You are here:
EPIC Alert >>
 EPICAlert 8
EPIC Alert 2.08  EPICAlert 8 (2 August 1995)
Volume 2.08 August 2, 1995
Published by the Electronic Privacy Information Center (EPIC)
Washington, DC infoepic.org WWW http://epic.org
Table of Contents
 Telecom Bill Update
 New Bill Targets Crypto
 2600 FOIA Case on Appeal
 National Security Surveillance Increases
 New EPIC Reports Available
 Upcoming Conferences and Events
 Telecom Bill Reaches House Floor
By the time you read this, the House of Representatives may or may nothave begun consideration of HR 1555, the so-called "telecommunicationsreform"
bill (the latest estimates are that consideration will beginon the evening of August 2). EPIC has joined with a coalition ofpublic
interest organizations in calling for the defeat of thislegislation. The coalition includes the Center for Media Education,
Computer Professionals for Social Responsibility, Consumer Federationof America, Media Access Project, People for the American Way
ActionFund, and Taxpayer Assets Project/Consumer Project on Technology. Ina joint statement issued on July 31, the coalition says
Specific provisions will directly affect the Internet.
Users have been actively opposing one Senate provision to ban all "indecent" communications on computer networks.
Given the overwhelming Senate support for that measure,
there is substantial risk that any version of the telecommunications bill will contain content restrictions of some sort.
Not only will any version of this legislation probably regulate content on the Internet, it will certainly eliminate
many important economic safeguards against market power and abuse. The very competitive market that exists for Internet service
providers should be emulated for phone and cable companies. Yet the legislation encourages greater monopoly control over
all communications services.
* In a statement released on July 31, President Clinton announced hisintention to veto the current version of the telecommunications
billpending in the House. The White House statement noted that, "Insteadof promoting open access and diversity of content and viewpoints,
[thebill] would allow fewer people to control greater numbers oftelevision, radio and newspaper outlets in every community."
* The status of the "Communications Decency Act," which is included inthe telecommunications bill passed by the Senate, is unclear
in theHouse. Although the so-called "Exon amendment" language is notcurrently contained in the House legislation, it is anticipated
thatadvocates of Internet censorship will attempt to attach the CDA to thetelecom bill on the House floor. For updated information,
check theVoters Telecommunications Watch (VTW) home page athttp://www.panix.com/vtw/exon/exon.html.
* The following materials are now available at the EPIC home page,
The full text of the public interest coalition statement,
including an analysis of the legislation and Congressional contact information;
The White House statement on the House legislation;
The "managers' report" on the legislation, describing the current version of the bill;
The latest version of the VTW alert on the Communications Decency Act Internet censorship provisions.
 New Bill Would Outlaw Non-Escrowed Encryption
On June 27, Sen. Charles Grassley (R-Iowa) introduced the"Anti-Electronic Racketeering Act of 1995." The legislation addressesa broad
array of Internet-related issues, including encryption. Underthe heading of "Racketeering-related crimes involving computers," thebill
would, in effect, criminalize the distribution of all encryptionsoftware over the Internet or other computer networks unless "thesoftware
at issue used a universal decoding device or program that wasprovided to the Department of Justice prior to the distribution."
Section 2(h)(1) of S.974 would amend Title 18 of the United StatesCode to make it unlawful to:
distribute computer software that encodes or encrypts electronic or digital communications to computer networks that
the person distributing the software knows or reasonably should know, is accessible to foreign nationals and foreign governments,
regardless of whether such software has been designated as nonexportable.
The legislation further provides that:
[i]t shall be an affirmative defense to prosecution under this section that the software at issue used a universal decoding
device or program that was provided to the Department of Justice prior to the distribution.
The legislation is plainly an attempt to mandate the result theAdministration sought to achieve with the failed Clipper Chipinitiative
-- ensuring law enforcement access to *all* encryptedcommunications through government-escrowed keys. Requiring"knowledge" of accessibility
to foreign nationals or governmentsprovides no meaningful protection in a global communicationsenvironment. Such knowledge can easily
be imputed to any personmaking encryption software available on the Internet.
Criminalizing such distribution "regardless of whether such softwarehas been designated as nonexportable," would effectively outlaw
thedissemination of any encryption software that does not provide thegovernment with escrowed keys or some other backdoor. As drafted,
thelegislation would appear to prohibit the distribution of any programthat contains security features, including Netscape Navigator,
variousdigital cash applications and even PKZIP.
The Grassley bill was drafted with input from the Department ofJustice, suggesting that the Administration may be moving from theinitial
"voluntary" Clipper approach toward mandatory restrictions onthe distribution and use of non-escrowed encryption. Indeed, FBIDirector
Louis Freeh has indicated on several occasions that domesticuses of encryption will eventually be curtailed. For instance, Freehsaid
in Congressional testimony on May 11, 1995,
... we're in favor of strong encryption, robust encryption.
The country needs it, industry needs it. We just want to make sure we have a trap door and key under some judge's authority
where we can get there if somebody is planning a crime.
The text of the "Anti-Electronic Racketeering Act" can be obtained athttp://www.epic.org/privacy/crypto/s974.txt
EPIC will continue to monitor the progress of this legislation andwill be posting analyses of its other draconian provisions, includingthose
dealing with computer crime, distribution of copyrightedmaterial and searches and seizures of computer systems.
 Appeals Court to Decide "2600" FOIA Case
The wheels of justice turn slowly ...
In November 1992, a group of young people affiliated with the computermagazine "2600" were confronted by mall security personnel,
localpolice officers and several unidentified individuals in the PentagonCity shopping mall in Virginia. The group members were
ordered toidentify themselves and to submit to searches of their personalproperty. Their names were recorded and some of their property
Computer Professionals for Social Responsibility (CPSR) filed suit infederal court in early 1993 seeking the release of relevant SecretService
records under the Freedom of Information Act. The litigationof the case is being handled by EPIC.
In July 1994, U.S. District Judge Louis Oberdorfer ordered the SecretService to release the vast majority of documents it maintains
on theincident. The government appealed that decision and the appeal is nowpending. In a recently filed brief, EPIC and CPSR argue
that thewithheld documents demonstrate Secret Service misconduct and that theFOIA exemptions cited by the agency do not apply.
The Pentagon City incident has been described as an example ofover-zealous law enforcement activities directed against so-calledcomputer
"hackers." The case raises significant issues of free speechand assembly, privacy and government accountability. Oral argumentbefore
the U.S. Court of Appeals for the District of Columbia Circuitis scheduled for September 14, 1995. A copy of the CPSR/EPIC briefcan
be found at:
 Secret Court Surveillance Orders Increase, New Chief Judge Chosen
According to Justice Department documents, orders for "nationalsecurity" electronic surveillance increased in 1994 over the previousyear.
576 orders for "national security" electronic surveillance wereapproved in 1994, an increase of 65 orders over the previous year
butstill lower than previous peak years of 1984 and 1991.
No requests for surveillance were denied or modified. Since itsinception in 1979, the Foreign Intelligence Surveillance Court (FISC)
has never turned down a request for an electronic surveillance order.
The secret court was created by the Foreign Intelligence SurveillanceAct of 1977. Last year, the FISC's jurisdiction was expanded
toinclude authorizing physical searches of premises in "nationalsecurity" cases.
FISA Orders 1979-1994
1979 - 207 1980 - 322 1981 - 433 1982 - 475
1983 - 549 1984 - 635 1985 - 587 1986 - 573
1987 - 512 1988 - 534 1989 - 546 1990 - 595
1991 - 593 1992 - 484 1993 - 509 1994 - 576
A new leader was recently named for the court. U.S. District CourtJudge Royce C. Lamberth has been chosen to be the chief judge.
Lamberth replaces US District Court Judge Joyce Hens Green, whose termexpired earlier this year. Members of the FISC are chosen by
ChiefJustice William Rehnquist and serve seven year terms.
Lamberth was originally appointed to the U.S. District Court byPresident Ronald Reagan in 1987. Prior to his appointment, he wasChief
of the Civil Division of the U.S. Attorney's Office inWashington, D.C. In 1993, he ruled against CPSR in its attempt toobtain classified
documents relating to the development of the DigitalSignature Standard.
Other court members are Wendell A. Miles, Western District ofMichigan; Ralph Thompson, Western District of Oklahoma; CharlesSchwartz,
Eastern District of Louisiana; Earl H. Carroll, District ofArizona; James C. Cacheris, Eastern District of Virginia; and JohnKeenan,
Southern District of New York.
 Updated EPIC Reports Available
EPIC has released updates of two of its reports:
EPIC Online Guide to Privacy Resources. A comprehensive list ofprivacy organizations, publications, newsgroups, mailing lists,
netsites and conferences related to privacy. Updated August 1, 1995.
HTTP://www.epic.org/privacy/online_guide_faq.txt Text VersionHTTP://www.epic.org/privacy/online_guide_faq.html HTML Version
Overview of 104th Congress - Electronic Privacy and Civil LibertiesLegislation. A comprehensive listing of all legislation currentlypending
in Congress that affects privacy and civil liberties.
Includes a brief overview, bill number, and status of each bill.
Updated August 1, 1995.
 Upcoming Privacy Related Conferences and Events
DEF CON III. August 4-6, 1995. Las Vegas. Major hacker conference.
Contact: dtangentdefcon.org or http://dfw.net/~aleph1/defcon
Surveillance Expo '95. August 8-10. Mclean, Virginia. Sponsored byRoss Engineering. Contact Jim Ross. 703-318-8600.
Advanced Surveillance Technologies. Sept. 4, 1995. Copenhagen,
Denmark. Sponsored by Privacy International and EPIC. Contactpiprivacy.org or HTTP://www.privacy.org/pi/conference/
17th International Conference of Data Protection and PrivacyCommissioners. September 6-8, 1995. Copenhagen, Denmark. Sponsored bythe
Danish Data Protection Agency. Contact Henrik Waaben, +45 33 1438 44 (tel), +45 33 13 38 43 (fax).
InfoWarCon '95. September 7-8, 1995. Arlington, VA. Sponsored by NCSAand OSS. Email: WinnInfowar.Com.
"Managing the Privacy Revolution." Privacy & American Business. Oct.
31 - Nov. 1, 1995. Washington, DC. Speakers include C.B. Rogers(Equifax). Contact Alan Westin 201/996-1154.
11th Annual Computer Security Applications Conference: The conferenceincludes technical papers, panels, vendor presentations, and
tutorialsthat address the application of computer security and safetytechnologies in the civil, defense, and commercial environments.
December 11-15, 1995, New Orleans, Louisiana. Contact Vince Reed at(205)890-3323 or vreedmitre.org.
1996 Computers, Freedom and Privacy Conference. March 27-30, 1996.
Cambridge MA. Sponsored by MIT. Contact: cfp96-infomit.edu orhttp://web.mit.edu/cfp96.
(Send calendar submissions to Alertepic.org)
The EPIC Alert is a free biweekly publication of the ElectronicPrivacy Information Center. To subscribe, send the message:
SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname
to listservcpsr.org. You may also receive the Alert by reading theUSENET newsgroup comp.org.cpsr.announce.
Back issues are available via http://epic.org/alert/ orFTP/WAIS/Gopher/HTTP from cpsr.org /cpsr/alert/ and on Compuserve (GoNCSA),
Library 2 (EPIC/Ethics).
The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 tofocus
public attention on emerging privacy issues relating to theNational Information Infrastructure, such as the Clipper Chip, theDigital
Telephony proposal, medical record privacy, and the sale ofconsumer data. EPIC is sponsored by the Fund for ConstitutionalGovernment
and Computer Professionals for Social Responsibility. EPICpublishes the EPIC Alert and EPIC Reports, pursues Freedom ofInformation
Act litigation, and conducts policy research on emergingprivacy issues. For more information, email infoepic.org, WWW atHTTP://epic.org
or write EPIC, 666 Pennsylvania Ave., SE, Suite 301,
Washington, DC 20003. (202) 544-9240 (tel), (202) 547-5482 (fax).
The Fund for Constitutional Government is a non-profit organizationestablished in 1974 to protect civil liberties and constitutionalrights.
Computer Professionals for Social Responsibility is anational membership organization of people concerned about the impactof technology
on society. For information contact: cpsr-infocpsr.org
If you'd like to support the work of the Electronic PrivacyInformation Center, contributions are welcome and fullytax-deductible.
Checks should be made out to "The Fund forConstitutional Government" and sent to EPIC, 666 Pennsylvania Ave.,
SE, Suite 301, Washington DC 20003.
Your contributions will help support Freedom of Information Actlitigation, strong and effective advocacy for the right of privacy
andefforts to oppose government regulation of encryption and funding ofthe National Wiretap Plan..
Thank you for your support.
END EPIC Alert 2.08