From: Chris Chiu [mailto:[log in to unmask]] Sent: Tuesday, June 26, 2001 3:30 PM
To: GILC announce (E-mail)
Subject: GILC Alert



GILC AlertVolume 5, Issue 4
June 26, 2001

Welcome to the Global Internet Liberty Campaign Newsletter.

Welcome to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and human
rights on the Internet.
We hope you find this newsletter interesting, and we very much hope that you
will avail yourselves of the action items in future issues.
If you are a part of an organization that would be interested in joining
GILC, please contact us at <[log in to unmask]>.
If you are aware of threats to cyber-liberties that we may not know about,
please contact the GILC members in your country, or contact GILC as a whole.
Please feel free to redistribute this newsletter to appropriate forums.

===============================================
Free expression
[1] Hague treaty poses Net speech problems
[2] China pushes new Net speech rules
[3] Professor files suit over digital discussions
[4] Iranian cybercafes closed
[5] EBay & Yahoo hate bans ineffective
[6] Problematic French Info Society law creeps forward
[7] Domain name convention generates more controversy
[8] Spain unveils webpage curbs
[9] Court battles brew over US blocking laws
[10] Possible UK Net speech restrictions
[11] New EU copyright law may curb Net speech
[12] Survey: online freedom growing, but still threatened
[13] New program to bypass Net censors
[14] Victories in anonymous Net speech cases

Privacy
[15] Final draft Euro cybercrime pact sparks criticism
[16] US gov't shuns ECHELON investigators
[17] Smart shirts, beds, cars spark privacy concerns
[18] Industry privacy proposal draws skepticism
[19] Experts call for Carnivore spyware rollback
[20] Rush to implement cellular phone trackers
[21] eTours consumer list sale questioned
[22] New worm may actually protect computers
[23] Macy's wedding site faces privacy woes
[24] Webbug detection program available

===========================================
[1] Hague treaty poses Net speech problems
===========================================
A controversial multinational agreement regarding court judgments has run
into difficulties, including questions as to its impact on Internet free
speech.

The Hague Convention on Jurisdiction and Foreign Judgments is essentially
designed to make it easier to enforce court rulings across borders. The
types of judgments covered by the treaty include many kinds of civil
lawsuits, and apparently encompasses speech-related torts such as libel and
defamation. The treaty also mentions various types of intellectual
property-based actions. The document is currently being negotiated by
representatives of many countries, including mainland China, the United
States, the United Kingdom, Germany, Japan, Korea and Australia.

Consumer groups and free speech activists have warned that the Convention
may have a detrimental impact on Internet users, particularly with regard to
freedom of expression. These critics also point out that the few public
policy provisions within the treaty will not be sufficient to protect
citizens from liability based on speech restrictions in other countries
(such as China). Jamie Love from the Consumer Project on Technology fears
that the treaty "will strangle the Internet with a suffocating blanket of
overlapping jurisdictional claims, expose every Web page publisher to
liabilities for libel, defamation and other speech offenses from virtually
any country, (and) effectively strip Internet service providers of
protections from litigation over the content they carry."

Yet despite these warnings, during recent drafting sessions held in the
Netherlands, negotiators reportedly decided to strengthen several
intellectual property standards within the pact. This move sparked outrage
from many cyberlibertarians; Richard Stallman of the Free Software
Foundation charged that "[p]eople don't realize what a disaster this could
be."

For the latest coverage, read Lisa M. Bowman, "Global treaty-threat to the
Net?" ZDNet News, June 22, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5093109,00.html

See also Boris Grondahl, "Your Court of Mine?" Industry Standard, June 25,
2001 issue, at
http://www.thestandard.com/article/0,1902,27176,00.html

To see a list of Hague convention member nations, click
http://www.hcch.net/e/members/members.html

A prior draft of the treaty is posted under
http://www.hcch.net/e/conventions/draft36e.html

===============================================
[2] China pushes new Net speech rules
===============================================
It's been a tough couple of weeks for Chinese Internet activists.

Chinese commisars recently convicted and sentenced Liu Weifang for posting
several messages that criticized Communism. In addition, Chinese officials
have reportedly charged four men (Jin Haike, Xu Wei, Yang Zili and Zhang
Honghai) with subversion. These people apparently participated in a
political reform discussion group that included numerous postings on the
Internet. Yang Zili, in particular, had previously run www.lib.126.com--a
website that included articles on the suppression of the Falun Gong
spiritual movement, economic disparities in Chinese society and other
controversial subjects. In a third case, Chinese government agents have
arrested Hu Dalin for posting remarks from his father (a retired policy
expert) on the Information Superhighway. Meanwhile, a Chinese court has
rejected an appeal from Jiang Shihua, who received a two-year prison
sentence for pro-democracy statements that he made via an Internet chatroom
back in August 2000.

Mainland Chinese authorities also have unveiled a new proposal that may have
a detrimental impact on Internet expression. While details are sketchy, the
draft regulations apparently would make it a crime for ordinary computer
users to do various activities through their homepage. A preliminary
analysis by the Chinese electronic publication VIP Reference has revealed
that the list of proscribed acts includes publishing news, setting up
unmoderated chatboards, or allowing software downloads. In addition to these
measures, Chinese government officials are pressuring companies to engage in
self-censorship, on the pretext of security.

More recently, the Chinese government has launched what has been termed the
biggest crackdown on cybercafes since the nation entered the Information
Superhighway. Forty thousand officials are said to have taken part in this
effort, which has affected some 56 800 cafes. Besides forcing these
establishments to log their customers' activities and installing spyware
devices, government agents have forced at least 6000 cybercafes offline.

For the latest details on the cybercafe crackdown, read "China Closes
Internet Cafes," International Herald Tribune, June 15, 2001 at
http://www.iht.com/articles/22928.html

For additional information concerning the Liu Weifang case, visit the
Digital Freedom Network (DFN-a GILC member) website under
http://dfn.org/focus/china/liuweifang.htm

See "China's Safe Haven: Net Cafes," Reuters, June 12, 2001 at
http://www.wired.com/news/print/0,1294,44465,00.html

To read VIP Reference's analysis (in Chinese) of the proposed online
regulations, click
http://www.bigNews.org/20010518.txt

For more on possible Chinese Net content restrictions, read "China to
Strengthen Supervision of Internet," China News Digest, May 18, 2001 at
http://www.cnd.org/Global/01/05/18/010518-91.html

For more on the arrest of Yang Zili, see "China charges four academics," BBC
News, May 21, 2001 at
http://news.bbc.co.uk/hi/english/world/asia-pacific/newsid_1342000/1342186.s
tm

See also Jian-Min Li & Wu Yiyi, "Four 'New Youth Society' Organizers
Arrested in Beijing: Report," China News Digest, May 23, 2001 at
http://www.cnd.org/Global/01/05/23/010523-2.html

==================================================
[3] Professor files suit over digital discussions
==================================================
A university professor has filed suit against the entertainment industry in
an effort to protect his free speech rights.

The case centers on the Secure Digital Music Initiative (SDMI), a software
standard that several major entertainment companies are supporting as a way
to deter copying of sound files. Confident of the program's strength, the
creators of SDMI challenged computer scientists to break through its
protections. One of the would-be contestants, Professor Eric Felten of
Princeton University, was told by SDMI's sponsors not to reveal the results
of his work. Prof. Felten refused to work under these conditions and instead
launched an independent study of SDMI with several other programmers. After
his team cracked the code, the SDMI consortium warned him that "Any
disclosure of information gained from participating in the Public Challenge
would be outside the scope of activities permitted by the Agreement and
could subject you and your research team to actions under the Digital
Millennium Copyright Act."

The professor and his fellow researchers then filed a lawsuit, claiming a
First Amendment right to publish the findings at a Washington computer
research conference in August. Felten, who is being represented in this case
by the Electronic Frontier Foundation (EFF-a GILC member), maintained that
"[s]tudying digital access technologies and publishing the research for our
colleagues are both fundamental to the progress of science and academic
freedom. The recording industry's interpretation of the DMCA would make
scientific progress on this important topic illegal."

A copy of the EFF brief is posted under
http://www.eff.org/Legal/Cases/Felten_v_RIAA/20010606_eff_complaint.html

An EFF press release regarding this case is available at
http://www.eff.org/Legal/Cases/Felten_v_RIAA/20010606_eff_felten_pr.html

A copy of the Felten team research paper regarding SDMI's flaws as well as
the aforementioned SDMI letter is posted under
http://cryptome.org/sdmi-attack

Read Mike Musgrove, "Group Sues to Publish Flaws Found in Anti-Piracy
Technology," Washington Post, June 7, 2001, page E8 at
http://washingtonpost.com/ac2/wp-dyn/A33002-2001Jun6.html

=================================================
[4] Iranian cybercafes closed
=================================================
Iranian government agents have shutdown hundreds of cybercafes in an
apparent attempt to restrict the flow of news.

In the capital, Tehran, the Department to Supervise Public Places has closed
more than 400 such establishments. Department officials tried to justify
their actions on the grounds that the cafes did not have licenses, despite
the fact that the government does not actually issue such permits. One
government spokesperson conceded that the closures were actually meant to
"control and supervise the activities of Internet cafes, in order to purify
materials which go awry of Islamic norms."

These moves drew heavy fire from free speech advocates. Robert Menard from
Reporters Sans Frontieres pointed out that "The cybercafes were an easy
means to communicate outside Iran and to be informed via foreign web sites.
In closing them down, the hard-liners show once again that they want to
prevent Iranian citizens and especially the youth from being freely
informed."

More information (including Mr. Menard's remarks) are available from the
Digital Freedom Network (DFN-a GILC member) under
http://dfn.org/focus/iran/cafes.htm

=========================================
[5] EBay & Yahoo hate bans ineffective
=========================================
Attempts by two major Internet companies to ban various types of Internet
content have met with only mixed success.

Several months ago, web portal Yahoo decided to start blocking Internet
users from items that, in its judgment, somehow "promote or glorify hatred
or violence." Online auctioneer EBay soon followed suit. These moves had
come after a French court ruled that Yahoo had to block French Internet
users from accessing the webpages in the United States that allowed auctions
of Nazi memorabilia. The decision was made based on French laws that
generally prohibit such goods from even being advertised, much less sold.
Yahoo has since filed suit in a U.S. Federal court to prevent the French
order from being enforced.

However, these bans have affected many non-Nazi individuals, including
numerous historical enthusiasts. One embittered collector pointed out that
"[t]he Nazis burned books in their time and eBay bans trade. My only
interest in this material is that it is physical evidence of a chapter of
history. Now I guess I'll have to go to the Nazi speakeasy." Indeed, far
from staunching the flow of Nazi memorabilia, the restrictions launched by
Yahoo and EBay have apparently fueled an explosion of websites for the
trading of German World War II items.

Meanwhile, Yahoo has continued to contest the French ruling by suing in a
California court. Several organizations, including the American Civil
Liberties Union (ACLU-a GILC member) and the Center for Democracy and
Technology (CDT) argued that American court acceptance of the prior French
decision could lead to application of Internet speech restrictions from a
variety of countries to United States citizens, including laws from mainland
China, Syria, Singapore and many other nations. The presiding judge in the
California case then rejected an attempt to throw out the suit, in part due
to concerns that "because of the global nature of the Internet, virtually
any public web site can be accessed by end-users anywhere in the world, and
in theory any provider of Internet content could be subject to legal action
in countries which find certain content offensive."

However, this ruling has not discouraged additional efforts to prevent
Internet users from visiting various controversial websites. A French group
has now sued 13 Internet service providers, hoping to block access to a
particular webpage. Moreover a special Law on Information Society ("Loi sur
Societe de l'Information") will soon be considered by the French legislature
that, if enacted, would allow French judges to use "all necessary measures"
to block the flow of any data that is deemed offensive (see item 6 below).

For coverage of the latest developments in France, read "French Human Rights
Group Sues ISPs Over Failure to Censor U.S.-Based Hate Site," E-Commerce Law
Daily, June 20, 2001 at
http://pubs.bna.com/ip/BNA/ecd.nsf/id/A0A4H7A2X7_

To read the court opinion denying the motion to dismiss, click
http://www.cdt.org/jurisdiction/010607yahoo.pdf

To read the Amicus Curiae brief in this case from the ACLU, CDT and other
groups, see
http://www.cdt.org/jurisdiction/010406yahoobrief.pdf

See Julia Scheeres, "Nazi Sellers Just Moving On," Wired News, May 8, 2001
http://www.wired.com/news/ebiz/0,1272,43610,00.html

For more on Yahoo's new restrictions, see Damien Cave, "The porn crusaders,"
Salon.com, May 11, 2001 at
http://www.salon.com/tech/feature/2001/05/11/yahoo/print.html

See also David Hencke, "No Yahoo! for racist UK website," The Guardian, May
1, 2001 at
http://www.guardianunlimited.co.uk/internetnews/story/0,7369,481398,00.html

For more on America Online's Net blacklist, see Jeffrey Benner, "AOL's New
Filter on the Block," Wired News, May 7, 2001 at
http://www.wired.com/news/privacy/0,1848,43576,00.html

=======================================================
[6] Problematic French Info Society law creeps forward
=======================================================
A new battle is brewing over a controversial French plan that some experts
say will have a detrimental impact on Internet freedom.

The French government has released a long-anticipated draft Law on the
Information Society ("Loi sur Societe de l'Information" or LSI). Under this
proposal, Internet service providers (ISPs) would now be made civilly liable
when they have been informed of apparently illegal content and have not
deleted this content or denied access to it. This circle of liability
applies not only to host providers, but also to access providers and telecom
operators; in effect, this law cements the free speech restrictions that
were issued in a recent French court ruling against Internet portal Yahoo
(see item 5, above). The plan would also curb anonymous free speech by
allowing the government to request ISPs to keep log files on their
customers' activities for up to one year. In addition, the draft Law would
force individuals to grant the government access to private encryption keys,
and would place import/export restrictions on encryption software.

The draft Law has received considerable criticism, particularly from the
French cyber-liberties group IRIS (a GILC member), which has pointed out
that while the proposal is intended to implement the European Electronic
Commerce Directive,  the text of the plan seems to go far beyond the
Directive's provisions. IRIS has also criticized the provisions regarding
1-year retentions of customer log files, arguing that they contradict the
recommendations of France's own data protection authority (CNIL) for a three
month limit. These difficulties are likely to be debated by the National
Assembly in the fall; the bill itself may not be enacted until next year.
Indeed, the draft Law could become a serious issue in France's upcoming
(2002) Presidential and National Assembly elections.

A special IRIS dossier on this proposal (in French) is posted at
http://www.iris.sgdg.org/actions/lsi

=======================================================
[7] Domain name convention generates more controversy
=======================================================
Controversy continues to surround the organization tasked with managing the
world's domain name system.

During its recent meetings in Stockholm, the Board of Directors for the
Internet Corporation for Assigned Names and Numbers did not set a specific
target date for introducing additional top-level domains (such as .union or
.humanrights) beyond the seven TLDs it approved in November 2000. The ICANN
Board did go forward with plans to create a special Task Force to "monitor
the introduction of new TLDs." This Task Force is scheduled to issue a
report by September 2001. Previously, several groups had urged ICANN to move
more swiftly in expanding the number of generic top-level domains, including
the United States government. In a letter issued days before the Stockholm
meetings commenced, U.S. Secretary of Commerce Don Evans had called on ICANN
to open more domains, saying that "[c]ompetition and innovation would be
well-served by wider choice of" gTLDs.

The Stockholm meetings also saw continued public disillusionment with its
current operating structure. For example, the proprietors of country-code
top-level domains (such as .uk for the United Kingdom and .fr for France)
voted unanimously to leave ICANN's Domain Name Support Organization. These
ccTLD operators are now seeking more direct representation within ICANN,
which may include seats on ICANN's Board of Directors. Meanwhile, ICANN's
Board approved a budget for the upcoming year that included no specific
money for public elections. This decision came despite the fact that ICANN
so far has held elections for only 5 of its 9 At-Large Director seats.

Meanwhile, ICANN's Domain Name Support Organization is soliciting comments
on how to protect the privacy of domain name registration data. Questions
have arisen as to whether this information, which can include such things as
real names, phone numbers and home addresses, is being used for mass
marketing purposes, including spam. A similar effort is being launched to
help determine the future of .org, after registry giant Verisign agreed to
give up control of this top-level domain by 2002.

To read the ICANN Board resolution on new gTLDs, click
http://www.icann.org/minutes/prelim-report-
04jun01.htm#ProcessforMonitoringandEvaluationofNewTLDProgram

To read Secretary Evans' letter, click
http://www.icann.org/correspondence/doc-to-icann-25may01.htm

To read the ICANN Board resolution on its upcoming year's budget, visit
http://www.icann.org/minutes/prelim-report-04jun01.htm#Approvalof20012002Bud
get

To read the ICANN Budget for July 1, 2001-June 30, 2002, see
http://www.icann.org/financials/proposed-budget-14may01.htm

See Steve Kettman, "ICANN Cannot, Say Critics," Wired News, June 9, 2001 at
http://www.wired.com/news/print/0,1294,44613,00.html

For further coverage of possible changes to ICANN governance structures,
read Juliana Gruenwald, "ICANN May Face Restructuring," Interactive Week,
June 7, 2001 at
http://www.zdnet.com/intweek/stories/news/0,4164,2770858,00.html

The ICANN DNSO Whois privacy study is available under
http://www.icann.org/dnso/whois-survey-en-10jun01.htm

For further coverage of the registrant data privacy study, see Brian Krebs,
"ICANN To Gauge Privacy Concerns Over 'Whois' Database," Newsbytes, June 11,
2001 at
http://www.newsbytes.com/news/01/166711.html

Additional details on future plans for .org are available under
http://www.icann.org/minutes/prelim-report-04jun01.htm#ReferraloforgIssuesto
DNSO

===============================================
[8] Spain unveils webpage curbs
===============================================
Planning to create your own webpage? Better talk to the government
first...at least if you are in Spain.

The Spanish Science and Technology Ministry has issued a draft Law of
Information Society Services and Electronic Commerce. This directive, which
could be approved in the Spanish Parliament soon, has defined the concept of
"society of information services" in such a way that it would treat
virtually all exchanges of online information as an economic activity.
Specifically, it would require Internet users to register their webpages
with the government and pay fees. Most websites that are not "properly"
registered would be considered illegal and have to face fines of up to 175
000 Euros. The plan would also place certain obligations on Internet service
providers, who could be held liable for the activities of their users.

Several groups have expressed concerns about this measure, including
Kriptopolis (a GILC member), in that it may stifle the Internet activities
of noncommercial users, who might not be able fulfill all the legal and
bureaucratic requirements. Carlos Sanchez Almeida, an Internet law expert
from Barcelona, said that the Law would limit "freedom of expression in the
Internet ... as it is in countries like China, Vietnam or Saudi Arabia."
Indeed, public anxiety over this issue apparently has grown so strong that
the opposition Socialist party has requested a formal explanation from the
minister of Culture and Telecommunications as to the directive's possible
effects.

The text of the proposal is posted under
http://www.setsi.mcyt.es/novedad/consulta_anteproyecto.htm

For further coverage of these developments, see Julia Scheeres, "Fears of a
Website Inquisition," Wired News, May 29, 2001 at
http://www.wired.com/news/business/0,1367,44110,00.html

See also "Los socialistas claman contra la nueva ley que regulara Internet,"
ABC (Spain), May 11, 2001 at
http://www.abc.es/Internet/noticia.asp?id=30307&dia=11052001

===============================================
[9] Court battles brew over US blocking laws
===============================================
A controversial three-year old Internet content law has gained new life.

The United States Supreme Court has agreed to hear arguments regarding the
so-called Child Online Protection Act (COPA). Enacted in 1998, COPA made it
a crime to use the Internet to pass along "for commercial purposes"
information considered "harmful to minors." The statute was enacted in
response to a 1997 decision by the High Court that struck down the
Communications Decency Act and applied traditional free speech protections
to the Information Superhighway.

COPA was swiftly challenged by the American Civil Liberties Union (ACLU-a
GILC member) on behalf of 17 groups and individuals. In June 2000, a U.S.
Federal appeals court unanimously ruled that COPA was an unconstitutional
restriction on free speech. However, the United States Attorney General,
John Ashcroft, petitioned the Supreme Court, asking the tribunal to uphold
COPA-an entreaty that the High court has now accepted. Oral arguments are
expected to take place this fall.

An ACLU press release on the COPA appeal is posted at
http://www.aclu.org/news/2001/n052101a.html

Read "High Court to Hear Net Porn Case," Associated Press, May 21, 2001 at
http://www.wired.com/news/politics/0,1283,43963,00.html

See also "Supreme Court to review child porn law," Reuters, May 21, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2763573,00.html

================================================
[10] Possible UK Net speech restrictions
================================================
A wave of proposals may make it harder for British Internet users to express
themselves online.

UK Home Secretary Jack Straw is pushing plans to restrict access to various
forms of Internet content. Under this scheme, blocking mechanisms would be
pre-installed on all new computers sold. Indeed, several major computer and
software companies, including Microsoft, have already pledged to help build
blocking packages into new machines. Ratings systems would be encouraged,
and service providers who fail to meet certain criteria would not be able to
receive government "family friendly" certification. In addition, a special
Task Force on this issue would be created that will include representatives
from government agencies and major corporations.

Many questions remain as to the implementation and utility of these
measures. In a letter to Straw, Cyber-Rights & Cyber-Liberties UK (a GILC
member) expressed several reservations regarding this project, including the
fact that "[a]s far as can be seen, no attempt was made to consult or
involve civil liberties or public interest organisations with the work of
the Task Force or while the proposals for setting up such a body was
discussed. Without such wider involvement, the Task Force may not fully
address all concerns including issues related to human rights." Indeed,
numerous groups, including Peacefire (a GILC member), have warned in the
past that blocking software packages are often ineffective and tend to
censor noncontroversial content.

Meanwhile, another controversy has arisen over the extent to which press
journals can be held liable for their web archives. The controversy centers
around a recent libel case between the Times of London and a Mr.
Loutchansky, who sued the newspaper not only for articles that were
published in the printed edition, but later launched additional claims based
on the same material as posted on the Times' website. The presiding judge
ruled that because these articles continued to be available through the
Internet, the statute of limitations did not apply, thus leaving open the
possibility that the newspaper could be sued in perpetuity. In an opinion
piece published in the Guardian, Times editor Peter Stothard, complained
that the decision may force Internet authors and publishers to either employ
"armies of lawyers to reconsider daily if they are justified in continuing
to publish every single item on their websites" or "to stop publishing their
full newspaper on the net. The law has taken an enormous backward step."

See Michael White, "New curbs on internet pedophiles pledged," The Guardian,
May 21, 2001 at
http://www.guardianunlimited.co.uk/internetnews/story/0,7369,493921,00.html

Read Martin Bright, "Computer shops to block child porn on Internet," The
Observer, May 6, 2001 at
http://www.observer.co.uk/uk_news/story/0,6903,486676,00.html

Cyber-Rights & Cyber-Liberties UK's letter to Straw is posted under
http://www.cyber-rights.org/reports/children_safety.htm

For more on Peacefire's concerns about blocking software packages, see
http://www.peacefire.org/info/blocking-software-faq.html

For more on libel suits based on web news archives, see Peter Stothard,
"Position impossible," The Guardian, May 7, 2001 at
http://www.guardianunlimited.co.uk/internetnews/story/0,7369,486882,00.html

==================================================
[11] New EU copyright law may curb Net speech
==================================================
Questions are being raised about the impact of recently enacted European
intellectual property laws on Internet expression.

The European Union has passed a new copyright directive that may bar the
creation of programs that could be used to decrypt the encoding schemes on
compact discs and DVDs. Some observers fear that the EU directive will have
a harmful impact on freedom of expression, particularly the right of
individuals to make fair use of otherwise protected works for public comment
or similar salutary purposes. Similar criticism has been leveled against the
United States Digital Millenium Copyright Act, which the Motion Picture
Association of America has used in its lawsuit by against 2600 magazine over
DeCSS-a primitive program designed to allow people to play DVDs on computers
using the Linux operating system.

Not every European country has taken the same approach provided under the
new directive. In particular, Denmark's culture ministry wants to
restructure the nation's copyright laws to "make it legal to make digital
copies for personal use," as explained by a government spokesperson. While
the proposal would place some limits on the replication of entertainment
files (such as sharing of one's own music with other people), it would allow
Danes far greater leeway in their use and enjoyment of digitized audiovisual
works than most of Denmark's neighbors. However, the proposal has drawn
considerable fire from intellectual property holders, particularly the
International Federation of the Phonographic Industry.

A copy of the EU copyright directive is posted under
http://www.eurorights.org/eudmca/CopyrightDirective.html

See Mark Ward, "Pirates take on Hollywood," BBC News Online, May 18, 2001 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1336000/1336496.stm

For more on Danish copyright proposals, see Joris Evers, "Denmark Plans to
Legalize Music Downloading," IDG News, May 4, 2001 at
http://www.thestandard.com/article/0,1902,24227,00.html

==========================================================
[12] Survey: online freedom growing, but still threatened
==========================================================
A new report suggests that "[t]he trends in freedom of the Internet are
mixed."

Commissioned by Freedom House, "Press Freedom Study 2001" notes that
"while...many traditionally authoritative countries now permit relatively
unrestricted use of the Internet by citizens." The report describes how
countries such as Macedonia, Peru, Madagascar, Oman and several others are
generally "less restrictive of the Internet" than of traditional media. The
survey further suggests that "[t]he implosion of the Soviet Union resulted
from similar freeing of computers and automated telephones which defied
censors."

However, the study also cites at least 18 nations for their restrictive
Internet policies, including mainland China, which has jailed numerous
"cyber dissidents," imposes liability for "illegal" content (which can
include "messages critical of Beijing or of Communist policy"), and uses
stringent surveillance systems. In the Middle East, many leaders want
"economic gain through the Internet" but engage in heavy blocking routines
to stifle robust discussion of "cultural and religious traditions." Thus,
Bahrain's government "wants the country to become the telecommunications hub
of the Gulf yet it suppresses information critical of the ruling Al Khalifa
family. Access to the Internet is relatively widespread. ... Yet
surveillance is pervasive and Web sites have been blocked." Moreover, the
report notes how even "major democracies" such as the United States and
Australia "where print and broadcast media are freest, nevertheless restrict
freedom on the Internet." Recently, Turkey has enacted laws (subsequently
vetoed by Turkish President Ahmet Sezer) that would apply the same
restrictions on print media to the Internet reporting services, under the
pretext of preventing "untrue news, insults and similar material."

The Freedom House report is available (in PDF format) under
http://www.freedomhouse.org/pfs2001/pfs2001.pdf

For a press release regarding this report, click
http://www.freedomhouse.org/media/pressrel/043001.htm

For more on Turkey's new restrictions on Internet reporting, see John Ward
Anderson, "Turkey in a Tangle Over Control of Web," Washington Post, June
21, 2001, page A19 at
http://www.washingtonpost.com/wp-dyn/articles/A15069-2001Jun18.html

See also "Turkey sets fine for 'untrue news' Web sites," Associated Press,
June 7, 2001 at
http://www.salon.com/tech/wire/2001/06/07/turkey/index.html

=======================================================
[13] New program to bypass Net censors
=======================================================
Computer scientists have developed a new program that may help individuals
to avoid Internet blocking routines.

While the creators of the software, known as Peekabooty, have not released
many details, the program reportedly allows various types of files to be
stored along its proprietary network. Users would then be able to request
and receive this material through a series of encrypted messages.

Several public interest groups are wondering whether Peekabooty will enable
people to speak more freely online. A spokesperson for Amnesty International
pointed out how most of his organization's "work is to [inform] people,
including those oppressed themselves, about their rights and we have used
the internet from an early stage to do that." In addition, the program is
seen as a possible response to privacy concerns that were heightened by
passage of the controversial UK Regulation of Investigatory Powers (RIP)
Act, which expanded the powers of the British government in cyberspace.
Caspar Bowden from the Foundation for Information Policy Research noted how
Peekabooty shows how it is "easy to circumvent surveillance. It would only
be regarded as shocking if the government planned to introduce more
draconian legislation beyond the RIP Act."
Meanwhile, Peekabooty has angered proponents of blocking software, some of
whom are trying to develop countermeasures.

Read Stuart Millar, "Hackers' plan to dodge netwatchers," The Guardian, May
14, 2001 at
http://www.guardianunlimited.co.uk/internetnews/story/0,7369,490271,00.html

See also Will Knight, "Hackers to unleash anti-censorship tool," ZDNet UK,
Apr. 30, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2713742,00.html

Read "'No limits' browser planned," BBC News, May 6, 2001 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1313000/1313399.stm

For more on countermeasures against Peekabooty, see Thomas C. Greene,
"Censorware outfit targets cDc's anonymity app 'Peekabooty,'" The Register
(UK), May 18, 2001 at
http://www.theregister.co.uk/content/6/19067.html

For more on Nudester, see Brad King, "Fleshing Out Peer Filters," Wired
News, May 15, 2001 at
http://www.wired.com/news/technology/0,1282,43785,00.html

=================================================
[14] Victory in anonymous Net speech case
=================================================
Two recent cases have ended in victory for anonymous free speech advocates.

In the first case, Global Telemedia International sued two of its investors,
Barry King and Ron Reader, for posting statements on a financial online
discussion board under the names of "BDAMAN609" and "electrick_man,"
respectively. The corporation claimed these messages were defamatory and had
hurt its relations with its business partners. However, a Federal Court in
the United States disagreed with Global Telemedia, holding that King's and
Reader's comments were not libelous because they were mere opinions, not
statements of fact. The court based its determination on "the general
context of the postings, the colorful and figurative language of the
individual postings, the inability to prove the statements true or false,
and in one case, the posting of documents to support the poster's
statements." Indeed, the presiding judge found that Global Telemedia had
launched the suit to intimidate King and Reader from speaking about the
company, and forced the company to pay the two men's attorneys fees.

Meanwhile, medical supply company Medinex has decided to drop its plans to
sue several people who posted critical online chatboard comments under
various pseudonyms. The Electronic Frontier Foundation (EFF-a GILC member),
which was helping to defend the chatboard participants, hailed the decision
as a further victory for free speech. EFF's Lauren Gelman noted that
"Medinex's primary goal was to identify and silence their critics. This is
simply one more example of a company dropping a spurious lawsuit once EFF
steps in to protect individuals right to speak anonymously."

For more on the Global Telemedia case, read Michael Bartlett, "Company must
pay attorney fees in chat room speech case," Newsbytes, May 21, 2001 at
http://www.computeruser.com/news/01/05/21/news3.html

An EFF press release about the Medinex case is posted under
http://www.eff.org/Legal/Cases/Medinex_v._Awe2bad4mdnx/20010522_eff_dismiss_
pr.html

=======================================================
[15] Final draft Euro cybercrime pact sparks criticism
=======================================================
A new international cybercrime treaty may soon be adopted despite heavy
criticism from privacy groups and industry leaders.

If adopted, the European Commission's Convention on Cybercrime, which is
supported by the Council of Europe, would increase the data retention
responsibilities of network operators and service providers.  Police would
be able to demand telecommunications data, including emails and internet
usage, for up to seven years. The treaty requires domestic companies to
comply with foreign investigators, even when they are investigating
activities that are not crimes on domestic soil. Corporations would be held
liable for the online activities of their employees, whether or not they
were aware of them, which means that corporations will have to increase
monitoring of employees.  Additionally, businesses would have to bear the
cost of storing and producing the computer data for law enforcement.

In response, several GILC member organizations, including Privacy
International, the Electronic Privacy Information Center and the American
Civil Liberties Union, submitted a letter "to voice ... continuing concerns
regarding the development and form" of the treaty. Among other things, the
authors of the letter argued that the portions of the treaty meant to
protect user privacy were "vague" and otherwise "not adequate to address the
significant demands and requirements for privacy- invasive techniques in the
rest of the Convention." The letter's creators also pointed out how the
Cybercrime agreement would apparently erode user privacy, with provisions
that seem to require "that countries adopt laws that can force users to
provide their encryption keys and the plain text of the encrypted files," as
well as "[a]llowing law enforcement direct access to a service provider's
network to conduct surveillance, e.g., the U.S. Carnivore program," thus
providing "police with the ability to conduct broad sweeps of network
communications with only their unsupervised assurance that they will only
collect that data which they are lawfully entitled to collect." Additional
concerns were voiced regarding the treaty's mandatory requirements that
signatory nations cooperate with surveillance requests from other countries,
even if a targeted individual is acting legally in one of those countries.

Meanwhile, Internet pioneer and WorldCom vice president Vint Cerf has also
expressed reservations about the Cybercrime treaty, saying that the document
"has provisions which are in conflict with other already agreed (EU) privacy
laws." He was especially concerned with the agreement's data retention
requirements:" With many terabytes of data moving over the Net every day,
accumulating any small fraction of that for any lengthy amount of time such
as months or years is a very, very hard thing to ask." Even the European
Union's own chief privacy commissioner, Stefano Rodota, charged that the
agreement "still includes significant gaps concerning the protection and
liberties of the citizen."

The joint letter by EPIC, the ACLU and Privacy International is posted under
http://www.privacyinternational.org/issues/cybercrime/coe/ngo_letter_601.htm


Read Boris Grondahl, "Europe: Net Crime-Stoppers," Industry Standard, July
2, 2001 issue, at
http://www.thestandard.com/article/0,1902,27400,00.html?printer_friendly=

See Robert Lemos, "Multi-nation cybercrime pact gets OK," ZDNet News, June
22, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5093153,00.html

For German (Deutsch) language coverage, read Stefan Krempl,
"Cybercrime-Abkommen passiert eine der letzen Hurden," Heise Telepolis, June
23, 2001 at
http://www.heise.de/tp/deutsch/inhalt/te/7951/1.html

For more of Cerf's remarks, read "Internet founder worried about EU
cybercrime plans," Reuters, May 31, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2767085,00.html

Version 27 of the Council of Europe cybercrime treaty is available (in Word
format) under
http://conventions.coe.int/treaty/EN/projets/cybercrime27.doc

===================================================
[16] US gov't shuns ECHELON investigators
===================================================
Attempts to uncover more details about a global surveillance system have met
with resistance from the United States government.

Several weeks ago, a committee of European Parliament members visited the
United States in an attempt to discover more details about ECHELON. ECHELON
is popularly used to describe a system that is designed to intercept
communications from around the world. It is supposedly operated by the
United States National Security Agency (NSA) in conjunction with several
other intelligence agencies. Reports suggest that ECHELON is capable of
intercepting e-mail messages, faxes, and telephone conversations.

However, officials from both the NSA and the U.S. Central Intelligence
Agency (CIA) cancelled meetings that they had previously scheduled with the
European panel. The committee's chairman, Carlos Coelho, said that his group
was "very disappointed" with the apparent rebuffs; in protest, the
Parliamentary representatives returned home a day early.

Afterwards, the committee published a report stating that ECHELON does
indeed exist and that individuals should strongly consider encrypting their
emails and other Internet messages. However, the panel was unable to confirm
suspicions that ECHELON is used to conduct industrial espionage, due to a
lack of evidence. Ironically, despite the apparent need for additional
investigation, the committee is due to disband within the next few months.

Meanwhile, the Spanish government has apparently signed a deal with the
United States to receive information collected using ECHELON. The
consummation of this pact was confirmed by Spanish Foreign Minister Josep
Pique, who tried to justify this arrangement on security grounds. However,
the agreement may raise a number of privacy issues, particularly with regard
to private individuals who live in Europe. For example, US government
practices allow personal information regarding non-US people that has been
collected through ECHELON or other similar means to be retained
indefinitely, thus increasing the likelihood of long-term government
surveillance of European citizens by the US and its ECHELON partners.

For more on the reported sharing of ECHELON-collected information with
Spain, read Isambard Wilkinson, "US wins Spain's favour with offer to share
spy network material," Sydney Morning Herald, June 18, 2001 at
http://www.smh.com.au/news/0106/18/text/world11.html

The draft report is available from
http://fas.org/irp/program/process/europarl_draft.pdf
http://cryptome.org/echelon-ep.htm

See Steve Kettman, "Echelon Panel Calls It a Day," Wired News, June 21, 2001
at
http://www.wired.com/news/print/0,1294,44721,00.html

For additional details as well as video coverage, see "E-mail users warned
over spy network," BBC News, May 29, 2001 at
http://news.bbc.co.uk/hi/english/world/europe/newsid_1357000/1357264.stm

Read "Spy network accused of violating human rights," Mainichi Shinbun, May
28, 2001 at
http://mdn.mainichi.co.jp/news/archive/200105/28/20010528p2a00m0dm005001c.ht
ml

See also Vernon Loeb, "European Panel Probing NSA Departs Abruptly,"
Washington Post, May 11, 2001, page A18, at
http://www.washingtonpost.com/wp-dyn/articles/A12641-2001May10.html

Read Angus Roxburgh, "EU investigators 'snubbed' in US," May 11, 2001 at
http://news.bbc.co.uk/hi/english/world/europe/newsid_1325000/1325186.stm

========================================================
[17] Smart beds, shirts and cars spark privacy concerns
========================================================
Various new products may allow you to be monitored wherever you go-whether
you are walking on the street, in your car, or even while you sleep.

VivoMetric's Lifeshirt, for example, contains embedded sensors that
continuously monitor 40 physiological signs of sickness and health while it
is worn.  This data is recorded, sent over the Internet, and logged at the
VivoMetrics Data Center. Other new products on the market raising privacy
concerns include a wrist camera that can take pictures and record up to 100
phone numbers, as well as a GPS Pathfinder watch that can pinpoint your
exact latitude, longitude, altitude, and speed using orbiting satellites. In
addition, a new computerized multimedia bed turns its computer screen
ceiling off when it senses when you've fallen asleep.  It can also detect if
you've stopped breathing and will set off a series of alarms.

Meanwhile, rental car companies have begun to track their customers and, in
at least one case, have started to give out private speeding tickets. In the
US, Acme Rent-a-Car installed a GPS device on one of its cars and monitored
how quickly one of its customers was driving. Acme charged that customer,
James Turner, an extra US $450 for driving at what it deemed an excessively
high speed, and even pointed out the exact location where he had done so.
Turner responded by suing in small claims court, as well as filing a
complaint with his state Department of Consumer Protection.

However, it is not precisely clear if current laws can protect consumers
when any of the aforementioned devices are used for detrimental purposes.
David Sobel from the Electronic Privacy Information Center (EPIC-a GILC
member) pointed out that the "challenge right now is to ensure, before these
services and capabilities are widely deployed, that rules are in place."

For more on the Turner rental car tracking case, read Robert Lemos, "Car spy
pushes privacy limit," ZDNet News, June 20, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2778752,00.html

For more on LifeShirt and other similar devices, read Larry Hardesty,
"Innovation: Clothed in Health," Technology Review, July/August 2001 issue,
at
http://www.technologyreview.com/magazine/jul01/innovation8.asp

For the manufacturer's explanation of how LifeShirt works, click
http://www.vivometrics.com/Products/index.html

For more on smart watches, read Anthony Zurcher, "Fast Forward: Wearing the
Net on Your Wrist," Washington Post, May 11, 2001, page E1 at
http://washingtonpost.com/wp-dyn/articles/A12678-2001May10.html

For more on smart beds, see "Sleep With Your Computer?" ABC Good Morning
America, Apr. 10, 2001 at
http://abcnews.go.com/sections/GMA/GoodMorningAmerica/GMA010409_MITbed.html

Further details on Telematics Net tracking of cars are available from Eric
Young, "Car 540819, Where Are You?" The Industry Standard, Apr. 23, 2001 at
http://www.thestandard.com/article/0,1902,23635,00.html

================================================
[18] Experts call for Carnivore rollback
================================================
Various politicians and civil society groups are pushing to stop the United
States government from using a controversial spy program.

Carnivore, which was developed by the US Federal Bureau of Investigations
(FBI), is a device that is attached to the server of a given Internet
service provider. It intercepts all Internet transmissions that come through
the server, then parses out pertinent material, based on keywords provided
by the administrator. The latest version of the program, known as Enhanced
Carnivore or DCS 1000, uses the Windows 2000 operating system and apparently
includes such features as better filtering and triggering capabilities as
well as increased capacity (presumably to handle interception of high-speed
broadband networks).

Carnivore and its successor DCS 1000 have come under heavy criticism over
the past few months as being serious threats to online privacy. Some of
these concerns were aired during discussions with US Attorney General John
Ashcroft by several organizations, including GILC members the Electronic
Privacy Information Center (EPIC), the Electronic Frontier Foundation (EFF),
the American Civil Liberties Union (ACLU) and the Center for Democracy and
Technology (CDT). Similar feelings were raised by US House Majority Leader
Dick Armey, who (in a letter dated June 14, 2001) expressed worries that
Carnivore "undermines the minimum expectation that individuals have that
their personal electronic communications will not be examined by law
enforcement devices unless a specific court warrant has been issued."

Meanwhile, a new report indicates that the number of US government wiretap
requests continues to rise, particularly with regard to newer technologies
such as cellular phones and pagers. Yet despite fears about the increasing
level of government surveillance along the nation's telecommunications
networks, it is unclear what specific measures will be taken to protect
individual privacy. Indeed, the US Federal Communications Commission
recently denied a request for additional security measures that might deter
employees of telecom companies from engaging in illegal eavesdropping on
customers.

Rep. Armey's June 14 letter on Carnivore is posted under
http://www.freedom.gov/library/technology/ashcroftletter.asp

To learn about discussions between Attorney General Ashcroft and various
cyberliberties groups, click
http://www.epic.org/privacy/ashcroft_ltr_5_01.html

To read more about Enhanced Carnivore, click
http://www.epic.org/privacy/carnivore/carnivorequestions.html

The official wiretap report is available (in PDF format) via
http://www.uscourts.gov/wiretap00/2000wttxt.pdf

For more on how the FCC ruling, read Brian Krebs, "FCC Nixes FBI's Plan To
Change Wiretap Law," Newsbytes, Apr. 16, 2001 at
http://www.newsbytes.com/news/01/164541.html

The official FCC order is posted under
http://www.fcc.gov/Daily_Releases/Daily_Business/2001/db0416/fcc01126.txt

====================================================
[19] Industry privacy proposal draws skepticism
====================================================
A new plan that is supposed to protect Internet users' privacy is getting a
lukewarm reception.

The plan was created by the Network Advertising Initiative (NAI), an
advertising industry coalition that includes DoubleClick. DoubleClick, which
provides banner ads to many websites, admitted several months ago to
tracking viewers through the Internet by placing digital identification
numbers in files known as "cookies" on a user's hard drive, which it matches
with name and address information that has been collected by its partners.
Despite initial claims to the contrary, DoubleClick expressed its intention
to match this data with more extensive information contained in millions of
files maintained by its merger partner Abacus Direct. DoubleClick later
halted its data-matching plan after a intense public criticism.

The NAI has now set up 2 websites where computer users can "opt-out" of
profiling regimes that advertisers are compiling about them. The idea is to
let individuals come to these clearinghouses to protect their privacy,
rather than visit numerous websites to make their preferences known. NAI's
Jeff Connaughton claims that these sites show that his organization "is
committed to addressing users' privacy concerns."

Privacy advocates are considerably less enthusiastic about these
developments. Andrew Shen of the Electronic Privacy Information Center
(EPIC-a GILC member) said that the NAI plan "doesn't necessarily improve the
situation at all. Most internet users still don't realize that such third
party profiling even exists. They're so invisible to the average internet
user that opt-out really isn't enough."

Meanwhile, the relative lack of privacy standards in the United States has
caused a certain degree of international friction. Specifically, European
Union representatives remain worried about proposed contracts meant to
implement a joint EU-US "safe harbor" privacy agreement.

For more on attempts by advertisers to self-regulate, read D. Ian Hopper,
"Single web form to protect privacy," Associated Press, May 25, 2001 at
http://australianit.news.com.au/common/storyPage/0,3811,2038782%255E442,00.h
tml

See Rose Palazolo, "Apple Pie vs. Beignets," ABCNews.com (US), May 8, 2001
at
http://abcnews.go.com/sections/scitech/DailyNews/InternetPrivacy010508.html

Read Guy de Jonquieres, "Hairs raised over data privacy," Financial Times,
May 7, 2001 at
http://news.ft.com/ft/gx.cgi/ftc?pagename=View&c=Article&cid=FT3L0N0GGMC&liv
e=true&tagid=YYY9BSINKTM&useoverridetemplate=IXLZHNNP94C

For further details on how many US companies lack privacy plans, see Michael
Bartlett, "Only One-Third Of US Firms Have Privacy Plans," Newsbytes, May 9,
2001 at
http://www.newsbytes.com/news/01/165509.html

See also Lisa Jucca, "Microsoft to sign EU data privacy pact," Reuters, May
15, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2760629,00.html

For further details on credit card security measures, see Brian Ploskina,
"Credit-Card Firms Bump Up Security," Interactive Week, May 24, 2001 at
http://www.zdnet.com/intweek/stories/news/0,4164,2765170,00.html

===================================================
[20] Rush to implement cellular phone trackers
===================================================
If the United States government has its way, you could be tracked wherever
you go-at least if you carry a wireless phone.

A recently enacted US law requires cell-phone manufacturers to equip 95
percent of all cell phones with location-tracking technology, with an
accuracy of about 1,000 feet or better, by 2005. This will require planting
GPS chips in cell phone handsets or installing new infrastructure in cell
sites. In addition, law enforcement officials will be granted access to
these tracking features. These plans have drawn criticism from privacy
advocates, who are concerned that the information collected through these
regimes will be abused by both government agents and commercial entities
(including advertisers).

Several groups, including some industry leaders, have expressed interest in
standards that would have companies obtain their customers' consent before
using their personal information. Michael Altschul from the Cellular
Telecommunications and Internet Association explained: "It's in the carriers
interest to have customers carrying their phones and having their phones
turned on." At least one bill to this effect may soon be introduced before
the United States Senate.

Read Doug Brown, "Wireless Privacy Legislation Coming," Interactive Week,
May 28, 2001 at
http://www.zdnet.com/intweek/stories/news/0,4164,2765638,00.html

See also "Cell Phones to Have Location-Tracking by 2005," Fox News, Apr. 24,
2001 at
http://foxnews.com/story/0,2933,14815,00.html

================================================
[21] ETour consumer list sale questioned
================================================
Should you trust a company that says it will never sell personal information
about you, "for any reason, at any time, ever"?

The answer is apparently no, based on what has happened with eTour.com. The
bankrupt online vacation company has decided to sell its entire set of
consumer information records to Internet encyclopedia firm Ask Jeeves. The
transaction occurred despite eTour's prior promise to customers that it
would not sell information about them "for any reason, at any time, ever."
Some 2 200 000 people are on the purchased consumer list, which includes
real names, ages, gender and email addresses.

Privacy advocates have condemned the act as further proof of the need for
strong protection of personal data. The Electronic Privacy Information
Center (EPIC-a GILC member) filed a complaint with the United States Federal
Trade Commission and State Attorneys General, asking them to block this sale
of personal information "as an unfair and deceptive trade practice." In the
complaint, EPIC further noted that "the exchange of personal data between
eTour, Inc. and Ask Jeeves, Inc. is part of a growing problem and recommends
proactive solutions to prevent such scenarios from occurring in the future."
Indeed, similar concerns have arisen after several online companies
(including EBay) recently altered their privacy policies to explicitly allow
such information sales to take place.

The EPIC complaint is posted under
http://www.epic.org/privacy/internet/etour.html

See Andrew Heavens & Stephanie Kirchgaessner, "Privacy concerns raised as
eTour sells consumer list," Financial Times, May 23, 2001 at
http://news.ft.com/ft/gx.cgi/ftc?pagename=View&c=Article&cid=FT3R0B2E3NC&liv
e=true&tagid=ZZZC00L1B0C&subheading=information%20technology

================================================
[22] New worm may actually protect computers
================================================
There's a new computer worm on the loose-but this one may do more good than
harm.

The "Cheese" program is an apparent response to a prior computer worm (known
as Lion) that exploited security breaches in machines that use Linux
operating systems. Like other worms, "Cheese" is propagated through email
messages and searches for weaknesses in target systems. What makes this
program special is that after scanning a given computer's ports, it erects
barriers to protect against future Lion-type attacks. It even includes
notices that it "was not written with malicious intent" and that is designed
to prevent criminals from "messing up your box even worse than it is
already."

See Mark Ward, "Cheese beats crackers," BBC News Online, May 22, 2001 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1344000/1344344.stm

============================================
[23] Macy's wedding site faces privacy woes
============================================
Getting married soon? A number of people whom you haven't invited may
already know your plans in detail.

North American retail giant Macy's runs a bridal service (via
WeddingChannel.com) that collects many types of personal information. This
data not only includes customer names, credit card numbers, and phone
numbers, but also names, addresses and phone numbers of your wedding guests
wedding present information, details regarding honeymoons, gifts and
honeymoons dates and places of festivities, dates and place of the wedding
and reception. Afterwards, it shares this data with a whole host of
recipients, including other department stores, credit card agencies,
magazine companies and various advertisers. Depending upon the
circumstances, according to WeddingChannel.com's privacy policy, "anyone
visiting our website" may be able to search for and access this information
"by using first and/or last names and wedding dates (and on some pages, city
or state)."

Not surprisingly, these practices have drawn considerable fire from privacy
experts. Deborah Pierce of the Electronic Frontier Foundation (EFF-a GILC
member) pointed out that "even if people understand that Macy's is keeping
information on them, they have no understanding of just how far that
information can travel under the auspices of 'sharing' among marketing
affiliates. Here, we see information entrusted to Macy's ending up at
American Express and ESPN - something that probably surprises most brides
and grooms." Indeed, EFF launched a campaign against Macy's practices,
including a form letter that netizens can use to voice their concerns.

EFF's action alert about Macy's is available at
http://www.eff.org/Privacy/Marketing/20010612_eff_macys_alert.html

WeddingChannel.com's privacy policy is posted under
http://www.weddingchannel.com/cgi-bin/gx.cgi/AppLogic+com.wc.Utility.NavBarF
orStaticHTML?location=%2Ftemplates%2FShopping%2Fhtml%2FPrivacyPolicy.html&fr
mSection=homeentrypage

================================================
[24] Webbug detection program available
================================================
A privacy software package has been launched that specifically targets a new
form of Internet tracking.

The Privacy Foundation has unveiled Bugnosis, a special program to detect
webbugs. Webbugs are tiny image files which are being used increasingly to
identify and track computer users. Bugnosis, which can be downloaded through
the World Wide Web, is installed as a plug-in to existing Internet browsers,
causes individual computers to say "uh-oh" when a webbug is encountered. It
also logs the URL associated with a given webbug as well as further details
as to the intruder's properties (such as whether the bug is connected to
other digital identification files, including cookies). Moreover, Bugnosis
places marks a viewed site so that the user can actually see the exact
location of a particular webbug on the page. If the program discovers that a
webbug is associated with certain well-known companies (such as Internet
advertising giant DoubleClick), it allows the user to send an email message
directly to the webbug owner for further queries or outright complaints.

The Foundation hopes that this program will increase public awareness and
openness about these tracking devices. For example, the organization argues
that "Web site privacy policies should disclose the use of Web bugs. In
fact, the general practice of online profiling by third-party ad networks
should be disclosed in privacy policies, but is rarely mentioned."

To download Bugnosis, click
http://www.bugnosis.org

For answers to frequently asked questions about Bugnosis and webbugs in
general, see
http://www.bugnosis.org/faq.html

=========================================================
        ABOUT THE GILC NEWS ALERT:
==========================================================
The GILC News Alert is the newsletter of the Global Internet Liberty
Campaign, an international coalition of organizations working to protect and
enhance online civil liberties and human rights.  Organizations are invited
to join GILC by contacting us at
[log in to unmask]

To alert members about threats to cyber liberties, please contact members
from your country or send a message to the general GILC address.

To submit information about upcoming events, new activist tools and news
stories, contact:

Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004
USA

Or email:
[log in to unmask]

More information about GILC members and news is available at
http://www.gilc.org

You may re-print or redistribute the GILC NEWS ALERT freely.

To subscribe to the alert, please send e-mail to
[log in to unmask]

with the following message in the body:
subscribe gilc-announce

========================================================
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A
GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)
========================================================

************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************