WorldLII Home | Databases | WorldLII | Search | Feedback

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 2000 >> [2000] EPICAlert 8

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

EPIC Alert 7.08 [2000] EPICAlert 8



EPIC ALERT




Volume 7.08 May 2, 2000

Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.

http://www.epic.org

Table of Contents



[1] Administration Financial Privacy Proposal Released
[2] Privacy Coalition Seeks Review of Phone Records Privacy Case
[3] Intel Drops Processor Serial Numbers
[4] Pending Bills Would Impact Online Speech
[5] Council of Europe Releases Draft Cyber-Crime Treaty
[6] Electronic Surveillance Up Again in 1999
[7] EPIC Bookstore - Censored 2000
[8] Upcoming Conferences and Events


[1] Administration Financial Privacy Proposal Released


On April 30, during an address at Eastern Michigan University,
President Clinton unveiled a new Administration initiative protectingfinancial privacy. The proposal had been long expected, as thePresident had remarked on the need for greater privacy protection soonafter signing the Financial Services Modernization Act into law andagain in his last State of the Union address.

The Financial Services Modernization Act, otherwise known as Gramm-
Leach-Bliley, eliminated many of the barriers preventing mergersbetween securities firms, insurance companies, and other financialinstitutions and simultaneously threw open the doors for more sharingof personal financial information. Some of those problems areaddressed in the new Clinton-Gore proposal, but other matters arestill left unresolved.

Perhaps the most significant loophole to be potentially closed by theproposal is the unfettered transfer of personal information fromfinancial institutions to marketers. Under current proposed rules,
consumers would not be given even an opt-out before such informationwas shared through joint marketing agreements. The other componentsof the proposal include the ability to opt-out from sharing offinancial information between affiliates of a single institution;
opt-in for the sharing of medical billing or payment information andconsumer spending habits; a right to access and correct financialrecords; increased authority for the Federal Trade Commission (FTC)
to assess monetary damages; increased cooperation between the FTC andState Attorney Generals in prosecuting deceptive business practices;
requirements that banks provide privacy policies at the beginning ofa customer relationship; and a study on public bankruptcy records thatoften contain a great deal of personal information.

Many groups, including EPIC, have recognized that Gramm-Leach-Blileydoes not offer an adequate level of privacy protection and wouldprefer an opt-in for personal financial information to be shared withaffiliates and third parties. The full text of the proposal is stillunavailable, but should be made public later this week. Whether ornot the proposal succeeds in gaining the approval of Congress, thestandards in Gramm-Leach-Bliley are set to go into effect later thisyear.

A summary of the proposal is available at:

http://www.whitehouse.gov/WH/New/html/20000501_4.html


[2] Privacy Coalition Seeks Review of Phone Records Privacy Case


On May 1, EPIC was joined by 14 consumer organizations and 19 lawprofessors in a "friend of the court" brief filed with the U.S.
Supreme Court urging review of a lower court decision in U.S. Westv. FCC. The case, decided last year by the Tenth Circuit Court ofAppeals, struck down a Federal Communications Commission (FCC)
regulation that sought to protect the privacy of an individual'stelephone records. The appellate court held that the regulation,
which prohibited telephone companies from disclosing their customers'
sensitive Consumer Proprietary Network Information (CPNI) recordswithout first receiving opt-in permission, constituted an unduerestriction on free speech in violation of the First Amendment.

In their brief, EPIC and the other parties argue that the opt-inpermission the regulation requires is necessary to protect anindividual's right to privacy; that it is in accordance with theintention of Congress; and that it does not violate the FirstAmendment. Furthermore, the brief argues that the appellate opinionconflicts with the recent decision in Reno v. Condon, where theSupreme Court ruled that Congress can prohibit the disclosure ofpersonal information by state motor vehicle departments without theindividual driver's express consent.

Privacy advocates and scholars regard U.S. West as an importantprecedent-setting case. They contend that, if allowed to stand, thelower court decision could establish a dangerous principle regardingthe disclosure of personal information and the right to communicationsprivacy.

The EPIC brief is available at:

http://www.epic.org/privacy/litigation/USWest/cert_pet.html


[3] Intel Drops Processor Serial Numbers


In a major victory for Internet anonymity, the world's dominant chipmaker has decided to discontinue the use of Processor Serial Numbers(PSNs) in its next generation of products. The PSN, which was embeddedin Intel Pentium III and Celeron chips, was extremely controversialand led to a consumer boycott led by EPIC and other privacy groups.

Citing privacy concerns, Intel recently announced that its newprocessors, code-named Willamette and scheduled for release later thisyear, will no longer contain the identifiers. Since the inception ofthe PSN last January, privacy groups have maintained that computerusers are opposed to the placement of permanent identifiers in theirmachines. EPIC and other organizations asked the Federal TradeCommission to investigate the practice (to date, the federal agencyhas not publicly commented on the matter).

According to Intel VP Patrick Gelsinger, the PSN was to be used toidentify users who accessed Internet web sites or chat rooms. Intelalso initially stated that the technology would be used forauthentication in e-commerce, which would attach the PSN to a user'sreal-world identity. Those objectives have apparently been abandoned.

While the death of the PSN is good news for privacy and anonymity,
other troubling initiatives are on the horizon. The Wall StreetJournal has reported that Microsoft plans to include in futureversions of the Windows operating system software that uses"biometric" devices such as fingerprint or eye scanners toauthenticate users. And on the profiling front, software start-upPredictive Networks has released a product that precisely tracksonline behavior and use the collected information to send targetedadvertisements to individual Web surfers.

More information on the Intel PSN is available at:

http://www.bigbrotherinside.org/



[4] Pending Bills Would Impact Online Speech


Congress is considering several bills that would regulate materialon the Internet, two of which have attracted particular attention.
The Unsolicited Electronic Mail Act (H.R. 3113) aims to curb thedistribution of "spam," yet could also impede free speech andanonymity online. The bill would require unsolicited e-mail toinclude a subject-line label such as "ADV" (for advertisement) to"permit automatic blocking or filtering of identified messages by arecipient." The legislation would also require senders to providevalid e-mail addresses and accurate routing information so thatrecipients could opt-out of future mailings. Individuals whocontinued to receive unsolicited e-mail after requesting to be removedfrom a distribution list could seek damages of up to $500 per e-mail.
The Unsolicited Electronic Mail Act combines the provisions of threeseparate anti-spam bills sponsored by Reps. Gene Gree (D-TX), GaryMill (R-CA), and Heather Wilson (R-NM).

A measure that would make it illegal to link to a page advertisingdrug paraphernalia with the "intent to facilitate or promote" itsbusiness is gaining ground in Congress. The MethamphetamineAnti-Proliferation Act of 1999 makes it a felony "to teach ordemonstrate the manufacture of a controlled substance, or todistribute by any means information pertaining to, in whole or inpart, the manufacture or use of a controlled substance" if theinformation is used in a crime. Advertising any information thatcould facilitate the sale of drug paraphernalia would also be afederal violation. Sens. Dianne Feinstein (D-CA) and Orrin Hatch(R-UT) introduced the Methamphetamine Anti-Proliferation Act of 1999in the Senate.



[5] Council of Europe Releases Draft Cyber-Crime Treaty


A secretive international group of law enforcement officials hasreleased a draft treaty on computer crime that would require adoptionof extensive new law enforcement powers. The Committee of Experts onCrime in Cyberspace of the Council of Europe released its "DraftConvention on Cyber-crime" on April 27, following more than threeyears of discussions. The draft treaty would require that allparticipating countries adopt new laws requiring government access toencrypted information, expanding copyrights and criminalizing thepossession of common security tools. It also would alter wiretappinglaws in all of the countries.

The treaty would also facilitate the collection of information byrequiring companies that provide Internet services to collect andmaintain information in case it is needed by law enforcement agencies.
It would permit international access to such information bygovernmental authorities in different jurisdictions.

Two key sections on the interception of communications are left blankin the draft. These are likely to be the most controversial sectionsas the drafting process continues. The current draft also containscontroversial provisions mandating that every country enact laws thatwould require an individual to release encryption keys and unencrypteddata when requested by government officials. Most countries haverejected adopting these powers over concerns about violatingindividuals' rights against self-incrimination. EPIC's recent"Cryptography and Liberty 2000" report found that only Malaysia andSingapore have existing laws mandating such "lawful access."

The draft has been under development since 1997, but had never beenpublicly seen until last week. According to sources, the U.S.
Department of Justice has played a significant role in the draftingprocess. The final draft is expected to be completed by December andwill then be opened for signature. The COE is an internationalgovernmental organization made up of 41 countries in Europe, but thetreaty will also be open to signature by other countries thatcontributed to the drafting process, including the United States,
Canada, Hong Kong and Australia.

The text of the draft treaty is available at:

http://conventions.coe.int/treaty/en/projets/cybercrime.htm


[6] Electronic Surveillance Up Again in 1999


The number of court-authorized wiretaps for criminal investigationsrose again in 1999, continuing a 20-year trend of increasedsurveillance. According to a report released today by theAdministrative Office of the U.S. Courts, court authorizedsurveillance orders were up two percent from 1998, to 1,350 in 1999.

Federal wiretaps were up again by six percent in 1999, while statewiretaps declined slightly. Since the Clinton Administration cameinto office in 1993, federal wiretapping has increased by 33 percent.
Since 1980, the total number of wiretaps has increased by 230 percent.
In 1999, not a single request for a wiretap was declined by any judgein the United States.

The new report also shows law enforcement's increased focus on theinterception of cellular telephones and other new means ofcommunications. Nearly half of all applications were forinterceptions of electronic communications. However, prosecutors onlyreported seven requests for interception of e-mail and computercommunications. Of the remaining interceptions, 31 percent weretraditional wiretaps, and microphones only accounted for 4.5 percentof all installed surveillance. Ninety-four of the requests were forroving wiretaps; 50 percent of those were in New York State.

The vast majority of the wiretap orders were issued in investigationsof drug offenses. More than 72 percent were listed for narcoticscases while ten percent were for racketeering and 4.5 percent forhomicide and assault.

The number of days that wiretaps were in place jumped by 18 percent in1999. Wiretaps recorded over 63,000 days of conversations of nearly250,000 people. According to prosecutors, only 20 percent of thecalls that they intercepted were actually "relevant" to a criminalinvestigation.

The 1999 report is available at:

http://www.uscourts.gov/wiretap99/contents.html
More information on wiretapping, including previous reports andanalysis is available at:

http://www.epic.org/privacy/wiretap/



[7] EPIC Bookstore -- Censored 2000: The Years Top 25 Censored Stories


Censored 2000: The Years Top 25 Censored Stories by Peter Phillips
http://www.amazon.com/exec/obidos/ISBN=1583220232/electronicprivacA
In stark contrast to the reports on the nightly news and in the dailypapers, Censored 2000 reveals what is being kept from the public by alower quality of reporting, the downsizing of newsrooms, and the mediaconglomerates. Ralph Nader calls it a book "that should be affixed tothe bulletin boards in every newsroom across the country," and theAmerican Journalism Review has hailed the series as "a distant earlywarning system for society's problems." Along with the top 25 stories,
Censored 2000 focuses on the struggle to bring untold news to light,
including an introduction by imprisoned journalist Mumia Abu-Jamal.



EPIC Publications:

"Cryptography and Liberty 2000: An International Survey of EncryptionPolicy," Wayne Madsen and David Banisar, editors, (EPIC 2000).
Price: $20. http://www.epic.org/crypto&/

EPIC's third survey of encryption policies around the world. Theresults indicate that the efforts to reduce export controls on strongencryption products have largely succeeded, although severalgovernments are gaining new powers to combat the perceived threats ofencryption to law enforcement.



"The Privacy Law Sourcebook: United States Law, International Law, andRecent Developments," Marc Rotenberg, editor (EPIC 1999). Price: $50.
http://www.epic.org/pls/

The "Physicians Desk Reference of the privacy world." An invaluableresource for students, attorneys, researchers and journalists who needan up-to-date collection of U.S. and International privacy law, as wellas a comprehensive listing of privacy resources.



"Filters and Freedom - Free Speech Perspectives on Internet ContentControls," David Sobel, editor (EPIC 1999). Price: $20.
http://www.epic.org/filters&freedom/

A collection of essays, studies, and critiques of Internet contentfiltering. These papers are instrumental in explaining why filteringthreatens free expression.



"Privacy and Human Rights 1999: An International Survey of Privacy Lawsand Developments," David Banisar, Simon Davies, editors, (EPIC 1999).
Price: $15. http://www.epic.org/privacy&humanrights99/

An international survey of the privacy and data protection laws foundin 50 countries around the globe. This report outlines theconstitutional and legal conditions of privacy protection, andsummarizes important issues and events relating to privacy andsurveillance.



Additional titles on privacy, open government, free expression,
computer security, and crypto, as well as films and DVDs can beordered through the EPIC Bookstore: http://www.epic.org/bookstore/



[8] Upcoming Conferences and Events


Entrust SecureSummit 2000. May 1-4, 2000. Hyatt Regency Dallas atReunion. Dallas, TX. For more information: http://www.securesummit.com
Online Privacy in the Global Economy. The Law & Internet Forum.
University of Chicago Law School. May 3, 2000. Chicago, IL. For moreinformation: http://home.uchicago.edu/orgs/law-internet/index.htm
Call for Papers -- 16th Annual Computer Security ApplicationsConference. Deadline May 12, 2000. Sheraton Hotel. New Orleans, LA.
December 11-15, 2000. For more information: http://www.acsac.org/

Electronic Government: New Challenges for Public Administration andLaw. May 18, 2000. Center for Law, Public Administration, andInformatization of Tilburg University, Netherlands. For moreinformation: http://schoordijk.kub.nl/crbi/egov/

Shaping the Network: The Future of the Public Sphere in Cyberspace.
Computer Professionals for Social Responsibility (CPSR). May 20-23,
2000. Seattle, WA. For more information:
http://www.scn.org/cpsr/diac-00
New Millennium, New Horizons: Marketing and Public Policy Conference2000. American Marketing Association. June 1-3, 2000. Marriott MetroCenter. Washington, DC. For more information:
http://www.ama.org/events/

First Annual Institute on Privacy Law: Strategies for Legal Compliancein a High Tech and Changing Regulatory Environment. Practicing LawInstitute. June 22-23, 2000. PLI Conference Center. New York, NY.
For more information: http://www.pli.edu
Telecommunications: The Bridge to Globalization in the InformationSociety. Biennial Conference of the International TelecommunicationsSociety. July 2-5, 2000. For more information:
http://www.its2000.org.ar
First International Hackers Forum. The Green Planet. August 18-20,
2000. Zaporozhye, Ukraine. For more information:
http://www.geocities.com/hack_forum
KnowRight 2000 - InfoEthics Europe. Austrian Computer Society andUNESCO. September 26-29, 2000. Vienna, Austria. For more information:
http://www.ocg.at/KR-IE2000.html
Privacy2000: Information and Security in the Digital Age. October 31-
November 1, 2000. Adam's Mark Hotel. Columbus, Ohio. For moreinformation: http://www.privacy2000.org
Privacy: A Social Research Conference. New School University. October5-7, 2000. New York, NY. For more information:
http://www.newschool.edu/centers/socres/privacy/


Subscription Information


The EPIC Alert is a free biweekly publication of the ElectronicPrivacy Information Center. A Web-based form is available forsubscribing or unsubscribing at:

http://www.epic.org/alert/subscribe.html
To subscribe or unsubscribe using email, send email toepic-newsepic.org with the subject: "subscribe" (no quotes) or"unsubscribe".

Back issues are available at:

http://www.epic.org/alert/


About EPIC


The Electronic Privacy Information Center is a public interestresearch center in Washington, DC. It was established in 1994 tofocus public attention on emerging privacy issues such as the ClipperChip, the Digital Telephony proposal, national ID cards, medicalrecord privacy, and the collection and sale of personal information.
EPIC is sponsored by the Fund for Constitutional Government, anon-profit organization established in 1974 to protect civil libertiesand constitutional rights. EPIC publishes the EPIC Alert, pursuesFreedom of Information Act litigation, and conducts policy research.
For more information, e-mail infoepic.org, http://www.epic.org orwrite EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax).

If you'd like to support the work of the Electronic PrivacyInformation Center, contributions are welcome and fullytax-deductible. Checks should be made out to "The Fund forConstitutional Government" and sent to EPIC, 1718 ConnecticutAve., NW, Suite 200, Washington, DC 20009.

Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for theright of privacy and efforts to oppose government regulation ofencryption and expanding wiretapping powers.

Thank you for your support.

END EPIC Alert 7.08


.










WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback
URL: http://www.worldlii.org/int/journals/EPICAlert/2000/8.html