============================================================= @@@@ @@@@ @@@ @@@@ @ @ @@@@ @@@@ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @@@ @ @ @@@@@ @ @@@ @@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @@@ @@@@ @ @ @@@@ @@@@ @ @ @ ============================================================ Volume 1.01 May 18, 1994 ------------------------------------------------------------ Published by the Electronic Privacy Information Center (EPIC) Washington, DC (Alert@epic.org) ----------------------------------------------------------------------- Table of Contents ----------------------------------------------------------------------- [1] Federal Electronic Surveillance Increased in 1993 [2] Credit Reporting Amendments Pass Senate [3] ALCU Survey Finds Strong Support for Privacy [4] DMV Privacy Bill Passes House [5] NII Working Group Requests Comments on Privacy Principles [6] NTIA Requests Comments on NII Privacy [7] New Files at the Internet Library [8] Upcoming Conferences and Events ----------------------------------------------------------------------- [1] Federal Electronic Surveillance Increased in 1993 ----------------------------------------------------------------------- Fueled by an increased use of electronic surveillance by federal officials in drug cases, the number of wiretaps and microphones installed by federal, state and local law enforcement officials increased by six percent in 1993 over the previous year. There were also substantial increases in the total number of days in operation, extensions granted and in the cost of each order. However, the efficiency of wiretaps continues to decline as the percentage of relevant communications intercepted has dipped below 20 percent for federal investigations Federal and state courts approved a total of 979 requests, the highest number since electronic surveillance was legalized in 1968. Federal orders increased by 33 percent from 1992, while state investigations decreased by nine percent. No surveillance requests were rejected or amended. In 25 years, only 27 requests have ever been rejected, two most recently in 1988. Narcotics Main Offense Cited The vast majority of cases investigated involved narcotics. Seventy-four percent of the federal investigations and 69 percent of all investigations were for narcotics related offenses. These figures continue long-standing trends. Use of electronic surveillance in narcotics cases has increased 240 percent since 1980 and over 500 percent since the legalization of electronic surveillance in 1968. Use of the technique in investigations of other offenses has decreased or remained at similar levels. Federal Use Increases Federal investigations accounted for nearly half of all requests for electronic surveillance in 1993. Federal judges approved 450 requests, a 30 percent increase in requests over 1992. The 450 requests approved by federal judges represent a 30 percent increase over the previous year. Federal use of electronic surveillance has increased nearly 450% since 1980. Fifty-one federal judicial districts utilized electronic surveillance in 1993. The Southern District of New York, which includes New York City, and the Eastern District of Michigan, which includes Detroit were the areas with the highest number of orders. State Use of Electronic Surveillance Declines State use of electronic surveillance declined by nine percent from 1992. State use was at its peak in 1973, when 734 orders were approved. Since the mid-1970s, the average number of state orders has fluctuated between 450 and 550 per year. In 1993, only 23 states used electronic surveillance. New York had the highest number of orders - 204. New York, New Jersey and Pennsylvania accounted for 73 percent of the state surveillance orders. Efficiency Declines As the use of electronic surveillance has increased, its efficiency as a law enforcement tool has substantially declined. The majority of conversations overhead are determined by prosecutors to be irrelevant to any investigation. In 1993, prosecutors determined that only 20 percent of all conversations were relevant. For federal investigations, only 17 percent were relevant. These percentages have decreased significantly since the 1970s when prosecutors reported that, on average, over half of all conversations were relevant to an investigation. ----------------------------------------------------------------------- [2] Credit Reporting Amendments Pass Senate ----------------------------------------------------------------------- The long awaited amendments to the Fair Credit Reporting Act were approved by the Senate 87-10 on May 4. The bill (S. 783), may lead to the first update to the FCRA since its passage in 1970. The legislation was sponsored by Sens. Richard Bryan (D-NV), Don Riegle (D-MI) Kit Bond (R-MO) and Harris Wofford (D-PA). The bill preempts state statutes for six years in several areas including obsolete information, prescreening of consumer reports, duties of persons who take adverse actions based on consumer reports and intra-company transfer of credit information. After 6 years, the states may pass laws that explicitly state that they supplement the Federal act. The bill allows consumers to opt-out of having their information distributed for use in offering unsolicited credit cards ("prescreening") and some direct marketing uses. Credit agencies are prohibited from providing adverse information over 10 years old. Secondary users of credit services cannot obtain credit reports for resale without informing the agency of the final users of the information and the permitted uses of the information. An attempt by Senator Paul Simon(D-IL)to amend the bill to include language creating a privacy commission gathered 21 votes. Many Senators were reluctant to sign on because of fears that other, "less friendly," amendments would then be approved, weakening the FCRA amendments. Consumer advocates are pressing the House of Representative to fix the deficiencies in the Senate bill. The House bill is currently in committee. ----------------------------------------------------------------------- [3] ACLU Survey Finds Strong Support for Privacy ----------------------------------------------------------------------- An extensive survey by the American Civil Liberties Union has found strong support for privacy, even in highly controversial areas such as abortion and homosexuality. The report, "Live and Let Live: American Public Opinion About Privacy at Home and at Work," is based on over 1,000 interviews conducted by Albert and Susan Cantril, two professional public opinion surveyers. The survey found that eighty percent of Americans believe their employers should not be able to monitor their telephone calls and a "solid majority" believe that employers have no right to ask about the personal lives of job applicants. Following several other recent polls, large majorities of the public are concerned about how insurance, financial and other companies use sensitive personal information held in their databases. For more information, contact: Loren Siegal at 212-944-9800, 132 West 43rd Street, New York, NY 10036. ----------------------------------------------------------------------- [4] DMV Privacy Bill Passes House ----------------------------------------------------------------------- A bill introduced by Congressman James Moran (D-VA) to provide some protection for Department of Motor Vehicle records passed the House of Representative as an amendment to the House crime bill in March. The bill allows drivers to request that DMVs not disclose their driving information to direct marketers and, under certain circumstances, to prevent disclosure of licence information to anyone. The bill has many exceptions, however, allowing for unlimited access by law enforcement, government agencies, private detectives and others. Accident records and some other indvidual driver information would still be available publicly. States would also be authorized to release information to "multi-purpose" users, but the state would be required to inform the users of the names of those people who had asked to have their information withheld. A Senate version, which provides greater protection, passed earlier this year. The two versions will be reconciled in a conference committee within the next month. ----------------------------------------------------------------------- [5] NII Working Group Requests Comments on Privacy Principles ----------------------------------------------------------------------- The Privacy Working Group of the Information Infrastructure Task Force has proposed a draft privacy code for the National Information Infrastructure. Comments on the proposal are due to the Privacy Working Group by June 23, 1994. The IITF Gopher/Bulletin Board can be accessed at iitf.doc.gov. Electronic comments should be sent to nii@ntia.doc.gov EPIC's assessment of the proposed code is that it is weaker than current privacy codes and leaves large gaps in NII privacy policy in such areas as encryption, informed consent, unique identifiers and enforcement. The proposed code may also be inadequate for the purpose of protecting international data flows. EPIC has prepared an extensive report on the proposed code. For an electronic copy of "EPIC Report 94-1: Privacy Guidelines for the National Information Infrastructure A Review of the Proposed Principles of the Privacy Working Group" send email to 94-1@epic.org. ----------------------------------------------------------------------- [6] NTIA Requests Comments on NII Privacy ----------------------------------------------------------------------- The National Telecommunications and Information Administration (NTIA) is undertaking a review of privacy issues relating to private sector use of the National Information Infrastructure (NII) and has requested public comment. The inquiry will focus on potential uses of personal information generated by electronic communications, including interactive multimedia, cable television and telephony. NTIA is studying the issues that arise when such telecommunications related information is used to create detailed dossiers about individuals. NTIA seeks to determine whether any overarching privacy principles can be developed that would apply to all firms in the telecommunications sector. In addition, NTIA is soliciting comment on other countries' actions to ensure the privacy of information transmitted over telecommunications networks, and to ascertain how any U.S. policies in this area will affect the international arena. Comments are due May 23 and should be sent to the Office of Policy Analysis and Development, NTIA, U.S. Department of Commerce, 14th St. and Constitution Ave., N.W., Room 4725, Washington, D.C. 20230 or by email cmattey@ntia.doc.gov. The notice is available from the NTIA bulletin board at 202-482-1199. For further information about the NTIA bulletin board call 202-482-6207. EPIC recommends that comments focus on these points: - Strong, enforceable code of fair information practices - Protection of Customer Proprietary Network Information (CPNI) - Development of technologies for pseudo-anonymous transactions - Use of cryptography in communications networks - Establishment of a federal privacy agency - Failure of self-regulatory mechanisms - Support for strong international privacy safeguards ----------------------------------------------------------------------- [7] Files Available for retrieval ----------------------------------------------------------------------- The following EPIC files are available from cpsr.org /cpsr/privacy/ EPIC Frequently Asked Questions (FAQ) - /epic/epic_faq.txt EPIC Program Description -/epic/program.txt FCC Caller ID Decision /communications/caller_id/ fcc_caller_id_decision_1994.txt The CPSR Internet Library is a free service available via FTP/WAIS/Gopher/listserv from cpsr.org:/cpsr/privacy. Materials from Privacy International, the Taxpayers Assets Project and the Cypherpunks are also archived. For more information, contact ftp-admin@cpsr.org. ----------------------------------------------------------------------- [8] Upcoming Conferences and Events ----------------------------------------------------------------------- "Navigating the Networks." 1994 Mid-Year Meeting, American Society for Information Science. Portland, Oregon. May 22 - 25, 1994. Contact: rhill@cni.org "Information: Society, Superhighway or Gridlock?" Computing for the Social Sciences 1994 Conference (CSS94). University of Maryland at College Park. June 1-3, 1994. Contact: Dr. Charles Wellford 301-405-4699, fax 301-405-4733, e-mail: cwellford@bss2.umd.edu. Medical Information and the Right to Privacy. Department of Energy, Institute of Medicine, National Research Council. National Academy of Science, Washington, DC. June 9-10. Contact Harry J. Pettengill, Deputy Assistant Secretary for Health, DOE, 301-903-1010 (tel), 301-903-5072. Integrating Data Protection Law into Good Business Practice. Privacy Laws and Business 7th Annual Conference. St. John's College, Cambridge, England. July 11-13, 1994. Contact Stewart Dresner, 44 081 423 1300 (tel), 44 081 423 4536 (fax). DEF CON ][ ("underground" computer culture) "Load up your laptop muffy, we're heading to Vegas!" The Sahara Hotel, Las Vegas, NV. July 22-24, Contact: dtangent@defcon.org. Symposium on Privacy and Intelligent Vehicle-Highway Systems. Santa Clara University. Santa Clara, California. July 29-30. Contact: Professor Dorothy J. Glancy 408-554-4075 (tel), 408-554-4426 (fax), dglancy@suacc.scu.edu. Hackers on Planet Earth: The First US Hacker Congress. Hotel Pennsylvania, New York City, NY. August 13-14. Sponsored by 2600 Magazine, Contact: 2600@well.sf.ca.us. Technologies of Surveillance; Technologies of Privacy. The Hague, The Netherlands, September 5. Sponsored by Privacy International and EPIC. Contact: Simon Davies (davies@privint.demon.co.uk). 16th International Conference on Data Protection. The Hague, Netherlands. September 6-8. Contact B. Crouwers 31 70 3190190 (tel), 31-70-3940460 (fax). Symposium: An Arts and Humanities Policy for the National Information Infrastructure. Boston, Mass. October 14-16, 1994. Sponsored by the Center for Art Research in Boston. Contact: Jay Jaroslav (jaroslav@artdata.win.net). Third Biannual Conference on Participatory Design, Chapel Hill, North Carolina, October 27-28, 1994. Sponsored by CPSR. Contact: trigg@parc.xerox.com. Submissions due April 15, 1994. Ethics in the Computer Age Conference, November 11-13, 1994, Gatlinburg, Tennessee. Sponsored by ACM. Contact: jkizza@utcvm.utc.edu (Send calendar submissions to Alert@epic.org) ======================================================================= To subscribe to the EPIC Alert, send the message: "subscribe cpsr-announce " (without quotes or brackets) to listserv@cpsr.org. You may also receive the Alert by reading the USENET newsgroup comp.org.cpsr.announce ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues relating to the National Information Infrastructure, such as the Clipper Chip, the Digital Telephony proposal, medical record privacy, and the sale of consumer data. EPIC is sponsored by the Fund for Constitutional Government and Computer Professionals for Social Responsibility. EPIC publishes the EPIC Alert and EPIC Reports, pursues Freedom of Information Act litigation, and conducts policy research on emerging privacy issues. For more information email info@epic.org, or write EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. +1 202 544 9240 (tel), +1 202 547 5482 (fax). The Fund for Constitutional Government is a non-profit organization established in 1974 to protect civil liberties and constitutional rights. Computer Professionals for Social Responsibility is a national membership organization. For information contact: cpsr@cpsr.org ----------------------- END EPIC Alert 1.01 -----------------------