WorldLII Home | Databases | WorldLII | Search | Feedback

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 1997 >> [1997] EPICAlert 6

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

EPIC Alert 4.06 [1997] EPICAlert 6


Volume 4.06 April 17, 1997

Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.

Table of Contents

[1] Germany Indicts CompuServe Official
[2] House & Senate Approve IRS Browsing Bills
[3] Supreme Court Strikes Down Drug Testing Law
[4] SSN Bills Introduced in House and Senate
[5] Commission Recommends Genetic Privacy Law
[6] SSA Drops Web Page
[7] EPIC Submits Comments to FTC on Consumer Privacy
[8] Upcoming Conferences and Events

[1] Germany Indicts CompuServe Official

Prosecutors in Bavaria, Germany announced on April 16 that they hadindicted Felix Somm, the Managing Director of CompuServe operations inGermany and Central Europe, on February 26 for allegedly distributingillegal pornography and other materials.

Somm is charged with being an accessory to the dissemination ofpornography because CompuServe provided access to Internet newsgroupsthat contained sexually explicit materials in 1995 and 1996. He isalso being charged for CompuServe's distribution of computer gamesthat are excessively violent and a game which contained swastikas andimages of Adolf Hitler, which are banned in Germany.

This appears to be the first case in which an Internet serviceprovider has been indicted for merely providing access to materialsavailable on the Internet. The Bavarian prosecutors assert thatCompuServe could have configured its system to block individualnewsgroups.

In December 1995, CompuServe blocked worldwide access to 200newsgroups after Bavarian authorities claimed that they containedchild pornography. The online service later reinstated access to allbut a few of the groups and offered a commercial filtering program formembers to use.

More information on global censorship issues is available at:

and the Global Internet Liberty Campaign at:


[2] House & Senate Approve IRS Browsing Bills

The House and the Senate approved bills on April 15 that createcriminal penalties for Internal Revenue Service employees who accessthe records of individual taxpayers without authorization. The billscriminalize "unauthorized willful inspection of tax returns and returninformation." They also provide for civil damages and require thattaxpayers be notified if their records have been improperly accessed.

In a report issued on April 8, the General Accounting Office foundthat the "IRS does not effectively monitor employee activity,
accurately record browsing violations, consistently punish offenders,
or widely publicize reports of incidents detected and penaltiesimposed." The IRS told a Senate committee that it had investigatedover 4500 incidents of browsing since 1993. As a result, 285employees had left the agency through firings, resignations andretirements.

Under current law, unauthorized use or disclosure of IRS records is afelony, but the U.S. Court of Appeals for the First Circuit recentlyruled that "[u]nauthorized browsing of taxpayer files, althoughcertainly inappropriate conduct, cannot, without more, sustain thisfederal felony conviction."

The new measure now goes to President Clinton for signature. At ahearing on April 15, IRS and Treasury Department officials expressedtheir support for the legislation and said that they would recommendthat the President sign the measure.

More information is available at:

[3] Supreme Court Strikes Down Drug Testing Law

The Supreme Court on April 15 struck down a Georgia statute thatrequired candidates for public office to take drug tests. It is thefirst time that the Supreme Court has found that drug testing lawviolated the Fourth Amendment's prohibition on unreasonable search andseizures.

While noting that several recent cases allowed drug tests based on"special needs," such as for railway employees, customs officials, andhigh school athletes, the Court found that there is no precedentsuggesting that a State's authority to establish qualifications forstate office "diminishes the constraints on state action imposed bythe Fourth Amendment."

The Supreme Court said further that Georgia had failed to show aspecial need that was important enough to override the individual'sprivacy interest. The Court emphasized that the Fourth Amendmentnormally requires individualized suspicion before a search may beconducted. The Court concluded that the Fourth Amendment shieldssociety from state action that "diminishes personal privacy for asymbol's sake."

The decision in Chandler v. Miller may have an impact on at least oneproposal now under consideration at the White House. The Clintonadministration, which submitted a brief to the Supreme Court insupport of the Georgia drug testing program, was prepared to introducea new drug testing program that would have required teenagers tosubmit to a drug test before they could receive a driver's license.
The Court's decision in the Georgia case now calls into question theconstitutionality of such a requirement.

The text of the decision is available at:


[4] SSN Bills Introduced in House and Senate

Rep. Bob Franks (R-NJ) has introduced HR 1287, the Social SecurityOn-line Privacy Protection Act of 1997. The bill prohibits"interactive computer services," such as Lexis-Nexis, from disclosingSSNs or using the SSN as an identifier to disclose personalinformation without an individual's prior informed consent. The billwould give the FTC the authority to investigate companies to determinewhether they are engaged in any practice prohibited by the act andthen to issue cease and desist orders were violations are found. Civilpenalties may also be granted. The bill has been referred to theCommittee on Commerce.

Senator Feinstein (D-CA) and Senator Grassley (R-IA) have introducedS. 600, The Personal Information Privacy Act of 1997. A bill toprotect the privacy of the individual with respect to the socialsecurity number, motor vehicle records and credit reports. The billhas been referred to the Committee on Finance.

Both bills and accompanying materials are available at:

[5] Gov't Committee Recommends Genetic Privacy Protections

The Committee on Genetic Information in the Workplace of the NationalAction Plan on Breast Cancer (NAPBC) has recommended limitations onthe collection and use of genetic data by employers.

The recommendations advocate strong state and national legislationthat would bar employers from using genetic information todiscriminate against potential or current employees unless theemployer can "prove that this information is job-related andconsistent with business necessity." Written and informed consentshould be required for any request or disclosure.

Moreover, the NAPBC recommends that employers should not have accessto genetic information contained in disclosed medical records. Ifthey are allowed access to the information by the employee, then theyshould also be required to obtain prior written consent from theemployee before releasing the genetic data to any other party.

Finally, employers who violate these principles should be subject to"strong enforcement mechanisms, including a private right of action."

The committee is coordinated by the National Institutes of Health -
Department of Energy Working Group on Ethical, Legal, and SocialImplications of Human Genome Research (ELSI). The report waspublished in the March 21 issue of Science magazine.

There are also a number of proposals pending in Congress that wouldban the use of genetic information. Some states have already enactedlegislation covering the use of genetic information, incorporatingvarious combinations of these privacy principles. No state, however,
has incorporated all of the provisions, which are essential toprotecting individual privacy and protecting against workplacediscrimination. More information on medical privacy issues isavailable at:

[6] SSA Drops Web Page

The Social Security Administration has temporarily suspended onlineaccess to part of its earnings records system. The system allowedindividuals to obtain their Personal Earnings and Benefit EstimateStatement (PEBES) directly over the Internet. The system came underfire from critics who said that the database lacked adequatesafeguards to prevent illegal access by third parties.

Several members of Congress asked the SSA to turn-off the feature thatallowed direct access to PEBES records so that the security concernscould be sorted out. Congressman Paul Kanjorski (R-PA) announcedlegislation to prohibit the Social Security Administration and theInternal Revenue Service from providing online access to anyindividual's tax records, earnings history, or other Social Securityinformation without a specific written request from the individual.
The bill would also create a Commission on Privacy of GovernmentRecords, with the mandate to make recommendations on privacy issues tothe President and the Congress by April 15, 1998.

Privacy groups, including EPIC, called for the creation of anindependent privacy office in the federal government to promoteprivacy and to monitor agency compliance with applicable laws andregulations.

The SSA said it will spend the next 60 days soliciting comments fromexperts and interested persons. Individuals can still request theirPEBES data online, but the report will be sent by postal mail.

More information on the SSA PEBES project is available at:

[7] EPIC Submits Comments to FTC on Consumer Privacy

The Electronic Privacy Information Center has submitted comments tothe Federal Trade Commission for the upcoming Public Workshop onConsumer Privacy to be held June 10-13 in Washington, DC. The Publicworkshop will explore look-up services such as P-TRAK, on-lineprivacy, and the collection and sale of information about children.

EPIC wrote to the FTC in December, 1995 and urged the Commission to"begin a serious and substantive inquiry into the development ofappropriate privacy safeguards for consumers in the information age."
While commending the FTC for arranging the public workshop on privacy,
EPIC said that current polices will not protect important privacyinterests because industry self-regulation has failed to work and alsobecause users have too little control over how their personalinformation is collected and used.

EPIC recommended the development of enforceable Codes of FairInformation Practice that would make clear the responsibilities oforganizations that collect personal information and the rights ofindividuals whose information is collected. EPIC also recommended thepromotion of "Privacy Enhancing Technologies," such as anonymouspayment schemes, that would limit or eliminate the collection ofpersonal information. EPIC does not endorse techniques that wouldrequire individuals to disclose "privacy preferences" and said thatsuch methods would undermine privacy safeguards and lead todiscrimination against users of on-line services.

EPIC Comments to FTC:

[8] Upcoming Conferences and Events

Culture and Democracy revisited in the Global Information Society. May8 - 10, 1997. Corfu, Greece. Sponsored by IFIP-WG9.2/9.5. Contact:
Can Trusted Third Parties Be Trusted?: A Public Debate on The UK DTICrypto Proposal. May 19, 1997. London, UK. Sponsored by PrivacyInternational and the London School of Economics. Contact:
CYBER://CON.97: Rules for Cyberspace?:Governance, Standards andControl. June 4 - 7, 1997. Chicago, Illinois. Sponsored by the JohnMarshall Law School. Contact:

Ethics in the Computer Society: The Second Annual Ethics andTechnology Conference. June 6 - 7, 1997. Chicago, Ill. Sponsored byLoyola University Chicago.
Public Workshop on Consumer Privacy. June 10-13, 1997. Washington, DC.
Sponsored by the Federal Trade Commission. Contact:
Cyberpayments 97. June 19-20, 1997. Washington, DC. Sponsored byNACHA. Contact:
INET 97 -- The Internet: The Global Frontiers. June 24-27, 1997. KualaLumpur, Malaysia. Sponsored by the Internet Society. Contact: or
Privacy Laws & Business 10th Anniversary Conference. July 1-3, 1997.
St. John's College, Cambridge, England. Contact:

Communities, Culture, Communication, and Computers (C**5): On the Roleof Professionals in the Information Age. August 20-22, 1997,
Paderborn, Germany. Sponsored by FIFF. Contact:
AST3: Cryptography and Internet Privacy. Sept. 15, 1997. Brussels,
Belgium. Sponsored by Privacy International. Contact:

19th Annual International Privacy and Data Protection Conference.
Sept. 17-18, 1997. Brussels, Belgium. Sponsored by Belgium DataProtection and Privacy Commission.

International Conference on Privacy. September 23-26, 1997. Montreal,
Canada. Sponsored by the Commission d'Acces a l'information du Quebec.

Managing the Privacy Revolution '97. October 21-23, 1997. Washington,
DC. Sponsored by Privacy and American Business. Contact:
(Send calendar submissions to

The EPIC Alert is a free biweekly publication of the ElectronicPrivacy Information Center. To subscribe, send email with the subject: "subscribe" (no quotes) or usethe subscription form at:

Back issues are available at:

The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 tofocus public attention on emerging privacy issues such as the ClipperChip, the Digital Telephony proposal, national ID cards, medicalrecord privacy, and the collection and sale of personal information.
EPIC is sponsored by the Fund for Constitutional Government, anon-profit organization established in 1974 to protect civil libertiesand constitutional rights. EPIC publishes the EPIC Alert, pursuesFreedom of Information Act litigation, and conducts policy research.
For more information, email, HTTP:// orwrite EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC20003. +1 202 544 9240 (tel), +1 202 547 5482 (fax).

If you'd like to support the work of the Electronic PrivacyInformation Center, contributions are welcome and fullytax-deductible. Checks should be made out to "The Fund forConstitutional Government" and sent to EPIC, 666 Pennsylvania Ave.,
SE, Suite 301, Washington DC 20003. Individuals with First Virtualaccounts can donate at
Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for theright of privacy and efforts to oppose government regulation ofencryption and funding of the National Wiretap Plan.

Thank you for your support.

END EPIC Alert 4.06

WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback