Ken Williams wrote:

-----BEGIN PGP SIGNED MESSAGE-----

Good thing I keep all my money in a steel case buried somewhere along the Appalachian trail. No bank accounts, no credit cards.

That may be good, but your decision is not costless. You are losing all the interest that could accrue on the money and it is constantly diminished by inflation. Is it worth it? It's your call, but I do not see what you do as something that is unquestionably wise. igor

Ken Williams

Packet Storm Security http://www.Genocide2600.com/~tattooman/ E.H.A.P. Head of Operations http://www.ehap.org/ ehap@ehap.org NC State CS Dept http://www.csc.ncsu.edu/ jkwilli2@unity.ncsu.edu PGP DSS/DH/RSA Keys http://www4.ncsu.edu/~jkwilli2/pgpkey/

_____________________________________________________________ Get Your Private, Free, Encrypted Email at http://www.nsa.gov

- ---------- Forwarded message ---------- Date: Wed, 25 Nov 1998 00:56:41 -0700 (MST) From: mea culpa To: InfoSec News Subject: [ISN] Feds Want Banks to Spy on All Customers...Even You!

...

From: ISPI Clips 6.51 From: WorldNetDaily, November 23, 1998

Big Brother Banks? FDIC has snooping plans http://www.worldnetdaily.com/bluesky_exnews/19981123_xex_big_brother_.shtml David M. Bresnahan, David@talkusa.com Contributing Editor, WorldNetDaily

Are you a potential criminal? Are you a threat to banks, airlines, a potential spy, or perhaps an IRS tax protester? The government would like to know and they are about to force banks to be their detectives.

The federal government wants banks to investigate you. Soon your banker will know more about you than anyone else in town. Banks must not only determine your correct identity, they must also know how you make your money, and how you spend it. Once you establish a pattern of deposits and withdrawals, banks must inform federal agencies when you deviate.

Bank customers may soon find themselves explaining to the FBI, Internal Revenue Service, and the Drug Enforcement Agency why they made a $15,000 deposit to their bank account. According to current Federal Deposit Insurance Corporation plans, banks will soon establish "profiles" of their customers and report deviations from those profiles.

If you sell a car, for example, and place the proceeds in your account while you shop for a new one, a red flag may go off in the bank computer. Such a situation puts law abiding citizens in a situation where they must prove they are innocent, says Scott McDonald of the watchdog group Fight the Fingerprint.

An uproar from grass roots Americans is the only thing that will stop the current plans for the FDIC "Know Your Customer" program, according to McDonald. His organization has led the charge against the national ID, medical ID, and computerized information about private aspects of people's lives.

A recent announcement by the FDIC provides for citizen comment prior to implementation of their new banking regulations. The deadline for comments is Dec. 27, 1998.

"The FDIC is proposing to issue a regulation requiring insured nonmember banks to develop and maintain 'Know Your Customer' programs," according to a recent FDIC information package sent to Congress to provide notice of proposed rulemaking, and to banks for comment.

"As proposed," the 29-page FDIC document begins, "the regulation would require each nonmember bank to develop a program designed to determine the identity of its customers; determine its customers' source of funds; determine the normal and expected transactions of its customers; monitor account activity for transactions that are inconsistent with those normal and expected transactions; and report anytransactions of its customers that are determined to be suspicious, in accordance with the FDIC's existing suspicious activity reporting regulation. By requiring insured nonmember banks to determine the identity of their customers, as well as to obtain knowledge regarding the legitimate activities of their customers, the proposed regulation will reduce the likelihood that insured nonmember banks will become unwitting participants in illicit activities conducted or attempted by their customers. It will also level the playing field between institutions that already have adopted formal 'Know Your Customer' programs and those that have not."

Many banks across the country have already begun to implement such programs, according to the FDIC. A quick search of the Internet found many stories in press accounts of problems reported at such banks. There have been a number of stories dealing with banks requiring fingerprints to open accounts and to cash checks. There are several lawsuits presently underway testing the right of banks to make that requirement.

McDonald has been fighting that issue, along with fingerprints on driver's licenses for some time. He pointed out the many errors found on credit reports and suggested that banks will soon make similar errors when they begin creating profiles of their customers.

The FDIC is selling the planned regulations by pointing out the need for prevention of financial and other crime.

"By identifying and, when appropriate, reporting such transactions in accordance with existing suspicious activity reporting requirements, financial institutions are protecting their integrity and are assisting the efforts of the financial institution regulatory agencies and law enforcement authorities to combat illicit activities at such institutions," says the FDIC.

The proposed regulation is, according to FDIC spokesperson Carol A. Mesheske, authorized by current law. It comes from the statutory authority granted the FDIC under section 8(s)(1) of the Federal Deposit Insurance Act (12 U.S.C. 18189s)(1), as amended by section 259(a)(2) of the Crime Control Act of 1990 (Pub. L. 101-647).

The FDIC claims that the law requires them to develop regulations to require banks to "establish and maintain internal procedures reasonably designed to ensure and monitor compliance with the Bank Secrecy Act. Effective 'Know Your Customer' programs serve to facilitate compliance with the Bank Secrecy Act."

The proposed regulations will mandate that all banks insured by the FDIC must maintain an intelligence gathering department that screens out customers and keeps an eye on existing customers. Before you decide to move your money to a credit union, you should know that the FDIC is not the only federal organization making such plans.

"Each of the other Federal bank supervisory agencies is proposing to adopt substantially identical regulations covering state member and national banks, federally-chartered branches and agencies of foreign banks, savings associations, and credit unions. There also have been discussions with the Federal regulators of non-bank financial institutions, such as broker-dealers, concerning the need to propose similar rules governing the activities of these non-bank institutions," reports FDIC attorney Karn L. Main in the proposal.

The purposes for the regulation are to protect the reputation of the banks, to facilitate compliance with the law, to improve safe and sound banking practices, and to protect banks from being used by criminals as a vehicle for illegal activities.

Current customers will be subjected to the new regulation in the same way new customers will be scrutinized. The FDIC does not wish to permit any loop hole which would leave any bank customer unidentified or unsupervised.

Each bank will create profiles. The first profile will determine the amount of risk a potential customer might present by opening an account. The system of profiling potential customers will be different from one bank to the next, since the FDIC does not provide a uniform program. The purpose of the profile is to identify potential customers who might use a bank account for funds obtained through criminal activity.

The next profile will be one that is used by automated computers to determine when suspicious activity is taking place in an account. When activity in the account does not fit the profile, banks will notify federal authorities so they can investigate.

Banks are expected to identify their customers, determine normal and expected transactions, monitor account transactions, and determine if a particular transaction should be reported.

The FDIC has sent copies of the proposal to all banks and is asking for input. The questions asked by the FDIC in the proposal do not

- Igor.