You are here:
WorldLII >>
Databases >>
EPIC Alert >>
2005 >>
[2005] EPICAlert 14
Database Search
| Name Search
| Recent Articles
| Noteup
| LawCite
| Help
EPIC Alert 12.13 [2005] EPICAlert 14
EPIC ALERT
Volume 12.13 June 30, 2005
Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C. http://www.epic.org/alert/EPIC_Alert_12.13.html
Table of Contents
[1] EPIC Keeps Watchful Eye on US-VISIT
[2] Federal Agency Flouts Privacy Representations to the Public
[3] Groups Object to Massive Department of Defense Recruiting Database
[4] Appeals Court Limits Scope of California Financial Privacy Law
[5] United Kingdom's National ID Cards Bill Faces Opposition
[6] News in Brief
[7] EPIC Bookstore: Lawrence Lessig, How Media Uses Technology
[8] Upcoming Conferences and Events
[1] EPIC Keeps Watchful Eye on US-VISIT
Foreign visitors to the United States are experiencing a new kind of jetlag: delays and secondary security screenings prompted by
technologicalglitches in the border security program known as the United StatesVisitor and Immigrant Status Indicator Technology
(US-VISIT). Documentsobtained by EPIC under the Freedom of Information Act from theDepartment of Homeland Security show that US-VISIT has resulted in manycases of mistaken identity. Commercial aircrew members,
vacationers, andbusinesspersons have all been delayed by the gaffes. The problems causedunnecessary delays in the visitors' travels
and resulted in the improperflagging of crewmembers by government watch lists.
US-VISIT was launched at 115 airports and 14 seaports in January 2004.
By the end of 2005, the program will be operational at all of thenations more than 400 ports of entry. US-VISIT requires foreignnationals
entering or exiting the country to submit biometric andbiographical information. This data collection often begins before avisitor
buys her plane ticket, as U.S. consular offices abroad may,before issuing a U.S. visa, collect fingerscans from potential visitorsand
compare them against those in a criminal database. Fingerscans areagain collected upon the visitor's arrival in the U.S. for verificationand
then stored in a government database, as are travelers' arrival anddeparture records. Failure to be processed through this departureconfirmation
system could jeopardize a visitor's re-admittance to theU.S., as the government compares the manifest information provided byair
and cruise lines to ascertain that visitors have not overstayedtheir visas.
Last September, US-VISIT expanded to include visitors from the 27nations who are members of the Visa Waiver Program, thus requiring
thescreening of an additional 33,000 persons per day. Except for visitingdiplomats and officials and persons under 14 or over 79
years old,US-VISIT now applies to virtually all foreign nationals holdingnonimmigrant visas, regardless of country of origin.
The documents obtained by EPIC show that some travelers are aware thatthe US-VISIT database contains erroneous information well before
DHSrealizes its own mistake and fear that their next visit to the U.S. willresult in misidentification. Visitors reported missing
their connectingflights due to errors in the database system, and airline crewmembersreported being delayed up to ninety minutes
after a long internationalflight. Some travelers reported that the operator collecting fingerscansat a port had erroneously reversed
their left and right indexfingerprints, labeled a husband's fingerprints as his wife's, failed tocollect the data required under
US-VISIT, or collected data fromtravelers exempt from the program, such as holders of a G-4 visa.
Passengers' numerous requests to the DHS for correction of erroneouspersonal information suggest that the rush to implement US-VISIT
hascome at the expense of data accuracy and passenger privacy. IDENT, thegovernment database containing US-VISIT fingerscans, is
based ontechnology that even the DHS considers outdated, even though thegovernment has already invested about $1 billion in the program.
Thecurrent fingerscan technology does not meet the government's biometricstandard, which mandates imaging of all ten fingerprints.
Last fall,Stanford University professor Lawrence M. Wein testified before Congressthat the chance of identifying a terrorist by matching
two indexfingerscans poorly imaged by IDENT against the government's biometricwatch list is no more than 53%. Privacy concerns are
increasing as thegovernment turns to the private sector for full implementation ofUS-VISIT; global consultant Accenture received
a $10 billion contractlast year for full-scale implementation over the next decade.
Freedom of Information Act documents obtained by EPIC on US-VISIT:
http://www.epic.org/foia_notes/note7.html
EPIC's US-VISIT Page:
http://www.epic.org/privacy/us-visit/
More information on the US-VISIT technology and cost is available at:
http://www.epic.org/redirect/wpvisit605.html
[2] Federal Agency Flouts Privacy Representations to the Public
The Transportation Security Administration has collected and maintaineddetailed commercial data about thousands of travelers in violation
ofnotices issued last fall explicitly stating the agency would not storecommercial data.
According to a notice and privacy impact assessment published in theFederal Register on June 22, TSA obtained passenger name recordsenhanced
with commercial data during the testing Secure Flight, anairline passenger prescreening program currently under development bythe
agency. The commercial data, which was obtained by contractorEagleForce Associates from commercial data brokers, included suchinformation
as name, home address, phone number, date of birth, andgender. EagleForce then provided the enhanced passenger records to TSAon CD-ROMs
for use in watch list match testing. TSA continues to storethis data.
These actions contradicted prior representations made by the agency tothe public. In fall 2004, TSA published a privacy impact assessment
andthree notices describing the Secure Flight program and the agency'sorder requiring 72 commercial airlines to turn over passenger
recordsfrom the month of June 2004 to test Secure Flight. The agency assuredthe public repeatedly it would not have access to or
store data fromcommercial data aggregators during the test phase.
On June 15, just a few days before TSA published its notice on SecureFlight, the Department of Homeland Security Privacy Office announcedthat
it has launched an investigation into whether the agency violatedfederal privacy law during the test phase of the program. According
toChief Privacy Officer Nuala O'Connor Kelly, the investigation focuses onwhether the program's use of commercial databases and other
details wereproperly disclosed to the public. She said her office is also examiningthe security of the Secure Flight system.
Violations of the Privacy Act of 1974, a federal law requiringgovernment agencies to meet certain obligations when creating andmaintaining
systems of records, are civilly and criminally punishable.
In the midst of these developments, the House Committee on HomelandSecurity's Subcommittee on Economic Security, Infrastructure Protection,and
Cybersecurity held a hearing on presecreening air passengers againstwatch lists. Former Representative to Congress John B. Andersontestified
that he has been erroneously identified as a watch list match,and enlisted the help of his current Congressional representative toensure
that his name was cleared. James May of the Air TransportAssociation, James Dempsey of the Center for Democracy and Technology,and
Paul Rosenzweig of the Heritage Foundation discussed the TerroristScreening Center's consolidated watch list and challenges to SecureFlight's
success. Justin Oberman, TSA's Administrator of Secure Flightand Registered Traveler, testified on Secure Flight's development andstatus.
Oberman was peppered with questions about whether Secure Flightwill improve the current state of passenger prescreening, TSA'sconflicting
representations about the scope of Secure Flight commercialdata testing, and missed milestones in the program's development.
Nov. 15, 2004 Notice of Final Order:
http://www.epic.org/redirect/noti904.html
June 22, 2005 System of Records Notice:
http://www.epic.org/redirect/noti0605.html
House Committee on Homeland Security's Subcommittee on EconomicSecurity, Infrastructure Protection, and Cybersecurity hearing:
"Improving Pre-screening of Aviation Passengers Against Terrorist andOther Watch Lists":
http://homeland.house.gov/release.cfm?id=379
EPIC's Secure Flight Page:
http://www.epic.org/privacy/airtravel/secureflight.html
[3] Groups Object to Massive Department of Defense Recruiting Database
EPIC and eight privacy groups filed comments last week objecting to theDepartment of Defense's (DOD) creation of a giant "Joint Advertising
andMarket Research" database for military recruiting purposes. Privacygroups learned of the database in May 2005, but late last
week, the DODadmitted that it had already created the database in 2003, and it failedto notify the public of that fact despite the
agency's duty to do sounder the Privacy Act of 1974. These developments have focusedsignificant public attention on the use of personal
information by thegovernment for military direct marketing purposes, and legislation isbeing considered to protect privacy of young
people being targeted forrecruitment.
The groups' comments objected to the enormity of the database, and theplethora of privacy-invasive design choices that DOD has taken
toimplement it. Six aspects are worth noting: First, according to thePrivacy Act notice announcing the system of records, the database
was tobe stored at "Benow" a private-sector direct marketing company. Thiscompany has no apparent privacy policy or person designated
to overseesecurity of personal information.
Second, relying upon an Executive Order issued in the 1940s, DOD claimedthat it had the authority to index the database by citizens'
SocialSecurity Numbers (SSNs) to eliminate duplicate records. However, SSNsare not necessary to purge a database of duplicates, and
directmarketing companies no longer use them to clean their databases. Forreasons that are now obvious, collecting the SSN is a
bad idea unless itis necessary for some legitimate agency function.
Third, the DOD exercised all of its "blanket routine uses," meaning thatinformation in the database could be transferred to other
agencies forthirteen different reasons, including law enforcement andcounterintelligence activities.
Fourth, while a citizen can opt out of military solicitation, one cannotopt out of this database. This means that even the citizen
who isineligible for military service could be included in the database.
Fifth, the Privacy Act and the DOD's internal regulations require theagency to collect information directly from the citizen where
possible.
However, the database would be largely populated from other sources,including from state motor vehicle department databases, schoolenrollment
data, and commercial information vendors. The main commercialvendors that sell students' data, American Student List and StudentMarketing
Group, were both pursued recently by consumer protectionauthorities for setting up front groups that tricked students intorevealing
their personal information.
Finally, the database plans represent a government foray into directmarketing practices. EPIC argued that direct marketing is not
anappropriate government function, and that existing laws to addressdirect marketing practices would not apply to military recruiters.
The creation of the database caused many to revisit public policychoices made by Congress on military recruiting. Under the No Child
LeftBehind law, Congress forced public and private schools receiving federaleducational fund to release secondary students' names,
addresses andtelephone numbers to military recruiters who request them. Parents orstudents may request that the information not be
released to recruitersby signing a form distributed by schools early in the school year.
Legislation introduced by Representative Mike Honda in February toreverse this presumption, and require affirmative consent beforepersonal
information is transferred from schools to recruiters, is beingrevisited by lawmakers. The legislation would not address the practiceof
recruiters buying personal information from direct marketingcompanies, or limit recruiters' access to personal information held bystate
motor vehicle departments.
Privacy Act Notice Describing the Recruiting Database:
http://www.epic.org/redirect/padod605.html
Department of Defense Media Roundtable:
http://www.dod.mil/transcripts/2005/tr20050623-3121.html
EPIC's Department of Defense Recruiting page:
http://www.epic.org/privacy/student/doddatabase.html
EPIC's Student Privacy page:
http://www.epic.org/privacy/student/
H.R. 551, the Student Privacy Protection Act of 2005:
http://thomas.loc.gov/cgi-bin/bdquery/z?d109:h.r.00551:
[4] Appeals Court Limits Scope of California Financial Privacy Law
A three-judge panel of the Ninth Circuit Court of Appeals hasinvalidated a portion of California's landmark financial privacy law,SB1.
As passed, SB1 allowed individuals to opt out of "affiliatesharing," the practice of selling personal information amongst financialinstitutions
(banks, insurance, and brokerage companies) that havecommon ownership. The law also required financial institutions to gainCalifornians'
affirmative consent before selling personal data tonon-affiliated third parties.
The Court held that "at least some part of SB1's affiliate-sharingprovisions" were preempted by the federal Far Credit Reporting Act(FCRA).
The FCRA, passed in 1970 and amended significantly in 1996 and2003, regulates the trading of "consumer reports," compilations ofpersonal
information that are used for determining one's eligibility forcredit, insurance, or employment. In amending the FCRA, the Court
held,Congress superceded state laws concerning these consumer reports.
Therefore, Californians will not be able to opt out from having theirconsumer reports traded amongst affiliated financial institutions.
While it is clear that the trade in "consumer reports" cannot be limitedby SB1, the full effect of the decision is not clear. In the
13-pageopinion, the Court discussed the differences among "consumer reports,"
"experience" information, and "non-experience" information, but didn'tclearly state whether regulation of the latter categories were
preemptedby the FCRA. These latter categories include information purchased bycommercial vendors of personal information, information
gleaned fromcheck payments and credit card use, and information individuals submitin making loan or account applications. The Court
remanded the case to alower court to determine the precise extent to which SB1 was superceded,frustrating banking officials who argued
that all state privacy lawshould be preempted.
In an amicus brief, EPIC and a coalition of groups representing 41million individuals argued that preemption of SB1 would weakenprotections
against identity theft and erode consumer privacy. Thecoalition maintains that as financial institutions grow, affiliatesharing is
becoming a major privacy risk, since federal law allowscompanies with common ownership to exploit personal information to anunlimited
degree. Limits on financial institutions' use of personalinformation also shields individuals from telemarketing and junk mail.
More generally, preemption of state law has become a threat to consumerprotection and privacy. Banks have petitioned the Federal CommunicationsCommission
to invalidate a number of state anti-telemarketing laws. Ifthese laws are preempted, even phones on the Do-Not-Call Registry willbegin
to ring again, as banks and all other companies will be able tocall any consumer who has purchased a product from the caller in thepast
18 months. Banks, commercial data brokers, and retailers also areseeking preemption of California's security breach notification
lawsthat have exposed embarrassing security problems at Choicepoint,Lexisnexis, and Citibank.
The good news is that Californians will still enjoy most of SB1'sprotections. The law still requires financial institutions to obtainaffirmative
consent before selling personal information tonon-affiliated third party companies. It appears that Californiaresidents will be able
to opt out from some affiliate sharing, althoughthe extent of that ability will be determined over the next year by afederal district
court.
Ninth Circuit Decision in ABA v. Lockyer (pdf):
http://www.epic.org/privacy/preemption/abavlockyerninecir.pdf
Coalition Amicus Brief:
http://www.epic.org/privacy/preemption/lockyer_brief.html
EPIC's Preemption Page:
http:/www.epic.org/privacy/preemption/
EPIC's FCRA Page:
http://www.epic.org/privacy/fcra/
[5] United Kingdom's National ID Cards Bill Faces Opposition
A proposal to create a nationwide ID Card in the UK narrowly avoideddefeat Tuesday in Parliament. Some members charged that UK ministershave
failed to define clear goals for the program and areunderestimating its cost. They seek tighter controls over thedissemination of
information to law enforcement and other groups.
The proposed Identity Cards Bill would create a National ID Registerthat would contain information on all UK residents older than
16 years.
In addition to storing general information (name, date of birth,address, etc.), the Register would store a biometric identifier(photograph,
fingerprint, or other). Once implemented, the card will beused for a variety of purposes, including access to health care, to seekemployment
and as a tool for law enforcement.
A London School of Economics report estimates the new ID system couldeventually cost more than £20 billion ($36B), disputing the £6
billion($11B) estimate claimed by the government. The costs of the system willbe borne by the public, which will be required to purchase
a card everyfive to ten years.
Critics of the bill are hopeful that this narrow win in the House ofCommons will lead to changes, especially since more opposition
isexpected in the House of Lords. Prime Minister Tony Blair has indicatedthat he will address the concerns of the dissenting members.
London School of Economics Report:
http://www.epic.org/redirect/lseid605.html
EPIC's National ID Cards and REAL ID Act page:
http://www.epic.org/privacy/id_cards/
[6] News in Brief
Senators Specter and Leahy Introduce Comprehensive Privacy LegislationThe leading Republican and Democrat on the Senate Judiciary
Committeehave introduced the Personal Data and Security Act of 2005. The billwould strengthen penalties for identity theft, create
new rights ofdata access, establish security standards, limit the sale and displayof the social security number, and require the
government to establishsafeguards for personal information held by data brokers.
Personal Data and Security Act of 2005 (pdf):
http://www.epic.org/privacy/pdsa2005.pdf
EPIC's Choicepoint page:
http://www.epic.org/privacy/choicepoint/
Model Privacy Regime:
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=699701Congresswoman Calls for Hearings on Social Security Disclosure PolicyCongresswoman Carolyn Maloney continued last week to push forinvestigation
into the Social Security Administration's (SSA)
information disclosure policy. In a letter to Chairman William Thomas ofthe Ways and Means Committee and Chairman Tom Davis of the
Committee onGovernment Reform, Representative Maloney called for hearings on theSSA's release of sensitive personal information to
law enforcement andthe lack of oversight of the agency's actions. The request follows aninquiry to the SSA Commissioner last month
about this issue. Documentsobtained through a FOIA request by EPIC sparked the inquiry, revealingthat the SSA adopted an "ad-hoc"
policy allowing the liberal release ofpersonal information in connection with 9/11 investigations. In a letterto Congresswoman Maloney,
the SSA Commissioner denied that the agencymade any change to its disclosure policy, and had instead "invoked itslong-standing ad
hoc authority" to release information in connectionwith 9/11 investigations.
Letter to Chairman Thomas and Chairman Davis from Congresswoman Maloney(pdf):
http://www.house.gov/maloney/issues/Homeland/062205SSAHearing.pdf
Letter to Social Security Administration from Congresswoman Maloney(pdf):
http://www.house.gov/maloney/issues/Homeland/052705SSA.pdf
Response from the Social Security Administration to CongresswomanMaloney (pdf):
http://www.epic.org/foia_notes/062705ssaresponse.pdf
Freedom of Information documents obtained by EPIC on the Social SecurityAdministration's "ad hoc" policy for disclosing personal information
inconnection with 9/11 investigations (pdf):
http://www.epic.org/foia_notes/ssa_foia.pdf
EPIC & Hoofnagle Receive Consumer Protection AwardEPIC's West Coast Director, San Francisco attorney Chris Hoofnagle, hasreceived
a 2005 Consumer Excellence Award from Consumer Action. ConsumerAction is a non-profit organization focusing on consumer education
andadvocacy in telecommunications and financial services. Upon acceptingthe award, Hoofnagle warned that consumer advocates face
difficultchallenges ahead, as collection of personal information can enablesubtle discriminatory practices, such as digital redlining
anddiscriminatory pricing. Also recognized was California AssemblymemberJudy Chu, for her work to protect immigrants from fraud.
Consumer Action's site:
http://www.consumer-action.org/
Congress Opens Junk Fax Floodgates with New LawCongress Tuesday passed a bill that would permanently allow an"existing business relationship"
exemption for commercial "junkfaxes." Under the law, if an individual does business with any company,the company can begin to send
the individual junk faxes, even if theindividual does not provide the business with a fax number. The lawallows direct marketers
to troll the Internet, phone books, andadvertisements to harvest fax numbers of their customers. The bill setsno time limit for
an existing business relationship, unlike thenational no-call list, which limits such relationships to those whomade a purchase
in the past 18 months or an inquiry in the past threemonths.
Text of S. 714: Junk Fax Prevention Act of 2005:
http://thomas.loc.gov/cgi-bin/bdquery/z?d109:s.00714:
EPIC's Sept. 21, 2004, congressional testimony on junk fax regulation:
http://www.epic.org/privacy/wireless/dirtest_904.html
EPIC's Telemarketing and Junk Fax page:
http://www.epic.org/privacy/telemarketing/
US, Europe Discuss Transatlantic Issues in Privacy, Data ProtectionThe Atlantic Council along with the European Parliament sponsored
adiscussion this week on transatlantic privacy and data protectionissues. Topics discussed included biometric passports, the US-VISITprogram,
airline passenger name records, and other types of public andprivate surveillance in the US. Choicepoint executive David Davisdescribed
his company's role in consolidating public records andproviding data to US government agencies. EPIC Executive Director MarcRotenberg
discussed general privacy laws in the US. Several members ofthe European Parliament were outraged about the lack of privacyprotections
in the US for EU citizens. They urged the establishment ofbetter regulations and non-discriminatory measures to protect EUcitizens'
privacy in the US, as the privacy of American citizens' isprotected in the EU. They advised that the Privacy Act of 1974 beamended
to also protect those who are neither US citizens nor lawfulpermanent residents.
Atlantic Council Program on Transatlantic Relations:
http://www.acus.org/TransatlanticRelations/
DOJ Urged to Clarify Privacy Obligations of Storing Biological EvidenceEPIC has submitted comments urging the Justice Department to
identifyand ensure compliance with existing privacy protections when preservingbiological evidence during the investigation of a
federal crime forwhich an individual is in prison. Congress has stated, "DNA testing hasthe capacity not only to identify the perpetrators
of crimes but alsoto exonerate the innocent." EPIC argued that the agency should limitaccess to material that must be preserved
under law to governmentagencies that will use the material to further this legislativepurpose.
EPIC's Comments on the Preservation of Biological Evidence Under 18U.S.C. § 3600A:
http://www.epic.org/privacy/genetic/062705dna_comments.html
EPIC's Genetic Privacy page:
http://www.epic.org/privacy/genetic/
Orlando Airport Debuts Biometric ID Traveler SystemOrlando International Airport has begun test operations of a registeredtraveler
program. In exchange for an exclusive security line and aguarantee against random secondary pat-down check, travelers offer theirbiometric
information, fingerprints and iris scans, and undergo abackground check by the Department of Homeland Security. Programparticipants,
who must pay an $80 annual fee, still must have bagsscreened and go through a metal detector.
EPIC's Passenger Profiling page:
http://www.epic.org/privacy/airtravel/profiling.html
EPIC's Biometrics page:
http://www.epic.org/privacy/biometrics/
EPIC: E-mail Users Should Be Able to Opt-Out from List BrokersEPIC recently submitted comments to the Federal Trade Commission aboutproposed
changes to the CAN-SPAM Act, which penalizes senders ofdeceptive spam advertising. EPIC argued that individuals should be ableto
prevent direct marketing "list brokers" from selling lists containingtheir e-mail addresses. List brokers actively buy, sell, and
rent listsof consumers' personal information. Although there are thousands ofthese list brokers in operation, the top 100 brokers
are the drivingforce behind much of the spam in the U.S. EPIC urged the FTC to giveconsumers the right to opt out of inclusion in
the brokers' databases.
It would be more efficient for the consumer to be able to opt out of thetop brokers' lists than having to opt out of each online merchantssending
spam individually, EPIC said.
EPIC Comments on CAN-SPAM Act Rulemaking, Project No. R411008:
http://www.epic.org/privacy/junk_mail/spam/canspamcomment62705.html
EPIC's Consumer Profiling page:
http://www.epic.org/privacy/profiling/
Committee for Voting Integrity Recommends Enhanced StandardsThe National Committee for Voting Integrity has submitted comments tothe
Senate Rules Committee, which held a hearing on Voter Verificationin the Federal Elections Process. NCVI said that current votingtechnology
does not meet a standard that can assure voters that votesare recorded and counted as cast. NCVI made recommendations to theSenate
on ways to improve transparency, privacy and security of ballots.
Comments of the National Committee for Voting Integrity on VoterVerification in the Federal Elections Process (pdf):
http://www.epic.org/privacy/voting/testimony062105.pdf
National Committee for Voting Integrity's site:
http://www.votingintegrity.org/
Groups to FTC: Kids' Privacy Improving, but Law Needs EnforcementConsumer privacy groups have filed comments to the Federal TradeCommission
as part of its review of the Children's Online PrivacyProtection Act (COPPA). The groups argue that COPPA has improvedchildren's
privacy online. There is a continuing need to continue toclarify COPPA via enforcement and research into the cutting-edgetechniques
being used to direct Web sites at children. Further action isstill needed to address the privacy concerns raised in the offlinemarket
for children's personal information.
Comments of EPIC, et al., in the Matter of COPPA Rule Review 2005,Project No. P054505:
http://www.epic.org/privacy/kids/ftc_coppa_62705.html
EPIC's Children's Online Privacy Protection Act page:
http://www.epic.org/privacy/kids/
[7] EPIC Bookstore:
Lawrence Lessig, Free Culture: How Big Media Uses Technology and the Lawto Lock Down Culture and Control Creativity (Penguin Press
HC, 2004)
http://www.epic.org/bookstore/powells/redirect/alert1213.html
"A landmark manifesto about the genuine closing of the American mind.
Lawrence Lessig could be called a cultural environmentalist. One ofAmerica's most original and influential public intellectuals, his
focusis the social dimension of creativity: how creative work builds on thepast and how society encourages or inhibits that building
with laws andtechnologies. In his two previous books, Code and The Future of Ideas,Lessig concentrated on the destruction of much
of the original promiseof the Internet. Now, in Free Culture, he widens his focus to considerthe diminishment of the larger public
domain of ideas. In this powerfulwake-up call he shows how short-sighted interests blind to the long-termdamage they're inflicting
are poisoning the ecosystem that fostersinnovation.
All creative works-books, movies, records, software, and so on-are acompromise between what can be imagined and what ispossible-technologically
and legally. For more than two hundred years,laws in America have sought a balance between rewarding creativity andallowing the borrowing
from which new creativity springs. The originalterm of copyright set by the Constitution in 1787 was seventeen years.
Now it is closer to two hundred. Thomas Jefferson considered protectingthe public against overly long monopolies on creative works
an essentialgovernment role. What did he know that we've forgotten?
Lawrence Lessig shows us that while new technologies always lead to newlaws, never before have the big cultural monopolists used the
fearcreated by new technologies, specifically the Internet, to shrink thepublic domain of ideas, even as the same corporations use
the sametechnologies to control more and more what we can and can't do withculture. As more and more culture becomes digitized, more
and morebecomes controllable, even as laws are being toughened at the behest ofthe big media groups. What's at stake is our freedom-freedom
to create,freedom to build, and ultimately, freedom to imagine."
EPIC Publications:
"Privacy & Human Rights 2004: An International Survey of Privacy Lawsand Developments" (EPIC 2004). Price: $35.
http://www.epic.org/bookstore/phr2004
This survey, by EPIC and Privacy International, reviews the state ofprivacy in more than sixty countries around the world. The surveyexamines
a wide range of privacy issues including data protection,passenger profiling, genetic databases, video surveillance, ID systemsand
freedom of information laws.
"FOIA 2004: Litigation Under the Federal Open Government Laws," HarryHammitt, David Sobel and Tiffany Stedman, editors (EPIC 2004).
Price:
$40. http://www.epic.org/bookstore/foia2004
This is the standard reference work covering all aspects of theFreedom of Information Act, the Privacy Act, the Government in theSunshine Act, and the Federal Advisory Committee Act. The 22ndedition fully updates the manual
that lawyers, journalists andresearchers have relied on for more than 25 years. For those wholitigate open government cases (or
need to learn how to litigatethem), this is an essential reference manual.
"The Public Voice WSIS Sourcebook: Perspectives on the World Summit onthe Information Society" (EPIC 2004). Price: $40.
http://www.epic.org/bookstore/pvsourcebook
This resource promotes a dialogue on the issues, the outcomes, and theprocess of the World Summit on the Information Society (WSIS).
Thisreference guide provides the official UN documents, regional andissue-oriented perspectives, as well as recommendations and
proposalsfor future action, as well as a useful list of resources and contactsfor individuals and organizations that wish to become
more involved inthe WSIS process.
"The Privacy Law Sourcebook 2003: United States Law, InternationalLaw, and Recent Developments," Marc Rotenberg, editor (EPIC 2003).
Price: $40. http://www.epic.org/bookstore/pls2003
The "Physicians Desk Reference of the privacy world." An invaluableresource for students, attorneys, researchers and journalists
who needan up-to-date collection of U.S. and International privacy law, aswell as a comprehensive listing of privacy resources.
"Filters and Freedom 2.0: Free Speech Perspectives on Internet ContentControls" (EPIC 2001). Price: $20.
http://www.epic.org/bookstore/filters2.0
A collection of essays, studies, and critiques of Internet contentfiltering. These papers are instrumental in explaining why filteringthreatens
free expression.
"The Consumer Law Sourcebook 2000: Electronic Commerce and the GlobalEconomy," Sarah Andrews, editor (EPIC 2000). Price: $40.
http://www.epic.org/cls
The Consumer Law Sourcebook provides a basic set of materials forconsumers, policy makers, practitioners and researchers who areinterested
in the emerging field of electronic commerce. The focus ison framework legislation that articulates basic rights for consumersand
the basic responsibilities for businesses in the online economy.
"Cryptography and Liberty 2000: An International Survey of EncryptionPolicy," Wayne Madsen and David Banisar, authors (EPIC 2000).
Price:
$20. http://www.epic.org/bookstore/crypto00&
EPIC's third survey of encryption policies around the world. Theresults indicate that the efforts to reduce export controls on strongencryption
products have largely succeeded, although severalgovernments are gaining new powers to combat the perceived threats ofencryption
to law enforcement.
EPIC publications and other books on privacy, open government, freeexpression, crypto and governance can be ordered at:
EPIC Bookstore http://www.epic.org/bookstore
"EPIC Bookshelf" at Powell's Books http://www.powells.com/features/epic/epic.html
EPIC also publishes EPIC FOIA Notes, which provides brief summariesof interesting documents obtained from government agencies under
theFreedom of Information Act.
Subscribe to EPIC FOIA Notes at:
https://mailman.epic.org/cgi-bin/control/foia_notes
[8] Upcoming Conferences and Events
Internet Corporation For Assigned Names and Numbers (ICANN) Meeting.
July 11-15, 2005. Luxembourg City, Luxenbourg. For more information:
http://www.icann.org.
TTI/Vanguard conference: "Evolving Systems," Miami, Florida, July 12-13,
2005. For more information:
http://www.ttivanguard.com/a_conferences.htm#Miami2005Overview
3rd International Human.SocietyInternet Conference. July 27-29,
2005. Tokyo, Japan. For more information: http://hsi.itrc.net.
PEP05: UM05 Workshop on Privacy-Enhanced Personalization. July 2005.
Edinburgh, Scotland. For more information:
http://www.ics.uci.edu/~kobsa/PEP05.
Access to Information: Analyzing the State of the Law. RileyInformation Services. September 8, 2005. Ottawa, Ontario. For moreinformation:
http://www.rileyis.com/seminars/
5th Annual Future of Music Policy Summit. Future of Music Coalition.
September 11-13, 2005. Washington DC. For more information:
http://www.futureofmusic.org/events/summit05/index.cfm.
Conference On Passenger Facilitation & Immigration: Newest trends inachieving a seamless experience in air travel International
AirTransport Association (IATA) and Singapore Aviation Academy (SAA)
October 3-5, 2005 Singapore Aviation Academy. For more information:
http://www.saa.com.sg/conf_pax_fac
Public Voice Symposium: "Privacy and Data Protection in Latin America -
Analysis and Perspectives." Launch of the first Spanish version of"Privacy and Human Rights." October 20-21, 2005,
Auditorio AlbertoLleras Camargo de la Universidad de los Andes, Bogota, Colombia.
Organizers: Electronic Privacy Information Center (EPIC), Grupo deEstudios en Internet, Comercio Electrónico, Telecomunicaciones
eInformática (GECTI), Law School of the Universidad de los Andes, Bogota,Colombia, Computer Professional for Social Responsibility-Peru(CPSR-Perú).
For more information:
http://www.thepublicvoice.org/events/bogota05/
6th Annual Privacy and Security Workshop. Centre for Innovation Law andPolicy (University of Toronto) and the Center for Applied CryptographicResearch
(University of Waterloo). November 3-4, 2005. University ofToronto. For more information:
http://www.cacr.math.uwaterloo.ca/conferences/2005/psw/announcement.html
The World Summit on the Information Society. Government of Tunisia.
November 16-18, 2005. Tunis, Tunisia. For more information:
http://www.itu.int/wsis.
Internet Corporation For Assigned Names and Numbers (ICANN) Meeting.
November 30-December 4, 2005. Vancouver, Canada. For moreinformation: target="_blank">http://www.icann.org.
Subscription Information
Subscribe/unsubscribe via web interface:
target="_blank">https://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news
Back issues are available at:
http://www.epic.org/alert
The EPIC Alert displays best in a fixed-width font, such as Courier.
Privacy Policy
The EPIC Alert mailing list is used only to mail the EPIC Alert and tosend notices about EPIC activities. We do not sell, rent or
share ourmailing list. We also intend to challenge any subpoena or other legalprocess seeking access to our mailing list. We do
not enhance (linkto other databases) our mailing list or require your actual name.
In the event you wish to subscribe or unsubscribe your e-mail addressfrom this list, please follow the above instructions under"subscription
information."
About EPIC
The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 tofocus
public attention on emerging privacy issues such as the ClipperChip, the Digital Telephony proposal, national ID cards, medicalrecord
privacy, and the collection and sale of personal information.
EPIC publishes the EPIC Alert, pursues Freedom of Information Actlitigation, and conducts policy research. For more information,
seehttp://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248(fax).
If you'd like to support the work of the Electronic PrivacyInformation Center, contributions are welcome and fullytax-deductible.
Checks should be made out to "EPIC" and sent to 1718Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you cancontribute
online at:
http://www.epic.org/donate
Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for theright of privacy and efforts to oppose government regulation
ofencryption and expanding wiretapping powers.
Thank you for your support.
.
WorldLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.worldlii.org/int/journals/EPICAlert/2005/14.html
