1996-08-09 - Re: Oregon License Plate Site in the News Tonight!

Header Data

From: jfricker@vertexgroup.com (John F. Fricker)
To: Rich Graves <rich@c2.org>
Message Hash: b6d40ade2c8eb27d1db84302904a293092763ed86182bd2a061c471b3d181b17
Message ID: <2.2.32.19960808234932.00902f58@vertexgroup.com>
Reply To: N/A
UTC Datetime: 1996-08-09 02:43:24 UTC
Raw Date: Fri, 9 Aug 1996 10:43:24 +0800

Raw message

From: jfricker@vertexgroup.com (John F. Fricker)
Date: Fri, 9 Aug 1996 10:43:24 +0800
To: Rich Graves <rich@c2.org>
Subject: Re: Oregon License Plate Site in the News Tonight!
Message-ID: <2.2.32.19960808234932.00902f58@vertexgroup.com>
MIME-Version: 1.0
Content-Type: text/plain


My main concern regarding access to this information rests in the fact that
this database has always been available to anyone who understood how to get
it and use it. Recently I received a letter from some credit card company
offering to provide me with my credit report, social security history, and
insurance related records  on a regular basis (for a fee of course). How
about my police, fbi, school, and dating records while we're at it. How much
is already available only to those that know the ropes.

Well today AP ran another story about the reaction surrounding Aaron's
actions. Nice picture of the back of Aaron's head. They didn't print is
lisense plate number either.

ObCypherpunks: How many people do you know that are working on a day to day
basis with medical records systems, the District Attorney's computers, your
doctor's computers, state Department of Health, and so on. I'm sure it's
come up before but isn't this an obvious of application of encryption and
PAK (Public Access to Keys)? Any legislation currently to _require_ that
medical records and such be encrypted with access restricted. 

Something like: Alice (my primary care giver) and I each have the key to the
records that Alice stores. Bob (my dentist) has a legitimate need to these
records so I issue Alice and Bob a new key. With that key, the software
allows Alice to make a replicate (synchonizable at that) of the record and
transfer it to Bob who uses his key to access the data. It may even be that
_any_ time, any of the replicas are to be accessed _my_ private key must be
employed although one may argue that in times of tragedy it would be prudent
to get my medical history immediately. I would say there is little in those
records that would help an emergency room doctor make life saving desisions.
That anything that the ER should know about me to save my life should be on
a Medical Emergency Bracelet. I guess it would not matter if you encrypted
with a key short enough to mumble from the back of an ambulance.

The market for encryption enabled applications is just about to take off. 

--j

At 03:25 PM 8/8/96 -0700, Rich Graves wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>I agree that this project needed to be done to educate the public, but I
>must say I'm glad my name isn't attached to it. 
>
>To answer legitimate concerns about abuse, perhaps version 2 could make the
>relevant http logs publicly available? So in addition to checking the
>governor's son's driving record, you could check which other IP addresses
>have been looking at the governor's son's driving record. Spider detection
>and retaliation would also be nice.
>
>(Of course this would have the side effect of increasing the visibility of
>the anonymizer/canadianizer/exonizer services, which would not be a bad
>thing.)
>
>- -rich
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.2
>
>iQBVAwUBMgppM5NcNyVVy0jxAQFjFwIAyio1QMkAC7/sH3PdVbGXuTImey+1ewg2
>Nxl7bZlZe/YvYlk2yomKW24bgZJ5Vjiecc7g35SM+jveLRWA0xgbkg==
>=yDFP
>-----END PGP SIGNATURE-----
>
>






Thread