WorldLII Home | Databases | WorldLII | Search | Feedback

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 1998 >> [1998] EPICAlert 5

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

EPIC Alert 5.05 [1998] EPICAlert 5


Volume 5.05 April 23, 1998

Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.

*** 1998 EPIC Cryptography and Privacy Conference ***

Table of Contents

[1] Daley Criticizes Crypto Policy, Doubts Self-Regulation
[2] Court Finds AOL Immune From Libel Suit
[3] Library Internet Filters Held to High Free Speech Test
[4] New Report Finds E-FOIA Efforts Lacking
[5] Court Rules Infrared Scanner Violates Fourth Amendment
[6] IRS Audit Finds Lax Privacy Protections
[7] New Congressional Bills and Upcoming Hearings
[8] Upcoming Conferences and Events

[1] Daley Criticizes Crypto Policy, Doubts Self-Regulation

On April 15, Secretary of Commerce William Daley delivered a majorspeech on "The Emerging Digital Economy." Daley made a number ofcomments about privacy and encryption, and their roles in the emerginginformation economy. He described privacy as a "make or break issue"
for electronic commerce and said that the White House was pursuing apolicy of self-regulation, but that "industry has been slow to putprotections in place." Daley asked industry to "move quickly toestablish an overarching, self-regulatory effort that includesconsumer representation."

On the encryption issue, the Secretary was surprisingly candid. Hedescribed the effort to implement the current policy as a "failure,"
and warned that "our own paralysis has made it difficult to persuadeother nations to pursue policies similar to our own." His commentscontrasted sharply with other officials who have claimed that there issupport for the U.S. key escrow/ key recovery initiative. Still,
Daley said that the administration remains committed to finding a"compromise" between the interests of law enforcement and business andprivacy groups.

A group of privacy experts, advocates and scholars wrote to SecretaryDaley in late February about privacy issues. The group urged him tolook more closely at the adequacy of self-regulation as a means toprotect privacy, and recommended that more attention be paid to theimportant role of encryption and related techniques in on-lineprivacy.

The Department of Commerce has scheduled a conference on privacyissues that will take place on May 13-14 in Washington, DC.
Information should soon be available at the Department of Commerceweb site.

Secretary Daley's recent address is available at:
The "Letter Regarding a Proposed White House Conference on Privacy"
is available at:

[2] Court Finds AOL Immune From Libel Suit

A federal judge in Washington has ruled that America Online cannot besued for posting an allegedly defamatory item by gossip columnistMatt Drudge. The ruling came in a lawsuit filed by White Houseofficial Sidney Blumenthal after Drudge reported that Blumenthal had"a spousal abuse past that has been effectively covered up." Thesuit named as defendants both Drudge and AOL, which carried "TheDrudge Report" under a license agreement with the columnist.

In an opinion issued on April 22, U.S. District Judge Paul L.
Friedman held that AOL enjoys broad immunity from suit under asurviving provision of the Communications Decency Act (most of whichwas struck down by the Supreme Court last summer). That provision,
which was intended to encourage online providers to "self-police"
their systems for "offensive" content, states:

No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.

The judge noted that, under the terms of its agreement with Drudge,
AOL retained "certain editorial rights ... including the right torequire changes in content and to remove it." While finding that theCDA provision relieves the online service of any potential liability,
Judge Friedman noted an anomaly in the result:

Because it has the right to exercise editorial control over those with whom it contracts and whose words it disseminates, it would seem only fair to hold AOL to the liability standards applied to a publisher or, at least, like a book store owner or library, to the liability standards applied to a distributor. But Congress has made a different policy choice by providing immunity even where the interactive service provider has an active, even aggressive role in making available content prepared by others.

The suit against Drudge will proceed, and attorneys for Blumenthalhave indicated that they will appeal the dismissal of AOL as adefendant.

[3] Library Internet Filters Held to High Free Speech Test

In the first court ruling on the use of Internet filtering softwarein libraries, a federal judge on April 7 rejected a motion to dismissa lawsuit challenging the use of filters in public libraries inLoudoun County, Virginia.

In a 36-page decision, U.S. District Judge Leonie M. Brinkema heldthat "the Library Board may not adopt and enforce content-basedrestrictions on access to protected Internet speech" unless it meetsthe highest level of constitutional scrutiny. Noting that publiclibraries are places of "freewheeling and independent inquiry," thecourt quoted extensively from Reno v. ACLU, the landmark SupremeCourt decision on Internet free speech, and emphasized that the Court"analogized the Internet to a 'vast library including millions ofreadily available and indexed publications,' the content of which 'isas diverse as human thought.'"

The Loudoun County decision comes as Congress is considering theInternet School Filtering Act, a bill that would require all publiclibraries and schools that receive federal funds for Internet accessto install filtering and blocking software. The bill (S. 1619) hasbeen approved by the Senate Commerce Committee and could reach theSenate floor as early as mid-May. Efforts are underway to revise thebill to provide for Internet education programs and acceptable usepolicies as more effective (and constitutional) alternatives tomandatory filtering.

Information on Internet filtering, including the text of the LoudounCounty decision, is available at the Internet Free ExpressionAlliance website:

[4] New Report Finds E-FOIA Efforts Lacking

A new report released on April 20 finds that a majority of federalagencies have failed to meet the requirements of the ElectronicFreedom of Information Act (EFOIA). EFOIA was enacted in 1996 andwent into effect in October 1997. It was designed to make access toelectronic government records easier.

The study, produced by OMB Watch, found that of the 56 agenciesresponding to a survey, 23 percent "have no EFOIA presence," 73percent have "varying degrees of compliance with the requirements,"
and as of January 31, 1998, "no agency had complied fully with EFOIA."

OMB Watch found that the Office of Management and Budget, which isrequired to provide guidance under the law, has not provided adequateguidance or assistance to agencies during the implementation process.
It also faulted Congress for failing to provide adequate funding toimplement the Act.

The report recommends that OMB provide better guidance and support,
that agencies better organize their online records, and that anenforcement mechanism be created to identify and penalize agenciesthat are not complying with the Act.

More information on EFOIA is available at:

[5] Court Rules Infrared Scanner Violates Fourth Amendment

The U.S. Court of Appeals for the 9th Circuit ruled on April 9 thatthe use of thermal imaging devices to examine homes in criminalinvestigations is a violation of the Fourth Amendment. The courtruled in U.S. v. Kyllo that police must obtain a court order based onprobable cause before a thermal imager can be used.

The court found that the information gleaned from the infrared scanneris "sufficiently intimate to give rise to a Fourth Amendmentviolation." The court noted that
with a basic understanding of the layout of a home, a thermal imager could identify a variety of daily activities conducted in homes across America: use of showers and bathtubs, ovens,
washers and dryers, and any other household appliance that emits heat. Even the routine and trivial activities conducted in our homes are sufficiently "intimate" as to give rise to Fourth Amendment violation if observed by law enforcement without a warrant. We therefore conclude that the use of a thermal imager to observe heat emitted from various objects within the home infringes upon an expectation of privacy that society clearly deems reasonable.

The court rejected prosecution arguments that the scanner was merelyrecording "waste heat" and cited the 10th Circuit Court of Appealsin finding that the interpretation of the heat information yieldsinformation on the activities inside the house:

[o]ur fellow circuits have, we think, misapprehended the most pernicious of the device's capabilities. The machine intrudes upon the privacy of the home not because it records white spots on a dark background but rather because the interpretation of that data allows the government to monitor those domestic activities that generate a significant amount of heat.
Thus, while the imager cannot reproduce images or sounds, it nonetheless strips the sanctuary of the home of one vital dimension of its security: "the right to be let alone" from the arbitrary and discre-
tionary monitoring of our actions by government officials.

The text of the opinion is available at:

[6] IRS Audit Finds Lax Privacy Protections

An IRS audit publicly released in early April found that IRS employeesdisclosed personal tax information over the telephone to undercoverauditors posing as taxpayers who only provided names, addresses andSocial Security Numbers.

According to the report, which was written in September 1997,
"Auditors were able to secure tax and income information over thephone using names, addresses and SSNs obtained from sources availableto the public." IRS workers only asked for a person's name, addressand Social Security Number 32 percent of the time. Agency workersasked for more detailed information 27 percent of the time.

Auditors made 109 phone calls and received information from the IRS onthe taxpayers' income, withholdings, or refunds in 96 cases. Theinformation was provided over the phone, faxed, or sent to addressesother than the address on file with the agency.

The report recommended that more information be required beforesensitive tax information is released. The IRS now says that it willrequire more information before personal records are disclosed.

[7] New Congressional Bills and Upcoming Hearings


H.R. 3601. Identity Theft and Assumption Deterrence Act of 1998.
Criminalizes identify theft. Introduced by Shadegg (R-AZ) on March 30.
Referred to the Committee on the Judiciary, and in addition to theCommittee on Transportation and Infrastructure.

H.R. 3605. Patients' Bill of Rights Act of 1998. Requires insurersto protect records and provide access to patients. Introduced byDingell (D-MI) on March 30. Referred to the Committee on Commerce,
and in addition to the Committees on Ways and Means, and Education andthe Workforce.

S. 1921. Health Care PIN Act. Comprehensive "medical privacy" bill.
Requires patients to give up medical privacy before receiving healthcare. Introduced by Jeffords (R-VT) on April 2. Referred to theCommittee on Labor and Human Resources

[8] Upcoming Conferences and Events

Encryption Intrigue on the International Stage. Washington, DC. April30, 1998. Sponsored by the Cato Institute. Contact:
1998 IEEE Symposium on Security. IEEE Computer Society, Oakland, CA,
May 3-6. Sponsored by IEEE and IACR. Contact:
As Technology Moves Forward, Do Worker Rights Move Backwards? --
Privacy in The Workplace. Chicago, Illinois. May 6 and 13, 1998.
Sponsored by: The Crossroads Center for Faith and Work &The Institutefor Business & Professional Ethics, DePaul University.
ACM Policy98. May 10-12, 1998. Washington, DC. Sponsored by ACM andUSACM.

Department of Commerce Conference on Privacy. March 13-14.
Washington, DC. Contact: Becky Burr <>

The Threats to Democracy Conference. May 15-18. Washington D.C.
Sponsored by People For the American Way. Contact:
1998 EPIC Cryptography and Privacy Conference. June 8, 1998.
Washington, DC. Sponsored by EPIC, Harvard University and LondonSchool of Economics. Contact:

INET'98, July 21-24, 1998, Geneva, Switzerland. Sponsored by InternetSociety. Contact:

Advances in Social Informatics and Information Systems, Baltimore, MD,
Aug. 14-16, 1998. Sponsored by the Association for InformationSystems Contact:
CPSR Annual Conference - Internet Governance. Boston, Mass, Oct.
10-11. Sponsored by CPSR. contact:
1999 RSA Data Security Conference. San Jose, California, January18-21, 1999. Sponsored by RSA. Contact:

(Send calendar submissions to

Subscription Information

The EPIC Alert is a free biweekly publication of the ElectronicPrivacy Information Center. To subscribe or unsubscribe, send emailto with the subject: "subscribe" (no quotes) or"unsubscribe". A Web-based form is available at:
Back issues are available at:

About EPIC

The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 tofocus public attention on emerging privacy issues such as the ClipperChip, the Digital Telephony proposal, national ID cards, medicalrecord privacy, and the collection and sale of personal information.
EPIC is sponsored by the Fund for Constitutional Government, anon-profit organization established in 1974 to protect civil libertiesand constitutional rights. EPIC publishes the EPIC Alert, pursuesFreedom of Information Act litigation, and conducts policy research.
For more information, e-mail, orwrite EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC20003. +1 202 544 9240 (tel), +1 202 547 5482 (fax).

If you'd like to support the work of the Electronic PrivacyInformation Center, contributions are welcome and fullytax-deductible. Checks should be made out to "The Fund forConstitutional Government" and sent to EPIC, 666 Pennsylvania Ave.,
SE, Suite 301, Washington DC 20003. Individuals with First Virtualaccounts can donate at
Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for theright of privacy and efforts to oppose government regulation ofencryption and funding of the National Wiretap Plan.

Thank you for your support.

END EPIC Alert 5.05

WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback