EPIC logo

 
========================================================================
                              E P I C  A l e r t
========================================================================
Volume 15.13                                               June 27, 2008
------------------------------------------------------------------------

                               Published by the
                  Electronic Privacy Information Center (EPIC)
                               Washington, D.C.

                http://www.epic.org/alert/EPIC_Alert_15.13.html


========================================================================
Table of Contents
========================================================================
[1] OECD and Korea Host Ministerial Conference on Future of the Internet
[2] Civil Society Seoul Declaration Sets Out Broad Policy Framework
[3] FCC: Do-Not-Call List is Permanent
[4] Supreme Court Rejects Limits on Freedom of Information Requests
[5] Under Pressure, Charter Cable Drops Internet Snooping Plan
[6] News in Brief
[7] EPIC Bookstore: NAACP v. Alabama, Privacy and Data Protection
[8] Upcoming Conferences and Events
    - Subscription Information
    - Privacy Policy
    - About EPIC
    - Donate to EPIC
      http://www.epic.org/donate
    - Support Privacy '08
      http://www.privacy08.org

========================================================================
[1] OECD and Korea Host Ministerial Conference on Future of the Internet
========================================================================

With the slogan "Shaping Policies for Creativity, Confidence and
Convergence in the Digital World", the Organization for Economic
Cooperation and Development (OECD) held the 2008 Ministerial Meeting on
the Future of the Internet Economy in Seoul, South Korea on June 17 and
18. The Meeting, which was the first OECD Ministerial Meeting held in
Asia, brought together Ministers, senior government officials, the heads
of major intergovernmental organisations, industry leaders and
representatives of the Internet technical community, civil society and
organised labour. In all, close to 2,200 participants from 68 economies
attended the Meeting, which was webcast. In addition to the
participants, many more contributed to the Meeting via the Internet.

The Government of Korea hosted the Meeting, which was chaired by Mr. See
Joong CHOI, Chairman of the Korea Communications Commission. Opening
addresses were made by Mr. CHOI and Mr. Angel GURRÍA, Secretary-General
of the OECD. A congratulatory address was made, via video, by Mr. BAN
Ki-moon, Secretary-General of the United Nations. Mr. Myung-bak LEE,
President of the Republic of Korea, welcomed Ministers and participants
and highlighted the importance of the Internet for the global economy
and society, and the need to strengthen international co-operation in
key areas, including information security. Chairmn CHOI stated in the
summary of the conference:

    The growing impacts of the Internet on economies and on society
    were highlighted, as was its role in spurring innovation and
    growth. While the number of users and high-speed access are
    growing rapidly worldwide, concerns were expressed about digital
    divides, both within and among countries. Efforts to expand access
    need to continue. Mobile devices with Internet access, it was
    noted, could contribute importantly in this regard as their use in
    developing countries is advancing rapidly; this is expected to
    continue.
    
    Other important issues would also need to be addressed.
    Users are concerned, for example, about malware, identity theft,
    privacy and security. On the technological front, convergence of
    information and communication platforms, new generation networks
    and high-speed Internet access are benefitting society, but their
    rapid development is challenging regulatory bodies, as existing
    approaches are often inadequate to respond to rapid changes in
    markets. It was suggested that changes in policies and regulations
    might best focus on two principles – promoting competition and
    protecting consumers.

Chairman CHOI also acknowledged the role of civil society and organized
labor:

    Civil society and organised labour urged that policy goals for the
    Internet Economy be considered within the broader framework of the
    protection of human rights, the promotion of democratic
    institutions, access to information and the provision of
    affordable and non-discriminatory access to advanced
    communications networks and services. They made a number of
    recommendations, stressing the need for OECD countries to: i)
    defend freedom of expression and, in this context, oppose mandated
    filtering, censorship and criminalisation of content that is
    protected under international freedom of expression standards; ii)
    protect privacy and transparency by, for example, establishing
    international data standards that are legally enforceable; and
    iii) address the learning and training needs of workers and
    environmental issues. In addition, they urged that a civil society
    advisory committee to the OECD be established to formalise its
    participation in the work of the Organisation.

Chairman CHOI affirmed the ongoing importance of privacy protection at
the Ministerial conference, stating that "the protection of privacy was
identified as a cross-cutting challenge to be systematically addressed
at the earliest possible design stage of technology."

Mr. Angel GURRÍA, the Secretary General of the Paris-based organization
also spoke about privacy protection and described  the 1980 OECD Privacy
Guidelines as the "foundation guidelines for most countries' privacy
standards". He remarked that the Privacy Guidelines have "stood the test
of time", but that the growth of business models built around data
mining and the multiplication of social networking sites require that we
understand and ask ourselves: "[W]hat are the risks, what are the
benefits and how to adapt policy to this new environment?"

A major accomplishment of Civil Society organizations of the Public
Voice coalition was the recommendation made by the Secretary General of
the OECD to "begin the process of formalizing the participation of Civil
Society and the Technical Community in the work of the OECD on the
Internet economy".

The OECD Ministerial Meeting ended with the adoption of the OECD Seoul
Declaration, a document signed by Ministers and representatives of 42
countries. Also the OECD released "Shaping Policies for the Future of
the Internet Economy", a report which links the Seoul Ministerial
Declaration on the Future of the Internet Economy to the analytical work
and policy guidance developed for the Ministerial by the OECD. The OECD
also issued Policy Guidance for Protecting and Empowering Consumers in
Communications Services and Policy Guidance For Addressing Emerging
Consumer Protection And Empowerment Issues In Mobile Commerce. Other
important recommendations include the OECD Policy Guidance on Radio
Frequency Identification and the OECD Policy Guidance on Online Identity
Theft.

The OECD offered an important forum for the discussion of policies
concerning the future of the Internet. Civil Society welcomed this
dialogue and urged the Ministers and Members Countries of the OECD to
fully engage Civil Society and Labor Organizations within their own
countries. Ministers agreed to review the OECD Declaration and the
progress made towards the achievement of its goals and principles by
2011.

In a related development, EU Consumer Commissioner Meglena Kuneva set
out, on June 24, five priority areas for action for consumer policy in
the digital age. She stressed the need "to eliminate the next generation
of unfair commercial practices rapidly arising online" and "to ensure
that in the heated debates surrounding privacy, the voice of the
consumers is clearly heard". She emphasized: "informed consent is the
central privacy issue that consumer policy must next address".

OECD Ministerial Meeting

     http://www.oecd.org/FutureInternet

Facebook: How can Internet make the world a better place?

     http://www.facebook.com/group.php?gid=15089767319

Summary of the Chair of the OECD Meeting (pdf):

     http://www.oecd.org/dataoecd/14/7/40863707.pdf

2008 OECD Seoul Declaration on the Future of the Internet
Economy (pdf):

     http://www.oecd.org/dataoecd/49/28/40839436.pdf

Shaping Policies for the Future of the Internet Economy (pdf):

     http://www.oecd.org/dataoecd/1/29/40821707.pdf

Shaping Policies for the Future of the Internet Economy: Annexes (pdf):

     http://www.oecd.org/dataoecd/1/28/40821729.pdf

1998 Ottawa Ministerial meeting on E-Commerce.

     http://www.ottawaoecdconference.org/english/homepage.html

European Commission sets out 5 priorities for consumer policy in
a digital age:

     http://www.epic.org/redirect/eucommission_5priorities.html


========================================================================
[2] Civil Society Seoul Declaration Sets Out Broad Policy Framework
========================================================================

On June 16, 2008, more than 150 participants from 15 countries gathered
in Seoul, South Korea, for the Civil Society - Labor Forum "Making the
Future of the Internet Economy Work for Citizens, Consumers, and
Workers.  The event was organized by the Public Voice coalition, the
Trade Union Advisory Committee, and the OECD Civil Society Reference
group, which includes the Association for Progressive Communications,
the Canadian Internet Policy and Public interest Clinic, Consumers
Korea, the European Digital Rights Initiative, the Electronic Privacy
Information Center, the Internet Governance Project, and the Trans
Atlantic Consumer Dialogue.

This Forum addressed the issues of utmost importance for the internet
economy. Prominent advocates from the academic, consumer, development,
digital rights, labour, and privacy communities engaged government
delegates on topics of relevance to the Ministerial, as well as issues
of fundamental concern to civil society and organized labor.

The Forum consisted of interactive policy roundtables, covering the
future of the Internet from 5 perspectives: the Human and political
dimension; Towards a better future – Decent work, social justice and
sustainable development in a global internet economy; Fuelling
creativity and access to knowledge (A2K); Ensuring consumer and privacy
protection and benefitting from convergence.

The civil society and labor participants brought the attention of the
assembled OECD Ministers and Member countries to important concerns and
aspirations of people around the world. These participants also prepared
Civil Society Background paper that was distributed at the OECD
Ministerial. And the civil society and labor representatives prepared
the Seoul Declaration, which has been signed by more than 80
organizations.

The groups said that the Future of the Internet Economy should be
considered within the broader framework of protection of human rights,
the promotion of democratic institutions, and the provision of
affordable and non-discriminatory access to advanced communication
infrastructures and services. Economic growth should be for the many and
not the few.

The Civil Society Labor Declaration urged the OECD Ministers and member
countries to:

        * "Defend freedom of expression and oppose mandated filtering,
        censorship of Internet content, and criminalisation of content
        that is protected under international freedom of expression
        standards.
        
        * "Support the OECD Privacy Guidelines of 1980 as a fundamental
        policy instrument setting out minimal requirements for the
        transborder flow of personal data.
        
        * "Ensure that consumer protection laws are properly enforced and
        cover digital products to the same extent that other consumer
        goods and services are covered.
        
        * "Promote learning and training opportunities for workers and to
        address the challenges brought about by the change of corporations
        and work by combining policies facilitating both technological and
        organizational change.
        
        * "Support open access to government-funded scientific and
        scholarly works. We further emphasize access to information as a
        fundamental right and support the OECD’s continued work in this
        area.
        
        * "Support Internet governance structures that reflect democratic
        values and are transparent and publicly accountable to users.
        
        * "Oppose discrimination by network providers against particular
        applications, devices, or content and to maintain the Internet's
        role in fostering innovation, economic growth, and democratic
        communication.
        
        * "Maintain a balanced framework for intellectual property
        protection based upon mechanisms that are least intrusive to
        personal privacy and least restrictive for the development of new
        technologies, and to promote creativity and learning.
        
        * "Develop a better understanding of the challenge industry
        consolidations pose to the open Internet.
        
        * "Support the efforts of the OECD to promote access to the full
        range of the world's cultures and to ensure that the Internet
        economy reflects the true diversity of language, art, science, and
        literature in our world. The deployment of International Domain
        Names should be a priority."
        
Civil society and organized labor further urged the OECD to establish  
the
Civil Society Advisory Committee. The creation of the OECD Civil Society
Advisory Committee will help meet the democratic goals of inclusion,
participation, transparency and accountability in international
decision-making.


The Public Voice works to promote public participation in decisions
concerning the future of the Internet. The Civil Society Seoul
Declaration is open to additional signatures. Send confirmation to
thepublicvoice (AT) datos-personales (DOT) org.

Key Issues in Civil Society Declaration are:

     * Freedom of expression.
     * Protection of Privacy and Transparency.
     * Consumer Protection.
     * Employment, Decent Work and Skills.
     * Promotion of Access to Knowledge.
     * Internet Governance.
     * Promotion of Open Standards and Net Neutrality.
     * Balanced Intellectual Property Policies.
     * Support for Pluralistic Media.
     * Inclusive Digital Society.
     * Cultural Diversity.

The Public Voice

     http://www.thepublicvoice.org/

Facebook: The Public Voice

     http://www.facebook.com/home.php#/group.php?gid=16165509212

OECD Civil Society Forum in Seoul:

     http://thepublicvoice.org/events/seoul08

Recommendations and Contributions to the OECD Ministerial Meeting (pdf):

     http://thepublicvoice.org/events/seoul08/cs-paper.pdf

The Civil Society & Organized Labour Seoul Declaration (English) (pdf):

     http://thepublicvoice.org/events/seoul08/seoul-declaration.pdf

The Civil Society & Organized Labour Seoul Declaration (Korean) (pdf):

     http://epic.org/redirect/seouldeclaration_korean.html

The Civil Society & Organized Labour Seoul Declaration (Spanish) (pdf):

     http://epic.org/redirect/seouldeclaration_spanish.html

The Civil Society & Organized Labour Seoul Declaration (Hungarian)
(pdf):

     http://epic.org/redirect/seouldeclaration_hungarian.html

Declaration Signatures (as of June 23, 2008) (pdf):

     http://thepublicvoice.org/events/seoul08/signatures.pdf

Sign on to the Civil Society Seoul Declaration:

     thepublicvoice (AT) datos-personales (DOT) org


========================================================================
[3] FCC: Do-Not-Call List is Permanent
========================================================================

On June 17, 2008, the Federal Communications Commission (FCC) released
an order requiring telemarketers to comply with new amendments to the
operation of the National Do-Not-Call Registry. This order was based
upon the Do-Not-Call Improvement Act of 2007, which eliminates the need
to re-register phone numbers after five years and prohibits
telemarketers from calling numbers that have been on the list for longer
than that amount of time.

Concerns were raised in late 2007 that several million numbers would
expire as the Registry reached its fifth year of operation in 2008.
Under the initial provisions of the Registry, numbers would
automatically be removed after five years unless the owner of the number
re-registered on the list. Under the Do-Not-Call Improvement Act,
however, automatic removal is prohibited. A number will stay on the list
until the consumer cancels it or it is manually removed as a
disconnected or reassigned number. With respect to the latter situation,
the Act requires the FTC to periodically check phone numbers on the
Registry for disconnected or reassigned numbers which will then be
removed from the list.

The Do-Not-Call Registry was created in 2003 by the FCC in conjunction
with the Federal Trade Commission (FTC) in response to increasing
consumer privacy concerns. Since its inception, the Registry has been
used extensively. The first three days of the Registry's existence
brought in more than 10 million phone numbers. Growth of the Registry
has continued and today more than 157 million numbers are registered.
EPIC has been involved in advocating for the Do-Not-Call Registry since
its creation, as well as advocating against proposed loopholes for
automated, prerecorded calls in 2005.

Although the amendments are good news for those who have been registered
on the national list for five years, the FCC order clarifies that the
amendments do not extend to company specific “do not call” lists.
Companies are required to maintain their own “do not call” lists in
response to company-specific consumer requests. This is largely
exercised by consumers who have not opted in to the national Do-Not-Call
Registry. The rules governing company-specific lists are not within the
scope of the current order, so companies are free to continue
automatically purging these lists after five years. Because of this, the
best way to avoid telemarketing calls and protect consumer privacy
continues to be the national Do-Not-Call Registry.

The FCC order requiring telemarketers to honor numbers that have been on
the list for longer than five years (pdf):

     http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-08-147A1.pdf

The FCC's Do-Not-Call website, including information on how to enroll
and file a complaint:

     http://www.fcc.gov/cgb/donotcall/

EPIC's page on the Do-Not-Call Registry

     http://epic.org/privacy/telemarketing/dnc/

EPIC's page on telemarketing:

     http://epic.org/privacy/telemarketing/


========================================================================
[4] Supreme Court Rejects Limits on Freedom of Information Requests
========================================================================

In a victory for government transparency, the Supreme Court recently and
unanimously upheld an individual's right to request documents pursuant
to the Freedom of Information Act (FOIA) even if others previously
requested the same documents. In Taylor v. Sturgell, the Federal
Aviation Administration (FAA) argued that the agency might deny a
requester access to government records based on another individual's
previous FOIA request regarding the same documents. The agency argued
that the second requester was precluded from suing for the documents,
and that the second requester had been “virtually represented” by the
previous requester. The Supreme Court rejected the FAA's arguments, and
refused to limit FOIA rights on the basis of “virtual representation.”
Justice Ginsburg delivered the opinion of the Court, basing the
decision, in part, on America's “deep-rooted historic tradition that
everyone should have his day in court.”

The Supreme Court also rejected the agency's argument that FOIA lawsuits
should be precluded more often than other cases on the basis that FOIA
suits constitute “public-law” litigation, rather than a “private-law”
controversies. The FAA alleged that open government lawsuits have “only
an indirect impact on [the requester's] interests,” and that courts may
therefore “adopt procedures limiting repetitive litigation.” The Supreme
Court rejected this argument, recognizing that “a successful FOIA action
results in a grant of relief to the individual plaintiff,” and is
therefore subject to normal rules concerning limitations on an
individual's right to sue.

The FOIA establishes a legal right for individuals to obtain records in
the possession of government agencies. The federal law is critical for
the functioning of democratic government because it helps ensure that
the public is fully informed about matters of public concern. The FOIA
has helped uncover fraud, waste, and abuse in the federal government. It
has become particularly important in recent years, as the government has
tried to keep more of its activities secret.

EPIC has obtained numerous government documents through freedom of
information requests and litigation. EPIC's FOIA Notes publication
provides public access to particularly important government documents.
FOIA Notes has featured documents relating to secret contracts between
the Virginia Fusion Intelligence Center and the Federal Bureau of
investigation; the unreliability of E-Passports; unlawful intelligence
investigations; and errors involving the “no-fly” list. EPIC recently
prevailed in open government litigation concerning the Virginia Fusion
Center, and is presently involved in FOIA litigation relating to
President Bush's warrantless wiretapping scheme, as well as an apparent
conflict of interest in the Federal Trade Commission's review of the
Google/Doubleclick merger. Public disclosure of this information
improves government oversight and accountability. It also helps ensure
that the public is fully informed about government activities.

Supreme Court Opinion in Taylor v. Sturgell (pdf):

     http://www.supremecourtus.gov/opinions/07pdf/07-371.pdf

EPIC's FOIA Notes:

     http://epic.org/foia_notes/

EPIC's FOIA Litigation Manual - Litigation Under the Federal Open
Government Laws:

     http://epic.org/bookstore/foia2006/default.html

EPIC's FOIA Litigation Docket:

     http://epic.org/privacy/litigation


========================================================================
[5] Under Pressure, Charter Cable Drops Internet Snooping Plan
========================================================================

Charter Communications, one of the nation's largest ISPs, announced
Tuesday that it will scrap its pilot program to intercept Internet
traffic for marketing purposes. In mid-May, Charter told customers in
four markets that behavioral advertiser NebuAd would install monitoring
boxes on its network in order to track users' browsing habits and
deliver targeted advertising. NebuAd planned to target ads to users by
using deep packet inspection of their network traffic, which can reveal
the substance of nearly all Internet traffic over a subscriber's
connection, including Web surfing content, search engine queries, and
e-mail messages.

Network neutrality advocates criticized this sort of intensive
inspection and monitoring, as well as the online advertising context in
the UK. A report leaked earlier this month from British Telecom (BT)
described that ISP's secret interception of its users' browsing history.
BT, in conjunction with behavioral advertiser Phorm, installed boxes
that hijacked and saved the content of users' Internet activity,
permitting Phorm to create ad profiles of each user. Charter's deep
packet inspection program was to be the first large-scale implementation
by a major US Internet Service Provider.

Charter's decision to drop its spy program comes after senior members of
Congress challenged the legality of Charter's plan to intercept and
inspect their customers' Internet activity. Representative Edward J.
Markey (D-MA) and Representative Joe Barton (R-TX) stated that the
program "raises substantial questions" related to the federal Cable
Television Privacy Act, and requested that Charter hold off on the
proposed venture with NebuAd. The Cable Television Privacy Act prohibits
cable companies from disclosing subscribers' personally identifiable
information without "prior written or electronic consent of the
subscriber." Legal experts also criticized Charter's plan, and suggested
that it ran afoul of the federal Wiretap Act, which bars interception of
wire and electronic communications.

Shortly after Charter announced the program's suspension, Representative
Markey released a statement praising the decision, but repeating his
concerns that the program violated the law. “Given the serious privacy
concerns raised by the sophisticated ad-serving technology Charter
Communications planned to test market, I am pleased to hear that the
company has decided to delay implementation of this program, which
electronically profiled individual consumer Web usage,” he said. “I urge
other broadband companies considering similar user profiling programs to
similarly hold off on implementation while these important privacy
concerns can be addressed.”

Recently, two digital rights groups, Public Knowledge and Free Press,
released a study detailing how NebuAd's hardware uses security exploits
to spy on users. According to the study, NebuAd actively injects fake
packets into responses from other websites in order to deliver the
tracking cookies that facilitate its advertising model. The study
describes how NebuAd's practices violate fundamental expectations of
Internet privacy, security and standards-based interoperability. The Los
Angeles Times revealed that at least five high-ranking NebuAd employees
are veterans of the spyware company that produced Gator, the notorious
spyware program, which installed without user consent, tracked users'
browsing habits, and spewed targeted pop-up ads.

ISPs aren't the only companies trying to turn browsing habits into
targeted Web advertising. Earlier Tuesday, Google announced a tool
called Ad Planner. This tool helps advertisers find Web sites whose
visitors match various demographics. Google claims that the tool can
also show in detail how many people visit a particular Web site.

Charter announces that it will drop its program:

     http://news.cnet.com/8301-10784_3-9976893-7.html

Rep. Markey's response to Charter announcement:

     http://www.epic.org/redirect/markey_charter.html

EPIC's page on Deep Packet Inspection:

     http://epic.org/privacy/dpi/

Report on NebuAd's invasive Deep Packet Inspection techniques (pdf):

     http://www.freepress.net/files/NebuAd_Report.pdf

Google Introduces Ad Planner

     http://epic.org/redirect/google_adplanner.html


========================================================================
[6] News in Brief
========================================================================

Senators Oppose House “Compromise” FISA Bill

A bipartisan group of Senators is emerging to challenge the recent
amendments to the Foreign Intelligence Surveillance Act (FISA) on the
grounds that they are inadequate in protecting civil liberties. On June
20, 2008, the House passed the FISA Amendments Act of 2008, H.R. 6304.
The bill provides retroactive immunity for the telecom companies that
participated in the President's warrantless surveillance program. Courts
will be bound to follow the President's determination that the program
was legal, rather than actually inquire into the program and judge the
actions of the President. Also, the bill continues the expansion of
warrantless surveillance powers from last year's Protect America Act
until 2012, and requires that Inspectors General inquire into the
warrantless surveillance program.

Sen. Specter's Comments on FISA:

     http://www.epic.org/redirect/specter_fisa.html

Sens. Dodd and Feingold's Letter Urging Congressional Leaders to Protect
Americans' Privacy and Not to Grant Retroactive Immunity to Telecoms:

     http://dodd.senate.gov/index.php?q=node/4473/print

Sen. Leahy's Comment on FISA Amendments Act of 2008:

     http://leahy.senate.gov/press/200806/061908a.html

EPIC page on FISA:

     http://epic.org/privacy/terrorism/fisa/


GAO Report: Alternatives Exist for Enhancing Protection of Privacy

A June 18th Government Accountability Office report recommends increased
privacy protections for personal data held by the Federal Government.
The congressional watchdog called on legislators to expand the scope of
current laws concerning Federal use of personal information and to
reform the mechanisms for how that data is collected, processed and
shared.  The GAO urged revisions of regulations governing use of
personal information and public notice. The report responds to
increasingly sophisticated methods for obtaining and using personal
information.  The GAO considered the effectiveness of current privacy
laws. The report included the Privacy Act of 1974, which protects
information held by federal agencies and the E-Government Act of 2002,
which requires federal agencies to conduct privacy impact assessments
before developing or purchasing new technologies that collect personal
information electronically. The GAO recognized the importance of fair
information practices, and highlighted three broad privacy shortcomings.
First, the Privacy Act and E-Government Act do not always provide
protections for federal uses of personal information. Furthermore, the
laws and guidance may not effectively limit agency collection and use of
personal information to specific purposes.  Finally, the Privacy Act may
not include effective mechanisms for informing the public about privacy
concerns.

Government Accountability Office Report (pdf):

     http://www.gao.gov/new.items/d08536.pdf

EPIC - “Your Right to Federal Records:

     http://www.epic.org/open_gov/rights.html


Privacy Disconnect Between Executives and Marketing Departments

The Ponemon Institute, a privacy research organization, and StrongMail,
an email marketing firm, conducted a study which revealed an alarming
disconnect in companies between the executives responsible for
protecting customer data and the marketing departments that use customer
data for advertising and sharing with third parties. Results from the
study showed that 80% of marketers claimed their organizations share
e-mail addresses with third parties, compared to 47% of security and
privacy officers. The inconsistency in these claims raises questions and
doubts about how well companies are protecting their customers' data.
One consequence of this disconnect is an increase in spam. Of the
marketers surveyed, 44% believed their organization was in compliance
with the CAN-SPAM act. EPIC testified before the D.C. Council that
“analyses of spam volume indicate that spam accounts for approximately
80% of email traffic, and consumers receive more spam now than when the
federal CAN-SPAM law was passed in 2003”.

EPIC Testifies Before the DC Council on Spam Legislation (pdf):

     http://epic.org/privacy/junk_mail/spam/DC_Council_Spam.pdf

The CAN-SPAM Act:

     http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.shtm

StrongMail and Ponemon Institute Survey Reveals Risks to Customer Data
Introduced by Marketing Practices and Perceptions (pdf):

     http://epic.org/redirect/strongmail_ponemon.html


EPIC Speaks at American Bar Association Cyberlaw Conference

Lillie Coney, Associate Director of the Electronic Privacy Information
Center, recently spoke at a panel at the American Bar Association
Cyberlaw conference. In the panel, entitled “Privacy Rights vs. Profit
Rights:, What Are the Limits for Tracking,_Data Mining, and Marketing,
Online Practices of Internet Users?”, Ms. Coney spoke regarding the
problems with self regulation in the online advertising industry,
including the Federal Trade Commissions proposed new voluntary online
advertising principles. “The opt-out cookie system used by ad network
participants has been shown technologically ineffective” Ms. Coney said.
She went on to point out that future legislation ought to protect
consumer's information, instead of just protecting against certain
advertising practices. The panelists also included Annie Anton,
associate professor of software engineering at North Carolina State
University, who discussed the complications of privacy policies; and
Google's Senior Policy Counsel Pablo Chavez, who discussed Google's
privacy policies.

EPIC.org: Privacy Self Regulation: A Decade of Disappointment

     http://epic.org/reports/decadedisappoint.html

Second Annual Institute on Cyberlaw: Expanding the Horizons (pdf):

     http://epic.org/events/cyberlaw_2008.pdf

FTC proposed new voluntary online advertising principles (pdf):

     http://www.ftc.gov/os/2007/12/P859900stmt.pdf


========================================================================
[7] Anita L. Allen - "NAACP v. Alabama, Privacy and Data Protection"
========================================================================

[Editor's note: Monday, June 30, 2008 marks the 50th anniversary of the
Supreme Court's decision in NAACP v. Alabama, one of the most important
privacy cases of all time. Professor Anita L. Allen, a leading privacy
scholar, author of many books and articles, and a member of the EPIC
Board of Directors prepared this essay to celebrate this anniversary.
The complete essay by Professor Allen and related links for NAACP v.
Alabama are available at http://www.naacpvalabamaat50.org]


"NAACP v. Alabama, Privacy and Data Protection," by Anita L. Allen,
J.D., Ph.D., Henry R. Silverman professor of Law and Professor of
Philosophy University of Pennsylvania School of Law -


"The United States Supreme Court's decision in NAACP v. Alabama ex. Rel.
Patterson, 357 U.S. 449 (1958) turns 50 this year. For those who value
privacy it is a birthday worth remembering.

"In NAACP v. Alabama, the Court affirmed that the constitutional rights
of speech and assembly include a right of private group association. The
idea that Americans are free to join private groups was not new in 1958.
However, the Court's decision to allow private groups to keep membership
information confidential was an important constitutional milestone.

"In 1956, the state of Alabama demanded a copy of the NAACP's membership
list, as part of its effort to expel the group from the state for
allegedly violating a state business law. But the Supreme Court held
that the civil rights group had a right to keep its members' identities
secret, whether or not a technical business law had been broken.
Revealing the group's membership, argued the Court, “is likely to
affect adversely the ability of [the NAACP] and its members to pursue
their collective effort to foster beliefs which they admittedly have the
right to advocate, in that it may induce members to withdraw from the
Association and dissuade others from joining it because of fear of
exposure of their beliefs shown through their associations and of the
consequences of this exposure.

"Whether handwritten on lined paper or stored electronically in a
computer system, membership data is constitutionally protected from
mandatory disclosure.

"No constitutional right is absolute, however. The right to maintain
membership data in secrecy is not perfectly guaranteed. But the Court
reassuringly characterized official demands for membership lists as
substantial restraints on freedom of association. As such, courts must
strike them down unless they are narrowly tailored and necessary to
further a compelling state interest. . . ."


[Essay continues at http://www.naacpvalabamaat50.org]

  
================================

EPIC Publications:

"Information Privacy Law: Cases and Materials, Second Edition" Daniel J.
Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.

    http://www.epic.org/redirect/aspen_ipl_casebook.html

This clear, comprehensive introduction to the field of information
privacy law allows instructors to enliven their teaching of fundamental
concepts by addressing both enduring and emerging controversies. The
Second Edition addresses numerous rapidly developing areas of privacy
law, including: identity theft, government data mining and electronic
surveillance law, the Foreign Intelligence Surveillance Act,
intelligence sharing, RFID tags, GPS, spyware, web bugs, and more.
Information Privacy Law, Second Edition, builds a cohesive foundation
for an exciting course in this rapidly evolving area of law.

================================

"Privacy & Human Rights 2006: An International Survey of Privacy Laws
and Developments" (EPIC 2007). Price: $75.

     http://www.epic.org/phr06/

This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy in over
75 countries around the world. The report outlines legal protections,
new challenges, and important issues and events relating to privacy.
Privacy & Human Rights 2006 is the most comprehensive report on privacy
and data protection ever published.

================================

"FOIA 2006: Litigation Under the Federal Open Government Laws," Harry
A. Hammitt, Marc Rotenberg, Melissa Ngo, and Mark S. Zaid, editors
(EPIC 2007). Price: $50. 

     http://www.epic.org/bookstore/foia2006

This is the standard reference work covering all aspects of the Freedom
of Information Act, the Privacy Act, the Government in the Sunshine Act,
and the Federal Advisory Committee Act.  The 23nd edition fully updates
the manual that lawyers, journalists and researchers have relied on for
more than 25 years.  For those who litigate open government cases (or
need to learn how to litigate them), this is an essential reference
manual.

================================

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.

     http://www.epic.org/bookstore/pvsourcebook

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS).  This
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals for
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more involved in the
WSIS process.

================================

"The Privacy Law Sourcebook 2004: United States Law, International Law,
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:
$40.

     http://www.epic.org/bookstore/pls2004/

The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource for students,
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world. It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well
as an up-to-date section on recent developments. New materials include
the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the
CAN-SPAM Act.

================================

"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.

     http://www.epic.org/bookstore/filters2.0

A collection of essays, studies, and critiques of Internet content
filtering.  These papers are instrumental in explaining why filtering
threatens free expression.

================================

EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

EPIC Bookstore 

     http://www.epic.org/bookstore

"EPIC Bookshelf" at Powell's Books

     http://www.powells.com/bookshelf/epicorg.html

================================

EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents obtained from government agencies under the
Freedom of Information Act.

Subscribe to EPIC FOIA Notes at:

     https:/mailman.epic.org/mailman/listinfo/foia_notes


========================================================================
[8] Upcoming Conferences and Events
========================================================================

2007-2008 Supreme Court Term Review. Organized by the American
Constitution Society. July 1, 2008, 9am. National Press Club Ballroom,
Washington, DC. For more information:
http://www.acslaw.org/node/6732 Privacy Laws & Business 21st Annual International Conference. Value Privacy, Secure Your Reputation, Reduce Risk. 7-9th July, 2008, St. John’s College, Cambridge. For more information: http://www.privacylaws.com/ The 8th Privacy Enhancing Technologies Symposium (PETS 2008), 23-25 July, 2008, Leuven, Belgium. For more information: http://petsymposium.org/2008 DHS Public Workshop Data Mining. July 24-25, Washington, DC. For more information: http://edocket.access.gpo.gov/2008/E8-14394.htm The Privacy Symposium - Summer 2008: An Executive Education Program on Privacy and Data Security Policy and Practice, August 18-21, 2008, Harvard University, Cambridge, MA. For more information: http://www.privacysummersymposium.com/ Privacy Awareness Week. August 24, 2008. Australia, New Zealand, Hong Kong, Korea and Canada. For more information: http://www.privacyawarenessweek.org/paw International Symposium on Data Protecion in Social Networks. October 13, 2008, Strasbourg. For more information: http://epic.org/intsymposium_sns.html Protecting Privacy in a Borderless World. October 15-17, 2008, Strasbourg. For more information: http://www.privacyconference2008.org Privacy in Social Network Sites Conference October 23-24, 2008. Delft University of Technology, Faculty of TPM, The Netherlands. For more information: http://www.ethicsandtechnology.eu ====================================================================== Subscription Information ====================================================================== Subscribe/unsubscribe via web interface: https://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ======================================================================== Privacy Policy ======================================================================== The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================== About EPIC ======================================================================== The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================== Donate to EPIC ======================================================================== If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ======================================================================= Support Privacy '08 ======================================================================= If you would like more information on Privacy '08, go online and search for "Privacy 08". You'll find a Privacy08 Cause at Facebook, Privacy08 at Twitter, a Privacy08 Channel on YouTube to come soon, and much more. You can also order caps and t-shirts at CafePress Privacy08. Start a discussion. Hold a meeting. Be creative. Spread the word. You can donate online at epic.org. Support the campaign. Facebook Cause: http://www.epic.org/redirect/fbprivacy08.html Twitter: http://twitter.com/privacy08 CafePress: http://www.cafepress.com/epicorg ------------------------- END EPIC Alert 15.13 ------------------------- .