WorldLII Home | Databases | WorldLII | Search | Feedback

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 1999 >> [1999] EPICAlert 4

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

EPIC Alert 6.04 [1999] EPICAlert 4


Volume 6.04 March 4, 1999

Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.

Table of Contents

[1] Intel ID Plan Under Fire: Competitors Critical, Advocates Protest
[2] Reno Proposes National DNA Database
[3] CFP 99 - Early Registration Deadline Approaching
[4] GAO Releases Two Reports on Privacy
[5] Crypto Export Relaxation Bill Introduced
[6] EPIC Bookstore - The End of Privacy
[7] EPIC Bill-Track: New Bills in Congress
[8] Upcoming Conferences and Events

[1] Intel ID Plan Under Fire: Competitors Critical, Advocates Protest

Even in the face of continued public opposition and governmentinvestigations, Intel announced plans to move forward with thecontroversial Processor Serial Number at the Intel Developers Forumlast week. According to ZDNN, Michael Glancy, general manager ofIntel's platform security division, told developers to expect the chipID in all the company's products soon including Internet appliances andportable devices based on Intel's StrongARM processor. Intel is alsoworking with several Australian content providers on developing websites that can only be accessed if the user releases the PSN.

Meanwhile, other chip manufacturers have declined to adopt the PSN.
Wired News reported that Brian Halla, CEO of National Semiconductor wasalso dismissive of the PSN, "We personally think security belongs inyour wallet. It's personal, not a CPU-centric thing. It doesn't makeany sense to have an ID in information appliances." Advanced MicroDesigns (AMD), the major competitor of Intel has also not introduced aPSN.

Privacy groups wrote to the heads of socially responsible mutual fundson February 26 asking that they divest Intel from their portfolios. AmyDomini, president of the Domini Social Equity Fund, issued a preparedstatement: "We take the situation very seriously. Privacy on theInternet is more than simply an issue of personal choice. Withoutprivacy our every political view, personal interest, contact of an oldfriend or checking on the weather becomes trackable for uses ranging>from selling soap to monitoring segments of the populationÉ We havebegun our evaluation, and will include communication with Intel andwill make a decision once it is complete."

Meanwhile, a European Union recommendation, adopted in late Februaryand announced by EU Internal Market Commission Mario Monti indicatesthat EU privacy officials will be looking more closely at Internet-
based identity schemes. The recommendation cites problems with Webbrowsers and programming technologies, as well as 'cookies.'

More information on the PSN controversy is available at:

[2] Reno Proposes National DNA Database

Attorney General Janet Reno has asked a federal commission to study thepossibility of requiring that a DNA sample be collected from everyperson arrested in the United States and permanently kept in a nationaldatabase. Reno asked the National Commission on the Future of DNAEvidence to look into the plausibility of genetic sampling on everyonearrested, including for minor traffic violations, at a meeting of theCommission in Dallas last week.

If the proposal is adopted, the DNA database would be quite large. In1997, over 15 million people were arrested in the US. Currently, thelaw allows only individuals convicted for a few crimes including sexoffenders to have their DNA collected. The FBI Combined Index DNAIndexing System (CODIS) currently contains information on 38,000people. Another 450,000 samples are awaiting processing. Reno suggestedat a press conference in January that in the future police could verifythe identity of a detained motorist by means of an onsite DNA test andadvanced police computers.

Civil libertarians argued against the increased collection at themeeting, saying that mass collection of DNA would be an illegal searchwith little purpose in most cases, especially for minor crimes. Thereare concerns that the DNA samples collected could also be used forother purposes, such as research into genetic issues, or be released toothers such as insurance companies. The US Defense Department has beganto collect samples of all persons in the military and plans to keep thesamples indefinitely for other uses such as research.

Some states are already moving forward on testing. Louisiana will begintesting all persons arrested in September and New York and NorthCarolina are considering doing the same. New York City Mayor RudolfGuiliani went one step further and suggested last month that allchildren should have a sample of their DNA taken at birth for use infuture criminal investigations. The Commission is planning to respondto Reno's request in August.

[3] CFP 99 - Early Registration Deadline Approaching

Register now for the cyber event of the year:

C COMPUTERS, FREEDOM, AND PRIVACY F THE GLOBAL INTERNET P 9 WASHINGTON, DC 9 Omni Shoreham Hotel . April 6-8, 1999 O R G ** Early Registration Deadline - March 15, 1999 **

For almost a decade, the conference on Computers, Freedom and Privacyhas shaped the public debate on the future of privacy and freedom inthe online world. Register now for the number one Internet policyconference. Join a diverse audience from government, industry,
academics, the non-profit sector, the hacker community and the media.
Enjoy the U.S. Capital in the spring at one of Washington's premierhotels.

* Keynote speakers include Tim Berners-Lee (Director, World Wide Web Consortium), Vint Cerf (President, Internet Society),
Congressman Ed Markey (sponsor of "The Electronic Bill of Rights Act"), Congressman Ron Paul (sponsor of the Freedom and Privacy Restoration Act), Henrikas Yushkiavitshus (Associate Director, UNESCO).

* Lively and thought-provoking panels on -- "the Creation of a Global Surveillance Network," "Access and Equity on the Global Internet," "Anonymity and Identity in Cyberspace," "Free Speech and Cyber Censorship," "Is Escrow Dead? And what is Wassenaar?", "Self-Regulation Reconsidered" and more.

* Tutorials -- "The Electronic Communications Privacy Act" (Mark Eckenwiler); "Cryptography: Basic Overview & Nontraditional Uses" (Matt Blaze and Phil Zimmermann), "Free Speech, The Constitution and Privacy in Cyberspace" (Mike Godwin),
"Techniques for Circumventing Internet Censorship" (Bennett Haselton and Brian Ristuccia).

* Other Events -- Privacy International's Big Brother Awards to the worst privacy violators in the US, EFF's Pioneer Awards to those who have done the most to promote the net.

Early Registration Deadline - March 15, 1999

Register on-line at or call +1 407628 3602. Registration inquiries may also be sent

For more information about CFP99, visit or call+1 401 628 3186

[4] GAO Releases Two Reports on Privacy

The General Accounting Office has released reports on the use of theSocial Security Number and medical privacy and research.

Medical Records Privacy: Access Needed for Health Research, butOversight of Privacy Protections is Limited (GAO/HEHS-99-55), Feb.
1999. This report reviews privacy protections of identifiable medicalinformation used for research purposes. It finds that manyorganizations have internal procedures governing use of medicalinformation including requiring that an institutional review Board(IRB) review all proposals. However, it found that IRBs have limitedoversight abilities and frequently waive confidentiality requirementsfor records.
Social Security: Government and Commercial Use of the Social SecurityNumber is Widespread (GAO/HEHS-99-28), February 1999. The reportreviews uses of the SSN by state agencies and commercial organizationsincluding information brokers, financial services and health careorganizations. Not suprisingly, the SSN is widely used as either aprimary or secondary identifier and the lack of federal laws limitingits use or disclosure is encouraging more uses. These organizationsoppose restrictions on their uses of the SSN. However, some states arepulling back from making it available in public records due to privacyconcerns.

[5] Crypto Export Relaxation Bill Introduced

Congressman Bob Goodlatte (R-VA) has re-introduced legislation in theHouse of Representatives to relax export controls on encryptionproducts. His bill The Security And Freedom through Encryption (SAFE).
H.R. 850, Act marks the 5th consecutive Congress in which legislationto reduce controls has been introduced.

The bill limits export license requirements for encryption productsthat are generally available such as sold on the Internet or thoughretail outlets, in the public domain, or used in commercial productssuch as DIVX machines to a one-time 15 day technical review. Morespecialized products can be sold if the country is one of 45 thatmanufacturers can currently send strong encryption to financialinstitutions or if the Secretary of Commerce finds that a foreignproducers without export limitations is making a similar productavailable.

The bill makes it lawful to use and sell encryption in the US andprohibits the federal government or state governments from requiringkey escrow. It also contains the controversial provision that creates anew federal crime for the use of encryption to conceal criminalconduct.

The bill has widespread support in the House but it faces an uphillbattle. The bill has 204 co-sponsors including House Majority LeaderDick Armey (R-TZ), Whip Tom Delay (R-TX), Minority Leader Dick Gephardt(D-MO) and Whip David Bonior (D-MI). However, new Speaker of the HouseDennis Hastert (R-IL) was an opponent of SAFE in the 105th Congress andthe White House remains opposed to any substantial relaxation and wouldlikely veto any bill that was approved.

More information on encryption policy is available at:

[6] EPIC Bookstore - The End of Privacy

Now available at the EPIC Bookstore []:

The Limits of Privacy by Amitai Etzioni
"Etzioni continues his elucidation and defense of 'communitarianism'
begun in such previous works as The New Golden Rule: Community andMorality in a Democratic Society (1997). Communitarianism holds that agood society must maintain a balance between individual rights and thecommon good. Since the 1960s or so, concern for the common good hasgiven way in the US to 'excessive deference to privacy.' Etzionibelieves its time to correct the balance. Certainly aware of theimportance of privacy, Etzioni lays out specific criteria to be met andstringent processes to be followed when rights are to be curtailed.
There must be a real, not hypothetical, danger to the common good. Thedanger must first be dealt with, without restricting privacy rights ifpossible. When rights are curtailed the action should be minimallyintrusive, and undesired side effects must be guarded against, e.g., ifwidespread HIV testing is found necessary, efforts must be made toenhance the confidentiality of medical records. Taking this framework,
Etzioni examines five areas of public policy, among them mandatory HIVtesting of infants, [key escrow], the public listing of sex offenders('Megan's Laws'), and medical- records privacy. Predictably, in all butthe last, where he argues that there should be more protection, hefinds a minimal diminution in individual rights justifiable. Sexoffenders, for instance, do have their rights curtailed when theirpresence in a community is made public, but the benefit to thecommunity is worth it. These substantive chapters are intriguing, yetoverall there is not much new here. Etzioni has plowed this fieldoften, and the basic premises of his argument are not improved upon.
Curiously, he continues to paint privacy with broad strokes, with toolittle regard for the nuances of that term. Is it hedonism he decries,
or selfishness? Are demands for rights all symptomatic of a disregardfor the public good? Such issues remain unexplored. (Kirkus Reviews,
February 15, 1999, Copyright ©1999, Kirkus Associates, LP)

Privacy and Human Rights 1998 - An International Survey of Privacy Lawsand Developments
Now available is the Global Internet Liberty Campaign's comprehensivesurvey of privacy laws in fifty countries around the world. Among thereport's key findings is that there is a growing trend in almost alljurisdictions to enact comprehensive privacy and data protection acts,
either to address past government abuses, to promote electroniccommerce, or to ensure compatibility with international standardsdeveloped by the European Union, the Council of Europe, and theOrganization for Economic Cooperation and Development. Less positive isthe finding that new technologies are increasingly eroding privacyrights, and that surveillance authority is regularly abused, even inmany democratic countries.

Price: $15 plus shipping. Available directly from EPIC.

These and other titles are available for purchase online at the EPICBookstore:

[7] EPIC Bill-Track: New Bills in Congress

EPIC Bill Track: Tracking Privacy, Speech, and Cyber-Liberties Bills inthe 106th Congress
* Approved *

H.R. 438. Wireless Communications and Public Safety Act of 1999.
Mandates location information for cellular phones for 911. Limits useof information. Sponsor Rep Shimkus, John (R-IL). Referred to the HouseCommittee on Commerce on 2/2/99. Subcommittee Hearings Held on 2/3/99.
Ordered to be Reported (Amended) by Voice Vote on 2/11/99. Measurepassed House, roll call #24 (415-2) on 2/24/99.

H.R. 514. Wireless Privacy Enhancement Act of 1999. Prohibitsinterception of wireless communications, scanners. Sponsor Rep Wilson,
Heather. Referred to the Committee on Commerce. Referred to the HouseCommittee on Commerce on 2/2/99. Subcommittee Hearings Held on 2/3/99.
Ordered to be Reported (Amended) by Voice Vote on 2/11/99. Measurepassed House, roll call #28 (403-3) on 2/25/99.

* New House Bills *

H.R. 850. Security And Freedom through Encryption (SAFE) Act. Relaxesexport controls on encryption, prohibits mandatory key escrow, createscriminal penalty for using crypto in a crime. Sponsor Rep Goodlatte,
Bob (R-VA) 204 co-sponsors. Referred to the Committee on the Judiciary,
and in addition to the Committee on International Relations.

H.R. 852. Freedom to E-File Act. require the Department of Agricultureto establish an electronic filing and retrieval system to enable thepublic to file all required paperwork electronically with theDepartment and to have access to public information on farm programs,
quarterly trade, economic, and production reports, and other similarinformation. Sponsor Rep LaHood, Ray. Referred to the House Committeeon Agriculture.

H.R. 896. Childrens' Internet Protection Act. Require the installationand use by schools and libraries of a technology for filtering orblocking material on the Internet on computers with Internet access tobe eligible to receive or retain universal service assistance. SponsorRep Franks, Bob (R-NJ). Referred to the House Committee on Commerce.

* New Senate Bills *

S. 411. Clone Pager Authorization Act of 1999. Expands legal authorityto authorize broader use of clone pagers. Sponsor Sen DeWine, Michael(R-OH). Referred to the Committee on Judiciary.

S. 466. American Financial Institutions Privacy Act of 1999. Prohibitsimplementation of "Know your Customer" rules unless approved by Act ofCongress, requires study on privacy issues. Sponsor Jeffords, James(R-VT). Referred to the Committee on Banking, Housing, and UrbanAffairs.

[8] Upcoming Conferences and Events

Access to Information: Strategies and Solutions. March 16, 1998.
Arlington, VA. Sponsored by the Freedom Forum and American LibraryAssociation.
CYBERSPACE 1999: Crime, Criminal Justice and the Internet. March 29 &
30, 1999. York, UK. Sponsored by the British and Irish Legal EducationTechnology Association (BILETA).

"Computers, Freedom and Privacy: The Global Internet," April 6-8, 1999.
Washington, DC. Sponsored by ACM. Early registration deadline: March15. Online registration:

Encryption Controls Workshop. May 13, 1999. Raleigh, NC. Sponsored bythe U.S. Dep't of Commerce. Contact: (202) 482-6031
Cryptography & International Protection of Human Rights (CIPHR'99).
August 9-13, 1999. Lake Balaton, Hungary. Contact:

Subscription Information

The EPIC Alert is a free biweekly publication of the Electronic PrivacyInformation Center. A Web-based form is available for subscribing orunsubscribing at:
To subscribe or unsubscribe using email, send email to epic-newsepic.orgwith the subject: "subscribe" (no quotes) or "unsubscribe".

Back issues are available at:

About EPIC

The Electronic Privacy Information Center is a public interest researchcenter in Washington, DC. It was established in 1994 to focus publicattention on emerging privacy issues such as the Clipper Chip, theDigital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale of personal information. EPIC is sponsoredby the Fund for Constitutional Government, a non-profit organizationestablished in 1974 to protect civil liberties and constitutionalrights. EPIC publishes the EPIC Alert, pursues Freedom of InformationAct litigation, and conducts policy research. For more information,
e-mail, or write EPIC, 666Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. +1 202 544 9240(tel), +1 202 547 5482 (fax).

If you'd like to support the work of the Electronic Privacy InformationCenter, contributions are welcome and fully tax-deductible. Checksshould be made out to "The Fund for Constitutional Government" and sentto EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC 20003.

Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for the rightof privacy and efforts to oppose government regulation of encryptionand expanding wiretapping powers.

Thank you for your support.

END EPIC Alert 6.04


WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback