You are here:
WorldLII >>
Databases >>
EPIC Alert >>
1998 >>
[1998] EPICAlert 9
Database Search
| Name Search
| Recent Articles
| Noteup
| LawCite
| Help
EPIC Alert 5.09 [1998] EPICAlert 9
EPIC ALERT
Volume 5.09 June 25, 1998
Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.
http://www.epic.org
Table of Contents
[1] EPIC Releases New Report on Online Privacy
[2] House Subcommittee Approves Mandatory Filtering Bill
[3] Copyright Legislation Vote Delayed
[4] House Approves Delay for Digital Wiretap Law
[5] Self-Regulation Gets Low Marks at Privacy Summit
[6] EPIC/PI Launches New Privacy Page
[7] Encryption Update
[8] Upcoming Conferences and Events
[1] EPIC Releases New Report on Online Privacy
On June 22, EPIC released its new report, "Surfer Beware II: Noticeis Not Enough." The new study shows that the Direct MarketingAssociation's
(DMA) commitment to the protection of consumer privacyhas not filtered down to its own members. The report was released inadvance
of the Commerce Department's privacy conference (see item 5,
below).
As a staunch supporter of self-regulation, the DMA had announced inOctober 1997 a promise to require its members to comply with the
tradegroup's privacy guidelines. However, nearly a year later, the EPICreport shows that little, if any, progress has been made.
EPICsurveyed the new members of the DMA, since the DMA refuses to releasea full list of its members. Of the new members listed
on the DMA website, all 40 that maintained web sites collected personal information.
Only eight had any semblance of a privacy notice. Furthermore, onlythree of those eight sites had adequate policies which satisfied
theDMA's own requirements.
An earlier University of Massachusetts study, commissioned by the DMA,
found that only 38 percent of surveyed DMA members inform consumersthat they are collecting information about them, only 33 percent
seekpermission to use this information, and only 26 percent tell consumershow this information is going to be used.
A March 1998 Businessweek/Harris poll found that 53 percent ofrespondents favor legislation to protect privacy on the Internet. Theresult
is consistent with other polls that show support for privacylegislation.
EPIC's report can be found at:
http://www2.epic.org/reports/surfer-beware2.html
[2] House Subcommittee Approves Mandatory Filtering Bill
The move toward mandatory Internet filtering continues in Congress.
Earlier this week, a House Appropriations subcommittee approved anamendment to the Health and Human Services budget that would requireall
public libraries and public or private schools that receivefederal funds "for the acquisition of any computer that is accessibleto
minors and that has access to the Internet" to install filters. Tocomply, schools and libraries would need to use software that
is"designed to prevent minors from obtaining access to any obsceneinformation." The adequacy of such software would be determined
bythe governor of each state.
The filtering amendment, introduced by Rep. Ernest Istook (R-OK), hasa broader application than the "Internet School Filtering Act"
nowpending in the Senate. That bill, which the Commerce Committeeapproved on March 12, would require the use of filtering software
as acondition of receiving federal "e-rate" Internet subsidies. TheIstook amendment would apply to the recipients of any federal
fundsused for the acquisition of computers.
EPIC is supporting an online campaign to raise Congressional awarenessof the implications of Internet filtering, which a current emphasis
onthe Senate. We are continuing to monitor developments in the House.
Faxes can be sent -- free of charge -- to your Senators by visitingthe EPIC Free Speech Action page:
http://www.epic.org/free_speech/action/
Additional information on Internet filtering is also available at theInternet Free Expression Alliance website:
http://www.ifea.net
[3] Copyright Legislation Vote Delayed
The House Commerce Committee vote on copyright legislation scheduledfor June 24 has been postponed until mid-July due to remainingcontroversy
over fair use and privacy. The Subcommittee onTelecommunications approved the legislation on June 18. Thelegislation had previously
been approved by the Senate and the HouseJudiciary Committee without amendments.
One of the more controversial provisions is a complete ban on anyattempt to circumvent a technological protection measure that protectscopyrighted
material. During the subcommittee vote, Rep. Ed Markey(D-MA) introduced an amendment that allows for circumvention toprotect personal
privacy. The subcommittee approved that amendment.
Also, an exception was included to allow cryptographers to circumventso they may continue to pursue research and develop encryption
tools.
Language that would preserve the right of fair use in the digital ageremains controversial. Rep. Thomas Bliley (R-VA), Chair of theCommerce
Committee, has urged all parties to find a solution that bothprotects the rights of authors to protect their work and the rights
ofusers to fair uses of the work.
For more information see the USACM Copyright page at:
http://www.acm.org/usacm/copyright/
[4] House Approves Delay for Digital Wiretap Law
The House of Representatives approved an amendment to the JusticeDepartment Authorization bill on June 22 that delays the implement-
ation of the controversial Communications Assistance for LawEnforcement Act (CALEA) for two more years. The amendment wasintroduced
by Rep. Zoe Lofgren (D-CA) and garnered bipartisan support.
Section 204 of H.R. 3303 delays the deadline by which telecommuni-
cations companies must make their equipment compliant under CALEA fromOctober 1998 until October 2000. Several Representatives spoke
on theHouse floor, recognizing that delays in developing the wiretapstandards would make it impossible for telecommunications companies
tocomply with CALEA by the October deadline.
The bill also modifies CALEA to allow telecommunications companies toreceive reimbursement for modifying existing equipment to be
CALEAcompliant. Previously, to be eligible for reimbursement, theequipment had to be in place before 1995. The bill moves the deadlineforward
until 2000.
More information on wiretapping and CALEA is available at:
http://www.epic.org/privacy/wiretap/
[5] Self-Regulation Gets Low Marks at Privacy Summit
On June 23 and 24, the U.S. Department of Commerce held a publicmeeting on Internet Privacy in Washington, D.C. The two dayconference
was designed to assess the effectiveness of the privatesector's implementation of the Clinton Administration's call forself-regulation
of privacy on the Internet. Academics, industryrepresentatives, privacy advocates, public interest groups, andWashington policymakers
were invited to demonstrate and to debate theefficacy of self-regulation. Over the two days various methods wereexamined for privacy
protection, such as certification programs,
technological aids, and public education.
In an effort to stave off government regulation, industry groupsunveiled their own eleventh-hour privacy plans. On June 22, acoalition
of some 50 companies and business associations introducedthe Online Privacy Alliance, whereby member companies pledge to adoptprivacy
policies according to the Alliance's guidelines. On the sameday, the Better Business Bureau announced its own plans to launch aprivacy
certification program that would allow web sites to displaythe BBB's seal of approval. These groups and others were invited tostrut
their stuff before a panel of privacy experts, including MarcRotenberg of EPIC. Under questioning from the panel, it was shownthat
none of the proposals had any means of effecting compliance, norany means for redressing consumer grievances. Each of the privacyprograms
received low grades from the panel for adequate protection ofprivacy. The most glaring omission of each was lack of enforcementmechanisms
or of any method for consumers to access their own data.
Many of the solutions offered put the onus of privacy protection uponthe consumer and not businesses. Various technological tools
weredemonstrated that would help the consumer to protect their privacywhile browsing, such as P3P, filters and anonymizers. But
thetechnology panel admitted that technology could not be a replacementfor privacy policies, but merely an aid for promoting such
policies.
Self-regulation advocates by and large favored consumer education andthe conference was rife with consumer-targeted self-help brochures.
What was clear from the conference is that a patchwork of "evolving"
self-regulatory programs, with little or no means for enforcement fellshort of the Department of Commerce's hopes for an industry
basedsolution. Consumer groups and privacy advocates pointed out that themarket fails to provide incentives for online industries
to adapteffective privacy policies, and that proposing guidelines alone doesnot provide the safeguards that legislation would provide.
CommerceSecretary William M. Daley expressed his disappointment at the poorshowing of effective self-regulation: "Articulating principles
isn'tadequate. There has to a way to enforce this [self-regulation] thatthe consumer can trust, or this won't work -- there has
to be somemeaningful consequences to companies that don't comply with privacyrules." Consumer and privacy groups believe it is clear
that industrycannot be relied upon to regulate itself, and that the time has comefor the government to step in and protect privacy
online.
More information on privacy policy is available at:
http://www.epic.org/privacy/
[6] Encryption Update
* The month of June has been busy for encryption policy. Supportersof the SAFE and E-PRIVACY bills are renewing their efforts to
pass themeasures. However, there are less than 30 working days left in theCongressional session this year, so its appears unlikely
that anylegislative efforts will succeed.
* Nearly three hundred people attended the 1998 EPIC Cryptography andPrivacy Conference on June 6. The Conference was keynoted by
SenatorConrad Burns (R-MT) and Congressman Bob Goodlatte (R-VA) and includedUndersecretary of Commerce for Export Administration
William Reinschand Principal Associate Attorney General Robert Litt. Speakers alsoincluded representatives from the governments
of Canada, the UnitedKingdom and Germany.
* On June 7, the CEOs of several computer companies sat down with FBIDirector Louis Freeh and Attorney General Janet Reno to discussencryption
policy. Following the meeting, the participants declinedto discuss what had been said but it appears that no major deals weremade.
"What has happened is that the ability to keep informationprivate has increased," Microsoft chief Bill Gates said. "Lawenforcement
has to accept that. Can the genie be put back in thebottle? The answer is no."
* Forty-three House Democrats, including House Democratic LeaderRichard Gephardt, Democratic Whip David Bonior and Rep. Zoe Lofgrensent
a letter on June 24 asking Speaker Newt Gingrich to scheduleaction on encryption export relief legislation prior to the July 4recess.
Gephardt said, "We ask the Republican leaders to makeresolution of this issue a top priority. We are willing to work withall sides
for workable export policies that prevent crime, promoteexports and national security and secure the future of the informationage."
* Only two years after describing the Skipjack encryption algorithm ashighly classified and stating that its release would pose a
seriousdanger to national security, the National Security Agency has changedcourse. NSA publicly released the algorithm --
the heart of theinfamous Clipper Chip and Fortezza Card -- on June 23.
More information on encryption policy is available at:
http://www.crypto.org/
[7] EPIC/PI Launch New Privacy Web Site
EPIC and Privacy International have launched The Privacy Page, acompletely redesigned online privacy resource located atwww.privacy.org.
In addition to a regularly updated news archive onprivacy issues, the site features links to privacy tools, privacyresources, international
privacy sites, consumer information, kids andprivacy, and the EPIC privacy bookstore. StraightScoop, anotherweekly feature, presents
an opinionated summary of the main issues inthe current online privacy debate.
The Privacy Page is available at:
http://www.privacy.org
[8] Upcoming Conferences and Events
INET'98, July 21-24, 1998, Geneva, Switzerland. Sponsored by InternetSociety. Contact: http://www.isoc.org/inet98/
Advances in Social Informatics and Information Systems, Baltimore, MD,
Aug. 14-16, 1998. Sponsored by the Association for InformationSystems Contact: http://info.cwru.edu/rlamb/ais98cfp.htm
Telecommunications Policy Research Conference. October 3-5, 1998Alexandria, Virginia. Contact: http://www.si.umich.edu/~prie/tprc/
CPSR Annual Conference - Internet Governance. Boston, Mass, Oct.
10-11. Sponsored by CPSR. contact: cpsrcpsr.org
PDC 98 - the Participatory Design Conference, "BroadeningParticipation" November 12-14, 1998. Seattle, Washington. Sponsoredby Computer
Professionals for Social Responsibility in cooperationwith ACM and CSCW 98. Contact: http://www.cpsr.org/conferences/pdc98
Computer Ethics. Philosophical Enquiry 98 (CEPE'98). 14-15 December1998 London, UK. Sponsored by ACMSIGCAS and London School ofEconomics.
http://is.lse.ac.uk/lucas/cepe98.htm
1999 RSA Data Security Conference. San Jose, California, January18-21, 1999. Sponsored by RSA. Contact: http://www.rsa.com/conf99/
FC '99 Third Annual Conference on Financial Cryptography, Anguilla,
B.W.I., February 22-25 1999 (submissions due: September 25, 1998).
(Send calendar submissions to alertepic.org)
Subscription Information
The EPIC Alert is a free biweekly publication of the ElectronicPrivacy Information Center. To subscribe or unsubscribe, send emailto
epic-newsepic.org with the subject: "subscribe" (no quotes) or"unsubscribe". A Web-based form is available at:
http://www.epic.org/alert/subscribe.html
Back issues are available at:
http://www.epic.org/alert/
About EPIC
The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 tofocus
public attention on emerging privacy issues such as the ClipperChip, the Digital Telephony proposal, national ID cards, medicalrecord
privacy, and the collection and sale of personal information.
EPIC is sponsored by the Fund for Constitutional Government, anon-profit organization established in 1974 to protect civil libertiesand
constitutional rights. EPIC publishes the EPIC Alert, pursuesFreedom of Information Act litigation, and conducts policy research.
For more information, e-mail infoepic.org, http://www.epic.org orwrite EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC20003.
+1 202 544 9240 (tel), +1 202 547 5482 (fax).
If you'd like to support the work of the Electronic PrivacyInformation Center, contributions are welcome and fullytax-deductible.
Checks should be made out to "The Fund forConstitutional Government" and sent to EPIC, 666 Pennsylvania Ave.,
SE, Suite 301, Washington DC 20003. Individuals with First Virtualaccounts can donate at http://www.epic.org/epic/support.html
Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for theright of privacy and efforts to oppose government regulation
ofencryption and funding of the digital wiretap law.
Thank you for your support.
END EPIC Alert 5.09
WorldLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.worldlii.org/int/journals/EPICAlert/1998/9.html
