[FYI] (Fwd) [GILC-plan] GILC Alert

["Axel H Horns" <horns@ipjur.com>]

------- Forwarded message follows -------
From:           	Chris Chiu <CCHIU@aclu.org>
To:             	"GILC announce (E-mail)" <gilc-announce@gilc.org>
Date sent:      	Thu, 21 Feb 2002 11:24:35 -0500
Subject:        	[GILC-plan] GILC Alert

[ Double-click this line for list subscription options ] 

GILC Alert
Volume 6, Issue 2
February 21, 2002

Welcome to the Global Internet Liberty Campaign Newsletter.

Welcome to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and
human rights on the Internet. We hope you find this newsletter
interesting, and we very much hope that you will avail yourselves of
the action items in future issues. If you are a part of an
organization that would be interested in joining GILC, please contact
us at <gilc@gilc.org>. If you are aware of threats to cyber-liberties
that we may not know about, please contact the GILC members in your
country, or contact GILC as a whole. Please feel free to redistribute
this newsletter to appropriate forums.

===============================================
Free expression
[1] Euro Net hate speech censor plans revealed
[2] BT linking suit moves forward
[3] Somalia regains limited Net service
[4] Professor ends lawsuit over Net copyright speech curbs
[5] Korean web content controls draw fire
[6] Chinese web activists in sentencing limbo
[7] Malaysian Net speech restrictions loom
[8] ICANN to debate online voting rules in March
[9] New Hong Kong anonymous Net speech battle

Privacy
[10] Kids to receive Digital Angel tracking implants
[11] Experts: Microsoft Internet Explorer patches flawed
[12] Prozac email privacy settlement criticized
[13] US broadband provider user tracking controversy
[14] IRIS files complaint over French data retention law
[15] Choicepoint mega-database suffers Net security breach
[16] Smart homes raise privacy questions
[17] Privaterra initiative launched
[18] Rathenau privacy conference held
[19] French, Danish and Dutch Big Brother Awards ceremonies held 

[20] Upcoming CFP 2002 conference

==================================================
[1] Euro Net hate speech censor plans revealed
==================================================
After protests from various members of the Internet community, a draft
Council of Europe (CoE) protocol has been released that may have
serious ramifications for free speech online.

The protocol is being considered in connection with the CoE's
Cybercrime Convention. While many details still have yet to be worked
out, as currently drafted, the proposal generally would require
signatory nations to bar people from "making available" or
"distributing ... racist and xenophobic material ... through a
computer system."  Among other things, the plan also would force
signatories to criminalize the use of computer networks to conduct
various "racist and xenophobic" activities. 

The document appeared after a coalition of non-governmental groups
sent a letter to the Council demanding the release of this information
because it was "likely to raise critical questions regarding freedom
of expression and human rights." The February 6 letter, which was
signed by many GILC member organizations, argued that the development
of the protocol "should conform with principles of transparency and
democratic decision-making." 

The latest draft of the CoE hate speech protocol is available in PDF
format under
http://www.legal.coe.int/economiccrime/cybercrime/AvProjetProt2002E.pd
f

The February 6 letter is posted at
http://www.gilc.org/speech/coe_hatespeech_letter.html

A French language version of this letter is available at
http://www.iris.sgdg.org/actions/cybercrime/ngo-coe-fr-0202.html

An dossier of CoE materials on the draft protocol and the relevant
negotiations is available from Imaginons un Réseau Internet Solidaire
(IRIS-a GILC member) under`
http://www.iris.sgdg.org/actions/cybercrime/pc-rx/

See "Global Net Crime Treaty Hurts Free Speech," Newsbytes, Feb. 6,
2002 at http://www.newsbytes.com/news/02/174285.html

===================================
[2] BT linking suit moves forward
===================================
A major telecom conglomerate claims it invented weblinks and that the
Internet community should pay for the use of this technology. But a
recent court hearing indicates that the law may not be on the firm's
side.

In a lawsuit, British Telecom alleges that it possesses intellectual
property rights over all links, based on a patent it filed in the
1970s. The communications giant is now demanding licensing fees from
American Internet service provider Prodigy. If BT prevails in this
case, the company says it will launch more lawsuits in the hopes of
collecting additional royalties.

However, BT's claim was met with skepticism and doubt during the
initial hearing. Presiding judge Colleen McMahon complained that the
language contained in the cited patent was "archaic. It's like reading
Old English." Furthermore, Judge McMahon suggested that the technology
described in BT's patent had little connection with current Internet
realities and "was already outmoded by the time it was patented."

Meanwhile, question marks have arisen over whether the firm actually
did invent linking technology. Speculation on this point has been
fueled by a video filmed in 1968 (several years before BT said it
developed the technology) that shows Stanford researchers
demonstrating weblinks. Finally, some experts suggest that there are
compelling public policy reasons to reject BT's claim because of its
potentially detrimental effect on Internet free speech. 

The text of BT's patent is posted under
http://164.195.100.11/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PAL
L&p=1&
u=/netahtml/srchnum.htm&r=1&f=G&l=50&s1='4873662'.WKU.&OS=PN/4873662&R
S=PN/4 873662

To view the Stanford video, click
http://sloan.stanford.edu/mousesite/1968Demo.html

Read Jim Fitzgerald, "BT claims right to click," Associated Press,
Feb. 12, 2002 at
http://australianit.news.com.au/articles/0,7204,3760588%5E15318%5E%5En
bv%5E1 5306,00.html

For video and text coverage of these developments, see Jane Wakefield,
"Why BT claims it owns the right to 'click here'," BBC News, Feb. 11,
2002 at
http://news.bbc.co.uk/hi/english/in_depth/sci_tech/2000/dot_life/newsi
d_1814 000/1814080.stm

Read Simon Bowers, "BT opens hypertext case," The Guardian, Feb. 11,
2002 at
http://www.guardian.co.uk/internetnews/story/0,7369,648221,00.html

See "Linking Patent Goes to Court," Reuters, Feb. 7, 2002 at
http://www.wired.com/news/print/0,1294,50283,00.html

========================================
[3] Somalia regains limited Net service
========================================
While partial Internet access has been restored to Somalia, many of
its citizens remain offline.

Several months ago, the U.S. government shut down several companies,
including al-Barakaat and the Somalia Internet Company, claiming that
they were aiding the al Queda terrorist network. The Somalia Internet
Company, which partly owned al-Barakaat, was the East African nation's
only Internet service provider, and the closures left most Somalians
unable to access the Information Superhighway. The disruptions came
despite denials from al-Barakaat that it had anything to do with al
Queda activities. 

Since that time, several organizations, including Telecom Somalia and
NetXchange, have tried to bridge the gap in Internet coverage.
However, progress has been slow, due to many factors, such as
relatively high access fees and limited infrastructure. 

For further information, visit the Digital Freedom Network (DFN-a GILC
member) website under http://dfn.org/news/somalia/sparse-internet.htm

See "Internet Returns to Mogadishu," AllAfrica.com, Jan. 23, 2002 at
http://allafrica.com/stories/200201230295.html

See also Hassan Barise, "Internet returns to Somalia," BBC News
Online, Jan. 22, 2002 at
http://news.bbc.co.uk/hi/english/world/africa/newsid_1775000/1775865.s
tm

===========================================================
[4] Professor ends lawsuit over Net copyright speech curbs
===========================================================
A computer researcher in the United States has dropped efforts to test
the effects of a much-maligned copyright law on his free speech
rights.

Last year, the Recording Industry Association of America (RIAA) wrote
a letter to a Princeton University professor, Edward Felten. The
letter suggested that he might be sued under the U.S. Digital
Millennium Copyright Act if he presented a research paper on
decrypting a particular digital watermark copy protection scheme.
Felten, who was represented by the Electronic Frontier Foundation
(EFF-a GILC member), sued the RIAA, asking a U.S. Federal court to
declare that he and his team of scientists had the constitutional
right to discuss and publish their research. In the midst of these
legal battles, he gave his presentation on August 15 2001. 

Eventually, the trial court threw out Felten's lawsuit. This action
came after assurances from both the RIAA and from Federal authorities
that, in fact, they would not sue him for his research-related
activities. Afterwards, the professor decided not to appeal the trial
court's dismissal and stated: "Although we would have preferred an
enforceable court ruling, our research team decided to take the
government and industry at their word that they will never again
threaten publishers of scientific research that exposes
vulnerabilities in security systems for copyrighted works."

An EFF press release on the end of the Felten case is posted under
http://www.eff.org/IP/DMCA/Felten_v_RIAA/20020206_eff_felten_pr.html

Read David McGuire, "Scientist Ends Crusade Against Copyright Law,"
Newsbytes, Feb. 6, 2002 at
http://www.newsbytes.com/news/02/174284.html

===========================================================
[5] Korean web content controls draw fire
===========================================================
Controversy has erupted over the extent to which the South Korean
government regulates what people say on the Internet.

The debate has been fueled in part by the actions of the Korean
National Election Commission, whose officials sealed off a room at the
headquarters of OhmyNews.com, an Internet reporting and commentary
service. The room was about to be used for a webcast interview with
Noh Mu-hyun, a leading South Korean presidential candidate.  An NEC
spokesperson later tried to justify these actions, claiming that under
current laws, "[i]t is illegal for telecommunications companies,
including Internet firms, to broadcast debates among presidential
contenders, as they are not categorized as news media outlets." The
NEC also barred against another presidential candidate, Kim Geum-tae,
from speaking to an analogous Internet news show. In response, Noh
slammed the government's apparent attempts at censorship, arguing that
such methods "should be employed only at times of national crisis."
Several lawmakers have now introduced a bill before the Korean
National Assembly that would explicitly allow online reporting of
political affairs.

Meanwhile, activists have launched a legal challenge against the
Korean Internet Content Rating Ordinance that came into effect in July
2001. The ordinance essentially mandates the blocking of web materials
that are considered offensive. Recent reports indicate that the Korean
government has used these rules to curb access to some 12 000 sites.
After the Korean Information and Communication Ethics Committee issued
a shutdown order against Lesbian & Gay Alliance Against Discrimination
in Korea (LGAAD), 15 lesbian and gay advocacy groups banded together
and fought back by suing the government. The coalition's leader, Im
Tae-hoon, charged that the rating scheme's "true purpose is to curb
people's freedom of expression that is guaranteed by the
Constitution."

Read Kim Hyung-Jin, "Lawmakers submit bill to get Internet news sites
recognized as mass media ahead of elections," Korea Herald, Feb. 14,
2002 at http://www.asiamedia.ucla.edu/Weekly2002/02.12.2002/Korea4.htm

See also Kim Hyung-Jin, "Online discussion creates controversy over
election law," Korea Herald, Feb. 7, 2002 at
http://www.asiamedia.ucla.edu/Weekly2002/02.05.2002/Korea6.htm

The LGAAD website is located at
http://outpridekorea.com/lgaad/

Read Kim Deok-hyun, "Homosexual Website Closure Invite Storm," Korea
Herald, Jan. 11, 2002 at
http://www.hankooki.com/kt_tech/200201/t2002011118013145110.htm

See also Adam Creed, "Korean Gay Activists Challenge Web Site Ban,"
Newsbytes, Jan. 10, 2002 at
http://www.newsbytes.com/news/02/173532.html

===========================================================
[6] Chinese web activists in sentencing limbo
===========================================================
The fate of six Chinese students imprisoned for their Internet
activities remains in doubt.

Last September, mainland Chinese authorities arrested the students for
posting articles online regarding the Falun Gong spiritual movement. A
local trial court then convicted the activists for using an "evil cult
to undermine the enforcement of law." Although the scheduled
sentencing date was February 18 2002, the tribunal reportedly has
postponed the hearing, possibly for one month. The students could
spend the next 15 years in a Chinese jail. 

The postponement comes a few weeks after Beijing issued rules that
will significantly hamper online criticism of the government. Among
other things, the measures will force many Internet service providers
(ISPs) to install software to detect and copy email content deemed
"sensitive"; "subversive" information must be completely blocked out.
Websites will only be allowed to publish news items from approved
domestic sources. Additionally, ISPs must log information about their
users, including viewing times, addresses, and telephone numbers; this
data will then be turned over to Chinese officials, presumably to help
them hunt down and silence dissidents.

The scheme is just one of several moves by the mainland Chinese regime
to stifle online protest. Some experts have suggested that these and
other strictures have retarded the growth of the Internet in the Land
of the Dragon. According to a recent Chinese government report, less
than 3 percent of China's population use the Information Superhighway.

See "Chinese Web Sentencing Delayed," Reuters, Feb. 19, 2002 at
http://www.wired.com/news/print/0,1294,50505,00.html

Read Liu Weijun, "Government Sets New Surveillance Rules to ISPs,"
China News Digest, Jan. 18, 2002 at
http://www.cnd.org/Global/02/01/19/020119-1.html

See Lynne O'Donnell, "China tightens controls over web," Australian
IT, Jan. 23, 2002 at
http://australianit.news.com.au/articles/0,7204,3640521%5E15322%5E%5En
bv%5E1 5306,00.html

See also "China Tightens Web Controls," Associated Press, Jan. 18,
2002 at http://www.wired.com/news/print/0,1294,49855,00.html

For more on Chinese Internet usage statistics, see "China net use
soars," BBC News Online, Feb. 11, 2002 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1814000/1814281.stm

===========================================================
[7] Malaysian Net speech restrictions loom
===========================================================
Over the past few years, the Internet has provided Malaysian citizens
with an outlet for news that was relatively free of censorship.
Unfortunately, this state of affairs may not last much longer.

Previously, Malaysian laws allowed government agents to close down
newspapers, withdraw publishing licenses indefinitely and arrest
violators. Until recently, these standards had not been applied to
Internet speech; indeed, a few officials have promised repeatedly that
they would not censor expression along the Information Superhighway.
However, the Malaysian Home Ministry has now drawn up plans to impose
a 'code of content' and a licensing system for website operators.
These proposals would enable authorities "to discourage the abuse of
the internet by irresponsible users" and to address national security
concerns. Some experts believe that the changes could become effective
as early as this year. 

Online journalists have expressed dismay at this turn of events.
Steven Gan, editor-in-chief of Malaysiakini.com, fears that licensing
of Internet news services will lead to complete censorship. Gan
mentioned that websites such as Malaysiakini were already under heavy
pressure from the government even though they haven't been explicitly
closed out, and feared the Home Ministry's scheme will bring about a
total shutdown: "We will be forced to apply for a licence and we know
for sure we won't get one." 

Read Victoria Laurie, "Mahathir net closing on websites," Australian
IT, Feb. 14, 2002 at
http://australianit.news.com.au/articles/0,7204,3757565%5E16681%5E%5En
bv%5E, 00.html

See also Susan Loone, "No plans to regulate Internet usage, says
ministry," Malaysiakini.com, February 19, 2002 at
http://www.malaysiakini.com/news/20020220001220.php 

===========================================================
[8] ICANN to debate online voting rules in March
===========================================================
The organization tasked with managing the domain name system may soon
make a decision that could have serious implications for the future of
Internet governance.

During its March 2002 meetings, the Internet Corporation for Assigned
Names and Numbers is expected to consider several possible changes in
its power structure. These changes were outlined in a special ICANN
committee report that, among other things, recommended a reduction in
the number of publicly elected At-Large Board members and requiring
domain name ownership as a voting prerequisite. The entire proposal
was excoriated by many cyber-libertarians, who feared that it would
take voting rights away from large segments of the Internet community.
Although some observers had expected a final verdict on the plan in
November 2001, ICANN's Board of Directors put off making such a
decision until the March conference. 

For more information on the Accra meeting, visit the ICANN website
under http://www.icann.org/ghana

See David McGuire, "ICANN Polls Public, Industry On Governance,"
Newsbytes, Feb. 8, 2002 at
http://www.newsbytes.com/news/02/174363.html

The ICANN committee report is posted under
http://atlargestudy.org/final_report.shtml

For background information in German (Deutsch), read "Mit '.de.mail'
zur nachsten ICANN-Wahl," Heise Online, Feb. 4, 2002 at
http://www.heise.de/newsticker/data/jk-04.02.02-000/

See "Streit um 'Superregistry'," Heise Online, Feb. 3, 2002 at 
http://www.heise.de/newsticker/data/anw-03.02.02-004/

See also
http://www.internetdemocracyproject.org

===========================================================
[9] New Hong Kong anonymous Net speech battles
===========================================================
A Hong Kong-hosted website has been besieged with legal threats over
anonymous messages posted on its chatboards.

IceRed.com describes itself as an Asian "off-line event organizer and
on-line community for professionals and university alumni." The
company offers numerous interactive forums where users can post
missives on a variety of topics without revealing their true names.
Since its inception, the firm has received warnings from several
groups and individuals, each of whom have demanded the identities of
users who posted allegedly libelous statements on the corporation's
website. For example, one such petitioner, Max Loh Khum Whai, asked
IceRed to turn over the name, home address and Internet protocol
number of a user who supposedly sent defamatory messages about him.

These legal wranglings have raised questions as to the extent to which
Hong Kong law protects anonymous online speech. The issue is a new one
for the former British colony, and the company has cited precedents in
United States suggesting that it should not be liable for the
activities of its individual users. In any case, IceRed's chief
executive Tim Lam, remains defiant: "We provide a platform to give our
users an open forum for discussion and intend to continue doing so."

IceRed.com is located under
http://www.icered.com

See Doug Nairne, "IceRed to retain its hands-off policy on chat site,"
Jan. 25, 2002 at
http://www.asiamedia.ucla.edu/Weekly2002/01.22.2002/HongKong5.htm

===========================================================
[10] Kids to receive Net tracking implants
===========================================================
A controversial biometric device may soon be used to track children
via the Internet.

According to its manufacturer, Applied Data Systems (ADS), Verichip
can carry individualized data (such as a person's name, current
condition, medical records and unique identification number) and is
designed to be imbedded under a person's skin. When a special external
scanner is pointed at a Verichip, "a number is displayed by the
scanner" and the stored information is transmitted "via telephone or
Internet." The company is marketing its product for such purposes as
"identification, various law enforcement and defense uses and search
and rescue." ADS now plans to test the device on a family from the
United States, including their 14-year-old son. 

As it turns out, serious questions have arisen as to whether this
scheme will actually work. Security expert Richard M. Smith labeled
the company's plans a mere "publicity stunt and nothing more," adding
that the implants currently would be of "no value because hospitals
and the police don't have the reader units." In addition, the United
States Food and Drug Administration has yet to approve ADS' product
for internal human use. Nevertheless, these latest developments have
intensified concern over the possible effect that devices like
VeriChip may have on individual privacy. 

Read Julia Scheeres, "They Want Their ID Chips Now," Wired News, Feb.
6, 2002 at http://www.wired.com/news/print/0,1294,50187,00.html

An ADS statement about VeriChip is posted under
http://www.adsx.com/VeriChip/verichip.html

For further analysis by Richard M. Smith, click
http://computerbytesman.com/privacy/verichip.htm

See also Julia Scheeres, "Kidnapped? GPS to the Rescue," Wired News,
Jan. 25, 2002 at http://www.wired.com/news/print/0,1294,50004,00.html 

===========================================================
[11] Experts: Microsoft patches flawed
===========================================================
Specialists are warning that Microsoft's attempt to remedy various
security problems in its Internet Explorer program is far from
foolproof.

The software giant had released a patch to eliminate "all known
security vulnerabilities affecting Internet Explorer." Unfortunately,
several computer experts the discovered that, even after installing
the program, users will still be left exposed to a number of known
attack methods. One of these schemes, known as the "IE Pop-up OBJECT
Tag Bug," allows miscreants to take over victim computers using
special websites or email messages. 

This latest gaffe is fueling criticism from many observers that the
corporation giant is not doing enough to protect sensitive data about
their customers. Last year, several groups filed a series of joint
complaints with the United States Federal Trade Commission over
perceived privacy problems with several Microsoft products, notably
Windows XP and Passport. More recently, the Electronic Privacy
Information Center (EPIC-a GILC member) issued a letter calling on
local authorities in the U.S. to investigate Microsoft for its
"failure to make public known security risks in Windows XP and
Passport and provide a reasonable degree of control of personal
information."

See Matthew Broersma, "Worm exploits MSN Messenger," CNet News, Feb.
14, 2002 at http://news.com.com/2100-1001-837556.html

Read Brian McWilliams, "Microsoft Patch Leaves IE Users Exposed to
Attacks," Newsbytes, Feb. 12, 2002 at
http://www.newsbytes.com/news/02/174427.html

The most recent EPIC letter on Microsoft privacy problems is available
at http://www.epic.org/privacy/consumer/microsoft/stateagletter.html

For background information, visit the EPIC website under
http://www.epic.org/privacy/consumer/microsoft/

See also "Gates seeks to plug security holes," Guardian Unlimited,
Feb. 13, 2002 at
http://www.guardian.co.uk/microsoft/Story/0,2763,649544,00.html

===========================================================
[12] Prozac email privacy settlement criticized
===========================================================
A major drug company has settled a case over its mishandling of
personal information online. However, the agreement has drawn fire
from privacy advocates.

Eli Lilly and Company had provided a daily Medi-Messenger email
service that reminded Prozac users to take their anti-depressant
medication. These messages had been sent without identifying the
recipients. When Eli Lilly discontinued the service in June 2001, it
sent an email to its customers that included a long, publicly visible
list of over 700 recipients under the previously blank "To:" header.

In the wake of this development, the American Civil Liberties Union
(ACLU-a GILC member) sent a letter to the United States Federal Trade
Commission, charging that Eli Lilly's public disclosure of
Medi-Messenger recipient email addresses violated the company's posted
privacy policy and constituted an unfair trade practice in violation
of Federal laws. The United States Federal Trade Commission then
investigated the incident, and found that although the firm "claimed
that it employs measures ... to maintain ... the ... confidentiality
of personal information obtained from or about consumers through its
... Web sites," Eli Lilly "in fact ... had not employed such
measures." Among other things, "Lilly failed to provide appropriate
training for its employees regarding consumer privacy and information
security. ... Lilly's failure to implement appropriate measures also
violated certain of its own written policies." 

In the aftermath of this investigation, Eli Lilly decided to settle
the charges. The tentative agreement with the FTC did not include any
fines or monetary damages. Instead, the proposed consent order
required Eli Lilly, among other things, to "establish and maintain an
information security program for the protection of personally
identifiable information." The company would also have to submit
reports to the Commission documenting its attempts at compliance.

Privacy experts were less than impressed with the draft order. In
formal comments submitted to the FTC, the ACLU said that the "the
proposed settlement ... merely codifies the privacy protections the
company should have been taking to begin with. ... The FTC should
alter the order to impose a fine and order [Eli] Lilly to pay damages
to the victims of the company's privacy breach. Imposing a financial
penalty will impress upon online medical providers that there is a
price to pay for being careless with highly sensitive information."

The settlement agreement is available (in PDF format) under
http://www.ftc.gov/os/2002/01/lillyagree.pdf

The ACLU's formal comments on this agreement (in PDF format) are
posted at http://www.aclu.org/news/2002/n011802a.html

An FTC press release on the settlement is available under
http://www.ftc.gov/opa/2002/01/elililly.htm

Read Robert MacMillan, "Eli Lilly Settles Privacy Charges With FTC,"
Newsbytes, Jan. 18, 2002 at
http://www.newsbytes.com/news/02/173779.html

See also Jim Hu, "FTC wraps Eli Lilly privacy probe," ZDNet News, Jan.
18, 2002 at http://zdnet.com.com/2110-1105-818463.html

===========================================================
[13] US broadband provider user tracking controversy
===========================================================
A war of words has erupted after reports indicated a leading provider
of broadband access was secretly tracking its users' web surfing
habits.

Comcast is one of the biggest broadband service providers in the
United States, with nearly 1 million customers. According to recent
reports, the company had instituted a system that logged every website
their users visited and matched this information with consumers'
Internet protocol addresses. This specific collection of data was
apparently done without the knowledge or consent of Comcast's
customers. This system allegedly had been implemented in several urban
areas (including Washington D.C. and Detroit), and the corporation
hoped to expand it nationwide within the near future. 

These revelations led to a hailstorm of criticism. David Sobel from
the Electronic Privacy Information Center (EPIC-a GILC member) warned
that Comcast's apparent attempt to track its customers was
unjustified: "Technically, it is not necessary to collect the personal
information they were collecting." Comcast's activities also drew
scrutiny from politicians such as U.S. Congressman Edward Markey, who
issued a letter suggesting that the scheme may have violated the
Section 631 of the Federal Communications Act. That law bars cable
communications operators from utilizing personal information gathered
from their subscribers without obtaining "prior written or electronic
consent." Eventually, in a response letter to Markey, Comcast
President Brian L. Roberts announced that his company had "stopped
collecting and storing the user data that prompted the press reports."
 

The Markey letter is available (in PDF format) under
http://www.house.gov/markey/iss_telecomm_ltr020213.pdf

Comcast's response to Congressman Markey is posted (in PDF format) at
http://www.house.gov/markey/iss_telecomm_ltr020213b.pdf

See Christopher Stern, "Comcast Halts Tracking of Its Subscribers,"
Washington Post, Feb. 14, 2002, page E4 at
http://www.washingtonpost.com/wp-dyn/articles/A7313-2002Feb13.html

Read Margaret Kane and Stefanie Olsen, "Comcast to stop storing Web
users' data," CNet News, Feb. 13, 2002 at
http://news.com.com/2100-1023-836727.html

See Robert MacMillan, "Rep. Markey Relaxes His Comcast Hackles,"
Newsbytes, Feb. 13, 2002 at
http://www.newsbytes.com/news/02/174485.html

See also Ted Bridis, "Comcast Tracks Users' Web Trails," Associated
Press, Feb. 13, 2002 at
http://www.washingtonpost.com/wp-dyn/articles/A2083-2002Feb12.html

=========================================================
[14] IRIS files complaint over French data retention law
=========================================================
Privacy concerns have led a cyber-liberties group to launch a formal
complaint regarding a controversial French law.

Last November, the French government approved a package of security
measures popularly known as LSQ (short for "la Loi n°2001-1062 du 15
novembre 2001 sur la Sécurité Quotidienne"). Among other things,
Article 29 of the bill will allow the retention of "technical data
involved in a communication" for up to one year. However, the exact
contours of this scheme are still not clear. Many of the definitions,
including the specific types of data to be retained and the actual
time period Internet service providers are required to preserve this
information, were to be determined by an administrative decree, but
such a decree has yet to be published.

After the bill was passed into law, the French group Imaginons un
réseau Internet solidaire (IRIS-a GILC member) filed a complaint with
the European Commission. In the complaint, IRIS claimed that the LSQ
data retention provision violates not only European personal data
protection and telecommunications directives, but also several
European human rights accords. The group also argued that the measure
is unnecessary, inappropriate and disproportionate to any perceived
threats. In addition, the organization warned that vagaries in the law
might open the floodgates to massive government surveillance along the
country's electronic networks.

To read an IRIS press release on this subject in French (Francais),
click http://www.iris.sgdg.org/info-debat/comm-lsq-plainte0102.html

An IRIS dossier on LSQ is available at
http://www.iris.sgdg.org/actions/loi-sec 

===========================================================
[15] Choicepoint mega-database suffers Net security holes
===========================================================
A major personal database company has faced a series of security
snafus.

Choicepoint collects personal information and sells it to a variety of
clients, including the United States Federal Bureau of Investigations
(FBI), the U.S. Department of Justice and several insurance companies.
Over the past few weeks, computer scientists have discovered numerous
flaws in the security protocols of several Choicepoint affiliated
websites. Some of these weaknesses were severe; one such vulnerability
would have allowed attackers to view internal Choicepoint reports and
files. After some of these problems fixed, another hole was discovered
that permitted access to a supposedly "highly secure" area that
contained legal documents. One computer expert lashed out at
Choicepoint, saying that "[f]or any company to be vulnerable to these
problems ... is irresponsible."

Some observers have cited these incidents as evidence of the dangers
that massive databases pose to personal privacy. Chris Hoofnagle from
the Electronic Privacy Information Center (EPIC-a GILC member) warned
that the "risks to personal privacy include not only illegal or
inappropriate employee access to the information, but also outsiders
who wish to collect profiling information."

See Brian McWilliams, "More Online Security Woes For FBI's Data Firm,"
Newsbytes, Jan. 28, 2002 at
http://www.newsbytes.com/news/02/174003.html

Read Jennifer DiSabatino, "Unregulated databases hold personal data,"
Computer World, Jan. 21, 2002 at
http://www.computerworld.com/storyba/0,4125,NAV47_STO67585,00.html

===========================================================
[16] Smart homes raise privacy questions
===========================================================
New technologies to provide remote control of people's houses via the
Internet are fueling concerns over the future of individual privacy.

Some of these technologies are being promoted by the Internet Home
Alliance, a trade organization whose membership list includes General
Motors, Sun Microsystems, Panasonic, Sears Roebuck and
Hewlett-Packard. One such system, named Onstar at Home, allows a
person to use the Internet and thereby alter home thermostats, turn on
house lights and even open front doors. Onstar's setup also includes a
web camera to photograph whatever is going on inside a given house.
These cameras and other sensors can be programmed to monitor and
provide notification of various events within the home via email, text
messaging or ordinary phone calls.

Concern is growing as to what effect these devices will have on
privacy. In its published answers to Frequently Asked Questions, the
IHA has admitted that "[n]o pilot programs are currently planned that
address" the potential privacy implications of the technologies it is
attempting to foster. The group did not explain why it has not further
investigated these issues, but merely stated that "[i]f the privacy
issue is addressed in a pilot program, it would have to be within the
larger context of the Internet Lifestyle and how consumers would react
to such an issue within that context."

For more on IHA's stance on pilot privacy programs, click
http://www.internethomealliance.com/about/faq.asp/#9

For an IHA overview of the Onstar at Home system, visit
http://www.internethomealliance.com/pilot_pgms/overview_onstar.asp

Audio and text coverage is available from Alfred Hermida, "Smart homes
on trial," BBC News, Jan. 24, 2002 at
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1776000/1776047.stm

===========================================================
[17] Privaterra initiative launched
===========================================================
A collective of computer experts is working to enhance the privacy of
non-governmental organizations around the world.

Privaterra is an ongoing program by Computer Professionals for Social
Responsibility (CPSR-a GILC member). It was formed due to concerns
that technological advances "have ... made it easier to spy on ...
human rights workers, cracking into their communications networks and
stealing access to their private information. While it is impossible
to completely eradicate the possibility of such activities, encryption
technology and other security measures can considerably diminish the
likelihood that human rights workers' private communications and other
materials will be accessed by unauthorized individuals." 

Towards this end, the program will conduct privacy workshops to train
members of civil society organizations and provide technical advice to
such groups on how to improve their security routines. Privaterra also
plans to host an online forum "where attendees and others from their
organizations or other organizations can request information about
privacy and security technology, or discuss related issues with us and
with each other."

The Privaterra website is located at
http://privaterra.cpsr.org

======================================
[18] Rathenau privacy conference held
======================================
The Rathenau Institute, a Dutch national technology assessment
organization, held an international conference on privacy in Amsterdam
on January 19 2002. The conference compared existing privacy-related
practices and attitudes in different countries. Attendees discussed
such subjects as wireless communications interception, commercial use
of personal data, and camera surveillance in public places. The
meeting included presentations and speeches from representatives of
several GILC member organizations, including Caspar Bowden from the
Foundation for Information Policy Research, David Banisar from Privacy
International and Barry Steinhardt from the American Civil Liberties
Union.

For more information on this meeting, click
http://www.privacyconference.nl/conference_report.html

================================================================= [19]
French, Danish and Dutch Big Brother Awards ceremonies held
=================================================================
Several reputed menaces to individual privacy have become the newest
recipients of Big Brother Awards. 

These prizes are given out by Privacy International (a GILC member)
and affiliated groups in several nations. "Orwells" are presented
annually to "government agencies, companies and initiatives which have
done most to invade personal privacy. ... Awards are also given to
individuals and organizations which have made an outstanding
contribution to the protection of privacy."

In France, the Orwell winners included the national prison authority
and the French Ministry of Justice, for their apparent violations of
European human rights standards designed to prevent overly intrusive
government behavior. Other notable winners were Cegedim, a French
personal data mining service, and Mante la Jolie, which installed a
closed circuit television surveillance system to target an area with a
high immigrant population. On the other hand, "Voltaires" were given
out to European deputy Alima Boumediene Thierry and the French
syndicate of the judiciary, each of whom protested against excessive
security legislation. 

Meanwhile, Danish Orwells went to several groups, such as Datametrix
"for creating technologies for companies to wiretap employee
phonecalls" and the Denmark's national police. Among the list of
individual Orwell recipients was Danish government minister Frank
Jensen, who pushed for the enactment of new anti-terror laws and for
repeatedly denying the existence of the global surveillance system
popularly known as ECHELON, and Dr. Olgas Bornehave, who used webcams
to spy on children. Two "Simons" were handed out: one to Oluf
Jorgensen for his persistence and visible presence in fighting against
unnecessary surveillance proposals, and the FORTRIN research group who
created a traffic control system that respects individual privacy.

The latest Big Brother Awards ceremony took place in Amsterdam on
February 15 2002. Winners included the Dutch "State Secretary of
Transport, Public Works and Water Management Monique de Vries for
breaking open an EU compromise on data retention for telecommunication
companies" and "[t]he Commission Mevis for proposing far-reaching
demands on banks, insurance companies and telecommunication companies
to track, store and disclose customer data to law enforcement."

Over the next few weeks, Big Brother Awards ceremonies will be held in
a number of other countries, including the United Kingdom (March 4)
and the United States (April 18-see item [20] below).

For more information on the Big Brother Awards, visit
http://www.privacyinternational.org/bigbrother/

For more on the French Big Brother Awards, visit
http://www.bigbrotherawards.eu.org/2001/bba-f-en.txt

For more on the Danish Big Brother Awards, click
http://www.bigbrotherawards.dk/News/BBA2001Winners.html

Additional details on the Dutch Big Brother Awards are available under
http://www.bigbrotherawards.nl/index.en.html

See Jelle van Buuren, "First Big Brother Award in the Netherlands,"
Heise Telepolis, February 19, 2002 at
http://www.heise.de/tp/english/inhalt/te/11873/1.html 

===========================================================
[20] Upcoming CFP 2002 conference
===========================================================
The Computers, Freedom and Privacy 2002 conference will be held April
16-19 in San Francisco. This year, the meetings will focus on such
issues as biometric authentication methods, the future of intellectual
property, public records policies, new Internet surveillance
legislation and more. The event will also coincide with the
presentation of the United States Big Brother Awards on April 18.

Visit the Official CFP 2002 website at
http://www.cfp2002.org

=========================================================
 ABOUT THE GILC NEWS ALERT:
========================================================= The GILC
News Alert is the newsletter of the Global Internet Liberty Campaign,
an international coalition of organizations working to protect and
enhance online civil liberties and human rights.  Organizations are
invited to join GILC by contacting us at gilc@gilc.org.

To alert members about threats to cyber liberties, please contact
members >from your country or send a message to the general GILC
address.

To submit information about upcoming events, new activist tools and
news stories, contact:

Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004
USA

Or email:
cchiu@aclu.org

More information about GILC members and news is available at
http://www.gilc.org

You may re-print or redistribute the GILC NEWS ALERT freely.

To subscribe to the alert, please send e-mail to
gilc-announce@gilc.org

with the following message in the body:
subscribe gilc-announce

========================================================
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A
GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)
========================================================
_______________________________________________
GILC-plan mailing list
GILC-plan@mailman.gilc.org
https://mailman.gilc.org/cgi-bin/mailman/listinfo/gilc-plan

------- End of forwarded message -------


-- 
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de