Security Protecting Privacy is Good for Business
This Issue Is Brought To You By
WebPosition Gold Search Engine Positioning Tool
Published by: Mike Banks Valentine
Privacynotes firstname.lastname@example.org www.privacynotes.com
July 18, 2002 Issue # 018
WebPosition Gold - The Industry Standard
What on-line advertising method has been proven by NPD Group,
ActiveMedia Research, and others to be vastly more effective than
banner ads? Search Engine Positioning!
Web Marketing Today calls WebPosition Gold the best search engine
positioning tool bar none. Go beyond simply submitting or creating
meta tags and start generating sales for your Web site today:
.....IN THIS DIGEST.....
// -- PRIVACY EVENTS CALENDAR -- //
"Upcoming Privacy Events"
// -- NEW DISCUSSION -- //
"Privacy For the Poor" ~ Nancy Ryan
// -- CONTINUING DISCUSSION -- //
"Privacy Fee" ~ John Gabree
"Privacy Advocacy" ~ Mike Valentine
// -- PRIVACY NEWS -- //
"The Latest in Privacy Issues"
// -- PRIVACY CALENDAR -- //
ILPF Conference 2002: Security v. Privacy. Internet Law &
Policy Forum. September 17-19, 2002. Seattle, WA. For more information:
Privacy2002: Information, Security & New Global Realities.
Technology Policy Group. September 24-26, 2002. Cleveland, OH.
For more information: http://www.privacy2000.org/privacy2002/
Bridging the Digital Divide: Challenge and Opportunities. 3rd
World Summit on Internet and Multimedia. October 8-11, 2002. Montreux,
Switzerland. For more information: http://www.internetworldsummit.org/
2002 WSEAS International Conference on Information Security
(ICIS '02). World Scientific and Engineering Academy and Society.
October 14-17, 2002. Rio de Janeiro, Brazil. For more information:
IAPO Privacy & Security Conference. International Association
of Privacy Officers. October 16-18, 2002. Chicago, IL. For more
3rd Annual Privacy and Security Workshop: Privacy & Security:
Totally Committed. Centre for Applied Cryptographic Research,
University of Waterloo and the Information and Privacy Commissioner/Ontario.
University of Toronto. November 7-8, 2002. Toronto, Canada. For
more information: http://www.epic.org/redirect/cacr.html
18th Annual Computer Security Applications Conference (ACSAC):
Practical Solutions to Real Security Problems. Applied Computer
Security Associates. December 9-13, 2002. Las Vegas, NV. For more
Third Annual Privacy Summit. International Association of Privacy
Officers. February 26-28, 2003. Washington, DC. For more information:
CFP2003: 13th Annual Conference on Computers, Freedom, and Privacy.
Association for Computing Machinery (ACM). April 1-4, 2003. New
York, NY. For more information: http://www.cfp.org/
// -- NEW DISCUSSION -- //
===> TOPIC: PRIVACY FOR THE POOR
From: Nancy Ryan
I just learned today about a change in the world of public assistance.
By federal law, all foodstamps must now be EBT (Electronic Benefits
Transfer). Not sure the date of the change, but foodstamps (a
federal program) will now be available only thru use of an EBT
card that works like an ATM card. It will be accepted at all major
grocery stores. No longer will there be paper food stamps. No
longer can you get cash change for a purchase. Just run your EBT
card through the ATM machine in the checkout line, enter your
PIN, and the amount of your eligible food purchase (the machine
will automatically separate foodstamp purchases from nonfood purchases)
will automatically be deducted from your foodstamp balance. No
more mailing out foodstamps and having people say there were lost
in the mail. If your card is used and your PIN is entered, you
CANNOT, under any circumstances, get replacement for foodstamp
Not sure yet what will happen with the little mom-and-pop store
that doesn't have the machine where you swipe your card at the
checkout. Remember, for years the big grocery stores have avoided
poorer neighborhoods, so often mom-and-pop provided the only place
In addition to foodstamps, cash aid like AFDC (now called TANF),
where you get cash for dependent children, is also going EBT.
There will be ATM machines where you can withdraw cash up to 4
times per month without charge (there will be a charge if you
do it more than 4 times per month) or you can use the card for
point-of-sale purchases (no limit on the number of those you can
do for free). If you have a checking account, they can direct
deposit to your own account. If not, Citicorp will handle your
account. Again, no replacements for "lost money" if it was obtained
with your card and your PIN.
There will be an 800 number for 24/7 questions about your account.
Guess where the center is located? India. You know, the country
on the other side of the world that is thinking of going to war
with Pakistan. The American welfare system creating jobs abroad.
Counties can also opt in to EBT to handle General Assistance.
Obviously the government and the corporate world will now be
able to keep track of where you spend every cent of your food
stamps, and most of your cash assistance. Do we want this? True,
it's taxpayer money. But what about privacy? Dignity? You can't
make me believe Citicorp won't be doing something with all the
info they get.
And what happens when the computer goes down?
Thought you might be interested, from a techie as well as privacy
point of view.
// -- CONTINUING DISCUSSION -- //
===> TOPIC: PRIVACY FEE?
From: John Gabree
People already sacrifice their privacy for a "fee." Corporations
don't have to offer cash. In exchange for convenience, consumers
allow themselves to be tracked so that they can save the names
of albums in their shopping carts until they next visit or be
greeted by name when they return to countless news, retail and
service sites. And then there is the information they offer up
to get an astronomically long shot at that $11 million. And didn't
those who participated in the paid-to-surf fad eons ago give up
a whole lot of information about themselves to make pennies as
they surfed? $5 a month? Seems steep.
GotWebHosting.com Reliability Affordability Functionality For
a special promotional discount: http://www.gotwebhosting.com/?8474642400
From: Lynn Bernstein
For David Hauser, or anyone else interested, my company, ECG,
along with other security, I produced a presentation about it
at PC Expo last month. Since this is an obvious blatant self-promotion
to answer the question, please look at http://ecg-incc.com/security.html,
for more information. For an added incentive, I will give a
to anyone on security services (privacy is part of security)
from this list only thru August 31, 2002. Simply email Privacynotes@ecg-incc.com
Lynn Bernstein ECG Consulting
===> TOPIC: PRIVACY ADVOCACY
From: Mike Valentine
Eric Norlin said:
>> As for Homeland Security linking together databases:
people ask me sometimes why i'm so lax about the idea of the government
knowing everything about me. Admittedly i'm biased -- I worked
in the world of intelligence for a time -- the idea of them knowing
everything doesn't bother me because they already do. None of
the above would seem to indicate that I'm operating under "blind
trust" -- and i can get more detailed, if you'd like <<
Please do "get more detailed" Eric. I'd love to hear insider
viewpoints from those involved in building a single sign-on system,
as it seems inevitable. When you say that the idea of government
"knowing everything doesn't bother me because they already do",
does that mean that they already know everything about you or
about all of us? If it's just you that government already knows
everything about, was that just up to the point you ceased to
work "in the world of intelligence" or do they continue to? If
you meant that they already know everything about all of us, then
does that mean it is acceptable and that big brother is already
here? I'm very interested in more details there!
// -- PRIVACY NEWS -- //
Moderator note: There are two ways to access previously listed
privacy news stories. One is to visit Privacynotes archives, the
other (simpler) way is to visit
where I also keep a privacy news archive.
Location-based wireless services are just around the bend, and
a good dose of controversy is bound to arrive with them. Though
services that can pinpoint a user's exact location through a mobile
phone signal offer promising applications, especially for public
safety, they also promise the opportunity for widespread invasions
of privacy . Location information can be used in many ways --
from beneficial to downright malicious. What is troubling to many
is that the power to use the data properly rests almost entirely
in the hands of mobile operators.
Florida Issues Subpoenas to Investigate Prozac Mailing On July
9, 2002, the Florida Attorney General issued investigative subpoenas
to Eli Lilly & Co., Walgreens and a number of health care
providers to determine whether state laws were violated when Prozac
tablets were mailed unsolicited to a Florida resident. In the
most recent twist on direct marketing of pharmaceuticals to patients,
the individual received an envelope from Walgreens that included
a letter encouraging the patient to switch to Prozac Weekly along
with a free one-month trial of the drug. The Attorney General’s
office is concerned not only with the unsolicited delivery of
a prescription drug, but also with the possibility that privacy
rights were violated by the misuse of medical information to target
likely candidates for a particular drug.
Florida Attorney General Settles Eckerd Marketing Investigation
The Florida Attorney General’s Office announced July 10, 2002,
that it had reached a settlement with Eckerd Drug Corporation
in the investigation of the company’s use of private medical information
for commercial purposes. The attorney general had been investigating
Eckerd’s practice of having customers sign a form that not only
acknowledged receipt of a prescription but also authorized the
store to release prescription information to Eckerd Corp. for
future marketing purposes. The form apparently did not adequately
inform customers that they were authorizing the commercial use
of their personal medical information.
WASHINGTON, July 9 Under Congressional pressure, the Bush administration
said today that it was open to the idea of installing a chief
privacy officer in a new Department of Homeland Security to make
sure it weighed issues of confidentiality and the secure handling
of personal information. "If you bring us a proposal, I think
we'd look at it very carefully, Privacy is a very important function."
Mr. Barr opened a subcommittee hearing by asking Mr. Everson what
steps would be taken "to ensure the privacy of personally identifiable
information as the new agency establishes necessary databases
that coordinate with other agencies of the government."
For many interactive marketers, one solution to that threat
is permission-based (also called opt-in) marketing. Behind permission-based
marketing’s significance is the mounting focus on privacy matters
among the American population. This focus is not simply an online
or an e-mail phenomenon—and it’s not even a "phenomenon," if that
means a fad or a trend. Instead, privacy concerns represent a
sea change in how people are ready to deal with corporations and
government, and what they expect from those institutions in return.
More than 14 million Americans are under continual electronic
surveillance by their employers, who not only watch e-mail, chats,
and Web traffic but also look into employee files, according to
a July 2001 report issued by the Privacy Foundation, a Denver-based
advocacy group. In some cases, the monitoring is reactive—as was
the case with General Dynamics. Most of the time, however, companies
watch their workers hoping to nip problems in the bud. Any machine
that belongs to a company is fair game. The company doesn't need
a warrant—or your permission.
Every new technology gives birth to new security and privacy
fears. When mobile phones first started gaining popularity in
the late '80s and early '90s, it seemed anyone who could navigate
a Radio Shack could put together a little receiver to intercept
random cell traffic from the air. Although carriers have made
it a little harder to do that today, the sense that some conversations
are better had in person, or over a wired line, has not disappeared.
FORT LAUDERDALE, Fla., July 3 "Enclosed you will find a free
one month trial of Prozac Weekly," it said. "Congratulations on
being one step to full recovery." The mailing infuriated one recipient,
a 59-year-old home caregiver who filed a class-action lawsuit
this week in state court here. "They're going after me because
I have a problem," said the caregiver, who agreed to an interview
in her lawyer's office here on the condition that her name be
withheld. "It bothers me to think that somebody could get into
my medical records and start sending me dangerous medications."
The suit says Walgreens, a local hospital, three doctors and Eli
Lilly, which makes Prozac, misused patients' medical records and
invaded their privacy. It also accused the drugstore and Lilly
of engaging in the unauthorized practice of medicine.
Cellphones, with their unlisted numbers, have long been more
or less safe from the marketing that bombards kitchen phones,
mailboxes and e-mail in-boxes. But that electronic cocoon is starting
to fray. Telemarketers are increasingly reaching people on their
cellphones. Wireless phone services say they are receiving a growing
number of complaints from consumers angry because the calls are
costing them money. So many complaints, in fact, that a backlash
has begun. Companies and consumers are suing telemarketers. Legislators
in at least four states are trying to regulate such calls, and
a bill barring cellphone spam has been introduced in Congress.