From: Chris Chiu
To: GILC announce (E-mail)
Sent: 29/03/01 17:30
Subject: GILC Alert
GILC Alert
Volume 5, Issue 2
March 29, 2001
Welcome to the Global Internet Liberty Campaign Newsletter.
Welcome to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and
human
rights on the Internet.
We hope you find this newsletter interesting, and we very much hope that
you
will avail yourselves of the action items in future issues.
If you are a part of an organization that would be interested in joining
GILC, please contact us at <[log in to unmask]>.
If you are aware of threats to cyber-liberties that we may not know
about,
please contact the GILC members in your country, or contact GILC as a
whole.
Please feel free to redistribute this newsletter to appropriate forums.
===============================================
Free Expression
[1] British children face censors, spyware
[2] New Communist Chinese censorware and shutdowns
[3] Aussies face email bans & Net censor bills
[4] New Saudi Internet restrictions
[5] New US blocking law challenged
[6] Who will control .com, .net and .org?
[7] German Nazi website case muddled
[8] New copy protection schemes may curb fair use
[9] US Gov't seeks Supreme Court Net speech ruling
[10] 2nd round for DVD weblinks case
[11] Japanese plan: ISPs to become censors
[12] New anonymous net posting battles
[13] Cuba's continuing Internet woes
[14] UK plans may criminalize online protests
Privacy and Encryption
[15] Music companies & gov't spies: perfect together?
[16] DoubleClick launches new tracking program
[17] ECHELON spyware plug-ins: Oasis & FLUENT
[18] Euro privacy panel attacks cybercrime plan
[19] UK email surveillance regulations stall
[20] Hotmail/Microsoft selling user info
[21] Voter.com user political data auction
[22] New online breaches affect even celebrities
[23] New Privacy Coalition formed
[24] Privacy software in the works
[25] CFP 2001 Conference held
[26] New GILC members: APC and CCC
==================================================
[1] British children face censors, spyware
==================================================
It's a "good practice" to censor the Internet and spy on children.
That's what detractors are saying about new plans being pushed by the
British Department of Education and Employment (DfEE) that are supposed
to
protect children from harmful content. Among other things, these
guidelines
stipulate: "All schools have a responsibility to filter both access at
school and any access pupils are given as part of home-school links,"
despite the admitted fact that "no filtering software is foolproof."
These
proposals also support "keyboard monitoring products" to track exactly
what
children type into computers. This scheme does advise schools to keep
individual student email addresses private; however, it also envisions
"treating all incoming and outgoing email as public" and thus allowing
the
government conduct heavy surveillance of otherwise private email
messages.
One example provided in these materials of "good practice" is Denbigh
School, which proudly censors soccer sites and other Internet materials
that
have nothing to do with sex or violence. Students are completely banned
from
certain types of Internet transmissions, including all newsgroups,
regardless of content. Interestingly, the official account also admits
that
"biology students suffered" when certain sites were blocked. The school
has
now implemented a point-based system to spy on students and measure
their
viewing of webpages that are deemed controversial. Students who try to
visit
the websites they want in spite of this system (such as the homepage of
soccer powerhouse Manchester United) will lose points; once budding
cybercitizens reach zero, they are automatically logged out, and
teachers
are notified of their activities.
These developments come after even harsher measures were taken by
authorities in Glasgow, Scotland. A local council ordered 33 libraries
to
stop providing Internet access, after discovering that children were
able to
access to nude images online using library computers. Oddly enough, in
spite
of the council's purported concerns for young people, the decision
apparently cut off Internet access for adults as well as children.
Glasgow
libraries were forced to stay away from the online world pending the
installation of new blocking software on all library computers, which
was
scheduled to take several weeks. Ironically, the council had considering
installing such programs in the past, but had shelved these plans
because it
prevented access to many types of non-controversial Internet content,
such
as newspaper websites.
To read more about Denbigh school's censoring of soccer sites, click
http://safety.ngfl.gov.uk/document.php3?D=d31
The full DfEE guidelines are available under
http://safety.ngfl.gov.uk
Read Wendy McAuliffe, "Glasgow libraries ban Internet access," ZDNet UK,
Mar. 5, 2001 at
http://www.zdnet.co.uk/news/2001/9/ns-21339.html
=================================================
[2] New Communist Chinese censorware & shutdowns
=================================================
After a recent network outage, Chinese citizens are facing additional
hurdles to expressing themselves through the Internet.
Mainland Chinese agents have developed new powerful blocking software to
stop online dissent. Internet Police 110 comes in three different
versions
(home, cafes and schools), but all versions are target "unhealthy
information" regarding "cults, sex and violence"-an apparent reference
to
dissident groups such as the Falun Gong. The program blocks both
domestic
and foreign websites, as well as various forms of Internet messaging, in
addition to monitoring user activity. One Communist official expressed
the
fervent belief that the software would "help purify China's Internet
service."
At the same time, Chinese commissars have also stepped up attempts to
close
down unrestricted Internet establishments. Government agents have run
several sweeps against Beijing cybercafes and closed down several of
them,
on the grounds that they did not possess proper licenses. Communist
Chinese
laws require all cybercafes to apply for certificates from the state
public
security bureau and install blocking software packages. Various
dissidents
have been jailed, including Jiang Shihua, who received a two-year prison
sentence for pro-democracy statements that he posted in an Internet
chatroom
several months ago.
These efforts at censorship have intensified after a recent explosion at
a
school in the southern town of Fanglin. Many local residents (including
parents of several of the victims) allege that the school was forcing
children to assemble dangerous fireworks. In response, government
officials
have been trying to suppress the story both online and otherwise. As
part of
this endeavor, Communist agents have removed several hundred critical
chatroom messages on the subject, according to various reports. However,
these widescale protests apparently did help force Chinese Prime
Minister
Zhu Rongji to issue a public apology for the incident.
For further details and audio press coverage of attempts to suppress
online
criticism after the Fanglin school explosion, see "Beijing accused of
school
blast cover-up," BBC News, Mar. 9, 2001 at
http://news.bbc.co.uk/hi/english/world/asia-pacific/newsid_1210000/12105
22.s
tm
See also Joanne Lee-Young & Sharon Walsh, "Beijing Backs Down on School
Explosion Story," The Industry Standard, Mar. 16, 2001 at
http://www.thestandard.com/article/display/0,1151,22915,00.html
To read about the case of Jiang Shihua, see "China jails teacher over
Web
remark," Associated Press, Mar. 12, 2001 at
http://salon.com/mwt/wire/2001/03/12/china_teacher/index.html
For additional information on new Chinese censorware products, see
"Chinese
police develop software to 'purify' the Net," Reuters, Feb. 27, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2690371,00.html
For more on Chinese prosecution of cybercafes, read "Beijing police pull
plug on illegal Internet cafes," China Online, Feb. 23, 2001 at
http://www.chinaonline.com/topstories/010223/1/C01021611.asp
See also "Undersea cable repair restores China's Internet connection,"
China
Online, Feb. 20, 2001 at
http://www.chinaonline.com/industry/infotech/NewsArchive/Secure/2001/Feb
ruar
y/C01021609.asp
=================================================
[3] Aussies face email bans & Net censor bills
=================================================
It may be getting more difficult for Internet users Down Under to speak
out
online.
For one thing, newly enacted Australian copyright laws may prohibit the
forwarding of certain email messages. In a press release, Australia's
Attorney General, Daryl Williams, said that forwarding "a personal
e-mail is
unlikely to breach copyright laws," but then cryptically suggested that
liability could result if a court determined that "the contents of the
e-mail were an 'original literary work.'" Other legal experts have
suggested
that this ban may apply to many other types of Internet content,
including
mere caches. Maurice Gonsalves from the law firm of Mallesons Stephen
Jaques
noted that "the legislation is ambiguous" and "isn't specific enough to
know
what type of caching is and what type isn't permitted."
These legal clouds have left many educators and free speech advocates
feeling uneasy. Nick Smith, who advises Australian libraries on
copyright
issues, warned that the new law would hurt educational institutions as
they
"try to provide the services they want to provide in the digital
environment." In particular, Smith was concerned that copyright
restrictions
would create "a real impediment in the way of digitizing national
collections."
Meanwhile, controversy continues to swell over a new South Australian
bill
that would further criminalize online speech. The proposal would make it
a
crime to post "matter unsuitable for minors" on the Internet, even if
the
material is screened or protected by passwords. The legislation would
use
criteria previously applied to films and videos, which are more
restrictive
than those applicable to books, pamphlets and other printed materials.
Furthermore, under the proposal, it would be illegal to make sexually
explicit material available via the Internet, regardless of the fact
that it
is legal to distribute such materials to adults by regular mail
throughout
Australia.
Numerous groups have savaged the bill. Electronic Frontiers Australia
(EFA-a
GILC member) highlighted how the legislation might make "it a criminal
offence to make information available to adults about 'adult themes'
including 'suicide, crime, corruption, marital problems, emotional
trauma,
drug and alcohol dependency, death and serious illness, racism,
religious
issues', except in a 'discreet' manner, that is, 'with little or no
detail
and generally brief.'" EFA Executive Director Irene Graham fears that
"this
Bill has the potential to be used to victimise people. It sets up the
situation where only one person needs to complain about a site and it
could
be determined to be illegal. The law could be used to target people who
upset the government, for example." In addition, industry executives are
worried that the proposal, if enacted, would reduce job opportunities in
the
region and lead many information technology workers to move offshore.
Mr. Williams' press release is posted under
http://www.law.gov.au/aghome/agnews/2001newsag/931_01.htm
See Thomas C. Greene, "Aussie AG denies e-mail penalty, sort of," The
Register (UK), Mar. 5, 2001 at
http://www.theregister.co.uk/content/6/17350.html
Read "Email forwarding law exempts personal messages, attorney general
says," Sydney Morning Herald, Mar. 5, 2001 at
http://www.theage.com.au/breaking/0103/05/A26800-2001Mar5.html
See also Rachel Lebihan, "Digital Copyright Act 'ambiguous,'" ZDNet
Australia, Mar. 7, 2001 at
http://www.zdnet.com.au/news/dailynews/story/0,2000013063,20207522,00.ht
m
To read EFA's alert on South Australia's new Internet content bill,
click
http://www.efa.org.au/Campaigns/alert0301.html
See Karen Dearne, "Censor Bill gets R rating," Australian IT, Feb. 27,
2001
at
http://australianit.news.com.au/common/storyPage/0,3811,1751598%255E501,
00.h
tml
To learn more about industry fears regarding the South Australian bill,
see
Karen Dearne, "Censor Bill 'threatens' IT jobs growth," Australian IT,
Mar.
6, 2001 at
http://australianit.news.com.au/common/storyPage/0,3811,1773311%255E442,
00.h
tml
=================================================
[4] New Saudi Internet restrictions
=================================================
The government of Saudi Arabia has unveiled new measures to clamp down
on
certain types of Internet speech.
These standards were set forth in a recent Council of Ministers
resolution.
Under this regime, "All Internet users in the Kingdom of Saudi Arabia
shall
refrain from publishing or accessing data" that contains a variety of
taboo
subjects. The list includes statements that somehow infringe "the
sanctity
of Islam," "reports" that are deemed "damaging to the Saudi Arabian
armed
forces or to the dignity of heads of states," and transmissions that
propagate "subversive ideas." These regulations also include stringent
licensing and personal identification regimes. They restrict all
Internet
traffic to a single choke point--an "internet service unit at King
Abdulaziz
city for sciences and technology" in the capital, Riyadh, where
"subversive
ideas" and other such data can be blocked with ease.
To read the full text of the new rules, visit
http://www.al-bab.com/media/docs/saudi.htm
See Brian Whitaker, "Losing the Saudi cyberwar," The Guardian, Feb. 26,
2001
at
http://www.guardianunlimited.co.uk/elsewhere/journalist/story/0,7792,443
261,
00.html
==================================================
[5] New US blocking law challenged
==================================================
Numerous groups are suing against a new United States law that mandates
blocking software.
The so-called "Children's Internet Protection Act" was included as part
of a
Labor-Health and Human Resources appropriations bill, and combines
several
different filtering schemes. Among other things, the law essentially
requires high schools and libraries to include blocking software on all
of
their computers. Institutions that refuse to do so (or implement
policies to
that effect) would lose federal funding. CIPA was approved despite
vociferous objections from a broad coalition of groups, including GILC
members the American Civil Liberties Union (ACLU), the Electronic
Frontier
Foundation (EFF) and the Center for Democracy and Technology (CDT).
After Congress enacted CIPA, the ACLU and the American Library
Association
(ALA) each filed lawsuits to strike down the law. ACLU staff attorney
Ann
Beeson noted that with the new Act, "The government is choking off the
free
flow of information on the Internet to the library patrons who need it
the
most," particularly minority and underprivileged children who cannot
afford
to have home Internet access and must depend on libraries to go online.
Similar sentiments were voiced by ALA President Nancy Kranich: "Forcing
libraries to choose between funding and censorship means millions of
library
users will lose - particularly those in the most poverty-stricken and
geographically isolated areas of the country."
The ACLU's complaint is posted under
http://www.aclu.org/court/multnomah.pdf
An ACLU press release on the CIPA lawsuit is available under
http://www.aclu.org/features/f032001a.html
The ALA complaint is available via
http://www.ala.org/cipa/cipacomplaint.pdf
An ALA press release on its CIPA lawsuit is posted at
http://www.ala.org/cipa/cipapressrelease.html
Read Robert O'Harrow, "Curbs on Web Access Face Attack," Washington
Post,
Mar. 20, 2001, page A4 at
http://washingtonpost.com/wp-dyn/articles/A28922-2001Mar19.html
See also "Internet Filter Law Facing Court Challenge," ABCNews.com (US),
Mar. 20, 2001 at
http://abcnews.go.com/sections/scitech/DailyNews/internet_filters010320.
html
=================================================
[6] Who will control .com, .net and .org?
=================================================
Serious questions have arisen over the future of several well-known
Internet
suffixes.
During a public forum in Melbourne, Australia, the Internet Corporation
for
Assigned Names and Numbers (ICANN) drew fierce criticism over proposed
contracts that would allow domain name giant Verisign to retain its
powers
over .com through at least 2007. Under these plans, Verisign would also
retain a substantial level of control over two other key Top-Level
Domains
for several years, including .org (through December 2002) and .net
(through
December 2006).
Many attendees expressed concern over the apparently undemocratic
approach
with which these contracts were created, as well as the potential
effects
the agreements may have on competition and free expression. Indeed,
ICANN's
Board of Directors refused to make a final decision on this matter
during
its public meetings Down Under, but scheduled a private conference call
on
April 2, 2001 for this purpose.
These concerns have been reinforced by persistent signs that
recognizable
domain names are becoming scarce, and the possibility that this
artificial
scarcity problem may undercut free speech. Nevertheless, despite these
problems, ICANN officials admitted during the Melbourne meeting that
they
have failed to complete negotiations to bring just 7 new Top-Level
domains
online. Moreover, the World Intellectual Property Organization is now
seeking new "Best Practices" guidelines to be implemented within various
country code domain names-a move that detractors say will further skew
online expression to the benefit of large conglomerates and other
powerful
trademark holders.
Further doubts as to ICANN's legitimacy have been brought out in the
wake of
an initiative by New.net to allow computer users to use alternative web
domains such as .family and many others. This initiative works through a
special downloadable program that plugs into web browsers (such as
Internet
Explorer and Netscape) and reroutes queries to the new domains. ICANN
Chairman Vint Cerf attacked the New.net program, calling it a mere
"trick"
and "sleight of hand" that would have little real impact on the Internet
as
a whole. However, several observers note that these and other efforts
are
evidence of growing disenchantment with ICANN. Professor A. Michael
Froomkin
from the University of Miami (Florida) said that New.net's venture "is
not a
real attractive idea on its own technical merit. But given where we are,
what else can you do?"
ICANN's launching of a so-called "Clean Sheet" study further heightened
concerns over its perceived undemocratic nature. The study is supposed
to
determine the proper role of the public voice in ICANN decisions. During
its
meetings in Melbourne, Australia, the domain name body presented
tentative
plans that were notable in that their apparent failure to recognize the
legitimacy of ICANN's own At-Large Members, or whether these members
should
be allowed to exist in the future. Numerous experts are worried that
this
study will lead to the end of ICANN public elections. Some of these
fears
were voiced during special Civil Society meetings that coincided with
the
ICANN convention.
To read the proposed .com, .net and .org Registry Agreements, visit
http://www.icann.org/nsi/proposed-com-registry-agmt-01mar01.htm
http://www.icann.org/nsi/proposed-net-registry-agmt-01mar01.htm
http://www.icann.org/nsi/proposed-org-registry-agmt-01mar01.htm
Transcripts and video archives of ICANN's Melbourne meetings are
available
via
http://cyber.law.harvard.edu/icann/melbourne/archive/index.html
For more on the ICANN-Verisign proposed contracts, see Stewart Taggart,
"Furor over ICANN-Verisign Deal," Wired News, Mar. 13, 2001 at
http://www.wired.com/news/print/0,1294,42392,00.html
For German language coverage, read Monika Ermert, "Deal mit Verisign/NSI
uber .com-Domain verschoben," Heise Online, Mar. 13, 2001 at
http://www.heise.de/newsticker/data/jk-13.03.01-003/
Further details regarding delays in ICANN's rollout of new Top-Level
Domains
are available from Stewart Taggart, "ICANN Readies for 'Land Rush,'"
Wired
News, Mar. 12, 2001 at
http://www.wired.com/news/print/0,1294,42363,00.html
For more information on New.net, as well as Prof. Froomkin's remarks,
see
Don Clark, "New twist in top-level domain name game," Wall Street
Journal,
Mar. 5, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2692518,00.html
To read more of Vint Cerf's comments, see David McGuire, "Vint Cerf
Calls
New.Net Domain Scheme a 'Cute Trick,'" Newsbytes, Mar. 5, 2001 at
http://www.newsbytes.com/news/01/162773.html
The text of WIPO's "Best Practices" proposal is posted under
http://ecommerce.wipo.int/domains/cctlds/bestpractices/bestpractices.htm
l
See also Imogen Foulkes, "Dot.com conflicts scrutinized," BBC News
Online,
Feb. 21, 2001 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1181000/1181926.stm
To read minutes from the Melbourne Civil Society meetings (as compiled
by
Kimberley Heitman, chairman of Electronic Frontiers Australia), click
http://www.internetdemocracyproject.org/melbournemeeting.htm
For further background information, visit
http://www.internetdemocracyproject.org
=================================================
[7] German Nazi website case muddled
=================================================
First it was France; will Germany come next?
The German Central Council for Jews is planning to sue Internet service
providers for allowing access to Nazi websites. According to the group's
vice president, Michel Friedman, such webpages should banned even if
they
are not located in Germany. The possibility that one country's free
speech
restrictions could be applied on a global basis worries many legal
scholars.
Mike Pullen, a lawyer from the British firm DLA, said that while "no one
wants to support Nazi sites," the Council's stance represented "is a
worrying principle. Who's next? What if the French government decides it
doesn't like Greenpeace campaigning about nuclear weapons?" Pullen
suggested
that this suit might contravene article 10 of the European Convention on
Human Rights.
This move comes after a recent French court ruling that mandated web
portal
Yahoo to block French Internet users from accessing the webpages in the
United States that allowed auctions of Nazi memorabilia. The ruling was
made
pursuant to French laws that generally prohibit such goods from even
being
advertised, much less sold. Yahoo has since filed suit in a U.S. Federal
court to prevent the French order from being enforced. However, in the
meantime, Yahoo decided to start blocking Internet users from items
that, in
its judgment, somehow "promote or glorify hatred or violence."
Meanwhile, the German government has halted its investigation of Yahoo
regarding online auctions of Hitler's "Mein Kampf." A government
spokesperson explained that Yahoo was merely a service provider and did
not
itself offer the book for sale. From a prosecutorial standpoint, since
Yahoo
was not fully aware of the Nazi content and could not take steps to
prevent
its sale, it could not be held criminally liable for incitement to
racial
hatred.
In a related story, several Swiss Internet service providers (ISPs) are
blocking foreign webpages at the behest of a local anti-Nazi group.
Swisscom, Sunrise/Diax and Tiscalinet are denying access to some 754
sites
after a complaint was lodged by the Basel-based Children of the
Holocaust.
The ISPs partly based their decision on fears of liability under Swiss
laws
against racist speech that are broadly similar to those in Germany and
France.
See "Germany drops Yahoo 'Mein Kampf' auction probe," Associated Press,
Mar.
22, 2001 at
http://usatoday.com/life/cyber/tech/2001-03-22-yahoo-germany.htm
Read "German Jews sue over Nazi net content," The Guardian Unlimited,
Feb.
20, 2001 at
http://www.guardianunlimited.co.uk/internetnews/story/0,7369,440542,00.h
tml
The European Convention on Human Rights is posted under
http://conventions.coe.int/treaty/EN/cadreprincipal.htm
Read Kristi Essick, "Yahoo Defies Court Ruling Over Nazi Memorabilia,"
The
Industry Standard (Europe), Feb. 21, 2001 at
http://www.thestandard.com/article/display/0,1151,22360,00.html
See also "Nazi web platform blocked by Swiss Internet service
providers,"
Swiss Radio International, Feb. 19, 2001 at
http://www.swissinfo.org/sen/Swissinfo.html?siteSect=111&sid=584058
===================================================
[8] New copy protection schemes may curb fair use
===================================================
Various plans to strengthen the rights of intellectual property holders
may
be coming to a hard drive near you.
One of these schemes, termed Content Protection for Removable Media
(CPRM),
would have placed copy protection software and special digital markings
on
each individual's hard drive (as well as removable drives and other such
systems). Afterwards, computer programs would have to be ported onto
CPRM-compliant hard drives, and, to make backup copies, computer users
may
have to log in to a centralized server, which would ensure conformity
with
intellectual property restrictions.
Many cybercitizens balked at the intrusive nature of these plans, which
led
IBM to shelve CPRM for the time being. However, in its place, the
company is
working with other industry giants such as Intel, Toshiba and Matsushita
toward adopting a new system (developed by Phoenix Technologies). While
details are still sketchy, this plan apparently envisions a scenario
where
files would be encrypted, password-protected or otherwise restricted.
Afterwards, the codes used to access these files would be logged-an
approach
that might still have the same effects as CPRM. It is unclear at this
point
whether this system would be applied to all types of storage devices
(such
as individual hard drives) rather than merely removable media.
Experts have savaged these proposals as a threat to the rights of
ordinary
computer users. Stanton McCandlish of Electronic Frontiers Foundation
(EFF-a
GILC member) called CPRM and its successors "crippleware." He also
reminded
computer companies that their goal should be "to satisfy their
customers,"
rather than restricting online free speech.
See John Borland, "Antipiracy efforts spark battle over copyright
hardware,"
CNet News, Mar. 23, 2001 at
http://news.cnet.com/news/0-1005-201-5211420-0.html
Read Robert Lemos, "IBM pulls digital tagging plan," CNet News, Feb. 22,
2001 at
http://news.cnet.com/news/0-1006-201-4922288-0.html
See also Andrew Orlowski, "Will Phoenix keep your disks and OS
CPRM-free?"
The Register (UK), Feb. 23, 2001 at
http://www.theregister.co.uk/content/4/17132.html
For more of McCandlish's remarks, read Andrew Orlowski, "IBM withdraws
CPRM
for hard drives proposal," The Register (UK), Feb. 22, 2001 at
http://www.theregister.co.uk/content/2/17107.html
==================================================
[9] US Gov't seeks Supreme Court Net speech ruling
==================================================
The United States government is asking the nation's highest court to
uphold
a law that criminalizes online speech.
The so-called Child Online Protection Act made it a crime to use the
Internet to pass along "for commercial purposes" information considered
"harmful to minors." The statute was enacted in response to a 1997
decision
by the U.S. Supreme Court, Reno v. American Civil Liberties Union, which
struck down the Communications Decency Act and applied traditional free
speech protections to the Information Superhighway. COPA was soon
challenged
by the American Civil Liberties Union (ACLU) on behalf of 17 groups and
individuals. Several months ago, a U.S. Federal appeals court had ruled
unanimously that COPA unconstitutionally barred Internet expression.
However, the United States Attorney General, John Ashcroft, has now
petitioned the Supreme Court, asking the tribunal to uphold COPA.
The US Government petition is posted under
http://www.usdoj.gov/osg/briefs/2000/2pet/7pet/2000-1293.pet.aa.html
An ACLU press release about the lower court ruling is available via
http://www.aclu.org/news/2000/n062200b.html
Read Brian Krebs, "Govt Asks Supreme Court To Reverse COPA's Death
Warrant,"
Newsbytes, Feb. 28, 2001 at
http://www.newsbytes.com/news/01/162531.html
==================================================
[10] 2nd round for DVD weblinks case
==================================================
Can you be sued for writing seven lines of computer code?
That's the question many people are asking after 2 students unveiled a
new
program entitled "grpff." The program unscrambles the copy protection
scheme
used in DVDs, and is a simplified version of DeCSS--a primitive computer
program to help users of the Linux operating system play DVDs on their
computers. Over the past year, the entertainment industry, through the
DVD
Content Control Association (DVD CCA) and the Motion Picture Association
of
America (MPAA), has waged legal battles in both New York and California
to
prevent Internet users from linking to websites that have DeCSS. Many
experts fear that these actions may stifle free expression in
cyberspace.
The developers of grpff, Keith Winstein and Marc Horowitz, are from the
Massachusetts Institute of Technology's Student Information Processing
Board, and wrote program for a class that Winstein was teaching. The two
men
were acutely aware of the potential legal threats they may soon face.
Winstein called attempts to stifle the creation and dissemination of
decryption programs "preposterous" and said that "there's some value in
demonstrating how simple these things really are."
Meanwhile, the Electronic Frontier Foundation (EFF-a GILC member) is
appealing a trial court ruling in the New York that banned 2600 magazine
from providing information about DeCSS information on its website. The
opposing sides already have filed briefs, and oral arguments will take
place
within the next few months.
For more on the new qrpff DVD decryption program, read Declan McCullagh,
"Descramble That DVD in 7 Lines," Wired News, Mar. 7, 2001 at
http://www.wired.com/news/print/0,1294,42259,00.html
See also Robert Lemos, "DeCSS 2? DVD code broken again," ZDNet News,
Mar. 8,
2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2693768,00.html
For German language coverage of this development, see "Sieben Zeilen
Code
entschusseln kopiergeschutzte DVDs (Update)," Heise Online, Mar. 8, 2001
at
http://www.heise.de/newsticker/data/nij-08.03.01-000/
For more on the court case, see "Studios Bolster DeCSS Suit," Reuters,
Feb.
21, 2001 at
http://www.wired.com/news/politics/0,1283,41943,00.html
==================================================
[11] Japanese plan: ISPs to become censors
==================================================
A new proposal may force Internet service providers (ISPs) to act as
government speech examiners.
The Japanese Public Management Ministry is planning to submit a bill
requiring ISPs to check for webpages that harm someone's reputation.
Providers would then have to remove offending sites. The bill apparently
contains similar takedown guidelines for copyrighted material, as well
as
provisions requiring ISPs to disclose the identity of website creators
can
be if deemed necessary.
Observers have suggested that these plans may violate Article 21 of the
Japanese Constitution, which guarantees freedom of speech. In response,
the
Ministry has decided to write in provisions allowing both ISPs and
courts to
hear arguments on both sides (aggrieved parties and web content
creators)
for each case before a given webpage is deleted. However, it is unclear
whether Internet authors will be forced to bear the burden of proving
their
innocence. The system may also make it difficult for people to retain
their
anonymity in cyberspace, which may intimidate online protestors and
whistleblowers. Moreover, it is not known whether the new bill gives
sufficient protection for various free speech uses of copyrighted
material
(such as for public commentary or criticism).
See "Law planned to let ISPs remove malicious sites," Yomiuri Shimbun,
Mar.
6, 2001 at
http://globalarchive.ft.com/globalarchive/article.html?id=010306000887
To read Article 21 of the Japanese Constitution, click
http://home.ntt.com/japan/constitution/japanese-Constitution.html#ARTICL
E_21
An English-language translation of the Japanese Constitution is posted
under
http://home.ntt.com/japan/constitution/english-Constitution.html#CHAPTER
_III
==================================================
[12] New anonymous net posting battles
==================================================
Skirmishes continue to break out regarding the future of anonymity along
the
Information Superhighway.
In one of these cases, a judge in the United States is suing to discover
the
identities of online critics, who posted their comments on the "Grant
Street
1999" website. A trial court decided that these identities should not be
disclosed unless the plaintiff shows that her case has merit. However,
the
court refused to dismiss the judge's lawsuit at the outset. The American
Civil Liberties Union (ACLU-a GILC member), which is representing the
authors of the website, is now asking an appeals court to throw out the
lawsuit and prevent unnecessary disclosures.
Meanwhile, in Seattle, the Electronic Frontier Foundation (EFF-a GILC
member) joined forces with a local ACLU affiliate to fight a subpoena
that
would force an Internet service provider to divulge the name of a chat
board
entry. The plaintiff, 2TheMart.com, sought the identities of some 23
individuals, including at least one person who never posted messages
about
the company. EFF's Public Policy director Lauren Gelman warned that
"courts
should not allow subpoenas to be used for 'fishing expeditions' when
individuals' First Amendment rights are at stake. The chilling of free
speech would be catastrophic."
In a third case, a self-titled "Anonymous Publicly Traded Company" is
suing
America Online, hoping to discover the identities of 5 chatboard
critics.
The company claims that these 5 people made "defamatory and disparaging
material misrepresentations," but said that it wanted to remain
incognito to
avoid losing business. A state supreme court ruled that the firm must
first
disclose its own name before it can go forward with its case, and held
that
"the likelihood of the plaintiff suffering some embarrassment or
economic
harm is not enough by itself to permit anonymity."
A recent ruling in the United Kingdom has counterbalanced these
decisions in
the United States. In a lawsuit, a British court has ordered Web trading
company Motley Fool to divulge the identity of a netizen who posted
allegedly defamatory remarks against Internet company Totalise. The
court
also held that Motley Fool was not protected by UK laws that allow
newspapers and other publications in most cases to avoid disclosing
their
sources. Malcolm Hutty of the Campaign Against Censorship of the
Internet in
Britain (CACIB-a GILC member) warned: "A decision like this can be taken
to
mean that anonymity is not right and that is too broad. A court needs to
consider carefully the implications of its decisions and consider
peoples
rights under the Human Rights Act." Hutty was apparently referring to
the
Council of Europe's Universal Declaration of Human Rights Act, which
treats
privacy as a fundamental right.
For more on the Totalise/Motley Fool case, see Steve Gold, "End of the
anonymous net," The Guardian, Mar. 22, 2001 at
http://www.guardianunlimited.co.uk/internetnews/story/0,7369,460668,00.h
tml
"Website operators must identify maker of defamatory comments," The
Times of
London, Mar. 15, 2001 at
http://www.thetimes.co.uk/article/0,,12-99112,00.html
See also Will Knight, "Forums face crackdown after Motley Fool ruling,"
ZDNet UK, Mar. 19, 2001 at
http://www.zdnet.co.uk/news/2001/11/ns-21639.html
For more on the "Anonymous Publicly Traded Company," read Lisa M.
Bowman,
"Anonymous company goes after John Does," CNet News, March 14, 2001 at
http://news.cnet.com/news/0-1005-200-5136753.html
For an ACLU press release on the Melvin and 2TheMart cases, click
http://www.aclu.org/news/2001/n022601b.html
See Jeffrey Benner, "Chat Room Rants Protected," Wired News, Feb. 27,
2001
at
http://www.wired.com/news/politics/0,1283,42039,00.html
See also Aaron Elstein, "AOL sides with anonymous posters," Wall Street
Journal, Mar. 5, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2692564,00.html
Read Jeffrey Terraciano, "Can John Doe Stay Anonymous?" Wired News, Feb.
21,
2001 at
http://www.wired.com/news/politics/0,1283,41714,00.html
==================================================
[13] Cuba's continuing Internet woes
==================================================
Cuba's strict rules on Internet use may be hampering its efforts to
enter
the Information Age.
People who live in the Caribbean nation must jump over many hurdles to
go
online. There is only one Internet service provider, which is run by the
state, charges high fees (more than the annual salary of an average
Cuban)
and has slow connection speeds. After entering cyberspace, Cuban
Internet
users are then blocked from many sites that are deemed "subversive,"
including webpages with anti-Castro or anti-Communist messages,
according to
a government spokesperson. Reports have indicated that similar filtering
regimes are applied to private e-mail messages. Netizens whom the
government
suspects of counter-revolutionary activities are subjected to
surveillance,
equipment seizures and possible jail time.
Academics have pointed out that these regimens have had a detrimental
impact
not only on freedom of information, but on Cuban society. Professor Juan
Carlos Espinosa of St. Thomas University (in Miami, Florida) noted in
particular that "Cuban young people are really hungry for information
and
have a sense of being left behind." Disturbingly, many scholars in Cuba
have
been forced to remain silent or have otherwise refused to comment on the
government's actions, for fear of potential persecution.
See Julia Scheeres, "Cuba Not So Libre With the Net," Wired News, Feb.
23,
2001 at
http://www.wired.com/news/politics/0,1283,41940,00.html
============================================
[14] UK plans may criminalize online protests
============================================
Experts fear that new British legislation will erode free speech rights
on
the Information Superhighway.
One of these proposals is actually contained within amendments to a
Criminal
Justice and Police Bill. The plan would, in theory, criminalize the
sending
of hate mail by electronic means. Violators may be thrown in jail or
forced
to pay fines of 6000 pounds. Free expression advocates are worried that
the
law's vague standards will deter online protests, particularly against
prominent figures such as corporate executives. These fears were
heightened
after comments from British Home Secretary Jack Straw: "These new
measures
are designed to help prevent two tactics used by ...
individuals-protesting
outside employees' and directors' homes and sending intimidating mail.
We
want to ensure that all types of threatening messages are
covered-including
those by text messaging and email."
Meanwhile, a recently enacted British law, the Terrorist Act 2000, is
also
receiving negative reviews. Section 12 of the law contains language that
bans people from merely expressing "support" for any "proscribed
organization"; indeed, these provisions specifically state that "support
...
is not restricted to the provision of money or other property."
Similarly,
the Act also bars people from attending and speaking at any "meeting ...
to
encourage support for a proscribed organization or to further its
activities." A number of observers worry that this statute could be
applied
to stifle online gatherings such as newsgroups and chat rooms.
To read the text of the "Malicious Communications" amendment to the
Criminal
Justice and Police Bill, see
http://www.publications.parliament.uk/pa/cm200001/cmstand/f/st010306/pm/
1030
6s01.htm
See Graeme Warden, "Government to ban 'hate emails,'" ZDNet UK, Feb. 22,
2001 at
http://www.zdnet.co.uk/news/2001/7/ns-21127.html
The text of the Terrorism Act 2000 (section 12) is available at
http://www.hmso.gov.uk/acts/acts2000/00011--c.htm#12
Read Kieren McCarthy, "Newsgroups can be terrorists too," The Register
(UK),
Feb. 20, 2001 at
http://www.theregister.co.uk/content/8/17073.html
======================================================
[15] Music companies & gov't spies: perfect together?
======================================================
The entertainment industry has apparently found a new way to protect
their
interests: have spies watch private citizens as they travel along the
Information Superhighway.
This alliance between intelligence agencies and music companies has
become
particularly strong after a recent court ruling required Napster to
block
access to copyrighted songs. However, various record companies have
pushed
for further measures, as evidenced by a recent raid by government
agents.
The raid came at the behest of the International Federation of the
Phonographic Industry (IFPI), which monitored individuals online, then
passed their information on to the Belgian police. Marcel Hymans, who
leads
the IFPI in Belgium, boasted government authorities would soon break
into
homes of hundreds of cybercitizens. One Belgian publication quoted him
proclaiming: "The time for warnings is over, now we're going into
action."
These efforts have disturbed many within the Internet community, who
worry
about how entertainment conglomerates have apparently become de facto
government agents. These fears have been heightened by IFPI initiatives
in
other countries. In the United Kingdom, a local IFPI spokesperson has
already warned British computer users that they may want to watch what
they
do online: "We have a very aggressive commitment to the fight against
piracy, especially those who upload large amounts of digital music onto
the
Net." Interestingly enough, the spokesperson claimed that IFPI was "not
so
bothered about the one-time downloader," but did not explain precisely
what
standards the group would follow in determining whether to bring in
government law enforcement agents.
See Graeme Warden, "Music industry to snoop on Napster fans worldwide,"
ZDNet UK, Feb. 19, 2001 at
http://www.zdnet.co.uk/news/2001/7/ns-21063.html
See also Michael Learmonth, "The Online Enforcer," The Industry Standard
Europe, Feb. 16, 2001 at
http://www.thestandard.com/article/display/0,1151,22315,00.html
Read Jeffrey Benner, "Napster Fallout: Privacy Loses?" Wired News, Mar.
6,
2001 at
http://www.wired.com/news/politics/0,1283,42203,00.html
Further coverage is available from Janelle Brown, "Who is spying on your
downloads?" Salon.com, Mar. 27, 2001 at
http://salon.com/tech/feature/2001/03/27/media_tracker/index.html
See also John Borland, "Who will serve as Napster police?" ZDNet News,
Mar.
27, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5080218,00.html
======================================================
[16] DoubleClick launches new tracking program
======================================================
Is DoubleClick at it again?
That's what some computer users are wondering after the online
advertising
juggernaut (along with comScore Networks) launched a new plan to collect
personal information from Internet users. While details are sketchy,
this
new software package (called netScore) apparently can track people
wherever
they are logged in-whether they are at home, at work or even overseas.
In a
press release, the DoubleClick boasted that the program was based on a
comScore database that contained personal information dossiers on some
one
and a half million computer users.
The launching of this program comes nearly a year after DoubleClick
recently
admitted to tracking viewers through the Internet by placing digital
identification numbers in files known as "cookies" on a user's hard
drive,
which it matches with name and address information that has been
collected
by its partners. Despite initial claims to the contrary, DoubleClick
expressed its intention to match this data with more extensive
information
contained in millions of files maintained by its merger partner Abacus
Direct. Subsequently, DoubleClick shelved its data-matching plan after a
storm of public criticism.
To read a DoubleClick press release on the subject, visit
http://www.doubleclick.net/us/corporate/presskit/press-releases.asp?asp_
obje
ct_1=&press%5Frelease%5Fid=2496
Read "DoubleClick rolls out ad-tracking tools," Reuters, Mar. 5, 2001 at
http://www.zdnet.com/zdnn/stories/newsbursts/0,7407,2692765,00.html
======================================================
[17] ECHELON spyware plug-ins: Oasis & FLUENT
======================================================
A global surveillance network may be getting even more powerful than
before.
United States intelligence officials have released some information
regarding two new programs. One of these programs, Oasis, automatically
creates machine-readable transcripts from television and audio
broadcasts.
Reports indicate that Oasis can also distinguish individual speakers and
detect personal characteristics (such as gender) then denote these
characteristics in the transcripts it creates. At least one division of
the
U.S. Central Intelligence Agency (CIA) already operates Oasis, and there
are
plans to expand the program's use over the course of this year, as well
as
develop Chinese and Arabic versions.
The other program, FLUENT, allows English-language keyword searches of
non-English materials. This data mining tool not only finds pertinent
documents, but also translates them, although the number of languages
that
can currently be translated is apparently limited (Russian, Chinese,
Portuguese, Serbo-Croatian, Korean and Ukrainian). In addition, FLUENT
displays the frequency with which a given word is used in a document and
can
handle alternate search term spellings.
Many experts note that this new software may be used to upgrade the
massive
surveillance system, popularly known as ECHELON. ECHELON is designed to
intercept communications from around the world, and is reportedly
operated
by the United States National Security Agency in conjunction with
several
other intelligence agencies. It is supposed to be capable of
intercepting
e-mail messages, faxes, and telephone conversations. Concerns about
ECHELON's potential threat to individual privacy were heightened by a
Congressional hearing several months ago, where the directors of both
the
Central Intelligence Agency (CIA) and NSA refused to provide details on
the
legal standards by which ECHELON operates.
See Vernon Loeb, "Making Sense of the Deluge of Data," Washington Post,
Mar.
26, 2001, page A23 at
http://washingtonpost.com/wp-dyn/articles/A57318-2001Mar25.html
Read Tabassum Zakaria, "CIA using data mining to keep smart," Reuters,
Mar.
3, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2692457,00.html
See also Thomas C. Greene, "CIA patching ECHELON shortcomings," The
Register
(UK), Mar. 6, 2001 at
http://www.theregister.co.uk/content/8/17361.html
======================================================
[18] Euro privacy panel attacks cybercrime plan
======================================================
Continued efforts to create a new European cybercrime treaty are raising
serious concerns from both Internet companies and privacy groups.
While the Council of Europe treaty is still being revised, a previous
version would have signatory countries enact laws that might make it
easier
for government agents to search computers and conduct real-time
surveillance
on private citizens through telecommunications networks. The convention
included provisions that may allow law enforcement officials greater
access
to many types of personal security information, such as encryption keys.
Additionally, the scheme could make Internet service providers (ISPs)
liable
for their customers' content, and may lead ISPs to monitor and retain
records on customer activities. Furthermore, the prior draft mandated
signatories to create new harsh penalties for copyright infringement.
European Union officials are now pushing for new sections that would ban
websites containing language deemed hateful or inflammatory, an apparent
extension of a controversial French ruling against Yahoo regarding Nazi
memorabilia on its auction pages.
These plans have drawn a great deal of criticism. The European
Commission
Data Protection Working Party issued an opinion that strongly criticized
the
draft treaty. Among other things, the panel (which is composed of Data
Protection officials from Council of Europe member states) noted that
while
the proposal may be entered into by non-European nations, the treaty did
not
require those countries to create conditions and safeguards to protect
individual privacy. Indeed, the group felt that portions "of the draft
Convention could create the impression that the protection of human
rights
shall only be considered when it is 'due' and shall only be 'adequate'."
In
addition, these experts had "serious concerns" about the proposal's
language
"which obliges service providers to collect or record within their
technical
capability traffic data in real-time," as well as requirements for such
providers to keep traffic and other computer data for 60 days." Thus,
the
Working Party felt that many parts of the Convention "are not sufficient
to
fully safeguard the fundamental rights to privacy and personal data
protection."
The panel's concerns echoed views expressed in a series of recent
letters
from the Global Internet Liberty Campaign. These views were reiterated
by
the French cyberliberties group Imaginons on Reseau Internet Solidaire
(IRIS-a GILC member) which gave a special presentation on these and
other
cybercrime efforts at a special EU briefing held March 7. Meanwhile, the
computing industry has also expressed alarm at these developments. Fred
Eisner from the Dutch Association of Internet Providers complained:
"This
draft convention lacks balance. While it gives far more powers to law
enforcement agencies, there are no built-in checks and balances...on
behalf
of all other actors." Nevertheless, in spite of these difficulties, the
Council may approve a final draft by June.
The Working Party's "Opinion 4/2001 on the Council of Europe's Draft
Convention on Cybercrime" is posted at
http://europa.eu.int/comm/internal_market/en/media/dataprot/wpdocs/wp41e
n.ht
m
For German language press coverage, see Stefan Krempl, "Fette Bugs in
Cybercrime-Abkommen," Heise Telepolis, Mar. 28, 2001 at
http://www.heise.de/tp/deutsch/inhalt/te/7239/1.html
The IRIS presentation (in French) is located under
http://www.iris.sgdg.org/actions/cybercrime/iris-ec0201.html
For more information on the briefing, visit the official EU website via
http://europa.eu.int/ISPO/eif/InternetPoliciesSite/Crime/crime1.html
For further details on industry opposition to these cybercrime
proposals,
read the following Austrian Chamber of Commerce statement (in
German/Deutsch):
http://europa.eu.int/ISPO/eif/InternetPoliciesSite/Crime/Comments/FEEI.h
tml
See "Net execs, governments collide on cybercrime treaty," Reuters, Mar.
6,
2001 at
http://news.cnet.com/news/0-1007-200-5043832.html
See also "Europe Slaving Over Cybercrime," Associated Press, Mar. 6,
2001 at
http://www.wired.com/news/politics/0,1283,42228,00.html
The latest version (no. 25) of the CoE cybercrime treaty is available at
http://conventions.coe.int/treaty/EN/projets/cybercrime25.htm
To read a Dec. 2000 GILC letter on the Council of Europe cybercrime
proposal, see
http://www.gilc.org/privacy/coe-letter-1200.html
======================================================
[19] UK email surveillance regulations stall
======================================================
Will Great Britain ever try to protect the privacy of its workers?
That's the question many UK Internet users are posing after continued
delays
in devising new regulations on the subject. These regulations are
related to
the controversial Regulation of Investigatory Powers Act (RIP) which,
among
other things, includes language stating that employers have a legal
right to
monitor their workers. The British Data Protection Commission had issued
a
draft code that would place a few restrictions on this supposed right,
including fines against firms that violate the code.
The Commission then delayed finalizing this document, supposedly due to
a
large number of public responses (110). The Commission is now planning
to
release these new standards in pieces, with the workplace privacy
section to
come later rather than sooner. Some experts worry that this will leave
British workers with little protection against undue monitoring by their
bosses for an indefinite amount of time. Others wonder whether the code
will
pay sufficient attention to the latest threats to Internet privacy,
including tracking programs built into corporate blocking software.
See Kieren McCarthy, "Email snooping code of practice delay," The
Register
(UK), Mar. 6, 2001 at
http://www.theregister.co.uk/content/8/17365.html
See also David Neal, "Email monitoring code delayed," IT Week, Feb. 23,
2001
at
http://www.zdnet.co.uk/news/2001/7/ns-21172.html
======================================================
[20] Hotmail/Microsoft selling user info
====================================================== Special offer:
sign
on now to receive lots of junk e-mail messages.
That's what many cynics are saying about Hotmail. The Microsoft
subsidiary
has admitted to sharing customer information lists with a public
Internet
directory site. Under this arrangement, Hotmail provided e-mail
addresses
and other personal information to Infospace, including the towns and
states
were individual users lived. Infospace matched that data with telephone
numbers, home addresses and other tidbits, then made the files available
through the World Wide Web, which telemarketers apparently used for
targeted
advertising campaigns. Both Microsoft and Infospace claimed that these
practices should already have been known to customers through their
privacy
policies, and that customers could simply opt-out of this system.
However,
Hotmail's privacy policy actually says: "Hotmail keeps all of your
Personal
Information private and does not share it with any third parties."
Moreover,
Hotmail (in its default settings) assumes consumer consent to this
sharing
procedure; users have the burden of discovering this data transfer
program
and making an effort to change these specifications.
The procedure was discovered by Bennett Haselton of Peacefire (a GILC
member). Haselton noted that the entire scheme invaded user privacy, and
that "[o]nce your e-mail addresses get into the spammers' databases, you
can't get it out again." However, a Microsoft spokesperson nevertheless
claimed that her company was "clearly stating" its procedures, and even
suggested that passing along personal information to third parties was
"a
consumer benefit."
A copy of Hotmail's privacy policy is available at
http://www.hotmail.msn.com/cgi-bin/dasp/hminfo_shell.asp?content=pstate&
_lan
g=EN&id=2&ct=985039874
Read "Hotmail addresses shared with Internet directory site," Associated
Press, Mar. 6, 2001 at
http://abcnews.go.com/wire/Business/ap20010306_436.html
======================================================
[21] Voter.com user political data auction
======================================================
Many dot-coms may have poor policies on user privacy. A number of them
sell
information about their users. But few of them have sold data on their
customers' political views...until now.
Voter.com, which recently went bankrupt, is planning to auction off
details
regarding some 170 000 users. These files include what political parties
individuals adhere to, what issues they find important, as well as
e-mail
addresses and other personal information. The proprietors of the former
policy portal have also made the bizarre claim that this sale is
consistent
with its previously announced privacy standards, in that it will require
buyers to use the data only to "provide personalized political news and
information to subscribers."
Not surprisingly, privacy advocates have panned this move. Jason Catlett
from Junkbusters called Voter.com's auctioning of personal user files as
just "another example of how privacy policies are usually a hopeless way
to
protect privacy because the customer doesn't have predictable rights."
Indeed, these developments come several months after another failed
Internet
company, Toysmart.com was prevented from auction data about its
customers.
Toysmart's majority owner eventually purchased the files and destroyed
them
as part of a court-approved settlement.
In addition, government officials are now starting to take an interest
in
the way bankrupt Internet corporations handle their user databases. The
United States Senate has included an amendment on the subject within a
recently approved bankruptcy bill. Under this standard, dot-coms
essentially
must adhere to their privacy policies even when they go under. Such
companies might be allowed to sell customer data to independent third
parties, but only if a court finds the privacy risk is relatively
insignificant.
For more on the Senate dot-com privacy amendment, see Patrick Ross,
"Senate
protects consumer data," CNet News, Mar. 16, 2001 at
http://news.cnet.com/news/0-1005-200-5160763.html
Read Keith Perine, "State Attorneys General Compromise on Privacy," The
Industry Standard, Mar. 16, 2001 at
http://www.thestandard.com/article/display/0,1151,22917,00.html
For more on Voter.com, see Aaron Pressman, "Voter.com to sell membership
list," The Industry Standard, Mar. 15, 2001 at
http://www.thestandard.com/article/display/0,1151,22894,00.html
===========================================================
[22] New online breaches affect even celebrities
===========================================================
A rash of recent online data intrusions has heightened concerns about
online
privacy.
Perhaps the biggest of these breaches occurred in New York. Government
investigators say that Abraham Abdullah took advantage of lax security
measures and used the Internet to break into the accounts of several
prominent celebrities. The list of alleged victims includes Steven
Spielberg, Ted Turner, Oprah Winfrey and many others. According to
prosecutors, Abdullah was particularly effective in manipulating large
financial institutions (including Merrill Lynch, Goldman Sachs, Equifax
and
others) into accessing sensitive account information. Some experts
suggest
that the total amount of stolen materials could be in the millions of US
dollars.
This event was one of only several highly publicized incidents that have
heightened concerns about online privacy. Bibliofind, a subsidiary of
Amazon, has admitted that hackers have been able to access customer data
such as credit card numbers, names, addresses and telephone numbers for
nearly 4 months. The number of consumers affected by this breach may be
as
high as 98 000. Meanwhile, OfficeMax.com (which sells office supplies)
exposed personal user information (such as credit card numbers and
expiration dates) on its website. While it is unclear how many online
customers were affected, the site had attracted nearly one and half
million
visitors in January.
For more on the celebrity credit card scam, see Murray Weiss, "How NYPD
Cracked the Ultimate Cyberfraud," New York Post, Mar. 20, 2001 at
http://www.nypost.com/news/regionalnews/26868.htm
See also "Cybertheft Case Skewers Celebs," CBS News, Mar. 20, 2001 at
http://cbsnews.com/now/story/0,1597,280107-412,00.shtml
For more on the Amazon subsidiary security breach, see Stuart Millar,
"Hackers humiliate Amazon," The Guardian, Mar. 8, 2001 at
http://www.guardianunlimited.co.uk/internetnews/story/0,7369,448408,00.h
tml
Read "Hackers Hit Amazon Unit Site," Washington Post, Mar. 6, 2001, page
E2,
at
http://washingtonpost.com/wp-dyn/articles/A27498-2001Mar5.html
See also "Amazon.com unit Bibliofind subject of hacker attacks,"
Associated
Press, Mar. 5, 2001 at
http://abcnews.go.com/wire/Business/ap20010305_1551.html
For more on the OfficeMax credit card disclosures, see Michele Kessler,
"OfficeMax site exposes private customer info," USA Today, Feb. 22, 2001
at
http://www.usatoday.com/life/cyber/tech/2001-02-22-officemax.htm
===========================================================
[23] New Privacy Coalition formed
===========================================================
Dozens of organizations have banded together to launch a new initiative:
the
Privacy Coalition.
In this Coalition, individual groups have signed on to a special Privacy
Pledge supporting a privacy framework to protect the rights of citizens
in
the information age. This system includes such principles as "Fair
Information Practices, independent enforcement and oversight, promotion
of
genuine Privacy Enhancing Technologies, legal restrictions on
surveillance
technologies, and a solid foundation of federal privacy safeguards that
permit the private sector and states to implement supplementary
protections
as needed."
Ed Mierzwinski of the United States Public Interest Research Group said
that
one of the Coalition's first priorities is to urge "legislators to sign
our
new privacy pledge to help us defend consumer and citizen privacy rights
against a massive industry campaign to dumb them down." Other Coalition
members hoped that these efforts would also lead lawmakers to enact
proposals to create strong privacy standards. Marc Rotenberg of the
Electronic Privacy Information Center (EPIC-a GILC member) pointed out
that
"[t]here needs to be an agency or statute to enforce privacy interests,
because the current arrangement puts all of the burden on the
individual."
These moves come in light of recent Forrester Research study which
suggests
that consumers have lingering fears about their privacy on the Internet,
and
that industry efforts to quiet these fears have come up short. As one
Forrester analyst put it, "Anyone who thinks the privacy issue has
peaked is
greatly mistaken."
To read the Privacy Pledge, visit
http://www.privacypledge.org
For press coverage of this event, see Brian Krebs, "Group Urges
Lawmakers To
Sign Privacy Pledge," Newsbytes, Feb. 12, 2001 at
http://www.newsbytes.com/news/01/161859.html
See also Brock N. Meeks, "Privacy groups to Congress: Get your act
together," MSNBC, Feb. 13, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2685081,00.html
For more on the Forrester study, see David McGuire, "Firms Must Tackle
Consumers' Privacy Anxieties-Forrester," Newsbytes, Mar. 5, 2001 at
http://www.newsbytes.com/news/01/162712.html
============================================
[24] Privacy software in the works
============================================
Scientists are busy creating several new computer programs that may
enhance
online privacy.
One of these programs is the brainchild of Richard M. Smith from the
Privacy
Foundation. This software is designed to counter tiny image files (known
"webbugs") which are being used increasingly to identify and track
computer
users. The Privacy Foundation program, which is currently being tested,
causes individual computers to say "uh-oh" when a webbug is encountered.
Smith hopes that "if people see the Web bug, they'll contact the Web
site
and ask why. So it's sort of putting social pressure on Web sites."
Another new program, the Evidence Eliminator, allows users to leave
little
or no trace of their activities. To do this it destroys a vast array of
files and logs which may betray a given user's actions, including
caches,
temporary swap files, media player histories, registry streams and so
on. It
also permanently erases these files to a greater extent than usual
methods.
The program's creators also claim that the Eliminator can accelerate
computing performance, presumably by freeing up system resources.
Observers hope that these and other devices will usher in a new privacy
age
that will foster Internet growth. David Sobel of the Electronic Privacy
Information Center (EPIC-a GILC member) notes that "[t]echnologies that
facilitate anonymous use of the Internet are really critical to the
survival
of the Internet as an open and democratic form."
See "Software tools help Web users protect privacy," Associated Press,
Mar.
19, 2001 at
http://www.usatoday.com/life/cyber/tech/2001-03-19-privacy.htm
For more on webbug detectors, read Stefanie Olsen, "New tools hatch for
sniffing out Web bugs," CNet News, Mar. 5, 2001 at
http://news.cnet.com/news/0-1005-200-5008849.html
For further details on the Evidence Eliminator, see
http://www.evidence-eliminator.com/
============================================
[25] CFP 2001 Conference held
============================================
Despite a massive snowstorm, intrepid attendees to the Computers,
Freedom,
and Privacy (CFP) conference discussed a variety of hot cyberliberties
issues.
In one noteworthy session, Richard M. Smith of the Privacy Foundation
demonstrated how several new devices may help various parties spy on
individuals. An cited example was SportBrain, which is worn on the
user's
body and tracks the person's heart beat, body movements and other
personal
information. It turns out that the device sends this data back to the
manufacturer's website, apparently so that the company can better target
advertisements. Yet despite the apparent security issues involved, a
corporate spokesperson claimed that SportBrain posed "no privacy
concerns."
Coinciding with the CFP meetings was the third annual United States Big
Brother Awards ceremony, sponsored by Privacy International (a GILC
member).
These awards were designed to publicize some of the most serious threats
to
individual privacy online. This year's Most Invasive Proposal prize went
to
the notorious the US government's Carnivore spyware program; data mining
firm ChoicePoint won the corporate invader award for "massive selling of
records, accurate and inaccurate to cops, direct marketers and elected
officials." The City of Tampa, Florida won the worst public official
award
for its facial scans of everyone who went to see the Super Bowl in
January.
The Lifetime Menace prize went to The US National Security Agency for,
among
other things, "50 years of spying."
In addition, the Electronic Frontier Foundation (EFF-a GILC member)
conferred its 2001 Pioneer Awards. The winners included Seth Finkelstein
for
"raising the level of public awareness about the dangers to free
expression
posed by Internet content blocking and labelling systems." Other
recipients
included Canadian privacy advocate Stephanie Perrin and the late Bruce
Ennis, who he successfully argued the case of online free speech case of
Reno v. the American Civil Liberties Union before the U.S. Supreme
Court.
For more on SportBrain and other new possible tracking technologies, see
Eric Auchard, "Those great gadgets may be spying on you," Reuters, Mar.
8,
2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2693860,00.html
For more details on the 2001 U.S. Big Brother Awards, click
http://www.privacyinternational.org/bigbrother/us2001/
See Michael S. James, "Is 'Big Brother' Watching?" ABCNews.com (U.S.),
Mar.
8, 2001 at
http://abcnews.go.com/sections/scitech/DailyNews/bigbrother_010307.html
For German language coverage of the Big Brother Awards, see Stefan
Krempl,
"NSA offiziel zum Big Brother gekurt," Heise Telepolis, Mar. 8, 2001 at
http://www.heise.de/tp/deutsch/inhalt/te/7092/1.html
EFF's announcement of the 2001 Pioneer Awards winners is posted at
http://www.eff.org/awards/20010305_pioneer_press_release.html
============================================
[26] New GILC Members: APC and CCC
============================================
The Global Internet Liberty Campaign welcomes two new members: the
Association for Progressive Communications (APC) and the Chaos Computer
Club
(CCC).
Founded in 1990, APC has fought to make information technology more
readily
accessible to members of civil society. Towards that end, it has mounted
strong protests against government-sponsored surveillance plans around
the
world, ranging from the British Regulation of Investigatory Powers Bill
(RIP) to the global ECHELON spy network. APC has also launched an
Internet
Rights Program to foster democracy in cyberspace, and has fought
attempts to
censor the Internet in several countries, including most recently Korea.
Over the past ten years, the Germany-based CCC has vigorously defended
the
rights of computers users to engage in a whole of activities, including
freedom of expression and information. In the past, the group has made
efforts to increase public awareness of such Internet privacy issues as
encryption key escrow, the security of online banks and many others.
The APC homepage is located at
http://www.apc.org
Visit the CCC website at
http://www.ccc.de
=========================================================
ABOUT THE GILC NEWS ALERT:
==========================================================
The GILC News Alert is the newsletter of the Global Internet Liberty
Campaign, an international coalition of organizations working to protect
and
enhance online civil liberties and human rights. Organizations are
invited
to join GILC by contacting us at
[log in to unmask]
To alert members about threats to cyber liberties, please contact
members
from your country or send a message to the general GILC address.
To submit information about upcoming events, new activist tools and news
stories, contact:
Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004
USA
Or email:
[log in to unmask]
More information about GILC members and news is available at
http://www.gilc.org
You may re-print or redistribute the GILC NEWS ALERT freely.
To subscribe to the alert, please send e-mail to
[log in to unmask]
with the following message in the body:
subscribe gilc-announce
========================================================
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A
GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)
========================================================
************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************
|
