[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

EPIC Alert 2.08



     =============================================================
      
        @@@@  @@@@  @@@  @@@@      @    @     @@@@  @@@@  @@@@@
        @     @  @   @   @        @ @   @     @     @  @    @
        @@@@  @@@    @   @       @@@@@  @     @@@   @@@     @
        @     @      @   @       @   @  @     @     @  @    @
        @@@@  @     @@@  @@@@    @   @  @@@@  @@@@  @   @   @

     =============================================================
     Volume 2.08                                    August 2, 1995
     -------------------------------------------------------------

                         Published by the
           Electronic Privacy Information Center (EPIC)
                          Washington, DC
                          [email protected]
                       WWW http://epic.org


=======================================================================
Table of Contents
=======================================================================
  
 [1] Telecom Bill Update
 [2] New Bill Targets Crypto
 [3] 2600 FOIA Case on Appeal
 [4] National Security Surveillance Increases
 [5] New EPIC Reports Available
 [6] Upcoming Conferences and Events


=======================================================================
[1] Telecom Bill Reaches House Floor
=======================================================================

By the time you read this, the House of Representatives may or may not
have begun consideration of HR 1555, the so-called "telecommunications
reform" bill (the latest estimates are that consideration will begin
on the evening of August 2).  EPIC has joined with a coalition of
public interest organizations in calling for the defeat of this
legislation.  The coalition includes the Center for Media Education,
Computer Professionals for Social Responsibility, Consumer Federation
of America, Media Access Project, People for the American Way Action
Fund, and Taxpayer Assets Project/Consumer Project on Technology.  In
a joint statement issued on July 31, the coalition says of the
legislation:

     Specific provisions will directly affect the Internet.
     Users have been actively opposing one Senate provision
     to ban all "indecent" communications on computer networks.
     Given the overwhelming Senate support for that measure,
     there is substantial risk that any version of the
     telecommunications bill will contain content restrictions
     of some sort.

     Not only will any version of this legislation probably
     regulate content on the Internet, it will certainly
     eliminate many important economic safeguards against market
     power and abuse. The very competitive market that exists
     for Internet service providers should be emulated for phone
     and cable companies. Yet the legislation encourages greater
     monopoly control over all communications services.

Related developments:

* In a statement released on July 31, President Clinton announced his
intention to veto the current version of the telecommunications bill
pending in the House.  The White House statement noted that, "Instead
of promoting open access and diversity of content and viewpoints, [the
bill] would allow fewer people to control greater numbers of
television, radio and newspaper outlets in every community."

* The status of the "Communications Decency Act," which is included in
the telecommunications bill passed by the Senate, is unclear in the
House.  Although the so-called "Exon amendment" language is not
currently contained in the House legislation, it is anticipated that
advocates of Internet censorship will attempt to attach the CDA to the
telecom bill on the House floor.  For updated information, check the
Voters Telecommunications Watch (VTW) home page at
http://www.panix.com/vtw/exon/exon.html.

* The following materials are now available at the EPIC home page,
http://www.epic.org/telecom_bill/

     The full text of the public interest coalition statement,
     including an analysis of the legislation and Congressional
     contact information;

     The White House statement on the House legislation;

     The "managers' report" on the legislation, describing
     the current version of the bill;

     The latest version of the VTW alert on the Communications
     Decency Act Internet censorship provisions.


=======================================================================
[2] New Bill Would Outlaw Non-Escrowed Encryption
=======================================================================

On June 27, Sen. Charles Grassley (R-Iowa) introduced the
"Anti-Electronic Racketeering Act of 1995."  The legislation addresses
a broad array of Internet-related issues, including encryption.  Under
the heading of "Racketeering-related crimes involving computers," the
bill would, in effect, criminalize the distribution of all encryption
software over the Internet or other computer networks unless "the
software at issue used a universal decoding device or program that was
provided to the Department of Justice prior to the distribution."

Section 2(h)(1) of S.974 would amend Title 18 of the United States
Code to make it unlawful to:

     distribute computer software that encodes or encrypts
     electronic or digital communications to computer networks
     that the person distributing the software knows or
     reasonably should know, is accessible to foreign nationals
     and foreign governments, regardless of whether such software
     has been designated as nonexportable.

The legislation further provides that:

     [i]t shall be an affirmative defense to prosecution under
     this section that the software at issue used a universal
     decoding device or program that was provided to the
     Department of Justice prior to the distribution.

The legislation is plainly an attempt to mandate the result the
Administration sought to achieve with the failed Clipper Chip
initiative -- ensuring law enforcement access to *all* encrypted
communications through government-escrowed keys.  Requiring
"knowledge" of accessibility to foreign nationals or governments
provides no meaningful protection in a global communications
environment.  Such knowledge can easily be imputed to any person
making encryption software available on the Internet.

Criminalizing such distribution "regardless of whether such software
has been designated as nonexportable," would effectively outlaw the
dissemination of any encryption software that does not provide the
government with escrowed keys or some other backdoor.  As drafted, the
legislation would appear to prohibit the distribution of any program
that contains security features, including Netscape Navigator, various
digital cash applications and even PKZIP.

The Grassley bill was drafted with input from the Department of
Justice, suggesting that the Administration may be moving from the
initial "voluntary" Clipper approach toward mandatory restrictions on
the distribution and use of non-escrowed encryption.  Indeed, FBI
Director Louis Freeh has indicated on several occasions that domestic
uses of encryption will eventually be curtailed.  For instance, Freeh
said in Congressional testimony on May 11, 1995,

     ... we're in favor of strong encryption, robust encryption.
     The country needs it, industry needs it.  We just want to
     make sure we have a trap door and key under some judge's
     authority where we can get there if somebody is planning a
     crime.

The text of the "Anti-Electronic Racketeering Act" can be obtained at
http://www.epic.org/crypto/s974.txt.

EPIC will continue to monitor the progress of this legislation and
will be posting analyses of its other draconian provisions, including
those dealing with computer crime, distribution of copyrighted
material and searches and seizures of computer systems.


=======================================================================
[3] Appeals Court to Decide "2600" FOIA Case
=======================================================================

The wheels of justice turn slowly ...

In November 1992, a group of young people affiliated with the computer
magazine "2600" were confronted by mall security personnel, local
police officers and several unidentified individuals in the Pentagon
City shopping mall in Virginia.  The group members were ordered to
identify themselves and to submit to searches of their personal
property.  Their names were recorded and some of their property was
confiscated.

Computer Professionals for Social Responsibility (CPSR) filed suit in
federal court in early 1993 seeking the release of relevant Secret
Service records under the Freedom of Information Act.  The litigation
of the case is being handled by EPIC.

In July 1994, U.S. District Judge Louis Oberdorfer ordered the Secret
Service to release the vast majority of documents it maintains on the
incident. The government appealed that decision and the appeal is now
pending. In a recently filed brief, EPIC and CPSR argue that the
withheld documents demonstrate Secret Service misconduct and that the
FOIA exemptions cited by the agency do not apply.

The Pentagon City incident has been described as an example of
over-zealous law enforcement activities directed against so-called
computer "hackers."  The case raises significant issues of free speech
and assembly, privacy and government accountability.  Oral argument
before the U.S. Court of Appeals for the District of Columbia Circuit
is scheduled for September 14, 1995.  A copy of the CPSR/EPIC brief
can be found at:

      http://cpsr.org/cpsr/computer_crime/2600_brief_6_95.txt


=======================================================================
[4] Secret Court Surveillance Orders Increase, New Chief Judge Chosen
=======================================================================

According to Justice Department documents, orders for "national
security" electronic surveillance increased in 1994 over the previous
year.  576 orders for "national security" electronic surveillance were
approved in 1994, an increase of 65 orders over the previous year but
still lower than previous peak years of 1984 and 1991.

No requests for surveillance were denied or modified. Since its
inception in 1979, the Foreign Intelligence Surveillance Court (FISC)
has never turned down a request for an electronic surveillance order.

The secret court was created by the Foreign Intelligence Surveillance
Act of 1977.  Last year, the FISC's jurisdiction was expanded to
include authorizing physical searches of premises in "national
security" cases.

FISA Orders 1979-1994

1979 - 207    1980 - 322    1981 - 433    1982 - 475   
1983 - 549    1984 - 635    1985 - 587    1986 - 573   
1987 - 512    1988 - 534    1989 - 546    1990 - 595   
1991 - 593    1992 - 484    1993 - 509    1994 - 576

-------------

A new leader was recently named for the court.  U.S. District Court
Judge Royce C. Lamberth has been chosen to be the chief judge.
Lamberth replaces US District Court Judge Joyce Hens Green, whose term
expired earlier this year.  Members of the FISC are chosen by Chief
Justice William Rehnquist and serve seven year terms.

Lamberth was originally appointed to the U.S. District Court by
President Ronald Reagan in 1987.  Prior to his appointment, he was
Chief of the Civil Division of the U.S. Attorney's Office in
Washington, D.C. In 1993, he ruled against CPSR in its attempt to
obtain classified documents relating to the development of the Digital
Signature Standard.

Other court members are Wendell A. Miles, Western District of
Michigan; Ralph Thompson, Western District of Oklahoma; Charles
Schwartz, Eastern District of Louisiana; Earl H. Carroll, District of
Arizona; James C. Cacheris, Eastern District of Virginia; and John
Keenan, Southern District of New York.


=======================================================================
[5] Updated EPIC Reports Available
=======================================================================

EPIC has released updates of two of its reports:

EPIC Online Guide to Privacy Resources.  A comprehensive list of
privacy organizations, publications, newsgroups, mailing lists,
netsites and conferences related to privacy.  Updated August 1, 1995.
HTTP://www.epic.org/privacy/online_guide_faq.txt

Overview of 104th Congress - Electronic Privacy and Civil Liberties
Legislation.  A comprehensive listing of all legislation currently
pending in Congress that affects privacy and civil liberties.
Includes a brief overview, bill number, and status of each bill.
Updated August 1, 1995.
HTTP://www.epic.org/privacy/legislative_update.txt


=======================================================================
[6] Upcoming Privacy Related Conferences and Events
=======================================================================

DEF CON III. August 4-6, 1995. Las Vegas. Major hacker conference.
Contact: [email protected] or http://dfw.net/~aleph1/defcon

Surveillance Expo '95. August 8-10. Mclean, Virginia. Sponsored by
Ross Engineering. Contact Jim Ross. 703-318-8600.

Advanced Surveillance Technologies. Sept. 4, 1995. Copenhagen,
Denmark. Sponsored by Privacy International and EPIC. Contact
[email protected] or HTTP://www.privacy.org/pi/conference/

17th International Conference of Data Protection and Privacy
Commissioners. September 6-8, 1995. Copenhagen, Denmark. Sponsored by
the Danish Data Protection Agency.  Contact Henrik Waaben, +45 33 14
38 44 (tel), +45 33 13 38 43 (fax).

InfoWarCon '95. September 7-8, 1995. Arlington, VA. Sponsored by NCSA
and OSS. Email: [email protected]

"Managing the Privacy Revolution." Privacy & American Business. Oct.
31 - Nov. 1, 1995. Washington, DC.  Speakers include C.B. Rogers
(Equifax). Contact Alan Westin 201/996-1154.

11th Annual Computer Security Applications Conference: The conference
includes technical papers, panels, vendor presentations, and tutorials
that address the application of computer security and safety
technologies in the civil, defense, and commercial environments.
December 11-15, 1995, New Orleans, Louisiana. Contact Vince Reed at
(205)890-3323 or [email protected]

1996 Computers, Freedom and Privacy Conference. March 27-30, 1996.
Cambridge MA. Sponsored by MIT.  Contact: [email protected] or
http://web.mit.edu/cfp96.

               (Send calendar submissions to [email protected])


=======================================================================

The EPIC Alert is a free biweekly publication of the Electronic
Privacy Information Center.  To subscribe, send the message:

    SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname

to [email protected]  You may also receive the Alert by reading the
USENET newsgroup comp.org.cpsr.announce.

Back issues are available via http://epic.org/alert/ or
FTP/WAIS/Gopher/HTTP from cpsr.org /cpsr/alert/ and on Compuserve (Go
NCSA), Library 2 (EPIC/Ethics).


=======================================================================

The Electronic Privacy Information Center is a public interest
research center in Washington, DC.  It was established in 1994 to
focus public attention on emerging privacy issues relating to the
National Information Infrastructure, such as the Clipper Chip, the
Digital Telephony proposal, medical record privacy, and the sale of
consumer data.  EPIC is sponsored by the Fund for Constitutional
Government and Computer Professionals for Social Responsibility. EPIC
publishes the EPIC Alert and EPIC Reports, pursues Freedom of
Information Act litigation, and conducts policy research on emerging
privacy issues. For more information, email [email protected], WWW at
HTTP://epic.org or write EPIC, 666 Pennsylvania Ave., SE, Suite 301,
Washington, DC 20003. (202) 544-9240 (tel), (202) 547-5482 (fax).

The Fund for Constitutional Government is a non-profit organization
established in 1974 to protect civil liberties and constitutional
rights.  Computer Professionals for Social Responsibility is a
national membership organization of people concerned about the impact
of technology on society.  For information contact: [email protected]

If you'd like to support the work of the Electronic Privacy
Information Center, contributions are welcome and fully
tax-deductible.  Checks should be made out to "The Fund for
Constitutional Government" and sent to EPIC, 666 Pennsylvania Ave.,
SE, Suite 301, Washington DC 20003.

Your contributions will help support Freedom of Information Act
litigation, strong and effective advocacy for the right of privacy and
efforts to oppose government regulation of encryption and funding of
the National Wiretap Plan..

Thank you for your support.

------------------------ END EPIC Alert 2.08 ------------------------



_________________________________________________________________________
Subject: EPIC Alert 2.08
_________________________________________________________________________
David Banisar ([email protected])        *  202-544-9240 (tel)
Electronic Privacy Information Center   *  202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301     *  HTTP://epic.org
Washington, DC 20003                    *  ftp/gopher/wais cpsr.org