======================================================================= E P I C A l e r t ======================================================================= Volume 10.02 January 31, 2003 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/EPIC_Alert_10.02.html ======================================================================= Table of Contents ======================================================================= [1] European Commission Orders Microsoft to Modify Passport [2] Critical Hill Action Pending on "Total Information Awareness" [3] Opposition to Data Retention Grows in Europe [4] Public Voice Conference at OECD-APEC Forum on the Digital Economy [5] FTC, New York Attorney General Take Action to Protect Privacy [6] Privacy International Seeks Nominations for Big Brother Awards [7] EPIC Bookstore: The GigaLaw Guide to Internet Law [8] Upcoming Conferences and Events ======================================================================= [1] European Commission Orders Microsoft to Modify Passport ======================================================================= European governments, seeking to protect the privacy rights of computer users in the European Union, have required Microsoft to modify Passport, an online authentication system that identifies Internet users and enables the transfer of personal information between various Web sites around the world. The European Union Working Party on Data Protection ("WP29") issued a Report that found Microsoft's Passport system violated several EU data protection rules. The WP29 Report requires Microsoft to better inform users of their privacy rights under European laws and more fairly collect and process their personal data. The Report also requires Microsoft to make it easier for Passport users to know what personal information Microsoft and its Passport affiliates collect about them, and to allow users to restrict the use and sharing of that information for commercial and marketing purposes. The WP29 Report also gives users the right to indicate on a site-by-site basis which personal information they wish to disclose. Pursuant to the Report, Microsoft has to make substantial changes to Passport. The Report also discusses competing online authentication systems, such as the Liberty Alliance Project, without mandating specific changes at this point. The WP29 will continue monitoring future developments in those authentication services and companies developing them will need to follow its guidelines. European Commissioner Bolkestein said that companies will need to follow the Working Party Guidelines for all future services. The outcome in Europe comes almost a year and a half after EPIC and a coalition of consumer and privacy organizations initiated a complaint against Microsoft at the Federal Trade Commission in July 2001, alleging that Passport violated Section 5 of the Federal Trade Commission Act and constituted an "unfair and deceptive trade practice." The FTC found that Microsoft had in fact made false representations concerning Passport and associated services. The FTC said that Microsoft must establish a comprehensive information security program for Passport, and that it must not misrepresent its practices of information collection and usage. Microsoft agreed to comply with the FTC order, as well as to undergo independent audits every two years for the next 20 years to ensure compliance. In March 2002, an EC member submitted questions to the Commission raising many of the same issues included in EPIC complaints to the FTC and questioned Passport's impact on European consumers' privacy. The European Commission subsequently promised to look to this issue as a matter of priority. During its discussions with the Commission, Microsoft had reportedly alleged that its service always complied with European privacy laws because it gave European users the right to change or delete any personally identifiable information about them. The WP29's Report makes it now clear that substantial changes are required in Passport before the system can be considered in compliance with European laws. The Commission's decision has an impact on the online privacy of more than 250 million Passport users, most of them based in the US, since Passport does not discriminate between the nationality of its users. The WP29 Report also urges the development of anonymous and psuedonymous authentication systems and recommends the development of systems that minimize the amount of personal information collected and limit the use to that which is necessary. Additionally, the Report emphasizes that users should be given full control over decisions affecting the use of their personal data for profiling purposes, and mandates that transfers of personal information to third countries be adequately protected pursuant to European privacy rules. WP 29's Working Document on on-line authentication services (WP 68) (January 29, 2003) (PDF): http://www.epic.org/redirect/eu_pdf.html European Commission press release (Jan. 30, 2003): http://www.epic.org/redirect/ec_release.html Press release by the Article 29 working party (Jan. 29, 2003): http://www.epic.org/redirect/wp_release.html European Union data protection rules: http://europa.eu.int/comm/internal_market/en/dataprot/law/ FTC Consent Order, In the Matter of Microsoft Corporation, File No. 012.3240 http://www.ftc.gov/os/2002/08/microsoftagree.pdf Rotenberg, ed., The Privacy Law Sourcebook (EPIC 2002) (includes the EU Data Protection Directive and the initial WP29 report on authentication services): http://www.epic.org/bookstore/pls2002/ EPIC's Microsoft Passport Investigation Docket: http://www.epic.org/privacy/consumer/microsoft/passport.html ======================================================================= [2] Critical Hill Action Pending on "Total Information Awareness" ======================================================================= The short-term fate of the controversial Total Information Awareness (TIA) program is likely to be decided within the next two weeks. A coalition of Senators on January 23 attached an amendment to the omnibus spending bill that would limit the TIA system. Senators Ron Wyden (D-OR), Dianne Feinstein (D-CA), Jon Corzine (D-NJ), Harry Reid (D-NV), and Barbara Boxer (D-CA) sponsored the measure, which is known as Amendment 59. Sen. Charles Grassley (R-IA) had offered a similar amendment and supported inclusion of the Wyden amendment in the spending package. The amendment will now be the subject of negotiations in a conference between the Senate and the House on the omnibus spending bill. Under Amendment 59, funding for development of TIA will end 60 days after the passage of the omnibus spending bill, unless the intelligence community submits a detailed report to Congress on the privacy and civil liberties implications of the system. However, exceptions in the amendment would allow President Bush to approve continued funding for TIA if he determines that issuing the report is impracticable and that a cessation of TIA research would endanger national security. The amendment further requires Congressional authorization before TIA is actually deployed by any agency. The amendment would allow TIA to be deployed only for military purposes outside the United States and for foreign intelligence activities conducted against non-citizens or wholly outside the country. Individuals wishing to support the TIA moratorium should immediately contact the omnibus spending bill conferees in the House of Representatives and the Senate (see link below). Senate Amendment 59: http://www.epic.org/privacy/profiling/tia/sa59.html H. J. Res. 2, Omnibus Appropriations Bill: http://thomas.loc.gov/cgi-bin/bdquery/z?d108:HJ00002: List of House and Senate Conferees: http://www.epic.org/privacy/profiling/tia/conferees.html EPIC Total Information Awareness page: http://www.epic.org/privacy/profiling/tia/ ======================================================================= [3] Opposition to Data Retention Grows in Europe ======================================================================= A multi-party coalition of 38 European Parliament members have recommended that the European Council and some Member States abandon their plans to monitor and retain data on people's private communications. Condemning the practice of data retention as a violation of the European Convention of Human Rights, its case law, and the EU Data Protection Directive, the group argued for alternative solutions to fight crime and urged the adoption of stricter limits on the storage and use of communications for law enforcement. As an example of less privacy-invasive measures, the coalition argued that preservation of data on a case-by-case basis would be more suitable to achieve the objectives pursued by police and security agencies. Concurrently, in Great Britain, a parliamentary committee has rejected the government's current data retention proposal, in which it had planned to retain private communications data for up to a year. The All Party Internet Group ("APIG"), a parliamentary inquiry panel, examined the Home Office's data retention scheme, which is part of the Anti-Terrorism Crime & Security Act 2001 ("ATCS"). They concluded that the government's proposals were impractical, the cost of retention had been underestimated, and the concept of data retention appeared to be violating the UK Human Rights Act, which incorporates the European Convention on Human Rights into English Law. They also showed that the industry was not willing or able to comply with mandatory data retention requirements, and recommended that the Home Office negotiate with industry players a "targeted data preservation" scheme instead, as a more viable option. In reaction to the report, the UK government denied some of its findings, rejected the idea of data preservation as the most adequate solution to fight crime, and promised to establish a better dialogue with industry, without mentioning how it would address civil liberties issues. The Home Office nevertheless made clear that if industry actors could not agree on a voluntary code of practice on data retention, the government would go forward with the planned retention. The crucial issue in the current debate on electronic surveillance of communications data under the new EU Directive on Privacy and Electronic Communications (2002/58/EC) is whether law enforcement authorities can justifiably claim that the retention of all people's private communications data for long periods and in a systematic fashion is necessary to fight crime and terrorism. The "communications data" referred to in the European context are all traffic and location data held by Internet service providers and landline and mobile telephone companies about their customers. This includes people's browsing patterns, phone and e-mail details (geographic location of mobile phone users, call time and duration, number dialed, callers' and recipients' names, e-mail addresses), chatroom user IDs, credit cards, etc. The European Council is currently working on a framework decision that could make the principle of data retention -- which can be defined as the systematic and mandatory storage of large categories of traffic and location data for a specified period -- compulsory for all EU Member States; however, data preservation -- the storage of specific data related to a particular criminal investigation of a specified individual for a specified period of time, accessed pursuant to legal and constitutional safeguards and subject to judicial review -- is favored in most countries. For more information and news items about data retention, see EPIC's Data Retention page: http://www.epic.org/privacy/intl/data_retention.html All Party Internet Group report: http://www.apig.org.uk/APIGreport.pdf ======================================================================= [4] Public Voice Conference at OECD-APEC Forum on the Digital Economy ======================================================================= The Public Voice Coalition held a conference in conjunction with the joint OECD-APEC Forum on the Future of the Digital Economy from January 14-17 in Honolulu, Hawaii. The Public Voice provides the opportunity for civil society organizations to participate in international policymaking forums that might otherwise be limited to business and government. Attendees included representatives from the Association for Computing Machinery (ACM), Consumers International, the Electronic Privacy Information Center (EPIC), the Federal Trade Commission, the National Consumers League, the Office of Consumer Protection in Hawaii, the Organization for Economic Cooperation and Development (OECD), and the Trade Union Advisory Council (TUAC), as well as experts in technology, security, and Internet law and policy. Public Voice participants addressed two topics under consideration by the OECD and the Asia Pacific Economic Cooperation forum (APEC): Security and Trust in Ecommerce, and Inclusion and Participation in the Information Society. The latter was also the subject of a WSIS (World Summit on the Information Society) preparatory meeting held on January 17, immediately after the OECD-APEC forum. An important theme that emerged from the conference was that policymakers should focus more on serving the needs of end users of Information and Communications Technologies (ICTs). The digital marketplace is a demand-driven economy; therefore, in order for commerce to thrive, policy frameworks must provide an environment that fosters trust and security for consumers. Governments also have great potential to use ICTs to provide various services to their citizens, including e-government, e-learning and e-health; however, the government must be more responsive to citizens' needs, and should address the concerns of the public in the design of any such framework. Participants made several specific recommendations to the OECD and APEC. Key recommendations included the following: (1) While good consumer, privacy and security guidelines are vital, policymakers must also focus their attention on the challenges of implementation, including building effective cross-border and internal enforcement mechanisms; (2) Privacy and security guidelines need to be applied to the databases and record systems established by government. Too often the protection of privacy is misconceived as a national security risk. In fact, given the vulnerability of citizens and the continued weakness of many security systems, the lack of privacy is quickly becoming the real national security risk; (3) As the profile of ICT users rapidly moves away from technologically savvy users, there is a growing need for governments to provide simple, clear regulations that protect users and educate them about their rights; (4) There is a pressing need to develop online rights for online workers to protect worker's rights to organize and communicate in the electronic workplace; (5) Governments must bring more technical expertise to the decision making process when considering emerging technologies. Recent developments concerning copyright protection, electronic voting, and the proposal for "Total Information Awareness" lack adequate input from the technical community and often result in counterproductive or misguided proposals; and (6) While promoting inclusion and participation in the information society, it is important to provide more than access. Governments should focus on reducing the barriers to enable actual participation in the use and development of the Internet, this might include expanding the public domain and allowing new ICTs such as Wi-Fi networks to freely develop. The Public Voice will continue working closely with the OECD and now with APEC to bring civil society voices to international decision making forums. For reports, presentations, and background information, visit: http://www.thepublicvoice.org/events/honolulu03/ More information about Public Voice events and activities can be found at: http://www.thepublicvoice.org/ ======================================================================= [5] FTC, New York Attorney General Take Action to Protect Privacy ======================================================================= The Federal Trade Commission (FTC) and New York Attorney General (NYAG) have both taken actions that will improve privacy protections nationwide. The FTC and the NYAG have settled actions into the business practices of student marketers. In a separate case, the NYAG recently settled a lawsuit against a spam company. Additionally, the FTC has issued a report on consumer protection that shows that identity theft is a major threat to consumers. Both the FTC and NYAG have recently completed actions against Student Marketing Group (SMG), a company that collected information from students for marketing purposes under the pretense of college financial aid assistance. Through teachers, SMG distributed surveys to students that collected personal information, and then sold that information to credit card, student loan, cosmetics, magazine, and clothing companies. These settlements demonstrate that data collectors who mislead individuals by not fully disclosing secondary uses of personal information will run afoul of consumer protection law. In a separate action, the NYAG obtained a court order enjoining MonsterHut, a now-defunct e-mail marketing company, from falsely representing that individuals consented to receiving its spam. As a result of this order, list purchasers are likely to require e-mail address sellers to guarantee that individuals' information was obtained with proper consent. A February hearing will determine whether MonsterHut will be subject to restitution and civil penalties. Finally, the FTC has released its annual report about identity theft and the top ten fraud complaint categories reported by consumers. Identity theft topped the list -- continuing the trend for a third year -- constituting 43 percent of complaints in the FTC's "Consumer Sentinel" complaint database. The number of reported identity theft complaints increased from 31,117 in 2000 to 86,198 in 2001, and surged to 161,819 in 2002. FTC Consumer Alert on Student "Surveys:" http://www.ftc.gov/opa/2003/01/ercaalert.pdf FTC Student Marketing Group Settlement: http://www.ftc.gov/opa/2003/01/ecra.htm NYAG Student Marketing Group Settlement: http://www.epic.org/privacy/student/SMGconsentorder.pdf EPIC Student Privacy Page: http://www.epic.org/privacy/student/ NYAG MonsterHut Settlement: http://www.oag.state.ny.us/internet/litigation/monster_hut.pdf FTC Report on National and State Trends in Identity Theft http://www.consumer.gov/sentinel/pubs/Top10Fraud_2002.pdf EPIC Fair Credit Reporting Act Page: http://www.epic.org/privacy/fcra/ ======================================================================= [6] Privacy International Seeks Nominations for Big Brother Awards ======================================================================= In April 2003, Privacy International (PI) will hold the fifth U.S. "Big Brother Awards" to name and shame the public and private sector individuals and organizations that have done the most to invade personal privacy in the United States in the past year. Three distinctive "Orwell" statues of a golden boot stomping a head will be presented to the government agencies and officials, companies and initiatives that have done the most to invade personal privacy in the previous year. The "Admiral John M. Poindexter Lifetime Menace" award will also be presented to an organization that has systematically invaded privacy over a long period of time. Previous "winners" include the Federal Bureau of Investigation, the National Security Agency, DoubleClick, ChoicePoint, Trans Union, Oracle, the FAA's BodyScan system, the Department of Commerce and Microsoft. "Brandeis" awards will also be given out to champions of privacy. The Brandeis Award is named after U.S. Supreme Court Justice Louis Brandeis, who is considered the father of American privacy law, describing privacy as "the right most valued by civilized" persons. The awards are given to those who have done exemplary work to protect and enhance privacy. Previous winners include Phil Zimmermann, creator of PGP; Beth Givens, founder of the Privacy Rights Clearinghouse; and Robert Ellis Smith, editor of the Privacy Journal. The judging panel, consisting of lawyers, academics, consultants, journalists and civil rights activists, is currently inviting nominations from members of the public. Nominations can be submitted via the PI Web site. Privacy International will post the most popular current nominations on its site. The U.S. Big Brother Awards are now in their fifth year. There have also been ceremonies in the UK, Germany, Austria, Belgium, Bulgaria, Finland, Spain, Switzerland, Hungary, France, Denmark and the Netherlands. The initiator of the awards, Privacy International, was founded in 1990, and campaigns on a wide range of privacy issues around the world. Substantial support for the Awards is made through the Public Voice Campaign. The ceremony will be held at the New Yorker Hotel in New York City at the 13th Annual Conference on Computers, Freedom and Privacy. Privacy International Big Brother Awards Page: http://www.privacyinternational.org/bigbrother/us2003/ Conference on Computers, Freedom, and Privacy: http://www.cfp2003.org/ The Public Voice: http://www.thepublicvoice.org/ ======================================================================= [7] EPIC Bookstore: The GigaLaw Guide to Internet Law ======================================================================= The GigaLaw Guide to Internet Law, by Doug Isenberg (Random House 2002). http://www.epic.org/bookstore/powells/redirect/alert1002.html In this comprehensive guide, Isenberg succinctly covers every aspect of Internet law -- from intellectual property, free speech, and privacy to contract and employment law -- in a concise and non-"legalese" style. His coverage provides the reader with realistic and business-oriented solutions to the most common problems relating to conducting online business in America, and is especially aimed at policy makers, researchers, company lawyers and decision-makers. Although the book is not particularly consumer-oriented, it offers a good outline of current privacy issues and raises the average reader's awareness on some of today's most important privacy risks when surfing or expressing oneself on the Internet. ================================ EPIC Publications: "The Privacy Law Sourcebook 2002: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2002). Price: $40. http://www.epic.org/bookstore/pls2002/ The "Physicians Desk Reference of the privacy world." An invaluable resource for students, attorneys, researchers and journalists who need an up-to-date collection of U.S. and International privacy law, as well as a comprehensive listing of privacy resources. ================================ "FOIA 2002: Litigation Under the Federal Open Government Laws," Harry Hammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price: $40. http://www.epic.org/bookstore/foia2002/ This is the standard reference work covering all aspects of the Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and the Federal Advisory Committee Act. The 21st edition fully updates the manual that lawyers, journalists and researchers have relied on for more than 25 years. For those who litigate open government cases (or need to learn how to litigate them), this is an essential reference manual. ================================ "Privacy & Human Rights 2002: An International Survey of Privacy Laws and Developments" (EPIC 2002). Price: $25. http://www.epic.org/bookstore/phr2002/ This survey, by EPIC and Privacy International, reviews the state of privacy in over fifty countries around the world. The survey examines a wide range of privacy issues including data protection, telephone tapping, genetic databases, video surveillance, location tracking, ID systems and freedom of information laws. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0/ A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ "The Consumer Law Sourcebook 2000: Electronic Commerce and the Global Economy," Sarah Andrews, editor (EPIC 2000). Price: $40. http://www.epic.org/cls/ The Consumer Law Sourcebook provides a basic set of materials for consumers, policy makers, practitioners and researchers who are interested in the emerging field of electronic commerce. The focus is on framework legislation that articulates basic rights for consumers and the basic responsibilities for businesses in the online economy. ================================ "Cryptography and Liberty 2000: An International Survey of Encryption Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price: $20. http://www.epic.org/crypto&/ EPIC's third survey of encryption policies around the world. The results indicate that the efforts to reduce export controls on strong encryption products have largely succeeded, although several governments are gaining new powers to combat the perceived threats of encryption to law enforcement. ================================ EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at: EPIC Bookstore http://www.epic.org/bookstore/ "EPIC Bookshelf" at Powell's Books http://www.powells.com/features/epic/epic.html ======================================================================= [8] Upcoming Conferences and Events ======================================================================= O'Reilly Bioinformatics Technology Conference. February 3-6, 2003. San Diego, CA. For more information: http://conferences.oreilly.com/macosxcon/ 10th Annual Network and Distributed System Security Symposium. The Internet Society. February 5-7, 2003. San Diego, CA. For more information: http://www.isoc.org/ndss03/ Civil Liberties in the Information Age. Potomac Institute. February 6, 2003. Washington, DC. For more information, contact Dan Dayton at 703-562-4511. Politics of Code: Shaping the Future of the Next Internet. Oxford University Programme in Comparative Media Law and Policy. February 6, 2003. Oxford, England. For more information: http://pcmlp.socleg.ox.ac.uk/code/ Call for Proposals: February 15, 2003. O'Reilly Open Source Convention. July 7-11, 2003. Portland, OR. For more information: http://conferences.oreilly.com/oscon/ Third Annual Privacy & Data Security Summit: Implementing & Managing Privacy in a Complex Environment. International Association of Privacy Professionals. February 26-28, 2003. Washington, DC. For more information: http://www.privacyassociation.org/html/conferences.html Quality Labels for Web Sites: Alternative Approaches to Content Rating. Programme in Comparative Media Law and Policy (PCMLP), Oxford University. February 27, 2003. Kirchberg, Luxembourg. For more information: http://saferinternet.org/news/Quality-label-workshop.asp The Law and Technology of DRM: What will DRM technologies mean for the future of information? University of California, Berkeley, School of Information Management and Systems and Boalt Hall School of Law. February 27 - March 1, 2003. Berkeley, CA. For more information: http://www.law.berkeley.edu/institutes/bclt/drm/ Legal and Pedagogical Aspects of a Safer Internet. Safer Internet For Knowing and Living (SIFKaL). February 28, 2003. Kirchberg, Luxembourg. For more information: http://rechtsinformatik.jura.uni-sb.de/sifkal/ Spectrum Policy: Property or Commons? Stanford Law School Center for Internet and Society. March 1, 2003. For more information: http://cyberlaw.stanford.edu/spectrum/ P&AB's Privacy Practitioners' Workshop and Ninth Annual National Conference. Privacy & American Business. March 12-14, 2003. Washington, DC. For more information: http://www.pandab.org/postcard.pdf Big Brother Technologies. A Choices and Challenges Forum. Center for Interdisciplinary Studies, Virginia Polytechnic Institute and State University. March 27, 2003. Blacksburg, VA. For more information: http://www.cddc.vt.edu/choices/2003/ CFP2003: 13th Annual Conference on Computers, Freedom, and Privacy. Association for Computing Machinery (ACM). April 1-4, 2003. New York, NY. For more information: http://www.cfp2003.org/ 28th Annual AAAS Colloquium on Science and Technology Policy. American Association for the Advancement of Science. April 10-11, 2003. Washington, DC. For more information: http://www.aaas.org/spp/rd/colloqu.htm Integrating Government With New Technologies '03: E-Government, Change and Information Democracy. Riley Information Services. April 11, 2003. Ottawa, Canada. For more information: http://www.rileyis.com/seminars/ RSA Conference 2003. RSA Security. April 13-17, 2003. San Francisco, CA. For more information: http://www.rsaconference.com/ O'Reilly Emerging Technology Conference. April 22-25, 2003. Santa Clara, CA. For more information: http://conferences.oreilly.com/etcon/ Privacy2003. Technology Policy Group. September 30 - October 2, 2003. Columbus, OH. For more information: http://www.privacy2000.org/ ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via Web interface: http://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news Subscribe/unsubscribe via e-mail: To: epic_news-request@mailman.epic.org Subject line: "subscribe" or "unsubscribe" (no quotes) Help with subscribing/unsubscribing: To: epic_news-request@mailman.epic.org Subject: "help" (no quotes) Back issues are available at: http://www.epic.org/alert/ The EPIC Alert displays best in a fixed-width font, such as Courier. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information". Please contact info@epic.org if you would like to change your subscription e-mail address, if you are experiencing subscription/unsubscription problems, or if you have any other questions. ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, e-mail info@epic.org, http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate/ ======================================================================= Drink coffee, support civil liberties, get a tax deduction, and learn Latin at the same time! Receive a free epic.org "sed quis custodiet ipsos custodes?" coffee mug with donation of $75 or more. ======================================================================= Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ---------------------- END EPIC Alert 10.02 ---------------------- .