|
Computer Privacy Digest Vol 1 #105
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
Computer Privacy Digest Thu, 03 Dec 92 Volume 1 : Issue: 105
Today's Topics: Moderator: Dennis G. Rears
New IP Address for archives
Re: My Technophobia.
Correcting credit report (was Re: magnetic stripe)
Re: Privacy in VA
Privacy in VA
Re: Privacy in VA
Re: Privacy in VA
Re: Privacy in VA
Phone Privacy: Call Records
Re: Phone Privacy: Call Records
Re: Phone Privacy: Call Records
The Computer Privacy Digest is a forum for discussion on the
effect of technology on privacy. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy
(Moderated). Submissions should be sent to
[email protected] and administrative requests to
[email protected].
Back issues are available via anonymous ftp on ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
Date: Thu, 3 Dec 92 10:53:49 EST
From: Computer Privacy List Moderator <[email protected]>
Subject: New IP Address for archives
Due to a minor network reconfiguration the IP address for
ftp.pica.army.mil has been changed from 129.139.160.200 to
129.139.160.133. The name and machine are the same. The archives have
issues 1 through 104.
Dennis
------------------------------
From: Brad Miller <[email protected]>
Subject: Re: My Technophobia.
Organization: University of Rochester
Date: 1 Dec 92 19:08:29
Yes, the movie "Brazil", my personal favorite and has my vote for
best movie of all time, should be viddied at least once by those who
hold liberty and privacy as fundamental rights. A one line synopsis
would be a comedic version of 1984; but the humor is gallows. Many subtle
jabs at the burocracy, computers, gagets, invasion of privacy by way of
"protecting society" etc.
Worth owning. Brought to you by some of the same folks of Monty Python
fame, so you get a hint that real humor is involved.
--
----
Brad Miller [email protected]
--
----
Brad Miller [email protected]
------------------------------
From: Allen Warren <[email protected]>
Subject: Correcting credit report (was Re: magnetic stripe)
Organization: Test Systems Strategies, Inc., Beaverton, Oregon
Date: Wed, 2 Dec 1992 00:37:02 GMT
"L. Jean Camp" <[email protected]> writes:
>. . . If anyone besides myself has ever tried to correct a credit
>report, you'll know that it is nearly impossible.
Amen to that! 2.5 years ago, my wife and I bought our first house.
I had 3 reported delinquincies of less than $100 each which were reported
to the credit bureau as being over 30 days late. 2 of them I had never
known about until the credit report. Still, I had to take care of each
one both by paying them off AND providing letters of explanation to the
lending institution which eventually gave me the loan.
Exactly one year after purchasing this house, we sold it and bought another
house and I had 3 NEW surprises on my credit sheet, which the same lending
institution required me to clear up and provide letters once again. The
toughest part was than one of the surprises was mistakenly billed to the
wrong person, namely me, and this ALMOST held up my loan from going through,
no matter that the rest of my 4 pages of credit history was impeccable.
allen
------------------------------
Date: Tue, 1 Dec 92 16:52:12 PST
From: Allen Warren <[email protected]>
Subject: Re: Privacy in VA
Organization: Test Systems Strategies, Inc., Beaverton, Oregon
[email protected] (Richard Lee) writes:
>I will be moving to the DC area shortly, and have a few questions re
>privacy issues in VA.
>2. SSN, CC#, Phone # on checks
>What is VA law on stores wanting to write any of the above on your check
>before honoring it?
>[Moderator's Note: I sure as hell hope they don't restrict the
>practice. You have no *RIGHT* to cash a check. A store has a
>legitimate need for the SSN. ]
I recently read a very informative article in the Portland, OR Oregonian
newspaper on all this where it was stated that a store does NOT have to
honor a bank check whatsoever in that if you do not provide identification
for which they ask, they do not have to accept your bank check for payment.
This information came to light in an article noting differences between
credit card and bank check payment. When a store accepts your check,
they assume liability. When they accept your credit card, there is no
liability to the store, the liability is with the credit card company.
Whenever a store asks me to list my telephone number on my credit card
receipt, I put down 555-1212. I had one clerk notice the number and she
stated that the number was not valid since it was information. I then
stated that this was the number I wrote on the receipt and I wouldn't give
out my unlisted number. She called her manager. The manager said I
needed to write my home phone number down. I called my credit card company
right there at the register phone (thank God for the 800 number on the back
of my credit card) and the operator told me that the store could NOT ask
for my phone number legally. The operator then asked to talk to the
manager, who got visibly upset on the phone. In the end, the manager
accepted the 555-1212 number. I wrote the company offices about the whole
affair and copied the credit card company, the State Attorney General and
the BBB. I received from very nice responses from all parties, including
a nice coupon from the company corporate offices along with a very nice
apology.
allen
------------------------------
From: Craig Wagner <[email protected]>
Date: Wed, 02 Dec 1992 10:38:54 -0500
Subject: Privacy in VA
RL> 2. SSN, CC#, Phone # on checks What is VA law on stores wanting to
RL> write any of the above on your check before honoring it?
RL>
RL> [Moderator's Note: I sure as hell hope they don't restrict the
RL> practice. You have no *RIGHT* to cash a check. A store has a
RL> legitimate need for the SSN. ]
They _do_ restrict the credit card numbers here. Nothing else, though, to the
best of my knowledge.
RL> [Moderator's Note: Once again I have to ask: Does the
RL> knowlege of one SSN affect that's person privacy? I say no. All the
RL> SSN does is act as a global indentifier. In today's technology it is
RL> not difficult for a legitimate business to get a persons SSN. You
RL> don't need a SSN to get a credit report just a name and address.
RL> ._dennis ]
This comment almost makes it sound as though the only privacy issues
are (1) protection from "a legitimate business" or (2) for protecting
credit reports. Privacy includes the protection of _any_ information
an individual chooses to consider "none of 'your' business," including,
if they so choose, the SSN from being given to friends, neighbors, or
strangers. As long as organizations use the SSN as an identifier for
conducting transactions (American Express does this for phone
transactions, and other organizations rely too heavily - and singularly
- on it), an individual is being reasonable in making efforts not to
have his SSN become any more public than it already is. It's precisely
because of these issues that some states (the recent report of actions
within the Virginia legislature is an example) are taking efforts to
help individual's protect their SSN number.
[Moderator's Note: The point I am making is that the SSN has become the
defacto Universal Identification Number. I don't like but I have to
accept that fact. ._dennis ]
------------------------------
From: "Michael T. Palmer" <[email protected]>
Subject: Re: Privacy in VA
Date: 2 Dec 92 13:29:53 GMT
Organization: NASA Langley Research Center, Hampton, VA USA
[email protected] (Richard Lee) writes:
>I will be moving to the DC area shortly, and have a few questions re
>privacy issues in VA.
>1. SSN on DL
>According to recent posts, your SSN is your Driver's License number
>unless you object. Is getting them to use something else difficult? (I
>suppose it may depend on the mood of the clerk.) Do they have an
>algorithm for making an alternate number up, or what?
Apparently, a move is underway (legislatively) to use a different number
on ALL drivers licences in the state. The VA DMV is upgrading their
computer system, and the new numbering scheme will (hopefully) be phased
in at that time because the cost is very low if the new numbers are used
as licenses are renewed.
Cost estimates were quite high for changing all CURRENT licences to a
new scheme (mostly due to printing and mailing costs).
>2. SSN, CC#, Phone # on checks
>What is VA law on stores wanting to write any of the above on your check
>before honoring it?
>[Moderator's Note: I sure as hell hope they don't restrict the
>practice. You have no *RIGHT* to cash a check. A store has a
>legitimate need for the SSN. ]
I disagree wholeheartedly with our moderator on the legitimate need of
a store for the SSN (once the drivers license number is different). All
check guarantee services use the DL number, not SSN, and the store just
needs to make sure that they can find you if the check is bad.
Credit card number? Simply refuse. If they won't take your check, walk
out and don't do business there. Would you normally give a stranger
your full name, address, bank account number, and credit card number all
together? That one piece of paper has enough info on it to cause a lot
of damage (even without phone # and SSN).
Phone number? This seems reasonable, since again the store needs to be
able to contact you if your check is returned. Remember, the store is
indeed doing you a favor by accepting only a promise of payment (in the
form of a personal check) instead of cash. And as reported in our local
papers, many grocery stores take quite a beating on bad checks. So our
moderator is correct that you do not have a *RIGHT* to have a personal
check accepted as payment.
>3. "Caller ID"
>My reading of the N VA C&P Phone Book is that C&P offers "Caller ID" but
>does _not_ offer any form of blocking!! Is this really the case? Is it
>possible to get some kind of blocking even though they don't advertise
>it?
>[Moderator's Note: Not unless you are law enforcement. ]
Yikes! Is this true? I could have sworn that one of my recent phone
bills had a flyer in it that outlined several different options for call
blocking of Caller-ID number transmission.
[Moderator's Note: Depends on the state. NJ does not offer blocking. ]
>4. Etc
>Are there related issues I should know about but haven't thought to ask?
>Responses (preferably email) will be greatly appreciated. I will be
>happy to pass on relevant experiences after I move and deal with these
>issues.
>[Moderator's Note: Once again I have to ask: Does the knowlege of
>one SSN affect that's person privacy? I say no. All the SSN does is
>act as a global indentifier. In today's technology it is not
>difficult to for a legitimate business to get a person SSN. You
>don't need a SSN to get a credit report just a name and address.
> ._dennis ]
I disagree with the moderator's position, since knowledge of a person's
SSN makes it much easier to commit fraud in the name of that person.
And "legitimate businesses" have crooks working for them. I recently
(September 1992) had Mastercard Security contact me at 7:30p to ask if
I had just ordered several plane tickets over the phone from a travel
agent in Atlanta. Someone at a restaurant there (I was there on business
previously) had copied my card number down and used it to try to buy
tickets which he then sold. The travel agent was suspicious and tried
to get more information from the caller, and then called Mastercard
Security. Her alertness paid off, since they arrested the people involved
as they arrived at the airport. But I still had the hassle of getting
my credit union to transfer all of MY charges onto a new card number and
cancelling the old card (which was a real pain since I had just mail-
ordered some computer stuff).
My point is that unscrupulous people work for "legitimate businesses"
and they will use all the information you supply to wipe you out. Handing
over your SSN is simply NOT NECESSARY and can make their job easier.
--
Michael T. Palmer, M/S 152, NASA Langley Research Center, Hampton, VA 23681
Voice: 804-864-2044, FAX: 804-864-7793, Email: [email protected]
PGP 2.0 Public Key now available -- Consider it an envelope for your e-mail
------------------------------
From: Paul Olson <[email protected]>
Subject: Re: Privacy in VA
Organization: Mission Operations and Data Systems
Date: 2 Dec 1992 08:31 EST
Apparently-To: [email protected]
In article <[email protected]>, [email protected] (Richard Lee) writes...
>
>I will be moving to the DC area shortly, and have a few questions re
>privacy issues in VA.
>
>[stuff deleted]
>
>3. "Caller ID"
>My reading of the N VA C&P Phone Book is that C&P offers "Caller ID" but
>does _not_ offer any form of blocking!! Is this really the case? Is it
>possible to get some kind of blocking even though they don't advertise
>it?
>
>[Moderator's Note: Not unless you are law enforcement. ]
That's correct. C&P in VA does not offer blocking, even if you are calling
from outside VA. About the only way you could block it (and I'm not sure it
would work) would be to dial 1-703-number in order to get the call to pass
through the long distance system.
>
>4. Etc
>Are there related issues I should know about but haven't thought to ask?
>
Yea, radar detectors are illegal in VA. In fact, only VA and DC ban radar
detectors. Personally, I wouldn't live in a state which says I can't own a
radio receiver, not to mention that it's overbuilt, over crowded and you can't
get anywhere on a Saturday because of traffic. If you're going to be working
in DC, I'd look into moving to Maryland. But that's just my opinion.
__ Paul J. Olson - VAX Systems Manager & Resident Amiga Addict
C= /// Voice - 301/286-4246, 301725-5501
__ /// DECnet- DSTL86::OLSON
\\\/// Internet - [email protected]
\XX/ Disclaimer: Statements in my messages are wholely my own.
AMIGA "[the universe originated] as a quantum fluctuation
of absolutely nothing." - Guth & Steinhardt
------------------------------
From: "Wm. L. Ranck" <[email protected]>
Subject: Re: Privacy in VA
Date: 2 Dec 92 13:56:44 GMT
Richard Lee ([email protected]) wrote:
:
: I will be moving to the DC area shortly, and have a few questions re
: privacy issues in VA.
:
: 1. SSN on DL
: According to recent posts, your SSN is your Driver's License number
: unless you object. Is getting them to use something else difficult? (I
: suppose it may depend on the mood of the clerk.) Do they have an
: algorithm for making an alternate number up, or what?
:
The State of Virginia is currently considering a new law that will remove
SSN from your driver's license and voter registration lists. They will
probably not pass this law til January. I have a friend who refused to
give his SSN when he moved to Va. and he claims that after talking to a
supervisor at DMV they made up a number somehow. I did not look at his
license and so I can't confirm that.
If you have children of school age the school system may want their
SSNs, but I have simply told them no and they haven't been a problem.
--
*******************************************************************************
* Bill Ranck [email protected] *
*******************************************************************************
------------------------------
Date: Tue, 1 Dec 92 18:08:21 PST
From: Hal Finney <[email protected]>
Subject: Phone Privacy: Call Records
> [Moderator's Note: They do not keep track of the local numbers you
> call. Most switches do have the capability to do so if there was a
> compelling need. You might disagree with the concept but that
> information belongs to the company not to you. I hope the fact that
> medical records belong to the doctor and not to the patient doesn't
> surprise you. ._dennis ]
The question of whom calling information "belongs to" is not so
simple. There is no holy writ from above that says the information
about which phone calls I make belongs to the phone company and not to
me. Instead, it's a question to be negotiated. The negotiation may
be in a public forum, as when laws are passed to control who can
collect and keep this kind of information and what they can do with
it. Or, it could be private, as when a person chooses not to
patronize a particular business (like Blockbuster) because he doesn't
like what the business does with the information it collects.
In the case of the phone company, most of us have no choice about whom
we do business with. Maybe in the future that will change, and there
will be a choice of service providers. In that case, the question of
what kinds of records are kept could be a competitive difference
between different local phone companies. A phone company could
guarantee not to keep records of individual phone calls, and could
open up its databases to auditing to verify that it was following this
policy. People who do feel that calling information should "belong to
them" could choose this company.
Alternatively, if enough people feel that calling information should
belong to them and not to the company, they could pass laws requiring
phone companies to not keep individual calling records. Or, to take
Dennis' other example, doctors could be required to turn medical
records over to patients.
The point is, the question of who owns this kind of information is not
as simple as Dennis would have it. If you feel that information about
the specific phone calls you make is and should be private, even
though the phone company inherently learns this information in
providing you with their business, you have every right to feel this
way. And you have every right to take action to retain your privacy.
Hal Finney
[email protected]
[Moderator's Note: I would welcome comments from John H. on what the
phone company owns or doesn't. I am pretty sure they own you phone
number too. ._dennis ]
------------------------------
From: "Edward J. Huff" <[email protected]>
Subject: Re: Phone Privacy: Call Records
Followup-To: comp.society.privacy
Organization: NYU Chemistry Dept.
Date: Wed, 2 Dec 1992 06:22:36 GMT
Apparently-To: uunet!comp-society-privacy
In article <[email protected]>, "Kip J. Guinn"
<[email protected]> wrote:
>
> Do phone companies keep records of local calls made from your telephone?
New York Telephone does. I once received a bill which showed charges
within the local calling area but qualifying for a higher per minute
charge,
and I didn't remember making the call. I asked the business office what it
was, and they mailed me a list of ALL of my local calls for that month.
(Yes, seeing the number, I identified the call).
--
Edward J. Huff [email protected] (212)998-8465
------------------------------
Date: Wed, 2 Dec 92 10:57:25 -0600
From: Eric Hunt <[email protected]>
Subject: Re: Phone Privacy: Call Records
> Do phone companies keep records of local calls made from your telephone?
[...]
> home number (which I try to keep fairly private), but if local calls
> are routinely logged--heck, what do you do?
As per Dennis, the capability exists for the local phone company to do this.
I know firsthand that the company I work for had to get a court order before
they could unseal the call records from our internal PBX to find out what
local numbers an employee had been calling. Long Distance numbers were no
problem, but we couldn't touch the local records without court approval. And
this is on our own PBX!
---
Eric Hunt | [email protected] (preferred)
Birmingham-Southern College | [email protected]
Birmingham, Alabama 35254 | ^--- Nothing longer than 100 lines
------------------------------
End of Computer Privacy Digest V1 #105
******************************
|
|
