PRIVACY Forum Digest Saturday, 11 March 1995 Volume 04 : Issue 06 Moderated by Lauren Weinstein (lauren@vortex.com) Vortex Technology, Woodland Hills, CA, U.S.A. ===== PRIVACY FORUM ===== The PRIVACY Forum digest is supported in part by the ACM Committee on Computers and Public Policy, and the Data and Information Services Division of MCI Communications Corporation. CONTENTS PRIVACY Forum Status (Good News!) (Lauren Weinstein; PRIVACY Forum Moderator) Re: How can files be 100% wiped? (Wm Randolph Franklin) Destruction of data (Charles M. Preston) Proposed FTC Rules Could Reduce Telemarketing Abuses (Privacy Rights Clearinghouse) Compuserve Sued for Delivering "Junk E-Mail" (Privacy Rights Clearinghouse) Airline data (Phil Agre) American Express sends reporters' data to tobacco companies (Phil Agre) EPIC Legislative Update 2.2 (Dave Banisar) Alert #1: Fifth Conference on Computers, Freedom and Privacy (Carey Heckman) Short Course on Protection and Security on the Information Superhighway (Dr. Frederick B. Cohen) *** Please include a RELEVANT "Subject:" line on all submissions! *** *** Submissions without them may be ignored! *** ----------------------------------------------------------------------------- The Internet PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. ALL submissions should be addressed to "privacy@vortex.com" and must have RELEVANT "Subject:" lines; submissions without appropriate and relevant "Subject:" lines may be ignored. Excessive "signatures" on submissions are subject to editing. Subscriptions are by an automatic "listserv" system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@vortex.com". Mailing list problems should be reported to "list-maint@vortex.com". All submissions included in this digest represent the views of the individual authors and all submissions will be considered to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "ftp.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the listserv system. Please follow the instructions above for getting the listserv "help" information, which includes details regarding the "index" and "get" listserv commands, which are used to access the PRIVACY Forum archive. All PRIVACY Forum materials are available through the Internet Gopher system via a gopher server on site "gopher.vortex.com". Access to PRIVACY Forum materials is also available through the Internet World Wide Web (WWW) via the Vortex Technology WWW home page at the URL: "http://www.vortex.com". ----------------------------------------------------------------------------- VOLUME 04, ISSUE 06 Quote for the day: "It's a beautiful day in the neighborhood..." -- Mr. Rogers (Fred Rogers) "Mister Rogers' Neighborhood" (1967- ) ---------------------------------------------------------------------- Date: Sat, 11 Mar 95 22:34 PST From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: PRIVACY Forum Status (Good News!) Greetings. Many of you will recall back to the latter part of last year, where in this same virtual space I discussed problems which might have led in short order to the termination of this digest and its associated services. I received an outpouring of responses expressing hope that this would not transpire, and a number of suggestions regarding possible solutions; your messages were all greatly appreciated. I'm now very pleased to announce that the network connectivity problem which threatened the Forum has been solved, thanks to the intervention of the Data and Information Services Division of MCI Communications Corporation, which is now providing the Forum with Internet connectivity via their "internetMCI" network. I'd like to express particular thanks to Vinton Cerf of MCI for making this most positive outcome possible. Thanks also go to Frederick Cohen of Management Analytics for his role in the process. There were numerous other persons at MCI who were very helpful in bringing this all about, and thanks to all of them as well! With the vast growth of the Internet and the increasing workloads on volunteer moderators, MCI is standing out as a model of corporate good-citizenship in helping to make it possible for the PRIVACY Forum to continue for the now truly global network community. Persons interested in learning more about MCI's data and information services should definitely check out the World Wide Web URL: "http://www.mci.com". Thanks MCI! And now, back to the Forum... --Lauren-- ------------------------------ Date: Sun, 26 Feb 1995 22:06:01 -0500 From: Wm Randolph Franklin Subject: re: How can files be 100% wiped? How can an old disk be cleaned (and still be usable)? One way would be to store only encrypted data, never plaintext, on the disk. In Unix, I recommend Matt Blaze's CFS (Cryptographic File System). This is similar to NFS, except that the data is automatically encrypted/decrypted before being written to/read from the mounted filesystem. It's slower than copying plaintext, but by less than you'd think. Also, should the computer be turned off, or a timer expire, the password is needed again to read the data. There's still the problem of virtual memory causing plaintext to be written to the paging disk. However since the paging space is a fixed region that is reused so much, this would seem to be a smaller problem, unless the computer's plug were pulled while the secret program was running and the paging partition, especially of the CFS daemon, were analyzed. A possible solution here might be somehow to lock the process into memory so that it is never paged out, or even once copied to disk. -------- Wm. Randolph Franklin, wrf@ecse.rpi.edu, (518) 276-6077; Fax: -6261 ECSE Dept., 6026 JEC, Rensselaer Polytechnic Inst, Troy NY, 12180 USA ------------------------------ Date: Sun, 26 Feb 1995 22:38:39 +0900 From: cpreston@alaska.net (Charles M. Preston) Subject: Destruction of data Here's a quick answer to G. Martin, in a question from Privacy Digest 4.05. >One area where I keep getting mixed signals on is >how to *REALLY* remove old data from hard drives, floppies and >backup tapes. >First I was told that reformatting the drives would make the >data unrecoverable. Then I was told it wouldn't. I've heard >different stories about what really needs to be done to >absolutely assure that private, personal information can be >safely wiped from these devices. You might want to check out an article in Security Management, February, 1995, called "The Data Dilemma" by Charles Preston. It deals with recovery of data and how to destroy it. Easy data recovery will be from -- Diskettes or drives formatted with DOS 5.0 or later where the /U option wasn't used, and that haven't been written on much. This leaves all the data on the media. Deleted files that have not been overwritten - all of the data is still present. Temporary files never destroyed due to program or computer fault or interruption. Multiple files left on each drive by programs that save versions of the same "document" automatically or manually. Large virtual memory areas of the hard disk where random access memory contents are stored. Automatic backup copies of "documents" stored by programs. "Instant-on" areas of the hard drive that store random access memory contents. ------------------------------------- Since it is possible that none of these areas have been overwritten yet, and are generally not known to most computer users, you are probably in greater danger from easy software searching of these than overwritten media. Overwriting programs have to be specifically directed to wipe free space and file slack space on the drive to be effective. Recent recommendations for overwriting are that it must be done numerous times over the same areas, and at least the last pass should be random data. I don't know of any personal computer software utilities that offer this. There are photos in research papers of "visible" data that has been overwritten once on a typical hard drive. Low-level formatting only overwrites once, and with a constant pattern probably easier to "subtract" from underlying tracks. Overwriting even once will make the data expensive to recover and usually not recoverable with a normal computer floppy or hard drive. Degaussing(strong magnetic fields that destroy patterns on the media) with a very strong magnetic wand or strong degausser will make the data very expensive and difficult to recover. A report from the Institute for Defense Analyses from several years ago stated that with enough processing power and time, data could be recovered almost regardless of the method used to erase it. The same report gave a rule of thumb about the necessary strength of magnetic fields used to erase data. If this holds true for newer media like high-density diskettes and DAT drives, it may be impossible to adequately erase this media, including hard drives, with current degaussers. If you want to really "destroy" data, completely burn the media. Bear in mind that there may be toxic gases. Good encryption, used correctly, will greatly reduce the risk of most files being recovered from magnetic media, whether they have or haven't been erased. Charles M. Preston Information Integrity cpreston@alaska.net ------------------------------ Date: Mon, 27 Feb 1995 16:54:10 -0800 (PST) From: Privacy Rights Clearinghouse Subject: Proposed FTC Rules Could Reduce Telemarketing Abuses The Federal Trade Commission (FTC) has proposed a set of rules which would ban many deceptive or abusive telemarketing sales practices. Although there has been very little publicity about this rulemaking, it could severely restrict telemarketing activity and substantially cut down on those annoying sales calls that always seem to come at the wrong time. It would also provide a strong deterrent to scam artists. The FTC is seeking public comment over the next several weeks on the proposed rules. A copy of the proposal can be obtained by calling 202.326.2222. The actual text is very long (120 pages), so interested persons might request a press release which explains the rules in some detail. I'm not aware of any online availability of these materials. Under the proposed rules, telemarketers would have to tell consumers at the beginning of each call that it is a sales call and provide the name of the seller. The rule would prohibit telemarketing calls before 8 a.m. or after 9 p.m. Telemarketers offering credit or loans, credit repair services, or assistance to consumers in recovering lost money from prior telemarketing schemes, would be prohibited from seeking payment until the services have been rendered. Additionally, telemarketers would be required to disclose all material information about any offer made to a consumer, and would be required to obtain signed acknowledgement of written disclosure regarding all prize-promotions and investment offerings before seeking any payment. These disclosures must include information about the retail price of all prizes, odds of winning, costs of obtaining any prize, and the "No purchase necessary to win" statement. The proposed rules also prohibit a variety of specific misrepresentations, including that a person was selected to receive a prize, that the telemarketer is affiliated with a government entity, or that the telemarketer can improve credit records or obtain loans for customers regardless of credit record. Also, telemarketers would be prohibited from calling consumers more than once every three months to sell the same thing, and calling consumers who have stated that they do not want to be called by the telemarketer. Violations of the proposed rule could result in civil penalties of up to $10,000 per violation. There will likely be strong resistance from the telemarketing industry to these regulations, and attempts to weaken the proposed rules. Written comments in support of the rules may be submitted to the FTC, Office of the Secretary, Room 159, Washington D.C. 20580, and should be captioned "Proposed Telemarketing Sales Rule." The FTC requests that the comments also be submitted on disk, preferably in a DOS word processer format, or as a text file. BTW, the Privacy Rights Clearinghouse has a free publication entitled "Telemarketing: Whatever Happened to a Quiet Evening at Home?" that provides tips on cutting down on sales calls. The document is available via gopher at gopher.acusd.edu; ftp at teetot.acusd.edu cd pub/privacy; WWW at http://www.manymedia.com/prc/; or e-mail this address for a copy. ================================================================= Barry D. Fraser fraser@pwa.acusd.edu Online Legal Research Associate Privacy Rights Clearinghouse prc@pwa.acusd.edu Center for Public Interest Law telnet teetot.acusd.edu University of San Diego login: privacy Privacy Hotline: 619-298-3396 BBS: 619-260-4789 In California: 800-773-7748 host: teetot login: privacy ================================================================= ------------------------------ Date: Mon, 27 Feb 1995 17:03:16 -0800 (PST) From: Privacy Rights Clearinghouse Subject: Compuserve Sued for Delivering "Junk E-Mail" Robert Arkow, a Compuserve subscriber, is suing the service for delivering two unsolicited advertising e-mail messages to his mailbox on December 21, 1994. The suit, believed to be the first of its kind, challenges the right of advertisers to deliver so- called "Junk E-Mail" under the Telephone Consumer Privacy Protection Act of 1991 (TCPA). Arkow argues that the TCPA prohibits the automated calling of "any service for which the calling party is charged for the call." Also named in the suit is Compuserve Visa, the business responsible for the ads. The TCPA provisions are aimed at automated dialers, machines that call homes and deliver recorded sales pitches. The law also prohibits unsolicited fax advertisements. The question will be "How similar is junk E-Mail to recorded telemarketing calls or unsolicited fax ads?" ================================================================= Barry D. Fraser fraser@pwa.acusd.edu Online Legal Research Associate Privacy Rights Clearinghouse prc@pwa.acusd.edu Center for Public Interest Law telnet teetot.acusd.edu University of San Diego login: privacy Privacy Hotline: 619-298-3396 BBS: 619-260-4789 In California: 800-773-7748 host: teetot login: privacy ================================================================= ------------------------------ Date: Sat, 11 Feb 1995 14:44:39 -0800 From: Phil Agre Subject: airline data The New York Times describes an agreement over the collection and management of operational data from commercial aircraft in the US: Matthew L. Wald, Government authorizes airlines to collect data on pilots' errors, New York Times, 10 February 1995, pages A1, C4. The new system routinely collects and stores the data that now (in the US anyway) is normally only inspected after a plane crashes. The pilots' union had been concerned that airlines would use this data to build a case when they wanted to fire one of its members. The compromise is that the airlines would maintain the data but that pilots would have immunity against its being used to punish them, and that the FAA will have access to the information for its safety studies. This will allow the FAA to spot patterns in statistics that might indicate trouble before a crash. This is a relatively unusual case of negotiation over technology for tracking work activities. It is interesting to contrast the pilots' case to that of truck drivers, many of whose rigs are now electronically monitored without any such protections. One difference between the two cases is the relative strength of the ALPA and the Teamsters in their respective industries. Another is the difference in severity of the public safety issues facing regulators in the two industries. Phil Agre, UCSD ------------------------------ Date: Sat, 25 Feb 1995 18:23:35 -0800 From: Phil Agre Subject: American Express sends reporters' data to tobacco companies You may recall that Philip Morris, the largest producer of tobacco products in the United States, has sued ABC television for $10 billion for a story claiming that tobacco companies manipulate nicotine levels in cigarettes to keep customers addicted to their products. Their story was based in part on the testimony of a former tobacco company manager who appeared on the show in silhouette. Philip Morris wanted badly to know this person's identity, and so they sent subpoenas to 13 companies to obtain the travel records of the ABC producers who did the reporting. The subpoenas covered the one-month period during which they worked on the story. The Wall Street Journal has now reported an astounding new development: Laurie P. Cohen and Alix M. Freedman, American Express sends a statement that's quite wrong, The Wall Street Journal, 24 February 1995, pages A1 and A4. As you might expect, various media organizations tried to overturn the subpoenas. When they failed, 12 of the 13 companies made their own attempt to get the subpoenas overturned. But the 13th company, American Express did not, and instead voluntarily turned over *seven years* worth of records on those reporters *and* records for a half-dozen reporters with no connection to the case. The company admits it made a mistake and expresses concern for its customers' privacy. Clearly, though, American Express' public relations bone was not fully connected to its internal policy and training bones. I would expect that this list includes several people with both strong privacy concerns and American Express cards, and I am sure that American Express would benefit from hearing their views. Phil Agre, UCSD ------------------------------ Date: Wed, 1 Mar 1995 00:17:09 -0800 From: "Dave Banisar" Subject: EPIC Legislative Update 2.2 Privacy Legislation 104th Congress Electronic Privacy Information Center Last updated 2.23.95 An updated version of this document and the text of the bills are available from cpsr.org /cpsr/privacy/epic/104th_congress_bills/ Quality Assurance in Drug Testing Act (HR 153). Introduced by Rep. Solomon. Prohibits random drug tests, requires that employers have explicit written policies and education, use certified labratories. Referred to Committee on Commerce. Individual Privacy Protection Act of 1995 (HR 184) Introduced by Rep. Collins (D-ILL).Creates national Privacy Commission with authority to oversee enforcement of Privacy Act. Referred to Committee on Government Reform and Oversight. Antitrust Reform Act of 1995 (HR 411). Introduced by Rep. Dingell (D-MI). Telecommunications reform bill. Includes section ordering FCC to conduct privacy survey of new technologies and places limits on use of Customer Propriety Number Information (CPNI). Referred to Committee on Commerce. Postal Privacy Act of 1995 (HR 434) Introduced by Rep. Condit (D-CA). Prohibits Post Office from selling personal information to direct marketers. Referred to Committee on Government Reform and Oversight Fair Health Information Practices Act of 1995 (HR 435). Introduced by Rep. Condit (D-CA). Health Care privacy bill. Sets limits of access,use and dissemination of personal medical information. Referred to Committee on Commerce and 2 other committees. Consumer Reporting Reform Act of 1995 (HR 561). Introduced by Rep. Gonzales (D-TX). Updates 1970 Fair Credit Reporting Act to require better accuracy, less expensive credit reports, limit use of credit records for direct marketing and prohibit most uses of reports by employers. Referred to the Committee on Banking and Financial Services. ***Bills that will negatively affect privacy*** The Taking Back Our Streets Act of 1995 (HR 3). Introduced by Rep. McCollum. Republician Crime Bill. Includes provision to substantially limit judicial sanctions for illegal searches (exclusionary rule). Referred to Committee on the Judiciary. Hearings held 1/19/95 FBI Counterintelligence Act of 1995 (HR 68). Introduced by Rep. Bereuter. Authorizes easier access to credit reports by FBI for "national security purposes." Referred to Committee on Banking and Financial Services Interstate Child Support Enforcement Act (HR 195) Introduced by Rep. Roukema (R-NJ). Extends access to federal, state, local and commerical databases for purposes of enforcing child support. Increases use of Social Security Numbers. Creates database of new hires. Referred to Committee on Ways and Means and 3 other committees. Social Security Account Number Anti-Fraud Act (HR 502). Introduced by Rep. Calvert (R) Amends the Social Security Act to require the Secretary of Health and Human Services to establish a program to verify employee social security information, and to require employers to use the program using 800# to verify employee. Referred to Ways and Means. Immigration Reform Act of 1995 (HR 560). Introduced by Gallegly. Requires introduction of new tamperproof id cards for immigrants. Referred to the Committee on the Judiciary. Act to enforce Employer Sanctions law (HR 570). Introduced by Beilenson. Requires issues of new Social Security Card which is "counterfeit-resistant ... contains fingerprint identification, barcode validation, a photograph, or some other identifiable feature." Card will be sole identification allowed for work authorization. Referred to Committee on Ways and Means and Judiciary Committees. Exclusionary Rule Reform Act of 1995 (HR 666). Introduced by Rep. McCollum (R-FL). Allows introduction of evidence obtained by illegal search or siezure that violates 4th Amend, statute or rule of procedure if "objective belief" that search or siezure legal. May allow illegal wiretaps, house searches to be used. Does not apply to IRS and BATF. Rejected amendment by Watt (D-NC) to replace language with that of 4th Amendment. Passed by House Feb 8, 1995. Criminal Alien Deportation Improvements Act of 1995 (HR 668). Introduced by Smith (R-TX). Authorizes wiretaps for investigations of llegal immigration. Passed by House Feb 10. Referred to Senate Judiciary Committee. Illegal Immigration Control Act of 1995 (HR 756). Introduced by Hunter. Authorized Wiretaps for illegal immigration investigations, false id. Requires issuence of "enhanced" Social Security cards to all citizens and resident aliens by year 2000 that will include photo, SSN, and are machine readable. Orders Attorney General to create databases for verification. Referred to Committee on Judiciary. Child Support Responsibility Act of 1995 (HR 785). Introduced by Johnson (R-Conn). Makes SSN of parents public record by requiring their use on birth cirtificates and marriage liscenses. Referred to the Committee on Ways and Means. Paperwork Reducation Act of 1995 (HR 830). Introduced by Controversal provision to benefit West Publishing limiting access to public records removed after Internet campaign by TAP. Passed by House Feb. 22 (418-0). House Report 104-37. See S. 244 below. Communications Decency Act of 1995 (HR 1004). Introduced by Johnson (SD). Same as Exon bill (see S. 314 below). Referred to Commerce and Judiciary Committees. **************************************************************** Senate Bills **************************************************************** Violent Crime Control and Law Enforcement Improvement Act of 1995 (S. 3). Senate Republician Crime Bill. Introduced by Dole. Includes provision to substantially limit judicial sanctions for illegal searches (exclusionary rule). Allows wiretapping for immigration, and false documents, allows participation of foreign governments in domestic wiretapping and disclosure of info to foreign law enforcement agencies. Referred to Committee on the Judiciary Family Health Insurance Protection Act (S. 7). Introduced by Senator Daschle(D-SD). Democratic Health Care Bill. Sets national standards for transfer, privacy of medical records. Referred to Committee on Finance. Exclusionary Rule Limitation Act of 1995 (S. 54). Introduced by Thurman. (See HR 666 above). Paperwork Reduction Act of 1995 (S. 244) Introduced by Sen. Nunn (D-GA). Renews 1980 Paperwork Reduction Act. Sets OMB as controller of information policy in government. Sets standards for collection, use, protection of statistical information. Referred to Committee on Government Affairs. Approved by Committee Feb. 14. Immigrant Control and Financial Responsibility Act of 1995 (S. 269). Introduced by Sen. Dole and Simpson. Creates national registry for workplace verification. Increases use of wiretaps for immigration purposes. Referred to the Committee on the Judiciary Communications Decency Act of 1995 (S. 314). Introduced by Sen. Exon (D-NE). Revises Communications Act to make transmittal of sexually oriented communications a crime. Makes anonymous communications that are "annoying" a crime. Senate Committee on Commerce, Science and Transportation. See EPIC alert 2.03 for more information. Interstate Child Support Responsibility Act of 1995 (S. 456). Introduced by Bradley (D-NJ). Creates databank of new hires. Allows datamatching with SSA for verification. Increases use of SSN. Referred to the Committee on Finance. ------------------------------ Date: Wed, 1 Mar 1995 03:07:22 -0800 From: ceh@LELAND.STANFORD.EDU (Carey Heckman) Subject: Alert #1: Fifth Conference on Computers, Freedom and Privacy * WHY CFP * WHAT'S NEW FOR '95? * EARLY REGISTRATION DEADLINE: FEBRUARY 24 * PAEAN TO UNSUNG HEROES * THE WHOLE WORLD WILL BE WATCHING * CONNECTING TO CFP'95 WHY CFP Never has the need for a conference on computers, freedom, and privacy been so urgent. New laws are being proposed. New commercial ventures are being launched. New arrests are being made. New conceptions (and misconceptions) are being spread by newspapers, magazines, books, and broadcast media. New lawsuits are being filed. New databases are being created. In short, new threats are emerging and new crises are brewing, all while new opportunities are evolving. Exploring and better understanding the definition of our rights at this crucial crossroads of the Information Age requires a balanced public forum that includes participants from computer science, law, business, research, information, library science, health, public policy, law enforcement, public advocacy, and others. That's the Fifth Conference on Computers, Freedom and Privacy. March 28-31, 1995. Burlingame, California. WHAT'S NEW FOR '95? If you have attended a previous Conference on Computers, Freedom and Privacy, you have some idea of the high quality and diversity of people the conference attracts as speakers and attendees. CFP'95 continues that tradition, but breaks new ground as well. Topics: CFP'95 covers the critical issues of the day, including those that touch on freedom of speech, privacy, access to public records, freedom of association, and fair access to computer and telecommunications technologies. The program gives particular emphasis to how the growth of computer and data communications into the mainstream expands and threatens our freedoms. Speakers: With more than half of the CFP'95 Program Committee new to organizing the conference, it should come as no surprise that CFP'95 is far from a gathering of the usual suspects. Among this year's featured speakers are John Morgridge, chairman of Cisco Systems; Roger Wilkins a Pulitzer Prize-winning commentator for National Public Radio and Professor of History and American Culture at George Mason University; Margaret Jane Radin, a Stanford Law School professor and expert on property law and political philosophy; and Esther Dyson, founder of EDventure Holdings, editor of Release 1.0., co-chair of the National Information Infrastructure Advisory Council's Information Privacy and Intellectual Property Subcommittee, and among the leading experts on computers, software, and computer communications in Eastern Europe and the former Soviet Union. Also included in the CFP'95 program are * Kent Walker, the Assistant United States Attorney who led the investigation and arrest of Kevin Mitnick. * Brock Meeks, the journalist who defended himself from an Internet libel lawsuit earlier this year. * Pamela Samuelson, the University of Pittsburgh law professor who co-authored the manifesto urging a radical redefinition of legal protection for computer software. * Roger Karraker, the director of the Santa Rosa Junior College journalism program where the tension between free speech and sexual harassment on computer bulletin boards became a national news story. * Virginia Rezmierski, the advisor on policy to the Vice Provost for Information Technology at the University of Michigan where Jake Baker was indicted for publishing a story on the Internet. Formats: The issues discussed at CFP'95 have two or more sides, and rather than have panel of speakers after panel of speakers, the session formats have been designed to showcase different perspectives and stimulate audience interaction. For example, Thursday afternoon features a Socratic forum on free speech and responsibility, led by professional moderator Professor Kim Taylor-Thompson of Stanford Law School. A Socratic forum assembles experts from various disciplines who role play themselves in a hypothetical scenario. The moderator fires questions and stokes discussion between the experts to create a bright light of information (as well as some white hot heat of controversy). EARLY REGISTRATION DEADLINE: FEBRUARY 24 Register this week to save as much as $175 in registration fees. You can do this by mail, phone, fax, or electronic mail. See the contact information below for how to get registration information. PAEAN TO UNSUNG HEROES Each Conference on Computers, Freedom, and Privacy is a non- profit, non-commercial event. CFP'95 is no exception. Volunteer Coordinator Judi Clark has already assembled a remarkable corps of volunteers who will be staffing the registration desk, making sure sessions go smoothly, taking photographs, and a host of other indispensable functions. Many thanks in advance to Judi and the rest of the volunteers for making CFP'95 possible. THE WHOLE WORLD WILL BE WATCHING Media Coordinator Scott Nicholas reports active press interest in CFP'95. Requests for press credentials have already been received from national newspapers, newsweeklies, broadcast media, foreign publications, and a variety of trade magazines. Past CFPs have attracted CNN, the New York Times, The Washington Post, and USA Today. CONNECTING TO CFP'95 Registration and other information about CFP'95 is readily available from many sources: By WWW: URL=http://www-techlaw.stanford.edu/CFP95.html By Gopher: www-techlaw.stanford.edu By FTP: www-techlaw.stanford.edu By Email: Info.CFP95@forsythe.stanford.edu By Fax: (415) 548-0840 By Telephone: (415) 548-9673 ------------------------------ Date: Sat, 11 Mar 1995 10:02:10 -0500 (EST) From: fc@all.net (Dr. Frederick B. Cohen) Subject: Short Course on Protection and Security on the Information Superhighway There will be a short course held on March 29 and 30, in New York (with other cities to follow in the May-June time frame) on protection in the emerging NII (info superhighway) computing environment. For full details, see: URL: http://all.net:8080 email: jerry_fireman@fireman.com call: 810-540-5610 fax: 810-540-3506 The course runs for 2 days and includes a copy of the newly released book: Protection and Security on the Information Superhighway (by Fred Cohen - published by John Wiley and Sons NY) FC ------------------------------ End of PRIVACY Forum Digest 04.06 ************************