You are here:
EPIC Alert >>
 EPICAlert 1
EPIC Alert 3.01  EPICAlert 1 (11 January 1996)
Volume 3.12 January 11, 1996
Published by the
Electronic Privacy Information Center
Table of Contents
 FLASH -- Charges Dropped Against Phil Zimmermann
 EPIC Wins Appeal: "Hacker" Raid Info to be Released
 FBI Fails to File Required Wiretap Report
 EPIC Urges FTC to Pursue Strong Privacy Safeguards
 Compuserve Censors 200 Usenet Newsgroups
 Telecom Bill Vote Delayed
 House Delays Vote on Counter-terrorism Bill
 Upcoming Conferences and Eventss
The federal government has dropped all charges against Phil Zimmermann,
the author of the popular encryption program Pretty Good Privacy. Ina letter addressed to Zimmermann's attorney Philip L. Dubois,
federalprosecutors Michael Yamaguchi and William P. Keane wrote that " The U.S.
Attorney's Office in the Northern District of California has decided
that your client, Philip Zimmermann, will not be prosecuted in
connection with the posting to USENET in June 1991 of the encryption
program Pretty Good Privacy. The investigation is closed."
Mr. Zimmermann told the EPIC Alert that he was "greatly relieved." The
software programmer, who has become a folk hero to hundreds of thousandsInternet users as he has also lived daily with the threat
indictment said, "I am thrilled and elated by the decision."
Copies of PGP and PGPFone may be downloaded from the EPIC web site at:
In a case litigated by EPIC staff, the federal appeals court inWashington, DC, has ordered the U.S. Secret Service to releaseinformation
concerning a controversial "hacker" investigation. TheJanuary 2 ruling partially rejected the agency's three-year attempt towithhold
documents concerning the 1992 "Pentagon City Mall Raid." InNovember of that year, a group of young people affiliated with thecomputer
magazine "2600" were confronted by mall security personnel,
local police officers and several unidentified individuals in theVirginia shopping mall. The group members were ordered to identifythemselves
and to submit to searches of their personal property.
Their names were recorded and some of their property was confiscated.
Computer Professionals for Social Responsibility (CPSR) filed suit infederal court in early 1993 seeking the release of relevant SecretService
records under the Freedom of Information Act. The litigationof the case has been handled by the Electronic Privacy InformationCenter
(EPIC). In July 1994, U.S. District Judge Louis Oberdorferordered the Secret Service to release the vast majority of documentsit
maintains on the incident. The government appealed that decisionto the U.S. Court of Appeals for the District of Columbia Circuit,
which partially affirmed the lower court decision in the recentruling.
The appeals court rejected the agency's attempt to invoke a blanketclaim of "source confidentiality" for all information involvinginvestigations
of computer crime, noting that "the Service offered noevidence that a fear of retaliation by hackers is sufficientlywidespread to
justify an inference that sources of informationrelating to computer crimes expect their identities and theinformation they provide
to be kept confidential." The court did,
however, uphold the agency's claim that information identifyingparticular individuals should be withheld from disclosure.
Additional information, including the text of the appellate decision,
is available at:
The Federal Bureau of Investigation has missed a Congressionally-
mandated November 30 deadline for the submission of a public report onwiretap expenditures. The requirement is contained in thecontroversial
digital telephony legislation enacted in late 1994,
which mandated the re-design of the nation's telephone network tofacilitate wiretapping. The legislation required the Bureau to"submit
to Congress and make available to the public a report on theamounts paid during the preceding fiscal year to telecommunicationscarriers"
to reimburse the costs of compliance. The mandated reportmust also include "projections of the amounts expected to be paid inthe
current fiscal year, the carriers to which payment is expected tobe made, and the equipment, facilities, or services for which paymentis
expected to be made."
On December 12, EPIC sent a letter to Sen. Orrin Hatch and Rep. HenryHyde, chairmen of the Senate and House Judiciary Committees,
concerning the FBI's violation of the statute. EPIC's letter notesthat "the privacy of the nation's communications infrastructure
is amatter of great public concern" and that "only through effectiveCongressional and public oversight can we ensure that it is notviolated."
The FBI's failure to comply with the statutory reporting requirementscomes on the heels of its Federal Register notice concerningwiretapping
"capacity requirements." In that notice, the Bureauannounced its intention to require telecommunications providers toensure that
wiretaps can simultaneously be conducted on one percent ofall telephone calls in major urban areas. The public comment periodon
that proposal ends on January 16.
More information on the FBI's proposed wiretap "capacityrequirements," and the text of EPIC's December 12 letter, is availableat:
SPECIAL NOTE: Comments on the FBI Wiretap Proposal are due by January
16. Check out the EPIC web page and submit your comments.
EPIC has urged the Federal Trade Commission to take an aggressive standin support of on-line privacy. In a letter addressed to FTC
CommissionerChristine Varney, EPIC ask the FTC " to investigate the misuse of
personal information by the direct marketing industry and to begin a
serious and substantive inquiry into the development of appropriate
privacy safeguards for consumers in the information age."
EPIC has asked the FTC to investigate four issues:
"1. How is personal information collected and sold within the industry?
What is the extent of data aggregation on particular individuals? Do
current collection and trade practices violate federal or state law?
"2. Has the Mail Preference Service actually protected the privacy
interests of consumers? Are there better and simpler methods for
consumers to control personal data?
"3. What are the implications of the sale of direct marketing lists to
federal and state investigative agencies? Does this practice violate
privacy rights of American citizens? Should it be regulated or
"4. Could new technologies for anonymous and pseudo-anonymous payment
schemes coupled with enforceable legal rights ensure the development ofon-line commerce that promotes business opportunity and protects
personal privacy? What steps should be taken to pursue these new
A copy of the EPIC letter is available at:
The FTC on-line discussion of privacy issues is at:
Following a request by a local prosecutor in Bavaria, Germany,
Compuserve Information Services (CIS) removed over 200 Usenetnewsgroups, claiming that they violated German law on thedissemination
of sexually-explicit materials.
It is unclear why many of the newsgroups were removed. Many contained noexplicit sexual material. The Clairinet news service, which
reprintsstories from Associated Press and Reuters, had three groups removed.
Other newsgroups, which were for fans of Star Trek's Captain Picard,
victims of sexual assault and gay teenagers were also removed.
Both sides of the conflict are blaming the other for the decision. TheBavarian prosecutor's office claims that it did not specifically
tellCIS to remove the newsgroups, while a spokesman for CIS claims thatthey were provided a list of offending newsgroups.
Compuserve, which has members in 140 countries, removed the newsgroupsfrom its service worldwide because it was technically unable
toremove them from just Germany. CIS says that it is attempting tochange its system to allow blocking of newsgroups in only particularcountries.
According to news reports, passage of the telecommunications act hasbeen delayed until after the current debate on the budget has
beenresolved. Speaker of the House Newt Gingrich was quoted as saying thatthere will be "nothing on the telecom bill until we have
Other major issues, such as allocation of spectrum for digital tv,
have not been resolved and are may also hold up agreement in the
In December, conferees agreed to language which makes distribution of"indecent" material over computer networks a federal crime.
The Internet Day of Protest organized by Voters Telecom Watch andother public interest groups generated calls from over 20,000 peopleto
Congress, many who talked to several offices. Several free speech,
privacy rights and newspaper groups are planning to challenge the
legislation if it is included in the final bill.
More information on the Communications Decency Act is available athttp://www.epic.org/free_speech/censorship/
The House leadership decided in late December not to schedule a vote onHR 2703, the controversal 'Comprehensive Counterterrorism Act
after they realized that there were not enough votes to pass the bill.
The revised bill is opposed by conservative Republicans who objectto provisions increasing federal law enforcement powers and liberal
Democrats who also oppose limitaions on the Habeas Corpus rule.
The current bill expands the defination of terrorism, allows the useof evidence created by illegal wiretaps in court proceedings,
expandsthe FBI ability to obtain travel, financial, and telephone recordswithout needing to show that the invidual is suspected of
violatingany law, allow the use of secret evidence in deporation hearings,
and limit federal courts from reviewing unconstitutional state courtproceedings that resulting in inprisonment or executions.
It is expected that the leadership will attempt to bring to bill tothe floor for a vote in late January or early February.
On December 22, the House approved HR 1655, the 'IntelligenceAuthorization Act for Fiscal Year 1996'. The bill provides foran estimated
$30 billion budget for the intelligence agencies. It alsoamends the Fair Credit Reporting Act to allow easier access to creditreports
in "national security" investigations. The bill allows theFBI to obtain information on the locations of all of an individuals'
financial institutions without a court order upon the written
request of the FBI. The FBI may get a copy of the full consumer
report without having to prove 'probable cause' that the individual isviolating a federal law.
More information is available at http://www.epic.org/privacy/terrorism/
RSA 6th Annual Data Security Conference:Cryptography Summit. January17-19, 1996. FairmontHotel, San Francisco. Contact Layne KaplanEvents,
at (415) 340-9300, email at infolke.com, or register athttp://www.rsa.com/.
Security, Privacy and Intellectual Property Protection in the Global
Information Infrastructure, Canberra, Australia. February 7-8, 1996.
Sponsored by the Australian Government, Attorney-General's Departmentand the Organisation for Economic Cooperation and Development.
Computers Freedom and Privacy '96. March 27-30, 1996. Cambridge, Mass.
Sponsored by MIT, ACM and WWW Consortium. Contact cfp96mit.edu orhttp://web.mit.edu/cfp96/
Conference on Technological Assaults on Privacy, April 18-20, 1996.
Rochester Institute of Technology, Rochester, New York. Papers shouldbe submitted by February 1, 1996. Contact Wade Robisonprivacyrit.edu,
by FAX at (716) 475-7120, or by phone at (716)
IEEE Symposium on Security and Privacy, May 6-8, 1996. Oakland, CA.
Sponsored by IEEE. Contact: sp96cs.pdx.edu orhttp://www.cs.pdx.edu/SP96.
Australasian Conference on Information Security and Privacy June24-26, 1996. New South Wales, Australia. Sponsored by AustralasianSociety
for Electronic Security and University of Wollongong. Contact:
Jennifer Seberry (jenniecs.uow.edu.au).
Visions of Privacy for the 21st Century: A Search for Solutions. May9-11, 1996. Victoria, British Columbia. Sponsored by The Office
ofInformation and Privacy Commissioner for the Province of BritishColumbia and the University of Victoria. Program athttp://www.cafe.net/gvc/foi
Privacy Laws & Business 9th Annual Conference. July 1-3, 1996. St.
John's College, Cambridge, England.Contact: Ms. Gill Ehrlich +44 181423 1300 (tel), +44 181 423 4536 (fax).
Advanced Surveillance Technologies II. Sponsored by EPIC and PrivacyInternational. September 16, 1996. Ottawa, Canada. Contactpiprivacy.org
18th International Conference of Data Protection and PrivacyCommissioners. Sponsored by the Privacy Commissioner of Canada.
September 18-20, 1996. Ottawa, Canada.
International Colloquium on the Protection of Privacy and PersonalInformation. Commission d'acces a l'information du Quebec. May 1997.
Quebec City, Canada.
(Send calendar submissions to Alertepic.org)
The EPIC Alert is a free biweekly publication of the ElectronicPrivacy Information Center. To subscribe, send email toepic-newsepic.org with the subject: "subscribe" (no quotes).
Back issues are available via http://www.epic.org/alert/
The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 to focuspublic
attention on emerging privacy issues relating to the NationalInformation Infrastructure, such as the Clipper Chip, the DigitalTelephony
proposal, medical record privacy, and the sale of consumerdata. EPIC is sponsored by the Fund for Constitutional Government, anon-profit
organization established in 1974 to protect civil libertiesand constitutional rights. EPIC publishes the EPIC Alert, pursuesFreedom
of Information Act litigation, and conducts policy research.
For more information, email infoepic.org, HTTP://www.epic.org orwrite EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC20003. +1 202 544 9240 (tel), +1 202 547 5482 (fax).
If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible. Checks should
be made out to "The Fund for Constitutional Government" and sent to EPIC,
666 Pennsylvania Ave., SE, Suite 301, Washington DC 20003.
Your contributions will help support Freedom of Information Act and First
Amendment litigation, strong and effective advocacy for the right of
privacy and efforts to oppose government regulation of encryption and
funding of the National Wiretap Plan.
Thank you for your support.