1996-09-13 - EPIC Alert 3.16

Header Data

From: “Dave Banisar” <banisar@epic.org>
To: “Cypherpunks List” <cypherpunks@toad.com>
Message Hash: e20ba3ac124656637e716bc00faf8e3792c9edafa5272b2a4af7b8684e1ad497
Message ID: <n1369570236.46432@epic.org>
Reply To: N/A
UTC Datetime: 1996-09-13 01:41:47 UTC
Raw Date: Fri, 13 Sep 1996 09:41:47 +0800

Raw message

From: "Dave Banisar" <banisar@epic.org>
Date: Fri, 13 Sep 1996 09:41:47 +0800
To: "Cypherpunks List" <cypherpunks@toad.com>
Subject: EPIC Alert 3.16
Message-ID: <n1369570236.46432@epic.org>
MIME-Version: 1.0
Content-Type: text/plain



    =============================================================

       @@@@  @@@@  @@@  @@@@      @    @     @@@@  @@@@  @@@@@
       @     @  @   @   @        @ @   @     @     @  @    @
       @@@@  @@@    @   @       @@@@@  @     @@@   @@@     @
       @     @      @   @       @   @  @     @     @  @    @
       @@@@  @     @@@  @@@@    @   @  @@@@  @@@@  @   @   @

   ==============================================================
   Volume 3.16                                 September 12, 1996
   --------------------------------------------------------------

                            Published by the
              Electronic Privacy Information Center (EPIC)
                            Washington, D.C.

                          http://www.epic.org/

=======================================================================
Table of Contents
=======================================================================

[1] White House Proposes Screening of all Airline Passengers
[2] EPIC Testifies on Children's Privacy Bill
[3] House Panel Probes White House Database
[4] Crypto Update
[5] Anonymous Remailer Shuts Down
[6] EPIC Now Accepts First Virtual Contributions
[7] EPIC/PI to Sponsor Conference on Surveillance Technologies
[8] Upcoming Conferences and Events

=======================================================================
[1] White House Panel Endorses Airport "Profiling" System
=======================================================================

In the wake of perceived terrorist threats and the mysterious crash of
TWA Flight 800 in July, a Presidential advisory panel has proposed an
automated system for increased screening and "profiling" of airline
passengers for all domestic and international flights.  In its interim
report sent to President Clinton on September 9, the White House
Commission on Aviation Safety and Security provided few specifics, but
noted that "[b]ased on information that is already in computer
databases, passengers could be separated into a very large majority
who present little or no risk, and a small minority who merit
additional attention."

Details of the profiling system will presumably be withheld from the
public on national security grounds -- a substantial portion of the
Commission's "public" meeting on September 5 was closed to permit the
discussion of "classified" matters.  Nonetheless, the proposed system
appears to raise substantial privacy issues.  The Washington Post
recently reported that under the proposal, "the federal government
would require creation of a computer profiling system that would
examine passengers' bill-paying records, flying habits and much other
data to determine which checked baggage should undergo examination by
sophisticated explosives detection equipment."  The Commission's
initial report also calls for FBI and CIA involvement in the
development of the profiling database.

The theory underlying the profiling proposal appears to be that even
seemingly innocuous bits of personal data can raise the suspicions of
a law enforcement agency.  This point is illustrated by the comments
of an unidentified FBI agent recently quoted in a New York Times
article. Discussing the Bureau's investigation of the bombing of Pan
Am Flight 103 over Scotland, the agent noted that, "Almost everyone on
the plane, almost everyone you ever met, has something that can get
your imagination going.  A recent fight, a divorce, a business deal,
an overseas connection -- when you don't know what you're looking for,
it's easy to see all kinds of possibilities."

EPIC plans to monitor the development of the automated passenger
profiling system under the public oversight provisions of the Federal
Advisory Committee Act, which governs the proceedings of the White
House Commission.

More information, including relevant government documents, is
available at:

     http://www.epic.org/privacy/faa/

=======================================================================
[2] EPIC Testifies on Children's' Privacy Bill
=======================================================================

EPIC Director Marc Rotenberg testified today before the House
Judiciary Committee Subcommittee on Crime in support of the Childrens
Privacy Protection and Parental Empowerment Act of 1996.  The bill
would establish basic privacy standards for organizations that collect
personal information on children and curb recent abuses in the
marketing industry.  The bill is sponsored by Rep. Bob Franks (R-NJ)
and has 46 cosponsors in the House of Representatives.  A similar
measure has been introduced in the Senate by Senator Diane Feinstein
(D-CA).

Rotenberg said that "current practices pose a substantial threat to
the privacy and safety of young people."  He described a recent
incident where a reporter posing as the murderer of Polly Klaas was
able to obtain the ages and address of young children living in the
Pasadena area.  Rotenberg also cited editorials from USA Today and the
Economist favoring privacy legislation as well as public opinion polls
which show that 9 out of 10 Americans object to the sale of personal
data where explicit consent is not obtained.

Recalling the passage of the Family Educational Right to Privacy Act
of 1974, which protects the privacy of student records, Rotenberg said
there was already Congressional recognition of the need to protect
personal information about young children. "No universities have been
shut down because of the Act, but the privacy of children's
educational records is more secure because Congress did not fail to
act when it had the opportunity to establish privacy protection for
young people." #011#Also testifying in support of the bill were Rep. Bob
Franks, children rights advocate Marc Klaas, and Miriam Bell of Enough
is Enough. Marc Klaas also heads the Klaas Foundation for Children
which launched the Kids Off Lists campaign.

Testifying against the bill were representatives from the Direct
Marketing Association, a list broker, a book publisher, and a police
officer from San Bernadino.

More information on the Childrens Privacy bill and kids privacy may be
found at:

   http://www.epic.org/privacy/kids/

The Klaas Foundation for Children is on the web at:

   http://www.klaaskids.inter.net/


=======================================================================
[3] House Panel Probes White House Database
=======================================================================

The General Accounting Office revealed at a hearing of a subcommittee
of the House Committee on Government Reform and Oversight on September
11 that the secret White House database of 200,000 people has
inadequate controls on access. The GAO reported that the database,
this existence of which, was revealed during the Filegate controversy,
does not keep track of what files have been viewed by the 150 White
House staffers who are authorized to access the files.

The database contains 125 different fields of information for each
file. Several thousand files included ethnic and political
information. The GAO did not reveal in its testimony what was
contained in the other fields. According to news reports, the database
was designed to link into other related databases, including the
Secret Service and the Democratic National Committee.

The White House claims that the database is used for a number of
reasons, including, for invite lists for White House events, tracking
correspondence, sending out Christmas cards and other matters.
Congressional Republicans claim that it is more akin to the Nixon
"enemies list."

The database was created by PRC Inc., a company that also creates
databases for the CIA and other intelligence agencies, among other
government agencies.

=======================================================================
[4] Crypto Update
=======================================================================

As the election approaches and Congress scrambles to complete its
agenda before recessing for the year, members are continuing to deal
with cryptography-related issues.

The Senate Commerce Committee delayed its scheduled vote on S. 1735,
the Promotion of Commerce Online in the Digital Era, originally
planned for September 12. The Committee is expected to take up the
measure next week. Members of the Committee have reported receiving a
large number of calls supporting the bill. Individuals interested in
supporting the bill should continue calling members of the Committee.

The House is planning to hold hearings at the end of September to
examine the companion House bill. The hearings were originally
scheduled for September 11 but were delayed due to other legislative
matters.

The White House is also expected to introduce its own legislation next
week. According to reporter Brock Meeks, the legislation will offer
"sweetheart deals" to limited segments of the industry including
financial, health care and insurance sectors who would then agree to
support government key escrow systems. The systems would then become
de facto mandatory.

Internationally, an expert committee of the Organization for Economic
Cooperation and Development is meeting on September 26-27 to review
draft guidelines on cryptography policy. The US has been pressuring
the OECD to adopt its key escrow proposals as an international
standard but has been opposed by other countries and business
representatives.

EPIC will be hosting an international symposium in Paris on September
25, in cooperation with the OECD, to provide an opportunity for
cryptographers, human rights advocates, privacy experts and user
associations to present public concerns about the development of
international privacy guidelines. The event will feature speakers from
more than a dozen countries and includes US cryptographers Matt Blaze,
Whit Diffie, and Phil Zimmermann.

On September 20, oral arguments will be heard in the Daniel
Bernstein's challenge to the constitutionality of export controls in
federal court in San Francisco. Bernstein is arguing that the controls
violate the First Amendment. Judge Marilyn Patel ruled preliminarily
in May that software code is speech protected by the First Amendment

More information on cryptography is available from:

    http://www.epic.org/crypto/


=======================================================================
[5] Anonymous Remailer Shuts Down
=======================================================================

Johann Helsingius, the operator of the anon.penet.fi anonymous e-mail
service has decided to shut down his remailer service because of the
unknown legal protections of privacy on the Internet. He had come
received requests by the Church of Scientology and the Singapore
government demanding to know the identity of some of his users.

In a press release, he said that he hoped to bring the server back up
once the Finnish government enacted new laws protecting privacy of
electronic messages, "I will close down the remailer for the time
being because the legal issues governing the Internet in Finland are
yet undefined. The legal protection of the users needs to be
clarified. At the moment the privacy of Internet messages is
judicially unclear."

A list of remailers and other tools to protect privacy are available
from:

    http://www.epic.org/privacy/tools.html

=======================================================================
[6] EPIC Now Accepts First Virtual Contributions
=======================================================================

Individuals interested in donating or purchasing books from EPIC can
now use the First Virtual system to transfer money to EPIC. Until the
end of 1996, donations of up to $50 will be matched by the Stern
Foundation.  Your support is appreciated and will help make possible
our continued FOIA litigation, privacy advocacy, and web site
development.

More information about supporting EPIC is available at:

   http://www.epic.org/epic/donate.html


=======================================================================
[7] EPIC/PI to Hold Conference on Surveillance 
=======================================================================

The new generation of covert surveillance activities of government
agencies and private companies will be examined at a conference to be
held in Ottawa next week, sponsored by EPIC and Privacy International.

The conference will explore the process of planning and implementation
of the technologies, their operating conditions, and the people and
organizations responsible for instituting them.  The conference will
also examine possible technical, regulatory and legal responses.

A number of former government agents, intelligence experts and
surveillance analysts will gather at the Advanced Surveillance
Technologies II conference on September 16th to discuss the use of
powerful new technologies being used to gather information.

Speakers will include Mike Frost, a former intelligence officer for
the Canadian Communications Security Establishment and author of the
bestseller "Spyworld."  He will discuss the surveillance technologies
used by the CSE and its American counterpart, the National Security
Agency.

The Conference will take place at the Citadel Hotel in Ottawa, Canada.
More information is available on the conference from the Privacy
International Web Page at:

     http://www.privacy.org/pi/conference/ottawa/

=======================================================================
[8] Upcoming Conferences and Events
=======================================================================

"Advanced Surveillance Technologies II."  September 16, 1996.  Ottawa,
Canada.  Sponsored by EPIC and Privacy International. Contact:
http://www.privacy.org/pi/conference/ottawa/ or email pi@privacy.org.

"Privacy Beyond Borders", 18th International Privacy and Data
Protection Conference. September 18-20, 1996.  Ottawa, Canada.
Sponsored by the Privacy Commissioner of Canada. Contact:
jroy@fox.nstn.ca or http://infoweb.magi.com/~privcan/

"Regulation or Private Ordering? The Future of the Internet."
September 20, 1996. Washington, DC. Sponsored by the CATO Institute.
Contact: R. Scott Wallis, (202) 789-5296.

"The Public Voice and the Development of International Cryptography
Policy." September 25, 1996. Paris, France. Sponsored by EPIC.
Contact: rotenberg@epic.org.

"The 2nd International Conference & Exhibit on Doing Business Securely
on the Information Highway." September 30 - October 1, 1996. Montreal,
Quebec, Canada. Contact:
http://www.ecworld.org/Conferences/2nd_Security/ menu.html.

"Managing Privacy in Cyberspace and Across National Borders." October
8-10, 1996. Washington, DC. Sponsored by Privacy and American
Business. Contact: Lorrie Sherwood, (201) 996-1154.

"The Information Society: New Risks & Opportunities in Privacy,"
October 17-18, 1996.  Bruxelles, Belgium. Sponsored by the European
Parliament. Contact: http://www.droit.fundp.ac.be/privacy96.html

"Communications Unleashed - What's at Stake? Who Benefits? How to Get
Involved!" October 19-20, 1996. Washington DC. Sponsored by CPSR and
Georgetown University. Contact: phyland@aol.com.

"19th National Information Systems Security Conference." October
22-25, 1996. Baltimore, MD. Sponsored by NSA & NIST. Contact: Tammy
Grice (301) 948-2067.

"Eurosec'97, the Seventh Annual Forum on Information Systems Quality
and Security." March 17-19. 1997. Paris, France. Sponsored by XP
Conseil.  Contact: http://ourworld.compuserve.com/homepages/eurosec/

             (Send calendar submissions to alert@epic.org)

=======================================================================

The EPIC Alert is a free biweekly publication of the Electronic
Privacy Information Center. To subscribe, send email to
epic-news@epic.org with the subject: "subscribe" (no quotes).

Back issues are available via http://www.epic.org/alert/

=======================================================================

The Electronic Privacy Information Center is a public interest
research center in Washington, DC. It was established in 1994 to focus
public attention on emerging privacy issues such as the Clipper Chip,
the Digital Telephony proposal, national id cards, medical record
privacy, and the collection and sale of personal information. EPIC is
sponsored by the Fund for Constitutional Government, a non-profit
organization established in 1974 to protect civil liberties and
constitutional rights. EPIC publishes the EPIC Alert, pursues Freedom
of Information Act litigation, and conducts policy research. For more
information, email info@epic.org, HTTP://www.epic.org or write EPIC,
666 Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. +1 202 544
9240 (tel), +1 202 547 5482 (fax).

If you'd like to support the work of the Electronic Privacy
Information Center, contributions are welcome and fully
tax-deductible. Checks should be made out to "The Fund for
Constitutional Government" and sent to EPIC, 666 Pennsylvania Ave.,
SE, Suite 301, Washington DC 20003.

Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the
right of privacy and efforts to oppose government regulation of
encryption and funding of the National Wiretap Plan.

Thank you for your support.

  ----------------------  END EPIC Alert 3.16 -----------------------









Thread