Electronic Frontier Foundation (EFF)

Home | Privacy Links | Opt-Out



PRIVACYnotes #1

PRIVACYnotes #2
PRIVACYnotes #3
PRIVACYnotes #4
PRIVACYnotes #5
PRIVACYnotes #6
PRIVACYnotes #7
PRIVACYnotes #8
PRIVACYnotes #9
PRIVACYnotes #10
PRIVACYnotes #11
PRIVACYnotes #12
PRIVACYnotes #13
PRIVACYnotes #14
PRIVACYnotes #15
PRIVACYnotes #16
PRIVACYnotes #17
PRIVACYnotes #18
PRIVACYnotes #19
PRIVACYnotes #20
PRIVACYnotes #21
PRIVACYnotes #22
PRIVACYnotes #23
PRIVACYnotes #24
PRIVACYnotes #25
PRIVACYnotes #26
PRIVACYnotes #27
PRIVACYnotes #28
PRIVACYnotes #29
PRIVACYnotes #30
PRIVACYnotes #31
PRIVACYnotes #32
PRIVACYnotes #33
PRIVACYnotes #34
PRIVACYnotes #35
PRIVACYnotes #36
PRIVACYnotes #37
PRIVACYnotes #38
PRIVACYnotes #39
PRIVACYnotes #40
PRIVACYnotes #41

PRIVACYnotes Discussion List
Protecting Privacy is Good for Business

Respecting Privacy on the Web

PRIVACYnotes Digest
Protecting Privacy is Good for Business
Published by: Mike Banks Valentine website101
June 20, 2002 Issue # 015
.....IN THIS DIGEST.....


"FBI Web Trail Tracking" ~ Mike Banks Valentine

// -- NEW DISCUSSION -- //

"EFF Privacy Advocacy" ~ moderator comment ~ Press Release


"Explorer 6 & P3P" ~ Lynn Bernstein

"Spam Sandwich" ~ George Oliver

"Email Appending" ~ Rick Graef

// -- PRIVACY NEWS -- //

"The Latest in Privacy Issues"



Reading the headline "FBI Wants To Track Your Web Trail" at ZDNet (linked in news stories at bottom of page), I thought - What ever for? The government wants the legal right to gather more information, when what they should be paying more attention to is How To Interpret The Data They Already Have! That point has been made repeatedly here and elsewhere.

I thought some more about what the FBI might do with my "Web Trail" and came to the conclusion that, as a privacy advocate, I would be suspect of some criminal activity precisely because I oppose the Larry Ellison National ID database and the Tom Siebel "Homeland Security Product".

I read and archive stories on Data Aggregation, Email Appending, Data Mining, Privacy, Security, Hacking, Echelon, Carnivore, Biometrics Technology (iris scans, fingerprint readers, facial recognition software) and moderate a public discussion list on Privacy issues online. The FBI must conclude that I am a suspect!

Of what? Privacy Advocacy.

If I eliminate my travels to news sites reading about privacy and technology matters, then my surfing points directly at small business web marketing, so it accurately reflects my own business activity. No problem there. Small business retailing online certainly not suspect, is it?

The issue is how data is interpreted, first and foremost and that is where the FBI is falling down. Not access, but assessment. I'm not afraid of what they learn, but what they think it means scares me.

Mike Banks Valentine


// -- NEW DISCUSSION -- //

The following is a news release from the Electronic Frontier Foundation.

While I don't want to make it a practice to publish press releases, this is definitely of interest to those involved in discussing, implementing and prioritizing privacy matters for themselves or their organizations.

Mike Valentine


Biometrics, Surveillance, National ID Threats to Privacy

Electronic Frontier Foundation Releases Reports

Electronic Frontier Foundation Media Release For Immediate Release: Thursday, June 13, 2002

San Francisco - The Electronic Frontier Foundation (EFF) today released a series of reports on the shortcomings of large-scale civilian biometrics systems, the invasive nature of public surveillance, and the inherent dangers of a national identification system.

After September 11, the U.S. government enacted sweeping legislation that diminished privacy rights in the name of domestic security. In response to bills like the USA Patriot Act, the Enhanced Border Security and Visa Entry Reform Act, and the proposed Driver's License Modernization Act, EFF is providing the public with factual data on these laws and the technologies they employ.

"High-tech systems are not a quick fix for terrorism," said EFF Senior Staff Attorney Lee Tien. "For the most part, these technologies are dangerously unreliable, and even the best of them are highly invasive."

"Governments justify overreaching surveillance on vulnerable targets such as aliens and dissenters, then inevitably try to extend its use to the rest of society," Tien added.

The EFF "Biometrics," "National ID System," and "Surveillance Monitor" documents describe in detail the technologies being deployed by the U.S. and other governments in an effort to tighten security. The reports provide an overview of the technologies and a comprehensive analysis of the privacy concerns they raise.

EFF also recently released an updated version of "EFF's Top 12 Ways to Protect Your Online Privacy," a detailed account of the best methods of maintaining one's privacy on the Internet, including use of encryption and cookie management software.


For this release:

EFF's Privacy Now Campaign:

EFF's Top 12 Ways to Protect Your Online Privacy:

Biometrics page:

National ID page:

Surveillance Monitor page:


Lee Tien Senior Staff Attorney Electronic Frontier Foundation +1 415 436-9333 x102 (office), +1 510 290-7131 (cell)



From: Lynn Bernstein

Richard Lowe, Jr wrote:

>> If you downloaded Internet Explorer 6 recently (or it came pre-installed on your machine) you may have noticed something a little different. Look under the "Internet Options" selection of the "Tools" menu. You will see a new tab titled "Privacy". <<

Microsoft must have decided there is a benefit for Microsoft in this. For whatever reason, it is a decent first step. However, all of us Netscape people have been doing this and more for years. I can totally disable cookies, enable accept cookies that go to the originating server only or all cookies, I can decide for each cookie whether to accept or reject. I can disable java, javascript, and css, all with the click of a radio button. In Mozilla, and I would assume NS 6, I can do the same and more.

I can accept or disable cookies *also* based on privacy policies, I can limit the max lifetime of a cookie, I can view the cookies. I can omit images by site, all image, or accept images by site, I can accept images from the originating server only, have an alert before downloading images, control animation on images (once, never, as specified on the page), I can save data in an encrypted form on my drive, I have a password to change some choices in my preferences, I set alerts for the exact type of SSL, I can do lots with certificates and revocation lists. Isn't it nice for Microsoft they are doing just one part of this?

Oh, all the NS and Mozilla settings also apply to email.

As for P3P, if the company is sleezy, do you really thing they will adhere to any standards? Will they keep their word? Do you trust them to do that? Do you trust Microsoft to decide for you? Personally, I'd rather have as much as possible under my control.

I know there are valid uses for cookies. They can be replaced by other non-invasive things that omits anyone from writing on my drive.

I am personally very tired of companies trying to track me. Consider this: I am shopping for say, paper. I need paper in colors but don't know what is available. If I go to any brick store, I can look at my leisure without anyone asking me any questions. I can wonder around looking at other items that may catch my interest. Last night I wanted to look online as the brick stores were closed (it was very late). All the major office supply places would not let me look without accepting cookies. They all lost my business. A couple of them had easy to find phone numbers to get the info via voice (on the same page advising you of cookie requirements).

Where would you rather shop? Would you put up with someone standing at a store entrance asking for info just so you could look around? What is the difference?

This situation will not change unless most net users refuse cookies, and avoid sites that use cookies for no apparent reason.

Lynn Bernstein ECG Consulting



From: George Oliver


I don't have a problem spam. I just adopt a technique such as this to get around the hassle or to at least redirect the hassle. First, I must state that I get NO junk mail at my house at my home address and I'm very proud of that fact. How? You may be asking yourself. Well, I have multiple e-mail accounts that I use to filter the junk through.

I have one account at home for friends and family and they're all very well schooled about etiquette with the 'bcc' (blind carbon copy for the uninitiated) function which is used to hide my address should the need arise. If they start to abuse my address by forwarding me every funny e-mail they've ever gotten with my e-mail exposed to the world, I write them and tell them that the e-mail address that they are using is no longer any good and I point them one of my online e-mail accounts. I have three of those. What I've done is pick a free service online that offers e-mail and open up a couple of accounts; then start some good habits.

My three online accounts are checked daily and used as follows.

1. This one is for friends and basic communication with people with whom I wish to do business.

2. This one is for hate mail and complaints to companies with which I have something to say.

3. This one is for any form or site that requires an address to send notification or password to. *side note (for the sake of added privacy, I always enter bogus information in the sign up forms)

I have all three accounts with the same provider so it is easy to log in and out of each account to check them daily. When I get home, I can answer my friends and family very easily without the worry of any junk mail polluting my machine/inbox. It's worked for me for the past two years plus and if it helps one person, then I'm happy. Had to share.

Peace and may you all end your spam mail battles in the not too distant future,


--george oliver

ps: please don't list my address, it's my work address. thanks much.


From: Rick Graef


IMHO, I see very little wrong or invasive with e-appending ... as long as it is done carefully, through a reliable vendor and uses ONLY opt-in or (preferably) double opt-in lists that are focused on a particular client's specific, needs-related offering(s).

My company has had notable success, with very few negative e-backs, in the areas of "high-end developmental real estate for sale (prospective buyer AND broker e-campaigns) as well as test-marketing for a new, high-end weight-loss franchise and a "Bahamian Out Island getaway vacation" product. This success is due to our client (or agency) compiled e-lists (opt-in) and appending (and geo-targeting) of same. The in-house compiled lists were, according to Claritas and our database consultant, statistically valid: approx. 2800 for real estate/brokers; 5200 for weight-loss and 2700 for island vacation.

If I own an Aardvaark (and really love the weird little critter), why would I not want to receive valid information on the care and feeding of my moderately bizarre, very niche-market, pet?

Bluewater Marketing Services, Inc. Communications, strategic marketing and advertising services


// -- PRIVACY NEWS -- //

Moderator note: There are two ways to access previously listed privacy news stories. One is to visit PRIVACYnotes archives, the other (simpler) way is to visit where I also keep a privacy news archive.

Eye scans, satellite tracking and digital video surveillance are among the technologies that Silicon Valley officials recommended Monday to bolster the San Jose airport's security and make travel more efficient for passengers. Conscious of questions about an erosion of civil rights, the group argued that its recommendations would not infringe upon privacy rights. ``None of the recommended technology applications have the potential (as face recognition software would, for example) to radically change the amount of private information that airports, airlines or the government gathers about the public,'' the report stated.

From the Bill Gates e-mails unveiled during the Microsoft trial to the Enron debacle, the digital trails people leave have provided stunning insight into their beliefs and habits. Now the FBI is hoping to capture and corral more of our digital detritus in the name of fighting terrorism. The Senate Judiciary Committee on Thursday will examine proposed Justice Department guidelines that would give federal investigators new license to mine publicly available databases and monitor Web use. The changes, which come after a major FBI shakeup last week, have sparked intense debate over the merits of expanding government surveillance powers as the country faces ongoing threats of terrorist attacks.

Researchers Nathaniel S. Good and Aaron Krekelberg have found that users of Kazaa and other P2P file sharing networks often share files that they would probably rather keep private. "We discover[ed]," said the HP researchers, "that the majority of the users in our study were unable to tell what files they were sharing, and sometimes incorrectly assumed they were not sharing any files when in fact they were sharing all files on their hard drive."

What you are about to read is a solution to spam that requires no reengineering of e-mail, the Web or any other systems. It could be set up to guarantee spam blocking using simple, existing technologies. I've dealt with corporate intranets in the past, which have completely blocked e-mail from the outside unless one is on an approved list. Contact must always go through the network administration. Individuals working within these institutions receive absolutely NO spam inside their network because they have turned the filtering problem on its head. In typical spam filtering, you filter information from select addresses or with select content. In reverse filtering, you only permit information from select addresses or with select content.

North Dakotans voted overwhelmingly last Tuesday to require banks and credit unions to get customers' permission before selling data on them, and privacy advocates say the vote will send a message across the country. The result of the statewide referendum, in which 72 percent of those casting ballots favored a tightening of privacy law, "shows that when given a chance, the voters of a conservative Plains state will vote to protect their privacy, It gives the lie to the idea that privacy is either a liberal idea or out of the mainstream." The editor of Privacy Journal, published in Providence, R.I., said the vote would encourage other groups working on privacy issues, and added, "It might deter some legislators from going with corporate interests."


PRIVACYnotes Moderator: Mike Banks Valentine

Mike Banks Valentine is a champion of the true small online business. He advocates a do-it-yourself approach to e-commerce through online learning for the small office, home office (SOHO) or emerging entrepreneur who lacks major venture capital funding or corporate marketing budgets.

Mike is the founder of WebSite101, an educational resource for small businesses creating initial Web presences. His writing has appeared in international publications and his work praised by Entrepreneur Magazine. He does small business web marketing and search engine optimization.

Contact Mike Banks Valentine 5318 E. 2nd St. #789 Long Beach, CA 90803