WorldLII Home | Databases | WorldLII | Search | Feedback

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 1997 >> [1997] EPICAlert 17

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

EPIC Alert 4.17 [1997] EPICAlert 17






EPIC ALERT




Volume 4.17 December 22, 1997

Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.

http://www.epic.org/


Table of Contents



[1] Global Coalition Urges Rejection of PICS
[2] Survey Shows Internet Users Want Privacy Laws
[3] EPIC/ACLU File Comments on CALEA Implementation
[4] FTC on Kids Privacy
[5] FTC Punts on Lookup Services
[6] Champion of Open Government Dies
[7] Last Minute Holiday Gifts at the EPIC Bookstore
[8] Upcoming Conferences and Events


[1] Global Coalition Urges Rejection of PICS


In the latest show of opposition to Internet ratings and filtering,
members of the Global Internet Liberty Campaign (GILC) have asked theWorld Wide Web Consortium (W3C) to reject a pending proposal for theimplementation of PICS (Platform for Internet Content Selection). Theproposed "PICSRules 1.1" guidelines would enable the rating of Web sitecontent by either the page publisher or a third-party ratings group.
Such ratings are recognized by PICS-compliant browsers (for example,
Microsoft's Internet Explorer) or filtering software.

In their December 14 submission, the GILC members (including EPIC) saidthat the pending guidelines, proposed by the W3C in November, would"prevent individuals from using the Internet to exchange information ontopics that may be controversial or unpopular" and could be easilyexploited as a censorship tool by repressive governments. "PICSRules1.1 go far beyond the original objective of PICS to empower Internetusers to control what they and those under their care access."

According to the W3C, the pending PICS proposal "defines a language forwriting profiles, which are filtering rules that allow or block accessto URLs based on PICS labels that describe those URLs." The guidelinesare under consideration by the W3C's PICS Profiles Language WorkingGroup, which will announce the disposition of the proposal on December28.

The GILC members, representing users in the United States, Europe andAustralia, oppose the adoption of PICSRules 1.1 "on the grounds that itwill provide a tool for widespread global censorship." The groupsnoted that such a result would "conflict with the W3C's mission to'realize the full potential of the Web as an efficient human-to-humancommunications medium.'"

The text of the GILC submission is available at:

http://www.gilc.org/speech/ratings/gilc-pics-submission.html



[2] Survey Shows Internet Users Want Privacy Laws


A new survey of 10,000 Internet users finds that there is strongsupport for new laws to protect privacy. The survey, conducted by theGraphic, Visualization, & Usability Center's lab at the GeorgiaInstitute of Technology, found that many Internet users want new lawsto protect privacy on the net. According to the GVU poll, mostrespondents agree strongly (39%) or somewhat (33%) that there should benew laws to protect privacy on the Internet while only 7% disagreedstrongly
Privacy has also switched places with free expression and is now thenumber one concern of Internet users. According to the eighth annualGVU poll, 30% of users identify privacy as the most important issue,
followed by censorship at 24%.

Internet users also expressed strong opposition to content providersselling personal information about the people who access their pages.
Some 63% disagreed strongly with the practice and another 19% disagreedsomewhat. At the same time, 64% of respondents agree strongly thatthey ought to have complete control over their demographic information.
The main condition that users place on giving up information is that astatement be provided about how the information is going to be used(70%). That is followed by being informed about what is collected(52%) and that the data be used in aggregate form only (46%). Only 9%
report that they wouldn't not give demographic data under anycircumstances. Seventy-five percent disagreed with the statement thatthird party advertising agencies should be able to compile usagebehavior across different web sites for direct marketing purposes. Themain reason that respondents do not register with web sites is thatthey do not provide a clear statement on how the information is goingto be used (66%). This is followed closely by the belief that it isnot worth divulging personal data to access the site (63%) and nottrusting the entity collecting the data (58%).

Anonymity also was important to many respondents. Just over half agreethat they prefer anonymous payment systems (51%), while a quarter areneutral. Most respondents agree (56%) that they should be able to takeon different roles or aliases on the Internet and 27% agree strongly.

There continues to be strong support for the privacy of email. Some89% of respondents agree that they should be able to communicate overthe Internet without others reading the content of email and 75%
strongly agree.

The GVU poll is consistent with a recent poll from Family PC magazine.
That survey noted that when parents are asked what they found mosttroubling about the Internet for themselves, they cited abuse ofpersonal information as their chief concern.

Links to the GVU survey and previous polls and surveys are availableat:

http://www.epic.org/privacy/survey/

The Family PC poll is available at:

http://www.zdnet.com/familypc/content/kidsafety/results.html



[3] EPIC/ACLU File Comments on CALEA


EPIC recently joined with the ACLU in submitting comments to the FCC onthe Communications Assistance for Law Enforcement Act (CALEA). Thecomments ask the Commission to delay the implementation of CALEA untilOctober 24, 2000. The comments were also joined by the ElectronicFrontier Foundation.

The comments point out numerous problems with the ongoing CALEAimplementation process:

1. To date, the FBI has not met its public capacity notice requirementsunder the Act, which require law enforcement to quantify the actual andmaximum technical needs for capacity, including projections with thenumber of anticipated interceptions.

2. Law enforcement is not permitted to dictate system design underCALEA, but has placed a choke hold on the process by repeatedlypreventing the adoption of industry standards and creating a "wishlist" of technically infeasible and costly requirements. In addition,
it has become abundantly clear that the FBI is seeking unprecedentedsurveillance capabilities never envisioned by the Congress. The FBIhas consistently requested that industry provide numerous capabilitiesfor surveillance that go far beyond the current court-authorizedelectronic surveillance.

3. Congressional limitations on information subject to interceptionhave been disregarded. CALEA requires the strengthening of privacyprotections so that carriers do not intercept or disclose anyinformation absent specific authorization. The additional surveillancefeatures sought by the FBI contravene the Congress' intention tomaintain current levels of surveillance and not expand them.

A total of 31 comments were filed with the FCC. Meanwhile, the FBIcontinues to pressure industry standards committees to adopt itsenhanced wiretap standards by having small local law enforcementagencies submit identical FBI-written ballots (a process described asballot stuffing in Congressional testimony in October). In a standardsvote organized by the Telecommunications Industry Association inOctober, the FBI and its law enforcement allies submitted 193 ballotsopposing the industry standards.

A copy of the ACLU/EPIC/EFF submission and more information onwiretapping and CALEA are available at:

http://www.epic.org/privacy/wiretap/




[4] FTC Warns Sites on Collecting Children's Information


The Federal Trade Commission staff announced last week the results of"Kids Privacy Surf Day," which was designed as a "snapshot" ofchildren's Web sites' privacy practices.

FTC staff found that approximately 86 percent of the sites surveyedwere collecting personally identifiable information from children --
most without seeking parental permission or allowing parents to controlthe collection and use of the information. FTC staff surveyed 126 Websites listed by "Yahooligans!," a popular directory of child-orientedsites.

According to the FTC, the survey was a quick snapshot of whatchild-oriented Web sites are doing to inform parents about theirinformation gathering practices. Approximately 86 percent of the sitessurveyed were collecting personally identifiable information fromchildren -- names, e-mail addresses, postal addresses and telephonenumbers. Fewer than 30 percent of those sites collecting this personaldata posted either a privacy policy or a confidentiality statement ontheir Web site. Four percent of those sites collecting personallyidentifiable information required parental authorization for thecollection of the information.

"Protecting children's privacy online is a high priority," said JodieBernstein, Director of the FTC's Bureau of Consumer ProtectionBernstein. "Any company that engages in deceptive or unfair practicesinvolving children violates the FTC Act. The FTC can bring legalaction to halt such violations and seek an order imposing restrictionson future practices to ensure compliance with the FTC Act.

The FTC staff last July issued an opinion letter to the Center forMedia Education, describing certain information collection practiceswhich could be found to be deceptive or unfair.

FTC staff will send the Web sites surveyed in the Mini-Surf e-mailmessages notifying them about the FTC staff opinion letter and theprinciples it contains. The messages note that according to FTC staff,
(1) it is a deceptive practice expressly or impliedly to misrepresentthe purpose for which personally identifiable information is beingcollected from children, and (2) it is likely to be an unfair practiceto collect personally identifiable information from children and sellor otherwise disclose that information to third parties withoutproviding parents with adequate notice and an opportunity to controlthe collection and use of the information. The e-mail also states thatFTC staff has not determined that the online information collectionpractices of the site have violated federal law.

The FTC Announcement is available at:

http://www.ftc.gov/opa/9712/kids.htm
The opinion letter in CME v. KidsCom is available at:

http://www.ftc.gov/os/9707/cenmed~1.htm



[5] FTC Punts on Lookup Services


The Federal Trade Commission, which had been asked by Congress toinvestigate "possible violations of consumer privacy rights bycompanies that operate computer data bases," has decided instead toendorse industry guidelines that lack enforcement and provide no legalrights for aggrieved parties.

The FTC recommendations come more than year after a public protest ledLexis/Nexis to remove Social Secuity Numbers from an on-line lookupservice called P-TRAK.

Members of the Senate Commerce Committee wrote to the FTC in October1996 and asked the Commission to "investigate the compilation, sale,
and usage of electronically transmitted data bases that includeidentifiable personal information of private citizens without theirknowledge." The Commerce Committee specifically asked the FTC toinvestigate:

(1). Is the non-consensual compilation, sale, and usage of data-base aviolation of private citizens civil rights?

(2). Are the data-bases subject to unlawful usage? Do they create anundue potential for fraud on consumers?

(3). Are the compilation, sale and usage of consumers' personal dataconsistent with the Fair Credit Reporting Act and federal telemarketingregulations?

(4). Are there ways consumers can prevent data- based service companiesfrom including their personal background information in commercial databases absent their content?

Questions remain about how the guidelines will be enforced and the mewburden on consumers to control the misuse of personal information.

The letter to FTC from Senate Commerce Committee is available at:

http://www.epic.org/privacy/databases/ftc_databases.html
The FTC Announcement is available at:

http://www.ftc.gov/opa/9712/inrefser.htm



[6] Champion of Open Government Dies


We note with sadness the passing of former Rep. John E. Moss ofCalifornia -- "the father of the Freedom of Information Act" -- whodied in San Francisco on December 5 at the age of 82. During his26-year tenure in Congress, Rep. Moss was a tireless champion ofgovernment accountability, consumer rights and the First Amendment. Heplayed a leading role in enacting not only the FOIA, but also thePrivacy Act of 1974, and was instrumental in establishing the ConsumerProduct Safety Commission in 1972 and the reform of the Federal TradeCommission.

Rep. Moss struggled to create the FOIA for more than a decade before itbecame law in 1966. Amendments adopted in 1974 in the wake ofWatergate strengthened it and broadened its effect. Rep. Moss believedthat citizens have a right to the information maintained by theirgovernment and that enforcing that right is essential to a democracy.
That concept was strongly opposed by the federal bureaucracy,
successive Presidents and the leadership of both parties in Congress.
Rep. Moss nonetheless persisted in advocating a strong open governmentlaw.

More information on FOIA and open government is available at:

http://www.epic.org/open_gov/




[7] Last Minute Holiday Gifts at the EPIC Bookstore


It's not too late to visit the EPIC Bookstore for last minute holidayshopping. The EPIC Bookstore offers one of the most comprehensivecollection of books on civil liberties, privacy, and on-line freedomavailable anywhere on the Internet today. Gift wrapping and expressshipping available.

Among our featured titles:

*May It Please the Court: The First Amendment* by Peter Irons (editor).
This collection focuses on sixteen key First Amendment casesillustrating the most controversial debates over issues of free speech,
freedom of the press, and the right to assemble. Includes actual oralarguments made before the Supreme Court by well-known attorneys, alongwith transcripts placing speakers and cases in context. hardcover book;
four 90-minute cassettes.

*The Electronic Privacy Papers* by Bruce Schneier (Editor), DavidBanisar (Editor). Forward by Hon. John Anderson. The definitivecollection of materials on the issues, players, and history of thebattle for electronic privacy in the information age. Contain more than700 pages of previously classified government documents, Congressionaltestimony, reports, and news items.

*The Privacy Rights Handbook: How to Take Control of Your PersonalInformation* by Beth Givens. A consumer's guide to protecting privacy.
Filled with advice and information about how you can protect yourpersonal information. Covers medical records, bank records, creditreports, and more.

*Digital Cash* by Peter Wayner. The second edition of the highlyacclaimed Digital Cash is an updated and comprehensive guide toexchanging money over the Net.

The EPIC Bookstore is located online at:

http://www.epic.org/bookstore/




[8] Upcoming Conferences and Events


Education in Computer Security Workshop, January 19-21, 1998. PacificGrove, California. Sponsored by Naval Postgraduate School Center forINFOSEC. Contact:
http://www.cs.nps.navy.mil/research/cisr/events/wecs98_announce.html
RSA'98 -- The 1998 RSA Data Security Conference. January 12-16, 1998.
San Francisco, CA. Contact kurtrsa.com or http://www.rsa.com/conf98/

Financial Cryptography '98. February 23-26, 1998. Anguilla, BWI.
http://www.cwi.nl/conferences/FC98
7th USENIX Security Symposium. January 26-29, 1998. San Antonio, TXSponsored by USENIX & CERT. http://www.usenix.org/sec/sec98.html
The Eighth Conference on Computers, Freedom & Privacy. February, 18-20,
1998. Austin, TX. Contact: mlemleymail.law.utexas.edu.
http://www.cfp.org/

ETHICOMP98 March 25-27,1998. Erasmus University The Netherlands.
Sponsored by the Centre for Computing and Social Reponsibility Contact:
http://www.ccsr.cms.dmu.ac.uk/conf/ccsrorgconf.html
ACM Policy98. May 10-12, 1998. Washington, DC. Sponsored by ACM andUSACM. http://www.acm.org/usacm/events/policy98/

(Send calendar submissions to alertepic.org)


Subscription Information


The EPIC Alert is a free biweekly publication of the Electronic PrivacyInformation Center. To subscribe or unsubscribe, send email toepic-newsepic.org with the subject: "subscribe" (no quotes) or"unsubscribe". A Web-based form is available at:

http://www.epic.org/alert/subscribe.html
Back issues are available at:

http://www.epic.org/alert/


About EPIC


The Electronic Privacy Information Center is a public interest researchcenter in Washington, DC. It was established in 1994 to focus publicattention on emerging privacy issues such as the Clipper Chip, theDigital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale of personal information. EPIC is sponsoredby the Fund for Constitutional Government, a non-profit organizationestablished in 1974 to protect civil liberties and constitutionalrights. EPIC publishes the EPIC Alert, pursues Freedom of InformationAct litigation, and conducts policy research. For more information,
e-mail infoepic.org, http://www.epic.org or write EPIC, 666Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. +1 202 544 9240(tel), +1 202 547 5482 (fax).

If you'd like to support the work of the Electronic Privacy InformationCenter, contributions are welcome and fully tax-deductible. Checksshould be made out to "The Fund for Constitutional Government" and sentto EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington DC 20003.
Individuals with First Virtual accounts can donate athttp://www.epic.org/epic/support.html
Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for the rightof privacy and efforts to oppose government regulation of encryptionand funding of the National Wiretap Plan.

Thank you for your support.

END EPIC Alert 4.17











WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback
URL: http://www.worldlii.org/int/journals/EPICAlert/1997/17.html