============================================================== @@@@ @@@@ @@@ @@@@ @ @ @@@@ @@@@ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @@@ @ @ @@@@@ @ @@@ @@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @@@ @@@@ @ @ @@@@ @@@@ @ @ @ ============================================================== Volume 7.07 April 20, 2000 -------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org ======================================================================= Table of Contents ======================================================================= [1] House Committee on Intelligence Examines NSA Surveillance [2] EU Fixes Agenda for Hearing on Global Surveillance [3] Appeals Court Rules that Source Code Is Protected Free Speech [4] Pentagon Requests New FOIA Exemption [5] Children's Internet Privacy Law Goes Into Effect [6] EPIC Moves - New Address and Phone Number! [7] EPIC Bookstore -- The Mvr Book Motor Services Guide 2000 [8] Upcoming Conferences and Events ======================================================================= [1] House Committee on Intelligence Examines NSA Surveillance ======================================================================= On April 12, the House Permanent Select Committee on Intelligence conducted a hearing to examine the surveillance capabilities of the National Security Agency (NSA). The hearing follows increasing worldwide concern about international communications monitoring and the "Echelon" satellite interception system in particular. Committee Chairman Porter Goss (R-FL) stated that the Committee itself was "well versed" in NSA intelligence gathering capabilities and was satisfied as to the legitimacy of its activities. He continued, however, that an open hearing was necessary and important in order to reassure the American public that the NSA operates within a strict legal framework. Testifying before the Committee, the Director of the Central Intelligence Agency (CIA), George J. Tenet, and Director of the NSA, Lieutenant General Michael V. Hayden, explained that under FISA the NSA is authorized to collect information only for foreign intelligence purposes. Both vehemently rejected the idea of unlawful snooping on U.S. citizens claiming that even the most junior of their officers were "unequivocally committed" to acting within the law and protecting the rights of Americans. As regards economic espionage, Hayden and Tenet stressed that the U.S. intelligence community had neither the resources, legal authority nor interest in collecting information for the benefit of U.S. businesses and corporations. Although, said Tenet, signals intelligence can and does provide valuable economic information to certain U.S. government agencies, the NSA is "just not in the business of conducting industrial espionage." One issue during the hearing was the sharing of information about U.S. citizens between the NSA, CIA and domestic law enforcement agencies. Lieutenant General Hayden acknowledged that this kind of cooperation does take place when the dual interests of national security and law enforcement converge. However, he gave no clear indication of the frequency of such occurrences. This issue will be examined in more detail during further hearings into NSA activities, which the House Government Reform Committee, at the urging of Rep. Bob Barr (R-GA), intends to hold later this spring. EPIC is currently preparing a report on these issues to assist in setting the agenda for these hearings. The report is being written by EPIC Senior Research Fellow Duncan Campbell, whose recent report for the European Parliament has led to ongoing debates in Europe. CIA Director George Tenet's statement before the House Permanent Select Committee on Intelligence: http://www.cia.gov/cia/public_affairs/speeches/dci_speech_041200.html Prepared remarks of Representative Bob Barr: http://www.house.gov/barr/c_041200.html European Parliament report, "Interception Capabilities 2000" (PDF): http://www.europarl.eu.int/dg4/stoa/en/publi/pdf/98-14-01-2en.pdf ======================================================================= [2] EU Fixes Agenda for Hearing on Global Surveillance ======================================================================= The European Parliament will meet on May 4th and is expected to ratify proposals to modify international law to deal with international telecommunications espionage, and to set up a temporary special committee to further investigate the Echelon controversy. The proposals, collectively known as the Echelon resolution, drafted by Graham Watson MEP, Chairman of the Committee on Citizens' Freedoms and Rights, Justice and Home Affairs, assert that international spying on communications should be identified as a breach of fundamental human rights. The motion for debate in May argues that all future interceptions must "have a legal basis, be in the public interest and be strictly limited to the achievement of the intended objective . . . Any form of systematic interception cannot be regarded as consistent with that principle, even if the intended aim is to fight against international crime." It also bluntly asks that "any Member State operating such a system should cease to use it" except for proper purposes of internationally agreed sharing of information to fight serious crime or terrorism. If passed, only strictly military and defence matters would be covered under the "national security" exemption to the treaties joining Europe's nations. The exact scope for the committee of enquiry will be settled at a meeting of high level parliamentarians shortly afterwards. Political groupings within the Parliament have wrangled over what sort of committee should be appointed, and the investigative powers it should be granted. For more on the European Parliament Committee on Citizens' Freedoms and Rights, Justice and Home Affairs: http://www.europarl.eu.int/committees/en/default.htm ======================================================================= [3] Appeals Court Rules that Source Code Is Protected Free Speech ======================================================================= On April 4, the Sixth Circuit Court of Appeals issued a landmark ruling in the case of Junger v. Daley, holding that encryption source code is protected speech under the First Amendment. Peter Junger is a law professor who four years ago was informed by the U.S. Department of Commerce that he would need an export license to post examples of encryption source code on his website. He then filed suit in the Ohio federal district court claiming that this restriction on his right to publish his encryption code constituted a prior restraint on speech in violation of the First Amendment. In July 1998, Judge Gwin of the U.S. District Court for the Northern District of Ohio dismissed Junger's claim, holding that as source code was "inherently functional" rather than "inherently expressive" it was not protected speech under the First Amendment. The Sixth Circuit Court of Appeals reversed this ruling stating that because "computer source code is an expressive means for the exchange of information and ideas about computer programming . . . it is protected by the First Amendment." Having concluded thus, it referred the case back to the district court to decide whether the current encryption export regulations are unconstitutional. This is the third constitutional challenge to the encryption export regulations. It remains to be seen whether the current regulations, which were significantly relaxed in January of this year, can withstand such legal scrutiny. The Sixth Circuit decision on Junger v. Daley: http://pacer.ca6.uscourts.gov/cgi-bin/getopn.pl?OPINION=00a0117p.06 EPIC's amicus brief in support of Junger: http://www.epic.org/crypto/export_controls/junger_brief.html Professor Junger's archive of legal materials related to his case: http://samsara.LAW.CWRU.Edu/comp_law/jvd/ ======================================================================= [4] Pentagon Requests New FOIA Exemption ======================================================================= Proposed legislative language would introduce a new exemption for the Freedom of Information Act (FOIA). The proposal would be attached to the National Defense Authorization Act for Fiscal Year 2001, H.R. 4205, currently being considered by the House Committee on Armed Services. The proposed exemption would create a new exemption to allow the Departments of Defense and Energy to withhold unclassified information received in confidence from foreign governments or international organizations. The Pentagon believes the new exemption is necessary to avoid the costs of securing such information as if it were confidential information, currently the lowest level of national security information. Groups against the creation of a new level of exempt information, including EPIC, have pointed out that the storage of such information does not necessarily have to protected as if it were confidential but merely at a level equal to the precautions used by the foreign entity that provided the data. More information on the proposed new exemption is available from the Federation of American Scientists: http://www.fas.org/sgp/news/2000/04/dodfoia.html ======================================================================= [5] Children's Internet Privacy Law Goes Into Effect ======================================================================= On April 21, the Children's Online Privacy Protection Act (COPPA) will go into effect. The law requires website operators to obtain parental consent before the collection and use of personal information of children up to the age of 13. The type of parental consent necessary is governed by a sliding scale depending on the use of that data. For example, if personal information collected from children is not passed on to third parties, website operators will only have to receive an email from parents allowing that use. If similar personal information is passed on to a third party, more reliable means of verification such as a letter or credit card number will need to be supplied. In related Internet privacy news, a new survey conducted by Odyssey, a market research firm, reveals wide public mistrust of the Internet companies with their personal information. Eighty-two percent of households surveyed agreed with the statement "the government needs to step in and regulate how companies use personal information." An even more convincing 92 percent agreed that "I don't trust companies to keep personal information about me confidential, no matter what they promise." The final rules implementing COPPA are available from the Federal Trade Commission: http://www.ftc.gov/os/1999/9910/childrensprivacy.pdf A more general guide to COPPA is online at: http://www.ftc.gov/bcp/conline/pubs/buspubs/coppa.htm ======================================================================= [6] EPIC Moves - New Address and Phone Number! ======================================================================= EPIC has moved offices. Please note the change. 1718 Connecticut Avenue, NW Suite 200 Washington, DC 20009 tel: 202 483 1140 fax: 202 483 1248 ======================================================================= [7] EPIC Bookstore -- The Mvr Book Motor Services Guide 2000 ======================================================================= The Mvr Book Motor Services Guide 2000 : The National Reference Detailing, in Practical Terms, the Privacy Restrictions, Access, Procedures, Regulations by Michael L. Sankey (Editor) http://www.amazon.com/exec/obidos/ISBN=1879792583/electronicprivacA/ The national reference detailing - in practical terms - the privacy restrictions, access procedures, regulations and systems of all state held driver and vehicle records. ================================ EPIC Publications: "Cryptography and Liberty 2000: An International Survey of Encryption Policy," Wayne Madsen and David Banisar, editors, (EPIC 2000). Price: $20. http://www.epic.org/crypto&/ EPIC's third survey of encryption policies around the world. The results indicate that the efforts to reduce export controls on strong encryption products have largely succeeded, although several governments are gaining new powers to combat the perceived threats of encryption to law enforcement. ================================ "The Privacy Law Sourcebook: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 1999). Price: $50. http://www.epic.org/pls/ The "Physicians Desk Reference of the privacy world." An invaluable resource for students, attorneys, researchers and journalists who need an up-to-date collection of U.S. and International privacy law, as well as a comprehensive listing of privacy resources. ================================ "Filters and Freedom - Free Speech Perspectives on Internet Content Controls," David Sobel, editor (EPIC 1999). Price: $20. http://www.epic.org/filters&freedom/ A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ "Privacy and Human Rights 1999: An International Survey of Privacy Laws and Developments," David Banisar, Simon Davies, editors, (EPIC 1999). Price: $15. http://www.epic.org/privacy&humanrights99/ An international survey of the privacy and data protection laws found in 50 countries around the globe. This report outlines the constitutional and legal conditions of privacy protection, and summarizes important issues and events relating to privacy and surveillance. ================================ Additional titles on privacy, open government, free expression, computer security, and crypto, as well as films and DVDs can be ordered through the EPIC Bookstore: http://www.epic.org/bookstore/ ======================================================================= [8] Upcoming Conferences and Events ======================================================================= Regulating the Internet: EU & US Perspectives. April 27-29, 2000. European Union Center, the School of Communications, and the Center for Law, Commerce & Technology at the University of Washington. Seattle, WA. For more information: http://jsis.artsci.washington.edu/programs/europe/euc.html Access Act Reform: The Destruction of Records and Proposed Access Act Amendments. Riley Information Services. May 1, 2000. Westin Hotel. Ottawa, Canada. For more information: http://www.rileyis.com/seminars/ Entrust SecureSummit 2000. May 1-4, 2000. Hyatt Regency Dallas at Reunion. Dallas, TX. For more information: http://www.securesummit.com Call for Papers -- 16th Annual Computer Security Applications Conference. Deadline May 12, 2000. Sheraton Hotel. New Orleans, LA. December 11-15, 2000. For more information: http://www.acsac.org/ Electronic Government: New Challenges for Public Administration and Law. May 18, 2000. Center for Law, Public Administration, and Informatization of Tilburg University, Netherlands. For more information: http://schoordijk.kub.nl/crbi/egov/ Shaping the Network: The Future of the Public Sphere in Cyberspace. Computer Professionals for Social Responsibility (CPSR). May 20-23, 2000. Seattle, WA. For more information: http://www.scn.org/cpsr/diac-00 New Millennium, New Horizons: Marketing and Public Policy Conference 2000. American Marketing Association. June 1-3, 2000. Marriott Metro Center. Washington, DC. For more information: http://www.ama.org/events/ First Annual Institute on Privacy Law: Strategies for Legal Compliance in a High Tech and Changing Regulatory Environment. Practicing Law Institute. June 22-23, 2000. PLI Conference Center. New York, NY. For more information: http://www.pli.edu Telecommunications: The Bridge to Globalization in the Information Society. Biennial Conference of the International Telecommunications Society. July 2-5, 2000. For more information: http://www.its2000.org.ar First International Hackers Forum. The Green Planet. August 18-20, 2000. Zaporozhye, Ukraine. For more information: http://www.geocities.com/hack_forum KnowRight 2000 - InfoEthics Europe. Austrian Computer Society and UNESCO. September 26-29, 2000. Vienna, Austria. For more information: http://www.ocg.at/KR-IE2000.html Privacy2000: Information and Security in the Digital Age. November 29, 2000. Adam's Mark Hotel. Columbus, Ohio. For more information: http://www.privacy2000.org Privacy: A Social Research Conference. New School University. October 5-7, 2000. New York, NY. For more information: http://www.newschool.edu/centers/socres/privacy/ ======================================================================= Subscription Information ======================================================================= The EPIC Alert is a free biweekly publication of the Electronic Privacy Information Center. A Web-based form is available for subscribing or unsubscribing at: http://www.epic.org/alert/subscribe.html To subscribe or unsubscribe using email, send email to epic-news@epic.org with the subject: "subscribe" (no quotes) or "unsubscribe". Back issues are available at: http://www.epic.org/alert/ ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC is sponsored by the Fund for Constitutional Government, a non-profit organization established in 1974 to protect civil liberties and constitutional rights. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, e-mail info@epic.org, http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "The Fund for Constitutional Government" and sent to EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ---------------------- END EPIC Alert 7.07 ----------------------- .