============================================================= @@@@ @@@@ @@@ @@@@ @ @ @@@@ @@@@ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @@@ @ @ @@@@@ @ @@@ @@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @@@ @@@@ @ @ @@@@ @@@@ @ @ @ ============================================================= Volume 2.15 November 22, 1995 ------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. info@epic.org http://www.epic.org ======================================================================= Table of Contents ======================================================================= [1] Senate Holds Hearings on Medical Privacy [2] EPIC Calls for Rescission of FBI Wiretap Notice [3] NY Times Opposes Wiretap Plan [4] Conservative Groups Split Over On-line Indecency Issue [5] Avrahami Pursues Mailing List Claim [6] New Coalition Calls for Examination of Copyright "White Paper" [7] International Privacy Newsletters [8] Upcoming Conferences and Events ======================================================================= [1] Senate Holds Hearings on Medical Privacy ======================================================================= On Tuesday, November 14, the Senate Committee on Labor and Human Resources held a hearing on the controversial Medical Record Confidentiality Act (S. 1360). The committee heard from the sponsors, several industry groups, an AIDS advocacy group supporting the bill and a patients rights group opposing the bill. The hearing was contentious and most witnesses and Senators in attendance agreed that substantial changes in the bill were necessary. Dr. Denise Nagel, a practicing psychiatrist and the President of the Coalition for Patient Rights of New England testified that the bill would "codify some of the most egregious breaches of ethics, morals and the Hippocratic oath that this country has ever seen." Dr. Nagel pointed to weaknesses in the consent provision: "Senate Bill 1360 not only permits some types of such extremely objectionable disclosures to third parties without notification or consent, but its procedures will mislead patients in this respect. The patient not only will be unaware of this further dispersion of his personally-identified information, but will be cruelly tricked by the initial assurance that the disclosure will be solely for treatment and payment." The Consumer Project on Technology (CPT) submitted a detailed statement to the Committee with comments on how to improve the bill. CPT Director James Love described the bill as "fundamentally flawed" and said it would "legitimize and contribute to the continued erosion of personal privacy." Evan Hendricks, chairman of the U.S. Privacy Council, wrote that "the current proposal will do more harm than good by legitimizing a large database surveillance system while leaving Americans without sufficient choices or remedies to retain a satisfactory level of privacy." Despite early predictions that the bill would be adopted by the Senate before Thanksgiving, quick action now appears unlikely. It is expected that the Senate will take up the bill again after the Christmas break. More information about medical privacy, including the testimony of Dr. Nagel and the text of S. 1360, is available at: http://www.epic.org/privacy/medical/ ======================================================================= [2] EPIC Calls for Rescission of FBI Wiretap Notice ======================================================================= As reported in EPIC Alert 2.12, the FBI is proposing that the nation's telephone network be made capable of permitting the simultaneous surveillance of up to one percent of the system's "engineered capacity" by the end of 1998. In the wake of substantial public controversy, EPIC has called for the rescission of the FBI's proposal and Congressional hearings on the issue. In formal comments submitted in response to the Bureau's October 16 Federal Register notice, EPIC argues that 1) the notice fails to comply with the notification and public accountability provisions of the Communications Assistance for Law Enforcement Act; and 2) the Bureau's proposed capacity requirements are not supported by adequate documentation. For these reasons, EPIC urges the FBI to rescind the initial notice and issue revised capacity requirements that comport with the statute's mandate. EPIC notes that the FBI notice has "already engendered a great deal of public confusion concerning the Bureau's proposed requirements and their impact on the privacy of personal communications," and calls for the release of the following information: * the actual number of communication interceptions, pen registers, and trap and trace devices that the Bureau estimates will be needed by the end of 1998; * the actual number of communication interceptions, pen registers, and trap and trace devices conducted during the past five years (as opposed to the number of court orders as reported by the Administrative Office of the U.S. Courts); * the highest number of "simultaneous pen register, trap and trace, and communication interceptions" conducted on the "equipment, facilities, or services" of a telecommunications carrier for each of the past five years; and * data concerning the "historical baseline of electronic surveillance activity" and the Bureau's analysis of that data, as referenced in the Federal Register notice. In a letter sent to House Judiciary Committee Chairman Henry Hyde on November 9, EPIC called for Congressional hearings on the Bureau's proposed wiretapping requirements, citing "the apparent confusion concerning the FBI's intentions with regard to implementation of the Communications Assistance for Law Enforcement Act." The text of EPIC's formal comments and letter to Rep. Hyde can be found at: http://www.epic.org/privacy/wiretap/oppose_wiretap.html NOTE: The FBI has extended the comment period on its wiretap proposal until January 16, 1996. Please check the above-listed URL for information on submitting comments. ======================================================================= [3] NY Times Opposes Wiretap Plan ======================================================================= In an editorial on Saturday, November 18, the New York Times also criticized the FBIÕs proposed wiretap plan ("The F.B.I.'s Wiretap Request"). The Times described the recent capacity request set out in the Federal Register on October 16 as "an indefensible bid for vast new wiretapping capability." "Governments always crave more eavesdropping power, but that appetite must be curbed." The editorial continued, "The new estimate of need is scantily supported and raises fears that the FBI may be poised for a major expansion of eavesdropping that could invade the privacy rights of citizens far beyond any legitimate crime control requirements." In response to a common claim made by the Bureau that the judiciary would stand as a bulwark against excessive surveillance, the editorial concluded, "The mere existence of increased capacity will be an invitation to expand wiretapping. If law enforcement needs change in the future, the F.B.I. can try to make the case then for added wiretapping power, always under the strict control of courts and legislatures. But there is no justification for widening the opportunities to conduct electronic spying." ======================================================================= [4] Conservative Groups Split Over On-line Indecency Issue ======================================================================= As a Congressional conference committee continues consideration of telecommunications reform legislation, prominent conservatives are divided over the inclusion of provisions that would criminalize the dissemination of "indecent" material on the Internet. A letter sent to the conference committee by former Attorney General Edwin Meese, Ralph Reed (Christian Coalition), Donald Wildmon (American Family Association), Phyllis Schlafly (Eagle Forum) and other conservative activists urges the adoption of the "strongest possible criminal law provisions" to regulate on-line content. A second letter, signed by representatives of the Progress and Freedom Foundation, the Heritage Foundation, the Cato Institute and the American Enterprise Institute, opposes any federal content regulation and cites the chilling effect on free expression that would result from enactment of the so-called Exon Amendment. Links to sources of up-to-date information on the telecommunications bill, generally, and the indecency provisions, specifically, can be found at: http://www.epic.org/telecom_bill/ ======================================================================= [5] Avrahami Pursues Mailing List Claim ======================================================================= On November 13, 1995, the attorney for Ram Avrahami filed motions opposing an attempt by U.S. News & World Report to block his suit for misuse of his name without consent. Avrahami said that he was not surprised that the magazine was trying prevent from pursuing his claim, but that he was disappointed that there was no substantive arguments for trying to do so. He added that he hoped that at the trial, there will be a real discussion on the merits of the case. The trial date is for November 27. Additional information about the Avrahami case is available at: http://www.epic.org/privacy/junk_mail/ ======================================================================= [6] New Coalition Calls for Examination of Copyright "White Paper" ======================================================================= A new coalition of information consumers, creators and distributors wrote to Congress on November 9 to urge a reevaluation of the Information Infrastructure Task Force's "white paper" on copyright protection. The White Paper has been introduced in both the House and the Senate as the Information Infrastructure Copyright Act (S. 1284 and H.R. 2441).The Digital Future Coalition is calling for caution in enacting the task force proposals into law. The Coalition letter stated that enacting the white paper into law could "impede realization of their goals for a shared digital future: innovation in the information and technology industries, personal privacy in electronic communication, and public access to information resources, as well as appropriate protection for copyrighted content." The Coalition noted that the legal regime envisioned in the White Paper, and reflected in S. 1284 and H.R. 2441, could "invite invasion of the privacy of digital information users (including students and library patrons)." The Digital Future Coalition includes public interest groups, library groups, industry associations and educators and represents over 2.2 million consumers, businesses and organizations. The Coalition is planning to issue several papers on copyright before Congressional hearings in January. The DFC letter to Congress is posted at: http://www.epic.org/privacy/DFC_ltr.txt More information about the Digital Futures Coalition is at: http://guess.worldweb.net/dfc/index.html ======================================================================= [7] International Privacy Newsletters ======================================================================= Several publications provide an international perspective on privacy issues. Privacy Law and Policy Reporter. A comprehensive, law-oriented overview of privacy developments in NZ and Australia. Recent coverage includes the EU Data Directive. 10 issues/year. Level 11, Carlton Centre, 55-63 Elizabeth Street, Sydney, NSW 2000, Australia. 61-2-221-6199 (tel) 61-2-221-5923 (fax). Cost: $AZ 365. General Editor: Graham Greenleaf Transnational Data and Communications Report. Bimonthly overview of privacy, data protection, telecommunications and information access. P.O. Box 10528, Burke VA 22009-0528. Cost: $280/year. Editor: Russell Pipe. Privacy Laws and Business. A quarterly overview of privacy issues in Europe. Focuses on regulatory and data protection from a business perspective. Country-specific reports and special services available. 3 Central Avenue, Pinner, Middlesex HA5 5BT United Kindgom. 44-81-866-8641(tel). Cost: $UK 240/year. Editor: Stewart Dresner. International Privacy Bulletin. Published quarterly by Privacy International. The IPB covers international trends and new technologies. Each issue also includes reports from different countries and reviews of new publications. 666 Pennsylvania Ave, SE #301, Washington, DC 20003. +1 202 544-9240 (tel) +1 202 547 5482 (fax). Cost: $75/year individuals, $125/year Libraries/Govt. Agencies, $200/year Commerical organizations. Editor: David Banisar. For a comprehensive guide to privacy resources, check out: http://www.epic.org/privacy/privacy_resources_faq.html ======================================================================= [8] Upcoming Privacy Related Conferences and Events ======================================================================= IN THE NEWS THIS WEEK: Denise Nagel of the Coalition for Patient Rights discusses problems with the Bennett medical privacy bill on NPR Consumer Rights with Direct Marketing On and Off the Internet: Does Junk (e-)Mail Really Byte? November 21. Sponsored by Institute for Computer and Telecommunications Systems Policy. Washington, DC. See http:www.seas.gwu.edu/seas/ictsp/Activities/Seminars/. 11th Annual Computer Security Applications Conference: Technical papers, panels, vendor presentations, and tutorials that address the application of computer security and safety technologies in the civil, defense, and commercial environments. December 11-15, 1995, New Orleans, Louisiana. Contact Vince Reed at (205) 890-3323 or vreed@mitre.org. RSA 6th Annual Data Security Conference: Cryptography Summit. Focus on the commercial applications of modern cryptographic technology, with an emphasis on Public Key Cryptosystems. January 17-19, 1996. Fairmont Hotel, San Francisco. Contact Layne Kaplan Events, at (415) 340-9300, email at info@lke.com, or register at http://www.rsa.com/. The Gathering: The Computer Security Conference with a Difference. February 13-15, 1996. University of Otago, Dunedin, New Zealand. Speakers include Fred Cohen, Chris Goggans, Bruce Schneier, Winn Schwartau, Robert Ellis Smith, and Philip Zimmermann. Computers Freedom and Privacy '96. March 27-30, 1996. Cambridge, Mass. Sponsored by MIT, ACM and WWW Consortium. Contact cfp96@mit.edu or http://web.mit.edu/cfp96/ Conference on Technological Assaults on Privacy, April 18-20, 1996. Rochester Institute of Technology, Rochester, New York. Papers should be submitted by February 1, 1996. Contact Wade Robison privacy@rit.edu, by FAX at (716) 475-7120, or by phone at (716) 475-6643. Australasian Conference on Information Security and Privacy June 24-26, 1996. New South Wales, Australia. Sponsored by Australasian Society for Electronic Security and University of Wollongong. Contact: Jennifer Seberry (jennie@cs.uow.edu.au). Visions of Privacy for the 21st Century: A Search for Solutions. May 9-11, 1996. Victoria, British Columbia. Sponsored by The Office of Information and Privacy Commissioner for the Province of British Columbia and the University of Victoria. Program at http://www.cafe.net/gvc/foi The Privacy Laws & Business 9th Annual Conference. July 1-3, 1996. St. JohnÕs College, Cambridge, England. Contact: Ms. Gill Ehrlich +44 181 423 1300 (tel), +44 181 423 4536 (fax). 18th International Conference of Data Protection and Privacy Commissioners. Sponsored by the Privacy Commissioner of Canada. September 18-20, 1996. Ottawa, Canada. Advanced Surveillance Technologies II. Sponsored by EPIC and Privacy International. September 17, 1996. Ottawa, Canada. Contact pi@privacy.org International Colloquium on the Protection of Privacy and Personal Information. Commission d'acces a l'information du Quebec. May 1997. Quebec City, Canada. (Send calendar submissions to Alert@epic.org) ======================================================================= The EPIC Alert is a free biweekly publication of the Electronic Privacy Information Center. To subscribe, send the message: SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname to listserv@cpsr.org. You may also receive the Alert by reading the USENET newsgroup comp.org.cpsr.announce. Back issues are available via http://www.epic.org/alert/ or FTP/WAIS/Gopher/HTTP from cpsr.org /cpsr/alert/ and on Compuserve (Go NCSA), Library 2 (EPIC/Ethics). ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues relating to the National Information Infrastructure, such as the Clipper Chip, the Digital Telephony proposal, medical record privacy, and the sale of consumer data. EPIC is sponsored by the Fund for Constitutional Government, a non-profit organization established in 1974 to protect civil liberties and constitutional rights. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, email info@epic.org, WWW at HTTP://www.epic.org or write EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. +1 202 544 9240 (tel), +1 202 547 5482 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "The Fund for Constitutional Government" and sent to EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington DC 20003. Your contributions will help support Freedom of Information Act litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and funding of the National Wiretap Plan. Thank you for your support. ------------------------ END EPIC Alert 2.15 ------------------------