EPIC logo
   
   
   ==============================================================
   
       @@@@  @@@@  @@@  @@@@      @    @     @@@@  @@@@  @@@@@
       @     @  @   @   @        @ @   @     @     @  @    @
       @@@@  @@@    @   @       @@@@@  @     @@@   @@@     @
       @     @      @   @       @   @  @     @     @  @    @
       @@@@  @     @@@  @@@@    @   @  @@@@  @@@@  @   @   @
   
   ==============================================================
   Volume 7.03                                  February 22, 2000
   --------------------------------------------------------------
   
                            Published by the
              Electronic Privacy Information Center (EPIC)
                            Washington, D.C.
   
                          http://www.epic.org
   
=======================================================================
Table of Contents
=======================================================================
   
[1] EPIC Complaint Focuses Attention on DoubleClick and Privacy
[2] Michigan Community Targeted by Filtering Proponents
[3] EPIC Testifies on Data Protection before European Parliament
[4] Consumer Groups Shed Light on Privacy Aspects of Mergers
[5] Proposed Financial Privacy Rules Released
[6] President Issues Executive Order on Genetic Privacy
[7] EPIC Bookstore -- EPIC Publications
[8] Upcoming Conferences and Events
   
=======================================================================
[1] EPIC Complaint Focuses Attention on DoubleClick and Privacy
=======================================================================
   
The information practices of DoubleClick, the leading Internet
advertising firm, have moved online privacy issues to the forefront of
public attention.  On February 10, EPIC filed a formal complaint
against the company with the Federal Trade Commission (FTC).  The
complaint alleges that DoubleClick is unlawfully tracking the online
activities of Internet users and combining surfing records with
detailed personal profiles contained in a national marketing database.
EPIC asked the FTC to investigate the practices of the company, to
destroy all records wrongfully obtained, to invoke civil penalties,
and to enjoin the firm from violating the Federal Trade Commission
Act.
   
DoubleClick recently revealed that the FTC has notified the firm that
it is "conducting an informal inquiry into our business practices to
determine whether, in collecting and maintaining information
concerning Internet users, we have engaged in unfair or deceptive
practices."  The company also disclosed that it is being investigated
by the New York Attorney General's office and has been named in six
separate lawsuits concerning its information collection activities.
The Attorney General of Michigan has also announced her intention to
file suit against the company.
   
The EPIC complaint, and the other proceedings, follow the recent
merger of DoubleClick and Abacus Direct, the country's largest catalog
database firm.  DoubleClick has announced its intention to combine
anonymous Internet profiles in the DoubleClick database with the
personal information contained in the Abacus database.  EPIC's
complaint alleges that DoubleClick's merger of the two databases
violates the companies' assurances that the information it collects on
Internet users would remain anonymous, and that the data collection
was therefore unfair and deceptive.  EPIC also charges that the
company has failed to follow its revised privacy policy and that this
is also unfair.
   
The FTC investigation of DoubleClick is likely to be a critical test
of the current state of privacy protection in the United States.  It
may determine, for instance, whether companies that break their
promises and collect personal information in an unfair and deceptive
manner will be held accountable.  Because much of the information
collection that occurs on the Internet is invisible to the consumer,
it raises serious questions of fairness and informed consent.
   
The text of EPIC's complaint against DoubleClick is available online
at:
   
     http://www.epic.org/privacy/internet/DCLK_complaint.pdf
   
Background information on the DoubleClick/Abacus merger, including
links to coverage of the recent controversy, is available at:
   
     http://www.epic.org/doubletrouble/
   
=======================================================================
[2] Michigan Community Targeted by Filtering Proponents
=======================================================================
   
Citizens of Holland, Michigan are today voting on a ballot measure
that would require the city to withhold funding to the district
library unless the library installs Internet filtering software on its
public computers.  The referendum campaign has been financed by the
American Family Association, a conservative religious group based in
Mississippi.  The group has been running television ads urging Holland
voters to "Send America a Message" and "Vote 'Yes' on Internet
Filters."
   
Presidential candidate Sen. John McCain (R-AZ) endorsed the Internet
filter measure during a campaign visit to Holland last month.  McCain,
chairman of the Senate Commerce Committee, has long been an advocate
of mandatory Internet filters in public schools and libraries (see
EPIC Alert 6.10).  The ballot measure has also been endorsed by
McCain's rivals in today's Michigan primary, Texas Gov. George W. Bush
and Alan Keyes.
   
Significantly, the filtering referendum is opposed by Holland Mayor Al
McGeehan and other city officials, many of whom describe themselves as
"conservatives."  Opponents of the measure resent the involvement of
"outside agitators," and cite the potential financial and legal
ramifications that would follow a "yes" vote.  Without Holland's
contribution to the regional library's budget, the library would
default on a construction loan used to build the new library a year
ago.  Such a default would destroy the community's bond rating.
   
Opposition is being coordinated by an ad-hoc local group, Families for
Internet Access, which has mounted its door-to-door educational
campaign with less than $2,500 in local donations.  The filtering
advocates have received $45,000 in donations (much of it from outside
interest groups) to finance television spots, direct mail and
telephone canvassing.
   
Additional information on mandatory Internet filtering is available at
the Internet Free Expression Alliance website:
   
     http://www.ifea.net
   
=======================================================================
[3] EPIC Testifies on Data Protection before European Parliament
=======================================================================
   
The European Parliament Committee on Citizens' Freedoms and Rights,
Justice and Home Affairs, along with the Committee on Legal Affairs
and the Internal Market, is currently holding hearings on the
"European Union and Data Protection."  EPIC Executive Director Marc
Rotenberg will be presenting testimony on the current state of data
protection in the United States.
   
The hearings will touch on several issues relating to privacy
protection in the European Union, including implementation of the EU
Data Protection Directive, the ongoing Safe Harbor negotiations, and
the ECHELON surveillance network.  EPIC's testimony largely addresses
the failure of self-regulation in the United States to adequately
protect consumer privacy on the Internet.  The testimony also supports
legally enforceable privacy protection and adoption of privacy
enhancing techniques as necessary for the continued protection of the
fundamental right of privacy in the information society.
   
The text of EPIC's testimony before the European Parliament is
available at:
   
     http://www.epic.org/privacy/intl/EP_testimony_0200.html
   
More information about the European Parliament hearing on the
"European Union and Data Protection" is available at:
   
     http://www.europarl.eu.int/dg2/hearings/20000222/libe/
     en/default.htm
   
=======================================================================
[4] Consumer Groups Shed Light on Privacy Aspects of Mergers
=======================================================================
   
On February 15, the Trans Atlantic Consumer Dialogue (TACD), a
coalition of over sixty American and European consumer groups, called
on U.S. and EU officials to halt the America Online-Time Warner merger
until consumer privacy concerns have been adequately addressed.
   
The proposed multimedia merger would combine records from America
Online's 20 million subscribers and Time Warner's customer base of
over 65 million households.  The TACD resolution notes that neither
company has a stellar record on consumer privacy.  Furthermore, the
value of the information in the hands of the merged company should not
be overlooked:
   
     The combined databases of the two firms would likely produce the
     most detailed records on consumers ever assembled, from favorite
     television programs to book purchases to associations with
     religious organizations and even political preferences.
   
In addition to its recommendation that approval of the merger be
conditioned on the provision of privacy safeguards, the TACD also
urges the United States to adopt a comprehensive privacy law that
would apply in these situations.  The coalition also recommends that
the Safe Harbor negotiators consider the consequences of such mergers
in the course of future discussions, and that both the U.S. and the EU
consider legal mechanisms to protect privacy in future mergers.
   
The TACD "Resolution on the Merger of America Online and Time Warner
and Privacy Protection in the Interactive Broadband Environment" is
available at:
   
     http://www.tacd.org/ecommercef.html#aolmerge
   
For more information about the TACD and other resolutions concerning
consumer protection in electronic commerce:
   
     http://www.tacd.org/
   
=======================================================================
[5] Proposed Financial Privacy Rules Released
=======================================================================
   
On February 3, the Office of the Comptroller of the Currency, the
Board of Governors of the Federal Reserve System, the Federal Deposit
Insurance Corporation, and the Office of Thrift Supervision issued a
joint notice of proposed rulemaking on financial privacy.
   
The rules will implement the privacy provisions of the Financial
Services Modernization Act (also known as Gramm-Leach-Bliley).  The
Act eliminated many federal barriers to mergers between various
financial institutions, including banks, securities firms and
insurers. Importantly, Gramm-Leach-Bliley will establish some limits
on disclosure of personal financial information in the hands of these
businesses.
   
Many consumer groups, including EPIC, US PIRG, Consumers Union, and
the Consumer Federation of America, have found the privacy provisions
of the Financial Services Modernization Act inadequate, especially
considering the mergers that will take place after the law goes into
effect.  Also, President Clinton noted the need for greater
protections over financial information than those offered by the bill
when he signed it into law.
   
Comments on the proposed rules are due on March 31.
   
Copies of the proposed rules and instructions for filing comments can
be downloaded in PDF format from:
   
     http://www.occ.ustreas.gov/ftp/regs/npr0203.pdf
   
=======================================================================
[6] President Issues Executive Order on Genetic Privacy
=======================================================================
   
Following-up on a proposal made in his State of the Union Address,
President Clinton issued an Executive Order on February 8 prohibiting
federal agencies from using genetic information in decisions
concerning employment.  The Executive Order would cover roughly 2.8
million citizens working for the federal government.
   
The Executive Order does not flatly prohibit federal agencies from
collecting genetic information from their employees.  Such information
can be collected in certain instances but will be stored as part of
confidential medical records.
   
In the press release accompanying the Executive Order, the President
also expressed his support for similar legislative proposals that
would apply to the private sector.  The Genetic Information
Nondiscrimination in Health Insurance and Employment Act of 1999
introduced in the Senate (S.1322) by Sen. Tom Daschle (D-SD) and in
the House of Representatives (H.R.2457) by Rep. Louise Slaughter
(D-NY) would extend similar protections to non-government workplaces.
   
The President's Executive Order is available at:
   
     http://www.pub.whitehouse.gov/uri-res/I2R?urn:pdi://
     oma.eop.gov.us/2000/2/8/8.text.1
   
The accompanying press release can be found at:
   
     http://www.pub.whitehouse.gov/uri-res/I2R?urn:pdi://
     oma.eop.gov.us/2000/2/9/2.text.1
   
=======================================================================
[7] EPIC Bookstore -- EPIC Publications
=======================================================================
   
EPIC Publications:
   
"The Privacy Law Sourcebook: United States Law, International Law, and
Recent Developments," Marc Rotenberg, editor (EPIC 1999). Price: $50.
http://www.epic.org/pls/
   
The "Physicians Desk Reference of the privacy world." An invaluable
resource for students, attorneys, researchers and journalists who need
an up-to-date collection of U.S. and International privacy law, as well
as a comprehensive listing of privacy resources.
   
                  ================================
   
"Filters and Freedom - Free Speech Perspectives on Internet Content
Controls," David Sobel, editor (EPIC 1999). Price: $20.
http://www.epic.org/filters&freedom/
   
A collection of essays, studies, and critiques of Internet content
filtering.  These papers are instrumental in explaining why filtering
threatens free expression.
   
                  ================================
   
"Cryptography and Liberty: An International Survey of Cryptography
Policy" Wayne Madsen and David Banisar, editors, (EPIC 1999). Price:
$15. http://www.epic.org/cryptobook99/
   
An international survey of encryption policies around the world. Survey
results show that in the vast majority of countries, cryptography may
be freely used, manufactured, and sold without restriction, with the
U.S. being a notable exception.
   
                  ================================
   
"Privacy and Human Rights 1999: An International Survey of Privacy Laws
and Developments" David Banisar, Simon Davies, editors, (EPIC 1999).
Price: $15. http://www.epic.org/privacy&humanrights99/
   
An international survey of the privacy and data protection laws found
in 50 countries around the globe.  This report outlines the
constitutional and legal conditions of privacy protection, and
summarizes important issues and events relating to privacy and
surveillance.
   
                  ================================
   
Additional titles on privacy, open government, free expression,
computer security, and crypto, as well as films and DVDs can be ordered
through the EPIC Bookstore: http://www.epic.org/bookstore/
   
=======================================================================
[8] Upcoming Conferences and Events
=======================================================================
   
Privacy, Security & Confidentiality of Medical Records 2000: Complying
With New HIPAA Regulations. NonProfit Management. One Day Seminars.
Various Locations and Times. For more information:
http://www.nonprofitmgt.com/privacy
   
Federal Trade Commission Advisory Committee on Online Privacy and
Security. Series of Meetings. Federal Trade Commission Headquarters.
Washington, D.C. For more information: http://www.ftc.gov/acoas/
   
Financial Cryptography '00. International Financial Cryptography
Association. February 21-24, 2000. InterIsland Hotel. Anguilla, British
West Indies. For more information: http://fc00.ai/
   
The New Wave of Privacy Protection in Canada. BC Freedom of Information
and Privacy Association and Riley Information Services. March 9-10,
2000. Hotel Vancouver. Vancouver, British Columbia. For more
information: http://www.rileyis.com
   
HIPAA Security and Privacy Requirements: A How To Blueprint for
Compliance. MIS Training Institute. Two-day Seminars. Various Locations
and Times. For more information: http://www.misti.com
   
Entrust SecureSummit 2000. May 1-4, 2000. Hyatt Regency Dallas at
Reunion. Dallas, Texas. For more information:
http://www.securesummit.com
   
Shaping the Network: The Future of the Public Sphere in Cyberspace.
Computer Professionals for Social Responsibility (CPSR). Call for
Papers -- Abstracts Due February 15. May 20-23, 2000. Seattle,
Washington. For more information: http://www.scn.org/cpsr/diac-00
   
Telecommunications: The Bridge to Globalization in the Information
Society. Biennial Conference of the International Telecommunications
Society. July 2-5, 2000. For more information:
http://www.its2000.org.ar
   
KnowRight 2000 - InfoEthics Europe. Austrian Computer Society and
UNESCO. Call for Papers -- Due March 3. September 26-29, 2000.
Vienna. For more information: http://www.ocg.at/KR-IE2000.html
   
Privacy2000: Information and Security in the Digital Age. November 29,
2000. Adam's Mark Hotel. Columbus, Ohio. For more information:
http://www.privacy2000.org
   
=======================================================================
Subscription Information
=======================================================================
   
The EPIC Alert is a free biweekly publication of the Electronic Privacy
Information Center. A Web-based form is available for subscribing or
unsubscribing at:
   
     http://www.epic.org/alert/subscribe.html
   
To subscribe or unsubscribe using email, send email to
epic-news@epic.org with the subject: "subscribe" (no quotes) or
"unsubscribe".
   
Back issues are available at:
   
     http://www.epic.org/alert/
   
=======================================================================
About EPIC
=======================================================================
   
The Electronic Privacy Information Center is a public interest research
center in Washington, DC.  It was established in 1994 to focus public
attention on emerging privacy issues such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale of personal information. EPIC is sponsored
by the Fund for Constitutional Government, a non-profit organization
established in 1974 to protect civil liberties and constitutional
rights.  EPIC publishes the EPIC Alert, pursues Freedom of Information
Act litigation, and conducts policy research. For more information,
e-mail info@epic.org, http://www.epic.org or write EPIC, 666
Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. +1 202 544 9240
(tel), +1 202 547 5482 (fax).
   
If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible.  Checks
should be made out to "The Fund for Constitutional Government" and sent
to EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC 20003.
   
Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation of encryption
and expanding wiretapping powers.
   
Thank you for your support.
   
  ---------------------- END EPIC Alert 7.03 -----------------------
   
   
.
Return to:

Alert Home Page | EPIC Home Page