|
Electronic Privacy Information Center (EPIC) Newsl
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
Date: Thu, 28 Jul 1994 10:47:20 -0700
Subject: EPIC Alert 1.05
EPIC Alert 1.05
=============================================================
@@@@ @@@@ @@@ @@@@ @ @ @@@@ @@@@ @@@@@
@ @ @ @ @ @ @ @ @ @ @ @
@@@@ @@@ @ @ @@@@@ @ @@@ @@@ @
@ @ @ @ @ @ @ @ @ @ @
@@@@ @ @@@ @@@@ @ @ @@@@ @@@@ @ @ @
============================================================
Volume 1.05 July 28, 1994
------------------------------------------------------------
Published by the
Electronic Privacy Information Center (EPIC)
Washington, DC
([email protected])
=======================================================================
Table of Contents
=======================================================================
[1] New Digital Telephony Draft Released
[2] National ID Card Returns?
[3] Clipper Watch
[4] New Files in the Archive
[5] Upcoming Conferences and Events
=======================================================================
[1] New Draft of Digital Telephony Proposal Released
=======================================================================
EPIC has obtained a copy of a new draft of the FBI's Digital Telephony
proposal. The new draft is dated July 19 and contains some significant
changes over earlier drafts released in March. The draft was written
by staff members of the House and Senate Judiciary Committees and is
the result of negotiations between telephone companies and the FBI.
The first major change over earlier drafts is its expanded scope. The
bill now covers "telecommunications carriers," which is defined as "any
person or entity engaged in the transmission or switching of wire or
electronic communications for value for unaffiliated persons, but does
not include persons or entities engaged in providing information
services." This would appear to be far broader than an earlier draft
which covered only common carriers. This bill would cover everything
from small BBSs that charge fees to large on-line services like AOL
and Prodigy. The following requirement would apply:
Every carrier must ensure that its equipment allows for interception
of a communication concurrent with a transmission and provide call
identifying information to a remote government facility. Manufacturers
and support service providers must also assist by developing equipment
and software with these capabilities. Providers have four years after
enactment to comply.
Under the draft, the Attorney General would also provide carriers with
written notice of needed capacity for electronic surveillance. Service
providers must ensure that they have the required capability within four
years or else face civil fines.
Carriers are not obligated to decrypt communications that are
encrypted by the subscriber unless the carrier provided the encryption
and has the key to decrypt the message.
The draft authorizes the Attorney General and other law enforcement
agencies to meet with industry associations and standards settings
bodies to develop standards for surveillance capabilities. If there is
a dispute over standards, or the bodies fail to issue standards, any
person can petition the FCC to establish standards. The FCC can impose
fees for conducting such rulemaking.
Under the draft, a court could order a manufacturer or support service
provider to re-design a carrier's equipment to ensure the carrier's
compliance with the requirements of the bill. The Attorney General
could also petition the court to order the carrier, manufacturer and
support service provider to comply with the requirements. The court
could impose civil fines of up to $10,000 per day for non-compliance.
To pay for the mandated re-designs, the draft bill authorizes
$500,000,000 for fiscal years 1995 through 1998. After 1999, "sums as
may be necessary to carry out the purposes" are authorized.
Negotiations are continuing between the FBI, industry and Congressional
staff over the text of the bill.
=======================================================================
[2] National ID Card Idea Resurfaces
=======================================================================
On July 12, CBS Evening News reported that the National Commission
on Immigration Reform, a bipartisan group formed by the 1990
Immigration Reform Act, was planning to recommend a national identity
card for all persons in the United States for the purpose of verifying
employment eligibility and facilitating transactions with government
agencies.
CBS reported that each card will contain a name, photo, fingerprints,
magnetic stripe with info and a "verified SSN." The network reported
that the program would be implemented by age group over a number of
years.
The proposal was reportedly supported by Senator Alan Simpson of
Wyoming, a long-time supporter of ID cards. California Gov. Pete Wilson
has offered to make California a test-bed for the proposal. The proposal
was opposed by Xavier Beccera, a Congressman from California, who
expressed concern over cost and privacy issues. The Secret Service has
testified that a secure card system could be developed for an
estimated $2 - 4 billion but cautioned that within a few months, forged
cards would be available.
The day after the CBS report, the Commission issued a press release
stating that it was still in the process of completing a draft report
which is due on September 30. The release stated that the commission
"has not proposed a national identity card. Citizens will not be required
to carry a photo ID with fingerprints to prove that they are legally in
the United States, despite media reports." The Commission said it would
investigate a "simple, fraud resistant way of verifying authorization
to work, building on information the government already maintains...."
Former Congresswoman Barbara Jordan will testify before the Senate
Judiciary Committee on August 3, 1994 regarding the preliminary
recommendations of the Commission on Immigration Reform for a
"Workplace Eligibility Card." Expect heated debate about the use of
the card as a national identifier, and also questions about the use of
the Social Security Number and linkages to the Social Security
Administration databases.
There have been several attempts in the past 20 years to implement
ID cards. Congress rejected proposals in 1986 and 1990 by Sen. Simpson
to require identity cards for employment. Martin Anderson, a former
aide to President Reagan also reported that Reagan rejected an ID
card in 1981.
EPIC is working with Privacy International and several domestic groups
to investigate this issue. PI has led successful campaigns against
national ID cards in Australia, New Zealand and the Philippines.
=======================================================================
[3] Clipper Watch
=======================================================================
A letter from Vice President Gore to Rep. Maria Cantwell last week
prompted some reports that the Clipper Chip is dead. Here is what one
leading proponent of Clipper and one leading opponent of Clipper had to
say about the reported demise of the NSA-developed standard:
"We are working with industry to develop the same capability
for data networks that Clipper provides for voice networks.
I would hardly call that backing away."
- Attorney General Janet Reno, press conference, July 22, 1994
"The letter makes clear to me that the Administration continues to
embrace key escrow encryption technology, and stands behind Clipper
Chip as a federal standard for telephone communications. The official
standard makes clear that this standard applies to any communications
over telephone lines. Those communications include not only voice,
but also low-speed computer data and facsimile messages.
- Senator Patrick Leahy, press statement, July 21, 1994
=======================================================================
[4] New Files at the Archive
=======================================================================
Index of Privacy Journal Articles, 1984 - 1993.
/privacy/misc_privacy/privacy_journal_index.txt
CPSR/Seattle Information Policy Fact Sheets
/cpsr/chapters/seattle
Caller-ID.fact - Fact Sheet on Caller ID
Clipper.fact - Fact Sheet on Clipper
General.fact - Fact Sheet on information privacy
K-12.fact - Fact Sheet on education privacy
SCN-FAQ - Seattle Community Network FAQ
SCN-policy - Seattle Community Network policies
SSN.fact - Seattle Community Network factsheet
The CPSR Internet Library is a free service available via
FTP/WAIS/Gopher/listserv from cpsr.org:/cpsr. Materials from
Privacy International, the Taxpayers Assets Project and the
Cypherpunks are also archived. For more information, contact
[email protected].
=======================================================================
[5] Upcoming Privacy Related Conferences and Events
=======================================================================
Information Security Committee, EDI/IT Committee, Aug 1-3, 1994.
Quebec City, Canada. Sponsored by: Section of Science and Technology,
American Bar Association. Contact: [email protected].
Hackers on Planet Earth: The First US Hacker Congress. Hotel
Pennsylvania, New York City, NY. Aug 13-14. Sponsored by 2600
Magazine. Contact: [email protected].
ONE BBS, Atlanta, GA. Aug 17-21. For further info, contact Peg
Coniglio at 303-693-5253.
ASAP 1994 Symposium "Impact of Technology and Privacy Act". Holiday,
Inn, Rockville, MD, Aug 30-Sept 1. Contact: ASAP 301-913-0030
16th International Conference on Data Protection. The Hague,
Netherlands. September 6-8. Contact: B. Crouwers 31 70 3190190
(tel), 31-70-3940460 (fax).
Technologies of Surveillance; Technologies of Privacy. The Hague, The
Netherlands. September 9. Sponsored by Privacy International and EPIC.
Contact: Simon Davies ([email protected]).
Legal and Business Aspects of the Internet and Online Services"
New York City, September 29 and 30, 1994. Sponsored by the
publisher of the National Law Journal and the New York Law Journal.
Contact 800-888-8300, ext. 6111, or 212-545-6111.
National Conference of Lawyers and Scientists "Legal, Ethical and
Technological Aspects of Computer and Network Use and Abuse" Maryland,
October 7-9. Contact: [email protected].
CPSR Annual Meeting. University of California, San Diego. October 8-9.
Contact: Phil Agre <[email protected]>.
Symposium: An Arts and Humanities Policy for the National Information
Infrastructure. Boston, Mass. October 14-16. Sponsored by the Center
for Art Research in Boston. Contact: Jay Jaroslav
([email protected]).
Third Biannual Conference on Participatory Design, Chapel Hill, North
Carolina. October 27-28. Sponsored by CPSR. Contact:
[email protected].
2nd ACM Conference on Computer and Communications Security, Fairfax,
Virginia. Nov 2-4, 1994. Sponsored by: ACM SIGSAC, Hosted by: Bell
Atlantic, George Mason University. Contact: [email protected]
Ethics in the Computer Age Conference. Gatlinburg, Tennessee. November
11-13. Sponsored by ACM. Contact: [email protected]
The Technology for Information Security Conference '94 (TISC '94).
Galveston, Texas. Dec. 5-8, sponsored by: NASA Johnson Space Center
Mission Operations Directorate (MOD), MOD AIS Security Engineering
Team, and the ISSA. Contact: John D'Agostino
(dagostin@killerbee.jsc.nasa.gov).
Second International Conference on Information Warfare: "Chaos on the
Electronic Superhighway" Jan 18-19, Montreal, CA. January 18, 1995,
Sponsored by NCSA. Contact: Mich Kabay (75300.3232@compuserve.com).
(Send calendar submissions to [email protected])
=======================================================================
To subscribe to the EPIC Alert, send the message:
SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname
to [email protected]. You may also receive the Alert by reading the
USENET newsgroup comp.org.cpsr.announce.
Back issues are available via FTP/WAIS/Gopher/HTTP from cpsr.org
/cpsr/alert
=======================================================================
The Electronic Privacy Information Center is a public interest
research center in Washington, DC. It was established in 1994 to
focus public attention on emerging privacy issues relating to the
National Information Infrastructure, such as the Clipper Chip, the
Digital Telephony proposal, medical record privacy, and the sale of
consumer data. EPIC is sponsored by the Fund for Constitutional
Government and Computer Professionals for Social Responsibility. EPIC
publishes the EPIC Alert and EPIC Reports, pursues Freedom of
Information Act litigation, and conducts policy research on emerging
privacy issues. For more information email [email protected], or write
EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. +1
202 544 9240 (tel), +1 202 547 5482 (fax).
The Fund for Constitutional Government is a non-profit organization
established in 1974 to protect civil liberties and constitutional
rights. Computer Professionals for Social Responsibility is a national
membership organization of people concerned about the impact of
technology on society. For information contact: [email protected]
------------------------ END EPIC Alert 1.05 ------------------------
|
|
