consider private, with no removal options of any kind available. It's important to note that with all the services with which I'm familiar, there is nothing illegal or otherwise illicit about their operations. They're distributing "public record" and other openly accessible data not currently covered by the FCRA or other laws. Much of the data comes from public municipal databases, or from "business transaction" information of the sorts we've discussed previously, and over which little or no legislative restrictions exist. It's also the case that there are legitimate reasons why some individuals and other entities might at times need access to some of the information contained in various categories of these databases. There are cases where some frauds can be prevented or traced through such information. The problem is that at present there are no legal requirements placing any sort of "need to know" on most of this data, so most is accessible essentially to anyone willing to pay the designated fee, regardless of their (good or bad) motives. Many services are providing these sorts of data, some very large and some small. Outside of Lexis-Nexis "P-TRAK" with which we're already familiar, here's information regarding two representative others... -- "Information America" (http://www.infoam.com) IA has a nicely laid out web site listing a veritable cornucopia of public record and other related available data. I won't even attempt to give a comprehensive listing here, but just a few of the many categories include: Wizard -- master search of all Information America online services Asset Locator -- real property, stocks, personal property, etc. People Finder -- Address Alert, Credit Bureau Headers, Deceased Records, Neighbor Listings, Person Locator, Skip Tracer, Social Security Number Tracker, Telephone Tracker, Trace a person's residential moves Relationship Identifier, and so on... This is but a small sampling. In a conversation with their Executive VP, I learned that, in response to concerns raised by the "P-TRAK" furor, they have very recently voluntarily removed SSN data from the credit header output information. Their web site has been recently updated and no longer shows SSN as an available data output item. This puts them in the same category as "P-TRAK" in this respect, in that you can still *search* for other information using SSN if you already know the number, but you can't get an SSN from other data via Information America. I was told that some of their clients engaged in criminal investigation type work were not at all happy at having the ability to lookup SSNs removed from everybody's access, since they consider it to be an important investigative tool. Information America does not provide a mechanism for persons wishing to be removed from any of their databases. First, they feel that the public record data they supply would be less useful for legitimate purposes if people could opt-out at will. Secondly, they say that since some of the databases are not under their direct control, they do not have the technical means to provide such mechanisms in any case. --- CDB Infotek (http://www.cdb.com) CDB provides a range of services and data very similar to that of Information America. However, they have chosen *not* to block access to Social Security Number data. According to the customer service representative I spoke to, you can still look up a person's credit header record based on name, address, or other data, and obtain their SSN through the service (provided the SSN is included in that person's database record of course, which would typically be the case). CDB also promotes the availability of all information over the Internet. No obvious provision for requesting removal from their databases is apparent. - - - There are other similar organizations as well. It's a difficult situation. In the absence of legislation addressing these issues across the board, services who take unilateral actions to restrict any class of data feel that they're putting themselves at a competitive disadvantage compared with those services who *don't* implement such restrictions. We need to start working out sensible, logical, and balanced rules and laws regarding information and privacy, that address the concerns of a wide range of individuals and organizations. The longer we wait, and the more we approach the area in a piecemeal fashion, the more intractable the problems are likely to become. --Lauren-- ------------------------------ Date: Sun, 1 Sep 96 23:18 EDT From: johnl@iecc.com (John R Levine) Subject: re: Blood and Privacy? Like many other organizations, the Red Cross tries to use people's SSNs as a putatively unique identifier. In fact, they don't need your SSN, although many of the people who work at the local blood drives are unaware of this fact. Different Red Cross regions acted very differently when I told them that I don't know my SSN. In Boston, they immediately produced a non-SSN identifier based on my name and date of birth. In Philadelphia, they were utterly baffled by my Boston donor card since they "knew" that they absolutely had to have my SSN, though after about six rounds of "what's your SSN"/"I dunno" they relented enough to ask me to call it in later (yeah, right) and in fact a donor card with a different made up ID number arrived a few weeks later. I donated here in upstate New York last week, and they were perfectly happy to use whatever random number was on my donor card. A few observations: * The Red Cross seems to use a scheme where they accept blood from pretty much anyone, but if your blood flunks a test they'll silently discard all future donations from you. I presume this is one of the main impetuses for the SSN tagging. Of course, since they make no attempt to verify the SSN you provide, a bad guy who had contaminated blood and wanted to subvert their system need only make up a different SSN on each visit. * They have no consistent scheme to create and use non-SSN identifiers. The Philadelphia bank couldn't use my Boston identifier because it had letters instead of some of the digits. (At least, they thought they couldn't.) I have no objection to the Red Cross tracking the blood I give them, but I don't see that it's my duty to solve their key matching problems. * The Red Cross has a lot of blood drives at colleges and universities, and I'd think that a fair number of foreign students who truly have no SSN would show up. Even if they believe that everyone who has an SSN will provide it, they still need provision for non-SSN identifiers. -- John R. Levine, IECC, POB 640 Trumansburg NY 14886 +1 607 387 6869 ------------------------------ Date: Mon, 2 Sep 1996 22:24:13 -0400 (EDT) From: glassman@sunsite.unc.edu Subject: FedEx monitoring of cellular phone call locations [ From Risks-Forum Digest; Volume 18 : Issue 40 -- MODERATOR ] A week or so ago I used my Cellular One phone to call FedEx to inquire about Saturday pickup locations near Boone or Blowing Rock NC. At the time, I was nowhere near either of those places, so I did not bother to mention my current location to the operator. The next day, Saturday, I called FedEx with the same cell phone from Blowing Rock to arrange the pickup. The operator immediately asked if I wanted them to come to the intersection that I had placed my call from the day before. Two days later, a FedEx operator confirmed that they are getting "new systems" at some locations that are able to record the locations from which cellular calls are placed. I have now asked Cellular One three times to explain to me why they do not tell subscribers that they pass this location information through the system, but to no avail. Each person I talk with says that he or she has never heard that this information is available, 1. Is it just me, or does it seem to other readers that there are legitimate concerns about RISKS to cell phone subscribers who are not warned that they may be having their locations monitored? 2. Is it possible for FedEx to capture information that Cellular One doesn't know it's passing? Bernard Glassman [ Followups to this item over in the RISKS Digest presented conflicting views on this technical issue. My personal understanding is that it is certainly technically feasible for a cellular carrier to pass information indicating the particular cell from which a call originates, but more precise geographic locating is another matter and not widely implemented. It's worth noting though, that in metro areas individual cells can be quite small (and are getting smaller all the time as the cell user population grows), so even simple cell identifier can contain comparatively precise geographic data in some cases. -- PRIVACY Forum Moderator ] ------------------------------ Date: Tue, 10 Sep 96 01:53:56 -0700 From: Peter Langston Subject: Unclear on the Concept -- Opinions Forwarded-by: George Osner Forwarded-by: bremner@cs.mcgill.ca (David Bremner) Ernie Hai, co-ordinator of the Singapore Government Internet Project, explains his government's policy on (lack of) internet access: "It's not to control, but to protect the citizens of Singapore. In our society, you can state your views, but they have to be correct." (From the July 18th edition of Computing Canada, reporting on the recent Internet Society convention in Montreal.) ------------------------------ Date: Thu, 19 Sep 1996 17:56:03 -0700 (PDT) From: Joseph S Fulda Subject: Re: CUC; PrivacyGuard The Bank of New York sent me a mailing from CUC, also, for a service named PrivacyGuard. For $50.00 they will send you an amalgam of all 3 major credit bureaus' credit reports, your state driving record, your medical record on file with the MIB (if any), and an earnings and benefit statement request from the Social Security Administration. They will also provide dispute forms, release forms, etc. and pay all postage. Finally, they will notify you quarterly of any adverse changes to your credit report. I enrolled, since I thought it worth it for the first year (and that only)--just taking the fees into account, it's at least $32 to get the info on your own. I have been very satisfied with the service which is prompt and above-board and very neatly done. It is, of course, not worth it after year one--which is how they probably make the bulk of their money. But there is no fraud here, nor anything to be alarmed about. I should add that the Bank of New York (Delaware) is one of the most conservative credit-granting banks and would be most unlikely to enter into a business arrangement with a shady outfit. That's probably also true of AT&T Universal Card, by the way. Special rules protect you for crummy purchases made on your credit card if the credit card company solicited you. Best wishes, Joseph Joseph S Fulda, CSE, PhD Telephone: (212) 927-0662 701 West 177th Street, #21 New York, NY 10033 E-mail: pearl@csulb.edu USA ------------------------------ Date: Fri, 20 Sep 1996 14:50:40 -0700 (PDT) From: Phil Agre Subject: Canadian proposal for tracking of non-convicts A Canadian newspaper reports on legislation proposed by the government to force an individual to wear an electronic tracking device "if a judge can be convinced he poses a real danger to another individual", named or unnamed, even if no criminal charges have been filed: Anne McIlroy, [Justice Minister Allan] Rock proposes electronic tracking devices, The Globe and Mail, 18 September 1996, pages A1, A3. The article also asserts that, under these proposals, a judge can also "impose general conditions on the individual for one year, such as keeping away from playgrounds". "Someone who refuses to comply can be jailed for up to a year." In the article, the justice minister seems to conflate two distinct situations: convicted sex offenders who are at risk of reoffending after being released from prison, and people who have never been convicted of crimes, but who prosecutors are willing to portray as likely offenders to a judge. Now, I personally take seriously the tendency of child molesters and other such criminals to compulsively reoffend, and I have little problem people who have been convicted of such crimes being placed under long-term surveillance as part of their sentence, provided that the usual safeguards of due process obtain. I also take seriously another problem not mentioned in the article, men with histories of domestic violence who violate restraining orders keeping them away from former wives and girlfriends. But it is a grave step to give judges arbitrary power to restrain people by electronic means without giving them any chance to defend themselves. Phil Agre ------------------------------ Date: Mon, 23 Sep 1996 15:27:25 -0700 (PDT) From: Bruce Jones Subject: Fingerprints? I am being offered a job as an adjunct faculty at a local community college. They want me to teach a class on film. As part of the hiring paperwork they asked for the usual documents proving that I have a right to work in the US, and they require a set of fingerprints. They also expect me to pony up $32 to have the prints processed by some law enforcement agency. I know what to do with people ask me for my SSN but now how to deal with this request. No one there seems to be able to tell me under what authority they demand the prints, or where the prints will be kept once provided. They just keep telling me that the College board decided to make the demand. While I have nothing to hide, I'm not going to provide the prints, regardless of how it may affect my chances for employment. I would like to know how to challenge these folks tho. Seems to me that such demands are just another step closer to a police state (or is my paranoia beginning to reflect theirs?). Bruce Jones Department of Communication bjones@ucsd.edu University of California, San Diego (619) 534-0417/4410 9500 Gilman Drive FAX 619/534-7315 La Jolla, CA 92093-0503 http://communication.ucsd.edu/bjones/index.html [ In a subsequent message, Bruce reported finding the California legal code section that requires fingerprinting for many such positions in the educational system. This has been quite common for sometime, primarily as a means of trying to avoid having known sex-offenders (and other felons) obtaining jobs where they will be in contact with students. -- MODERATOR ] ------------------------------ Date: Tue, 1 Oct 1996 14:08:00 -0700 (PDT) From: Phil Agre Subject: Disney World Past Guest Search On the back of the NY Times business section today (national edition), is a full-page ad for something called The Walt Disney World Past Guest Search. It includes a large picture of Goofy and Pluto (if I have the characters' names right) with a very long fanfold computer printout. The ad copy explains that Disney is trying to assemble a list of everyone who has ever "experienced the magic of Walt Disney World (R). 'Cause we want you to come back for the biggest, most magical celebration on earth -- our 25th anniversary". "Sign up...and be a part of it all." They are presumably assembling a database of their past clients for marketing purposes. I wonder what kind of response they will get. I also wonder if their use of the list will be confined to marketing the 25th anniversary events, which is the only stated purpose of the list, or whether it will be used for other purposes as well. Phil Agre ------------------------------ Date: 3 Oct 1996 15:34:58 -0500 From: "Marc Rotenberg" Subject: White House Releases New Clipper Proposal [ From EPIC Alert 3.17 -- MODERATOR ] The White House has released the latest version of the key escrow/recovery plan intended to promote government access to encoded communications. The new proposal follows similar proposals in which the Administration offers to relax export regulations in exchange for an industry commitment to establish key escrow encryption. Under the plan announced by the Office of the Vice President on October 1, 1996, companies would be allowed to export 56-bit encryption systems for the next two years if they setup a formal process to fully develop a key escrow system. After two years, non-escrow systems would be prohibited. Jurisdiction for the control of exports would also be transferred from the State Department to the Commerce Department. The Justice Department would be given veto power over export applications. The White House plans to introduce legislation for key escrow centers. According to the statement released by the Vice President, the Administration will continue to promote key escrow encryption through the purchase of key recovery products, bilateral and multilateral discussions, federal cryptographic and key recovery standards, and federal funding. The statement also said that "the Administration's initiative is broadly consistent with the recent recommendations of the National Research Council." However, the NRC report recommended against government promotion of key escrow encryption, noting that "the risks of key escrow encryption are considerable," Earlier this year, the Internet Society also endorsed a recommendation of the Internet Architecture Board and the Internet Engineering Steering Group which said that "such policies are against the interests of consumers and the business community, and are largely irrelevant to issues of military security." IBM announced that it would establish an industry consortium to support the plan, and several US hardware companies signed on. However, Netscape head Jim Barkesdale described the proposal as "extortion". Bipartisan criticism was also heard from Congress. Both Senator Leahy and Senator Burns quickly issued releases criticizing the proposal. The software industry expressed opposition to the White House plan. The Software Publishers Association, the Business Software Alliance, and the International Technology Association of America criticized the proposal. More information on Clipper 4.0 is available at: http://www.epic.org/crypto/key_escrow/ ------------------------------ Date: Thu, 10 Oct 1996 20:24:25 -0700 (PDT) From: Phil Agre Subject: possible information scam I was hit this evening by a possible scam that I had never heard of before. I didn't lose any money, but I did part with a few items of personal information that I would not ordinarily disclose to a complete stranger. It was brilliant in its simplicity. Here's how it went. I got a call on the phone (this evening, Thursday, at about 7:30) from a fellow who said that he had a form that had been entered in my name in a drawing during a well-known festival that takes place in a part of San Diego, and that he needed to verify certain information on the form. Now, I had not attended that festival. If I had my head screwed on, I would have concluded that he was lying and was simply trawling for personal information. Instead, I did just what he wanted me to do: first I set myself to wondering who might have filed a contest entry in my name, and second my greed took over and I decided to go along with it, just in case I had won something. This was wildly stupid, of course, but I stayed stupid just long enough to tell him that I was single and to confirm that my age and income fall in certain brackets -- the brackets he told me I had ticked on the entry form. Having gotten this information from me, he told me that the reason he was verifying it was that I had qualified for the final drawing on a 1996 BMW something-or- other. Call me an idiot, but this information mobilized the greedy part of my brain long enough -- and immobilized the grown-up rational part -- just long enough to let this guy go without a struggle. It took this guy perhaps three minutes to get my marital status and confirm my age and income brackets. Figuring he was making $9 an hour, that's about 45 cents. (He's probably using one of those machines that dials several numbers at once and only connects the telemarketing worker to a line that actually answers, so he probably has to spend little time listening to ringing or busy signals.) Other costs (equipment, rent, etc) surely double that amount. How could it be worth $1 to someone to verify this kind of information? They *must* be selling it to many parties in order to amortize the investment. I suppose it's comforting in a perverse way that they couldn't just buy the information for $1 from some existing source. Phil Agre [ It's not immediately clear if the word "scam" should be applied to this case, especially since they didn't ask for or obtain any money or "highly sensitive" information from the callee; it was most likely a rather underhanded marketing gimmick of some sort. In either case, the rule holds that it's generally best not to give out personal information to parties who don't have a legitimate "need to know" of one sort or another. -- MODERATOR ] ------------------------------ Date: 2 Sep 1996 13:52:18 -0500 From: "Dave Banisar" Subject: National ID Card Web Pages EXTENSIVE NATIONAL ID CARD WEB SITE IS NOW ON LINE The London-based human rights watchdog Privacy International (PI) has just opened an extensive web page on National ID cards. The initiative comes in the wake of pending efforts in the United States, Canada and United Kingdom to implement national ID card systems. The page contains a 7,000 word FAQ (Frequently Asked Questions) on all aspects of ID cards and their implications. Also included in the PI documents is a paper describing successful campaigns opposing to ID cards in Australia and other countries. The page also has links to numerous other sites and documents. PI Director Simon Davies said he hoped the page would help promote debate about the cards, "ID cards are often introduced without serious discussion or consultation. The implications are profound, and countries planning to introduce them should proceed with caution." "The existence of a card challenges important precepts of individual rights and privacy. At a symbolic and a functional level, ID cards are often an unnecessary and potentially dangerous white elephant. They are promoted by way of fear-mongering and false patriotism, and are implemented with scant regard for serious investigation of the consequences." he said. The URL is : http://www.privacy.org/pi/activities/idcard/ PI has also set up an auto response function for the FAQ document. Its address is: idcardfaq@mail.privacy.org Privacy International is an international human rights group concerned with privacy and surveillance issues. It is based in London, UK. For further information contact the Privacy International Washington Office at +1.202.544.9240 or email pi@privacy.org. PI's web page is available at: http://www.privacy.org/pi/ David Banisar (Banisar@privacy.org) * 202-544-9240 (tel) Privacy International Washington Office * 202-547-5482 (fax) 666 Pennsylvania Ave, SE, Suite 301 * HTTP://www.privacy.org/pi/ Washington, DC 20003 ------------------------------ Date: Sun, 06 Oct 1996 18:19:12 -0500 From: Chris Toulouse Subject: CFP: NPS issue on Cyberspace CALL FOR PAPERS The journal NEW POLITICAL SCIENCE is planning a special issue on THE POLITICS OF CYBERSPACE for its Fall 1997 issue. The editors are Chris Toulouse (Hofstra University) and Tim Luke (Virginia Tech). Any matter of relevance to the general field will be considered, although we want to give preference to articles exploring the impact of the world wide web on the political process. Submissions should take the form of an article, no longer than 25 double-spaced pages (excluding endnotes). The deadline for submissions is December 1st 1996. Submissions will be referred to two anonymous referees (in the conventional academic fashion) and authors will be contacted by February 1st 1997. Since this is an issue on cyberspace we hope to be able to upload the articles to the forthcoming New Political Science web site. This would provide authors with the opportunity to embed hyperlinks within their articles and take full advantage of the web as a publishing medium. For further information contact Chris Toulouse at urbsoc@gramercy.ios.com Tim Luke at TWLUKE@VT.EDU Thank you for your time & attention. Sincerely, CHRIS Toulouse ------------------------------ Date: Tue, 3 Sep 1996 15:39:02 -0700 From: jwarren@well.com (Jim Warren) Subject: CFP: 7th Conference on COMPUTERS, FREEDOM & PRIVACY (3/11-14/97) THE SEVENTH CONFERENCE ON COMPUTERS, FREEDOM, AND PRIVACY Call for Participation San Francisco Airport Hyatt Regency Hotel Burlingame, California March 11-14, 1997 CFP97: Commerce & Community will be sponsored by the Association for Computing Machinery SIGCOM and SIGSAC. The host institutions will be Stanford University and the University of California at Berkeley. Co-sponsors and cooperating organizations include the ACM SIGCAS, the Electronic Frontier Foundation, the Center for Democracy and Technology, the Electronic Privacy Information Center, and the WELL. CFP97: Commerce & Community is the latest in a series of annual conferences assembling a diverse group of experts and advocates from the domains of technology, business, government, and academia to explore the evolution of information and communication technologies and public policy, and its effects on freedom and privacy in the United States and throughout the world. Past CFP sessions have discussed, debated -- and often anticipated -- issues of great social import. In this tradition, CFP97: Commerce & Community will examine the social and policy questions posed by: * the growth of electronic communities; * electronic commerce and the commercialization of cyberspace; * the problems of legal and regulatory control of the Net; * the interests of privacy and property in the electronic domain; * high-tech law enforcement and security concerns. The CFP97 Program Committee invites your suggestions for presentations on these or other important issues at the nexus of technology, business, public policy, freedom, and privacy. Proposals may be for individual talks, panel discussions, debates, moot courts, moderated, interactive sessions or other formats. Each proposal should be accompanied by a one-page statement describing the topic and format. Descriptions of multi-person presentations should include a list of proposed participants and session chair. Proposals should be sent by email to cfp97@cfp.org. If necessary, typewritten proposals may be sent to: CFP'97, 2210 Sixth Street, Berkeley, CA 94710. Please submit your proposal as soon as possible. The deadline for submissions is October 1, 1996. (Please note that we have extended our deadline for submissions) For more information on the Computers, Freedom and Privacy Conferences, as well as up-to-date announcements on CFP'97, please visit our Web page at: http://www.cfp.org ------------------------------ End of PRIVACY Forum Digest 05.19 ************************