WorldLII Home | Databases | WorldLII | Search | Feedback

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 2002 >> [2002] EPICAlert 24

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

EPIC Alert 9.24 [2002] EPICAlert 24


Volume 9.24 December 12, 2002

Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.


Table of Contents

[1] EPIC Files Suit for "No-Fly List" Information
[2] EPIC Submits Comments on TCPA, ENUM, FCC Broadcast Flag Mandate
[3] DC Council Hearing on Camera Regs; 12/24 is World Sousveillance Day
[4] ICANN Task Force Issues New Policy Report on WHOIS Data
[5] CA Senators Introduce Financial Privacy Legislation
[6] Nominations Sought for 2003 PEN/Newman's Own First Amendment Award
[7] Subscribe - Access Reports
[8] Upcoming Conferences and Events

[1] EPIC Files Suit for "No-Fly List" Information

Seeking information about aviation security watchlists, EPIC yesterdayfiled a Freedom of Information Act (FOIA) lawsuit against theTransportation Security Administration (TSA) in federal court inWashington. The legislation creating TSA authorizes the agency tomaintain such lists, which reportedly have been used to interfere withthe travel of political activists. EPIC's lawsuit seeks, among otherthings, TSA's criteria for putting people on so-called "no-fly lists"
that apparently bar some passengers from flying and subject others toextensive scrutiny.

The Aviation Security and Transportation Act, passed in the wake ofthe September 11, 2001 terrorist attacks, authorizes TSA to maintainwatchlists and notify law enforcement, aviation and airline officialsof the names of people suspected of posing "a risk of air piracy orterrorism or a threat to airline or passenger safety." In a FOIArequest submitted to TSA in early October, EPIC requested informationabout the number of names on all aviation-security watchlists,
procedures for posting and removing names and all complaints frompeople who claim to have mistakenly been included on the lists. TSAfailed to respond to the request within the legal time limit,
prompting EPIC's lawsuit.

EPIC has also sought information from TSA on its updated ComputerAssisted Passenger Pre-screening System (CAPPS-II). The basicstructure of passenger profiling is to use an algorithm to determineindicators of characteristics or patterns that are related to theoccurrence of certain behavior. The CAPPS-II initiative will expandthe range of databases searched for suspicious activity so that eachairline passenger will be subjected to extensive profiling. RetiredAdmiral John Poindexter's office in the Defense Department isconsidering developing a similar "Total Information Awareness" system(which is also the subject of pending EPIC FOIA requests). See EPICAlert 9.23.

In another lawsuit involving the privacy impact of post-September 11initiatives, a federal judge on November 26 ordered the JusticeDepartment to complete its processing of an EPIC information requestconcerning the USA PATRIOT Act by January 15. EPIC, joined by theAmerican Civil Liberties Union and library and booksellers'
organizations, filed the FOIA lawsuit seeking the disclosure ofinformation concerning implementation of the controversialanti-terrorism law. See EPIC Alert 9.20.

EPIC's "no-fly list" lawsuit is available at:

Background information is available at EPIC's Air Travel Privacy Page:

[2] EPIC Submits Comments on TCPA, ENUM, FCC Broadcast Flag Mandate

EPIC has recently filed comments on the Telephone Consumer ProtectionAct (TCPA), Electronic Numbering (ENUM), and the Digital TelevisionBroadcast Flag.

In comments to the Federal Communications Commission (FCC), tenleading civil liberties and consumer groups joined EPIC in support ofgreater protections against telemarketing under the TCPA. Thecomments support a national do-not-call (DNC) list that allowsInternet, telephone, and mail enrollment, and a requirement that salescallers transmit caller ID information. The comments also negate theinflated statistics used by the telemarketing industry to stave offconsumer protections. Earlier this year, the Federal Trade Commission(FTC) had also requested comments on the creation of a DNC list. TheFTC is expected to issue a rule on their telemarketing comments thismonth.

EPIC also filed comments with the ENUM Forum, a group charged withimplementation of ENUM in the United States. ENUM is a system thatlinks phone numbers to IP addresses. In doing so, users can storecontact information that can be accessed by another person through theuse of one phone number. The comments warn that ENUM presentssignificant risks to privacy, especially with regard to receivingunsolicited commercial messages, and that the ENUM Forum has notconsidered issues surrounding law enforcement access to ENUM data, norincorporated substantive privacy protections for users.

In comments to the FCC, EPIC recommended against the creation of adigital television broadcast flag unless it incorporates affirmativeprivacy protections and ensures the ability of individuals to consumetelevision content anonymously. The broadcast flag initiative isdesigned to quicken the adoption of digital broadcasting, and toprotect content transmitted digitally. The comments argue that thebroadcast flag is unnecessary to facilitate this transition, and thatpiracy risks do not justify creation of the flag.

Comments on Rules and Regulations Implementing the Telephone ConsumerProtection Act of 1991:

EPIC's Telemarketing Page:

Comments on ENUM:


Comments on the Digital Broadcast Flag:

EPIC's Digital Rights Management and Privacy Page:

[3] DC Council Hearing on Camera Regs; 12/24 is World Sousveillance Day

A hearing on "Issues Concerning the Use of Video Surveillance in theDistrict of Columbia" was held today before the DC Council, at whichEPIC Executive Director Marc Rotenberg testified. The hearingconsidered DC Council member Kathy Patterson's new bill to regulatethe Metropolitan Police Department's surveillance cameras, and analternative bill proposed by the ACLU. Witnesses included GeorgeRadwanski, the Canadian Privacy Commissioner; a law enforcementexpert; and several privacy specialists and representatives from civilliberties organizations.

Patterson's bill (the "Limited Authorization of Video Surveillance andPrivacy Protection Act of 2002"), in its current form, authorizes thepolice cameras already in place for specified law enforcement,
security and management purposes. It also provides for an elaborateprocedure requiring a court order for law enforcement use of videosurveillance in cases where individuals' privacy is most prone toabuse. A second bill (the "District of Columbia Anti-Surveillance Actof 2002") prohibits "general video surveillance," defined as any videosurveillance of outdoor public areas that differs from surveillanceused in the context of criminal investigations or for trafficmonitoring and building security purposes. EPIC has proposed a draftbill for the DC City Council (the "District of Columbia Anti-
Surveillance and Privacy Protection Act of 2002") that combines theprocedural safeguards in the Patterson bill with the prohibitionagainst general video surveillance.

EPIC Alert readers, Washington residents, and other interested partiescan participate in the ongoing public debate over the proposedlegislation by continuing to send comments to Council members, eitherby e-mail to: <> or by postal mailto: Ms. Phyllis Jones, Secretary to the Council, Suite 5, John A.
Wilson Building, 1350 Pennsylvania Avenue, N.W., Washington, DC 20004.

People around the world will be protesting surveillance cameras onDecember 24, which has been declared "World Sousveillance Day" or"World Subjectrights Day" by an international coalition of artists,
scientists, engineers, scholars, and others. The idea of"sousveillance" is in opposition to surveillance, and can be looselydefined as "watchful vigilance from below."

On December 24, people are invited to call into question the growingphenomenon of video surveillance in public and private spaces by"watching the watchers": one may photograph, videotape, or otherwisedocument video surveillance cameras in private places (stores,
shopping malls, buildings) and in public areas (parks, streets,
squares, building surroundings, etc.). Government and corporationofficials, while they engage in video surveillance on a regular basis,
often prohibit others from taking pictures or video within theirestablishments. On World Sousveillance Day, however, many people willbe photographing these officials, their establishments, and theirsecurity systems to show their vigilance and their opposition to thesprawl of surveillance cameras into every aspect of life.

For people interested in documenting surveillance in the District ofColumbia, more information on the location of the DC police cameras isavailable at the Observing Surveillance Web site (URL below).

Observing Surveillance:

New "DC Police Cameras" Slide Show (updated 12/11):

EPIC's Video Surveillance Page:

"World Sousveillance Day" Web site:

[4] ICANN Task Force Issues New Policy Report on WHOIS Data

On November 30, 2002, ICANN's WHOIS Task Force issued a Policy Reportcontaining consensus recommendations on the Accuracy and Marketing ofWHOIS Data. The WHOIS Task Force was created by ICANN's Domain NameSupporting Organization's (DNSO) Names Council in February 2001 togive advice on WHOIS Policy and to review whether any changes shouldbe made to ICANN's WHOIS policy for the .com/.net/.org domains as setout under the Registrar Accreditation Agreement (RAA).

In its report, the Task Force suggested a number of changes withrespect to marketing of WHOIS data. First, it recommended that theprovisions of the RAA allowing for use of bulk access data formarketing purposes be eliminated -- or at the very least altered -- torequire registrars to grant individuals the right to decide whetherthey want to be included in such marketing. Currently, the RAA statesthat registrars may (rather than must) allow individuals to opt-out ofbulk access for marketing purposes. Secondly, it recommendedincreased enforcement of any new provisions on bulk access. Itraised, but did not decide, the question of whether licensees of bulkaccess data who breach a bulk access agreement (for example, by usingthe data for mass unsolicited marketing) should be prohibited fromentering into any future bulk access agreement. Finally, itrecommended further study on whether there are any legitimate uses ofbulk access data or whether it should simply be eliminated.

The Task Force acknowledged that many other privacy issues relating toordinary WHOIS data still exist, such as who should get access to thisdata, in what form and under what conditions. It recommended that theNames Council continue to allow it to address these issues. EPIC haspreviously advocated stronger privacy protections for individualsregistering domain names. In 2001, EPIC sent two letters to Congressarguing that there should be restrictions on the secondary use andsale of WHOIS data; that personal information, beyond that which isnecessary for contacting systems administrators about network orsecurity problems, should not be included in the publicly accessibledatabase; and that there should be a way for individuals toanonymously or pseudonymously register domain names.

The Task Force will ask the Names Council to endorse itsrecommendations on accuracy and marketing at ICANN's annual meeting,
which is taking place this year in Amsterdam on December 14-15, 2002.
Members of the public are invited to attend an open forum on December14 from 1:30 to 5:00 p.m.

The Task Force report is available at:

Information about ICANN's Amsterdam meeting is available at:

EPIC's 2001 letters to are available at:

[5] CA Senators Introduce Financial Privacy Legislation

California Senator Jackie Speier (D-San Mateo) and Senate PresidentJohn Burton (D-San Francisco) have introduced SB 1, The CaliforniaFinancial Information Privacy Act. The Act requires financialinstitutions to obtain opt-in consent from customers before they canexploit personal information by transmitting it to non-affiliatedcompanies. Financial institutions could transmit personal informationto affiliates under an opt-out standard. The law also creates civilpenalties with liquidated damages for violations.

Speier's bill would significantly improve Californians' financialprivacy rights. Currently, under the Gramm-Leach-Bliley Act (afederal law passed in 1999), consumers cannot opt out of affiliateinformation transmission at all, and have only opt-out protections fornon-affiliate information use. To defeat Speier's earlier attempts inenacting financial privacy protections, the banking, insurance, andbrokerage industries spent more than $20 million in lobbyingexpenditures.

Two weeks ago, Speier sent a letter to financial institutions,
requesting them to reveal the nature and extent of consumerinformation use. The letter attempts to track, among other things,
whether institutions are employing joint marketing agreement loopholein federal law in order to exploit personal financial information.

California Senate Bill 1, the Financial Information Privacy Act:

Letter from Senator Speier to Financial Institutions:

EPIC Gramm-Leach-Bliley Page:

[6] Nominations Sought for 2003 PEN/Newman's Own First Amendment Award

PEN American Center and Newman's Own annually honor an individual whohas fought to safeguard the First Amendment right of freedom ofexpression in the United States.

Any individual who has worked to protect freedom of expression in theUnited States as it applies to the written word -- such as a writer,
publisher, journalist, editor, bookseller, schoolteacher, or librarian
-- is eligible. Especially sought are those whose achievements havenot otherwise garnered recognition through institutional affiliationor public visibility. For example, a candidate may have:

* worked to restore a banned book to the classrooms or library shelves of a school;

* called for the reinstatement of a newspaper or magazine editor fired as a result of his or her writing;

* published a controversial book despite unjustified threats of libel action;

* overcome harassment by a hostile section of a community while mobilizing a project against censorship;

* waged a costly and time-consuming lawsuit in defense of the First Amendment; or
* performed any other extraordinary act to defend freedom of the written word.

The actions for which the candidate is nominated must have occurredwithin the past five years.

Each individual candidate should be suggested by a nominator, who mayor may not be affiliated with the literary, journalistic, educational,
legal, or human rights communities.

A cash award of $25,000, accompanied by a limited-edition artwork,
will be presented to the winner at the PEN Benefit Dinner in spring2003.

The deadline for submitting nominations is December 31, 2002.

The nomination form is available online at:

[7] Subscribe - Access Reports

The top newsletter for open government and the Freedom of InformationAct is Access Reports, published by Harry A. Hammitt. A typical issueincludes information on recent court decisions, legislativedevelopments, and opinion and analysis. Access Reports also providesan extensive index on open government and FOIA issues. Available bye-mail and postal mail, Access Reports also provides a Reference Fileservice.

EPIC recently joined with Access Reports to publish "Litigation Underthe Federal Open Government Laws" (see "EPIC Publications" below). Wehighly recommend the Access Reports newsletter to our readers as anexcellent source of up-to-date information.

For subscription information, contact Access Reports, 1624 DogwoodLane, Lynchburg VA 24503. 434/384-5334 (tel); 434/384-8272 (fax); (e-mail);

EPIC Publications:

"The Privacy Law Sourcebook 2002: United States Law, InternationalLaw, and Recent Developments," Marc Rotenberg, editor (EPIC 2002).
Price: $40.

The "Physicians Desk Reference of the privacy world." An invaluableresource for students, attorneys, researchers and journalists who needan up-to-date collection of U.S. and International privacy law, aswell as a comprehensive listing of privacy resources.

"FOIA 2002: Litigation Under the Federal Open Government Laws," HarryHammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price: $40.

This is the standard reference work covering all aspects of theFreedom of Information Act, the Privacy Act, the Government in theSunshine Act, and the Federal Advisory Committee Act. The 21stedition fully updates the manual that lawyers, journalists andresearchers have relied on for more than 25 years. For those wholitigate open government cases (or need to learn how to litigatethem), this is an essential reference manual.

"Privacy & Human Rights 2002: An International Survey of Privacy Lawsand Developments" (EPIC 2002). Price: $25.

This survey, by EPIC and Privacy International, reviews the state ofprivacy in over fifty countries around the world. The survey examinesa wide range of privacy issues including data protection, telephonetapping, genetic databases, video surveillance, location tracking, IDsystems and freedom of information laws.

"Filters and Freedom 2.0: Free Speech Perspectives on Internet ContentControls" (EPIC 2001). Price: $20.

A collection of essays, studies, and critiques of Internet contentfiltering. These papers are instrumental in explaining why filteringthreatens free expression.

"The Consumer Law Sourcebook 2000: Electronic Commerce and the GlobalEconomy," Sarah Andrews, editor (EPIC 2000). Price: $40.

The Consumer Law Sourcebook provides a basic set of materials forconsumers, policy makers, practitioners and researchers who areinterested in the emerging field of electronic commerce. The focus ison framework legislation that articulates basic rights for consumersand the basic responsibilities for businesses in the online economy.

"Cryptography and Liberty 2000: An International Survey of EncryptionPolicy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price:

EPIC's third survey of encryption policies around the world. Theresults indicate that the efforts to reduce export controls on strongencryption products have largely succeeded, although severalgovernments are gaining new powers to combat the perceived threats ofencryption to law enforcement.

EPIC publications and other books on privacy, open government, freeexpression, crypto and governance can be ordered at:

EPIC Bookstore

"EPIC Bookshelf" at Powell's Books

[8] Upcoming Conferences and Events

18th Annual Computer Security Applications Conference (ACSAC):
Practical Solutions to Real Security Problems. Applied ComputerSecurity Associates. December 9-13, 2002. Las Vegas, NV. For moreinformation:

Call for Proposals: December 13, 2002. O'Reilly Emerging TechnologyConference. April 22-25, 2003. Santa Clara, CA. For more information:

Government Convention on Emerging Technologies. Defending AmericaTogether: The New Era. Government Emerging Technology Alliance (GETA).
January 8-10, 2003. Las Vegas, NV. For more information:

O'Reilly Bioinformatics Technology Conference. February 3-6, 2003.
San Diego, CA. For more information:

Politics of Code: Shaping the Future of the Next Internet. OxfordUniversity Programme in Comparative Media Law and Policy. February 6,
2003. Oxford, England. For more information:

Third Annual Privacy Summit. International Association of PrivacyOfficers. February 26-28, 2003. Washington, DC. For more information:

Spectrum Policy: Property or Commons? Stanford Law School Center forInternet and Society. March 1, 2003. For more information:

P&AB's Privacy Practitioners' Workshop and Ninth Annual NationalConference. Privacy & American Business. March 12-14, 2002.
Washington, DC. For more information:

CFP2003: 13th Annual Conference on Computers, Freedom, and Privacy.
Association for Computing Machinery (ACM). April 1-4, 2003. New York,
NY. For more information:

O'Reilly Open Source Convention. July 7-11, 2003. Portland, OR. Formore information:

Subscription Information

Subscribe/unsubscribe via Web interface:

Subscribe/unsubscribe via e-mail:

Subject line: "subscribe" or "unsubscribe" (no quotes)

Help with subscribing/unsubscribing:

Subject: "help" (no quotes)

Back issues are available at:

The EPIC Alert displays best in a fixed-width font, such as Courier.

Privacy Policy

The EPIC Alert mailing list is used only to mail the EPIC Alert and tosend notices about EPIC activities. We do not sell, rent or share ourmailing list. We also intend to challenge any subpoena or other legalprocess seeking access to our mailing list. We do not enhance (linkto other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail addressfrom this list, please follow the above instructions under"subscription information". Please contact if you wouldlike to change your subscription e-mail address, if you areexperiencing subscription/unsubscription problems, or if you have anyother questions.

About EPIC

The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 tofocus public attention on emerging privacy issues such as the ClipperChip, the Digital Telephony proposal, national ID cards, medicalrecord privacy, and the collection and sale of personal information.
EPIC publishes the EPIC Alert, pursues Freedom of Information Actlitigation, and conducts policy research. For more information,
e-mail, or write EPIC, 1718Connecticut Ave., NW, Suite 200, Washington, DC 20009.
+1 202 483 1140 (tel), +1 202 483 1248 (fax).

If you'd like to support the work of the Electronic PrivacyInformation Center, contributions are welcome and fullytax-deductible. Checks should be made out to "EPIC" and sent to1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009.
Or you can contribute online at:

Drink coffee, support civil liberties, get a tax deduction, and learnLatin at the same time! Receive a free "sed quis custodietipsos custodes?" coffee mug with donation of $75 or more.

Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for theright of privacy and efforts to oppose government regulation ofencryption and expanding wiretapping powers.

Thank you for your support.

END EPIC Alert 9.24


WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback