EPIC logo




=======================================================================
                            E P I C  A l e r t
=======================================================================
Volume 11.10                                               May 29, 2004
-----------------------------------------------------------------------

                             Published by the
               Electronic Privacy Information Center (EPIC)
                             Washington, D.C.

            http://www.epic.org/alert/EPIC_Alert_11.10.html

======================================================================
Table of Contents
======================================================================

[1] Freedom 2.0 Examines Distributed Democracy
[2] Senator Leahy Receives EPIC Champion of Freedom Award
[3] Italian Official Offers European Perspective on Privacy
[4] Vint Cerf Discusses Privacy and the Internet
[5] Oversight Groups Issue Reports on Government Data Mining
[6] News in Brief
[7] EPIC Bookstore: The Public Voice WSIS Sourcebook
[8] Upcoming Conferences and Events

======================================================================
[1] Freedom 2.0 Examines Distributed Democracy
======================================================================

EPIC hosted an international gathering of privacy advocates,
academics, technologists, media representatives and policymakers at
"Freedom 2.0: Distributed Democracy," held at the Washington Club May
21-22, 2004 in Washington, DC.  The two-day policy conference featured
panels, keynote presentations, and workshops on wide-ranging topics
such as transparency, government oversight, the Public Voice, privacy
activism, anonymity and identity, and trustworthy computing.

One notable highlight was the panel discussion "Surveillance Post
9-11," which examined where the line should be drawn between the
government's need to known and citizens' right to privacy.  Jerry
Kang, Visiting Professor at Georgetown Law Center, challenged the
underlying assumption that knowledge creates security.  Kang suggested
that social experience dictates what each person perceives as accepted
facts, which heavily influences our perceptions of who is or who is
not trustworthy.  The "in group" and the "out group" categorizations
of people within society are often not based on observations unique to
each encounter, but may be filtered by complex notions of race,
ethnicity, and now religious affiliation.  He pointed out that history
is a great teacher in this respect and that these lessons can be
helpful in directing policy regarding security today.

Judith Krug, Director of the American Library Association's Office of
Intellectual Freedom, recounted the experience of librarians who have
found themselves at the center of the privacy and security debate
after the passage of the Patriot Act.  Section 215 of the
anti-terrorism law forces librarians to comply with FBI agent's
request to access library patron files without a court order.  The
reaction to this provision of the Patriot Act by a majority of
librarians has been extremely negative, which prompted Attorney
General Ashcroft to characterize them as "hysterical."

Dr. Amitai Etzioni, Founder and Director of the Communitarian Network,
stated that some issues that are part of the privacy and security
debate are discussed only for emotional impact, though members of the
audience during the question and answer phase following the panel
presentation disagreed that issues should be avoided because they are
difficult.  Bruce Schneier, Chief Technical Officer of Counterpane
Internet Security, offered a technologist's perspective by saying that
increasingly automated security needs the active participation of
well-trained people.  Technology that seeks to anticipate terrorist
activity is a very challenging objective.  He cautioned that people
need to think carefully about the privacy consequences of a technology
dependent surveillance society.

For a look at the program and other panel topics, see the Freedom 2.0
web site:

     http://epic04.org/schedule/index.htm

======================================================================
[2] Senator Leahy Receives EPIC Champion of Freedom Award
======================================================================

On May 20, 2004, EPIC honored Senator Patrick Leahy with the Champion
of Freedom Award for his work to safeguard civil liberties, protect
privacy, and promote open government.

Senator Leahy, who hails from Burlington, Vermont, was elected in 1974
to the United States Senate at age 34 -- the youngest senator ever
elected from his state.  He remains the only Democrat elected to this
office from Vermont and is now serving his fifth term.

Sometimes referred to as the "cyber senator," Senator Leahy has for
years actively promoted legislation associated with the Internet.  He
was one of the first members of Congress to go online and in 1995
became the second senator to post a homepage.  His web site has been
consistently lauded as one of the Senate's best.  A leading Internet
magazine has dubbed Senator Leahy the most "Net-friendly" member of
Congress.

Senator Leahy has taken the lead on many privacy issues, including
Internet and medical records privacy.  He held Congress' first hearing
in 1994 on privacy issues related to electronic medical records. He is
also a champion of open government and worked to update the Freedom of
Information Act to ensure public access to government records in new
electronic formats.

In the immediate aftermath of the 9/11 terrorist attacks, Senator
Leahy headed the Senate's negotiations on the anti-terrorism bill that
became the USA PATRIOT Act.  He added checks and balances to the
proposed law to protect civil liberties, as well as provisions which
he authored to triple staffing along the US-Canada border, to
authorize domestic preparedness grants to states, and to facilitate
the hiring of new Federal Bureau of Investigation translators.

Senator Leahy's web site:

     http://leahy.senate.gov

======================================================================
[3] Italian Official Offers European Perspective on Privacy
======================================================================

Italian Privacy Commission official Giovanni Buttarelli delivered a
keynote address entitled "Promoting Freedom and Democracy: a European
perspective" at "Freedom 2.0: Distributed Democracy."  First speaking
about some of the differences between the U.S. and EU data protection
regimes, Buttarelli explained that the right to data protection in the
EU is becoming a statutory requirement, as several EU member states'
laws as well as the European Charter of fundamental rights have made
it an autonomous right and have committed its safeguard to autonomous
and independent authorities, the privacy commissioners.  He urged law
enforcement authorities to pay greater attention than in the past to
how huge databases have to be proportionate to the purposes police and
security agencies seek them for, to limit the amount of data
collected, the period of data retention, and to determine the entities
that can access those data.

Talking about hot privacy issues common to the EU and the U.S.,
Buttarelli argued for a public debate on the Cybercrime Convention now
that ratification and transposition into national law are on the
agenda of an increasing number of countries.  The U.S. government
signed the Convention two years ago and its ratification will soon be
discussed in the Senate.  In this regard, Buttarelli's main critique
focused on the fact that signatory countries that do not belong to the
Council of Europe (such as the United States) do not have to comply
with stringent obligations resulting from international data
protection instruments such as the 1981 Council of Europe Convention
No. 108 on Privacy.  Although contracting parties may make different
choices at the national level when transposing the Convention, he
said, they will nevertheless be bound to provide mutual assistance to
foreign law enforcement authorities.

Buttarelli then compared a pending decision by the Council of the EU
on passenger screening with the recent EU-US passenger name records
(PNR) that the U.S. Department of Homeland Security, the European
Commission and the Council of the EU recently brokered.  The European
proposal better protects travellers' privacy interests, he explained,
because it strictly limits the amount of passengers' records disclosed
to customs authorities, restricts the collection and use to legitimate
and relevant purposes (such as border control), and limits data
retention periods to 24 hours.  The PNR agreement was likened to a
"stillborn child . . . imposed from above" because of a serious lack
of institutional cooperation between the European authorities and the
European Parliament -- the EU's only elected body.  Buttarelli
criticized the current agreement as trusting technology and databases
to solve problems that require instead wholly different and
broad-minded approaches, and made it clear that, while the agreement
recognizes on one hand the importance of fundamental rights and
freedoms, it does not provide concrete safeguards for these rights.

Giovanni Buttarelli's speech is available at:

     http://www.epic.org/privacy/intl/buttarelli-052104.html

For more information about the PNR agreement between the U.S. and EU,
see EPIC's EU-US Airline Passenger Data Disclosure Page:

     http://www.epic.org/privacy/intl/passenger_data.html

======================================================================
[4] Vint Cerf Discusses Privacy and the Internet
======================================================================

Vint Cerf, Chairman of the Internet Corporation for Assigned Names and
Numbers (ICANN), spoke recently at "Freedom 2.0: Distributed
Democracy."  Declan McCullagh, Washington Bureau Chief for News.com,
interviewed Cerf, who also took questions from the audience. In his
discussion of the future of the Internet, Cerf repeatedly stressed the
importance of privacy protection in Internet policy implementation. He
began by discussing the growing ICANN budget, since this year the
California non-profit is proposing a $16 million budget, almost twice
last year's figure.  The growth of ICANN is especially notable as the
role of the organization itself is constantly called into question.
ICANN is increasingly threatened by both intergovernmental policy
developments such as the United Nations Internet Governance Working
Group (currently being established under the mandate of the World
Summit on the Information Society) and by domestic lawsuits, such as
one by VeriSign asserting a claim of antitrust violations (which was
recently dismissed).  Cerf stated the large budget increase was
necessary as the issues and procedures the organization manages become
more complex, such as the delegation of top-level domains.  He stated
that while ICANN is growing, the organization is extremely transparent
and democratic, always making documents open to the public and
available on the web site.  Cerf challenged the audience to name a
more open organization.

A significant portion of Cerf's speech and the discussion period that
followed addressed the WHOIS database, a public directory of domain
registrant data available and searchable online.  Currently,
registrants must enter information as personal as name, address,
telephone number, and e-mail address in addition to technical contact
information, all of which can be found on the public WHOIS database
online.  Cerf acknowledged the privacy risks of the WHOIS database.
Privacy experts warn that in addition to obstructing free speech
rights, the availability of this information makes registrants
vulnerable to those interested in spamming, committing identity theft,
and even stalking.  ICANN is currently in the middle of a Policy
Development Process with three task forces assigned to create a policy
on the WHOIS database.

One concern in the policy development is that the WHOIS database may
actually violate international data protection laws.  At a recent
ICANN meeting, a representative from the European Commission suggested
that if the original purpose of the WHOIS database is purely
technical, the rights of access to and collection of that information
pertain solely to that original purpose.  In his speech, Cerf
confirmed directly that the original purpose of WHOIS was indeed
purely technical.  This means that under European law, technical users
would be the only ones with a legitimate claim to the information.
While intellectual property lawyers and law enforcement officials
claim the WHOIS database must retain all its current data in its
public form as a resource for their investigations, Cerf's
confirmation that the WHOIS database was originally created for
technical purposes makes it clear that such claims to the database
would be inconsistent with its original purpose.

Cerf also discussed the upgrade from Internet Protocol version 4 to
Internet Protocol version 6, a change that will mean increasing the
address space from 32 bits to 128 bits.  While this change is positive
and even necessary to accommodate additional IP addresses, there has
been concern over privacy risks associated with IPv6.  The concern is
specific to Media Access Control (MAC) and the persistence of a unique
MAC identifier. Cerf assured the audience that for IPv6, provisions
have been made to enable users to change their MAC address and avoid a
persistent unique MAC identifier.

Cerf was asked about the application of the FBI's wiretap rules to new
Internet services, such as Voice over Internet Protocol.  He said at
first that it seemed reasonable to apply rules to the Internet similar
to those that had been applied to the telephone network, but he asked
EPIC Executive Marc Rotenberg for his views.  Rotenberg explained that
there were two objections to the FBI proposal.  First, he explained
that when the legislation for the telephone network was considered in
1994, there was a principled objection from privacy experts that
federal wiretap law had always regulated government conduct and should
not be used to coerce private parties by, for example, requiring
telephone companies to make their networks wiretap-friendly.  He said
that although Congress rejected this view when it passed the
Communications Assistance for Law Enforcement Act, it is still the
correct interpretation of the Fourth Amendment principles that
underpin federal wiretap law.

Rotenberg also explained that even though Congress accepted the FBI's
argument in 1994 for wiretapping the telephone network, Congress also
made clear that the law simply covered telephony and could not be
applied prospectively to Internet-based services without further
legislation.  He described the current efforts of the FBI to push the
proposal forward through the Federal Communications Commission as
"incredibly ambitious and without legal basis."

Cerf concluded the discussion by stating that privacy protection is
critical in these areas.  He feels this is particularly the case as
the online population grows.  Cerf commended EPIC for its work
protecting the privacy of Internet users over the last 10 years.

ICANN:

     http://www.icann.org

For more information about Vint Cerf, see his web site:

     http://global.mci.com/us/enterprise/insight/cerfs_up

For more information about Internet governance, see The Public Voice
web site:

     http://www.thepublicvoice.org

======================================================================
[5] Oversight Groups Issue Reports on Government Data Mining
======================================================================

Two government oversight entities have released reports on the
government's use of technology to examine personal information about
people to detect suspicious activity, also known as data mining.

The General Accounting Office recently issued a survey of data mining
projects throughout the government, concluding that data mining
activity is expansive.  The report found that 52 of the 128 federal
agencies currently engage or plan to engage in data mining.  Further,
of the nearly 200 data mining projects are either underway or planned
throughout the federal government, 122 involve the use of personal
information, and 46 involve the sharing of personal information among
agencies. The report also found that 54 projects utilize personal
information provided by privacy companies, 36 of which involved
personal information such as credit reports and credit card
transactions.

Senator Daniel Akaka, the Congressman who requested the study, urged
in response to the report, "It is time that we review agency practices
and existing law to ensure that the privacy rights of individuals are
not violated through the development of new technology."

A second report on government data mining was recently released by the
Technology and Privacy Advisory Committee, which was established to
review Defense Department data mining initiatives after Congress
killed funding for the Total Information Awareness program last year.
The Committee found that "data mining is a vital tool in the fight
against terrorism, but when used in connection with personal data
concerning U.S. persons, data mining can present significant privacy
issues."  Accordingly, the Committee made several recommendations to
safeguard civil liberties in Department of Defense data mining
programs, such as the establishment of a regulatory framework to
govern data mining involving information of U.S. persons and numerous
oversight mechanisms.

Notably, the Committee also suggested a series of government-wide
protections for individuals, such as the passage of laws to protect
civil liberties when the government sifts through computer databases
containing personal information.  The Committee further proposed that
federal agencies be required to obtain authorization from a special
federal court "before engaging in data mining with personally
identifiable information concerning U.S. persons."

The General Accounting Office, "Data Mining: Federal Efforts Cover a
Wide Range of Uses":

     http://www.epic.org/privacy/profiling/gao_dm_rpt.pdf

The Technology and Privacy Advisory Committee, "Safeguarding Privacy
in the Fight Against Terrorism":

     http://www.epic.org/privacy/profiling/tia/tapac_report.pdf

The Technology and Privacy Advisory Committee web site:

     http://www.sainc.com/tapac/index.asp

For more information about the Total Information Awareness program,
see EPIC's Total Information Awareness Page:

     http://www.epic.org/privacy/profiling/tia

=====================================================================
[6] News in Brief
======================================================================

COALITION URGES RESTRICTED USE OF MEDICAL DATA IN CREDIT DECISIONS

On May 24, 2004, EPIC joined a coalition of privacy advocacy
organizations to file comments with five federal agencies which issued
a proposed regulation under the Fair and Accurate Credit Transactions
Act.  The Act, an amendment to the Fair Credit Reporting Act, creates
new restrictions on the manner in which creditors, such as banks and
credit unions, can obtain and use medical information.  Generally, the
Act prohibits creditors from obtaining or using medical information
about a consumer to determine whether the consumer is eligible for
credit.  The Act also defines fairly narrow exceptions under which
creditors may obtain and use medical information.  The coalition
supported the regulation's general prohibition on creditors obtaining
or using medical information about a consumer in connection with
deciding whether the consumer is eligible for credit.  The comments
urged that financial institutions not be permitted to routinely
request consent to obtain medical information and that affiliate
sharing be limited.

The text of the coalition comments is available at:

     http://www.epic.org/privacy/medical/facta_comments.pdf

For more information about privacy of medical information, see EPIC's
Medical Privacy Page:

     http://www.epic.org/privacy/medical

For more information about the Fair Credit Reporting Act, see EPIC's
FCRA Page:

     http://www.epic.org/privacy/fcra


ICELAND'S SUPREME COURT STRIKES DOWN HEALTH DATABASE ACT

In a landmark decision, Iceland's Supreme Court has ruled that the
Health Database Act of 1998 does not comply with the country's
constitutional privacy protections.  The Act authorized the creation
and operation of a centralized database of non-personally identifiable
health data, with the aim of increasing knowledge and improving health
and health services.  The Act was challenged in court by Ragnhildur
Gudmundsdottir, who wanted to prevent the transfer of her deceased
father's medical records into the database.  The Court ruled that Ms.
Gudmundsdottir could not opt out of the database on behalf of her
father.  However, she could prevent the transfer of the records
because it is possible to infer information about her from the
information related to her father's hereditary characteristics.  The
Court further ruled that removing or encrypting personal identifiers
such as name and address is not sufficient to prevent identification
of individuals, who might be identified from a combination of factors
such as age, municipality of residence, marital status, education and
profession, combined with the specification of a particular medical
condition.  The Court ruled that the obligation to protect privacy,
imposed on the legislature by the Icelandic constitution, could not be
replaced by various forms of monitoring entrusted to public agencies
and committees.

The opinion is available at:

     http://www.epic.org/privacy/genetic/iceland_opinion.pdf

For more information about genetic databanks, see EPIC's Genetic
Privacy Page:

     http://www.epic.org/privacy/genetic


SUPREME COURT REFUSES TO HEAR PRIVACY ACT CASES

The United States Supreme Court has decided not to review two cases
that held that federal agencies' release of personal information did
not violate the Privacy Act.  In the first case, Robinett v. State
Farm Mutual Automobile Insurance Company, the Fifth Circuit Court of
Appeals determined that the Department of Veteran Affairs had not
"intentionally and willfully, and with flagrant disregard" released
Jerry L. Robinett's court-ordered medical records such that he could
maintain a lawsuit under the Privacy Act.

The Supreme Court also declined to review Buckley v. Meis, a case in
which the Ninth Circuit Court of Appeals rejected a claim that a
supervisor's intra-agency disclosure that an employee sought
assistance from an employee assistance program violated the Privacy
Act.  The Ninth Circuit concluded that that the agency properly cited
an exception to the Privacy Act providing for disclosure to "officers
and employees of the agency which maintains the record who have need
for the record in the performance of their duties."

The Supreme Court's web site:

     http://www.supremecourtus.gov


GMAIL BILL PASSES CA SENATE, PROCEEDS TO ASSEMBLY

A weakened version of SB 1822, a bill that originally required consent
of both senders and recipients before a company could scan the
contents of an e-mail for marketing purposes, passed the California
Senate by a 25-8 vote this week.  The bill, introduced by Senator Liz
Figueroa (D-Fremont), will allow service providers to review e-mail
for automated, contemporaneous display of advertisements.  Providers
cannot retain any personal information derived from the e-mail or
allow natural persons to view the messages.  The bill also requires
providers to delete messages permanently so that they are
irretrievable.

The text of SB 1822 is available at:

     http://www.epic.org/redirect/gmail_bill.html


TELEMARKETERS APPEAL DO-NOT-CALL DECISION

The American Teleservices Association, a trade group representing
telemarketers, has petitioned the Supreme Court to review the decision
of the 10th Circuit Court of Appeals that upheld the constitutionality
of the telemarketing Do-Not-Call Registry (see EPIC Alert 11.04).  The
Association argues in its petition that commercial speech has
increasingly been regulated impermissibly in the name of privacy
protection.  The government must reply to the petition by June 17,
2004.

In recent years, direct marketers and data brokers have appealed many
pro-privacy court decisions to the Supreme Court, but none has been
granted review.  The high court was petitioned unsuccessfully in Moser
v. FCC, a case upholding the opt-in provisions of the Telephone
Consumer Protection Act; in Trans Union v. FTC, a case upholding the
Fair Credit Reporting Act; in Nixon v. American Blast Fax, a case
upholding a flat ban on unsolicited fax spam; and in Anderson v.
Treadwell, a challenge to a New York "anti-blockbusting" law that
allowed homeowners to opt-out of solicitations designed to churn the
housing market by highlighting racial influx in the neighborhood.

American Teleservices Association Petition on the Do-Not-Call Registry
Case:

     http://www.ataconnect.org/documents/PetitionforWrit.pdf

Supreme Court Docket in Mainstream Marketing Services, Inc. v. FTC:

     http://www.supremecourtus.gov/docket/03-1552.htm


AMNESTY INTERNATIONAL RELEASES 2004 ANNUAL REPORT

Amnesty International has released a 339-page annual report providing
data on human rights violations carried out by governments in 2003 in
155 countries.  The 2004 release includes an analysis of the activity
of more than 175 armed groups over the previous four years, and
denounces them, as well as governments, for unleashing weapons of
terror -- direct and indiscriminate attacks and torture -- on civilian
populations worlwide.  Governments are criticized for committing many
of the same violations armed groups employed and for justifying their
response as initiatives in the "war on terror."

The report is available at:

     http://web.amnesty.org/report2004/index-eng

======================================================================
[7] EPIC Bookstore: The Public Voice WSIS Sourcebook
======================================================================

The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society (EPIC 2004).

     http://www.epic.org/bookstore/pvsourcebook

The Public Voice WSIS Sourcebook has been compiled to further a
dialogue on the issues, the outcomes, and the process of the World
Summit on the Information Society (WSIS).  Beginning in 2003 and
continuing through 2005, the UN WSIS will seek the views of national
governments, private sector organizations and civil society, on the
opportunities presented by information and communications
technologies.  This publication is intended to promote understanding of
the WSIS and encourage greater civil society participation in the
current phase of the Summit.

The WSIS Sourcebook includes the official UN documents, regional and
issue-oriented perspectives, as well as recommendations and proposals
for future action.  The Public Voice WSIS Sourcebook also provides a
useful list of resources and contacts for individuals and
organizations that wish to become more involved in the WSIS process.
The Public Voice (www.thepublicvoice.org) is a project of the
Electronic Privacy Information Center (EPIC), established to promote
public participation in policy making on issues ranging from privacy
and free expression to consumer protection and Internet governance.

                     ================================

EPIC Publications:

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.
http://www.epic.org/bookstore/pvsourcebook

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS).  This
reference guide provides the official UN documents, regional and
issue-oriented perspectives, as well as recommendations and proposals
for future action, as well as a useful list of resources and contacts
for individuals and organizations that wish to become more involved in
the WSIS process.

                     ================================

"The Privacy Law Sourcebook 2003: United States Law, International
Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2003).
Price: $40. http://www.epic.org/bookstore/pls2003

The "Physicians Desk Reference of the privacy world."  An invaluable
resource for students, attorneys, researchers and journalists who need
an up-to-date collection of U.S. and International privacy law, as
well as a comprehensive listing of privacy resources.

                     ================================

"FOIA 2002: Litigation Under the Federal Open Government Laws," Harry
Hammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price: $40.
http://www.epic.org/bookstore/foia2002

This is the standard reference work covering all aspects of the
Freedom of Information Act, the Privacy Act, the Government in the
Sunshine Act, and the Federal Advisory Committee Act.  The 21st
edition fully updates the manual that lawyers, journalists and
researchers have relied on for more than 25 years.  For those who
litigate open government cases (or need to learn how to litigate
them), this is an essential reference manual.

                     ================================

"Privacy & Human Rights 2003: An International Survey of Privacy Laws
and Developments" (EPIC 2002). Price: $35.
http://www.epic.org/bookstore/phr2003

This survey, by EPIC and Privacy International, reviews the state of
privacy in over fifty-five countries around the world.  The survey
examines a wide range of privacy issues including data protection,
passenger profiling, genetic databases, video surveillance, ID systems
and freedom of information laws.

                     ================================

"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.
http://www.epic.org/bookstore/filters2.0

A collection of essays, studies, and critiques of Internet content
filtering.  These papers are instrumental in explaining why filtering
threatens free expression.

                     ================================

"The Consumer Law Sourcebook 2000: Electronic Commerce and the Global
Economy," Sarah Andrews, editor (EPIC 2000). Price: $40.
http://www.epic.org/cls

The Consumer Law Sourcebook provides a basic set of materials for
consumers, policy makers, practitioners and researchers who are
interested in the emerging field of electronic commerce.  The focus is
on framework legislation that articulates basic rights for consumers
and the basic responsibilities for businesses in the online economy.

                     ================================

"Cryptography and Liberty 2000: An International Survey of Encryption
Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price:
$20. http://www.epic.org/bookstore/crypto00&

EPIC's third survey of encryption policies around the world.  The
results indicate that the efforts to reduce export controls on strong
encryption products have largely succeeded, although several
governments are gaining new powers to combat the perceived threats of
encryption to law enforcement.

                     ================================

EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

     EPIC Bookstore
     http://www.epic.org/bookstore

     "EPIC Bookshelf" at Powell's Books
     http://www.powells.com/features/epic/epic.html

======================================================================
[8] Upcoming Conferences and Events
======================================================================

RSA Conference 2004.  RSA Security.  May 31-June 1, 2004.  Tokyo,
Japan.  For more information:
http://www.medialive.jp/events/rsa2004/eng/default.html.

Fifth Annual Institute on Privacy Law:  New Developments & Compliance
Issues in a Security-Conscious World.  Practising Law Institute.  June
7-8, 2004.  San Francisco, CA.  For more information:
http://www.pli.edu.

TRUSTe Symposium: Privacy Futures.  June 9-11, 2004. International
Association of Privacy Professionals.  San Francisco, CA.  For more
information: http://www.privacyfutures.org.

The Policy Implications of Open Source Software.  Forum on Technology
& Innovation.  June 10, 2004.  Washington, DC.  For more information:
http://www.tech-forum.org.

Access & Privacy Conference 2004: Sorting It Out.  Government Studies,
Faculty of Extension.  June 10-11, 2004.  University of Alberta.
Edmonton, Alberta, Canada.  For more information:
http://www.govsource.net/programs/iapp/conference/main.nclk.

13th Annual CTCNet Conference: Building Connected Communities: The
Power of People & Technology.  June 11-13, 2004.  Seattle, WA.  For
more information: http://www2.ctcnet.org/conf/2004/session.asp.

Knowledge Held Hostage? Scholarly Versus Corporate Rights in the
Digital Age.  Annenberg Public Policy Center and Rice University in
association with Public Knowledge and the Center for Public Domain.
June 18, 2004.  Philadelphia, PA.  For more information:
http://www.knowledgehostage.org.

Fifth Annual Institute on Privacy Law:  New Developments & Compliance
Issues in a Security-Conscious World.  Practising Law Institute.  June
21-22, 2004.  New York, NY.  For more information: http://www.pli.edu.

Managing the Privacy Revolution 2004: New Challenges, New Strategies,
New Dangers.  Privacy & American Business.  June 22-24, 2003.
Washington, DC.  E-mail info at pandab.org.

PORTIA Workshop on Sensitive Data in Medical, Financial, and
Content-Distribution Systems.  PORTIA Project.  July 8-9, 2004.
Stanford, CA.  For more information:
http://crypto.stanford.edu/portia/workshop.html.

O'Reilly Open Source Convention.  July 26-30, 2004.  Portland, OR.
For more information: http://conferences.oreilly.com/oscon.

First Conference on Email and Anti-Spam.  American Association for
Artificial Intelligence and IEEE Technical Committee on Security and
Privacy.  July 30-31, 2004.  Mountain View, CA.  For more information:
http://www.ceas.cc.

Crypto 2004: The Twenty-Fourth Annual IACR Crypto Conference.
International Association for Cryptologic Research, IEEE Computer
Society Technical Committee on Security and Privacy, and the Computer
Science Department of the University of California, Santa Barbara.
Santa Barbara, CA.  August 15-19, 2004.  For more information:
http://www.iacr.org/conferences/crypto2004.

The Right to Personal Data Protection -- the Right to Dignity.  26th
International Conference on Data Protection and Privacy Commissioners.
September 14-16, 2004.  Wroclaw, Poland.  For more information:
http://www.giodo.gov.pl/252/j/en.

2004 Telecommunications Policy Research Conference.  National Center
for Technology & Law, George Mason University School of Law.  October
1-3, 2004.  Arlington, VA.  For more information:
http://www.tprc.org/TPRC04/call04.htm.

======================================================================
Subscription Information
======================================================================

Subscribe/unsubscribe via Web interface:

     https://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news

Back issues are available at:

     http://www.epic.org/alert

The EPIC Alert displays best in a fixed-width font, such as Courier.

======================================================================
Privacy Policy
======================================================================

The EPIC Alert mailing list is used only to mail the EPIC Alert and to
send notices about EPIC activities.  We do not sell, rent or share our
mailing list.  We also intend to challenge any subpoena or other legal
process seeking access to our mailing list.  We do not enhance (link
to other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list, please follow the above instructions under
"subscription information."

======================================================================
About EPIC
======================================================================

The Electronic Privacy Information Center is a public interest
research center in Washington, DC.  It was established in 1994 to
focus public attention on emerging privacy issues such as the Clipper
Chip, the Digital Telephony proposal, national ID cards, medical
record privacy, and the collection and sale of personal information.
EPIC publishes the EPIC Alert, pursues Freedom of Information Act
litigation, and conducts policy research.  For more information, see
http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite
200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248
(fax).

If you'd like to support the work of the Electronic Privacy
Information Center, contributions are welcome and fully
tax-deductible.  Checks should be made out to "EPIC" and sent to 1718
Connecticut Ave., NW, Suite 200, Washington, DC 20009.  Or you can
contribute online at:

     http://www.epic.org/donate

Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the
right of privacy and efforts to oppose government regulation of
encryption and expanding wiretapping powers.

Thank you for your support.

---------------------- END EPIC Alert 11.10 ----------------------

.