GILC Alert
Volume 7, Issue 2
13 March 2003
Welcome to the Global Internet Liberty Campaign Newsletter.
Welcome to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and human
rights on the Internet.
We hope you find this newsletter interesting, and we very much hope that you
will avail yourselves of the action items in future issues.
If you are a part of an organization that would be interested in joining
GILC, please contact us at <gilc@gilc.org>.
If you are aware of threats to cyber-liberties that we may not know about,
please contact the GILC members in your country, or contact GILC as a whole.
Please feel free to redistribute this newsletter to appropriate forums.
===============================================
Free expression
[1] Jailed Chinese Net dissident goes on hunger strike
[2] US high court hears library Net censor case
[3] Domain name seizures provoke alarm
[4] Tunisian gov't arrests 20 websurfers
[5] Norwegian DVD computer speech decision appealed
[6] Swiss Internet censorship plans lurch forward
[7] Former Yahoo exec cleared in French Net censor case
[8] News site temporarily shutdown after Microsoft complaint
[9] Web protestor wins Taubman domain name dispute
[10] Martus software may aid human rights reporting
[11] UK parliament email censors prevent debate on bills
Privacy
[12] UN investigating allegations of US gov't spying
[13] Fury over new DSEA surveillance proposal
[14] US Congress approves restrictions on TIA spy project
[15] Revised British snoop plans unveiled
[16] Russian mobile phone privacy scandal erupts
[17] Report: Ebay spies on customers, readily discloses personal info
[18] Xupiter spyware raises privacy concerns
[19] College Internet music lovers face tracking schemes
[20] New GILC member: Statewatch
============================================================
[1] Jailed Chinese Net dissident goes on hunger strike
============================================================
A Chinese citizen who was jailed for expressing his views online has started
a hunger strike, while the fates of several other online critics remain in
jeopardy.
Wang Jinbo had sent several essays via the Information Superhighway to
overseas Chinese dissident groups. In these essays, among other things, he
called for the political rehabilitation of people who participated in the
1989 Tienanmen Square protests. He was then arrested and sentenced to four
years in jail on subversion charges. Last week, Wang began a hunger strike
as an act of defiance against his continued detainment. His current
condition is not known.
In a separate case, Chinese officials are restricting the amount of medicine
provided to Qi Yanchen-a freelance journalist who urged political reform in
several of his articles. After these items were posted on the Internet and
in a Chinese policy magazine, Chinese government agents arrested, tried and
convicted him of subversion. Qi, who is suffering from several serious
ailments, including chronic colitis, has only been able to receive medicine
through prison visits by his wife, and prison officials are only allowing
her to visit every 2 months.
A third online dissident, Huang Qi, remains in jail awaiting a verdict even
though his "trial" ended nearly a year-and-a-half ago. Huang, who ran the
"Tianwing Missing Persons Website," had republished articles written by
other people about the 1989 Tiananmen massacre, the Falun Gong spiritual
movement and other topics deemed taboo by the government. Huang was
subsequently charged with "instigation to subvert state power" and was
reportedly beaten in jail. Reporters Sans Frontieres (RSF-a GILC member)
issued a statement that "protested strongly" the postponement of his
verdict, saying that the "inability of the court to prove his guilt is the
best proof of his innocence."
Still another cyber-critic, Tao Haodong, has been sentenced to seven years
in prison. He had previously posted 3 articles online that criticized the
ruling Chinese regime. Tao's sentence came after being detained in July 2001
and a subsequent trial for subversion.
For background information on all these cases, visit the Digital Freedom
Network (DFN-a GILC member) website under
http://dfn.org/focus/china/netattack.htm
For more about Wang Jinbo and Qi Yanchen, visit the RSF website at
http://www.rsf.fr/article.php3?id_article=5071
Additional details regarding Huang Qi are available from the RSF website
under
http://www.rsf.fr/article.php3?id_article=5050
Read "Chinese cyber dissident still awaiting sentence," Agence France
Presse, 1 March 2003 at
http://newsobserver.com/24hour/technology/story/787225p-5635129c.html
For more about the Tao Haodong case, visit the RSF website under
http://www.rsf.fr/article.php3?id_article=4965
===============================================
[2] US high court hears library Net censor case
===============================================
The future of a controversial Internet speech law was recently debated
before the United States Supreme Court.
The Children's Internet Protection Act essentially requires high schools and
libraries to include blocking software on their computers. Institutions that
refuse to do so (or implement policies to that effect) will lose federal
funding. Last year, a Federal judicial panel held that the law, which was
challenged by the American Library Association (ALA) as well as GILC members
the American Civil Liberties Union (ACLU), the Electronic Frontier
Foundation (EFF), and the Electronic Privacy Information Center (EPIC),
violated the right to free expression protected under the First Amendment to
the U.S. Constitution: "Any public library that adheres to CIPA's conditions
will necessarily restrict patrons' access to a substantial amount of
protected speech in violation of the First Amendment." The U.S. Justice
Department then appealed to the Supreme Court.
During the subsequent high court hearing, there was discussion of the
secretive nature of Internet blocking packages and their effects on library
visitors. Justice David Souter complained that the companies that develop
filtering software "will not even disclose what they are blocking. When
libraries have historically made these decisions, they have known what
they're blocking." In addition, Paul Smith, an attorney arguing on behalf of
the ALA, warned that library users might be too embarrassed to complain even
if the blocking packages have prevented them from accessing noncontroversial
material: "You've got to go up and say `Please turn off the porn filter.'"
The Court is expected to make a decision by July 2003.
Meanwhile, a Federal appeals court has once again struck down the so-called
Child Online Protection Act (COPA), which made it a crime to use the
Internet to pass along "for commercial purposes" information considered
"harmful to minors." The decision came as part of a challenge to COPA by the
ACLU on behalf of 17 groups and individuals, including EPIC and EFF. The
panel held that COPA was not narrowly tailored and would prevent people from
accessing forms of expression that were protected under the U.S.
Constitution: "COPA will likely deter many adults from accessing restricted
content, because many Web users are simply unwilling to provide
identification information in order to gain access to content, especially
where the information they wish to access is sensitive or controversial ...
People may fear to transmit their personal information, and may also fear
that their personal, identifying information will be collected and stored in
the records of various Web sites or providers of adult identification
numbers." The court had previously ruled that COPA was unconstitutionally
overbroad because the statute relied on community standards to identify
material that is harmful to minors. Subsequently, the U.S. Supreme Court
disagreed with the appeals panel on the community standards issue, but sent
the case back to the appeals court to determine whether COPA might be an
unconstitutional for other reasons, which led to the latest decision.
An ACLU press release regarding the CIPA case is posted at
http://www.aclu.org/Cyber-Liberties/Cyber-Liberties.cfm?ID=12018&c=55
Further information is available from the ALA website under
http://www.ala.org/pio/presskits/cipa/cipa_statement.html
To read a brief regarding CIPA from the Online Policy Group (a GILC member),
click
http://www.onlinepolicy.org/action/legpolicy/cipasupremebrief030210.shtml
See Declan McCullagh, "Foes lock horns in Web filtering case," CNet News, 5
March 2003 at
http://news.com.com/2102-1028-991199.html
See "Justices Take New Look at Web Porn," Associated Press, 5 March 2003 at
http://www.cbsnews.com/stories/2003/03/04/supremecourt/printable542715.shtml
See also "US court to rule on net porn," BBC News Online, 6 March 2003 at
http://news.bbc.co.uk/1/hi/world/americas/2823491.stm
The text of the trial court's decision in the CIPA case is available at
http://www.paed.uscourts.gov/documents/opinions/02D0415P.HTM
To read the latest COPA appeals court decision (in PDF format), click
http://www.ca3.uscourts.gov/opinarch/991324.pdf
Read Declan McCullagh, "Appeals court strikes down Net porn law," CNet News,
6 March 2003 at
http://news.com.com/2102-1028-991477.html
=======================================
[3] Domain name seizures provoke alarm
=======================================
In separate cases, the United States and German governments have begun
seizing domain names from users who allegedly have committed various
crimes-a move that has drawn concern from cyber-rights activists.
In one such incident, the U.S. Department of Justice (DoJ) took over
isonews.com, the name of a website that, among other things, supposedly sold
microchips to allow Xbox computer game console consumers to play games from
other geographic regions as well as bootleg versions. In addition, a court
granted the DoJ's request to force visitors of various alleged drug
paraphernalia websites, such as OmniLounge.com, to be redirected to a
special government webpage. David Sobel from the Electronic Privacy
Information Center (EPIC-a GILC member) warned that through these measures,
the "government is suddenly in a position of being able to monitor the
Web-surfing activities of unwitting individuals who believe they are going
to a website ... but possibly implicating themselves into some law
enforcement investigation."
On the other side of the Atlantic, Joker.com, a domain name registrar, has
deleted the registration of a website (Ogrish.com) that features shocking
news stories and images. The deletion was done at the request of German
government officials who believed the site violated German speech laws that
restrict the depiction of violence. The move came despite the fact that the
Ogrish.com website is hosted in the U.S. and apparently complies with
American speech laws.
Read "Feds Now Seizing Domain Names" Associated Press, 5 March 2003 at
http://www.cbsnews.com/stories/2003/03/05/tech/printable542899.shtml
For more on the IsoNews.com case, read "US seizes bootleg games site," BBC
News Online, 27 February 2003 at
http://news.bbc.co.uk/1/hi/technology/2803927.stm
For more on the OmniLounge.com case, see Declan McCullagh, "U.S.
crime-fighters seize Web sites," CNet News, 26 February 2003 at
http://news.com.com/2102-1023-986225.html
Read Declan McCullagh, "German registrar bans Web site," CNet News, 11
February 2003 at
http://news.com.com/2102-1023-984248.html
Further information in German (Deutsch) is available from "Registrar muss
Domain in DNS sperren," Heise Online, 12 February 2003 at
http://www.heise.de/newsticker/data/anw-12.02.03-001/
===============================================
[4] Tunisian gov't arrests 20 websurfers
===============================================
The Tunisian government apparently is expanding its efforts to stifle the
flow of online information.
Authorities in the North African country have arrested 20 men who allegedly
had visited various websites that have been deemed taboo by the ruling
regime, including the official webpage of a banned Tunisian political party.
They were then held for supposedly violating the North African nation's
subversion laws. The users were taken to the capital, Tunis, and
interrogated; the government has prevented family members from visiting
their loved ones in detention.
The move is being seen as yet another example of the stringent controls
Tunisian leaders are trying to impose on the Information Superhighway.
Several months ago, the Tunisian government had arrested, tortured, then
imprisoned Zouhair Yahyaoui for republishing a letter online written by his
uncle that derided the country's legal system. During his detainment, he has
been forced to share a cell with 100 other inmates, and prison authorities
have reportedly denied him medical aid even though he has been suffering
from several serious medical ailments. The conditions of his confinement
were so severe that Yahyaoui briefly went on a hunger strike-a move that
failed to convince his captors to change their ways.
See "Tunisian internet crackdown," BBC News Online, 18 February 2003 at
http://news.bbc.co.uk/1/hi/world/africa/2777389.stm
For more about the Yahyaoui case, click
http://www.tunezine.com
=====================================================
[5] Norwegian DVD computer speech decision appealed
=====================================================
Norwegian authorities have officially resumed efforts to prosecute a
teenager over a DVD-related computer program.
In 1999, Jon Johansen created DeCSS to help Linux operating system users
watch DVDs on their machines. Norwegian authorities briefly detained him in
early 2000 for his activities but released him soon afterwards. Nearly 2
years later, he was arrested again on the theory that by developing DeCSS,
he violated a Norwegian law against break-ins. Presiding judge Irene Sogn
subsequently cleared Johansen of the charges and held that, among other
things, there was "no evidence" that he had used DeCSS for illegal purposes.
Norwegian prosecutors have since appealed the decision. Free speech
advocates such as Shari Steele, the executive director of the Electronic
Frontier Foundation (EFF-a GILC member), believe that the Judge Sohn's
ruling should be upheld: "The lower court ruled unanimously that Johansen
did not violate Norwegian law. Johansen did not violate any copyrights and
Norway doesn't have a Digital Millennium Copyright Act that could prevent
DVD owners from viewing their own DVDs on their own computers as we have
here in the United States."
For further information, visit the EFF website under
http://www.eff.org/IP/Video/DeCSS_prosecutions/Johansen_DeCSS_case/20030120_
eff_pr.php
=====================================================
[6] Swiss Internet censorship plans lurch forward
=====================================================
Recent events have generated public concern over the future of online free
speech in Switzerland.
Nearly three months ago, a local Swiss magistrate, Francoise
Dessaux, ordered many Swiss Internet service providers (ISPs) to block
access to various websites and to modify domain name system servers so that
"the name of the domain swiss-corruption.com points to an empty page." A
number of groups, ranging from cyberlibertarians to industry leaders,
immediately questioned the validity of this measure. The Swiss Internet User
Group (SIUG-a GILC member) and the Swiss Network operators Group (Swinog)
issued a joint press release arguing that the magistrate's order violated
Swiss law, notably article 16 of the Swiss constitution, which guarantees to
every person "the right to receive information freely, to gather it from
generally accessible sources, and to disseminate it." SIUG and Swinog also
pointed that the blocking measures (such as those envisioned under the
order) could be easily bypassed, as a technical matter.
Subsequently, most Swiss providers at first refused to comply with the
judge's request, but backed down for fear for further legal action. However,
Guido Honegger of Swiss ISP green continued to hold out against Dessaux's
command, and is now facing protracted litigation because of disobedience.
Other ISPs like Init Seven AG are redirecting users who try to visit the
banned sites to protest pages. In addition, the sites that were supposed to
be blocked are still online, this time with new web addresses-a move that is
being seen as evidence as to the futility of Dessaux's efforts.
Meanwhile, the Swiss federal office of justice has issued a proposal that
may curb the ability of people to see and hear what they want online. The
plan would revise Swiss laws (that originally targeted lotteries and
betting) so that Internet service providers would be required to prevent
their users from access to certain enumerated games. Violators could face a
year in prison or fines of up to 1 Million Swiss francs (approximately EUR
660 000). Some observers fear that the scheme, if approved, will set a
dangerous precedent and pave the way for harsher restrictions on Internet
content. SIUG currently is planning to submit formal objections to the
scheme.
A copy of Dessaux's order is available (in PDF format) under
http://www.nrg4u.com:80/abuse/canton-de-vaud.pdf
The joint SIUG and Swinog press release is posted at
http://www.siug.ch/presse/Presse.20021213.txt
For background information, read "Schweizer Richter verlangt
Website-Sperrung von Providern," Heise Online, 12 December 2002 at
http://www.heise.de/newsticker/data/hob-12.12.02-000/
Visit the homepage of Swiss ISP green at
http://www.green.ch/
For more information about Init Seven, go to
http://www.init7.net/
To view a sample protest page, click
http://vaud.init7.net/
The relocated banned websites can be seen at
http://www.c9c.net/swiss-corruption/info
http://www.freejustice.de/
The official homepage of the Swiss Federal office of justice is located at
http://www.ofj.admin.ch/
========================================================
[7] Former Yahoo exec cleared in French Net censor case
========================================================
The French court has acquitted the former president of Internet portal giant
Yahoo in a closely watched free speech case with international implications.
The case revolves around various Yahoo webpages that allowed people to
auction off Nazi memorabilia. In 2001, a French court ordered Yahoo to
prevent French Internet users from accessing such pages, based on French
laws that generally prohibit Nazi-related goods from even being advertised,
much less sold. Afterwards, three French groups went after Tim Koogle, who
was Yahoo's president at the time, saying he violated similar French laws
against justifying war crimes and "exhibiting a uniform, insignia or emblem
of a person guilty of crimes against humanity." He could have been sentenced
to five years in prison and faced heavy fines.
However, a French court rejected this second legal action. Among other
things, the court held that justifying war crimes meant "glorifying,
praising, or at least presenting the crimes in question favourably", and
that Yahoo "manifestly did not fit that description". This rebuke comes
nearly a year after a court in California rejected attempts to enforce the
2001 judgment in the United States, where Yahoo is principally located.
Read "Yahoo boss cleared over Nazi sales," BBC News Online, 11 February 2003
at
http://news.bbc.co.uk/1/hi/world/europe/2750573.stm
See Jon Henley, "Yahoo! cleared in Nazi case," The Guardian, 12 February
2003 at
http://www.guardian.co.uk/international/story/0,3604,893642,00.html
See also "Ex-Yahoo chief acquitted over Nazi relics," Reuters, 11 February
2003 at
http://news.com.com/2102-1023-984148.html
====================================================================
[8] News site temporarily shutdown after Microsoft complaint
====================================================================
An entire computer operating systems news site temporarily went dark after
copyright infringement allegations were leveled against one of its
constituent webpages.
Neowin contains numerous articles regarding Microsoft Windows and related
software. The site includes a forum section where individuals can post
comments. Last week, an agent of Microsoft sent a takedown notice claiming
that a particular forum message (about the Windows XP Peer-to-Peer Software
Development Kit) infringed the company's copyrights. However, rather than
speak with Neowin itself and try to get the offending page removed, the
software giant sent the notice to the relevant service provider, who
promptly shutdown the entire site.
The case is being seen as another example of the negative impact that
expanded copyright powers have had on the Internet free speech. In a
statement, Neowin and its webhost, Invision Power Services Hosting (IPS)
complained that they "did not have the chance to remove the said content
before the provider deleted (access to) the contents of the server without
contacting Neowin or IPS. (IPS) received a copy of the e-mail that Microsoft
sent and we can confirm it was a standard 'remove content' e-mail that did
not warrant a total shutdown." Microsoft has since claimed that it was only
concerned about a specific webpage and that it had "no objection" to
restoring the Neowin site.
Read Joe Wilcox, "Microsoft speaks, site goes dark," CNet News, 7 March 2003
at
http://news.com.com/2102-1025-991624.html
====================================================================
[9] Web protestor wins Taubman domain name dispute
====================================================================
A court in the United States has ruled that Internet domain names deserve to
be protected under traditional free speech standards.
Henry Mishkoff initially registered various domain names related to the
Taubman Company, which operates several shopping malls. Users who typed in
those domain names would be sent to a fan website (created by Mishkoff) that
included maps and images of various Taubman shopping centers, along with a
prominent disclaimer explaining that the site was not official. The firm
then sued Mishkoff, claiming his actions constituted trademark infringement.
Mishkoff responded by changing his site to incorporate online criticism of
the company's actions, and reserved several more Taubman-related names (such
as "TaubmanSucks.com" and "WillowBendMallSucks.com"). The trial court agreed
with the firm and banned Mishkoff from using the contested names.
However, a U.S. Federal appeals court threw out the trial court decision and
ruled in favor of Mishkoff. The court discarded the company's claims that
Mishkoff had engaged in trademark infringement, saying that Mishkoff's use
of the names was "not 'in connection with the sale or advertising of goods
or services,' and there is no likelihood of confusion among consumers." The
panel went so far as to hold that domain names are eligible for protection
under the First Amendment of the U.S. Constitution, which guarantees freedom
of speech.
To read the text of the decision, click
http://pacer.ca6.uscourts.gov/cgi-bin/getopn.pl?OPINION=03a0043p.06
=======================================================
[10] Martus software may aid human rights reporting
=======================================================
A new encryption-based computer tool might make it easier for people to
report human rights abuses.
Martus (which means "witness" in Greek) is an open-source package can be
downloaded from the Internet free of charge. The software, in theory, will
allow human rights workers to run quasi-virtual private networks, so that
reports of abuses and other sensitive information can be forwarded online in
a secure fashion. Martus is currently being beta-tested and there are many
logistical and legal issues that remain unresolved. For example, as
currently structured, Martus requires users to have computers with Internet
connections, which can be problematic in developing or war-torn countries
where Internet access is often hard to come by. In addition, many countries
have laws that ban computer encryption products altogether.
Nevertheless, there is hope that Martus will help people expose human rights
violations without fear of reprisals. Jim Fruchterman from the Benetech
Institute (which developed Martus), explained: "The best weapon against
innocence being murdered is more information, more quickly, more accurately
to the right people who can make a difference." Peter Bouckaert from Human
Rights Watch (HRW-a GILC member) was optimistic about the new technology:
""This is a very significant step to revolutionizing the work we do."
The official Martus site is located at
http://www.martus.org/
Read "Protecting the Innocent," Associated Press, 7 March 2003 at
http://www.cbsnews.com/stories/2003/03/07/tech/printable543154.shtml
====================================================================
[11] UK parliament email censors prevent debate on bills
====================================================================
A new email filtering system is reportedly preventing British
parliamentarians from discussing various political matters.
The British Parliamentary Communications Director has implemented changes in
the way electronic mail will be handled. Under the new rules, messages that
contain "profanities of a sexual or offensive nature" will not be tolerated.
However, many details regarding the scheme have still yet to come to light,
and it is not clear even to the affected politicians what words are actually
being taken out.
Politicians in the United Kingdom are already complaining over the scheme's
effect on their ability to debate several subjects. Among the 900 email
messages that were censored, the system apparently blocked off portions of a
new Sexual Offences Bill, as well as, ironically enough, a consultation
paper about censorship. Paul Tyler, a spokesperson for the Liberal
Democrats, fumed: "At a time when the government is insisting on robust
Freedom of Information legislation, this level of interference is totally
over the top. ... Censoring MPs discussions with their staff, colleagues and
constituents is totally unacceptable."
Read "E-mail vetting blocks MPs sex debate," BBC News Online, 4 February
2003 at
http://news.bbc.co.uk/1/hi/uk_politics/2723851.stm
=======================================================
[12] UN investigating allegations of US gov't spying
=======================================================
The United Nations has launched a high-level inquiry to find out whether
United States government is secretly spying on UN diplomats.
The probe came after the Observer, a British newspaper, published what it
claimed was an email message from Frank Koza, a high-ranking officer in the
United States' National Security Agency (NSA). The email said that the NSA
is stepping up efforts to conduct surveillance "particularly directed at the
UN Security Council (UNSC) members (minus US and GBR of course) for insights
as to how to membership is reacting to the on-going debate RE: Iraq, plans
to vote on any related resolutions, what related policies/ negotiating
positions they may be considering, alliances/ dependencies, etc - the whole
gamut of information that could give US policymakers an edge in obtaining
results favourable to US goals or to head off surprises." The missive
emphasizes "efforts against UNSC members Angola, Cameroon, Chile, Bulgaria
and Guinea, as well as extra focus on Pakistan UN matters." According to the
Observer, these surveillance operations included the interception of the
home and office telephones and the emails of UN delegates in New York.
Since these revelations, the U.S. government has steadfastly refused to deny
or confirm whether they are indeed engaged in the type of surveillance
described in aforementioned message. U.S. presidential spokesperson Ari
Fleischer ducked the allegations by saying: "The administration never
comments on anything involving any people involved in intelligence. The
administration does not answer questions of that nature." Similarly, U.S.
State Department spokesperson Richard Boucher stated: "It doesn't matter
what the paper is or whether it's true or not, I wouldn't have any comment
on that kind of allegation. I would not have any comment whatsoever on that
kind of question or allegation because we never comment on intelligence
matters, and I'm not going to do it now."
These non-responses have apparently failed to satisfy the UN or the
government of Chile, which has begun its own investigation regarding these
accusations. Meanwhile, a British Government Communications Headquarters
(GCHQ) employee has reportedly been arrested for violating the Official
Secrets Act in connection with the memo's release.
The text of the memo is posted at
http://www.observer.co.uk/iraq/story/0,12239,905954,00.html
See Martin Bright, Ed Vulliamy and Peter Beaumont, "UN launches inquiry into
American spying," The Observer (UK), 9 March 2003 at
http://www.observer.co.uk/iraq/story/0,12239,910657,00.html
Read "US Refuses to Comment on Report of 'Dirty Tricks' to Win UN Vote on
Iraq," Agence France Presse, 4 March 2003 at
http://truthout.org/docs_03/030603B.shtml
For audio coverage of this story (courtesy of the Pacifica Radio Network),
click
http://stream.paranode.com/democracynow/dn20030303.html
For further details in German (Deutsch), read Severin Weiland, "Chile will
Aufklaarung ueber Spionagevorwurf," Spiegel Online, 6 March 2003 at
http://www.spiegel.de/politik/ausland/0,1518,238929,00.html
For more information in Spanish (Espanol), read "EEUU espia las
comunicaciones de los miembros de la ONU para anticiparse a sus decisiones
sobre Irak," Delitos Informativos.com, 3 March 2003 at
http://www.delitosinformaticos.com/noticias/104668920070714.shtml
See also "Denuncian espionage a Mexico en la ONU," Reforma (MX), 3 March
2003 at
http://www.reforma.com/internacional/articulo/274216/
=============================================
[13] Fury over new DSEA surveillance proposal
=============================================
Privacy advocates are warning that a newly drafted proposal would massively
expand the power of United States government to spy on its citizens.
A copy of the Domestic Security Enhancement Act (DSEA), which was
purportedly drafted by the United States Department of Justice, was leaked
to the Center for Public Integrity, a nonprofit group based in Washington
D.C. Among other things, the DSEA would follow the approach of legislation
that was passed in 2001 by further eroding or removing various restrictions
on government surveillance. For example, the plan would make it easier for
government agents to initiate surveillance and wiretapping of U.S. citizens
under the authority of the highly secretive Foreign Intelligence
Surveillance Court; indeed, the DSEA would permit the government, in certain
cases, to bypass the Foreign Intelligence Surveillance Court completely and
conduct wiretaps and searches without a warrant. The bill also provides for
general surveillance orders to cover multiple functions of high tech devices
(such as cellphones that can send email and TiVo video recording devices).
Additionally, the proposal would permit searches, wiretaps and surveillance
of U.S. citizens on behalf of foreign governments - including dictatorships
and human rights abusers - in the absence of U.S. Senate-approved treaties.
A number of privacy experts and policy makers have given the bill strongly
negative reviews. Marc Rotenberg from the Electronic Privacy Information
Center (EPIC-a GILC member) called the proposal "breathtakingly bad. Apart
from the dramatic expansion of government surveillance authority and
government secrecy, (the DSEA) transfers enormous power from the Congress
and the judiciary to the executive branch and gives the attorney general
absolutely unprecedented authority. This is more than an assault on
constitutional liberty--it is an attack on the constitutional system of
checks and balances." Meanwhile, several ranking members of Congress issued
a letter expressing "profound disappointment" with the way the Department of
Justice's behavior, saying that the "Department's handling of this matter
has only lent credence to suggestions that this Administration is intent on
using the war on terrorism as a partisan political tool and the Justice
Department is waiting to spring this bill on the Congress when the nation
once again has endured a terrorist attack or is in the midst of war."
The text of the DSEA is available via
http://publicintegrity.org/dtaweb/report.asp?ReportID=502&L1=10&L2=10&L3=0&L
4=0&L5=0
For an ACLU analysis of the bill, click
http://www.aclu.org/SafeandFree/SafeandFree.cfm?ID=11817&c=206
The aforementioned letter from ranking members of Congress is posted at
http://truthout.org/docs_02/021203D.htm
Read David Cole, "Patriot Act's Big Brother," The Nation (US), 27 February
2003 at
http://www.thenation.com/doc.mhtml?i=20030317&s=cole
For more of Marc Rotenberg's comments, see Declan McCullagh, "Perspective:
Ashcroft's worrisome spy plans," CNet News, 10 February 2003 at
http://news.com.com/2012-1071-983921.html
See "New Anti-Terror Bill: Critics Cry Foul," CBSNews.com, 8 February 2003
at
http://www.cbsnews.com/stories/2003/02/08/attack/main539929.shtml
==========================================================
[14] US Congress approves restrictions on TIA spy project
==========================================================
United States lawmakers have approved a proposal to curb the development of
a shadowy United States government program that would collect a wide range
of personal information.
A project of the U.S. Department of Defense (DoD), Total Informational
Awareness (TIA) is designed to gather personal data on a grand scale,
including emails, phone calls, financial records, transportation habits, and
medical information. Its proponents believe that by scanning and analyzing
this massive pile of data, government agents will be able to predict and
prevent crime. Many specifics concerning this plan have yet to be
determined, including methods to protect the security of the warehoused
information and other prevent unauthorized access. Experts believe the
recently created U.S. Department of Homeland Security will use TIA.
Critics (including GILC members the Center for Democracy and Technology, the
Electronic Privacy Information Center, the Electronic Frontier Foundation
and the American Civil Liberties Union) have charged that the TIA project
will trample privacy rights by allowing this "super snoop" program for
indiscriminate spying on innocent Americans. In an attempt to deflect this
criticism, the DoD then announced that it would create several advisory
boards to oversee the development of TIA. The announcement got a lukewarm
reception from privacy advocates, who supported the creation of the advisory
boards, but felt such panels were not a complete substitute for robust
Congressional oversight.
Subsequently, the U.S. Congress approved an amendment to an omnibus budget
bill that would bar the use of Federal funds for "research and development"
of TIA unless the U.S. Secretary of Defense, Attorney General and the
Director of Central Intelligence together provide a report about TIA that
will, among other things, "the likely impact of the implementation of a
system such as the Total Information Awareness program on privacy and civil
liberties." The plan, which has since been signed into law, does include a
loophole allowing President George W. Bush to certify that (1) it is not
practicable to submit that report within 60 days, and (2) "the cessation of
research and development on the Total Information Awareness program would
endanger ... national security." The legislation also essentially bans any
"department, agency, or element of the Federal Government" from deploying or
implementing any portion of TIA against U.S. citizens without providing
notice and getting specific authorization from Congress.
The text of the amendment is posted at
http://www.epic.org/privacy/profiling/tia/pub_law_108-7.html
For an ACLU press release on this subject, click
http://www.aclu.org/SafeandFree/SafeandFree.cfm?ID=11818&c=206
Will Doherty (of GILC members EFF and the Online Policy Group) has written a
critique of TIA that is posted at
http://alumweb.mit.edu/whatmatters/200301/
For further information in German (Deutsch), read "Keine Total Ueberwachung
fuer US-Buerger," Heise Online, 12 February 2003 at
http://www.heise.de/newsticker/data/pmz-12.02.03-002/
Read Andrew Cohen, "Congress Finally Wakes Up," CBSNews.com, 13 February
2003 at
http://www.cbsnews.com/stories/2003/02/13/news/opinion/courtwatch/main540470
.shtml
An EFF archive concerning TIA is located under
http://www.eff.org/Privacy/TIA/
Visit the EPIC TIA webpage under
http://www.epic.org/privacy/profiling/tia/
======================================================================
[15] Revised British snoop plans unveiled
======================================================================
The British government has released two sets of proposals that may have
serious implications for privacy online.
Last year, the British authorities sought to vastly increase the number of
organizations that could conduct surveillance under the much-maligned
Regulation of Investigatory Powers act (RIP), which mandated
telecommunications providers to facilitate government surveillance of email,
mobile phone, fax and Internet activities. The list of agencies that would
be given RIP wiretapping powers were not limited to law enforcement bodies
and included such groups as the British Food Standards Agency and National
Health Services-over 500 agencies in all. After a blizzard of protests,
government shelved the plan.
Earlier this week, the British Home Office unveiled a modified version of
the proposal that, among other things, allowed only a handful of additional
government agencies to access telecommunications information. In addition,
the Home Office released a second consultation paper, this time regarding a
voluntary code of practice for retention of communications data, which could
then be accessed by law enforcement agents. This second document recommends
that telecom providers should store such data for up to a year. The types of
data to be retained under the scheme might include email header information,
web surfing habits, callers' and recipients' names, and the geographic
locations of individual mobile phones.
Privacy advocates remain concerned over the government's intentions,
especially with regard to the data retention issue. Ian Brown from the
Foundation for Information Policy Research (FIPR-a GILC member) called the
data retention consultation "a sham," charging that the Home Office had
"failed to address any of the well-known substantive issues and are merely
going through the motions so that they can come back with a compulsory
scheme. Their problem is that the compulsory scheme will also be unlawful,
will also be incredibly expensive and, on their own evidence, will fail to
help with their problems."
A FIPR press release on the subject is posted at
http://www.fipr.org/press/030311snooping.html
Read David Pallister, "New limits may allay fears on snooping," The
Guardian, 12 March 2003 at
http://politics.guardian.co.uk/homeaffairs/story/0,11026,912315,00.html
For video and text coverage, see "Cautious response to 'snoop' plans," BBC
News, 11 March 2003 at
http://news.bbc.co.uk/1/hi/technology/2840133.stm
==========================================================
[16] Russian mobile phone privacy scandal erupts
==========================================================
In Russia, privacy concerns continue to mount after personal information
concerning three-and-a-half million customers of a major mobile phone
company was exposed to the public.
The Mobile TeleSystems (MTS) database included sensitive customer details
such as names, dates of birth, passport numbers and payment records. The
scandal came to light in the end of January 2003 after compact discs
containing the database appeared on the black market in Moscow. MTS press
secretary Eva Prokofieva said that the database had been stolen and that the
company had started its own internal investigation without seeking help from
law enforcement agencies. But she refused to provide details as to the
results of this investigation.
The incident has further cemented fears that many of Russia's most important
institutions (government, corporate or otherwise) are not doing enough to
protect individual privacy. The widespread and illegal collection and
distribution of personal information databases is common in Russia-a problem
that is made worse by government inaction, according to many experts. Thus,
although it is true that the Russian Constitution and Criminal Code
theoretically guarantee that personal privacy will be protected, these laws
are rarely enforced largely because government officials have interpreted
them in ways that allow privacy invasions to go on unabated. Nor has there
been any legislation that might prevent such abuses. Civil rights activists
say that this problem has deep roots, and view it as another after-effect of
the past Soviet regime. Indeed, Sergei Smirnov from the Russian Human Rights
Network (a GILC member) worries that these types of cases will happen again
and again, until people in Russia begin to treat privacy as a fundamental
freedom that requires constitutional protection.
For further details (in Russian), visit the Russian Human Rights Network
homepage at
http://www.hro.org/ngo/discuss/mts.htm
For press coverage in English, read "Personal Data Pirated from Russian
Phone Files," CSO Online, 23 January 2003 at
http://www.csoonline.com/news/index.cfm?id=800
Background information about online privacy in Russia is available from a
Russian Human Rights Network report posted under
http://www.hro.org/docs/reps/privacy/2002/eng/database.htm
======================================================================
[17] Report: Ebay spies on customers, readily discloses personal info
======================================================================
A senior Ebay official has admitted that his company is willing gives out
personal information to government agents without a court order and spies on
its customers.
As reported in the Israeli publication Haaretz Daily, Joseph Sullivan, the
director of the Internet auction giant's "law enforcement and compliance"
department, boasted during a recent conference that his company would
readily turn over data concerning its nearly 62 million users worldwide:
"There's no need for a court order. ... We don't make you show a subpoena,
except in exceptional cases." He explained that his firm was able to do this
because of its highly "flexible" privacy policy: "When someone uses our site
and clicks on the `I Agree' button, it is as if he agrees to let us submit
all of his data to the legal authorities. Which means that if you are a
law-enforcement officer, all you have to do is send us a fax with a request
for information, and ask about the person behind the seller's identity
number, and we will provide you with his name, address, sales history and
other details - all without having to produce a court order. We want law
enforcement people to spend time on our site." He explained that Ebay has
recorded and documented virtually every bit of data that has come through
the Web site since it came online nearly 8 years ago. Apparently these
surreptitious transfers of user information are quite common; Sullivan said
that he received some 200 such requests for personal data per month, most of
them unofficial requests through faxes or email messages. In addition to
handing out personal details about users, Ebay has its own "investigators"
who pore through the data pursuing what they believe to be "suspicious
people" and "suspicious behavior."
Experts have suggested that Ebay's activities pose serious problems from a
privacy standpoint. One such expert, Nimrod Kozlovski, said that Ebay's
disclosure and investigation system "bypasses the rules on non-disclosure of
details of financial transactions and the confidentiality of the
banker-client relationship." He also scoffed at Ebay's claims that its users
are willingly agreeing to be spied on: "The consent given in the user
contract should be seen as `coerced consent,' in the absence of any
opportunity to exercise free choice, with no real alternative but to agree.
This is most certainly not conscious consent."
Read Yuval Dror, "Big Brother is watching you-and documenting," Haaretz
Daily, 20 February 2003 at
http://www.haaretzdaily.com/hasen/pages/ShArt.jhtml?itemNo=264863&contrassID
=2&subContrassID=5&sbSubContrassID=0&listSrc=Y
For further information in German (Deutsch), read "Flexibler Datenschutz bei
Ebay," Heise Online, 21 February 2003 at
http://www.heise.de/newsticker/data/anw-21.02.03-004/
==========================================================
[18] Xupiter spyware raises privacy concerns
==========================================================
Advertising companies have apparently found a new way to keep tabs on
consumers-by secretly installing tracking software on users' personal
computers.
One such product is distributed by Xupiter.com, and is often surreptitiously
bundled with other downloaded computer programs. Once installed, Xupiter
changes the user's browser home page, redirects searches to pre-selected
sites, and automatically opens a "back door" into the computer both to let
in ads and to send out information about the user via the Internet. The
collected information can then be further distributed to marketing agencies
and other interested parties. This scheme works with surprising ease,
especially if the given machine's web browser uses low security settings.
Because they can difficult to remove, Xupiter's "adware" tracker, along with
similar products with names like Gator and Brilliant Digital, have, in turn,
spawned a new cottage industry for uninstall tools such as Ad-aware, Spybot,
Doxdesk and Spyware Info. Patrick Kolla, who created Spybot, explained that
an arms race has developed between people like him and adware manufacturers:
"Spyware makers are looking for new, better-hidden places in the system to
anchor themselves. The challenge for any anti-spyware software lies here in
keeping the detection mechanisms as well as the detection database
up-to-date at the same time."
Read John Borland, "A secret war," CNet News, 24 February 2003 at
http://news.com.com/2102-1023-985524.html
See also "Web hijacker snares victims," BBC News Online, 31 January 2003 at
http://news.bbc.co.uk/1/hi/technology/2712759.stm
==========================================================
[19] College Internet music lovers face tracking schemes
==========================================================
Several recent initiatives to track music files along the Internet may erode
the privacy of consumers.
As part of one such initiative, a California-based company named Audible
Magic has developed file fingerprint recognition tools that are now being
tested at the University of Wyoming. These tools are supposed to scan
traffic that flows along college's computer networks, including personal
email messages. Eventually, this technology could, in theory, be used to
prevent users from accessing or downloading materials off the Internet,
although this blocking aspect has not been implemented yet. These moves come
not long after the Recording Industry Association of America sent a letter
to more than 2,000 university presidents essentially pressuring them to
"make efforts" to curb file-sharing, a process it described as
"inappropriate use of campus facilities to disseminate (copyrighted)
materials."
While experts question whether these systems will actually work, monitoring
technologies such as Audible Magic have raised public concern as to their
potential impact on individual privacy. Electronic Privacy Information
Center (EPIC-a GILC member) issued an open letter to universities warning
that "the surveillance of individuals' Internet communications implicates
important rights, and raises questions about the appropriate role of higher
education institutions in policing private behavior. ... [T]he RIAA wishes
to involve colleges and universities in the process of policing the
communicative activities of students, staff, and faculty in a way that is
significantly outside institutional missions. ... [W]e urge caution in
adopting network monitoring and other similar methods to address concerns
about infringement."
The aforementioned EPIC letter is posted at
http://www.epic.org/privacy/student/p2pletter.html
See John Borland, "Fingerprinting P2P pirates," CNet News, 20 February 2003
at
http://news.com.com/2102-1023-985027.html
For further information in German (Deutsch), read "US-Universitaat
ueberwacht Campus-Netz wegen P2P Tauschborsen," Heise Online, 20 February
2003 at
http://www.heise.de/newsticker/data/sha-20.02.03-000/
=================================
[20] New GILC member: Statewatch
=================================
Founded in 1991, Statewatch encourages the publication of investigative
journalism and critical research in the fields of the state, civil liberties
and openness in Europe. It has received numerous awards for its efforts to
gain public access to European government documents, including papers
regarding telecommunications surveillance initiatives. Statewatch is a
non-profit volunteer group comprised of lawyers, academics, journalists,
researchers and community activists; its European network of contributors is
spread across 12 countries.
Visit the Statewatch homepage at
http://www.statewatch.org
=========================================================
ABOUT THE GILC NEWS ALERT:
=========================================================
The GILC News Alert is the newsletter of the Global Internet Liberty
Campaign, an international coalition of organizations working to protect and
enhance online civil liberties and human rights. Organizations are invited
to join GILC by contacting us at
gilc@gilc.org.
To alert members about threats to cyber liberties, please contact members
from your country or send a message to the general GILC address.
To submit information about upcoming events, new activist tools and news
stories, contact:
Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004
USA
Or email:
cchiu@aclu.org
More information about GILC members and news is available at
http://www.gilc.org
You may re-print or redistribute the GILC NEWS ALERT freely.
This edition of the GILC Alert will be found on the World Wide Web under
http://www.gilc.org/alert/alert72.html
To subscribe to the alert, please send e-mail to
gilc-announce@gilc.org
with the following message in the body:
subscribe gilc-announce
========================================================
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A
GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)
========================================================
========== HURIDOCS-Tech listserv ==========
Send mail intended for the list to <huridocs-tech@hrea.org>.
Archives of the list can be found at:
http://www.hrea.org/lists/huridocs-tech/markup/maillist.php
To subscribe to the list, send a message to <majordomo@hrea.org>,
with the following text in the message: subscribe huridocs-tech
To unsubscribe from the list, send a message to <majordomo@hrea.org>,
with the following text in the message: unsubscribe huridocs-tech
If you have problems (un)subscribing, contact <owner-huridocs-tech@hrea.org>.
[Reply to this message] [Start a new topic] [Date Index] [Thread Index] [Author Index] [Subject Index] [List Home Page] [HREA Home Page]