Volume 3.04 February 16, 1996
 Federal Court Enjoins Internet "Indecency" Provision -- ACLU, EPIC, and Others Score Partial Victory in CDA Challenge  Still Missing: FBI Wiretap Data  Marc Klaas Endorses EPIC Letter to FTC  Congress Sets Date for Votes on Terrorism, ID Card Bills  Privacy Files Abstracts Available Online  Economist Calls for New Privacy Laws  New Items at EPIC Web page  Upcoming Conferences and Eventss
 Federal Court Enjoins Internet "Indecency" Provision -- ACLU, EPIC, and Others Score Partial Victory in CDA Challenge
A federal judge in Philadelphia has issued a partial temporary restraining order prohibiting enforcement of the "indecency" provision of the Communications Decency Act (CDA). The judge declined to enjoin those provisions of the Act dealing with "patently offensive" communications. The court agreed with the plaintiffs' claim that the CDA will have a chilling effect on free speech on the Internet and found that the CDA raises "serious, substantial, difficult and doubtful questions." The court further agreed that the CDA is "unconstitutionally vague" as to prosecutions for "indecency." But the court left open the possibility that the government could prosecute under the "patently offensive" provisions. The court has recognized the critical problem with the CDA, which is the attempt to apply the "indecency" standard to on-line communications. Nonetheless, online speech remains at risk because of the sweeping nature of the CDA. The entry of the court order is a strong indication that the "indecency" provision of the legislation that went into effect on February 8 will not survive constitutional scrutiny by a three- judge panel that has been impaneled in Philadelphia. The panel will fully evaluate the constitutional validity of the legislation and consider entry of a permanent injunction against enforcement of the new law. The temporary restraining order (TRO) was issued in a lawsuit filed by the Electronic Privacy Information Center (EPIC), the American Civil Liberties Union and a broad coalition of organizations. EPIC is also participating as co-counsel in the litigation. The court ruling comes in the wake of widespread denunciation of the CDA, which was included in the telecommunications reform bill signed into law last week. According to EPIC Legal Counsel David Sobel, one of the attorneys representing the coalition, "The court's decision is a partial victory for free speech, but expression on the Internet remains at risk. This is destined to become a landmark case that will determine the future of the Internet." Looking ahead to proceedings before the three-judge panel, Sobel said "we are optimistic that further litigation of this case will demonstrate to the court that the CDA, in its entirety, does not pass constitutional muster." EPIC has maintained since its introduction in Congress that the ban on "indecent" and "patently offensive" electronic speech is a clear violation of the free speech and privacy rights of millions of Internet users. Comprehensive information on the CDA lawsuit, including the decision on the TRO and plaintiffs' brief, is available at: http://www.epic.org/free_speech/censorship/lawsuit/
 Still Missing: FBI Wiretap Data
Last October, the FBI published a "wiretap capacity notice" pursuant to the controversial Digital Telephony legislation enacted in late 1994 (codified as the Communications Assistance for Law Enforcement Act [CALEA]). In its notice, the Bureau announced its intention to mandate the re-design of the nation's telephone network to facilitate the simultaneous interception of as many as one percent of all active calls. The FBI notice claimed that the proposed requirements were supported by baseline data concerning past wiretapping activity and an analysis of that information, but the Bureau did not make that material publicly available. Senator Patrick Leahy requested the data and EPIC submitted a Freedom of Information Act request for its public disclosure. On February 9, Sen. Leahy released an FBI paper titled "Information Concerning Implementation of the Communications Assistance for Law Enforcement Act." The document purports to describe the methodology used by the FBI in formulating its wiretap capacity requirements, but fails to provide the baseline data requested by Sen. Leahy and EPIC. Noting the absence of this information, the Bureau states that "although we examined past electronic surveillance activity and utilized certain key pieces of information derived therefrom ..., no 'document,' as such, was ever created. Similarly, the factors utilized in our analysis were never compiled into a document." The FBI does, however, claim that additional information will be forthcoming: Nonetheless, because of the interest and the misunderstandings that have been associated with this matter, we currently are in the process of preparing two methodology documents which will explain our capacity notice efforts in greater depth. The first document will describe the process used to collect historical electronic surveillance information. The second document will describe the analysis used in developing the Initial Capacity Notice, as well as the Final Capacity Notice. EPIC believes that the release of the underlying wiretap data is vital to informed public participation in the public comment process on this unprecedented and controversial FBI proposal. Unfortunately, the FBI has been less than forthcoming with respect to its implementation of CALEA. As with the baseline wiretap data, the Bureau failed to release a report on wiretap expenditures on November 30 of last year, as CALEA requires. Senator Orrin Hatch, chairman of the Senate Judiciary Committee, recently advised EPIC that he has taken up the matter with the FBI and expects the expeditious release of the report. Relevant materials, including the recently released FBI methodology paper, EPIC's comments on the proposed wiretap capacity requirements and EPIC's letter to Sen. Hatch concerning the FBI's failure to release its wiretap expenditures report, are available at: http://www.epic.org/privacy/wiretap/
 Marc Klaas Endorses EPIC Letter to FTC
Marc Klaas, father of California kidnap/murder victim Polly Klaas, sent the following letter to the Federal Trade Commission in support of EPIC's call for a thorough investigation of the direct marketing industry. Mr. Klass also recently announced the "Klaaskids" Internet website, designed to become the definitive Internet resource on children's protection issues. The website recorded more than 250,000 "hits" or selections by on-line users Tuesday, the first day it was activated. The "Klaaskids" net address is: www.klaaskids.inter.net. The website will feature a section where Klaas will provide commentary on trial proceedings. Another section will feature the latest news on the "Kids Off Lists" campaign to remove names of children from Donnelley/Metromail and any other commercial databases.] ---------------------- MARC KLAAS FOUNDATION FOR CHILDREN February 3, 1996 Commissioner Christine Varney Federal Trade Commission 6th and Pennsylvania Avenue, S.E. Washington, D.C. 20580 Dear Commissioner Varney: I am writing in support of the request by Marc Rotenberg of the Electronic Privacy Information Center for an FTC Investigation of Metromail Corporation's data collection and distribution practices with respect to children. I understand that Metromail has been providing "900 number" and online services allowing strangers to locate children. According to recent news reports, Metromail's sources for the data may have included diapers services, child photography studios, and consumer surveys. Metromail advertisements on the Internet boast of "over 3,200 innovative sources" for information on babies. The company also apparently releases its information on children in a variety of other ways. I have heard that Metromail has defended the online and "900 number" services as legitimate, but was forced to cancel them because of a competitor and the reporters who exposed and publicized these dangerous practices. The company's attempts to blame the whistle-blowers for suggesting ways to misuse the services suggests that the obvious potential threat to children was not already evident to Metromail's management. I recall that this is the same company that has provided highly personal and confidential consumer data to violent criminals for keypunching, and then defended the practices as a way for the criminals to earn some extra money. In light of the Metromail company's un-apologetic stance, the reported cancellation of these two practices does little to dispel my concern about the company's ethics concerning children's safety. I therefore urge you, in my own name and in the name of my foundation, to examine how Metromail has been collecting dossiers on millions of American children, who enters this information into Metromail's databases, how Metromail has been distributing the data, and whether there is any evidence that any children have been stalked or harmed as a result. For example, to start, Metromail's customer list could be compared with a list of convicted stalkers violent felons, and other inmates in the prison system. ... Sincerely, /sig/ Marc Klaas
 Congress Sets Date for Votes on Terrorism, ID Card Bills
The Republican leadership in Congress has set dates for consideration of two key bills that raise serious privacy issues. The House has agreed to vote on the controversial Comprehensive Anti-terrorism Act of 1996 (HR 1710) during the week of March 11-15. The bill increases the ability of the FBI to conduct wiretaps, use illegally obtained wiretaps in court, and access travel, purchase and telephone records without a court order. A previous vote on the bill was delayed after both liberal and conservative members of Congress opposed the bill last year. More information is available at: http://www.epic.org/privacy/terrorism/ The Senate Judiciary Committee has agreed to markup the Immigration Reform Act of 1996 (S. 269/1394) on February 29. The full House will vote on HR 2202, the House version of the legislation, on March 18. The bill creates a national registry of all persons in the United States who are eligible to work. Employers will be required to check this database before any person can be hired. Several Senators plan to introduce amendments to require the creation of a national ID card in addition to the database.
 Privacy Files Abstracts Available Online
Privacy Files provides detailed information about current privacy developments in Canada. A recent issue explored the Supreme Court decision on record confidentiality, Ontario's Bill 26, and the current status of privacy for municipal employees. To receive Privacy Files Abstracts, send the message "Add me to 'Privacy Files Abstracts' list < your name >" to: email@example.com. To subscribe or to receive detailed information about subscription rates, send "Subscription information < your name >" to: firstname.lastname@example.org. More information about Privacy Files is available at E-mail: email@example.com Snail mail: 1788 d'Argenson, Ste-Julie (Quebec) CANADA J3E 1E3 Voice: +1 (514) 922 9151 Fax: +1 (514) 922 9152 Voice (toll free from Canada & US): (800) 922 9151.
 Economist Calls for New Privacy Laws
The Economist magazine called for the adoption of new privacy laws in an editorial published on February 10, 1996. The international news publication warned that new technologies and the growing sale of sensitive data are threatening personal privacy. "Given these technological advances, maintaining the degree of anonymity that people used to enjoy will take regulation," said the London-based publication. The Economist, hardly known for its pro-regulatory stands, recommended that information gatherers be required to gain explicit permission before engaging in subsequent use of personal data. "There is little reason to suppose that market-driven practices will by themselves be enough to protect privacy." The magazine concludes that if regulations are adopted "Companies would collect and resell information more discriminately. And people who cherish their digital privacy would have the means to protect it -- which is as it should be."
 New Items at EPIC Web page
Point Communications has chosen the EPIC web pages as among the "Top 5% of All Web Sites." Point noted that, "EPIC has what may be the best collection of privacy material, from organization Web sites to upcoming conferences ... EPIC's site is simply illuminating." ** New Files ** The EPIC Online Guide to Privacy Resources has been updated to include new sites including the ACLU Online Library, and new sites in Canada and the Netherlands. http://www.epic.org/privacy/privacy_resources_faq.html EPIC has created a comprehensive page of scanned images of formerly unreleased government documents that it has obtained under the Freedom of Information Act. Check out the actual government memos on Clipper, the FBI wiretap proposal and more. http://www.epic.org/open_gov/foia/secrets.html
 Upcoming Conferences and Events
Technologies of Freedom: Blueprints for Action, Feb. 29-March 2, 1996. Washington, DC. Sponsored by the Alliance for Public Technology. Contact: Ruth Holder, firstname.lastname@example.org or http://apt.org/apt/ The Impact of Cybercommunication on Telecommunications, March 8, 1996. New York, NY. Sponsored Columbia University Institute for Tele-Information. Contact: email@example.com or http://www.ctr.columbia.edu/citi/register.html Computers Freedom and Privacy '96. March 27-30, 1996. Cambridge, Mass. Sponsored by MIT, ACM and WWW Consortium. Contact firstname.lastname@example.org or http://web.mit.edu/cfp96/ Conference on Technological Assaults on Privacy, April 18-20, 1996. Rochester Institute of Technology, Rochester, New York. Papers should be submitted by February 1, 1996. Contact: Wade Robison, email@example.com, by FAX at (716) 475-7120, or by phone at (716) 475-6643. IEEE Symposium on Security and Privacy, May 6-8, 1996. Oakland, CA. Sponsored by IEEE. Contact: firstname.lastname@example.org or http://www.cs.pdx.edu/SP96. Visions of Privacy for the 21st Century: A Search for Solutions. May 9-11, 1996. Victoria, British Columbia. Sponsored by The Office of Information and Privacy Commissioner for the Province of British Columbia and the University of Victoria. Program at http://www.cafe.net/gvc/foi Australasian Conference on Information Security and Privacy June 24-26, 1996. New South Wales, Australia. Sponsored by Australasian Society for Electronic Security and University of Wollongong. Contact: Jennifer Seberry (email@example.com). Privacy Laws & Business 9th Annual Conference. July 1-3, 1996. St. John's College, Cambridge, England. Contact: Ms. Gill Ehrlich +44 181 423 1300 (tel), +44 181 423 4536 (fax). Advanced Surveillance Technologies II. Sponsored by EPIC and Privacy International. September 16, 1996. Ottawa, Canada. Contact firstname.lastname@example.org or http://www.privacy.org/pi/conference/ 18th International Conference of Data Protection and Privacy Commissioners. September 18-20, 1996. Ottawa, Canada. Sponsored by the Privacy Commissioner of Canada. (Send calendar submissions to Alert@epic.org)
The EPIC Alert is a free biweekly publication of the Electronic Privacy Information Center. To subscribe, send email to email@example.com with the subject: "subscribe" (no quotes). Back issues are available via http://www.epic.org/alert/
The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues relating to the National Information Infrastructure, such as the Clipper Chip, the Digital Telephony proposal, medical record privacy, and the sale of consumer data. EPIC is sponsored by the Fund for Constitutional Government, a non-profit organization established in 1974 to protect civil liberties and constitutional rights. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, email firstname.lastname@example.org, HTTP://www.epic.org or write EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. +1 202 544 9240 (tel), +1 202 547 5482 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "The Fund for Constitutional Government" and sent to EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington DC 20003. Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and funding of the National Wiretap Plan. Thank you for your support.