======================================================================= E P I C A l e r t ======================================================================= Volume 10.12 June 19, 2003 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/EPIC_Alert_10.12.html ====================================================================== Table of Contents ====================================================================== [1] Appeals Court Upholds DOJ's Secret 9/11 Arrests [2] Pentagon's TIA Oversight Board Grapples with Privacy Issues [3] EPIC Seeks CAPPS II Details; Congress Focuses on Program [4] European Data Protection Officials Release New Opinions [5] EPIC Testifies on Medical Privacy; FTC Examines Info Flows [6] EPIC Testifies on Cross Border Fraud [7] EPIC Bookstore: Privacy Journal [8] Upcoming Conferences and Events ====================================================================== [1] Appeals Court Upholds DOJ's Secret 9/11 Arrests ====================================================================== In a divided opinion issued on June 17, a three-judge panel of the U.S. Court of Appeals for the D.C. Circuit endorsed the Justice Department's efforts to keep secret the identities of hundreds of individuals detained after the September 2001 terrorist attacks. The decision, overturning a lower court ruling last August (see EPIC Alert 9.15), came in a Freedom of Information Act (FOIA) case in which EPIC is a plaintiff and co-counsel. The majority opinion, written by Judge David B. Sentelle, gives almost total deference to executive branch "national security" claims, even though DOJ relied on the FOIA's law enforcement exemption. "It is within the role of the executive to acquire and exercise the expertise of protecting national security," the majority concluded. "It is not within the role of the courts to second-guess executive judgments made in furtherance of that branch's proper role." The breadth of the court's rationale could effect future cases involving the government's anti-terrorism initiatives. In a dissenting opinion, Judge David Tatel wrote that the majority decision "eviscerates both FOIA itself and the principles of openness in government that FOIA embodies." He said that "the court's approach drastically diminishes, if not eliminates, the judiciary's role in FOIA cases that implicate national-security interests. Congress certainly could have written FOIA that way, but chose instead to require meaningful judicial review of all government exemption claims." The FOIA lawsuit was filed by the Center for National Security Studies, EPIC, and 21 other organizations, including the American Civil Liberties Union, Human Rights Watch and Amnesty International USA. The plaintiffs argued that the detentions constituted secret arrests that violated longstanding legal requirements compelling the government to account for the individuals it incarcerates. The Justice Department's Inspector General issued a report earlier this month that found "significant problems" with the detentions and sharply criticized the Department's handling of the detainees. The decision can be reviewed by the full appeals court or the U.S. Supreme Court, but such review is not mandatory. The court's decision is available at: http://www.epic.org/open_gov/foia/detainee-dccir.pdf The DOJ Inspector General's report is available at: http://www.fas.org/irp/agency/doj/oig/detainees.pdf Background information on the litigation is available at: http://www.epic.org/open_gov/foia/cnss_v_doj.html ====================================================================== [2] Pentagon's TIA Oversight Board Grapples with Privacy Issues ====================================================================== The Defense Department's Technology and Privacy Advisory Committee held its first public meeting today in Arlington, Virginia. In the midst of the Congressional debate concerning the Total Information Awareness program in January, the Secretary of Defense established the external board to review the controversial program. The move was seen as an attempt to deflect criticism of the initiative and to possibly limit Congressional scrutiny (see EPIC Alert 10.03). The board, chaired by Newton Minow, consists of several distinguished legal and intelligence experts selected by the Defense Secretary. At the meeting, DOD Under Secretary Michael Wynne acknowledged that the program's "marketing got ahead of itself" and said he hoped the Committee would assist the Department in restoring public confidence in what he described as a "mundane information technology project." The Committee's charter, however, directs it to address the question: "Should the Total Information Awareness (TIA) program's goal of developing technologies that may help identify terrorists before they act be pursued?" EPIC General Counsel David Sobel argued that the Committee should scrap the surveillance program unless it can ensure the American public that such a system can, at a minimum, 1) effectively protect against terrorist acts; 2) achieve its stated goal without generating false positives; 3) provide meaningful due process rights to affected individuals (particularly those incorrectly flagged); and 4) function in an open, unclassified manner. Sobel expressed profound skepticism about TIA meeting such a test, but he urged the Committee to engage in this inquiry with an open mind. He told the Committee it should be particularly sensitive about a system that purports to curtail terrorism by investigating prospective crimes that have not occurred by people who have not committed them. His testimony focused on the public's need to understand how the system would operate and what the consequences of being flagged as a potential suspect might entail. The Committee members attempted to grapple with what the surveillance program could and couldn't do. Floyd Abrams, a noted First Amendment lawyer who serves on the Committee, described three different models for understanding TIA's capability. The first was using TIA to collect information concerning specific threats and individuals based on hard intelligence information; the second was to use red teams or "imagineers" to come up with potential terrorist sceanarios and then to investigate them using TIA databases; and the third was to use TIA to sift through commericial and government databases to look for threats. Paul Rosenzweig of the Heritage Foundation argued that only the first model was an acceptable use of TIA and that it must be closely supervised to prevent mission creep. Stewart Baker, former General Counsel of the National Security Agency, urged the committee to move forward with the program by not placing any barriers that would obstruct the work of intelligence analysts. The meeting was divided into two panels. In the morning panel, members of the Markle Foundation Task Force provided their opinions to the Committee. The Markle Foundation, headed by Zoe Baird (who also serves on the Committee), issued a report last year on the use of information technology for intelligence. Jerry Berman of the Center for Democracy and Technology argued that with some civil liberties protections, the program could be made to work. Judith Miller, former General Counsel of the Defense Department, cautioned the Committee to pay attention to the posse comitatus statute and its potential policy implications if the Defense Department became involved in domestic surveillance activities. The Advisory Committee appears to be taking its task seriously. While several members expressed their interest in making the technology program work, several expressed interest in developing additional protections for civil liberties. They also sought greater clarity on the program's goals and how it might function, including describing the databases searched, and how it would incorporate due process rights. The Committee is due to submit a report to the Secretary of Defense within a year. Technology and Privacy Advisory Committee website: http://www.sainc.com/tapac Technology and Privacy Advisory Committee Charter: http://www.epic.org/privacy/profiling/tia/tapac-charter.pdf EPIC's TIA Web site: http://www.epic.org/privacy/profiling/tia ====================================================================== [3] EPIC Seeks CAPPS II Details; Congress Focuses on Program ====================================================================== EPIC filed suit on June 11 in the U.S. District Court seeking disclosure of information concerning the development of the government's controversial passenger profiling program. The lawsuit alleges that the Department of Homeland Security (DHS), Transportation Security Administration (TSA) and Department of Defense (DOD) have failed to comply with the disclosure requirements of the Freedom of Information Act. The lawsuit seeks the public release of documents concerning TSA's enhanced Computer Assisted Passenger Prescreening System (CAPPS II). In March, EPIC requested from TSA any privacy assessments of CAPPS II, and from DOD information concerning Pentagon involvement in the screening system. Neither agency has completed processing the requests, despite their agreement to "expedite" the process. DHS, as the parent department of TSA, is named as a defendant. It is believed that the lawsuit is the first FOIA case to be filed against the new homeland security agency. While TSA has repeatedly issued public assurances that privacy rights of air passengers will be respected, it has not disclosed any internal documents assessing the potential privacy or civil liberties impact of CAPPS II. Nor has the Pentagon revealed the extent of its technical assistance to TSA, despite an e-mail message from a top TSA official to Admiral John Poindexter seeking details about the Total Information Awareness system under development at Poindexter's Information Awareness Office within DOD. EPIC obtained a copy of that message through an earlier lawsuit against TSA. Meanwhile, Congressional oversight of CAPPS II is poised to expand rapidly. On June 17, the House Appropriations Committee approved an amendment to the Homeland Security Appropriations bill offered by Rep. Martin Sabo (D-MN). The Sabo amendment suspends funding to implement CAPPS II unless the Government Accounting Office submits a detailed report to Congress that shows, among other things, that TSA has developed a procedure that gives air travelers due process rights; the technology is effective; the error or false positive rate is not too high; and that there are operational safeguards against abuse. The amendment also requires the Department Homeland Security to create an internal oversight board and to comission a National Academy of Sciences study on the likely impact on privacy and civil liberties. Meanwhile in the Senate, Sen. Ron Wyden's (D-OR) amendment concerning CAPPS II was added to the Federal Aviation Administration's Reauthorization bill on June 12. The Wyden amendment is the same as the one added to the Air Cargo Security bill (see EPIC Alert 10.06), and would require the Secretary of Homeland Security, after consultation with the Attorney General, to submit a report in writing to the Senate Committee on Commerce, Science, and Transportation and Infrastructure on the potential impact of the CAPPS II initiative on the privacy and civil liberties of U.S. citizens. These two amendments have yet to be passed into law but suggest that Congress appears keen to exercise its oversight power. EPIC Press Release on CAPPS II Lawsuit: http://www.epic.org/privacy/airtravel/capps2-suit-pr.html E-mail exchange between TSA and Adm. John Poindexter: http://www.epic.org/privacy/profiling/tia/meetingscans.html Sabo Amendment, Homeland Security Appropriations: http://www.epic.org/privacy/airtravel/profiling/sabo.pdf Wyden Amendment, FAA Reauthorization: http://www.wyden.senate.gov/leg_issues/amendments/capps_amendment.pdf EPIC FOIA Documents Showing TSA "No-Fly" List Errors: http://www.epic.org/privacy/airtravel/foia/watchlist_analysis.html ====================================================================== [4] European Data Protection Officials Release New Opinions ====================================================================== The Data Protection Working Party (Article 29) released opinions on a variety of privacy issues including EU-US passenger data sharing and the Whois database. The Article 29 group is an independent European advisory body on data protection and privacy that was set up by the 1995 European Community Data Protection Directive (1995/46/EC). Among its tasks, the Article 29 group examines any question covering the application of EU Member States' measures adopted under EC privacy directives in order to contribute to their uniform application and gives the European Commission an opinion on the level of protection in the European Community and in third countries. It also advises the Commission on any proposed EC measures affecting natural persons' freedoms and rights with regard to the processing of their personal data. In an opinion released this week, the Article 29 group addressed the adequacy of the protection that the "Undertakings", an arrangement reached between the U.S. government and the European Commission to deal with passenger data sharing, and sought to establish a clear legal framework for such transfers to comply with data protection principles. The opinion acknowledges that combatting terrorism is a legitimate goal, but that passengers' right to privacy and data protection is a human right protected by major European legal instruments, including the European Convention on Human Rights, the Directive and the Charter of Fundamental Rights of the European Union. The opinion also discusses the possibility that U.S. surveillance programs, including Terrorism Information Awareness (TIA) and the Computer Assisted Passenger Pre-Screening System (CAPPS II), raise the risk of "generalized surveillance and controls by a third State." The Article 29 group also released an opinion on the application of the European Community data protection principles to Whois directories. Whois information is the data individuals or companies have given to domain name registrars in connection with the registration of a domain name. It may include information such as the name of the contact-point for the domain name, phone number, e-mail address and other personal data. As a growing number of domain name registrants are private persons, more and more complaints have been voiced regarding the improper use of Whois data. The Article 29 group makes it clear that current use and management of Whois directories is not in line with several data protection principles. For instance, the use of such data by intellectual property right owners to police activities related to alleged breaches of their rights contradicts the purpose specification principle (data cannot be used later for purposes different from the original purpose for which the data was collected); individuals can not be forced to have their name, telephone number and other associated personal data published online; and the use of Whois data for reverse directories, multi-criteria searching services, and bulk access for direct marketing purposes is unfair and unlawful if the individual's unambiguous and informed consent is not obtained beforehand. Article 29 Opinion on Whois Database: http://www.epic.org/redirect/whois_opinion.html Article 29 Opinion on EU-US Passenger Data Sharing: http://www.epic.org/redirect/wp29_passenger_opinion.html EPIC EU-US Airline Passenger Data Disclosure web page: http://www.epic.org/privacy/intl/passenger_data.html EPIC Whois web page: http://www.epic.org/privacy/whois/ ====================================================================== [5] EPIC Testifies on Medical Privacy; FTC Examines Info Flows ====================================================================== The House Committee on Financial Services explored the role of the Federal Credit Reporting Act (FCRA) in employee background checks and the collection of medical information at a hearing on June 17. EPIC Executive Director Marc Rotenberg testified on the need to ensure that strong safeguards exist so that personal medical information is not discernable in an individual's credit report. Other panelists included insurance company representatives, a representative from the American Bankers Association and the Health Policy Institute at Georgetown University. EPIC's testimony argued in favor of strengthening reporting accuracy and easing an individual's ability to correct errors on their credit report. In addition, EPIC urged the Committee to allow the state preemption loophole in the FCRA to expire so that states have the freedom to protect the interests of citizens. Rotenberg provided the Committee with an example of how medical information may find its way into one's credit report, emphasizing the need to protect such medical information. The example was that of the woman who has taken out credit with a neonatal clinic to pay for fertility testing. One of the lines on her credit report would likely reveal the name of the clinic and anyone with access to her report would know of these medical payments. Although it would not legally be a basis for denying a hire, a potential employer might infer that the woman might want to begin a family soon. Rotenberg emphasized that this issue should be of particular concern to the Committee because employers are increasingly using background checks on potential and current employees. Additionally, landlords are using credit reports to screen potential renters, and even health clubs are using credit reports as a means of evaluating applications for membership. The insurance industry representatives supported extending the federal preemption clause of the Act since, in his view, sufficient safeguards for protecting medical information was in place. Banking industry representative also expressed support for federal preemption to provide regulatory consistency and noted that sometimes medical information is relevant to credit worthiness. In comments submitted to the Federal Trade Commission's Information Flows Workshop on June 18, EPIC argued that there is strong support for Fair Information Practices to address business uses of personal information. The comments detail how businesses have used personal information to limit consumer choice, to raise prices, and to engage in fraud. Additionally, the comments question the integrity of industry-funded academics who have employed dubious research methods and specious arguments to stymie privacy regulations. One of the panelists on the Workshop, Privacy Times Editor Evan Hendricks, reported a new risk from information flows related to prescreened offers of credit: criminal syndicates are targeting recipients of prescreened credit card and convenience checks for identity theft. These offers are sent on an opt-out basis, and are often stolen from mailboxes by identity thieves. Individuals can opt-out of these solicitations by calling 1-888-5OPTOUT and pressing 2, and then 2 again. EPIC's Testimony on Medical Privacy and FCRA: http://www.epic.org/privacy/medical/fcratestimony6.17.03.pdf EPIC Fair Credit Reporting Act page: http://www.epic.org/privacy/fcra/ EPIC Preemption page: http://www.epic.org/privacy/preemption/ EPIC Comments for FTC Information Flows Workshop: http://www.epic.org/privacy/profiling/infoflows.html ====================================================================== [6] EPIC Testifies on Cross Border Fraud; New OECD Guidelines ====================================================================== On June 13, EPIC Executive Director Marc Rotenberg testified at a Senate Commerce Subcommittee hearing on cross border consumer fraud and the reauthorization of the Federal Trade Commission (FTC). The FTC requested broad new powers in a proposed bill that would help combat the onslaught of unsolicited commercial e-mail and consumer fraud originating from outside U.S. borders. The proposed bill establishes a legal framework for the FTC to conclude international agreements and develop closer co-operation with law enforcement agencies and consumer protection agencies worldwide. Rotenberg testified in support of closer cooperation with foreign law enforcement agencies in fraud investigations, but he recommended that the bill be revised to ensure that democratic values, including privacy, government accountability and transparency, were duly incorporated. He argued that the FTC proposal created too few restrictions on the disclosure of information concerning individuals and entities within the United States. He criticized the provisions that would allow the government to gain access to financial and electronic information without having to notify the target of the investigation. Rotenberg also pointed out that the bill would create a new exemption from some open record obligations under the Freedom of Information Act, leading to less public transparency of the FTC's work. Finally, he argued that the FTC and foreign law enforcement agencies should not have access to the FBI's National Crime Information Center (NCIC), the nation's most extensive computerized criminal history database, particularly after the FBI announced that it would no longer adhere to the Privacy Act requirement of maintaining accurate information in the NCIC. This last provision was dropped in the final version of the bill that was introduced by Senators McCain and Smith. On an earlier panel, the four FTC commissioners testified about the performance of the FTC in fulfilling its mission relating to consumer protection. The main issue discussed at the hearing was the work FTC was doing to help consumers fight spam. The Senators were eager to have the FTC commit significant resources to rein in spammers. The commissioners testified that the new bill would allow the FTC to investigate deceptive spammers more effectively with the help of foreign law enforcement agenices. The commissioners were also questioned about what the FTC was doing to monitor businesses' privacy policies on the Internet. On June 17, the Organization for Economic Cooperation and Development (OECD) and the FTC held a joint press conference on the new OECD cross border fraud guidelines, which call upon member countries to cooperate in fighting fraudulent and deceptive commercial practices occurring in connection with business to consumer transactions. The guidelines call for member countries to improve their ability to co-operate in combating cross-border fraudulent and deceptive commercial practices, and co-ordinate their consumer protection investigations and enforcement activity. The guidelines also call for member countries to take appropriate steps to maintain the necessary confidentiality of information exchanged under these guidelines, in particular in sharing confidential business or personal information. EPIC's Testimony on Cross Border Fraud: http://www.epic.org/ftc/epic_testimony_june_2003.pdf International Consumer Protection Enforcement Bill (S. 1234): http://thomas.loc.gov/cgi-bin/bdquery/z?d108:s.01234: New OECD Cross Border Fraud Guidelines: http://www.ftc.gov/opa/2003/06/oecdcrossborderfraudguidelines.pdf ====================================================================== [7] EPIC Bookstore: Privacy Journal Survey of State and Federal Laws ====================================================================== Privacy Journal Survey of State and Federal Privacy Laws, 2003 Update Privacy Journal has published the latest supplement to its "Compilation of State and Federal Privacy Laws," showing a huge increase in state anti-spam laws and do-not-call telemarketing laws. A total of 34 states have passed new laws limiting bulk electronic-mail advertising, according to Privacy Journal's new listing, which includes a description and legal citation for each law. Most states require that "spam" be labeled as advertising and provide a means to get off an e-mail ad list. Other laws are more stringent, making some "spam" a crime or requiring ad advertiser to consult a do-not-e-mail list maintained by the state. The Compilation of State and Federal Privacy Laws 2003 Supplement lists shows 26 state laws requiring telemarketers to consult a state-maintained do-not-call list. Some state lists will be merged with a new federal database beginning in late summer this year. The supplement also shows additional state privacy laws prohibiting discrimination based on genetic testing or punishing identity theft. "Even in a time of intense concern about homeland safety, states are enacting laws restricting the use of personal information and restricting intrusions in person's homes," said Robert Ellis Smith, publisher of Privacy Journal and author of the collection of state laws. "For three years only the three states with the most Internet activity -- California, Virginia, and Washington -- had anti-spam laws, but now nearly three-quarters of the states have enacted some limits." Privacy Journal is an independent newsletter on privacy in the computer age, published monthly since 1974. Order information: The book and 2003 supplement are available for $31 plus $4 handling from Privacy Journal, PO Box 28577, Providence RI 02908, 401/274-7861, fax 401/274-4747. The 2003 supplement costs $21 plus $4. For more information visit http://www.privacyjournal.net. ================================ EPIC Publications: "The Privacy Law Sourcebook 2002: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2002). Price: $40. http://www.epic.org/bookstore/pls2002/ The "Physicians Desk Reference of the privacy world." An invaluable resource for students, attorneys, researchers and journalists who need an up-to-date collection of U.S. and International privacy law, as well as a comprehensive listing of privacy resources. ================================ "FOIA 2002: Litigation Under the Federal Open Government Laws," Harry Hammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price: $40. http://www.epic.org/bookstore/foia2002/ This is the standard reference work covering all aspects of the Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and the Federal Advisory Committee Act. The 21st edition fully updates the manual that lawyers, journalists and researchers have relied on for more than 25 years. For those who litigate open government cases (or need to learn how to litigate them), this is an essential reference manual. ================================ "Privacy & Human Rights 2002: An International Survey of Privacy Laws and Developments" (EPIC 2002). Price: $25. http://www.epic.org/bookstore/phr2002/ This survey, by EPIC and Privacy International, reviews the state of privacy in over fifty countries around the world. The survey examines a wide range of privacy issues including data protection, telephone tapping, genetic databases, video surveillance, location tracking, ID systems and freedom of information laws. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0/ A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ "The Consumer Law Sourcebook 2000: Electronic Commerce and the Global Economy," Sarah Andrews, editor (EPIC 2000). Price: $40. http://www.epic.org/cls/ The Consumer Law Sourcebook provides a basic set of materials for consumers, policy makers, practitioners and researchers who are interested in the emerging field of electronic commerce. The focus is on framework legislation that articulates basic rights for consumers and the basic responsibilities for businesses in the online economy. ================================ "Cryptography and Liberty 2000: An International Survey of Encryption Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price: $20. http://www.epic.org/crypto&/ EPIC's third survey of encryption policies around the world. The results indicate that the efforts to reduce export controls on strong encryption products have largely succeeded, although several governments are gaining new powers to combat the perceived threats of encryption to law enforcement. ================================ EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at: EPIC Bookstore http://www.epic.org/bookstore/ "EPIC Bookshelf" at Powell's Books http://www.powells.com/features/epic/epic.html ====================================================================== [8] Upcoming Conferences and Events ====================================================================== June 23-27, 2003. Partenit, Crimea, Ukraine. For more information: http://www.itb.conferen.ru/eng/info_e.html Press Freedom on the Internet. The World Press Freedom Committee. June 26-28, 2003. New York, NY. For more information: mgreene@wpfc.org Building the Information Commonwealth: Information Technologies and Prospects for Development of Civil Society Institutions in the Countries of the Commonwealth of Independent States. Interparliamentary Assembly of the Member States of the Commonwealth of Independent States (IPA). June 30-July 2, 2003. St. Petersburg, Russia. For more information: http://www.communities.org.ru/conference/ O'Reilly Open Source Convention. July 7-11, 2003. Portland, OR. For more information: http://conferences.oreilly.com/oscon/ 1st Global Conference: Visions of Humanity in Cyberculture, Cyberpunk and Science Fiction. August 11-13, 2003. Prague, Czech Republic. For more information: http://www.inter-disciplinary.net/vhccsf03cfp.htm Integrating Privacy Into Your Overall Business Strategy: Complying with Privacy Legislation for Competitive Advantage. International Quality and Productivity Centre (IQPC Canada). July 9-10, 2003. Toronto, Canada. For more information: http://www.iqpc-canada.com/NA-1987-01 Chaos Communication Camp 2003: The International Hacker Open Air Gathering. Chaos Computer Club. August 7-10, 2003. Paulshof, Altlandsberg, Germany. For more information: http://www.ccc.de/camp/ WWW2003: 5th Annual Conference on World Wide Web Applications. Department of Information Studies, Rand Afrikaans University, and the Department of Information Systems and Technology, University of Durban-Westville. September 10-12, 2003. Durban, South Africa. For more information: http://www.udw.ac.za/www2003/ Making Intelligence Accountable, Oslo, Norway September 19-20, 2003. The Geneva Centre for the Democratic Control of Armed Forces. For more information: http://www.dcaf.ch/news/Intel%20Acct_Oslo%200903/ws_mainpage.html Privacy2003. Technology Policy Group. September 30-October 2, 2003. Columbus, OH. For more information: http://www.privacy2000.org/privacy2003/ ====================================================================== Subscription Information ====================================================================== Subscribe/unsubscribe via Web interface: http://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news Subscribe/unsubscribe via e-mail: To: epic_news-request@mailman.epic.org Subject: "subscribe" or "unsubscribe" (no quotes) Automated help with subscribing/unsubscribing: To: epic_news-request@mailman.epic.org Subject: "help" (no quotes) Problems or questions? e-mail info@epic.org Back issues are available at: http://www.epic.org/alert/ The EPIC Alert displays best in a fixed-width font, such as Courier. ====================================================================== Privacy Policy ====================================================================== The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information". Please contact info@epic.org if you would like to change your subscription e-mail address, if you are experiencing subscription/unsubscription problems, or if you have any other questions. ====================================================================== About EPIC ====================================================================== The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, e-mail info@epic.org, http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate/ Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ---------------------- END EPIC Alert 10.12 ---------------------- .