GLOBAL INTERNET LIBERTY
CAMPAIGN
NEWS
ISSUES
RESOURCES
ABOUT
GILC
GILC Alert
October 6, 1998
Welcome to the Global Internet Liberty Campaign Newsletter
Welcome to GILC Alert, the newsletter of the Global Internet Liberty Campaign. We are an international organization of groups working for cyber-liberties, who are determined to preserve civil liberties and human rights on the Internet.
We hope you find this newsletter interesting, and we very much hope that you will avail yourselves of the action items in future issues.
If you are a part of an organization that would be interested in joining GILC, please contact us at gilc@gilc.org.
If you are aware of threats to cyber liberties that we may not know about, please contact the GILC members in your country, or contact GILC as a whole.
Please feel free to redistribute this newsletter to appropriate forums.
[1] Growing Awareness of Massive US-UK "Echelon" Spying Sparks Anger
[2] EU Parliament Endorses Controversial Online Content Ratings, Filtering
[3] GILC Campaign to Relax International Crypto Controls
[4] Canada Announces Crypto Liberalization to Promote Privacy, Commerce
[5] UK groups Condemn ISP discussions with Police
[6] Major Media Development in Bulgaria
[7] Singapore Calls for Net Self Regulation and Use of PICS Labeling
[8] German Decision in Somm/ CompuServe Case now available in English
[9] Upcoming Conferences, GILC Privacy and Human Rights Report
[1] Growing Awareness of Massive US-UK "Echelon" Spying Sparks Anger
Responding to increasing reports about the existence of a decades old, massive US-UK spying system called Echelon, the European Parliament adopted a resolution on 16 September calling for the adoption of "protective measures concerning economic information and effective encryption" to guard against abuse and threats to civil liberties posed by the clandestine intelligence system.
The European Parliament’s decision came after the circulation of a working report entitled "An Appraisal of Technologies of Political Control," that was originally published in December 1997, but was revised and presented to Parliament on 16 September. The report is the first public report by a governmental body that acknowledges the existence of Echelon.
"Within Europe, all email, telephone and fax communications are routinely intercepted by the United States National Security Agency, transferring all target information from the European mainland ...to Fort Meade in Maryland...," the report stated. The report also claims that the Echelon system was first uncovered in the 1970's by a group of researchers in the UK.
The report provides some detail about how the five governments alleged to be involved in the massive spying system have operated it, stating:
"The ECHELON system forms part of the UKUSA system but unlike many of the electronic spy systems developed during the cold war, ECHELON is designed for primarily non-military targets: governments, organizations and businesses in virtually every country. The ECHELON system works by indiscriminately intercepting very large quantities of communications and then siphoning out what is valuable using artificial intelligence aids like Memex. to find key words. Five nations share the results with the US as the senior partner under the UKUSA agreement of 1948, Britain, Canada, New Zealand and Australia are very much acting as subordinate information servicers."
The report raises serious concerns about the threats to liberty posed by Echelon, citing to an article published last year in Statewatch, stating: "It is the interface of the ECHELON system and its potential development on phone calls combined with the standardisation of tappable communications centres and equipment being sponsored by the EU and the USA which presents a truly global threat over which there are no legal or democratic controls."
Among the recommendations in the report, it calls for public accountability and safeguards to be enacted to limit surreptitious surveillance conducted by Echelon and states that the European Parliament should reject US proposals calling for access to private messages via the global communications network.
The European Parliament said it will commission a full report into the workings of Echelon this month, Wired News reports.
To learn more about Echelon, see:
Somebody’s Listening, NEW STATESMAN , 12 August 1988 http://jya.com/echelon-dc.htm,
1998 Nicky Hager, Covert Action Quarterly article on ECHELON: http://jya.com/echelon.htm,
1998 European Parliament, STOA report, Assessment of the Technologies of Political Control http://cryptome.org/stoa-atpc.htm,
Exposing the Global Surveillance System http://caq.com/CAQ59GlobalSnoop.html,
Eavesdropping on Europe, Niall McKay, Wired Magazine online, 30 September 1998, http://www.wired.com/news/news/politics/story/15295.html
[2] EU Parliament Endorses Controversial Online Content Ratings, Filtering
Despite protest by civil liberties groups, the European Parliament released another draft of its action plan to promote safer use of the Internet by combating illegal and harmful content online. The plan calls for industry to adopt controversial self-regulatory measures that include the use of third party content ratings systems and the development of national law enforcement hotlines and bodies to prosecute the distribution of material deemed "harmful or illegal."
The latest release states that ECU 25 million will be spent on the implementation of the four year Action Plan beginning January 1998. It also states that between 26-30% of the funds will be spent "creating a safer environment;" 32-38% will be spent developing filtering and rating systems; 30-36% will be spent on promoting public awareness about online content.
The details of the plan are still ambiguous, but the release states that content providers will be required to provide ratings for any content they provide access to and that it will include measures that "deals with cases where the content provider fails to rate properly."
The plan also calls for the EU members to hold a conference with non-member countries, industry, self-regulatory bodies, access and service providers, content providers, network operators, software houses, user, consumer and citizens rights groups and government bodies involved in industry regulation and law-enforcement.
However, civil liberties groups have long argued that such "self-regulatory" mechanisms, will lead to government sponsored censorship of controversial speech or speech by activists with minority viewpoints. "The action plan is not an apropriate answer to the problems of illegal and harmful content. It does not provide a solution, that fits with the liberty of speech necessary in a democratic society," said Rigo Wenning of Förderverein Informationstechnik und Gesellschaft (FITUG).
"Although the EU Action Plan suggests that ‘harmful content needs to be treated differently from illegal content,’ what is illegal or harmful is not clearly defined. The Action plan states that illegal content is related to a wide variety of issues such as instructions on bomb-making (national security), pornography (protection of minors), incitement to racial hatred (protection of human dignity) and libel (protection of reputation). But none of these listed are necessarily "illegal content", nor even considered as ‘harmful content’ by many European countries, said Yaman Akdeniz, Director, Cyber-Rights & Cyber-Liberties (UK).
Last year, in the landmark US decision in Reno v. ACLU, the Supreme Court struck down a national law, the Communications Decency Act, which similarly sought to regulate online speech saying "the growth of the Internet has been and continues to be phenomenal. As a matter of constitutional tradition, and in the absence of evidence to the contrary, we presume government regulation of the content of speech is more likely to interfere with the free exchange of ideas than to encourage it."
Free speech groups have also argued that ratings systems can never cover all material available on the World Wide Web given its daily growth. Thus, they argue, using PICs type blocking will mean that hundreds of thousands of un-rated sites will be blocked.
Moreover, in the US groups have challenged the use of filtering devices saying that they block content that may be helpful to minors and constitutionally protected as to adults. Free speech groups are currently awaiting a decision in a lawsuit against a Virginia public library policy that requires the use of blocking software to restrict public access to online content, in which they charged that the policy results in discrimination against certain viewpoints. Plaintiffs in the case include women’s organisations, sites that provide information about safer sex, journalists and gay and lesbian groups online.
In addition, a report by GILC member, the Electronic Privacy Information Center (EPIC) found that one filtered search engine typically blocked 99% of kid-friendly material on the Internet. The study was based on searches for information about such topics as the "American Red Cross," "Thomas Edison," and "Smithsonian Institution."
"While it is true that there is material available on the Internet that some will find legitimately objectionable, it is also clear that in some cases the proposed solutions may be worse than the actual problem. Filtering programs that deny children access to a wide range of useful and appropriate materials ultimately diminish the educational value of the Internet," said EPIC general counsel David Sobel, one of the principal authors of the report "Faulty Filters."
For a critique of similar initiatives within the UK including the creation of hotlines and the development of rating and filtering systems which follow from the EU Action Plan, read the two "Who Watches the Watchmen Reports" produced by Cyber-Rights & Cyber-Liberties (UK). See generally http://www.cyber-rights.org; "CyberCensors: The development of Rating & Filtering Systems in Europe," at http://www.cyber-rights.org/ottawa98/. For general information about problems with blocking, filtering and self ratings, visit the website of the Internet Free Expression Alliance at http://www.ifea.net
[3] GILC Campaign to Relax International Crypto Controls
As part of an ongoing campaign, members of GILC issued an open statement calling for the removal of cryptography controls from the Wassenaar Arrangement saying that continuation of the current restrictions is analogous to having a law that prevents households from using strong locks on their doors and windows.
The GILC statement was sent to the technical expert representatives of the 33 Nations who are signatory to the Arrangement. The aim of the Wassenaar Arrangement is to prevent the build up of military capabilities that threaten regional and international security and stability, by restricting the proliferation of offensive strategic weapons.
Unlike weapons controlled under the Arrangement, GILC members contend that cryptography is a defensive technology that scrambles computer files and communications to protect privacy.
The Arrangement provides that it will not impede bona fide civil transactions. But cryptographic products are vital for the continued growth of digital economies, for the development of secure electronic commerce and the protection of the privacy of citizens, a GILC statement explains.
GILC signatories of the open statement said they believe there is no sound basis within the Wassenaar Arrangement for the continuation of any export controls on cryptographic products. Such controls can serve only to increase the vulnerability of the information infrastructures on which society is increasingly dependent.
Moreover, the groups stated they believe that rather than hampering crime and terrorism, restrictions on cryptography will create an environment in which they will flourish.
Two representatives from GILC member organizations, Erich Moechel and Barry Steinhardt representing American Civil Liberties Union and Electronic Frontier Foundation, also met with the Wassenaar Secretariate last month following the organization’s conference "Outlook for Freedom, Privacy and Civil Society on the Internet in Central and Eastern Europe," hld in Budapest last month.
"We called on the Secretariat to carefully consider the urgency of cryptography from a civil liberties and human rights perspective and explained that the Wassenaar nations now have a duty to remove all export controls that impact on such products in order to allow the emergence of the open international market that is needed to foster their development," Steinhardt said, adding that he was pleased they were given the opportunity to raise the issues.
Wassenaar members convened to discuss the status of the Arrangements in late September but no news on agreements on cryptography policy have been announced as of yet. Wassenaar cryptography experts are expected to convene again in early December before a plenary meeting of member country representatives.
To find out more about the GILC campaign and read the full text of the open letter, visit the website at http://www.gilc.org/crypto/wassenaar/.
For more news on Wassenaar from Austria, see, http://www.mediaweb.at/akmg/news/wassenaar.html
[4] Canada Announces Crypto Liberalization to Promote Privacy, Commerce
The Canadian government last week gave a green light for its citizens to develop and use "the very strongest forms of encryption" to protect the privacy of their personal communications and records, and to protect the security of their online transactions.
Canadian Minister of Industry, John Manley, announced the country’s new Cryptography Policy, making it clear that that there will be no mandatory requirements for government access to encryption keys, and no licensing requirements, despite the wishes of law enforcement agencies who sought the capability of a built-in "backdoor" that would enable them to listen in on online communications.
Manley's announcement was made in anticipation of the upcoming OECD Ministerial Conference on Electronic Commerce, and the associated Conference on the Public Voice in the Development of Internet Policy, both being held in Ottawa starting October 7th.
The announcement followed roughly 18 months of deliberation involving a dozen federal departments and considerable public consultation. Industry Canada took note of the submission by GILC member Electronic Frontier Canada, which included 14 letters from leading Canadian experts in cryptography who opposed restrictive policy options, and a letter signed by 23 member organizations from GILC, said EFC president David Jones.
"Canada's approach has been more successful than the one taken in the United States, which over the past several years has seen a whole sequence of failed cryptography policies announced by Washington and then rejected by the Internet community," added Jeffrey Shallit, co-founder of Electronic Frontier, and a computer science professor at the University of Waterloo's Centre for Applied Cryptography Research.
While civil libertarians generally praised the announcement, some expressed concern over the continuing export restrictions. Under the Wassenaar Arrangement, an international treaty signed by 33 nations, Canada restricts the flow of cryptographic products to customers outside the country. For Canada's high-tech firms that sell cryptographic hardware and software, it is typical for more than 90% of their revenues to come from outside Canada.
Manley's policy announcement also included plans for several amendments to the Criminal Code. "Some of these changes would be welcome to help protect privacy," says Jones, "such as the proposal to criminalize the wrongful disclosure of encryption keys."
In the meantime, last month’s announcement by the US that it was "relaxing" its cryptography policy did not receive accolades by American civil liberties groups. "The administration opened the door another crack. They are retaining the vast bulk of restrictions for individual users," Dave Banisar, of the Electronic Privacy Information Center said.
The US plans provide some relief for commercial industry that seeks to export cryptography, but does not offer much protection for academics and individual, he added.
Full text of Manley’s speech on October 1 can be found at: http://e-com.ic.gc.ca/english/speeches/42d3.htm.
The U.S. announcement can be found online at
http://library.whitehouse.gov/PressReleases-plain.cgi?date=0briefing=3
[5] UK Civil Liberties Groups Criticise Talks Between ISPs and Police
Three leading British civil liberties groups condemned secret discussions between Internet Service Providers and the Association of Chief Police Officers (ACPO) to reach a "memorandum of understanding" that could permit police access to intercept private data communications such as e-mail or log files of individual users held by ISPs, Internet Magazine reports.
Internet Freedom, Cyber Rights & Cyber Liberties, and the Campaign Against Censorship of the Internet in Britain released a joint statement criticizing the "understanding," saying that ISPs have a duty to protect the fundamental rights of their users. Moreover, the groups were alarmed over the failure to include any civil liberties or public interest groups in other seminars about the agreements.
"ISPs have a duty to protect the fundamental rights and freedoms of their users, and in particular their right to privacy with respect to the processing of personal data. ACPO might have found a loophole under weak UK laws about electronic surveillance but should not in any case be allowed to amass evidence without showing probable and specific cause either to the ISP or to a judge," said Yaman Akdeniz of Cyber-Rights & Cyber-Liberties (UK).
If an agreement is reached it would permit access under a loophole in the existing Data Protection and Interception of Communications Acts which permits routine police access to private information with authorization from any rank higher than inspector, he added.
The groups also said that the potential agreement would violate Article 8(1) of the European Convention on Human Rights which will be incorporated to the English Legal System with the Human Rights Bill, and provides that "[e]veryone has the right to respect for his private and family life, his home and his correspondence."
The Convention also states that interference by public authorities is only permissible when it is "necessary in ...the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder of crime, for the protection of health or morals, or for the protection of the rights and freedoms of others."
In light of the legal violations posed by an ISP agreement to divulge information contrary to existing law, Chris Ellison, a spokesman for Internet Freedom said the talks must be called off immediately.
For more information, see, Internet Magazine Online News Section, Fri, Sep 18, 1998
http://www.internet-magazine.co.uk/news/sept/18a.htm
[6] Major Media Victory in Bulgaria
In a major victory for independent media in Bulgaria, President Stoyanov vetoed the restrictive Radio and Television Law passed by Parliament last week that would would have established a structure under for the majority party in the Bulgarian National Assembly to control the licensing of private broadcasting on the basis of content.
The degree of political control over broadcasters would have inhibited the development of a free and independent broadcast media, according to ChrisWright, of IREX/ProMedia, an international organization that has worked with the Group for European Media Legislation in Bulgaria to lobby the Parliament on the behalf of independent media.
Since the Group's creation in February, ProMedia/Bulgaria and ProMedia Consultants from the law firm of Covington & Burling have provided technical assistance and legal consulting to improve the Group's lobbying capacity and its understanding of European Union standards and international media legislation.
President Stoyanov invited the Group for European Media Legislation in Bulgaria for consultations and proposals for changes in the law. The groups have said they will continue to push for improvements in the law.
For more information, contact Chris Wright, e-mail: cwright@irex.org.
[7] Singapore Calls for Net Self Regulation and Use of PICS Labeling
Singapore’s National Internet Advisory Committee (NIAC) released a report this month to the Singapore Broadcasting Authority (SBA) which calls for industry self-regulation to protect user privacy and for the use of controversial web site rating and labeling mechanisms to regulate online content.
SBA members said they support the NIAC's recommendations for industry to label web sites based on classification systems such as that by the Recreational Software Advisory Council on the Internet (RSACi). The NIAC also called for the creation of regulated "Family Access Networks" with access to pre-selected and restricted content.
The report recommends the creation of a government labeling bureau to be charged with rating web sites, which some activists said they fear will create a centralized censorship bureau. Moreover, the use of self-labeling schemes such as RSACi and PICS (Platform for Internet Content Selection) has long met with staunch opposition by free speech and civil liberties groups from all over the world. (see above, EU Parliament Endorses Controversial Online Content Ratings, Filtering)
The report also includes some less restrictive suggestions to improve awareness and for schools and parents on how to teach children to use the Internet responsibly and safely.
Singapore’s NIAC also outlined principles for industry self-regulation of user data privacy in the E-Commerce Consumer Protection Code. However, the report states that the "key principle to bear in mind is that these steps taken to ensure confidentiality of personal information should have as small an impact as possible on the economic viability of the providers and the services they make available."
The full Report is available online at http://www.sba.gov.sg/wnew.htm
[8] German Decision Against CompuServe Exec Now Available in English
The German decision finding CompuServe executive Felix Somm criminally liable for negligent violation of the Act on the Dissemination of Publications Morally Harmful to Youth is now available in english through Cyber-Rights & Cyber-Liberties (UK) pages.
The decision, which is on appeal, sent shockwaves through the online community because it found Somm personally liable for acting as an accomplice to CompuServe USA for failing to blocked deemed pornographic and illegal under German law. According to the decision, CompuServe USA was under a duty to block access to pornographic material even though it was created by third parties.
"The interest of CompuServe USA in maintaining fora specifically indicating hard core pornography is neither reasonable nor worthy of protection. Rather, in view of the seriousness of the risks involved and the importance of youth protection, CompuServe USA can be required to keep its newsserver free from newsgroups that specifically indicate violent, child, or animal pornography," the decision states.
Somm was sentenced by the German Court to two years in prison and was fined for the offenses. However, the Court suspended Somm’s sentence to probation because he left his position with the company. The english translation is online at: http://www.cyber-rights.org/isps/somm-dec.htm
[9] Upcoming Conference Announcements:
* GILC Meeting on Net Policy Development:
The Canadian Minister of Industry will be the opening speaker at the upcoming GILC conference on "The Public Voice in the Development of Internet Policy" to be held in Ottawa on October 7. The Conference is organized by GILC members, the Electronic Privacy Information Center, Federation Nationale des Associations de Consommateurs du Quebec, Public Interest Advocacy Center, Electronic Frontier Canada and Open Society Institute. Conference developments and panel discussions will be posted online throughout the conference on the GILC website.
The conference will cover a range of online issues, including, consumer protection, free speech and online access, privacy and encryption and the application of human rights protections to digital communications. Speakers include David Johnston, the Former Chair of the Canadian Information Highway Advisory Council and the Former Provost of McGill University, Stephen Lau, Privacy Commissioner for Personal Data in Hong Kong, as well as experts from Belgium, Canada, Norway, England, Germany, Austria, Australia, and the U.S.
In addition, GILC members will release PRIVACY AND HUMAN RIGHTS: An International Survey of Privacy Laws and Practice. The report details the state of privacy in fifty countries around the world. It outlines the constitutional and legal conditions of privacy protection, and summarizes important issues and events relating to privacy and surveillance.
Among its key findings:
*Privacy is a fundamental human right recognized in all major international treaties and agreements on human rights. Nearly every country in the world recognizes privacy as a fundamental human right in their constitution, either explicitly or implicitly. Most recently drafted constitutions include rights to access and control one's personal data.
*New technologies are increasingly eroding privacy rights. These include video surveillance cameras, identity cards and genetic databases.
*There is a growing trend towards the enactment of comprehensive privacy and data protection acts around the world. Currently over 40 countries and jurisdictions have or are in the process of enacting such laws. Countries are adopting these laws in many cases to address past governmental abuses (such as in former East Bloc countries), to promote electronic commerce, or to ensure compatibility with international standards developed by the European Union, the Council of Europe, and the Organization for Economic Cooperation and Development.
*Surveillance authority is regularly abused, even in many of the most democratic countries. The main targets are political opposition, journalists, and human rights activists. The U.S. government is leading efforts to further relax legal and technical barriers to electronic surveillance. The Internet is coming under increased surveillance.Conference registration information is available at http://www.gilc.org/events/ottawa98/.
Or contact Marie Vallée, FNACQ, 1215 de la Visitation, bur. 103, Montréal (Québec), Canada, H2L 3B5, 514-521-6820 (tel) 514-521-0736 (fax).
ABOUT THE GILC NEWS ALERT:
The GILC News Alert is the newsletter of the Global Internet Liberty Campaign, an international coalition of organizations working to protect and enhance online civil liberties and human rights. Organizations are invited to join GILC by contacting us at gilc@gilc.org. To alert members about threats to cyber liberties, please contact members from your country or send a message to the general GILC address.
To submit information about upcoming events, new activist tools and news stories, contact: GILC Coordinator, American Civil Liberties Union 125 Broad Street 17thFloor, New York, New York 10004 USA. email: gilcedit@aclu.org
More information about GILC members and news is available at http://www.gilc.org. You may re-print or redistribute the GILC NEWS ALERT freely. To subscribe to the alert, please send an mail to gilc-announce@gilc.org with the following message in the body: subscribe gilc-announce
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)