Date: Fri, 29 Sep 95 13:32:30 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V7#027 Computer Privacy Digest Fri, 29 Sep 95 Volume 7 : Issue: 027 Today's Topics: Moderator: Leonard P. Levine Re: Knowing Where you Browse? Re: Knowing Where you Browse? Snooping via Web Servers Re: Local Surveillance and Web Servers Re: Grocery Purchases and my Privacy Re: Grocery Purchases and my Privacy Re: White House Plans to Consolidate fed Data Centers Re: Caller ID Experiences Re: Caller ID Experiences Re: Signature Data Collection at Kinkos New Home Page for Computer Ethics Re: Junk Faxes & e-mail are Illegal Science and Engineering Ethics Info on CPD [unchanged since 08/01/95] ---------------------------------------------------------------------- From: Jeff Gruszynski Date: 24 Sep 1995 18:14:47 -0700 Subject: Re: Knowing Where you Browse? Your note is the first I have heard about this. I am aware that my browser does keep a history list, but know only that the remote site gets a report from the system about my site, not my personal account. I don't believe any browser is capable of dumping a *complete history* to remote servers. Many browsers do pass a "Referer" field which gives, under certain conditions, the *one* preceding URL if that preceding URL has *a link to* (by an HREF, etc) the requested page on the current server. This means that if you go to a page on server A, and that server has a link to my server B, then server B will be passed the URL of the page on server A when you follow that link, which I can log. This goes back only one server page deep. The exceptions to this are: if you are sitting on a page on server A, and *type in* the URL on server B, the referer field generally should not contain the URL on A. Similarly, if you hotlist/bookmark a link, the referer won't be passed. However, if you create a local "file://..." home page and create an HTML link to server B, the "file://..." will be passed. The one notable exception to the exception is Netscape 1.0 browsers (and possibly earlier versions) which pass *every URL*, where ever the request comes from. This is a bug and an excellent reason to make sure you're using 1.1 or later if you're concerned about this. Early versions also passed the "From" field (i.e. the email address you enter in the preferences.) This doesn't appear to be passed in 1.1. Most servers didn't even log referer until the NCSA 1.4, Apache and Netscape servers came out. -- ============================================================================= Jeff Gruszynski Any Standard Disclaimers Apply Test & Measurement Webmaster Hewlett-Packard Company ============================================================================= jeffg@ptp.hp.com http://www.tmo.hp.com/ ============================================================================= ------------------------------ From: shields@tembel.org (Michael Shields) Date: 27 Sep 1995 04:00:42 -0000 Subject: Re: Knowing Where you Browse? Organization: Tembel's Hedonic Commune M. Hedlund wrote (about Netscape cookies): If you are concerned about this issue, take a look at the definition of realm -- basically, they try to prevent you from making the realm anything other than the whole or a part of your own domain. For example, I would be able to issue cookies for any request to *.best.com, but not for any request to *.com. Netscape, according to that page, allows anything with at least two periods. Thus, while you couldn't specify *.com, you could specify *.co.uk. Without knowledge of the internal structure of each top-level domain, the browser cannot flag this. While cookies are convenient for CGIs that need to maintain state, the information can already be encoded into the URL, which is a universally supported technique. The only new functionality cookies provide is the ability to create detailed clicktrails without being prominent. -- Shields. ------------------------------ From: rj.mills@pti-us.com (Dick Mills) Date: 27 Sep 1995 07:48:31 -0400 Subject: Snooping via Web Servers There's been a number of recent CPD articles about web browsers being used to snoop on the client. Does anyone know about the next wave of Java enabled browsers? It sounds to me like the Java programs in pages we download might be able to do unlimited snooping or damage on your computer and your network. The Java language includes protection from the java program getting contaminated or picking up a virus, but I don't see what it can do about a deliberately malicious Java program. This particular risk has been discussed on the net for some years, particularly with respect to Postscript, MS Word macros, or any other interpreted language. Java just seems to increase the degree of risk because of the likelihood of having a Java interpreter on the client which will execute without the user noticing anything; namely the web browser itself. It could wisk away a copy of my bookmark file in the blink of an eye and I'd never notice. Word, on the other hand, takes forever to load on my system so I would surely notice if something tried to lanuch it surreptitiously. -- Dick Mills +1(518)395-5154 http://www.albany.net/~dmills ------------------------------ From: geoff@ficus.cs.ucla.edu (Geoff Kuenning) Date: 26 Sep 1995 21:21:32 GMT Subject: Re: Local Surveillance and Web Servers Organization: Ficus Research Project, UCLA Computer Science Department Jesse Mundis writes: This brings up an interesting question. If we grant that one has the right to video tape passer-bys on the street, how far does that right extend? This issue is well-established in law, in particular the laws regarding candid photography. If you subscribe to Popular Photography or a similar magazine for a few years, you'll probably see an article on the subject. To oversimplify a memory from when I read about this 20 years ago, you have a near-absolute right to capture images, but you are restricted in what you do with them, in particular with respect to display or publication. Also, the rights of the photographed person vary depending on whether they are a "public figure" or not. Basically, if your photograph isn't embarrassing, it's probably OK to publish it, but you're better off to get a release from the subject. If the person isn't recognizable in the photograph, it's usually OK to publish. If the person is a public figure, it's usually OK even if it's embarrassing (this is why the tabloids can get away with all those shots of Princess Di). Now, what if our B.S. is in his own house, across the street from you, with his window open. Do you have the right to tape then? My understanding is that this falls under the "Peeping Tom" laws. You not only can't tape, you can't legally even look. What is all this leading to? Following the above reasoning, what about encryption on email? Obviously the person doing the encryption wants privacy, but is encrypting like pulling the blinds, or like having your window face in a direction such that only people who climb a mountain and use a telescope can see you scratching your butt? Pulling the blinds and having a window facing a mountain both create a reasonable expectation of privacy. If you climb the mountain expressly to see the B.S., you're invading privacy. If you climb the mountain to look at the view, bring a telescope for birdwatching, and happen to see the B.S., that's a different matter. (Yes, I realize that this brings up the issue of intent. I'm pretty sure the law makes a distinction.) If your encrypted message (signal) passes through my machine (my space) en route to somewhere else, and I am nosey and have some large computing resources to break your encryption, am I snooping (pushing aside the blind) or just looking through an awkwardly positioned (encrypted) yet still open, window with my telescope? You are clearly pushing aside the blinds. This is not random looking through a telescope, it is a deliberate exertion of effort designed to circumvent another person's attempt to ensure privacy. -- Geoff Kuenning g.kuenning@ieee.org geoff@ITcorp.com http://www.cs.ucla.edu/ficus-members/geoff/ ------------------------------ From: an274807@anon.penet.fi (Fig) Date: 27 Sep 1995 01:15:14 -0800 Subject: Re: Grocery Purchases and my Privacy Organization: Me? wrote: In at least some communities, there's an easy way you can subvert the supermarket's information gathering while doing a good deed. Some churches, synagogues, schools, and other non-profit organizations sell "scrip." It works at the grocery store like cash, and no ID is required to use it. The charitable organization buys it at a 5% discount, and sells it at face price. So you're giving 5% of your grocery bill to your favorite charity, and the store isn't collecting demographic information since they don't know who you are. Is the 'script' serialized (it would make sense to help prevent fraud and to do accounting)? ... If so, is your church gathering demographics on you? Or maybe the store gives the church an extra 2% if they share the data. There are churches I trust less than the government, but not many. paranoid? whateverfor? -- And other grandfolks could be heard arguing the perennial question of whether the United States still lingered in a prefascist twilight, or whether that darkness had fallen long stupefied years ago, and the light they thought they saw was coming only from millions of Tubes all showing the same bright-colored shadows. Vineland, p. 371, Thomas Pynchon ------------------------------ From: mjh9@lehigh.edu Date: 28 Sep 1995 13:19:10 -0400 Subject: Re: Grocery Purchases and my Privacy Mary Jo Bruce writes: My bank, a small one, just installed the phone in system, and I used it a few times. Last night I pushed the wrong button, and I was led into a "check verification" area, where anybody can call to see if my check is good. What I want to know is this: do all/most phone in systems have this check verification feature? My bank does have a telephone system, however, in order for me to access any information about my account, I must enter my personally choosen PIN. While I can find out my balance, and what checks have cleared, no one else can see if my check is good, at least as far as I know. Mario Hendricks o o o o o o o ... ____________________ __ __ o _____ || Mario | || mjh9@Lehigh.edu || .][__n_n_|DD[ ====___ || Hendricks | || Lehigh University || >(________| |_[__#97__] ||_________________| ||_____________________|| _/oo OOO oo ooo ooo 'o^o o^o` 'o^o^o o^o^o` -------------------------------------------------------------------------- + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ------------------------------ From: WELKER@a1.vsdec.nl.nuwc.navy.mil Date: 27 Sep 1995 09:24:28 -0400 (EDT) Subject: Re: White House Plans to Consolidate fed Data Centers It further concerns me that the original NPR report on consolidation was labelled "Official Government Use - Not for Public Release" on every page when it was issued in February 1995. (This document is currently accessible from a government Internet server). Why should such planning be kept secret from the public? Because if the public heard every wacky idea that comes up in the course of formulating policies and plans, people would go off half-cocked and scream about things that would never have made it into the results anyway. The civil service rumor mills are quite bad enough without subjecting every meeting to direct public scrutiny (not that there aren't a few that would benefit from same). As for consolidation of data centers, I suspect that at least a 20 percent or more cost savings in data center operations (not the federal budget, mind you) is not unreasonable, by eliminating the redundant overheads of the various data centers, which pay for themselves by "taxing" their end users. Example: (assume 5% standard overhead) Gross Funding Operations Cost Data Center 1 $100 $5 Data Center 2 100 5 Data Center 3 100 5 Combine these into one data center with overhead of $7.50. You save $7.50, which is 50% of your former operations cost, because you no longer have three different accounting, purchasing, security, personnel, and administrative departments, which you only needed because these activities were being conducted as three distinct agencies. Beats the heck out of financing them with your grandchildren's taxes. ------------------------------ From: Lynne Gregg Date: 26 Sep 95 15:21:00 PDT Subject: Re: Caller ID Experiences Responding to Beth Givens (prc@acusd.edu) questions on Caller ID in the U.S. Caller ID penetration among residential consumers varies from 6 to over 10% throughout the U.S. Penetration among residential subs in Canada is approx. 15% and exceeds that figure in some Euro countries. Penetration rates among small businesses in the U.S. range from 25 to 40% nationally. Consumers are generally notified by telcos of service and blocking options by way of a bill stuffer or bill letter. These methods are generally accepted and in some cases required (by some states and the impending FCC Order). The blocking options ordered by the FCC (*67 to block on a per call basis; *82 to unblock on a per call basis when a Line Block is in effect) are generally thought to be acceptable. Many telephone companies offer Per Line Blocking for those consumers who wish to block display of their numbers on a permanent basis (especially useful to the consumer who PAYS for an unlisted number or PAYS for inbound calls when the phone in question is a cellular one). Sure, Caller ID may been used by marketers and other entities to gather phone numbers. However, most folks don't realize that many marketing companies have been doing this for years with ANI. ANI is always present on calls to 800 numbers and CTI systems can read and process ANI (i.e., your phone number) at the time you complete your call. The advantage to the consumer with Caller ID is that they can control the display of their Calling Party Number. They cannot do this with ANI. It's always a part of the call and it can't be blocked. Yes, Caller ID is effective at thwarting harassing callers. Consumers who buy Caller ID indicate that they want to know WHO'S CALLING - especially when they're wrapped up with dinner or other activities and would naturally prefer to defer phone calls. The "horror" story on Caller ID is that with today's technological capabilities, some consumers are deprived of the a basic right to know WHO'S CALLING them. For example, when someone rings my doorbell, I can look through the window to see who's there and choose to answer or not. Caller ID offers consumers convenience and privacy (as in the ability to protect theirs from invasion by the caller). With blocking options generally available (and clearly specified in the FCC Order) consumers with unpublished numbers can prevent their numbers from being disclosed. In almost every state, Per Line Blocking is readily available (free) to shelters and similar agencies. I have seen Caller ID marketing materials from most RBOC and several independent telcos. I do not see anything that is intentionally misleading or manipulative in the materials I've seen. However, there are a few things that consumers who buy Caller ID should know. Caller ID is not always displayed. And, depending on who calls you and how many calls you receive, you may not even see a majority of Caller ID numbers appear on the equipment. Service satisfaction is generally tied to who calls you and how often you receive calls. The FCC Order on Calling Number Services (effective 12/95) also orders telephone companies to freely exchange Calling Party Number, so frequency of number display should also improve. Also it should be noted that most PBX's (today) don't send true Calling Party Number on outbound calls (usually generating a non-dialable trunk or some unintelligible number on the Caller ID display). Caller ID, by the way, is particularly beneficial to consumers of cellular service here in the U.S. Since cellular users incur charges for inbound calls, Caller ID enables them to preview the Calling Party Number and either accept the call (and pay) or let it roll to VoiceMail (and not incur a charge). AT&T Wireless Services offers Caller ID to its digital service subscribers in some markets and is expanding service coverage throughout the U.S. Regards, Lynne - - - - Lynne Gregg Product Manager, Personal Services AT&T Wireless Services, Inc. Headquarters 5000 Carillon Point, Kirkland WA 98033 email: lynne.gregg@attws.com ------------------------------ From: Jay Harrell Date: 27 Sep 1995 22:00:26 GMT Subject: Re: Caller ID Experiences Organization: Riverside Consulting Group Privacy Rights Clearinghouse wrote: To help us prepare this publication, we would like to hear from people in states *with* caller ID (currently 48, we're told) I live in Atlanta GA. We've had caller ID for several years now and Caller ID with names for a few years less. I've been a subscriber to caller ID for a long time. I found the number-only caller ID next to useless because I don't have a good memory for numbers, but I love the caller ID with name. Just as most people would not answer the door without looking to see who is knocking, I seldom answer the phone unless I know who is calling. I almost never answer "blocked" calls. The only missing link is long distance calls which only show "out of area" - and a large percentage of telemarketing calls are long distance. My opinion regarding caller ID is this: the privacy argument misses the point. The rights in question are those of the person receiving the call. Someone initiating a call has no right to and should not have an expectation of anonymity. Phone calls have been anonymous for so long simply because the technology wasn't there to make them otherwise. (And we've had many problems as a result. ) That's my opinion, and I respect others whose opinions differ. With all that said- my answers to the questions which were posed. - Is Caller ID widely used in your state? Or has it been a marketplace flop? I don't know. - About what percent of phone customers subscribe to it? Are these primarily businesses -- or residential customers? It is marketed at residential customers. I don't know of any businesses using it. - Have consumers been adequately notified of their blocking options? _NO_ (I'm not sure that we even have per-call blocking. I know we had per-line blocking.) - Have the blocking options available in your state been effective in allowing consumers to control the dissemination of their phone numbers? Probably not. - Has Caller ID been used by marketers and other entities to gather phone numbers? Not that I have noticed. They have better ways to get your phone number than waiting for you to call them. - Has it been effective at thwarting harassing callers, or is that argument over-sold? Yes, it is _very_ effective for this use. - Do you have any "horror" stories to relate about Caller ID being used to invade privacy? For example, are there documented cases of it being used by stalkers and other types of harassers to learn the unpublished numbers of their victims? No personal horror stories. I've had a few people, who must have been using caller ID, call me at home when they should have called my "work" number. I often use my home line to make outgoing work related calls. - Have domestic violence shelters and various "help" hotlines (such as AIDS and suicide prevention hotlines) noticed a "chilling effect" on the uses made of their services because of Caller ID? I do not know. - Have your phone company's efforts at marketing Caller ID been above-board, or have they been misleading and manipulative? Misleading only in that they don't mention that you are left in the dark with long distance callers. - Has the introduction of Caller ID resulted in anything which was unexpected and which surprised you -- either good or bad? I no longer always answer the phone everytime it rings. Basically, I control my phone instead of it controlling me. I don't talk to nearly as many telemarketers as I used to. Oh yes, and because my unit stores the last 100 callers, when I need to return a call, I don't look up the number in my address book, I use the caller ID instead. -- Jay Harrell Jay@Mindspring.com ------------------------------ From: "Shauna Baldwin Associates" Date: 27 Sep 1995 22:25:47 -0500 (CDT) Subject: Re: Signature Data Collection at Kinkos At my local Kinkos, and I am told, at every Kinko's location since around mid-August or early September 1995, there is a new device by the cash register. It is a signature verification data collection device. When you have an account, as many businesses do, and charge your purchases, you are now required to sign on the signature verification device. The clerks are not trained to inform customers using it for the first time that this is a new system and it is being used to authenticate their signature. Instead, it is presented as a convenience, a support on which to rest the invoice as you sign! As a result, I felt absolutely trapped into their digital data collection. They had, in effect, scanned my signature, without my permission. To the credit of the local manager, my complaint (loud, I may add) led to a simple workaround. I am now singled out for special service: the staff are trained to mark all my invoices "Delivery" so I don't have to use the darn thing. But my questions are: Is there a law against this? (I live in Wisconsin.) Is signature authentication technology proven as accurate? What does it prove if the first signature collected is by an imposter and all subsequent signatures are by the same imposter posing as a company employee? ------------------------------ From: Centre for Computing and Social Responsibility Date: 28 Sep 1995 15:39:57 +0100 (BST) Subject: New Home Page for Computer Ethics Launch of the new CCSR Home Page -------------------------------- As Director of the Centre for Computing and Social Responsibility, I am pleased to announce the launch of CCSR's new Home Page at: http://www.cms.dmu.ac.uk/CCSR Our aim is to establish this as a major reference site for both academics and practitioners concerned with the sensitive application of the information technologies. New information and new links to other sites will be added regularly, these being highlighted for ease of use. We will email contacts of any major additions. If you do not wish to remain on this mailing list or you know of others who would like to be included please let us know. We are in the process of building a multilingual bibliography for computer ethics which will be made available in the future. If you have any items that you would like to include in this bibliography please email the details. Such contributions will be acknowledged. If you know of other relevant home pages that would be worth linking to please let us have the details. In conjunction with the Research Center on Computing & Society at Southern Connecticut State University, we are establishing a global consortium of centres to promote the work of computer ethics on an international basis. If you are interested in being involved in this work please contact us. I hope you enjoy visiting our Home Page and please let us have your suggestions as to how we can make it even better! Simon Rogerson ------------------------------ From: "Dennis G. Rears" Date: 28 Sep 95 11:06:00 EDT Subject: Re: Junk Faxes & e-mail are Illegal prvtctzn@aol.com (Prvt Ctzn) writes: Unsolicited advertisements that are sent to you by e-mail, or to your fax machine are illegal, ... and you can sue the sender for $500 in your states small claims court pursuant to 47 USC 227 (b)(1)(C). [aka the TCPA] I'm assuming you are complaining about email that aol sent to your aol account. If so two suggestions: get a life and get a clue! If you don't want aol to send you email; Get off their system. Your analogy about a computer-modem-printer system being a fax system is false. It fails because the printing requires operator intervention, that is the user must specifically toggle the printer on. If you do sue I hope that in addition to tossing your case out of court the judge fines you for a frivilous court action. Unsolicited advertisements that are sent to you by e-mail, or to your fax machine are illegal, unsolicited email advertisements are not illegal. -- dennis ------------------------------ From: Centre for Computing and Social Responsibility Date: 28 Sep 1995 15:48:57 +0100 (BST) Subject: Science and Engineering Ethics Introducing a new quarterly journal: SCIENCE AND ENGINEERING ETHICS Editors: Stephanie J. Bird, Massachusetts Institute of Technology, USA Raymond E. Spier, University of Surrey, UK Published quarterly by Opragen Publications, PO Box 54, Guildford, GU1 2YF, UK Science and Engineering Ethics is a multi-disciplinary quarterly journal launched in January 1995 which is dedicated to exploring ethical issues of direct concern to scientists and engineers covering professional education, research and practice as well as the effects of innovations on the wider society. An international editorial board has been appointed which represents a broad range of expertise. The journal will publish original research papers, reviews, comment pieces, letters, editorials, book reviews and conference reports. It will also publish special issues devoted to single topics of importance; these include Trustworthy Research (in 1995), Computer Ethics (in 1996) and Peer Review (in 1997). In this new journal both science and engineering are defined broadly and include all aspects of human endeavour that seek to increase the range and quality of our knowledge and the application of this knowledge to the generation of goods and services that benefit us as individuals and as members of societies. Although the focus of this publication is primarily directed towards practitioners of science and engineering, contributions from a broad range of disciplines will be included. The journal presents an opportunity for the discussion of ethical values and professional standards as well as exploring the expectations and concerns of professionals in science. In addition, Science and Engineering Ethics will provide material which will be useful for the education and training of scientists and engineers in the ethical issues that they will encounter in their workplaces - a matter receiving increasing attention. The journal will also provide a forum for the exchange of views on the many issues that are presented to society by innovations in science and engineering. These include new products that have arisen from genetic engineering, informatics, nucleonics, robotics and our abilities to manipulate the fertilization process. Other concerns emerge from our use of animals in research, our approach to healthcare, the persuasiveness of the media, the sustainability of a high quality environment and the way in which we build and use our towns and cities. Science and Engineering Ethics welcomes manuscripts from those who wish to make contributions to progress in this field. Papers containing original research will be double-blind refereed. Announcements of meetings and networks relevant to the subject matter are welcomed and will be published in each issue as a service to readers. Information should be sent to Opragen Publications at the address below. Notes for authors, subscription information and review copies of the journal can be obtained from the publishers, Opragen Publications, P.O. Box 54, Guildford, Surrey GU1 2YF, United Kingdom, Tel/Fax +44 (0)1483 560074. Manuscripts can be submitted to one of the editors as follows: Professor Raymond Spier, School of Biological Sciences, University of Surrey, Guildford GU2 5XH, United Kingdom, Tel/fax +44 1483 259 265 E-Mail: r.spier@surrey.ac.uk Dr. Stephanie J. Bird, Massachusetts Institute of Technology, Rm. 12-187, 77 Massachusetts Ave., Cambridge, MA 02139, USA Tel (617) 253 8024, Fax (617) 253 1986. ------------------------------ From: "Prof. L. P. Levine" Date: 11 Aug 1995 09:39:43 -0500 (CDT) Subject: Info on CPD [unchanged since 08/01/95] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the SUBJECT: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V7 #027 ****************************** .