The Art of Technology Digest Wednesday, July 29th, 1992 %%AoT%%%%AoT%%%%AoT%%%%AoT%%%%AoT%%%%AoT%%%%AoT%%%%AoT%%%%AoT%%%%AoT%%%%AoT%% Editor: Chris Cappuccio (ccappuc@caticsuf.cati.CSUFresno.EDU) Archivist: David Mitchell, Sysop, Live Wire BBS +1 313 464 1470 [AoT Digest] Contents #1 (Wed, July 29, 1992) Article 1: Welcome to AoT Digest! Article 2: Are You a Hacker? (CuD #4.33 Reprint) Article 3: New! 386BSD Release 0.1! Article 4: Linux 96c.pl2 InfoSheet Article 5: CyberCrime International Network Article 6: Sysop Arrested For Selling Porno Files To Juveniles Article 7: CPSR Recommends NREN Privacy Principles Article 8: DNA databanking The Art of Technology Digest is distributed in the following ways: E-MAIL: Send e-mail to ccappuc@caticsuf.cati.CSUFresno.EDU and then put in the letter, "Please add my E-Mail address to the mailing list." and you MUST include the maximum number of lines/bytes your site will accept in a single e-mail message. If you are not sure about this, ask your system operator. You can also include any comments or anything else you want, including an article submission. BBS: Call +1 313 464 1470, Live Wire BBS. This system maintains a complete collection of AoT Digest. Speeds are 12oo/24oo/HST-96oo/HST-14,4oo The Art of Technology Digest is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. AoT-D material may be reprinted as long as the source is cited. Some authors do copyright their material, and they should be contacted for reprint permission. It is assumed that non-personal mail at the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. All articles for submission should be sent to: ccappuc@caticsuf.cati.CSUFresno.EDU DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. Verbosity leads to unclear, inarticulate things. -- Vice President Dan Quayle --------------------------------------------------------------------------- Date: Tues, 28 Jul 92 From: AoT-D Editor, Chris Cappuccio Subject: Article 1--Welcome to AoT Digest! Welcome to the first issue of Art of Technology Digest!! AoT Digest is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. AoT-D material may be reprinted as long as the source is cited. Some authors do copyright their material, and they should be contacted for reprint permission. It is assumed that non-personal mail at the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. The idea (and the format and one of the articles) of AoT Digest is from Cu-Digest. Anyways this newsletter is for discussion of the computer underground. It is NOT a hack/phreak newsletter, just a rip-off of CuD with different information. Make a new file base and you're set. I want to make this a weekly newsletter but since it's very small now, expect something each few weeks or so. Many of the things you should expect to find are CPSR press releases and various other Usenet articles and responses from our readers. Hmm.. I am also hoping to make a newsgroup for AoT Digest but I can't find the FAQ response. "Frequently Asked Question: Where do I get the response from the 'how to start a newsgroup' FAQ???". You may also be wondering what I moderate. Well, I assemble the whole thing, take out any high-ASCII and replace it with normal ASCII and put in references. Words in the articles are not changed. We REALLY want responses, either posted on Live Wire (See DISTRIBUTION in the beginning for the phone number) or E-Mailed to me (ccappuc@caticsuf.cati.CSUFresno.EDU). If you have anything to say, PLEASE respond! ---------------------------------------------------------------------- Date: Fri, 24 Jul 1992 11:19:47 PDT From: Bob Bickford Subject: Article 2--Are You a Hacker? (CuD #4.33 Reprint) [[ED: I will try not to have CuD reprints but this was a good article]] ARE YOU A HACKER? by Robert Bickford Are you a Hacker? How would you know? If all you know about the word is what you've seen on the evening news, or read in a magazine, you're probably feeling indignant at the very question! But do those magazine-selling headlines really describe what a Hacker is? Some time ago (MicroTimes, December 1986) I defined a Hacker as "Any person who derives joy from discovering ways to circumvent limitations." The definition has been widely quoted since that time, but unfortunately has yet to make the evening news in the way that a teenager who robs a bank with his telephone does. Does that teenaged criminal fit my definition? Possibly. Does that fact make all, or even most, Hackers criminals? (Does that fact make all or most Hackers teenagers?) Of course not! So why is there such widespread misinformation about Hackers? Very simply, it's because the criminal hackers, or 'Crackers', have been making news, while the rest of us are virtually invisible. For every irresponsible fool writing a virus program, there are at least twenty software engineers earning a living "...discovering ways to circumvent limitations." When the much-publicized InterNet worm was released by an irresponsible hacker, hundreds of other Hackers applied their considerable talents to the control and eradication of the problem: the brilliance and creativity brought to this task are typical of the kind of people --- Hackers ---that my definition is meant to describe. Working on the yearly Hackers Conferences has been a mixed experience: on the one hand, helping to bring together 200 of the most brilliant people alive today, and then interacting with them for an entire weekend, is immensely rewarding. On the other hand, trying to explain to others that the Hackers Conference is not a Gathering of Nefarious Criminals out to Wreak Havoc upon Western Civilization does get a bit wearing at times. Also, trying to convince a caller that repeatedly crashing his school district's computer from a pay phone will not, emphatically not, qualify him for an invitation to the conference can be a bit annoying. None of this would be a problem if we hadn't let a small minority --- the Crackers --- steal the show, and become associated with the word 'Hacker' in the minds of the general public. The attendees at the Hackers Conferences --- many of whom hold PhDs, and/or are Presidents or other upper management of Fortune 500 companies --- are (quite understandably) very indignant at being confused with these Crackers. Taking myself as an example --- no, I don't have a PhD, my only degree is from the School of Hard Knocks, and no, I'm not working in management ---when this article was first published [1989] I was writing software for a company that builds medical image processing equipment. My code controls a product that can, and often does, either improve the quality of medical care, reduce the cost, or both. When I develop a piece of software that goes around some limit I feel very happy, and can often find myself with a silly grin plastered across my face. When some ignorant reporter writes a story that equates the work I do with expensive but childish pranks committed by someone calling himself a "Hacker", I see red. Are you a Hacker? If you want to break rules just for the sake of breaking rules, or if you just want to hurt or "take revenge" upon somebody or some company, then forget it. But if you delight in your work, almost to the point of being a workaholic, you just might be. If finding the solution to a problem can be not just satisfying but almost an ecstatic experience, you probably are. If you sometimes take on problems just for the sake of finding the solution (and that ecstatic experience that comes with it), then you almost certainly are. Congratulations! You're in good company, with virtually every inventor whose name appears in your high school history book, and with the many thousands of brilliant people who have created the "computer revolution." What can we do about all that bad press? Meet it head on! Tell the people you work with that you're a Hacker, and what that means. If you know somebody whose work habits, style, or personality make them pretty clearly a Hacker, tell them so and tell them what you mean by that. Show them this article! Meanwhile, have fun finding those solutions, circumventing those limitations, and making this a better world thereby. You are an Artist of Technology, a Rider of the Third Wave, and at least you can enjoy the ride! Bob Bickford is a software consultant who lives in Marin County, often Hacking late into the night, and (usually) enjoying it immensely. His wife, Greta, only tolerates this because she's an animation hacker and sometimes does the same thing. Bob can be reached through InterNet at rab@well.sf.ca.us (An edited version of this article appeared in Microtimes in early 1989. Copyright (c) Robert Bickford, 1989, 1992) +++ Robert Bickford "A Hacker is any person who derives joy from rab@well.sf.ca.us discovering ways to circumvent limitations." rab'86 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- "I recognize that a class of criminals and juvenile delinquents has taken to calling themselves 'hackers', but I consider them irrelevant to the true meaning of the word; just as the Mafia calls themselves 'businessmen' but nobody pays that fact any attention." rab'90 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ------------------------------ Date: Tues, Jul 28, 1992 From: AoT-D Editor, Chris Cappuccio Subject: Article 3--New! 386BSD Release 0.1! [[ED: This is edited notes from the installation docs and distribution list Remember that 386BSD is a FREE operating system, if you have a 386/486 and 50 megs to spare, I strongly recommend that you get this. At the end is the list of anonymous FTP sites to get 386BSD. Have fun!!]] Welcome to 386BSD Release 0.1, the second edition of the 386BSD operating system created by William and Lynne Jolitz. Like its predecessor, 386BSD Release 0.0, Release 0.1 comprises an entire and complete UNIX-like operating system for the 80386/80486-based AT Personal Computer. 386BSD Release 0.1 is an enhanced version of the origi- nal release done by William F. Jolitz, the developer of 386BSD. 386BSD Release 0.0 was based on the Networking Software, Release 2 from the University of California at Berkeley EECS Department, and included much of the 386BSD work done earlier by Bill and contributed by us to the University. The latest release, 386BSD Release 0.1, con- tains new work by the developer and many new items which have been freely contributed by other software developers for incorporation into 386BSD (see the file CONTRIB.LIST). These contributions have increased the functionality and made it more robust. 386BSD is intended for research, development, educa- tion, and just plain exploration. Source, Binary, Installa- tion, and Fix-It floppies are available at a large number of sites. There are many user groups, support groups, computer societies and individuals who are supplying and running 386BSD and they are good sources of information and support. 386BSD Release 0.1 is intended to be widely used by those interested in "pushing the envelope" towards the for- mation and development of innovative ideas in computer tech- nology. As such, we have spent considerable time developing a system which is simple to partition and install and emphasizes stability and completeness. Among the many new features of 386BSD (from release 0.0): * New "Tiny 386BSD" System Installation Floppy * Simplified installation procedures. * 386BSD partitioning for use on an MS-DOS system. * Compressed, multivolume CPIO dump format binary/source/other distribution sets on MS-DOS flop- pies. * 387 emulation. * SCSI support. * CD-ROM support. * NFS, TCP/IP and full networking. * New 386BSD "Fix-It" System Maintenance Floppy. * New "Additional User Software" MS-DOS floppy dump. << 386BSD RELEASE 0.1 -- DISTRIBUTION HOST SITES >> agate.berkeley.edu 128.32.136.1 gatekeeper.dec.com 16.1.0.2 MATH.ORST.EDU 128.193.16.60 UTKUX1.UTK.EDU 128.169.200.67 terminator.cc.umich.edu 141.211.164.8 nic.funet.fi 128.214.6.100 dsuvax.dsu.edu 138.247.32.2 altair.cis.ksu.edu 129.130.10.84 hpcsos.col.hp.com 15.255.240.16 [ Internal HP sites only ] math.niu.edu 131.156.3.4 sune.stacken.kth.se 130.237.234.42 raquel.doc.ic.ac.uk 146.169.11.3 rusmv1.rus.uni-stuttgart.de 129.69.1.12 HELIUM.CLUB.CC.CMU.EDU 128.2.55.10 banjo.concert.net 192.101.21.6 kirk.bu.oz.au 131.244.1.1 grand.central.org 192.54.226.100 pascal.math.fu-berlin.de 130.133.4.50 capella.eetech.mcgill.ca 132.206.1.17 ftp.ibr.cs.tu-bs.de 134.169.34.15 f.ms.uky.edu 128.163.128.6 azathoth.sura.net 128.167.254.184 ------------------------------ Date: 07/24/92 From: Linus Benedict Torvalds Subject: Article 4--Linux 96c.pl2 InfoSheet finger torvalds@kruuna.helsinki.fi Free UNIX for the 386 The current version of linux is a 0.96c, released 92.07.04. There is a 0.96 rootdisk that should be used with the new versions: it fixes a lot of things with the old rootdisks and contains more programs due to the shared libraries. Patch 2 to 0.96c was released 92.07.18, and implemented the msdos filesystem as well as correcting some problems with the IRQ code. 0.96c supports X11r5 and the new gcc-2.1 (and newer) libraries with multiple shared libs - as well as any old binaries (except the 0.12 version of gdb which used the older ptrace() interface). 0.96c also contains support for debugging (core-dumping and attach/detach) as well as profiling (use gcc-2.2.2 for the profiling code) Linux can be gotten by anonymous ftp from 'nic.funet.fi' (128.214.6.100) in the directory '/pub/OS/Linux'. This directory structure contains all the linux OS- and library-sources, and enough binaries to get going. To install linux you still need to know something about unices: it's relatively straightforward to install, but the documentation sucks raw eggs, and people with no previous unix experience are going to get very confused. There are now a lot of other sites keeping linux archives. Some of them are: tsx-11.mit.edu (18.172.1.2): directory /pub/linux banjo.concert.net (192.101.21.6): directory /pub/Linux yagi.ecei.tohoku.ac.jp (130.34.222.67) (and many additional sites: there are now sites in the uk, japan etc that carry linux, but I have lost count) There is also a mailing list set up 'Linux-activists@niksula.hut.fi'. To join, mail a request to 'Linux-activists-request@niksula.hut.fi'. It's no use mailing me: I have no actual contact with the mailing-list (other than being on it, naturally). There is also a newsgroup that contain linux-related questions and information: comp.os.linux. Mail me for more info: Linus Torvalds (torvalds@kruuna.Helsinki.FI) Pietarinkatu 2 A 2 00140 Helsinki Finland 0.96c.pl2 has these new features (relative to unpatched 0.96c) - select() through the VFS routines - faster and more general sleep/wakeup routines - easily installable IRQ's - bus-mouse driver - msdos filesystem 0.96c has these new features (relative to 0.96b) - alpha-testing code of the extended filesystem - serial line changes (changeable irq's etc) - pty/console fixes. ------------------------------ Date: 7/19/92 From: Midnight Sorrow Subject: Article 5--CyberCrime International Network +---------------------------------------------------+ | CYBERCRIME INTERNATIONAL NETWORK | | CURRENTLY OFFERED SUBBOARDS: (Updated 07/19/92) | +---------------------------------------------------+ +----------------------------------------------------------------------+ | COMPUTER-RELATED: | | | | | | INF-GRUP Groups | Elite Group Discussion | | INF-BBS BBS Ads | ANSi System Advertisements | | INF-PROG Programming | Turbo Pascal, Turbo C, Assembly | | INF-BSFT BBS Software | BBS Software Discussion | | INF-MTSK Multitasking | DESQview, Windows, OS/2, Unix | | INF-TECH Technical Talk | High Technology Discussion | | INF-PARS Paragon Support | Paragon/Revelation Support | | INF-SBRD Sound Board Support | Adlib, Soundblaster, etc | |----------------------------------------------------------------------| | ART GROUP ECHOES: | | | | | | INF-ICE iCE | Insane Creator Enterprises | | INF-LTD LTD | Licensed To Draw | | *INF-TIA TiA | The Insane Artists | | *INF-ACID ACiD | ANSi Creators in Demand | | INF-DEAD DeAD | Damn Excellent Art Designers | | INF-GRIM GRiM | Graphics Rendered in Magnificence | | INF-MIRG MiRAGE | MiRAGE - Redefining Elite | |----------------------------------------------------------------------| | ILLEGAL ACTIVITIES: | | | | | |% INF-PYRO Explosives | Manufacturing Combustibles | | INF-PHC Hack/Phreak #1 | Basic Hack/Phreak Discussion | |% INF-HAK Hack/Phreak #2 | Advanced Hack/Phreak Discussion | |% INF-VIRI Virus Discussion | Viral Programming and Defense | | INF-NPD Software Releases | New Software Discussion | |% INF-REVG The Art of Revenge | What Comes Around Goes Around | |----------------------------------------------------------------------| | INTELLIGENT DISCUSSIONS: | | | | | | INF-POEM Creativity | Poetry, Short Stories, Etc | | INF-PARA The Occult | Paranormal/Parapsychology | | INF-NEWS World Occurances | World News and Politics | | INF-DRUG Controlled Substances | Drugs and Addictive Substances | |----------------------------------------------------------------------| | MUSIC: | | | | | | INF-METL Metal | Rock/Heavy Metal | | INF-BASS Bass/Rap | The Quest For The Boom | | *INF-MUSI Musicians | Musicians & General Music | | INF-ALT Progressive | Alternative/Techno Tunes | | INF-LYRC Music Lyrics | Assorted Music Lyrics Forum | |----------------------------------------------------------------------| | MISCELLANEOUS: | | | | | | INF-COMC Comics | Comic Book Discussion | | INF-BUY For Sale | Classified Advertisements | | INF-KING Stephen King | Stephen King and Other Horror | | INF-BOOK Books & Reading | New Books and Stories | | INF-MOVI Movies/Television | Visual Entertainment Discussion | |! INF-GEN General Discussion | Miscellaneous Bullshit | |----------------------------------------------------------------------| | SYSOPS/CO-SYSOPS ONLY: | | | | | |! INF-SYS CyberCrime Sysops | Network Sysop Echo | |! INF-TEST Test Message Echo | New Site Message Testing | |! IMPERIAL Imperial Sysop Net | International SysOp Connection | +----------------------------------------------------------------------+ * = New To CyberCrime ! = Required For ALL CyberCrime Systems % = H/P Restricted - Available Only To Qualified Systems and Users CyberCrime International Network is seeking new nodes to add to its rosters. CyberCrime International Network is a high activity, elite- oriented, large-growth-potential, intelligent-discussion-based network. If you are running a Fidonet-compatible system then please continue reading. (ie: LSD, Telegard, TAG, WWiV, Remote Access, Omega, QBBS, Paragon, Infinity, Revelation, Cypher, PCBoard, Prodoor, and versions of Celerity, Prism, and other Forum Hacks possibly supporting FidoNet.) One of the most unique aspects of CyberCrime (over most OTHER networks) is that you don't need to have ALL of these subboards on your system. Select ONLY the ones you or your users are interested in. Aside from the three required subs (see ! above), that's all you need to carry, and you can always add in more subs in the future. If you're interested, call Infinite Darkness. 3O5-525-4722, all baud rates supported. You may either apply as a NEW user, or login as handle = CYBERCRIME and password = DEATH. Follow the instructions, and fill out the CyberCrime Node Application. Once you are through, create a new, validated account on your system, as handle = MIDNIGHT SORROW, password = INK and phone = xxx-xxx-9435. Midnight Sorrow will eventually call your board (it MUST be a full-time system!), login, and upload everything you need to join. Setup is easy, and extensive help is available should you need it. CONSIDER IT! Later, Midnight Sorrow. ------------------------------ Date: Thu Jul 23 00:27:24 1992 From: aa381@cleveland.Freenet.Edu Subject: Article 6--Sysop Arrested For Selling Porno Files To Juveniles **SYSOP ARRESTED FOR PORNO FILES TO JUVENILES** Mark Lehrer, sysop of AKRON ANOMALY BBS MUNROE FALLS OH, July 21, 1992. Munroe Falls Police Chief Steve Stahl knows computers are big with kids these days, but he never thought he'd see the day when a healthy 15-year-old boy would choose a floppy disk over a Playboy centerfold. But now that Stahl's seen some of the floppy disks popular with local youths, he understands the fascination. "Give me any kid, I know what he's going to download," Stahl said. In May, Munroe Falls Police received a complaint from a resident who feared that a local computerized community BBS containing sexually explicit material might be accessible to children. Stahl said the resident showed him files called "Alison" and "amber," both of which featured naked women. He told the concerned resident, "Oh, well, I can see how that would be upsetting." For the past two months, police conducted an investigation and sting using a local 15-year-old boy. After the youth was able to hook into the BBS, police arrested Mark Lehrer, 22, owner and operator of AKRON ANOMALY, a 1000 member BBS. POLICE ALSO SEIZED ALL OF LEHRER'S COMPUTER EQUIPMENT. Lehrer is accused of distributing graphic sexual material via a computer modem from the Munroe Falls home of his parents, David and Susan Lehrer. His father, also a computer professional, is chairman of the Village's Charter Review Commission. Mark has been charged in Cuyahoga Falls Municipal Court with one count each of disseminating matter harmful to juveniles and possession of criminal tools - in this case, his computer and graphic files. A preliminary hearing is scheduled for July 21, 1992. The case will probably be turned over to a Summit County Grand Jury, which means potential indictment for a felony and, if convicted, over a year in state prison. Chief Stahl said this will be the first case in northeast Ohio and one of the first in the state, in which an adult is accused of distributing graphic sexual materials *to juveniles* via a computer. "There's not a whole lot of case law on this kind of this," he said, adding that most material comes from books, magazines or movies. According to Stahl, members of AKRON ANOMALY paid $15 to $30 a year to call the board, giving access to games like chess, basketball, euchre, programming instructions and *.GIF files - (G)raphic (I)nterface (F)iles, that feature pictures from James Bond to Capt. Kirk to Scooby-Doo. Some are labeled specifically for adults and are not supposed to be accessible to those under 18, while many others are contained in a general directory. However, when police seized Lehrer's records, they found that even the "clean" files contained images "not entirely wholesome." "One was Bugs Bunny eating a carrot, one was Bart Simpson riding a skateboard, and one was called (a slang term for oral sex) and that was in the 'clean' file," Stahl said. Stahl said many files not listed in the "adult" category contained pictures of naked women and of naked women engaging in sexual acts. One file allegedly shows a nude image of Christina Applegate, who plays "Kelly" on the TV show "Married with Chil- dren." "Parents are happy their kids are upstairs using their computers. The one parent we talked to was thrilled they weren't finding PLAYBOY magazine. Well, I've got news for you, this is a rude awakening," Stahl said. In addition to the "graphic still images," juveniles were able to access adult movies, which are shown on computer monitors. "It's like watching cable TV. It's a very clear picture," Stahl said. Stahl said computer experts with the Ohio Bureau of Criminal Identification and Investigation are reviewing the hundreds of computer files seized from Lehrer's home. Stahl said it's possible that some of the games and movies are being accessed in violation of copyright laws. "I'm not saying it's obscene because I'm not getting into that battle, but it's certainly not appropriate for kids, especially without parental permission," Stahl said. ============================================ Adapted by Jeff Gerber, lawyer/sysop aa381@cleveland.freenet.edu from The Cleveland Plain Dealer, July 21, 1992, story by Deborah A. Winston, PD Reporter. Anyone with further data on this or similar cases is invited to post it here. -- Jeff Gerber, lawyer/sysop aa381@Cleveland.freenet.edu PLEASE NOTE: The information contained on this system is not intended to supplant individual professional consultation, but is offered as a community education service. Advice on individual problems should be obtained directly from a professional. ------------------------------ Date: Wed, 29 Jul 1992 15:27:38 EDT From: Paul Hyland Subject: Article 7--CPSR Recommends NREN Privacy Principles PRESS RELEASE July 24, 1992 CPSR Recommends NREN Privacy Principles WASHINGTON, DC -- Computer Professionals for Social Responsibility (CPSR), a national public interest organization, has recommended privacy guidelines for the nation's computer network. At a hearing this week before the National Commission on Library and Information Science, CPSR recommended a privacy policy for the National Research and Education Network or "NREN." Marc Rotenberg, Washington Director of CPSR, said "We hope this proposal will get the ball rolling. The failure to develop a good policy for the computer network could be very costly in the long term." The National Commission is currently reviewing comments for a report to the Office of Science and Technology Policy on the future of the NREN. Mr. Rotenberg said there are several reasons that the Commission should address the privacy issue. "First, the move toward commercialization of the network is certain to exacerbate privacy concerns. Second, current law does not do a very good job of protecting computer messages. Third, technology won't solve all the problems." The CPSR principles are (1) protect confidentiality, (2) identify privacy implications in new services, (3) limit collection of personal data, (4) restrict transfer of personal information,(5) do not charge for routine privacy protection, (6) incorporate technical safeguards, (7) develop appropriate security policies, and (8) create an enforcement mechanism. Professor David Flaherty, an expert in telecommunications privacy law, said "The CPSR principles fit squarely in the middle of similar efforts in other countries to promote network services. This looks like a good approach." Evan Hendricks, the chair of the United States Privacy Council and editor of Privacy Times, said that the United States is "behind the curve" on privacy and needs to catch up with other countries who are already developing privacy guidelines. "The Europeans are racing forward, and we've been left with dust on our face." The CPSR privacy guidelines are similar to a set of principles developed almost 20 years ago called The Code of Fair Information practices. The Code was developed by a government task force that included policy makers, privacy experts, and computer scientists. The Code later became the basis of the United States Privacy Act. Dr. Ronni Rosenberg, who has studied the role of computer scientists in public policy, said that "Computer professionals have an important role to play in privacy policy. The CPSR privacy guidelines are another example of how scientists can contribute to public policy." For more information about the Privacy Polices and how to join CPSR, contact CPSR, P.O. Box 717, Palo Alto CA 94302. 415/322-3778 (tel) and 415/322-3798 (fax). Email at cpsr@csli.stanford.edu. [Moderator's note: The full text of the referenced NREN Privacy Principles is available from the CPSR Listserv file server. Send the command: GET NREN PRIVACY to listserv@gwuvm.gwu.edu, as the text of an e-mail message. -peh] ------------------------------ Date: Wed, 29 Jul 1992 15:31:25 EDT From: Gary Chapman Subject: Article 8--DNA databanking Today (7/28) the Wall Street Journal features an article (page B1) on DNA databanking, the FBI's computer database of DNA data, and the concerns of critics. The article reports that fifteen states now have DNA databanking programs, and it is estimated that double that number will have such programs in place by 1995. There have been 600 trials using DNA as evidence since 1988. Next year the FBI is scheduled to link state programs in a nation-wide computer network. The article describes the first "cold search" of DNA databanks, in a Minnesota case in which a defendant was arrested for the rape and murder of a Minneapolis woman on the basis of a DNA match appearing in the state's computerized system. The crime-scene DNA was acquired from a sperm sample and it matched a sample collected from a convicted sex offender when he was a prisoner. Last week the Massachusetts Supreme Judicial Court, the highest court in the state, ruled that DNA matching may not be used as conclusive prosecutorial evidence in a criminal trial, although the lack of a match can be used as a defense. Massachusetts is the only state in the country that has produced such a court ruling -- all of the other 40 appellate court rulings have been in favor of using DNA evidence in support of the prosecution's case. The Massachusetts court said that there is insufficient scientific consensus on the validity of DNA matching. The court cited a recent report by the National Research Council, which said that the state of the art leaves the technology open to doubt. But this could change in the future, and the Massachusetts ruling does not rule out DNA evidence if the technology generates a tighter scientific consensus. Nachama Wilker, executive director of the Council for Responsible Genetics in Cambridge, Massachusetts, says that the collection of DNA samples from all prisoners is a slippery slope that will affect the use of DNA in non-criminal social transactions, such as eligibility for insurance, employment opportunity, and other forms of discrimination. She says in The Wall Street Journal that there are no guarantees that DNA data collected from prisoners will be used exclusively for criminal justice procedures, and she argues that DNA evidence should only be used for serious crimes with demonstrated patterns of repeated offenses. Some states have passed legislation protecting the confidentiality of DNA data, such as Wisconsin, which prohibits DNA data from being used for insurance eligibility or employment evaluation. Only five states have such laws on the books, however. Some public interest advocates are supporting a DNA Identification Bill in the Congress, already passed by the House, that would enforce confidentiality, limit the use of DNA data, and impose federal standards on state laboratories. The NRC report also called for laboratory accreditation by federal agencies. ------------------------------ ********************************** End of Art of Technology Digest #1