You are here:
EPIC Alert >>
 EPICAlert 15
EPIC Alert 3.15  EPICAlert 15 (23 August 1996)
Volume 3.15 August 23, 1996
Published by the
Electronic Privacy Information Center
Table of Contents
 Senate to Consider Counterterrorism Bill in September
 Call for Grassroots Crypto Action
 Welfare Bill Signed by Clinton
 Court Rules NSC Not Subject to FOIA
 Congress to Review National ID Card Proposals
 Another Suit Filed Challenging Crypto Export Restrictions
 EPIC/PI to Sponsor Conference on Surveillance Technologies
 Upcoming Conferences and Events
The Senate is scheduled to take up counter-terrorism legislation inearly September that will include expansion of government wiretappingauthority,
increased collection of personal information, and otherprovisions that would limit personal privacy.
The House passed a version of the bill, the Aviation Security andAntiterrorism Act of 1996 (HR 3953), on August 2. Led by freshmanRepublicans,
the House rejected efforts by the Clinton Administrationto include in the bill new expanded powers for wiretapping. Anothermeasure,
the Antiterrorism Law Enforcement Act of 1996 (H.R. 3960),
was also introduced -- it includes the full wiretapping authorityrequested by the White House. Rep. Bill McCollum (R-FL) is planningto
hold hearings on wiretapping in September.
The Senate is planning to consider a number of wiretap-relatedprovisions, including:
o More "emergency wiretaps" that could be conducted without a warrant;
o Roving Taps - more wiretaps without specifying the target;
o Expanded number of crimes for which wiretaps could be conducted;
o "Bad faith" exception which would allow use of illegal taps in court unless target can prove bad faith action by govt
o Expanded use of pen registers and trap and trace devices for "counterintelligence" purposes; and o Funding for Digital
More information on current anti-terrorism proposals is available at:
Encryption legislation will also be on the agenda when Congressreturns in September. The Promotion of Commerce Online in the DigitalEra
("Pro-CODE") bill in the Senate (S.1726) and the Security andFreedom Through Encryption ("SAFE") bill in the House (HR 3011) wouldrelax
U.S. export controls on strong encryption. EPIC has joined withother organizations to encourage grassroots support for these effortsduring
the week of September 3 - 10. Information on "Crypto ActionWeek" can be found at:
Individuals and organizations supporting on-line security and privacyshould display the "Golden Key Campaign" logo on their homepages.
Information is available at the Internet Privacy Coalition site:
On August 22, President Clinton signed the Personal Responsibility andWork Opportunity Reconciliation Act of 1996. The bill includes
anumber of sections that expand the use of the Social Security Numberand create new databases of personal information.
The bill requires that states obtain individuals' Social SecurityNumbers for many state documents. It provides that on "anyapplication
for a professional license, commercial driver's license,
occupational license, or marriage license [the SSN] be recorded on theapplication."
The new bill also creates a national database of every employee in theUnited States. States are also required to create databases
of "newhires." The state databases would be uploaded to a federal registryand the Social Security Administration would verify the
SSNs. TheCommissioner of Social Security is required to develop "a prototype ofa counterfeit-resistant social security card" made
of tamper proofmaterials for proving citizenship, and to issue a report on the costof issuing a new card to all citizens over a three,
five or ten yearperiod.
More information on the welfare bill, the Social Security Number, andefforts to expand its use is available at:
In a major blow to the principle of government accountability, thefederal appeals court in Washington, DC, has ruled that the NationalSecurity
Council (NSC) is not subject to the disclosure requirementsof the Freedom of Information Act (FOIA).
The August 2 split decision in Armstrong v. Executive Office of thePresident was written by Judge Douglas Ginsburg, who was joined
byJudge Harry Edwards. A dissenting opinion was written by Judge DavidTatel. The Armstrong case involved the status of archived
White Housee-mail dating back to the Reagan administration. While successiveadministrations have fought to preserve the confidentiality
of WhiteHouse e-mail and computer systems, the Clinton administration was thefirst to contend that the NSC is not an "agency" subject
to the FOIAand the Federal Records Act. The lower court (Judge Charles Richey)
had rejected the administration's position, but the Court of Appealsfor the District of Columbia Circuit reversed, concluding that
"theclose working relationship between the NSC and the President indicatesthat the NSC is more like 'the President's immediate personal
than it is like an agency exercising authority independent of thePresident."
The decision will have a significant impact on the ability of thepublic to oversee the development of policies that affect theInternet.
The NSC, for instance, has been deeply involved inencryption policy and the controversial Clipper Chip initiative. AnNSC-related
entity, the Security Policy Board, is currently developing"information security" policies that will potentially have asubstantial
impact on the Internet and other electronic communicationsmedia. EPIC is currently litigating FOIA cases against the NSCseeking
the disclosure of information concerning these activities.
The future of those cases is now in doubt.
The text of the decision is available at:
Congress is expected to take up immigration bills with controversialidentification provisions in early September. Different versions
ofthe bill were passed by the House and the Senate in April and May, anda conference committee has been reviewing the bills since
then. Bothversions of the bill contain ID provisions for the purpose ofemployment eligibility.
The House bill creates a pilot program for a national database thatemployers in five of the states with the most illegal immigrationwould
use to determine eligibility. Employers would voluntarily calla toll free number to check applicants' Social Security Numbersagainst
a database created by the Social Security Administration andthe Immigration and Naturalization Service. Proposals to make thissystem
mandatory and to use a tamper-proof identity card were defeatedin April. Opponents, such as Rep. Steven Chabot (R-OH) have describedthe
program as "1-800-BIG BROTHER" and questioned the accuracy of thedatabases used. Even a small percentage of incorrect data couldresult
in the denial of jobs for hundreds of thousands of people eachyear. They also note the likelihood that the program would becomemandatory
nationwide since the size of the pilot program would alreadycover nearly half of the U.S. population.
The Senate bill would require the Attorney General to set up severalpilot programs, including telephone verification of the SSN, usingstate
issued licenses with machine readable SSNs, and requiringemployers to verify eligibility with the INS for individuals who donot attest
that they are citizens. The Attorney General woulddetermine which jurisdictions would use the programs and could makethe programs
mandatory for all employers in designated regions. Afterthree years, the President would develop and recommend a program toCongress.
More information on these proposals, and other information related tonational ID cards, is available at:
An Ohio law professor filed suit against the State Department and theNational Security Agency on August 8, challenging theconstitutionality
of export controls on cryptography. Professor PeterJunger, a Case Western Reserve University Law School challenged therestrictions
on a number grounds, including that they constitute aprior restraint on free speech; are vague; infringe on academicfreedom and political
speech; and violate separation of powers bycreating de facto domestic restrictions on cryptography withoutCongressional authority.
Junger teaches the "Computers and the Law" course at the university.
As part of the course, he wrote an encryption program designed toillustrate how to use various cryptosystems. He has had to prohibitforeign
students from taking the class and restrict distribution ofhis course material because of the ITAR restrictions.
More information on the Junger lawsuit, other challenges to the ITAR,
and general information on export controls is available at:
The new generation of covert surveillance activities of governmentagencies and private companies will be examined at a conference
to beheld in Ottawa next month, sponsored by EPIC and PrivacyInternational.
The conference will explore the process of planning and implementationof the technologies, their operating conditions, and the people
andorganizations responsible for instituting them. The conference willalso examine possible technical, regulatory and legal responses.
A number of former government agents, intelligence experts andsurveillance analysts will gather at the Advanced SurveillanceTechnologies
II conference on September 16th to discuss the use ofpowerful new technologies being used to gather information.
Speakers will include Mike Frost, a former intelligence officer forthe Canadian Communications Security Establishment and author of
thebestseller "Spyworld." He will discuss the surveillance technologiesused by the CSE and its American counterpart, the National
The Conference will take place at the Citadel Hotel in Ottawa, Canada.
More information is available on the conference from the PrivacyInternational Web Page at:
"Symposium on Integrated Justice Information Systems." September 9-11,
1996. Washington, DC. Sponsored by the SEARCH Group. Contact: (916)
"Salute to FOIA." September 12-13, 1996. Arlington, VA. Sponsored bythe Freedom Forum and the American Society of Newspaper Editors.
"Advanced Surveillance Technologies II." September 16, 1996. Ottawa,
Canada. Sponsored by EPIC and Privacy International. Contact:
http://www.privacy.org/pi/conference/ottawa/ or email piprivacy.org.
"Privacy Beyond Borders", 18th International Privacy and DataProtection Conference. September 18-20, 1996. Ottawa, Canada.
Sponsored by the Privacy Commissioner of Canada. Contact:
"Regulation or Private Ordering? The Future of the Internet."
September 20, 1996. Washington, DC. Sponsored by the CATO Institute.
Contact: R. Scott Wallis, (202) 789-5296.
"The 2nd International Conference & Exhibit on Doing Business Securely
on the Information Highway." September 30 - October 1, 1996. Montreal,
Quebec, Canada. Contact: http://www.ecworld.org/Conferences/2nd_Security/menu.html.
"Managing Privacy in Cyberspace and Across National Borders."
October 8-10, 1996. Washington, DC. Sponsored by Privacy and AmericanBusiness. Contact: Lorrie Sherwood, (201) 996-1154.
"The Information Society: New Risks & Opportunities in Privacy,"
October 17-18, 1996. Bruxelles, Belgium. Sponsored by the European
Parliament. Contact: http://www.droit.fundp.ac.be/privacy96.html
"Communications Unleashed - What's at Stake? Who Benefits? How to Get
Involved!" October 19-20, 1996. Washington DC. Sponsored by CPSR and
Georgetown University. Contact: phylandaol.com.
19th National Information Systems Security Conference. October 22-25,
1996. Baltimore, MD. Sponsored by NSA & NIST. Contact: Tammy Grice (301)
"Eurosec'97, the Seventh Annual Forum on Information Systems Quality and
Security." March 17-19. 1997. Paris, France. Sponsored by XP Conseil.
(Send calendar submissions to Alertepic.org)
The EPIC Alert is a free biweekly publication of the ElectronicPrivacy Information Center. To subscribe, send email toepic-newsepic.org with the subject: "subscribe" (no quotes).
Back issues are available via http://www.epic.org/alert/
The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 to focuspublic
attention on emerging privacy issues relating to the NationalInformation Infrastructure, such as the Clipper Chip, the DigitalTelephony
proposal, medical record privacy, and the sale of consumerdata. EPIC is sponsored by the Fund for Constitutional Government, anon-profit
organization established in 1974 to protect civil libertiesand constitutional rights. EPIC publishes the EPIC Alert, pursuesFreedom
of Information Act litigation, and conducts policy research.
For more information, email infoepic.org, HTTP://www.epic.org orwrite EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC20003. +1 202 544 9240 (tel), +1 202 547 5482 (fax).
If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible. Checks should
be made out to "The Fund for Constitutional Government" and sent to EPIC,
666 Pennsylvania Ave., SE, Suite 301, Washington DC 20003.
Your contributions will help support Freedom of Information Act and First
Amendment litigation, strong and effective advocacy for the right of
privacy and efforts to oppose government regulation of encryption and
funding of the National Wiretap Plan.
Thank you for your support.