GLOBAL

INTERNET

LIBERTY

CAMPAIGN



NEWS

 GILC Actions 

 Presswire 


ISSUES

 Free Speech 

 Privacy 

 Cryptography

 Access


RESOURCES

 GILC Alert 

 Mailing List
 GILC Events 


ABOUT GILC

 Principles

 Members 

 Mail GILC 


Home Page

US Site
European Mirror

 

GILC Alert
Volume 3, Issue 7

November 3, 1999

 

Welcome to the Global Internet Liberty Campaign Newsletter

             

Welcome to GILC Alert, the newsletter of the Global Internet Liberty Campaign. We are an international organization of groups working for cyber-liberties, who are determined to preserve civil liberties and human rights on the Internet.

We hope you find this newsletter interesting, and we very much hope that you will avail yourselves of the action items in future issues.

If you are a part of an organization that would be interested in joining GILC, please contact us at gilc@gilc.org.

If you are aware of threats to cyber liberties that we may not know about, please contact the GILC members in your country, or contact GILC as a whole.

Please feel free to redistribute this newsletter to appropriate forums.


Free Expression

[1] Haiti's Internet in Danger
[2] War of words intensifies over Australian net censorship plans
[3] More discussion of Bertelsmann Internet filtering scheme
[4] Chinese dissident jailed for distributing Net newsletter
[5] AOL selects, then removes Burma junta page
[6] Bulgarian government to expand Internet restrictions
[7] Third World struggles to get Internet access

Privacy and Encryption

[8] Attempts made to Jam Echelon
[9] UK Police to get power to tap e-mail
[10] US changes policies on encryption and Net surveillance
[11] New US rules on child privacy
[12] Government officials meet in Moscow over Internet surveillance
[13] EU temporarily shelves net tapping scheme
[14] Privacy, consumer protection top OECD conference agenda
[15] Big Brother Awards events held


[1] Haiti's Internet in Danger

For the time being, much of Haiti is cut off from the rest of the on-line world.

Several weeks ago, the Haitian government closed down Alpha Network Communications (ACN). ACN had been the first and largest provider of Internet access in the Caribbean nation. The government gave no advance notice, nor did it seek prior judicial approval of its actions. As a result, nearly 80% of the Internet users in Haiti have lost access to the network.

The national telephone monopoly, Telecommunications d'Haiti -- also known as Teleco, and the National Telecommunications Council (CONATEL) have alleged that ACN was illegally selling international telephone cards and providing international telephone service. However, many observers suspect that this move is an attempt by the government to silence dissent and consolidate power. This action comes only a few months before Haiti's national elections, which were scheduled to happen sometime in the year 2000.

Letters of protest can be sent to: embassy@haiti.org

For further information, see: http://www.funredes.org/funredes/ht-tld.htm


[2] War of words intensifies over Australian Net censorship plans

The ugly debate over Australian Internet content controls has gotten even uglier.

In the latest development, Electronic Frontiers Australia (EFA), a GILC member, has been allowed to table a statement in the Australian Senate. The statement came in response to vicious attacks from Senator Alston, the Minister for Communications. Alston had previously labeled EFA and fellow cyberliberties organizations as "maniacs" who were "not in the slightest bit interested in the welfare of the community". He suggested that they were making it difficult for the Internet Industry Association and the Government to negotiate a code of practice.

EFA hotly contested Alston's remarks, saying that his claims were "incorrect, unjustified and utterly without foundation." The organization pledged to continue making a "big noise" in order to highlight the potential problems his proposed legislation would create.

The debate centers over The Broadcast Services Amendment (Online Services) Act, which would restrict Internet content based on a rating scheme previously used for films.

Alston had previously suggested that there was strong support within the industry for such legislation, but there are now strong indications to the contrary. The Senator had cited Yahoo and Lotus in one of his speeches, in which he said, "The industry itself accepts there should be these codes of practice in the form of regulation." However, spokespeople from both Yahoo and Lotus firmly denied that their companies had endorsed Alston's proposal. Indeed, Labor Senator Kate Lundy suggested that the bill might hurt the IT business by driving talented programmers out of Australia.

Similarly, Tony Hill, the Executive Director of the Internet Society of Australia (ISOC-AU), warned that "Thousands of unsuspecting Australian businesses using the Internet may find they have to comply with the provisions of the Broadcasting Services Amendment (Online Services) Act". Hill's comments came after ISOC-AU and the leading technology law firm Phillips Fox analyzed the provisions of the bill. Their analysis revealed that the definitions of Internet Service Provider (ISP) and Internet Content Host (ICH) are much broader than previously thought.

In a related story, Australian State & Territory Governors are considering a proposal that would criminalize mistakes made when labeling Internet content. EFA's Irene Graham pointed out that this vague plan would essentially force content providers to "in effect, rate their speech by guessing/foreseeing how a majority of the members of the government Classification Board would rate it. The Board would/will effectively become a jury but without the need for unanimity." Graham added that the bill "criminalises material online that is not illegal offline in Australia".

For a copy of EFA's latest release on this subject, see: http://www.efa.org.au/Publish/PR991022.html

For ISOC-AU's analysis of the bill, see: Are You an ISP? Ambiguity in the Internet Censorship Legislation http://www.isoc-au.org.au/Regulation/PFoxBSA.html

Who is an ICH or an ISP (and how is the ABA going to notify them)?
http://www.isoc-au.org.au/Regulation/WhoisISP.html

For info about numerous flaws in the proposed legislation, see EFA's submission in response (being sent to all 8 State/Territory Govs). http://www.efa.org.au/Publish/agresp9909.html

The draft IIA Code is available at: http://www.iia.net.au/code.html

EFA's direct response to the draft Code is available at: http://www.efa.org.au/Publish/iiacode5.htm

Kate Lundy's home web site is located at: http://www.katelundy.dynamite.com.au

For Senator Alston's website, see: http://www.dcita.gov.au

For more discussion of this issue, go to: http://theage.com.au/special/censorship/feedback.html


[3] More discussion over Bertelsmann Internet rating scheme

A storm of criticism and concern has continued to swirl as various European plans for Internet content regulation continues to take shape.

INCORE (Internet Content Rating for Europe), a European Union sponsored project, has now set forth a consultation paper, ostensibly to "open up the consultation with Internet users and content providers". INCORE is attempting to create "a generic rating and filtering system suitable for European users."

This comes after a September meeting in Munich, which was organized by the Bertelsmann Foundation in cooperation with INCORE. At the meeting, the Bertelsmann Foundation issued a memorandum which called for the establishment of rating and filtering schemes, a global network of hotlines and private self-regulatory agencies to deal with potential user complaints.

The Foundation's proposals at the Munich conference ignited a wave of fierce criticism. A number of these critics have noted that similar schemes, while described as "self-regulation", have been converted into law and enforced by governments in several countries. The voices of dissent included the leaders of several GILC member organizations, such as Esther Dyson of Electronic Frontiers Foundation (EFF), Yaman Akdeniz of Cyber-Rights & Cyber-Liberties (UK), and Nadine Strossen of the American Civil Liberties Union (ACLU), among many others. It remains to be seen whether the general public or industry will fully accept these content controls.

The Foundation's consultation paper may be seen at: http://www.incore.org/paper/paper.htm

For Ms. Dyson's comments on the Foundation's Munich memorandum, see: http://www.eff.org/pub/Censorship/Ratings_filters_labelling/19990910_dyson_r atings_comments.html

For Mr. Akdeniz's cautions against Internet content regulation, see: http://www.cyber-rights.org/reports/summit99.htm

For more on Ms. Strossen's critical remarks, see: http://www.aclu.org/news/1999/n090999a.html


[4] Chinese dissident arrested for disseminating Net newspaper

Printing out e-mail in mainland China can get you thrown in jail.

That's what Qi Yanchen discovered several weeks ago. The Chinese dissident had printed out a copy of a pro-democracy e-mail magazine, "V.I.P. Reference" (also known as "Dacankao"). Soon afterwards, Communist Chinese authorities not only arrested him, but also ransacked his home and confiscated his computer, along with copies of the magazine. According to reports, he is likely to be charged with the bizarre offense of unauthorized "contacts with foreign hostile organizations or individuals."

For further information, go to: http://www.dfn.org/Voices/Asia/china/qiyanchen.htm


[5] AOL selects, then takes down Burma junta page

Just how does AOL select webpages, anyhow?

That's the question a number of observers are asking after America Online (AOL) decided to link "www.myanmar.com" to its Asia Forum. As it turned out, the website is owned by the Burmese ruling junta, which is one of the most notorious forces for Internet censorship in the world. The Burmese secret police even sent a letter to AOL thanking them for their efforts.

Pro-democracy groups condemned AOL for its actions. The Free Burma Coalition noted in its press release that the Burmese government imprisons citizens for "unauthorized" use of copying machines, modem-equipped computers, and faxes. In addition, Burmese authorities deny most citizens from obtaining Internet access, except for "authorized" supporters of the regime. Not surprisingly, free speech groups such as Reporters Sans Frontieres have labeled the Burmese government as one of the world's "real enemies" of the internet.

Apparently bowing to political pressure, AOL subsequently removed the website from its International Country Pages.

For more information, visit: http://www.freeburmacoalition.org


[6] Bulgarian government to expand Internet restrictions

Internet users in Bulgaria are bracing for potentially ruinous government restrictions.

These restrictions came in an executive order from the Bulgarian Committee of Posts and Telecommunications (CPT). The order contains proposals to require general licensing of local Internet service providers (ISPs), as well as requiring ISPs to pay hefty fees. In addition, the authorities could even obtain private information, including passwords and user names, by walking into ISP offices at any time they wish.

Not surprisingly, Bulgarian Internet users promptly denounced these plans. The Internet Society-Bulgaria (ISOC-Bulgaria, a GILC member) suggested that the scheme "would bring Bulgaria closer to the less-than-democratic Internet clubs of Russia, Iran, Iraq, Cuba, China..." ISOC-Bulgaria sued in the Bulgarian Supreme Court, claiming that "the decision to license ISPs violates existing telecom legislation in Bulgaria, the Constitution and art. 10 of the European Convention on Human rights." The Court issued an interim order which halted ISP licensing for the time being.

Meantime, the Commission on Monitoring (CoM) from the Parliamentary Assembly of the European Council (PACE) wrote a report which discussed this heated issue. The CoM warned that the proposed licensing would severely retard the growth of democracy in Bulgaria.

For further details can be found at http://www.isoc.bg/kpd/


[7] Third World struggles to get Internet access

Only 2 percent of the world's population is online.

That is according to United Nations (UN) statistics, which suggest that attempts to turn the earth into one big electronic global village have long ways to go. This problem is especially serious in Third World nations, which often lack the economic and political resources to allow easy, inexpensive Internet access. Raul Zambrano, an information technology specialist for the UN development, project noted that in cyberspace, "the gap between the haves and have-nots is widening."

Some countries have no Internet service providers (ISPs) of their own, and must depend on ISPs of other nations to get access to the Internet. In other instances, the lack of infrastructure such as reliable phone lines hinders the growth of cyberspace, even when there are websites to view. That is the case in Somalia, where violence and high cost have also been major problems as its first domestic ISP is about to begin operations.

Further details on the global Internet situation can be seen at: http://www.economictimes.com/today/18tech04.htm http://www.hrea.org/lists/huridocs-tech/markup/maillist.html

For more coverage of Somalia's attempts to join the online world, see Greg Barrow, "Africa gathers to bridge technology gap", BBC News, October 26, 1999, at http://news.bbc.co.uk/hi/english/world/africa/newsid_485000/485275.stm

Also, see "Somalia to go online", BBC News Online, September 27, 1999, at http://news.bbc.co.uk/low/english/world/africa/newsid_459000/459319.stm


[8] Attempts made to Jam Echelon

Numerous Internet users recently attempted to jilt a secret spy network, but it is not clear whether they were successful.

The event did raise public awareness about ECHELON, a highly confidential surveillance system. The system is operated by the government intelligence agencies of 5 countries, including the United States National Security Agency (NSA), the United Kingdom's Government Communications Headquarters (GCHQ), the Australian Defense Signals Directorate (DSD), Canada's Communications Security Establishment (CSE), and New Zealand's Government Communications Security Bureau.

In this effort, Internet users sent numerous e-mail messages containing words which might trigger Echelon's attention, such as NSA, TERRORISM, BOMB, and so on. Many experts, including Wayne Madsen of the Electronic Privacy Information Center (EPIC--a GILC member), raised doubts as to whether this spam attack could succeed. However, as Simon Davies of Privacy International (a GILC member) noted, it may never be clear if this effort had any impact on Echelon's workings.

For more press coverage of Jam Echelon day, see Ted Bridis, "NSA Spammed", ABCNews.com, October 22, 1999, at http://abcnews.go.com/sections/tech/DailyNews/netspy991022.html

Also see James Glave, "Hackers Ascend Upper 'Echelon'", Wired News, October 6, 1999, at http://www.wired.com/news/news/politics/story/22102.html


[9] UK police to get power to tap e-mail

A heated debate has arisen over British government plans to expand the power of law enforcement in cyberspace.

These measures are packaged together in a new Electronic Communications Bill. Under this scheme, computer users who refuse to divulge their passwords to the authorities can be sent to jail for up to two years. Other provisions would allow companies easier access to employees' phone calls and e-mails. In addition, the police will give the police newfound ability to tap mobile phone calls, pager messages and e-mail. The proposal would require Internet service providers (ISPs) to keep daily records on senders and recipients of data.

These plans have generated a firestorm of criticism. In a recent analysis done on behalf of the Foundation for Information Policy Research (FIPR) and Justice, legal scholars blasted the new legal standards. The report was written by Jack Beatson QC, a former Law Commissioner, and Tim Eicke, a barrister specializing in human rights and communication. Beatson and Eicke warned that the proposal would trample on personal liberties, particularly the right to a fair trial and the right against self-incrimination, which is guaranteed under Article 6 of the European Convention. The opinion also reproached government officials for essentially turning the principle of 'innocent until proven guilty' on its head. Furthermore, the analysts suggested that the bill went too far in terms of the number and type of transmissions that could be intercepted. Worse still, barristers believed that the plans did not provide enough safeguards against potential government abuse.

The FIPR's opinion is available at http://www.fipr.org/ecomm99/ecommaud.html

More background information, see Richard Reeves, "Police power to read e-mails 'is breach of rights'", (London) Observer, October 24, 1999, at http://www.newsunlimited.co.uk/observer/uk_news/story/0,3879,95331,00.html


[10] US changes policies on encryption and Internet surveillance

The United States government has made a number of alterations to its policy on computer encryption and the interception of Internet transmissions.

On one hand, the Clinton administration proposed legislation which, among other things, would make it easier for law enforcement to seize and decrypt Internet communications. Under this new version of the Cyberspace Electronic Security Act (CESA), government investigators would no longer have to show probable cause in order to obtain decryption information from third parties. Instead, the bill would use a newly minted, four-prong test that is far more nebulous. The bill would also permit the government to get court orders preventing the disclosure of government surveillance techniques.

CESA has drawn fire from a number of sources, including such GILC members as the Center for Democracy and Technology (CDT), the American Civil Liberties Union (ACLU) and the Electronic Privacy Information Center (EPIC). CDT noted in its initial analysis that "critical details" of the bill were "ambiguous or objectionable". In particular, the CDT report pointed out that CESA failed to provide "adequate privacy standards", and that the new test for government access to decryption materials fell "far short of [U.S. Constitutional] privacy protections". For its part, in a recent memorandum on the subject, the ACLU said that CESA's "peculiar exercise in semantics conflicts with the requirements of the [U.S.] Constitution and might open the door to greater government intrusion in cyberspace." EPIC voiced similar concerns in a statement issued the day CESA was announced; EPIC's General Counsel, David Sobel, noted that the new proposal provides "less security than advertised, with hidden vulnerabilities the government can exploit."

Another Clinton Administration move lifted export restrictions on most types of encryption technology. However, under this new policy, programming companies would be required to clear their products for export (a procedure known as "one-time review"). While many observers applauded the lifting of restrictions, a number of groups (including CDT and the ACLU) believed that "one-time review" might give U.S. officials extra leverage to pressure private companies into creating "back door" security flaws. Additionally, this apparent reversal in Clinton Administration policy does not seem to alleviate restrictions on the exportation of raw encryption code (as opposed to finished or compiled encryption software products).

The proposal has already hit stormy weather in Congress. House Majority Leader Dick Armey has written a letter to Attorney General Janet Reno, where he expressed "very serious concerns" about the Clinton Administration's plans. These concerns included questions over "special protections for decryption keys" and the extent of export clearance review.

For the full text of CESA, visit http://www.epic.org/crypto/legislation/cesa/bill_text.html

For the Clinton Administration's official analysis of the bill, click http://www.epic.org/crypto/legislation/cesa/analysis.html

For CDT's analysis of CESA, see http://www.cdt.org/crypto/CESA/cdtcesaanalysis.shtml

To see an ACLU press release about these events, see http://www.aclu.org/news/1999/n091699a.html

For EPIC's press release on the subject, visit http://www.epic.org/crypto/legislation/cesa/epic_release_9_16.html

For Armey's letter on CESA, visit http://freedom.house.gov/library/technology/reno2letter.asp

For more press coverage of the Clinton Administration's new proposals, see Ted Bridis, "Encryption Export Rules Ease", ABCNews.com, September 17, 1999, at http://abcnews.go.com/sections/tech/DailyNews/encryption990917.html


[11] New US rules on child privacy

New regulations from the United States would restrict the collection of private information from children online.

The new rules, which were issued by the United States Federal Trade Commission (FTC), would require most websites to get parental consent before obtaining information from their children (13 and younger). The type of information that is covered includes e-mail addresses and dates of birth. The FTC regulations do not apply to non-US websites.

Opposition has already arisen in response to these new legal standards. Small business owners and several Congressional leaders have suggested these rules might place a severe economic burden on certain websites, which may lack the economic resources to comply with the FTC's requirements. These groups have suggested that the Commission moved too swiftly in drafting the new regulations. Some free speech groups, while generally praising the regulations, have also raised several questions about a provision that may require parental consent for a child to take part in a chat room, even if the operators do not ask for personal information.

For more information, see Declan McCullagh, "FTC Weighs In on Kid Privacy", Wired News, October 20, 1999, at http://www.wired.com/news/politics/0,1283,32007,00.html


[12] Government officials meet in Moscow over Internet surveillance

Prosecutors from around the world were to meet to hatch new plans for tapping the Internet.

The meeting was scheduled to occur on October 19-20 in Moscow. Attending the meeting were to be Ministers of Interior and Justice of the G-8 nations, including the United States, Japan, and Canada. Among the proclaimed goals of these leaders is an obligatory agreement with European Union member states and so-called observer countries. These member states want greater international cooperation and greater powers to perform transnational computer searches for major criminal offenses. These powers would be "subject to specific hedge clauses for appropriate protection of the sovereignty of other states".

Perhaps the most notable proposal was an attempt to standardize the length of time for which Internet service providers would have to keep copies of their subscribers' e-mail messages. In March, the G-8 Ministers had suggested Internet service providers should freeze and store suspect communication data immediately on request of investigators. Under this procedure, known as "Freeze and Preserve", the police could seize and evaluate the suspect data and evaluate, assuming they had a judicial order or other suitable legal basis. The European Union data-security commissioners recommended that telecommunications operators should be allowed to keep data for up to three months.

Other proposals would force computer manufacturers to install a "Black Box" to allow investigators easier access to privately held computers. It remains to be seen what possible safeguards will be included to prevent unnecessary government intrusion in cyberspace.

The event was shrouded in secrecy, and no details were released as to what happened at the meeting.

For more information, in German, see Christiane Schulzki Haddouti, "Hunt for the log files", Spiegel Online, October 8, 1999 at http://www.spiegel.de/netzwelt/politik/0,1518,45748,00.html

For an English translation, visit http://cryptome.org/g8-hunt.htm


[13] EU temporarily shelves Net tapping scheme

The European Union has decided not to create a new Internet surveillance system, at least for the time being.

Prior plans for such a system, known as ENFOPOL, were abandoned after repeated protests. These protests came from European industry groups, including European Internet Services Providers Association (EuroISPA), as well as the Netherlands and the United Kingdom. The plans would have made much easier for law enforcement to tap transmissions along the Internet and other "new technologies". However, it is distinctly possible that the proposal may yet be resurrected in the near future.

For more information, see Tim Richardson, "EU scraps global Net tapping plans...for now", The Register, October 12, 1999, at http://www.theregister.co.uk/991012-000015.html


[14] Privacy and consumer protection top agenda at OECD conference

Participants at a forum organized by nongovernmental organizations called for greater privacy and consumer protection measures.

The "Public Voice on Electronic Commerce" forum was sponsored by GILC, and was organized by two GILC members, the Electronic Privacy Information Center (EPIC) and Imaginons un Reseau Internet Solidaire (IRIS). At the October 11 meeting, many speakers expressed certain hopes, such as more widespread access to the Internet, consumer rights, governance in cyberspace and privacy protection. Interestingly, a number of observers accepted the possibility that co-regulation of the Internet might be inevitable. Nevertheless, as Theresa Amato, of the United States-based Citizen Advocacy Center noted, few were convinced by the "the argument in favor of a purely self-regulatory regime" was "persuasive". The Public Voice participants urged government to take a stronger regulatory stance in several key areas, particularly in the case of consumer rights and privacy.

The consumer-oriented and business-led events led up to a two-day Electronic Commerce forum on Oct. 12-13.

OECD Forum on Electronic Commerce is available on the World Wide Web at http://www.oecd.org/dsti/sti/it/ec/act/paris--ec/index.htm.

Information on the Public Voice forum is available on the organization's World Wide Web site at http://www.thepublicvoice.org.

The full text of the business-led Global Action Plan can be found on the International Chamber of Commerce's World Wide Web site at http://www.iccwbo.org.

Also see http://www.thepublicvoice.org (English only),
and http://www.iris.sgdg.org/actions/publicvoice99 (French and English)


[15] Big Brother Awards events held

Several organizations, including GILC members ARGE Daten and quintessenz e-zine, held a Big Brother Awards Austria Party on October 26. The event was designed to spotlight the most shameless intruders into individual privacy spheres from Austrian government, institutions and business. The special guests to the party included Simon Davies (from Privacy International--a GILC member) and cryptography-specialist Mike Auerbach (from Network Associates). The gala was cybercast on the Internet, through the official Awards website.

The event attracted 1350 people. Among the winners was the Austrian Minister of the Interior, who received the "Big Brother Lifetime Achievement Award."

The Austrian event was inspired by similar ceremonies held in the United Kingdom (on October 19) and the United States (on April 7). The British and American Big Brother Awards were both held by Privacy International. In the UK, Gold Awards (for the greatest threats to privacy) were presented this year to UK Home Secretary Jack Straw, as well as the credit bureau firm Experian. Among the Winston winners (given to supporters of privacy) this year was investigative journalist Duncan Campbell, who has extensively profiled the activities of the United States National Security Agency (NSA) and the super-secret surveillance network known as ECHELON.

For more details on the Austrian Big Brother Awards, see http://www.bigbrother.awards.at

For more information on the UK Big Brother Awards, see http://www.bigbrotherawards.org/


ABOUT THE GILC NEWS ALERT:

The GILC News Alert is the newsletter of the Global Internet Liberty Campaign, an international coalition of organizations working to protect and enhance online civil liberties and human rights. Organizations are invited to join GILC by contacting us at gilc@gilc.org. To alert members about threats to cyber liberties, please contact members from your country or send a message to the general GILC address.

To submit information about upcoming events, new activist tools and news stories, contact: GILC Coordinator, American Civil Liberties Union 125 Broad Street 17thFloor, New York, New York 10004 USA. email: gilcedit@aclu.org

More information about GILC members and news is available at http://www.gilc.org. You may re-print or redistribute the GILC NEWS ALERT freely. To subscribe to the alert, please send an mail to gilc-announce@gilc.org with the following message in the body: subscribe gilc-announce


PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)