ebook img

Confidential Information Sources. Public and Private PDF

390 Pages·1991·20.521 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Confidential Information Sources. Public and Private

Confidential information Sources: Public and Private Second Edition John M. Carroll Butterworth-Heinemann Boston London Oxford Singapore Sydney Toronto Wellington Copyright © 1991 by Butterworth-Heinemann, a division of Reed Publishing (USA) Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or trans- mitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Recognizing the importance of preserving what has been written, it is the policy of © Butterworth-Heinemann to have the books it publishes printed on acid-free paper, and we exert our best efforts to that end. Library of Congress Cataloging-in-Publication Data Carroll, John Millar. Confidential information sources, public & private / John M. Carroll.—2nd ed. p. cm. Includes bibliographical references and index. ISBN 0-7506-9018-6 1. Privacy, Right of—United States. 2. Investigations. 3. Records. I. Title. II. Title: Confidential information sources, public and private. JC596.2.U5C37 1991 323.44'8'0973—dc20 91-8947 CIP British Library Cataloguing in Publication Data Carroll, John M. Confidential information sources: public and private.— 2nd. ed. 1. Computers. Data. Privacy I. Title 323.448 ISBN 0-7506-9018-6 Butterworth-Heinemann 80 Montvale Avenue Stoneham, MA 02180 10 987654321 Printed in the United States of America To my wife, BiJJie, and our children: Jack, Bill, Rob, Rick, Sandi, Alex; and posthumously to Jim. Foreword to the Second Edition When I was a boy, I regularly listened to a radio show called "The Shadow." The program opened with a sinister voice intoning, "Who knows what evil lurks in the minds of men? The Shadow knows!" That message was followed by a sinister laugh that faded away. Today, evil still lurks in the minds of some men (and women too), but the mind is no longer the only repository of evil. We now have easy access to thousands of databases that, in the hands (and minds) of a few people, can cause much evil. Personal databases now contain the latest information on our physical and financial health; political and religious affiliations; record of arrests, con- victions, and moving traffic violations; voting patterns; school and employ- ment records; real estate and other holdings; pending lawsuits; divorces; debts; bankruptcies; and so forth. The fact that these databases exist is not a matter of recent history. Such data were available in the era of manual recordkeeping. But data was not available as readily nor as cheaply as they are in today's computerized era. Computer technology has therefore foisted upon us an ethical dilemma: How do we balance the need of commercial enterprises for more and more per- sonal information about their customers, suppliers, contractors, employees, and applicants with the privacy rights of the latter parties? Professor John Carroll addresses that issue with pragmatic insight in this book. No newcomer to the field nor muckraking journalist, Jack Carroll brings 40 years of teaching and technical experience to bear on the question of how much personal data collection and storage is too much in a demo- cratic, free-enterprise society. Personal information databases and privacy are ethical concerns of the first order. As a western society, our tendency has been to shoot first and ask questions later. We invent and implement technology long before any ethicist gives serious thought to the societal consequences. By that time, capital investments have been made; people have been employed; and political sup- port has been sought and won over. Then comes the ethicist seeking to clarify rights and obligations, but by then, it may be too late to undo the damage. xi xii CONFIDENTIAL INFORMATION SOURCES We have seen similar incidents in related aspects of modern life. On the environmental scene, chemicals were emitted for years before anyone got around to studying the long-term effects on human and animal life. Until Rachel Carson discovered that fish and wildlife were adversely affected by pesticides, little concern was shown either by scientists or ethicists. The rapid rate of technological progress did not perhaps provide enough time for the study of environmental impacts—many of which were not discernible in the short term. Correcting these abuses now will cost us mightily. So we may be stuck with the acid rain, ozone, contaminated soils, and ground water problems for some time to come. Indeed some scientists believe man has already created lasting and irreversible problems in the environment. In that context, Professor Carroll's book is timely. The damage done to our privacy by cheap and easy to access personal information databases is significant but not irreversible with some added measure of ethical and legal constraint. Dr. Carroll's book should provide an impetus for such legal and ethical constraint. Jack Bologna, JD, CFA Preface and Acknowledgments for the Second Edition Gathering information for the second edition of Confidential Information Sources: Public and Private (1989-1991) was infinitely more difficult than gathering it for the first edition (1970-1972). Not only was it harder to do as a private individual working alone, rather than as chief investigator of a gov- ernment task force with staff investigators, clerical backup, and the power of subpoena lurking in the background; the social and political climate also was different. Privacy was not a virtue in the greedy 1980s. Nor is it a cause for con- cern in the needy 1990s. People have more urgent priorities. Governments, too, have changed all over the world in the last 20 years as liberal regimes were toppled by conservative onslaughts. If the right wing believes in privacy at all, it is a right to be enjoyed by big corporations and the well-to-do. The computer has become ubiquitous; they sit on every office desk; and the behemoths ensconced in office towers and suburban industrial parks have 5000 times the power of their 1972 predecessors. Moreover computers are joined for exchange of data by networks whose size and complexity defy human comprehension. But there are warning signals in the air that portend evil far beyond the penny-pinching or mean-spirited businessmen and self-serving politicians: massive insider fraud that piled up $300 billion in losses in the savings and loan debacle; sabotage when government computers endured a plague of "crashes" while disgruntled staff is "working-to-rule"; the terrorism of alien- ated hacker geniuses—the revolt of the nerds. The absence or impotence of protective measures and accounting controls coupled with widespread managerial apathy about information security and pressure for greater through-put and more interconnection exacerbate the threats. The objective of this book is not advocacy of privacy. It is not an appropri- ate role for an emeritus professor of computer science to preach how account- able politicians, bureaucrats, business people, and role models should be to the general public, or how much privacy a person should have to relinquish to qual- xiii xiv CONFIDENTIAL INFORMATION SOURCES ify for a benefit. These questions are best resolved by political consensus, mar- ket forces, or cultural imperative. Rather the object of this book is to show who maintains what information about whom, the immense power base created by the concentration of personal information, and what rules if any dictate how the information is safeguarded and how the power it generates is used. These people made this book possible: my friend, Dr. Jack Bologna, president of Computer Protection Systems, Plymouth, Michigan; mon beau fils, Adjutant Gilles Arpin, Canadian Military Police, ret.; my friend and former student, Deputy Commissioner Philip M. McLelland, Royal Canadian Mounted Police. Thanks also go to Superintendent Frank Fedor, RCMP ret., former officer in charge of the EDP Security Branch, and Civilian Member Grant L. McPhee, the present incumbent. Jerry Mulcahey of the School of Business Library and Walter Zimmer- man of the Weldon Library, the University of Western Ontario, gave me first- hand experience using a vast array of automated searching tools to probe an equally vast array of databases. My colleague, David H. Flaherty of the Department of History and the Faculty of Law, opened his own files on pri- vacy to me. Donn Parker of Stanford Research International, pontiff of computer rectitude and ethics, was kind enough to admit one Blue Jay into his college of Cardinals. Thanks also to Prof. William J. Caelli, Information Security Research Centre, Queensland University of Technology; Louise Yngstrom and Stewart Kowalski, Systems Integrity and Information Security project, Stockholm University and Royal Institute of Technology; and Wayne Madsen of ENTEK, Inc., Alexandria, Virginia, who filled me in on other international ramifications during a "red eye" flight from Sydney to Los Angeles. These people answered my questions fully and frankly: Milt Ahlerich, Federal Bureau of Investigation; Gary M. Young, Bureau of the Census; Eve- lyn Dionne, Medical Information Bureau; Despina H. Georgas, Ontario Per- sonal Property and Security Registration System; Barry Hewitt, Manitoba Highways and Transportation; Ken Hubard, Consumer and Corporate Affairs Canada; S.P. Hunter, Canadian Department of National Defence; John B. Lone, British Home Office Police National Computer Organization; Chief William McCormack, Toronto Metropolitan Police; Levy Pineda, Ontario Ministry of Health; R.E. Kendall, INTERPOL; Robert Ellis Smith, Pri- vacy Journal; and Dennis Walker, California Department of Motor Vehicles. In a backhanded way thanks also are due those people who by varying degrees of invincible silence, prevarication, obfuscation, and common rude- ness indicated they had something to hide and provoked me into targeting their organizations. Special thanks to my editor, Greg Franklin, who never lost faith in the project; Keven Kopp, who lent the name of Butterworth-Heinemann to my quest for information; and keen-eyed copyeditor Judith Gimple of Bywater Production Services. Billie, my wife, was the moving force behind both edi- PREFACE AND ACKNOLWEDGMENTS FOR THE SECOND EDITION XV tions of this book. Not only did she do all those essential things that the long- suffering wife of an author traditionally does, she also participated actively in gathering information and scrutinized it with eyes and ears sharply attuned to falsehood, equivocation, and innuendo. John M. Carroll Acknowledgments for the First Edition The hardest part of a book to write is that part where the author gives credit to all the people who have helped him gather material. It is particularly diffi- cult when the book represents a lifetime spent in gathering and analyzing information. In the long view, one incident tends to dissolve into another, and all sources no longer remain clearly in focus. It is all too easy to overlook someone's important contribution. For this I am sorry. Some authors begin by thanking their mothers. But although that fine lady was in fact an unerring human lie detector, she had little to do with the substance of this book. Probably the principal credit should go to some unknown yeoman deep in the bowels of BuPers who, more than 30 years ago, yanked me out of an instructor's billet at Sonar School and posted me to the Navy Security Group. What got it all together, however, was the 18 months I spent as chief investigator for the Canadian Privacy and Computers Task Force. For this singular opportunity, I want to thank Richard Gwyn, syndicated columnist and former Director-General of Socio-Economic Planning, Department of Communications. For stimulating discussions, thanks go to the other members of the task force, especially John M. Sharp (Legal Research Institute, University of Mani- toba, and author of Credit Reporting and Privacy) and Professor C.C. Gotlieb (Computer Science Department, University of Toronto). For making our investigation a success, thanks go to my fellow investi- gators Professor J.I. Williams (Department of Sociology, University of West- ern Ontario), Carol Kirsh (Management Consultant, Toronto), Dr. Jean Bau- dot (Centre du Calcul, Universitie de Montreal), and Edward F. Ryan (Coun- sel, Ontario Law Reform Commission). To all my associates in the Canadian Standards Association and espe- cially to David Balmer (Canadian Bankers Association and Chairman, Com- mittee on the Representation of Data Elements, Standards Division, Cana- dian Standards Association). For the international flavor: H.P. Gassmann (Directorate for Scientific Affairs, Organization for Economic Cooperation and Development), Mme. F. Galluodec-Genuys (Director, International Institute of Administrative Sci- xvii xviii CONFIDENTIAL INFORMATION SOURCES ences), Dipl. Ing. Gerhard Choust (IBM Vienna Laboratory), and Dr. Lance J. Hoffman (Department of Electrical Engineering and Computer Science, University of California, Berkeley, editor of Security and Privacy in Computer Systems, and my liaison with Professor Alan Westin's group). For the special focus on security: Director Clarence M. Kelley (Federal Bureau of Investigation), Assistant Commissioner A.C. Potter (Royal Cana- dian Mounted Police), Security-General J. Nepote (International Criminal Police Organization), Dr. Robert J. Gallati (Director, New York State Intelli- gence and Identification System), Inspector A. Dyce (Records and Inquiry Bureau, Metropolitan Toronto Police Department), Inspector Laverne Ship- ley (Inspector of Personnel, London [Ontario] Police Department), Ernest A. Côté (Deputy Solicitor-General of Canada), Col. Robert Diguer (Director, Security Services Branch, Department of Supply and Services), Major Doug- las Dawe (CD. Security Consultants of Canada, Limited and formerly Secu- rity Programs Manager, Department of Supply and Services), J.P. Crogie (Assistant Chief Secretariat, Canadian Penitentiaries Service), Dr. Rein Turn (Rand Corporation), George E. Stinson (Stinson Security Services and for- merly with the British Security Services), Col. Robert Collins (Dektor Coun- terintelligence and Security Inc.), Daniel J. Reid (Vice-President, John E. Reid and Associates), J. Kirk Barefoot (J. Kirk Barefoot and Associates, formerly of Cluett Peabody and Co. and editor of The Polygraph Technique), Sgt. Lee Kirkwood (Los Angeles Police Department), Peter Marshall (Chief Super- intendent, Chelsea Police Station), and Commander R.L.J. Ashby (Criminal Record Office, Metropolitan Police Office, New Scotland Yard), and Patrick J. Collins (General Manager, Insurance Crime Prevention Bureaux). And thanks also to the many sources who were interviewed or contrib- uted material, especially: J.S.W. Aldis (M.D., Executive Director, Ontario Health Insurance Plan), W.J. Bell (Clarke Institute of Psychiatry), A.J. Bray (Executive Secretary, Canadian Consumer Loan Association), Maurice Clen- nett (Deputy General Manager, The Royal Bank of Canada), R. Melville Cox (President, Credit Bureau of Greater Toronto), William Denton (Director of Administrative Data Processing, University of Western Ontario), Walter E. Duffett (former Dominion Statistician), P. Dygala (Registrar of Motor Vehi- cles, Province of Manitoba), Frank Field (Bell Canada), Hugh Graham (Man- ager, Winnipeg Office, Retail Credit of Canada), H.F. Herbert (Assistant Deputy Minister, National Revenue/Taxation), Gordon Kennedy (Regional Vice-President [Operating], Retail Credit of Canada), W.T. Lalonde (Hickling- Johnston Limited), M.D. Ledoux (Assistant Director General, L'Hôpital Notre Dame), Margery C. Lucy (Chief, Division of EDP Service, California Depart- ment of Motor Vehicles), D.B. Mastin (General Manager, Royal Insurance Group), J.O. Miller (Director of Computing and Operations Research, MacMillan-Bloedel Ltd.), Dr. Howard B. Newcombe (Chalk River Nuclear Laboratories, Atomic Energy of Canada, Ltd.), A.I. Ormand (Director of Data Processing, General Motors of Canada), T. Overton (Head of Data Processing, North York Board of Education), M.T. Pearson (Managing Director, Associ-

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.