WorldLII [Home] [Databases] [WorldLII] [Search] [Feedback]

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 2002 >> [2002] EPICAlert 25

[Database Search] [Name Search] [Recent Alerts] [Noteup] [Help]

EPIC Alert 9.25 [2002] EPICAlert 25 (19 December 2002)







EPIC ALERT




Volume 9.25 December 19, 2002

Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.

http://www.epic.org/alert/EPIC_Alert_9.25.html

** HAPPY HOLIDAYS! **


End of Year Appeal - Support EPIC - Protect Privacy - Annoy the Snoops


Send checks for "EPIC" to: 1718 Connecticut Ave., NW, Suite 200,
Washington, DC 20009, or contribute online: http://www.epic.org/donate/
Thank you for your support.


Table of Contents



[1] FTC Announces National Do-Not-Call List for Telemarketing
[2] EPIC Files Suit on "Total Information Awareness" Documents
[3] Court Asked to Reconsider Faxed Warrant Decision
[4] ICANN Meets in Amsterdam, Adopts By-Law Changes
[5] EPIC Files Comments on Canadian Surveillance Proposal
[6] New Report Finds Errors, Inconsistency in Credit Scores
[7] EPIC Publications
[8] Upcoming Conferences and Events


[1] FTC Announces National Do-Not-Call List for Telemarketing


The Federal Trade Commission (FTC) will create a national do-not-call(DNC) list and has adopted new regulations to give individuals greatercontrol over telemarketing. EPIC and a coalition of consumer andcivil liberties groups filed comments on the proposals earlier thisyear. Many of the protections suggested in the comments wereincorporated in the FTC regulation.

The DNC list will support both telephone and Internet enrollment.
Once enrolled, individuals remain on the list for five years. Mosttelemarketers will be prohibited from calling individuals enrolled onthe DNC list. However, charitable organizations, banks, and commoncarriers that have in-house telemarketing operations will not beaffected by the list. In order to include those telemarketers, theFederal Communications Commission (FCC) will have to adopt new salescall regulations. The FCC requested comments on these issues earlierthis month, and is said to be coordinating with the FTC to ensurecomprehensive application of the DNC list.

The FTC's announcement is the first step toward giving individualsgreater control over telemarketing. FTC must obtain approval fromCongress to charge telemarketers $16 million in order to build andadminister the list. Additionally, telemarketing industry groups arelikely to mount lobbying and litigation campaigns against the newprotections. The industry has long used grossly-inflated statisticsand questionable research methods to prevent protections againsttelemarketing. According to recent Direct Marketing Associationfigures, nearly $300 billion was spent on telemarketing in 2001. Ifthat statistic were true, it would mean that the average household inthe United States spends over $2,800 annually on goods pitched bytelemarketers.

Other regulations included in the FTC package include the requirementthat telemarketers transmit valid caller ID information.
Telemarketers also face greater restrictions on the use of predictivedialers that produce "dead air" or abandoned calls. Telemarketerswill continue to be permitted to engage in "preacquired accountnumber" sales calling, but the practice will be subject to the newrules.

President Bush commended the FTC for planning a DNC list. In astatement released yesterday, he said, "Time with family is a preciouscommodity, and families should be given the tools they need to helpprevent unwanted calls from telemarketers."

FTC Do Not Call Page:

http://www.ftc.gov/donotcall/

EPIC Comments on the TSR:

http://www.epic.org/privacy/telemarketing/tsrcomments.html

EPIC Comments on the TCPA:

http://www.epic.org/privacy/telemarketing/tcpacomments.html

EPIC Telemarketing Page:

http://www.epic.org/privacy/telemarketing/



[2] EPIC Files Suit on "Total Information Awareness" Documents


The Electronic Privacy Information Center on December 17 asked afederal judge to issue an emergency order requiring the Pentagon torelease information about the controversial "Total InformationAwareness" (TIA) program. The invasive data-mining initiative, headedby retired Admiral John Poindexter, has raised widespread privacyconcerns. Within hours of the court filing, the Defense Departmentclaimed that only one document discusses the privacy implications ofTIA and released it to EPIC.

The lawsuit challenges the Defense Department's continuing efforts toblock EPIC's Freedom of Information Act (FOIA) requests for documentsabout DoD's Information Awareness Office. EPIC first requestedinformation about the Office in February, but the Defense Department,
in a very unusual move, tried to impose substantial processing fees,
often applied to commercial requesters but never applied to anorganization like EPIC. That earlier Pentagon action is the subjectof pending litigation. The new lawsuit seeks to overturn DoD'srefusal to expedite the processing of a second information requestEPIC submitted on November 21. The FOIA requires agencies to expeditetheir handling of requests involving issues of substantial publicinterest.

Soon after EPIC filed suit, the Defense Department released onedocument -- a study titled "Security with Privacy" which was preparedby the Information Sciences and Technologies Study Group (ISAT), agroup of civilian and military researchers. The study recommends moreDoD research on privacy, but does not address policy issues and statesexplicitly that it is "not a review of Total Information Awareness."

The TIA program is developing data-mining tools that will sort throughmassive amounts of personal information, including financial, medical,
communications, and travel records as well as new sources ofinformation. Several members of Congress have already called forinvestigations of the program.

EPIC's lawsuit against the Defense Department is available at:

http://www.epic.org/privacy/profiling/tia/foia_complaint.pdf

The ISAT study "Security with Privacy" is available at:

http://www.epic.org/privacy/profiling/tia/isat_study.pdf

Background information is available at EPIC's TIA page:

http://www.epic.org/privacy/profiling/tia/



[3] Court Asked to Reconsider Faxed Warrant Decision


EPIC has filed a response to a petition for reconsideration in theU.S. Court of Appeals for the Eighth Circuit, urging the court toreconsider a November ruling that service of a warrant on an ISP byfax complies with the "reasonableness" requirements of the FourthAmendment. EPIC's latest filing argues that the November opinion"fails to distinguish between an officer's presence at the service ofa warrant, and an officer's presence at the execution of that warrant."

The case arose after Yahoo! was "served" with a search warrant by fax.
The defendant had argued that the law enforcement practice of faxingthe warrant to the Internet Service Provider (ISP) and having the ISPexecute the warrant violated his Fourth Amendment rights. Althoughthe district court agreed, the Eighth Circuit ruled in November thatservice of a warrant on an ISP by fax was "reasonable," withoutdeciding the broader issue of whether an Internet user has a FourthAmendment expectation of privacy in their e-mail. EPIC filed anamicus brief arguing that police officer presence is required duringthe service of a warrant on an ISP, because service of a searchwarrant by fax machine doesn't adequately safeguard Fourth Amendmentguarantee of a "reasonable" search. EPIC's brief details the historyof U.S. search and seizure law, which has mandated officer presence atthe service of a warrant since the 1700s.

The case was one of the first to address the issue of how the FourthAmendment applies to the protection of stored e-mail and other filesheld by ISPs. The application of Fourth Amendment protection toprivacy interests in digital environments raises important questionsconcerning the procedural service of a valid search warrant. EPICparticipated as an amicus in this case to ensure that, as the legalsystem responds to advances in technology, the law continues toprotect Fourth Amendment guarantees.

EPIC's response to the petition for reconsideration urges the EighthCircuit to affirm the district court's conclusion that "[t]hecircumstances of this case, . . . do not justify [the officer's]
choice to fax the warrant to Yahoo and allow Yahoo employees toconduct the search and seizure without any supervision orinstruction." The filing concluded that "[a]lthough in limitedcircumstances, civilian searches may be more reasonable than searchesby law enforcement officers, the justification for this exception doesnot extend to an abrogation of the requirement of an officer'spresence at the service of the warrant."

EPIC's response to the petition for rehearing is available at:

http://www.epic.org/privacy/bach/rehearing_en_banc.pdf

The Eighth Circuit's Opinion is available at:

http://www.ca8.uscourts.gov/opndir/02/11/021238P.pdf

For more information on the case, see EPIC's Bach Page:

http://www.epic.org/privacy/bach/

Recordings of the oral arguments and other files are available throughthe Web site of the U.S. Court of Appeals for the 8th Circuit:

http://www.ca8.uscourts.gov/tmp/021238.html



[4] ICANN Meets in Amsterdam, Adopts By-Law Changes


The Internet Corporation for Assigned Names and Numbers (ICANN) annualmeeting took place in Amsterdam on December 14-15, 2002.

In response to criticism that ICANN has moved too slowly inapproving new generic Top-Level Domains (gTLDs), ICANN resolved todraft a Request for Proposals for a limited number of new sponsoredgTLDs.

The ICANN Board also adopted changes to its bylaws that include:

- the formation of an interim At-Large Advisory Committee (ALAC) to become the permanent ALAC, serving to foster participation from the Internet community in ICANN's decision making process;

- the termination of the Domain Name Supporting Organization (DNSO);

- the formation of the new Generic Names Supporting Organization (GNSO) to make the work of policy development more efficient;

- the termination of the Protocol Supporting Organization (PSO);

- the formation of a Technical Liaison Group (TLG) to provide technical expertise on Internet standards setting;
and
- the appointment of liaisons from various advisory committees, including the Governmental Advisory Committee (GAC), to other Councils and Committees to augment communication among ICANN constituent groups.

At the meeting, the WHOIS Task Force asked the Names Council toendorse its recommendations on the accuracy and marketing of WHOISdata. While the Names Council accepted the report, it requestedthat the report comments site be reopened. The comments site willremain open until January 30, 2003, after which the WHOIS Task Forcewill put forward another version of its policy recommendations, takingany additional comments into account. The Names Council will thenvote on the recommendations on February 20, 2003. The Names Councilalso asked the WHOIS Task Force to plan to terminate. The NamesCouncil hopes to establish a new Task Force, acknowledging thepossibility of membership overlap.

ICANN's preliminary meeting report:

http://www.icann.org/minutes/prelim-report-15dec02.htm

WHOIS Task Force report:

http://www.epic.org/redirect/icann.html



[5] EPIC Files Comments on Canadian Surveillance Proposal


EPIC has submitted recommendations on the Canadian government's"Lawful Access Consultation Document" that would give police morepower to monitor Canadians' private communications. In itsrecommendations, EPIC supports many of the country's civil libertiesgroups' concerns about the lack of justification and counter-balancingmeasures that would sufficiently protect the public interest andprevent misuse of the new powers.

The Consultation Document proposes amendments to many Canadianstatutes in preparation for the ratification of the Council ofEurope's Convention on Cybercrime. The proposal would require allproviders of Internet, wireline and wireless services to addsurveillance capabilities to their networks in order for police andsecurity agencies to monitor people's communications more easily.
Further, new investigatory powers for law enforcement could beexercised under lower judicial standards than those applied undercurrent criminal statutes to search warrants and intercepts. Newmechanisms for providing centralized subscriber and service providerinformation to law enforcement would be established.

The Consultation Document has met with strong opposition among severalstakeholders in Canada. The telecommunications and ISP industrieshave raised issues regarding implementation and cost of compliance.
Internet users and citizens have expressed their concerns about losingmore privacy. Privacy watchdogs, provincial data protectionauthorities, and the civil society are criticizing the document forsupporting an unjustified increase in the level of electronicsurveillance, as well as noting the major impact the governmentproposal could have upon important constitutional values and rights,
such as the right to online privacy and anonymity.

EPIC's comments are available at:

http://www.epic.org/privacy/intl/lawfulaccess_121602.pdf

Canadian government's Consultation Document:

http://www.canada.justice.gc.ca/en/cons/la_al/law_access.pdf

Other submissions:

http://www.lexinformatica.org/cybercrime/

Background information on the CoE Cyber-Crime Convention:

http://www.treatywatch.org/

http://www.privacyinternational.org/issues/cybercrime/



[6] New Report Finds Errors, Inconsistency in Credit Scores


Millions of Americans may pay more for their home loans and insurance,
and may be denied other opportunities because of errors orinconsistencies in credit scores, according to a new report written bythe Consumer Federation of America (CFA) and the National CreditReporting Association (NCRA). Credit scores are used by manybusinesses to evaluate risk, set interest rates, and even to makehiring decisions. The scores range from a low of 400 to a high of 800points.

Credit scoring violates privacy principles because individuals do nothave access to underlying algorithms or factors used to evaluate theircredit history. Because of a loophole in the Fair Credit ReportingAct (FCRA), credit bureaus are not required to provide the score withcredit reports. In the last year, however, credit bureaus have beenselling scores to consumers who wish to monitor their credit forindications of identity theft or for errors.

The CFA and NCRA analyzed 500,000 credit scores and more than 1,700credit reports from all three major credit bureaus. The groups foundthat credit scores varied an average of 41 points. Individuals on theedge of the sub-prime lending market would be affected by thisvariance greatly. A home loan applicant improperly classified in thesub-prime market could receive a 9.8% interest rate rather than a 6.5%
one, resulting in an enormous increase in interest payments over thelife of a mortgage.

The groups also found that certain items on the credit reports, suchas entries regarding medical collections, could indicate that theconsumer has a specific medical condition.

Congress is likely to amend the FCRA in the next session, and possiblyprovide individuals with greater access to their credit scores and thesystem used to determine the scores.

Credit Score Accuracy and Implications for Consumers (PDF document):

http://www.epic.org/redirect/consumerfed.html

EPIC Fair Credit Reporting Act Page:

http://www.epic.org/privacy/fcra/



[7] EPIC Publications


"The Privacy Law Sourcebook 2002: United States Law, InternationalLaw, and Recent Developments," Marc Rotenberg, editor (EPIC 2002).
Price: $40. http://www.epic.org/bookstore/pls2002/

The "Physicians Desk Reference of the privacy world." An invaluableresource for students, attorneys, researchers and journalists who needan up-to-date collection of U.S. and International privacy law, aswell as a comprehensive listing of privacy resources.



"FOIA 2002: Litigation Under the Federal Open Government Laws," HarryHammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price: $40.
http://www.epic.org/bookstore/foia2002/

This is the standard reference work covering all aspects of theFreedom of Information Act, the Privacy Act, the Government in theSunshine Act, and the Federal Advisory Committee Act. The 21stedition fully updates the manual that lawyers, journalists andresearchers have relied on for more than 25 years. For those wholitigate open government cases (or need to learn how to litigatethem), this is an essential reference manual.



"Privacy & Human Rights 2002: An International Survey of Privacy Lawsand Developments" (EPIC 2002). Price: $25.
http://www.epic.org/bookstore/phr2002/

This survey, by EPIC and Privacy International, reviews the state ofprivacy in over fifty countries around the world. The survey examinesa wide range of privacy issues including data protection, telephonetapping, genetic databases, video surveillance, location tracking, IDsystems and freedom of information laws.



"Filters and Freedom 2.0: Free Speech Perspectives on Internet ContentControls" (EPIC 2001). Price: $20.
http://www.epic.org/bookstore/filters2.0/

A collection of essays, studies, and critiques of Internet contentfiltering. These papers are instrumental in explaining why filteringthreatens free expression.



"The Consumer Law Sourcebook 2000: Electronic Commerce and the GlobalEconomy," Sarah Andrews, editor (EPIC 2000). Price: $40.
http://www.epic.org/cls/

The Consumer Law Sourcebook provides a basic set of materials forconsumers, policy makers, practitioners and researchers who areinterested in the emerging field of electronic commerce. The focus ison framework legislation that articulates basic rights for consumersand the basic responsibilities for businesses in the online economy.



"Cryptography and Liberty 2000: An International Survey of EncryptionPolicy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price:
$20. http://www.epic.org/crypto&/

EPIC's third survey of encryption policies around the world. Theresults indicate that the efforts to reduce export controls on strongencryption products have largely succeeded, although severalgovernments are gaining new powers to combat the perceived threats ofencryption to law enforcement.



EPIC publications and other books on privacy, open government, freeexpression, crypto and governance can be ordered at:

EPIC Bookstore http://www.epic.org/bookstore/

"EPIC Bookshelf" at Powell's Books http://www.powells.com/features/epic/epic.html



[8] Upcoming Conferences and Events


** The Public Voice in the Digital Economy. January 14, 2002.
Honolulu, HI. The Electronic Privacy Information Center (EPIC) willhost a free public symposium in conjunction with the OECD-APEC GlobalForum and the WSIS Prep Meeting. For more information:
http://www.thepublicvoice.org/events/honolulu03/ **



World Sousveillance/Subjectrights Day (WSD). December 24, 2002. Formore information: http://www.wearcam.org/wsd.htm

Government Convention on Emerging Technologies. Defending AmericaTogether: The New Era. Government Emerging Technology Alliance (GETA).
January 8-10, 2003. Las Vegas, NV. For more information:
http://federalevents.com/govcon/

O'Reilly Bioinformatics Technology Conference. February 3-6, 2003.
San Diego, CA. For more information:
http://conferences.oreilly.com/macosxcon/

Politics of Code: Shaping the Future of the Next Internet. OxfordUniversity Programme in Comparative Media Law and Policy. February 6,
2003. Oxford, England. For more information:
http://pcmlp.socleg.ox.ac.uk/code/

Third Annual Privacy & Data Security Summit: Implementing & ManagingPrivacy in a Complex Environment. International Association of PrivacyProfessionals. February 26-28, 2003. Washington, DC. For moreinformation: http://www.privacyassociation.org/html/conferences.html

Spectrum Policy: Property or Commons? Stanford Law School Center forInternet and Society. March 1, 2003. For more information:
http://cyberlaw.stanford.edu/spectrum/

P&AB's Privacy Practitioners' Workshop and Ninth Annual NationalConference. Privacy & American Business. March 12-14, 2002.
Washington, DC. For more information:
http://www.pandab.org/postcard.pdf

CFP2003: 13th Annual Conference on Computers, Freedom, and Privacy.
Association for Computing Machinery (ACM). April 1-4, 2003. New York,
NY. For more information: http://www.cfp2003.org/

28th Annual AAAS Colloquium on Science and Technology Policy. AmericanAssociation for the Advancement of Science. April 10-11, 2003.
Washington, DC. For more information:
http://www.aaas.org/spp/rd/colloqu.htm

O'Reilly Emerging Technology Conference. April 22-25, 2003. SantaClara, CA. For more information: http://conferences.oreilly.com/etcon/

O'Reilly Open Source Convention. July 7-11, 2003. Portland, OR. Formore information: http://conferences.oreilly.com/oscon/


Subscription Information


Subscribe/unsubscribe via Web interface:

http://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news

Subscribe/unsubscribe via e-mail:

To: epic_news-requestmailman.epic.org
Subject line: "subscribe" or "unsubscribe" (no quotes)

Help with subscribing/unsubscribing:

To: epic_news-requestmailman.epic.org
Subject: "help" (no quotes)

Back issues are available at:

http://www.epic.org/alert/

The EPIC Alert displays best in a fixed-width font, such as Courier.


Privacy Policy


The EPIC Alert mailing list is used only to mail the EPIC Alert and tosend notices about EPIC activities. We do not sell, rent or share ourmailing list. We also intend to challenge any subpoena or other legalprocess seeking access to our mailing list. We do not enhance (linkto other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail addressfrom this list, please follow the above instructions under"subscription information". Please contact infoepic.org if you wouldlike to change your subscription e-mail address, if you areexperiencing subscription/unsubscription problems, or if you have anyother questions.


About EPIC


The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 tofocus public attention on emerging privacy issues such as the ClipperChip, the Digital Telephony proposal, national ID cards, medicalrecord privacy, and the collection and sale of personal information.
EPIC publishes the EPIC Alert, pursues Freedom of Information Actlitigation, and conducts policy research. For more information,
e-mail infoepic.org, http://www.epic.org or write EPIC, 1718Connecticut Ave., NW, Suite 200, Washington, DC 20009.
+1 202 483 1140 (tel), +1 202 483 1248 (fax).

If you'd like to support the work of the Electronic PrivacyInformation Center, contributions are welcome and fullytax-deductible. Checks should be made out to "EPIC" and sent to1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009.
Or you can contribute online at:

http://www.epic.org/donate/



Drink coffee, support civil liberties, get a tax deduction, and learnLatin at the same time! Receive a free epic.org "sed quis custodietipsos custodes?" coffee mug with donation of $75 or more.



Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for theright of privacy and efforts to oppose government regulation ofencryption and expanding wiretapping powers.

Thank you for your support.

END EPIC Alert 9.25


.


WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback
URL: http://www.worldlii.org/int/journals/EPICAlert/2002/25.html