[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) GILC Alert

------- Forwarded message follows -------
Date sent:      	Mon, 11 Sep 2000 10:04:54 -0400
From:           	"Christopher Chiu" <cchiu@aclu.org>
Subject:        	GILC Alert
To:             	"GILC announce" <gilc-announce@gilc.org>
Send reply to:  	gilc-plan@gilc.org

GILC Alert
Volume 4, Issue 8
September 11, 2000

Welcome to the Global Internet Liberty Campaign Newsletter.

Welcome to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and
human rights on the Internet. We hope you find this newsletter
interesting, and we very much hope that you will avail yourselves of
the action items in future issues. If you are a part of an
organization that would be interested in joining GILC, please contact
us at <gilc@gilc.org>. If you are aware of threats to cyber-liberties
that we may not know about, please contact the GILC members in your
country, or contact GILC as a whole. Please feel free to redistribute
this newsletter to appropriate forums.

Free Expression
[1] Mainland China "kills" online dissent
[2] DVD ruling endangers free speech
[3] ICANN elections controversy
[4] Online protests of new Korean censorship plan
[5] Domain name decisions spark debate
[6] US mega-blocking bill introduced
[7] Ticketmaster ruling spares weblinks for now
[8] New Russian anonymous email service
[9] Women outnumber men online in US
[10] Singaporean "courtesy" censorship rules
[11] Press companies sue over net cellular content

Privacy and Encryption
[12] US Gov't mum on Carnivore spyware
[13] UK plans corporate and government net tapping
[14] US CALEA ruling mixed on privacy
[15] New Indian surveillance scheme
[16] Japanese net tapping law in effect
[17] TrustE tracked visitors
[18] Survey: Americans worried about privacy
[19] New Spector software spies on users
[20] For sale: student email addresses
[21] Drug websites track users
[22] Wearable computers erode privacy

[1] Mainland China "kills" online dissent
Communist Chinese authorities had previously promised a crackdown on
dissent. Recent events suggest that they are delivering on that

The state-run Xinhua news agency is reporting the development of new
"killing" censorship software. This program targets controversial
material when it is downloaded or viewed on a target computer. After
an initial warning, the software shuts down or "kills" any application
used to view the offending files. The new device also monitors usage
of computers in real time, which allows officials using the program to
actively prevent the viewing of certain materials. Although the
software is supposedly targeted at pornography, Communist officials
previously have used similar products to prevent the spread of
pro-democracy information in cyberspace.

Mainland Chinese officials are also backing up their new technology by
renewing their efforts to hunt down and silence online dissidents.
Jiang Shihua, a high school computer instructor who also owned an
Internet café, was recently arrested for posting several articles on
the Information Superhighway that criticized Communist officials. He
is now charged with "incitement to subvert state power" and faces a
potential ten-year stay in a Chinese labor camp. Earlier in the month,
government agents had shutdown a pro-democracy website,
www.xinwenming.net, and were launching new efforts to clamp down on
unsolicited e-mails, which many human rights groups had used to supply
news and information to readers throughout the country.

These attempts have met with resistance and reproach in a variety of
forms. One group, Human Rights in China (HRIC), went so far as to
duplicate xinwenming.net on its own site, along with a statement from
the original page's authors that denounced Beijing's apparent attempts
at censorship. In the Jiang Shihua case, free speech advocates such as
Robert Menard of Reporters Sans Frontieres (RSF) have excoriated
Communist authorities. Menard argued that this Communist Chinese
attempt to mete out "punishment for expression of a peaceful opinion
is a serious violation of human rights."

For more on Beijing's new "killing" censorship program, read "Bon
Voyage, Voyeurs: New Anti-Pornographic Software Developed," China
Online, August 29, 2000 at

Further information on Censorship in China is available in a special
news bulletin from the Digital Freedom Network (DFN-a GILC member)
under http://dfn.org/Voices/Asia/china/jiangshihua.htm

The HRIC mirror of Xinwenming (in Chinese) is located at

Read "Press Freedom Group Urges Release of Chinese Cyber-Dissident,"
Agence France Presse, August 23, 2000 at
 See also "China To Crackdown On Junk E-Mail Senders," Agence France
August 23, 2000 at

More information is available in "Demanding Release," Reuters, August
23, 2000 at

[2] DVD ruling endangers free speech
A recent decision regarding a controversial DVD-related computer
program may have serious implications for online free speech.

The case centers around DeCSS--a primitive computer program to help
users of the Linux operating system play DVDs on their computers. The
entertainment industry, through the DVD Content Control Association
(DVD CCA) and the Motion Picture Association of America (MPAA), had
sued to prevent Internet users from linking to websites that have
DeCSS. In New York, the motion picture industry is suing 2600
Magazine, which is defended by the Electronic Frontier Foundation
(EFF-a GILC member). Previously, courts in both New York and
California had issued preliminary injunctions that barred computer
users >from posting DeCSS on their websites. Many experts fear that
these actions may stifle free expression in cyberspace.

In his ruling, Judge Lewis Kaplan banned individuals from providing
links to (or publishing) information about the DVD Content Scrambling
System (CSS) on the World Wide Web. Curiously, he compared
dissemination of such programs to "the assassination of a political
figure." Kaplan analogized the work of these researchers who developed
DeCSS and 2600 magazine on the Internet to a "propagated outbreak
epidemic" that came from "a poisoned well" and "spreads >from person
to person." An appeal of the ruling is expected shortly.

Judge Kaplan's ruling is available (in PDF format) under

For a 2600 editorial on the ruling, see

Read David Streitfeld, "Judge Backs Hollywood In DVD Movie Case,"
Washington Post, August 18, 2000, page E1, at

See also Declan McCullagh, "Only News That's Fit to Link," Wired News,
August 23, 2000 at

[3] ICANN elections controversy
The group responsible for the Internet domain name system is facing
criticism that it suffers a democracy deficit.

The Internet Corporation for Assigned Names and Numbers (ICANN) has
issued a complex system for people to run for the Board if they are
not chosen by its official Nominating Committee. Under this system,
hopefuls must submit a list of personal information about themselves
to ICANN, then collect nominations. The number of nominations required
is 2% of the electorate in a given region (e.g. North America) or 20
people, whichever is greater. What is more, would-be candidates must
get endorsements from citizens in at least two countries.

In a related move, the current board has decided to cap the number of
candidates per region. Because ICANN had an official Nominating
Committee pre-select several candidates for each region, this decision
effectively limited the number of ballot slots available for publicly
nominated candidates.

Many observers worry that this complicated scheme will prevent
publicly supported candidates from getting on the ballot. Furthermore,
a number of experts have pointed out that the vast majority of
candidates selected by the Nominating Committee have strong links to
big businesses or government agencies. In the end, considerable doubts
have been raised as to whether the Board members who are eventually
elected will truly be representative of the full Internet community.

For further details, visit the Internet Democracy Project website at

See also David McGuire, "ICANN Official Defends Board
Nominees-Update," Newsbytes, August 2, 2000 at

[4] Online protests of new Korean censorship plan
What do you if the government tries to censor the Internet? Try
organizing a really big online sit-in.

That is apparently what happened in South Korea. The Korean
Information and Communications Ministry has proposed a ratings system
that would force web site creators to label themselves if their
materials could somehow be considered harmful to teenagers. A Ministry
spokesperson explained that once the ratings system was implemented,
troublesome websites could then be blocked off. The agency intends to
submit this bill to the National Assembly within the next few months,
and the entire system could be up and running by the middle of next

Critics have scoffed at this scheme, claiming that it would amount to
de facto government censorship. Chang Yeo-kyong from Internet rights
group Progressive Network noted that these "so-called voluntary
ratings will be reviewed by a government committee, which suggests
government's coercive control over the Internet." Hundreds of enraged
Internet users simultaneously visited the Ministry's home page and
disrupted service for hours, apparently as part of massive "click-in"
protest. Against this backdrop, numerous politicians from the Korean
Democratic Labor Party will oppose the bill when the Assembly begins
considering the proposal this fall.

See "Net users block site to protest rating system," Associated Press,
August 29, 2000, at http://news.cnet.com/news/0-1005-200-2642059.html

[5] Domain name decisions spark debate
Want to set up a protest website? Eager to pay homage to your favorite
city via the World Wide Web? Not so fast.

That's apparently the message being given in a series of decisions
from various intellectual property and domain name arbitrators.
Several months ago, the Internet Corporation for Assigned Names and
Numbers (ICANN) adopted a controversial Uniform Domain Name Dispute
Resolution Policy (UDRP) that many critics charge fails to protect
free speech. Subsequently, in all but two arbitration cases under the
UDRP, corporations have won the rights to domain names of "-sucks"
websites that protest their policies, such as "walmartcanadasucks.com"
(which was awarded to the North American retail giant Walmart).
Another recent ruling, this time from the World Intellectual Property
Organization (WIPO), states that the Barcelona City Council had
"better rights" to the domain name www.barcelona.com than the prior
registrants. In the past, two Spaniards ran Barcelona.com as a tourism
portal, with advertising from Pepper Media. It is not clear why the
City Council did not use some other easily recognizable domain name
(such as "barcelona.gov.es") instead of going to arbitration.

The ruling further fuels concerns over the extent to which WIPO or
ICANN will recognize the free speech possibilities of domain names.
Despite calls to create many more new top-level domains (like ".sucks"
for protest websites), ICANN has instituted "very stringent" criteria
for considering these inquiries. Among other things, ICANN is charging
$50,000 nonrefundable fees from anyone who submits such proposals, as
well as requiring applicants to fill out a series complicated forms.
Moreover, many corporations are taking matters into their own hands by
registering domain names that could be used by protestors. For
example, telecommunications giant Verizon has registered over 700
names (and spent US $50,000), including Verizonsucks.com, in an
apparent attempt to silence its critics.

For more on corporate attempts to register potential protest website
domain names, read David Streitfeld, "Making Bad Names for
Themselves," Washington Post, September 8, 2000, page A1, at

To learn more about UDRP arbitration result statistics, read Gwendolyn
Mariano & Evan Hansen, "Parody sites sucked into cybersquatting
squabbles," CNet News, August 24, 2000 at

For further details on the Barcelona.com controversy, see Louise
Ferguson, "Geographic Domains on Shaky Ground," The Industry Standard,
August 11, 2000 at

More details can be seen under Anick Jesdanun, "Board Accepting Ideas
For New Net Suffixes," Washington Post, August 4, 2000, page E3, at

Additional details on Verizon's mass domain name registration drive,
read Stefan C. Friedman, "Verizon'sreallymad@hackerquarterly.com," New
York Post, August 15, 2000 at http://www.nypost.com/business/9655.htm

See also

[6] US mega-blocking bill introduced
Troubled by various proposals to block content on the Internet? Would
you feel any better if they were combined into one big package?

That is the approach that's been taken in a recent plan being
considered by the United States Congress. The so-called "Children's
Internet Protection Act" is actually an amendment to a Labor-Health
and Human Resources funding bill. This scheme combines several
different filtering plans, and would essentially require high schools
and libraries to include blocking software on all of their computers.
Institutions that refused to do so (or implement policies to that
effect) would receive federal funding.

Educators and cyberliberties groups have savaged this omnibus package
because it may severely restrict the flow of information online. The
American Civil Liberties Union (ACLU-a GILC member) bemoaned the fact
that although "a unanimous 1997 Supreme Court decision ruling that
said the Internet should have the same free speech protections as more
traditional media, members of Congress continue to introduce
legislation aimed at censoring free speech on the web." Moreover, the
ACLU expressed fear that these new plans "could prevent students
without home computers from realizing the full potential of
information available on the Internet. Because they can be so
restrictive and overreaching, blocking programs significantly reduce
the amount and diversity of speech and information available to
individuals." Similar concerns were expressed by the Center for
Democracy and Technology (CDT-a GILC member).

For the text of this bill (in PDF Format), visit

To see an ACLU action item regarding recent Congressional filtering
legislation, visit http://www.aclu.org/action/blocking106.html

[7] Ticketmaster ruling spares weblinks for now
Should it be a crime to tell people where to find information on
another website?

The answer is apparently not clear, based on developments in a recent
case. Ticketmaster Online-City Search Inc. had sued a rival,
Tickets.com, for providing weblinks to pages inside Ticketmaster.com,
rather than Ticketmaster.com's frontpage. According to one lawyer for
Ticketmaster, the actions of Tickets.com constituted "an unlawful
trespass on our personal property." In spite of the apparently
anachronistic nature of this lawsuit, a Federal judge refused to throw
out the case; however, the court also refused to issue a preliminary
injunction that would force Tickets.com to stop their practices

Many experts are concerned that a ruling in favor of Ticketmaster
might make it harder to find things along the Information
Superhighway, as well as curtailing freedom of expression. In
particular, these observers fear that such a decision might severely
crimp the operation of search engines (such as Google and Yahoo) or
news websites that provide links to additional background information.

For more information, read Steven Bonisteel, "Ticketmaster Gets
Setback In 'Deep-Linking' Suit," Newsbytes, August 15, 2000 at

To read the court's decision not to grant a preliminary injunction,

[8] New Russian anonymous email service
It may be getting easier for Russians to speak freely online.

Quickmail.ru is a new Russian language service that provides users
with web-based e-mail access. What makes the service special is that
it doesn't require people to log in, register or otherwise personal
information about themselves-they can simply go to the site and
starting typing. While users can't receive messages through Quickmail,
they can send messages to any e-mail address and talk about any
subject. Moreover, as one spokesperson explained, the system was
designed to be "convenient," adding that his company "worked on the
principle of doing good for the majority."

Quickmail is just one of several new technologies from around the
world (including a new AT&T project called Publius) that may help
online dissidents, whistleblowers and other concerned citizens make
their voices heard without fear of reprisals or censorship. Yet
despite the potential benefits of Quickmail, rival Internet companies
have threatened to block any messages from the service, based on
purported concerns over "incorrect use."

Read Melissa Akin, "New E-Mail Invites Excesses," St. Petersburg
Times, August 8, 2000 at

See also John Borland, "AT&T vows no censorship on new network," CNet
News, August 7, 2000 at

[9] Women outnumber men online in US
The majority of American Internet users are women, not men.

That's the conclusion of a new report from Media Metrix and Jupiter
Communications. The report, based on statistics collected this past
May, found that 50.4% of Internet users in the United States were
women.  This is a vast increase from 1996, when women only constituted
38% of the American Internet population. The jump was especially large
among girls from 12 to 17 years old, where percentage of users rose by
126 percent. Many of these teenage cybernauts were apparently drawn by
content or expression-based websites, including webpages that provided
interesting news articles or music. Moreover, according to Media
Metrix Analyst Anne Rickert, "This is definitely not a one-time
outnumbering of men. It's a trend that suggests women are favorably
positioned for further growth in the years to come."

See Leslie Walker, "Teen Girls Help Create Female Majority Online,"
Washington Post, August 9, 2000, page E3, at

[10] Singaporean "courtesy" censorship rules
Be polite while you're on the Internet, or else...at least if you're
in Singapore.

The official Singapore Courtesy Council has issued stringent rules in
the past regarding many types of conduct, including telling people to
immediately remove crying children from movie theaters. Now the
Council has promulgated codes of conduct for Internet users. The
Council lambasted people who use "rude" language, "use short forms and
do not address people properly." The agency is also looking at ways to
promote self-censorship in order to discourage "vulgar" speech.

These warnings are further evidence of efforts by Singaporean
authorities to restricting online expression. A recent United States
government human rights audit noted that the Singaporean leadership
"does not classify regulation of the Internet as censorship, the SBA
[Singapore Broadcast Authority] directs service providers to block
access to web pages that, in the Government's view, undermine public
security, national defense, racial and religious harmony, and public
morals." In addition, officials in Singapore have often used such
concerns as a pretext to conduct widespread secret surveillance on
ordinary Internet users.

Read "Mind your p's and q's on Net," The Straits Times, August 8, 2000
at http://straitstimes.asia1.com.sg/singapore/sin14_0808_prt.html

To read the latest U.S. State Department Human Rights Report on
Singapore, click

[11] Press companies sue over net cellular content
Do you enjoy reading web excerpts of articles from major news
agencies? An upcoming court case may put your habits on ice.

Several major news corporations, including The New York Times Co., the
Cable News Network division of Time Warner, The Washington Post Co.,
and Gannett (which publishes USA Today) are suing GoSMS.com. GoSMS had
taken articles >from websites of these companies and transmitted them
to cellular telephone users, 160 words at a time. The plaintiffs are
alleging copyright and trademark infringement along with a variety of
other claims, including false advertising and unfair competition.

GoSMS chief executive Yuval Golan countered that his company was
"justified" in providing these excerpts to its customers, and noted
that his firm is not making any money from this activity. Moreover,
Golan mentioned that many of cellular phone users had displays with
limited capabilities and would not have been able to read the
plaintiffs' web articles without a service similar to GoSMS.

See "News firms sue over wireless access to content," Associated
Press, August 8, 2000 at

[12] US Gov't mum on Carnivore spyware
The United States government is dragging its feet in providing details
on one of its newest surveillance schemes.

That's what many privacy advocates are saying as they seek information
about Carnivore. Carnivore is a device that is attached to the server
of a given Internet service provider. This device intercepts all
Internet transmissions that come through the server, then parses out
pertinent material, based on chosen keywords. The US Department of
Justice (DoJ) has confirmed that Carnivore can monitor private e-mail
messages as well as activity on the World Wide Web and in chat rooms.
The US Federal Bureau of Investigations (FBI) then decides which
particular communications it believes it is entitled to review.

The revelations about Carnivore sparked considerable public concern
over the system's potential privacy ramifications. In a recent hearing
before the US Senate Judiciary Committee, James Dempsey from the
Center for Democracy and Technology (CDT-a GILC member) argued that
"as a black box controlled by the FBI and inserted into the network of
an Internet service provider to search through thousands or millions
of messages, including those of innocent people, Carnivore is not the
right solution." Dempsey added that "Carnivore is the latest in a
series of wake-up calls about the perils facing personal privacy in
the digital age." Similar concerns were voiced at a House subcommittee
hearing held later that day by Gregory Nojeim of the American Civil
Liberties Union (ACLU-a GILC member) and Marc Rotenberg of the
Electronic Privacy Information Center (EPIC-a GILC member).

In addition, both EPIC and the ACLU have filed Freedom of Information
Act (FOIA) requests for more details on the Carnivore system. After a
Federal judge ordered the Department of Justice to formally respond to
EPIC's request, the DoJ sent a cryptic, noncommittal statement
suggesting that it might provide some documents within 45 days and at
successive intervals afterwards. Unsatisfied with this statement, EPIC
filed papers asking a court to force complete disclosure by December
1, 2000.

Meanwhile, the DoJ is soliciting contractors to do an internal review
of Carnivore's privacy implications. However, many observers are
worried that this review will not go far enough in determining whether
Carnivore in itself unlawfully violates the privacy of Internet users.
EPIC General Counsel David Sobel noted: "I don't think any review of
this kind could answer all of the questions that have been raised. If
that's the intention, that this process is going to put all of those
concerns to rest, I don't think it's going to accomplish that. Which
is why we are pursuing our FOIA request as aggressively as we are."

Indeed, a number of colleges have already turned down FBI offers to
perform the review, including the Massachusetts Institute of
Technology (MIT). An MIT spokesperson complained the FBI wanted "a
rubber stamp" that the FBI's entreaty "is not a request for an
independent report."

See Will Rodger, "Carnivore unlikely to be validated," USA Today,
September 5, 2000 at http://www.usatoday.com/news/ndstue06.htm

To read testimony from the September 6, 2000 Senate Committee hearings
on Carnivore, click http://www.senate.gov/~judiciary/wl96200f.htm

To read testimony from the September 6, 2000 House subcommitee
hearings, visit http://www.house.gov/judiciary/cons0906.htm

For further details, see Frank James, "U.S. Seeks University Experts
to Review FBI's E-Mail Probes," Chicago Tribune, August 25, 2000, at
250314 ,FF.html

For the Department of Justice's solicitation for Carnivore reviewers
(in PDF Format), visit

See also "Carnivore Slow to Spill Its Guts," The Industry Standard,
August 17, 2000 at

[13] UK plans corporate and government net tapping
British Internet users may have to watch what they type at work as
well as at home.

The United Kingdom recently adopted the highly controversial
Regulation of Investigatory Powers Act (RIP). The Act essentially
forces Internet Service Providers to build so-called "black boxes"
into their networks, thereby allowing the government to monitor their
customers. The RIP scheme would also allow the British government to
demand private encryption keys, passwords and other such
information-those who refuse to comply may face up to two years in
prison. Not surprisingly, the bill had been lambasted by a wide
spectrum of groups, including Cyber-Rights & Cyber-Liberties UK (a
GILC member), which expressed fears that the RIP proposal (even with
an added Code of Practice) did not sufficiently protect personal
privacy. Similar concerns were expressed by several other GILC
members, including Privacy International and Index on Censorship.
Public debate over the new measure was further fueled by a British
Chamber of Commerce report that suggested the implementation of the
RIP plan would cost an estimated 46 billion pounds (US $69.9 billion).

The British Department of Trade and Industry is now trying to
piggyback additional guidelines that would allow businesses to monitor
their workers. In an attempt to appease employers, the Department has
extended the deadline for suggestions to October 24, 2000. However,
the agency did not provide any details on whether these regulations
would violate the European Human Rights Act, which the British
government is scheduled to sign within a few weeks. In addition, the
Department did not address the many loopholes contained within the
act, which in many cases would allow monitoring of Internet users
without their knowledge.

The full text of the RIP proposal as adopted is available from the
Foundation of Information Policy Research at

For more details on the lawful business practices regulations, read
"UK Delays Work Email Legislation," Reuters, August 25, 2000 at

For further background information, visit the Cyber-Rights &
Cyber-Liberties UK homepage at http://www.cyber-rights.org

[14] US CALEA ruling mixed on privacy
================================================== A recent ruling on
several controversial surveillance standards may strengthen the
privacy of people online.

The case involved the Communications Assistance for Law Enforcement
Act (CALEA), a controversial law enacted in 1994, which requires the
telecommunications industry to design its systems in compliance with
technical requirements from the United States Federal Bureau of
Investigations (FBI) to facilitate electronic surveillance. In
negotiations over the last few years, the FBI and industry
representatives were unable to agree upon those standards, resulting
in a recent ruling by the United States Federal Communications
Commission (FCC). The FCC had approved rules that, among other things,
would enable the Bureau to track the physical locations of cellular
phone users and potentially monitor Internet traffic.

Subsequently, several different groups, including GILC members the
Electronic Privacy Information Center (EPIC), the Electronic Frontier
Foundation (EFF), the Center for Democracy and Technology (CDT) and
the American Civil Liberties Union (ACLU), challenged the decision on
the grounds that the FCC ruling exceeded the requirements of CALEA and
frustrated the privacy interests protected by Federal statutes and the
US Constitution. A US Federal appeals court held that law enforcement
agencies must get a court order or other lawful authorization before
they could use new surveillance capabilities. Indeed, the court held
that the FCC "was simply mistaken" when it interpreted certain
technical standards to expand "the authority of law enforcement
agencies to obtain the contents of communications." The three judge
panel also struck down several provisions of the FCC ruling, including
a section that allow government officials to intercept numbers dialed
after a user had connected through phone lines (which might include
such things as password information and personal identification

This decision casts doubt on several government surveillance
initiatives, including Carnivore--a US government device that
intercepts all Internet transmissions that come through the server,
then parses out pertinent material, based on chosen keywords (see item
12 above). Legal scholars have noted that the court's heightened
protection for personal information would seem to bar Carnivore's
wholesale collection of data.

For further information, read Oscar S. Cisneros, "These Wires Were
Made for Tapping," Wired News, August 14, 2000 at

See also Kalpana Srinivasan, "Court Throws Out Some Wiretapping
Rules," Associated Press, August 16, 2000 at

More details are available in "FCC Ordered to revise digital wiretap
rules," Bloomberg News, August 15, 2000 at

[15] New Indian surveillance scheme
New rules from the Indian government may make it more difficult for
Internet users to protect their privacy.

Under this regime, the official "Telecom Authority shall have full
rights to monitor all the traffic" that comes through cable-based
networks. "The license shall ensure that the bandwidth
provider...gives the complete monitoring rights to the Telecom
Authority." As a part of this plan, the government is imposing yearly
fees of 2,000,000 rupees in order to defray the costs of monitoring.
Oddly enough, Indian officials have even gone so far as to ban voice
communications through the Internet.

This announcement has been met with considerable skepticism. The
burgeoning Indian computing industry is complaining that government
interference will prevent them from making full use of the bandwidth
and hampering growth. These charges are also aimed at official
policies that allowed state-run companies to monopolize numerous
aspects of the Internet service industry. It remains to be seen what
precise effect these regulations will have on privacy in cyberspace.

Read "India unveils rules for private Internet gateways," Reuters,
August 14, 2000 at

[16] Japanese net tapping law in effect
A wide spectrum of groups fear that a new Japanese law will erode
privacy in cyberspace.

The Communications Interception Law, which was passed in 1999, has
finally come into force. Among other things, the new statute allows
Japanese law enforcement officials access to private e-mail accounts
if they are investigating certain types of crime, which can even
include immigration-related offences. The measure had received
negative reviews from many quarters, ranging from opposition party
leaders to computer scientists. Indeed, polls showed that a majority
of the public did not support the bill and feared that the new
standards would have a deleterious effect on individual privacy.

In spite of the bill's passage, many network providers and privacy
groups have continued the fight. Under current Japanese laws,
government agents must include an observer from the company whose
network is being tapped. However, several companies, including NTT
DoCoMo (the country's biggest mobile telecom carrier), are refusing to
send such witnesses. Meanwhile, cyberliberties groups such as Japanese
Net Workers against Surveillance Taskforce (NaST-a GILC member) have
organized public protests asking legislators to repeal the new
statute. NaST (along with several other organizations) recently
submitted a formal petition with 100,000 signatories to the Diet
(Japanese parliament), asking representatives to repeal the new
wiretapping statute.

For further information (in Japanese), visit the NaST homepage at

For English-language details on the new law and the NaST petition,
visit http://www.apc.org/english/news/archive/jca_001.htm

See also Martyn Williams, "Japan's Police Gain Right to Tap Phone,
E-Mail," The Industry Standard, August 15, 2000 at

[17] TrustE tracked visitors
A group that supported industry attempts at privacy self-regulation
apparently tracked computer users through its website.

Over the past few years, TrustE encouraged its corporate partners to
write better privacy policies and has given away seals of approval.
However, a security group named Interhack recently discovered that
TrustE's website was using digital identification files called
"cookies" and tiny images (known as "webbugs") to monitor visitors
online. This practice was not even mentioned in TrustE's own privacy
policy. After a reporter contacted TrustE asking for comments, the
tracking system was discontinued. A spokesperson for the group
admitted that TrustE had allowed a major information and marketing
company, Internet.com, to monitor traffic on its website, but that the
organization "cut all ties with Internet.com so that we could
investigate this further."

This incident cast further doubts as to whether computer companies or
other self-regulatory initiatives can be trusted to protect online
privacy. TrustE had already drawn criticism for failing to withdraw
seals of approval from companies like RealNetworks that had secretly
tracked users. Interhack president Matt Curtin pointed out that TrustE
had "been making a lot of noise about making policy that will protect
privacy, and they have a policy that does not disclose what exactly
they are giving out. They really ought to know better."

For more details, read "Net privacy firm tracked site visitors,"
Associated Press August 25, 2000 at

To see TrustE's privacy policy, click

[18] Survey: Americans worried about privacy
"The vast majority of American Internet users want the privacy playing
field tilted towards them and away from online companies. They think
it is an invasion of their privacy for these businesses to monitor
users' Web browsing."

That is according to a recent report by the Pew Internet & American
Life Project. The study, entitled "Trust and privacy online," found
that a whopping 86% of Internet users want policy that would force
Internet companies to ask them permission before using information
about them (a procedure known as "opt-in"). A majority of the Internet
users surveyed (54%) believe that "Web sites' tracking of Internet
users is harmful because it invades their privacy." Additionally, "94%
of Internet users want privacy violators to be disciplined." A number
of respondents have taken matters into their own hands by providing
false personal information, as well as using encryption and
anonymizing software.

"Trust and privacy online" is available at

[19] New Spector software spies on users
Several new software packages may be jeopardizing Internet privacy.

One of these programs, known as "Spector," secretly takes screen shots
of the monitor on a target computer every few seconds, then saves
these shots for future viewing. Spector can capture a whole host of
personal information--including passwords, private e-mail messages,
downloaded images, chat room dialogue and financial data--all without
the target individual's knowledge or consent. Even more alarmingly, a
spokesperson for Spectorsoft (which manufactures Spector) said that
sales of the product had risen by 900% over the past year. The
software maker has now introduced a new version (called eBlaster) that
allows easier monitoring from another computer.

The widespread use of these programs has led to several disturbing
developments. For one thing, some people have started to buy and use
this software simply to invade people's privacy; as one aficionado
admitted, "It's kind of like an addiction." Not surprisingly, the
Florida Attorney General's office has launched an investigation to
determine whether Spectorsoft's products violate state privacy laws.

Read Chris Kridler, "Home-spying software prompts investigation,"
Gannett News Service, August 29, 2000 at

For more details, see James Walker, "Cyber-Spying," ABC News (US),
August 21, 2000, at
ture.h tml

See also Libby Copeland, "Cyber-Snooping Into A Cheating Heart,"
Washington Post, August 8, 2000, page C1, at

[20] For sale: student email addresses
Hoping to go to college? You may have to give up your privacy first.

The College Board administers the heavily used Scholastic Aptitude
Test (SAT) to millions of college applicants. Now it is taking the
e-mail addresses it has collected from its test-takers and putting
them up for sale. The Board apparently has already sold other forms of
personal information to a multitude of recipients, including names and
home addresses. As Brad Quin of the College Board crowed, "We're
talking about providing colleges sometimes hundreds and thousands of
names where they're really cultivating first contact." Marketing
companies are also delighted by this move; Brian Niles from
TargetX.com claimed that "Students don't want mail, they want e-mail."

So far, the Board has failed to explain precisely how these applicants
will be able to prevent the dissemination of this personal data, short
of giving up their college dreams. Furthermore, it is highly unlikely
that these students (who must pay service fees simply to take the
test) will receive any compensation for this apparent invasion of

See "Student e-mail addresses up for sale," Associated Press, August
17, 2000, at http://www.msnbc.com/news/447582.asp

[21] Drug websites track users
Looking to find out information on new drug cures? Someone may be
secretly looking over your shoulder.

Pharmatrak Inc. has recently admitted to tracking visitors to several
drug company websites. The Boston-based company did this by using
digital identification files called "cookies" and tiny images (known
as "webbugs"). Pharmatrak has apparently accumulated such extensive
files on users that it can even tell what profession a visitor belongs
to as well as their location and what files they collect. Moreover,
since the company is not technically and advertising service, it falls
within a loophole in a much ballyhooed privacy arrangement that was
recently endorsed by the United States Federal Trade Commission (FTC).

Several experts have savaged this surreptitious monitoring of
individuals online. Richard M. Smith of the Privacy Foundation charged
that Pharmatrak's methods were "all hidden" and were "getting very
close to that line of what nice people don't do." One state attorney
general is threatening legal action, saying that this scheme had
"taken stealth to a new low. It is a classic example of corporate
surveillance." Yet in spite of this criticism, Pharmatrak has
announced plans to step up its spying ways, stating that "[i]n the
future, we may develop products and services which collect data that,
when used in conjunction with the tracking database, could enable a
direct identification of certain individual visitors."

For further details, see Robert O'Harrow Jr., "Firm Tracking Consumers
on Web for Drug Companies," Washington Post, August 15, 2000, page E1,
at http://washingtonpost.com/wp-dyn/articles/A25494-2000Aug14.html

[22] Wearable computers erode privacy
Worried about your privacy online? Imagine if you were actually
wearing your computer.

Blue jeans manufacturer Levi's and electronics manufacturer Philips
have joined forces to create electronic clothing. These suits connect
the wearer to the Internet, and include cellular telephone hookups,
audio players, microphones, headphones and remote control panels.
However, it is not clear whether the designers made any attempt to
preserve the privacy of the wearer. Indeed, a Philips spokesperson
noted that these clothes would allow other people to discover very
personal information about users, including sensitive medical data
such as heart rates.

As it turns out, these devices have even more serious problems besides
the privacy issues. For one thing, the jackets are prone to severe
computer crashes. Worse still, the suits apparently are not
waterproof, and may malfunction if they are worn in the rain or

See "'Techno' clothing hits high street," BBC News Online, August 16,
2000 at

The GILC News Alert is the newsletter of the Global Internet Liberty
Campaign, an international coalition of organizations working to
protect and enhance online civil liberties and human rights.
Organizations are invited to join GILC by contacting us at

To alert members about threats to cyber liberties, please contact
members >from your country or send a message to the general GILC

To submit information about upcoming events, new activist tools and
news stories, contact:

Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004

Or email:

More information about GILC members and news is available at

You may re-print or redistribute the GILC NEWS ALERT

To subscribe to the alert, please send e-mail to

with the following message in the body:
subscribe gilc-announce


------- End of forwarded message -------