-Caveat Lector- ----Original Message Follows---- From: "EPIC News" <[EMAIL PROTECTED]> To: EPIC Info <[EMAIL PROTECTED]> Subject: EPIC Alert 7.21 Date: Thu, 30 Nov 2000 16:48:21 -0500 ============================================================== @@@@ @@@@ @@@ @@@@ @ @ @@@@ @@@@ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @@@ @ @ @@@@@ @ @@@ @@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @@@ @@@@ @ @ @@@@ @@@@ @ @ @ ============================================================== Volume 7.21 November 30, 2000 -------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/EPIC_Alert_7.21.html ======================================================================= Table of Contents ======================================================================= [1] Senate Judiciary Committee Presses FBI on Carnivore [2] Court Protects Anonymity of "John Doe" Posters [3] Council of Europe Releases Revised Cyber-Crime Proposal [4] Supreme Court Issues Decision on Indiana Police Roadblocks [5] ICANN Selects Seven New Top-Level Domains [6] U.S. Courts Seek Comment on Privacy of Court Documents [7] EPIC Bookstore - The Consumer Law Sourcebook 2000 [8] Upcoming Conferences and Events ======================================================================= [1] Senate Judiciary Committee Presses FBI on Carnivore ======================================================================= Citing an internal FBI document released to EPIC through a Freedom of Information Act (FOIA) lawsuit, the Senate Judiciary Committee has asked the Bureau to provide additional information on the capabilities of the Carnivore Internet surveillance system. The document, obtained by EPIC on November 16, reports the results of an FBI test showing that Carnivore "could reliably capture and archive all unfiltered traffic" transmitted through an Internet service provider and store the communications on a hard drive or removable disks. In a November 21 letter to FBI Director Louis Freeh, Committee Chairman Orrin Hatch (R-UT) and ranking member Patrick Leahy (D-VT) ask the Bureau to "explain why Carnivore was tested to determine if it was capable of intercepting and archiving unfiltered traffic through an ISP, whether Carnivore in fact has that capability, and under what circumstances it could ever be legitimately used to draw on that capability." They also request "complete and unredacted copies of the documents produced thus far in response to the FOIA lawsuit together with any other documents related to Carnivore's capability to intercept and archive unfiltered traffic." The FBI's public defense of Carnivore has centered on the claim that the system only captures traffic that has been isolated by a software filter that "minimizes" collection and limits it to the particular information authorized for seizure in a court order. Hatch and Leahy told Freeh that "[s]kepticism about Carnivore is based precisely on concerns about this program's capability and whether this capability would be exploited to do more than just intercept narrowly targeted pieces of information." In other developments, an independent technical review of Carnivore released on November 21 found that FBI agents operating the system can inadvertently collect more private communications than permitted by law, underscoring the potential dangers of the invasive technology. The reviewers also reported that they "did not find adequate provisions (e.g. audit trails) for establishing individual accountability for actions taken during use of Carnivore." The report was produced by a review team from the Illinois Institute of Technology and was sanitized for release by Justice Department officials. The Department has set a deadline of December 1 for the submission of public comments on the technical review. Selected Carnivore documents released as part of EPIC's FOIA lawsuit are available at: http://www.epic.org/privacy/carnivore/foia_documents.html The Carnivore review report is available at: http://www.usdoj.gov/jmd/publications/carniv_entry.htm ======================================================================= [2] Court Protects Anonymity of "John Doe" Posters ======================================================================= In a significant decision concerning anonymity on the Internet, a New Jersey state court judge has ruled that a software company is not entitled to learn the identities of two "John Doe" defendants who anonymously posted critical comments on a Yahoo message board. It is the first known judicial decision denying the identification of such defendants. In a 22-page opinion released on November 28, Judge Kenneth MacKenzie upheld the anonymity of the two posters but ruled that Dendrite International can subpoena Yahoo for the identities of two other posters who did not challenge the subpoenas. Dendrite had alleged that some of the messages posted by the four "John Does" contained proprietary and confidential information, and that some of the statements were defamatory. Judge MacKenzie found that the company failed to provide adequate evidence that two of the posters made defamatory statements or did anything unlawful. "The Internet has become a forum for vast discussion reaching many individuals with diverse backgrounds and opinions," the judge wrote. "These four individuals were utilizing that forum to voice their opinions and engage in discussion regarding issues important to them. They were doing so under the protection of anonymity, which . . . encourages the free flow of ideas. Allowing this protection to be stripped away would stifle that free discussion." The judge found that the right of companies to sue for alleged wrongful behavior "must be balanced against the legitimate and valuable right to participate in online forums anonymously or pseudonymously." Paul Levy, who filed a "friend of the court" brief in the case for Public Citizen, said, "By setting forth strict evidentiary standards for compelled identification, and then showing that these standards can produce real protection for anonymity, this decision is a tremendous victory for free speech." He predicted that for this reason, as well as the court's thorough analysis of the constitutional rights involved, the decision is likely to be especially influential in future cases. The court's decision is available at: http://www.citizen.org/litigation/briefs/dendrite.pdf ======================================================================= [3] Council of Europe Releases Revised Cyber-Crime Proposal ======================================================================= On November 19, the European Committee on Crime Problems and the Committee of Experts on Crime in Cyberspace released the 24th draft of the controversial cyber-crime convention. Although some changes have been made, the revised treaty still retains provisions on access to encryption keys, banning the use of security tools and ISP logging of user activity. It also includes provisions on wiretapping and interception of traffic data. When finalized, the treaty will be open to countries around the world for signature. Dozens of human rights, civil liberties, free speech and journalists' groups wrote to the Council of Europe in October expressing opposition to the proposal. Industry groups in the United States and Europe have also expressed concern. It is expected that the committee of experts will conclude its work by the end of this year. Afterward the proposal will be considered by the Committee of Ministers. It will then be open for signature by Member States. It is likely that the United States will seek to have non-COE countries (including Canada, Australia, Japan, and the U.S.) also ratify the treaty. The Council of Europe has made available contact information for national representatives participating in the COE Cyber Crime treaty discussion (see below). EPIC urges readers to contact their national representatives and ask them to give careful consideration to the privacy and human rights concerns expressed by NGOs. Council of Europe Convention on Cyber-Crime, draft of Nov. 19, 2000: http://conventions.coe.int/treaty/EN/projets/cybercrime24.htm Global Internet Liberty Campaign Letter on COE Cyber-Crime Convention: http://www.gilc.org/privacy/coe-letter-1000.html Privacy International Cyber-Crime Page: http://www.privacyinternational.org/issues/cybercrime/ Council of Europe National Contacts: http://conventions.coe.int/treaty/EN/projets/contactCyber.htm ======================================================================= [4] Supreme Court Issues Decision on Indiana Police Roadblocks ======================================================================= In a six-to-three decision authored by Justice O'Connor, the U.S. Supreme Court on November 28 held that suspicionless vehicle checkpoints for the discovery and interdiction of illegal narcotics violate the Fourth Amendment. In City of Indianapolis v. Edmond (No. 99-1030), officers randomly stopped drivers to detect and arrest drug offenders. At the checkpoint, officers examined license and registration materials, performed an "open-view" examination of vehicle contents, and led a drug-sniffing dog along the outside of the vehicle. The officers had no discretion in choosing which drivers to stop, and were only supposed to delay a driver for less than five minutes. In holding the Indianapolis procedure invalid, the Court distinguished prior cases where suspicionless checkpoints were upheld. The Court has held that brief, suspicionless seizures at fixed checkpoints are permissible where the purpose was to detect undocumented citizens or intoxicated drivers. The use of checkpoints for these purposes closely serve interests related to policing borders and ensuring roadway safety. Checkpoints for drug interdiction, however, do not serve purposes closely related to stemming the flow and use of illegal narcotics. Allowing checkpoints for ordinary criminal wrongdoing could result in a system where "the Fourth Amendment would do little to prevent such intrusions from becoming a routine part of American life." Chief Justice Rehnquist and Justices Thomas and Scalia dissented, reasoning that drug checkpoints serve important state interests, and that the seizures in question were brief and non-intrusive. Importantly, a separate dissent authored by Justice Thomas questioned the practice of suspicionless police searches in general: "I rather doubt that the Framers of the Fourth Amendment would have considered 'reasonable' a program of indiscriminate stops of individuals not suspected of wrongdoing." The decision is available at: http://www.supremecourtus.gov/opinions/99pdf/99-1030.pdf ======================================================================= [5] ICANN Selects Seven New Top-Level Domains ======================================================================= At its annual meeting in Los Angeles, the Internet Corporation of Assigned Names and Numbers (ICANN) completed its first selection of new global top-level domains (gTLDs). Only seven gTLDs -- .biz, .pro, .aero, .museum, .coop, .info, and .name -- were chosen from 44 applications. One of the new gTLDs, .info, will be an unrestricted gTLD in which any individual or organization can register a domain name. The rest of the gTLDs are restricted insofar as the registry establishes certain rules over which individuals or organizations can register in the domain. For example, the .museum registry will only allow registration of domain names by museums. Prior to the formal ICANN meeting, a group of ICANN At-Large members held a forum to organize future At-Large activities. Several current At-Large elected members of the ICANN board, as well as a number of At-Large nominated candidates, participated in the meeting. One outcome of the event was the formation of an Interim Coordinating Committee (ICC). The ICC seeks to promote and facilitate the participation of Internet users around the world in ICANN proceedings. One of the first projects for the ICC will concern the "Clean Sheet" study proposed by the ICANN Board in its July 1999 Yokohama meeting. The "Clean Sheet" study will look at the concept and structure of the ICANN At-Large membership. Comments on the ICANN Staff Recommendations for the At-Large study are due by December 27. Information about the new gTLDs selected by ICANN is available at: http://www.icann.org/tlds/ Background on the Interim Coordinating Committee and information about the At-Large study: http://www.icannmembers.org/ ======================================================================= [6] U.S. Courts Seek Comment on Privacy of Court Documents ======================================================================= The federal judiciary is seeking comment on the privacy and security implications of providing electronic public access to court case files. These files currently contain financial and tax information, arrest and plea bargain agreements, medical records, employment files, and other sensitive personal information. Access to this sensitive information has become more convenient as courts increasingly accept electronic files and convert their paper files into electronic documents. In the past, interested parties had to inspect records at the courthouse. In the near future, anyone may be able to access this information from any location over the Internet. Accordingly, the federal judiciary seeks comments to implement a consistent policy that recognizes both the public access and privacy interests involved in providing access to court case files. The request for comments is available at: http://www.privacy.uscourts.gov/RFC.htm ======================================================================= [7] EPIC Bookstore - The Consumer Law Sourcebook 2000 ======================================================================= The Consumer Law Sourcebook 2000: Electronic Commerce and the Global Economy, edited by Sarah Andrews http://www.epic.org/bookstore/cls/ The Consumer Law Sourcebook provides a basic set of materials for consumers, policy makers, practitioners and researchers who are interested in the emerging field of electronic commerce. The focus is on framework legislation that articulates basic rights for consumers and the basic responsibilities for businesses in the online economy. The Sourcebook includes the text of many of the major consumer laws and directives such as the Anticybersquatting Consumer Protection Act, the Electronic Signatures Act, the Electronic Fund Transfer Act, the Federal Trade Commission Act, OECD Consumer Protection Guidelines, European Union Directives on Electronic Commerce, Electronic Signatures and Distance Contracts, and more. Also included is a list of consumer resources with contact information for consumer agencies and organizations and links to useful publications and reports. ================================ EPIC Publications: "Privacy & Human Rights 2000: An International Survey of Privacy Laws and Developments," David Banisar, author (EPIC 2000). Price: $20. http://www.epic.org/phr/ This survey, by EPIC and Privacy International, reviews the state of privacy in over fifty countries around the world. The survey examines a wide range of privacy issues including, data protection, telephone tapping, genetic databases, ID systems and freedom of information laws. ================================ "The Privacy Law Sourcebook 2000: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2000). Price: $40. http://www.epic.org/pls/ The "Physicians Desk Reference of the privacy world." An invaluable resource for students, attorneys, researchers and journalists who need an up-to-date collection of U.S. and International privacy law, as well as a comprehensive listing of privacy resources. ================================ "Cryptography and Liberty 2000: An International Survey of Encryption Policy," Wayne Madsen and David Banisar, editors (EPIC 2000). Price: $20. http://www.epic.org/crypto&/ EPIC's third survey of encryption policies around the world. The results indicate that the efforts to reduce export controls on strong encryption products have largely succeeded, although several governments are gaining new powers to combat the perceived threats of encryption to law enforcement. ================================ "Filters and Freedom - Free Speech Perspectives on Internet Content Controls," David Sobel, editor (EPIC 1999). Price: $20. http://www.epic.org/filters&freedom/ A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ Additional titles on privacy, open government, free expression, computer security, and crypto, as well as films and DVDs can be ordered through the EPIC Bookstore: http://www.epic.org/bookstore/ ======================================================================= [8] Upcoming Conferences and Events ======================================================================= National Computer System Security and Privacy Advisory Board Meeting. Hosted by Microsoft. December 4-6, 2000. Redmond, WA. For more information: http://csrc.nist.gov/csspab/ Government Secrecy in a New Administration and a New Century. Information Security Oversight Office and the James Madison Project. December 5, 2000. Washington, DC. For more information: http://www.fas.org/sgp/news/2000/11/symposium.pdf Public Workshop: The Mobile Wireless Web, Data Services and Beyond. Federal Trade Commission (FTC). December 11-12, 2000. Washington, DC. For more information: http://www.ftc.gov/opa/2000/11/wireless.htm 16th Annual Computer Security Applications Conference (ACSAC). December 11-15, 2000. New Orleans, Louisiana. For more information: http://www.acsac.org Call for Content - December 15, 2000. INET 2001: A Net Odyssey. The 11th Annual Internet Society Conference . For more information: http://www.isoc.org/inet2001/cfc.shtml Network and Distributed System Security Symposium (NDSS '01). Internet Society. February 7-9, 2001. San Diego, CA. For more information: http://www.isoc.org/ndss01/ Privacy in the New Environments: What the Personal Information Protection and Electronic Documents Act Means to Your Organization. Riley Information Services. February 19, 2001. Ottawa, Canada. For more information: http://www.rileyis.com/seminars/ CFP 2001: the Eleventh Conference on Computers, Freedom and Privacy. March 6-9, 2001. Cambridge, MA. For more information: http://www.cfp2001.org/ EUROSEC 2001: Forum sur la Sécurité des Systèmes d'Information. XP Conseil. March 13-15, 2001. Paris, France. For more information: http://www.xpconseil.com/eurosec2001/ Online, Offshore and Cross-Border: Regulating Global E-Commerce. Washington College of Law, American University. March 30, 2001. Washington, DC. For more information: http://www.wcl.american.edu First International Conference on Human Aspects of the Information Society. Information Management Research Institute, University of Northumbria at Newcastle. April 9-11, 2001. Newcastle upon Tyne, England. For more information: http://is.northumbria.ac.uk/imri The 26th Annual AAAS Colloquium on Science and Technology Policy. American Association for the Advancement of Science. May 3-4, 2001. Washington, DC. For more information: http://www.aaas.org/spp/dspp/rd/colloqu.htm ======================================================================= Subscription Information ======================================================================= The EPIC Alert is a free biweekly publication of the Electronic Privacy Information Center. A Web-based form is available for subscribing or unsubscribing at: http://www.epic.org/alert/subscribe.html To subscribe or unsubscribe using email, send email to [EMAIL PROTECTED] with the subject: "subscribe" (no quotes) or "unsubscribe". Back issues are available at: http://www.epic.org/alert/ ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your email address from this list, please follow the above instructions under "subscription information". Please contact [EMAIL PROTECTED] if you have any other questions. ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, e-mail [EMAIL PROTECTED], http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ---------------------- END EPIC Alert 7.21 ----------------------- . _____________________________________________________________________________________ Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com <A HREF="http://www.ctrl.org/">www.ctrl.org</A> DECLARATION & DISCLAIMER ========== CTRL is a discussion & informational exchange list. Proselytizing propagandic screeds are unwelcomed. Substance—not soap-boxing—please! These are sordid matters and 'conspiracy theory'—with its many half-truths, mis- directions and outright frauds—is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRLgives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://peach.ease.lsoft.com/archives/ctrl.html <A HREF="http://peach.ease.lsoft.com/archives/ctrl.html">Archives of [EMAIL PROTECTED]</A> http:[EMAIL PROTECTED]/ <A HREF="http:[EMAIL PROTECTED]/">ctrl</A> ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om