======================================================================= E P I C A l e r t ======================================================================= Volume 10.05 March 10, 2003 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/EPIC_Alert_10.05.html ======================================================================= Table of Contents ======================================================================= [1] EPIC Obtains Total Information Awareness Contractor Documents [2] Appeals Court Strikes Down Internet Censorship Law (Again) [3] Supreme Court Upholds Megan's Laws, Passes on FOIA Case [4] Disclosure of Air Travel Passenger Data Violates EU Privacy Laws [5] EPIC Comments on Biometrics Specification, Air Travel Database [6] National Intelligence Systems Used for Diplomatic Surveillance [7] EPIC Bookstore: Federal Access to Info. and Privacy Legislation [8] Upcoming Conferences and Events ======================================================================= [1] EPIC Obtains Total Information Awareness Contractor Documents ======================================================================= EPIC has obtained contractor documents for the Total Information Awareness program following a Freedom of Information Act lawsuit against the Defense Department. EPIC v. Department of Defense, No. 02-1233 (D.D.C. 2002). This is the first release of documents under this request. EPIC anticipates the receipt of further documents covering various aspects of DARPA's data mining activities and the Total Information Awareness program over the next few months. EPIC will make these documents available as they are received. The first batch of documents are letters concerning contracts awarded to various companies that submitted projects for grants under DARPA's solicitation notice, BAA-02-08, which was published on March 21, 2002. The letters, signed by Admiral John Poindexter, state either approval or rejection of each research project, and provide information on contractors, project titles, and if approved, the government contact for the project. A separate set of documents show how much funding certain proposals received. Of the 180, there are 26 approval letters, and there is currently budget information available on 15 contracts. The list of contractors who sought funding range from large corporations, including Lockheed Martin and Raytheon, to small technology start-ups and large research universities. According to the Defense Department notice, the main focus of the Total Information Awareness program is to build "usable tools, rather than demonstrations." The notice states that "[t]he idea is to enable our partners in the intelligence community to evaluate new technology and pick it up for experimental use and transition, as appropriate." The government contacts listed in the letters indicate potential users or developers of the technology. The contacts are from three branches of the Defense Department: the Air Force Research Laboratory, the Navy's Space and Naval Warfare Systems (SPAWAR), and DARPA Information Awareness Office itself. In addition, funding for three approved projects comes from the Information Exploitation Office of DARPA. The Air Force Research Laboratory's "Information Directorate" based in Rome, NY was developing elements of Total Information Awareness technology under Douglas Dyer, who has now moved to DARPA and is also the author of BAA-02-08. The Navy's SPAWAR program also appears interested in developing large-scale repository and data mining capabilities. It is not clear how these technologies might be useful for the Air Force and Navy in their respective "battlespaces," or why they are funding the development of domestic surveillance infrastructure. Total Information Awareness contractor data is available at: http://www.epic.org/privacy/profiling/tia/contractors_table.html An analysis of the contractor letters and data is available at: http://www.epic.org/privacy/profiling/tia/doc_analysis.html EPIC's Total Information Awareness page: http://www.epic.org/privacy/profiling/tia/ ======================================================================= [2] Appeals Court Strikes Down Internet Censorship Law (Again) ======================================================================= The U.S. Court of Appeals for the Third Circuit has, for the second time, ruled that the Child Online Protection Act (COPA) is unconstitutional. In a decision issued on March 6, the court found that the law violates the First Amendment because it improperly restricts access to a substantial amount of online speech that is lawful for adults to receive. The decision follows a Supreme Court decision issued in May 2002 that sent the case back to the appeals court, which had previously ruled that COPA was unconstitutional. COPA, signed into law in October 1998, makes it a federal crime to use the Internet to communicate "for commercial purposes" material considered "harmful to minors," with penalties of up to $150,000 for each day of violation and up to six months in prison. Civil liberties groups, including the American Civil Liberties Union and EPIC, challenged the law shortly after its passage, arguing that COPA violates the First Amendment. In February 1999, the federal district court in Philadelphia issued an injunction preventing the government from enforcing COPA. The Third Circuit Court of Appeals affirmed in June 2000, but the Supreme Court questioned the validity of the only conclusion reached by the appellate court -- that COPA's reliance on "community standards" renders the law unconstitutional. Compliance with COPA would require Web sites to obtain identification and age verification from visitors, a feature of the law that EPIC has argued threatens online privacy and anonymity. In its new decision, the appeals court specifically addressed this issue: We agree . . . that COPA will likely deter many adults from accessing restricted content, because many Web users are simply unwilling to provide identification information in order to gain access to content, especially where the information they wish to access is sensitive or controversial. People may fear to transmit their personal information, and may also fear that their personal, identifying information will be collected and stored in the records of various Web sites or providers of adult identification numbers. The Supreme Court has disapproved of content-based restrictions that require recipients to identify themselves affirmatively before being granted access to disfavored speech, because such restrictions can have an impermissible chilling effect on those would-be recipients. It is likely that the Justice Department will again seek Supreme Court review of the case. The Third Circuit decision is available at: http://www.ca3.uscourts.gov/recentop/week/991324.pdf EPIC's COPA Litigation Page: http://www.epic.org/free_speech/copa/ ======================================================================= [3] Supreme Court Upholds Megan's Laws, Passes on FOIA Case ======================================================================= The Supreme Court ruled on March 5 that the Alaska Megan's Law statute, which requires sex offenders to have their pictures and addresses put on the Internet, does not violate the Ex Post Facto clause of the Constitution (even though it was retroactively applied) because the statute is a non-punitive civil regulation. EPIC filed an amicus curiae brief, arguing that the mandatory online dissemination of sex offender information is excessive when weighed against the statutory purpose of protecting people in the geographic vicinity of released offenders, and therefore unconstitutional. Justice Kennedy, writing for a five-member majority in Smith v. Doe, held that the purpose of the statute was to inform the public and also that it was non-punitive. In response to the claim that the online dissemination exceeded the statutory purpose, Justice Kennedy wrote: The fact that Alaska posts the information on the Internet does not alter our conclusion. It must be acknowledged that notice of a criminal conviction subjects the offender to public shame, the humiliation increasing in proportion to the extent of the publicity. And the geographic reach of the Internet is greater than anything which could have been designed in colonial times. These facts do not render Internet notification punitive. The purpose and the principal effect of notification are to inform the public for its own safety, not to humiliate the offender. Widespread public access is necessary for the efficacy of the scheme, and the attendant humiliation is but a collateral consequence of a valid regulation. The State's Web site does not provide the public with means to shame the offender by, say, posting comments underneath his record. An individual seeking the information must take the initial step of going to the Department of Public Safety's Web site, proceed to the sex offender registry, and then look up the desired information. The process is more analogous to a visit to an official archive of criminal records than it is to a scheme forcing an offender to appear in public with some visible badge of past criminality. The Internet makes the document search more efficient, cost effective, and convenient for Alaska's citizenry. Justice Souter filed a concurring opinion. Justice Stevens and Justice Ginsburg, joined by Justice Breyer, wrote dissenting opinions. Justice Stevens said: The statutes impose significant affirmative obligations and a severe stigma on every person to whom they apply. In Alaska, an offender who has served his sentence for a single, nonaggravated crime must provide local law enforcement authorities with extensive personal information -- including his address, his place of employment, the address of his employer, the license plate number and make and model of any car to which he has access, a current photo, identifying features, and medical treatment -- at least once a year for 15 years. If one has been convicted of an aggravated offense or more than one offense, he must report this same information at least quarterly for life. Moreover, if he moves, he has one working day to provide updated information. Registrants may not shave their beards, color their hair, change their employer, or borrow a car without reporting those events to the authorities. Much of this registration information is placed on the Internet. In Alaska, the registrant's face appears on a webpage under the label "Registered Sex Offender." His physical description, street address, employer address, and conviction information are also displayed on this page. Justice Ginsburg wrote: I would hold Alaska's Act punitive in effect. Beyond doubt, the Act involves an "affirmative disability or restraint." As Justice Stevens and Justice Souter spell out, Alaska's Act imposes onerous and intrusive obligations on convicted sex offenders; and it exposes registrants, through aggressive public notification of their crimes, to profound humiliation and community-wide ostracism. . . . In a related case, Connecticut Dept. of Public Safety v. Doe, the Court unanimously held that inclusion in a public sex offender registry, without a separate hearing on the offender's risk to the community, does not violate the Due Process Clause of the Constitution. In a separate matter, the Supreme Court has decided not to consider a pending case that pitted gun owner privacy interests against the public's right to know. The Court was scheduled to hear oral arguments in Department of Justice v. City of Chicago on March 4, but has sent the case back to the lower court to consider the effect of a recently enacted legislative provision that prohibits the Bureau of Alcohol, Tobacco and Firearms from expending funds to disclose records concerning gun ownership. The records had been sought by the City of Chicago in a case concerning civil liability for gun manufactures. EPIC filed an amicus brief in the case arguing that, through the use of technology, the government could encode personal information before releasing it, thereby permitting public access to records in the government's permission while still protecting individual privacy rights. The EPIC brief was joined by 16 legal scholars and technical experts. Smith v. Doe, No. 01-729 (U.S., March 5, 2003): http://www.supremecourtus.gov/opinions/02pdf/01-729.pdf Brief of Amicus Curiae EPIC, Smith v. Doe: http://www.epic.org/privacy/meganslaw/godfrey_amicus.pdf Connecticut Department of Public Safety v. Doe, No. 01-1231 (U.S., March 5, 2003): http://www.supremecourtus.gov/opinions/02pdf/01-1231.pdf EPIC's page on Sex Offender Registries: http://www.epic.org/privacy/meganslaw/ Brief of Amicus Curiae EPIC, Dept. of Justice v. Chicago: http://www.epic.org/privacy/chicago/epic_amicus.pdf ======================================================================= [4] Disclosure of Air Travel Passenger Data Violates EU Privacy Laws ======================================================================= Due to an interim arrangement enacted on March 5 between the European Commission and the United States Customs Department, European airlines are now required to provide U.S. Customs with full access to their passenger data. As outlined in the EU-U.S. joint statement of February 17-18, U.S. Customs will now be able to request all passenger data stored by European airlines. The transfer of data is not restricted to name, address or flight number; it also covers all other data collected about passengers, such as credit card number, etc. This includes sensitive and potentially stigmatic data, such as meal choice, which might reveal medical problems, ethnicity, or religion, for example. The U.S. is even considering requiring the collection of biometric data from European citizens who participate in the Visa Waiver program (which applies to most European citizens, providing them with a visa issued by U.S. Customs when they first enter a U.S. airport). Customs could therefore potentially require European citizens to provide their fingerprints in order to enter the United States. In exchange for the United States' promise to safeguard the privacy of European Citizens, the European Commission urged data protection authorities of European member states not to intervene when European airlines provide US Customs with the requested data. EPIC argues that these requests violate European privacy laws. Since the requests involve systematic collection of data from all passengers, they are excessive. Collected data might be forwarded to any federal or local law enforcement agency for several different purposes, not restricted to combating terrorism. The United States' promises of safeguarding the data are vague, and therefore weak. There is no supervisory body to oversee these safeguards, and European airline companies will be forced to act like law enforcement agencies. Further, even the legal basis for this arrangement is not backed by European Law. For more information, see EPIC's new Web page on Surveillance of European Air Travelers: http://www.epic.org/privacy/intl/passenger_data.html EPIC's Air Travel Privacy page: http://www.epic.org/privacy/airtravel/ ======================================================================= [5] EPIC Comments on Biometrics Specification, Air Travel Database ======================================================================= On February 28, EPIC submitted comments on the Organization for the Advancement of Structured Information Standards (OASIS) XML Common Biometric Format (XCBF) 1.0 Committee Specification. Biometrics entail automated methods of recognizing a person based on physiological or behavioral characteristics and measurements, and are used to recognize the identity of an individual or to verify a claimed identity. XCBF offers a standard XML schema for biometrics, which describes information that verifies identity based on unique human characteristics, including fingerprints, iris scans, hand geometry, and DNA. Drawing a distinction between security and privacy, EPIC's comments stated that while the specification may respect security standards, it cannot be fairly or accurately described as respecting privacy. Technologies or protocols that respect privacy assist in minimizing or eliminating the collection of personally identifiable information. Technologies that respect security may prevent unauthorized parties from gaining access to protected data, but the OASIS specification says nothing about the how the information will be used or whether authorized parties will use information in a way that is detrimental to the interests of the data subject. EPIC underscored that techniques that enable the collection of personally identifiable information in the absence of enforceable legal rights or technical safeguards necessarily create a new risk that personal information will be misused. Because standardization of biometric data in machine-readable format makes massive and efficient automated data aggregation techniques much simpler, EPIC recommended further research into implementing privacy safeguards within the protocol. EPIC also recently submitted comments to the National Highway Traffic Safety Administration (NHTSA) regarding their role in the development and installation of Event Data Recorders (EDRs), or "black boxes," in motor vehicles. Event data recorders (EDRs) are electronic "black boxes" that collect and store information about the operation of a motor vehicle. The data recorded might include the date, time, velocity, direction, number of occupants, airbag data, and seat belt use. The devices might even include location data, which raises additional significant privacy issues. In addition, there are open questions about how the data can be accessed, recorded and transmitted. There are several different types of EDRs in the market, ranging from the Vetronix system, which is installed in cars produced by General Motors, to the more elaborate MacBox system currently being tested by the Drive Atlanta project at the Georgia Institute of Technology. Each type of device collects different kinds of data for different purposes. Advocates of EDR technology suggest that the information might be useful in accident reconstruction and developing safer vehicles through "real world" testing. Insurance companies want the data to settle claims expeditiously. These companies, along with car rental agencies and others, have also demonstrated interest in obtaining this data in support of efforts to control driving behavior through surveillance. EPIC's comments, submitted on February 24, recommended that the collection of driving-related information through EDRs must follow Fair Information Practices, and that the NHTSA must under no circumstances mandate the use of EDRs without a framework of strong privacy safeguards. The privacy issue concerns not just who "owns," i.e. controls, the use of the data (which should be the operator of the vehicle), but the entire set of information practices, including how the data is collected, processed, transmitted and stored. The Organization for Economic Cooperation and Development developed robust privacy guidelines in 1980, which have been adopted by several countries, government agencies, and corporations. These guidelines provide an effective framework for addressing the privacy issues surrounding automobile black boxes, as they provide strong, technology-neutral privacy rules. A strong privacy framework might further any public safety interests that the agency has in EDR technology, by promoting adoption of the technology by drivers who do not feel that the presence of these monitoring devices is a risk. The comments encouraged the agency to engage in further public discussions to develop a Fair Information Practices framework covering the use of automobile black boxes. OASIS XML Common Biometric Format 1.0 Committee Specification: http://www.oasis-open.org/committees/xcbf/ EPIC's comments on the specification: http://www.epic.org/privacy/biometrics/oasis_comments.html For more information on biometrics, see EPIC's Biometrics page: http://www.epic.org/privacy/biometrics/ EPIC's comments on Event Data Recorders: http://www.epic.org/privacy/drivers/edr_comments.pdf NHTSA Docket 2002-13546, Request for Comments: http://www.epic.org/redirect/nhtsa_comments.html ======================================================================= [6] National Intelligence Systems Used for Diplomatic Surveillance ======================================================================= According to a leaked January 31 National Security Agency (NSA) e-mail memorandum sent to Britain's Government Communications Headquarters (GCHQ), the NSA's chief of staff of Regional Targeting, Frank Koza, requested the British to supplement NSA's electronic surveillance coverage of the communications of the UN missions of UN Security Council members and other nations. The memorandum, which was obtained by The Observer newspaper, stated the NSA was particularly interested in an intelligence "surge" directed against the communications of Angola, Cameroon, Chile, Bulgaria and Guinea, with an "extra focus" exerted on Pakistan. In addition to members of the Security Council, the NSA memo states, "We have a lot of special UN-related diplomatic coverage (various UN delegations) from countries not sitting on the UNSC right now that could contribute related perspectives/insights/ whatever. We recognize that we can't afford to ignore this possible source." On March 9, it was reported that a 28-year old GCHQ employee was arrested last week for violating the Official Secrets Act. Under the Act, the leaker or leakers involved with providing The Observer with the classified memorandum can be charged, as well as the newspaper and its reporters for publishing the document. Although NSA surveillance of foreign communications and diplomatic missions in the United States violate neither the NSA charter or the Foreign Intelligence Surveillance Act, such a concentrated effort directed against the United Nations, its missions, and the homes of its diplomats could violate the Vienna Convention on Diplomatic Relations, which stipulates "the official correspondence of the mission shall be inviolable." The memo and coverage from The Observer are available online at: http://www.observer.co.uk/iraq/story/0,12239,905936,00.html "UN launches investigation into US spying on envoys," Taipei Times (The Observer), March 10, 2003: http://www.taipeitimes.com/News/front/archives/2003/03/10/197437/ "No Comment From U.S. on 'Dirty Tricks' Report," Newsday, March 4, 2003: http://www.epic.org/redirect/newsday.html EPIC's Foreign Intelligence Surveillance Act page: http://www.epic.org/privacy/terrorism/fisa/ ======================================================================= [7] EPIC Bookstore: Federal Access to Info. and Privacy Legislation ======================================================================= "Federal Access to Information and Privacy Legislation Annotated 2003," by Colonel Michel W. Drapeau and Marc-Aurèle Racicot (Thomson Carswell 2003). http://www.fedpubs.com/subject/legis/access_info.htm This new publication on the Canadian privacy and access laws provides an extraordinarily useful compendium of key materials for those interested in these key Canadian statutes. The book includes the legislative history, text, and extensive annotations for the Access to Information Act, the Privacy Act and the recently enacted Personal Information and Electronic Document Act. The case histories, particularly for the Access to Information Act, are extensive. The historical discussion papers on the development of the Canadian access law offer an important understanding on the development of this key statute. The forewords by Justice Clair l'Heureux-Dubé of the Supreme Court of Canada and John Grace, Canada's first Privacy Commissioner, provide further insight into the significance of privacy and open government rights in Canada. The book also provides a useful citizen's guide to use of the access legislation that incorporates practical suggestions for making use of the Canadian access law. The text includes many useful references tools, such as a detailed table of contents, table of case, summaries of key provisions in the Access to Information Act and privacy Act, and contact information for the Department of Access to Information and Privacy Commissioners. This is the most comprehensive reference work to date on Canadian access and privacy law. - Marc Rotenberg ================================ EPIC Publications: "The Privacy Law Sourcebook 2002: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2002). Price: $40. http://www.epic.org/bookstore/pls2002/ The "Physicians Desk Reference of the privacy world." An invaluable resource for students, attorneys, researchers and journalists who need an up-to-date collection of U.S. and International privacy law, as well as a comprehensive listing of privacy resources. ================================ "FOIA 2002: Litigation Under the Federal Open Government Laws," Harry Hammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price: $40. http://www.epic.org/bookstore/foia2002/ This is the standard reference work covering all aspects of the Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and the Federal Advisory Committee Act. The 21st edition fully updates the manual that lawyers, journalists and researchers have relied on for more than 25 years. For those who litigate open government cases (or need to learn how to litigate them), this is an essential reference manual. ================================ "Privacy & Human Rights 2002: An International Survey of Privacy Laws and Developments" (EPIC 2002). Price: $25. http://www.epic.org/bookstore/phr2002/ This survey, by EPIC and Privacy International, reviews the state of privacy in over fifty countries around the world. The survey examines a wide range of privacy issues including data protection, telephone tapping, genetic databases, video surveillance, location tracking, ID systems and freedom of information laws. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0/ A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ "The Consumer Law Sourcebook 2000: Electronic Commerce and the Global Economy," Sarah Andrews, editor (EPIC 2000). Price: $40. http://www.epic.org/cls/ The Consumer Law Sourcebook provides a basic set of materials for consumers, policy makers, practitioners and researchers who are interested in the emerging field of electronic commerce. The focus is on framework legislation that articulates basic rights for consumers and the basic responsibilities for businesses in the online economy. ================================ "Cryptography and Liberty 2000: An International Survey of Encryption Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price: $20. http://www.epic.org/crypto&/ EPIC's third survey of encryption policies around the world. The results indicate that the efforts to reduce export controls on strong encryption products have largely succeeded, although several governments are gaining new powers to combat the perceived threats of encryption to law enforcement. ================================ EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at: EPIC Bookstore http://www.epic.org/bookstore/ "EPIC Bookshelf" at Powell's Books http://www.powells.com/features/epic/epic.html ======================================================================= [8] Upcoming Conferences and Events ======================================================================= ** Uniting Privacy and the First Amendment in the 21st Century ** May 9-10, 2003 Oakland, CA EPIC, the First Amendment Project, and the California Office of Privacy Protection are sponsoring this activist symposium designed to explore the interplay between privacy and First Amendment rights, with the goal of developing strategies for optimizing both. If you are interested in making a presentation or leading a Working Group, please submit a letter outlining your proposed presentation and including a brief explanation of the issue to be addressed, a list of possible presenters, and the desired outcome of the session to: <dgreene@thefirstamendment.org> For more information: http://www.epic.org/events/unitingsymposium/ ======================================================================= Identity Theft: Current Enforcement and Prevention Efforts. New York City Bar Association, Committee on Consumer Affairs. March 12, 2003. New York, NY. For more information: <jgreenbaum@fkkslaw.com> P&AB's Privacy Practitioners' Workshop and Ninth Annual National Conference. Privacy & American Business. March 12-14, 2003. Washington, DC. For more information: http://www.pandab.org/postcard.pdf Big Brother Technologies. A Choices and Challenges Forum. Center for Interdisciplinary Studies, Virginia Polytechnic Institute and State University. March 27, 2003. Blacksburg, VA. For more information: http://www.cddc.vt.edu/choices/2003/ Symposium on Security, Technology, and Individual Rights: the convergence of our history, our ideals, and our innovative spirit. Georgetown Journal of Law and Public Policy. March 27-28, 2003. Washington, DC. For more information: <gjlpp@law.georgetown.edu> CFP2003: 13th Annual Conference on Computers, Freedom, and Privacy. Association for Computing Machinery (ACM). April 1-4, 2003. New York, NY. For more information: http://www.cfp2003.org/ 28th Annual AAAS Colloquium on Science and Technology Policy. American Association for the Advancement of Science. April 10-11, 2003. Washington, DC. For more information: http://www.aaas.org/spp/rd/colloqu.htm Integrating Government With New Technologies '03: E-Government, Change and Information Democracy. Riley Information Services. April 11, 2003. Ottawa, Canada. For more information: http://www.rileyis.com/seminars/ RSA Conference 2003. RSA Security. April 13-17, 2003. San Francisco, CA. For more information: http://www.rsaconference.com/ **POSTPONED UNTIL MID-JUNE.** Building the Information Commonwealth: Information Technologies and Prospects for Development of Civil Society Institutions in the Countries of the Commonwealth of Independent States. Interparliamentary Assembly of the Member States of the Commonwealth of Independent States (IPA). April 22-24, 2003. St. Petersburg, Russia. For more information: http://www.communities.org.ru/conference/ O'Reilly Emerging Technology Conference. April 22-25, 2003. Santa Clara, CA. For more information: http://conferences.oreilly.com/etcon/ Mid Canada Information Security Conference. Information Protection Association of Manitoba. April 30, 2003. Winnipeg, Manitoba, Canada. For more information: http://www.ipam.mb.ca/mcisc/ Little Sister 2003: Community Resistance, Security, Law and Technology. May 9-11, 2003. Vancouver, British Columbia, Canada. For more information: http://www.littlesister2003.org/ Technologies for Protecting Personal Information. Federal Trade Commission. Workshop 1: The Consumer Experience. May 14, 2003. Workshop 2: The Business Experience. June 4, 2003. Washington, DC. For more information: http://www.ftc.gov/techworkshop/ O'Reilly Open Source Convention. July 7-11, 2003. Portland, OR. For more information: http://conferences.oreilly.com/oscon/ Privacy2003. Technology Policy Group. September 30 - October 2, 2003. Columbus, OH. For more information: http://www.privacy2000.org/privacy2003/ ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via Web interface: http://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news Subscribe/unsubscribe via e-mail: To: epic_news-request@mailman.epic.org Subject line: "subscribe" or "unsubscribe" (no quotes) Help with subscribing/unsubscribing: To: epic_news-request@mailman.epic.org Subject: "help" (no quotes) Back issues are available at: http://www.epic.org/alert/ The EPIC Alert displays best in a fixed-width font, such as Courier. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information". Please contact info@epic.org if you would like to change your subscription e-mail address, if you are experiencing subscription/unsubscription problems, or if you have any other questions. ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, e-mail info@epic.org, http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate/ ** Receive a free Observing Surveillance conference poster with donation of $75 or more! ** Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ---------------------- END EPIC Alert 10.05 ---------------------- .