GILC Alert
Volume 6, Issue 6
12 September 2002
Welcome to the Global Internet Liberty Campaign Newsletter.
Welcome to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and human
rights on the Internet.
We hope you find this newsletter interesting, and we very much hope that you
will avail yourselves of the action items in future issues.
If you are a part of an organization that would be interested in joining
GILC, please contact us at <gilc@gilc.org>.
If you are aware of threats to cyber-liberties that we may not know about,
please contact the GILC members in your country, or contact GILC as a whole.
Please feel free to redistribute this newsletter to appropriate forums.
===============================================
Free expression
[1] China blocks Google, Altavista search engines
[2] Greek court throws out game ban case
[3] BT weblinks patent suit fizzles
[4] Vietnam pushes harsh Internet restrictions
[5] Chinese & Korean Net music sites face legal woes
[6] Britain ponders tough new Net copyright rules
[7] Protest site decries weblink bans
[8] Egyptian Net poster faces jail time
[9] Corporate parody website hit with trademark threats
[10] Anti-DMCA lawsuit centers on Net blocking software
[11] Internet becomes key free speech outlet in Iran
Privacy
[12] Canadian plan to make Internet spy-friendly
[13] Recording giants seek Net provider's help to spy on customer
[14] War of words over Euro data retention plans
[15] Microsoft settles Passport privacy case with U.S. gov't
[16] New Bulgarian telecom law may have privacy implications
[17] Surprise US spy court ruling criticizes gov't officials
[18] Ukrainian Net provider license plan worries privacy advocates
[19] DoubleClick settles U.S. multistate privacy probe
[20] US university official job-shifted over web break-in
[21] New reports document erosion of online privacy
[22] US gov't refuses to issue new mobile phone privacy rules
[23] New GILC member: Reporters Sans Frontieres
==================================================
[1] China blocks Google, Altavista search engines
==================================================
Beijing has apparently launched a new wave of repression online, by banning
web portals and jailing dissidents.
Chinese officials have blocked two popular Internet search engines, Google
and Altavista. While the Chinese government had already denied access to
many sites (such as the BBC) that contain political discussions or other
material it deemed taboo, this is believed to be the first time Beijing has
barred portals, which merely provide weblinks to such information. Chinese
users who tried to access Google or Altavista were diverted to other sites.
Robert Menard of Reporters Sans Frontieres (RSF-a GILC member) noted that
Chinese authorities "were already in the habit of using surveillance,
censorship or the outright elimination of overly critical web sites, but the
blocking of a search engine sets a surprising and very worrying precedent."
Similar concerns have been expressed by other groups, including Human Rights
Watch (HRW-a GILC member), which wrote a letter urging both companies "to
continue to resist the Chinese government's censorship pressure as a
violation of internationally recognized rights of free expression." Some
experts worry that Google or Altavista will follow in the footsteps of
Internet giant Yahoo, which signed a self-censorship agreement that has been
derided by free speech advocates. Meanwhile, at least one mirror website of
Google, elgooG, has been created to help circumvent the new ban. In the
latest development, Chinese officials have apparently removed blocks on
Google, but the ban on Altavista remains in place.
Meanwhile, fears are growing over the fate of 2 Internet dissidents. Chinese
authorities have confirmed that they have detained Wan Yanhai, who ran the
Chinese AIDS Action Project website and had written numerous online articles
about China's HIV victims. One of his articles documented a scandal
involving government-supported health clinics in the northern province of
Henan, where many peasants became infected with the virus after selling
their blood. These and other newsitems drew the ire of the Chinese
government censors, who have discouraged reports on HIV-related subjects in
the past. In addition, the Chinese government sentenced Li Dawei to 11-years
in prison for downloading "counterrevolutionary" essays from the Web,
storing them on his computer and printing them into books. He also used
e-mail and other methods to communicate with associates abroad.
These events come as a new report suggests that mainland Chinese officials
so far "have been relatively successful" in their efforts to suppress
Internet speech. The study (entitled "You've Got Dissent!") analyzes "the
political use of the Internet by Chinese dissidents ... and the
counterstrategies that Beijing has employed to prevent or minimize its
impact." The report goes on to state that "[n]o credible challenges to the
regime exist at present, despite the introduction of a massive modern
telecommunications infrastructure."
For the latest details on the Google and Altavista bans, visit the Digital
Freedom Network (DFN-a GILC member) website under
http://dfn.org/news/china/google2.htm
To read the HRW letter concerning the Google and Altavista bans, click
http://www.hrw.org/press/2002/09/china0907.htm
For RSF comments on the Chinese Google ban, click
http://www.rsf.fr/article.php3?id_article=3621
Read Peter S. Goodman and Mike Musgrove, "China Blocks Web Search Engines,"
Washington Post, 12 September 2002, page E1 at
http://www.washingtonpost.com/wp-dyn/articles/A5510-2002Sep11.html
See "Altavista tries to beat Chinese ban," BBC News Online, 12 September
2002 at
http://news.bbc.co.uk/1/hi/technology/2251533.stm
Read Stefanie Olsen, "China blocks search engine AltaVista," 9 September
2002 at
http://news.com.com/2100-1023-957154.html
See also "China criticised for ban on Google," BBC News Online, 5 September
2002 at
http://news.bbc.co.uk/1/hi/technology/2238236.stm
Read Will Knight, "Google mirror beats Great Firewall of China,"
NewScientist.com, 6 September 2002 at
http://www.newscientist.com/news/news.jsp?id=ns99992768
For more on the Yahoo self-censorship controversy, read Jim Hu, "Yahoo
yields to Chinese web laws," CNet News, 13 August 2002 at
http://news.com.com/2102-1023-949643.html
For information in German (Deutsch), see "Yahoo! Wird Aussenstelle der
China-
Stasi," Spiegel Online, 11 August 2002 at
http://www.spiegel.de/netzwelt/politik/0,1518,209065,00.html
For RSF's criticism of the Yahoo self-censorship agreement, click
http://www.rsf.fr/article.php3?id_article=2959
The Chinese AIDS Action Project website is located at
http://www.aizhi.org/
For further information about the Wan Yanhai case, visit the Committee to
Project Journalists (CPJ-a GILC member) website under
http://www.cpj.org/news/2002/China05sept02na.html
For more on the Li Dawei case, visit the DFN website under
http://dfn.org/news/china/lidawei.htm
The report "You've Got Dissent!" is available (in PDF format) via
http://www.rand.org/publications/MR/MR1543/
Read "China Dissidents Thwarted on Net," Associated Press, 27 August 2002 at
http://www.wired.com/news/politics/0,1283,54789,00.html
=================================================
[2] Greek court throws out game ban case
=================================================
A Greek court has dismissed a case against two men charged with violating a
new law that bans the public playing of electronic games.
They were charged under a measure that was passed nearly two months ago.
While it was supposedly adopted as an anti-gambling move, the law does not
make any distinction between gambling and computer games. Indeed, the Greek
Government has applied the ban to gaming on computers and consoles
(including Playstation and Xbox) in cybercafes and other public places. The
two individuals in question had been arrested for allegedly permitting
people play the computer game Counter-Strike. If convicted, they could have
spent several months in prison and been forced to pay nearly 5000 EUR in
fines.
The ban has enraged many cyberlibertarians, who fear that the law will be
used as a pretext for government oppression. The Greek Internet Cafe Union
noted in a statement that, in theory, "the police can arrest you if you are
using your PC for playing games or if your employer catches you playing
chess or backgammon on Yahoo." Comparisons have also been drawn to 1970s
police actions against people who played cards at home. An online petition
against the legislation has garnered over 25 000 signatures to date. In
addition, several hundred protestors appeared outside the courtroom in
Thessaloniki on the day of the ruling and chanted "No to censorship on the
Internet."
For more information about the petition against the Greek computer gaming
ban, click
http://www.petitiononline.com/mod_perl/signed.cgi?comp5932
Read Matt Loney, "Greek gaming law defeated in court," CNet News, 11
September 2002 at
http://news.com.com/2100-1040-957519.html
See "Court allows Greek gamers to play on," BBC News, 10 September 2002 at
http://news.bbc.co.uk/1/hi/technology/2249656.stm
For press coverage in German (Deutsch), read "Gericht: Spieleverbot
verstosst gegen die Verfassung Griechenlands," Heise Online, 11 September
2002 at
http://www.heise.de/newsticker/data/daa-11.09.02-000/
See also "Greeks fight computer game ban," BBC News Online, 5 September 2002
at
http://news.bbc.co.uk/1/hi/technology/2238242.stm
===============================================
[3] BT weblinks patent suit fizzles
===============================================
A United States court has thrown out British Telecom's claims that it owns
all weblinks.
The company had alleged in a lawsuit that it possessed intellectual property
rights over all links, based on a patent it filed in the 1970s. The
communications giant had demanded licensing fees from American Internet
service provider Prodigy, and had hoped to launch more lawsuits in the hopes
of collecting additional royalties. However, presiding judge Colleen McMahon
rejected BT's arguments and cited several portions of the patent that did
not gel with the realities of the Information Superhighway. For example, the
patent described a central computer, in stark contrast to the decentralized
nature of the Internet. Similarly, "Web pages stored on Prodigy's Web
servers do not contain 'blocks of information' or 'complete addresses' as
claimed in the Sargent patent."
BT's attempts to collect weblink-based royalties had run into numerous
problems from the outset. Skepticism about the company's chances for success
were further fueled by a video filmed in 1968 (several years before BT said
it developed the technology) showing Stanford researchers demonstrating
weblinks. There is no word yet on whether firm will appeal the ruling.
See Matt Loney, "Hyperlink patent case fails to click," CNet News, 23 August
2002 at
http://news.com.com/2100-1033-955001.html
Read "BT loses weblinks battle," BBC News Online, 23 August 2002 at
http://news.bbc.co.uk/1/hi/technology/2212203.stm
For further information in German (Deutsch), read "US-Gericht sieht in
Nutzung von Hyperlinks keine Patentrechtsverletzung," Heise Online, 23
August 2002 at
http://www.heise.de/newsticker/data/hod-23.08.02-000/
===============================================
[4] Vietnam pushes harsh Internet restrictions
===============================================
Vietnamese officials have unveiled a multi-faceted plan that may
significantly restrict online free speech.
The Vietnamese ministry of culture and information is considering a proposal
that could force cybercafes to meet more stringent licensing requirements.
Heavy penalties apparently would be imposed on the proprietors of such
establishments if their customers visited various taboo Internet sites,
including webpages with anti-government material. The scheme also calls for
the ministry of public security to draw up a list of websites to be blocked
by state-owned Vietnam Data Communications, the country's sole Internet
gateway.
The plan is just the latest in a series of moves by Vietnamese authorities
to stifle criticism along the Information Superhighway. During the past
year, the Vietnamese government has thrown several online dissidents behind
bars, including Le Chi Quang, Son Hong Pham and Tran Khue. Officials in the
Southeast Asian country recently confirmed that Le, who wrote an essay that
described the political environment in which several Chinese-Vietnamese
treaties were signed, will soon be tried on charges that he violated
national security.
See "Vietnam to crack down on net access," Guardian Unlimited, 16 August
2002 at
http://www.guardian.co.uk/internetnews/story/0,7369,775745,00.html
For further background information, visit the Reporters Sans Frontieres
(RSF-a GILC member) website under
http://www.rsf.fr/article.php3?id_article=1288
=====================================================
[5] Chinese & Korean Net music sites face legal woes
=====================================================
Lawsuits concerning two Asian music-sharing websites have raised public
concern over how copyright laws restrict Internet free speech.
In one case, the Recording Industry Association of America, which lists AOL
Time Warner, RCA, Vivendi Universal and Sony Music among its members,
charged that Listen4ever.com, which was hosted in mainland China, was
violating copyright laws. However, rather than go after the webpage's
operator, it launched legal actions against a number of United States
Internet service providers (ISPs), including AT&T Broadband, Cable &
Wireless and Sprint, hoping to force the ISPs to block Listen4ever. The
lawsuit was later withdrawn after the website closed down. Many
cyberlibertarians feared that the dispute might have a strongly negative
impact on freedom of expression along the Information Superhighway. In a
statement, the Electronic Frontier Foundation (EFF-a GILC member) warned
that the RIAA's legal action "sought to establish a precedent that anyone
alleging piracy could shut down access to parts of the Internet, resulting
in inappropriate shutdowns, undue administrative burden for ISPs, and
imperiling the basic principle of unfettered exchange of information on the
Internet."
Meanwhile, a controversial Korean service used for trading music files is
operational once more, albeit in an altered form. Soribada (which means "sea
of sound") was created by two Korean brothers and allowed users to trade MP3
music files with each other via a central website. Soribada has since
altered its approach, releasing new peer-to-peer software that allows users
to swap music online without having to go through a central server. The move
came after a copyright lawsuit by the Recording Industry Association of
Korea; a court subsequently fined the brothers and essentially ordered them
not to use their servers for file-trading purposes. The ruling was greeted
with dismay by cyberliberties groups, including Jinbonet, which argued that
such trading should be legal in light of its non-profit and private nature.
It is unclear whether Soribada's new direct peer-to-peer trading system is a
violation of Korean copyright laws.
An EFF statement on the Listen4ever legal dispute is posted under
http://www.eff.org/Infra/20020821_eff_riaa_pr.html
Read Lisa M. Bowman, "ISPs off the hook in swapping suit," CNet News, 21
August 2002 at
http://news.com.com/2100-1023-954782.html
Read Kim Deok-hyun, "Soribada Reopens Music Sharing Service," Korea Times,
25 August 2002 at
http://www.hankooki.com/kt_tech/200208/t2002082517182345110.htm
For background information, see Kim Deok-hyun, "Online Music Fans Challenge
Ruling," Korea Times, 15 July 2002 at
http://www.hankooki.com/kt_tech/200207/t2002071519543645110.htm
==================================================
[6] Britain ponders tough new Net copyright rules
==================================================
Concerns are growing over whether British plans to implement a controversial
European Community copyright directive will hurt freedom of expression
online.
The British government has issued a public consultation paper that proposes
amending national laws to conform with an EC directive on the "Harmonization
of Certain Aspects of Copyright and Related Rights in the Information
Society." The changes would limit copying and redistribution of many types
of digital information, although there is an exclusion for computer software
and databases (which are already specifically covered by current legal
standards). Another amendment, which has drawn comparisons with the United
States Digital Millennium
Copyright Act, would bar possession or use of devices that could circumvent
copyright protection. Other amendments would permit marking of digital
works, allowing copyright holders to track such material along
telecommunications networks. The scheme would also turn some copyright
violations into criminal (rather than civil) offences.
In an analysis commissioned by GreenNet, a node of the Association for
Progressive Communications (APC-a GILC member), cyberlaw expert Paul Mobbs
suggests that the proposal may seriously interfere "with the traditional
'fair dealing' provisions that restrict copyright over certain types or
quantities of information. It also potentially affects academic and
journalistic freedoms to quote and critically review information, and would
apply to any artistic or literary works that are produced in a digital
format." In addition, the proposal's "wide definition of 'circumventing
copyright protection'" could apply to more than just "anti-copying measures"
and could lead to the prosecution of researchers or people who merely
possess "tools that have a 'dual use' potential to circumvent copyright."
Mobbs also points out that the amendments may have strong anti-privacy
implications because they allow copyright owners "further rights ... to
track the use of their intellectual property via electronic networks. ...
[U]nder the terms of the Data Protection Act 1998, this data could be traded
with other organisations if there was some sort of assent to the transfer as
part of the acceptance of the license. It would therefore be available for
use as part of data profiling."
The British government consultation paper is available under
http://www.patent.gov.uk/about/consultations/eccopyright/index.htm
Comments on the consultation paper should be sent before 31 October 2002 to
copyright@patent.gov.uk
Paul Mobbs' analysis is posted at
http://www.fraw.org.uk/docs/consultation_review.html
===============================================
[7] Protest site decries deep weblink bans
===============================================
A new Internet site has been created to protest restrictions on the creation
on a certain type of weblinks.
Dontlink.com is the brainchild of David Sorkin, an associate professor at
Chicago's John Marshall Law School. It documents numerous organizations that
have attempted to ban Internet links to underlying webpages (instead forcing
users to go through the front page of a given site). Dontlink.com includes
many so-called deep links to the websites of these organizations, notably
the International Trademark Association, Disney, United States National
Public Radio, Matsushita and Motorola. Sorkin says he created the site "in
part as a reaction to Newsbooster and similar cases. But I've really focused
more on sites that don't seem to have any plausible reason for wanting to
restrict links in other words, that are doing so out of mere ignorance."
Sorkin was referring to a Danish court ruling that barred Newsbooster from
providing deep links to individual Danish newspaper articles. In a separate
legal battle, German court likewise has ruled that Newsclub, a German news
search service, had violated the EU Database Directive by including deep
weblinks to a German newspaper site.
Read "Web site flouts linking bans," CNet News, 21 August 2002 at
http://news.com.com/2100-1023-954612.html
See Michelle Delio, "Deep Linking Takes Another Blow," Wired News, 25 July
2002 at
http://www.wired.com/news/print/0,1294,54083,00.html
===============================================
[8] Egyptian Net poster faces jail time
===============================================
The fate of an Internet activist who republished a politically charged poem
on the World Wide Web remains in doubt.
Shohdy Naguib Surur was webmaster and writer for an Egyptian
English-language newspaper, Al-Ahram Weekly. His father had written a
sexually-tinged poem (entitled "Ummiyyat") that heavily criticized the
Egyptian government in the wake of the 1967 Six-Day War with Israel. Shohdy
later posted Ummiyyat on a website (www.wadada.net) hosted in the United
States. He was then arrested and convicted of having "immoral booklets and
prints;" barring a successful appeal, he could spend a year in jail.
The case has drawn the attention of free speech advocates worldwide,
including Russia, where Shohdy was born and lived for many years. One
Russian cyberlibertarian, Nastik Gryzunova, noted that the case "brings up
the issue of the international laws and the Internet, because the server
where the poem is published is the hosted in the U.S. These problems are
topical not just for Russia or Egypt, and we hope the international Internet
community will support Shohdy Naguib."
The text of the poem is available via
http://www.wadada.net/surur/ummiyyat/index.html
See Hani Shukrallah, "Phantoms of liberty," Al-Ahram Weekly, 4 September
2002 issue at
http://web1.ahram.org.eg/weekly/2002/601/op9.htm
Read Sergei Kuznetzov, "Father's Poem, Son's Conviction," Wired News, 5
August 2002 at
http://www.wired.com/news/print/0,1294,54027,00.html
Further information is available from the Independent Media Center under
http://www.indymedia.org/front.php3?article_id=201371&group=webcast
========================================================
[9] Corporate parody website hit with trademark threats
========================================================
A popular webpage that lampooned the failures of several major corporations
was temporarily closed down after being hit with legal threats.
Fuckedcompany.com contains numerous articles about mass layoffs, dot-com
disasters and other news about firms that are in serious trouble. The site
included a special section about firings at Ford Motor Company that was
entitled "Ford, where finding a job is job 1," an apparent parody of the
company's advertising slogan, "Ford, where quality is job 1." The firm sent
a cease-and-desist letter to Phil Kaplan, the site's creator, claiming that
he had engaged in trademark infringement. Kaplan, the site's creator,
removed the phrase from its website, but posted the letter with weblinks and
added commentary. The automobile giant then threatened to sue Kaplan's
Internet service provider, Hostcentric, which shuttered the webpage. The
site has since gone back online, but only after various changes were made to
appease Ford.
The case has further fueled concern over the apparent misuse of intellectual
property laws to silence criticism along the Information Superhighway.
Kaplan himself has noted that in many such instances, even if the claims are
frivolous, corporations can often win because they possess greater resources
than their critics: "The whole (problem) is that if you do a search on Ford
and copyright lawsuit, you'll find a million examples of Ford doing this. If
you're a company that size you can do anything you want in the world."
See Paul Festa, "Dot-com dead pool brakes for Ford," CNet News, 26 August
2002 at
http://news.com.com/2100-1023-955447.html
============================================================
[10] New anti-DMCA lawsuit centers on Net blocking software
============================================================
A much-debated United States copyright statute and a widely-used computer
program that blocks controversial Internet material are the targets of a new
lawsuit.
The case focuses on a blocking package manufactured by N2H2 that is used by
thousands of public schools and governmental agencies in the U.S. More
recently, N2H2 launched a bid to provide Saudi Arabia with its services to
help censor out information on such topics as religion and public health.
Harvard University student Ben Edelman, who was investigating the extent to
which N2H2's program prevents access to sites on the Information
Superhighway, feared that his activities might run afoul of the U.S. Digital
Millennium Copyright Act (DMCA), as well as N2H2's license, which warns
users not to "copy or make any changes or modifications to the software" or
to "decrypt, decode, translate, decompile, disassemble or otherwise reverse
engineer the software." These fears came in light of several incidents where
various industry-related groups, such as technology giant Hewlett-Packard,
had threatened computer researchers with DMCA-related legal action.
He has since filed papers asking a U.S. Federal court to declare that he has
a right to examine N2H2's blocking program and "to share his research tools
and results with others." Edelman, who is being represented by the American
Civil Liberties Union (ACLU-a GILC member), believed that "the public has a
right to know what is being blocked, and I believe I have a right to uncover
this information without being subject to a corporate lawsuit." When asked
for comment, a spokesperson for N2H2 said that a lawsuit against Edelman was
"not something we would rule out."
An ACLU press release on the Edelman N2H2 lawsuit is available at
http://www.aclu.org/news/2002/n072502a.html
For more about Harvard University research on blocking programs worldwide,
click
http://cyber.law.harvard.edu/filtering/
Read Declan McCullagh, "On trial: Digital copyright law," CNet News, 25 July
2002 at
http://news.com.com/2102-1023-946266.html
For more on Hewlett Packard's recent DMCA threats, read Declan McCullagh,
"HP backs down on copyright warning," CNet News, 1 August 2002 at
http://news.com.com/2102-1023-947745.html
=====================================================
[11] Internet becomes key free speech outlet in Iran
=====================================================
Opposition leaders in Iranian have turned to the Internet in the hopes of
getting their message across without government interference.
For years, the country's rulers have practiced censorship for years to help
maintain their grip on power, banning many newspapers and jailing dozens of
reporters. These efforts have intensified since 1997, especially after
Iranian Supreme Leader Ayatollah Ali Khamenei called pro-reform journals
"bases of the enemy." However, a number of publications that have been
banned in paper form, such as Bonyan and Norouz, have now been made
available through the World Wide Web. Iranian lawyer, Ahmad Akhlaghi,
explained: "Having a news-based Web site is much easier than opening a
newspaper, the Internet is vaguely mentioned in the press law, but opening a
site does not require official permission." A journalist further added:
"Hard-liners normally closed the reformist sites on their 100th publication
to put more economic pressure on the publisher. But the sites don't have
such problems and most of the jobless journalists now work for them."
Unfortunately, there are signs from state-run media that censorship of the
Information Superhighway may not be long in coming. One of these
publications called for harsh restrictions on Internet reporting,
complaining that independent news sites "spread lies and it seems there is
no control over them."
See "Iran reformers use Net to fight press ban," Reuters, 5 August 2002 at
http://news.com.com/2102-1023-948403.html
=================================================
[12] Canadian plan to make Internet spy-friendly
=================================================
The Canadian government is considering a proposal that critics say will
seriously erode privacy online.
The proposal was contained in a Consultation paper that was publicly
released in late August 2002. The paper outlines the form of future laws,
such as a general requirement for telecommunications companies, including
Internet service providers, to make their systems "intercept-capable," as
well as procedures making it easier for customer data to be kept and then
accessed by law enforcement officials. The paper also calls for "the
establishment of a national database" with information about every Internet
and telecommunications user in Canada. In addition, the document would
expand the government's ability to intercept Internet traffic information
(which would ostensibly include such details as webpage addresses, email
headers and even the geographic locations of mobile phone users) under
relatively weak evidentiary standards previously used for phone numbers.
These ideas are expected to form the core for new legislation to be
considered by the Canadian Parliament within the coming months.
Not surprisingly, the draft has caused a wave of protests from the Internet
community, especially from privacy advocates. For example, Gus Hosein from
Privacy International (a GILC member) attacked the database provisions as "a
dumb idea. Immediately you have to wonder if you're allowed to use anonymous
mobile phones or whether you're allowed to connect to the Internet
anonymously." Michael Geist, a law professor at the University of Ottawa,
noted that "there's nothing in the document that indicates (new powers) are
needed. I don't know that there have been a significant number of cases
where police have run into problems."
The Access Consultation document is available (in PDF format) under
http://www.canada.justice.gc.ca/en/cons/la_al/law_access.pdf
Comments on the Consultation paper can be emailed (no later than 15 November
2002) to
la-al@justice.gc.ca
To read a University of Toronto dossier on this subject, click
http://www.law.utoronto.ca/c-36/program.htm
Read Declan McCullagh, "Will Canada's ISPs become spies?" CNet News, 27
August 2002 at
http://news.com.com/2100-1023-955595.html
==================================================================
[13] Recording giants seek Net provider's help to spy on customer
==================================================================
Several major record labels are pressuring a major United States Internet
service provider (ISP) to divulge personal information about one of its
subscribers.
The Recording Industry Association of America (RIAA) has requested data
concerning a customer of telecom giant Verizon. The RIAA alleges that the
individual in question had engaged on copyright infringement through
peer-to-peer music file trading over the Internet. The Association claims it
has the power to gather such information under the U.S. Digital Millennium
Copyright Act (DMCA) even though it has not actually filed a lawsuit yet.
The cited DMCA provision essentially says that copyright owners can request
a U.S. Federal court to subpoena "information sufficient to identify the
alleged infringer" from a "service provider."
The RIAA's efforts have met with opposition from privacy advocates. A dozen
organizations, including GILC members Computer Professionals for Social
Responsibility, the Electronic Frontier Foundation and the Electronic
Privacy Information Center, filed a friend-of-the-court brief charging that
"the statute never intended to reach a situation in which the allegedly
infringing material resides on the user's own computer rather than a
computer owned or controlled by the ISP." The groups also warned the cited
DMCA section fails to include Constitutionally "established safeguards for
protecting the anonymity of Internet speakers who have not been shown to
have engaged in any prohibited conduct." Additionally, the coalition
suggested that, given the entertainment industry's growing use of spyware
and automated sending of subpoena notices, a ruling in favor the RIAA might
change the Internet "a forum for the free exchange of ideas and information
into a virtual surveillance state."
The amicus brief is available via
http://www.eff.org/Cases/RIAA_v_Verizon/20020830_eff_amicus.html
See John Borland, "ISPs gird for copyright fights," CNet News, 9 September
2002 at
http://news.com.com/2100-1023-957023.html
Read Jonathan Krim, "A Story Of Piracy And Privacy," Washington Post, 5
September 2002, page E1 at
http://www.washingtonpost.com/wp-dyn/articles/A38034-2002Sep4.html
Read Declan McCullagh, "Watchdogs rap RIAA's file-trade assault," CNet News,
30 August 2002 at
http://news.com.com/2102-1023-956176.html
Press coverage in German (Deutsch) is available in "US-Musikindustrie will
Provider zur Herausgabe von Kundendaten zwingen," Heise Online, 22 August
2002 at
http://www.heise.de/newsticker/data/anw-22.08.02-002/
===============================================================
[14] War of words over Euro data retention plans
===============================================================
Controversy has arisen over a European proposal for the retention of
telecommunications traffic and location data.
Statewatch, a civil liberties news and research group, recently uncovered a
proposal that would have required telecom companies to retain traffic data
for at least 1 year (the maximum would be 2 years). Under this "draft
framework decision," which was created by the Belgian presidency of the
European Union in November 2001, law enforcement agents throughout the EU
would then be allowed to access this information for investigations of a
variety of crimes. The data that could be collected under this plan would
include web surfing habits, email header information, callers' and
recipients' names, and the geographic locations of individual mobile phones.
While the proposal does mention that the "confidentiality and integrity" of
such information must be protected, it does not provide specific standards
or rules for doing so. Statewatch editor Tony Bunyan branded the proposal "a
move from targeted to potentially universal surveillance. EU governments
claimed that changes to the 1997 privacy directive would not be binding on
member states-each national parliament would have to decide."
In a press release, the Danish presidency of the EU has denied Statewatch's
accusations, claiming that they were based on "fundamental
misunderstandings." The release went on to say that there "are no further
proposals on the table regarding retention of traffic data, and the Danish
Presidency is not engaged in drafting any such proposals." The statement did
refer to a June 2002 proposal, which urges the establishment of "binding
rules on the approximation of Member States' rules on the obligation of
telecommunications service providers" to keep traffic and location
information, but says that such rules must conform with various European
privacy laws. In addition, the Danish presidency has issued a data
retention-related questionnaire to all EU governments; the results of this
survey are expected to be discussed at an EU expert group meeting on next
week.
These developments come just a few months after the European Parliament
approved a Directive (2002/58/EC) allowing national governments to introduce
legislation that will (1) require telecom companies to retain customer
traffic and location data and (2) give law enforcement agents access to this
data. EU member states are supposed to comply with this Directive (which
does not require uniform standards across national borders) by October 2003.
Indeed, at a national level, data retention legislation has become the
subject of heated debate in several EU countries, including Great Britain
and Switzerland.
To read the Danish presidency's response to Statewatch's statements, as well
as Statewatch's rebuttal of the Danish presidency release, see
http://www.statewatch.org/news/2002/aug/05datafd2.htm
The draft framework decision is available at
http://www.statewatch.org/news/2002/aug/05datafd.htm
The June 2002 proposal is posted (in PDF format) under
http://www.statewatch.org/news/2002/aug/10358en2.pdf
The questionnaire is available (in PDF format) under
http://www.statewatch.org/news/2002/aug/11490-r1.pdf
To read the text of the aforementioned Directive (in PDF format), click
http://register.consilium.eu.int/pdf/en/02/st03/03636en2.pdf
For an extensive dossier on data retention issues, visit the Electronic
Privacy Information Center (EPIC-a GILC member) website under
http://www.epic.org/privacy/intl/data_retention.html
See "Privacy fears over EU snooping plans," BBC News Online, 20 August 2002
at
http://news.bbc.co.uk/1/hi/technology/2204909.stm
Read Richard Norton-Taylor and Stuart Millar, "Privacy fear over plan to
store email," The Guardian, 20 August 2002 at
http://www.guardian.co.uk/netprivacy/article/0,2763,777574,00.html
For more on Swiss data retention proposals, see Jakob Greber, "Swiss
surveillance catches up with email," Swissinfo, 21 July 2002 at
http://www2.swissinfo.org/sen/Swissinfo.html?siteSect=111&sid=1192676
=============================================================
[15] Microsoft settles Passport privacy case with U.S. gov't
=============================================================
The world's leading provider of computer operating systems has settled a
privacy complaint with United States government regulators.
In an agreement with the U.S. Federal Trade Commission (FTC), Microsoft has
agreed to make several changes in the way it handles personal data. Among
other things, the agreement prohibits Microsoft from misrepresenting its
information practices (through its privacy statements, for example). The
company is also required to "establish and maintain a comprehensive program
... that is reasonably designed to protect the security, confidentiality and
integrity of personal information collected for and about consumers."
Additionally, Microsoft will have to undergo independent third-party
security audits within one year, and on a biannual basis thereafter.
The settlement came after several organizations, including GILC members the
Electronic Privacy Information Center (EPIC), Computer Professionals for
Social Responsibility, the Electronic Frontier Foundation and Net Action,
had filed formal papers with the FTC regarding the potential detrimental
impact that Microsoft Windows XP might have on user privacy, especially its
.Net Passport user authentication service, which the company intended to be
a central repository for such personal information as birth dates and credit
card numbers. The FTC subsequently found that Microsoft had failed in many
respects "to maintain a high level of online security by employing
sufficient measures reasonable and appropriate under the circumstances to
maintain and protect the privacy and confidentiality of personal information
... in connection with the Passport and Passport Wallet services." EPIC
Executive Director Marc Rotenberg commented that the settlement was "a very
big development," and noted that the "FTC has essentially agreed with us,
the privacy organizations, as to our original petition." He also suggested
that there should be ongoing evaluation of the company's privacy practices:
"We're just, in fact, at the beginning of the FTC's oversight of Microsoft's
online services."
The settlement agreement is posted (in PDF format) at
http://www.ftc.gov/os/2002/08/microsoftagree.pdf
An FTC press release and the Commission's complaint are available via
http://www.ftc.gov/opa/2002/08/microsoft.htm
For the latest details, see Joe Wilcox, "Microsoft beefs up Passport
security," CNet News, 2 September 2002 at
http://news.com.com/2100-1001-956246.html
Read Henry Norr, "Microsoft gets slapped on security," San Francisco
Chronicle, 9 August 2002, page B1 at
http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2002/08/09/BU134000.DTL
See Ted Bridis, "Microsoft Reaches 'Passport' Settlement," Associated Press,
8 August 2002 at
http://www.cbsnews.com/stories/2002/08/08/tech/printable518014.shtml
For more of Mr. Rotenberg's remarks, see Joe Wilcox, "Microsoft, FTC reach
privacy settlement," CNet News, 8 August 2002 at
http://news.com.com/2100-1001-948922.html
=============================================================
[16] New Bulgarian telecom law may have privacy implications
=============================================================
A recently released draft Bulgarian law may have a serious impact on
cyberliberties, especially the right to privacy.
Bulgarian Ministry of Transport and Communications (MTC) has published a new
draft Telecommunications Act. Among other things, the new scheme would
implement licensing procedures for Internet service providers (ISPs).
Several sections of the plan would permit the government easier access to
users' personal information. For example, one section empowers the Ministry
of the Interior to dictate data caching requirements, ostensibly for
surveillance purposes. Another broadly worded section allows a state
Committee for Regulation of Communications (CRC) to demand any information
from ISPs that is "necessary for the performance of its regulatory
functions," with little or no restrictions on how the CRC may use such
information. In addition, CRC officers would be allowed to "search rooms in
which are kept evidences of performed administrative violations."
Many observers fear this plan will open the floodgates to massive
surveillance of the Internet-concerns that were confirmed by a highly
critical analysis prepared by sources from the Bulgarian Internet Society
and Veni Markovski, the local coordinator of the Global Internet Policy
Initiative. These critics have noted the plan would constitute a reversal of
a 1999 decision by the Bulgarian Supreme Court, which had previously barred
a somewhat similar licensing scheme due to fears that it would violate the
European Convention on Human Rights. Additional concerns have been raised
over the secretive nature with which the proposal was drafted. Moreover,
some experts have expressed doubts as to whether the proposed law is in
accord with the Bulgarian Constitution.
The MTC website is located at
http://www.mtc.government.bg
For further information in Bulgarian, click
http://portal.bg/news.php?cat=main&read=20022108002
http://portal.bg/news.php?cat=main&read=20022108001
http://portal.bg/news.php?cat=main&read=20022108003
=============================================================
[17] Surprise US spy court ruling criticizes gov't officials
=============================================================
United States government officials have received a stunning rebuke over
their surveillance efforts.
For the first time in its nearly 20 years of existence, the U.S. Foreign
Intelligence Surveillance Court has released an opinion to the public. In
its decision, the Court lashed out at the U.S. government for various
"misstatements and omissions" contained in more than 75 search warrant and
wiretap applications. The Court also held that Federal officials had
engaged in improper intelligence "information sharing and unauthorized
disseminations to criminal investigators and prosecutors," and the
procedures for such information sharing were "not reasonably designed" to
protect privacy rights.
The ruling came in regards to foreign intelligence gathering guidelines for
Federal officials. The U.S. Justice Department had argued in favor of rules
changes that would allow investigators to conduct surveillance operations
and get search warrants under looser foreign intelligence standards, even if
the primary purpose of the wiretapping or search is not to collect foreign
intelligence. Under this theory, law enforcement agents could make use of
such standards so long as foreign intelligence gathering was merely a
"significant" purpose. The court disagreed and required Federal officials,
among other things, to "ensure that law enforcement officials do not direct
or control the use of the FISA procedures to enhance criminal prosecution."
U.S. officials have since appealed the ruling to a secret appeals court,
which only heard arguments from the government's perspective. The move drew
serious criticism from a number of experts. Ann Beeson of the American Civil
Liberties Union (ACLU-a GILC member) warned: "Hearing a one-sided argument
and doing so in secret goes against the traditions of fairness and open
government that have been the hallmark of democracy." Previously, a
coalition of groups, including GILC members the Electronic Privacy
Information Center, the Center for Democracy and Technology and the ACLU,
had sent a letter requesting the opportunity to file amicus curiae briefs
with the court in this case.
To read the text of the opinion (in PDF format), click
http://www.washingtonpost.com/wp-srv/onpolitics/transcripts/fisa_opinion.pdf
To read the aforementioned coalition letter (in PDF format), click
http://www.aclu.org/court/FISA_appeal_ltr.pdf
An ACLU press release regarding the secret appeals court is posted at
http://www.aclu.org/news/2002/n090902b.html
See "Federal Spy Court Blasts FBI, Justice," CBS News Online, 23 August 2002
at
http://www.cbsnews.com/stories/2002/08/23/attack/printable519606.shtml
Read Dan Eggen and Susan Schmidt, "Secret Court Rebuffs Ashcroft,"
Washington Post, 23 August 2002, page A1 at
http://www.washingtonpost.com/wp-dyn/articles/A51220-2002Aug22.html
For further information in German (Deutsch), read "Gericht verweigert
Staatsanwalten Zugriff auf Geheimdienstaden," Spiegel Online, 23 August 2002
at
http://www.spiegel.de/politik/ausland/0,1518,210689,00.html
===================================================================
[18] Ukrainian Net provider license plan worries privacy advocates
===================================================================
An upcoming plan to require Ukrainian Internet providers to help provide
information about their users has left many observers concerned about the
future of online privacy.
Under a December 2001 Presidential Decree "On the Implementation of the
Decision of the National Security and Defense Council," the Ukrainian
Cabinet of Ministers must draft a proposal that will place new burdens on
Internet service providers (ISPs). Among other things, ISPs will be required
to collect and store traffic data about their customers for 6 months.
Providers would also have to monitor domestic Internet content. These
conditions would have to be met in order to obtain government licenses.
A number of civil society groups, such as Privacy Ukraine (a GILC member),
fear that the draft statute will not include sufficient means to protect
citizens from unnecessary government intrusions online. They point out that
the proposal is just one in a series of political developments that may have
a detrimental impact on individual privacy. For example, a Ukrainian Draft
Statute on Telecommunications obliges ISPs to implement, at their own
expense, technical means for the interception of electronic communications.
At the same time, Ukrainian Parliament did not adopt a proposed Data
Protection Statute or otherwise perform much oversight regarding law
enforcement wiretapping practices.
For further information, email
privacy@ukrnet.net
=======================================================
[19] DoubleClick settles U.S. multistate privacy probe
=======================================================
An Internet advertising giant is promising to let consumers know more about
the information it compiles about them.
Several years ago, DoubleClick admitted to tracking viewers through the
Internet by placing digital identification numbers in files known as
"cookies" on a user's hard drive, which it matches with name and address
information that has been collected by its partners. Despite initial claims
to the contrary, DoubleClick expressed its intention to match this data with
more extensive information contained in millions of files maintained by its
merger partner Abacus Direct. DoubleClick later shelved its data-matching
plan after a storm of public criticism.
These revelations led to a whole host of investigations by several
governmental entities in the United States, including 10 U.S. state attorney
generals. In a settlement of the state attorney general probes, DoubleClick
has agreed, among other things, to create a "cookie viewer" to allow
Internet users to see what categories DoubleClick has put them in
("classification of a User's browsing activities, for purposes of ... Ad
serving, into types of inferred interests or behaviors). However, there is
no specific deadline for such a viewer to implemented, and it is unclear
whether the viewer will permit users to see their complete DoubleClick
personal information files. The company will also pay a fine of US $450 000.
A New York State Attorney General press release on the settlement is posted
(in PDF format) at
http://www.oag.state.ny.us/press/2002/aug/aug26a_02_attach.pdf
See Joanna Glasner, "DoubleClick to Open Cookie Jar," Wired News, 27 August
2002 at
http://www.wired.com/news/business/0,1367,54769,00.html
For further information in German (Deutsch), read "DoubleClick einigt sich
mit US-Justiz (Update)," Heise Online, 27 August 2002 at
http://www.heise.de/newsticker/data/tol-27.08.02-001/
See also Robert O'Harrow Jr., "Web Ad Firm to Limit Use of Profiles,"
Washington Post, 27 August 2002, page E1 at
http://www.washingtonpost.com/wp-dyn/articles/A64716-2002Aug26.html
==========================================================
[20] US university official job-shifted over web break-in
==========================================================
The website of a prominent United States university has suffered a breach of
security, apparently caused by employees at a rival institution.
Princeton University has admitted that staff from its admissions department
used information collected from applicants, such as Social Security numbers,
birth dates and last names, to break into the website of Yale University.
Yale had created a special encrypted webpage for freshman hopefuls that
included financial aid letters, student interests and other personal data.
The Yale webpage specifically contained a warning that "no one but the
applicant should make use of this online facility. ... Yale considers this
information to be confidential and will investigate and act on any violation
of its intended use." Nevertheless, Stephen LeManger, Princeton's director
of admissions, and several other people in his division used collected from
applicants, many of whom had also applied to Yale, to log into Yale's
admission site. Princeton employees reportedly managed to access the
admissions accounts of about a dozen students, including Lauren Bush, a
niece of United States President George W. Bush.
These unauthorized accesses came to light after an off-hand comment by a
Princeton official at a conference of various American universities. Yale
responded by launching an investigation and notifying the U.S. Federal
Bureau of Investigations (FBI). In light of these revelations and its own
internal probe, Princeton has transferred LeMenager to another department,
and its president has apologized over the incident. The results of the FBI
investigation have yet to be released.
See "Princeton officials punished for breaching Yale's Web site," San
Francisco Chronicle, 14 August 2002, page A2 at
http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2002/08/14/MN92526.DTL
Read Pamela Ferdinand and Michael Barbaro, "Yale Tells FBI of Rival's Breach
of Web Site," Washington Post, 26 July 2002, page A2 at
http://www.washingtonpost.com/wp-dyn/articles/A2983-2002Jul25.html
See also "Top US colleges in hacking row," BBC News Online, 26 July 2002 at
http://news.bbc.co.uk/1/hi/world/americas/2153287.stm
==============================================================
[21] US gov't refuses to issue new mobile phone privacy rules
==============================================================
For the time being, a United States government panel has refused to create
new rules to protect the privacy of cellular phone customers.
Over the past few years, the United States government had pushed a plan
known as "Enhanced 911." Under this scheme, mobile phone companies must
install technology allowing government agents to locate cellular users
within 100 meters. The tracking is done by triangulating the emissions given
off by a particular phone between different signal towers. Service providers
who fail to comply with these rules may face heavy fines.
Many groups fear that this new tracking scheme will seriously erode
individual privacy, especially in light of various ambiguities in the
relevant statutes. A number of these organizations, including GILC members
the Electronic Privacy Information Center and the Center for Democracy &
Technology, urged the U.S. Federal Communications Commission to issue rules
to avoid confusion and to enhance cellphone user privacy. However, a
majority of the FCC refused to do so. This decision drew a strong dissent
from Commissioner Michael Copps. He charged that "fears of more invasive and
dangerous misuses of location information" had the "potential to undermine
consumer confidence in, and use of, location services, or to exposure
consumers to both annoyances and dangers, if left unaddressed. ... Customers
will shy away from services if they think that the privacy of something as
sensitive as their location is up for grabs."
The FCC order is available (in PDF format) under
http://www.epic.org/privacy/wireless/FCC_order.pdf
====================================================
[22] New reports document erosion of online privacy
====================================================
Several recent studies suggest that privacy rights along the Information
Superhighway are being severely undermined worldwide.
One of these studies, commissioned by Reporters Sans Frontieres (RSF-a GILC
member), charged that many nations have become "predators of digital
freedoms." In particular, the report, entitled "The Internet on probation,"
notes how "Western democracies ... have adopted laws, measures and actions
that are poised to put the Internet under the tutelage of security
services," resulting in an erosion of "basic cyber-freedoms." Meanwhile,
"countries usually criticised for not respecting human rights and freedom of
expression-such as China, Vietnam, Saudi Arabia and Tunisia-have become
schizophrenic about the Internet. They have encouraged its growth as a tool
of state propaganda or economic interests, but at the same time moved to
control it and clamp down on criticism, argument and hopes for democracy
expressed online."
Another report, jointly written by GILC members the Electronic Privacy
Information Center and Privacy International, similarly documents an
apparent trend toward "increased communications surveillance and search and
seizure powers; weakening of data protection regimes; increased data
sharing; and increased profiling and identification. While none of the above
trends are necessarily new; the novelty is the speed in which these policies
gained acceptance, and in many cases, became law." The 392-page survey
describes how "specific anti-terrorism measures have been introduced in
Australia, Austria, Canada, Denmark, France, Germany, India, Singapore,
Sweden, the United Kingdom and the United States."
The RSF report is posted (in PDF format) at
http://www.rsf.org/IMG/pdf/doc-1259.pdf
The EPIC/PI privacy report is available under
http://www.privacyinternational.org/survey/phr2002/
Read Ciar Byrne, "Anti-terrorism measures 'threaten web freedom,'" Guardian
Unlimited, 6 September 2002 at
http://media.guardian.co.uk/newmedia/story/0,7496,786913,00.html
See "Predators of Digital Freedoms," Associated Press, 5 September 2002 at
http://www.cbsnews.com/stories/2002/09/05/tech/main520928.shtml
See also "Terror laws 'eat away at privacy,'" BBC News Online, 6 September
2002 at
http://news.bbc.co.uk/2/hi/technology/2237050.stm
=================================================
[23] New GILC member: Reporters Sans Frontieres
=================================================
The Global Internet Liberty Campaign has welcomed a new member into the
fold: Reporters Sans Frontieres. Founded in 1985, RSF has worked intensively
over the past several years to defend press freedom throughout the world,
including online journalism. They have launched several projects to document
attacks on the press, including "Enemies of the Internet," which contains
country-by-country descriptions of how governments in many parts of the
world have tried to limit free speech along the Information Superhighway. In
addition, RSF has fought against censorship of journalists through such
methods as sending protest letters, systematically reproducing censored
articles, and hosting banned newspapers.
Visit the RSF homepage at
http://www.rsf.fr
=========================================================
ABOUT THE GILC NEWS ALERT:
=========================================================
The GILC News Alert is the newsletter of the Global Internet Liberty
Campaign, an international coalition of organizations working to protect and
enhance online civil liberties and human rights. Organizations are invited
to join GILC by contacting us at
gilc@gilc.org.
To alert members about threats to cyber liberties, please contact members
from your country or send a message to the general GILC address.
To submit information about upcoming events, new activist tools and news
stories, contact:
Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004
USA
Or email:
cchiu@aclu.org
More information about GILC members and news is available at
http://www.gilc.org
You may re-print or redistribute the GILC NEWS ALERT freely.
To subscribe to the alert, please send e-mail to
gilc-announce@gilc.org
with the following message in the body:
subscribe gilc-announce
========================================================
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A
GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)
========================================================
========== HURIDOCS-Tech listserv ==========
Send mail intended for the list to <huridocs-tech@hrea.org>.
Archives of the list can be found at:
http://www.hrea.org/lists/huridocs-tech/markup/maillist.php
To subscribe to the list, send a message to <majordomo@hrea.org>,
with the following text in the message: subscribe huridocs-tech
To unsubscribe from the list, send a message to <majordomo@hrea.org>,
with the following text in the message: unsubscribe huridocs-tech
If you have problems (un)subscribing, contact <owner-huridocs-tech@hrea.org>.
[Reply to this message] [Start a new topic] [Date Index] [Thread Index] [Author Index] [Subject Index] [List Home Page] [HREA Home Page]