Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
People embroiled in the debate over anonymity on the networks might want to check out an article entitled "Reuter's Instinet is Biting Off Chunks of Nasdaq's Territory" in October 4th edition of the Wall Street Journal (p. C1). The article doesn't deal directly with anonymity-- it just charts the success of Reuter's Instinet, a computer network that matches up buyers and sellers of large blocks of stock. The article mentions that many clients selling large blocks of stock turn to the Instinet because it is anonymous. It's main competitors are not. It reads, "Large investors, who wish to keep their long or short positions confidential, especially want to avoid tipping other investors off about their bets in the volatile, mostly small-capitalization over-the-counter market." Ideally, this feature allows the market to be more efficient and more fair. People who just happen to be selling, say, Apple Computer Company stock to say, Motorola, won't be able to use their casually acquired knowledge. (Just a hypothetical example.) Another chance for "insider" like trading is gone. This anonymity, though, is almost certainly not absolute. The SEC would probably be able to unwind the trades if they needed to do so. But I'm just guessing about this.
Front page news in "Computing", 6 October 1994: Headline: ICL loses 1.3m pounds poll tax case In a landmark award, St Albans City Council has won a 1.3m pounds High Court judgement against ICL for supplying flawed poll tax software, precipitating a flood of similar claims against the supplier. Monday's judgement has industry-wide implications because the judge in the case, Mr Justice Scott Baker, ruled that a clause in ICL's standard contract limiting the supplier's liability if problems arose did not apply under the Unfair Contract Terms Act 1977. Notes: 1. "Computing" is a UK computing industry weekly newspaper. 2. ICL is a Japanese owned UK based computer company. 3. 1.3m UK pounds is approximately $2 US million. 4. The "poll tax" was the abortive uniform local tax on individuals introduced by the Conservative government under Mrs Thatcher, but now replaced due to public resistance. Jonathan Bowen, Oxford University Computing Laboratory, Programming Research, Wolfson Building, Parks Road, Oxford OX1 3QD UK Jonathan.Bowen@comlab.ox.ac.uk
On the front page of the buiness section of the San Jose Mercury today (5 Oct 1994) is an article describing one of the most egregious privacy violations I have heard of. America Online, described in the article as the fastest growing on-line service providers, has or appears to be ready to peddle subscriber information. The kind of information by AOL collected upon sign up is (IMHO) excessive. My wife signed up and I nearly told her to find another service provider and if she had known about the possibility that the info would be sold I am sure that she would have not signed up. According to the article the information which might be included in the sale of AOL subscriber info includes: "...name, gender, address, income, family, type of computer equipment, and payments to the company." My hope is that other subscribers will rise up in anger and convince AOL that this invasion of their privacy will cost them more $$$ in lost subscribers than they can hope to gain via the sale of the info. David L. Gehrt
The German daily newspaper "Tagespiegel" notes this past weekend that for any set of twins (or triplets, etc.), in Brazil, only one may register to vote for the upcoming election. Seems the unique key for the voter registration form consists of the names of the parents and the birthdate. It was noted that the problem could not be corrected in time for the election, presumably there will a number of people contesting the election. Debora Weber-Wulff, Technische Fachhochschule Berlin, FB Informatik, Luxemburger Str. 10, 13353 Berlin, Germany email: weberwu@tfh-berlin.de
"Watchdog", a consumer affairs television program shown on the BBC, Monday 26th September, reported on the experiences of a customer of Dixons (a computer and other electrical goods retailer). The customer had bought a PC from them, and had used it extensively, writing letters, doing business and accounts and so on. The PC started to malfunction, the symptoms being wrong characters generated by the keyboard. For example, "w" translated to an "f" and so on. Dixons said that they couldn't fix it, but would charge UKP 250 for an upgrade to a new machine. The customer agreed to this, and told them, before he gave the computer back, that he had confidential information stored on it, and would they remove it for him. Dixons agreed to this. 6 months later, he received a phone call from a family who had purchased his old computer from Dixons, saying that they had found his data still on the computer. RISKS: Obviously, the retention of the data is a large risk. But in addition, I think there are several others. Most obvious is the fact that the customer, while storing important information on the machine had made no efforts to make it secure. The situation could have been much worse if the computer had been stolen, or if his children had access to the data to change it. Other risks include believing what the retailer tells you. We weren't told any more technical information about the problem with the machine, but it looked very much as though either the keyboard was faulty, or, more likely, that one of the keyboard drivers had become corrupted. Certainly not something that should UKP 250 to fix. Also, the second owners of the machine believed that what they were getting was brand new, with the caveat that it had been used a display machine. Obviously, it wasn't. But even if it had been a display machine, it should be a trivial matter to walk into one of the stores and put a virus on many of the machines available. This could cause havoc for first time buyers. Nik
Periodically I remind you of TWO useful digests related to privacy, both of which are siphoning off some of the material that would otherwise appear in RISKS, but which should be read by those of you vitally interested in privacy problems. RISKS continues to carry general discussions in which risks to privacy are a concern. The most recent issues of PFD and CPD include extensive material on the newly passed Digital Telephony Bill that now awaits Presidential signature. Because the of the extraordinary volume of that material, we do not attempt to cover the issues here. If you are seriously interested in the discussions on privacy, I recommend you try BOTH digests for a while (free trial subscriptions are terrific, but especially when the long-term subscriptions are also free AND, perhaps more important, you don't wind up on anyone ELSE's mailing list!). * The PRIVACY Forum Digest (PFD) is run by Lauren Weinstein. He manages it as a rather selectively moderated digest, somewhat akin to RISKS; it spans the full range of both technological and non-technological privacy-related issues (with an emphasis on the former). For information regarding the PRIVACY Forum, please send the exact line: information privacy as the BODY of a message to "privacy-request@vortex.com"; you will receive a response from an automated listserv system. To submit contributions, send to "privacy@vortex.com". * The Computer PRIVACY Digest (CPD) (formerly the Telecom Privacy digest) is run by Leonard P. Levine. It is gatewayed to the USENET newsgroup comp.society.privacy. It is a relatively open (i.e., less tightly moderated) forum, and was established to provide a forum for discussion on the effect of technology on privacy. All too often technology is way ahead of the law and society as it presents us with new devices and applications. Technology can enhance and detract from privacy. Submissions should go to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. There is clearly much potential for overlap between the two digests, although contributions tend not to appear in both places. If you are very short of time and can scan only one, you might want to try the former. If you are interested in ongoing detailed discussions, try the latter. Otherwise, it may well be appropriate for you to read both, depending on the strength of your interests and time available. PGN
Call for Participation - CFP'95 The Fifth Conference on Computers, Freedom and Privacy Sponsored by the ACM SIGCOMM, SIGCAS, SIGSAC and Stanford Law School 28 - 31 March 1995 San Francisco Airport Marriott Hotel, Burlingame, California INVITATION This is an invitation to submit session and topic proposals for inclusion in the program of the Fifth Conference on Computers, Freedom and Privacy. Proposals may be for individual talks, panel discussions, debates, or other presentations in appropriate formats. Proposed topics should be within the general scope of the conference, as outlined below. SCOPE The advance of computer and telecommunications technologies holds great promise for individuals and society. From convenience for consumers and efficiency in commerce to improved public health and safety and increased participation in democratic institutions, these technologies can fundamentally transform our lives. New computer and telecommunications technologies are bringing new meanings to our freedoms to speak, associate, be left alone, learn, and exercise political power. At the same time these technologies pose threats to the ideals of a just, free, and open society. Personal privacy is increasingly at risk from invasion by high-tech surveillance and eavesdropping. The myriad databases containing personal information maintained in the public and private sectors expose private life to constant scrutiny. Political, social, and economic fairness may hinge on ensuring equal access to these technologies, but how, at what cost, and who will pay? Technological advances also enable new forms of illegal activity, posing new problems for legal and law enforcement officials and challenging the very definitions of crime and civil liberties. But technologies used to combat these crimes can threaten the traditional barriers between the individual and the state. Even such fundamental notions as speech, assembly and property are being transformed by these technologies, throwing into question the basic Constitutional protections that have guarded them. Similarly, information knows no borders; as the scope of economies becomes global and as networked communities transcend international boundaries, ways must be found to reconcile competing political, social, and economic interests in the digital domain. The Fifth Conference on Computers, Freedom and Privacy will assemble experts, advocates and interested people from a broad spectrum of disciplines and backgrounds in a balanced public forum to explore and better understand how computer and telecommunications technologies are affecting freedom and privacy in society. Participants will include people from the fields of computer science, law, business, research, information, library science, health, public policy, government, law enforcement, public advocacy, and many others. Topics covered in previous CFP conferences include: Personal Information and Privacy Access to Government Information Computers in the Workplace Electronic Speech, Press and Assembly Governance of Cyberspace Role of Libraries on the Information Superhighway Law Enforcement and Civil Liberties Privacy and Cryptography Free Speech and the Public Communications Network We are also actively seeking proposals with respect to other possible topics on the general subject of computers, freedom and privacy. Some new topics we are considering include: Telecommuting: Liberation or Exploitation? Courtesy, and the Freedom to be Obnoxious Commercial Life on the Net How Does the Net Threaten Government Power? Universal Access to Network Services The Meaning of Freedom in the Computer Age Online Interaction and Communities Government-Mandated Databases PROPOSAL SUBMISSION All proposals should be accompanied by a position statement of at least one page, describing the proposed topic. Proposals for panel discussions, debates and other multi-person presentations should include a list of proposed participants and session chair. Proposals should be sent to: CFP'95 Proposals Stanford Law and Technology Policy Center Stanford Law School Stanford, California 94305-8610 or by email to: cfp95@forsythe.stanford.edu with the word RProposalS in the subject line. Proposals should be submitted as soon as possible to allow thorough consideration for inclusion in the formal program. The deadline for submissions is 1 November 1994. STUDENT PAPER COMPETITION Full time students are invited to enter the student paper competition. Winners will receive a scholarship to attend the conference and present their papers. Papers should not exceed 2,500 words and should examine how computer and telecommunications technologies are affecting freedom and privacy in society. All papers should be submitted to Professor Gary T. Marx by 20 November 1994. Authors may submit their papers either by sending them as straight text via email to: Gary.Marx@colorado.edu or by sending six printed copies to: Professor Gary T. Marx University of Colorado Campus Box 327 Boulder, Colorado 80309-0327 (303) 492-1697 Submitters should include the name of their institution, degree program, and a signed statement affirming that they are a full-time student at their institution and that the paper is an original, unpublished work of their own. INFORMATION For more information on the CFP'95 program and advance registration, as it becomes available, write to: CFP'95 Information Stanford Law and Technology Policy Center Stanford Law School Stanford, California 94305-8610 or send email to: cfp95@forsythe.stanford.edu with the word "Information" in the subject line. THE ORGANIZERS General Chair Carey Heckman Stanford Law School Stanford Law & Technology Policy Center Stanford, CA 94305-8610 415-725-7788 (voice) 415-725-1861 (fax) ceh@leland.stanford.edu To discuss potential CFP'95 speakers, topics, and formats, and to receive additional CFP'95 information, subscribe to the CFP95 list. Send to cfp95@lists.stanford.edu a plain text message consisting of subscribe cfp95. Program Committee Sheri Alpert, Internal Revenue Service Judi Clark, ManyMedia Kaye Caldwell, Software Industry Coalition Esther Dyson, EDventure Holdings Mike Godwin, Electronic Frontier Foundation Peter Harter, National Public Telecommuting Network Lance J. Hoffman, George Washington University Ellen Kirsh, America OnLine Bruce R. Koball, Motion West Gary T. Marx, University of Colorado Mitch Ratcliffe, Digital Week Marc Rotenberg, Electronic Privacy Information Center Deborah Runkle, American Association for the Advancement of Science Barbara Simons, USACM Ross Stapleton-Gray, Georgetown University Glenn Tenney, Fantasia Systems Jeff Ubois, Author and Consultant J. Kent Walker, Jr., Department of Justice [Affiliations are listed for identification only.]
EUROCRYPT '95 May 21 - 25, 1995, Saint-Malo, France FINAL CALL FOR PAPERS General information Eurocrypt '95 continues the tradition of European IACR conferences dedicated to the theory and applications of cryptologic techniques. Original papers are solicited on all aspects of cryptology. Topics of interest The topics of interest include but are not limited to: . Applications . Authentication . Combinatorial aspects . Computational complexity aspects . Computer security aspects . Conventional cryptosystems . Cryptanalysis . Cryptographic hash functions . Digital signatures . Electronic money . Foundation and theory . Implementation aspects . Information theoretical aspects . Key distribution . Number theoretical aspects . Practical aspects . Protocols . Pseudo randomness . Public key . Secret sharing . Standards . Voting systems . Zero knowledge Instructions for authors Send a cover letter, one title page and 18 copies of an extended abstract to be received by November 21, 1994, (or postmarked by November 10, 1994 and sent via airmail). The title page should contain the title, the name of the authors, their phone and fax numbers, their postal and e-mail address and the abstract. The extended abstract should start with the title and the abstract, but should be anonymous (Please, reserve the acknowledgments for the final version of the paper). This should be followed by a succinct statement appropriate for a non-specialist reader specifying the subject addressed, its background, the main achievements, and their significance to cryptology. Technical details directed to the specialist should then follow. A limit of 10 single-spaced pages of 12pt type (not counting the bibliography and clearly marked appendices) is placed on all submissions. Since referees are not required to read the appendices, the paper should be intelligible without them. Abstracts that have been or will be submitted in parallel to other conferences or workshops that have proceedings are not eligible for submission to Eurocrypt. The authors must state compliance to this rule in their cover letter. A LaTex style file and an example of a cover letter will be available. Conference proceedings Eurocrypt '95 will be the first Eurocrypt conference where proceedings will be available at the meeting. The proceedings will be published in the Springer-Verlag's Lecture Notes in Computer Science. Clear instructions about the final copy will be sent to the authors. The final copies of the accepted papers will be due on March 6, 1995. Authors of accepted papers must guarantee that their paper will be presented at the conference. A limited number of stipends are available to those unable to obtain funding to attend the conference. Students whose papers are accepted and who will present themselves are encouraged to apply if such an assistance is needed. Requests for stipends should be addressed to the general chairperson. Program Committee Chaired by Louis Guillou, the following persons are the Members of the Program Committee: Mihir Bellare Johannes Buchmann Mike Burmester Paul Camion Donald W. Davies Amos Fiat Hideki Imai Lars Knudsen Ueli Maurer Birgit Pfitzmann Jean-Jacques Quisquater Ronald Rivest Jacques Stern Douglas Stinson Moti Yung Gideon Yuval Important information Submission receipt deadline: November 21 (or postmarked airmail: November 10) Notification sent to authors: January 23 Final copies due: March 6 Send submissions to: Louis Guillou, Program Chair CCETT (Eurocrypt '95) 4, rue du Clos Courtel F-35512 Cesson-Se'vigne' Cedex FRANCE Tel: +33 99 12 42 47 Fax: +33 99 84 56 00 Email: iacr95@ccett.fr For other information, contact: Franc,oise Scarabin, General Chair CCETT (Eurocrypt '95) 4, rue du Clos Courtel F-35512 Cesson-Se'vigne' Cedex FRANCE Tel: +33 99 12 41 98 Fax: +33 99 12 40 98 Email: iacr95@ccett.fr
Please report problems with the web pages to the maintainer