PRIVACY Forum Digest Wednesday, 29 June 1994 Volume 03 : Issue 12 Moderated by Lauren Weinstein (lauren@vortex.com) Vortex Technology, Woodland Hills, CA, U.S.A. ===== PRIVACY FORUM ===== The PRIVACY Forum digest is supported in part by the ACM Committee on Computers and Public Policy. CONTENTS Cell Phone Privacy (Lauren Weinstein; PRIVACY Forum Moderator) New York PSC letters to FCC and V.P. Gore regarding CNID (Anthony Grego) Caller ID (Monty Solomon) Brooks Statement on Crypto (David Banisar) Privacy: Your Secrets For Sale (Les Earnest) Request for Social Security # by video rental store (Michael McClennen) Re: Newsgroup censorship (Jerry Leichter) Security in Blood Donation (David Stodolsky) RE: Thank you, France Telecom (Geoffrey Pike) *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The Internet PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. ALL submissions should be addressed to "privacy@vortex.com" and must have RELEVANT "Subject:" lines; submissions without appropriate and relevant "Subject:" lines may be ignored. Excessive "signatures" on submissions are subject to editing. Subscriptions are by an automatic "listserv" system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@vortex.com". Mailing list problems should be reported to "list-maint@vortex.com". All submissions included in this digest represent the views of the individual authors and all submissions will be considered to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "ftp.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the listserv system. Please follow the instructions above for getting the listserv "help" information, which includes details regarding the "index" and "get" listserv commands, which are used to access the PRIVACY Forum archive. All PRIVACY Forum materials are also available through the Internet Gopher system via a gopher server on site "gopher.vortex.com". For information regarding the availability of this digest via FAX, please send an inquiry to privacy-fax@vortex.com, call (818) 225-2800, or FAX to (818) 225-7203. ----------------------------------------------------------------------------- VOLUME 03, ISSUE 12 Quote for the day: "I just want to get on with my life." -- Michael Fay, explaining why he's refusing to accept any money for interviews or other projects related to his recent caning in Singapore. He also insists that he was innocent (no evidence was ever presented other than his confession and his being fingered by another youth, who was never available for cross-examination). Fay also insists that he was physically tortured and subjected to racial slurs by police during extended interrogations and signed the confession only out of fear of further abuse at the hands of Singapore authorities--abuse that he says was actually worse than the caning itself. ("Larry King Live" -- CNN -- 6/29/94) ---------------------------------------------------------------------- Date: Wed, 29 Jun 94 10:28 PDT From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: Cell Phone Privacy Greetings. As a suggested topic for possible discussion, it might be interesting to spend some time on the subject of cellular phone privacy issues. We all (hopefully) know that analog cell phones are easily monitored by readily available equipment. In areas of large user populations where cells have become quite thickly spread (here in L.A. they supposedly are about a mile or less apart on average) use of the system to track the detailed physical location of a phone, even if not making calls (so long as it is powered on) is also not at all complex. Fewer people realize that called number information (that is, the numbers you call from your phone, whether or not it is a cell phone) is *not* protected information in the sense most people would expect (though recent FCC decisions have apparently limited the ability of the telcos to release such number data to telecom service and equipment vendors without subscriber permission). We've seen some discussion on all sides of these issues here in PRIVACY Forum before, but the recent O.J. Simpson events have brought the topic back into public focus. One particularly interesting aspect of the Simpson case was that shortly after the now famous "chase" down the freeways, one local L.A. television station was showing, in detail on the air, the complete cell phone outgoing call records (time, number called, etc.) from the Simpson vehicle. They were also calling those numbers to try interview the people who were called from that phone. A few days later, they demonstrated that a voice mail "hacker" had apparently gained access to Simpson's voicemail and had changed the outgoing message to something rather obnoxious. Discussion of these and related telecom privacy issues, from all sides of the spectrum, might well be worthwhile. --Lauren-- ------------------------------ Date: Wed, 22 Jun 1994 15:14:45 +0500 From: gregoa@lucas.emi.com (Grego) Subject: New York PSC letters to FCC and V.P. Gore regarding CNID [ This message was received directly from the NY PSC for publication in PRIVACY Forum. Please be sure to send any replies to the postal address indicated, not to the email address of the sender. -- MODERATOR ] These attached letters from New York State Public Service Commission Chairman Peter A. Bradford to Federal Communicatons Commission Chairman Reed Hundt and Vice President Albert Gore are being forwarded to alert you to a recent FCC ruling (Docket 91-281) that could affect the privacy interests of telephone consumers if it takes effect as planned. Send comments to: NYS PSC, Consumer Services Division, 3 Empire State Plaza, Albany, NY 12223. _______________________________________________________________________ STATE OF NEW YORK PUBLIC SERVICE COMMISSION ALBANY 12223 June 1, 1994 Reed Hundt, Chairman Federal Communications Commission 1919 M Street, N.W. Washington, DC 20554 Dear Chairman Hundt: I am writing to express my concern about the Federal Communications Commission's recent decision (Docket #91-281) limiting the range of privacy protections available to telephone callers in connection with Call ID service. The potential preemptive features of this decision undermine sensible allocation of responsibility between state and federal jurisdictions, namely that the federal government preempt only where issues of overriding national concern are clearly at stake and then only after strong proof that no alternative approach will protect the national concerns. All of these essential elements (clear national concern, strong proof, and the absence of other alternatives) are lacking here. Instead, the casual reasoning and the destructive remedy mock stated Clinton Administration eagerness to work with the states to assure that telecommunications decisions are sensitive to important consumer issues. The FCC's decision appears to ignore the states' considerable experience with Call ID. Prior to its authorization of Call ID, the New York Public Service Commission (like many other states) conducted extensive customer outreach and education programs to determine how best to balance the privacy interests of the calling and called parties. Many witnesses, including psychiatrists, social workers, police, other public safety officials, as well as family violence crisis centers, saw danger and/or nuisance in Call ID without the option of per line blocking. These hearings established that privacy protection consisting only of per call blocking represents the worst of all worlds. The harassing caller is unlikely to forget to use per call blocking. It is the customer who does not realize the implications of the availability of Call ID to commercial number gatherers (or others who may abuse it) who is likely to make his or her telephone number inadvertently available. As a result, we concluded that in New York callers should have the option of both per call and per line blocking. Since Call ID service was approved with these options two years ago, no complaints have been received from either Call ID subscribers or callers on the issue of blocking. Furthermore, the market for Call ID does not seem to be hurt by the availability of per line blocking, for subscription rates are at least as high in states with per line blocking as elsewhere. Nevertheless, the FCC decision contemplates preemption of state requirements inconsistent with a federal per-call-blocking- only regime. Since per line blocking only for intrastate calls does not seem feasible, New York's standard (and those of some 40 other states) will be preempted. Protracted litigation over the FCC decision is certain and may impede the introduction of interstate Call ID service. Several states, including New York, are seeking reconsideration of the FCC decision and California has challenged the FCC order in court. Customer confusion and disappointment with limitations on privacy options will spawn a host of complaints. Furthermore, it will be hard for state regulators to justify the current surcharge for unpublished listings while telephone companies market a service that compromises the value of those listings. I have enclosed a recent New York notice raising this concern for parties in two major cases. Telephone companies are not likely to go forward with Call ID if they must forego tens of millions of dollars per year in charges for unpublished numbers. I hope that the FCC will think again about the impact of this decision. It is likely to damage the prospects for Call ID, and it is certain to damage federal-state relations in the communications area at a time when much depends on our mutual trust and cooperation. Sincerely, Peter Bradford Enclosure _______________________________________________________________________ STATE OF NEW YORK PUBLIC SERVICE COMMISSION ALBANY 12223 June 6, 1994 The Honorable Albert Gore Vice President of the United States Old Executive Office Building Washington, DC 20510 Dear Mr. Vice President: During your meeting in early March to discuss telecommunications issues with a group of state utility regulators, you emphasized in firm and welcome terms that the Clinton Administration would not be using federal preemptive authority in alliance with particular economic interests to centralize telecommunications policymaking in Washington. Since then, NARUC has worked productively with your office on a number of issues. Unfortunately, the divisive preemption issue has now manifested itself again in an FCC decision that will sweep aside diverse privacy protections carefully crafted over several years (without adversely affecting the market for the service in question) to suit the differing privacy needs and expectations of our consumers. The matter is explained in more detail in the enclosed letter to Chairman Hundt at the FCC. Having chaired public hearings on this issue myself, I know how strong the concerns around the Call ID issue are. For every consumer who views this technology as the best deterrent to obscene callers, another consumer foresees a surge in nuisance calls as a result of number trapping by those compiling lists for sales to telemarketers. For every consumer who believes that this technology will allow them to let unwanted calls go unanswered, another (perhaps a family violence center, a probation officer or a psychiatrist) fears inadvertently disclosing a home telephone number to someone threatening. Here in New York, the Public Service Commission and the Legislature put a lot of time and effort into balancing the potentials of the technology with the expectations of different consumer groups. In Maine, public concern was so great that the privacy protections were written into state law. In Pennsylvania they were a subject of Supreme Court review. The FCC decision purports to eliminate the balancing achieved by these agencies, legislatures and courts as well as those of many other states. Furthermore, this undertaking is likely to backfire expensively on the technology that it is intended to promote, as did past federal preemptive lunges on such topics as atomic power. Any telephone company choosing to offer Call ID without per line blocking may have to forego much of its revenue from charges for unpublished numbers, since the value of such numbers will be reduced or eliminated if their privacy protection is not maintained. Because the revenues lost will not be made up by revenues from Call ID, the fate of the service and the technology that the FCC is trying to promote is at best uncertain. I appreciate that the FCC is an independent regulatory agency. However, the National Telecommunications and Information Administration and the Department of Justice have been involved in this proceeding, so avenues do exist for a clear Administration reiteration of the need for flexibility and responsiveness to local consumer concerns. Indeed, NTIA has already asserted that FCC preemption here would be "premature" and wisely advocates learning from experience about the possibility that somewhat different federal and state standards can coexist. Thanks for any assistance that you can give us on this matter. Sincerely, Peter Bradford Enclosure _______________________________________________________________________ ------------------------------ Date: Wed, 29 Jun 1994 11:27:12 -0400 From: Monty Solomon Subject: Caller ID Excerpts from EPIC Alert 1.03 ======================================================================= [3] FCC Caller ID Decision Appealed ======================================================================= Several state utility commissions, including New York's and California's, have petitioned the Federal Communications Commission to reconsider its controversial Caller ID decision. The petitions ask the FCC to reverse its decision mandating per-call blocking for interstate calls and its preemption of state regulations. The commissions are concerned that the federal regulation will limit consumer privacy protection for intra-state calls. It is uncertain if the FCC will take the unusual action of accepting the petitions. Since the Caller ID decision was released in April, two new commissioners have joined the FCC. A total of 48 parties, including telephone companies who are concerned about which party is charged the cost of transmitting the information, have filed petitions asking the FCC to reconsider its decision. Per-call blocking, which is favored by telephone companies, requires that a caller to enter a series of numbers into their telephone before each call to prevent their number from being distributed. Under per-line blocking, privacy blocking is the default and the caller may opt to release their number. The New York Public Utility Commission's petition notes that "there is no technological bar to enabling each state to designate per line or per call blocking and have that privacy notation affixed to that caller's phone calls both intra and interstate." The PUC calls on the FCC, which did not hold a single hearing on Caller ID, to review the decisions of the many states that did hold hearings. Professor Rohan Samarajiva of Ohio State University, who also filed for reconsideration, found that 46 states held hearings on Caller ID before the FCC issued their final decision. He found that as information became more available on Caller ID, the state utility commissioners increasingly required that per-line blocking be offered in addition to per-call. By 1994, 33 jurisdictions developed rules with stronger privacy protection than the FCC decision. 18 states require per-line blocking be offered to all consumers, including Pennsylvania, Ohio, California and New York. CPSR has also filed a petition asking the FCC to revise its decision. CPSR calls for free per-line blocking and note the additional burden of per call blocking will cost consumers who have unlisted telephone numbers $1.2 billion each year through the disclosure of unlisted numbers. They describe the FCCUs suggestion that consumers who wish to ensure that their numbers remain private purchase equipment as Runreliable and discriminatory.S In addition, the California PUC has filed suit in the 9th Circuit Court of Appeals, asking the court to overturn the ruling and prevent its implementation. The FCC decision on Caller ID and the CPSR Petition for Reconsideration are available from cpsr.org. See below for details. ------------------------------ Date: Tue, 14 Jun 1994 14:20:25 -0400 From: David Banisar Subject: Brooks Statement on Crypto The following statement by Rep. Jack Brooks (D-TX) was today entered in the Congressional Record and transmitted to the House Intelligence Committee. Rep. Brooks is Chairman of the House Judiciary Committee and played a key role in the passage of the Computer Security Act of 1987 when he served as Chairman of the House Government Operations Committee. David Sobel Legal Counsel Electronic Privacy Information Center ============================================================= ENCRYPTION POLICY ENDANGERS U.S. COMPETITIVENESS IN GLOBAL MARKETPLACE For some time now, a debate has been raging in the media and in the halls of Congress over the Administration's intention to require U.S. corporations to use and market the Clipper Chip, an encryption device developed in secret by the National Security Agency. The Clipper Chip will provide industry and others with the ability to encode telephone and computer communications. The use of the Clipper Chip as the U.S. encryption standard is a concept promoted by both the intelligence and law enforcement communities because it is designed with a back door to make it relatively easy for these agencies to listen in on these communications. The law enforcement and intelligence communities have a legitimate concern that advances in technology will make their jobs more difficult. But the issue here is whether attempts to restrict the development, use and export of encryption amounts to closing the barn door after the horse has already escaped. The notion that we can limit encryption is just plain fanciful. Encryption technology is available worldwide -- and will become more available as time goes on. First, generally available software with encryption capabilities is sold within the U.S. at thousands of retail outlets, by mail, even, over the phone. These programs may be transferred abroad in minutes by anyone using a public telephone line and a computer modem. Second, it is estimated that over 200 products from some 22 countries -- including Great Britain, France, Germany, Russia, Japan, India, and South Africa -- use some form of the encryption that the Government currently prohibits U.S. companies from exporting. According to the May 16, 1994 issue of _Fortune_, not only are U.S. companies willing to purchase foreign encryption devices, American producers of encrypted software are also moving production overseas to escape the current export controls. Third, encryption techniques and technology are well understood throughout the world. Encryption is routinely taught in computer science programs. Text books explain the underlying encryption technology. International organizations have published protocols for implementing high level encryption. Actual implementations of encryption -- programs ready to use by even computer novices -- are on the Internet. The only result of continued U.S. export controls is to threaten the continued preeminence of America's computer software and hardware companies in world markets. These restrictive policies jeopardize the health of American companies, and the jobs and revenues they generate. I support, therefore, the immediate revision of current export controls over encryption devices to comport with the reality of worldwide encryption availability. I believe law enforcement and the intelligence community would be better served by finding real, and targeted ways to deal with international terrorists and criminals rather than promoting scattershot policies, which restrict American industries' ability to design, produce and market technology. Now -- more than ever -- we cannot afford to harm our economic competitiveness and justify it in the name of national security. ------------------------------ Date: Sun, 12 Jun 94 17:39:31 -0700 From: Les Earnest Subject: Privacy: Your Secrets For Sale [ From RISKS-FORUM Digest, Volume 16 : Issue 15, 15 June 94 -- MODERATOR ] ABC's Nightline programs on June 9 & 10 focussed on invasions of privacy that are facilitated by computers and other electronic media. The program mainly covered things that we are familiar with but performed a valuable service, I believe, by bringing some important privacy issues to the attention of the general public in a fairly clear and direct way. The program began with Ted Koppel presenting results of a public opinion poll on two questions: Is the sale of records to mail order companies an invasion of privacy? YES - 73% NO - 27% Are you concerned about threats to your privacy? YES - 85% NO - 15% Koppel went on to assert that the amount of personal information that is available online is currently quadrupling each year. An interview followed with an information broker named Al Schweitzer, who they mentioned is currently on probation for bribery in connection with information gathering. They gave him names and social security numbers of a couple of people and he showed that in less than 24 hours he could get a great deal of information about them from legal sources, including their residential addresses going back a number of years, the amounts of all outstanding loans and credit card debts and terms of a divorce settlement. Schweitzer could not resist mentioning that he could get additional information, including detailed phone bills and lists of credit card purchases through illicit but readily accessible channels and could get the person's income through another such channel at a cost of $50. He showed a list of kinds of information, both legal and illegal, that are available and the schedule of fees for these services. There was a discussion of the fact that state and local governments sell a great deal of information to direct marketers, including voter registration, property owners lists, court records, and (in many states) motor vehicle and drivers license registrations. These agencies derive a great deal of income from selling this information, which has assisted direct marketers to keep track of 80 million Americans. Thus they have a mutually beneficial relationship, arguably at the expense of the public. It was mentioned that Barbara Boxer's bill, which has passed the U.S. Senate, would restrict dissemination of information by all state departments of motor vehicles. They interviewed a "reformed hacker" named Ian Murphy who is now a security consultant. Murphy pointed out that all calls to 800 or 900 numbers make the caller's phone number available and that with a computer and an available database this can be mapped into the subscriber's name and address. He also discussed how it was possible to intercept a telephone conversation from a specific cellular phone. He noted that this is illegal but that it is almost impossible to catch anyone who does it. He concluded that "Laws can't keep up with technology." In a discussion of the Clipper Chip there was a short interview with John Perry Barlow in which he remarked that with it "The government can sit in your living room and hear everything you say." A woman from Houston, Texas, named Carol Gibbs told her horror story about having her credit usurped by another person and the fact that it has taken her two years to get her life back together. It was pointed out that even though it is now illegal to sell video rental records, it is perfectly legal to sell personal medical records! The second program concluded with a discussion between Koppel, Schweitzer, Sally Katzen of the "Clinton Privacy Group" and Representative Ed Markey, who discussed his proposed "Privacy Bill of Rights." Markey said that this bill would impose two requirements: (1) That individuals must be given knowledge that information is being gathered about them electronically; (2) Individuals must be given notice when information that has been gathered is proposed to for a use other than the one for which it was gathered. Katzen mentioned that it has been over 20 years since the Code of Fair Information Practices was developed and that technology has changed substantially: in 1973-74 most records were paper-based but computer-based records now dominate. She asserted that the law has to catch up. In parting it was mentioned that a representative of one of the "big three" credit information houses had originally agreed to participate in the discussion but decided not to come after learning who else would be there. -Les Earnest ------------------------------ Date: Mon, 13 Jun 1994 10:56:19 -0400 From: Michael McClennen Subject: Request for Social Security # by video rental store Since I finally broke down and bought a VCR last year, I recently joined a video rental club operated by a national video rental chain (the way these stores operate, you have to be a member of the club in order to rent videos). Among the items on the application form was a request for my social security number. As an astute reader of PRIVACY and RISKS, I proceeded to point out to the clerk that this was a problematic request on their part since it gives both the company and any employees who happen to see the number an easy means to steal my money, information, and identity should they be so inclined. Her response was that company policy is to demand a social security number from each member, since that is the only reliable means they have of tracking someone down if they leave town without returning rented videos. My question is this: does this seem like a reasonable policy, from the perspective of society as a whole? They seem to want my social security number precisely so that they can invade my privacy if they believe I have absconded with their merchandise, rather than going through the legally available (if slower and less certain) channels for recovering same. BTW, I wimped out and gave it to them anyway. I eventually decided that anyone who really wants my SS# can probably find it out anyway. Michael McClennen EECS Department The University of Michigan ------------------------------ Date: Mon, 13 Jun 94 08:57:06 EDT From: Jerry Leichter Subject: re: Newsgroup censorship Thomas Swiss argues that for a university to provide Usenet services, but to refuse to carry certain newsgroups, is at least close to censorship, based on the following analogy: What would be our reaction if the university library subscribed to the Wall Street Journal, but removed the editorial page? The problem with such an analogy - as with any analogy - is that first one has to argue that the analogy itself is apt. Is it censorship if the univer- sity library subscribes to the Journal and the New York Times, the Washington Post, and a number of other major newpapers - but declines to subscribe to the National Enquirer? If it subscribes to the Atlantic, Scientific American, and hundreds of other journals, but chooses not to subscribe to Big Boobs and Spread Legs? I doubt many would feel it is. What is the basis for viewing the entire constellation of Usenet newgroups as a single entity, which one must take whole (alt.sex.bestiality along with sci.physics.research) or not all? The only thing the two have in common is the technology used to deliver them - about what Physical Review Letters and Spread Legs have in common. Traditional publications have a unity that stems from the ownership and con- trol of the publication by a particular person or organization. We think of the publication itself as having a characteristic point of view. This point of view is always evident in the general subject matter of articles that the controlling entity chooses to publish; depending on the publication, it may or may not be evident in things like political slant. Similarly, most individual newsgroups have at the least a characteristic and recognizable subject matter. In the case of moderated groups, there is even a controlling entity, not very different from a traditional magazine's editor. But such an identity is seen by readers to exist even in unmoderated groups, as should be clear from the reactions to Canter's "Green Card" advertising. I submit that "Usenet" is no more a publication with any discernable identity than the collection of all the magazines on the racks at the corner store is a publication. It is thus a complete misapplication of the word "censorship" to apply it to the choice of newsgroups carried by a university server. -- Jerry ------------------------------ Date: Sun, 12 Jun 94 22:57:10 +0200 (CET) From: david@arch.ping.dk (David Stodolsky) Subject: Security in Blood Donation This is the abstract of a research proposal submitted to the Nordic Council's social science committee for comparative research. It includes participants from all Scandinavian countries. I am now looking for additional funding options and for participants from other countries. --------------------------------------------------- Security in Blood Donation: Privacy Protection and the Safety of Donated Blood. Abstract Improved methods of data collection and improved data security can enhance blood donors' privacy. Better privacy for donors reduces the risk that sensitive data are withheld and increases flexibility in data utilization. Therefore, privacy enhancement can improve the safety of donated blood and ease identification of new infectious agents. The first phase of this project investigates the acceptability and feasibility of computer interviewing and improved data security. Rate of elicitation of HIV-related risk factors and judged privacy are expected to be greater in computer interviews as compared to traditional interviews. Perceived desirability of cryptographic data security is expected to vary widely among countries because of differing data protection regulations. Feasibility of an enhanced donor data security system will be assessed in view of current chip-card initiatives in different countries. The second phase integrates computer interviewing into blood bank operations and pilot tests the enhanced security system. Notification methods which preserve donor privacy will also be tested at this stage. Harmonization of data security methods among the participating countries will be investigated from a comparative ethical and legal perspective. Phase three involves deployment of an integrated interviewing, notification, and data security system. Data collection started in phase one will continue throughout the study. Methods for automatic detection of clusters of risk factors and biological markers will be investigated. Secure and harmonized data collection will permit early warning of risks to the safety of donated blood in the cooperating countries. David S. Stodolsky, PhD Internet: stodolsk@andromeda.rutgers.edu Inst. of Political Science Internet: david@arch.ping.dk Univ. of Copenhagen, Rosenborgg. 15 Tel.: + 45 32 97 66 74 DK-1130 Copenhagen K, Denmark Fax: + 45 31 59 76 44 ------------------------------ Date: Sun, 12 Jun 94 14:59:41 PDT From: Geoffrey Pike Subject: RE: Thank you, France Telecom >From: Technology Strategy & Architecture >[...] >Wednesday at the airport I was trying urgently to reach someone by phone, >but kept getting a busy signal. I took my card out of the phone and walked >away. Later I came back to the same phone, inserted my card, and pressed >the redial button. It not only redialed my number, it displayed it on the >screen. > >Obvious privacy risk. It was convenient at the moment, but I'd far rather >the number be erased when the card is removed from the phone. It may be obvious to you, but it isn't to me. When you push the redial button, what number is redialed: the last number that was dialed using your card or the last number that was dialed on that phone? Either interpretation is consistent with your story. It makes a big difference. Geoff Pike pike@cs.berkeley.edu ------------------------------ End of PRIVACY Forum Digest 03.12 ************************