WorldLII Home | Databases | WorldLII | Search | Feedback

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 2004 >> [2004] EPICAlert 4

Database Search | Name Search | Recent Alerts | Noteup | LawCite | Help

EPIC Alert 11.04 [2004] EPICAlert 4 (25 February 2004)








EPIC ALERT


Volume 11.04 February 25, 2004


Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.

http://www.epic.org/alert/EPIC_Alert_11.04.html

Table of Contents



[1] Supreme Court Sides With Government on Privacy Act Damages
[2] Agencies Issue Reports on CAPPS II, JetBlue Disclosure
[3] EPIC Testifies on Medical Privacy and Banking
[4] EPIC Demands FBI Database Accuracy
[5] Courts Reject Business "Free Speech" Challenges to Privacy Law
[6] News in Brief
[7] EPIC Bookstore: The Patriot Act Game
[8] Upcoming Conferences and Events


[1] Supreme Court Sides With Government on Privacy Act Damages


The Supreme Court has ruled in a 6-3 decision that an individual mustprove he has suffered actual harm before he can receive a $1,000minimum award guaranteed by law when the government wrongfullydiscloses personal information.

The case, Doe v. Chao, arose from the Department of Labor's use ofminers' Social Security numbers to identify their black lung claims onofficial agency documents, some of which were made public. Severalminers sued the agency, arguing that they were entitled to $1,000minimum damages from the government provided under the Privacy Act.
The United States District Court for the Western District of Virginiafound that only one miner, Buck Doe, was entitled to damages becausehe had shown that he suffered sufficient emotional distress as aresult of the disclosure of his Social Security Number to be awardeddamages. The United States Court of Appeals for the Fourth Circuitdisagreed, concluding that Doe was not entitled to damages under thePrivacy Act because he failed to show that any tangible harm resultedfrom the disclosure of his Social Security Number.

EPIC collaborated with numerous consumer and privacy organizations,
legal scholars and technical experts to submit a "friend of the court"
brief to the Supreme Court on Doe's behalf, arguing that the PrivacyAct provides damages for those who suffer "adverse effects," whichdoes not require actual harm. The brief pointed to the dangers ofSocial Security Number disclosure, the tradition of providing similarawards under other privacy laws, and the history of the Privacy Act toshow that actual harm is not necessary to recover the $1,000 awardunder the Privacy Act.

The Supreme Court concluded, however, that an individual must proveactual damages to receive the $1,000 award from the government.
Justice Souter (joined by the Chief Justice and Justices O'Connor,
Scalia, Thomas, and Kennedy) found that the most straightforwardreading of the Privacy Act supported the conclusion that an individualmust prove actual harm to collect minimum damages under the PrivacyAct, noting that it is unusual for a law not to require proof of harmsuffered before an individual is awarded of damages.

In a dissenting opinion, Justice Ginsburg (joined by Justices Stevensand Breyer) argued that the majority's interpretation of the lawfailed to take into account each word of the section of the PrivacyAct that provides for damages. Justice Ginsburg pointed out that themajority's decision is at odds with the Office of Management andBudget's guidelines for interpreting the Privacy Act, which wereissued just six months after the law was passed. She asserted thatthe majority's holding encourages individuals to "arrange ormanufacture" actual damages, such as paying a fee to run a creditreport, in order to be allowed to recover the minimum $1,000 under thePrivacy Act. She also noted that the Privacy Act's language issimilar to that of other federal laws that do not require proof ofactual harm for an individual to collect the minimum award providedunder the law. In a separate dissent, Justice Breyer found "no supportin any of the statute's basic purposes for the majority's restrictivereading of the damages provision."

Doe v. Chao, Supreme Court Docket No. 02-1377:

http://www.supremecourtus.gov/opinions/03pdf/02-1377.pdf  

EPIC's amicus brief filed in Doe v. Chao:

http://www.epic.org/privacy/chao/Doe_amicus.pdf   
  
For more information about the case, see EPIC's Doe v. Chao Page:

http://www.epic.org/privacy/chao/                 



[2] Agencies Issue Reports on CAPPS II, JetBlue Disclosure


Two recent agency reports have cast doubt on the future of theTransportation Security Administration's controversial passengerprofiling system and detailed the agency's role in the transfer ofpassenger information to a Defense Department contractor for use in adata mining study.

The General Accounting Office has issued a report concluding thatnumerous problems plague the TSA's Computer-Assisted PassengerPrescreening System (CAPPS II). The report found that TSA has notadequately addressed seven of eight implementation and operationalconcerns raised by Congress last year, including the accuracy of thedata relied on by the system; abuse prevention; overall privacyconcerns; and the redress process for people erroneously labeled as athreats or targeted for additional scrutiny.

The GAO also expressed uneasiness about the evolution of CAPPS II'sstated purpose. The program was initially intended to detectterrorists and keep them off airplanes. In August, however, TSAannounced that CAPPS II would also serve as a law enforcement tool toidentify individuals wanted for violent crimes.

In response to the report, the Department of Homeland Security, TSA'sparent agency, noted that CAPPS II is still under development, andremarked that both national and international hurdles to deploymentand problem resolution were more complex than the report made clear.
The GAO responded that it stands by what it believes to be a fair andaccurate assessment of the program.

In related news, the Department of Homeland Security's Chief PrivacyOfficer has released a report criticizing TSA's role in thecontroversial transfer of JetBlue Airways passenger information toDefense Department contractor Torch Concepts for use in a data miningstudy. The report finds that, "The TSA employees involved actedwithout appropriate regard for individual privacy interests or thespirit of the Privacy Act of 1974."

The report revealed that a TSA employee sent a written request toJetBlue to ask that the airline provide passenger data to theDepartment of Defense for use in a military base security project.
Acxiom Corporation, a data aggregation company, then actuallytransferred the passenger information to Torch Concepts. Later,
Acxiom sold Torch Concepts additional information on about 40 percentof the JetBlue passengers whose information had already beendisclosed. The report noted that "but for the involvement of a fewTSA officials in these events, the data would likely not have beenshared by jetBlue with the Department of Defense and its contractors."

In the wake of the Department of Homeland Security report, EPIC hassent a letter to the Federal Trade Commission urging the agency tosanction JetBlue and Acxiom for their disclosures of passengerinformation. In September, EPIC submitted a complaint to the FederalTrade Commission alleging that JetBlue and Acxiom committed unfair anddeceptive trade practices by disclosing personal information to TorchConcepts in violation of their publicly posted privacy policies. Theagency has not announced whether any action has been taken in responseto the complaint.

The General Accounting Office's Report on CAPPS II:

http://www.epic.org/privacy/airtravel/gao-capps-rpt.pdf  
The Homeland Security Privacy Office Report to the Public on EventsSurrounding the JetBlue Data Transfer:

http://www.epic.org/privacy/airtravel/jetblue/dhs_report.pdf

EPIC's Letter to the FTC:

http://www.epic.org/privacy/airtravel/jetblue/FTC_letter.html

EPIC's Complaint Against JetBlue and Acxiom to the FTC:

http://www.epic.org/privacy/airtravel/jetblue/ftccomplaint.html

For more information about air travel privacy, see EPIC's PassengerProfiling Page:

http://www.epic.orgprivacy/airtravel/profiling.html



[3] EPIC Testifies on Medical Privacy and Banking


On February 18, EPIC Senior Fellow Anna Slomovic testified on medicalprivacy issues in banking transactions before the National Committeeon Vital and Health Statistics, the official advisory body to theSecretary of Health and Human Services. Dr. Slomovic discussed theneed to improve protection for health information as it moves throughthe banking system.

Dr. Slomovic noted that the banking industry is seeking an exemptionfrom being designated a "covered entity" under the Health InsurancePortability and Accountability Act (HIPAA) Privacy Rule even whenbanks perform functions that fall under the definition of health careclearinghouses. Banks are also asking the Department of Health andHuman Services to rescind requirements for additional encryption whenprotected health information flows through the banking transactionnetwork. Dr. Slomovic stated that banks should not be exempt from thefull requirements of the Privacy Rule and that the requirement foradditional encryption should be maintained.

In related medical privacy news, a group of physicians and hospitalshas challenged Justice Department subpoenas for medical records ofwomen who have had abortions. The Justice Department wants to examinemedical records as part of its defense of the Partial Birth AbortionBan Act of 2003, which is being challenged on the grounds that itwould prevent doctors from performing medically necessary abortions.

Two federal courts reached different conclusions about whetherhospitals must release records to the Justice Department. U.S. ChiefDistrict Judge Charles Kocoras of the Northern District of Illinois,
Eastern Division quashed the subpoenas on the grounds that Illinoisstate law is more stringent than federal privacy protections andprohibits the release of records in the circumstances described in thesubpoenas. However, U.S. District Judge Richard Conway Casey of theSouthern District of New York ruled that records must be released andthat the release does not violate patient privacy if personalinformation such as patient name, address and social security numberis blocked out.

Dr. Anna Slomovic's Testimony Before the National Committee on Vitaland Health Statistics:

http://www.epic.org/privacy/medical/medical_test.html

National Abortion Federal v. Ashcroft, Northern District of Illinois,
Eastern Division, No. 04-C-55:

http://www.epic.org/privacy/medical/naf.pdf

For more information about medical privacy protections, see EPIC'sMedical Privacy Page:

http://www.epic.org/privacy/medical/



[4] EPIC Demands FBI Database Accuracy


In a recent letter to the Office of Management and Budget, EPIC hasurged the agency to require the Federal Bureau of Investigation tofollow legal accuracy obligations concerning the National CrimeInformation Center, the nation's largest criminal record database.

The NCIC is the most extensive system of criminal history records inthe United States, containing information on more than 52 millionindividuals and averaging 3.5 million transactions a day. In March2003, the FBI announced it would no longer follow Privacy Actobligations for NCIC record accuracy, explaining that "it isimpossible to determine in advance what information is accurate,
relevant, timely and complete."

EPIC's letter asserted that the NCIC's inaccuracy threatens toundermine the effectiveness of other government information technologyprojects. The United States Visitor and Immigrant Status IndicatorTechnology (US-VISIT), recently launched at 115 airports and 15seaports, uses information from NCIC and other sources to determinewhether visitors traveling to the United States will be permitted intothe country. Furthermore, the Transportation Security Administrationhas considered using NCIC information within the Computer AssistedPassenger Prescreening System (CAPPS II) to determine whetherindividuals may travel by air.

In addition, the FBI has recently expanded the NCIC to containinformation indicating whether a DNA profile of an individual existsin the Combined DNA Index System Program, the FBI's DNA profiledatabase. EPIC noted that the addition of new kinds of information tothe NCIC will only make the database's inaccurate problems worse.

In April 2003, nearly ninety organizations from across the UnitedStates urged the OMB to reinstate NCIC accuracy requirements. Todate, the agency has taken no action.

EPIC's Letter Urging Reinstatement of NCIC Accuracy Requirements:

http://www.epic.org/privacy/ncic/NCIC_letter.pdf  

April 2003 Letter From Nearly Ninety Organizations UrgingReinstatement of NCIC Accuracy Requirements:

http://www.epic.org/actions/ncic/
  
For more information about the NCIC, see EPIC's NCIC Page:

http://www.epic.org/privacy/ncic/  



[5] Courts Reject Business "Free Speech" Challenges to Privacy Law


A Vermont Superior Court has upheld the state's opt-in financialprivacy regulation against a challenge brought by a group of insurancecompanies. The companies alleged that the state's regulation exceededgovernment authority and infringed upon their First Amendment rightsto use personal information for marketing. The court held that thestate did have authority to regulate privacy practices, noting thatfinancial companies have become "high volume traffickers of consumers'
intimate, personal information." Relying upon recent cases thatrejected the claim that financial services companies have an unlimitedright to sell Social Security Numbers, the Vermont court held that theopt-in regulation did not violate Constitutional norms.

The Vermont Attorney General submitted several affidavits discussingthe role of privacy protection in the financial services context. Inone, an economic consultant retained by Vermont argued that theinsurance companies objecting to opt-in "are in essence simply voicingtheir displeasure at seeing profit opportunities reduced because theymay find fewer customers whose private information they can sell." Healso explained that an opt-out approach gives financial institutions"a profit incentive to aid inertia as a force that reduces theresponse rate by creating a confusing, hard-to-read form, by making itdifficult to respond, and by emphasizing the costs rather than thebenefits of opting out."

Indeed, the Vermont insurance companies created notices that weredifficult to read. A readability expert hired by the state found in areview of 168 privacy notices that they varied from "very difficult"
to "fairly difficult" to read based on the "Flesch Readability Index."
He concluded that the "privacy notices are not 'reasonablyunderstandable.' They are difficult to read, requiring a high levelof reader skill, far higher than the average 7th grade reading levelof the U.S."

In a separate case, the U.S. Court of Appeals for the Tenth Circuithas upheld the telemarketing Do-Not-Call Registry against challengesbrought by the telemarketing industry. The telemarketers alleged thatthe Registry infringed free speech rights and that the Federal TradeCommission lacked the authority to create it. The court rejected allthe claims and upheld the telemarketing regulations in their entirety:
"The national do-not-call registry offers consumers a tool with whichthey can protect their homes against intrusions that Congress hasdetermined to be particularly invasive. Just as a consumer can avoiddoor-to-door peddlers by placing a 'No Solicitation' sign in his orher front yard, the do-not-call registry lets consumers avoid unwantedsales pitches that invade the home via telephone, if they choose to doso. We are convinced that the First Amendment does not prevent thegovernment from giving consumers this option."

American Council of Life Insurers v. Vermont Department of Banking,
Insurance, Securities and Healthcare Administration, WashingtonSuperior Court, No. 56-1-02:

http://www.epic.org/privacy/glba/vtprivacy.pdf

The Affidavits and Memorandum in Support of the Vermont Opt-InRegulation are available on the EPIC Gramm-Leach-Bliley Page:

http://www.epic.org/privacy/glba/

Mainstream Marketing v. FTC, No. 03-1429 (10th Cir. 2004):

http://www.epic.org/privacy/telemarketing/03-1429.pdf

For more information about the Do-Not-Call Registry, see EPIC'sDo-Not-Call Registry Timeline Page:

http://www.epic.org/privacy/telemarketing/dnc/



[6] News in Brief


APPEALS COURT REJECTS MBNA VERIFICATION PRACTICES
The United States Court of Appeals for the Fourth Circuit has ruledthat creditors must perform "reasonable" investigations afterreceiving a customer dispute under the Fair Credit Reporting Act. Inthis case, MBNA America maintained a computerized customer informationsystem that reported that the plaintiff was responsible for $17,000 incredit card charges. The plaintiff had disputed the charges, but MBNAcontinued to furnish information about the debt to credit reportingagencies. MBNA claimed that the FCRA only required a cursory reviewof customer disputes, and that the company usually did not analyzedocuments or any other information outside the computerized customerinformation system. The Fourth Circuit rejected MBNA's arguments andlet stand a $90,000 actual damage award to the plaintiff: "It wouldmake little sense to conclude that, in creating a system intended togive consumers a means to dispute -- and, ultimately, correct --
inaccurate information on their credit reports, Congress used the term'investigation' to include superficial, unreasonable inquiries bycreditors." The case is likely to change dispute processes nationwideby requiring creditors to more fully investigate consumers' claimsthat incorrect information has been provided to a credit reportingagency.

Linda Johnson v. MBNA America, No. 03-1235 (4th Cir. Feb. 11, 2004):

http://www.epic.org/privacy/fcra/03-1235.pdf

For more information about credit reporting and privacy, see EPIC'sFair Credit Reporting Act Page:

http://www.epic.org/privacy/fcra/  

FEDERAL PROSECUTOR SUES JUSTICE DEPT. FOR PRIVACY ACT VIOLATIONS
Last week, an Assistant U.S. Attorney brought suit against theAttorney General and others at the Justice Department for allegedretaliation in response to the attorney's criticism of underfundingand mismanagement of terrorism investigations. After Congressionalinquiry into the Department's oversight, Richard Convertino, a 15-yearveteran federal prosecutor, was removed from a high-profile terrorismcase that he was spearheading and found himself at the center of aninternal investigation for misconduct. Convertino alleges that inretaliation for his cooperation with the Congressional inquiry, theDepartment leaked to the press the name of a terrorist informantinstrumental to his case, and that this action constitutes a violationof the Privacy Act.

Complaint in Convertino v. Dep't of Justice (D.D.C. 2004):

http://www.epic.org/privacy/terrorism/pros_comp.pdf

HOMELAND SECURITY BEGINS SECRET INFRASTRUCTURE DATA COLLECTION
The Department of Homeland Security has launched the ProtectedCritical Infrastructure Information Program, under which electricutilities, chemical companies, railroads, and other private sectorcompanies can volunteer information on infrastructure vulnerabilitiesin the United States. Such companies manage an estimated 85 percentof the nation's critical infrastructure. All information volunteeredunder the program will be withheld from the public under acontroversial exemption to the Freedom of Information Act that broadlyexempts from disclosure any information relating to security flaws andother vulnerabilities in our critical infrastructures. EPIC testifiedagainst the exemption in Congressional hearings last year.

For more information about critical infrastructure, see EPIC'sCritical Infrastructure Protection Page:

http://www.epic.org/security/infowar/resources.html



[7] EPIC Bookstore: The Patriot Act Game


The Patriot Act Game, by Lisa Freeland and Steffi Domike.

http://www.gotrights.net

In this issue of the EPIC Alert, we've extended our traditional bookreview forum to another medium of civil liberties education: thegame. The Patriot Act Game, developed by a Pittsburgh public defenderand an artist, was created to educate the public about the Act andits implications as well as other laws post 9-11.

The game is full of clever references to post 9-11 developments. Forinstance, during the course of the game, the "homeland security threatlevel" rises, each level indicated by the movement of a tinyrepresentation of a roll of duct tape. The goal of the game is to getevery player to Freedom Corner before the homeland security threatlevel reaches "Severe" and before the player who is secretly holdingthe "Snitch" card turns everyone in to Attorney General John Ashcroft.
Players whose game pieces are black, brown or yellow are faced withplaying disadvantages in comparison to those who have the red, white,
or blue game pieces. The currency of the game is the "freedom fry."
Along the way there are four sets of cards players may be instructedto pick from, including "Protest," "Surveillance," "History," and"Justice." Some cards send players to jail, where no visitors orlawyers are allowed, and other cards set them free.

Most cards strive to place the USA PATRIOT Act in current andhistorical perspective. Many of the civil liberties lost since 9-11are detailed in the "Surveillance" and "Justice" cards as well as inthe background information accompanying the instructions. The gameillustrates how freedom has been undermined both through the USAPATRIOT Act itself, as well as the resulting hysteria, terroristrhetoric, and racism that followed the 9-11 attacks. Some of theinjustices cited include arrests, detentions and deportations,
including patterns of abuse involving specific races and ethnicities.
They include increasing surveillance, profiling in job searches,
restriction of commercial licenses, obstruction of speech in protests,
and surveillance of book reading and art on dorm room walls.

Not only does the game educate players on aspects of the USA PATRIOTAct and the decline of civil liberties, it also encourages players toanalyze the importance of free speech. "History" and "Protest" cardsdetail historical figures that attempted to speak out against varioussystems of power. They highlight individuals and organizationsthroughout the world that questioned governmental and commercialpolicies and worked in the name of freedom and human rights. Abovethe figure's name and description of the speech is the line, "Hero orTerrorist?" It calls attention to the way the term "terrorist" isthrown around freely these days to denigrate opponents. For example,
just this week U.S. Education Secretary Rod Paige stated that theNational Education Association, the nation's largest teachers' union,
is a terrorist organization.

Game creators Lisa Freeland and Steffi Domike have succeeded increating a tool with which to educate the public on matters of greatimportance and one which allows players to have fun at the same time.
The only negative aspect is the time required upon receipt of the gameto pull apart the cards and the freedom fries, all of which comeattached on perforated sheets.

Information and games are available at www.gotrights.net, or bycontacting gotrights.net at thepatriotactgameearthlink.net, or atP.O. Box 81612, Pittsburgh, PA 15217. It is available for sale at aprice of $25 for an individual game or for less if purchased in bulkquantities.

- Frannie Wellings


EPIC Publications:

"The Privacy Law Sourcebook 2003: United States Law, InternationalLaw, and Recent Developments," Marc Rotenberg, editor (EPIC 2003).
Price: $40. http://www.epic.org/bookstore/pls2003/

The "Physicians Desk Reference of the privacy world." An invaluableresource for students, attorneys, researchers and journalists who needan up-to-date collection of U.S. and International privacy law, aswell as a comprehensive listing of privacy resources.



"FOIA 2002: Litigation Under the Federal Open Government Laws," HarryHammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price: $40.
http://www.epic.org/bookstore/foia2002/

This is the standard reference work covering all aspects of theFreedom of Information Act, the Privacy Act, the Government in theSunshine Act, and the Federal Advisory Committee Act. The 21stedition fully updates the manual that lawyers, journalists andresearchers have relied on for more than 25 years. For those wholitigate open government cases (or need to learn how to litigatethem), this is an essential reference manual.



"Privacy & Human Rights 2003: An International Survey of Privacy Lawsand Developments" (EPIC 2002). Price: $35.
http://www.epic.org/bookstore/phr2003/

This survey, by EPIC and Privacy International, reviews the state ofprivacy in over fifty-five countries around the world. The surveyexamines a wide range of privacy issues including data protection,
passenger profiling, genetic databases, video surveillance, ID systemsand freedom of information laws.



"Filters and Freedom 2.0: Free Speech Perspectives on Internet ContentControls" (EPIC 2001). Price: $20.
http://www.epic.org/bookstore/filters2.0/

A collection of essays, studies, and critiques of Internet contentfiltering. These papers are instrumental in explaining why filteringthreatens free expression.



"The Consumer Law Sourcebook 2000: Electronic Commerce and the GlobalEconomy," Sarah Andrews, editor (EPIC 2000). Price: $40.
http://www.epic.org/cls/

The Consumer Law Sourcebook provides a basic set of materials forconsumers, policy makers, practitioners and researchers who areinterested in the emerging field of electronic commerce. The focus ison framework legislation that articulates basic rights for consumersand the basic responsibilities for businesses in the online economy.



"Cryptography and Liberty 2000: An International Survey of EncryptionPolicy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price:
$20. http://www.epic.org/bookstore/crypto00&/

EPIC's third survey of encryption policies around the world. Theresults indicate that the efforts to reduce export controls on strongencryption products have largely succeeded, although severalgovernments are gaining new powers to combat the perceived threats ofencryption to law enforcement.



EPIC publications and other books on privacy, open government, freeexpression, crypto and governance can be ordered at:

EPIC Bookstore http://www.epic.org/bookstore/

"EPIC Bookshelf" at Powell's Books http://www.powells.com/features/epic/epic.html



[8] Upcoming Conferences and Events


Third Conference on Privacy and Public Access to Court Records.
Courtroom 21 Project. February 27-28, 2004. Williamsburg, VA. Formore information: http://www.courtroom21.net.

PKC 2004: International Workshop on Practice and Theory in Public KeyCryptography. Institute for Infocomm Research. March 1-4, 2004.
Sentosa, Singapore. For more information: http://pkc2004.lit.org.sg.

A Summit on Healthcare Privacy and Data Security: HIPAA and Beyond.
Health Care Conference Administrators. March 7-9, 2004. Baltimore,
MD. For more information: http://www.hipaasummit.com.

Securing Privacy in the Internet Age. Stanford Law School. March13-14, 2004. Palo Alto, CA. For more information:
http://cyberlaw.stanford.edu/privacysymposium.

Sixth Annual National Freedom of Information Day Conference. FirstAmendment Center, in cooperation with the American LibraryAssociation. March 16, 2004. Arlington, VA. E-mailfoidayconferencefreedomforum.org.

Workshop: Monitoring Software on Your PC: Spyware, Adware, and OtherSoftware. Federal Trade Commission. April 19, 2004. Washington, DC.
For more information: http://www.ftc.gov/opa/2004/02/spyware.htm.

CFP2004: 14th Annual Conference on Computers, Freedom, and Privacy.
Association for Computing Machinery (ACM). April 20-23, 2004.
Berkeley, CA. For more information: http://www.cfp2004.org.

2004 IEEE Symposium on Security and Privacy. IIEEE Computer SocietyTechnical Committee on Security and Privacy, in cooperation with theInternational Association for Cryptologic Research (IACR). May 9-12,
2004. Oakland, CA. For more information:
http://www.cs.berkeley.edu/~daw/oakland04-cfp.html.

International Conference on Data Privacy and Security in a GlobalSociety. Wessex Institute. May 11-13, 2004. Skiathos, Greece. Formore information:
http://www.wessex.ac.uk/conferences/2004/datasecurity04/index.html.

The Third Annual Workshop on Economics and Information Security.
University of Minnesota Digital Technology Center. May 13-14, 2004.
Minneapolis, MN. For more information:
http://www.dtc.umn.edu/weis2004.

Workshop on Privacy Enhancing Technologies. University of Toronto.
May 26-28, 2004. Toronto, Canada. For more information:
http://petworkshop.org/2004.

Access & Privacy Conference 2004: Sorting It Out. Government Studies,
Faculty of Extension. June 10-11, 2004. University of Alberta.
Edmonton, Alberta, Canada. For more information:
http://www.govsource.net/programs/iapp/conference/main.nclk.

O'Reilly Open Source Convention. July 26-30, 2004. Portland, OR. Formore information: http://conferences.oreilly.com/oscon.

First Conference on Email and Anti-Spam. American Association forArtificial Intelligence and IEEE Technical Committee on Security andPrivacy. July 30-31, 2004. Mountain View, CA. For more information:
http://www.ceas.cc.

Crypto 2004: The Twenty-Fourth Annual IACR Crypto Conference.
International Association for Cryptologic Research, IEEE ComputerSociety Technical Committee on Security and Privacy, and the ComputerScience Department of the University of California, Santa Barbara.
Santa Barbara, CA. August 15-19, 2004. For more information:
http://www.iacr.org/conferences/crypto2004.

2004 Telecommunications Policy Research Conference. National Centerfor Technology & Law, George Mason University School of Law. October1-3, 2004. Arlington, VA. For more information:
http://www.tprc.org/TPRC04/call04.htm.


Subscription Information


Subscribe/unsubscribe via Web interface:

http://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news

Subscribe/unsubscribe via e-mail:

To: epic_news-requestmailman.epic.org
Subject: "subscribe" or "unsubscribe" (no quotes)

Automated help with subscribing/unsubscribing:

To: epic_news-requestmailman.epic.org
Subject: "help" (no quotes)

Problems or questions? e-mail <infoepic.org >

Back issues are available at: http://www.epic.org/alert/

The EPIC Alert displays best in a fixed-width font, such as Courier.


Privacy Policy


The EPIC Alert mailing list is used only to mail the EPIC Alert and tosend notices about EPIC activities. We do not sell, rent or share ourmailing list. We also intend to challenge any subpoena or other legalprocess seeking access to our mailing list. We do not enhance (linkto other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail addressfrom this list, please follow the above instructions under"subscription information". Please contact infoepic.org if you wouldlike to change your subscription e-mail address, if you areexperiencing subscription/unsubscription problems, or if you have anyother questions.


About EPIC


The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 tofocus public attention on emerging privacy issues such as the ClipperChip, the Digital Telephony proposal, national ID cards, medicalrecord privacy, and the collection and sale of personal information.
EPIC publishes the EPIC Alert, pursues Freedom of Information Actlitigation, and conducts policy research. For more information,
e-mail infoepic.org, http://www.epic.org or write EPIC, 1718Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140(tel), +1 202 483 1248 (fax).

If you'd like to support the work of the Electronic PrivacyInformation Center, contributions are welcome and fullytax-deductible. Checks should be made out to "EPIC" and sent to 1718Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you cancontribute online at:

http://www.epic.org/donate/

Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for theright of privacy and efforts to oppose government regulation ofencryption and expanding wiretapping powers.

Thank you for your support.

END EPIC Alert 11.04

.


WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback
URL: http://www.worldlii.org/int/journals/EPICAlert/2004/4.html