You are here:
WorldLII >>
Databases >>
EPIC Alert >>
2003 >>
[2003] EPICAlert 11
Database Search
| Name Search
| Recent Articles
| Noteup
| LawCite
| Help
EPIC Alert 10.11 [2003] EPICAlert 11
EPIC ALERT
Volume 10.11 June 6, 2003
Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.
http://www.epic.org/alert/EPIC_Alert_10.11.html
Table of Contents
[1] EPIC Conference Explores Privacy and Technology Issues
[2] Ashcroft Testifies on PATRIOT Act Implementation
[3] Inspector General Criticizes DOJ on September 11 Detainees
[4] FCC Opens Door to Media Consolidation
[5] Council of Europe Adopts Declaration of Freedom on the Internet
[6] News in Brief
[7] EPIC Bookstore: Privacy Times
[8] Upcoming Conferences and Events
[1] EPIC Conference Explores Privacy and Technology Issues
"There was of course no way of knowing whether you were being watchedat any given moment." - George Orwell, 1984.
In honor of the 100th anniversary of George Orwell's birth, EPIChosted a conference on June 2 entitled "Privacy and Technology:
Looking Back, Looking Ahead" at the National Press Club in Washington,
DC. Members of EPIC's advisory board discussed the challenges of newtechnologies as they relate to privacy and surveillance, the
role oflaw in safeguarding freedom, and the role of technology insafeguarding freedom.
In talking about new technologies as they relate to privacy andsurveillance, many panelists, including Professor Daniel Solove ofSeton
Hall Law School, discussed the risks of the DefenseDepartment's proposed Terrorism Information Awareness (TIA) system andthe government's
expanding use of third-party information brokers.
Dr. Barbara Simons of the U.S. Association of Computing Machinerydiscussed data mining problems and issues related to false positiveresults.
She also noted how often a technology bias leads towardtechnological solutions to problems that would best be solved bynon-technological
means. Professor Oscar Gandy of the University ofPennsylvania's Annenberg School of Communication concluded the panelby comparing
industrialization's impact on the environment with thenegative externalities on privacy produced by government securitytechnologies.
Regarding the role of law in safeguarding freedom, Professor JerryKang of the UCLA Law School presented two different visions ofpervasive
computing and how they might alter legal paradigms.
Professor Anita Ramasatry of the University of Washington Law Schoolexpressed concern over a lack of due process in current securitysystems,
while Judith Krug, the Director of the American LibraryAssociation's Office for Intellectual Freedom, discussed efforts tomodify
Section 215 of the PATRIOT Act, which allows authorities toexamine book sales and library records.
When it came to the role of technology in safeguarding freedom,
Professor Ann Bartow of the University of South Carolina School of Lawdiscussed how the Digital Millennium Copyright Act in some casesprevents
users from fully understanding the technology that they use.
Dr. David Chaum's discussion centered on voting technology and thesimultaneous need for voter anonymity and voting audit trails.
Dr.
Peter Neumann's opening presentation also discussed the issue ofensuring privacy and integrity in the voting process. The conferenceconcluded
with Dr. Bruce Schneier, Chief Technology Officer ofCounterpane Internet Security, who presented a five-part framework foranalyzing
the nature of security threats and determining thesuitability of security solutions.
EPIC Privacy and Technology Conference Website:
http://www.orwell2003.org/
[2] Ashcroft Testifies on PATRIOT Act Implementation
After a long hiatus, Attorney General Ashcroft appeared before theHouse Judiciary Committee to answer questions concerning the JusticeDepartment's
implementation of the controversial USA PATRIOT Act.
Ashcroft began his testimony by stating that terrorists still pose asignificant threat to American security. He said that without
thetools provided by the PATRIOT Act, combating terrorism would bedifficult if not "impossible." He warned Committee members that,
"Aswe consider the Constitutional methods we use to fight the enemies offreedom, we must remember that terrorism threatens our future."
Ashcroft concluded his testimony by describing measures to expand thePATRIOT Act, including adding to the definition of "material
supportto terrorists" punishable under the Act, increasing the maximumpenalties for terrorism, and allowing for pretrial detentions
interrorism cases.
The House Judiciary Committee has been at the forefront of efforts toensure legislative oversight of Executive Branch powers granted
in thePATRIOT Act. Last month the Justice Department submitted writtenresponses to a series of questions surrounding the implementation
ofthe PATRIOT Act (See Alert 10.10). The questions from the Committeemembers during the hearing focused on the impact of the Department'spolicies
on privacy and civil liberties. Rep. James Sensenbrenner(R-WI), chair of the Committee, said that his support of the PATRIOTAct
was neither "perpetual, nor unconditional" and that he wanted toconsider the long term effect of the measure even if might producesome
short term results. Ranking member John Conyers (D-MI) remindedAshcroft that America was "marching into history" and that theterrorists
must be dealt with in the context of Constitutional valuessuch as due process, which "separate us from our enemies."
The first line of questioning focused on the legislative oversight ofthe Justice Department. Ashcroft acknowledged that he did not
consultwith members of Congress concerning his significant revisions of theAttorney General Guidelines governing security investigations.
Hepromised to be more forthcoming with Congress in the future. Severalmembers questioned the Attorney General concerning the use
of libraryand bookstore records during investigations following passage of thePATRIOT Act.
Rep. William Delahunt (D-MA) criticized the Justice Department'spenchant for excessive secrecy saying, "It appears that the Americanpeople
feel that the government is intent on prying into every nookand cranny of people's private lives, while at the same time doing allit
can to block access to government information that would inform theAmerican people about what is being done in their name." In responseto
a question about data mining, Ashcroft advocated a policy of"minimization." He noted that faulty data is a problem and said thatthe
best safeguard is to ensure that the FBI obtains only informationrequired for investigations. Ashcroft stated that he did not believethat
FBI is conducting data mining on non-criminal suspects. Inregards to the Terrorist Information Awareness system, Ashcroftrecognized
the need for operational safeguards, efficacy and accuracyof search tools, and security systems to prevent unauthorized access.
The Attorney General was also repeated questioned about the InspectorGeneral's report on the abusive practices concerning the September
11detainees (see item below). Finally, a number of Committee members,
instead of taking the opportunity to examine how the JusticeDepartment is employing the sweeping anti-terrorism laws, asked aseries
of questions about the Department's effort to stop peer to peerfile sharing of copyrighted material.
Attorney General Ashcroft's Prepared Statement:
http://www.house.gov/judiciary/ashcroft060503.htm
EPIC PATRIOT Act page:
http://www.epic.org/privacy/terrorism/usapatriot/
EPIC Attorney General Guidelines page:
http://www.epic.org/privacy/fbi/
[3] Inspector General Criticizes DOJ on September 11 Detainees
The Inspector General of the Department of Justice has released a198-page report examining the treatment of people who were held onimmigration
charges in connection with the investigation of theSeptember 11, 2001 terrorist attacks. The report details how theJustice Department
used federal immigration laws to detain 762persons, mostly of Arab or South Asian origin, who were suspected ofhaving ties to the
attacks or connections to terrorism, or who weresimply encountered during the course of the FBI's inquiry into theattacks. The report
highlights serious problems with the round-up andtreatment of the 762 detainees, including arbitrary detentions,
prolonged detentions, restrictive detention conditions, and in someinstances physical and verbal abuse. The Office of Inspector Generalis
an independent internal investigation unit within the JusticeDepartment.
The report, instigated by media reports and reports from human rightsorganizations, paints a picture of chaos immediately following
theattacks, followed by a long period of negligence that left detaineesin administrative limbo. Only after details of the abusive
treatmentemerged in the press did the Department begin to process the detaineesmore quickly in January 2002. DOJ has not apologized
for its actions,
but instead has taken the position that the crisis atmosphereimmediately after September 11, and the fact that all the personsdetained
were in technical violation of immigration laws, makes it"unfair to criticize the conduct" of Department officials. TheDepartment
spokesperson said that, "We make no apologies for findingevery legal way possible to protect the American public from furtherterrorist
attacks." EPIC and a coalition of public interest groups islitigating under the Freedom of Information Act to require disclosureof the names of the detainees; the case is now pending before the D.C.
Circuit Court of Appeals.
According to the report, the Justice Department instituted a "no bond"
policy for all detainees connected to the terrorism probe after theattacks -- even though immigration officials quickly questioned
thepolicy's legality. Without bail, terrorism suspects remained in jailfor an average of nearly three months, much longer than the
FBIprojected before it cleared most of them for release, the report said.
In addition, detainees faced monumental difficulties and weeks ofdelay before they were allowed to make phone calls and find lawyers.
Some were kept for months in cells illuminated 24 hours a day and wereescorted in handcuffs, leg irons and waist chains. Most of
thedetainees were eventually found to have no connection to the terroristattacks.
The September 11 Detainees Report, Office of Inspector General:
http://www.usdoj.gov/oig/special/0603/full.pdf
CNSS/EPIC v. Department of Justice (detainee FOIA case):
http://www.epic.org/open_gov/foia/cnss_v_doj.html
[4] FCC Opens Door to Media Consolidation
On June 2 the Federal Communications Commission voted 3-2 along partylines to relax the rules surrounding media ownership. Theregulations,
among other things, would permit a television station toown a newspaper in the same media market. The agency received anunprecedented
750,000 public comments, with 99 percent opposed toderegulation, but only held a single official hearing on the issue inRichmond,
Virginia last winter. The Center for Public Integrityreports that in the months leading up to the final decision, agencystaff met
with senior industry lobbyists behind closed doors on 71different instances, while they privately met with public interestadvocates
only 5 times.
The FCC decision came under close scrutiny in the Senate CommerceCommittee; at a hearing on June 3, several senators voiced theirbipartisan
opposition to the Commission's decision to promote mediaconcentration. Lawmakers warned that the deregulation of the radiomedia
market promoted significant consolidation, and that the new FCCrules could produce a similar environment for other media outlets.
Consumers Union, the Media Access Project, and other public interestgroups have begun a campaign to educate people about the consequencesof
the FCC decision and to mobilize a grassroots campaign to supportstronger public interest regulations.
The agency decision to deregulate is spurred by the belief that newinformation sources including cable, satellite, and Internet, allowfor
enough diversity and that dominance by a handful of media mogulsshould no longer be a concern. Critics charge that traditional mediaoutlets
continue to dominate how most people receive their news, andthat the media giants in the offline world are using their position toextend
their power in the online world. In addition, the FCC proposalto allow wireline broadband to be exempt from open access requirementswould
further consolidate the dominance of information providers whoincreasingly straddle the content and transmission industries. Publicinterest
advocates contend that the FCC's commitment to mediaderegulation does not serve the important public interest values,
including localism, diversity, and competition. "This is the mostsweeping and destructive rollback of consumer protection rules in
thehistory of American broadcasting," said Commissioner Adelstein whovoted against the measure.
FCC Press Release on Decision:
http://www.epic.org/redirect/fcc_press.html (PDF)"Behind Closed Doors," Center for Public Integrity Report:
http://www.epic.org/redirect/CPI_report.html
FCC Critique, Consumer Federation of America and Consumers Union:
http://www.consumerfed.org/FCCcritique.05.21.03.pdf
[5] Council of Europe Adopts Declaration of Freedom on the Internet
The Council of Europe (CoE) Committee of Ministers adopted on May 28 a"Declaration on Freedom of Communication on the Internet" thatestablishes
seven principles underlining freedom of communication, andcondemns practices aimed at restricting or controlling Internetaccess,
especially for political reasons.
Most notable among the principles enshrined in the Declaration is theacknowledgement that CoE Member States must respect Internet
users'
anonymity, "in order to ensure protection against online surveillanceand to enhance the free expression of information and ideas."
Another principle condemns the practice of governmental blocking andfiltering measures ordered preventively, that is, before any decisionis
taken by competent national authorities on the illegality of a website. The Declaration recommends that Internet content, if it
is to beremoved or blocked, must be clearly identified, and that Article 10,
paragraph 2 of the Convention for the Protection of Human Rights andFundamental Freedoms be followed.
The declaration also tackles the issue of the liability of serviceproviders for Internet content by providing that CoE Member Statesshould
not impose on service providers a general obligation to monitorcontent on the Internet to which they give access, that they transmitor
store, closely following in that the legal framework of the EUE-Commerce Directive (2000/31/EC). However, contrary to theDirective,
the Council of Europe emphasizes that where CoE MemberStates regulate at the national level the obligations of serviceproviders,
they need to protect the freedom of expression and therights of users to information.
The Council of Europe is an intergovernmental organization formed in1949 by West European countries that is currently composed of
45member countries from across Europe. Its main role is "to strengthendemocracy, human rights and the rule of law throughout its
Memberstates," which it does mainly by promoting the binding rules of theEuropean Convention for the Protection of Human Rights and
FundamentalFreedoms of 1950 (ECHR), an international convention covering a widerange of civil and political rights that is enforced
by the EuropeanCourt of Human Rights in Strasbourg.
Council of Europe Declaration (May 28, 2003):
http://www.epic.org/redirect/CoE_declaration.html
EPIC Page on Anonymity:
http://www.epic.org/free_speech/default.html#anonymity
EPIC's Filters & Freedom 2.0:
http://www.epic.org/bookstore/filters2.0/
[6] News in Brief
Tivo Sells Viewing Data
Tivo, a company that sells digital video recorders, announced thisweek that the company will sell aggregate information collected
fromcustomers' viewing habits. Tivo's product is capable of trackingindividuals' second-by-second viewing behaviors, and whethercommercials
were skipped using the device. Tivo claims that theinformation sold to advertisers will be anonymous, and not revealpersonal or
household-level viewing data.AOL/Microsoft Agreement on Digital Rights Management
America Online and Microsoft came to an agreement last week that willresult in the companies entering into a partnership to develop
digitalmedia initiatives. The move is likely to accelerate the developmentof Digital Rights Management (DRM) systems, many of which
are privacyinvasive and incompatible with fair use rights. Many DRMs, includingsystems developed by Microsoft, link individuals'
identity to thecontent they choose, thus enabling tracking and profiling ofintellectual pursuits.
EPIC Digital Rights Management Page:
http://www.epic.org/privacy/drm/
California Privacy Laws Advance
This week, California Governor Gray Davis announced support for Sen.
Jackie Speier's (D-San Francisco) financial information privacy bill,
SB 1. The bill would improve notice requirements and require opt-inconsent from the consumer before information could be sold tonon-affiliates.
Individuals could opt-out of affiliate sharing underthe law, but a recent compromise would allow such sharing if theaffiliates are
in the same line of business.
A second bill, SB 27, sponsored by Sen. Liz Figueroa (D-Fremont)
passed the State Senate. That bill would require businesses todisclose whether personal information is being sold to marketersupon
a consumer's request. If information is being sold, the businessmust also disclose the sources and recipients of the data andthe
actual information disclosed. Businesses could not condition asale of a product on waving this rights of access, and a failure tocomply
with the law carries civil penalties.
SB 1:
http://www.epic.org/redirect/SB1.html
SB 27:
http://www.epic.org/redirect/SB27.html
North Dakota Enacts Two Privacy Laws
Rep. Jim Kasper (R-Fargo) has introduced three privacy bills inthe North Dakota legislature, two of which are now law in that State.
HB 1478 requires financial services institutions to obtain opt-inconsent before exploiting personal information for joint marketingpurposes.
The law also requires a rulemaking to limit financialinformation sharing exemptions in the Gramm-Leach-Bliley Act of 1999.
A second bill, HB 1179, requires a rulemaking that may result in the adoption ofopt-in regulations for insurance industry sharing
of information amongnon-affiliates. A third measure, HB 1477, would have restrictedaffiliate sharing and joint marketing agreements
in the securitiesindustry, but that bill failed narrowly in the State Senate.
HB 1478:
http://www.state.nd.us/lr/assembly/58-2003/bill_index/BI1478.html
HB 1179:
http://www.state.nd.us/lr/assembly/58-2003/bill_index/BI1179.html
Industry Anti-Privacy Commercial in North Dakota:
http://www.privacy.org/ndoptin.mpg
[7] EPIC Bookstore: Privacy Times
Privacy Times http://www.privacytimes.com/
Since 1981, Privacy Times has provided its readers with accuratereporting, objective analysis and thoughtful insight into the eventsthat
shape the ongoing debate over privacy. Publisher Evan Hendricksis a widely respected and thoughtful member of the privacy community.
Privacy Times is the leading subscription-only newsletter coveringprivacy & Freedom of Information Law and policy. It is read largely
byattorneys and professionals who must stay abreast of the legislation,
litigation, and executive branch activities, as well as consumer news,
technology trends and business developments. Subscriptions are alsoavailable for individuals.
EPIC Publications:
"The Privacy Law Sourcebook 2002: United States Law, InternationalLaw, and Recent Developments," Marc Rotenberg, editor (EPIC 2002).
Price: $40. http://www.epic.org/bookstore/pls2002/
The "Physicians Desk Reference of the privacy world." An invaluableresource for students, attorneys, researchers and journalists
who needan up-to-date collection of U.S. and International privacy law, aswell as a comprehensive listing of privacy resources.
"FOIA 2002: Litigation Under the Federal Open Government Laws," HarryHammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price:
$40.
http://www.epic.org/bookstore/foia2002/
This is the standard reference work covering all aspects of theFreedom of Information Act, the Privacy Act, the Government in theSunshine Act, and the Federal Advisory Committee Act. The 21stedition fully updates the manual
that lawyers, journalists andresearchers have relied on for more than 25 years. For those wholitigate open government cases (or
need to learn how to litigatethem), this is an essential reference manual.
"Privacy & Human Rights 2002: An International Survey of Privacy Lawsand Developments" (EPIC 2002). Price: $25.
http://www.epic.org/bookstore/phr2002/
This survey, by EPIC and Privacy International, reviews the state ofprivacy in over fifty countries around the world. The survey
examinesa wide range of privacy issues including data protection, telephonetapping, genetic databases, video surveillance, location
tracking, IDsystems and freedom of information laws.
"Filters and Freedom 2.0: Free Speech Perspectives on Internet ContentControls" (EPIC 2001). Price: $20.
http://www.epic.org/bookstore/filters2.0/
A collection of essays, studies, and critiques of Internet contentfiltering. These papers are instrumental in explaining why filteringthreatens
free expression.
"The Consumer Law Sourcebook 2000: Electronic Commerce and the GlobalEconomy," Sarah Andrews, editor (EPIC 2000). Price: $40.
http://www.epic.org/cls/
The Consumer Law Sourcebook provides a basic set of materials forconsumers, policy makers, practitioners and researchers who areinterested
in the emerging field of electronic commerce. The focus ison framework legislation that articulates basic rights for consumersand
the basic responsibilities for businesses in the online economy.
"Cryptography and Liberty 2000: An International Survey of EncryptionPolicy," Wayne Madsen and David Banisar, authors (EPIC 2000).
Price:
$20. http://www.epic.org/crypto&/
EPIC's third survey of encryption policies around the world. Theresults indicate that the efforts to reduce export controls on strongencryption
products have largely succeeded, although severalgovernments are gaining new powers to combat the perceived threats ofencryption
to law enforcement.
EPIC publications and other books on privacy, open government, freeexpression, crypto and governance can be ordered at:
EPIC Bookstore http://www.epic.org/bookstore/
"EPIC Bookshelf" at Powell's Books http://www.powells.com/features/epic/epic.html
[8] Upcoming Conferences and Events
June 23-27, 2003. Partenit, Crimea, Ukraine. For more information:
http://www.itb.conferen.ru/eng/info_e.html
Press Freedom on the Internet. The World Press Freedom Committee. June26-28, 2003. New York, NY. For more information: mgreenewpfc.org
Building the Information Commonwealth: Information Technologies andProspects for Development of Civil Society Institutions in theCountries
of the Commonwealth of Independent States.
Interparliamentary Assembly of the Member States of the Commonwealthof Independent States (IPA). June 30-July 2, 2003. St. Petersburg,
Russia. For more information:
http://www.communities.org.ru/conference/
O'Reilly Open Source Convention. July 7-11, 2003. Portland, OR. Formore information: http://conferences.oreilly.com/oscon/
1st Global Conference: Visions of Humanity in Cyberculture, Cyberpunkand Science Fiction. August 11-13, 2003. Prague, Czech Republic.
Formore information: http://www.inter-disciplinary.net/vhccsf03cfp.htm
Integrating Privacy Into Your Overall Business Strategy: Complyingwith Privacy Legislation for Competitive Advantage. InternationalQuality
and Productivity Centre (IQPC Canada). July 9-10, 2003.
Toronto, Canada. For more information:
http://www.iqpc-canada.com/NA-1987-01
Chaos Communication Camp 2003: The International Hacker Open AirGathering. Chaos Computer Club. August 7-10, 2003. Paulshof,
Altlandsberg, Germany. For more information: http://www.ccc.de/camp/
WWW2003: 5th Annual Conference on World Wide Web Applications.
Department of Information Studies, Rand Afrikaans University, and theDepartment of Information Systems and Technology, University
ofDurban-Westville. September 10-12, 2003. Durban, South Africa. Formore information: http://www.udw.ac.za/www2003/
Making Intelligence Accountable, Oslo, Norway September 19-20, 2003.
The Geneva Centre for the Democratic Control of Armed Forces. For moreinformation:
http://www.dcaf.ch/news/Intel%20Acct_Oslo%200903/ws_mainpage.html
Privacy2003. Technology Policy Group. September 30-October 2, 2003.
Columbus, OH. For more information:
http://www.privacy2000.org/privacy2003/
Subscription Information
Subscribe/unsubscribe via Web interface:
http://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news
Subscribe/unsubscribe via e-mail:
To: epic_news-requestmailman.epic.org
Subject: "subscribe" or "unsubscribe" (no quotes)
Automated help with subscribing/unsubscribing:
To: epic_news-requestmailman.epic.org
Subject: "help" (no quotes)
Problems or questions? e-mail infoepic.orgBack issues are available at: http://www.epic.org/alert/
The EPIC Alert displays best in a fixed-width font, such as Courier.
Privacy Policy
The EPIC Alert mailing list is used only to mail the EPIC Alert and tosend notices about EPIC activities. We do not sell, rent or
share ourmailing list. We also intend to challenge any subpoena or other legalprocess seeking access to our mailing list. We do
not enhance (linkto other databases) our mailing list or require your actual name.
In the event you wish to subscribe or unsubscribe your e-mail addressfrom this list, please follow the above instructions under"subscription
information". Please contact infoepic.org if you wouldlike to change your subscription e-mail address, if you areexperiencing subscription/unsubscription problems, or if you
have anyother questions.
About EPIC
The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 tofocus
public attention on emerging privacy issues such as the ClipperChip, the Digital Telephony proposal, national ID cards, medicalrecord
privacy, and the collection and sale of personal information.
EPIC publishes the EPIC Alert, pursues Freedom of Information Actlitigation, and conducts policy research. For more information,
e-mail infoepic.org, http://www.epic.org or write EPIC, 1718Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140(tel), +1 202 483 1248 (fax).
If you'd like to support the work of the Electronic PrivacyInformation Center, contributions are welcome and fullytax-deductible.
Checks should be made out to "EPIC" and sent to 1718Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you cancontribute
online at:
http://www.epic.org/donate/
Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for theright of privacy and efforts to oppose government regulation
ofencryption and expanding wiretapping powers.
Thank you for your support.
END EPIC Alert 10.11 .
WorldLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.worldlii.org/int/journals/EPICAlert/2003/11.html
