[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) GILC Alert

------- Forwarded message follows -------
From:           	Chris Chiu <CCHIU@aclu.org>
To:             	"GILC announce (E-mail)" <gilc-announce@gilc.org>
Subject:        	GILC Alert
Date sent:      	Fri, 26 Oct 2001 14:17:49 -0400

GILC Alert
Volume 5, Issue 7
October 26, 2001

Welcome to the Global Internet Liberty Campaign Newsletter.

Welcome to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and
human rights on the Internet. We hope you find this newsletter
interesting, and we very much hope that you will avail yourselves of
the action items in future issues. If you are a part of an
organization that would be interested in joining GILC, please contact
us at <gilc@gilc.org>. If you are aware of threats to cyber-liberties
that we may not know about, please contact the GILC members in your
country, or contact GILC as a whole. Please feel free to redistribute
this newsletter to appropriate forums.

Free expression
[1] US bill to mandate crippleware
[2] Japanese Net news summary service sued
[3] China Net restrictions grow stronger 
[4] Afghan gov't extends Internet ban 
[5] ICANN pushes Net voting curbs
[6] Australian ruling poses Net speech problems
[7] New NZ copyright plan: DMCA-lite? 
[8] Asian Net defamation bills raise speech issues
[9] More children in South Africa, India go online

[10] New US law weakens Net privacy standards
[11] Plan to give Hollywood hacking powers
[12] Euro surveillance proposals gain momentum
[13] New pro-privacy coalitions formed
[14] Cell phone tracking plans delayed
[15] Carnivore use may be growing
[16] British gov't forces user data logging
[17] Tougher US Net privacy standards now a longshot 
[18] Indonesian cyberlaws delayed

[1] US bill to mandate crippleware
Here's a way to protect intellectual property: force hardware
manufacturers to build in user-restrictive devices, or face criminal

That's the idea behind a new bill that may soon be considered by the
United States Senate. Among other things, the Security Systems
Standards and Certification Act (SSSCA) would require hardware
manufacturers to build copyright protection devices into their
products. Similarly, interactive computer services would have to use
"certified security technologies" before allowing "copyrighted
material or other protected content" from being stored or transmitted
on their networks. The bill would give industrial groups a year or so
to iron out specific standards; otherwise, the Federal government
would step in. In addition, the SSSCA would make it a crime to sell
"any interactive digital device" without copyright control measures,
remove or alter "certified security technology" or to "make available
to the public" any copyrighted material that has had these
technologies removed. Violators could face 10 years in jail and stiff

Many cyber-liberties groups have voiced opposition to the bill,
fearing it will stifle free speech online by preventing individuals
from making fair use of various forms of digital expression. The
Electronic Frontier Foundation (EFF-a GILC member) has started an
anti-SSSCA letter writing campaign, arguing that in the past,
"Congress and the courts have always struck a careful balance between
preserving incentives for authors while ensuring public access to our
cultural heritage. The SSSCA represents an unvarnished attack on this
balanced view of copyright. ... The public would be left with crippled
technologies that permit only the uses that Hollywood unilaterally

The push to mandate so-called "crippleware" has even sparked a
backlash from various industrial heavyweights, such as the Computer
Systems Policy Project (CSPP), a trade group that includes hardware
manufacturers such as IBM, Motorola and Dell.  CSPP executive director
Ken Kay warned that the SSSCA "would be an unwarranted intrusion by
the government into the commercial marketplace. This would freeze
technology ... (and) force government to pick winners and losers."
Similar views were expressed by Intel's Jeff Lawrence, who said that
it would be difficult, if not impossible, to create a single
successful technological measure to prevent piracy, and that it would
be "a mistake to say that there is a magic bullet out there that
someone's trying to invent."

However, several major music companies have already begun to introduce
compact discs that cannot be played on many machines (especially
personal computers) due to special copyright protection schemes. The
list of affected CDs will soon include the latest Nsync album
"Celebrity" and Michael Jackson's new single "Rock Your World."
Indeed, Universal Music Group has recently announced that by early
2002, every one of its CDs will be encoded with user-restriction
routines. Reports indicate there may be over 1 million compact discs
on the market today that are copy-protected or otherwise crippled,
although the biggest record labels have disclosed few details.

This latest development is drawing fierce criticism from users; Jim
Peters from the Campaign for Digital Rights called the move
"underhanded" and noted how "these new modified CD formats are being
introduced secretly, without public knowledge." Peters' organization
has started a leaflet drive in Britain to support the abolition of
overly restrictive copyright measures. Meanwhile, the United States
government has launched an investigation of various entertainment
giants regarding possible "anticompetitive licensing of intellectual
property rights associated with provision of music over the Internet."
Similar concerns are being raised by European Union regulators. 

The full text of the SSSCA is available at

An EFF Alert on the SSSCA is posted under

For the latest details, read John Borland, "Techs broadside
anti-piracy plan," ZDNet News, Oct. 22, 2001 at

See Alex Webb, "New legal assault on US CD copying," BBC News Online,
Oct. 9, 2001 at
0/1589 022.stm

For more on the U.S. government intellectual property anti-trust
investigation, see Anna Wilde Matthews and John R. Wilke, "DOJ expands
online music probe," Wall Street Journal, Oct. 15, 2001 at

Read Jim Hu, John Borland and Rachel Konrad, "New threat to record
labels: the DOJ," ZDNet News, Oct. 19, 2001 at

See also "EU 'threat' over download sites," BBC News Online, Oct. 15,
2001 at
00/160 0064.stm

Read "N Sync fight the CD pirates," BBC News Online, Oct. 3, 2001 at
0/1577 430.stm

See "Universal plans protection for all CDs," Reuters, Sept. 25, 2001
at http://news.cnet.com/news/0-1005-200-7299321.html

Read Steve Gold, "U.K. Digital Activist Group Takes on Copyright Act,"
Newsbytes, Oct. 1, 2001 at

Read "Q&A: Fighting online music piracy," BBC News Online, Oct. 2,
2001 at

See also "Labels plan to copy-proof CDs," Associated Press, Aug. 24,
2001 at
2,00.h tml

For German (Deutsch) language coverage, read Florian Rotzer,
"Weltweiter Ruckgang von verkauften Musik-CDs," Heise Telepolis, Oct.
2, 2001 at http://www.heise.de/tp/deutsch/inhalt/musik/9701/1.html

[2] Japanese Net news summary service sued
Is running an Internet news clippings service illegal?

That's the question being posed by a new case in Japan. The dispute
revolves around Comet Hunter, which regularly sent summaries of
business news items to paying subscribers by email. Afterwards, the
company posted these summaries on its Sokudoku Honpo website that
could be viewed free of charge. Now several copyright holders,
including the Nihon Keizai Shimbun newspaper, are suing Comet Hunter
for copyright infringement. They are asking a Tokyo District Court to
terminate Comet Hunter's news summary program (including both the
email subscription service and the website). They have also requested
an award of nearly 12 million yen in damages.

The plaintiffs' attorneys claim that this is the first Internet
copyright case to be filed in the Land of the Rising Sun. The dispute
raises important free speech issues, particularly with regard to fair
use of copyrighted works.

See "Authors sue Internet operator over copyright," Mainichi Shimbun,
Oct. 18, 2001 at
00c.ht ml

[3] China Net restrictions grow stronger
Mainland China is continuing its war against online critics, both
through criminal prosecutions and new Western-developed technology.

Over the past few weeks, the Chinese government has sent several
people to jail due to their Internet activities. Zhu Ruixiang, for
example, faces three years in prison for forwarding a banned
pro-democracy email newsletter, VIP Reference, to several friends. A
Chinese court had given Zhu a nine-month sentence, but this period was
extended at the behest of local officials. Chinese government agents
have also shut down a number of computer bulletin boards, including
Baiyun Huanghe and Tianya Zongheng, which had previously included
vigorous discussion of various political events.

At the same time, a technology war is brewing over Chinese Internet
content controls. SafeWeb, a company based in California, has signed a
deal with the Voice of America's parent agency to develop systems that
would allow Chinese websurfers to avoid Beijing censor schemes. These
schemes came to the attention of many visitors to the Asia Pacific
Economic Forum summit in Shanghai, who found that they were unable to
visit a number of Western news sites, despite reports that Chinese
authorities had lifted restrictions on accessing such webpages.
Meanwhile, another U.S. company, RSA, is now planning China-specific
user authentication and access controls, which could be used by the
Chinese government to bar access to the Information Superhighway.  

For more on China's apparent continued blocking of news sites, read
Clay Chandler, "China Again Censoring Web," Washington Post, Oct. 23,
2001, page E1 at

See also "BBC News Online blocked at Apec," BBC News Online, Oct. 18,
2001 at
6626.s tm

For more information from Digital Freedom Network (DFN-a GILC member)
on recent jailings of Chinese Net dissidents, click

Further details are also available from Reporters Sans Frontieres at

For more on the closing of Baiyun Huanghe bulletin board, visit the
DFN website under http://dfn.org/focus/china/baiyun.htm

Additional details on the Tianya bulletin board shutdown are available
in "Authorities Chinese Web Sites for Opposition Publications," China
News Digest, Sept. 3, 2001 at

Read Adam Creed, "RSA To Build Chinese Internet Security System,"
Newsbytes, Sept. 19, 2001 at

Additional details on the SafeWeb China initiative are available from
Liu Weijun, "US to Use Internet in Information War with China," China
News Digest, Sept. 1, 2001 at

See also Verne Kopytoff, "Stephen Hsu: CEO says Safeweb plan will help
open China," San Francisco Chronicle, Sept. 4, 2001, page D1 at

[4] Afghan gov't extends Internet ban
The rulers of Afghanistan are at it again.

The Taliban have enlarged their ban on Internet usage to include still
more people, especially foreigners. Previously, the Afghan government
made it illegal for citizens to use the Information Superhighway. Now
Taliban officials have extended this edict to include foreigners, such
as international relief workers. Afghan leader Mullah Mohammed Omar
confirmed that these rules would be enforced by the state Ministry for
the Promotion of Virtue and Prevention of Vice. Government agents are
already scouring the World Wide Web in search of potential offenders,
especially reporters. The Taliban regime has even raided United
Nations offices and threatened to kill U.N. employees if they try to
use computers or communications equipment anywhere in the country.

These measures represent a further setback for efforts to bring
Afghanistan into the Information Age. Severe problems with the
nation's infrastructure (due in part to years of civil war and dire
poverty) had already prevented most Afghanis from going online. These
difficulties are only expected to worsen in the short term, as the
current military conflict with the United States continues.

Read "Taliban Threatens U.N. Techies," Associated Press, Sept. 24,
2001 at http://www.wired.com/news/print/0,1294,47074,00.html

See "Taleban logs whole nation off net," BBC News, Aug. 25, 2001 at

Read Kathy Gannon, "Taliban leader bans internet," Australian IT, Aug.
27, 2001 at
2,00.h tml

[5] ICANN pushes Net voting curbs
The organization charged with managing the Internet domain name system
has shifted its attention to a subject it has rarely

The Internet Corporation for Assigned Names and Numbers (ICANN) has
decided to go forward with its planned meetings in Los Angeles, but
with several important changes. Among other things, the meetings will
focus primarily on the security and stability of the domain name
system. ICANN warned that the "focus of the meetings may well delay
progress on some of the worthy and important initiatives that are
currently underway." 

The warning may be in reference to a controversial draft report
recently issued by ICANN's At-Large Study Committee (ALSC). That
report recommended that voting in ICANN elections should be limited to
people who own domain names and pay membership fees. Currently, ICANN
allows individuals to vote so long as they have a valid email and
postal return address. The committee also recommended reducing the
number of At-Large Board members from 9 (out of 19) to six. In October
2000, the organization had held public elections for 5 of these
At-Large Board seats, and still has not held elections for the other 4
slots yet. 

These suggestions had been met with sharp criticism from several
quarters. This criticism had been bolstered by the findings of a
special Non-governmental organization and Academic ICANN Study group
(NAIS), which stated that the domain name ruling body needed to do
more to facilitate informed public participation in its decision
making. Among other things, the NAIS report argued that ICANN should
have at least as many publicly elected At-Large Directors as those
selected by Supporting Organizations, and that ICANN "membership
should be open to all who express interest by completing a relatively
simple registration process online combined with postal return

Another major issue that had been drawing attention was ICANN's
decision to ban registration of certain geography-related terms within
the new .info top-level domain until its March 2002 meetings in Accra,
Ghana. The ban came despite the recommendations of the World
Intellectual Property Organization, which had previously issued a
report saying that it would be premature to impose intellectual
property type restrictions on such words within the domain name

For more on ICANN's upcoming November 2001 meetings, click

See "Net body targets web security," BBC News Online, Sept. 28, 2001

The ALSC draft report is posted under

For further analysis of the ALSC draft report, read the
Cyber-Federalist No. 11, available at

The NAIS report is posted at

See also Serena Parker, "Panel Debates Internet Issues," Associated
Press, Sept. 9, 2001 at

The text of ICANN's resolution banning geographic term registration is
available at
opolit icalNamesininfo

The aforementioned WIPO report is posted under

Additional details on the ban are available in "ICANN cracks down on
cybersquatters," Reuters, Sept. 10, 2001 at

[6] Australian ruling poses Net speech problems 
A court decision Down Under may have serious cross-border implications
for online speech.

The case involves the U.S. business magazine Barron's, which published
an article accusing an Australian citizen of "a series of offences,
stock manipulations, classic stock scams and frauds and connection
with money laundering." That citizen, Joseph Gutnick, sued Barron's
parent company Dow Jones, claiming that the online publication of the
article made the corporation liable under Australian defamation laws,
which are less protective of free speech than United States standards.

An Australian court agreed with Gutnick and ruled in his favor. In his
opinion, the presiding judge held that Internet speakers should be
held liable under the laws of all nations where the information is
"seen and heard, (i.e. made manifest to) and comprehended by the
reader or hearer." He threw out Dow Jones' claims that it could not be
held responsible for the actions of users in other countries, calling
them "fallacious." He also summarily refused to apply free speech
doctrines to the online world and rejected the idea that the Internet
should be a "defamation-free zone."

Many observers fear that the decision will chill Internet expression
by subjecting online speakers to liability under speech restrictions
from a multitude of nations. Peter Coroneos of the Australian Internet
Industry Association warned: "The presumption now is that when you
post any article on the Internet, you will be required to comply with
the local laws of all the jurisdictions anywhere in the world that it
can be downloaded. That means basically that you can't protect
yourself." Dow Jones has already filed an appeal; the company's vice
president for corporate communications, Steve Goldstein, said that his
firm does "not believe that Australia is an appropriate venue for a
case involving a story that was published in New York."

The trial court ruling is available at

See Kate Mackenzie, "Net defamation ruling appealed," Australian IT,
Sept. 20, 2001 at
2,00.h tml

Read Adam Creed, "Dow Jones Appeals Internet Defamation Decision,"
Newsbytes, Sept. 21, 2001 at

See "Dow Jones Appeals Net Ruling," Associated Press, Sept. 19, 2001
at http://www.wired.com/news/print/0,1294,46986,00.html

[7] New NZ copyright plan: DMCA-lite?
Microsoft is pressuring New Zealand to expand its intellectual
property laws in ways that may undermine free speech on the
Information Superhighway. 

While many details are still forthcoming, Microsoft suggested
"outlawing devices, either mechanical or software-based" that could be
used to circumvent copy protections, even if such products can be used
for noninfringing purposes. In addition, Internet service providers
would be obligated to "take down or block" purportedly infringing
material for fear of liability. The plan would ban even "temporary
copies" of copyrighted material, which might make it a crime merely to
view certain webpages.

The proposed measure is very similar to the controversial United
States Digital Millennium Copyright Act (DMCA). The DMCA has been
derided by many Internet user groups as having a detrimental impact on
freedom of expression. These concerns were heightened in a recent
case, where a Russian programmer, Dmitry Sklyarov, faces several years
in jail after presenting a research paper on electronic book
encryption codes. Fred von Lohmann from the Electronic Frontiers
Foundation (EFF-a GILC member) pointed out: "Copyright owners told us
that they needed the DMCA to stop piracy. Instead, it has been used
against the press, scientists, and computer programmers. We're hoping
that other countries learn from our mistakes, and will think twice
before giving in to the demands of corporate media giants."

An EFF press release regarding the New Zealand copyright proposal is
posted at
a_pr.h tml

Read David McGuire, "EFF Lobbies Against New Zealand Copyright Law,"
Newsbytes, Oct. 23, 2001 at

See "Microsoft seeks copyright changes," New Zealand InfoTech, Oct.
18, 2001 at http://www.stuff.co.nz/inl/index/0,1008,977016a28,FF.html

See Adam Creed, "Microsoft Lobbies For Strict New Zealand Copyright
Rules," Newsbytes, Oct. 17, 2001 at

More information concerning the Dmitry Skylarov case is available from
the Electronic Frontiers Foundation (EFF-a GILC member) under

[8] Asian Net defamation bills raise speech issues
The governments of South Korea and Japan are each pushing plans that
may chill Internet speech.

South Korean officials are in the process of creating a massive
database containing personal information about private Internet users.
The Korean Ministry of Information and Communication claims that this
measure is necessary to protect politicians from insults. Under this
proposal, online speakers could be found, then silenced with greater
ease. This system will be coupled with new guidelines to ban
information that is somehow deemed derogatory, abusive or obscene.
However, many details, including precise criteria that would be used
to determine whether certain speech is actually defamatory, have yet
to be released. 

These moves have raised questions as to whether the plan, if fully
implemented, could be used as a weapon to silence political dissent.
These fears were buttressed by indications from the South Korean
National Police Agency that it would tighten enforcement of
anti-defamation laws on the Internet prior to the country's
presidential elections in 2002. Moreover, the South Korean government
already has increased the penalties for slander and libel: up to 7
years in jail or fines of up to 50 million won. 

Meanwhile, the Japanese government has drafted broadly similar
legislation. The Japanese plan would require Internet service
providers (ISPs), upon complaint, to issue warnings to online critics
and takedown purportedly slanderous material if no response is
received. In addition, ISPs would also have to submit to compliance
monitors selected by the Japanese Ministry of Public Management, Home
Affairs, Posts and Telecommunications. This plan may be considered by
the Diet (Japanese parliament) within the next two weeks.

See "Steps Taken to Crack Down on Cyber Defamation," Korea Times, Oct.
4, 2001 at

The text of the Japanese bill (in Japanese) is posted under

See "Gov't to clamp down on Net providers to protect privacy,"
Mainichi Shimbun, Oct. 16, 2001 at

[9] More children in developing nations go online
Several efforts to bridge the digital divide are beginning to bear

In South Africa, dozens of special "digital villages" are being
created to provide Internet access in rural areas. At the same time, a
number of urban cybercafes have started programs specifically targeted
at youngsters. The proprietor of one such establish explained: "Our
target group are those kids who grow up hearing about the internet who
can't get access to it." Indeed, studies have shown that the majority
of the nation's children (particularly those who live in the
countryside or unprivileged neighborhoods) still have no way of
reaching the online world.

Meanwhile, in India, a number of initiatives have been launched to
allow more people to enter the Information Superhighway. In a special
"hole-in-the-wall" project, computers were placed in some of the
poorest neighborhoods in several key cities, such as Delhi. Within a
short time, numerous children flocked to these units and learned by
themselves how to surf the Internet, even though many of them were
illiterate and had not had any formal computer training. The
experiment, which received funding from government and private
sources, seems to suggest that the digital world could play a crucial
role in improving India's educational standards.

Another idea to bridge the digital divide has been the widespread
introduction of low-cost Internet appliances (called Simputers). Vinay
Deshpade of Simputer Trust said that while his organization's "initial
target is India...if it is applicable in India, it will also be
applicable in the rest of the third world. We have had a tremendous
response from all over the world - from South America to Australia and
every other country in between, including some of the developed
countries." Experts believe that the development of these and other
technologies, such as wireless local loop networks and satellite
Internet radios, will spur the growth of the Information Superhighway
throughout the globe.

For more on local loop technology, click

See Francis Ayieko, "Internet radios aid Africa," Interlink Rural
Information Service, Oct. 19, 2001 at

Read "South Africa's internet generation," BBC News Online, Aug. 28,
2001 at
0/1513 251.stm

For more on the Indian Free Net access project, see "Delhi children
make play of the net," BBC News, Aug. 27, 2001 at

Additional information on Simputers is available in "India's simple
computer for the poor," BBC News Online, Sept. 24, 2001 at

[10] New US law weakens Net privacy standards
The United States government has enacted a new law that greatly
expands government surveillance powers in cyberspace.

Recent terrorist attacks in the United States had led to several
proposals that would enhance the ability of law enforcement officials
to wiretap the Internet. One of these proposals, the Mobilization
Against Terrorism Act (MATA), would have allowed the U.S. government
to make greater use of controversial spy tools such as Carnivore.
Among other things, MATA included provisions that would have applied
loose pen register protections currently in place for such things as
phone numbers and apply them to the Information Superhighway, rather
than requiring law enforcement agents to show probable cause that a
crime is being committed and get a court order. It would also expand
the powers of a secret United States court, created under the Foreign
Intelligence Surveillance Act (FISA), whose procedural protections are
not as strong as those of other tribunals. In addition, MATA would
have provided the government with the ability to break into houses and
conduct secret searches.

However, the proposal lost some momentum partly due to the objections
of privacy advocates. The Electronic Privacy Information Center
(EPIC-a GILC member) issued a detailed analysis of the measure,
calling many of the proposed statutory definitions "vague" and
suggesting that the bill would seriously erode privacy online. For
example, EPIC pointed out that the proposal's application of pen
register standards to the Internet "does not take into account the
unique nature of such information, which contains data far more
revealing than phone numbers." MATA lost further steam, when one of
the primary backers of the bill, United States Attorney General John
Ashcroft, admitted that the bill would not necessarily have prevented
the disasters of Sept. 11, 2001: "It's impossible to say that, had we
had every one of these provisions, we would have prevented this

A committee in the House of Representatives eventually approved a
revised package and included a sunset provision that would end the
government's expanded surveillance powers after two years. However,
these changes failed to assuage the concerns of many
cyberlibertarians, as the measure retained many of MATA's perceived
flaws. The American Civil Liberties Union (ACLU-a GILC member) warned
that the redrafted proposal would still impose a "low threshold of
proof to Internet communications ... For example, it would apparently
apply to law enforcement efforts to determine what websites a person
had visited. This is like giving law enforcement the power - based
only on its own certification -- to require the librarian to report on
the books you had perused while visiting the public library." 

Meanwhile, a similar measure appeared in the United States Senate that
included a number of provisions from MATA that were absent from the
revised House bill, albeit in slightly modified form. For example, the
Senate proposal provided the government with the ability to conduct
secret searches, but did not contain any sunset provision. Despite the
apparent detrimental impact the proposal would have on civil
liberties, the Senate quickly approved the bill with little debate, at
the behest of several key politicians. The House then dropped its own
revised proposal and passed a measure that more closely resembled the
Senate version. Eventually, House and Senate negotiators added a
four-year surveillance power sunset provision while retaining most of
the enhanced government search powers contained within the Senate
bill. This final edition of the bill was approved and took effect
after President George W. Bush signed it. Ashcroft had already
promised that at "[t]he hour it becomes law, I will issue guidance to
each of our 94 U.S. Attorney's Offices and 56 FBI field offices
directing them to begin immediately implementing this sweeping

To read the final version of the bill, click

An ACLU Press Release regarding this final version is available under

For more on Ashcroft's promises of immediate implementation, click

Read "New anti-terror laws for US," BBC News, Oct. 26, 2001 at

For more on the FISA court, see Kelley Beaucar Vlahos, "Secret Court
Goes on Extra Duty," Fox News, Oct. 11, 2001 at

For more of Ashcroft's admission that these measures may not prevent
future terrorist attacks, see Charles Babington, "Don't Expect Quick
Passage of Anti-Terrorism Package," Washington Post.com, Sept. 25,
2001 at

The text of the bill initially approved by the House is available
under http://cryptome.org/patriot-usa.htm

The text of Senate bill is posted at

To see a chart that explains the changes that these bills would have
on existing surveillance laws, visit the ACLU website under

The text of the original Mobilization Against Terrorism Act is posted
at http://cryptome.org/mata.htm

EPIC's analysis of MATA is posted under

[11] Plan to give Hollywood hacking powers
A major music trade group has pushed for new laws that critics have
labeled a "License to Virus."

The Recording Industry Association of America (RIAA) had proposed
amendments to anti-terrorist legislation being considered by the
United States Congress. Among other things, these amendments would
prevent Internet users from suing companies for invading or damaging
their computers, so long as the intrusion was "intended to impede or
prevent the infringement of copyright in such work by wire or
electronic communication." The RIAA's Mitch Glazier explained: "We
might try and block somebody. If we know someone is operating a
server, a pirated music facility, we could try to take measures to try
and prevent them from uploading or transmitting pirated documents." 

Revelations about the RIAA's efforts generated an uproar among many
members of the Internet community. Marc Rotenberg of the Electronic
Privacy Information Center (EPIC-a GILC member) warned that the draft
language, if enacted, "could lead to some really bad outcomes, like a
program purposefully intended to delete MP3s that misfunctions and
erases everything on a disk." A number of academics were also enraged;
Orin Kerr from George Washington University charged that the plan
"would deny victims their right to sue copyright owners and their
agents if they engaged in vigilante justice by hacking or other means
in an effort to block online music distribution." 

This backlash led the Association to shelve its initial plans.
However, Glazier said that his group would submit a revised proposal
within the near future, even while claiming that copyright holders had
the right to attack private computers under current law. Indeed,
reports indicate that Hollywood is developing new software towards
that end, including programs to launch denial of service-type attacks
against private Internet users and peer-to-peer networks.

See Declan McCullagh, "RIAA Wants to Hack Your PC," Wired News, Oct.
15, 2001 at http://www.wired.com/news/print/0,1294,47552,00.html

To read the text of the original RIAA-sponsored amendments, click

Additional details regarding new Hollywood oriented attack software,
read John Borland, "RIAA: We'll smother song swappers," ZDNet News,
Oct. 15, 2001 at

For German (Deutsch) coverage of this story, see Janko Rottgers,
"Kevin Mitnick heimliche Freunde," Heise Telepolis, Oct. 16, 2001 at

[12] Euro surveillance proposals gain momentum
Governments throughout Europe are considering plans that critics say
will severely erode Internet privacy. 

In one development, a panel of Ministers' Deputies from the Council of
Europe has approved a new Convention on Cybercrime. It would require
countries to authorize government agents to install spytools on the
servers of Internet service providers (ISPs) and thereby intercept all
Internet transmissions that come through the servers. The treaty
requires signatory nations to comply with foreign investigators, even
when they are investigating activities that are not crimes on domestic
soil. The Convention, however, does not require countries to enact any
specific procedural protections. 

Many observers have objected to the Convention because it may allow
unnecessary governmental intrusions into cyberspace. The Global
Internet Liberty Campaign had condemned a past draft of the convention
as "a document that threatens the rights of the individual while
extending the powers of police authorities, creates a low-barrier
protection of rights uniformly across borders, and ignores
highly-regarded data protection principles. Although some changes have
been made ... we remain dissatisfied with the substance of the
convention." The treaty will be sent to the CoE's Council of
Ministers, where it is expected to be approved, then sent to certain
individual states for ratification.

Meanwhile, European lawmakers have also shown renewed interest in a
proposal that would allow police to demand user data, including emails
and internet usage, for up to seven years. A gathering of European
Union Justice and Home Affairs ministers are supporting measures that
force network providers to retain such information about their
customers for criminal investigation purposes. These officials also
urged the European Commission to explore the possibility of enacting
new laws to benefit "law enforcement efforts." Indeed, the EC is now
considering broadly worded legislation that would criminalize many
legitimate online activities, such as public protest. For example, one
proposal would treat "interference with an information system"
designed to "seriously altering or destroying the political, economic
or social structures" as a terrorist offense. 

In addition, several European nations (including France and the
Netherlands) are considering new laws that would restrict private
individuals from using computer encryption programs. At the same time,
the German Cabinet has adopted a proposal that apparently will force
telecommunications providers to build surveillance devices into
certain networks, particularly broadband systems.

The text of the new German surveillance proposal (in German/Deutsch)
is posted http://www.ccc.de/CRD/schilyterror1.pdf

More information is available from the Chaos Computer Club (CCC-a GILC
member) in German/Deutsch under http://www.ccc.de/CRD/CRD20011022.html

See Steve Gold, "German Carriers Told To Install Cyber-Snooping Tech,"
Newsbytes, Oct. 25, 2001 at

Read "Berlin to increase internet surveillance," Agence France-Presse,
Oct. 22, 2001 at
bv%5E1 15306,00.html

See Jelle van Buuren, "Dutch government wants to regulate strong
cryptography," Heise Telepolis, Oct. 9, 2001 at 

See also Jelle van Burren, "Hacker or Terrorist? Both," Heise
Telepolis, Sept. 21, 2001 at

For more on French Internet surveillance plans, visit the website of
Imaginons un Reseau Internet Solidaire (IRIS-a GILC member) under

For more on new European surveillance proposals, see

A CoE press release on this subject is posted under

Read Wendy McAuliffe, "International cybercrime treaty gets go-ahead,"
ZDNet UK, Sept. 21, 2001 at

To read two GILC letters concerning past drafts of the Convention,
click http://www.gilc.org/privacy/coe-letter-1200.html

See Brian Krebs, "European Cyber-Crime Treaty Clears Penultimate
Hurdle," Newsbytes, Sept. 20, 2001 at

[13] New pro-privacy coalitions formed
Rising concerns over the possible expansion of government surveillance
powers has fueled the growth of coalitions to protect individual

In the United States, a vast network of non-profit organizations,
academics and computer scientists have banded together to form the In
Defense of Freedom coalition. The goal of this initiative is get
lawmakers to "consider proposals calmly and deliberately with a
determination not to erode the liberties and freedoms that are at the
core of the American way of life." The list of IDOF affiliates
includes several GILC members, such as the Electronic Privacy
Information Center, the Electronic Frontier Foundation, Human Rights
Watch, NetAction, Privacy International, the American Civil Liberties
Union and the Center for Democracy and Technology. 

Meanwhile, seven cyberliberties groups have issued a joint letter
urging the European Council "to refrain from new and extended
communications interception and lawful access powers for police forces
and intelligences services." In particular, the document's authors
noted how government attempts to restrict "the use of cryptography
will negatively affect the security of our communications
infrastructure, further damage trust in our economy, and will restrict
the rights of individuals, without affecting the capabilities of
terrorists." The organizations also urged "European leaders not to
implement legislation that mandates internet and telecommunication
service providers to retain traffic data for law enforcement purposes.
Retention of traffic data will in effect transform our communications
infrastructure into a surveillance system that records intimate
details of the personal life of all citizens." A number of GILC
members participated in this effort, including Bits of Freedom,
Digital Rights (Denmark), Quintessenz, FITUG, the Chaos Computer Club,
and Privacy International. Civil society groups in several other
countries (including France) have issued similar letters.

The letter to the European Council is posted under

See Steve Gold, "European Privacy Groups Lobby EU On Privacy Issues,"
Newsbytes, Sept. 21, 2001 at

The Open Letter to the French Parliament is posted under

The official In Defense of Freedom website is located at
 An ACLU press release regarding the IDOF coalition is posted under

Read David McGuire, "Civil Liberties Groups Rally Against
Anti-Terrorism Law," Newsbytes, Sept. 20, 2001 at

Read Declan McCullagh, "Coalition to Congress: Slow Down," Wired News,
Sept. 19, 2001 at http://www.wired.com/news/print/0,1294,46959,00.html

[14] Cell phone tracking plans delayed
Track people using their cellular telephones? Not so fast.

That's the message being given by several major telecommunications
providers. Previously, the United States government had pushed a plan
known as "Enhanced 911." Under this scheme, mobile phone companies
must install technology allowing government agents to locate cellular
users within 100 meters. The tracking is done by triangulating the
emissions given off by a particular phone between different signal
towers. Service providers who fail to comply with these rules may face
heavy fines.

Consumer advocates are worried that this new tracking scheme will
seriously erode individual privacy. Cheryl Leanza from the Media
Access Project argued that rules must be in place to allow customers
notice and control over the collected data: "It's important for
consumers to have information to know what their options are." Telecom
providers are also questioning the wisdom of this scheme, both because
of the technical difficulties and potential high cost. Although the
government had set an October 1, 2001 deadline for compliance, the
timetable was extended after some 53 cellular phone companies filed
formal requests for extensions.

A press release from the United States Federal Communications
Commission regarding the deadline extension is posted under

Read "Government Oks New Wireless 911 Plan," Associated Press, Oct. 5,
2001 at
770.ht ml

Read Yuki Noguchi, "Cellular Firms Seek 911 Delay," Washington Post,
Sept. 27, 2001, page E5 at

See also Christopher Stern and Yuki Noguchi, "Attacks Renew Calls for
911 System to Locate Cell Phones," Washington Post, Sept. 19, 2001,
page E1, at

[15] E-firms cave to gov't spy demands
In their haste to comply with government demands for personal data,
many Internet companies may have violated their own privacy policies.

After the recent terrorist attacks in New York and elsewhere, the FBI
reportedly pressured several ISPs, asking them to install Carnivore
spyware voluntarily even without a court order. Developed by the
United States Federal Bureau of Investigations (FBI), Carnivore can be
hooked up to the server of a given Internet service provider (ISP) and
intercepts all Internet transmissions that come through the server.
Afterwards, it parses out pertinent material, based on keywords
provided by the administrator. The latest version of the program,
known as Enhanced Carnivore or DCS 1000, uses the Windows 2000
operating system and supposedly includes better filtering and
triggering capabilities as well as greater throughput (presumably to
cope with high-speed broadband networks).

At least one major provider, Earthlink, refused to comply with these
demands, although it did agree to disclose certain details about its
customers. The company's president, Mike McQuary, argued that
"[p]eople have an expectation of privacy when they're using the
Internet on their own computers. We don't tolerate illegal activities
on our networks, and we cooperate with law enforcement, but there's a
balance that needs to be drawn in all of this." It is unclear how many
other companies complied with the FBI's requests, although industry
experts suggest that many small ISPs may already consented. 

Carnivore had already attracted heavy fire from many experts, who
pointed out that the device's lack of an auditing system may allow
government agents to unnecessarily invade the privacy of Internet
users, without fear of reprisal. David Sobel from the Electronic
Privacy Information Center (EPIC-a GILC member) warned: "If not used
properly, Carnivore can be abused and capture the information of
people not named in court orders."

Read Verne Kopytoff, "Eyes on E-Mail," San Francisco Chronicle, Oct.
15, 2001, page G1 at

Read Patrick Anidjar, "FBI scours internet for clues," Agence
France-Presse, Oct. 8, 2001 at
bv%5E1 5306,00.html

See Stefanie Olsen, "Attacks put privacy into focus," ZDNet News, Oct.
2, 2001 at

See Kathy Brister, "Earthlink was willing to help but wouldn't let FBI
search its data," Atlanta Journal-Constitution, Sept. 19, 2001 at

[16] British gov't forces user data logging
The British government wants to know more about what you've been doing
online, even if you're not a terrorist.

Several weeks ago, British government agents forced Internet service
providers to keep data about all of their customers for an indefinite
period. The vaguely worded request apparently made no distinction
between actual suspects and innocent people; indeed, a spokesperson
from Britain's National High-Tech Crime Unit conceded that "We are not
looking for anything in particular." The cited pretext for this move
was to gather possible evidence against collaborators in the September
11 terror attacks. However, there questions as to whether this move
violates the British Data Protection Act, which limits the time period
during which firms can keep such information. Indeed, the request
comes in stark contrast to past assertions from British officials
opposing such data retention plans.

The UK Home Office is now seeking new laws that would mandate the
retention of customer data in a central location for 12 months. The
information to be collected under this proposal would allegedly
include such things as lists of websites that a given individual has
visited. Some experts fear that this altering of current privacy laws
will only be the start of a trend toward massive government intrusion
into cyberspace. Telecom companies are also up in arms over the
proposal; E-Center UK director Will Roebuck said his group is
"concerned about the costs and about what liabilities it will set up
for businesses (that) may have contractual obligations with other
businesses outside the UK that data is to be kept safe and not

See Thorold Barker and Jean Eaglesham, "Surveillance: Businesses to
hold e-mail records for 12 months, Financial Times, Oct. 17, 2001 at
011017 001949

Read "Casting A Cybernet In Hunt For Clues," Associated Press, Sept.
13, 2001 at

[17] Tougher US Net privacy standards now a longshot
Efforts to enact tougher online privacy rules in the United States are
facing new hurdles. 

Several U.S. Congressmen, notably Representatives Cliff Stearns and
W.J. Tauzin, have banded together in an effort to codify existing
levels of privacy protection, instead of raising the bar. The bill,
which is still being drafted, would require websites to post privacy
notices on their websites, but users would have to take the initiative
and notify companies that they do not want to be tracked or have
personal information collected about them. Firms would be allowed to
deny services to people who refuse to divulge sensitive details about
themselves, and would be immune from lawsuits based on privacy policy
violations. The measure would also prevent states from providing
levels of privacy protection that are higher than Federal standards.

These developments come after Timothy Muris, who was recently
appointed as head of the U.S. Federal Trade Commission (FTC),
announced that his agency would seek greater enforcement current
privacy standards rather than push for new laws. The announcement was
notable because before Muris was appointed, the FTC had called on
Congress to pass legislation that would strengthen Internet privacy.
This stance was denounced by some observers; a Forrester Research
study concluded that Muris' refusal to push for new privacy
legislation poured "gasoline on the fires of the privacy debate.
...[A] company that thinks that the FTC's backing off of legislation
means that the issue will go away is sadly mistaken. Instead,
addressing privacy one technology or business practice at a time only
adds to the confusion." 

The text of Muris' speech is posted under

Read Brian Krebs, "Federal Privacy Plans Revealed By House Committee,"
Newsbytes, Oct. 12, 2001 at

For more on the Forrester Research study, read Erika Morphy, "Report:
U.S. Privacy Plan Bad for Business," CRMdaily.com, Oct. 16, 2001 at

See also Carrie Kirby, "FTC chief to drop call for new privacy laws,"
San Francisco Chronicle, Oct. 3, 2001, page D2 at

[18] Indonesian cyberlaws delayed
Attempts to draft new Information technology laws in Indonesia may be
stalled for several years.

Previously, the Indonesian government was putting together a plan that
would have serious implications for online privacy. Although details
were sketchy, the proposal would have set standards for the way
companies handled online personal information about their customers.
The package would also include provisions to target such things as
credit card and digital signature fraud.

However, Indonesia's Minister of Communications and Information,
Syamsul Mu'arif, announced that these plans have since been shelved.
He stated that although "we urgently need the law, we cannot finalize
it immediately as we're lacking 'law drafters' as well as information
technology experts to help ensure the law will be workable."

See Mike Newlands, "Lack of expertise delays Indonesian cyberlaws,"
Total Telecom, Sept. 13, 2001 at

The GILC News Alert is the newsletter of the Global Internet Liberty
Campaign, an international coalition of organizations working to
protect and enhance online civil liberties and human rights. 
Organizations are invited to join GILC by contacting us at

To alert members about threats to cyber liberties, please contact
members from your country or send a message to the general GILC

To submit information about upcoming events, new activist tools and
news stories, contact:

Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004

Or email:

More information about GILC members and news is available at

You may re-print or redistribute the GILC NEWS ALERT freely.

To subscribe to the alert, please send e-mail to

with the following message in the body:
subscribe gilc-announce

------- End of forwarded message -------

To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de