[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) GILC Alert


------- Forwarded message follows -------
From:           	Chris Chiu <CCHIU@aclu.org>
To:             	"GILC announce (E-mail)" <gilc-announce@gilc.org>
Subject:        	GILC Alert
Date sent:      	Thu, 17 Jan 2002 11:32:51 -0500

GILC Alert
Volume 6, Issue 1
January 17, 2002

Welcome to the Global Internet Liberty Campaign Newsletter.

Welcome to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and
human rights on the Internet. We hope you find this newsletter
interesting, and we very much hope that you will avail yourselves of
the action items in future issues. If you are a part of an
organization that would be interested in joining GILC, please contact
us at <gilc@gilc.org>. If you are aware of threats to cyber-liberties
that we may not know about, please contact the GILC members in your
country, or contact GILC as a whole. Please feel free to redistribute
this newsletter to appropriate forums.

===============================================
Free expression
[1] Jailed Chinese Net activist goes on hunger strike
[2] India & Pakistan curb Internet access
[3] Norway charges teen DVD programmer
[4] US plan would ease Net copyright rules
[5] Russian Ebook programmer to go home under deal
[6] Euro Net hate speech ban to be unveiled
[7] New anonymous Net speech battles
[8] Australian state Net censor plans stalled
[9] Narco News ruling protects Net journalists
[10] US shutdown of Somalian Internet continues

Privacy
[11] US gov't creating computer spy viruses
[12] More security flaws problems dog Microsoft
[13] New cybercrime plans for Australia, Europe 
[14] DoubleClick backs off cookie tracker
[15] Concern grows over geolocational software
[16] US bill would set weak privacy standards

[17] New GILC member: FIPR

======================================================
[1] Chinese Net activist goes on hunger strike
======================================================
A leading Chinese online critic has begun a hunger strike over the
conditions of his confinement.

Wang Jinbo had published various essays on the Internet, including a
missive that called on the country to undergo more soul-searching in
regards to the 1989 Tienanmen Square massacre. He was then arrested
and sentenced to four years in jail on subversion charges. Last week,
Wang went on a hunger strike to protest the government's refusal to
allow his family to visit him.

The confinement of Wang Jinbo constitutes just one of several recent
attempts by Beijing to stifle dissent along the Information
Superhighway. Chinese authorities have reportedly condemned Lu Xinhua
to a 4 year prison stay after he posted an article arguing for various
government reforms and criticized the ethical theories of the
country's president, Jiang Zemin. Beijing has also shutdown some 17
000 cybercafes because they allegedly failed to block sites with
banned content (including webpages that were deemed subversive by the
ruling elite). An additional 28 000 cybercafes were forced to install
surveillance equipment that will allow the government to monitor
customers.

Besides these developments, Chinese officials are developing new
technological and economic initiatives to deter citizens from speaking
freely online. A recently issued report entitled "China's Golden
Shield" describes how corporations such as Nortel Networks have
allowed the Chinese government to create "a more sophisticated system
of content filtration at the individual level" via "a massive,
ubiquitous architecture of surveillance." In addition, Beijing has
started an awards program to benefit sites that engage in
self-censorship.

For more on the cases of Lu Xinhua and Wang Jinbo, visit the Digital
Freedom Network (DFN-a GILC member) website under
http://www.dfn.org/focus/china/luxinhua-sentence.htm

Additional information on Wang's hunger strike is available from
"Outlawed party activists jailed for subversion," South China Morning
Post, Jan. 15, 2002 at
http://www.asiamedia.ucla.edu/Weekly2002/01.15.2002/China2.htm

Read "Chinese internet dissidents jailed," BBC News Online, Jan. 14,
2002 at
http://news.bbc.co.uk/hi/english/world/asia-pacific/newsid_1759000/175
9815.s tm

For more on the Chinese shutdown of cybercafes, read Dong Liu,
"Authorities Shut Down 17,000 Internet Bars," China News Digest, Nov.
22, 2001 at http://www.cnd.org/Global/01/11/22/011122-2.html

The Golden Shield report is available via
http://go.openflows.org/article.pl?sid=01/10/24/2021205&mode=thread&th
reshol d=

See also "Chinese government gives awards to non-porn websites,"
Ananova, Oct. 26, 2001 at
http://www.ananova.com/news/story/sm_433741.html

=============================================
[2] India & Pakistan curb Internet access
=============================================
Officials in India and Pakistan have barred many of their citizens
from entering the Information Superhighway.

In Pakistan, officials have sealed off all telecommunications links,
including Internet access, in several regions, especially those near
the Indian-Pakistani frontier. Authorities have also gone so far as to
close all cybercafes in those areas. Meanwhile, across the border,
India has launched a similar ban in the state of Kashmir, which is
claimed by both nations. Each country has tried to justify its ban on
security grounds, as a possible military confrontation looms. 

The edicts have angered countless Internet users on either side of the
conflict. One Pakistani user fumed that despite lodging numerous
"complaints with our respective ISPs [Internet Service Providers] ...
no sufficient answers were being provided in order to resolve the
problem." Unfortunately, there is no word yet on when these
restrictions will be lifted.

Read Munawar Hasan, "Internet in border areas banned," The Nation
(Pakistan), Jan. 11, 2002, available via
http://www.nation.com.pk/daily/110102/main/top12.htm

=======================================
[3] Norway charges teen DVD programmer
=======================================
An 18 year old Norwegian is facing criminal charges over a
controversial DVD program that he wrote when he was 15.

Back in 1999, Jon Johansen created DeCSS--a primitive computer program
that was meant to help users of the Linux operating system view DVDs
on their machines. In January 2000, Norwegian authorities arrested him
for these actions but let him go soon afterwards. However, he has been
arrested again on the theory that by creating DeCSS, he violated a
Norwegian law against break-ins. Robin Gross from the Electronic
Frontier Foundation (EFF-a GILC member) called the prosecution of the
boy "an incredible stretch. He was just trying to access his own
property."

The move comes after a United States Federal appeals court upheld a
ruling against 2600 magazine that, among other things, bars the
publication from even linking to other websites that contain DeCSS.
2600 magazine provided information about DeCSS information on its
website, the Motion Picture Association of America (MPAA) sued the
publication under the Digital Millennium Copyright Act (DMCA). Free
speech advocates have savaged the decision; the magazine's publisher,
Emmanuel Goldstein, stated that he "will carefully consider whether to
take it to the U.S. Supreme Court." 

Additional information on the Johansen case is available from the EFF
website under
http://www.eff.org/IP/DeCSS_prosecutions/Johansen_DeCSS_case/

For more on protests in Norway over Johansen's arrest, see Eugene
Brandal Laran, "'Vi vil se-DVD'," Dagbladet, Jan. 11, 2002 at
http://www.dagbladet.no/nyheter/2002/01/11/305694.html

For German (Deutsch) language coverage, see Janko Rottgers, "Proteste
gegen Johansen-Anklage," Heise Telepolis, Jan. 15, 2002 at
http://www.heise.de/tp/deutsch/inhalt/te/11575/1.html 

For English language coverage of these events, read Michael Bartlett,
"Norwegian Authorities Charge Teen DVD Software Author," Newsbytes,
Jan. 10, 2002 at http://www.newsbytes.com/news/02/173567.html

Read Lisa M. Bowman, "DVD cracker indicted for DeCSS program," ZDNet
News, Jan. 11, 2002 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5101559,00.html

The appeals court ruling the 2600 case is posted at
http://www.eff.org/Cases/MPAA_DVD_cases/20011128_ny_appeal_decision.ht
ml

To read an EFF media release on the latest developments in the 2600
case, click
http://www.eff.org/IP/Video/MPAA_DVD_cases/20020114_ny_eff_pr.html

See Steven Bonisteel, "2600 Magazine Seeks Another Opinion In N.Y.
DeCSS Case," Newsbytes, Jan. 14, 2002 at
http://www.newsbytes.com/news/02/173635.html

For legal commentary and background, read Chris Sprigman, "Lockware:
The Promise And Peril of Hollywood's Intellectual Property Strategy
For the Digital Age," Writ News, Jan. 3, 2002, at
http://writ.news.findlaw.com/commentary/20020103_sprigman.html

For audio and text coverage of the 2600 decision, see "Website
silenced over DVD secrets," BBC News, Nov. 29, 2001 at
http://news.bbc.co.uk/hi/english/entertainment/new_media/newsid_168200
0/1682 467.stm 

See Robert Lemos, "Free speech shrinking on the Net?" ZDNet News, Nov.
30, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5100154,00.html

See also Michael Bartlett, "DVD CCA Appeals Ruling to Calif. Supreme
Court," Newsbytes, Nov. 30, 2001 at
http://www.newsbytes.com/news/01/172602.html

===========================================
[4] US plan would ease Net copyright rules
===========================================
New legislation is in the works to reform a controversial United
States copyright law.

U.S. Representative Rick Boucher is drafting a bill to curtail various
provisions within the Digital Millennium Copyright Act (DMCA). While
the precise details of the plan have yet to be revealed, the
legislation would alter section 1201 of the DMCA to allow individuals
to circumvent copy protection schemes for legitimate purposes. He
explained: "What do you say to the guy who only wants to use that code
so the CD he bought will play on his computer? That's harmless
activity, yet under section 1201 he's guilty of a crime." 

The DMCA has been criticized as a severe restriction on Internet free
speech. Section 1201, in particular, had previously been used to
prosecute Russian computer scientist Dmitry Sklyarov after he
presented a paper on electronic book encryption codes (see item [5]
below). In addition, several major entertainment conglomerates, such
as Universal, are rolling out new copy-protected compact discs that
often cannot be played on personal computers. While Boucher expects
serious resistance to this proposal, he expressed optimism over
several other copyright bills that he has submitted, including a
measure that would permit people to make archival copies of music that
they have legally bought and downloaded.

Read "Lawmaker: Legalize home CD burning," Reuters, Jan. 7, 2002 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5101325,00.html

See Brian Krebs, "Glacial Progress Expected On Digital Music
Legislation," Newsbytes, Jan. 7, 2002 at
http://www.newsbytes.com/news/02/173450.html

See also Patti Waldmeir, "Technology switches sides," Financial Times,
Jan. 9, 2002 at
http://news.ft.com/ft/gx.cgi/ftc?pagename=View&c=Article&cid=FT3TZO7H9
WC&liv e=true

For more on copy-protected CDs, see Brad King, "Online CD Sales May
Suffer Static," Wired News, Jan. 9, 2002 at
http://www.wired.com/news/print/0,1294,49539,00.html

For commentary on Universal's new copy-protected CDs, read Rob
Pegoraro, "Labels Have The Wrong Music Mission," Washington Post, Dec.
21, 2001 at http://www.newsbytes.com/news/01/173195.html

See also John Borland, "Sites keep tabs on copy-protected CDs," ZDNet
News, Nov. 13, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5099529,00.html 

==================================================
[5] Russian Ebook programmer goes home under deal
==================================================
The United States government has allowed a Russian computer scientist
to return to his home country under a special agreement.

Dmitry Sklyarov had developed a program that circumvents the copy
protection scheme contained on Adobe Systems electronic books. He
created the program while working for Elcomsoft as part of an effort
to allow Ebook readers to view such products on whatever computers
they like. After writing a paper on the subject and presenting it to
the public at a Las Vegas computer convention, United States
government agents arrested him on charges of violating the
controversial Digital Millennium Copyright Act (DMCA), which restricts
the right of computer users to circumvent any program that
"effectively controls access" to copyrighted works. If convicted, he
could have faced a 5 year prison sentence and a US $500 000 fine. In
early December, U.S. prosecutors agreed to drop the charges against
Sklyarov, allowing him to visit his home country in time to ring in
the New Year. However, as part of this deal, he will have to testify
against his former employer. 

Skylarov's case had drawn fierce protests from Internet users around
the world who feared that his prosecution under the DMCA would
threaten free expression, particularly in the scientific community.
Shari Steele, Executive Director of Electronic Frontiers Foundation
(EFF-a GILC member), noted that Sklyarov's conditioned release was in
part due to the "tremendous outpouring of grassroots support for
Dmitry and against the current U.S. copyright law. ... I'm
disappointed, however, that the government has decided to string this
along instead of admitting its mistake in bringing these charges
against Dmitry in the first place." 

Read "Russian programmer charged with violating copyright law in U.S.
returns to Moscow," Interfax, Dec. 31, 2001 at
http://www.interfax.ru/one_news_en.html?lang=EN&tz=0&tz_format=MSK&id_
news=5 550971

An EFF media release regarding these developments is posted at
http://www.eff.org/IP/DMCA/US_v_Sklyarov/20011213_eff_pr.html

See Carrie Kirby, "Charges dropped in copyright case: Russian
programmer to be set free," San Francisco Chronicle, Dec. 14, 2001,
page B1 at
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2001/12/14/BU28360.DT
L

Read "Deal to free Russian programmer," BBC News Online, Dec. 14, 2001
at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1710000/1710676.stm

For further information, visit
http://www.freesklyarov.org/ 

============================================
[6] Euro Net hate speech ban to be unveiled
============================================
Undeterred by recent legal setbacks, European politicians are drafting
a new measure that may significantly curb Internet speech.

The Council of Europe is developing a special protocol that would,
among other things, force signatory nations "to adopt the necessary
legislative measures to criminalise the use of information technology
to produce, supply and disseminate material of a hateful, racist or
discriminatory nature." Another section "would require states to do
everything in their power to ensure that binding rules were not
circumvented by dissemination, via servers located on their territory,
of hate messages aimed exclusively at an audience in a less permissive
state (for example by ordering the deletion of messages hosted
unlawfully)." The second provision is meant "to prevent the
dissemination of hate propaganda by offering the United States, which
cannot afford to criminalise it, a legal instrument to do away with
such unscrupulous messages."

This attempt to restrict online speech after a court in the United
States refused to enforce a French order that banned Internet portal
giant Yahoo from hosting hate-related material. Federal Judge Jeremy
Fogel held that the French ruling would force Yahoo "to undertake
efforts that will impermissibly chill and perhaps censor protected
speech." Fogel heeded the warnings of various cyberliberties groups,
including GILC members, the Center for Democracy and Technology, the
Digital Freedom Network and the American Civil Liberties Union, who
had previously argued that enforcement of the foreign decision would
have created "an international regime in which any nation would be
able to enforce its legal and community 'local community standards' on
any speakers in all other nations." Two French groups have appealed
the US ruling.

The text of the CoE Parliamentary Assembly recommendation is posted
under http://stars.coe.fr/ta/TA01/EREC1543.htm

The memo describing the upcoming hate speech protocol is available at
http://stars.coe.fr/doc/doc01/EDOC9263.htm

A CoE press release on this subject is available under
http://press.coe.int/cp/2001/828a(2001).htm

Read Matt Beer, "Back to court for Yahoo Nazi Case," Agence France
Presse, Dec. 6, 2001 at
http://australianit.news.com.au/articles/0,7204,3384201%5E15319%5E%5En
bv%5E1 5306,00.html

See also Steve Gold, "French Groups Appeal Yahoo's Nazi Lawsuit
Victory," Newsbytes, Dec. 6, 2001 at
http://www.newsbytes.com/news/01/172752.html

The text of Judge Fogel's decision is available (in PDF format) at
http://www.cdt.org/jurisdiction/011107judgement.pdf

============================================
[7] New anonymous Net speech battles
============================================
Defenders of anonymous online speech have met with mixed fortunes over
the past few weeks.

In one case, a judge in New Jersey has held that various local
officials did not have the right to find out personal information
about their online critics. The court also went on to bar the
officials' lawsuit against the person who created the bulletin board
where the comments were made. The New Jersey ruling was greeted with
praise from free speech advocates; Public Citizen's Paul Levy stated
that the "judge's decision protects citizens' right to participate in
anonymous debate about their public officials, without fear of being
dragged into court."  

On the other hand, a California state court has allowed Ampex, a major
data storage device manufacturer, to retrieve personal information
about a former worker who (using the name "Exampex") criticized the
company through a Yahoo electronic bulletin board. Court Commissioner
Judith Sanders backed off a prior ruling she had made that would have
forced the company to prove that the state was actually defamatory
before considering whether to unveil the speaker's identity. Instead,
she held that the Ampex could discover who the poster was before
letting a jury determine whether the statements were libelous. 

See Bill Workman, "Ampex wins a round in its online slander lawsuit,"
San Francisco Chronicle, Jan. 8, 2002 at
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2002/01/08/BU139866.D
TL

Additional information on the New Jersey case is available from Robert
MacMillan, "Judge Bars Town Brass From Learning Detractors' IDs,"
Newsbytes, Jan. 3, 2002 at
http://www.newsbytes.com/news/02/173369.html

==============================================
[8] Australian state Net censor plans stalled
==============================================
An Australian state plan to restrictions on Internet content has been
delayed due to heavy opposition. 

The government of New South Wales had been considering a measure that
would have made it a crime to provide online information deemed
unsuitable for children, even if the information was only made
available to adults. The legislation also contained procedural rules
(including a shift in the burden of proof to defendants in Internet
cases) which might have led to harsher treatment of online artists
than their offline counterparts. 

Growing concern over the bill's impact on free speech has led
officials to refer the measure to a Parliamentary Committee for
further review. A report from this committee may not appear for
several months; public submissions may be made on this topic until
February 8, 2002. The move was applauded by many cyberlibertarians;
Irene Graham, executive director of Electronic Frontiers Australia
(EFA-a GILC member), said her group was "pleased to observe that NSW
has referred its legislation to an inquiry. We believe there is now an
improved prospect of more reasonable legislation." 

For more on the New South Wales bill, visit the EFA website under
http://www.efa.org.au/Campaigns/nswbill.html

Read Simon Hayes, "Media protests net censorship," Australian IT, Dec.
18, 2001 at
http://australianit.news.com.au/articles/0,7204,3450958%5E15319%5E%5En
bv%5E1 5306,00.html

See also "New Internet laws on hold," Sydney Morning Herald, Dec. 6,
2001 at http://www.smh.com.au/news/0112/06/national/national122.html

======================================================
[9] Narco News decision protects online journalists
======================================================
A court in the United States has rejected a cross-border attempt by a
Mexican bank to silence an Internet news site.

The battle centers on Mexican newspaper articles that were republished
on the World Wide Web by New York-based Narco News. The articles
raised drug trafficking allegations against Roberto Hernandez Ramirez,
the executive director of Mexican banking conglomerate Banamex.
Banamex then launched a defamation action against Narco News in a US
court. The move came even though Mexican courts had thrown out 3
previous Banamex lawsuits based on the same writings.

Presiding judge Paula Onansky dismissed the bank's claims, saying that
the Narco News' materials were protected under the First Amendment of
the U.S. Constitution (which guarantees freedom of speech) to the same
extent as their offline counterparts. "A careful review of defendants'
submission on Narco News's Web site indicates that the Narco
defendants' format is similar to a regularly published public news
magazine or newspaper, except for the fact that the periodical is
published online, or electronically, instead of being printed on
paper. The fact that the Narco News Web site can accept readers'
comments, or letters to the editor, via a separate e-mail address only
strengthens the need for First Amendment protections for the medium." 

For further information (including the text of the decision), visit
the Electronic Frontier Foundation (EFF-a GILC member) website under
http://www.eff.org/Censorship/SLAPP/Forum_shopping/BNM_v_Narco_News/

Read Kevin Featherly, "In Key Decision, Judge Tosses News Site Libel
Suit," Newsbytes, Dec. 11, 2001 at
http://www.newsbytes.com/news/01/172886.html

See also Mark K. Anderson, "Court: Online Scribes Protected," Wired
News, Dec. 11, 2001 at
http://www.wired.com/news/print/0,1294,48996,00.html

=================================================
[10] US shutdown of Somalian Internet continues
=================================================
Thanks to the United States government, nearly all of Somalia remains
offline.

Back in November 2001, U.S. officials shut down several companies,
including al-Barakaat and the Somalia Internet Company, based on
allegations that the firms were aiding the al Queda terrorist network.
The Somalia Internet Company, which is a part owner of al-Barakaat,
was the East African nation's only Internet service provider, and
closures left most Somalians with no way with which to access the
Internet. Many institutions throughout the country have had to suspend
their services, including government agencies, cybercafes and even the
local United Nations office.

An al-Barakaat spokesperson criticized these moves, calling the U.S.
government's accusations "lies" while asking for "mercy and justice."
However, despite these denials, these services still have yet to be
restored.

For commentary on these developments, see Hussein Ali Soke, "Is
Somalia a Safe-haven for Terrorists?" AllAfrica.com, Jan. 7, 2002 at
http://allafrica.com/stories/200201090390.html

For more information, visit the Digital Freedom Network (DFN-a GILC
member) website under
http://dfn.org/focus/somalia/internet-casualty.htm 

For further background, see "US shuts down Somalia Internet," BBC
News, Nov. 23, 2001 at
http://news.bbc.co.uk/hi/english/world/africa/newsid_1672000/1672220.s
tm

See also Ishbel Matheson, "Somalia pushed to brink of disaster," BBC
News Online, Dec. 28, 2001 at
http://news.bbc.co.uk/hi/english/world/africa/newsid_1732000/1732101.s
tm

==============================================
[11] US gov't creating computer spy viruses
==============================================
According to published reports, the United States government is
developing a new way to spy on Internet users, through the use of
computer viruses.

The US Federal Bureau of Investigations has confirmed that it is
working on Magic Lantern technology to help spy on computer users.
While precise details have been hard to come by, the system allegedly
includes a special virus that allows the attacker to log each and
every keystroke that is typed into a target machine. The technique
could be used to steal passwords and read private documents stored on
a targeted person's computer. The use of viruses would make it easier
for law enforcement agents to install keylogging devices on
individuals' machines without having to physically break into people's
homes or offices, which the U.S. government has done in the past (as
mentioned in the recent case of Nicodemus Scarfo).

Not surprisingly, these revelations have been met with condemnation
from many experts, who worry that the system may not only allow
unnecessary government intrusions into cyberspace, but may also
undermine general computer security. In addition, questions have been
raised as to whether the anti-virus software manufacturers would
comply with the U.S. government's requests for assistance by leaving
users unprotected against Magic Lantern attacks. Several of these
companies have said that they would need a court order before going
along with any such FBI demands. 

In the latest development, U.S. Representative Ron Paul is pressuring
the FBI to provide more details about Magic Lantern. Paul noted in a
letter to the Bureau that his "legislative director attempted to
obtain information on this project from the FBI and was told such
information was classified." He warned that if "media reports are
accurate, the Magic Lantern project could greatly impact the privacy
and civil liberties of all Americans who communicate via e-mail," and
that he was "disturbed" by the FBI's stonewalling. The congressman
insisted that the agency release information about the project or at
least provide him "with written justification for the FBI's refusal to
share information on this crucial issue."

See Robert MacMillan, "Lawmaker Wants Magic Lantern Information From
FBI," Newsbytes, Jan. 14, 2002 at
http://www.newsbytes.com/news/02/173637.html

For an editorial regarding Magic Lantern, see David Corn, "The FBI's
Black Magic?" TomPaine.com, Jan. 4, 2002 at
http://205.252.23.176/features/2002/01/04/1.html

Read "FBI confirms Net spying tool exists," Reuters, Dec. 13, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5100652,00.html

For more on the Scarfo case, read Declan McCullagh, "Judge OKs FBI
Keyboard Sniffing," Wired News, Jan. 4, 2002 at
http://www.wired.com/news/print/0,1294,49455,00.html

To read the text of the judge's preliminary decision in the Scarfo
case (allowing many details on FBI keylogging equipment to remain
secret), click
http://lawlibrary.rutgers.edu/fed/html/scarfo2.html-1.html

==========================================
[12] More security problems dog Microsoft
==========================================
Over the past few months, security experts have discovered flaws in a
variety of Microsoft products.

Some of these breaches were quite serious. One such defect in Windows
XP could have permitted scam artists to make use of the operating
systems' Universal Plug and Play feature to take over victims'
computers. Another major flaw, this time in Microsoft's Internet
Explorer 6, would have allowed an attacker to access private files,
steal cookies and even redirect the targeted user along the World Wide
Web. Additionally, privacy guru Richard M. Smith demonstrated how a
hole within Windows Media Player can be used to track users of IE6,
even if they have Microsoft's vaunted P3P (Platform for Privacy
Preferences) technology on a high setting. The software giant has
released patches for most but not all of these vulnerabilities, and
Smith has criticized Microsoft's approach to fixing the Media Player
hole in particular as inadequate: "There are many people who have
never run Windows Media Player yet they are still vulnerable to the
problem."

These discoveries have made many observers wonder whether the company
is doing enough to protect the privacy of its customers. Indeed,
several organizations, including GILC members the Electronic Privacy
Information Center, Computer Professionals for Social Responsibility,
the Electronic Frontier Foundation and NetAction, had made similar
points in a series of complaints to the United States Federal Trade
Commission. Meanwhile, a few insurance companies have taken the
unusual step of charging policyholders who use a large number of
Microsoft products higher premiums.

For more on the P3P/Media Player flaw, see Stefanie Olsen, "Privacy
flaw continues to dig IE hole," CNet News, Jan. 15, 2002 at
http://news.cnet.com/news/0-1005-200-8494180.html

Read Robert Lemos, "Microsoft failing security test?" ZDNet News, Jan.
11, 2002 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5101593,00.html

See also "Software security law call," BBC News Online, Jan. 16, 2002
at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1762000/1762261.stm

For more on the Microsoft FTC privacy complaints, click
http://www.epic.org/privacy/consumer/microsoft

=================================================
[13] New cybercrime plans for Australia, Europe
=================================================
Controversy continues to surround new cybercrime laws that have been
adopted in various parts of the globe.

In Australia, the Federal government has approved a Cybercrime Act
that will greatly expand the power of government agents to conduct
surveillance along computer networks. It will require Internet users
to hand over their private encryption keys, and criminalizes several
types of online activity, such as impairment of electronic
communications. Greg Taylor from Electronic Frontiers Australia (EFA-a
GILC member) warned that the law could have an adverse effect on
innocent behavior, and that his organization had "major concerns about
gung-ho prosecutions based on insufficient knowledge on the part of
law enforcement agencies."

The measure bears certain similarities with a Council of Europe
Cybercrime Convention that was recently signed by representatives from
30 nations, including Japan, South Africa and the United States. Among
other things, the Convention would require countries to authorize
government agents to install spytools on the servers of Internet
service providers (ISPs) and thereby intercept all Internet
transmissions that come through the servers. The treaty requires
signatory nations to comply with foreign investigators, even when they
are investigating activities that are not crimes on domestic soil. The
CoE pact has received harsh criticism from many quarters, including
privacy advocates and business groups. The treaty will now be sent to
certain individual states for ratification.

For more on the Australian cybercrime proposal, read Simon Hayes,
"Lobbyists slam cybercrime laws," Dec. 21, 2001 at
http://australianit.news.com.au/articles/0,7204,3476612%5E15306%5E%5En
bv%5E, 00.html

The final text of the Council of Europe Cybercrime Convention is
available via
http://conventions.coe.int/Treaty/EN/WhatYouWant.asp?NT=185&CM=8&DF=11
/01/02

See "European Union Holds Cybercrime Conference-Update," Newsbytes,
Nov. 27, 2001 at http://www.newsbytes.com/news/01/172449.html

Read Denes Albert, "Bad News for Hackers," Reuters, Nov. 21, 2001 at
http://www.cbsnews.com/now/story/0,1597,318911-412,00.shtml

======================================================
[14] DoubleClick backs off cookie tracker
======================================================
A controversial major online advertising company has stopped selling a
product that logged the web habits of ordinary Internet users.

DoubleClick has ended its "Intelligent Targeting" program, which
contained nearly 100 million user profiles. DoubleClick sold this
information to corporate clients at the rate of US $10-12 for one
thousand profiles. The system was designed to permit companies to
discover users' web surfing preferences, ostensibly for ad-tailoring
purposes. A DoubleClick spokesperson claimed that the decision had
nothing to do with concerns over the company's commitment to user
privacy.

The decision came almost two years after the company admitted that it
tracked viewers through the Internet by placing digital identification
numbers in files known as "cookies" on a users' hard drives. Under
this procedure, the numbers were matched with name and address
information that had been collected by its partners. Despite initial
claims to the contrary, DoubleClick expressed its intention to match
this data with more extensive information contained in millions of
files maintained by its merger partner Abacus Direct. Subsequently,
DoubleClick shelved its data-matching plan after a storm of public
protests.

Read Stefanie Olsen, "DoubleClick turns away from ad profiles," CNet
News, Jan. 8, 2002 at
http://news.cnet.com/news/0-1005-200-8407125.html

See "DoubleClick Drops 'Intelligent Targeting' Product," Newsbytes,
Jan. 9, 2002 at http://www.newsbytes.com/news/02/173517.html

================================================
[15] Concern grows over geolocational software
================================================
The development of software to determine the geographic location of
people along the Information Superhighway is raising important
questions about the future of  individual liberty online.

Several companies, such as Quova and InfoSplit, are now offering
programs to track Internet users down to their home country and city.
These products are being marketed to a number of organizations,
including broadcasting conglomerates who want to restrict viewership
due to licensing agreements. At present, these devices are far from
perfect, and have particular difficulty finding people who live
outside of a major metropolitan area. In addition, cybercitizens can
fool geolocational software using web anonymizing software.

Nevertheless, there are growing fears that these tracking systems will
undermine Internet privacy and deter people from accessing content
from other countries. Lee Tien from the Electronic Frontier Foundation
(EFF-a GILC member) noted that because of the emergence of
geolocational programs and other technologies, "[i]t's likely that the
Internet of tomorrow will look radically different from different
parts of the world."

See Ariana Eunjung Cha, "Rise of Internet 'Borders' Prompts Fears for
Web's Future," Washington Post, Jan. 4, 2001, page E1 at
http://www.washingtonpost.com/wp-dyn/articles/A59227-2002Jan3.html

==========================================
[16] US bill would set weak privacy rules
==========================================
The United States Congress may soon consider a bill that critics will
stifle the development of strong Internet privacy rules.

The proposal is being drafted by U.S. Representative Cliff Stearns.
Although the text of the bill has yet to be released, it would put the
burden on customers to object when companies pass along sensitive
information about them. These individuals would also be prevented from
suing violators in court. In addition, the measure would bar
individual state governments from enacting tougher online privacy
standards than the Federal government.

These plans have received negative reviews from numerous privacy
experts, many of whom have pushed for laws that would require
companies to get their customers' permission before giving out
personal data. Chris Hoofnagle from the Electronic Privacy Information
Center (EPIC-a GILC member) scoffed: "One could reasonably look at the
Stearns proposal and say 'we'd be better off without legislation.'" 

Read David McGuire, "Tauzin Wants To Pass Privacy Bill Early Next
Year," Newsbytes, Dec. 4, 2001 at
http://www.newsbytes.com/news/01/172681.html

=====================================
[17] New GILC member: FIPR
=====================================
The Global Internet Liberty Campaign welcomes a new member: the
Foundation for Information Policy Research (FIPR).

Based in London, FIPR promotes public understanding and dialogue
between technologists and policy-makers in the UK and Europe. It has
fought strenuously against several surveillance initiatives over the
past few years, including the controversial British Regulation of
Investigatory Powers Act (RIP). It has also issued numerous policy
papers and analyses on such topics as digital signatures, secure
e-commerce and computer encryption laws. FIPR was honored at the UK
Big Brother Awards 2000 for its outstanding contributions to the
protection of privacy. 

For more information about FIPR, visit
http://www.fipr.org

=========================================================
 ABOUT THE GILC NEWS ALERT:
========================================================= The GILC
News Alert is the newsletter of the Global Internet Liberty Campaign,
an international coalition of organizations working to protect and
enhance online civil liberties and human rights.  Organizations are
invited to join GILC by contacting us at gilc@gilc.org.

To alert members about threats to cyber liberties, please contact
members from your country or send a message to the general GILC
address.

To submit information about upcoming events, new activist tools and
news stories, contact:

Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004
USA

Or email:
cchiu@aclu.org

More information about GILC members and news is available at
http://www.gilc.org

You may re-print or redistribute the GILC NEWS ALERT freely.

To subscribe to the alert, please send e-mail to
gilc-announce@gilc.org

with the following message in the body:
subscribe gilc-announce

========================================================
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A
GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)
========================================================
------- End of forwarded message -------


-- 
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de