PRIVACY Forum Digest Monday, 28 December 1992 Volume 01 : Issue 30 Moderated by Lauren Weinstein (lauren@cv.vortex.com) Vortex Technology, Topanga, CA, U.S.A. ===== PRIVACY FORUM ===== The PRIVACY Forum digest is supported in part by the ACM Committee on Computers and Public Policy. CONTENTS PRIVACY Briefs (Lauren Weinstein; PRIVACY Forum Moderator) Thought for the day (David Peretz) Car searches require probable cause (Mel Beckman) Use of SSNs on Drivers Licenses (Ronni Rosenberg) California privacy law (Larry Seiler) Reports on Ames Raid Available (David Sobel) ********************************* ***** BEST WISHES FOR 1993! ***** ********************************* *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. ALL submissions should be addressed to "privacy@cv.vortex.com" and must have RELEVANT "Subject:" lines. Submissions without appropriate and relevant "Subject:" lines may be ignored. Subscriptions are by an automatic "listserv" system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@cv.vortex.com". Mailing list problems should be reported to "list-maint@cv.vortex.com". All submissions included in this digest represent the views of the individual authors and all submissions will be considered to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "cv.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the listserv system. Please follow the instructions above for getting the listserv "help" information, which includes details regarding the "index" and "get" listserv commands, which are used to access the PRIVACY Forum archive. For information regarding the availability of this digest via FAX, please send an inquiry to privacy-fax@cv.vortex.com, call (310) 455-9300, or FAX to (310) 455-2364. ----------------------------------------------------------------------------- VOLUME 01, ISSUE 30 Quote for the day: "Will the people in the cheaper seats clap your hands? All the rest of you, if you'll just rattle your jewelry." -- John Lennon At the Royal Variety (Command) Performance November 4, 1963 ---------------------------------------------------------------------- PRIVACY Briefs (from the Moderator) --- In PRIVACY Forum V01 #29, we reported on a new federal law placing various restrictions on both automated and live telemarketing, which had just gone into effect. However, enforcement of that law by the FCC has been suspended for now due to a court action. A small business owner, who made considerable use of automated telemarketing machines, has challenged the law on the grounds that it discriminates against small businesses who are much less likely to have the financial resources to hire live telemarketers than larger firms (which mainly use live telemarketing agents). Under the terms of the law, automated telemarketing machines would have been totally banned, and restrictions regarding call-backs would have been placed on live telemarketers. --- Reports out of the San Jose, California area are expressing concern over the apparent practice of some utility companies of routinely turning over "unusual" utility bills to law enforcement agencies. It seems that above average (that is, above the norm for the customer class) use of water and/or power may be considered to be a possible indication of illegal drug activities. At least some utility companies apparently consider consumer utility bills to be public information and not subject to privacy considerations. ------------------------------ Date: Sat, 26 Dec 92 00:52:19 PST >From: david_peretz@freemf.eskimo.com Subject: Thought for the day. Hello! My name is David Peretz and I've just discovered the PRIVACY Forum Digest. I thought I would share with you one of my favorite quotes from that great preserver of personal privacy and individual rights. . . "Many things are necessary to lead a full, free life. But none of these is more important than the most basic of all individual rights: The Right to Privacy. At no time in the past has our Government known so much about so many of its individual citizens. Government bureaucracies seem to thrive on collecting additional information. That information, is now stored in over 7,000 Government computers. And the names of over 150 million Americans are now in computer banks scattered across the country. In short, data banks affect nearly every man, woman and child in the United States today. Here is the heart of the matter: A system that fails to respect its citizens' right to privacy, fails to respect the citizens themselves. Careers have been ruined, marriages have been wrecked, reputations built up over a lifetime have been destroyed by the misuse or abuse of data technology in both private and public hands. Advanced technology has created new opportunities for America as a nation, but it has also created the possibility for new abuses of the individual American citizen. Adequate safeguards must always stand watch so that man remains the master, and never becomes the victim, of the computer." -- President Richard M. Nixon Privacy Address, 1974 -- Via DLG Pro v0.995 UUCP -- david_peretz@freemf.eskimo.com [ The PRIVACY Forum always appreciates quotes from such acknowledged champions of privacy rights! -- MODERATOR ] ------------------------------ Date: Sat, 26 Dec 92 10:01:54 PST >From: mbeckman@mbeckman.mbeckman.com (Mel Beckman) Subject: Car searches require probable cause Brian Larkin writes: > It got me to thinking though about if I had not consented, would > he had had to have gotten a warrant to search my car? Would I > have been forced to sit by the side of the road while they went to > get a warrant to search my car? If he HAD found something of an > illegal nature, could it be used against me in court? I'm certain many will respond to this. The answer is that no, the officer may not search your car without a warrant, and he can't get a warrant unless he has probable cause. Probable cause has been specifically determined to exclude such logic as "anyone who won't consent is hiding something" or "he looks guilty". It requires specific evidence that a crime may have been committed (e.g. bullet holes in the trunk). Note that if the officer does find probable cause, in most states he is allowed to hold you until a warrant is obtained. This could be several days. The "hold for warrant" delay tactic, in fact, is used often enough that several civil rights cases have been brought against agencies using it. In one case, a couple's entire apartment was dismantled and put into storage until a judge could inspect the property and determine if a warrant was, er, warranted. (The couple were civil rights workers in the south in the 60's; the material was primarily handouts on racial issues. More than a year passed before the property was returned). -mel _____________________________________________________________________ | Mel beckman | Internet: mbeckman@mbeckman.com | | Beckman Software Engineering | Compuserve: 75226,2257 | | 1201 Nilgai Place | Voice: 805/647-1641 | | Ventura, CA 93003 | Fax: 805/647-3125 | |______________________________|____________________________________| "Internet is big. Really Big. It gives the idea of infinity much better than infinity itself." (with apologies to Douglas Adams) ------------------------------ Date: Wed, 23 Dec 1992 13:16:31 EST >From: Ronni Rosenberg Subject: Use of SSNs on Drivers Licenses A bill is before the MA legislature that would prohibit continued use of Social Security numbers on drivers licenses. At the request of the Mass. Public Interest Research Group (MASSPIRG), I sent the following letter on behalf of CPSR/Boston. I just received word that despite opposition, the bill passed the state Senate; it will be considered next by the House. ---------------- CPSR/Boston 23 December 1992 Dear Representative: I am writing in support of S. 1779, An Act Prohibiting Use of Social Security Numbers on Massachusetts Drivers Licenses and Identification Cards. I write on behalf of the Boston chapter of Computer Professionals for Social Responsibility (CPSR). CPSR is a national, public-interest group of computer professionals and others concerned about the effects of computerization on society. CPSR's membership is about 2,500; the Boston chapter has several hundred members. I am a past Director of CPSR, and I have a Ph.D. from the Electrical Engineering and Computer Science Department of the Massachusetts Institute of Technology. S. 1779 would prohibit the use of Social Security numbers (SSNs) for an unintended purpose that is particularly widespread and dangerous: on MA motor vehicle licenses and registry-issued identification cards. This is desirable because it enhances privacy, without inhibiting legitimate needs to access data (e.g., for law-enforcement purposes). In July 1973, the U.S. Department of Health, Education & Welfare issued a seminal report, "Records, Computers, and the Rights of Citizens," the work of an advisory committee on Automated Personal Data Systems. That report led to the enactment of the Privacy Act of 1974, the major piece of privacy legislation in the U.S. The report's findings and recommendations remain current. For instance, the DHEW report noted that the SSN cannot qualify as a universal identifier, because it is not unique. The Social Security Administration itself estimated that more than 4.2 million people had two or more SSNs, and there are many cases of multiple people being issued or using the same SSN. Also, the SSN is unreliable: it has no validity-checking feature, it cannot always be verified, and a valid SSN is indistinguishable from most randomly chosen nine-digit numbers. Thus, SSNs are highly prone to undetectable errors of transcription and oral reporting. These deficiencies are not very surprising-the SSN was created for the limited purpose of identifying retirement accounts managed by the Social Security Board, which covered a minority of the population and even of civil servants. While the use of SSNs has been expanded greatly over time, insufficient attention has been paid to its unsuitability as an identifier. The result is a long list of horror stories of people whose identities were confused with someone who used the same SSN. People have been wrongly arrested and thrown in jail, wrongly denied benefits to which they are entitled, wrongly denied employment, and more, because of SSN inaccuracies. People in such situations have little redress, and typically it is a frustrating, time-consuming battle to re-establish their rightful "data identity." Encouraging more uses for SSNs lengthens the list of horror stories. The DHEW report made specific recommendations for use of SSNs, urging Congress to be "sparing" in mandating its use: "[The Congress] should weigh carefully the pros and cons of any proposed use, and should pay particular attention to whether effective safeguards have been applied to the automated personal data systems that would be affected by the proposed use of the SSN." Without doubt, the automated data systems affected by the use of SSNs on MA drivers licenses do not have effective safeguards, either for maintaining correct and complete data, or for preventing and punishing inappropriate disclosures of confidential data. Using an identifier other than the SSN for licenses will not create new problems for people with a legitimate need to access government records, e.g., criminal-justice records. As many studies have shown, the real problem with those records is that they are riddled with inaccuracies and misleadingly incomplete and outdated information. Because SSNs are not unique, using them to access such sensitive records is an invitation to mismatches, false accusations, and liability for those false accusations. Requiring a different identifier would give the registrar the opportunity to design a truly unique identifier, which might help avoid some mismatches that would otherwise occur when Registry data is linked with that of other systems. Each additional application of the SSN is a step on the road to a single, national databank. In the past, the desire to keep this country from turning into a "dossier society" led the U.S. Congress to prohibit both the creation of a national databank and the use of a universal identifier, and public opinion has been steadfastly opposed to such proposals. Since these early discussions, however, it has become trivial technically to create a de facto national databank by linking separate systems, a process facilitated by common identifiers. Unintended uses of SSNs tighten the web of information tracking that increasingly surrounds each of us, and the consequences for individuals of enhanced data linkage are not benign. Excessive surveillance has a chilling effect on an entire society; it must be discouraged by people who value highly an open society and individual privacy. The DHEW committee's warning is still timely: "Until effective safeguards against the abuse of computer-based personal data systems have been established, and until there has been full public debate of the desirability of an SUI [standard universal identifier], this is the point at which the situation must be held in check." Thank you for your consideration. Sincerely yours, Ronni Rosenberg, Ph.D. [ While SS#s are not used *on* California drivers licenses, a recent state law requires that all drivers provide their SS# when obtaining or renewing their license. The stated purpose of this is to simplify locating persons who are behind in child support payments. -- MODERATOR ] ------------------------------ Date: Wed, 23 Dec 92 15:03:51 EST >From: "Larry Seiler, x223-0588, MLO5-2 23-Dec-1992 1446" Subject: California privacy law I got a pleasant surprize with my latest alumni directory. The directory has two sections: a list of current addresses etc., and a listing by year and major of all graduates (it's a small college). The pleasant surprize was a card stating that, as per California law, the only people in the address listing are those who returned a signed authorization form! I believe this law is relatively new, since my last alumni directory didn't include any such caveat. What I particularly like about this is the explicit division of data into that which is public and can be disclosed to anyone (when I graduated), and that which is private and can only be disclosed with my permission (where I live). I wonder how the California law is really worded? Now, if we could only enforce such a rule on the credit industry... Enjoy, Larry ------------------------------ Date: Tue, 22 Dec 1992 13:47:06 EDT >From: David Sobel Subject: Reports on Ames Raid Available Last month I posted a NASA statement concerning the unannounced "security review" conducted at the Ames Research Center this past summer. The CPSR Washington Office recently obtained electronic copies of two NASA reports on the incident, which are now available through the listserver. To obtain these files, send the following message to : GET using the following filenames and filetypes: Filename Filetype Lines Description -------- -------- ----- ----------- AMES-MR REPORT 861 MANAGEMENT REVIEW OF THE AMES RESEARCH CENTER - August, 1992 AMES-MR ASSESSMT 565 ASSESSMENT PANEL REPORT ON THE NASA AMES MANAGEMENT REVIEW - November 6, 1992 ******************************************************* David Sobel Legal Counsel CPSR Washington Office [ These two documents have also been placed in the PRIVACY Forum archives for FTP or listserv access. For anon FTP, the pathnames (on Internet site "cv.vortex.com") are: /privacy/ames-mr.rpt.Z (Management Review Report) /privacy/ames-mr.asmt.Z (Assessment Panel Report) As always when retrieving compressed (".Z") files, be sure to use FTP "binary" or "image" mode. If you don't have an "uncompress" program, specify the filenames above without the ending ".Z" and they'll be sent to you uncompressed (don't use binary/image mode in this case). For listserv access, send an e-mail message to: listserv@cv.vortex.com with the start of the message BODY consisting of either: get privacy ames-mr.rpt or get privacy ames-mr.asmt The appropriate document will be mailed back to you automatically. Only one document may be specified in a single e-mail message. The documents make fascinating reading, especially when subjected to the classic "compare and contrast" analysis. Thoughtful comments regarding the documents would be welcome here in PRIVACY Forum. -- MODERATOR ] ------------------------------ End of PRIVACY Forum Digest 01.30