EPIC logo

========================================================================
                               E P I C  A l e r t
========================================================================
Volume 12.21                                          October 20, 2005
------------------------------------------------------------------------

                               Published by the
                  Electronic Privacy Information Center (EPIC)
                               Washington, D.C.

                http://www.epic.org/alert/EPIC_Alert_12.21.html

========================================================================
Table of Contents
========================================================================

[1] Broad Coalition Opposes Joint Marketing, Recruiting Database
[2] Federal Court Blocks Georgia Voter ID Law
[3] EPIC Files "Friend of the Court" Brief in DNA Dragnet Case
[4] FDA Urged to Examine Medical Monitoring Databases
[5] Election Verification Groups Call for Compliance with Voting Laws
[6] News in Brief
[7] EPIC Bookstore: Katherine Albrecht's "Spychips"
[8] Upcoming Conferences and Events

========================================================================
[1] Broad Coalition Opposes Joint Marketing, Recruiting Database
========================================================================

The Electronic Privacy Information Center was joined by more than
100 local, state, and national organizations in urging Secretary of
Defense Donald Rumsfeld to end the Joint Advertising and Market Research
Studies recruiting database.

The groups cited the broad exemptions to federal privacy laws that would
allow the Defense Department to disclose personal information to
others without an individual's consent or knowledge. The proposed uses
include disclosures to law enforcement, state and local tax authorities,
employment queries from other agencies, and foreign authorities.

The database first drew public attention earlier this year when the DOD
placed a request for comments on the project in the Federal Register.
Following the submission of comments on the system of records by privacy
groups, the DOD admitted in a media roundtable that it had in fact
already created the system of records.  Several privacy advocacy groups
expressed dissatisfaction with the DOD for providing such late notice on
the existence of the project.

The DOD acknowledged that the database would include the names, dates of
birth, genders, addresses, telephone numbers, e-mail addresses, Social
Security Numbers, ethnicities, high schools, education levels, colleges,
and intended fields of study for more than 30 million Americans who are
16-25 years old.  This system of records would even go so far as to
record parents' attitudes about military recruitment.

The campaign began by privacy advocacy organizations quickly spread to
include civil liberties, consumer rights, community and peace groups.
Their efforts resulted in a broad coalition of groups who signed the
letter, which included the American Civil Liberties Union, the American
Friends Service Committee, the Bill of Rights Defense Committee, Common
Cause, LeaveMyChildAlone.org, the Liberty Coalition, Rock the Vote, and
the Rutherford Institute.

Coalition Letter Opposing Defense Dept. Database:
     http://www.privacycoalition.org/nododdatabase/letter.html

Background on DOD Recruiting Database:
     http://www.epic.org/privacy/student/doddatabase.html

Graphic (No attribution required):
     http://www.epic.org/graphics/iwantyou_sm.jpg

========================================================================
[2] Federal Court Blocks Georgia Voter ID Law
========================================================================

A federal court in Rome, Georgia prevented enforcement of a state law
that would have required voters to present a government-issued photo ID
card in order to vote.  Judge Harold Murphy of the U.S. District Court
of the Northern District of Georgia held on October 18 that requiring
all voters to obtain an ID amounted to an unconstitutional poll
tax.

Poll taxes, fees collected from voters ostensibly designed to offset
voting administration costs, were long used in the South in order to
prevent African-Americans and other groups from participating in
elections. Poll taxes are prohibited by the 24th Amendment to the
Constitution, passed in 1964.

The Georgia law would have required voters to present a driver's license
or other government photo ID in order to vote. The plaintiffs in this
case argued that the cost of obtaining such an ID ($20-35) was
prohibitive to many poor voters, especially considering additional time
and money lost in the process of obtaining the cards. Georgia has only
58 Department of Driver Services offices to issue ID cards for its 159
counties, denying access to many rural and urban residents. No such
offices, for instance, exist within the city limits of Atlanta.
Potential voters, many without cars or public transportation, would have
to travel dozens of miles to reach an office, where wait times were
lengthy. The plaintiffs, several voting and minorities rights groups,
alleged that these restrictions amounted to a poll tax that would
disadvantage minorities, the poor, and the elderly.

Proponents argued that the law was necessary to prevent voting fraud,
and that exceptions allowed indigent voters to sign an affidavit
declaring that they could not afford the ID fee. The district court
opinion, however, disregarded these arguments. the court noted that the
state had not received a single complaint of voter fraud at the polls in
at least nine years. The court also noted that the state failed to
inform voters of the various provisions of the fee exception, and that
this failure to inform would result in many potential voters not
completing the necessary affidavit.

The court issued a preliminary injunction against enforcement of the
law, meaning that the law cannot be enforced during upcoming municipal
elections in November. Proponents of the law said they were willing to
appeal the decision to the Supreme Court, if necessary. 

Earlier in the year, EPIC opposed the Georgia law before the Justice
Department's Voting Rights Section, which must approve changes to voting
laws in several states.  EPIC argued that the ID requirement amounted to
a poll tax, and adversely affected voters' privacy rights.

Text of the district court's opinion (pdf):
     http://www.acluga.org/briefs/voterID/condensed.pdf

EPIC's Comments to the Department of Justice about the Georgia Voter ID
Plan (pdf):
     http://www.epic.org/privacy/voting/comments_ga_hb244.pdf

EPIC's Voting Privacy page:
     http://www.epic.org/privacy/voting/
	 
========================================================================
[3] EPIC Files "Friend of the Court" Brief in DNA Dragnet Case
========================================================================

EPIC has filed a "friend of the court" brief in a federal case
addressing whether the police may coerce a person to provide a DNA
sample. The brief was submitted just as Congress began to consider
controversial legislation that would expand the scope of DNA profiles in
the FBI's national DNA database.

The case concerns a 2002 DNA dragnet initiated by police in Baton Rouge,
Louisiana during a serial rape-murder investigation. Police targeted men
in southern Louisiana, asking them to provide DNA samples to determine
whether one of them might be the rapist-murderer. By 2003, police had
taken samples from more than 1,200 men in what was the largest DNA
dragnet in U.S. history at the time. At least 15 men, including Shannon
Kohler, declined to let police take a DNA sample. The Baton Rouge Police
Department obtained a warrant to force Mr. Kohler to submit his DNA
sample for the investigation. Mr. Kohler was also identified by the
police and news media as a suspect in the highly publicized
investigation. The police later cleared Mr. Kohler as a suspect.

Mr. Kohler filed suit, alleging that the warrant used to obtain his DNA
was not supported by probable cause. He has asked for his DNA profile to
be removed from any state or federal database and is seeking damages for
the invasion of his privacy in violation of constitutional guarantees
against unreasonable search and seizure. In February 2005, the federal
district court dismissed Mr. Kohler's claim, finding that police had
probable cause based on two anonymous tips and the fact that Mr. Kohler
met "certain elements of an FBI profile," which the court characterized
as "so broad and vague that it cast a net of suspicion over thousands of
citizens."

EPIC's brief before the 5th Circuit Court of Appeals surveys more than
20 DNA dragnets conducted in the United States over the past 15 years.
The brief shows that the investigative technique has failed repeatedly
to identify the intended targets of investigations, but has compromised
the privacy rights of thousands of innocent people.  The brief urges
that clear guidelines be established before the police engage in this
investigative practice.

EPIC's amicus brief in Kohler v. Englade (pdf):
     http://www.epic.org/privacy/kohler/amicus.pdf

More information about the case: 
     http://www.epic.org/privacy/kohler

DNA Fingerprint Act of 2005, S. 1197 Title X:
     http://thomas.loc.gov/cgi-bin/bdquery/z?d109:S.1197:

========================================================================
[4] FDA Urged to Examine Medical Monitoring Databases
========================================================================

The Food and Drug Administration is intensifying scrutiny of
direct-to-consumer marketing of medical products.  Most of the focus is
on television commercials and mass-circulation print advertising of
drugs and other regulated medical products. This week, EPIC warned the
agency that heightened attention to these mass-media areas may result in
drug companies increasing their reliance on databases of personal
information to target individuals for medical products.

EPIC urged the FDA to consider three risks associated with targeted drug
marketing. First, data brokers, companies that amass personal
information and sell it to marketers and others, can enable targeting of
direct-to-consumer advertising to vulnerable populations. For instance,
data brokers have sold "sucker" lists--databases of individuals labeled
as "impulsive," those who have fallen for scams, or those otherwise
lacking the capacity to evaluate a marketing representation. In
September, a major direct marketing publication listed a database of
"impulsive" consumers who purchased a pendant "advertised as having a
fragment of the Eye of Ra inside it," with the belief that the pendant
will "change their life, awaken their inner consciousness and bring them
wealth."

Walter Karl, a list broker that was probed by the Iowa Attorney General,
market a lists of consumers described as: "impulsive buyers: primarily
mature" and "highly impulsive consumers: sure to respond to all of your
low-end offers."  There is a risk that sucker databases will be used
more frequently if the FDA does not scrutinize marketing practices. This
risk is exacerbated by the fact that, unlike mass-circulation print and
broadcast advertising, targeted solicitations are harder for public
health authorities to monitor.

Second, medical information is often gathered in a deceptive fashion.
Consumers are often presented with product warranty or registration
cards that solicit medical information, with the false implication that
completing the card is necessary to enjoy protection for a product.

Finally, this medical information is being gathered outside the
protections of the Health Insurance Portability and Accountability Act's
Privacy Regulations.  Hippo Direct, a company that markets over 100
lists categorized by ailment, gathers medical information in contexts
where privacy law doesn't apply, including: "telephone and mail order
purchase information, rebate coupons, subscription order forms, warranty
card registrations, 800# respondents, sweepstakes entry forms, trade
show/conference attendee rosters, and consumer surveys &
questionnaires." Individuals who give their medical ailment information
to marketers in these contexts have no ability to "opt-out" of the data
collection, to access their data or correct it, or order that the data
be deleted.

The FDA's public forum on these issues is scheduled for November 1st and
2nd in Washington, DC.  Any member of the public may provide written
comment on these issues until February 28, 2006 through the FDA's
website.

EPIC Comments on Medical Marketing Databases:
     http://www.epic.org/privacy/medical/dtcltr10.11.05.html

FDA Information on Direct-to-Consumer Marketing:
     http://www.fda.gov/cder/ddmac/dtc2005/default.htm

========================================================================
[5] Election Verification Groups Call for Compliance with Voting Laws
========================================================================

In a letter dated October 3, EPIC and eight election verification groups
urge that the U.S. Election Assistance Commission fully comply with the
Help America Vote Act (HAVA). The groups object to the commission's
decision to delay a mandate that requires a new testing laboratory
accreditation process for voting systems.

The Commission announced its intention to delay a HAVA-mandated new
testing laboratory accreditation process for voting systems used in
public elections until 2007. HAVA states that the new process should be
in place within six months after new voting system standards are
promulgated.  The deadline for new standards is January 1, 2006.  The
organizations that signed the letter said that HAVA's goal of creating
more reliable, secure, accessible, transparent, accurate, and auditable
public elections would be negatively effected by the Commission's
decision.

The letter asked that the agency follow HAVA's requirements, including
the consultation of the National Institute of Standards and Technology
in creating a new list of labs capable of certifying voting systems used
in public elections. The Institute's role is to narrow the list of
qualified laboratories based on federal laboratory certification
standards.  The Commission would select from that list or provide a
written explanation of why they selected other laboratories to fill this
role.

The Commission is in the final stages of developing voting system
guidelines for the states.

EPIC's Letter (pdf):
     http://www.epic.org/privacy/voting/eac_house100305.pdf

EAC Press Announcement on Laboratory Testing Authorities:
     http://www.eac.gov/VSCP_082305.htm


========================================================================
[6] News in Brief
========================================================================

EU Council of Ministers Requires Telecoms to Keep Traffic Data

The European Council of Ministers agreed recently to require
telecommunications companies to keep records of their traffic data for a
minimum of 12 months. Internet Service Providers would be required to
retain emails and browsing logs for six months.

The decision faces stiff opposition in Europe from EU bodies, IT
industry groups, and public interest organizations. The European
Parliament has also overwhelmingly voted against the data retention
proposal twice in the last few months. Without its approval, the measure
will not have the weight to convince all EU member states to implement
the requirements within their national laws. The European Data
Protection Supervisor, which oversees compliance with data protection
rules, opposed the measure, casting doubt on whether the measure
complies with the two EU Data Protection Directives and the European
Convention of Human Rights. Telecommunications and IT industries have 
objected to the measure because of its high costs and impracticalities. 
Public interest groups, including Privacy International and European
Digital Rights, argue that the measure is invasive, illegal,
illegitimate, and provide only an illusion of security.

A coalition of groups has issued a Joint Declaration on Data Retention
in opposition to the measure.  The Declaration echoes the concerns
expressed by the Parliament, the Data Protection Supervisor, and
industry, and also notes that legal rules on the handling of
communications data must be subject to prior parliamentarian consent.

Joint Declaration on Data Retention:
     http://www.jointdeclaration.com/index.htm

Information Technology Association of America, Letter to the European
Commission (pdf):
     http://www.itaa.org/eweb/upload/FINAL_DataRetentionComments_09062005.pdf

European Digital Rights/Privacy International, Data Retention Is No
Solution: 
     http://www.stopdataretention.com/

EPIC's data retention Web page:
     http://www.epic.org/privacy/intl/data_retention.html

Censorship Software: Made in the USA

The southeast Asian country of Myanmar, previously known as Burma,
intensely monitors and heavily filters the Internet using software
obtained from U.S. antivirus and firewall vendor Fortinet, according to
a report released last week from the OpenNet Initiative. The country
blocks any Web sites that contain any writings that criticize the
government. Fortinet denies the sale; if the company had directly sold
the software to Myanmar, it would have violated a U.S. embargo on
business with the country.

OpenNet Initiative Report: Internet Filtering in Burma in 2005 (pdf):
     http://www.epic.org/redirect/burma.html

Fortinet site:
     http://www.fortinet.com/


Federal Court Preempts Landmark California Financial Privacy Law

A federal district court has held that Fair Credit Reporting Act
supercedes, or "preempts," portions of California's landmark financial
privacy law. The financial services industry challenged the law, known
as SB 1, that allowed Californians to curtail the sale of personal
information among a company's affiliates--companies with the same
ownership or control.  Despite the ruling, provisions of California law
that require opt-in consent before data can be sold to third parties
(non-affiliates) are still valid.

EPIC ABA v. Lockyer Page:
     http://www.epic.org/privacy/preemption/abavlockyer.html


New Consumer Reporting Agency Emerges

A company called Innovis Data Solutions announced its plans to begin
selling personal information it has collected on millions of
individuals.  By marketing and selling credit reports on consumers,
Innovis joins the ranks of the three largest credit reporting agencies:
Equifax, Experian, and TransUnion.  In contrast to these other credit
reporting agencies, however, Innovis's Web site provides little
information on its current activities.  The company also has a history
of secrecy. In the past, Innovis distanced itself from consumers by
stating that consumers are not adversely affected by reports the company
sells on them.  Innovis traditionally sold credit reports not to
lenders, but to direct marketers of credit, loans, and other products
and services.

Innovis site:
     http://www.innovis.com

EPIC's Credit Report page:
     http://www.epic.org/privacy/fcra/


Consumer Coalition for Health Privacy Supports State Privacy Laws

On October 7, the Health Privacy Project and the Consumer Coalition for
Health Privacy pressed the National Institutes of Health's Commission on
Systemic Interoperability not to override state privacy laws.  The
Commission, which is working to create health care information
technology standards, is considering a recommendation to override state
privacy laws that are stronger than the federal Health Information
Portability and Accountability Act. A letter from the coalition noted
that such a proposal was unnecessary and would remove essential
safeguards for patients.

Letter from the Coalition (Microsoft Word)
     http://www.healthprivacy.org/usr_doc/LettertoCommission.doc

The Health Privacy Project: 
     http://www.healthprivacy.org

The Commission on Systemic Interoperability:
     http://www.nlm.nih.gov/csi/csi_home.html


Italian Antiterror Law Hurts Businesses Selling Internet, Phone and Fax
Access

An antiterrorism law passed in Italy this summer is taking a toll on
businesses that offer communications services like Internet, phone, and
fax to the public.  Under the new law, such businesses must apply for a
new license to provide public communications services.  They are also
required to purchase software to log the websites users visit, a list of
which must regularly be turned over to police, and must photocopy the
passports of all customers who use a public communications service.  One
cybercafe owner estimated that the law accounts for a 10 percent drop in
his business.

In addition to expanding communications surveillance, Italy's
antiterrorism law makes it easier for police to detain individuals,
requires that lists of mobile phone users be created to help police
investigate terrorist crimes, and provides fines and jail time for
anyone who purposely covers his or her face in public.

Sofia Celeste, What to Check Your E-Mail in Italy?  Bring Your Passport,
Christian Science Monitor, Oct. 4, 2005:
     http://www.csmonitor.com/2005/1004/p07s01-woeu.html

Privacy and Human Rights 2004, Responding to Terrorism:
     http://www.epic.org/redirect/phr_terrorism.html

Privacy and Human Rights 2004, Italian Republic:
     http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-83522


Accidents Increase at DC Intersections with Cameras

A recent report indicated that accidents actually increased at
Washington DC intersections that had red-light cameras installed. The
cameras, which automatically photograph cars running red lights, are
often promoted as reducing dangerous accidents. However, the report
found that accidents more than doubled at camera-covered intersections,
from 365 in 1998 to 755 in 2004.  Accidents causing injuries and
fatalities at camera-equipped locations also rose 81 percent during this
period.  Stoplights without cameras suffered a 64 percent increase in
accidents and a 54 percent increase in injury and fatal crashes.  The
data contradicts conventional wisdom among camera proponents, which was
that the cameras decrease major accidents even if minor accidents may
rise.  Red light cameras are used in at least 19 states and the District
of Columbia.

Washington Post Study:
     http://www.epic.org/redirect/red-light_study.html

Observing Surveillance: 
     http://www.observingsurveillance.org/

EPIC, ACLU-NC, and EFF Comment on Municipal Network Privacy

The San Francisco, CA, government is in the process of weighing plans to
bridge the digital divide by blanketing the city with wireless Internet
access.  Twenty-four companies have expressed interest in providing
service to the city, but in their submissions, privacy issues were not
fully addressed.

EPIC's West Coast Office partnered with the ACLU of Northern California
and the Electronic Frontier Foundation to urge the city to respect
Internet users' privacy in developing the system.  In a joint letter,
the groups urge San Francisco to protect users' privacy by not tracking
them with unique identifiers from session to session, by not selling
data collected in administering the service, and by resisting subpoenas
and other legal requests for users' data.  The groups also urged the
city to minimize collection of personal information, and to keep server
logs only as long as operationally necessary.

Joint Letter on San Francisco Municipal Wireless:
     http://www.epic.org/privacy/internet/sfws10.19.05.html

========================================================================
[7] EPIC Bookstore: Katherine Albrecht's "Spychips"
========================================================================

Katherine Albrecht, "Spychips: How major corporations and government plan to
track your every move with RFID"

http://www.powells.com/partner/24075/biblio/61-1595550208-0

The privacy movement has been waiting for the book that transforms the
world as did Rachel Carson's "Silent Spring," Michael Harrington's "The
Other America," and Ralph Nader's "Unsafe at Any Speed." It's not yet
clear that Spychips will be that book, but the case can be made that
Spychips is one of the best privacy books in many years.

There are few technologies transforming the world as rapidly as RFID.
The graph for deployment looks something like the right half of the
letter "U." Two years ago hardly anyone mentioned RFID. Today Walmart
and the Department of Defense require major suppliers to include the
"talking ID tag" in all their products. Talk about liftoff.

So, there is a real issue and there are real policy questions. Sure, it
is fine to chip your dog, but what about your daughter or your weird
Aunt Sally? And if the chips aren't actually placed under the skin, as
one Florida company is eager to do, what if the chip is embedded in your
daughter's student ID card or Aunt Sally's prescription bottles? And
what advice do we give to those visiting the United States who may soon
be required to carry an RFID-enabled immigration document? Bring tin
foil?

There is much here for Orwellian paranoia. But what makes Spychips such
a compelling book is that Albrecht and McIntyre stay focused on what is
actually happening today. They are also funny, clever, engaging, and
informative. Much of the best material comes from the other side. If you
really want to be creeped out, take a look at the patent applications
for some of the RFID services on the horizon or attend the trade shows,
listen to the speakers, and read the product announcements. Albrecht and
McIntyre have done all this. Their reporting from behind enemy lines is
first-rate

A good advocacy book also needs good recommendations. The authors cover
these bases well, providing advice for local protests and national
campaigns. Much credit also goes to their organization CASPIAN for
several of the successful organizing efforts.

The privacy movement needs a book. I nominate Spychips.

- Marc Rotenberg


================================

EPIC Publications:

"Privacy & Human Rights 2004: An International Survey of Privacy Laws
and Developments" (EPIC 2004). Price: $50.
http://www.epic.org/bookstore/phr2004

The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource for students,
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world. It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well
as an up-to-date section on recent developments. New materials include
the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the
CAN-SPAM Act.

================================

"FOIA 2004: Litigation Under the Federal Open Government Laws," Harry
Hammitt, David Sobel and Tiffany Stedman, editors (EPIC 2004). Price:
$40. 
http://www.epic.org/bookstore/foia2004

This is the standard reference work covering all aspects of the Freedom
of Information Act, the Privacy Act, the Government in the Sunshine Act,
and the Federal Advisory Committee Act.  The 22nd edition fully updates
the manual that lawyers, journalists and researchers have relied on for
more than 25 years.  For those who litigate open government cases (or
need to learn how to litigate them), this is an essential reference
manual.

================================

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.
http://www.epic.org/bookstore/pvsourcebook

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS).  This
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals for
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more involved in the
WSIS process.

================================

"The Privacy Law Sourcebook 2004: United States Law, International Law,
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:
$40. 
http://www.epic.org/bookstore/pls2004/

The "Physicians Desk Reference of the privacy world."  An invaluable
resource for students, attorneys, researchers and journalists who need
an up-to-date collection of U.S. and international privacy law, as well
as a comprehensive listing of privacy resources.

================================

"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.
http://www.epic.org/bookstore/filters2.0

A collection of essays, studies, and critiques of Internet content
filtering.  These papers are instrumental in explaining why filtering
threatens free expression.

================================

"The Consumer Law Sourcebook 2000: Electronic Commerce and the Global
Economy," Sarah Andrews, editor (EPIC 2000). Price: $40.
http://www.epic.org/cls

The Consumer Law Sourcebook provides a basic set of materials for
consumers, policy makers, practitioners and researchers who are
interested in the emerging field of electronic commerce.  The focus is
on framework legislation that articulates basic rights for consumers and
the basic responsibilities for businesses in the online economy.

================================

"Cryptography and Liberty 2000: An International Survey of Encryption
Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price:
$20.  http://www.epic.org/bookstore/crypto00& 

EPIC's third survey of encryption policies around the world.  The
results indicate that the efforts to reduce export controls on strong
encryption products have largely succeeded, although several governments
are gaining new powers to combat the perceived threats of encryption to
law enforcement.

================================

EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

EPIC Bookstore http://www.epic.org/bookstore

"EPIC Bookshelf" at Powell's Books
http://www.powells.com/features/epic/epic.html

================================

EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents obtained from government agencies under the
Freedom of Information Act.

Subscribe to EPIC FOIA Notes at:
https://mailman.epic.org/cgi-bin/control/foia_notes

========================================================================
[8] Upcoming Conferences and Events
========================================================================

Public Voice Symposium: "Privacy and Data Protection in Latin America -
Analysis and Perspectives."  Launch of the English version of "Privacy
and Human Rights 2005."  October 20-21, 2005, Auditorio Alberto Lleras
Camargo de la Universidad de los Andes, Bogotá, Colombia. Organizers:
Electronic Privacy Information Center (EPIC), Grupo de Estudios en
Internet, Comercio Electrónico, Telecomunicaciones e Informática
(GECTI), Law School of the Universidad de los Andes, Bogotá, Colombia,
Computer Professional for Social Responsibility-Peru (CPSR-Perú). For
more information:
http://www.thepublicvoice.org/events/bogota05/default.html

Privacy Law in the New Millennium: A Tribute to Richard C. Turkington.
Villanova University School of Law. October 29, 2005. Villanova, PA. For
more information:
http://www.law.vill.edu/scholarlyresources/symposiaandcle/

Cryptographic Hash Workshop. National Institute of Standards and
Technology, Computer Security Division.  October 31-November 1, 2005.
Gaithersburg, MD.  For more information:
http://www.csrc.nist.gov/pki/HashWorkshop/index.html

First International Conference on Digital Rights Management: Technology,
Issues, Challenges, and Systems. Telecommunications and Information
Technology Research Institute (University of Wollongong), International
Association for Cryptologic Resaerch, IEEE Task force on Information
Assurance. October 31-November 2, 2005. Sydney, Australia. For more
information: 
http://www.titr.uow.edu.au/DRMTICS2005/

6th Annual Privacy and Security Workshop. Centre for Innovation Law and
Policy (University of Toronto) and the Center for Applied Cryptographic
Research (University of Waterloo). November 3-4, 2005. University of
Toronto. For more information:
http://www.cacr.math.uwaterloo.ca/conferences/2005/psw/announcement.html

Contours of Privacy: Normative, Psychological, and Social Perspectives.
Carleton University. November 5-6, 2005. ottowa, Canada. For more
information: 
http://www.carleton.ca/cove/contours/

12th ACM Conference on Computer and Commnuications Security. Association
for Computing Machinery: Special Interest Group on Security, Audit, and
Control. November 7-11, 2005. Alexandria, VA. For more Information:
http://www.acm.org/sigs/sigsac/ccs/CCS2005/

Regulating Identity Theft and Data Breaches. American Bar Association
Section of Administrative Law and Practice. November 17, 2005.
Washington, DC. For more information:
http://www.abanet.org/adminlaw/conference/2005/home.html

The Federal Bank Regulator's Approach to Data Security. American Bar
Association Section of Administrative Law and Practice. November 17,
2005. Washington, DC. For more information:
http://www.abanet.org/adminlaw/conference/2005/home.html

The World Summit on the Information Society.  Government of Tunisia.
November 16-18, 2005.  Tunis, Tunisia.  For more information:
http://www.itu.int/wsis

Internet Corporation For Assigned Names and Numbers (ICANN) Meeting.
November 30-December 4, 2005.  Vancouver, Canada.  For more information:
http://www.icann.org

Fifth International Conference on Data Mining. IEEE Computer Society.
November 27-30, 2005. Houston, TX.  For more information:
http://www.cacs.louisiana.edu/~icdm05/

First International Conference on Availability, Reliability and
Security. Vienna University of Technology. April 20-22, 2006. Vienna,
Austria. For more inofrmation: http://www.ifs.tuwien.ac.at/ares2006/

======================================================================
Subscription Information
======================================================================

Subscribe/unsubscribe via web interface:

https://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news

Back issues are available at:

http://www.epic.org/alert

The EPIC Alert displays best in a fixed-width font, such as Courier.

========================================================================
Privacy Policy
========================================================================

The EPIC Alert mailing list is used only to mail the EPIC Alert and to
send notices about EPIC activities.  We do not sell, rent or share our
mailing list.  We also intend to challenge any subpoena or other legal
process seeking access to our mailing list.  We do not enhance (link to
other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list, please follow the above instructions under "subscription
information."

========================================================================
About EPIC
========================================================================

The Electronic Privacy Information Center is a public interest research
center in Washington, DC.  It was established in 1994 to focus public
attention on emerging privacy issues such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research.  For more information, see http://www.epic.org or write
EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202
483 1140 (tel), +1 202 483 1248 (fax).

If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible.  Checks
should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009.  Or you can contribute online at:

http://www.epic.org/donate

Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation of encryption and
expanding wiretapping powers.

Thank you for your support.

------------------------- END EPIC Alert 12.21 -------------------------

.