PRIVACY Forum Archive Document
PRIVACY Forum Digest Wednesday, 14 January 1998 Volume 07 : Issue 02 Moderated by Lauren Weinstein (email@example.com) Vortex Technology, Woodland Hills, CA, U.S.A. http://www.vortex.com ===== PRIVACY FORUM ===== ------------------------------------------------------------------- The PRIVACY Forum is supported in part by the ACM (Association for Computing Machinery) Committee on Computers and Public Policy, "internetMCI" (a service of the Data Services Division of MCI Telecommunications Corporation), Cisco Systems, Inc., and Telos Systems. - - - These organizations do not operate or control the PRIVACY Forum in any manner, and their support does not imply agreement on their part with nor responsibility for any materials posted on or related to the PRIVACY Forum. ------------------------------------------------------------------- CONTENTS AT&T Database Reveals Unlisted Names From Numbers (Lauren Weinstein; PRIVACY Forum Moderator) Intuit Canada policy of forced disclosure (John Tillquist) Data Creep [PRIVACY Forum Digest V06 #18] (Stanley F. Quayle) Privacy problems with patient data in hospitals, by Simson Garfinkel (Fr. Stevan Bauman) Re: ATM card problems (David C. Kulp) Airlines Debut Profiling System (Monty Solomon) A spy satellite of one's own [TBTF for 1/12/98] (Keith Dawson) Self regulation (Marianne Kim) ACM Policy98 Preliminary announcement (Jim Horning) *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The Internet PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. All submissions should be addressed to "firstname.lastname@example.org" and must have RELEVANT "Subject:" lines; submissions without appropriate and relevant "Subject:" lines may be ignored. Excessive "signatures" on submissions are subject to editing. Subscriptions are by an automatic "listserv" system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "email@example.com". Mailing list problems should be reported to "firstname.lastname@example.org". All messages included in this digest represent the views of their individual authors and all messages submitted must be appropriate to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "ftp ftp.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the listserv system. Please follow the instructions above for getting the listserv "help" information, which includes details regarding the "index" and "get" listserv commands, which are used to access the PRIVACY Forum archive. All PRIVACY Forum materials are available through the Internet Gopher system via a gopher server on site "gopher.vortex.com/". Access to PRIVACY Forum materials is also available through the Internet World Wide Web (WWW) via the Vortex Technology WWW server at the URL: "http://www.vortex.com"; full keyword searching of all PRIVACY Forum files is available via WWW access. ----------------------------------------------------------------------------- VOLUME 07, ISSUE 02 Quote for the day: "... I expected to be frightened on my wedding night, but nothing like this!" -- Joan Hayden (Gloria Castillo) "Invasion of the Saucer Men" (American International; 1957) ---------------------------------------------------------------------- Date: Tue, 13 Jan 98 10:05 PST From: email@example.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: AT&T Database Reveals Unlisted Names From Numbers Greetings. In a memorable scene from the 1975 film "Three Days of the Condor," CIA agent-on-the-run Joe Turner, played by Robert Redford, monitors a phone line with a telephone test set (known in telco parlance as a "butt set" or more popularly a "butt-in"). After taping and determining the touch- tone digits being dialed, he makes a call to an "operator" who provides the name and address of the party associated with that dialed number. His exchange with that operator was completely authentic. For decades telephone companies have operated "Customer Name and Address" bureaus, known colloquially as "CNA" bureaus. Presented with a phone number, the CNA operators provide name and address data, even for unlisted or non-published numbers. This service was and is ostensibly only for telephone company use. The telcos rightly considered this information sensitive, and CNA access numbers were always subject to frequent changing, but still leaked out. They were highly coveted by private detectives, phone phreaks, and others, for various investigative or even harassing purposes (few things can upset a person who thinks they have an unlisted number more than a bizarre call from an unknown person in the dead of night who knows their name...) Over the years, telephone subscribers have become more aware of the various commercial and other purposes to which their telephone listings have been subjected, and increasing percentages of folks have unlisted ("non-published" or "non-pub") numbers. In states like California, the majority of numbers are non-pub. Telephone company literature usually states that a non-pub status (for which subscribers now typically have to pay an extra monthly fee) also protects them from so-called "upside-down" listings and services--essentially published versions of CNA that provide listings in telephone number and/or house address order. Clearly the telcos realize that people are still very sensitive about their names and/or addresses being looked up by number. So it was with considerable concern late last year when I learned of an easily accessible AT&T database that provides a major portion of CNA--the provision of names from numbers, even for unlisted or non-published numbers. I have been engaged in a dialogue with various AT&T officials concerning this database since then. Getting an official response has taken some time (the holidays didn't help of course), and I've been told that I'm the first person to ever bring this issue to their attention (a familiar enough refrain when it comes to privacy issues...) The database in question is a "service" (which AT&T says is greatly appreciated by their customers) which ostensibly exists to allow automated access to number information by business customers. AT&T long distance business customers, upon calling their designated customer service number from their bills, enter a typical complex voice mail maze. After entering their main AT&T account number into the system, one of the choices available relates to "if you do not recognize a number on your bill." Choosing this option drops the user into an automated system which allows the direct entering of phone numbers. For each number entered, the system then attempts to read out (using a voice synthesizer) the name associated with that number. An option is also available to spell out the name, since text-to-speech handling of proper names can be less than optimal (remind me to tell the story of my "Touch-Tone Unix" synthesizer system from the '70's someday). The number entry/readout sequence can be repeated (apparently) as many times as desired. The need for a customer to find out who is associated with a truly unknown number on their bill can be a real one. Unfortunately, this database has a variety of negative characteristics: -- The database does not limit lookups to numbers actually on the customer's bill! Any numbers can be entered, and the system will usually provide the associated name, even if they are not on the current (or any) bill. Presence or absence from the bill is totally irrelevant. -- The database provides data for unlisted or non-published numbers just as happily as for listed numbers. This includes corporate internal numbers, modem and fax lines, residential second lines, and so on. -- For listed numbers, the database sometimes provides not the name associated with the listing, but rather the name of the person who is apparently the "billing contact" for the listed entity and usually has nothing whatever to do with the listing itself! To quote from the official response I received from the AT&T media relations representative with whom I have been in contact about these concerns: "As a matter of policy, AT&T safeguards customer information from unauthorized access. It is also our policy to allow business customers to access their account-billing records to check the accuracy of their records and to request changes, as necessary, by using an automated system. Until now, questions such as yours have never come up, so we want to thank you very much for bringing your concerns to our attention. ... The system has been in use for several years and, in our search for ways to improve the accuracy, timeliness and cost- effectiveness of the services we offer customers, we had already begun evaluating a number of options. Your inquiry has hastened our considerations of new ways to offer capabilities that our business customers value while safeguarding private customer information from unauthorized access. So, again, we thank you for bringing this issue to our attention." What this really means in terms of actual changes is decidedly unclear. No date is specified for any alterations, nor have they explained in any manner what sorts of customer privacy changes (if any) will be made, nor how any new system might differ from the current one. In the meantime, I have been told that they do not intend to alter the operations of the current database in any manner. I have suggested suspending or limiting the current system as a clear move to help protect telephone subscribers' privacy. AT&T has chosen not to do so. They point out that the database is not "intended" for other than the lookup of unknown numbers on the bills, and that they consider any other use to be improper. However, such improper uses will continue to be completely possible under the current system. My overall impression is that AT&T feels people aren't concerned about number to name lookups, and that AT&T doesn't see what harm such information could do in any case. This sort of "What harm could it do?" attitude is one that PRIVACY Forum readers have seen repeatedly with commercial databases of various sorts. It of course is important that persons make their feelings about such issues known once they come to light. If people don't bother to complain, faulting the commercial database policies themselves becomes considerably more problematical. Others may agree, or perhaps disagree, with AT&T's apparent attitudes about this matter. It seems likely that more persons expressing their opinion, either positive or negative about the system, would be useful to AT&T in helping to gauge public feelings about such matters. AT&T has told me specifically that the appropriate venue for such opinions would be AT&T Executive Resolution, at (908) 221-4191 (8-5 PM Eastern--I'm told that collect calls are accepted during those business hours). All too often, we see that the implementation of potentially useful services is done in a manner that produces undesirable (and often unintended) negative privacy side-effects. A key issue is to what extent an entity responds to privacy concerns, even when they might not agree with them, after they've been made aware of the issues. So far, I'm afraid that AT&T's response to this situation has not been stellar. --Lauren-- Lauren Weinstein Moderator, PRIVACY Forum http://www.vortex.com ------------------------------ Date: Fri, 02 Jan 1998 09:30:43 -0800 From: John Tillquist <firstname.lastname@example.org> Subject: Intuit Canada policy of forced disclosure Intuit Canada wants your personal information. Intuit, producer of popular home and small business financial software, requires purchasers of their 'QuickBooks' package (retail Can$129) to provide their name, address, and telephone number for continued use of the software. Customers must dial an 1-888 number and provide this personal information before Intuit will release the registration code necessary to run QuickBooks. Rolo Lacroix, Intuit Canada's Head of Customer Service, said in a telephone interview that the policy was to track customers for software update notification and to stem computer piracy. "We need your contact information to bind your name with the registration number," he said. Asked if a pseudonym could be used instead, Lacroix stated, "that would be illegal." The Risk. Forced disclosure of personal information to activate software is a compelling means for organizations to build an inventory of customer data. Aside from notification of release updates and protection against software piracy, the company also could potentially save tremendous amounts of advertising dollars by targeting sales campaigns, tailoring sales pitches to individuals on their database, and selling their database to direct marketing operations. Forfeiting privacy of personal information as condition of use has significant implications. Conceivably, any software or product retailer could do the same if they could build-in controls to restrict post-sale customer use. Cash no longer would protect the confidentiality of the buyer. Electronic profiles of individual's buying habits and preferences are matched with direct contact information, leaving anonymity and personal privacy a thing of the past. Imagine being required to provide personal information for using MS-Windows... John Tillquist, PhD | Faculty of Commerce | 604-822-8392 (o) University of British Columbia | 822-9574 (f) Vancouver, BC V6T 1Z2 | email@example.com ------------------------------ Date: Thu, 1 Jan 1998 03:48:40 -0500 From: "Stanley F. Quayle" <firstname.lastname@example.org> Subject: Re: Data Creep [PRIVACY Forum Digest V06 #18] > This form of "data creep," where information is collected > ostensibly for one purpose but then made available for other > applications, is an increasingly serious one. A recent article in an aviation magazine (Flying, perhaps; sorry, I don't have the reference) mentioned that recordings of airline pilots' in-flight conversations were only to be used in investigating an accident. They're now reviewed by the FAA for other purposes. --Stan Stanley F. Quayle, P.E. N8SQ +1 888 527-5127 Fax: +1 614 868-1671 8572 North Spring Ct. NW, Pickerington, OH 43147 Preferred address: email@example.com http://www.pobox.com/~quayle ------------------------------ Date: Wed, 17 Dec 1997 01:16:39 -0500 (EST) From: firstname.lastname@example.org (Fr. Stevan Bauman) Subject: Privacy problems with patient data in hospitals, by Simson Garfinkel [ Excerpted from Risks-Forum Digest; Volume 19 : Issue 51 by PRIVACY Forum Moderator ] [This item originally appeared in The Boston Globe, 5 Jun 1997. It was later reprinted in American Reporter, a daily electronic newspaper, http://www.american-reporter.com for initial free access. Contact Joe Shea at email@example.com for comments and subscriptions. This article is reproduced here with permission of the author. PGN] Simson Garfinkel American Reporter Correspondent Martha's Vineyard, Mass. October 2, 1997 COMPUTERS COMPROMISE PRIVACY, CUT COST OF CARE by Simson Garfinkel American Reporter Correspondent MARTHA'S VINEYARD, Mass. -- A few months ago, a patient at the University of Washington Medical Center made what sounded like a reasonable request. Worried about his medical privacy, the patient asked that the hospital's computers be set up so that his medical record could not be displayed on a computer terminal. Today the UW Medical Center is still considering the request, but the doctors involved aren't quite sure how to proceed. University of Washington has been a leader in bringing computers to medicine, and there are few parts of the hospital that still rely on paper. Various computer systems at the hospital keep track of each patient's appointments, record the procedures done by a physician, record the laboratory work requested and performed, send the results electronically back to the physician, remind the patient when it is necessary to schedule a follow-up, and most importantly, send out bills to insurance companies and the patients themselves. Precisely which computer does the patient not wish his information to be displayed upon? "We're trying to figure that out right now," says one of the physicians on the hospital's medical informatics review panel. So far, there is no good answer. For thousands of years, it's been the obligation of physicians to protect the privacy of their patients. But many physicians are increasingly worried that this age-old commitment is being jeopardized as hospitals adopt increasingly-advanced medical information systems. Earlier this year, the National Research Council issued a report on the issues surrounding electronic health information. Called "For the Record," the report identified five "threat levels" for information stored in health care computers: * Threat 1: Insiders who make "innocent" mistakes and cause accidental disclosures of confidential information. This could be as simply as a lab sending a fax sent to a wrong phone number, or a nurse pulling up one patient's medical records instead of another's. * Threat 2: Insiders who abuse their record-access privileges. Browsing seems to be a problem with many electronic record systems. The Internal Revenue Service, for example, has had persistent problems with curious employees looking through the tax records to which they have access. It's unreasonable to think that hospitals will somehow avoid this scourge. * Threat 3: Insiders who knowingly access information for spite or for profit. During the 1992 Democratic primaries, a pathologist at Beth Israel Hospital here in Boston was contacted by a member of the press who wanted access to former U.S. Sen. Paul Tsongas' medical records. The reporter offered good money, and a less ethical pathologist could easily have retrieved the file -- probably without having that information traced back to him. * Threat 4: An unauthorized physical intruder gains access to information. Many hospitals rely on physical security to protect information stored inside a computer: the terminals are put in a special room or behind a desk to which only authorized personnel are supposed to have access. Unfortunately, hospitals are not as secure as hospital administrators would like to believe. If that journalist had simply put on a white lab coat and gotten a fake badge, that person might have been able to retrieve Tsongas' medical records unassisted. * Threat 5: Vengeful employees and outsiders, such as vindictive patients or intruders, who mount attacks to access unauthorized information, damage systems, and disrupt operations. A doctor who practices at an HMO recently told me of a problem that her group has been having: an employee -- they think they know who -- has been accessing the HMO's scheduling computer and deleting patient appointments. The scheduling desk then thinks the appointment slot is free, and two or three patients show up at the same time. The increased reliance on Social Security numbers is further compromising patient confidentiality. These days it is relatively easy to find out somebody's Social Security number, and if you have that magic number, you can call up a hospital or doctor's office and impersonate that person, hunting out embarrassing or valuable pieces of information. What makes this scam possible is the fact that many hospitals use Social Security numbers as a kind of secret patient password for patients to prove their identity. Hospitals don't seem to realize that even if Social Security numbers were once relatively secret, that day is long past. Disturbingly, use of Social Security numbers by health care organizations is about to expand dramatically. Section 1173 of the Kennedy Kassenbaum health care portability legislation passed last year defines a set of "administrative simplification procedures" which require the establishment of universal health identification numbers. The identifier will make it easier for different organizations to combine data, both to improve patient care and to make it easier to perform large-scale epidemiological studies. Right now, it looks as if Congress or Health and Human Services will adopt the Social Security number as that universal identifier. Some computer professionals have suggested that the way to solve the health care privacy issue is to encrypt all of a patient's files with a secret key, so that a patient's files can't be decrypted without their permission. The problem with this sort approach is that it makes it difficult for doctors to access critical information in times of urgent need. Hospitals, and other institutions, are loathe to deploy systems that restrict anybody's access to information. Instead, many hospitals seem to prefer systems that allow relatively open access, but record every file that's viewed or modified by every health care worker. That record is called an audit trail. The information can be used to find and punish employees who violate patient confidentiality, and having it works as a deterrent for others. But even audit trails breaks down in an emergency room, where forcing people to type a username and password before ordering a test could mean the difference between life and death. Are you willing to die for your right to privacy? With all of these problems, sometimes it is easy to forget that the reasons that hospitals are turning to computers is to lower costs and improve patient care. Unfortunately, ensuring patient privacy can be expensive and can prevent doctors and public health officials from considering all of the pertinent data for a given problem. It's doubtful that we will be able to resolve the fundamental tension between the need to know and the need not to know. ------------------------------ Date: Sun, 4 Jan 1998 17:01:22 -0800 From: "David C. Kulp" <firstname.lastname@example.org> Subject: RE: ATM card problems Following up on Joe Bates' recent email (V06 #18) and others involving Wells Fargo's infamous banking schemes, I called Wells to discontinue the Master Card / debit "feature" on the cards for me and my wife. Like Joe, I had destroyed our old cards under the assumption that they were going to expire. The Wells customer service representative was very kind and willing to re-replace my card. What I found ironic were the "security" steps which the representative had to take to process my request. The representative had to ask me my mother's maiden name, my PIN number for my checking account, when I made my last deposit, and how much that deposit was. To re-replace my wife's card (although we share the same account), my wife had to personally speak with the representative, too. Of course, for all the representative knows, my wife could have been anyone and my mother's maiden name is easily discovered. Still, I don't object to these checks, but it is truly ironic when an individual can use the same card number without any additional security measures to make purchases for thousands of dollars, immediately withdrawn from your account. David Kulp ------------------------------ Date: Fri, 2 Jan 1998 23:39:52 -0500 From: Monty Solomon <monty@roscom.COM> Subject: Airlines Debut Profiling System Excerpt from ACLU News 12-31-97 --- As Airlines Debut Profiling System, ACLU Launches Web Complaint Form FOR IMMEDIATE RELEASE Wednesday, December 31, 1997 WASHINGTON -- Anticipating complaints resulting from the national debut of a computerized airline passenger profiling system, the American Civil Liberties Union today launched a special web complaint form to collect information on incidents of discrimination and mistreatment by airport security personnel. The ACLU said that it was establishing its own complaint collection process in part because the Department of Transportation has so far failed to establish its own means of adequately collecting and tracking passenger complaints, and has refused to set up an independent monitoring panel to review complaints about the new system. The Computer Assisted Passenger Screening System (CAPS) was developed and mandated by the Federal Aviation Administration based on a recommendation from the White House Commission on Aviation Safety and Security headed by Vice President Gore. It is scheduled to be phased in nationwide beginning on January 1. "The ACLU is concerned that the CAPS system will have a unequal impact on some passengers, resulting in their being selected for treatment as potential terrorists based on their race, religion or national origin," said Gregory T. Nojeim, a Legislative Counsel for the ACLU's Washington National Office. "Fasten your seat belts, ladies and gentlemen," Nojeim cautioned, "because the government is about to take you on a very bumpy ride." The ACLU's complaint form, linked online at http://www.aclu.org/forms/complaint_aviation.html, offers airline passengers to provide details of discriminatory or abusive security screening incidents, and asks passengers to report information about their flight, themselves, and who mistreated them. Nojeim said the ACLU would use the data collected on its web site to look for patterns of abusive or discriminatory security screening. All personal data, he said, will be kept confidential on request. The ACLU has long criticized passenger profiling, calling it a speculative means of predicting criminal conduct that does nothing to insure safety. Profiling is based on characteristics that do not individually suggest evidence of criminality, the ACLU added, and can involve the troublesome maintenance and evaluation of personal information about passengers and their travel, using criteria that are kept secret for "security reasons." Under this system, passengers who "fit the profile" are selected for heightened security measures, which can include a thorough search of their luggage in front of other passengers, intrusive personal questioning, tagging of luggage with orange tape, and a physical escort from the check-in counter to the airport gate by security personnel, in full view of other passengers. Earlier this year, a newspaper reporter who obtained confidential airline security manuals found that they explicitly listed some ethnic associations, like a name of Middle Eastern origin, as grounds for suspicion. The CAPS system will replace, for most domestic flights, the manual profiling system now being used. Northwest Airlines has been testing the CAPS system in select airports since earlier this year, and, according to Nojeim, the ACLU has received more complaints of discriminatory security screening from Northwest passengers than from passengers on any other airline. However, it is not yet clear whether and how those complaints are linked to use of CAPS. Nojeim said that the ACLU continues to call for the establishment of an independent Civil Liberties Panel to insure that security measures are not implemented in a discriminatory way, that passengers' data is kept confidential, and that privacy standards are created for new security scanning devices. Criminals -- including those who "fit the profile" -- may find the profiling system easy to evade: all they have to do is dupe a passenger who does not fit the profile into carrying a bomb. The ACLU is reiterating its call for full "luggage match" as an alternative to passenger profiling. Bag matching assures that no one can check a bag without boarding the flight. "The ACLU has never challenged the use of the x-ray machine on everyone's checked luggage," Nojeim said. "What we have challenged are discriminatory methods of choosing which passengers will be subjected to heightened security measures." Note: The form can be found online at http://www.aclu.org/forms/complain_aviation.html. Individuals who do not have Internet access can call the ACLU's Washington Office at 202-544-1681. ------------------------------ Date: Mon, 12 Jan 1998 22:58:25 -0600 From: email@example.com (Keith Dawson) Subject: A spy satellite of one's own [TBTF for 1/12/98] [ Excerpted from TBTF for 1/12/98 by PRIVACY Forum Moderator ] Soon you'll be able to buy images from space that show the car in your driveway. Spying on the earth from space was a monopoly of governments for its first two decades. In 1986 the French company SPOT IMAGE  began selling images from its SPOT satellite to all comers. At 10 meters minimum resolution, the images were sufficient to resolve objects the size of houses.Now a US company -- EarthWatch, of Longmont, Colo- rado -- has launched EarlyBird  atop a Russian booster . For a few hundred dollars charged to your credit card you'll be able to order a 3-meter resolution photo of any place on earth. Visit this simulation to appreciate the difference between 3-meter and 10-meter resolution . In 1999 EarthWatch plans to launch the first of two next-generation QuickBird satellites with a minimum resolution below 1 meter. That's just about sharp enough to resolve people from space . Here are specs for the EarlyBird and QuickBird satellites . Eyes in the sky with such acuity must begin to raise privacy concerns. Visit the Freedom Forum ,  for some cautionary thoughts from technology director Adam Clayton Powell Jr.  http://www.spot.com/  http://www.digitalglobe.com/news/pr_eb1launch.html  http://www.sjmercury.com/breaking/headline2/080192.htm  http://www.hitachi.co.jp/Prod/remosen/eng/3mimage.htm  http://www.hitachi.co.jp/Prod/remosen/eng/1mimage.htm  http://www.digitalglobe.com/company/ewconstell.html  http://www.freedomforum.org/technology/1997/12/31satell.asp  http://www.freedomforum.org/technology/1997/12/05sputnik.asp ------------------------------ Date: Mon, 12 Jan 1998 21:18:18 -0600 From: Marianne Kim <firstname.lastname@example.org> Subject: self regulation Hi everyone: I'm looking for information related to how self regulating governing bodies (such as trade associations) can protect the transfer of customer profile data from abuse and simultaneously bring forward antitrust issues. The basic idea is that data collecters will have little incentive to sell information to marketing groups that represent their competitors, thus restricting the use of competitive tools. I'm new to this topic and it's been difficult for me to find literature on antitrust issues related to regulation. Does anyone have suggestions? Thanks. ------------------------------ Date: Fri, 09 Jan 98 18:11:00 P From: Jim Horning <email@example.com> Subject: ACM Policy98 Preliminary announcement +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ ASSOCIATION FOR COMPUTING ANNUAL MEETING =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= POLICY98 "Shaping Policy in the Information Age" Washington, DC, Renaissance Hotel May 10-12, 1998 Preliminary Notice For Conference and Registration information see: http://www.acm.org/usacm/events/policy98/ On May 10-12 1998, the Association for Computing will hold its annual meeting in Washington DC. This national conference will focus on critical public policy issues affecting the future of applications of computing. The purpose of the conference is to forge stronger links between computer professionals and policy makers. You will interact with leaders from academia, industry, Congress, and Executive agencies, and participate in debates on policy issues including Universal Access, Electronic Commerce, Intellectual Property, and Education Online. You can influence decisions about making productive use of computing and information processing innovations, while coping with the inherent dangers of any transformational technology. Your continuing collaborations with policy makers will be beneficial to citizens, consumers, entrepreneurs, students, and computing professionals. You can make a difference! All attendees are invited to the Annual ACM Awards Banquet on Sunday evening May 10th, and a conference reception on Monday night May 11th. +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ PANEL TOPICS AND COORDINATORS =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ Universal Service: Ollie Smoot What can be done to promote widespread access to the benefits of the Internet? What is the role of government and the role of the private sector in wiring schools, libraries, and medical facilities? Electronic Commerce: Jim Horning How much public policy does EComm need? What problems would inadequate, excessive, or misguided policies cause? Can compromises in areas like fair trade practices, fraud prevention, security, privacy, and taxation advance the interests of all stakeholders? Intellectual Property in Cyberspace: Pam Samuelson What will be the impact of the WIPO agreements on copyright in cyberspace? How should intellectual property be protected and what safeguards are necessary to protect libraries and academic institutions? Education Online: Charles N. Brownstein The Internet offers unparalleled opportunities for learning and teaching. What public policy and technical challenges must be met to realize these prospects? +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ CONFERENCE CO-CHAIRS =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ Ben Shneiderman, USACM (U.S. Public Policy Committee) C. Dianne Martin, SIGCAS (ACM Special Interest Group on Computers & Society) +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ PROGRAM COMMITTEE CHAIRS =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ Marc Rotenberg, Public Policy Keith Miller, Ethics and Social Impacts +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ REGISTRATION INFORMATION =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ For more information or to register electronically, see http://www.acm.org/usacm/events/policy98/reginfo.html ------------------------------ End of PRIVACY Forum Digest 07.02 ************************
Vortex Technology Home Page
Copyright © 2005 Vortex Technology. All Rights Reserved.