[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(fwd) TBTF for 3/9/98: Pushy
- To: debate@fitug.de
- Subject: (fwd) TBTF for 3/9/98: Pushy
- From: raven@hkn.de (Kai Raven)
- Date: Mon, 09 Mar 1998 21:53:28 GMT
- Comment: This message comes from the debate mailing list.
- Sender: owner-debate@fitug.de
Hallo,
Forwarded message follows:
On Sun, 8 Mar 1998 17:20:11 -0600, dawson@world.std.com (Keith Dawson)
wrote:
Am Sun, 8 Mar 1998 17:20:11 -0600 schrieb Keith Dawson:
TBTF for 3/9/98: Pushy
T a s t y B i t s f r o m t h e T e c h n o l o g y F r o n t
This issue: < http://www.tbtf.com/archive/03-09-98.html >
________________________________________________________________________
..Brits fighting to stave off crypto ban
Mr. Louis Freeh, meet Mr. Jack Straw
In March of 1997 the then-Tory British government's Department of
Trade & Industry proposed licensing "trusted third parties" to
offer encryption services and requiring them to escrow users'
private keys. The Labor party, then in opposition, decried this
proposal, and their election manifesto [9] codified their oppo-
sition. But rumors have been circulating for a month now that the
current Labor government is about to propose a scheme very like
the year-old proposal [10].
On 2/10 Sean Gabb published this leak [11] of government plans to
announce mandatory domestic key escrow. On 2/19 an official of the
DTI did give a presentation [12] on policy suggestions for digital
signatures -- and said that the domestic encryption part of the
policy had been delayed by the "completely wrong announcements on
the Internet," by which he apparently meant [11]. Now more than two
weeks have gone by and no policy paper has been published; rumors
continue to swirl that the policy, when it is released, will some-
how link encryption with digital signatures. Microsoft Europe has
issued a response [13] to this possibility that sets out the is-
sues very nicely. Meanshile, the proprietors of NTKnow have set
up a mailing list for fast-breaking British crypto news. To sub-
scribe, mail majordomo@lists.unfortu.net with message: subscribe
crypto-announce .
[9] http://www.labour.org.uk/views/info%2Dhighway/content.html
[10] http://www.tbtf.com/archive/02-02-98.html#s07
[11] http://freespace.virgin.net/old.whig/flc010.htm
[12] http://www.liberty.org.uk/cacib/legal/crypto/icx2.html
[13] http://www.liberty.org.uk/cacib/legal/crypto/microsoft.html
________________
..Strict EU privacy rules coming
Will it become illegal to push a cookie on a European?
Next October, EU rules go into effect governing the flow of personal
data across national borders. If EU countries strictly implement
these rules, they would have to cut off large amounts of corporate
and personal commerce with countries that don't implement similarly
strict privacy protections. Outside the EU, only Norway, Iceland,
Slovenia, New Zealand, and Switzerland have laws governing the use
of private data by commercial firms. Here is a summary of the dir-
ective on "Transborder Flows of Personal Data," taken from an art-
icle [14] covering possible impacts on the US, Canada, Australia,
and Japan:
> Among the Directive's requirements are that the member country
> statutes provide individuals with the right to advance notice
> of a data collector's intent to collect and use their personal
> data, the right to access and correct data collected about
> them, and the right to object to certain data transfers. The
> Directive further requires that... data collectors process
> personal data only for specified, explicit, and legitimate
> purposes; that data collectors maintain the security and con-
> fidentiality of personal data; and that statutes provide ju-
> dicial remedies for violations.
If the directive were applied liberally it could mean that Website
operators would have to get permission from European users before
setting a cookie, and would have to disclose the intended uses of
cookie data and of personal data captured in site registration.
The more suspect uses of cookies -- by ad sites for example --
would seem to be banished entirely, as their only intent is col-
lecting and correlating personal data for purposes of unsolicited
marketing.
Articles 25 and 26 [15] are at the center of the problems the dir-
ective poses for non-EU countries. Article 25 lays out the stric-
tures and Article 26 gives some conditions under which they might
be relaxed. No one seems to know [16] how the EU countries will
implement the privacy directive.
[14] http://www.info-law.com/eupriv.html
[15] http://www2.echo.lu/legal/en/dataprot/directiv/chap4.html
[16]
http://www.boston.com/dailyglobe/globehtml/064/Lines_drawn_over_privacy.htm
________________
Ciao
Kai