Mobile Office Online's Open Press Conference Aug. 17, 1994

Electronic Privacy

Guests: Dave Sobel, legal counsel for the Electronic Privacy 
               Information Center.
            David Farber, Moore Professor of Telecommunications,
               University of Pennsylvania and board member of the
               Electronic Frontier Foundation.
            Donn Parker, senior management consultant for SRI
               International, a not-for-profit organization.
            Mark Kellner, technology columnist, Washington Times.

Hosts: Chuck Ashman, executive producer, Mobile Office Productions.
          Dan Rosenbaum, editor, Mobile Office magazine.

Online Host: Chris Peacock, editor, Mobile Office Online.

----------------------------------------------------

OnlineHost : Welcome to the auditorium!  Remember, your comments 
                   are seen only by other members of your row.

OnlineHost : Copyright Cowles Business Media, 1994

OnlineHost : Welcome to Mobile Office Online's open press 
                   conference.
OnlineHost : Tonight, we're going to discuss the hottest topic in 
                   cyberspace: electronic privacy.
OnlineHost : We welcome your questions and comments.
OnlineHost : Your host is Chuck Ashman, executive producer of 
                   Mobile Office Productions. 
OnlineHost : Onstage is Dave Sobel, legal counsel for the 
                   Electronic Privacy Information Center. 

Dsobel:          Hi Chuck.  Good to be here.

A1 CHUCK   : Welcome David...let us start with the big 
                   question...will the government have a clipper 
A1 CHUCK   : chip and be able to access all of our computers...yes 
                   or no and if yes, why?

Dsobel        : Maybe.  There's a lot of uncertainty concerning
Dsobel        : Clipper right now.  It's been badly received by the 
                   public, but the White House seems committed to it.

A1 CHUCK   : If you just joined us our guest for this conference 
                   is David Sobel, Legal Counsel for
A1 CHUCK   : a new organization Electronic Privacy Information 
                   Center. David can you explain what
A1 CHUCK   : your Center is doing and how and why is a "liberal" 
                   like Bill Clinton pushing for
A1 CHUCK   : a Big Brother Clipper chip?

Dsobel        : EPIC is looking at the info highway and how it's 
                   design impacts on privacy.  As for Clinton's
Dsobel        : support for Clipper, I think the NSA and FBI have put 
                   out some real horror stories to the White House
Dsobel        : about the need for electronic surveillance to protect 
                   national security.

OnlineHost : OK. Let's take a question from a member of our 
                   audience.
OnlineHost : Tonight we're discussing the issue of electronic 
                   privacy.
OnlineHost : To ask a question, click on the interact icon at the 
                   top of your screen, 
OnlineHost : type in your question or comment, and click "send."

Question   : How are we going to be affected by Clipper 
                   Technology?

Dsobel        : Clipper itself is only intended for phones.  The big 
                   question is what will happen with respect to
Dsobel        : data transmissions.  The fear is that the Clipper 
                   type of "key escrow" scheme will become mandatory
Dsobel        : at some point, raising real concerns about secure 
                   communications.  Under such a plan, the government will
Dsobel        : hold the keys to all communications. 

A1 CHUCK   : Dave Sobel has been a key lawyer in many freedom of 
                   information cases and is in 
A1 CHUCK   : court over the Clipper chip and the National Security 
                   Archive.  He will field your 
A1 CHUCK   : questions. OK Chris from the audience.

Question   : How can we get updates from EPIC on new technology 
                   releases-, i.e. privacy, health care 
Question   : issues?  Is there a listserv on the Internet?

Dsobel        : Send mail to <listserv@cpsr.org> with the message
Dsobel        : "subscribe cpsr-announce <your name>

OnlineHost : This is Mobile Office Online's open press conference.
OnlineHost : Tonight we're discussing the issue of electronic 
                   privacy.
OnlineHost : Onstage is Dave Sobel, legal counsel for the 
                   Electronic Privacy Information Center. 
Question   : what advice would you give to someone online about 
                   meeting people?

Dsobel        : If the question is how they can secure their 
                   communications with strangers, the answer is 
Dsobel        : cryptography, which is now widely available. 

OnlineHost : OK. Let's take a question from a member of our 
                   audience.
OnlineHost : To ask a question, click on the interact icon at the 
                   top of your screen, 
OnlineHost : type in your question or comment, and click "send."

Question   : How "private" is e-mail? 

Dsobel        : Not very.  It's really more like sending a postcard 
                   then a letter.  The problem is that we never know
Dsobel        : how our mail is routed, so it's passing through a lot 
                   of machines along its way.  Fairly unsecure.

Question   : I understand it is possible to "sniff" out a person's 
                   password if you have the proper
Question   : network analyzers. Is that true?

Dsobel        : I'm not a security expert, but it's my understanding 
                   that any password is subject to
Dsobel        : compromise.  Security folks recommend changing 
                   passwords periodically. 

Question   : What about PGP? People say the government can't decrypt 
                   it, but what do we believe?

Dsobel        : PGP is a strong "public key" crypto system.  From all 
                   accounts, it's very secure.  In fact, many
Dsobel        : people believe it was the gov't's fear of PGP and 
                   similar programs that gave rise to the Clipper plan.

A1 CHUCK   : If  you are new to our Wednesday night press 
                   conference, we try to bring experts on
A1 CHUCK   : key topics here courtesy of Mobile Office Online.  We 
                   focus on these issues in our 
A1 CHUCK   : Mobile Office Magazine and you can access relevant 
                   articles etc. and product info 
A1 CHUCK   : through the keyword Mobile.  Coming up next hour two 
                   of the top experts who have
A1 CHUCK   : helped shape computer policy in this country with 
                   Mark Kellner of 
A1 CHUCK   : 'Washington Times and Editor Dan Rosenbaum of Mobile 
                   Office Magazine.  Right now
A1 CHUCK   : David Sobel who has fought the good fight for many a 
                   consumer cause is fielding your
A1 CHUCK   : questions about privacy or the lack of it these days. 
                    He is counsel for the Electronic
A1 CHUCK   : Privacy Information Center. OK Chris go for audience 
                   questions.

OnlineHost : To ask a question, click on the interact icon at the 
                   top of your screen, 
OnlineHost : type in your question or comment, and click "send."

Question   : There has been talk about instituting a personal 
                   health card as part of Clinton's health
Question   : care plan. By doing so, wouldn't  we be letting "Big 
                   Brother" invade yet another aspect of our
Question   : lives? How can we prevent this from happening?

Dsobel        : One of the concerns about the health plan is the 
                   proposal to use the SSN as the health ID number.
Dsobel        : The SSN already ties together a vast amount of 
                   personal info, so adding health data raises some
Dsobel        : concerns.  We also need to ensure that the national 
                   health database will be secure and not subject to
Dsobel        : misuse.

A1 CHUCK   : David, I find it amazing that the Clinton 
                   administration, the father of the information
A1 CHUCK   : superhighway and a man who got elected with some 
                   populist views is resisting so many
A1 CHUCK   : of these issues.  For example, cops would love to 
                   have a microphone in every home
A1 CHUCK   : and it would help prevent crime but we respect our 
                   home sanctity.  If they have 
A1 CHUCK   : evidence of a crime, they can get a search warrant.  
                   Why should computers be
A1 CHUCK   : different?  If they think the bad guys are about to 
                   bomb someone, can't they get a 
A1 CHUCK   : warrant and access without a mike in all our 
                   computers?

Dsobel        : The feds would still need search warrants.  The issue 
                   is whether our communications systems should 
Dsobel        : be designed to *facilitate* surveillance.  That's 
                   what the administration is pushing for, with Clipper and
Dsobel        : now the FBI digital telephony proposal.  This is 
                   really a new development -- in the past we didn't 
Dsobel        : design our systems with the express purpose of 
                   guaranteeing access to the gov't.

OnlineHost : OK. Let's take a question from a member of our 
                   audience.

Question   : Rumor has it that the Clinton administration is 
                   backing off on the Clipper/Capstone issue.
Question   : What is your current understanding?

Dsobel        : There was some confusion last month after VP Gore 
                   sent a letter about Clipper.  Some folks read it 
Dsobel        : as a change of policy, but the White House denied it. 
                    By all indications, Clipper is alive and well.

OnlineHost : OK. Let's take a question from a member of our 
                   audience.

Question   : When you link up a computer with a cell phone aren't 
                   you inviting a phone tap...isn't it
Question   : relatively easy to get in?

Dsobel        : Cell phones are notoriously insecure.  I wouldn't 
                   send anything sensitive out over the air.

A1 CHUCK   : David, is this shaping up as a political 
                   argument..Dems vs. republicans or what
A1 CHUCK   : is the dividing line...privacy is like motherhood and 
                   good cherry pie..everybody should
A1 CHUCK   : like it.  Who is arguing on the other side of the 
                   issue.
Dsobel        : Not really.  The issue cuts across traditional lines 
                   -- left and right.  It's really the 
Dsobel        : law enforcement and intelligence agencies pushing 
                   these anti-privacy measures.

Question   : Regarding junk mail, if our home and business 
                   addresses can be sold, can our e-mail
Question   : addresses be sold as well? Soon will we be opening 
                   our e-mail boxes only to find them filled to
Question   : capacity with junk e-mail? 

Dsobel        : I haven't seen much of that yet, but I suspect it's 
                   coming.  Personal info is a very hot commodity,
Dsobel        : and there seems to be a market for just about 
                   everything.  This may be a real problem when we
Dsobel        : really go interactive on the "info highway."  Lots of 
                   transactional date -- what you buy, videos you 
Dsobel        : request, etc. -- will be available for sale.  We 
                   really need to regulate such practices.

OnlineHost : If you'd like to ask a question, use the Interact 
OnlineHost : with Host icon at the top of your screen. 

Question   : EMAIL should be fairly secure from most users, 
                   except of course from System
Question   : Administrators with management privilege.  Is this a 
                   reasonable supposition, or are there other
Question   : weaknesses?

Dsobel        : An in-house company system is not very secure -- it's 
                   not protected by federal law.  And as I said
Dsobel        : earlier, email on the Internet passes through a lot 
                   of potentially vulnerable points.

OnlineHost : OK. Let's take a question from a member of our 
                   audience.

Question   : Is email/Ims subject to the same legal privacy rights 
                   as telephone calls are.....e.g.,
Question   : would a search warrant be  required for law 
                   enforcement to monitor your email/im's?

Dsobel        : Yes, a warrant is required.  But remember that, 
                   unlike phone calls, a lot of email is archived
Dsobel        : in various sites, so it may create more of a 
                   permanent record than you're aware of.

A1 CHUCK   : This topic of privacy affects every one of you out 
                   there and every computer user not
A1 CHUCK   : signed on.  this topic will not go away.  We are 
                   going to continue to pursue it giving
A1 CHUCK   : online time to all sides including the Justice 
                   department and some of the members of
A1 CHUCK   : Congress who argue for the clipper and against David 
                   Sobel and other consumer 
A1 CHUCK   : advocates who are worried about the invasion of 
                   privacy.  David is legal counsel for
A1 CHUCK   : the Electronic Privacy Information Center and 
                   involved in litigation challenging the
A1 CHUCK   : administration's growing policy of big brother for 
                   the computer world.  We invite your
A1 CHUCK   : questions.  OK Chris to the audience

Question   : If someone sent private messages slandering someone, 
                   may these letters be used in court
Question   : against them?

Dsobel        : There really should be no distinction between 
                   something written on paper or posted electronically
Dsobel        : to the net.  The key point is the nature of the 
                   information that is being published, and it could
Dsobel        : be considered defamatory regardless of form.

OnlineHost : Let's take a question for Dave Sobel from a member of 
                   our audience.

Question   : But we arm out police with battering rams to break 
                   down the doors of those against whom 
Question   : they have a search warrant. Shouldn't we arm them with 
                   equally powerful tools for computer access?

Dsobel        : I guess the better analogy might be whether we should 
                   outlaw any building material that isn't 
Dsobel        : transparent.  We don't require that doors be built so 
                   that they can be easily battered down.  The
Dsobel        : gov't should take the world -- including cyberspace 
                   -- as they find it and not try to mandate the way
Dsobel        : we communicate or the way we build our houses.  there 
                   are a bunch of things that make law
Dsobel        : enforcement more difficult -- including the 
                   Constitution and Bill of Rights.

OnlineHost : Dave Sobel, legal counsel for the Electronic Privacy 
                   Information Center,
OnlineHost : is taking your questions on electronic privacy.

Question   : Which public online service is the safest in terms of 
                   keeping E-mail private?

Dsobel        : That's really impossible to say.  Since almost all 
                   mail traverses the internet, the risks are 
Dsobel        : probably about the same regardless of the service you 
                   use.

Question   : What bills are pending on the clipper chip that we 
                   need to oppose?

Dsobel        : Clipper is not before Congress.  It is purely an 
                   administrative initiative.  Congress has looked at 
Dsobel        : the issue, but may be limited in its response.  
                   However, the FBI wiretap bill was introduced in
Dsobel        : Congress last week.  It's an important issue that 
                   people should take a look at and express their 
Dsobel        : views on it to Congress.

A1 CHUCK   : David, didn't Director Freeh of the FBI say there were 
                   a few hundred cases in which 
A1 CHUCK   : law enforcement couldn't implement court orders in 
                   just one month...What was that about?

Dsobel        : It wasn't for one month, but we really don't know 
                   what the facts are.  Last week, EPIC filed suit
Dsobel        : against the FBI seeking the release of those 
                   statistics.  The FBI has made these claims, but 
Dsobel        : the information has not been released to the public. 
                    EPIC believes that such information must
Dsobel        : be released before any of us can intelligently 
                   discuss the FBI wiretap bill, which call for a
Dsobel        : half billion $ to be spent to make the phone system 
                   "wiretap friendly."

Question   : Where does the funding come from for your center?

Dsobel        : We are supported by individual contributions and 
                   foundation grants.  We're a tax-deductible, non-
Dsobel        : profit organization.

A1 CHUCK   : Our guest has been David Sobel, legal counsel for the 
                   Electronic Privacy Information
A1 CHUCK   : Center.  David, first congrats, you are fighting the 
                   good fight and raising critical
A1 CHUCK   : issues.  I want you back online with us when the FBI 
                   joins us in a few weeks.
A1 CHUCK   : thanks again and bye.  join us in the audience for 
                   the next session if you can.

Dsobel        : Thanks, I've enjoyed it.  Folks can e-mail me for 
                   more info -- <dsobel>.

A1 CHUCK   : Coming up Mark Kellner, who skipped school the day 
                   they taught "shy" will bring his
A1 CHUCK   : talents as Computer Columnist for the Washington 
                   Times and a regular contributor to
A1 CHUCK   : key computer magazines to Mobile Office Online and 
                   talk with a gentleman who is
A1 CHUCK   : really helping shape computer policy in this country. 
                    Professor David J. Farber is a 
A1 CHUCK   : telecommunications professor at the University of 
                   Pennsylvania and from the classroom 
A1 CHUCK   : to the congressional hearing room, he is informed and 
                   outspoken on the issue of privacy.
A1 CHUCK   : He was recently quoted as saying "the key issue is do 
                   you trust your government?
A1 CHUCK   : That may be the key question here.  Professor Farber 
                   before I relinquish the floor or I 
A1 CHUCK   : should say the keys to Mark Kellner of the Washington 
                   Times, let me ask you if you have 
A1 CHUCK   : a sense as to whether the argument about clippers and 
                   such is theoretical or are we 
A1 CHUCK   : actually on the brink of seeing action allowing the 
                   government to put mikes in all our
A1 CHUCK   : hard drives?

DJFarber   : I believe that clipper and the new digital telephony 
                   bills are a first step into what Orwell 
DJFarber   : should have called 1994. It is the start of a slide
DJFarber   : I consider the digital telephony bill the most 
                   dangerous

MarkKel    : Professor, Mark Kellner of The Washington Times here, 
                   when you say it is the start of a slide ...
MarkKel    : ...where do you see the slide ending?

DJFarber   : I see the slide ending with more and more government 
                   intervention
DJFarber   : in our private conversations. It will be the
DJFarber   : equivalent in cyberspace of having mikes in our 
                   living
DJFarber   : and bed rooms.
DJFarber   : I don't think the Clinton/Gore Administration will do that but
DJFarber   : they are setting the stage for some future 
DJFarber   : administration to do it to us

MarkKel    : You said the digital telephony bill is the worst, 
                   would you give our audience a brief description ...
MarkKel    : of the bill and why it is so bad for us?

DJFarber   : The STB allows the government to demand connection 
                   information
DJFarber   : for telephone calls in real time and in much more
DJFarber   : detail and flexibility then we now have. It also
DJFarber   : forces the taxpayer to pay maybe 5 billion to 
DJFarber   : reengineer the telephone system to better spy on us
DJFarber   : Watergate would have been difficult with such a 
                   technology
DJFarber   : eventually they will want email records of who 
                   sends to whom and later what was sent.

A1 CHUCK   : If you just joined us on Mobile Office Online, our 
                   special guest is Professor David 
A1 CHUCK   : Farber of the University of Pennsylvania. He is an 
                   expert on this issue and has
A1 CHUCK   : testified before Congress and been a leader in 
                   focusing on the dangers of invading 
A1 CHUCK   : the privacy of the electronic world.  Mark Kellner of 
                   the Washington Times is with
A1 CHUCK   : us and he has yielded the floor and keyboard to our 
                   audience.  So, Chris Peacock,
A1 CHUCK   : our producer, will invite your questions. 

OnlineHost : OK. Let's take a question from a member of our 
                   audience.
OnlineHost : To ask a question, click on the interact icon at the 
                   top of your screen, 
OnlineHost : type in your question or comment, and click "send."

Question   : The Electronic Frontier Foundation says the 
                   Administration will push for the equivalent of
Question   : the Clipper, just dressed with a new label - do you 
                   agree? 

DJFarber   : The administration will indeed push clipper and 
DJFarber   : will and is trying to internationalize it. Labels 
                   don't make any difference
DJFarber   : it is who holds the keys and whether some future 
                   Nixon can access them.

OnlineHost : Tonight we're discussing the issue of electronic 
                   privacy.
OnlineHost : Joining us is Dave Farber, professor of 
                   telecommunications at the University of Pennsylvania
OnlineHost : and board member of the Electronic Frontier 
                   Foundation.

Question   : Are Online services subject to government regulation?

DJFarber   : I am not a lawyer but my understanding is not in 
                   general
DJFarber   : except there are laws (increasingly more confusing
DJFarber   : that govern the liability and contents that they can 
                   carry

OnlineHost : OK. Let's take another question from a member of our 
                   audience.

Question   : I thought the clipper chip brouhaha was over since 
                   the unbreakable code went out over the
Question   : internet. 

DJFarber   : The attitude of the "public servants" is that they 
                   can slow
DJFarber   : down the use of such codes by commercial and expert 
                   control
DJFarber   : pressures. They did that with DES and will do it 
DJFarber   : with PGP and other codes. They will encourage 
DJFarber   : clipper type. The mass market will choose which one? 
                   Want to guess

Question   : Where is the government getting the technology to do 
                   all this (re: wiretap bill)?

DJFarber   : The are forcing (or will force ) the equipment 
                   manufacturers to
DJFarber   : do the engineering and will pay them for the costs. I 
                   call it the software full employment act of 1994.

OnlineHost : OK. Let's take a question from a member of our 
                   audience.

Question   : Can we get updates on your investigations into 
                   privacy invasions, DF? Or are you doing 
Question   : this research for other reasons?

DJFarber   : The EFF (and others) track that. I am interested 
DJFarber   : from a personal point of view and teach a course 
DJFarber   : at Penn on Computer Ethics and society
DJFarber   : where I go over this stuff 
DJFarber   : Also my home page
DJFarber   : http://macpond.cis.upenn.edu/
DJFarber   : has some materials and pointers.

A1 CHUCK   : Mark Kellner of the Washington Times is with us.  He 
                   usually asks the 
A1 CHUCK   : questions but I want to turn the table.  Mark, is it 
                   politically advantageous for the
A1 CHUCK   : president right now with all his problems to take a 
                   stand favoring clipper.
A1 CHUCK   : Will this issue drift into his 
A1 CHUCK   : reelection campaign?

MarkKel    : It is kind of curious that a President who has a 
                   Legal Defense Fund going is big on this business...
MarkKel    : of going after crime everywhere, including our hard 
                   disk drives. However, I believe that Mr. Clinton..
MarkKel    : will lose points on his general crime bill before the 
                   clipper issue rears its ugly head ...
MarkKel    : however, this won't help Clinton with the techie 
                   community.

A1 CHUCK   : For all of you in the rows who just discovered us, 
                   Professor David Farber of
A1 CHUCK   : University of Pennsylvania is with us.  If you follow 
                   this issue, he is a key player in 
A1 CHUCK   : influencing policy in telecommunications.  Professor, 
                   what are the political realities
A1 CHUCK   : of this issue for the White House and Congress?

DJFarber   : It is hard for a democratic president to be seen as 
                   soft on crime and terrorism. I 
DJFarber   : believe that was the forcing pressure that allowed
DJFarber   : the FBI and NSA to get this going. I believe
DJFarber   : it has taken too much time and energy from the staff
DJFarber   : at the Whitehouse and caused the NII and other 
                   actions
DJFarber   : to slip and die down
DJFarber   : also I see the techies going to a third party if a 
                   rational one develops and
DJFarber   : abandoning the current admin. I have not yet.

OnlineHost : OK. Let's take a question from a member of our 
                   audience.
OnlineHost : To ask a question, click on the interact icon at the 
                   top of your screen, 
OnlineHost : type in your question or comment, and click "send."

Question   : I thought "the government" is "by the people, for the 
                   people".  Yet today "PEOPLE" and
Question   : "GOVT" are treated, even by the media, as separate 
                   entities.  Is something wrong here?  If so
Question   : what, and how did we get here?

DJFarber   : We got there during Nam and Watergate. When I sent 
                   out to
DJFarber   : my interesting people mailing list the clipper 
DJFarber   : material I said the basic question was do you trust 
                   your government
DJFarber   : my 23 year old son said to his generation the term
DJFarber   : trust government had no meaning. The question
DJFarber   : is how do we get back from where
DJFarber   : we are 

OnlineHost : Tonight we're discussing the issue of electronic 
                   privacy.
OnlineHost : Joining us is Dave Farber, professor of 
                   telecommunications at the University of Pennsylvania
OnlineHost : and board member of the Electronic Frontier 
                   Foundation.

Question   : What about the privacy aspect as it regards hackers? 
                    Can't they still tap into your
Question   : privacy?????

DJFarber   : Currently all email and most systems are very 
                   tapable
DJFarber   : the technology exists to make it more robust
DJFarber   : but we don't seem to be getting it
DJFarber   : encrypted links, privacy enhanced mail etc. have been 
                   feasible
DJFarber   : and prototypes for almost 10 years and yet we don't 
                   have it
DJFarber   : time to fix that before the nets are useless and 
                   become the CB radio of the 90s.

MarkKel    : Professor, what about the people who say the entry of 
                   Uncle Sam into the info-bahn is needed ... 
MarkKel    : in order to catch the bad guys, drug dealers, 
                   terrorists and the like is this a valid ...
MarkKel    : argument or is the Administration blowing smoke?

DJFarber   : It is all too easy to say that
DJFarber   : I don't believe any additional laws are needed. We 
                   have laws galore
DJFarber   : much of the real law world is done my leather and 
                   people 
DJFarber   : not electronics
DJFarber   : After all they don't demand to open my main (I hope)
DJFarber   : That's my mail.

A1 CHUCK   : Mark Kellner is the computer columnist for the 
                   Washington Times and has been an 
A1 CHUCK   : editorial director of Mobile Office magazine.  You 
                   can access our articles, product
A1 CHUCK   : comparisons etc. by keywording MOBILE. Coming up 
                   later this hour will be Donn Parker
A1 CHUCK   : from SRI International, a think and action tank with 
                   involvement with this issue.  We are
A1 CHUCK   : here every Wednesday night with an open press 
                   conference.  Chris let's take audience
A1 CHUCK   :  questions until we wrap the half hour up.

Question   : So far, where do you feel "Big Business" stands on 
                   the Clipper issue?

DJFarber   : They are opposed for hard nose business reasons. It 
                   is unlikely that they will be able to
DJFarber   : sell clipper devices off shore (would you want the 
                   govern listening if you were France 

Question   : Professor Farber, have you heard about AT&T's special 
                   task force to go after hackers?  Do
Question   : you think it's ridiculous? 

DJFarber   : It is simplistic and will most likely end up with 
                   them violating our rights if they
DJFarber   : are not super careful. As far as I know that was 
                   never coordinated with anyone .. a grand stand?

A1 CHUCK   : Professor as we wind down this segment, put on your 
                   prophesy hat.  What will
A1 CHUCK   : privacy be like in our electronic world as we end 
                   this century which feels like an hour
A1 CHUCK   : and a half away?

DJFarber   : Hmmm
DJFarber   : I suspect we will be in an era where you will not do 
                   whistle blowing over the network and phone
DJFarber   : and will be careful with what you say. I think the 
                   odds are even
DJFarber   : that any form of encryption save clipper type will be 
                   outlawed and like guns will
DJFarber   : be only available to law breakers (in the main) 
DJFarber   : Wish I felt a lot better. It is a hard task 
DJFarber   : for EFF and EPIC cooperating together to protect our 
                   remaining bill of rights

A1 CHUCK   : Thank you professor Farber..wish we could all visit 
                   your class. Wait a minute.
A1 CHUCK   : We can.  How about us arranging to get transcripts 
                   of some of your talks
A1 CHUCK   : and bringing them online as part of our Mobile Office 
                   reference library.  

DJFarber   : Sure thing. I will send transcripts (wish I could 
                   send audio).

A1 CHUCK   : We will be in touch.  Bye and join us in the audience as
                   we welcome 
                   Donn Parker of SRI International.
A1 CHUCK   : Thanks to Mark Kellner who joins us each week to add 
                   his perspective as computer
A1 CHUCK   : columnist for the Washington Times. Bye Mark and 
                   thank you.
A1 CHUCK   : For the next half hour we are joined by the 
                   distinguished, always outspoken and informed
A1 CHUCK   : editor of Mobile Office magazine Dan Rosenbaum.  He 
                   will be interviewing our special
A1 CHUCK   : guest Donn Parker a senior management consultant at 
                   SRI International which I call
A1 CHUCK   : an action and think tank.  As a beginner, Donn can 
                   you explain SRI's interest and niche
A1 CHUCK   : in this issue and what you focus on...then its all to 
                   Dan and the audience.

DonnParker : WE have an infosec consulting service to large 
                   international companies and provide an ongoing
DonnParker : service of infosec to about 68 large international 
                   corps.

Mobiledit  : Is your business to teach companies how to secure 
                   their systems?

DonnParker : Yes, to achieve a standard of due care over their 
                   info assets

Mobiledit  : What qualifies as "due care"? How do you define that?

DonnParker : Due care is to use those infosec controls used by 
                   other well run companies or are low cost and work.

Mobiledit  : Is the goal to protect against threats from outside a 
                   company or inside?

DonnParker : Protect from all sources whether natural, accidental, 
                   intentional, inside or outside

Mobiledit  : Which is the greatest threat -- natural, manmade, 
                   accidental, intentional, inside, outside 

DonnParker : We don't know because there are no valid surveys or 
                   statistics on losses. most victims hide their loss

Mobiledit  : Is hiding the loss a good idea? Shouldn't companies 
                   share info about threats?

DonnParker : It's not good business to admit such things, but good 
                   citizenship requires reporting to the authorities

Mobiledit  : OK -- let's take some questions from our audience. 
                   Chris?

OnlineHost : Tonight we're discussing the issue of electronic 
                   privacy.
OnlineHost : Onstage is Donn Parker, senior management consultant 
                   for SRI International,
OnlineHost : a not-for-profit research and consulting 
                   organization.
OnlineHost : To ask a question, click on the interact icon at the 
                   top of your screen, 
OnlineHost : type in your question or comment, and click "send."

Question   : The national health care that is now being debated in 
                   congress contains provisions for a
Question   : national heath care data network. Doesn't anyone 
                   worry that having intimate medical information
Question   : centralized threatens individual privacy? 

DonnParker : Centralized info where it can be protected well is 
                   and advantage.

Mobiledit  : But can it be adequately protected?

DonnParker : Yes, but it requires high motivation from the 
                   providers that comes from law litigation, and 
DonnParker : social pressure.

OnlineHost : OK. Let's take a question from a member of our 
                   audience. 

Question   : How do you feel about companies using their own 
                   encryption, instead of the governments 
Question   : standard-i.e., the Clipper Chip?

DonnParker : I recommend use of their own but they must be careful 
                   to avoid information anarchy and absolute privacy

Mobiledit  : Is information anarchy and absolute privacy the same 
                   thing, or am I misunderstanding?

DonnParker : Information anarchy is where those employees who 
                   encrypt and thus control info are different from
DonnParker : those who are accountable for the security of the 
                   info.
DonnParker : Absolute privacy is the use of strong unescrowed 
                   crypto .

Mobiledit  : Interesting. Thanks. From the audience?

Question   : Don, where can I get more info on implementing 
                   privacy enhanced mail on UNIX, DOS, and Mac?

DonnParker : Contact the RSA company that licenses crypto to many 
                   companies that supply PEM.

OnlineHost : This is Mobile Office Online's open press conference.
OnlineHost : Tonight we're discussing the issue of electronic 
                   privacy.
OnlineHost : Onstage as Mobiledit is Dan Rosenbaum, editor of 
                   Mobile Office magazine.
OnlineHost : Onstage is Donn Parker, senior management consultant 
                   for SRI International,
OnlineHost : a not-for-profit research and consulting 
                   organization.
OnlineHost : OK. Let's take a question from a member of our 
                   audience. 

Question   : How can people be expected to report these things, 
                   when they have no idea what the laws
Question   : are or even a reasonable degree of computer literacy? 
                    When the perpetrators have all the weapons?

DonnParker : They know when they have been victimized.  Its the 
                   same old crime, fraud theft, larceny,

Mobiledit  : Do perps really have all the weapons?

DonnParker : They have a great advantage.  We are forced to play 
                   the game by their rules, and we don't even know
DonnParker : the game. 

Question   : Isn't easier to set a standard that email is only for 
                   public info until security
Question   : technology catches up?

DonnParker : Security technology is already catching up.  It's the 
                   use of it that hasn't caught up.  You can be
DonnParker : as secure as you want to be.  It's a matter of 
                   motivation, cost, and effort.

Mobiledit  : The half-hour has flown. Donn Parker, senior 
                   management consultant at SRI International,
Mobiledit  : I wish we could take more of your time. Thanks *very* 
                   much for your help and comments,
Mobiledit  : and thanks to all those tuning in. We're late; please 
                   join us next week on
Mobiledit  : Mobile Office Online.
Mobiledit  : Good night.

OnlineHost : Thank you for joining us. 
OnlineHost : For a transcript of this conference, check out Mobile 
                   Office Online's software library.

OnlineHost : Copyright Cowles Business Media, 1994

