You are here:
WorldLII >>
Databases >>
EPIC Alert >>
1997 >>
[1997] EPICAlert 8
Database Search
| Name Search
| Recent Articles
| Noteup
| LawCite
| Help
EPIC Alert 4.08 [1997] EPICAlert 8
EPIC ALERT
Volume 4.08 June 5, 1997
Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.
http://www.epic.org/
Table of Contents
[1] FTC Privacy Hearings Set to Begin
[2] FBI Director Seeks Enhanced Surveillance Capabilities
[3] Cryptographers Call Key-Escrow Unworkable
[4] Anti-Spam Legislation Introduced
[5] Clinton Endorses Privacy Rights
[6] Annual U.S. Wiretap Report Released
[7] 1997 EPIC Cryptography Sourcebook Now Available
[8] Upcoming Conferences and Events
[1] FTC Privacy Hearings Set to Begin
The Federal Trade Commission will hold a week-long public workshop onconsumer privacy issues, beginning June 10. Topics will includeconsumer
privacy on-line, children's privacy, unsolicited email (spam),
and computer databases. Several surveys, reports, and proposals areexpected to be released. The hearing follows a similar hearing
lastyear when the FTC first began exploration of consumer privacy issues.
The Electronic Privacy Information Center will be participating inseveral of the FTC panels. EPIC submitted comments to the FTC in
whichit argued for an enforceable code of fair information practices and theprotection of anonymity on-line. EPIC said that "the
best approach forInternet privacy would be to develop a Code of Fair InformationPractices that would provide clear guidelines for
users and serviceproviders. This is the approach that the United States hadhistorically taken in areas where there was public recognition
of theneed to protect privacy interests. It is also the approach that manycountries are taking today to protect privacy interests
in the onlineworld."
EPIC will be releasing a report on Internet Privacy at the NationalPress Club on Monday, June 9. More details will be available at
theEPIC web site on Monday.
More information on the FTC Public Workshop on Consumer Privacy isavailable at:
http://www.ftc.gov/bcp/privacy2/index.html
The EPIC FTC Privacy page (including our comments to the Commission) isavailable at:
http://www.epic.org/privacy/internet/ftc/
[2] FBI Director Seeks Enhanced Surveillance Capabilities
Testifying before the Senate Judiciary Committee on June 4, FBIDirector Louis Freeh asserted that Congress must give the Bureau "thecapability
to deal with current and future technology" by enhancing itsability to conduct electronic surveillance. Specifically, Freeh calledfor
full funding of the controversial 1994 digital telephony law;
enactment of a "balanced legislative solution" to the encryption issue;
and new legal authority to conduct "multipoint electronicsurveillance."
On the encryption front, Freeh told the Committee that the nation is ata "historical crossroads" on the issue and repeated his frequent
claimthat "uncrackable encryption will allow drug lords, terrorists and evengangs to communicate with impunity." The FBI Director
toutedkey-recovery techniques, criticized pending encryption legislation andsuggested a need for domestic controls:
Other than some kind of key recovery system, there is no technical solution. Several bills have recently been introduced in
Congress that address certain aspects of the encryption issue. The legislative proposals introduced thus far would largely
remove existing export controls on encryption and promote the widespread availability and use of any type of encryption, regardless
of the impact on public safety and national security, and these proposals do not address the public safety issue associated
with the availability and use of encryption within the United States.
The full text of Director Freeh's testimony is available at:
http://www.epic.org/crypto/legislation/freeh_6_4_97.html
[3] Cryptographers Call Key-Escrow Unworkable
As the White House and the FBI continue to pursue a key-recoveryencryption policy, a new study provides important baseline informationfor
evaluating the implications of such an approach to securitytechnology.
On May 21, several distinguished cryptographers and computer scientistsreleased a new report, "The Risks of Key Recovery, Key Escrow,
andTrusted Third-Party Encryption." The report is the first in-depthexamination of the risks and implications of government-promotedkey-recovery
systems. The report concludes that "the deployment of aglobal key-recovery-based encryption infrastructure to meet lawenforcement's
stated specifications will result in substantialsacrifices in security and greatly increased costs to the end-user."
The authors note that "building a secure infrastructure of thebreathtaking scale and complexity demanded by these requirements is
farbeyond the experience and current competency of the field."
The report's authors, recognized leaders in the cryptography andcomputer science field, include Hal Abelson, Ross Anderson, Steven
M.
Bellovin, Josh Benaloh, Matt Blaze, Whitfield Diffie, John Gilmore,
Peter G. Neumann, Ronald L. Rivest, Jeffrey I. Schiller and BruceSchneier.
The text of the report is available at:
http://www.crypto.com/key_study/report.shtml
[4] Anti-Spam Legislation Introduced
Two bills designed to regulate unsolicited commercial e-mail wererecently introduced in Congress. On May 23, Rep. Chris Smith (R-NJ)
introduced H.R. 1748, the Netizen Protection Act of 1997, while Sen.
Frank Murkowski (R-AK) introduced S. 771, the Unsolicited CommercialElectronic Mail Choice Act of 1997 on May 21.
Both bills attempt to control "spam," or junk e-mail, through theimposition of civil liability or civil penalties. However, the twomeasures
are fundamentally different in the way they attempt to controlunsolicited commercial e-mail. Smith's bill takes an "opt-in"
approach. This means that unsolicited commercial e-mail would beprohibited unless a potential recipient gives his or her consent toreceive
the communication. It also includes a provision permitting thetransmission of commercial e-mail where there is a pre-existingbusiness
or personal relationship between the sender and the recipient.
Murkowski's bill contains an "opt-out" provision. This means thatunsolicited commercial e-mail could be sent unless a potentialrecipient
affirmatively indicates that they do not want to receive thecommunication. Such a preference could be sent to the party sending theunsolicited
commercial e-mail or to the potential recipient's Internetservice provider. The bill would also require that a sender ofunsolicited
commercial e-mail include the term "advertisement" in thesubject line as well as contact information and correct routinginformation
so recipients can identify and contact the sender.
If either of these bills become law, they could face Constitutionalchallenges on the ground that they interfere with the sender's
FirstAmendment right to free speech. Senator Robert Torricelli (D-NJ) isalso planning to introduce a bill to regulate unsolicited
commerciale-mail, but the details are not yet available.
The text of the Smith bill is available at:
http://thomas.loc.gov/cgi-bin/query/z?c105:H.R.1748:
The text of the Murkowski bill is available at:
http://thomas.loc.gov/cgi-bin/query/z?c105:S.771:
[5] Clinton Endorses Privacy Rights
In a commencement address at Morgan State University on May 18,
President Clinton called privacy "one of our most cherished freedoms"
and said that technology should not "break down the wall of privacy andautonomy free citizens are guaranteed in a free society."
The speechcontained the most detailed references to personal privacy thePresident has yet made:
Today, when marketers can follow every aspect of our lives, from the first phone call we make in the morning to the time
our security system says we have left the house,
to the video camera at the toll booth and the charge slip we have for lunch, we cannot afford to forget this most basic lesson.
As the Internet reaches to touch every business and every household and we face the frightening prospect that private
information -- even medical records -- could be made instantly available to the world, we must develop new protections for
privacy in the face of new technological reality.
The President also called for legislation to prohibit insurancecompanies from using genetic screening information to determine thepremium
rates or eligibility of Americans for health insurance.
The full text of the Presidential address is available at:
http://www.epic.org/privacy/laws/clinton_speech_5_18_97.html
[6] Annual U.S. Wiretap Report Released
The use of electronic surveillance for criminal and national securityinvestigations increased substantially in 1996, according to
statisticsrecently released by the Administrative Office of the U.S. Courts andthe Department of Justice.
Court orders for national security wiretaps and bugs approved under theForeign Intelligence Surveillance Act (FISA) increased at the
greatestrate, rising over 20 percent, from 697 orders in 1995 to 839 orders in1996. Such orders are approved by the Foreign IntelligenceSurveillance
Court, a secretive panel of nine judges appointed by theChief Justice of the United States. No FISA applications were deniedin 1996
-- indeed, the FISA court has never denied a request for asurveillance order in its 20-year existence.
Court orders for electronic surveillance by state and federal agenciesfor criminal purposes also increased, from 1058 in 1995 to 1150
in 1996(a nine percent increase). However, for the first time in eight years,
a court denied a surveillance application. Extensions of surveillanceorders increased from 834 to 887. In all, interceptions were
in effectfor a total of 43,635 days in 1996.
The vast majority of interceptions continued to occur in drug-relatedcases: 71.4 percent (821 total) for drug investigations; 9.9
percent(114) for gambling; 9.1 percent (105) for racketeering; 3.5 percent(41) for homicide and assault and a few each for bribery,
kidnapping,
larceny and theft, and loan sharking. No orders were issued for"arson, explosives, and weapons" investigations.
Electronic surveillance continued to be relatively inefficient.
Overall, 2.2 million conversations were captured in 1996. A total of1.7 million intercepted conversations were deemed not "incriminating"
by prosecutors. Each interception resulted in the capture of anaverage of 1,969 conversations. Prosecutors reported that on average,
422 (21.4 percent) of the conversations were "incriminating." Federalintercepts were particularly efficient, with only 15.6 percent
of theintercepted conversations reported as "incriminating."
More information on wiretapping is available at:
http://www.epic.org/privacy/wiretap/
[7] 1997 EPIC Cryptography Sourcebook Now Available
The 1997 edition of EPIC's "Cryptography and Privacy Sourcebook" is nowavailable. The 300-page volume contains an extensive collection
of keydocuments central to the controversies over privacy and security in theInformation Age. Included are reports, briefing papers,
pending billsand materials obtained under the Freedom of Information Act detailingthe development of U.S. government policy on encryption. As theNational Research Council has noted, "important source documents
can befound ... in the cryptography policy source books published annually bythe Electronic Privacy Information Center."
To order: send payment of $25 (check or cash) to Sourcebook, EPIC, 666Pennsylvania Ave., S.E., Washington, DC 20003. Please allow
threeweeks for delivery within the U.S.
[8] Upcoming Conferences and Events
Ethics in the Computer Society: The Second Annual Ethics and TechnologyConference. June 6-7, 1997. Chicago, Ill. Sponsored by LoyolaUniversity
Chicago. http://www.math.luc.edu/ethics97
Public Workshop on Consumer Privacy. June 10-13, 1997. Washington, DC.
Sponsored by the Federal Trade Commission. Contact:
http://www.ftc.gov/os/9703/privacy.htm
Cyberpayments 97. June 19-20, 1997. Washington, DC. Sponsored by NACHA.
Contact: http://www.nacha.org
INET 97 -- The Internet: The Global Frontiers. June 24-27, 1997. KualaLumpur, Malaysia. Sponsored by the Internet Society. Contact:
inet97isoc.org or http://www.isoc.org/inet97
Informational Meeting of the Global Internet Liberty Campaign (GILC).
June 25, 1997. INET 97, Putra World Trade Center, Kuala Lumpur,
Malaysia. Contact: rotenbergepic.org.
Privacy Laws & Business 10th Anniversary Conference. July 1-3, 1997.
St. John's College, Cambridge, England. Contact:
infoprivacylaws.co.uk.
4th Annual Privacy Issues Forum., July 10-11, 1997. Auckland, NewZealand. Sponsored by NZ Privacy Commissioner. Contact: Terry Debenham,
Fax +649-302 2305 or email privacyiprolink.co.nz.
Communities, Culture, Communication, and Computers (C**5): On the Roleof Professionals in the Information Age. August 20-22, 1997.
Paderborn, Germany. Sponsored by FIFF. Contact: c5uni-paderborn.de
AST3: Cryptography and Internet Privacy. Sept. 15, 1997. Brussels,
Belgium. Sponsored by Privacy International. Contact: piprivacy.org.
http://www.privacy.org/pi/conference/brussels/
19th Annual International Privacy and Data Protection Conference. Sept.
17-18, 1997. Brussels, Belgium. Sponsored by Belgium Data Protectionand Privacy Commission.
International Conference on Privacy. September 23-26, 1997. Montreal,
Canada. Sponsored by the Commission d'Acces a l'information du Quebec.
http://www.confpriv.qc.ca/
Managing the Privacy Revolution '97. October 21-23, 1997. Washington,
DC. Sponsored by Privacy and American Business. Contact:
http://shell.idt.net/~pab/conf97.html
(Send calendar submissions to alertepic.org)
The EPIC Alert is a free biweekly publication of the Electronic PrivacyInformation Center. To subscribe, send email to epic-newsepic.orgwith
the subject: "subscribe" (no quotes) or use the subscription format:
http://www.epic.org/alert/subscribe.html
Back issues are available at:
http://www.epic.org/alert/
The Electronic Privacy Information Center is a public interest researchcenter in Washington, DC. It was established in 1994 to focus
publicattention on emerging privacy issues such as the Clipper Chip, theDigital Telephony proposal, national ID cards, medical record
privacy,
and the collection and sale of personal information. EPIC is sponsoredby the Fund for Constitutional Government, a non-profit organizationestablished
in 1974 to protect civil liberties and constitutionalrights. EPIC publishes the EPIC Alert, pursues Freedom of InformationAct litigation,
and conducts policy research. For more information,
e-mail infoepic.org, http://www.epic.org or write EPIC, 666Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. +1 202 544 9240(tel),
+1 202 547 5482 (fax).
If you'd like to support the work of the Electronic Privacy InformationCenter, contributions are welcome and fully tax-deductible.
Checksshould be made out to "The Fund for Constitutional Government" and sentto EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington
DC 20003.
Individuals with First Virtual accounts can donate athttp://www.epic.org/epic/support.html
Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for the rightof privacy and efforts to oppose government regulation
of encryptionand funding of the National Wiretap Plan.
Thank you for your support.
END EPIC Alert 4.08
WorldLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.worldlii.org/int/journals/EPICAlert/1997/8.html
