WorldLII Home | Databases | WorldLII | Search | Feedback

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 2006 >> [2006] EPICAlert 1

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

EPIC Alert 13.01 [2006] EPICAlert 1


Volume 13.01 January 12, 2006

Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.
Table of Contents

[1] Gore to Speak About Domestic Spy Program at Constitution Hall
[2] National Security Agency Domestic Spying Revealed
[3] EPIC Obtains Papers on Intelligence Misconduct, Files Suit for More
[4] EPIC Continues Fight Against Sony Spyware
[5] Troubling Provisions Tacked on to Violence Against Women Act
[6] News in Brief
[7] EPIC Bookstore:

[8] Upcoming Conferences and Events

[1] Gore to Speak About Domestic Spy Program at Constitution Hall

Former Vice President Al Gore will give a speech addressing theconstitutional crisis caused by the National Security Agency's domesticeavesdropping program and its implications for the rule of law, theseparation of powers, and Americans' constitutional rights atConstitution Hall, on Monday, January 16. The event is sponsored by TheLiberty Coalition and the American Constitution Society. Mr. Gore willbe introduced by former U.S. Representative Bob Barr (R-GA), chairman ofPatriots to Restore Checks and Balances.

The former Vice President's speech comes amid growing concern about thelegal basis put forward for President's Bush's domestic surveillanceprogram. A December 22, 2005 letter from the Department of Justice tomembers of the House and Senate Intelligence Committees offered a "briefsummary of the legal authority supporting the NSA activities describedby the President." The letter contends that the President has theauthority to "order foreign intelligence surveillance within the UnitedStates . . . ." The Justice Department further said, "The President'sconstitutional authority to direct the NSA to conduct the activities hedescribed is supplemented by statutory authority under the AUMF[Authorized Use of Military Force resolution, passed by Congress,September 18, 2001]." And the Justice Department stated that the "ThePresident's authorization of targeted electronic surveillance by the NSAis also consistent with the Foreign Intelligence Surveillance Act('FISA')."

However, an extensive analysis by the non-partisan CongressionalResearch Service questioned the Department of Justice assessment. TheCRS report concluded that the Congress expressly intended for thegovernment to seek warrants from a special Foreign IntelligenceSurveillance Court before engaging in such surveillance when it passedlegislation creating the court in 1978. The report also concluded thatBush's assertion that Congress authorized such eavesdropping to detectand fight terrorists does not appear to be supported by the specialresolution that Congress approved after the Sept. 11, 2001, terroristattacks, which focused on authorizing the president to use militaryforce. "It appears unlikely that a court would hold that Congress hasexpressly or impliedly authorized the NSA electronic surveillanceoperations here," the authors of the CRS report wrote. Theadministration's legal justification "does not seem to be . . .
well-grounded," the CRS report said.

A letter from legal scholars and former government officials reached asimilar conclusion. The letter states:

Although the program's secrecy prevents us from being privy to all of its details, the Justice Department's defense of what it concedes was secret and warrantless electronic surveillance of persons within the United States fails to identify any plausible legal authority for such surveillance. Accordingly the program appears on its face to violate existing law.

Vice President Gore's speech will begin at 12 noon on Monday, January 16.

Liberty Coalition

American Constitution Society

Patriots to Restore Checks and Balances

Registration for Event (Liberty Coalition)

Justice Department Defense of Domestic Surveillance Program (pdf):

Congressional Research Service Analysis of Domestic Surveillance Program(pdf):

Legal Scholars' Analysis of Domestic Surveillance Program

[2] National Security Agency Domestic Spying Revealed

Last month, President Bush admitted that he secretly issued an executiveorder in 2002 that authorized the National Security Agency to conductwarrantless surveillance of international telephone and Internetcommunications on American soil.

Government officials have refused to give details about the program,saying such disclosures could harm national security. However, the NewYork Times has reported that the NSA conducted warrantless surveillanceon as many as 500 people inside the United States at any given time, andthat thousands of people within the country may have been monitoredsince the operation began. President Bush has said that thesurveillance will continue.

The program operates outside the bounds set by the Foreign IntelligenceSurveillance Act, which was passed after the Watergate scandal toestablish a legal basis for foreign intelligence surveillance within theUnited States. Since the NSA program became public, Judge JamesRobertson has resigned from the Foreign Intelligence Surveillance Court,which reviews applications and grants orders for foreign intelligencegathering. Robertson's resignation was reportedly in protest of the NSAprogram.

In related news, EPIC has obtained the first Freedom of Information Actdocuments about the controversial program. The documents include twointernal messages from the agency's director to staff defending theNSA's activities and discouraging employees from discussing the issuewith the news media. In the second of those messages, Keith B.
Alexander, the Director of the NSA, wrote:

The President authorized NSA to execute this program consistent with U.S. law and our Constitution. To guarantee adherence to the law the authorization has been reviewed over thirty times,
approximately every forty-five days, since inception. The
authorization and the operation were reviewed and deemed legal by
the previous and current Attorneys General . . .

EPIC awaits additional documents from the agency.

Transcript of President's Radio Address on NSA Surveillance:

EPIC's Foreign Intelligence Surveillance Act Page:

NSA, FAQ on Signals Intelligence:

EPIC FOIA Documents on NSA Surveillance (pdf):

[3] EPIC Obtains Papers on Intelligence Misconduct, Files Suit for More

EPIC has obtained new documents through its ongoing Freedom ofInformation Act litigation that provide new details about unlawfulgovernment intelligence activities. Among other things, the heavilyredacted FBI reports describe agent misconduct while monitoringelectronic communications, including improper e-mail collection andeavesdropping on the wrong person's telephone calls.

The FBI released the documents in response to an EPIC request filed inMarch, which asked for information about the Bureau's use of PATRIOT Actprovisions that were set to expire on December 31, 2005. In April, EPICsued in federal court to force the FBI to release the information whileCongress considered renewing the expiring provisions. However, Congressrecently extended the deadline an additional five weeks to continuedebate on the PATRIOT Act.

The new documents supplement other reports of apparent intelligencemisconduct that EPIC obtained in October. Those documents describedBureau investigations conducted for months without proper reporting oroversight, an FBI agent's seizure of financial records in violation offederal privacy law, and an unidentified intelligence agency's unlawfulphysical search.

This week, EPIC filed a second suit against the Department of Justicefor additional information about possible misconduct reported to theIntelligence Oversight Board by the FBI. EPIC is also seeking documentsfrom the Attorney General about possible misconduct within theintelligence community, as well as responses to such reports. JudgeColleen Kollar-Kotelly, the head of the Foreign IntelligenceSurveillance Court, has been assigned to the case.

EPIC FOIA documents on possible intelligence abuses:

EPIC's FOIA request (pdf):

EPIC complaint against the Department of Justice (pdf):

[4] EPIC Continues Fight Against Sony Spyware

EPIC continues to work towards ensuring the privacy of music buyers,even as consumers in a New York-based class action lawsuit reach apreliminary settlement agreement with Sony BMG. The lawsuit arose fromSony's practice of selling CDs that installed dangerous software ontousers' computers.

Many Sony CDs, encumbered with "digital rights management" ("DRM")
software to prevent copying, also created security holes that would letvirus writers hide files on affected computers, or allow guest usersunlimited access to a computer's workings. The programs also acted asspyware, reporting the IP addresses and listening habits of users toSony and affiliated companies.

The preliminary settlement, announced in late December and approved by ajudge on January 6, promises an exchange program for the affected CDs,and promises not to use the flawed programs in the future. However, itsterms on the collection of personal information are less promising. Sonygenerally denies that its programs have collected personal information,as the company claims that IP addresses and consumers' listening habitsare not "personal data."

EPIC, which filed a separate suit against Sony in the District ofColumbia for its misrepresentations regarding the spyware aspects of itsDRM programs, has raised these objections with Sony and will continue towork on these issues until its concerns are addressed. Specifically,EPIC notes that tracking users' IP addresses and listening habits is aninvasion of privacy that, despite Sony's claims, can be used to identifyindividual users. EPIC also in concerned that the settlement agreementdoes not prevent Sony from using deceptive practices to collect personalinformation from users while claiming that users have "consented" tohaving their privacy invaded. The settlement agreement also expresslyallows Sony to collect information "necessary to provide enhanced CDfunctionality," as well as aggregated data from users.

EPIC's Complaint in EPIC v. Sony BMG (pdf):

[5] Troubling Provisions Tacked on to Violence Against Women Act

The reauthorization of the Violence Against Women Act, enacted to combatthe critical problems of domestic violence and stalking, was signed intolaw on January 5. However, the law also expanded the collection ofindividuals' DNA for a federal database and may chill anonymous onlinespeech.

Title X of the reauthorization bill allows law enforcement to collectthe DNA of anyone arrested and store the DNA in a federal database. (SeeEPIC Alert 12.20, News in Brief.) Those who are not U.S. citizens orpermanent residents can also have their DNA collected and stored anytime they are detained under U.S. authority. This greatly expands thenumber of people who have their DNA catalogued by the FBI's database, asthe previous law only allowed the collection of DNA from peopleconvicted, indicted, or charged with crimes.

Another problematic provision potentially threatens the ability to sendanonymous communications over the Internet. Section 113 of the Act,entitled "Preventing Cyberstalking," broadens an anti- telephoneharassment law by applying it to Internet communications. The laworiginally prohibited calling someone anonymously "with the intent toannoy, abuse, threaten, or harass" someone. The new provision prohibitsanonymously contacting someone over the Internet with the intent toannoy, abuse, threaten, or harass them. While the change appears to bean attempt to close loopholes that stalkers could exploit, such as usingvoice-over-IP to harass a victim, the new provision, if read broadly,could criminalize web pages or blogs that criticize, lampoon, orotherwise "annoy" someone.

Text of the Violence Against Women and Department of JusticeReauthorization Act of 2005 (pdf):

EPIC's Genetic Privacy Page:

EPIC's Free Speech Page:

[6] News in Brief

Chicago Police Highlight Illegal Phone Records Sales; States Take ActionThe Chicago Police Department has warned officers that their telephonecalling records may be purchased by others, according to reporting inthe Chicago Sun-Times. Online data brokers and private investigatorsoffer "phone breaks" over the Internet, where for a $150 fee, one canpurchase the wireless or wireline phone calling records of anotherperson. These records are obtained through "pretexting," the practice ofimpersonating the account holder in order to fool a company intoreleasing records. Officials in several states are taking action toprotect phone records. Illinois Governor Blagojevich proposedlegislation to broadly prohibit pretexting.

EPIC has filed a complaint with the Federal Trade Commission identifying40 websites that offer to sell phone records, and has filed a petitionwith the Federal Communications Commission to require phone companies toenhance their security safeguards.

To protect your phone record, be sure that your phone account is in yourname. If another person is paying for the account, they may have theauthority to view the account records. To prevent pretexting, call yourphone company and place a password on the account. Requiring a passwordfor account access will reduce the risk that phone records will beobtained.

EPIC Resources on Illegal Sale of Phone Records:

Illinois Governor Press Release on Pretexting:

EPIC Speaks at Town Hall on Domestic SurveillanceEPIC Executive Director Marc Rotenberg spoke with Rep. Ed Markey (D-MA)
and Carol Rose of the ACLU at an Emergency Town Hall Meeting at theNational Heritage Museum in Lexington, Mass. Rep. Markey called themeeting to address the Bush Administration's Program on DomesticSurveillance. The panel addressed eight myths of the program. More than500 people attended.

Rep. Markey's Page:

EPIC Comments on Proposed IRS DatabaseIn December, the Internal Revenue Service proposed rules exempting a newdatabase of non-profit organization investigations from federal privacylaw requirements. Specifically, the IRS proposed that its data could beirrelevant and unnecessary to the agency's purpose, and that individualswould be prevented from accessing information kept about them in thedatabase. In comments filed with the agency, EPIC highlighted theconstitutional importance of privacy in associational rights, and urgedthe IRS not to pursue the exceptions. EPIC noted that these provisionswould not interfere with the agency's ability to conduct investigations,especially if individuals were allowed access to information afterinvestigations were complete.

IRS's Proposed System of Records:

IRS's Proposed Exemption from Privacy Act Requirements:

EPIC's Comments (pdf):

EPIC's Privacy Act of 1974 Page:

Supreme Court Lets University Anti-Spam Policy StandOn January 9, the Supreme Court refused to hear a case on whether or notthe University of Texas could prevent spam from reaching its students.
The Supreme Court's decision means that the University remains free toblock the emails, since the 5th Circuit Court of Appeals held that theanti-spam policy was permissible in a ruling issued in August. Theplaintiff spammer had argued that the university's policy was anunconstitutional restriction on speech and also preempted by the federalCAN-SPAM Act. The 5th Circuit decision rejected both these arguments.

5th Circuit's decision in White Buffalo Ventures v. Univ. of Texas(pdf):

EPIC's Spam page:

Polls Show Increasing Skepticism of Government Surveillance

Two polls show increased concern over privacy and surveillance inAmerica. A Washington Post / ABC News poll showed that two out of threeAmericans believed that federal agencies are intruding on personalprivacy in their anti-terrorism activities. About a third of Americansbelieve that it is more important for the federal government to notintrude on personal privacy than it is to investigate possible terroristthreats, up 11 percent from 2003 and up 14 percent from 2002. Members ofboth parties share concern over privacy rights, with both Republicansand Democrats fearing that privacy rights may be compromised byanti-terrorism policies.

A poll conducted by CNN, USA Today, and Gallup showed a similar increasein privacy worries. Since 2003, 10 percent more people feel that theBush administration has gone too far in the campaign against terrorism,with 38 percent currently worried about restricted civil liberties.
Though both polls show that respondents are evenly split in decidingwhether the recently revealed domestic surveillance program wasjustified, it seems that most Americans are interested in the story,with 75 percent of the CNN poll and 66 percent of the Post poll sayingthey were following the story closely.

Washington Post on Poll Results:

CNN on Poll Results:

EPIC's Privacy and Public Opinion Page:

[7] EPIC Bookstore: James Risen's "State of War"

James Risen, "State of War: The Secret History of the CIA and the BushAdministration" (The Free Press 2006)

It's been nearly a month since we learned that President Bush authorizedthe National Security Agency to conduct warrantless surveillance after9/11, but details about the program remain scarce. While governmentofficials refuse to discuss specifics, James Risen's "State of War"
sheds more light on this subject than any other source.

The new book reports previously unknown details about the BushAdministration's foreign policy and intelligence operations, thegovernment's response to 9/11, and the events leading up to the war inIraq. It's a particularly interesting read, however, for those seekingnew information about the NSA's surveillance program, since Risen is oneof the reporters who recently revealed the operation's existence aftermore than a year of investigation.

Among the items disclosed by unnamed officials interviewed for the book:

* The few Justice Department officials aware of the NSA operation callit simply "the Program."

* Administration officials decided not to seek court orders from theForeign Intelligence Surveillance Court for the NSA operation partlybecause the number of telephone and Internet communications beingmonitored was so large that they couldn't obtain fast approval for allof them.

* 10-20 percent of the orders issued by the Foreign IntelligenceSurveillance Court are products of information gathered through the NSAprogram.

There are still many questions about the circumstances, details, andlegality of the NSA's domestic surveillance, but "State of War" takesthe first steps toward answering them.

-- Marcia Hofmann

EPIC Publications:

"Privacy & Human Rights 2004: An International Survey of Privacy Lawsand Developments" (EPIC 2004). Price: $50.

This annual report by EPIC and Privacy International provides anoverview of key privacy topics and reviews the state of privacy in over60 countries around the world. The report outlines legal protections,new challenges, and important issues and events relating to privacy.
Privacy & Human Rights 2004 is the most comprehensive report on privacyand data protection ever published.

"FOIA 2004: Litigation Under the Federal Open Government Laws," HarryHammitt, David Sobel and Tiffany Stedman, editors (EPIC 2004). Price:

This is the standard reference work covering all aspects of the Freedomof Information Act, the Privacy Act, the Government in the Sunshine Act,and the Federal Advisory Committee Act. The 22nd edition fully updatesthe manual that lawyers, journalists and researchers have relied on formore than 25 years. For those who litigate open government cases (orneed to learn how to litigate them), this is an essential referencemanual.

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit onthe Information Society" (EPIC 2004). Price: $40.

This resource promotes a dialogue on the issues, the outcomes, and theprocess of the World Summit on the Information Society (WSIS). Thisreference guide provides the official UN documents, regional andissue-oriented perspectives, and recommendations and proposals forfuture action, as well as a useful list of resources and contacts forindividuals and organizations that wish to become more involved in theWSIS process.

"The Privacy Law Sourcebook 2004: United States Law, International Law,and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:

The Privacy Law Sourcebook, which has been called the "Physician's DeskReference" of the privacy world, is the leading resource for students,attorneys, researchers, and journalists interested in pursuing privacylaw in the United States and around the world. It includes the fulltexts of major privacy laws and directives such as the Fair CreditReporting Act, the Privacy Act, and the OECD Privacy Guidelines, as wellas an up-to-date section on recent developments. New materials includethe APEC Privacy Framework, the Video Voyeurism Prevention Act, and theCAN-SPAM Act.

"Filters and Freedom 2.0: Free Speech Perspectives on Internet ContentControls" (EPIC 2001). Price: $20.

A collection of essays, studies, and critiques of Internet contentfiltering. These papers are instrumental in explaining why filteringthreatens free expression.

"The Consumer Law Sourcebook 2000: Electronic Commerce and the GlobalEconomy," Sarah Andrews, editor (EPIC 2000). Price: $40.

The Consumer Law Sourcebook provides a basic set of materials forconsumers, policy makers, practitioners and researchers who areinterested in the emerging field of electronic commerce. The focus ison framework legislation that articulates basic rights for consumers andthe basic responsibilities for businesses in the online economy.

"Cryptography and Liberty 2000: An International Survey of EncryptionPolicy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price:

EPIC's third survey of encryption policies around the world. Theresults indicate that the efforts to reduce export controls on strongencryption products have largely succeeded, although several governmentsare gaining new powers to combat the perceived threats of encryption tolaw enforcement.

EPIC publications and other books on privacy, open government, freeexpression, crypto and governance can be ordered at:

EPIC Bookstore

"EPIC Bookshelf" at Powell's Books

EPIC also publishes EPIC FOIA Notes, which provides brief summaries ofinteresting documents obtained from government agencies under theFreedom of Information Act.

Subscribe to EPIC FOIA Notes at:

[8] Upcoming Conferences and Events

Former Vice President Al Gore introduced by former Rep. Bob Barr, TheNSA's Domestic Surveillance Program and the Rule of Law, ConstitutionHall, Washington, DC. January 16, 2006. Registration information at:

Ensuring Privacy and Secuurity of Consumer Information. AmericanConference Institute. January 26-27, 2006. New York, New York. For moreinformation:

Privacy in the Information Age: Databases, Digital Dossiers, andSurveillance. High Tech Law Institute, Santa Clara University. January27, 2006. Santa Clara, California. For more information:

Data Devolution: Corporate Information Security, Consumers and theFuture of Regulation. Fredric G. Levin College of Law, University ofFlorida. February 3-4, 2006. Gainesville, Florida. For more information:

Who Can You Trust?: Privacy and Security is Everyone's Responsibility.
Reboot Communications. February 9-10, 2006. Victoria, British Columbia,Canada. For more information:

Beyond the Basics: Advanced Legal Topics in Open Source andCollaborative Development in the Global Marketplace. University ofWashington School of Law. March 21, 2006. Seattle, Washington. For moreinformation:

Making PKI Easy to Use. National Institutes of Health. April 4-6, 2006.
Gaithersburg, Maryland. For more information:

First International Conference on Availability, Reliability andSecurity. Vienna University of Technology. April 20-22, 2006. Vienna,Austria. For more inofrmation:

CHI 2006 Workshop on Privacy-Enhanced Personalization. UC IrvineInstitute for Software Research and the National Science Foundation.
April 22-23. Montreal, Quebec, Canada. For more information:

The First International Conference on Legal, Security and Privacy Issuesin IT (LSPI). CompLex. April 30-May 2, 2006. Hamburg, Germany. For moreinformation:

Computers, Freedom, and Privacy Conference (CFP 2006). Association forComputing Machinery May 2-5, 2006. Washington, DC. For more information:

International Conference on Privacy, Security, and Trust (PST 2006).
University of Ontario Institute of Technology. October 20-November 1,
2006. Oshawa, Ontario, Canada. For more information:

Subscription Information

Subscribe/unsubscribe via web interface:

Back issues are available at:

The EPIC Alert displays best in a fixed-width font, such as Courier.

Privacy Policy

The EPIC Alert mailing list is used only to mail the EPIC Alert and tosend notices about EPIC activities. We do not sell, rent or share ourmailing list. We also intend to challenge any subpoena or other legalprocess seeking access to our mailing list. We do not enhance (link toother databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail addressfrom this list, please follow the above instructions under "subscriptioninformation."

About EPIC

The Electronic Privacy Information Center is a public interest researchcenter in Washington, DC. It was established in 1994 to focus publicattention on emerging privacy issues such as the Clipper Chip, theDigital Telephony proposal, national ID cards, medical record privacy,and the collection and sale of personal information. EPIC publishes theEPIC Alert, pursues Freedom of Information Act litigation, and conductspolicy research. For more information, see or writeEPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202483 1140 (tel), +1 202 483 1248 (fax).

If you'd like to support the work of the Electronic Privacy InformationCenter, contributions are welcome and fully tax-deductible. Checksshould be made out to "EPIC" and sent to 1718 Connecticut Ave., NW,Suite 200, Washington, DC 20009. Or you can contribute online at:

Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for the rightof privacy and efforts to oppose government regulation of encryption andexpanding wiretapping powers.

Thank you for your support.


WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback