Date: Sat, 04 Oct 1997 03:35:12 -0500 To: "George F. Mayhew" <mayhem@globaldialog.com>, Robert Hettinga <rah@shipwright.com> From: Black Unicorn <unicorn@schloss.li> Subject: Re:New PGP "Everything the FBI ever dreamed of"
At 10:58 PM 10/3/97 -0500, George F. Mayhew wrote:
I think PGP, Inc. has seen the need for corporations to monitor their transactions at all levels, and responded with a simple, effective method that keeps the core applications from becoming compromised, and thus less secure. As a private user, this doesn't bother me in the least.
You know, you're right. Transactions at all levels on corporate property can put the corporation at risk. As a private user, this doesn't bother me in the least either. I think a simple effective method to prevent potential liability might be to put video cameras in the restrooms on corporate facilities. God knows what silliness goes on in there which might get the company in trouble. Mandatory drug tests? Absolutely. Seems to me that this is essential. Can't have recreational drug users hanging around can me. By the way, alchohol is considered a drug by the company. We'll be screening for that starting Monday. AIDS carriers? We need to know. Never know when this might cause the corporation embarassment, or, god forbid, liability. What if the local CPR expert didn't know that Bill had the HIV virus and tried to preform CPR? Can you imagine the potential liability? God, what about something more communicable like TB? No, can't have that. We need access to all our employee's medical records. Absolutely.
God you frighten me.
Unicorn, as usual, you twist words like nobody but you (and a zillions politicians) can. You forget the fact that the association between a company and an individual is voluntary. As long as all the tests and surveillance done by the company is known by the employee, it can do anything it wants. Only, you are also free to find another employer. And in the old days of paper correspondence, what prevented a company to give five years of a given employee's correspondence to the FBI? As a business owner, I wouldn't put cameras in the bathrooms, but I would certainly *require* that an encrypting software be decypherable by the top management. Encryption is an envelope. Sometimes, it is justified that management open suspicious enveloppes. As long as a behaviour doesn't impair work performance, there is no reason to pick on it. And personnally, I'd maybe keep somebody with impaired work capabilities but negociate a pay reduction instead of firing him/her. He is free to find work somewhere. This is *NOT* coercion. Your thing about the cops having access to info is an entirely different story. If the company doesn't have the balls or the strenght to resist bullish tactics, then, it is their problems. The employee should simply have evaluated earlier if the company would sell him out to the first spook and choose to work for somebody else. What you seemed to imply when you wrote that precisionless paragraph is that, in the end, key escrow by the owners of the company and computer system is dangerous. But to the company, not having the possibility to decrypt the data they *own* and are liable for is even more dangerous. The data generated on company's time and pay is property of the company. There is no coercion. Everybody is free to act, find another employee or keep him, find another job or keep it. Period. Ciao jfa P.S. For which one of three-letter organization do you work Unicorn? -- Jean-Francois Avon, Pierrefonds(Montreal) QC Canada DePompadour, Societe d'Importation Ltee Finest of Limoges porcelain and crystal JFA Technologies, R&D consultants physicists and engineers, LabView programing. PGP encryption keys at: http://w3.citenet.net/users/jf_avon http://bs.mit.edu:8001/pks-toplev.html ID# C58ADD0D : 529645E8205A8A5E F87CC86FAEFEF891 ID# 5B51964D : 152ACCBCD4A481B0 254011193237822C