« السابقةمتابعة »
From the New York Times, Dec. 8, 1983)
PRIVACY THREATS WORRY AMERICANS
MANY IN SURVEY BELIEVE DATA ON TAXES AND TELEPHONES ARE NOT KEPT SECRET
(By Adam Clymer)
WASHINGTON, Dec. 7.-Americans are increasingly concerned about threats to privacy, and about a third of the public believes the Internal Revenue Service, the Federal Bureau of Investigation and telephone companies "probably share" information on individuals with others, according to a poll conducted by Louis Harris and Associates.
Results of the Sept. 1-11 survey of 1,256 people, paid for by Southern New England Telephone Compnay, were released today as the Smithsonian Institution opened a four-day symposium on "The Road after 1984: High Technology and Human Freedom."
Participants will examine various aspects of society in light of George Orwell's novel "1984," which foresaw an almost all-powerful government.
The telephone poll found the percentage of Americans who said they were "very concerned about threats to personal privacy increased from 31 percent in 1978 to 48 percent in 1983. It found four Americans in five believed it would be easy for someone to assemble a master file on their lives that would violate their privacy.
SHARING OF INFORMATION
The poll found that 84 percent of the public thought it would be a serious violation of privacy if the revenue service did not keep tax returns confidential, and 82 percent thought it would be serious if the F.B.I. did not keep its data secret.
When asked what they thought actually happened to such data, 36 percent of the respondents said they thought the revenue service shared information and 38 percent said they believed the F.B.I. did. Thirty-three percent said they thought phone companies shared data, although 25 percent said phone companies did not have any information that mattered.
Those agencies were trusted more than several other institutions presented. Fifty percent of the public throught public opinion research concerns shared data, and 51 percent said the Census Bureau, banks and government welfare agencies did so. Fifty-seven percent said they believed insurance companies shared their information, 65 percent said this of loan companies and 75 percent said credit bureaus shared information with others.
Along with the telephone sample of the 1,256 people, the pollsters also interviewed 100 leaders in each of four categories; members of Congress and their aides, corporate executives, science editors and school superintendents. In general, those groups were less fearful of major invasions of privacy than the public was.
LEADERS' OPINIONS DIFFERED
For example, 86 percent in the sample of the public thought it was possible that "a government in Washington will use confidential information to intimidate individuals or groups it feels are its enemies," and 70 percent said that was "likely." All four leadership groups also said such a development was possible, by about the same percentages as the public. But just 24 percent of the congressional group, 37 percent of the executives, 56 percent of the editors and 39 percent of the school superintendents said it was “likely."
Mr. Harris, chairman and founder of the polling concern, commenting on the findings at a news conference, said he believed "the leadership is far less alerted to the dangers than the people are."
"Those at the throttle of our political leadership just haven't given it much thought," he said.
[From the New York Times, Dec. 25, 1983]
IRS STARTS HUNT FOR TAX EVADERS, USING MAIL-ORDER CONCERNS' LIST
(By David Burnham)
WASHINGTON, Dec. 24-The Internal Revenue Service has obtained a computerized mail-order list of the estimated incomes of two million American households
and has begun to test whether it can help track down people who fail to pay their taxes.
The service is conducting the test despite the refusal of the three major companies that develop such information to provide the Government with a list and over the objections of their trade organization, the Direct Marketing Association.
Alexander Hoffman, who is the chairman of the board of the association and a group vice president at Doubleday & Company, said the sale of the list to the I.R.S. violated a provision in the group's code of ethics that lists should be rented only for marketing and could “upset an important segment of the economy."
The revenue service said a brokerage firm that provides marketing lists, the Dunhill Company of Washington, D.C., had put together the names the agency sought. The association said the company was not one of its members. Officials at the company did not return several telephone calls, but the revenue service spokesman said the names had been put together from several small concerns.
BROOKLYN INCLUDED IN TEST
In the test, a commercially prepared list of two million households in Brooklyn, Wisconsin, Indiana, and Nevada will be matched against an I.R.S. list of people living in those areas who filed income tax returns for the tax year 1982.
All those whose names appear on the first list, but not the second, will be notified that they are subject to a revenue service inquiry about their tax liability. The notices will start going out next spring. An executive of one of the companies objected to the test on the ground that many people who have not done anything wrong get the notices.
If the test identifies individuals who file no taxes at all, the service will then try to determine whether the same technique can be used to track those who underpay their taxes. According to an I.R.S. plan the decision whether to use the technique nationwide will not be made until 1985 or later.
A spokesman for the revenue agency said the commercial list is obtained for its test match, after a five-month search, contained the names and addresses of two million households, their estimated incomes, the birthday of the head of each household and the number of people living in each.
In the last few years, the tax agency has become concerned about a slow increase in the number of Americans who fail to pay their taxes. Because of this concern, the agency has sought to develop new techniques for identifying tax evaders.
A recent I.R.S. report on income tax compliance, for example, estimated that reve nue losses caused by people compile national mailing lists, the Donnelly Marketing Service of Stanford, Conn. the R.L. Polk Company of Detroit and Metromail of Lincoln, Neb., decided this fall not to sell their information to the tax agency. In separate interviews officials of the three companies called the project "absolutely ridicu lous" and "inappropriate" and indicated it would hurt their business.
The revenue service said a brokerage firm provides marketing lists, the Dunhill Company of Washington, D.C., had put together the names the agency sought. Officials at the company did not return several telephone calls, but the revenue service spokesman said the names has been put together from several small concerns.
Mr. Hoffman, the current head of the 2,600-member Direct Marketing Association, said in a telephone interview that he understood that the tax agency had a legitimate concern and that he and his organization hesitated about making "a big public pronouncement" that might affect the Government's ability to handle a real problem.
"But there are some questions we feel the I.R.S. should consider," he said. "What effect will the I.R.S. use of mailing lists have on the public's perception about this kind of communication? What I am worried about is that if the I.R.S. is able to undertake this effort on a national basis, it may make the public afraid to have their name on any mailing list, afraid to buy anything buy mail, afraid to fill out coupons. By conservative estimates, direct marketing now accounts for sales totaling $140 billion a year."
DIFFERENCE IS NOTED
Mr. Hoffman said there was a very real difference between the commercial use of a mailing list and the use being explored by the tax agency. "Strangely enough, a mailing list is essentially anonymous," he said. "A company rents a computer tape. prepares one set of labels and makes a mailing. That's it. If you want to have your name removed from a particular list or all lists, our organization operates the Mail Preference Service at 6 East 43d Street in New York where this can be accomplis
"But if the I.R.S. starts with a commercial mailing list, then adds Census data, then cross references it with other data," Mr. Hoffman continued, "then they are taking something that is essentially anonymous in the commercial world and turning it into individually identifiable information, using it in a way the individual never imagined."
Noting that the company that was said to have sold the list to the tax agency was not a member of the association, Mr. Hoffman said the sale violated one of the provisions of the group's ethical guidelines, that lists should be rented only "to persons who are going to use them for marketing purposes."
The guideline of the trade organization parallells one of the important principles set out in the Federal Privacy Act. The principle is that information collected by an agency for one purpose should not be used for another purpose without informing the individual who provided the information.
CONCERN AMONG POLLSTERS
The Council of American Survey Research Organizations, representing more than 105 public opinion firms, is also concerned about the tax agency's project. John Rupp, a lawyer for the council in Washington, said, "We think it would be unethical for the I.R.S. or any other entity to use information obtained from individuals under a promise of confidentiality or to use information in a way that is inconsistent with the purpose for which it initially was collected."
Mr. Rupp added that the council would support the Federal project as long as it was completely based on information in public files. But he added; "In a democracy as complex and varied as ours, that polling plays a pivotal role. We worry that survey or marketing research may not long survive if the trust of the American people is undermined."
Because the original sources of the computerized names provided to the revenue service are unknown, it is not possible to determine how the data were collated.
The method used by the Donnelly Marketing Service, however, involves placing in computer the names and addresses taken from every telephone book as it is published. The computer is then instructed to assign each household to the correct census tract. From the information published by the Census Bureau, conclusions can be made about each household, including median income, average family size and probable race.
In those states where the information is available on a computerized list, Donnelly then matches data from the Department of Motor Vehicles on the model and year of automobiles owned by the individuals at each address. If the auto is an expensive one, the estimated income is adjusted upward; if it is a cheap model, the income is reduced.
Reginald C. Troncone, the executive vice president of Metromail, recently expressed his concern about the I.R.S. project in a letter to Representative Doug Barnard Jr., the Georgia Democrat who is chairman of the House Government Operations Subcommittee on Commerce, Consumer and Monetary Affairs.
"Our company is caught in the middle,” he said. “There isn't any way the I.R.S. can conduct the proposed program and come up with a list of only those individuals who have not filed tax returns. There will be literally millions of legitimate filers who will be contacted by the I.R.S. to provide proof of filing a return."
Computer Communications Vulnerable
BY RONALD BROWNSTEIN
When Citicorp vice president Richard W. Coughenour wants to send a memorandum to one of the bank's employees, he turns to a compact device on the corner of his desk that looks like a cross between a computer and a telephone. The machine, called a Displayphone, has the typewriter-like keyboard and video display screen of a computer and the touch sensitive key pad of a fancy telephone.
No federal law clearly makes it a crime to intercept computer transmissions or to
Coughenour hits a touch pad labeled EZmail and the machine dials the number to connect him with Citicorp's internal electronic mail system, the electronic tones softly tolling as the Displayphone runs through the digits. When the number is dialed. Coughenour hits a touch pad labeled connect and the screen lights up with commands. First it asks him to enter his mailbox number. Then it asks for his password.
To send a memo. Coughenour hits a touch pad labeled compose and pulls out the small keyboard from under the pad. He types out the message and hits the touch pad labeled send.
From his office at the tip of Wall Street, the message skitters across the bank's private fiber optic cables to Citicorp's Park Ave office. From there. if it is traveling to a Citicorp office outside New York City, the message rides a microwave relay to a private earth station in New Jersey where it is transmitted 22.300 miles up to a satellite on which Citicorp owns space. From the satellite, the message returns to another Citicorp earth station and then along public or leased phone lines to the recipient's computer. All in a matter of seconds.
Although the message is easy to send. it is also easy to steal. With a large enough antenna, it is not difficult to intercept microwave transmissions.
52 NATIONAL JOURNAL 1/14/84
Is anybody listening in? "I don't doubt it." said Coughenour, a former Air Force intelligence officer who runs Citicorp's mail services. "The Russians have a big mission at the United Nations and all that equipment on the roof; that's not all there to get Home Box Office. I don't wonder if [some of our competitors] are pointing some stuff at us too."
The information may be vulnerable in a legal sense as well. While the laws governing wiretapping clearly protect spoken communications-essentially, ordinary telephone calls--many experts are concerned that no law makes it a crime to eavesdrop on communications between two computers, even though the information that passes between them is often highly sensitive.
The fuzziness of the laws protecting computer-to-computer communications is only one area where new computer or communications technologies, or merely new and aggressive applications of exist ing technologies, have exposed gray spots in the nation's laws governing privacy. "Our laws have not kept pace with the technology." said attorney Ronald L. Plesser, former general counsel of the Privacy Protection Study Commission, which studied the nation's privacy laws for Congress in the mid-1970s. "The technology has been expanding so quickly that the laws written for one level of technology quickly become obsolete."
Generally, the privacy implications of these technological changes have not received much political, legal or social attention. "We're not even giving it serious, practical consideration," said University of Illinois political economy professor David F. Linowes, who chaired the privacy
But with the arrival of George Orwell's nightmare year of 1984, these blind spots in the law and the general issue of privacy are beginning to receive increased scru
tiny New York Times reporter David Burnham has reignited a debate on the potential threat to privacy posed by the use of computers with a controversial new book. The Rise of the Computer State Robert W Kastenmeier, D-Wis who chairs the House Judiciary Subcommit tee on Courts, Civil Liberties and the Administration of Justice. has begun a wide-ranging series of hearings on the state of civil liberties, including the im pact of new technology on privacy Sev eral other committees are examining the laws safeguarding computer information Universities and other organizations across the country, such as the Smithso nian Institution, are holding conferences on Orwell, technology and 1984. And the American Civil Liberties Union is planning a major conference on privacy
Many of these forums will be used to criticize the Reagan Administration's policies on release of government if formation, classification of government documents and law enforcement. But most of these groups are also examining a different issue: where has new technology outflanked the privacy laws? ELECTRONIC MAIL
leader, sent about an equivalent number of messages. estimates Kenneth G. Bossomworth, president of International Resource Development Inc., an electronic mail consulting firm. Growth has been slow because the electronic mail systems have generally required both the sender and recipient of a communication not only to have computers but also to subscribe to the same system.
Industry observers expect that electronic mail will take off with MCI Communications Corp.'s entry into the business. In September. MCI launched an electronic mail service that allows anyone with a computer terminal, or even an electronic typewriter, to send a message to anyone else in the United States. If the recipient does not have a terminal, the message is printed nearby and delivered either by courier or the U.S. Postal Service.
MCI is predicting rapid growth for the system: from 80.000 users today to 200,000 by 1985. And industry experts are inclined to agree. "The MCI entry will transform the industry's revenue picture," said Bossomworth.
With the proliferation of computer terminals in the home and the office, electronic mail could eventually siphon off a significant chunk of both mail and telephone business. In 1982, the congressional Office of Technology Assessment calculated that ultimately at least twothirds of the Postal Service's annual volume of 110 billion pieces "could be handled electronically" By 1990, the office estimated, more than 23 billion messages could be sent through electronic mail or electronic funds transfer systems. The report predicted that conventional mail volume is likely to peak in the next decade and then decline.
Though the economic prospects for electronic mail may be starting to clear up, the laws covering it remain cloudy in two basic areas: unauthorized entry into such systems and requests by law enforcement officials for access to the records of people's communications held by electronic mail networks, such as MCI. The legal uncertainty underscores the major privacy concern of electronic mail's potential customers, who are worried about competitors reading their internal communications. "The fear [among possible users] is that somebody will get access to the system's central computer and get access to their mes sages," said computer consultant Walter E. Ulrich, who chairs the new Electronic Mail Association's committee on privacy. Prosecutors have complained that while existing laws can be used against criminals who use computers to commit fraud, no law clearly makes it a crime to break into a computer system to look
In a matter of seconds. Citicorp vice president Richard W. Coughenour sends messages on his Displayphone from his office on Wall Street to bank employees around the world. Although the message is easy to send, it is also easy to steal.
around or destroy information. Some legal barriers are in place. About 20 states have laws addressing unauthorized computer break-ins, and some experts note that if someone sought unauthorized entry into a computer system by misrepresenting himself as an authorized user he could be prosecuted under the federal wire fraud law.
But the electronic mail industry. among other computer users. would like clearer protection. The wire fraud law "was not designed for the problem of trespassing against someone's intellectual or electronic property. said Jack Greenberg, general counsel of GTE Telenet Communications Corp. Telenet runs a private electronic mail system used by 130 companies that was broken into repeatedly last summer, most notably by a group of Milwaukee teenagers using home computers.
Rep. Bill Nelson, D-Fla.. and Sen. Paul S. Trible Jr., R-Va.. have introduced identical bills (HR 1092. S 1733) that would make it a federal crime to "take something of value" from a computer or to damage the information in it Nelson's bill has also been incorporated into legislation pending before the Judiciary Subcommittee on Crime that addresses credit card fraud. Both the Nelson and Trible bills, though, still would not make it a crime to enter a computer system and look at the data in it. An aide to Nelson said the bill's sponsors did not believe that should be a federal crime.
While Congress slowly considers these proposed legal barriers to computer break-ins, electronic mail companies have been beefing up their technical defenses In October, the Defense Department split the 15-year-old ARPAnet, an
electronic mail network run by the Advanced Research Projects Agency, into separate systems for military and unclassified civilian research to further limit access to military secrets. Unlike other systems, the new MCI mail will not allow users to pick their own passwords-which are often no more sophisticated than the name of the user's spouse. Instead the new system assigns passwords that are randomly generated.
The electronic mail operators have also installed systems to prevent would-be intruders from programming their own computers to repeatedly try possible passwords until one clicks. Usually, the systems disconnect a user after three unsuccessful attempts at the proper password. After three such disconnections, the MCI system is programmed to notify the firm's security department.
Citicorp's system has similar security protections. But no system is immune to penetration, said Coughenour, who noted that break-in attempts occur "all the time" The ultimate defense, he said, can only be to keep sensitive information out of the electronic mail system "Users of the system understand it and know what to put on it." he said. Anyone breaking into Citicorp's electronic mail, he said, would find information of "only minimal" business value
Even less clear than the law on breaking into an electronic mail system are the legal standards for access by law enforce ment officials. For investigators. electronic mail records could be an extremely valuable source of information. "Electronic mail is tremendously attractive to people who are engaged in investigations." said attorney Piesser. "I think law enforcement officials are going to be
NATIONAL JOURNAL 1/14/84 53