============================================================== @@@@ @@@@ @@@ @@@@ @ @ @@@@ @@@@ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @@@ @ @ @@@@@ @ @@@ @@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @@@ @@@@ @ @ @@@@ @@@@ @ @ @ ============================================================== Volume 7.22 December 19, 2000 -------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/EPIC_Alert_7.22.html ** HAPPY HOLIDAYS ** ======================================================================= Table of Contents ======================================================================= [1] Congress Approves Mandatory Internet Filtering Bill [2] Social Security Number Provision Removed from Spending Bill [3] FTC Holds Public Workshop on Wireless Privacy [4] Global Coalition Maintains Opposition to Cyber-Crime Treaty [5] Library Association Seeks Nominations for James Madison Award [6] Consumer Groups Release Online Holiday Shopping Tips [7] EPIC Bookstore - EPIC 2000 Publications [8] Upcoming Conferences and Events ======================================================================= [1] Congress Approves Mandatory Internet Filtering Bill ======================================================================= On December 15, Congress passed the Children's Internet Protection Act (CIPA), legislation requiring schools and libraries receiving federal funds for Internet access or computers to install filtering and blocking software. The measure is contained in an omnibus appropriations bill that is expected to be signed by the President. While the legislation has been characterized as providing protection for children, the final approved version mandates that schools and libraries also block adults from accessing child pornography or any material that meets the legal definition of obscenity. Institutions must also block access to material that is "harmful to minors" when a computer is used by any person under the age of 17. The measure, which evolved from a bill originally introduced by Sen. John McCain (R-AZ), applies to "any picture, image, graphic image file, or other visual depiction" that falls into one of the prohibited categories, but does not apply to text material. Schools and libraries that do not certify compliance with the filtering requirements will lose their Internet and computer funding. EPIC has long opposed the adoption of filtering systems, as have the American Civil Liberties Union and other free speech organizations. The harmful impact of such systems has been documented in a number of studies and highlighted in EPIC's publication, "Filters & Freedom: Free Speech Perspectives on Internet Content Controls" (see EPIC Bookstore). Advocates of free expression have encouraged the development of Internet education initiatives as the best approach to children's use of online resources. Many communities have adopted such programs, but will now be compelled to install flawed filtering programs on their computer systems. The federal filtering mandate is likely to be tested in the courts. The ACLU has announced its intention to challenge the law, and Congress appears to have anticipated litigation: the bill provides for expedited judicial review, with any challenge first heard by a special three-judge panel, and direct review by the U.S. Supreme Court. Earlier challenges to the Communications Decency Act and the Child Online Protection Act, in which EPIC participated, resulted in those laws being declared unconstitutional. The text of the Children's Internet Protection Act is available at: http://www.epic.org/free_speech/censorware/cipa.pdf ======================================================================= [2] Social Security Number Provision Removed from Spending Bill ======================================================================= In last-minute budget negotiations, the controversial Amy Boyer's Law was removed from the Commerce-Justice-State appropriations bill (part of the Omnibus Consolidated Appropriations Act). The proposed law addresses the availability of Social Security numbers to the public and has been targeted by privacy groups as a loophole-riddled law. The spending bill, likely the last act of the 106th Congress, is expected to be signed by President Clinton. Tragically, late last year, 21-year-old Amy Boyer was located by a stalker assisted by information -- including her Social Security number -- he purchased over the Internet. Sen. Judd Gregg (R-NH) later introduced legislation, entitled "Amy Boyer's Law," that seemed to require consent before Social Security numbers were displayed to the public. Consumer and privacy groups opposed the proposal noting the statute's significant exceptions for commercial use of SSNs and public records. The groups also criticized earlier versions of the proposal that pre-empted states' ability to pass laws offering greater protections. Tim Remsburg, Amy Boyer's stepfather, was also reportedly disappointed with the latest version of the law because it did not go far enough to protect personal privacy. The Clinton Administration had fought against the bill as well, issuing a veto threat letter against the appropriations bill on October 26 that cited the lackluster protections of the Amy Boyer provisions (see EPIC Alert 7.20). Many privacy groups hope that Congress will return to the issue of Social Security numbers in a more aggressive manner next year. In related privacy news, Sen. Patrick Leahy (D-VT) recently presented a "Report Card of the 106th Congress on Privacy" on the Senate floor. In his short speech, Sen. Leahy noted that "our laws have not kept pace with sweeping technological changes, putting at risk some of our most sensitive, private matters." Emphasizing the need for greater action, he added that "Congress has spent too long defining the problem [of privacy] instead of fixing it." The remarks are available through the Congressional Record for the Senate on December 14th, at page S11777. Information on Amy Boyer's Law is available through U.S. PIRG at: http://www.pirg.org/consumer/banks/action/privacy.htm ======================================================================= [3] FTC Holds Public Workshop on Wireless Privacy ======================================================================= On December 11-12, industry representatives and privacy advocates met at the Federal Trade Commission to discuss the privacy, security, and consumer protection issues raised by the development and use of new wireless technologies and services. Location privacy was a principal issue among the panelists and attendees in light of the Federal Communications Commission's "E911" rules. Those rules require wireless service carriers to provide the location of a caller to emergency centers when he or she dials 911. To enhance safety for 911 callers, this information must be accurate to within 50-100 meters of the caller's actual location. Privacy advocates have voiced concerns about potential law enforcement and commercial uses of such location data. Location information may be used to track users' movements outside of an emergency setting, to aggregate data regarding personal preferences and activities, and to deliver targeted advertising based on wireless users' location. Panelists also discussed the consumer protection aspects of wireless technologies. Consumers and businesses may have difficulty in communicating disclosures and other terms of service using current wireless devices, as most devices have small screens and limited storage capacity. In a workshop presentation, EPIC General Counsel David Sobel encouraged the development of a legal framework to ensure the privacy rights of wireless users. He told participants that "pure self-regulation has not worked well with respect to Internet privacy," and that wireless technologies present both new challenges and new opportunities for privacy protection. Information on the FTC's wireless workshop is available at: http://www.ftc.gov/bcp/workshops/wireless/ ======================================================================= [4] International Coalition Maintains Opposition to Cyber-Crime Treaty ======================================================================= The Global Internet Liberty Campaign (GILC), an international coalition of cyber-liberties groups, has again warned the Council of Europe (CoE) that a draft cybercrime treaty poses threats to privacy and human rights. According to the coalition's December 12 letter, provisions of the proposed cybercrime treaty would allow governments to engage in disproportionately invasive investigative techniques. In addition, the convention would encourage government collection of Internet transmissions with systems similar to the FBI's Carnivore. The GILC letter also cites provisions on law enforcement access to decryption keys similar to the UK's Regulation of Investigatory Powers (RIP) Act. Recognizing that interception of communication is a tool often used against dissidents and human rights workers, GILC recommended that the CoE redraft the treaty so that these invasive techniques could only be used to address serious crimes. GILC has called for judicial review to ensure protection for individuals' right to privacy and a recognition of the right against self-incrimination before invasive techniques are employed. GILC has also objected to the closed, secretive nature in which the cybercrime treaty has been drafted. The coalition has offered to assist the CoE by providing experts dedicated to stemming the problem of cybercrime while accommodating the human rights issues involved. The GILC letter is available at: http://www.gilc.org/privacy/coe-letter-1200.html ======================================================================= [5] Library Association Seeks Nominations for James Madison Award ======================================================================= The American Library Association (ALA) is currently seeking nominations for the organization's 12th annual James Madison Award. The Award is presented to individuals and groups that have preserved and protected the public's right to know. The ALA is seeking nominations until January 10, 2001. The award will be presented on March 16, 2001 in conjunction with Freedom of Information Day, an event jointly organized with the Freedom Forum. Mail nominations to Peter Kaplan at the ALA Washington Office at 1301 Pennsylvania Avenue NW, Suite 403, Washington, DC 20004 or fax to (202) 628-8419. Nominations should include a statement of why the nominee is should receive the award. For more information, visit the ALA Washington Office homepage: http://www.ala.org/washoff/ ======================================================================= [6] Consumer Groups Release Online Holiday Shopping Tips ======================================================================= The Trans-Atlantic Consumer Dialogue (TACD), a coalition of U.S. and EU consumer groups, has released its "12-point checklist for online shopping." The shopping checklist is based on the Organization for Economic Co-operation and Development (OECD) E-Commerce guidelines. The checklist presents basic matters that should be considered before purchasing items online: contact information, cost, payment methods, shipping charges and times, return policies, availability of customer service, privacy and security, and how to handle possible disputes. The TACD Online Shopping Checklist is available at: http://www.tacd.org/12ptchecklist.html OECD Guidelines for Consumer Protection in the Context of Electronic Commerce are available at: http://www.oecd.org/dsti/sti/it/consumer/ ======================================================================= [7] EPIC Bookstore - EPIC 2000 Publications ======================================================================= Planning any last minute shopping? Visit the EPIC Bookstore for our selection of books on privacy, free speech and computer security. And make sure to take a look at this year's EPIC publications. Browse the EPIC Bookstore at http://www.epic.org/bookstore/ EPIC Publications: "The Consumer Law Sourcebook 2000: Electronic Commerce and the Global Economy," Sarah Andrews, editor (EPIC 2000). Price: $40. http://www.epic.org/cls/ The Consumer Law Sourcebook provides a basic set of materials for consumers, policy makers, practitioners and researchers who are interested in the emerging field of electronic commerce. The focus is on framework legislation that articulates basic rights for consumers and the basic responsibilities for businesses in the online economy. ================================ "Privacy & Human Rights 2000: An International Survey of Privacy Laws and Developments," David Banisar, author (EPIC 2000). Price: $20. http://www.epic.org/phr/ This survey, by EPIC and Privacy International, reviews the state of privacy in over fifty countries around the world. The survey examines a wide range of privacy issues including, data protection, telephone tapping, genetic databases, ID systems and freedom of information laws. ================================ "The Privacy Law Sourcebook 2000: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2000). Price: $40. http://www.epic.org/pls/ The "Physicians Desk Reference of the privacy world." An invaluable resource for students, attorneys, researchers and journalists who need an up-to-date collection of U.S. and International privacy law, as well as a comprehensive listing of privacy resources. ================================ "Cryptography and Liberty 2000: An International Survey of Encryption Policy," Wayne Madsen and David Banisar, editors (EPIC 2000). Price: $20. http://www.epic.org/crypto&/ EPIC's third survey of encryption policies around the world. The results indicate that the efforts to reduce export controls on strong encryption products have largely succeeded, although several governments are gaining new powers to combat the perceived threats of encryption to law enforcement. ================================ "Filters and Freedom: Free Speech Perspectives on Internet Content Controls," David Sobel, editor (EPIC 1999). Price: $20. http://www.epic.org/filters&freedom/ A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ Additional titles on privacy, open government, free expression, computer security, and crypto, as well as films and DVDs can be ordered through the EPIC Bookstore: http://www.epic.org/bookstore/ ======================================================================= [8] Upcoming Conferences and Events ======================================================================= Call for Proposals - January 5, 2001. CFP 2001: The Eleventh Conference on Computers, Freedom, and Privacy. For more information: http://www.cfp2001.org/ Call for Content - January 10, 2001. INET 2001: The Internet Global Summit. The 11th Annual Internet Society Conference. For more information: http://www.isoc.org/inet2001/cfc.shtml Network and Distributed System Security Symposium (NDSS '01). Internet Society. February 7-9, 2001. San Diego, CA. For more information: http://www.isoc.org/ndss01/ Privacy in the New Environments: What the Personal Information Protection and Electronic Documents Act Means to Your Organization. Riley Information Services. February 19, 2001. Ottawa, Canada. For more information: http://www.rileyis.com/seminars/ CFP 2001: the Eleventh Conference on Computers, Freedom and Privacy. March 6-9, 2001. Cambridge, MA. For more information: http://www.cfp2001.org/ EUROSEC 2001: Forum sur la Sécurité des Systèmes d'Information. XP Conseil. March 13-15, 2001. Paris, France. For more information: http://www.xpconseil.com/eurosec2001/ Online, Offshore and Cross-Border: Regulating Global E-Commerce. Washington College of Law, American University. March 30, 2001. Washington, DC. For more information: http://www.wcl.american.edu First International Conference on Human Aspects of the Information Society. Information Management Research Institute, University of Northumbria at Newcastle. April 9-11, 2001. Newcastle upon Tyne, England. For more information: http://is.northumbria.ac.uk/imri National Summit on Electronic Privacy. The National Institute for Government Innovation. April 23-24, 2001. Washington, DC. For more information: http://www.nigi.org/ The 26th Annual AAAS Colloquium on Science and Technology Policy. American Association for the Advancement of Science. May 3-4, 2001. Washington, DC. For more information: http://www.aaas.org/spp/dspp/rd/colloqu.htm The Internet Security Conference (TISC) 2001. Core Competence, Inc. June 4-8, 2001. Los Angeles, CA. For more information: http://www.tisc2001.com/ INET 2001: The Internet Global Summit. The 11th Annual Internet Society Conference. June 5-8, 2001. Stockholm, Sweden. For more information: http://www.isoc.org/inet2001/ ======================================================================= Subscription Information ======================================================================= The EPIC Alert is a free biweekly publication of the Electronic Privacy Information Center. A Web-based form is available for subscribing or unsubscribing at: http://www.epic.org/alert/subscribe.html To subscribe or unsubscribe using email, send email to epic-news@epic.org with the subject: "subscribe" (no quotes) or "unsubscribe". Back issues are available at: http://www.epic.org/alert/ ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your email address from this list, please follow the above instructions under "subscription information". Please contact info@epic.org if you have any other questions. ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, e-mail info@epic.org, http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at http://www.guidestar.org/aol/search/report/report.adp?ein=52-2225921 Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ---------------------- END EPIC Alert 7.22 ----------------------- .