Subscribe to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and human
rights on the Internet.
GILC Alert
Volume 5, Issue 2
March 29, 2001
Welcome to the Global Internet Liberty Campaign Newsletter.
Welcome to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and human
rights on the Internet.
We hope you find this newsletter interesting, and we very much hope that you
will avail yourselves of the action items in future issues.
If you are a part of an organization that would be interested in joining
GILC, please contact us at
If you are aware of threats to cyber-liberties that we may not know about,
please contact the GILC members in your country, or contact GILC as a whole.
Please feel free to redistribute this newsletter to appropriate forums.
===============================================
Free Expression
[1] British children face censors, spyware
[2] New Communist Chinese censorware and shutdowns
[3] Aussies face email bans & Net censor bills
[4] New Saudi Internet restrictions
[5] New US blocking law challenged
[6] Who will control .com, .net and .org?
[7] German Nazi website case muddled
[8] New copy protection schemes may curb fair use
[9] US Gov't seeks Supreme Court Net speech ruling
[10] 2nd round for DVD weblinks case
[11] Japanese plan: ISPs to become censors
[12] New anonymous net posting battles
[13] Cuba's continuing Internet woes
[14] UK plans may criminalize online protests
Privacy and Encryption
[15] Music companies & gov't spies: perfect together?
[16] DoubleClick launches new tracking program
[17] ECHELON spyware plug-ins: Oasis & FLUENT
[18] Euro privacy panel attacks cybercrime plan
[19] UK email surveillance regulations stall
[20] Hotmail/Microsoft selling user info
[21] Voter.com user political data auction
[22] New online breaches affect even celebrities
[23] New Privacy Coalition formed
[24] Privacy software in the works
[25] CFP 2001 Conference held
[26] New GILC members: APC and CCC
==================================================
[1] British children face censors, spyware
==================================================
It's a "good practice" to censor the Internet and spy on children.
That's what detractors are saying about new plans being pushed by the
British Department of Education and Employment (DfEE) that are supposed to
protect children from harmful content. Among other things, these guidelines
stipulate: "All schools have a responsibility to filter both access at
school and any access pupils are given as part of home-school links,"
despite the admitted fact that "no filtering software is foolproof." These
proposals also support "keyboard monitoring products" to track exactly what
children type into computers. This scheme does advise schools to keep
individual student email addresses private; however, it also envisions
"treating all incoming and outgoing email as public" and thus allowing the
government conduct heavy surveillance of otherwise private email messages.
One example provided in these materials of "good practice" is Denbigh
School, which proudly censors soccer sites and other Internet materials that
have nothing to do with sex or violence. Students are completely banned from
certain types of Internet transmissions, including all newsgroups,
regardless of content. Interestingly, the official account also admits that
"biology students suffered" when certain sites were blocked. The school has
now implemented a point-based system to spy on students and measure their
viewing of webpages that are deemed controversial. Students who try to visit
the websites they want in spite of this system (such as the homepage of
soccer powerhouse Manchester United) will lose points; once budding
cybercitizens reach zero, they are automatically logged out, and teachers
are notified of their activities.
These developments come after even harsher measures were taken by
authorities in Glasgow, Scotland. A local council ordered 33 libraries to
stop providing Internet access, after discovering that children were able to
access to nude images online using library computers. Oddly enough, in spite
of the council's purported concerns for young people, the decision
apparently cut off Internet access for adults as well as children. Glasgow
libraries were forced to stay away from the online world pending the
installation of new blocking software on all library computers, which was
scheduled to take several weeks. Ironically, the council had considering
installing such programs in the past, but had shelved these plans because it
prevented access to many types of non-controversial Internet content, such
as newspaper websites.
To read more about Denbigh school's censoring of soccer sites, click
http://safety.ngfl.gov.uk/document.php3?D=d31
The full DfEE guidelines are available under
http://safety.ngfl.gov.uk
Read Wendy McAuliffe, "Glasgow libraries ban Internet access," ZDNet UK,
Mar. 5, 2001 at
http://www.zdnet.co.uk/news/2001/9/ns-21339.html
=================================================
[2] New Communist Chinese censorware & shutdowns
=================================================
After a recent network outage, Chinese citizens are facing additional
hurdles to expressing themselves through the Internet.
Mainland Chinese agents have developed new powerful blocking software to
stop online dissent. Internet Police 110 comes in three different versions
(home, cafes and schools), but all versions are target "unhealthy
information" regarding "cults, sex and violence"-an apparent reference to
dissident groups such as the Falun Gong. The program blocks both domestic
and foreign websites, as well as various forms of Internet messaging, in
addition to monitoring user activity. One Communist official expressed the
fervent belief that the software would "help purify China's Internet
service."
At the same time, Chinese commissars have also stepped up attempts to close
down unrestricted Internet establishments. Government agents have run
several sweeps against Beijing cybercafes and closed down several of them,
on the grounds that they did not possess proper licenses. Communist Chinese
laws require all cybercafes to apply for certificates from the state public
security bureau and install blocking software packages. Various dissidents
have been jailed, including Jiang Shihua, who received a two-year prison
sentence for pro-democracy statements that he posted in an Internet chatroom
several months ago.
These efforts at censorship have intensified after a recent explosion at a
school in the southern town of Fanglin. Many local residents (including
parents of several of the victims) allege that the school was forcing
children to assemble dangerous fireworks. In response, government officials
have been trying to suppress the story both online and otherwise. As part of
this endeavor, Communist agents have removed several hundred critical
chatroom messages on the subject, according to various reports. However,
these widescale protests apparently did help force Chinese Prime Minister
Zhu Rongji to issue a public apology for the incident.
For further details and audio press coverage of attempts to suppress online
criticism after the Fanglin school explosion, see "Beijing accused of school
blast cover-up," BBC News, Mar. 9, 2001 at
http://news.bbc.co.uk/hi/english/world/asia-pacific/newsid_1210000/12105...
tm
See also Joanne Lee-Young & Sharon Walsh, "Beijing Backs Down on School
Explosion Story," The Industry Standard, Mar. 16, 2001 at
http://www.thestandard.com/article/display/0,1151,22915,00.html
To read about the case of Jiang Shihua, see "China jails teacher over Web
remark," Associated Press, Mar. 12, 2001 at
http://salon.com/mwt/wire/2001/03/12/china_teacher/index.html
For additional information on new Chinese censorware products, see "Chinese
police develop software to 'purify' the Net," Reuters, Feb. 27, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2690371,00.html
For more on Chinese prosecution of cybercafes, read "Beijing police pull
plug on illegal Internet cafes," China Online, Feb. 23, 2001 at
http://www.chinaonline.com/topstories/010223/1/C01021611.asp
See also "Undersea cable repair restores China's Internet connection," China
Online, Feb. 20, 2001 at
http://www.chinaonline.com/industry/infotech/NewsArchive/Secure/2001/Feb...
y/C01021609.asp
=================================================
[3] Aussies face email bans & Net censor bills
=================================================
It may be getting more difficult for Internet users Down Under to speak out
online.
For one thing, newly enacted Australian copyright laws may prohibit the
forwarding of certain email messages. In a press release, Australia's
Attorney General, Daryl Williams, said that forwarding "a personal e-mail is
unlikely to breach copyright laws," but then cryptically suggested that
liability could result if a court determined that "the contents of the
e-mail were an 'original literary work.'" Other legal experts have suggested
that this ban may apply to many other types of Internet content, including
mere caches. Maurice Gonsalves from the law firm of Mallesons Stephen Jaques
noted that "the legislation is ambiguous" and "isn't specific enough to know
what type of caching is and what type isn't permitted."
These legal clouds have left many educators and free speech advocates
feeling uneasy. Nick Smith, who advises Australian libraries on copyright
issues, warned that the new law would hurt educational institutions as they
"try to provide the services they want to provide in the digital
environment." In particular, Smith was concerned that copyright restrictions
would create "a real impediment in the way of digitizing national
collections."
Meanwhile, controversy continues to swell over a new South Australian bill
that would further criminalize online speech. The proposal would make it a
crime to post "matter unsuitable for minors" on the Internet, even if the
material is screened or protected by passwords. The legislation would use
criteria previously applied to films and videos, which are more restrictive
than those applicable to books, pamphlets and other printed materials.
Furthermore, under the proposal, it would be illegal to make sexually
explicit material available via the Internet, regardless of the fact that it
is legal to distribute such materials to adults by regular mail throughout
Australia.
Numerous groups have savaged the bill. Electronic Frontiers Australia (EFA-a
GILC member) highlighted how the legislation might make "it a criminal
offence to make information available to adults about 'adult themes'
including 'suicide, crime, corruption, marital problems, emotional trauma,
drug and alcohol dependency, death and serious illness, racism, religious
issues', except in a 'discreet' manner, that is, 'with little or no detail
and generally brief.'" EFA Executive Director Irene Graham fears that "this
Bill has the potential to be used to victimise people. It sets up the
situation where only one person needs to complain about a site and it could
be determined to be illegal. The law could be used to target people who
upset the government, for example." In addition, industry executives are
worried that the proposal, if enacted, would reduce job opportunities in the
region and lead many information technology workers to move offshore.
Mr. Williams' press release is posted under
http://www.law.gov.au/aghome/agnews/2001newsag/931_01.htm
See Thomas C. Greene, "Aussie AG denies e-mail penalty, sort of," The
Register (UK), Mar. 5, 2001 at
http://www.theregister.co.uk/content/6/17350.html
Read "Email forwarding law exempts personal messages, attorney general
says," Sydney Morning Herald, Mar. 5, 2001 at
http://www.theage.com.au/breaking/0103/05/A26800-2001Mar5.html
See also Rachel Lebihan, "Digital Copyright Act 'ambiguous,'" ZDNet
Australia, Mar. 7, 2001 at
http://www.zdnet.com.au/news/dailynews/story/0,2000013063,20207522,00.htm
To read EFA's alert on South Australia's new Internet content bill, click
http://www.efa.org.au/Campaigns/alert0301.html
See Karen Dearne, "Censor Bill gets R rating," Australian IT, Feb. 27, 2001
at
http://australianit.news.com.au/common/storyPage/0,3811,1751598%255E501,...
tml
To learn more about industry fears regarding the South Australian bill, see
Karen Dearne, "Censor Bill 'threatens' IT jobs growth," Australian IT, Mar.
6, 2001 at
http://australianit.news.com.au/common/storyPage/0,3811,1773311%255E442,...
tml
=================================================
[4] New Saudi Internet restrictions
=================================================
The government of Saudi Arabia has unveiled new measures to clamp down on
certain types of Internet speech.
These standards were set forth in a recent Council of Ministers resolution.
Under this regime, "All Internet users in the Kingdom of Saudi Arabia shall
refrain from publishing or accessing data" that contains a variety of taboo
subjects. The list includes statements that somehow infringe "the sanctity
of Islam," "reports" that are deemed "damaging to the Saudi Arabian armed
forces or to the dignity of heads of states," and transmissions that
propagate "subversive ideas." These regulations also include stringent
licensing and personal identification regimes. They restrict all Internet
traffic to a single choke point--an "internet service unit at King Abdulaziz
city for sciences and technology" in the capital, Riyadh, where "subversive
ideas" and other such data can be blocked with ease.
To read the full text of the new rules, visit
http://www.al-bab.com/media/docs/saudi.htm
See Brian Whitaker, "Losing the Saudi cyberwar," The Guardian, Feb. 26, 2001
at
http://www.guardianunlimited.co.uk/elsewhere/journalist/story/0,7792,443261,
00.html
==================================================
[5] New US blocking law challenged
==================================================
Numerous groups are suing against a new United States law that mandates
blocking software.
The so-called "Children's Internet Protection Act" was included as part of a
Labor-Health and Human Resources appropriations bill, and combines several
different filtering schemes. Among other things, the law essentially
requires high schools and libraries to include blocking software on all of
their computers. Institutions that refuse to do so (or implement policies to
that effect) would lose federal funding. CIPA was approved despite
vociferous objections from a broad coalition of groups, including GILC
members the American Civil Liberties Union (ACLU), the Electronic Frontier
Foundation (EFF) and the Center for Democracy and Technology (CDT).
After Congress enacted CIPA, the ACLU and the American Library Association
(ALA) each filed lawsuits to strike down the law. ACLU staff attorney Ann
Beeson noted that with the new Act, "The government is choking off the free
flow of information on the Internet to the library patrons who need it the
most," particularly minority and underprivileged children who cannot afford
to have home Internet access and must depend on libraries to go online.
Similar sentiments were voiced by ALA President Nancy Kranich: "Forcing
libraries to choose between funding and censorship means millions of library
users will lose - particularly those in the most poverty-stricken and
geographically isolated areas of the country."
The ACLU's complaint is posted under
http://www.aclu.org/court/multnomah.pdf
An ACLU press release on the CIPA lawsuit is available under
http://www.aclu.org/features/f032001a.html
The ALA complaint is available via
http://www.ala.org/cipa/cipacomplaint.pdf
An ALA press release on its CIPA lawsuit is posted at
http://www.ala.org/cipa/cipapressrelease.html
Read Robert O'Harrow, "Curbs on Web Access Face Attack," Washington Post,
Mar. 20, 2001, page A4 at
http://washingtonpost.com/wp-dyn/articles/A28922-2001Mar19.html
See also "Internet Filter Law Facing Court Challenge," ABCNews.com (US),
Mar. 20, 2001 at
http://abcnews.go.com/sections/scitech/DailyNews/internet_filters010320....
=================================================
[6] Who will control .com, .net and .org?
=================================================
Serious questions have arisen over the future of several well-known Internet
suffixes.
During a public forum in Melbourne, Australia, the Internet Corporation for
Assigned Names and Numbers (ICANN) drew fierce criticism over proposed
contracts that would allow domain name giant Verisign to retain its powers
over .com through at least 2007. Under these plans, Verisign would also
retain a substantial level of control over two other key Top-Level Domains
for several years, including .org (through December 2002) and .net (through
December 2006).
Many attendees expressed concern over the apparently undemocratic approach
with which these contracts were created, as well as the potential effects
the agreements may have on competition and free expression. Indeed, ICANN's
Board of Directors refused to make a final decision on this matter during
its public meetings Down Under, but scheduled a private conference call on
April 2, 2001 for this purpose.
These concerns have been reinforced by persistent signs that recognizable
domain names are becoming scarce, and the possibility that this artificial
scarcity problem may undercut free speech. Nevertheless, despite these
problems, ICANN officials admitted during the Melbourne meeting that they
have failed to complete negotiations to bring just 7 new Top-Level domains
online. Moreover, the World Intellectual Property Organization is now
seeking new "Best Practices" guidelines to be implemented within various
country code domain names-a move that detractors say will further skew
online expression to the benefit of large conglomerates and other powerful
trademark holders.
Further doubts as to ICANN's legitimacy have been brought out in the wake of
an initiative by New.net to allow computer users to use alternative web
domains such as .family and many others. This initiative works through a
special downloadable program that plugs into web browsers (such as Internet
Explorer and Netscape) and reroutes queries to the new domains. ICANN
Chairman Vint Cerf attacked the New.net program, calling it a mere "trick"
and "sleight of hand" that would have little real impact on the Internet as
a whole. However, several observers note that these and other efforts are
evidence of growing disenchantment with ICANN. Professor A. Michael Froomkin
from the University of Miami (Florida) said that New.net's venture "is not a
real attractive idea on its own technical merit. But given where we are,
what else can you do?"
ICANN's launching of a so-called "Clean Sheet" study further heightened
concerns over its perceived undemocratic nature. The study is supposed to
determine the proper role of the public voice in ICANN decisions. During its
meetings in Melbourne, Australia, the domain name body presented tentative
plans that were notable in that their apparent failure to recognize the
legitimacy of ICANN's own At-Large Members, or whether these members should
be allowed to exist in the future. Numerous experts are worried that this
study will lead to the end of ICANN public elections. Some of these fears
were voiced during special Civil Society meetings that coincided with the
ICANN convention.
To read the proposed .com, .net and .org Registry Agreements, visit
http://www.icann.org/nsi/proposed-com-registry-agmt-01mar01.htm
http://www.icann.org/nsi/proposed-net-registry-agmt-01mar01.htm
http://www.icann.org/nsi/proposed-org-registry-agmt-01mar01.htm
Transcripts and video archives of ICANN's Melbourne meetings are available
via
http://cyber.law.harvard.edu/icann/melbourne/archive/index.html
For more on the ICANN-Verisign proposed contracts, see Stewart Taggart,
"Furor over ICANN-Verisign Deal," Wired News, Mar. 13, 2001 at
http://www.wired.com/news/print/0,1294,42392,00.html
For German language coverage, read Monika Ermert, "Deal mit Verisign/NSI
uber .com-Domain verschoben," Heise Online, Mar. 13, 2001 at
http://www.heise.de/newsticker/data/jk-13.03.01-003/
Further details regarding delays in ICANN's rollout of new Top-Level Domains
are available from Stewart Taggart, "ICANN Readies for 'Land Rush,'" Wired
News, Mar. 12, 2001 at
http://www.wired.com/news/print/0,1294,42363,00.html
For more information on New.net, as well as Prof. Froomkin's remarks, see
Don Clark, "New twist in top-level domain name game," Wall Street Journal,
Mar. 5, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2692518,00.html
To read more of Vint Cerf's comments, see David McGuire, "Vint Cerf Calls
New.Net Domain Scheme a 'Cute Trick,'" Newsbytes, Mar. 5, 2001 at
http://www.newsbytes.com/news/01/162773.html
The text of WIPO's "Best Practices" proposal is posted under
http://ecommerce.wipo.int/domains/cctlds/bestpractices/bestpractices.html
See also Imogen Foulkes, "Dot.com conflicts scrutinized," BBC News Online,
Feb. 21, 2001 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1181000/1181926.stm
To read minutes from the Melbourne Civil Society meetings (as compiled by
Kimberley Heitman, chairman of Electronic Frontiers Australia), click
http://www.internetdemocracyproject.org/melbournemeeting.htm
For further background information, visit
http://www.internetdemocracyproject.org
=================================================
[7] German Nazi website case muddled
=================================================
First it was France; will Germany come next?
The German Central Council for Jews is planning to sue Internet service
providers for allowing access to Nazi websites. According to the group's
vice president, Michel Friedman, such webpages should banned even if they
are not located in Germany. The possibility that one country's free speech
restrictions could be applied on a global basis worries many legal scholars.
Mike Pullen, a lawyer from the British firm DLA, said that while "no one
wants to support Nazi sites," the Council's stance represented "is a
worrying principle. Who's next? What if the French government decides it
doesn't like Greenpeace campaigning about nuclear weapons?" Pullen suggested
that this suit might contravene article 10 of the European Convention on
Human Rights.
This move comes after a recent French court ruling that mandated web portal
Yahoo to block French Internet users from accessing the webpages in the
United States that allowed auctions of Nazi memorabilia. The ruling was made
pursuant to French laws that generally prohibit such goods from even being
advertised, much less sold. Yahoo has since filed suit in a U.S. Federal
court to prevent the French order from being enforced. However, in the
meantime, Yahoo decided to start blocking Internet users from items that, in
its judgment, somehow "promote or glorify hatred or violence."
Meanwhile, the German government has halted its investigation of Yahoo
regarding online auctions of Hitler's "Mein Kampf." A government
spokesperson explained that Yahoo was merely a service provider and did not
itself offer the book for sale. From a prosecutorial standpoint, since Yahoo
was not fully aware of the Nazi content and could not take steps to prevent
its sale, it could not be held criminally liable for incitement to racial
hatred.
In a related story, several Swiss Internet service providers (ISPs) are
blocking foreign webpages at the behest of a local anti-Nazi group.
Swisscom, Sunrise/Diax and Tiscalinet are denying access to some 754 sites
after a complaint was lodged by the Basel-based Children of the Holocaust.
The ISPs partly based their decision on fears of liability under Swiss laws
against racist speech that are broadly similar to those in Germany and
France.
See "Germany drops Yahoo 'Mein Kampf' auction probe," Associated Press, Mar.
22, 2001 at
http://usatoday.com/life/cyber/tech/2001-03-22-yahoo-germany.htm
Read "German Jews sue over Nazi net content," The Guardian Unlimited, Feb.
20, 2001 at
http://www.guardianunlimited.co.uk/internetnews/story/0,7369,440542,00.html
The European Convention on Human Rights is posted under
http://conventions.coe.int/treaty/EN/cadreprincipal.htm
Read Kristi Essick, "Yahoo Defies Court Ruling Over Nazi Memorabilia," The
Industry Standard (Europe), Feb. 21, 2001 at
http://www.thestandard.com/article/display/0,1151,22360,00.html
See also "Nazi web platform blocked by Swiss Internet service providers,"
Swiss Radio International, Feb. 19, 2001 at
http://www.swissinfo.org/sen/Swissinfo.html?siteSect=111&sid=584058
===================================================
[8] New copy protection schemes may curb fair use
===================================================
Various plans to strengthen the rights of intellectual property holders may
be coming to a hard drive near you.
One of these schemes, termed Content Protection for Removable Media (CPRM),
would have placed copy protection software and special digital markings on
each individual's hard drive (as well as removable drives and other such
systems). Afterwards, computer programs would have to be ported onto
CPRM-compliant hard drives, and, to make backup copies, computer users may
have to log in to a centralized server, which would ensure conformity with
intellectual property restrictions.
Many cybercitizens balked at the intrusive nature of these plans, which led
IBM to shelve CPRM for the time being. However, in its place, the company is
working with other industry giants such as Intel, Toshiba and Matsushita
toward adopting a new system (developed by Phoenix Technologies). While
details are still sketchy, this plan apparently envisions a scenario where
files would be encrypted, password-protected or otherwise restricted.
Afterwards, the codes used to access these files would be logged-an approach
that might still have the same effects as CPRM. It is unclear at this point
whether this system would be applied to all types of storage devices (such
as individual hard drives) rather than merely removable media.
Experts have savaged these proposals as a threat to the rights of ordinary
computer users. Stanton McCandlish of Electronic Frontiers Foundation (EFF-a
GILC member) called CPRM and its successors "crippleware." He also reminded
computer companies that their goal should be "to satisfy their customers,"
rather than restricting online free speech.
See John Borland, "Antipiracy efforts spark battle over copyright hardware,"
CNet News, Mar. 23, 2001 at
http://news.cnet.com/news/0-1005-201-5211420-0.html
Read Robert Lemos, "IBM pulls digital tagging plan," CNet News, Feb. 22,
2001 at
http://news.cnet.com/news/0-1006-201-4922288-0.html
See also Andrew Orlowski, "Will Phoenix keep your disks and OS CPRM-free?"
The Register (UK), Feb. 23, 2001 at
http://www.theregister.co.uk/content/4/17132.html
For more of McCandlish's remarks, read Andrew Orlowski, "IBM withdraws CPRM
for hard drives proposal," The Register (UK), Feb. 22, 2001 at
http://www.theregister.co.uk/content/2/17107.html
==================================================
[9] US Gov't seeks Supreme Court Net speech ruling
==================================================
The United States government is asking the nation's highest court to uphold
a law that criminalizes online speech.
The so-called Child Online Protection Act made it a crime to use the
Internet to pass along "for commercial purposes" information considered
"harmful to minors." The statute was enacted in response to a 1997 decision
by the U.S. Supreme Court, Reno v. American Civil Liberties Union, which
struck down the Communications Decency Act and applied traditional free
speech protections to the Information Superhighway. COPA was soon challenged
by the American Civil Liberties Union (ACLU) on behalf of 17 groups and
individuals. Several months ago, a U.S. Federal appeals court had ruled
unanimously that COPA unconstitutionally barred Internet expression.
However, the United States Attorney General, John Ashcroft, has now
petitioned the Supreme Court, asking the tribunal to uphold COPA.
The US Government petition is posted under
http://www.usdoj.gov/osg/briefs/2000/2pet/7pet/2000-1293.pet.aa.html
An ACLU press release about the lower court ruling is available via
http://www.aclu.org/news/2000/n062200b.html
Read Brian Krebs, "Govt Asks Supreme Court To Reverse COPA's Death Warrant,"
Newsbytes, Feb. 28, 2001 at
http://www.newsbytes.com/news/01/162531.html
==================================================
[10] 2nd round for DVD weblinks case
==================================================
Can you be sued for writing seven lines of computer code?
That's the question many people are asking after 2 students unveiled a new
program entitled "grpff." The program unscrambles the copy protection scheme
used in DVDs, and is a simplified version of DeCSS--a primitive computer
program to help users of the Linux operating system play DVDs on their
computers. Over the past year, the entertainment industry, through the DVD
Content Control Association (DVD CCA) and the Motion Picture Association of
America (MPAA), has waged legal battles in both New York and California to
prevent Internet users from linking to websites that have DeCSS. Many
experts fear that these actions may stifle free expression in cyberspace.
The developers of grpff, Keith Winstein and Marc Horowitz, are from the
Massachusetts Institute of Technology's Student Information Processing
Board, and wrote program for a class that Winstein was teaching. The two men
were acutely aware of the potential legal threats they may soon face.
Winstein called attempts to stifle the creation and dissemination of
decryption programs "preposterous" and said that "there's some value in
demonstrating how simple these things really are."
Meanwhile, the Electronic Frontier Foundation (EFF-a GILC member) is
appealing a trial court ruling in the New York that banned 2600 magazine
from providing information about DeCSS information on its website. The
opposing sides already have filed briefs, and oral arguments will take place
within the next few months.
For more on the new qrpff DVD decryption program, read Declan McCullagh,
"Descramble That DVD in 7 Lines," Wired News, Mar. 7, 2001 at
http://www.wired.com/news/print/0,1294,42259,00.html
See also Robert Lemos, "DeCSS 2? DVD code broken again," ZDNet News, Mar. 8,
2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2693768,00.html
For German language coverage of this development, see "Sieben Zeilen Code
entschusseln kopiergeschutzte DVDs (Update)," Heise Online, Mar. 8, 2001 at
http://www.heise.de/newsticker/data/nij-08.03.01-000/
For more on the court case, see "Studios Bolster DeCSS Suit," Reuters, Feb.
21, 2001 at
http://www.wired.com/news/politics/0,1283,41943,00.html
==================================================
[11] Japanese plan: ISPs to become censors
==================================================
A new proposal may force Internet service providers (ISPs) to act as
government speech examiners.
The Japanese Public Management Ministry is planning to submit a bill
requiring ISPs to check for webpages that harm someone's reputation.
Providers would then have to remove offending sites. The bill apparently
contains similar takedown guidelines for copyrighted material, as well as
provisions requiring ISPs to disclose the identity of website creators can
be if deemed necessary.
Observers have suggested that these plans may violate Article 21 of the
Japanese Constitution, which guarantees freedom of speech. In response, the
Ministry has decided to write in provisions allowing both ISPs and courts to
hear arguments on both sides (aggrieved parties and web content creators)
for each case before a given webpage is deleted. However, it is unclear
whether Internet authors will be forced to bear the burden of proving their
innocence. The system may also make it difficult for people to retain their
anonymity in cyberspace, which may intimidate online protestors and
whistleblowers. Moreover, it is not known whether the new bill gives
sufficient protection for various free speech uses of copyrighted material
(such as for public commentary or criticism).
See "Law planned to let ISPs remove malicious sites," Yomiuri Shimbun, Mar.
6, 2001 at
http://globalarchive.ft.com/globalarchive/article.html?id=010306000887
To read Article 21 of the Japanese Constitution, click
http://home.ntt.com/japan/constitution/japanese-Constitution.html#ARTICL...
An English-language translation of the Japanese Constitution is posted under
http://home.ntt.com/japan/constitution/english-Constitution.html#CHAPTER...
==================================================
[12] New anonymous net posting battles
==================================================
Skirmishes continue to break out regarding the future of anonymity along the
Information Superhighway.
In one of these cases, a judge in the United States is suing to discover the
identities of online critics, who posted their comments on the "Grant Street
1999" website. A trial court decided that these identities should not be
disclosed unless the plaintiff shows that her case has merit. However, the
court refused to dismiss the judge's lawsuit at the outset. The American
Civil Liberties Union (ACLU-a GILC member), which is representing the
authors of the website, is now asking an appeals court to throw out the
lawsuit and prevent unnecessary disclosures.
Meanwhile, in Seattle, the Electronic Frontier Foundation (EFF-a GILC
member) joined forces with a local ACLU affiliate to fight a subpoena that
would force an Internet service provider to divulge the name of a chat board
entry. The plaintiff, 2TheMart.com, sought the identities of some 23
individuals, including at least one person who never posted messages about
the company. EFF's Public Policy director Lauren Gelman warned that "courts
should not allow subpoenas to be used for 'fishing expeditions' when
individuals' First Amendment rights are at stake. The chilling of free
speech would be catastrophic."
In a third case, a self-titled "Anonymous Publicly Traded Company" is suing
America Online, hoping to discover the identities of 5 chatboard critics.
The company claims that these 5 people made "defamatory and disparaging
material misrepresentations," but said that it wanted to remain incognito to
avoid losing business. A state supreme court ruled that the firm must first
disclose its own name before it can go forward with its case, and held that
"the likelihood of the plaintiff suffering some embarrassment or economic
harm is not enough by itself to permit anonymity."
A recent ruling in the United Kingdom has counterbalanced these decisions in
the United States. In a lawsuit, a British court has ordered Web trading
company Motley Fool to divulge the identity of a netizen who posted
allegedly defamatory remarks against Internet company Totalise. The court
also held that Motley Fool was not protected by UK laws that allow
newspapers and other publications in most cases to avoid disclosing their
sources. Malcolm Hutty of the Campaign Against Censorship of the Internet in
Britain (CACIB-a GILC member) warned: "A decision like this can be taken to
mean that anonymity is not right and that is too broad. A court needs to
consider carefully the implications of its decisions and consider peoples
rights under the Human Rights Act." Hutty was apparently referring to the
Council of Europe's Universal Declaration of Human Rights Act, which treats
privacy as a fundamental right.
For more on the Totalise/Motley Fool case, see Steve Gold, "End of the
anonymous net," The Guardian, Mar. 22, 2001 at
http://www.guardianunlimited.co.uk/internetnews/story/0,7369,460668,00.html
"Website operators must identify maker of defamatory comments," The Times of
London, Mar. 15, 2001 at
http://www.thetimes.co.uk/article/0,,12-99112,00.html
See also Will Knight, "Forums face crackdown after Motley Fool ruling,"
ZDNet UK, Mar. 19, 2001 at
http://www.zdnet.co.uk/news/2001/11/ns-21639.html
For more on the "Anonymous Publicly Traded Company," read Lisa M. Bowman,
"Anonymous company goes after John Does," CNet News, March 14, 2001 at
http://news.cnet.com/news/0-1005-200-5136753.html
For an ACLU press release on the Melvin and 2TheMart cases, click
http://www.aclu.org/news/2001/n022601b.html
See Jeffrey Benner, "Chat Room Rants Protected," Wired News, Feb. 27, 2001
at
http://www.wired.com/news/politics/0,1283,42039,00.html
See also Aaron Elstein, "AOL sides with anonymous posters," Wall Street
Journal, Mar. 5, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2692564,00.html
Read Jeffrey Terraciano, "Can John Doe Stay Anonymous?" Wired News, Feb. 21,
2001 at
http://www.wired.com/news/politics/0,1283,41714,00.html
==================================================
[13] Cuba's continuing Internet woes
==================================================
Cuba's strict rules on Internet use may be hampering its efforts to enter
the Information Age.
People who live in the Caribbean nation must jump over many hurdles to go
online. There is only one Internet service provider, which is run by the
state, charges high fees (more than the annual salary of an average Cuban)
and has slow connection speeds. After entering cyberspace, Cuban Internet
users are then blocked from many sites that are deemed "subversive,"
including webpages with anti-Castro or anti-Communist messages, according to
a government spokesperson. Reports have indicated that similar filtering
regimes are applied to private e-mail messages. Netizens whom the government
suspects of counter-revolutionary activities are subjected to surveillance,
equipment seizures and possible jail time.
Academics have pointed out that these regimens have had a detrimental impact
not only on freedom of information, but on Cuban society. Professor Juan
Carlos Espinosa of St. Thomas University (in Miami, Florida) noted in
particular that "Cuban young people are really hungry for information and
have a sense of being left behind." Disturbingly, many scholars in Cuba have
been forced to remain silent or have otherwise refused to comment on the
government's actions, for fear of potential persecution.
See Julia Scheeres, "Cuba Not So Libre With the Net," Wired News, Feb. 23,
2001 at
http://www.wired.com/news/politics/0,1283,41940,00.html
============================================
[14] UK plans may criminalize online protests
============================================
Experts fear that new British legislation will erode free speech rights on
the Information Superhighway.
One of these proposals is actually contained within amendments to a Criminal
Justice and Police Bill. The plan would, in theory, criminalize the sending
of hate mail by electronic means. Violators may be thrown in jail or forced
to pay fines of 6000 pounds. Free expression advocates are worried that the
law's vague standards will deter online protests, particularly against
prominent figures such as corporate executives. These fears were heightened
after comments from British Home Secretary Jack Straw: "These new measures
are designed to help prevent two tactics used by ... individuals-protesting
outside employees' and directors' homes and sending intimidating mail. We
want to ensure that all types of threatening messages are covered-including
those by text messaging and email."
Meanwhile, a recently enacted British law, the Terrorist Act 2000, is also
receiving negative reviews. Section 12 of the law contains language that
bans people from merely expressing "support" for any "proscribed
organization"; indeed, these provisions specifically state that "support ...
is not restricted to the provision of money or other property." Similarly,
the Act also bars people from attending and speaking at any "meeting ... to
encourage support for a proscribed organization or to further its
activities." A number of observers worry that this statute could be applied
to stifle online gatherings such as newsgroups and chat rooms.
To read the text of the "Malicious Communications" amendment to the Criminal
Justice and Police Bill, see
http://www.publications.parliament.uk/pa/cm200001/cmstand/f/st010306/pm/...
6s01.htm
See Graeme Warden, "Government to ban 'hate emails,'" ZDNet UK, Feb. 22,
2001 at
http://www.zdnet.co.uk/news/2001/7/ns-21127.html
The text of the Terrorism Act 2000 (section 12) is available at
http://www.hmso.gov.uk/acts/acts2000/00011--c.htm#12
Read Kieren McCarthy, "Newsgroups can be terrorists too," The Register (UK),
Feb. 20, 2001 at
http://www.theregister.co.uk/content/8/17073.html
======================================================
[15] Music companies & gov't spies: perfect together?
======================================================
The entertainment industry has apparently found a new way to protect their
interests: have spies watch private citizens as they travel along the
Information Superhighway.
This alliance between intelligence agencies and music companies has become
particularly strong after a recent court ruling required Napster to block
access to copyrighted songs. However, various record companies have pushed
for further measures, as evidenced by a recent raid by government agents.
The raid came at the behest of the International Federation of the
Phonographic Industry (IFPI), which monitored individuals online, then
passed their information on to the Belgian police. Marcel Hymans, who leads
the IFPI in Belgium, boasted government authorities would soon break into
homes of hundreds of cybercitizens. One Belgian publication quoted him
proclaiming: "The time for warnings is over, now we're going into action."
These efforts have disturbed many within the Internet community, who worry
about how entertainment conglomerates have apparently become de facto
government agents. These fears have been heightened by IFPI initiatives in
other countries. In the United Kingdom, a local IFPI spokesperson has
already warned British computer users that they may want to watch what they
do online: "We have a very aggressive commitment to the fight against
piracy, especially those who upload large amounts of digital music onto the
Net." Interestingly enough, the spokesperson claimed that IFPI was "not so
bothered about the one-time downloader," but did not explain precisely what
standards the group would follow in determining whether to bring in
government law enforcement agents.
See Graeme Warden, "Music industry to snoop on Napster fans worldwide,"
ZDNet UK, Feb. 19, 2001 at
http://www.zdnet.co.uk/news/2001/7/ns-21063.html
See also Michael Learmonth, "The Online Enforcer," The Industry Standard
Europe, Feb. 16, 2001 at
http://www.thestandard.com/article/display/0,1151,22315,00.html
Read Jeffrey Benner, "Napster Fallout: Privacy Loses?" Wired News, Mar. 6,
2001 at
http://www.wired.com/news/politics/0,1283,42203,00.html
Further coverage is available from Janelle Brown, "Who is spying on your
downloads?" Salon.com, Mar. 27, 2001 at
http://salon.com/tech/feature/2001/03/27/media_tracker/index.html
See also John Borland, "Who will serve as Napster police?" ZDNet News, Mar.
27, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5080218,00.html
======================================================
[16] DoubleClick launches new tracking program
======================================================
Is DoubleClick at it again?
That's what some computer users are wondering after the online advertising
juggernaut (along with comScore Networks) launched a new plan to collect
personal information from Internet users. While details are sketchy, this
new software package (called netScore) apparently can track people wherever
they are logged in-whether they are at home, at work or even overseas. In a
press release, the DoubleClick boasted that the program was based on a
comScore database that contained personal information dossiers on some one
and a half million computer users.
The launching of this program comes nearly a year after DoubleClick recently
admitted to tracking viewers through the Internet by placing digital
identification numbers in files known as "cookies" on a user's hard drive,
which it matches with name and address information that has been collected
by its partners. Despite initial claims to the contrary, DoubleClick
expressed its intention to match this data with more extensive information
contained in millions of files maintained by its merger partner Abacus
Direct. Subsequently, DoubleClick shelved its data-matching plan after a
storm of public criticism.
To read a DoubleClick press release on the subject, visit
http://www.doubleclick.net/us/corporate/presskit/press-releases.asp?asp_...
ct_1=&press%5Frelease%5Fid=2496
Read "DoubleClick rolls out ad-tracking tools," Reuters, Mar. 5, 2001 at
http://www.zdnet.com/zdnn/stories/newsbursts/0,7407,2692765,00.html
======================================================
[17] ECHELON spyware plug-ins: Oasis & FLUENT
======================================================
A global surveillance network may be getting even more powerful than before.
United States intelligence officials have released some information
regarding two new programs. One of these programs, Oasis, automatically
creates machine-readable transcripts from television and audio broadcasts.
Reports indicate that Oasis can also distinguish individual speakers and
detect personal characteristics (such as gender) then denote these
characteristics in the transcripts it creates. At least one division of the
U.S. Central Intelligence Agency (CIA) already operates Oasis, and there are
plans to expand the program's use over the course of this year, as well as
develop Chinese and Arabic versions.
The other program, FLUENT, allows English-language keyword searches of
non-English materials. This data mining tool not only finds pertinent
documents, but also translates them, although the number of languages that
can currently be translated is apparently limited (Russian, Chinese,
Portuguese, Serbo-Croatian, Korean and Ukrainian). In addition, FLUENT
displays the frequency with which a given word is used in a document and can
handle alternate search term spellings.
Many experts note that this new software may be used to upgrade the massive
surveillance system, popularly known as ECHELON. ECHELON is designed to
intercept communications from around the world, and is reportedly operated
by the United States National Security Agency in conjunction with several
other intelligence agencies. It is supposed to be capable of intercepting
e-mail messages, faxes, and telephone conversations. Concerns about
ECHELON's potential threat to individual privacy were heightened by a
Congressional hearing several months ago, where the directors of both the
Central Intelligence Agency (CIA) and NSA refused to provide details on the
legal standards by which ECHELON operates.
See Vernon Loeb, "Making Sense of the Deluge of Data," Washington Post, Mar.
26, 2001, page A23 at
http://washingtonpost.com/wp-dyn/articles/A57318-2001Mar25.html
Read Tabassum Zakaria, "CIA using data mining to keep smart," Reuters, Mar.
3, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2692457,00.html
See also Thomas C. Greene, "CIA patching ECHELON shortcomings," The Register
(UK), Mar. 6, 2001 at
http://www.theregister.co.uk/content/8/17361.html
======================================================
[18] Euro privacy panel attacks cybercrime plan
======================================================
Continued efforts to create a new European cybercrime treaty are raising
serious concerns from both Internet companies and privacy groups.
While the Council of Europe treaty is still being revised, a previous
version would have signatory countries enact laws that might make it easier
for government agents to search computers and conduct real-time surveillance
on private citizens through telecommunications networks. The convention
included provisions that may allow law enforcement officials greater access
to many types of personal security information, such as encryption keys.
Additionally, the scheme could make Internet service providers (ISPs) liable
for their customers' content, and may lead ISPs to monitor and retain
records on customer activities. Furthermore, the prior draft mandated
signatories to create new harsh penalties for copyright infringement.
European Union officials are now pushing for new sections that would ban
websites containing language deemed hateful or inflammatory, an apparent
extension of a controversial French ruling against Yahoo regarding Nazi
memorabilia on its auction pages.
These plans have drawn a great deal of criticism. The European Commission
Data Protection Working Party issued an opinion that strongly criticized the
draft treaty. Among other things, the panel (which is composed of Data
Protection officials from Council of Europe member states) noted that while
the proposal may be entered into by non-European nations, the treaty did not
require those countries to create conditions and safeguards to protect
individual privacy. Indeed, the group felt that portions "of the draft
Convention could create the impression that the protection of human rights
shall only be considered when it is 'due' and shall only be 'adequate'." In
addition, these experts had "serious concerns" about the proposal's language
"which obliges service providers to collect or record within their technical
capability traffic data in real-time," as well as requirements for such
providers to keep traffic and other computer data for 60 days." Thus, the
Working Party felt that many parts of the Convention "are not sufficient to
fully safeguard the fundamental rights to privacy and personal data
protection."
The panel's concerns echoed views expressed in a series of recent letters
from the Global Internet Liberty Campaign. These views were reiterated by
the French cyberliberties group Imaginons on Reseau Internet Solidaire
(IRIS-a GILC member) which gave a special presentation on these and other
cybercrime efforts at a special EU briefing held March 7. Meanwhile, the
computing industry has also expressed alarm at these developments. Fred
Eisner from the Dutch Association of Internet Providers complained: "This
draft convention lacks balance. While it gives far more powers to law
enforcement agencies, there are no built-in checks and balances...on behalf
of all other actors." Nevertheless, in spite of these difficulties, the
Council may approve a final draft by June.
The Working Party's "Opinion 4/2001 on the Council of Europe's Draft
Convention on Cybercrime" is posted at
http://europa.eu.int/comm/internal_market/en/media/dataprot/wpdocs/wp41e...
m
For German language press coverage, see Stefan Krempl, "Fette Bugs in
Cybercrime-Abkommen," Heise Telepolis, Mar. 28, 2001 at
http://www.heise.de/tp/deutsch/inhalt/te/7239/1.html
The IRIS presentation (in French) is located under
http://www.iris.sgdg.org/actions/cybercrime/iris-ec0201.html
For more information on the briefing, visit the official EU website via
http://europa.eu.int/ISPO/eif/InternetPoliciesSite/Crime/crime1.html
For further details on industry opposition to these cybercrime proposals,
read the following Austrian Chamber of Commerce statement (in
German/Deutsch):
http://europa.eu.int/ISPO/eif/InternetPoliciesSite/Crime/Comments/FEEI.html
See "Net execs, governments collide on cybercrime treaty," Reuters, Mar. 6,
2001 at
http://news.cnet.com/news/0-1007-200-5043832.html
See also "Europe Slaving Over Cybercrime," Associated Press, Mar. 6, 2001 at
http://www.wired.com/news/politics/0,1283,42228,00.html
The latest version (no. 25) of the CoE cybercrime treaty is available at
http://conventions.coe.int/treaty/EN/projets/cybercrime25.htm
To read a Dec. 2000 GILC letter on the Council of Europe cybercrime
proposal, see
http://www.gilc.org/privacy/coe-letter-1200.html
======================================================
[19] UK email surveillance regulations stall
======================================================
Will Great Britain ever try to protect the privacy of its workers?
That's the question many UK Internet users are posing after continued delays
in devising new regulations on the subject. These regulations are related to
the controversial Regulation of Investigatory Powers Act (RIP) which, among
other things, includes language stating that employers have a legal right to
monitor their workers. The British Data Protection Commission had issued a
draft code that would place a few restrictions on this supposed right,
including fines against firms that violate the code.
The Commission then delayed finalizing this document, supposedly due to a
large number of public responses (110). The Commission is now planning to
release these new standards in pieces, with the workplace privacy section to
come later rather than sooner. Some experts worry that this will leave
British workers with little protection against undue monitoring by their
bosses for an indefinite amount of time. Others wonder whether the code will
pay sufficient attention to the latest threats to Internet privacy,
including tracking programs built into corporate blocking software.
See Kieren McCarthy, "Email snooping code of practice delay," The Register
(UK), Mar. 6, 2001 at
http://www.theregister.co.uk/content/8/17365.html
See also David Neal, "Email monitoring code delayed," IT Week, Feb. 23, 2001
at
http://www.zdnet.co.uk/news/2001/7/ns-21172.html
======================================================
[20] Hotmail/Microsoft selling user info
====================================================== Special offer: sign
on now to receive lots of junk e-mail messages.
That's what many cynics are saying about Hotmail. The Microsoft subsidiary
has admitted to sharing customer information lists with a public Internet
directory site. Under this arrangement, Hotmail provided e-mail addresses
and other personal information to Infospace, including the towns and states
were individual users lived. Infospace matched that data with telephone
numbers, home addresses and other tidbits, then made the files available
through the World Wide Web, which telemarketers apparently used for targeted
advertising campaigns. Both Microsoft and Infospace claimed that these
practices should already have been known to customers through their privacy
policies, and that customers could simply opt-out of this system. However,
Hotmail's privacy policy actually says: "Hotmail keeps all of your Personal
Information private and does not share it with any third parties." Moreover,
Hotmail (in its default settings) assumes consumer consent to this sharing
procedure; users have the burden of discovering this data transfer program
and making an effort to change these specifications.
The procedure was discovered by Bennett Haselton of Peacefire (a GILC
member). Haselton noted that the entire scheme invaded user privacy, and
that "[o]nce your e-mail addresses get into the spammers' databases, you
can't get it out again." However, a Microsoft spokesperson nevertheless
claimed that her company was "clearly stating" its procedures, and even
suggested that passing along personal information to third parties was "a
consumer benefit."
A copy of Hotmail's privacy policy is available at
http://www.hotmail.msn.com/cgi-bin/dasp/hminfo_shell.asp?content=pstate&...
g=EN&id=2&ct=985039874
Read "Hotmail addresses shared with Internet directory site," Associated
Press, Mar. 6, 2001 at
http://abcnews.go.com/wire/Business/ap20010306_436.html
======================================================
[21] Voter.com user political data auction
======================================================
Many dot-coms may have poor policies on user privacy. A number of them sell
information about their users. But few of them have sold data on their
customers' political views...until now.
Voter.com, which recently went bankrupt, is planning to auction off details
regarding some 170 000 users. These files include what political parties
individuals adhere to, what issues they find important, as well as e-mail
addresses and other personal information. The proprietors of the former
policy portal have also made the bizarre claim that this sale is consistent
with its previously announced privacy standards, in that it will require
buyers to use the data only to "provide personalized political news and
information to subscribers."
Not surprisingly, privacy advocates have panned this move. Jason Catlett
from Junkbusters called Voter.com's auctioning of personal user files as
just "another example of how privacy policies are usually a hopeless way to
protect privacy because the customer doesn't have predictable rights."
Indeed, these developments come several months after another failed Internet
company, Toysmart.com was prevented from auction data about its customers.
Toysmart's majority owner eventually purchased the files and destroyed them
as part of a court-approved settlement.
In addition, government officials are now starting to take an interest in
the way bankrupt Internet corporations handle their user databases. The
United States Senate has included an amendment on the subject within a
recently approved bankruptcy bill. Under this standard, dot-coms essentially
must adhere to their privacy policies even when they go under. Such
companies might be allowed to sell customer data to independent third
parties, but only if a court finds the privacy risk is relatively
insignificant.
For more on the Senate dot-com privacy amendment, see Patrick Ross, "Senate
protects consumer data," CNet News, Mar. 16, 2001 at
http://news.cnet.com/news/0-1005-200-5160763.html
Read Keith Perine, "State Attorneys General Compromise on Privacy," The
Industry Standard, Mar. 16, 2001 at
http://www.thestandard.com/article/display/0,1151,22917,00.html
For more on Voter.com, see Aaron Pressman, "Voter.com to sell membership
list," The Industry Standard, Mar. 15, 2001 at
http://www.thestandard.com/article/display/0,1151,22894,00.html
===========================================================
[22] New online breaches affect even celebrities
===========================================================
A rash of recent online data intrusions has heightened concerns about online
privacy.
Perhaps the biggest of these breaches occurred in New York. Government
investigators say that Abraham Abdullah took advantage of lax security
measures and used the Internet to break into the accounts of several
prominent celebrities. The list of alleged victims includes Steven
Spielberg, Ted Turner, Oprah Winfrey and many others. According to
prosecutors, Abdullah was particularly effective in manipulating large
financial institutions (including Merrill Lynch, Goldman Sachs, Equifax and
others) into accessing sensitive account information. Some experts suggest
that the total amount of stolen materials could be in the millions of US
dollars.
This event was one of only several highly publicized incidents that have
heightened concerns about online privacy. Bibliofind, a subsidiary of
Amazon, has admitted that hackers have been able to access customer data
such as credit card numbers, names, addresses and telephone numbers for
nearly 4 months. The number of consumers affected by this breach may be as
high as 98 000. Meanwhile, OfficeMax.com (which sells office supplies)
exposed personal user information (such as credit card numbers and
expiration dates) on its website. While it is unclear how many online
customers were affected, the site had attracted nearly one and half million
visitors in January.
For more on the celebrity credit card scam, see Murray Weiss, "How NYPD
Cracked the Ultimate Cyberfraud," New York Post, Mar. 20, 2001 at
http://www.nypost.com/news/regionalnews/26868.htm
See also "Cybertheft Case Skewers Celebs," CBS News, Mar. 20, 2001 at
http://cbsnews.com/now/story/0,1597,280107-412,00.shtml
For more on the Amazon subsidiary security breach, see Stuart Millar,
"Hackers humiliate Amazon," The Guardian, Mar. 8, 2001 at
http://www.guardianunlimited.co.uk/internetnews/story/0,7369,448408,00.html
Read "Hackers Hit Amazon Unit Site," Washington Post, Mar. 6, 2001, page E2,
at
http://washingtonpost.com/wp-dyn/articles/A27498-2001Mar5.html
See also "Amazon.com unit Bibliofind subject of hacker attacks," Associated
Press, Mar. 5, 2001 at
http://abcnews.go.com/wire/Business/ap20010305_1551.html
For more on the OfficeMax credit card disclosures, see Michele Kessler,
"OfficeMax site exposes private customer info," USA Today, Feb. 22, 2001 at
http://www.usatoday.com/life/cyber/tech/2001-02-22-officemax.htm
===========================================================
[23] New Privacy Coalition formed
===========================================================
Dozens of organizations have banded together to launch a new initiative: the
Privacy Coalition.
In this Coalition, individual groups have signed on to a special Privacy
Pledge supporting a privacy framework to protect the rights of citizens in
the information age. This system includes such principles as "Fair
Information Practices, independent enforcement and oversight, promotion of
genuine Privacy Enhancing Technologies, legal restrictions on surveillance
technologies, and a solid foundation of federal privacy safeguards that
permit the private sector and states to implement supplementary protections
as needed."
Ed Mierzwinski of the United States Public Interest Research Group said that
one of the Coalition's first priorities is to urge "legislators to sign our
new privacy pledge to help us defend consumer and citizen privacy rights
against a massive industry campaign to dumb them down." Other Coalition
members hoped that these efforts would also lead lawmakers to enact
proposals to create strong privacy standards. Marc Rotenberg of the
Electronic Privacy Information Center (EPIC-a GILC member) pointed out that
"[t]here needs to be an agency or statute to enforce privacy interests,
because the current arrangement puts all of the burden on the individual."
These moves come in light of recent Forrester Research study which suggests
that consumers have lingering fears about their privacy on the Internet, and
that industry efforts to quiet these fears have come up short. As one
Forrester analyst put it, "Anyone who thinks the privacy issue has peaked is
greatly mistaken."
To read the Privacy Pledge, visit
http://www.privacypledge.org
For press coverage of this event, see Brian Krebs, "Group Urges Lawmakers To
Sign Privacy Pledge," Newsbytes, Feb. 12, 2001 at
http://www.newsbytes.com/news/01/161859.html
See also Brock N. Meeks, "Privacy groups to Congress: Get your act
together," MSNBC, Feb. 13, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2685081,00.html
For more on the Forrester study, see David McGuire, "Firms Must Tackle
Consumers' Privacy Anxieties-Forrester," Newsbytes, Mar. 5, 2001 at
http://www.newsbytes.com/news/01/162712.html
============================================
[24] Privacy software in the works
============================================
Scientists are busy creating several new computer programs that may enhance
online privacy.
One of these programs is the brainchild of Richard M. Smith from the Privacy
Foundation. This software is designed to counter tiny image files (known
"webbugs") which are being used increasingly to identify and track computer
users. The Privacy Foundation program, which is currently being tested,
causes individual computers to say "uh-oh" when a webbug is encountered.
Smith hopes that "if people see the Web bug, they'll contact the Web site
and ask why. So it's sort of putting social pressure on Web sites."
Another new program, the Evidence Eliminator, allows users to leave little
or no trace of their activities. To do this it destroys a vast array of
files and logs which may betray a given user's actions, including caches,
temporary swap files, media player histories, registry streams and so on. It
also permanently erases these files to a greater extent than usual methods.
The program's creators also claim that the Eliminator can accelerate
computing performance, presumably by freeing up system resources.
Observers hope that these and other devices will usher in a new privacy age
that will foster Internet growth. David Sobel of the Electronic Privacy
Information Center (EPIC-a GILC member) notes that "[t]echnologies that
facilitate anonymous use of the Internet are really critical to the survival
of the Internet as an open and democratic form."
See "Software tools help Web users protect privacy," Associated Press, Mar.
19, 2001 at
http://www.usatoday.com/life/cyber/tech/2001-03-19-privacy.htm
For more on webbug detectors, read Stefanie Olsen, "New tools hatch for
sniffing out Web bugs," CNet News, Mar. 5, 2001 at
http://news.cnet.com/news/0-1005-200-5008849.html
For further details on the Evidence Eliminator, see
http://www.evidence-eliminator.com/
============================================
[25] CFP 2001 Conference held
============================================
Despite a massive snowstorm, intrepid attendees to the Computers, Freedom,
and Privacy (CFP) conference discussed a variety of hot cyberliberties
issues.
In one noteworthy session, Richard M. Smith of the Privacy Foundation
demonstrated how several new devices may help various parties spy on
individuals. An cited example was SportBrain, which is worn on the user's
body and tracks the person's heart beat, body movements and other personal
information. It turns out that the device sends this data back to the
manufacturer's website, apparently so that the company can better target
advertisements. Yet despite the apparent security issues involved, a
corporate spokesperson claimed that SportBrain posed "no privacy concerns."
Coinciding with the CFP meetings was the third annual United States Big
Brother Awards ceremony, sponsored by Privacy International (a GILC member).
These awards were designed to publicize some of the most serious threats to
individual privacy online. This year's Most Invasive Proposal prize went to
the notorious the US government's Carnivore spyware program; data mining
firm ChoicePoint won the corporate invader award for "massive selling of
records, accurate and inaccurate to cops, direct marketers and elected
officials." The City of Tampa, Florida won the worst public official award
for its facial scans of everyone who went to see the Super Bowl in January.
The Lifetime Menace prize went to The US National Security Agency for, among
other things, "50 years of spying."
In addition, the Electronic Frontier Foundation (EFF-a GILC member)
conferred its 2001 Pioneer Awards. The winners included Seth Finkelstein for
"raising the level of public awareness about the dangers to free expression
posed by Internet content blocking and labelling systems." Other recipients
included Canadian privacy advocate Stephanie Perrin and the late Bruce
Ennis, who he successfully argued the case of online free speech case of
Reno v. the American Civil Liberties Union before the U.S. Supreme Court.
For more on SportBrain and other new possible tracking technologies, see
Eric Auchard, "Those great gadgets may be spying on you," Reuters, Mar. 8,
2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2693860,00.html
For more details on the 2001 U.S. Big Brother Awards, click
http://www.privacyinternational.org/bigbrother/us2001/
See Michael S. James, "Is 'Big Brother' Watching?" ABCNews.com (U.S.), Mar.
8, 2001 at
http://abcnews.go.com/sections/scitech/DailyNews/bigbrother_010307.html
For German language coverage of the Big Brother Awards, see Stefan Krempl,
"NSA offiziel zum Big Brother gekurt," Heise Telepolis, Mar. 8, 2001 at
http://www.heise.de/tp/deutsch/inhalt/te/7092/1.html
EFF's announcement of the 2001 Pioneer Awards winners is posted at
http://www.eff.org/awards/20010305_pioneer_press_release.html
============================================
[26] New GILC Members: APC and CCC
============================================
The Global Internet Liberty Campaign welcomes two new members: the
Association for Progressive Communications (APC) and the Chaos Computer Club
(CCC).
Founded in 1990, APC has fought to make information technology more readily
accessible to members of civil society. Towards that end, it has mounted
strong protests against government-sponsored surveillance plans around the
world, ranging from the British Regulation of Investigatory Powers Bill
(RIP) to the global ECHELON spy network. APC has also launched an Internet
Rights Program to foster democracy in cyberspace, and has fought attempts to
censor the Internet in several countries, including most recently Korea.
Over the past ten years, the Germany-based CCC has vigorously defended the
rights of computers users to engage in a whole of activities, including
freedom of expression and information. In the past, the group has made
efforts to increase public awareness of such Internet privacy issues as
encryption key escrow, the security of online banks and many others.
The APC homepage is located at
http://www.apc.org
Visit the CCC website at
http://www.ccc.de
=========================================================
ABOUT THE GILC NEWS ALERT:
==========================================================
The GILC News Alert is the newsletter of the Global Internet Liberty
Campaign, an international coalition of organizations working to protect and
enhance online civil liberties and human rights. Organizations are invited
to join GILC by contacting us at
[email protected].
To alert members about threats to cyber liberties, please contact members
from your country or send a message to the general GILC address.
To submit information about upcoming events, new activist tools and news
stories, contact:
Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004
USA
Or email:
[email protected]
More information about GILC members and news is available at
http://www.gilc.org
You may re-print or redistribute the GILC NEWS ALERT freely.
To subscribe to the alert, please send e-mail to
[email protected]
with the following message in the body:
subscribe gilc-announce
========================================================
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A
GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)
========================================================
========== HURIDOCS-Tech listserv ==========
Send mail intended for the list to
Archives of the list can be found at: http://www.hrea.org/lists/huridocs-tech/
To subscribe to the list, send a message to
with the following text in the message: subscribe huridocs-tech
To unsubscribe from the list, send a message to
with the following text in the message: unsubscribe huridocs-tech
If you have problems (un)subscribing, contact
- Log in to post comments
- 2120 reads
Author
Anonymous (not verified)
