EPIC logo

========================================================================
                           E P I C  A l e r t
========================================================================
Volume 12.25                                           December 16, 2005
------------------------------------------------------------------------

                            Published by the
               Electronic Privacy Information Center (EPIC)
                            Washington, D.C.
							
             http://www.epic.org/alert/EPIC_Alert_12.25.html
			 
                       PATRIOT ACT FUTURE UNCLEAR
					   
The Senate today failed to vote on renewal of the Patriot Act following
revelations that the President authorized electronic surveillance of
Americans citizens without judicial approval. Check the EPIC web site
for breaking news.

========================================================================
Table of Contents
========================================================================
[1] EPIC Discusses Newly Released Patriot Act Documents
[2] EPIC FOIA Documents Reveal DHS Knew of High-Tech Passport Flaws
[3] Groups Comment on Parent Locator Database
[4] Cybercrime Treaty Before Senate
[5] Proposed IRS Rules Limit Outsourcing, Expand Other Disclosures 
[6] News in Brief
[7] EPIC Bookstore and Privacy Gift Guide
[8] Upcoming Conferences and Events

========================================================================
[1] EPIC Discusses Newly Released Patriot Act Documents
========================================================================

EPIC held a press conference on December 13 to discuss documents about
the Patriot Act recently obtained through a Freedom of Information Act
lawsuit against the Department of Justice.  The event was hosted by the
Fund for Constitutional Government.

The documents show FBI officials expressing frustration that the Office
of Intelligence Policy and Review--a Department of Justice check on FBI
authority--had not approved applications for Section 215 orders, the
so-called "library records" provision.  However, a 2004 memo refers to
"recent changes" allowing the FBI to "bypass" the office.

Other records obtained by EPIC in October though this lawsuit revealed
investigations conducted for months without proper reporting or
oversight, an FBI agent's seizure of financial records in violation of
federal privacy law, and an unidentified intelligence agency's unlawful
physical search (see EPIC Alert 12.22).

Last month, the federal judge presiding over the case stated that the
FBI's responses to EPIC's request so far "have been unnecessarily slow
and inefficient."  The FBI is under court order to process 1,500 pages
every fifteen calendar days (see EPIC Alert 12.23).  Processing is
expected to be complete within a few months.

Congress is currently considering whether to renew key provisions of the
Patriot Act, including Section 215.  EPIC urged Congress to extend the
deadline for renewal until more information is made public about how the
FBI has used its expanded investigative powers.

Documents About the PATRIOT Act Obtained by EPIC Under the Freedom of
Information Act:

     http://www.epic.org/privacy/terrorism/usapatriot/foia

EPIC's FOIA request (pdf):

     http://www.epic.org/redirect/fbi_foia_request.html

EPIC v. Department of Justice, Judge Kessler's Order (pdf):

     http://www.epic.org/privacy/terrorism/usapatriot/kessler_order.pdf

EPIC's Statement on Patriot Act Renewal (pdf):

     http://www.epic.org/redirect/epic_patriot_renewal.html

========================================================================
[2] EPIC FOIA Documents Reveal DHS Knew of High-Tech Passport Flaws
========================================================================

According to documents obtained by EPIC under the Freedom of Information
Act, the Department of Homeland Security has found significant problems
with new hi-tech passports. Tests conducted last year revealed that
"contactless" passports embedded with radio frequency identification
(RFID) technology create difficulties for border inspectors. EPIC
previously has highlighted flaws in the E-Passport and, in light of
these FOIA documents, submitted comments urging the abandonment of the
use of RFID technology in E-Passports.

In April 2005, EPIC, the Electronic Frontier Foundation, and other
groups wrote comments urging the State Department to abandon its
E-Passport proposal, because it would have made personal data contained
in high-tech passports vulnerable to unauthorized access. The State
Department reevaluated the E-Passport plan after receiving a storm of
criticism, but the proposal is going forward. By October 2006, almost
all U.S. passports will include an RFID-enabled chip containing about a
unique identification number for the passport holder.

Proponents claimed that E-Passports would improve the inspection process
at the borders, but the EPIC FOIA documents suggest otherwise. Among the
listed problems: "Insufficient power to read all variations of chips on
many readers," "Most units required knowledge of where chip was in order
to perform accurate read, required substantial manipulation of the
passport," "Footprint of the units interferes with inspector
operations," and "Some readers required the inspector to hold the
passport firmly against the unit in order to perform the read. This
means the inspector is not able to perform other parts of the
inspection."

Although Homeland Security states that "[i]nspectors must keep their
eyes on the traveler at all times," the E-Passports take the inspectors'
attention away from travelers. The tests found that  "[i]nstructions on
the reader distract the inspector, e.g. electronic displays," and
"[r]eaders require too much attention and time on the part of the
inspector," according to the EPIC FOIA documents.

EPIC's December 2005 Comments About Hi-Tech Passports (pdf):

     http://www.epic.org/privacy/us-visit/comm120605.pdf

Documents About Hi-Tech Passports Obtained by EPIC Under FOIA (pdf):

     http://www.epic.org/privacy/us-visit/foia/mockpoe_pp.pdf

EPIC, EFF, et. al. April 2005 Comments About E-Passport Proposal (pdf):

     http://www.epic.org/privacy/rfid/rfid_passports-0405.pdf

EPIC's RFID Page:

     http://www.epic.org/privacy/rfid/


========================================================================
[3] Groups Comment on Parent Locator Database
========================================================================

EPIC was joined by the Privacy Rights Clearinghouse and World Privacy
Forum in recommending accountability and accuracy improvements for
government access to "parent locator services." These services, which
were first implemented to locate "deadbeat dads," have expanded to
include an incredible array of personal information. In some states, all
parents are tracked by such databases, not just individuals who have
failed to meet support obligations. Comments by the groups were
submitted to the Office of Child Support Enforcement within the larger
Department of Health and Human Services.

EPIC and the groups argued that since parent locator databases contain
so much sensitive information, heightened accountability and accuracy
rules are needed to check abuse. Two recent incidents support heightened
scrutiny of such databases. First, an HHS employee recently pled guilty
in a case where she used databases to shield her prostitution business
from police. The employee had access to LexisNexis databases through her
job as a bill collector for the Center for Medicaid Services, and used
the information to ensure that her clients were not police officers.

Second, errors in child support enforcement databases sometimes subject
innocent people to the stigma of being labeled a "deadbeat dad." In one
such case, a San Mateo, CA man has been repeatedly pursued by county
child support enforcement agencies, despite the fact that the agencies
know he is not the father of the unsupported child. Child enforcement
authorities have attempted to place levies on his paycheck at least
three times.

To help prevent insider employee misuse of the databases, the groups
suggested that an immutable audit log be established to document who
accesses personal information and why. Such auditing systems can deter
misuse of databases, and aid in the investigation of wrongdoing.

The groups also suggested that the agency establish more specific
accuracy provisions, particularly in regard to the use of "commercial
data brokers." Commercial data brokers are companies that collect and
sell personal information to the government, private investigators, and
businesses. In recent studies, several commercial data brokers'
databases have been shown to have serious errors. Accordingly, the
groups argued that the agency should not simply rely upon the accuracy
of these databases, but rather establish standards to prevent
individuals from being falsely associated with child enforcement claims.

Comments by EPIC, Privacy Rights CLearinghouse, and World Privacy Forum
on Parent Locator Databases:

     http://www.epic.org/privacy/poverty/ocse121305.html


========================================================================
[4] Cybercrime Treaty Before Senate
========================================================================

The Council of Europe's Convention on Cybercrime is still pending before
the full U.S. Senate, which must ratify the treaty before it takes
effect in the U.S. After the Senate Committee on Foreign Relations
rapidly approved the treaty in November, a "hold" was placed on it, to
prevent an immediate and unannounced vote on the plenary floor of the
Senate. The Committee had organized a hearing in June 2004 to discuss
the ratification of the treaty, but it was held without substantive
debate, and only included supporters representing government agencies.

In public letters to the Committee on Foreign Relations, EPIC has twice
urged the Senate to oppose ratification of the Cybercrime Convention.
EPIC cited the sweeping expansion of law enforcement authority, the
threat to core United States civil liberties interests, and the lack of
adequate safeguards for privacy.

Most importantly, the Cybercrime Convention lacks a "dual-criminality"
provision, under which an activity must be considered a crime in both
countries before one state can demand cooperation from another. The
treaty would thus require U.S. law enforcement authorities to cooperate
with a foreign police force even when such an agency is investigating an
activity that is perfectly legal in the U.S. The Convention lets
signatory States the possibility to amend it by specifically requiring
dual criminality, but neither the administration nor the Senate
Committee considered doing so. Opponents of a dual criminality provision
fear that such a provision might reduce cooperation from foreign
authorities to obtain electronic evidence about offenses other countries
do not criminalize, such as money laundering, racketeering, and
conspiracy.

EPIC's letter states that the Cybercrime Convention is much more like a
law enforcement "wish list" than an international instrument truly
respectful of human rights. The Convention fails to respect fundamental
tenets of human rights espoused in previous international conventions,
such as the 1948 Universal Declaration of Human Rights and the 1950
Convention for the Protection of Human Rights and Fundamental Freedoms.
The Convention creates more invasive structures for law enforcement
activity without providing corresponding oversight and accountability.
While the Convention is very specific about new authorities to pursue
investigations, it contains only vague generalities with regard to legal
rights.

EPIC's 2005 letter to the Foreign Relations Committee (pdf):

     http://www.epic.org/privacy/intl/senateletter-072605.pdf

EPIC's 2004 letter to the Foreign Relations Committee (pdf):

     http://www.epic.org/privacy/intl/senateletter-061704.pdf

EPIC's page on The Council of Europe's Convention on Cybercrime:

     http://www.epic.org/privacy/intl/ccc.html


========================================================================
[5] Proposed IRS Rules Limit Outsourcing, Expand Other Disclosures
========================================================================

On December 8, the IRS issued a notice of proposed rulemaking, which
outlined significant changes to the ways in which tax preparers can
share taxpayer information. The most heralded portions of the proposed
rules require a taxpayer's written consent before a preparer can send
the taxpayer's information to co-workers or employees outside of the
United States.  These additional protections were added because of the
difficulty in prosecuting overseas preparers who abuse taxpayer
information. Congressman Edward Markey (D-MA), an early proponent on
limiting the outsourcing of tax preparation services, praised the new
rules in a statement released at the same time.

However, the proposed changes also increase the ways in which income tax
preparers can share taxpayer information within the United States.  For
example, preparers can now share information with contractors or other
preparers without notifying the taxpayer. Also, lawyers or accountants
that prepare tax returns would be able to disclose the information to
third parties without notifying the taxpayer, if the disclosures were
made in the normal course of business.  Currently, a lawyer or
accountant must have the taxpayer's express or implied consent before
giving out tax return information.

The new rules also would allow preparers limited use of taxpayer
information for marketing and solicitation purposes, so long as the
taxpayer provides consent. Current regulations strictly limit the types
of solicitations that preparers can make.

The proposed rules also limit the criminal liability for improper
disclosures.  While current regulations impose a criminal penalty for
any improper disclosure of taxpayer information the new rules would
require that the disclosure be made “knowingly or recklessly” for there
to be criminal charges.

The IRS is requesting comments on the proposed rules by March 8, 2006. 
In addition, the IRS will be holding a public hearing on April 4, 2006. 
Those who wish to present oral comments at the hearing must submit
written or electronic comments by March 8, and must also provide an
outline of the topics to be discussed by March 14.  More information is
available in the IRS's Notice.

IRS Notice of Proposed Rulemaking (pdf):

     http://www.irs.gov/pub/irs-regs/13724302.pdf

Further Proposed Guidelines on Notice (pdf):

     http://www.irs.gov/pub/irs-drop/n-05-93.pdf

Representative Markey's Statement:

     http://www.irs.gov/newsroom/article/0,,id=151372,00.html


========================================================================
[6] News in Brief
========================================================================

House Immigration Bill Includes National ID Plans

The House Judiciary Committee has approved immigration reform bill,
sponsored by REAL ID Act architect Rep. James Sensenbrenner, which would
require a study on creating a machine-readable Social Security card and
a Homeland Security database containing information on the employment
eligibility of all citizens and non-citizens. EPIC testified earlier
this year against the far-reaching plans. EPIC said that the
machine-readable card would become a de facto identification card if, as
the bill suggests, employers were forced to use the machine-readable SSN
card for employment verification. The SSN was never intended to be a
national identifier, and should not be used as such, EPIC said.

EPIC's May 2005 Testimony on Employment IDs (pdf):

     http://www.epic.org/privacy/ssn/51205.pdf

H.R. 4437: Border Protection, Antiterrorism, and Illegal Immigration
Control Act of 2005:

     http://thomas.loc.gov/cgi-bin/query/z?c109:H.R.4437:

H.R. 98: The Illegal Immigration Enforcement and Social Security
Protection Act of 2005:

     http://thomas.loc.gov/cgi-bin/query/z?c109:H.R.98:

EPIC's National ID and REAL ID Act page:

     http://www.epic.org/privacy/id_cards/


EU Passes Data Retention Measures

On December 14, the European Parliament approved a proposal that
requires service providers to store customers' records for law
enforcement for two years. The data retention proposal, billed as a
crime and terrorism measure, mandates the storage of phone location
data, time and duration of calls, details of Internet connections, and
the details--but not the content--of email and Internet telephony calls.
The measures must still be formally approved by member states. Privacy
groups such as European Digital Rights and EPIC have continually opposed
the measures as treating all European citizens as criminals. Privacy
advocates also say that the measures do little to stem actual crime and
terror. Telecoms have also opposed the measures on the grounds that the
two-year storage is very costly, and governments have not committed to
paying any part of the costs required by the measure.

EPIC's International Data Retention Page

     http://www.epic.org/privacy/intl/data_retention.html

European Digital Rights:

     http://www.edri.org/


FTC Levies Record-Setting Fine Against DirecTV
 
The Federal Trade Commission announced this week that it secured the
largest money settlement ever in a Do-Not-Call telemarketing suit.
DirecTV, a satellite television provider, agreed to pay a $5.3 million
fine for violations of the Telemarketing Sales Rule. DirectTV's
telemarketing partners were calling individuals on the Do-Not-Call
Registry. The partners were also "abandoning" calls, that is, initiating
a telemarketing call but then hanging up before the consumer could
answer. DirecTV was alleged to have provided "substantial assistance or
support" to these companies that were violating telemarketing laws. The
settlement agreement announced this week does not conclude ongoing
litigation against an additional seven telemarketing companies that
partnered with DirecTV.
 
FTC DirecTV Settlement Page:
 
     http://www.ftc.gov/opa/2005/12/directv.htm
 
EPIC Telemarketing Resources:
 
     http://www.epic.org/privacy/telemarketing/


30,000 Travelers Improperly Matched to Terrorist Watch Lists

At least 30,000 air passengers have been improperly matched to names on
federal watch lists since last November, according to Jim Kennedy, head
of the Transportation Security Administration redress office. Each of
the 30,000 individuals submitted personal information and identification
documents to the agency in hopes of resolving their misidentification
problems, and were issued letters to help them clear security more
quickly. A few dozen more people were unable to benefit from this
redress process.  Kennedy provided the information at a meeting of the
Department of Homeland Security's Data Privacy and Integrity Advisory
Committee in Washington last week. In related news, a Swedish newspaper
cited European airline sources as saying that 80,000 names were on the
watch list provided by the U.S. government to airlines for passenger
screening.

Department of Homeland Security Data Privacy and Integrity Advisory
Committee:

     http://www.dhs.gov/dhspublic/interapp/editorial/editorial_0512.xml

EPIC Watch List FOIA Page:

     http://www.epic.org/privacy/airtravel/foia/watchlist_foia_analysis.html


Court Hears Arguments in Air Travel Identification Case

The Ninth Circuit Court of Appeals recently heard oral arguments in
Gilmore v. Gonzales, a case challenging an unpublished federal
requirement that passengers show ID before boarding commercial
airplanes. Plaintiff John Gilmore was not allowed to board a domestic
flight because he refused to produce ID at the airport. Authorities also
refused to show Gilmore the TSA regulation that apparently required him
to show ID. Justice Department lawyers continue to insist that the
government need not disclose the law, since the regulation is a "law
enforcement technique" involving "sensitive security information." EPIC
filed a "friend of the court" brief in the case last year, arguing that
meaningful judicial review is necessary to prevent the government from
imposing secret law upon the public in violation of constitutional due
process rights.

Gilmore v. Gonzales web site:

     http://www.papersplease.org/gilmore

EPIC's amicus brief (pdf):

     http://www.epic.org/privacy/airtravel/gilmore_amicus.pdf


Senator Seeks Alito Documents Withheld by the Justice Department

Senator Patrick Leahy has urged the Department of Justice to release
documents withheld under the Freedom of Information Act concerning
Supreme Court nominee Samuel Alito. In a letter to the Attorney General
last week, Senator Leahy asked that the Senate Judiciary Committee be
provided with all information withheld under the law, pointing out that
Freedom of Information Act exemptions do not apply to the Senate in its
consideration of presidential nominations. Senator Leahy stated that the
Department of Justice must produce the information quickly if the Senate
is to review Judge Alito's nomination in a timely manner.

Senator Leahy's letter:

     http://leahy.senate.gov/press/200512/120705.html


Wikipedia Entry Sparks Anonymity, Privacy Debate

In November, John Seigenthaler, Sr., founder of the First Amendment
Center and the founding editorial director of USA Today, found false
information on an entry about him in Wikipedia, an online encyclopedia
that can be edited by any visitor to its site. Seigenthaler complained
of being unable to find the source of the misinformation, which was
placed in the article anonymously. When the author later came forward
and apologized, Seigenthaler accepted the apology, but continued to have
reservations about Wikipedia's open and anonymous nature, including the
threat that online defamation of political figures might spur government
regulation of the Internet.

Seigenthaler did note, however, that he could have filed suit against a
"John Doe" and obtained the author's information via a subpoena. While
such methods may deter online defamation, they may also chill legitimate
criticism. Online whistle-blowers can be identified through the use of
bogus "John Doe" defamation suits. Once the whistle-blower is
identified, the suit can be dropped, and retaliation takes place outside
of the legal system.

Wikipedia Entry on Seigenthaler:

     http://en.wikipedia.org/wiki/John_Seigenthaler_Sr.

EPIC's Internet Anonymity page:

     http://www.epic.org/privacy/anonymity/


========================================================================
[7] EPIC Bookstore and Privacy Gift Guide
========================================================================
With the holiday season upon us, EPIC is happy to help you find the
perfect gift for the privacy activists on your shopping list.  We've
made a list of privacy gifts you can give to yourself and others this
year. Note: some of these gift ideas are sold by online retailiers not
afiiliated with EPIC. We therefore cannot guarantee their business (or
privacy) practices. As always, take care when shopping online to protect
your personal information! Enjoy, and happy holidays from EPIC!

Disappearing Civil Liberties Mug

A full copy of the Bill of Rights is printed on this mug. But just add a
little heat--by pouring in a hot beverage, or just a lot of hot air--and
watch your civil liberties disappear!

     http://www.uncommongoods.com/item/item.jsp?itemId=13857


Your Free Credit Report

Here's a gift you can give yourself at any time of year, and it's
absolutely free! Go to www.annualcreditreport.com and you'll be able to
see what lenders, landlords, and others see when they request
information about you. You can use this valuable tool to check for and
correct inaccuracies that can affect your business interactions. Also,
check for new accounts that have been opened without your knowledge or
consent--these may be signs of identity theft. The Fair and Accurate
Credit Transactions Act (FACTA) says you can get your free credit report
at least once a year with no charge.

     http://www.annualcreditreport.com

     http://www.epic.org/privacy/fcra/


Bill of Rights, Security Edition

Carry your own copy of the first ten Amendments to the U.S. Constitution
in your pocket.  When passing through one of the ubiquitous metal
detectors today, feel free to toss the Bill of Rights into the basket
with your keys and watch.  Each copy of your own galvanized rights costs
$4; a pack of 3 is $9.99.

     http://www.securityedition.com/


Books from the EPIC Bookstore

Over the past year, EPIC has read and reviewed a number of excellent new
books on privacy and civil liberties in the computer age.  Here, we've
listed some of our favorites. Of course, you can always pick from the
many excellent EPIC publications listed below, too.


Robert Ellis Smith, "Compilation of State and Federal Privacty Laws"

     http://www.privacyjournal.net/work1.htm

"This 106-page reference book has just been updated, describing more than
700 state and federal laws on privacy and surveillance. A description
and a legal citation is provided for each law. The laws are grouped by
category, then listed alphabetically by state.  The 2005 Supplement,
published in December 2005, includes scores of new laws on identity
theft, medical records, 'credit freezes,' 'Security-breach
notifications,' spam, and use of Social Security numbers."


Dan Tynan, "Computer Privacy Annoyances: How to Avoid the Most Annoying
Invasions of Your Personal and Online Privacy"

     http://www.powells.com/partner/24075/biblio/0596007752

Dan Tynan's Computer Privacy Annoyances gets it right: the book provides
excellent advice on how to protect privacy without turning the reader
into a paranoid.  The book has one of the best "top ten" steps to
protect privacy to date.  He covers privacy at home, work, and on the
Internets.  He also covers privacy in public, an increasingly important
topic in an age of ubiquitous cameras and nagging offline requests for
personal data at retail stores.  A prescient section of the book
discusses the privacy risks associated with social network software,
systems that many even in the privacy community have adopted.


Katherine Albrecht, "Spychips: How major corporations and government
plan to track your every move with RFID"

     http://www.powells.com/partner/24075/biblio/61-1595550208-0

The privacy movement has been waiting for the book that transforms the
world as did Rachel Carson's "Silent Spring," Michael Harrington's "The
Other America," and Ralph Nader's "Unsafe at Any Speed." It's not yet
clear that Spychips will be that book, but the case can be made that
Spychips is one of the best privacy books in many years.

There are few technologies transforming the world as rapidly as RFID…
There is much here for Orwellian paranoia. But what makes Spychips such
a compelling book is that Albrecht and McIntyre stay focused on what is
actually happening today. They are also funny, clever, engaging, and
informative.


Robert O'Harrow, "No Place to Hide"

     http://www.powells.com/partner/24075/biblio/62-0743254805-0

Journalist Robert O'Harrow's first book, No Place to Hide, is a
Washington insider's exposé of how the fast-developing data collection,
analysis, and identification technologies first developed for the
marketing industry are increasingly used for law enforcement purposes
since 9/11.


Johnny Long, "Google Hacking for Penetration Testers"

     http://www.powells.com/partner/24075/biblio/4-1931836361-0

Johnny Long's "Google Hacking for the Penetration Testers" is an
excellent resource on the Google Internet search engine. Anyone who
uses Google should read the first two chapters of this book, as it
explains the basic and more advanced search techniques available. After
chapter two, things get interesting. Long explains how to use Google to
access information anonymously, and then dives into discovering site
vulnerabilities and personal information on the Internet. It concludes
with common-sense approaches to securing your own servers against the
search techniques explained earlier in the book.

Mari J. Frank, "From Victim To Victor: A Step By Step Guide For Ending
the Nightmare of Identity Theft"

     http://www.powells.com/partner/24075/biblio/17-1892126044-1

"With 10 million new victims a year, there is a vast need for people to
have legal help at a reasonable price. As a lawyer and former victim
herself, who has helped thousands of victims, Ms. Frank coaches and
guides you through every step, to lead you out of the nightmare. Mari
Frank had created the first self-help recovery tool for victims of
identity theft back in 1998, and this new edition with CD includes the
new federal laws and regulations in an easy to understand format."


Lawrence Lessig, "Free Culture: How Big Media Uses Technology and the
Law to Lock Down Culture and Control Creativity"

     http://www.powells.com/partner/24075/biblio/1594200068

"A landmark manifesto about the genuine closing of the American mind.

Lawrence Lessig could be called a cultural environmentalist. One of
America's most original and influential public intellectuals, his focus
is the social dimension of creativity: how creative work builds on the
past and how society encourages or inhibits that building with laws and
technologies...In Free Culture, he widens his focus to consider the
diminishment of the larger public domain of ideas. In this powerful
wake-up call he shows how short-sighted interests blind to the long-term
damage they're inflicting are poisoning the ecosystem that fosters
innovation."

Stephen G. Breyer, "Active Liberty: Interpreting Our Democratic
Constitution"

     http://www.powells.com/partner/24075/biblio/0307263134

"It is a historic occasion when a Supreme Court justice offers, off the
bench, a new interpretation of the Constitution. Active Liberty, based
on the Tanner lectures on Human Values that Justice Stephen Breyer
delivered at Harvard University in November 2004, defines that term as a
sharing of the nation's sovereign authority with its citizens. Regarding
the Constitution as a guide for the application of basic American
principles to a living and changing society rather than as an arsenal of
rigid legal means for binding and restricting it, Justice Breyer argues
that the genius of the Constitution rests not in any static meaning it
might have had in a world that is dead and gone, but in the adaptability
of its great principles to cope with current problems."


A Contribution to EPIC

One final gift suggestion: If someone on your list is truly serious
about protecting civil liberties, they'll definitely appreciate a
contribution made to EPIC in their name (so will we!). They'll be glad
to know that your contribution will help us continue our work towards
protecting the ideals of privacy, free expression, and open government.
And if they're a real supporter of privacy rights, they'll be glad to
know that we don't rent, loan, trade, release or otherwise make
available the names of our individual contributors. You can donate by
credit card, check, or even via Paypal.

     http://www.epic.org/donate/

================================

EPIC Publications:

"Privacy & Human Rights 2004: An International Survey of Privacy Laws
and Developments" (EPIC 2004). Price: $50.
http://www.epic.org/bookstore/phr2004

This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy in over
60 countries around the world.  The report outlines legal protections,
new challenges, and important issues and events relating to privacy. 
Privacy & Human Rights 2004 is the most comprehensive report on privacy
and data protection ever published.

================================

"FOIA 2004: Litigation Under the Federal Open Government Laws," Harry
Hammitt, David Sobel and Tiffany Stedman, editors (EPIC 2004). Price:
$40.
http://www.epic.org/bookstore/foia2004

This is the standard reference work covering all aspects of the Freedom
of Information Act, the Privacy Act, the Government in the Sunshine Act,
and the Federal Advisory Committee Act.  The 22nd edition fully updates
the manual that lawyers, journalists and researchers have relied on for
more than 25 years.  For those who litigate open government cases (or
need to learn how to litigate them), this is an essential reference
manual.

================================

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.
http://www.epic.org/bookstore/pvsourcebook

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS).  This
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals for
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more involved in the
WSIS process.

================================

"The Privacy Law Sourcebook 2004: United States Law, International Law,
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:
$40.
http://www.epic.org/bookstore/pls2004/

The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource for students,
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world. It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well
as an up-to-date section on recent developments. New materials include
the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the
CAN-SPAM Act.

================================

"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.
http://www.epic.org/bookstore/filters2.0

A collection of essays, studies, and critiques of Internet content
filtering.  These papers are instrumental in explaining why filtering
threatens free expression.

================================

"The Consumer Law Sourcebook 2000: Electronic Commerce and the Global
Economy," Sarah Andrews, editor (EPIC 2000). Price: $40.
http://www.epic.org/cls

The Consumer Law Sourcebook provides a basic set of materials for
consumers, policy makers, practitioners and researchers who are
interested in the emerging field of electronic commerce.  The focus is
on framework legislation that articulates basic rights for consumers and
the basic responsibilities for businesses in the online economy.

================================

"Cryptography and Liberty 2000: An International Survey of Encryption
Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price:
$20.
http://www.epic.org/bookstore/crypto00&

EPIC's third survey of encryption policies around the world.  The
results indicate that the efforts to reduce export controls on strong
encryption products have largely succeeded, although several governments
are gaining new powers to combat the perceived threats of encryption to
law enforcement.

================================

EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

EPIC Bookstore http://www.epic.org/bookstore

"EPIC Bookshelf" at Powell's Books
http://www.powells.com/features/epic/epic.html

================================

EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents obtained from government agencies under the
Freedom of Information Act.

Subscribe to EPIC FOIA Notes at:
https://mailman.epic.org/cgi-bin/control/foia_notes


========================================================================
[8] Upcoming Conferences and Events
========================================================================

Ensuring Privacy and Secuurity of Consumer Information. American
Conference Institute. January 26-27, 2006. New York, New York. For more
information:
http://www.americanconference.com/privacy

Privacy in the Information Age: Databases, Digital Dossiers, and
Surveillance. High Tech Law Institute, Santa Clara University. January
27, 2006. Santa Clara, California. For more information:
http://www.scu.edu/techlaw/Symposium2006.html

First International Conference on Availability, Reliability and
Security. Vienna University of Technology. April 20-22, 2006. Vienna,
Austria. For more inofrmation:
http://www.ifs.tuwien.ac.at/ares2006/

Data Devolution: Corporate Information Security, Consumers and the
Future of Regulation. Fredric G. Levin College of Law, University of
Florida. February 3-4, 2006. Gainesville, Florida. For more information:
http://www.centerforinformationresearch.org/pages/3/index.htm

Beyond the Basics: Advanced Legal Topics in Open Source and
Collaborative Development in the Global Marketplace. University of
Washington School of Law. March 21, 2006. Seattle, Washington. For more
information:
http://www.law.washington.edu/lct/Events/FOSS/

Making PKI Easy to Use. National Institutes of Health. April 4-6, 2006.
Gaithersburg, Maryland. For more information:
http://middleware.internet2.edu/pki06/

First International Conference on Availability, Reliability and
Security. Vienna University of Technology. April 20-22, 2006. Vienna,
Austria. For more inofrmation:
http://www.ifs.tuwien.ac.at/ares2006/

CHI 2006 Workshop on Privacy-Enhanced Personalization. UC Irvine
Institute for Software Research and the National Science Foundation.
April 22-23. Montreal, Quebec, Canada. For more information:
http://www.isr.uci.edu/pep06/

The First International Conference on Legal, Security and Privacy Issues
in IT (LSPI). CompLex. April 30-May 2, 2006. Hamburg, Germany. For more
information:
http://www.kierkegaard.co.uk/

International Conference on Privacy, Security, and Trust (PST 2006).
University of Ontario Institute of Technology. October 20-November 1,
2006. Oshawa, Ontario, Canada. For more information:
http://www.businessandit.uoit.ca/pst2006/


======================================================================
Subscription Information
======================================================================

Subscribe/unsubscribe via web interface:

https://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news

Back issues are available at:

http://www.epic.org/alert

The EPIC Alert displays best in a fixed-width font, such as Courier.

========================================================================
Privacy Policy
========================================================================

The EPIC Alert mailing list is used only to mail the EPIC Alert and to
send notices about EPIC activities.  We do not sell, rent or share our
mailing list.  We also intend to challenge any subpoena or other legal
process seeking access to our mailing list.  We do not enhance (link to
other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list, please follow the above instructions under "subscription
information."

========================================================================
About EPIC
========================================================================

The Electronic Privacy Information Center is a public interest research
center in Washington, DC.  It was established in 1994 to focus public
attention on emerging privacy issues such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research.  For more information, see http://www.epic.org or write
EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202
483 1140 (tel), +1 202 483 1248 (fax).

If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible.  Checks
should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009.  Or you can contribute online at:

http://www.epic.org/donate

Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation of encryption and
expanding wiretapping powers.

Thank you for your support.

------------------------- END EPIC Alert 12.25 -------------------------

.