From: Chris Chiu [mailto:[log in to unmask]] Sent: Friday, October 26, 2001 7:18 PM
To: GILC announce (E-mail)
Subject: GILC Alert



GILC AlertVolume 5, Issue 7
October 26, 2001

Welcome to the Global Internet Liberty Campaign Newsletter.

Welcome to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and human
rights on the Internet.
We hope you find this newsletter interesting, and we very much hope that you
will avail yourselves of the action items in future issues.
If you are a part of an organization that would be interested in joining
GILC, please contact us at <[log in to unmask]>.
If you are aware of threats to cyber-liberties that we may not know about,
please contact the GILC members in your country, or contact GILC as a whole.
Please feel free to redistribute this newsletter to appropriate forums.

===============================================
Free expression
[1] US bill to mandate crippleware
[2] Japanese Net news summary service sued
[3] China Net restrictions grow stronger
[4] Afghan gov't extends Internet ban
[5] ICANN pushes Net voting curbs
[6] Australian ruling poses Net speech problems
[7] New NZ copyright plan: DMCA-lite?
[8] Asian Net defamation bills raise speech issues
[9] More children in South Africa, India go online

Privacy
[10] New US law weakens Net privacy standards
[11] Plan to give Hollywood hacking powers
[12] Euro surveillance proposals gain momentum
[13] New pro-privacy coalitions formed
[14] Cell phone tracking plans delayed
[15] Carnivore use may be growing
[16] British gov't forces user data logging
[17] Tougher US Net privacy standards now a longshot
[18] Indonesian cyberlaws delayed

===============================================
[1] US bill to mandate crippleware
===============================================
Here's a way to protect intellectual property: force hardware manufacturers
to build in user-restrictive devices, or face criminal penalties.

That's the idea behind a new bill that may soon be considered by the United
States Senate. Among other things, the Security Systems Standards and
Certification Act (SSSCA) would require hardware manufacturers to build
copyright protection devices into their products. Similarly, interactive
computer services would have to use "certified security technologies" before
allowing "copyrighted material or other protected content" from being stored
or transmitted on their networks. The bill would give industrial groups a
year or so to iron out specific standards; otherwise, the Federal government
would step in. In addition, the SSSCA would make it a crime to sell "any
interactive digital device" without copyright control measures, remove or
alter "certified security technology" or to "make available to the public"
any copyrighted material that has had these technologies removed. Violators
could face 10 years in jail and stiff fines.

Many cyber-liberties groups have voiced opposition to the bill, fearing it
will stifle free speech online by preventing individuals from making fair
use of various forms of digital expression. The Electronic Frontier
Foundation (EFF-a GILC member) has started an anti-SSSCA letter writing
campaign, arguing that in the past, "Congress and the courts have always
struck a careful balance between preserving incentives for authors while
ensuring public access to our cultural heritage. The SSSCA represents an
unvarnished attack on this balanced view of copyright. ... The public would
be left with crippled technologies that permit only the uses that Hollywood
unilaterally permits."

The push to mandate so-called "crippleware" has even sparked a backlash from
various industrial heavyweights, such as the Computer Systems Policy Project
(CSPP), a trade group that includes hardware manufacturers such as IBM,
Motorola and Dell.  CSPP executive director Ken Kay warned that the SSSCA
"would be an unwarranted intrusion by the government into the commercial
marketplace. This would freeze technology ... (and) force government to pick
winners and losers." Similar views were expressed by Intel's Jeff Lawrence,
who said that it would be difficult, if not impossible, to create a single
successful technological measure to prevent piracy, and that it would be "a
mistake to say that there is a magic bullet out there that someone's trying
to invent."

However, several major music companies have already begun to introduce
compact discs that cannot be played on many machines (especially personal
computers) due to special copyright protection schemes. The list of affected
CDs will soon include the latest Nsync album "Celebrity" and Michael
Jackson's new single "Rock Your World." Indeed, Universal Music Group has
recently announced that by early 2002, every one of its CDs will be encoded
with user-restriction routines. Reports indicate there may be over 1 million
compact discs on the market today that are copy-protected or otherwise
crippled, although the biggest record labels have disclosed few details.

This latest development is drawing fierce criticism from users; Jim Peters
from the Campaign for Digital Rights called the move "underhanded" and noted
how "these new modified CD formats are being introduced secretly, without
public knowledge." Peters' organization has started a leaflet drive in
Britain to support the abolition of overly restrictive copyright measures.
Meanwhile, the United States government has launched an investigation of
various entertainment giants regarding possible "anticompetitive licensing
of intellectual property rights associated with provision of music over the
Internet." Similar concerns are being raised by European Union regulators.

The full text of the SSSCA is available at
http://cryptome.org/sssca.htm

An EFF Alert on the SSSCA is posted under
http://www.eff.org/alerts/20010921_eff_sssca_alert.html

For the latest details, read John Borland, "Techs broadside anti-piracy
plan," ZDNet News, Oct. 22, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5098618,00.html

See Alex Webb, "New legal assault on US CD copying," BBC News Online, Oct.
9, 2001 at
http://news.bbc.co.uk/hi/english/entertainment/new_media/newsid_1589000/1589
022.stm

For more on the U.S. government intellectual property anti-trust
investigation, see Anna Wilde Matthews and John R. Wilke, "DOJ expands
online music probe," Wall Street Journal, Oct. 15, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2817926,00.html

Read Jim Hu, John Borland and Rachel Konrad, "New threat to record labels:
the DOJ," ZDNet News, Oct. 19, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5098534,00.html

See also "EU 'threat' over download sites," BBC News Online, Oct. 15, 2001
at
http://news.bbc.co.uk/low/english/entertainment/new_media/newsid_1600000/160
0064.stm

Read "N Sync fight the CD pirates," BBC News Online, Oct. 3, 2001 at
http://news.bbc.co.uk/hi/english/entertainment/new_media/newsid_1577000/1577
430.stm

See "Universal plans protection for all CDs," Reuters, Sept. 25, 2001 at
http://news.cnet.com/news/0-1005-200-7299321.html

Read Steve Gold, "U.K. Digital Activist Group Takes on Copyright Act,"
Newsbytes, Oct. 1, 2001 at
http://www.newsbytes.com/news/01/170686.html

Read "Q&A: Fighting online music piracy," BBC News Online, Oct. 2, 2001 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1573000/1573041.stm

See also "Labels plan to copy-proof CDs," Associated Press, Aug. 24, 2001 at
http://australianit.news.com.au/common/storyPage/0,3811,2677162%255E442,00.h
tml

For German (Deutsch) language coverage, read Florian Rotzer, "Weltweiter
Ruckgang von verkauften Musik-CDs," Heise Telepolis, Oct. 2, 2001 at
http://www.heise.de/tp/deutsch/inhalt/musik/9701/1.html

===========================================
[2] Japanese Net news summary service sued
===========================================
Is running an Internet news clippings service illegal?

That's the question being posed by a new case in Japan. The dispute revolves
around Comet Hunter, which regularly sent summaries of business news items
to paying subscribers by email. Afterwards, the company posted these
summaries on its Sokudoku Honpo website that could be viewed free of charge.
Now several copyright holders, including the Nihon Keizai Shimbun newspaper,
are suing Comet Hunter for copyright infringement. They are asking a Tokyo
District Court to terminate Comet Hunter's news summary program (including
both the email subscription service and the website). They have also
requested an award of nearly 12 million yen in damages.

The plaintiffs' attorneys claim that this is the first Internet copyright
case to be filed in the Land of the Rising Sun. The dispute raises important
free speech issues, particularly with regard to fair use of copyrighted
works.

See "Authors sue Internet operator over copyright," Mainichi Shimbun, Oct.
18, 2001 at
http://mdn.mainichi.co.jp/news/archive/200110/18/20011018p2a00m0dm007000c.ht
ml

===============================================
[3] China Net restrictions grow stronger
===============================================
Mainland China is continuing its war against online critics, both through
criminal prosecutions and new Western-developed technology.

Over the past few weeks, the Chinese government has sent several people to
jail due to their Internet activities. Zhu Ruixiang, for example, faces
three years in prison for forwarding a banned pro-democracy email
newsletter, VIP Reference, to several friends. A Chinese court had given Zhu
a nine-month sentence, but this period was extended at the behest of local
officials. Chinese government agents have also shut down a number of
computer bulletin boards, including Baiyun Huanghe and Tianya Zongheng,
which had previously included vigorous discussion of various political
events.

At the same time, a technology war is brewing over Chinese Internet content
controls. SafeWeb, a company based in California, has signed a deal with the
Voice of America's parent agency to develop systems that would allow Chinese
websurfers to avoid Beijing censor schemes. These schemes came to the
attention of many visitors to the Asia Pacific Economic Forum summit in
Shanghai, who found that they were unable to visit a number of Western news
sites, despite reports that Chinese authorities had lifted restrictions on
accessing such webpages. Meanwhile, another U.S. company, RSA, is now
planning China-specific user authentication and access controls, which could
be used by the Chinese government to bar access to the Information
Superhighway.

For more on China's apparent continued blocking of news sites, read Clay
Chandler, "China Again Censoring Web," Washington Post, Oct. 23, 2001, page
E1 at
http://www.washingtonpost.com/wp-dyn/articles/A36527-2001Oct22.html

See also "BBC News Online blocked at Apec," BBC News Online, Oct. 18, 2001
at
http://news.bbc.co.uk/hi/english/world/asia-pacific/newsid_1606000/1606626.s
tm

For more information from Digital Freedom Network (DFN-a GILC member) on
recent jailings of Chinese Net dissidents, click
http://dfn.org/focus/china/zhuruixiang.htm

Further details are also available from Reporters Sans Frontieres at
http://www.hrea.org/lists/huridocs-tech/markup/msg00656.html

For more on the closing of Baiyun Huanghe bulletin board, visit the DFN
website under
http://dfn.org/focus/china/baiyun.htm

Additional details on the Tianya bulletin board shutdown are available in
"Authorities Chinese Web Sites for Opposition Publications," China News
Digest, Sept. 3, 2001 at
http://www.cnd.org/Global/01/09/03/010903-0.html

Read Adam Creed, "RSA To Build Chinese Internet Security System," Newsbytes,
Sept. 19, 2001 at
http://www.newsbytes.com/news/01/170256.html

Additional details on the SafeWeb China initiative are available from Liu
Weijun, "US to Use Internet in Information War with China," China News
Digest, Sept. 1, 2001 at
http://www.cnd.org/Global/01/09/01/010901-2.html

See also Verne Kopytoff, "Stephen Hsu: CEO says Safeweb plan will help open
China," San Francisco Chronicle, Sept. 4, 2001, page D1 at
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2001/09/04/BU115268.DTL

===============================================
[4] Afghan gov't extends Internet ban
===============================================
The rulers of Afghanistan are at it again.

The Taliban have enlarged their ban on Internet usage to include still more
people, especially foreigners. Previously, the Afghan government made it
illegal for citizens to use the Information Superhighway. Now Taliban
officials have extended this edict to include foreigners, such as
international relief workers. Afghan leader Mullah Mohammed Omar confirmed
that these rules would be enforced by the state Ministry for the Promotion
of Virtue and Prevention of Vice. Government agents are already scouring the
World Wide Web in search of potential offenders, especially reporters. The
Taliban regime has even raided United Nations offices and threatened to kill
U.N. employees if they try to use computers or communications equipment
anywhere in the country.

These measures represent a further setback for efforts to bring Afghanistan
into the Information Age. Severe problems with the nation's infrastructure
(due in part to years of civil war and dire poverty) had already prevented
most Afghanis from going online. These difficulties are only expected to
worsen in the short term, as the current military conflict with the United
States continues.

Read "Taliban Threatens U.N. Techies," Associated Press, Sept. 24, 2001 at
http://www.wired.com/news/print/0,1294,47074,00.html

See "Taleban logs whole nation off net," BBC News, Aug. 25, 2001 at
http://news.bbc.co.uk/hi/english/world/south_asia/newsid_1509000/1509497.stm

Read Kathy Gannon, "Taliban leader bans internet," Australian IT, Aug. 27,
2001 at
http://australianit.news.com.au/common/storyPage/0,3811,2697612%255E442,00.h
tml

===============================================
[5] ICANN pushes Net voting curbs
===============================================
The organization charged with managing the Internet domain name system has
shifted its attention to a subject it has rarely discussed-security.

The Internet Corporation for Assigned Names and Numbers (ICANN) has decided
to go forward with its planned meetings in Los Angeles, but with several
important changes. Among other things, the meetings will focus primarily on
the security and stability of the domain name system. ICANN warned that the
"focus of the meetings may well delay progress on some of the worthy and
important initiatives that are currently underway."

The warning may be in reference to a controversial draft report recently
issued by ICANN's At-Large Study Committee (ALSC). That report recommended
that voting in ICANN elections should be limited to people who own domain
names and pay membership fees. Currently, ICANN allows individuals to vote
so long as they have a valid email and postal return address. The committee
also recommended reducing the number of At-Large Board members from 9 (out
of 19) to six. In October 2000, the organization had held public elections
for 5 of these At-Large Board seats, and still has not held elections for
the other 4 slots yet.

These suggestions had been met with sharp criticism from several quarters.
This criticism had been bolstered by the findings of a special
Non-governmental organization and Academic ICANN Study group (NAIS), which
stated that the domain name ruling body needed to do more to facilitate
informed public participation in its decision making. Among other things,
the NAIS report argued that ICANN should have at least as many publicly
elected At-Large Directors as those selected by Supporting Organizations,
and that ICANN "membership should be open to all who express interest by
completing a relatively simple registration process online combined with
postal return confirmation."

Another major issue that had been drawing attention was ICANN's decision to
ban registration of certain geography-related terms within the new .info
top-level domain until its March 2002 meetings in Accra, Ghana. The ban came
despite the recommendations of the World Intellectual Property Organization,
which had previously issued a report saying that it would be premature to
impose intellectual property type restrictions on such words within the
domain name system.

For more on ICANN's upcoming November 2001 meetings, click
http://www.icann.org/mdr2001/

See "Net body targets web security," BBC News Online, Sept. 28, 2001 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1569000/1569104.stm

The ALSC draft report is posted under
http://www.atlargestudy.org/draft_final.shtml

For further analysis of the ALSC draft report, read the Cyber-Federalist No.
11, available at
http://www.internetdemocracyproject.org/newslt11.htm

The NAIS report is posted at
http://www.naisproject.org/report/final/

See also Serena Parker, "Panel Debates Internet Issues," Associated Press,
Sept. 9, 2001 at
http://www.nandotimes.com/technology/story/76084p-1067474c.html

The text of ICANN's resolution banning geographic term registration is
available at
http://www.icann.org/minutes/prelim-report-10sep01.htm#GeographicandGeopolit
icalNamesininfo

The aforementioned WIPO report is posted under
http://wipo2.wipo.int/process2/report/index.html

Additional details on the ban are available in "ICANN cracks down on
cybersquatters," Reuters, Sept. 10, 2001 at
http://www.zdnet.com/zdnn/stories/bursts/0,7407,5096821,00.html

===============================================
[6] Australian ruling poses Net speech problems
===============================================
A court decision Down Under may have serious cross-border implications for
online speech.

The case involves the U.S. business magazine Barron's, which published an
article accusing an Australian citizen of "a series of offences, stock
manipulations, classic stock scams and frauds and connection with money
laundering." That citizen, Joseph Gutnick, sued Barron's parent company Dow
Jones, claiming that the online publication of the article made the
corporation liable under Australian defamation laws, which are less
protective of free speech than United States standards.

An Australian court agreed with Gutnick and ruled in his favor. In his
opinion, the presiding judge held that Internet speakers should be held
liable under the laws of all nations where the information is "seen and
heard, (i.e. made manifest to) and comprehended by the reader or hearer." He
threw out Dow Jones' claims that it could not be held responsible for the
actions of users in other countries, calling them "fallacious." He also
summarily refused to apply free speech doctrines to the online world and
rejected the idea that the Internet should be a "defamation-free zone."

Many observers fear that the decision will chill Internet expression by
subjecting online speakers to liability under speech restrictions from a
multitude of nations. Peter Coroneos of the Australian Internet Industry
Association warned: "The presumption now is that when you post any article
on the Internet, you will be required to comply with the local laws of all
the jurisdictions anywhere in the world that it can be downloaded. That
means basically that you can't protect yourself." Dow Jones has already
filed an appeal; the company's vice president for corporate communications,
Steve Goldstein, said that his firm does "not believe that Australia is an
appropriate venue for a case involving a story that was published in New
York."

The trial court ruling is available at
http://www.austlii.edu.au/au/cases/vic/VSC/2001/305.html

See Kate Mackenzie, "Net defamation ruling appealed," Australian IT, Sept.
20, 2001 at
http://australianit.news.com.au/common/storyPage/0,3811,2902002%255E442,00.h
tml

Read Adam Creed, "Dow Jones Appeals Internet Defamation Decision,"
Newsbytes, Sept. 21, 2001 at
http://www.newsbytes.com/news/01/170349.html

See "Dow Jones Appeals Net Ruling," Associated Press, Sept. 19, 2001 at
http://www.wired.com/news/print/0,1294,46986,00.html

===================================================
[7] New NZ copyright plan: DMCA-lite?
===================================================
Microsoft is pressuring New Zealand to expand its intellectual property laws
in ways that may undermine free speech on the Information Superhighway.

While many details are still forthcoming, Microsoft suggested "outlawing
devices, either mechanical or software-based" that could be used to
circumvent copy protections, even if such products can be used for
noninfringing purposes. In addition, Internet service providers would be
obligated to "take down or block" purportedly infringing material for fear
of liability. The plan would ban even "temporary copies" of copyrighted
material, which might make it a crime merely to view certain webpages.

The proposed measure is very similar to the controversial United States
Digital Millennium Copyright Act (DMCA). The DMCA has been derided by many
Internet user groups as having a detrimental impact on freedom of
expression. These concerns were heightened in a recent case, where a Russian
programmer, Dmitry Sklyarov, faces several years in jail after presenting a
research paper on electronic book encryption codes. Fred von Lohmann from
the Electronic Frontiers Foundation (EFF-a GILC member) pointed out:
"Copyright owners told us that they needed the DMCA to stop piracy. Instead,
it has been used against the press, scientists, and computer programmers.
We're hoping that other countries learn from our mistakes, and will think
twice before giving in to the demands of corporate media giants."

An EFF press release regarding the New Zealand copyright proposal is posted
at
http://www.eff.org/IP/Foreign_and_local/New_Zealand/20011023_eff_dpdtca_pr.h
tml

Read David McGuire, "EFF Lobbies Against New Zealand Copyright Law,"
Newsbytes, Oct. 23, 2001 at
http://www.newsbytes.com/news/01/171435.html

See "Microsoft seeks copyright changes," New Zealand InfoTech, Oct. 18, 2001
at
http://www.stuff.co.nz/inl/index/0,1008,977016a28,FF.html

See Adam Creed, "Microsoft Lobbies For Strict New Zealand Copyright Rules,"
Newsbytes, Oct. 17, 2001 at
http://www.newsbytes.com/news/01/171197.html

More information concerning the Dmitry Skylarov case is available from the
Electronic Frontiers Foundation (EFF-a GILC member) under
http://www.eff.org/IP/DMCA/US_v_Sklyarov/20010904_eff_sklyarov_elcom_pr.html

===================================================
[8] Asian Net defamation bills raise speech issues
===================================================
The governments of South Korea and Japan are each pushing plans that may
chill Internet speech.

South Korean officials are in the process of creating a massive database
containing personal information about private Internet users. The Korean
Ministry of Information and Communication claims that this measure is
necessary to protect politicians from insults. Under this proposal, online
speakers could be found, then silenced with greater ease. This system will
be coupled with new guidelines to ban information that is somehow deemed
derogatory, abusive or obscene. However, many details, including precise
criteria that would be used to determine whether certain speech is actually
defamatory, have yet to be released.

These moves have raised questions as to whether the plan, if fully
implemented, could be used as a weapon to silence political dissent. These
fears were buttressed by indications from the South Korean National Police
Agency that it would tighten enforcement of anti-defamation laws on the
Internet prior to the country's presidential elections in 2002. Moreover,
the South Korean government already has increased the penalties for slander
and libel: up to 7 years in jail or fines of up to 50 million won.

Meanwhile, the Japanese government has drafted broadly similar legislation.
The Japanese plan would require Internet service providers (ISPs), upon
complaint, to issue warnings to online critics and takedown purportedly
slanderous material if no response is received. In addition, ISPs would also
have to submit to compliance monitors selected by the Japanese Ministry of
Public Management, Home Affairs, Posts and Telecommunications. This plan may
be considered by the Diet (Japanese parliament) within the next two weeks.

See "Steps Taken to Crack Down on Cyber Defamation," Korea Times, Oct. 4,
2001 at
http://www.hankooki.com/kt_tech/200110/t2001100417545045110.htm

The text of the Japanese bill (in Japanese) is posted under
http://www.mainichi.co.jp/digital/houan/01.html

See "Gov't to clamp down on Net providers to protect privacy," Mainichi
Shimbun, Oct. 16, 2001 at
http://mdn.mainichi.co.jp/news/20011016p2a00m0dm019001c.html

==================================================
[9] More children in developing nations go online
==================================================
Several efforts to bridge the digital divide are beginning to bear fruit.

In South Africa, dozens of special "digital villages" are being created to
provide Internet access in rural areas. At the same time, a number of urban
cybercafes have started programs specifically targeted at youngsters. The
proprietor of one such establish explained: "Our target group are those kids
who grow up hearing about the internet who can't get access to it." Indeed,
studies have shown that the majority of the nation's children (particularly
those who live in the countryside or unprivileged neighborhoods) still have
no way of reaching the online world.

Meanwhile, in India, a number of initiatives have been launched to allow
more people to enter the Information Superhighway. In a special
"hole-in-the-wall" project, computers were placed in some of the poorest
neighborhoods in several key cities, such as Delhi. Within a short time,
numerous children flocked to these units and learned by themselves how to
surf the Internet, even though many of them were illiterate and had not had
any formal computer training. The experiment, which received funding from
government and private sources, seems to suggest that the digital world
could play a crucial role in improving India's educational standards.

Another idea to bridge the digital divide has been the widespread
introduction of low-cost Internet appliances (called Simputers). Vinay
Deshpade of Simputer Trust said that while his organization's "initial
target is India...if it is applicable in India, it will also be applicable
in the rest of the third world. We have had a tremendous response from all
over the world - from South America to Australia and every other country in
between, including some of the developed countries." Experts believe that
the development of these and other technologies, such as wireless local loop
networks and satellite Internet radios, will spur the growth of the
Information Superhighway throughout the globe.

For more on local loop technology, click
http://www.tenet.res.in/cordect/cordect.html


See Francis Ayieko, "Internet radios aid Africa," Interlink Rural
Information
Service, Oct. 19, 2001 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1608000/1608394.stm

Read "South Africa's internet generation," BBC News Online, Aug. 28, 2001 at
http://newsvote.bbc.co.uk/hi/english/talking_point/forum/newsid_1513000/1513
251.stm

For more on the Indian Free Net access project, see "Delhi children make
play of the net," BBC News, Aug. 27, 2001 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1502000/1502820.stm

Additional information on Simputers is available in "India's simple computer
for the poor," BBC News Online, Sept. 24, 2001 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1560000/1560771.stm

==================================================
[10] New US law weakens Net privacy standards
==================================================
The United States government has enacted a new law that greatly expands
government surveillance powers in cyberspace.

Recent terrorist attacks in the United States had led to several proposals
that would enhance the ability of law enforcement officials to wiretap the
Internet. One of these proposals, the Mobilization Against Terrorism Act
(MATA), would have allowed the U.S. government to make greater use of
controversial spy tools such as Carnivore. Among other things, MATA included
provisions that would have applied loose pen register protections currently
in place for such things as phone numbers and apply them to the Information
Superhighway, rather than requiring law enforcement agents to show probable
cause that a crime is being committed and get a court order. It would also
expand the powers of a secret United States court, created under the Foreign
Intelligence Surveillance Act (FISA), whose procedural protections are not
as strong as those of other tribunals. In addition, MATA would have provided
the government with the ability to break into houses and conduct secret
searches.

However, the proposal lost some momentum partly due to the objections of
privacy advocates. The Electronic Privacy Information Center (EPIC-a GILC
member) issued a detailed analysis of the measure, calling many of the
proposed statutory definitions "vague" and suggesting that the bill would
seriously erode privacy online. For example, EPIC pointed out that the
proposal's application of pen register standards to the Internet "does not
take into account the unique nature of such information, which contains data
far more revealing than phone numbers." MATA lost further steam, when one of
the primary backers of the bill, United States Attorney General John
Ashcroft, admitted that the bill would not necessarily have prevented the
disasters of Sept. 11, 2001: "It's impossible to say that, had we had every
one of these provisions, we would have prevented this attack."

A committee in the House of Representatives eventually approved a revised
package and included a sunset provision that would end the government's
expanded surveillance powers after two years. However, these changes failed
to assuage the concerns of many cyberlibertarians, as the measure retained
many of MATA's perceived flaws. The American Civil Liberties Union (ACLU-a
GILC member) warned that the redrafted proposal would still impose a "low
threshold of proof to Internet communications ... For example, it would
apparently apply to law enforcement efforts to determine what websites a
person had visited. This is like giving law enforcement the power - based
only on its own certification -- to require the librarian to report on the
books you had perused while visiting the public library."

Meanwhile, a similar measure appeared in the United States Senate that
included a number of provisions from MATA that were absent from the revised
House bill, albeit in slightly modified form. For example, the Senate
proposal provided the government with the ability to conduct secret
searches, but did not contain any sunset provision. Despite the apparent
detrimental impact the proposal would have on civil liberties, the Senate
quickly approved the bill with little debate, at the behest of several key
politicians. The House then dropped its own revised proposal and passed a
measure that more closely resembled the Senate version. Eventually, House
and Senate negotiators added a four-year surveillance power sunset provision
while retaining most of the enhanced government search powers contained
within the Senate bill. This final edition of the bill was approved and took
effect after President George W. Bush signed it. Ashcroft had already
promised that at "[t]he hour it becomes law, I will issue guidance to each
of our 94 U.S. Attorney's Offices and 56 FBI field offices directing them to
begin immediately implementing this sweeping legislation."

To read the final version of the bill, click
http://www.politechbot.com/docs/usa.act.final.102401.html

An ACLU Press Release regarding this final version is available under
http://www.aclu.org/news/2001/n102501c.html

For more on Ashcroft's promises of immediate implementation, click
http://www.justice.gov/ag/speeches/2001/agcrisisremarks10_25.htm

Read "New anti-terror laws for US," BBC News, Oct. 26, 2001 at
http://news.bbc.co.uk/hi/english/world/americas/newsid_1620000/1620473.stm

For more on the FISA court, see Kelley Beaucar Vlahos, "Secret Court Goes on
Extra Duty," Fox News, Oct. 11, 2001 at
http://foxnews.com/story/0,2933,36308,00.html

For more of Ashcroft's admission that these measures may not prevent future
terrorist attacks, see Charles Babington, "Don't Expect Quick Passage of
Anti-Terrorism Package," Washington Post.com, Sept. 25, 2001 at
http://www.washingtonpost.com/wp-dyn/articles/A23498-2001Sep25.html

The text of the bill initially approved by the House is available under
http://cryptome.org/patriot-usa.htm
http://www.house.gov/rules/sensen_028.pdf

The text of Senate bill is posted at
http://cryptome.org/s1510is.txt
http://www.senate.gov/~leahy/press/200110/USA.pdf

To see a chart that explains the changes that these bills would have on
existing surveillance laws, visit the ACLU website under
http://www.aclu.org/congress/patriot_chart.html

The text of the original Mobilization Against Terrorism Act is posted at
http://cryptome.org/mata.htm

EPIC's analysis of MATA is posted under
http://www.epic.org/privacy/terrorism/ata_analysis.html

===================================================
[11] Plan to give Hollywood hacking powers
===================================================
A major music trade group has pushed for new laws that critics have labeled
a "License to Virus."

The Recording Industry Association of America (RIAA) had proposed amendments
to anti-terrorist legislation being considered by the United States
Congress. Among other things, these amendments would prevent Internet users
from suing companies for invading or damaging their computers, so long as
the intrusion was "intended to impede or prevent the infringement of
copyright in such work by wire or electronic communication." The RIAA's
Mitch Glazier explained: "We might try and block somebody. If we know
someone is operating a server, a pirated music facility, we could try to
take measures to try and prevent them from uploading or transmitting pirated
documents."

Revelations about the RIAA's efforts generated an uproar among many members
of the Internet community. Marc Rotenberg of the Electronic Privacy
Information Center (EPIC-a GILC member) warned that the draft language, if
enacted, "could lead to some really bad outcomes, like a program
purposefully intended to delete MP3s that misfunctions and erases everything
on a disk." A number of academics were also enraged; Orin Kerr from George
Washington University charged that the plan "would deny victims their right
to sue copyright owners and their agents if they engaged in vigilante
justice by hacking or other means in an effort to block online music
distribution."

This backlash led the Association to shelve its initial plans. However,
Glazier said that his group would submit a revised proposal within the near
future, even while claiming that copyright holders had the right to attack
private computers under current law. Indeed, reports indicate that Hollywood
is developing new software towards that end, including programs to launch
denial of service-type attacks against private Internet users and
peer-to-peer networks.

See Declan McCullagh, "RIAA Wants to Hack Your PC," Wired News, Oct. 15,
2001 at
http://www.wired.com/news/print/0,1294,47552,00.html

To read the text of the original RIAA-sponsored amendments, click
http://www.wartimeliberty.com/article.pl?sid=01/10/14/1756248

Additional details regarding new Hollywood oriented attack software, read
John Borland, "RIAA: We'll smother song swappers," ZDNet News, Oct. 15, 2001
at
http://www.zdnet.com/filters/printerfriendly/0,6061,2818064-2,00.html

For German (Deutsch) coverage of this story, see Janko Rottgers, "Kevin
Mitnick heimliche Freunde," Heise Telepolis, Oct. 16, 2001 at
http://www.heise.de/tp/deutsch/inhalt/te/9831/1.html

=====================================================
[12] Euro surveillance proposals gain momentum
=====================================================
Governments throughout Europe are considering plans that critics say will
severely erode Internet privacy.

In one development, a panel of Ministers' Deputies from the Council of
Europe has approved a new Convention on Cybercrime. It would require
countries to authorize government agents to install spytools on the servers
of Internet service providers (ISPs) and thereby intercept all Internet
transmissions that come through the servers. The treaty requires signatory
nations to comply with foreign investigators, even when they are
investigating activities that are not crimes on domestic soil. The
Convention, however, does not require countries to enact any specific
procedural protections.

Many observers have objected to the Convention because it may allow
unnecessary governmental intrusions into cyberspace. The Global Internet
Liberty Campaign had condemned a past draft of the convention as "a document
that threatens the rights of the individual while extending the powers of
police authorities, creates a low-barrier protection of rights uniformly
across borders, and ignores highly-regarded data protection principles.
Although some changes have been made ... we remain dissatisfied with the
substance of the convention." The treaty will be sent to the CoE's Council
of Ministers, where it is expected to be approved, then sent to certain
individual states for ratification.

Meanwhile, European lawmakers have also shown renewed interest in a proposal
that would allow police to demand user data, including emails and internet
usage, for up to seven years. A gathering of European Union Justice and Home
Affairs ministers are supporting measures that force network providers to
retain such information about their customers for criminal investigation
purposes. These officials also urged the European Commission to explore the
possibility of enacting new laws to benefit "law enforcement efforts."
Indeed, the EC is now considering broadly worded legislation that would
criminalize many legitimate online activities, such as public protest. For
example, one proposal would treat "interference with an information system"
designed to "seriously altering or destroying the political, economic or
social structures" as a terrorist offense.

In addition, several European nations (including France and the Netherlands)
are considering new laws that would restrict private individuals from using
computer encryption programs. At the same time, the German Cabinet has
adopted a proposal that apparently will force telecommunications providers
to build surveillance devices into certain networks, particularly broadband
systems.

The text of the new German surveillance proposal (in German/Deutsch) is
posted
http://www.ccc.de/CRD/schilyterror1.pdf

More information is available from the Chaos Computer Club (CCC-a GILC
member) in German/Deutsch under
http://www.ccc.de/CRD/CRD20011022.html

See Steve Gold, "German Carriers Told To Install Cyber-Snooping Tech,"
Newsbytes, Oct. 25, 2001 at
http://www.newsbytes.com/news/01/171516.html

Read "Berlin to increase internet surveillance," Agence France-Presse, Oct.
22, 2001 at
http://australianit.news.com.au/articles/0,7204,3097138%5E15322%5E%5Enbv%5E1
15306,00.html

See Jelle van Buuren, "Dutch government wants to regulate strong
cryptography," Heise Telepolis, Oct. 9, 2001 at
http://www.heise.de/tp/english/inhalt/te/9763/1.html

See also Jelle van Burren, "Hacker or Terrorist? Both," Heise Telepolis,
Sept. 21, 2001 at
http://www.heise.de/tp/english/inhalt/te/9614/1.html

For more on French Internet surveillance plans, visit the website of
Imaginons un Reseau Internet Solidaire (IRIS-a GILC member) under
http://www.iris.sgdg.org/actions/loi-sec

For more on new European surveillance proposals, see
http://www.statewatch.org/news/2001/sep/20authoritarian.htm

A CoE press release on this subject is posted under
http://press.coe.int/cp/2001/646a(2001).htm

Read Wendy McAuliffe, "International cybercrime treaty gets go-ahead," ZDNet
UK, Sept. 21, 2001 at
http://www.zdnet.com/zdnn/stories/newsbursts/0,7407,2813992,00.html

To read two GILC letters concerning past drafts of the Convention, click
http://www.gilc.org/privacy/coe-letter-1200.html
http://www.gilc.org/privacy/coe-letter-1000.html

See Brian Krebs, "European Cyber-Crime Treaty Clears Penultimate Hurdle,"
Newsbytes, Sept. 20, 2001 at
http://www.newsbytes.com/news/01/170341.html

===================================================
[13] New pro-privacy coalitions formed
==================================================
Rising concerns over the possible expansion of government surveillance
powers has fueled the growth of coalitions to protect individual privacy.

In the United States, a vast network of non-profit organizations, academics
and computer scientists have banded together to form the In Defense of
Freedom coalition. The goal of this initiative is get lawmakers to "consider
proposals calmly and deliberately with a determination not to erode the
liberties and freedoms that are at the core of the American way of life."
The list of IDOF affiliates includes several GILC members, such as the
Electronic Privacy Information Center, the Electronic Frontier Foundation,
Human Rights Watch, NetAction, Privacy International, the American Civil
Liberties Union and the Center for Democracy and Technology.

Meanwhile, seven cyberliberties groups have issued a joint letter urging the
European Council "to refrain from new and extended communications
interception and lawful access powers for police forces and intelligences
services." In particular, the document's authors noted how government
attempts to restrict "the use of cryptography will negatively affect the
security of our communications infrastructure, further damage trust in our
economy, and will restrict the rights of individuals, without affecting the
capabilities of terrorists." The organizations also urged "European leaders
not to implement legislation that mandates internet and telecommunication
service providers to retain traffic data for law enforcement purposes.
Retention of traffic data will in effect transform our communications
infrastructure into a surveillance system that records intimate details of
the personal life of all citizens." A number of GILC members participated in
this effort, including Bits of Freedom, Digital Rights (Denmark),
Quintessenz, FITUG, the Chaos Computer Club, and Privacy International.
Civil society groups in several other countries (including France) have
issued similar letters.

The letter to the European Council is posted under
http://www.digitalrights.dk/DR_file56.htm

See Steve Gold, "European Privacy Groups Lobby EU On Privacy Issues,"
Newsbytes, Sept. 21, 2001 at
http://www.newsbytes.com/news/01/170377.html

The Open Letter to the French Parliament is posted under
http://www.statewatch.org/news/2001/oct/10france.htm

The official In Defense of Freedom website is located at
http://www.indefenseoffreedom.org
 An ACLU press release regarding the IDOF coalition is posted under
http://www.aclu.org/news/2001/n092001a.html

Read David McGuire, "Civil Liberties Groups Rally Against Anti-Terrorism
Law," Newsbytes, Sept. 20, 2001 at
http://www.newsbytes.com/news/01/170335.html

Read Declan McCullagh, "Coalition to Congress: Slow Down," Wired News, Sept.
19, 2001 at
http://www.wired.com/news/print/0,1294,46959,00.html

==================================================
[14] Cell phone tracking plans delayed
==================================================
Track people using their cellular telephones? Not so fast.

That's the message being given by several major telecommunications
providers. Previously, the United States government had pushed a plan known
as "Enhanced 911." Under this scheme, mobile phone companies must install
technology allowing government agents to locate cellular users within 100
meters. The tracking is done by triangulating the emissions given off by a
particular phone between different signal towers. Service providers who fail
to comply with these rules may face heavy fines.

Consumer advocates are worried that this new tracking scheme will seriously
erode individual privacy. Cheryl Leanza from the Media Access Project argued
that rules must be in place to allow customers notice and control over the
collected data: "It's important for consumers to have information to know
what their options are." Telecom providers are also questioning the wisdom
of this scheme, both because of the technical difficulties and potential
high cost. Although the government had set an October 1, 2001 deadline for
compliance, the timetable was extended after some 53 cellular phone
companies filed formal requests for extensions.

A press release from the United States Federal Communications Commission
regarding the deadline extension is posted under
http://www.fcc.gov/Bureaus/Wireless/News_Releases/2001/nrwl0127.html

Read "Government Oks New Wireless 911 Plan," Associated Press, Oct. 5, 2001
at
http://news.findlaw.com/ap_stories/other/1110/10-5-2001/20011005215346770.ht
ml

Read Yuki Noguchi, "Cellular Firms Seek 911 Delay," Washington Post, Sept.
27, 2001, page E5 at
http://www.washingtonpost.com/wp-dyn/articles/A32392-2001Sep26.html

See also Christopher Stern and Yuki Noguchi, "Attacks Renew Calls for 911
System to Locate Cell Phones," Washington Post, Sept. 19, 2001, page E1, at
http://www.washingtonpost.com/ac2/wp-dyn/A52661-2001Sep18?language=printer

==================================================
[15] E-firms cave to gov't spy demands
==================================================
In their haste to comply with government demands for personal data, many
Internet companies may have violated their own privacy policies.

After the recent terrorist attacks in New York and elsewhere, the FBI
reportedly pressured several ISPs, asking them to install Carnivore spyware
voluntarily even without a court order. Developed by the United States
Federal Bureau of Investigations (FBI), Carnivore can be hooked up to the
server of a given Internet service provider (ISP) and intercepts all
Internet transmissions that come through the server. Afterwards, it parses
out pertinent material, based on keywords provided by the administrator. The
latest version of the program, known as Enhanced Carnivore or DCS 1000, uses
the Windows 2000 operating system and supposedly includes better filtering
and triggering capabilities as well as greater throughput (presumably to
cope with high-speed broadband networks).

At least one major provider, Earthlink, refused to comply with these
demands, although it did agree to disclose certain details about its
customers. The company's president, Mike McQuary, argued that "[p]eople have
an expectation of privacy when they're using the Internet on their own
computers. We don't tolerate illegal activities on our networks, and we
cooperate with law enforcement, but there's a balance that needs to be drawn
in all of this." It is unclear how many other companies complied with the
FBI's requests, although industry experts suggest that many small ISPs may
already consented.

Carnivore had already attracted heavy fire from many experts, who pointed
out that the device's lack of an auditing system may allow government agents
to unnecessarily invade the privacy of Internet users, without fear of
reprisal. David Sobel from the Electronic Privacy Information Center (EPIC-a
GILC member) warned: "If not used properly, Carnivore can be abused and
capture the information of people not named in court orders."

Read Verne Kopytoff, "Eyes on E-Mail," San Francisco Chronicle, Oct. 15,
2001, page G1 at
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2001/10/15/BU142868.DTL

Read Patrick Anidjar, "FBI scours internet for clues," Agence France-Presse,
Oct. 8, 2001 at
http://australianit.news.com.au/articles/0,7204,3007366%5E15318%5E%5Enbv%5E1
5306,00.html

See Stefanie Olsen, "Attacks put privacy into focus," ZDNet News, Oct. 2,
2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2815784,00.html

See Kathy Brister, "Earthlink was willing to help but wouldn't let FBI
search its data," Atlanta Journal-Constitution, Sept. 19, 2001 at
http://www.accessatlanta.com/ajc/terrorism/financial/0919earthlink.html

==================================================
[16] British gov't forces user data logging
==================================================
The British government wants to know more about what you've been doing
online, even if you're not a terrorist.

Several weeks ago, British government agents forced Internet service
providers to keep data about all of their customers for an indefinite
period. The vaguely worded request apparently made no distinction between
actual suspects and innocent people; indeed, a spokesperson from Britain's
National High-Tech Crime Unit conceded that "We are not looking for anything
in particular." The cited pretext for this move was to gather possible
evidence against collaborators in the September 11 terror attacks. However,
there questions as to whether this move violates the British Data Protection
Act, which limits the time period during which firms can keep such
information. Indeed, the request comes in stark contrast to past assertions
from British officials opposing such data retention plans.

The UK Home Office is now seeking new laws that would mandate the retention
of customer data in a central location for 12 months. The information to be
collected under this proposal would allegedly include such things as lists
of websites that a given individual has visited. Some experts fear that this
altering of current privacy laws will only be the start of a trend toward
massive government intrusion into cyberspace. Telecom companies are also up
in arms over the proposal; E-Center UK director Will Roebuck said his group
is "concerned about the costs and about what liabilities it will set up for
businesses (that) may have contractual obligations with other businesses
outside the UK that data is to be kept safe and not divulged."

See Thorold Barker and Jean Eaglesham, "Surveillance: Businesses to hold
e-mail records for 12 months, Financial Times, Oct. 17, 2001 at
http://globalarchive.ft.com/globalarchive/articles.html?print=true&id=011017
001949

Read "Casting A Cybernet In Hunt For Clues," Associated Press, Sept. 13,
2001 at
http://www.cbsnews.com/now/story/0,1597,311207-412,00.shtml

=====================================================
[17] Tougher US Net privacy standards now a longshot
=====================================================
Efforts to enact tougher online privacy rules in the United States are
facing new hurdles.

Several U.S. Congressmen, notably Representatives Cliff Stearns and W.J.
Tauzin, have banded together in an effort to codify existing levels of
privacy protection, instead of raising the bar. The bill, which is still
being drafted, would require websites to post privacy notices on their
websites, but users would have to take the initiative and notify companies
that they do not want to be tracked or have personal information collected
about them. Firms would be allowed to deny services to people who refuse to
divulge sensitive details about themselves, and would be immune from
lawsuits based on privacy policy violations. The measure would also prevent
states from providing levels of privacy protection that are higher than
Federal standards.

These developments come after Timothy Muris, who was recently appointed as
head of the U.S. Federal Trade Commission (FTC), announced that his agency
would seek greater enforcement current privacy standards rather than push
for new laws. The announcement was notable because before Muris was
appointed, the FTC had called on Congress to pass legislation that would
strengthen Internet privacy. This stance was denounced by some observers; a
Forrester Research study concluded that Muris' refusal to push for new
privacy legislation poured "gasoline on the fires of the privacy debate.
...[A] company that thinks that the FTC's backing off of legislation means
that the issue will go away is sadly mistaken. Instead, addressing privacy
one technology or business practice at a time only adds to the confusion."

The text of Muris' speech is posted under
http://www.ftc.gov/speeches/muris/privisp1002.htm

Read Brian Krebs, "Federal Privacy Plans Revealed By House Committee,"
Newsbytes, Oct. 12, 2001 at
http://www.newsbytes.com/news/01/171096.html

For more on the Forrester Research study, read Erika Morphy, "Report: U.S.
Privacy Plan Bad for Business," CRMdaily.com, Oct. 16, 2001 at
http://www.crmdaily.com/perl/story/14183.html

See also Carrie Kirby, "FTC chief to drop call for new privacy laws," San
Francisco Chronicle, Oct. 3, 2001, page D2 at
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2001/10/03/BU66840.DTL

==================================================
[18] Indonesian cyberlaws delayed
==================================================
Attempts to draft new Information technology laws in Indonesia may be
stalled for several years.

Previously, the Indonesian government was putting together a plan that would
have serious implications for online privacy. Although details were sketchy,
the proposal would have set standards for the way companies handled online
personal information about their customers. The package would also include
provisions to target such things as credit card and digital signature fraud.

However, Indonesia's Minister of Communications and Information, Syamsul
Mu'arif, announced that these plans have since been shelved. He stated that
although "we urgently need the law, we cannot finalize it immediately as
we're lacking 'law drafters' as well as information technology experts to
help ensure the law will be workable."

See Mike Newlands, "Lack of expertise delays Indonesian cyberlaws," Total
Telecom, Sept. 13, 2001 at
http://www.totaltele.com/vprint.asp?txtID=43779

=========================================================
        ABOUT THE GILC NEWS ALERT:
=========================================================
The GILC News Alert is the newsletter of the Global Internet Liberty
Campaign, an international coalition of organizations working to protect and
enhance online civil liberties and human rights.  Organizations are invited
to join GILC by contacting us at
[log in to unmask]

To alert members about threats to cyber liberties, please contact members
from your country or send a message to the general GILC address.

To submit information about upcoming events, new activist tools and news
stories, contact:

Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004
USA

Or email:
[log in to unmask]

More information about GILC members and news is available at
http://www.gilc.org

You may re-print or redistribute the GILC NEWS ALERT freely.

To subscribe to the alert, please send e-mail to
[log in to unmask]

with the following message in the body:
subscribe gilc-announce

========================================================
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A
GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)
========================================================

************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************