EPIC logo

                             E P I C  A l e r t
Volume 11.16                                            August 27, 2004

                              Published by the
                Electronic Privacy Information Center (EPIC)
                              Washington, D.C.


Table of Contents

[1] Homeland Security To Test New Passenger Prescreening System
[2] FCC Imposes Rules on Internet Telephony; Bans Wireless Spam
[3] Federal Appeals Court Upholds Compelled DNA Production
[4] EPIC Files Amicus Brief Arguing Against Secret Law
[5] EPIC Urges Privacy Protections for Auto Black Boxes
[6] News in Brief
[7] EPIC Bookstore: Whistleblowing Around the World
[8] Upcoming Conferences and Events

[1] Homeland Security To Test New Passenger Prescreening System

The Department of Homeland Security's Assistant Secretary for the
Transportation Security Administration David Stone announced yesterday
that the government will begin testing Secure Flight, its new
passenger prescreening system, in November.  The program's
introduction comes just a few weeks after TSA scrapped plans for its
predecessor, the second generation Computer Assisted Passenger
Prescreening System (CAPPS II), in part due to privacy concerns.
Admiral Stone stated that commercial airlines will be ordered in
September to turn over "historical" PNR data for TSA to use in the
testing phase of Secure Flight.

The new program, slated for deployment early next year, will focus on
comparing Passenger Name Records (PNRs) against expanded "selectee"
and "no fly" lists maintained by the government.  If a traveler's PNR
matches information on a watch list, commercial data aggregators will
be relied upon to verify the traveler's identity.  TSA will administer
the program, removing all passenger screening responsibility from the

Though TSA plans to implement a redress process for travelers
improperly flagged by Secure Flight, it is unclear how this process
will work.  The government has long used "selectee" and "no fly" lists
for aviation security purposes, but passengers have experienced great
difficulty clearing their names when improperly flagged.  In 2002,
EPIC obtained through the Freedom of Information Act dozens of
complaint letters sent to TSA by irate passengers who felt they had
been incorrectly identified for additional security or were denied
boarding because of the watch lists.  The complaints describe the
bureaucratic maze passengers encounter if they happen to be mistaken
for individuals on the list, as well as the difficulty they encounter
trying to exonerate themselves.

Even members of Congress have found themselves targeted due to the
watch lists.  Senator Edward Kennedy (D-MA) recently reported in a
Senate Judiciary Committee hearing on border security that on multiple
occasions airline agents have tried to prevent him from boarding
flights because his name appeared on a watch list.  He was halted
three times before his staff called TSA, and afterwards continued to
be stalled at the gate. Senator Kennedy was forced to call Homeland
Security Secretary Tom Ridge in order to clear his name, an option
available to very few travelers.  The name on the watch list
preventing Kennedy's travel was apparently "T. Kennedy."  Rep. John
Lewis (D-GA) also has said he is on a watch list, barred from buying
electronic tickets, and subject to extensive searches every time he
boards a flight.

EPIC FOIA documents on "selectee" and "no fly" watch lists:


For more information about travel privacy and CAPPS II, see EPIC's
Passenger Profiling Page:


[2] FCC Imposes Rules on Internet Telephony; Bans Wireless Spam

The Federal Communications Commission has adopted a ruling on
wiretapping of Internet telephony and a prohibition of commercial
e-mail sent to wireless devices.  The Commission has tentatively
determined that Internet phone calls are subject to wiretapping by law
enforcement under the Communications Assistance for Law Enforcement
Act (CALEA).  The Department of Justice, Federal Bureau of
Investigation, and Drug Enforcement Administration filed a joint
petition in March 2004 requesting that Internet telephony be subject
to CALEA.  The Commission has at least tentatively concluded that
CALEA applies to facilities-based providers of any type of broadband
Internet access service -- including wireline, cable modem, satellite,
wireless, and powerline -- and to managed or mediated Voice over
Internet Protocol (VoIP) services.  This determination is based on the
Commission's proposal that these services are "a replacement for a
substantial portion of the local telephone exchange service."  The
Commission now seeks comment from carriers as to their obligations and
the feasibility of this proposed ruling.

EPIC filed comments with the Commission earlier this year asserting
that Internet telephony should not be subject to CALEA.  EPIC opposes
the extension of CALEA to such services on the ground that it
impermissibly seeks to extend the narrow, legislatively authorized
reach of the requirements of the law.  Any such expansion of CALEA's
reach, should it be deemed necessary, must be effectuated by Congress
rather than the Commission.  This is particularly the case in light of
the unique privacy issues that arise when surveillance capabilities
are mandated for packet-mode communications.  Further, the law
enforcement agencies petitioning the Commission have not demonstrated
that the existing CALEA regime is in any way inadequate to address
their needs.

The Commission has also ruled that marketers cannot send commercial
e-mail to wireless devices without the explicit consent of the
consumer.  The Commission adopted a general prohibition on sending
commercial messages to wireless devices (to any address referencing an
Internet domain associated with wireless subscriber messaging
services).  The ruling is consistent with comments filed by EPIC in
April arguing that marketers cannot send commercial e-mail to wireless
devices without the explicit consent of the consumer.  These new rules
will be enforced under the CAN-SPAM Act, legislation enacted last year
which has so far proved an ineffective protection against spam.  It
has done little to decrease the amount of spam sent by bulk e-mailers,
despite cases having been filed against alleged spammers by Microsoft,
Earthlink, AOL and Yahoo.  Under CAN-SPAM, only governments and
Internet Service Providers are able to use the law, which makes
lawsuits brought by private organizations ineffective.  To combat the
problem of spam, EPIC favors "opt-in" mailing lists, a private right
of action for consumers, and freedom for states to pursue spammers,
combined with technical measures and international cooperation.

FCC's rulemaking on CALEA:


FCC news release on wireless spam:


EPIC's CALEA comments:


EPIC's wireless spam comments:


[3] Federal Appeals Court Upholds Compelled DNA Production

In a close 6-5 decision, the Ninth Circuit Court of Appeals has
determined that a parolee can be forced to provide a DNA sample for
the FBI's vast national DNA database, even when there is no suspicion
that he has committed a crime in addition to the one for which he has
served his time.

In this case, Thomas Cameron Kincade argued that the DNA Analysis
Backlog Elimination Act of 2000 violates Fourth Amendment guarantees
against unreasonable search and seizure.  The DNA Act requires certain
felons and parolees to submit a sample of their DNA to the government.
The DNA Act does not require suspicion that an individual will commit
or has committed another offense, nor that the sample be taken in
order to aid in the investigation of a particular crime.  Refusal to
provide a DNA sample is a misdemeanor.  Once the sample is taken and
analyzed, a DNA profile is created and added to the Combined DNA Index
System (CODIS) and made available to law enforcement by the FBI.  In
March, EPIC filed a "friend of the court" brief in support of Mr.
Kincade, arguing that DNA contains far more information than a
fingerprint and that, in the absence of privacy safeguards, a DNA
sample collected for one purpose could be used in the future for
unrelated purposes.

In determining that the Fourth Amendment allows compelled DNA
profiling of parolees who are not suspected of having committed an
additional crime, Judge O'Scannlain's majority opinion noted that
parolees are not entitled to the full extent of constitutional
protections enjoyed by the public.  The court concluded that the
public interest served by collecting parolees' DNA outweighed
parolees' "substantially diminished expectations of privacy" and "the
minimal intrusion occasioned by blood sampling."  A concurring opinion
by Judge Gould emphasized that the court had not determined the rights
of an individual "who has fully paid his or her debt to society, who
has completely served his or her term, and who has left the penal
system . . . .  Once those previously on supervised release have
wholly cleared their debt to society, the question must be raised:
'Should the CODIS entry be erased?'"  Judge Gould noted that this
question would have to be addressed in a future case.

Judge Reinhardt's lengthy dissent (joined by Judge Pregerson, Judge
Kozinski, and Judge Wardlaw) chastised the majority's holding,
stating, "Never has the [Supreme] Court approved of the government's
construction of a permanent governmental database built from general
suspicionless searches and designed for use in the investigation and
prosecution of criminal offenses."  Judge Reinhardt went on to
caution, "Privacy erodes first at the margins, but once eliminated,
its protections are lost for good, and the resulting damage is rarely,
if ever, undone.  Today, the court has opted for comprehensive DNA
profiling of the least protected among us, and in so doing, has
jeopardized us all."

For more information about the case, see EPIC's United States v.
Kincade Page:


EPIC's amicus brief:


For more information about genetic privacy, see EPIC's Genetic Privacy


[4] EPIC Files Amicus Brief Arguing Against Secret Law

EPIC has filed a "friend of the court" brief in Gilmore v. Ashcroft, a
case before the Ninth Circuit Court of Appeals challenging the
government's unpublished law or regulation requiring passengers to
present identification to fly on commercial airlines.  John Gilmore
argues that the requirement violates numerous constitutional
protections, including the rights to travel, petition and freely
assemble, be free from unreasonable search and seizure, and have
access to due process of law.

Mr. Gilmore is challenging the dismissal of his case in March by a
federal district court.  In that proceeding, the government not only
refused to provide the court with the text of the law or regulation
requiring airline passengers to show identification, but declined even
to acknowledge whether the requirement exists.  Furthermore, the
district court judge accepted the government's assurance that the
court did not have jurisdiction to review the law or regulation,
failing to independently determine the legal basis for that claim.

In its amicus brief, EPIC argued that the district court's failure to
examine the government's authority to enforce the law or regulation
allows the government to impose secret law upon the public, thus
avoiding meaningful review by courts as required by the Constitution.
"Compelled identification stemming from secret law violates due
process safeguards because it is inherently vague and provides no
means for ordinary people or reviewing courts to meaningfully
determine which procedures are legal or proper," EPIC wrote.  The
brief urged the Ninth Circuit to send the case back to the district
court to determine whether the government's identification requirement
is lawful.

Gilmore v. Ashcroft web site:


EPIC's amicus brief:


For more information about travel privacy, see EPIC's Passenger
Profiling Page:


[5] EPIC Urges Privacy Protections for Auto Black Boxes

In formal comments, EPIC urged the National Highway Transportation
Security Administration (NHTSA) to create privacy protections for
"Event Data Recorders," (EDRs) black boxes in vehicles that record
crash data.  The comments were made in response to a federal
rulemaking calling for standardization of EDR data.  EPIC argued that
with standardization of data collection, the agency has a duty to
create meaningful privacy protections.  The agency's current plan to
protect privacy by putting a short disclosure in the owner's manual
falls fall short of this duty.

EPIC argued that EDRs present serious privacy issues that have been
developing incrementally.  Just two months ago, NHTSA claimed that it
did not intend to require manufacturers to install EDRs.  Earlier this
month, however, the National Transportation Safety Board called for
mandatory EDR installation following the investigation of the 2003
accident involving an elderly driver that resulted in ten deaths. 
Auto insurers are now offering plans in which EDR-like devices
routinely monitor drivers.  And there is the growing risk associated
with EDRs connected to communications systems, as they can become
platforms for commercial or law enforcement monitoring (see EPIC Alert

EPIC argued that requiring EDR installation together with
standardizing the EDR data format would create a vast
government-mandated data collection regime that demands privacy
protection.  Specifically, EPIC recommended that the car owner be
explicitly recognized as the owner of the EDR data and that
affirmative consent be obtained before the data is accessed.  With
respect to EDRs that can access communications systems, similar to
OnStar or ATX, EPIC recommended that the device not initiate
communication unless an accident is detected or if the driver uses a
manual feature to initiate communications for purposes of transmitting
driving data.

EPIC comments on EDR data standardization:


NHTSA request for comment:


[6] News in Brief


EPIC joined a coalition of more than 20 civil liberties organizations
in sending a letter to the Department of Homeland Security, asking the
law enforcement agency to explain its acquisition and use of
statistical census data on Arab Americans.  The coalition also called
for a formal documented investigation and Congressional hearings into
the matter.  The letter was written in response to heavily redacted
documents obtained by EPIC through the Freedom of Information Act
revealing that the Census Bureau gave the Department of Homeland
Security Customs and Border Protection statistical information on
people who identified themselves on the 2000 census as being of Arab

The coalition letter states that the provision of census data to the
Department of Homeland Security was "a violation of the public's trust
in the census bureau, and a troubling reminder of one of our nation's
darkest days when the sharing of similar information resulted in the
internment of Japanese Americans during World War II."  The letter
also questions the Department of Homeland Security's claim that the
census information was used only to determine language for airport
signage, calling the explanation "inconsistent with reality."  The
coalition notes that neither the Census Bureau nor Department of
Homeland Security has shown that similar information concerning people
of other ethnicities was requested for airport signage purposes.

Coalition letter:


FOIA documents obtained by EPIC from the Census Bureau:


For more information about privacy of census information, see EPIC's
Census Privacy Page:



U.S. District Judge Kollar-Kotelly has ruled that documents relating
to a classified contract between the Federal Bureau of Investigation
and ChoicePoint, a commercial data broker, is subject to the Freedom
of Information Act.  Documents already released indicate that the
contract concerns a secret, sole-source agreement between ChoicePoint
and the government.  The documents are heavily redacted, but one
discusses the following agreement: "The Criminal Investigative
Division (CID) [redacted] has a requirement to conduct a feasibility
study for a prototype methodology to meet the requirements of the
Federal Bureau of Investigation's (FBI), [redacted] Program."
ChoicePoint employees with access to the FBI facility housing the
prototype had to have secret-level security clearances.

All of the over 1,500 pages of documents obtained by EPIC on
ChoicePoint are online, and EPIC Associate Director Chris Hoofnagle
recently published a law journal article analyzing the documents.

District court order:


Documents discussing the secret ChoicePoint prototype:


For more information about the case, see the EPIC ChoicePoint Page:



EPIC and Privacy Rights Clearinghouse filed comments suggesting
privacy improvements to a proposed Postal Service system that uses
commercial databases to improve delivery rates.  The Postal Service's
"Distribution Quality Improvement" program will use a commercially
available name and address database to improve processing of
inaccurate, incomplete, or illegible mailpieces.  Information
available on the mailpiece will be matched against the database for
names and address matches, and where a match if found, the Postal
Service will spray an accurate delivery barcode onto the mailpiece.

The Postal Service carefully designed the system with privacy and
security in mind.  However, EPIC and Privacy Rights Clearinghouse did
suggest that the commercial data provider voluntarily abide by a
series of Fair Information Practices in all of their business
functions.  The groups argued that the Postal Service has a unique
opportunity to promote best practices in the commercial database field
by choosing a vendor that promises to protect privacy.  The groups
also commented that many Americans would benefit from more control
over the distribution of junk mail.  Noting that standard techniques
to avoid junk mail are limited in effectiveness, and the recent
success of the telemarketing Do-Not-Call Registry, the Postal Service
was urged to explore a Do-Not-Mail Registry to block saturation
mailings and individually addressed commercial solicitations.

Comments to the U.S. Postal Service on Distribution Quality


U.S. Postal Service request for comment on Distribution Quality


For more information about mail privacy, see the EPIC Postal Privacy



An Army Inspector General report obtained through the Freedom of
Information Act by journalist Ryan Singel has concluded that neither
the Defense Department nor defense contractor Torch Concepts violated
the Privacy Act by using of millions of JetBlue Airways passenger
records to conduct a military data mining project without the
passengers' knowledge or consent.  The Inspector General's
determination was based upon the Privacy Act's protection only of
"systems of records," defined as groups of "any records under the
control of any agency from which information is retrieved by the name
of the individual or by some identifying number, symbol, or other
identifying particular assigned to the individual."  According to the
report, Torch Concepts did not run afoul of the Privacy Act because it
did not use names or other specific identifiers to access passenger
information in databases.  Likewise, the Inspector General found that
Torch Concepts' disclosure of some passengers' addresses, Social
Security Numbers, and dates of birth during a presentation at a
conference did not violate the Privacy Act because the information was
not derived from a "system of records." The disclosure did, however,
violate Torch Concepts' contract to perform the data mining work.

The Army Inspector General's report:


For more information about air travel data privacy, see EPIC's
Passenger Profiling Page:



Google founders Larry Page and Sergey Brin discussed Gmail, an
advertising-supported web mail system that engages in "content
extraction" in order to target ads to subscribers, in an interview
with Playboy Magazine.  Page and Brin clumsily avoided pointed
questions raised by Playboy regarding the privacy implications of the
system.  A portion of the interview is reproduced below.

"PLAYBOY: The Electronic Privacy Information Center equates such
monitoring with a telephone operator listening to your conversations
and pitching ads while you talk.

"BRIN: That's what Hotmail and Yahoo do, don't forget.  They have big
ads that interfere with your ability to use your mail.  Our ads are
more discreet and off to the side.  Yes, the ads are related to what
you are looking at, but that can make them more useful.

"PAGE: During Gmail tests, people bought lots of things using the ads.

"BRIN: Today I got a message from a friend saying I should prepare a
toast for another friend's birthday party.  Off to the side were two
websites I could go to that help prepare speeches.  I like to make up
my own speeches, but it's a useful link if I want to take advantage of

"PLAYBOY: Even that sounds ominous.  We may not want anyone -- or any
machine -- knowing we're giving a speech at a friend's birthday party.

"BRIN: Any web mail service will scan your e-mail.  It scans it in
order to show it to you; it scans it for spam.  All I can say is that
we are very up-front about it.  That's an important principle of

Full Playboy interview:


For more information about Gmail, see the EPIC Gmail FAQ:


[7] EPIC Bookstore: Whistleblowing Around the World

Whistleblowing Around the World: Law, Culture, and Practice, Richard
Calland and Guy Dehn eds. (Open Democracy Advice Center and Public
Concern at Work 2004).


In lamenting the restrictions on freedom caused by "petty coercion,"
Marilynne Robinson recently wrote, "A successful autocracy rests on
the universal failure of individual courage.  In a democracy,
abdications of conscience are never trivial.  The demoralize politics,
debilitate candor, and disrupt thought."

It takes a lot of individual courage to be a whistleblower.  Those who
question corrupt practices are subjected to ridicule, loss of work,
and even physical attack.  We ought to be more grateful to

In Whistleblowing Around the World, four whistleblowers recount their
experiences in exposing to the public both government and
private-sector wrongdoing.  The book traces the stories of Sherron
Watkins, an Enron whistleblower; Victoria Johnson, who exposed
corruption in the Cape Town government; Dr. Jiang Yanyong, who
publicized the SARS epidemic in China; and Harry Templeton, who
challenged the plundering of pension funds.

The book analyzes American, British, Japanese and South African policy
approaches to whistleblowing.  It considers the forces that facilitate
and prevent legitimate whistleblowing in different cultures.  It
discusses the roles of employers, the state, the media, the law and
civil society and offers advice to practitioners, policymakers, and

- Chris Jay Hoofnagle


EPIC Publications:

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS).  This
reference guide provides the official UN documents, regional and
issue-oriented perspectives, as well as recommendations and proposals
for future action, as well as a useful list of resources and contacts
for individuals and organizations that wish to become more involved in
the WSIS process.


"The Privacy Law Sourcebook 2003: United States Law, International
Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2003).
Price: $40. http://www.epic.org/bookstore/pls2003

The "Physicians Desk Reference of the privacy world."  An invaluable
resource for students, attorneys, researchers and journalists who need
an up-to-date collection of U.S. and International privacy law, as
well as a comprehensive listing of privacy resources.


"FOIA 2002: Litigation Under the Federal Open Government Laws," Harry
Hammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price: $40.

This is the standard reference work covering all aspects of the
Freedom of Information Act, the Privacy Act, the Government in the
Sunshine Act, and the Federal Advisory Committee Act.  The 21st
edition fully updates the manual that lawyers, journalists and
researchers have relied on for more than 25 years.  For those who
litigate open government cases (or need to learn how to litigate
them), this is an essential reference manual.


"Privacy & Human Rights 2003: An International Survey of Privacy Laws
and Developments" (EPIC 2002). Price: $35.

This survey, by EPIC and Privacy International, reviews the state of
privacy in over fifty-five countries around the world.  The survey
examines a wide range of privacy issues including data protection,
passenger profiling, genetic databases, video surveillance, ID systems
and freedom of information laws.


"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.

A collection of essays, studies, and critiques of Internet content
filtering.  These papers are instrumental in explaining why filtering
threatens free expression.


"The Consumer Law Sourcebook 2000: Electronic Commerce and the Global
Economy," Sarah Andrews, editor (EPIC 2000). Price: $40.

The Consumer Law Sourcebook provides a basic set of materials for
consumers, policy makers, practitioners and researchers who are
interested in the emerging field of electronic commerce.  The focus is
on framework legislation that articulates basic rights for consumers
and the basic responsibilities for businesses in the online economy.


"Cryptography and Liberty 2000: An International Survey of Encryption
Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price:
$20.  http://www.epic.org/bookstore/crypto00&

EPIC's third survey of encryption policies around the world.  The
results indicate that the efforts to reduce export controls on strong
encryption products have largely succeeded, although several
governments are gaining new powers to combat the perceived threats of
encryption to law enforcement.


EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

      EPIC Bookstore

      "EPIC Bookshelf" at Powell's Books

[8] Upcoming Conferences and Events

Ninth National HIPAA Summit.  September 12-14, 2004.  Baltimore, MD.
For more information: http://www.HIPAASummit.com.

Public Voice Symposium: Privacy in a New Era: Challenges,
Opportunities and Partnerships.  Electronic Privacy Information
Center, European Digital Rights Initiative (EDRi), and Privacy
International.  September 13, 2004.  Wroclaw, Poland.  For more

The Right to Personal Data Protection -- the Right to Dignity.  26th
International Conference on Data Protection and Privacy Commissioners.
September 14-16, 2004.  Wroclaw, Poland.  For more information:

Health Privacy Seminar.  Riley Information Services.  September 17,
2004.  Ottawa, Ontario.  For more information:

Protection of Children Online and Review of the Safe Harbour
Agreement.  British Institute of International and Comparative Law
2004 Data Protection Research and Policy Group Series.  September 22,
2004.  London, UK.  For more information: http:www.biicl.org.

Online Privacy: Choice of Law.  British Institute of International and
Comparative Law Data Protection Research and Policy Group.  September
23, 2004.  London, UK.  For more information: http:www.biicl.org.

Nethead/Bellhead: The FCC Takes on the Internet.  Cardozo Law School
Florsheimer Center for Constitutional Democracy and the Yale Law
School Information Society Project.  September 28, 2004.  New York,
NY.  For more information: http://www.cardozobellhead.net.

IAPP Privacy and National Security Forum.  International Association
of Privacy Professionals.  September 30, 2004.  Washington, DC.  For
more information:

The Internet and the Law -- A Global Conversation.  Law & Technology
Program, University of Ottawa.  Ottawa, Ontario.  October 1-2, 2004.
For more information:

2004 Telecommunications Policy Research Conference.  National Center
for Technology & Law, George Mason University School of Law.  October
1-3, 2004.  Arlington, VA.  For more information:

Health Privacy Conference.  Office of the Information and Privacy
Commissioner of Alberta.  October 4-5, 2004.  Calgary, Alberta,
Canada.  For more information:

IAPP Entertainment and Privacy Forum.  International Association of
Privacy Professionals.  October 7, 2004.  Los Angeles, CA.  For more
information: http://www.privacyassociation.org/html/conferences.html.

Privacy and Identity: The Promise and the Perils of a Technological
Age.  DePaul University Center for Intellectual Property Law and
Information Technology and  School of Computer Science,
Telecommunications and Information Systems.  October 14-15, 2004.
Chicago, IL.  For more information:

2004 Big Brother Awards Switzerland.  October 16, 2004.  Lucerne,
Switzerland.  For more information: http://www.bigbrotherawards.ch.

DRM 2004: The Fourth ACM Workshop on Digital Rights Management.
Association for Computing Machinery Special Interest Group on
Security, Audit and Control.  October 25, 2004.  Washington, DC.  For
more info: http://mollie.engr.uconn.edu/DRM2004.

2004 Big Brother Awards Austria.  October 26, 2004.  Vienna, Austria.
For more information: http://www.bigbrotherawards.at.

Private and Private International Law Issues Raised by Electronic
Commerce.  The Hague Conference on Private International Law, the
Netherlands Government and the International Chamber of Commerce.
October 26-27, 2004.  The Hague, Netherlands.  For more information:

IAPP Privacy and Data Security Academy & Expo.  International
Association of Privacy Professionals.  October 27-29, 2004. New
Orleans, LA.  For more information:

Privacy and Security: Seeking the Middle Path.  Office of the
Information & Privacy Commissioner of Ontario; Centre for Innovation
Law and Policy, University of Toronto; and Center for Applied
Cryptographic Research, University of Waterloo.  Toronto, Ontario,
Canada.  October 28-29, 2004.  For more information:

2004 Big Brother Awards Germany.  October 29, 2004.  Bielefeld,
Germany.  For more information: http://www.bigbrotherawards.de.

The 2004 Isaac Pitblado Lectures: Privacy -- Another Snail in the
Ginger Beer.  The Law Society of Manitoba, The Manitoba Bar
Association and the University of Manitoba Faculty of Law.  November
19-20, 2004.  Manitoba, Canada. For more information:

National Security, Law Enforcement and Data Protection.  British
Institute of International and Comparative Law Data Protection
Research and Policy Group.  December 8, 2004.  London, UK.  For more
information: http:www.biicl.org.

CFP2005: Fifteenth Annual Conference on Computers, Freedom and
Privacy.  April 12-15, 2005.  Seattle, WA.  For more information:

Subscription Information

Subscribe/unsubscribe via web interface:


Back issues are available at:


The EPIC Alert displays best in a fixed-width font, such as Courier.

Privacy Policy

The EPIC Alert mailing list is used only to mail the EPIC Alert and to
send notices about EPIC activities.  We do not sell, rent or share our
mailing list.  We also intend to challenge any subpoena or other legal
process seeking access to our mailing list.  We do not enhance (link
to other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list, please follow the above instructions under
"subscription information."

About EPIC

The Electronic Privacy Information Center is a public interest
research center in Washington, DC.  It was established in 1994 to
focus public attention on emerging privacy issues such as the Clipper
Chip, the Digital Telephony proposal, national ID cards, medical
record privacy, and the collection and sale of personal information.
EPIC publishes the EPIC Alert, pursues Freedom of Information Act
litigation, and conducts policy research.  For more information, see
http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite
200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248

If you'd like to support the work of the Electronic Privacy
Information Center, contributions are welcome and fully
tax-deductible.  Checks should be made out to "EPIC" and sent to 1718
Connecticut Ave., NW, Suite 200, Washington, DC 20009.  Or you can
contribute online at:


Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the
right of privacy and efforts to oppose government regulation of
encryption and expanding wiretapping powers.

Thank you for your support.

---------------------- END EPIC Alert 11.16 ----------------------