============================================================== @@@@ @@@@ @@@ @@@@ @ @ @@@@ @@@@ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @@@ @ @ @@@@@ @ @@@ @@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @@@ @@@@ @ @ @@@@ @@@@ @ @ @ ============================================================== Volume 8.08 May 2, 2001 -------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/EPIC_Alert_8.08.html ======================================================================= Table of Contents ======================================================================= [1] Report: Lots of "Portable" Wiretaps; No Encryption Problems [2] Order Served on News Site Raises Significant Issues [3] EPIC Files FOIA Request on First 100 Days on Privacy [4] Survey Shows Workplace Monitoring Continues to Rise [5] Subscribe to the EPIC-Digest! [6] EPIC Bill-Track: New Bills in Congress [7] EPIC Bookstore - Body of Secrets [8] Upcoming Conferences and Events ======================================================================= [1] Report: Lots of "Portable" Wiretaps; No Encryption Problems ======================================================================= As required by law, the Administrative Office of the U.S. Courts has released its annual report on federal and state applications for the interception of communications. While the overall number of wiretaps decreased last year, a significant majority of electronic surveillance was directed at portable devices such as cellular phones and pagers. In another significant finding, the new report discloses that no investigations were thwarted by the use of encryption technology. The report is based upon all data on wiretaps conducted from January 1, 2000 through December 1, 2000. Last year, a total of 1,190 federal and state wiretaps were authorized, a decrease from 1999 when an all-time high of 1,350 wiretap applications were approved. As is often the case, no wiretap applications were denied during the year. Of the 1,190 authorized wiretaps, 479 were authorized by federal judges and 711 by state judges, both slightly smaller numbers than the previous year. Consistent with earlier wiretap reports, the vast majority of wiretaps, seventy-five percent, were authorized for narcotics investigations. This year's report introduces "portable devices, carried by/on individual," such as cellular phones and pagers, as a new category for data relating to location of wiretaps. The "portable" category turned out to be the most popular as sixty percent -- 715 wiretaps in all -- of wiretaps were authorized for portable devices. Of the 715 portable device wiretaps, 691 involved cellular telephones. The 2000 Wiretap report is also the first to indicate whether encryption was encountered by law enforcement officials in the course of a wiretap and whether it hindered obtaining plaintext. Amendments to the wiretap statute now require the collection of such data beginning with this year's report. In 2000, no federal wiretaps encountered encryption, but state and local agencies encountered twenty-two situations where encryption was used. In all twenty-two investigations, the use of encryption did not prevent access to plaintext. The report does not go on to say how such plaintext was obtained. For the period 1990-2000, the number of wiretaps has increased thirty-six percent from 872 at the beginning of the decade to 1,190 for this past year. The 2000 Wiretap Report is available online: http://www.uscourts.gov/wiretap00/2000wttxt.pdf Table displaying results of past Wiretap Reports since 1968: http://www.epic.org/privacy/wiretap/stats/wiretap_stats.html ======================================================================= [2] Order Served on News Site Raises Significant Issues ======================================================================= An international inquiry into the alleged theft of Canadian government documents could establish important precedents for the conduct of online investigations. On April 21, the Independent Media Center (IMC) in Seattle was served with a sealed court order seeking information about all users who had accessed the group's web server during a 48-hour period. The order, issued by U.S. Magistrate Judge Monica Benton and served by agents of the FBI and U.S. Secret Service, prohibited the IMC from disclosing the existence of the order or the underlying investigation. In response to First Amendment arguments raised by counsel for the organization, Judge Benson lifted the "gag order" on April 27, permitting public discussion of the matter. The other portions of the order, compelling disclosure of user information, remain in effect. The order states that it was issued as part of an "ongoing criminal investigation" into acts that could constitute violations of Canadian law, specifically theft and mischief. Although the order does not provide additional details, the federal agents told IMC volunteers that the investigation concerned the source of either one or two postings which, they said, had been posted to an IMC newswire. These posts, according to the agents, contained documents stolen from a Canadian government agency, including classified information related to the travel itinerary of George W. Bush (who was at that time in Quebec City, participating in Summit of the Americas meetings). Although the agents claimed an interest in only two posts, the court order demands "all user connections logs" for a 48-hour period, which would include individual IP addresses for every person who posted materials to or visited the IMC site during the Quebec protests against the proposed Free Trade Area of the Americas. The Seattle IMC was launched in 1999 to provide grassroots coverage of protests against the WTO; the IMC network now reaches around the world, with dozens of sites scattered across six continents. Each IMC's news coverage centers upon its open-publishing newswire, a system that allows "anyone with access to an Internet connection to become a journalist, reporting on events from his or her own perspective." Recognizing that an order compelling the disclosure of information identifying an indiscriminately large number of users of a website devoted to political discourse raises very serious constitutional issues, EPIC is assisting the IMC as part of its national legal team. The group plans to file a motion seeking to quash the disclosure order. The text of the court order served on the IMC is available at: http://www.indymedia.org/front.php3?article_id=36912 ======================================================================= [3] EPIC Files FOIA Request on First 100 Days on Privacy ======================================================================= Earlier this week, EPIC submitted a series of Freedom of Information Act (FOIA) requests in an effort to determine the Bush administration's commitment to privacy protection during its first 100 days. The requests focus on appointment books of senior officials and transition- al memoranda from the Department of the Treasury, Department of Commerce, Federal Communications Commission, Federal Trade Commission, and the Department of Health and Human Services. Privacy protection was an important element of President Bush's campaign. During the campaign, President Bush articulated strong support for privacy protections. In an Associated Press interview, President Bush called privacy a "fundamental right," and vowed to place privacy protections in law for individuals' sensitive personal information. In other interviews, President Bush referred to himself as a "privacy guy," and said that every American should have "absolute control over his or her personal information." The series of FOIA requests for appointment books should reveal the frequency with which senior agency officials met with lobbyists and other political interests to discuss privacy issues during the first 100 days of the Bush administration. The FOIA requests for transition team memoranda will indicate how Bush Administration officials directed executive agency heads to formulate and execute policies on privacy. The series of EPIC FOIA requests is available at: http://www.epic.org/open_gov/bushadmin/foiarequest.html ======================================================================= [4] Survey Shows Workplace Monitoring Continues to Rise ======================================================================= A new study by the American Management Association (AMA) reveals that workplace surveillance continues to rise. The American Management Association's 2001 Annual Survey on Workplace Monitoring and Surveillance, released on April 18, finds that nearly eighty percent of all major U.S. companies carry out some form of employee monitoring, a dramatic increase from thirty-five percent in 1997. Approximately sixty-three percent of companies review employees' Internet use and forty-seven percent monitor email communications. Furthermore, twenty-five percent of companies say they have fired employees, and sixty-five percent have disciplined, for misuse of these services. Other common forms of surveillance include telephone monitoring and video surveillance. According to the survey, most employers cite legal compliance, legal liability, performance review, productivity measures and security concerns as their top reasons for snooping on their employees. Last year, a bill requiring employers to notify workers of such surveillance was introduced in the U.S. House of Representatives. In a Congressional hearing on the bill, EPIC stated that any workplace surveillance legislation should include strong privacy protection principles in keeping with Fair Information Practices and the International Labour Organization privacy guidelines. A summary of the American Management Association's 2001 Annual Survey on Workplace Monitoring & Surveillance is available at: http://www.amanet.org/research/pdfs/ems_short2001.pdf EPIC's Testimony before the House Judiciary Committee on HR 4908, the Notice of Electronic Monitoring Act, is available at: http://www.epic.org/privacy/wiretap/testimony_0900.html ======================================================================= [5] Subscribe to the EPIC-Digest! ======================================================================= The EPIC-Digest is a weekly compilation of privacy news and information items posted on Privacy.org. Each news item contains a brief abstract and links to news articles and other information. Individuals can subscribe to e-mail delivery of the Digest at the address below. Privacy.org is the site for daily news, information, and initiatives on privacy. The web site is a joint project of the Electronic Privacy Information Center (EPIC) and Privacy International. Subscribe to the EPIC-Digest at: http://www.privacy.org/digest.php ======================================================================= [6] EPIC Bill-Track: New Bills in Congress ======================================================================= *House* H.R.1543. Civil Rights and Employee Investigation Clarification Act. To amend the Fair Credit Reporting Act to exempt certain communications from the definition of consumer report, and for other purposes. Sponsor: Rep Sessions, Pete (R-TX) Latest Major Action: 4/24/2001 Referred to House committee House Financial Services. *Senate* S.705 Health Information Technology and Quality Improvement Act of 2001. A bill to establish a health information technology grant program for hospitals and for skilled nursing facilities and home health agencies, and to require the Secretary of Health and Human Services to establish and implement a methodology under the medicare program for providing hospitals with reimbursement for costs incurred by such hospitals with respect to information technology systems. Sponsor: Sen Schumer, Charles E. (D-NY) Latest Major Action: 4/5/2001 Referred to Senate committee: Senate Finance. EPIC Bill Track: Tracking Privacy, Speech, and Cyber-Liberties Bills in the 107th Congress, is available at: http://www.epic.org/privacy/bill_track.html ======================================================================= [7] EPIC Bookstore - Body of Secrets ======================================================================= Body of Secrets: Anatomy of the Ultra-Secret National Security Agency - From the Cold War Through the Dawn of a New Century, by James Bamford http://www.powells.com/cgi-bin/partner?partner_id=24075&cgi=biblio& show=HARDCOVER:NEW:0385499078:29.95 The NSA is the largest, most secretive, and most powerful intelligence agency in the world. With a staff of 38,000 people, it dwarfs the CIA in budget, manpower, and influence. Recent headlines have linked it to the economic espionage throughout Europe and to the ongoing hunt for the terrorist leader Osama bin Laden. James Bamford first penetrated the wall of silence surrounding the NSA in 1982, with the much-talked-about bestseller The Puzzle Palace. In Body of Secrets, he offers shocking new details about the inner workings of the agency, gathered through unique access to thousands of internal documents and interviews with current and former officials. Unveiling extremely sensitive information for the first time, Bamford exposes the role the NSA played in numerous Soviet bloc Cold War conflicts and discusses its undercover involvement in the Vietnam War. His investigation into the NSA's technological advances during the last fifteen years brings to light a network of global surveillance ranging from on-line listening posts to sophisticated intelligence- gathering satellites. In a hard-hitting conclusion, he warns that the NSA is a two-edged sword. While its worldwide eavesdropping activities offer the potential for tracking down terrorists and uncovering nuclear weapons deals, it also has the capability to listen on global personal communications. For other books recommended by EPIC, browse the EPIC Bookshelf at: http://www.powells.com/features/epic/epic.html ================================ EPIC Publications: "The Consumer Law Sourcebook 2000: Electronic Commerce and the Global Economy," Sarah Andrews, editor (EPIC 2000). Price: $40. http://www.epic.org/cls/ The Consumer Law Sourcebook provides a basic set of materials for consumers, policy makers, practitioners and researchers who are interested in the emerging field of electronic commerce. The focus is on framework legislation that articulates basic rights for consumers and the basic responsibilities for businesses in the online economy. ================================ "Privacy & Human Rights 2000: An International Survey of Privacy Laws and Developments," David Banisar, author (EPIC 2000). Price: $20. http://www.epic.org/phr/ This survey, by EPIC and Privacy International, reviews the state of privacy in over fifty countries around the world. The survey examines a wide range of privacy issues including, data protection, telephone tapping, genetic databases, ID systems and freedom of information laws. ================================ "The Privacy Law Sourcebook 2000: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2000). Price: $40. http://www.epic.org/pls/ The "Physicians Desk Reference of the privacy world." An invaluable resource for students, attorneys, researchers and journalists who need an up-to-date collection of U.S. and International privacy law, as well as a comprehensive listing of privacy resources. ================================ "Cryptography and Liberty 2000: An International Survey of Encryption Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price: $20. http://www.epic.org/crypto&/ EPIC's third survey of encryption policies around the world. The results indicate that the efforts to reduce export controls on strong encryption products have largely succeeded, although several governments are gaining new powers to combat the perceived threats of encryption to law enforcement. ================================ "Filters and Freedom: Free Speech Perspectives on Internet Content Controls," David Sobel, editor (EPIC 1999). Price: $20. http://www.epic.org/filters&freedom/ A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ Additional titles on privacy, open government, free expression, computer security, and crypto, as well as films and DVDs can be ordered through the EPIC Bookstore: http://www.epic.org/bookstore/ ======================================================================= [8] Upcoming Conferences and Events ======================================================================= The First Annual Privacy and Data Protection Summit. Privacy Officers Association. May 2-4, 2001. Arlington, VA. For more information: http://www.privacyassociation.org The 26th Annual AAAS Colloquium on Science and Technology Policy. American Association for the Advancement of Science. May 3-4, 2001. Washington, DC. For more information: http://www.aaas.org/spp/dspp/rd/colloqu.htm Surveillance, Risk, and Social Categorization. The Surveillance Project, Queen's University. May 3-5, 2001. Kingston, Ontario CANADA. For more information: http://qsilver.queensu.ca/sociology/ Surveillance/Workshops_Conferences.htm Future of the Internet: Preserving the Internet's Openness, Freedom, and Diversity. Center for Media Education and Center for Digital Democracy. May 9, 2001. Washington, DC. For more information: agoldman@cme.org The Internet and State Security Forum (ISSF). Cambridge Review of International Affairs. May 19, 2001. Cambridge, England. For more information: http://www.cria.org.uk/ Communication Research and Policy Workshop. Ford Foundation and Computer Professionals for Social Responsibility (CPSR). May 24, 2001. Washington, DC. For more information: http://www.cpsr.org/ICA_workshop It's the Public's Right. National Freedom of Information Coalition. May 25-27, 2001. Newport Beach, CA. For more information: http://www.reporters.net/nfoic/ Call for Papers - June 1, 2001. Summer 2001 Issue on Cybermedicine. John Marshall Journal of Computer and Information Law. For more information: 5simondo@stu.jmls.edu The Internet Security Conference (TISC) 2001. Core Competence, Inc. June 4-8, 2001. Los Angeles, CA. For more information: http://www.tisc2001.com/ INET 2001: A Net Odyssey, Mobility and the Internet. The 11th Annual Internet Society Conference. June 5-8, 2001. Stockholm, Sweden. For more information: http://www.isoc.org/inet2001/ ETHICOMP 2001: Systems of the Information Society. Telecommunications and Informatics Technical University of Gdansk, Poland. June 18-20, 2001. Gdansk, Poland. For more information: http://www.ccsr.cse.dmu.ac.uk/conferences/ccsrconf/ethicomp2001/ ACS/IEEE International Conference on Computer Systems and Applications 2001: Taking Stock of Existing Technology, Charting Future Trends. Lebanese American University. June 25-29, 2001. Beirut, Lebanon. For more information: http://www.lau.edu.lb/news-events/conferences/aiccsa2001.html Democracy Forum 2001: Democracy and the Information Revolution. International Institute for Democracy and Electoral Assistance. June 27-29, 2001. Stockholm, Sweden. For more information: http://www.idea.int/frontpage_forum2001.htm Call for Papers - June 30, 20001. CEPE2001: Computer Ethics, Philosophical Enquiries. Lancaster University (UK). Centre for Study of Technology in Organizations, Institute for Environment, Philosophy and Public Policy. December 14-16, 2001. For more information: http://www.lancs.ac.uk/depts/philosophy/conferences/ Re-shaping the Culture of Research: People, Participation, Partnerships & Practical Tools - Fourth Annual Community Research Network Conference. The Loka Institute. July 6-8, 2001. Austin, TX. For more information: http://www.loka.org/ Call For Submissions - August 3, 2001. Workshop on Security and Privacy in Digital Rights Management 2001. Eighth Association for Computing Machinery (ACM) Conference on Computer and Communications Security. November 5, 2001. For more information: http://www.star-lab.com/sander/spdrm/ ICSC 2001: International Conference on Social Computing. University of Bremen. October 1-3, 2001. Bremen, Germany. For more information: http://icsc2001.informatik.uni-bremen.de/ Privacy2001: Information, Security & Ethics for the New Century. Technology Policy Group. October 3-4, 2001. Cleveland, Ohio. For more information: http://www.privacy2000.org/ Nurturing the Cybercommons, 1981-2001. Computer Professionals for Social Responsibility (CPSR) 20th Annual Meeting. October 19-21, 2001. Ann Arbor, MI. For more information: http://www.cpsr.org/conferences/annmtg01/ Learning for the Future. Business for Social Responsibility's Ninth Annual Conference. November 7-9, 2001. Seattle, WA. For more information: http://www.bsr.org/events/2001.asp ======================================================================= Subscription Information ======================================================================= The EPIC Alert is a free biweekly publication of the Electronic Privacy Information Center. A Web-based form is available for subscribing or unsubscribing at: http://www.epic.org/alert/subscribe.html To subscribe or unsubscribe using email, send email to epic-news@epic.org with the subject: "subscribe" (no quotes) or "unsubscribe". Back issues are available at: http://www.epic.org/alert/ ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your email address from this list, please follow the above instructions under "subscription information". Please contact info@epic.org if you have any other questions. ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, e-mail info@epic.org, http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at http://www.guidestar.org/aol/search/report/report.adp?ein=52-2225921 Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ---------------------- END EPIC Alert 8.08 ----------------------- .