From: tcmay@got.net (Timothy C. May)
Date: Sun, 1 Sep 1996 08:17:33 +0800
To: cypherpunks@toad.com
Subject: "Security risks" vs. "credit risks"
Message-ID: <ae4e076b0102100432c4@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain



The news that airports/airlines (more on this difference in a bit) may be
establishing a data base of security risks sounds Big Brotherish.

But, how is it so much different from credit risks and credit reporting
data bases? If, for example, private airlines (and the U.S. has only
private airlines, not any "public" or "national" airline) wish to check the
data bases on their customers, is this not quite similar to checking credit
risks and ratings before lending money?

There is great danger, to be sure, especially if one's writings and public
utterances become entries into a "threat data base." But I see nothing
unsurprising in, say, American Airlines expressing more interest in Jim
Bell or Tim May, both of whom have written publically about terrorism and
"soft targets," and both of whom have written about how to make pipe bombs,
than in Marianne Smith, retired school teacher from Peoria.

And there is even more danger--even unconstitutionality--in *government
involvement* in such data bases. It's unclear from what I've seen if this
data base is to be run like the private credit ratings agencies or if it is
to have inputs from the FBI, NSA, Interpol, SDECE, etc.

Remember, private airlines are just that: private. Surely we do not support
laws which limit a private airline from using data it has acquired to
decide whom to pay closer attention to. This is the essence of what
knowledge is.

(So long as none of this is mandatory. If Tim's Pretty Good Airline wishes
to not bother screening customers, this should not be illegal. Nor, to my
mind, should TPGA be exposed to negligence lawsuits, so long as his
policies are clearly spelled out.)

I find the notion that one's speeches and Usenet utterances could "harm
one's security rating" a distasteful idea, but so long as such security
ratings are handled by private players, and used by private players, I see
no illegality.

(Of course, the major credit reporting agencies--TRW Credit, Equifax, and
TransUnion--already collude with the government. They collude to falsify
credit ratings, to create identies and histories that never existed when
they say they did, and to provide government with data bases for various
purposes. Obviously a "TRW Security" function would be at least as corrupt,
maybe more so.)

--Tim May

We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."