WorldLII Home | Databases | WorldLII | Search | Feedback

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 2005 >> [2005] EPICAlert 26

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

EPIC Alert 12.25 [2005] EPICAlert 26


Volume 12.25 December 16, 2005

Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.
The Senate today failed to vote on renewal of the Patriot Act followingrevelations that the President authorized electronic surveillance ofAmericans citizens without judicial approval. Check the EPIC web sitefor breaking news.

Table of Contents

[1] EPIC Discusses Newly Released Patriot Act Documents
[2] EPIC FOIA Documents Reveal DHS Knew of High-Tech Passport Flaws
[3] Groups Comment on Parent Locator Database
[4] Cybercrime Treaty Before Senate
[5] Proposed IRS Rules Limit Outsourcing, Expand Other Disclosures

[6] News in Brief
[7] EPIC Bookstore and Privacy Gift Guide
[8] Upcoming Conferences and Events

[1] EPIC Discusses Newly Released Patriot Act Documents

EPIC held a press conference on December 13 to discuss documents aboutthe Patriot Act recently obtained through a Freedom of Information Actlawsuit against the Department of Justice. The event was hosted by theFund for Constitutional Government.

The documents show FBI officials expressing frustration that the Officeof Intelligence Policy and Review
a Department of Justice check on FBIauthority
had not approved applications for Section 215 orders, theso-called "library records" provision. However, a 2004 memo refers to"recent changes" allowing the FBI to "bypass" the office.

Other records obtained by EPIC in October though this lawsuit revealedinvestigations conducted for months without proper reporting oroversight, an FBI agent's seizure of financial records in violation offederal privacy law, and an unidentified intelligence agency's unlawfulphysical search (see EPIC Alert 12.22).

Last month, the federal judge presiding over the case stated that theFBI's responses to EPIC's request so far "have been unnecessarily slowand inefficient." The FBI is under court order to process 1,500 pagesevery fifteen calendar days (see EPIC Alert 12.23). Processing isexpected to be complete within a few months.

Congress is currently considering whether to renew key provisions of thePatriot Act, including Section 215. EPIC urged Congress to extend thedeadline for renewal until more information is made public about how theFBI has used its expanded investigative powers.

Documents About the PATRIOT Act Obtained by EPIC Under the Freedom ofInformation Act:

EPIC's FOIA request (pdf):

EPIC v. Department of Justice, Judge Kessler's Order (pdf):

EPIC's Statement on Patriot Act Renewal (pdf):

[2] EPIC FOIA Documents Reveal DHS Knew of High-Tech Passport Flaws

According to documents obtained by EPIC under the Freedom of InformationAct, the Department of Homeland Security has found significant problemswith new hi-tech passports. Tests conducted last year revealed that"contactless" passports embedded with radio frequency identification(RFID) technology create difficulties for border inspectors. EPICpreviously has highlighted flaws in the E-Passport and, in light ofthese FOIA documents, submitted comments urging the abandonment of theuse of RFID technology in E-Passports.

In April 2005, EPIC, the Electronic Frontier Foundation, and othergroups wrote comments urging the State Department to abandon itsE-Passport proposal, because it would have made personal data containedin high-tech passports vulnerable to unauthorized access. The StateDepartment reevaluated the E-Passport plan after receiving a storm ofcriticism, but the proposal is going forward. By October 2006, almostall U.S. passports will include an RFID-enabled chip containing about aunique identification number for the passport holder.

Proponents claimed that E-Passports would improve the inspection processat the borders, but the EPIC FOIA documents suggest otherwise. Among thelisted problems: "Insufficient power to read all variations of chips onmany readers," "Most units required knowledge of where chip was in orderto perform accurate read, required substantial manipulation of thepassport," "Footprint of the units interferes with inspectoroperations," and "Some readers required the inspector to hold thepassport firmly against the unit in order to perform the read. Thismeans the inspector is not able to perform other parts of theinspection."

Although Homeland Security states that "[i]nspectors must keep theireyes on the traveler at all times," the E-Passports take the inspectors'
attention away from travelers. The tests found that "[i]nstructions onthe reader distract the inspector, e.g. electronic displays," and"[r]eaders require too much attention and time on the part of theinspector," according to the EPIC FOIA documents.

EPIC's December 2005 Comments About Hi-Tech Passports (pdf):

Documents About Hi-Tech Passports Obtained by EPIC Under FOIA (pdf):

EPIC, EFF, et. al. April 2005 Comments About E-Passport Proposal (pdf):


[3] Groups Comment on Parent Locator Database

EPIC was joined by the Privacy Rights Clearinghouse and World PrivacyForum in recommending accountability and accuracy improvements forgovernment access to "parent locator services." These services, whichwere first implemented to locate "deadbeat dads," have expanded toinclude an incredible array of personal information. In some states, allparents are tracked by such databases, not just individuals who havefailed to meet support obligations. Comments by the groups weresubmitted to the Office of Child Support Enforcement within the largerDepartment of Health and Human Services.

EPIC and the groups argued that since parent locator databases containso much sensitive information, heightened accountability and accuracyrules are needed to check abuse. Two recent incidents support heightenedscrutiny of such databases. First, an HHS employee recently pled guiltyin a case where she used databases to shield her prostitution businessfrom police. The employee had access to LexisNexis databases through herjob as a bill collector for the Center for Medicaid Services, and usedthe information to ensure that her clients were not police officers.

Second, errors in child support enforcement databases sometimes subjectinnocent people to the stigma of being labeled a "deadbeat dad." In onesuch case, a San Mateo, CA man has been repeatedly pursued by countychild support enforcement agencies, despite the fact that the agenciesknow he is not the father of the unsupported child. Child enforcementauthorities have attempted to place levies on his paycheck at leastthree times.

To help prevent insider employee misuse of the databases, the groupssuggested that an immutable audit log be established to document whoaccesses personal information and why. Such auditing systems can determisuse of databases, and aid in the investigation of wrongdoing.

The groups also suggested that the agency establish more specificaccuracy provisions, particularly in regard to the use of "commercialdata brokers." Commercial data brokers are companies that collect andsell personal information to the government, private investigators, andbusinesses. In recent studies, several commercial data brokers'
databases have been shown to have serious errors. Accordingly, thegroups argued that the agency should not simply rely upon the accuracyof these databases, but rather establish standards to preventindividuals from being falsely associated with child enforcement claims.

Comments by EPIC, Privacy Rights CLearinghouse, and World Privacy Forumon Parent Locator Databases:

[4] Cybercrime Treaty Before Senate

The Council of Europe's Convention on Cybercrime is still pending beforethe full U.S. Senate, which must ratify the treaty before it takeseffect in the U.S. After the Senate Committee on Foreign Relationsrapidly approved the treaty in November, a "hold" was placed on it, toprevent an immediate and unannounced vote on the plenary floor of theSenate. The Committee had organized a hearing in June 2004 to discussthe ratification of the treaty, but it was held without substantivedebate, and only included supporters representing government agencies.

In public letters to the Committee on Foreign Relations, EPIC has twiceurged the Senate to oppose ratification of the Cybercrime Convention.
EPIC cited the sweeping expansion of law enforcement authority, thethreat to core United States civil liberties interests, and the lack ofadequate safeguards for privacy.

Most importantly, the Cybercrime Convention lacks a "dual-criminality"
provision, under which an activity must be considered a crime in bothcountries before one state can demand cooperation from another. Thetreaty would thus require U.S. law enforcement authorities to cooperatewith a foreign police force even when such an agency is investigating anactivity that is perfectly legal in the U.S. The Convention letssignatory States the possibility to amend it by specifically requiringdual criminality, but neither the administration nor the SenateCommittee considered doing so. Opponents of a dual criminality provisionfear that such a provision might reduce cooperation from foreignauthorities to obtain electronic evidence about offenses other countriesdo not criminalize, such as money laundering, racketeering, andconspiracy.

EPIC's letter states that the Cybercrime Convention is much more like alaw enforcement "wish list" than an international instrument trulyrespectful of human rights. The Convention fails to respect fundamentaltenets of human rights espoused in previous international conventions,such as the 1948 Universal Declaration of Human Rights and the 1950Convention for the Protection of Human Rights and Fundamental Freedoms.
The Convention creates more invasive structures for law enforcementactivity without providing corresponding oversight and accountability.
While the Convention is very specific about new authorities to pursueinvestigations, it contains only vague generalities with regard to legalrights.

EPIC's 2005 letter to the Foreign Relations Committee (pdf):

EPIC's 2004 letter to the Foreign Relations Committee (pdf):

EPIC's page on The Council of Europe's Convention on Cybercrime:

[5] Proposed IRS Rules Limit Outsourcing, Expand Other Disclosures

On December 8, the IRS issued a notice of proposed rulemaking, whichoutlined significant changes to the ways in which tax preparers canshare taxpayer information. The most heralded portions of the proposedrules require a taxpayer's written consent before a preparer can sendthe taxpayer's information to co-workers or employees outside of theUnited States. These additional protections were added because of thedifficulty in prosecuting overseas preparers who abuse taxpayerinformation. Congressman Edward Markey (D-MA), an early proponent onlimiting the outsourcing of tax preparation services, praised the newrules in a statement released at the same time.

However, the proposed changes also increase the ways in which income taxpreparers can share taxpayer information within the United States. Forexample, preparers can now share information with contractors or otherpreparers without notifying the taxpayer. Also, lawyers or accountantsthat prepare tax returns would be able to disclose the information tothird parties without notifying the taxpayer, if the disclosures weremade in the normal course of business. Currently, a lawyer oraccountant must have the taxpayer's express or implied consent beforegiving out tax return information.

The new rules also would allow preparers limited use of taxpayerinformation for marketing and solicitation purposes, so long as thetaxpayer provides consent. Current regulations strictly limit the typesof solicitations that preparers can make.

The proposed rules also limit the criminal liability for improperdisclosures. While current regulations impose a criminal penalty forany improper disclosure of taxpayer information the new rules wouldrequire that the disclosure be made “knowingly or recklessly” for thereto be criminal charges.

The IRS is requesting comments on the proposed rules by March 8, 2006.
In addition, the IRS will be holding a public hearing on April 4, 2006.
Those who wish to present oral comments at the hearing must submitwritten or electronic comments by March 8, and must also provide anoutline of the topics to be discussed by March 14. More information isavailable in the IRS's Notice.

IRS Notice of Proposed Rulemaking (pdf):

Further Proposed Guidelines on Notice (pdf):

Representative Markey's Statement:,,id=151372,00.html

[6] News in Brief

House Immigration Bill Includes National ID PlansThe House Judiciary Committee has approved immigration reform bill,sponsored by REAL ID Act architect Rep. James Sensenbrenner, which wouldrequire a study on creating a machine-readable Social Security card anda Homeland Security database containing information on the employmenteligibility of all citizens and non-citizens. EPIC testified earlierthis year against the far-reaching plans. EPIC said that themachine-readable card would become a de facto identification card if, asthe bill suggests, employers were forced to use the machine-readable SSNcard for employment verification. The SSN was never intended to be anational identifier, and should not be used as such, EPIC said.

EPIC's May 2005 Testimony on Employment IDs (pdf):

H.R. 4437: Border Protection, Antiterrorism, and Illegal ImmigrationControl Act of 2005:

H.R. 98: The Illegal Immigration Enforcement and Social SecurityProtection Act of 2005:

EPIC's National ID and REAL ID Act page:

EU Passes Data Retention MeasuresOn December 14, the European Parliament approved a proposal thatrequires service providers to store customers' records for lawenforcement for two years. The data retention proposal, billed as acrime and terrorism measure, mandates the storage of phone locationdata, time and duration of calls, details of Internet connections, andthe details
but not the content
of email and Internet telephony calls.
The measures must still be formally approved by member states. Privacygroups such as European Digital Rights and EPIC have continually opposedthe measures as treating all European citizens as criminals. Privacyadvocates also say that the measures do little to stem actual crime andterror. Telecoms have also opposed the measures on the grounds that thetwo-year storage is very costly, and governments have not committed topaying any part of the costs required by the measure.

EPIC's International Data Retention Page

European Digital Rights:

FTC Levies Record-Setting Fine Against DirecTV
The Federal Trade Commission announced this week that it secured thelargest money settlement ever in a Do-Not-Call telemarketing suit.
DirecTV, a satellite television provider, agreed to pay a $5.3 millionfine for violations of the Telemarketing Sales Rule. DirectTV'stelemarketing partners were calling individuals on the Do-Not-CallRegistry. The partners were also "abandoning" calls, that is, initiatinga telemarketing call but then hanging up before the consumer couldanswer. DirecTV was alleged to have provided "substantial assistance orsupport" to these companies that were violating telemarketing laws. Thesettlement agreement announced this week does not conclude ongoinglitigation against an additional seven telemarketing companies thatpartnered with DirecTV.

FTC DirecTV Settlement Page:

EPIC Telemarketing Resources:

30,000 Travelers Improperly Matched to Terrorist Watch ListsAt least 30,000 air passengers have been improperly matched to names onfederal watch lists since last November, according to Jim Kennedy, headof the Transportation Security Administration redress office. Each ofthe 30,000 individuals submitted personal information and identificationdocuments to the agency in hopes of resolving their misidentificationproblems, and were issued letters to help them clear security morequickly. A few dozen more people were unable to benefit from thisredress process. Kennedy provided the information at a meeting of theDepartment of Homeland Security's Data Privacy and Integrity AdvisoryCommittee in Washington last week. In related news, a Swedish newspapercited European airline sources as saying that 80,000 names were on thewatch list provided by the U.S. government to airlines for passengerscreening.

Department of Homeland Security Data Privacy and Integrity AdvisoryCommittee:

EPIC Watch List FOIA Page:

Court Hears Arguments in Air Travel Identification CaseThe Ninth Circuit Court of Appeals recently heard oral arguments inGilmore v. Gonzales, a case challenging an unpublished federalrequirement that passengers show ID before boarding commercialairplanes. Plaintiff John Gilmore was not allowed to board a domesticflight because he refused to produce ID at the airport. Authorities alsorefused to show Gilmore the TSA regulation that apparently required himto show ID. Justice Department lawyers continue to insist that thegovernment need not disclose the law, since the regulation is a "lawenforcement technique" involving "sensitive security information." EPICfiled a "friend of the court" brief in the case last year, arguing thatmeaningful judicial review is necessary to prevent the government fromimposing secret law upon the public in violation of constitutional dueprocess rights.

Gilmore v. Gonzales web site:

EPIC's amicus brief (pdf):

Senator Seeks Alito Documents Withheld by the Justice DepartmentSenator Patrick Leahy has urged the Department of Justice to releasedocuments withheld under the Freedom of Information Act concerningSupreme Court nominee Samuel Alito. In a letter to the Attorney Generallast week, Senator Leahy asked that the Senate Judiciary Committee beprovided with all information withheld under the law, pointing out thatFreedom of Information Act exemptions do not apply to the Senate in itsconsideration of presidential nominations. Senator Leahy stated that theDepartment of Justice must produce the information quickly if the Senateis to review Judge Alito's nomination in a timely manner.

Senator Leahy's letter:

Wikipedia Entry Sparks Anonymity, Privacy DebateIn November, John Seigenthaler, Sr., founder of the First AmendmentCenter and the founding editorial director of USA Today, found falseinformation on an entry about him in Wikipedia, an online encyclopediathat can be edited by any visitor to its site. Seigenthaler complainedof being unable to find the source of the misinformation, which wasplaced in the article anonymously. When the author later came forwardand apologized, Seigenthaler accepted the apology, but continued to havereservations about Wikipedia's open and anonymous nature, including thethreat that online defamation of political figures might spur governmentregulation of the Internet.

Seigenthaler did note, however, that he could have filed suit against a"John Doe" and obtained the author's information via a subpoena. Whilesuch methods may deter online defamation, they may also chill legitimatecriticism. Online whistle-blowers can be identified through the use ofbogus "John Doe" defamation suits. Once the whistle-blower isidentified, the suit can be dropped, and retaliation takes place outsideof the legal system.

Wikipedia Entry on Seigenthaler:

EPIC's Internet Anonymity page:

[7] EPIC Bookstore and Privacy Gift Guide
With the holiday season upon us, EPIC is happy to help you find theperfect gift for the privacy activists on your shopping list. We'vemade a list of privacy gifts you can give to yourself and others thisyear. Note: some of these gift ideas are sold by online retailiers notafiiliated with EPIC. We therefore cannot guarantee their business (orprivacy) practices. As always, take care when shopping online to protectyour personal information! Enjoy, and happy holidays from EPIC!

Disappearing Civil Liberties MugA full copy of the Bill of Rights is printed on this mug. But just add alittle heat
by pouring in a hot beverage, or just a lot of hot air
andwatch your civil liberties disappear!

Your Free Credit ReportHere's a gift you can give yourself at any time of year, and it'sabsolutely free! Go to and you'll be able tosee what lenders, landlords, and others see when they requestinformation about you. You can use this valuable tool to check for andcorrect inaccuracies that can affect your business interactions. Also,check for new accounts that have been opened without your knowledge orconsent
these may be signs of identity theft. The Fair and AccurateCredit Transactions Act (FACTA) says you can get your free credit reportat least once a year with no charge.

Bill of Rights, Security EditionCarry your own copy of the first ten Amendments to the U.S. Constitutionin your pocket. When passing through one of the ubiquitous metaldetectors today, feel free to toss the Bill of Rights into the basketwith your keys and watch. Each copy of your own galvanized rights costs$4; a pack of 3 is $9.99.

Books from the EPIC BookstoreOver the past year, EPIC has read and reviewed a number of excellent newbooks on privacy and civil liberties in the computer age. Here, we'velisted some of our favorites. Of course, you can always pick from themany excellent EPIC publications listed below, too.

Robert Ellis Smith, "Compilation of State and Federal Privacty Laws"

"This 106-page reference book has just been updated, describing more than700 state and federal laws on privacy and surveillance. A descriptionand a legal citation is provided for each law. The laws are grouped bycategory, then listed alphabetically by state. The 2005 Supplement,published in December 2005, includes scores of new laws on identitytheft, medical records, 'credit freezes,' 'Security-breachnotifications,' spam, and use of Social Security numbers."

Dan Tynan, "Computer Privacy Annoyances: How to Avoid the Most AnnoyingInvasions of Your Personal and Online Privacy"

Dan Tynan's Computer Privacy Annoyances gets it right: the book providesexcellent advice on how to protect privacy without turning the readerinto a paranoid. The book has one of the best "top ten" steps toprotect privacy to date. He covers privacy at home, work, and on theInternets. He also covers privacy in public, an increasingly importanttopic in an age of ubiquitous cameras and nagging offline requests forpersonal data at retail stores. A prescient section of the bookdiscusses the privacy risks associated with social network software,systems that many even in the privacy community have adopted.

Katherine Albrecht, "Spychips: How major corporations and governmentplan to track your every move with RFID"

The privacy movement has been waiting for the book that transforms theworld as did Rachel Carson's "Silent Spring," Michael Harrington's "TheOther America," and Ralph Nader's "Unsafe at Any Speed." It's not yetclear that Spychips will be that book, but the case can be made thatSpychips is one of the best privacy books in many years.

There are few technologies transforming the world as rapidly as RFID…
There is much here for Orwellian paranoia. But what makes Spychips sucha compelling book is that Albrecht and McIntyre stay focused on what isactually happening today. They are also funny, clever, engaging, andinformative.

Robert O'Harrow, "No Place to Hide"

Journalist Robert O'Harrow's first book, No Place to Hide, is aWashington insider's exposé of how the fast-developing data collection,analysis, and identification technologies first developed for themarketing industry are increasingly used for law enforcement purposessince 9/11.

Johnny Long, "Google Hacking for Penetration Testers"

Johnny Long's "Google Hacking for the Penetration Testers" is anexcellent resource on the Google Internet search engine. Anyone whouses Google should read the first two chapters of this book, as itexplains the basic and more advanced search techniques available. Afterchapter two, things get interesting. Long explains how to use Google toaccess information anonymously, and then dives into discovering sitevulnerabilities and personal information on the Internet. It concludeswith common-sense approaches to securing your own servers against thesearch techniques explained earlier in the book.

Mari J. Frank, "From Victim To Victor: A Step By Step Guide For Endingthe Nightmare of Identity Theft"

"With 10 million new victims a year, there is a vast need for people tohave legal help at a reasonable price. As a lawyer and former victimherself, who has helped thousands of victims, Ms. Frank coaches andguides you through every step, to lead you out of the nightmare. MariFrank had created the first self-help recovery tool for victims ofidentity theft back in 1998, and this new edition with CD includes thenew federal laws and regulations in an easy to understand format."

Lawrence Lessig, "Free Culture: How Big Media Uses Technology and theLaw to Lock Down Culture and Control Creativity"

"A landmark manifesto about the genuine closing of the American mind.

Lawrence Lessig could be called a cultural environmentalist. One ofAmerica's most original and influential public intellectuals, his focusis the social dimension of creativity: how creative work builds on thepast and how society encourages or inhibits that building with laws andtechnologies...In Free Culture, he widens his focus to consider thediminishment of the larger public domain of ideas. In this powerfulwake-up call he shows how short-sighted interests blind to the long-termdamage they're inflicting are poisoning the ecosystem that fostersinnovation."

Stephen G. Breyer, "Active Liberty: Interpreting Our DemocraticConstitution"

"It is a historic occasion when a Supreme Court justice offers, off thebench, a new interpretation of the Constitution. Active Liberty, basedon the Tanner lectures on Human Values that Justice Stephen Breyerdelivered at Harvard University in November 2004, defines that term as asharing of the nation's sovereign authority with its citizens. Regardingthe Constitution as a guide for the application of basic Americanprinciples to a living and changing society rather than as an arsenal ofrigid legal means for binding and restricting it, Justice Breyer arguesthat the genius of the Constitution rests not in any static meaning itmight have had in a world that is dead and gone, but in the adaptabilityof its great principles to cope with current problems."

A Contribution to EPICOne final gift suggestion: If someone on your list is truly seriousabout protecting civil liberties, they'll definitely appreciate acontribution made to EPIC in their name (so will we!). They'll be gladto know that your contribution will help us continue our work towardsprotecting the ideals of privacy, free expression, and open government.
And if they're a real supporter of privacy rights, they'll be glad toknow that we don't rent, loan, trade, release or otherwise makeavailable the names of our individual contributors. You can donate bycredit card, check, or even via Paypal.

EPIC Publications:

"Privacy & Human Rights 2004: An International Survey of Privacy Lawsand Developments" (EPIC 2004). Price: $50.

This annual report by EPIC and Privacy International provides anoverview of key privacy topics and reviews the state of privacy in over60 countries around the world.  The report outlines legal protections,new challenges, and important issues and events relating to privacy. 
Privacy & Human Rights 2004 is the most comprehensive report on privacyand data protection ever published.

"FOIA 2004: Litigation Under the Federal Open Government Laws," HarryHammitt, David Sobel and Tiffany Stedman, editors (EPIC 2004). Price:

This is the standard reference work covering all aspects of the Freedomof Information Act, the Privacy Act, the Government in the Sunshine Act,and the Federal Advisory Committee Act. The 22nd edition fully updatesthe manual that lawyers, journalists and researchers have relied on formore than 25 years. For those who litigate open government cases (orneed to learn how to litigate them), this is an essential referencemanual.

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit onthe Information Society" (EPIC 2004). Price: $40.

This resource promotes a dialogue on the issues, the outcomes, and theprocess of the World Summit on the Information Society (WSIS). Thisreference guide provides the official UN documents, regional andissue-oriented perspectives, and recommendations and proposals forfuture action, as well as a useful list of resources and contacts forindividuals and organizations that wish to become more involved in theWSIS process.

"The Privacy Law Sourcebook 2004: United States Law, International Law,and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:

The Privacy Law Sourcebook, which has been called the "Physician's DeskReference" of the privacy world, is the leading resource for students,attorneys, researchers, and journalists interested in pursuing privacylaw in the United States and around the world. It includes the fulltexts of major privacy laws and directives such as the Fair CreditReporting Act, the Privacy Act, and the OECD Privacy Guidelines, as wellas an up-to-date section on recent developments. New materials includethe APEC Privacy Framework, the Video Voyeurism Prevention Act, and theCAN-SPAM Act.

"Filters and Freedom 2.0: Free Speech Perspectives on Internet ContentControls" (EPIC 2001). Price: $20.

A collection of essays, studies, and critiques of Internet contentfiltering. These papers are instrumental in explaining why filteringthreatens free expression.

"The Consumer Law Sourcebook 2000: Electronic Commerce and the GlobalEconomy," Sarah Andrews, editor (EPIC 2000). Price: $40.

The Consumer Law Sourcebook provides a basic set of materials forconsumers, policy makers, practitioners and researchers who areinterested in the emerging field of electronic commerce. The focus ison framework legislation that articulates basic rights for consumers andthe basic responsibilities for businesses in the online economy.

"Cryptography and Liberty 2000: An International Survey of EncryptionPolicy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price:

EPIC's third survey of encryption policies around the world. Theresults indicate that the efforts to reduce export controls on strongencryption products have largely succeeded, although several governmentsare gaining new powers to combat the perceived threats of encryption tolaw enforcement.

EPIC publications and other books on privacy, open government, freeexpression, crypto and governance can be ordered at:

EPIC Bookstore

"EPIC Bookshelf" at Powell's Books

EPIC also publishes EPIC FOIA Notes, which provides brief summaries ofinteresting documents obtained from government agencies under theFreedom of Information Act.

Subscribe to EPIC FOIA Notes at:

[8] Upcoming Conferences and Events

Ensuring Privacy and Secuurity of Consumer Information. AmericanConference Institute. January 26-27, 2006. New York, New York. For moreinformation:

Privacy in the Information Age: Databases, Digital Dossiers, andSurveillance. High Tech Law Institute, Santa Clara University. January27, 2006. Santa Clara, California. For more information:

First International Conference on Availability, Reliability andSecurity. Vienna University of Technology. April 20-22, 2006. Vienna,Austria. For more inofrmation:

Data Devolution: Corporate Information Security, Consumers and theFuture of Regulation. Fredric G. Levin College of Law, University ofFlorida. February 3-4, 2006. Gainesville, Florida. For more information:

Beyond the Basics: Advanced Legal Topics in Open Source andCollaborative Development in the Global Marketplace. University ofWashington School of Law. March 21, 2006. Seattle, Washington. For moreinformation:

Making PKI Easy to Use. National Institutes of Health. April 4-6, 2006.
Gaithersburg, Maryland. For more information:

First International Conference on Availability, Reliability andSecurity. Vienna University of Technology. April 20-22, 2006. Vienna,Austria. For more inofrmation:

CHI 2006 Workshop on Privacy-Enhanced Personalization. UC IrvineInstitute for Software Research and the National Science Foundation.
April 22-23. Montreal, Quebec, Canada. For more information:

The First International Conference on Legal, Security and Privacy Issuesin IT (LSPI). CompLex. April 30-May 2, 2006. Hamburg, Germany. For moreinformation:

International Conference on Privacy, Security, and Trust (PST 2006).
University of Ontario Institute of Technology. October 20-November 1,
2006. Oshawa, Ontario, Canada. For more information:

Subscription Information

Subscribe/unsubscribe via web interface:

Back issues are available at:

The EPIC Alert displays best in a fixed-width font, such as Courier.

Privacy Policy

The EPIC Alert mailing list is used only to mail the EPIC Alert and tosend notices about EPIC activities. We do not sell, rent or share ourmailing list. We also intend to challenge any subpoena or other legalprocess seeking access to our mailing list. We do not enhance (link toother databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail addressfrom this list, please follow the above instructions under "subscriptioninformation."

About EPIC

The Electronic Privacy Information Center is a public interest researchcenter in Washington, DC. It was established in 1994 to focus publicattention on emerging privacy issues such as the Clipper Chip, theDigital Telephony proposal, national ID cards, medical record privacy,and the collection and sale of personal information. EPIC publishes theEPIC Alert, pursues Freedom of Information Act litigation, and conductspolicy research. For more information, see or writeEPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202483 1140 (tel), +1 202 483 1248 (fax).

If you'd like to support the work of the Electronic Privacy InformationCenter, contributions are welcome and fully tax-deductible. Checksshould be made out to "EPIC" and sent to 1718 Connecticut Ave., NW,Suite 200, Washington, DC 20009. Or you can contribute online at:

Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for the rightof privacy and efforts to oppose government regulation of encryption andexpanding wiretapping powers.

Thank you for your support.


WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback