PRIVACY Forum Digest Tuesday, 8 December 1992 Volume 01 : Issue 27 Moderated by Lauren Weinstein (lauren@cv.vortex.com) Vortex Technology, Topanga, CA, U.S.A. ===== PRIVACY FORUM ===== The PRIVACY Forum digest is supported in part by the ACM Committee on Computers and Public Policy. CONTENTS PRIVACY Brief (Lauren Weinstein; PRIVACY Forum Moderator) Reminder: Privacy is YOU! (Lauren Weinstein; PRIVACY Forum Moderator) DOJ Authorizes Keystroke Monitoring (Dave Banisar) Errors in Large Databases and their Social Implications (Bob Anderson) *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. ALL submissions should be addressed to "privacy@cv.vortex.com" and must have RELEVANT "Subject:" lines. Submissions without appropriate and relevant "Subject:" lines may be ignored. Subscriptions are by an automatic "listserv" system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@cv.vortex.com". Mailing list problems should be reported to "list-maint@cv.vortex.com". All submissions included in this digest represent the views of the individual authors and all submissions will be considered to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "cv.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the listserv system. Please follow the instructions above for getting the listserv "help" information, which includes details regarding the "index" and "get" listserv commands, which are used to access the PRIVACY Forum archive. For information regarding the availability of this digest via FAX, please send an inquiry to privacy-fax@cv.vortex.com, call (310) 455-9300, or FAX to (310) 455-2364. ----------------------------------------------------------------------------- VOLUME 01, ISSUE 27 Quote for the day: "Never trust a rich spy!" -- Vesper Lynd "007" (Ursula Andress) "Casino Royale" (1967) ---------------------------------------------------------------------- PRIVACY Brief (from the Moderator) --- In a unanimous decision today, the Supreme Court ruled that the U.S. Constitution's protection against unreasonable police searches and seizures can apply to the taking of property, even when the owner's specific privacy rights were not violated. The decision reinstated a civil rights lawsuit that had been brought by an Elk Grove, Illinois family after their mobile home was hauled away from a trailer park (by trailer park employees accompanied by Cook County sheriff's deputies) before the required eviction notice had been obtained. Lower courts had ruled that since the trailer had not been searched prior to removal, the deputies had not interfered with either the privacy rights or liberties of the family, saying that "a pure deprivation of property" doesn't trigger the Fourth Amendment's unreasonable seizures provisions. "As a result of the state action in this case, the Soldals' domicile was not only seized, it literally was carried away, giving new meaning to the term `mobile home,"' Justice Byron R. White wrote for the Supreme Court. The Supreme Court decision leaves it to a federal trial judge to make further rulings on the merits of the reinstated suit itself. ------------------------------ Date: Mon, 7 Dec 92 21:10 PST >From: lauren@cv.vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: Reminder: Privacy is YOU! Greetings. The PRIVACY Forum digest readership has been growing by leaps and bounds lately, and now includes subscribers in nearly every corner of the planet (and judging from the complexity of some e-mail addresses, possibly on some other planets as well...) However, *input* to the digest has been running quite slow--apparently everyone wants to be a reader, but few want to actually submit items. This is a gentle reminder that *you* make the digest by what you contribute. Don't feel that a submission must be of a grammatic quality to get an "A" from your old "English 1" professor! Nor must it be a stylistic gem that will call down praises from the ether. If it's thoughtful, edited properly, and appropriate for presentation to a very large audience of persons interested in privacy-related topics, it has a high probability of appearing in the digest. Questions, concerns, personal anecdotes-- any of these formats, and many more, can form the basis of an excellent digest submission. The digest really is YOU. --Lauren-- ------------------------------ Date: Mon, 7 Dec 1992 22:48:06 +0000 >From: Dave Banisar Subject: DOJ Authorizes Keystroke Monitoring CA-92:19 CERT Advisory December 7, 1992 Keystroke Logging Banner ----------------------------------------------------------------- The CERT Coordination Center has received information from the United States Department of Justice, General Litigation and Legal Advice Section, Criminal Division, regarding keystroke monitoring by computer systems administrators, as a method of protecting computer systems from unauthorized access. The information that follows is based on the Justice Department's advice to all federal agencies. CERT strongly suggests adding a notice banner such as the one included below to all systems. Sites not covered by U.S. law should consult their legal counsel. ------------------------------------------------------------------ The legality of such monitoring is governed by 18 U.S.C. section 2510 et seq. That statute was last amended in 1986, years before the words "virus" and "worm" became part of our everyday vocabulary. Therefore, not surprisingly, the statute does not directly address the propriety of keystroke monitoring by system administrators. Attorneys for the Department have engaged in a review of the statute and its legislative history. We believe that such keystroke monitoring of intruders may be defensible under the statute. However, the statute does not expressly authorize such monitoring. Moreover, no court has yet had an opportunity to rule on this issue. If the courts were to decide that such monitoring is improper, it would potentially give rise to both criminal and civil liability for system administrators. Therefore, absent clear guidance from the courts, we believe it is advisable for system administrators who will be engaged in such monitoring to give notice to those who would be subject to monitoring that, by using the system, they are expressly consenting to such monitoring. Since it is important that unauthorized intruders be given notice, some form of banner notice at the time of signing on to the system is required. Simply providing written notice in advance to only authorized users will not be sufficient to place outside hackers on notice. An agency's banner should give clear and unequivocal notice to intruders that by signing onto the system they are expressly consenting to such monitoring. The banner should also indicate to authorized users that they may be monitored during the effort to monitor the intruder (e.g., if a hacker is downloading a user's file, keystroke monitoring will intercept both the hacker's download command and the authorized user's file). We also understand that system administrators may in some cases monitor authorized users in the course of routine system maintenance. If this is the case, the banner should indicate this fact. An example of an appropriate banner might be as follows: This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel. In the course of monitoring individuals improperly using this system, or in the course of system maintenance, the activities of authorized users may also be monitored. Anyone using this system expressly consents to such monitoring and is advised that if such monitoring reveals possible evidence of criminal activity, system personnel may provide the evidence of such monitoring to law enforcement officials. ------------------------------------------------------------------- Each site using this suggested banner should tailor it to their precise needs. Any questions should be directed to your organization's legal counsel. -------------------------------------------------------------------- The CERT Coordination Center wishes to thank Robert S. Mueller, III, Scott Charney and Marty Stansell-Gamm from the United States Department of Justice for their help in preparing this Advisory. --------------------------------------------------------------------- If you believe that your system has been compromised, contact the CERT Coordination Center or your representative in FIRST (Forum of Incident Response and Security Teams). Internet E-mail: cert@cert.org Telephone: 412-268-7090 (24-hour hotline) CERT personnel answer 7:30 a.m.-6:00 p.m. EST(GMT-5)/EDT(GMT-4), on call for emergencies during other hours. CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 ------------------------------ >From: Bob Anderson Subject: ERRORS IN LARGE DATABASES AND THEIR SOCIAL IMPLICATIONS Date: Wed, 18 Nov 92 15:33:58 PST Dr. Stephen Lukasik has agreed to act as guest editor of a special issue of "The Information Society" journal addressing errors in large databases and their social implications. Attached is a brief prospectus for this special issue. If anyone receiving this message is unfamiliar with the journal and its focus and interests, I would be happy to supply additional information. Bob Anderson - - - - - - - - - - - - - - - - - - - - - - - - - - - ERRORS IN LARGE DATABASES AND THEIR SOCIAL IMPLICATIONS Prospectus for a special issue of the Information Society Journal With the growth of information technology over time, we are becoming increasingly affected by data in electronic databases. The social and business premise is that electronic databases improve productivity and quality of life. The dark side of all this is that these databases contain errors, most trivial but in some cases they contain errors that by their nature impose a penalty on society. The penalties can range from minor annoyance and modest administrative cost in having a record corrected, to more serious cases where more costly consequences ensue, to conceivably, loss of life or major loss of property. The consequences to society of errors in electronic databases can be expected to increase, probably at an increasing rate. Some factors contributing to this expected increase are the increasing extent, in both size and coverage, of existing databases; increasing capture of data by automated transaction systems, from text and image scanners and the like; greater coupling of databases, either by administrative agreements or by more sophisticated search processes; more "amateur" database administration with increasingly widespread use of information technology; increasing use of heuristic search techniques that lack "commonsense;" and probably other well-meaning but pernicious influences. The purpose of the proposed issue is to accomplish the following: (a) increase recognition of, and awareness of the growing nature of the problem of errors in electronic databases that are increasingly becoming regulators of modern life; (b) encourage greater attention to the collection of error rate data and to quantitatively assessing the social and economic costs deriving from those errors; (c) foster theoretical and empirical studies of the propagation of errors through the coupling of, or joint search of, multiple databases; and (d) encourage the formulation of measures, in both technology and policy domains, designed to limit the costs accruing from the inherent growth in size and connectivity of electronic databases. We seek papers for the issue that will focus on the following aspects of the problem addressed here: (1) an enumeration of socially relevant databases, whose errors can have important consequences, either from a large number of small unit cost consequences or a small number of high cost consequences; (2) quantitative data on errors in databases, classified by the nature of the errors and their derivative costs; (3) obstacles to a full and open discussion of the problem such as those deriving from concern over legal liability and loss of business from "owning up" to the problem; and (4) proposals for technical and policy measures that can limit the growth of the problems addressed. The premises of the journal issue are: (1) that the problems of errors in databases can not be minimized until they are adequately recognized and fixes explored by the professionals in the field; and (2) that we must move from the anecdotal level, where horror stories abound, to a quantitative level where the economics of fixes, either in quality control at the point of data collection, or the quality control of the output of database searches, can be sensibly analyzed. Your interest in contributing to this special issue is invited. Suggestions for possible topics, authors, or an interest in contributing should be communicated to one of: guest editor: editor-in-chief: Dr. Stephen Lukasik Dr. Robert H. Anderson 1714 Stone Canyon Road RAND, P.O. Box 2138 Los Angeles CA 90077 Santa Monica CA 90407-2138 net: lukasik@rand.org net: anderson@rand.org tel: (310) 472-4387 tel: (310) 393-0411 x7597 fax: (310) 472-0019 fax: (310) 393-4818 ------------------------------ End of PRIVACY Forum Digest 01.27