PRIVACY Forum Archive Document
|
PRIVACY Forum Digest Wednesday, 5 January 2000 Volume 09 : Issue 02 (http://www.vortex.com/privacy/priv.09.02) Moderated by Lauren Weinstein (lauren@vortex.com) Vortex Technology, Woodland Hills, CA, U.S.A. http://www.vortex.com ===== PRIVACY FORUM ===== ------------------------------------------------------------------- The PRIVACY Forum is supported in part by the ACM (Association for Computing Machinery) Committee on Computers and Public Policy, Cable & Wireless USA, Cisco Systems, Inc., and Telos Systems. - - - These organizations do not operate or control the PRIVACY Forum in any manner, and their support does not imply agreement on their part with nor responsibility for any materials posted on or related to the PRIVACY Forum. ------------------------------------------------------------------- CONTENTS British Looking to Slow (and Track?) Cars via Satellite (Lauren Weinstein; PRIVACY Forum Moderator) U.S. Customs Service to Expand Airport Body X-Ray Scanner Usage (Lauren Weinstein; PRIVACY Forum Moderator) Re: Banks and check amounts (John R. Levine) Re: Web Tracking and Data Matching Hit the Campaign Trail (private@mariana.net) Re: Web Tracking and Data Matching (Timothy Hinds) *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The Internet PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. All submissions should be addressed to "privacy@vortex.com" and must have RELEVANT "Subject:" lines; submissions without appropriate and relevant "Subject:" lines may be ignored. Excessive "signatures" on submissions are subject to editing. Subscriptions are via an automatic list server system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@vortex.com". Mailing list problems should be reported to "list-maint@vortex.com". All messages included in this digest represent the views of their individual authors and all messages submitted must be appropriate to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "ftp ftp.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the list server system. Please follow the instructions above for getting the list server "help" information, which includes details regarding the "index" and "get" list server commands, which are used to access the PRIVACY Forum archive. All PRIVACY Forum materials are available through the Internet Gopher system via a gopher server on site "gopher.vortex.com/". Access to PRIVACY Forum materials is also available through the Internet World Wide Web (WWW) via the Vortex Technology WWW server at the URL: "http://www.vortex.com"; full keyword searching of all PRIVACY Forum files is available via WWW access. ----------------------------------------------------------------------------- VOLUME 09, ISSUE 02 Quote for the day: "Let's play something else..." -- Thomas Crown (Steve McQueen) "The Thomas Crown Affair" (MGM/UA; 1968) ---------------------------------------------------------------------- Date: Tue, 4 Jan 2000 16:44 PST From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: British Looking to Slow (and Track?) Cars via Satellite Greetings. In one of the more misguided and potentially dangerous ideas I've seen in quite awhile, the British government is considering the installation of devices on all autos which would automatically limit their speed via GPS-linked systems programmed with local speed limit data. Deputy Prime Minister John Prescott is reportedly in charge of this evaluation. A prototype device for this function has already been developed. While the safe-driving groups who are promoting this concept no doubt have admirable motives, the risks are obvious. While it could be argued that most speeding is "casual" in nature, there are certainly times when drivers are in life-critical situations where exceeding the speed limit may be a necessary tradeoff. Cases such as reaching a hospital in an emergency, escaping from potential carjackers, and other unfortunate situations are examples. While it's certainly true that speeding even in those situations does involve risks, there simply are times when human assessment of a situation must be in control. Imagine the outcry the first time that an infant or mother dies when such a system prevents them from rapidly reaching medical care. In another scenario, the "impact" of pulling out into the opposing traffic lane for (legal) passing, only to find a hard limit on speed, could also be rather dramatic. Another point--since the temptation to tamper with such a device would be significant, it seems logical that practical implementation of such systems would need to include some form of logging system to track operations, which presumably could be interrogated at vehicle inspection/licensing times, etc. The variety of data that such a GPS-based system could maintain is very extensive, introducing a range of directly privacy-related issues. While speed governors are not uncommon in the trucking industry, their application to passenger vehicles, especially in conjunction with the tracking capability of GPS, seems to be both unwise and unsafe. --Lauren-- lauren@vortex.com Lauren Weinstein Moderator, PRIVACY Forum - http://www.vortex.com Co-Founder, PFIR: People For Internet Responsibility - http://www.pfir.org Member, ACM Committee on Computers and Public Policy ------------------------------ Date: Sun, 2 Jan 2000 20:32 PST From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: U.S. Customs Service to Expand Airport Body X-Ray Scanner Usage Greetings. The PRIVACY Forum has previously discussed the issues of "body scanners" (using either x-rays or non-ionizing radiation such as microwaves, as in http://www.vortex.com/privacy/priv.05.20). The U.S. Customs Service has announced an expansion of the program that already has "low dose" x-ray body scanners in use at six major airports around the country. The plan is to have such units operational at all major U.S. airports by this June. Concerns about these scanners have been raised both due to the radiation exposure involved ("low dosage" notwithstanding) and due to the units' ability to display "private parts" with considerable clarity (though apparently not in sufficient detail to show body scars, for example). The scanners are not currently planned for routine passenger use, but rather for situations where particular passengers are singled out for suspicion of carrying contraband, as an alternative to physical pat-downs. According to Customs, passengers would still have the alternative of a physical search, but Customs says that many persons have objected to being touched during those searches, believing that they were being specifically targeted due to sex, race, or physical characteristics. --Lauren-- lauren@vortex.com Lauren Weinstein Moderator, PRIVACY Forum - http://www.vortex.com Co-Founder, PFIR: People For Internet Responsibility - http://www.pfir.org Member, ACM Committee on Computers and Public Policy ------------------------------ Date: 1 Jan 2000 00:41:05 -0500 From: johnl@iecc.com (John R. Levine) Subject: Re: banks and check amounts It's absolutely true that banks make no effort to verify any of the information on incoming checks beyond what's coded on the stripe at the bottom. I'm evidently one of the three people left in the world who balances his checkbook every month, and once or twice I've found checks where the amount was coded wrong. Usually the error is only a penny or 10 cents (evidently my 1 and 2 look similar) but in one case it was off by $50 due to a 4 being coded as a 9. I dropped by the bank to complain, they weren't at all surprised and instantly credited my account. I'm not sure whether they tried to recover the $50 from the payee's bank or not. But really, getting the amounts wrong is the least of our problems. Almost without exception, they don't look at the handwriting or signature, either. If someone forges your account number in MICR ink at the bottom of a check, writes a check with a scribbled signature completely unlike yours, and cashes it, your bank will pay it. This is a major change from traditional banking practice -- until the advent of automated check sorting in the 1950s, bank accounts didn't have numbers, the only printed number on most checks was the Fed's routing number for your bank, and the only way to tell who wrote the check was for a clerk at your bank to look at the signature. There are still a few tiny banks that look at signatures, but for the most part, the last human who looks at your check is the clerk at the payee's bank who codes the amount. And through the magic of OCR, even that human is going away. -- John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869 johnl@iecc.com, Village Trustee and Sewer Commissioner, http://iecc.com/johnl, Member, Provisional board, Coalition Against Unsolicited Commercial E-mail ------------------------------ Date: Sat, 01 Jan 2000 19:12:41 +0800 From: private@mariana.net Subject: Re: Web Tracking and Data Matching Hit the Campaign Trail I believe Mr. Gurvits is missing the point. By collecting the information companies (and others) can indeed provide us with more relevant information, which is good. However that same information can also be used for many other purposes, not all of which are benign. Many of which are harmful, or potentially harmful. The main issue, which Mr. Gurvits ignores, is choice. If I want the benefits, then I should explicitly allow the collection of the data. I should also be explicitly informed how the information will be used, who has access to it, what steps the company is taking to ensure against unauthorized access and for how long it will be stored. The collection and use of data about individuals and their habits should depend upon the individual. Always. ------------------------------ Date: Mon, 03 Jan 2000 15:10:24 -0500 From: Timothy Hinds <tim@thinds.com> Subject: Re: Web Tracking and Data Matching Mr. Weinstein, Your recent invitation to let you know my views on Web Tracking and Data Matching give me the opportunity also to let you know that I very much appreciate the work you do on the PRIVACY Forum Digest. Your summaries and updates are invaluable. Please keep up the good work. I am deeply concerned about the amount of data matching that is being done today on the 'net and the vast expansion of it likely in the future, absent meaningful restrictions or regulation. In short, "There oughta be a law!" We desperately need legal protection against the gathering and use of personal information without the permission of the subject whose information is being used, bought, and sold. Until such legal protections emerge, I advocate the use of technological solutions to fight the technological abuses of our privacy. One intriguing tool is "Freedom" from Zero Knowledge Systems, of which I believe you are aware. It has recently been released out of beta, and I plan to adopt it in order to maintain some degree of online privacy through the use of multiple identities ("nyms" in ZKS's parlance). While technological defenses are philosophically more compatible on the surface with my conservative/libertarian beliefs, I see a legitimate, in fact essential, role for government's police powers here. The U.S. Constitution & Bill of Rights are clearly designed to limit government's unnecessary intrusion into the lives of the citizenry. However, they also clearly provide for government's wielding of what the Bible calls "the sword" in defense of the lives and property of the people. Indeed, both Biblically and constitutionally, only the state can exercise police power with ultimate legitimately. Private police and armies will always be subject to the appearance, and the fact, of motivation by private interests. Individual States within the U.S. could act here with legitimacy, but not with effectiveness, given the national and even international scope of the data correlation and web tracking efforts and organizations. Hence, reluctant as I am to call for the federal government to do ANYTHING, I believe it must enact legislation to protect the privacy rights of our citizens. Thanks for asking. - Timothy Hinds, thinds@acm.org. [ Thank you for your message. I am in general very unenthusiastic about the various services promising "anonymizing" capabilities. Since they require people to take explicit actions to use them, they will never impact most persons, nor do they address the root causes of the problems in any manner. I am also unconvinced of their reliability, and am concerned that they may well give users a false sense of security. The problems related to abuse of such systems by persons with genuinely libelous, fraudulent, criminal, or just plain evil motives are also potentially very serious issues. Some degree of federal legislative action is an absolute necessity to even starting to get a handle on these problems, even though it's true that legislative approaches are also never without some degree of risk. -- PRIVACY Forum Moderator ] ------------------------------ End of PRIVACY Forum Digest 09.02 ************************
Copyright © 2005 Vortex Technology. All Rights Reserved.