This document first appeared in the Whole Earth Review magazine. It appears here in the WELL's gopherspace with the permission of Whole Earth Review and the author, Robert Luhn who retains the copyright. Whole Earth Review is a very cool magazine - get yourself a subscription. Whole Earth Review (WER) is published 4 times each year by the Point Foundation, a non-profit US corporation. Trial subscriptions to WER are available for US $20 per year for individuals. $35 per year for institutions; single copies $7. Add $8 per year for Canadian and $6 for foreign surface mail; add $12 per year for airmail anywhere. Whole Earth Review 27 Gate Five Road Sausalito, CA,94965 USA Voice Phone: (415) 332-1716 Fax: (415) 332-3110 or E-mail wer@well.sf.ca.us -------------------------------------------------------------------------- This is a "toolkit" of resources and informtion about privacy. It is divided into reviews of: ----> Books ----> Newsletters and Journals ----> Reports/Pamphlets ----> Advocacy Groups ----> Online Resources for Computer Users and ----> Other resources THE WHOLE EARTH PRIVACY TOOLKIT by Robert Luhn Copyright 1993 Robert Luhn 1022 Curtis St. Albany, CA 94706 MCI Mail: 302-9347 Internet: pcwluhn@aol.com America Online: PCW LUHN "Privacy is the most comprehensive of all rights...the right to one's personality," wrote Louis Brandeis for the <>, back in the musty pre-fax 1890s. But Judge Thomas Cooley, an obscure contemporary of Brandeis', probably put it better: "Privacy is the right to be let alone." Unfortunately, our clever founding fathers neglected to mention privacy specifically in either the Constitution or the Bill of Rights. The fourth amendment does secure you from "unreasonable searches and seizures", but it doesn't prevent your boss from bugging the company bathroom, a federal employer from demanding a urine sample, or your nosy neighbor from tapping into your cordless phone conversations with a police scanner. In sum, your safeguards against government, corporate, and freelance snoopers are pretty slim, dependent on a handful of narrow federal and state laws and scattered court precedents. California and a few other states embed broad privacy protections right up front in their constitutions, but this is an exception, not the rule. So don't leave home without protection. If you want to protect your credit rating, prevent your boss from rifling through your email, or keep the government out of your bladder, peruse this compendium of vital privacy resources that no one should be without. There's something here for everyone, from the casual reader to the privacy buff. ----> Books Your Right to Privacy This omnibus pocket guide from the ACLU covers just about every privacy issue under the sun, such as what an employer can disclose from your personnel records, confidentiality of AIDS tests, who can ask for your Social Security number, how to correct government records, and how to deal with sneaky private investigators. "If there's enough money, you can get anything" boasts one anonymous PI in the book. "You have to find the weak link in the chain and go for it!" The book doles out advice in an accessible question and answer format, and includes just enough history to give you the proper context. If you buy only one book, buy this one. <> Evan Hendricks, et al, 1990; 208pp. $7.95 from Southern Illinois University Press, P.O. Box 3697, Carbondale, IL 62902-3697, or the ACLU. Steal This Urine Test If you've been asked to fill this cup, please, steal this book. "Fighting Big Brother's Bladder Cops!" shouts the back cover, and nothing could be truer. This classic 1987 volume by the late rabble rouser Abbie Hoffman is still in print--a testament to the growing acceptance of drug testing in America. Dear Abbie gives you scoop on everything: the history of drugs and the government's drug paranoia, the culture of employee surveillance, the facts (pro and con) about drug use, the inaccuracy of drug testing, and of course, how to <> a urine test, just in case. <> Abbie Hoffman and Jonathan Silvers, 1987, 262pp. $7.95 from Viking Penguin Privacy for Sale What happens to that "confidential" credit form you fill out? To that workers compensation claim? <> reporter Jeffrey Rothfeder knows, and it isn't pretty. Rothefeder's book exposes the shadowy information underground--the marketplace where credit agencies, the IRS, private investigators, direct marketers, and other "data cowboys" legally and illegally acquire and sell sensitive information on just about anyone. To demonstrate the lax safeguards, the author easily nabs copies of both Dan Quayle's and Dan Rather's credit reports. Rothfeder's wry book is a cautionary tale of how our new electronic wild west of private and governmental databases threaten personal privacy, the economy, and more. <> Jeffrey Rothfeder, 1992, 224pp. $22 from Simon & Schuster Undercover: Police Surveillance in America Gary Marx knows about undercover police first hand. When the future MIT sociology professor was a student at UC Berkeley, his student organization promoting racial equality was nearly destroyed when the treasurer--a police agent--embezzled the group's funds. But Marx's book looks beyond political policing and tackles a tougher question: In the face of rising crime and political corruption, when is undercover police surveillance warranted? Marx examines this and many other uncomfortable questions in this surprisingly readable and lively book for academics and policy analysts, and arrives at a rather startling conclusion: "In starting this book, I viewed undercover tactics as an <> But, in the course of research I have conluded, however reluctantly, that in the United States they are a <>." An extensively researched book that specialists--and some general interest readers--will find absorbing. <> Gary T. Marx, 1988, 284pp. $11.95 from University of California Press Privacy: How to Get It, How to Enjoy it This book is a Mulligan's stew of privacy advice, philosophy, resources, humor, and a little conspiracy paranoia thrown in for good measure. But as you read story after story--the "little Einstein" who hacked into 21 Canadian computer systems, banks blithely (and illegally) sharing depositor information with just about anyone--you begin to see the author's point of view. <>'s pithy chapters identify key privacy abuses (from credit card scams to the 24 federal agencies that gather intelligence on Americans), offers pointed remedies, explains obscure laws that help you keep a low profile, and suggests books to read. Sometimes the advice is right on ("consider the use of mail-drop services") and sometimes downright weird ("you and your friends might try learning an obscure foreign language to promote privacy"). Either way, it's a fascinating, eclectic read. Note: Eden Press offers half a dozen other privacy books, from <> to <<100 Ways to Disappear and Live Free>>. For the privacy anarchist within. <> Bill Kaysing, 1991, 128pp. $18.95 from Eden Press, P.O. Box 8410, Fountain Valley, CA 92728 Privacy in America David Linowes is one of the privacy experts that every writer cites, and with good reason--his knowledge is encyclopedic. Although this book mirrors <> in focusing on the abuse of computerized personal data, Linowes' thoroughly researched and chilling anecdotes will get your blood boiling. The book embraces everything from genetic screening to electronic fraud, showing time and again how privacy laws and other safeguards are regularly flouted by government and business alike. The book is light on advice, but its overwhelming evidence, copious studies, surveys, and polls make it worth the price. <> David Linowes, 1989, 192pp. $19.95 from University of Illinois Press, 54 East Gregory Drive, Champaign, IL 61820 How to Get Anything on Anybody Want to learn how the pros tap a phone, surreptitiously videotape someone, tail a bad guy, or crack into a "secure" computer? This ultimate hardware catalog-cum-how-to-manual for professional snoopers tells all, and even notes where you can buy neat-o spy stuff. It's also a boon for less nosy folk, says author Lapin, because "the first time someone kicks you right in the privacy act" you'll be prepared. If nothing else says Lapin, remember this: "law enforcement agencies are only the tip of the electronic eavesdropping iceberg. Most bugs are planted by people to spy on their spouses or to gain an advantage in business." <> Lee Lapin, 1991, 224pp. $38 postpaid from ISECO Inc., 2228 S. El Camino Real #349, San Mateo, CA 94403 Other books of interest: <> (M.L. Shannon, $23.95 postpaid, Paladin Press). A companion volume to Lee Lapin's books, with emphasis on showing you how to protect yourself from electronic eavesdropping. <> (Robert Ellis Smith, $14.50, Privacy Journal). Not for casual readers, but if you have an interest in the law and the historical underpinnings of privacy rights (from torts to "fair information" practices), this book is for you. <>. (Frank Donner, $34.95, UC Press) An exhaustively researched book on repressive police tactics over the last 30 years, with much coverage devoted to covert surveillance, and the illegal compilation and distribution of dossiers. <> (Alexander Charns, $24.95, Univ. of Illinois Press). You think you've got it bad? A gripping tale of how Hoover's FBI bugged, harassed, and otherwise attempted to manipulate the Supreme Court during the '50s and '60s. <> (John Carroll, $45, Butterworth-Heinemann). The skinny on private and public databases--who maintains what data on whom and what rules (if any) regulate how that information is disseminated. A slow read, but a valuable sourcebook. <> (Marcus Farbenblum, $32.50, McFarland & Company). Although the subject's arcane, this readable guide details how the IRS withholds records and obscures it own procedures--and how you can make the IRS "tell you everything you have a right to know". ----> Newsletters and Journals Privacy Journal This indispensable 8 page monthly digest covers key privacy stories, legislation, abuses, and trends in the U.S. and abroad, with a special focus on computerized information and telecommunications. Publisher and gadfly Robert Ellis Smith has been puttin out <> for nearly 20 years, frequently testifies before Congress on privacy legislation, and is a constant thorn in the side of credit bureaus. An accessible guide that will inspire you to get mad. Note: <> also publishes a number of useful reference books and studies. <>, P.O. box 28577, Providence, RI 02908, 401/274-7861. Subscription: $109/year; Special <> discount: $35/year. Privacy Times This biweekly 10 page newsletter put out by Evan Hendricks is more news oriented and more timely than <>. If you're a privacy maven, you'll appreciate the in-depth coverage (such as why the Bush administration tried to shut down the FOIA office), and the summaries of recent court rulings affecting privacy. <>, P.O. Box 21501, Washington, DC 20009, 202/829- 3660, 202/829-3653 (fax). Subscription: $250/year for 26 issues ($225 prepaid) geneWatch Worried about who's peeking in your genes? This bi-monthly newsletter is a one-stop source for news about the social, political, and ethical consequences of genetic engineering. Topics range from how insurers use genetic testing to weed out "bad" risks, to DNA identification, as well as non-privacy related issues. <>, Council for Responsible Genetics, 19 Garden St., Cambridge, MA 02138, 617/868-0870, 617/864-5164 (fax). Subscription: $15-$30 for six issues ----> Reports/Pamphlets "If An Agent Knocks: Federal Investigators and Your Rights" This bargain pamphlet is the ultimate how-to privacy guide. Using a simple question and answer format, you learn what to do if a federal agent tries to question you, the scoop on agencies that gather political intelligence, how the feds infiltrate political organizations, and much more. In English and Spanish. $1 from the Center for Constitutional Rights, 666 Broadway, New York, NY 10012, 212/614-6464 "How to Use Freedom of Information Statutes" Curious about what Big Brother has on you? This informative guide shows you how to use the Freedom of Information Act (FOIA) and California Public Records Act to access files maintained on you by the government. You learn what's open and what's exempt, and how to make a request (sample letters are included); relevant addresses and copies of the two acts in question are included. $12 from the Freedom of Information Project, 102 Banks St. San Francisco, CA 94110, 415/641-0651 "Your Right to Privacy" This special report written for the <> is an excellent introduction to personal and workplace privacy. Plusses: a summary of federal privacy laws, a table detailing privacy laws by state, and tips on how to protect yourself. $7, January 20, 1989 Editorial Research Report, Congressional Quarterly Inc., 1414 22nd St. NW, Washington, D.C., 20037, 202/822-1439 "Genetic Monitoring and Screening in the Workplace" (S/N 052-003- 01217-1) and "Medical Monitoring and Screening in the Workplace" (S/N to come) For privacy and medical buffs. These two reports from the Office of Technology Assessment aren't exactly light reading, but they contain a wealth of information about the state of genetic testing; the ethical, political and privacy implications; surveys on use and attitudes; and copious references. $12 each from the Superintendent of Documents, Government Printing Office, Washington, D.C., 20402-9325, 202/783-3238 "Privacy Law in the United Sates: Failing to Make the Grade" This 32 page report by the US Privacy Council and the Computer Professionals for Social Responsibility (CPSR) spotlights the huge gaps in American privacy laws, lax enforcement by federal agencies, and argues persuasively for the creation of a national data protection board. Somewhat technical, but a good source. $10 from CPSR, P.O. Box 717, Palo Alto, CA 94301, 415/322-3778, Internet: cpsr@csli.stanford.edu "Protecting Electronic Messaging: A Guide to the Electronic Communications Privacy Act of 1986" Is an email message as protected as the U.S. Mail? A phone call? A conversation in the company cafeteria? This pricey and somewhat technical guide clarifies this and other questions, helps employers interpret federal law, and if nothing else, will motivate your boss to adopt strict guidelines on email privacy. $195 ($55 for members), Electronic Mail Assocation, 1555 Wilson Blvd., Suite 300, Arlington, VA, 22209-2405, 703/875-8620. ----> Advocacy Groups American Civil Liberties Union There's no national 911 for privacy emergencies, but the ACLU is the next best thing. This granddaddy of all privacy organizations lobbies, educates, and sues on just about every privacy front. Your local ACLU chapter is a resource for cheap reports covering many privacy concerns (from student rights to FOIA access), can offer legal referrals, and in certain cases, represent you in court. Membership: $20/year. ACLU, 122 Maryland Ave. NE, Washington, DC 20002, 202/544-1681 Electronic Frontier Foundation The EFF was co-founded by <<1-2-3>> creator and former Lotus Development chairman Mitch Kapor to "promote privacy services for network users and examine the interaction of computers and society." In short, EFF advocates electronic democracy in all its forms, and is a force in ensuring that new communications technologies are open to everyone and receive proper Constitutional protection. The group lobbies Congress and various federal agencies, defends users wrongly accused of computer crimes, educates and publishes reports, sponsors various conferences, provides legal referrals and counseling, and sometimes sues federal agencies under the FOIA. <>, the EFF's newsletter packed with tips, information, and recent testimony, is posted on popular online services and electronic bulletin boards. Membership: $20/year (students); $40 (regular); $100 (corporate). Electronic Frontier Foundation, 155 Second Street #35, Cambridge, MA 02141, 617/864-0665, 617/864-0866 (fax) Computer Professionals for Social Responsibility Like the EFF, CPSR is concerned about civil liberties, computing, and telecommunications. The well-regarded group has testified at more than a dozen Congressional hearings, led the campaign to stop the FBI's wiretap proposal earlier this year, and recently recommended privacy guidelines for national computer networks. Current CPSR priorities include medical record privacy, curbing the misuse of Social Security numbers, and promoting privacy for communications users. Membership: $40/year (basic); $75/year (regular). CPSR, P.O. Box 717, Palo Alto, CA 94301, 415/322-3778. National Consumers League For activist consumers and workers, NCL is the party to join. The group tackles everything from food irradiation to workplace safety to telemarketing fraud. But the NCL has a special place in its heart for privacy issues, and recently commissioned a national survey on workplace privacy. The bimonthly <> reports on these and other issues. Membership: $20/yr. National Consumers League, 815 15th Street NW, Suite 928-N, Washington, DC 20005. 202/639-8140 Privacy International Like Amnesty International, Privacy International is a global organization dedicated to fostering human rights--in this case, privacy rights. Only 2 years old, PI's first task is to sound the alarm over privacy abuses throughout the world and to push for the adoption of practices that "guard against malicious or dangerous use of technology". PI raises awareness internationally about privacy assaults, repressive surveillance practices, coordinates privacy advocates around the world, and like Amnesty International, monitors and reports on abuses country by country. Members also receive the <>, a quarterly newsletter with privacy reports from around the world, legislative updates, and news on related civil liberties issues. Membership: $50. Privacy International, c/o CPSR, 666 Pennsylvania Ave. SE, Washington, DC 20003. ----> Online Resources for Computer Users CompuServe CompuServe is the Macy's of online services--there's something for everyone. Privacy buffs should check out the Electronic Frontier Foundation (GO EFFSIG), whose rallying cry is "Civilize Cyberspace!". EFFSIG offers online conferences, Q&A with EFF staff, and a well-stocked library that includes back issues of <>, essays on privacy issues, online cyberpunk magazines, and more. Other relevant special interest groups (SIGs): "The Journalism Forum" (GO JFORUM), which focuses on privacy, ethics and journalism; "The Legal Forum" (GO LAWSIG), which includes chitchat and papers about privacy and telecommunications law; and the "Legal Research Center" (GO LEGALRC), an online legal search service that includes indexes for over 750 law journals, studies, publications, plus access to a handful of legal databases. Membership: $39.95 one-time fee, plus $7.95/month. CompuServe, 5000 Arlington Centre Blvd., P.O. Box 20212, Columbus, OH 43220, 800/848-8199 The WELL This laid-back online service is <> online privacy resource. Put out by the same people who, gosh, put out <>, the WELL offers a cornucopia of databases, online conferences, electronic mail, access to USENET "newsgroups" (including privacy groups), and much more. Three forums are largely dedicated to privacy issues: EFF (Electronic Frontier Foundation), CPSR (Computer Professionals for Social Responsibility), and CFP (Computers, Freedom & Privacy). You get online privacy experts, conferences, updates on legislation, the status of court cases, and a chance to truly interact with privacy professionals. The WELL's interface is a little clunky, but you won't find more privacy resources online anywhere. Subscription: $15/month, $2/hr of connect time. The WELL, 27 Gate Five Road, Sausalito, CA 94965-1401, 415/332-4335 (voice), 415/332-6106 (modem) ----> Other resources: Privacy Rights Clearinghouse Hotline 1-800-773-7748 10am to 3pm, M-F Cost: Free Unlike other informational phone lines that play back canned tapes, the Clearinghouse is staffed by live, savvy privacy advocates who can answer questions on a range of privacy issues affecting Californians. Funded by the Public Utility Commission and provided by the Center for Public Interest Law at the University of San Diego, the Hotline can answer questions, provide referrals (such as an insider's phone number at a credit bureau), and send you privacy fact sheets on everything from workplace privacy to using cordless phones. Lucid, sharp advice-- and its free! "The Privacy Project: Personal Privacy in the Information Age" This engaging 13 part series, originally produced for Western Public Radio, is now available on cassette. The half hour episodes combine humor, hard-nosed advice, and interviews with privacy experts. An excellent introduction to privacy issues, from Caller ID to credit bureaus. The company also sells audio tapes of recent Computers, Freedom & Privacy conferences. $11/tape, $75 for all 13. Pacifica Radio Archive, 3729 Cahuenga Blvd. West, North Hollywood, CA 91604, 800/735-0230 "The Complete Video Library of Computers, Freedom & Privacy" This video collection from various CFP conferences captures legal, computer, privacy, and ethics experts debating key privacy issues. See Lawrence Tribe on "The Constitution in Cyberspace", the Secret Service on law enforcement problems, Gary Marx on computer surveillance, the FBI on phone tapping, and more. $55/tape; $385-$480 for complete sets. Sweet Pea Communications, Computers, Freedom & Privacy Video Project, P.O. Box 912, Topanga, CA 90290, 800/235-4922. <> Sidebar #1: "Personal Stealth: Ten Things You Can Do to Protect Your Own Privacy" 1. Minimize data collection. Only give out information that <> believe is really essential. And be careful: data is often gathered automatically without your knowledge or permission. 2. Check for accuracy when data is collected for credit, medical, and personnel records. Check the information periodically for accuracy and to see who else has accessed these files. 3. Exercise your right to opt out. If you feel like it, write to the Direct Marketing Association's mail and telephone preference services, to be removed from list exchanges. [Write to: Direct Marketing Association, 11 West 42nd St., P.O. Box 3861, New York, NY 10163-3861.] Unlist your name and address from the phone book. Use call blocking when you don't want to identify yourself over the phone. If you don't want your information shared, say so. 4. Follow privacy issues. You'll find ongoing coverage in the <> and in newsletters such as <> and <>. Look for them in your library, along with books and other materials on privacy. Educate others about what you've learned about privacy. Share your insights with family, friends, and co-workers. 5. Advocate changes in law and public policy. Let your views be known to your state and federal lawmakers. Write to your public utilities commission about telephone privacy issues. Write letters to the editor; let them know your views about privacy and that you'd like to see more coverage. 6. Advocate from within. In the organizations where you have influence, make sure there's a coherent privacy policy that meets the needs of all stakeholders. 7. Read the fine print. Ask hard questions. Support businesses that respect your privacy; avoid those that don't. 8. Defend and respect the privacy of others. 9. Beware of wireless conversations. People do hear your cordless, cellular, mobile, and ship-to-shore communications. If you don't want to be overhead by your boss, your employees, the police, reporters, or two-bit criminals, don't broadcast it. And remember: the person on the other end of the conversation may use a cordless phone. If this is a problem for you, scramble your communications with encryption. The same goes for electronic mail and voice mail. Change your passwords frequently and don't trust any service 100%, even if it's encrypted. 10. Be alert, but not overly paranoid. If you follow steps 1 through 9, you're doing all you can. <> Sidebar #2 "Marc Rotenberg's Privacy Shelf" Marc Rotenberg is the director of the Washington office of the Computer Professionals for Social Responsibility, chair of the ACM Committee on Scientific Freedom and Human Rights, and something of an expert on privacy and telecommunications. In an informal electronic interview conducted over Internet, Rotenberg shared some of the resources he thinks every privacy buff should have. The Handbook of Personal Data Protection (Wayne Madsen, 1992, $170 from Stockton Press) "Outstanding and comprehensive. The bible of international privacy law." Regulating Privacy: Data Protection in Europe and the United States (Colin Bennet, 1992, $16.95 from Cornell University Press, ) "The first comparative study of privacy protection law. Well written and informative." Uneasy Access: Privacy for Women in a Free Society, (Anita Allen, 1988, $21 list, $24 post-paid from University Press of America) "Explores the role of gender in privacy. An important book by a leading privacy scholar." Privacy Laws & Business "An excellent [British] publication that's timely and comprehensive. A little expensive, but invaluable for people who are interested in following closely privacy developments around the world." Subscription: 240 pounds/year, 4 issues. Call 081- 866-8641. "The Right to Privacy" (Samuel Warren and Louis Brandeis, 1890, in the <>) "For history buffs and privacy experts, this 1890 article is the starting point for privacy law. Considered one of the most important law review articles of all times (it essentially created the legal right of privacy in the U.S.), it is still a valuable resource for understanding the right of privacy."