Welcome to the Global Internet Liberty Campaign
Newsletter
Welcome to GILC Alert, the newsletter of the Global
Internet Liberty Campaign. We are an international
organization of groups working for cyber-liberties, who
are determined to preserve civil liberties and human
rights on the Internet.
We hope you find this newsletter interesting, and we
very much hope that you will avail yourselves of the
action items in future issues.
If you are a part of an organization that would be
interested in joining GILC, please contact us at
gilc@gilc.org.
If you are aware of threats to cyber liberties that we
may not know about, please contact the GILC members in
your country, or contact GILC as a whole.
Please feel free to redistribute this newsletter to
appropriate forums.
Free Expression
[1] Hague treaty poses Net speech problems
[2] China pushes new Net speech rules
[3] Professor files suit over digital
discussions
[4] Iranian cybercafes closed
[5] EBay & Yahoo hate bans ineffective
[6] Problematic French Info Society law creeps
forward
[7] Domain name convention generates more
controversy
[8] Spain unveils webpage curbs
[9] Court battles brew over US blocking laws
[10] Possible UK Net speech restrictions
[11] New EU copyright law may curb Net speech
[12] Survey: online freedom growing, but still
threatened
[13] New program to bypass Net censors
[14] Victories in anonymous Net speech cases
Privacy and Encryption
[15] Final draft Euro cybercrime pact sparks
criticism
[16] US gov't shuns ECHELON investigators
[17] Smart shirts, beds, cars spark privacy
concerns
[18] Industry privacy proposal draws
skepticism
[19] Experts call for Carnivore spyware
rollback
[20] Rush to implement cellular phone
trackers
[21] eTours consumer list sale questioned
[22] New worm may actually protect computers
[23] Macy's wedding site faces privacy woes
[24] Webbug detection program available
[1] Hague treaty poses Net speech problems
A controversial multinational agreement regarding
court judgments has run into difficulties, including
questions as to its impact on Internet free speech.
The Hague Convention on Jurisdiction and Foreign
Judgments is essentially designed to make it easier to
enforce court rulings across borders. The types of
judgments covered by the treaty include many kinds of
civil lawsuits, and apparently encompasses speech-related
torts such as libel and defamation. The treaty also
mentions various types of intellectual property-based
actions. The document is currently being negotiated by
representatives of many countries, including mainland
China, the United States, the United Kingdom, Germany,
Japan, Korea and Australia.
Consumer groups and free speech activists have warned
that the Convention may have a detrimental impact on
Internet users, particularly with regard to freedom of
expression. These critics also point out that the few
public policy provisions within the treaty will not be
sufficient to protect citizens from liability based on
speech restrictions in other countries (such as China).
Jamie Love from the Consumer Project on Technology fears
that the treaty "will strangle the Internet with a
suffocating blanket of overlapping jurisdictional claims,
expose every Web page publisher to liabilities for libel,
defamation and other speech offenses from virtually any
country, (and) effectively strip Internet service
providers of protections from litigation over the content
they carry."
Yet despite these warnings, during recent drafting
sessions held in the Netherlands, negotiators reportedly
decided to strengthen several intellectual property
standards within the pact. This move sparked outrage from
many cyberlibertarians; Richard Stallman of the Free
Software Foundation charged that "[p]eople don't
realize what a disaster this could be."
For the latest coverage, read Lisa M. Bowman, "Global
treaty-threat to the Net?" ZDNet News, June 22, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,5093109,00.html
See also Boris Grondahl, "Your Court of Mine?"
Industry Standard, June 25, 2001 issue, at http://www.thestandard.com/article/0,1902,27176,00.html
To see a list of Hague convention member nations,
click http://www.hcch.net/e/members/members.html
A prior draft of the treaty is posted under http://www.hcch.net/e/conventions/draft36e.html
[2] China pushes new Net speech rules
It's been a tough couple of weeks for Chinese Internet
activists.
Chinese commisars recently convicted and sentenced Liu
Weifang for posting several messages that criticized
Communism. In addition, Chinese officials have reportedly
charged four men (Jin Haike, Xu Wei, Yang Zili and Zhang
Honghai) with subversion. These people apparently
participated in a political reform discussion group that
included numerous postings on the Internet. Yang Zili, in
particular, had previously run www.lib.126.com--a website
that included articles on the suppression of the Falun
Gong spiritual movement, economic disparities in Chinese
society and other controversial subjects. In a third
case, Chinese government agents have arrested Hu Dalin
for posting remarks from his father (a retired policy
expert) on the Information Superhighway. Meanwhile, a
Chinese court has rejected an appeal from Jiang Shihua,
who received a two-year prison sentence for pro-democracy
statements that he made via an Internet chatroom back in
August 2000.
Mainland Chinese authorities also have unveiled a new
proposal that may have a detrimental impact on Internet
expression. While details are sketchy, the draft
regulations apparently would make it a crime for ordinary
computer users to do various activities through their
homepage. A preliminary analysis by the Chinese
electronic publication VIP Reference has revealed that
the list of proscribed acts includes publishing news,
setting up unmoderated chatboards, or allowing software
downloads. In addition to these measures, Chinese
government officials are pressuring companies to engage
in self-censorship, on the pretext of security.
More recently, the Chinese government has launched
what has been termed the biggest crackdown on cybercafes
since the nation entered the Information Superhighway.
Forty thousand officials are said to have taken part in
this effort, which has affected some 56 800 cafes.
Besides forcing these establishments to log their
customers' activities and installing spyware devices,
government agents have forced at least 6000 cybercafes
offline.
For the latest details on the cybercafe crackdown,
read "China Closes Internet Cafes," International Herald
Tribune, June 15, 2001 at http://www.iht.com/articles/22928.html
For additional information concerning the Liu Weifang
case, visit the Digital Freedom Network (DFN-a GILC
member) website under http://dfn.org/focus/china/liuweifang.htm
See "China's Safe Haven: Net Cafes," Reuters, June 12,
2001 at http://www.wired.com/news/print/0,1294,44465,00.html
To read VIP Reference's analysis (in Chinese) of the
proposed online regulations, click http://www.bigNews.org/20010518.txt
For more on possible Chinese Net content restrictions,
read "China to Strengthen Supervision of Internet," China
News Digest, May 18, 2001 at http://www.cnd.org/Global/01/05/18/010518-91.html
For more on the arrest of Yang Zili, see "China
charges four academics," BBC News, May 21, 2001 at
http://news.bbc.co.uk/hi/english/world/asia-pacific/newsid_1342000/1342186.stm
See also Jian-Min Li & Wu Yiyi, "Four 'New Youth
Society' Organizers Arrested in Beijing: Report," China
News Digest, May 23, 2001 at http://www.cnd.org/Global/01/05/23/010523-2.html
[3] Professor files suit over digital
discussions
A university professor has filed suit against the
entertainment industry in an effort to protect his free
speech rights.
The case centers on the Secure Digital Music
Initiative (SDMI), a software standard that several major
entertainment companies are supporting as a way to deter
copying of sound files. Confident of the program's
strength, the creators of SDMI challenged computer
scientists to break through its protections. One of the
would-be contestants, Professor Eric Felten of Princeton
University, was told by SDMI's sponsors not to reveal the
results of his work. Prof. Felten refused to work under
these conditions and instead launched an independent
study of SDMI with several other programmers. After his
team cracked the code, the SDMI consortium warned him
that "Any disclosure of information gained from
participating in the Public Challenge would be outside
the scope of activities permitted by the Agreement and
could subject you and your research team to actions under
the Digital Millennium Copyright Act."
The professor and his fellow researchers then filed a
lawsuit, claiming a First Amendment right to publish the
findings at a Washington computer research conference in
August. Felten, who is being represented in this case by
the Electronic Frontier Foundation (EFF-a GILC member),
maintained that "[s]tudying digital access
technologies and publishing the research for our
colleagues are both fundamental to the progress of
science and academic freedom. The recording industry's
interpretation of the DMCA would make scientific progress
on this important topic illegal."
A copy of the EFF brief is posted under http://www.eff.org/Legal/Cases/Felten_v_RIAA/20010606_eff_complaint.html
An EFF press release regarding this case is available
at http://www.eff.org/Legal/Cases/Felten_v_RIAA/20010606_eff_felten_pr.html
A copy of the Felten team research paper regarding
SDMI's flaws as well as the aforementioned SDMI letter is
posted under http://cryptome.org/sdmi-attack
Read Mike Musgrove, "Group Sues to Publish Flaws Found
in Anti-Piracy Technology," Washington Post, June 7,
2001, page E8 at http://washingtonpost.com/ac2/wp-dyn/A33002-2001Jun6.html
[4] Iranian cybercafes closed
Iranian government agents have shutdown hundreds of
cybercafes in an apparent attempt to restrict the flow of
news.
In the capital, Tehran, the Department to Supervise
Public Places has closed more than 400 such
establishments. Department officials tried to justify
their actions on the grounds that the cafes did not have
licenses, despite the fact that the government does not
actually issue such permits. One government spokesperson
conceded that the closures were actually meant to
"control and supervise the activities of Internet cafes,
in order to purify materials which go awry of Islamic
norms."
These moves drew heavy fire from free speech
advocates. Robert Menard from Reporters Sans Frontieres
pointed out that "The cybercafes were an easy means to
communicate outside Iran and to be informed via foreign
web sites. In closing them down, the hard-liners show
once again that they want to prevent Iranian citizens and
especially the youth from being freely informed."
More information (including Mr. Menard's remarks) are
available from the Digital Freedom Network (DFN-a GILC
member) under http://dfn.org/focus/iran/cafes.htm
[5] EBay & Yahoo hate bans ineffective
Attempts by two major Internet companies to ban
various types of Internet content have met with only
mixed success.
Several months ago, web portal Yahoo decided to start
blocking Internet users from items that, in its judgment,
somehow "promote or glorify hatred or violence." Online
auctioneer EBay soon followed suit. These moves had come
after a French court ruled that Yahoo had to block French
Internet users from accessing the webpages in the United
States that allowed auctions of Nazi memorabilia. The
decision was made based on French laws that generally
prohibit such goods from even being advertised, much less
sold. Yahoo has since filed suit in a U.S. Federal court
to prevent the French order from being enforced.
However, these bans have affected many non-Nazi
individuals, including numerous historical enthusiasts.
One embittered collector pointed out that "[t]he
Nazis burned books in their time and eBay bans trade. My
only interest in this material is that it is physical
evidence of a chapter of history. Now I guess I'll have
to go to the Nazi speakeasy." Indeed, far from staunching
the flow of Nazi memorabilia, the restrictions launched
by Yahoo and EBay have apparently fueled an explosion of
websites for the trading of German World War II
items.
Meanwhile, Yahoo has continued to contest the French
ruling by suing in a California court. Several
organizations, including the American Civil Liberties
Union (ACLU-a GILC member) and the Center for Democracy
and Technology (CDT) argued that American court
acceptance of the prior French decision could lead to
application of Internet speech restrictions from a
variety of countries to United States citizens, including
laws from mainland China, Syria, Singapore and many other
nations. The presiding judge in the California case then
rejected an attempt to throw out the suit, in part due to
concerns that "because of the global nature of the
Internet, virtually any public web site can be accessed
by end-users anywhere in the world, and in theory any
provider of Internet content could be subject to legal
action in countries which find certain content
offensive."
However, this ruling has not discouraged additional
efforts to prevent Internet users from visiting various
controversial websites. A French group has now sued 13
Internet service providers, hoping to block access to a
particular webpage. Moreover a special Law on Information
Society ("Loi sur Societe de l'Information") will soon be
considered by the French legislature that, if enacted,
would allow French judges to use "all necessary measures"
to block the flow of any data that is deemed offensive
(see item 6 below).
For coverage of the latest developments in France,
read "French Human Rights Group Sues ISPs Over Failure to
Censor U.S.-Based Hate Site," E-Commerce Law Daily, June
20, 2001 at http://pubs.bna.com/ip/BNA/ecd.nsf/id/A0A4H7A2X7_
To read the court opinion denying the motion to
dismiss, click http://www.cdt.org/jurisdiction/010607yahoo.pdf
To read the Amicus Curiae brief in this case from the
ACLU, CDT and other groups, see http://www.cdt.org/jurisdiction/010406yahoobrief.pdf
See Julia Scheeres, "Nazi Sellers Just Moving On,"
Wired News, May 8, 2001 http://www.wired.com/news/ebiz/0,1272,43610,00.html
For more on Yahoo's new restrictions, see Damien Cave,
"The porn crusaders," Salon.com, May 11, 2001 at
http://www.salon.com/tech/feature/2001/05/11/yahoo/print.html
See also David Hencke, "No Yahoo! for racist UK
website," The Guardian, May 1, 2001 at http://www.guardianunlimited.co.uk/internetnews/story/0,7369,481398,00.html
For more on America Online's Net blacklist, see
Jeffrey Benner, "AOL's New Filter on the Block," Wired
News, May 7, 2001 at http://www.wired.com/news/privacy/0,1848,43576,00.html
[6] Problematic French Info Society law creeps
forward
A new battle is brewing over a controversial French
plan that some experts say will have a detrimental impact
on Internet freedom.
The French government has released a long-anticipated
draft Law on the Information Society ("Loi sur Societe de
l'Information" or LSI). Under this proposal, Internet
service providers (ISPs) would now be made civilly liable
when they have been informed of apparently illegal
content and have not deleted this content or denied
access to it. This circle of liability applies not only
to host providers, but also to access providers and
telecom operators; in effect, this law cements the free
speech restrictions that were issued in a recent French
court ruling against Internet portal Yahoo (see item 5,
above). The plan would also curb anonymous free speech by
allowing the government to request ISPs to keep log files
on their customers' activities for up to one year. In
addition, the draft Law would force individuals to grant
the government access to private encryption keys, and
would place import/export restrictions on encryption
software.
The draft Law has received considerable criticism,
particularly from the French cyber-liberties group IRIS
(a GILC member), which has pointed out that while the
proposal is intended to implement the European Electronic
Commerce Directive, the text of the plan seems to go far
beyond the Directive's provisions. IRIS has also
criticized the provisions regarding 1-year retentions of
customer log files, arguing that they contradict the
recommendations of France's own data protection authority
(CNIL) for a three month limit. These difficulties are
likely to be debated by the National Assembly in the
fall; the bill itself may not be enacted until next year.
Indeed, the draft Law could become a serious issue in
France's upcoming (2002) Presidential and National
Assembly elections.
A special IRIS dossier on this proposal (in French) is
posted at http://www.iris.sgdg.org/actions/lsi
[7] Domain name convention generates more
controversy
Controversy continues to surround the organization
tasked with managing the world's domain name system.
During its recent meetings in Stockholm, the Board of
Directors for the Internet Corporation for Assigned Names
and Numbers did not set a specific target date for
introducing additional top-level domains (such as .union
or .humanrights) beyond the seven TLDs it approved in
November 2000. The ICANN Board did go forward with plans
to create a special Task Force to "monitor the
introduction of new TLDs." This Task Force is scheduled
to issue a report by September 2001. Previously, several
groups had urged ICANN to move more swiftly in expanding
the number of generic top-level domains, including the
United States government. In a letter issued days before
the Stockholm meetings commenced, U.S. Secretary of
Commerce Don Evans had called on ICANN to open more
domains, saying that "[c]ompetition and
innovation would be well-served by wider choice of"
gTLDs.
The Stockholm meetings also saw continued public
disillusionment with its current operating structure. For
example, the proprietors of country-code top-level
domains (such as .uk for the United Kingdom and .fr for
France) voted unanimously to leave ICANN's Domain Name
Support Organization. These ccTLD operators are now
seeking more direct representation within ICANN, which
may include seats on ICANN's Board of Directors.
Meanwhile, ICANN's Board approved a budget for the
upcoming year that included no specific money for public
elections. This decision came despite the fact that ICANN
so far has held elections for only 5 of its 9 At-Large
Director seats.
Meanwhile, ICANN's Domain Name Support Organization is
soliciting comments on how to protect the privacy of
domain name registration data. Questions have arisen as
to whether this information, which can include such
things as real names, phone numbers and home addresses,
is being used for mass marketing purposes, including
spam. A similar effort is being launched to help
determine the future of .org, after registry giant
Verisign agreed to give up control of this top-level
domain by 2002.
To read the ICANN Board resolution on new gTLDs, click
http://www.icann.org/minutes/prelim-report-
04jun01.htm#ProcessforMonitoringandEvaluationofNewTLDProgram
To read Secretary Evans' letter, click http://www.icann.org/correspondence/doc-to-icann-25may01.htm
To read the ICANN Board resolution on its upcoming
year's budget, visit http://www.icann.org/minutes/prelim-report-04jun01.htm#Approvalof20012002Budget
To read the ICANN Budget for July 1, 2001-June 30,
2002, see http://www.icann.org/financials/proposed-budget-14may01.htm
See Steve Kettman, "ICANN Cannot, Say Critics," Wired
News, June 9, 2001 at http://www.wired.com/news/print/0,1294,44613,00.html
For further coverage of possible changes to ICANN
governance structures, read Juliana Gruenwald, "ICANN May
Face Restructuring," Interactive Week, June 7, 2001 at
http://www.zdnet.com/intweek/stories/news/0,4164,2770858,00.html
The ICANN DNSO Whois privacy study is available under
http://www.icann.org/dnso/whois-survey-en-10jun01.htm
For further coverage of the registrant data privacy
study, see Brian Krebs, "ICANN To Gauge Privacy Concerns
Over 'Whois' Database," Newsbytes, June 11, 2001 at
http://www.newsbytes.com/news/01/166711.html
Additional details on future plans for .org are
available under http://www.icann.org/minutes/prelim-report-04jun01.htm#ReferraloforgIssuestoDNSO
[8] Spain unveils webpage curbs
Planning to create your own webpage? Better talk to
the government first...at least if you are in Spain.
The Spanish Science and Technology Ministry has issued
a draft Law of Information Society Services and
Electronic Commerce. This directive, which could be
approved in the Spanish Parliament soon, has defined the
concept of "society of information services" in such a
way that it would treat virtually all exchanges of online
information as an economic activity. Specifically, it
would require Internet users to register their webpages
with the government and pay fees. Most websites that are
not "properly" registered would be considered illegal and
have to face fines of up to 175 000 Euros. The plan would
also place certain obligations on Internet service
providers, who could be held liable for the activities of
their users.
Several groups have expressed concerns about this
measure, including Kriptopolis (a GILC member), in that
it may stifle the Internet activities of noncommercial
users, who might not be able fulfill all the legal and
bureaucratic requirements. Carlos Sanchez Almeida, an
Internet law expert from Barcelona, said that the Law
would limit "freedom of expression in the Internet ... as
it is in countries like China, Vietnam or Saudi Arabia."
Indeed, public anxiety over this issue apparently has
grown so strong that the opposition Socialist party has
requested a formal explanation from the minister of
Culture and Telecommunications as to the directive's
possible effects.
The text of the proposal is posted under http://www.setsi.mcyt.es/novedad/consulta_anteproyecto.htm
For further coverage of these developments, see Julia
Scheeres, "Fears of a Website Inquisition," Wired News,
May 29, 2001 at http://www.wired.com/news/business/0,1367,44110,00.html
See also "Los socialistas claman contra la nueva ley
que regulara Internet," ABC (Spain), May 11, 2001 at
http://www.abc.es/Internet/noticia.asp?id=30307&dia=11052001
[9] Court battles brew over US blocking
laws
A controversial three-year old Internet content law
has gained new life.
The United States Supreme Court has agreed to hear
arguments regarding the so-called Child Online Protection
Act (COPA). Enacted in 1998, COPA made it a crime to use
the Internet to pass along "for commercial purposes"
information considered "harmful to minors." The statute
was enacted in response to a 1997 decision by the High
Court that struck down the Communications Decency Act and
applied traditional free speech protections to the
Information Superhighway.
COPA was swiftly challenged by the American Civil
Liberties Union (ACLU-a GILC member) on behalf of 17
groups and individuals. In June 2000, a U.S. Federal
appeals court unanimously ruled that COPA was an
unconstitutional restriction on free speech. However, the
United States Attorney General, John Ashcroft, petitioned
the Supreme Court, asking the tribunal to uphold COPA-an
entreaty that the High court has now accepted. Oral
arguments are expected to take place this fall.
An ACLU press release on the COPA appeal is posted at
http://www.aclu.org/news/2001/n052101a.html
Read "High Court to Hear Net Porn Case," Associated
Press, May 21, 2001 at http://www.wired.com/news/politics/0,1283,43963,00.html
See also "Supreme Court to review child porn law,"
Reuters, May 21, 2001 at http://www.zdnet.com/zdnn/stories/news/0,4586,2763573,00.html
[10] Possible UK Net speech restrictions
A wave of proposals may make it harder for British
Internet users to express themselves online.
UK Home Secretary Jack Straw is pushing plans to
restrict access to various forms of Internet content.
Under this scheme, blocking mechanisms would be
pre-installed on all new computers sold. Indeed, several
major computer and software companies, including
Microsoft, have already pledged to help build blocking
packages into new machines. Ratings systems would be
encouraged, and service providers who fail to meet
certain criteria would not be able to receive government
"family friendly" certification. In addition, a special
Task Force on this issue would be created that will
include representatives from government agencies and
major corporations.
Many questions remain as to the implementation and
utility of these measures. In a letter to Straw,
Cyber-Rights & Cyber-Liberties UK (a GILC member)
expressed several reservations regarding this project,
including the fact that "[a]s far as can be seen,
no attempt was made to consult or involve civil liberties
or public interest organisations with the work of the
Task Force or while the proposals for setting up such a
body was discussed. Without such wider involvement, the
Task Force may not fully address all concerns including
issues related to human rights." Indeed, numerous groups,
including Peacefire (a GILC member), have warned in the
past that blocking software packages are often
ineffective and tend to censor noncontroversial
content.
Meanwhile, another controversy has arisen over the
extent to which press journals can be held liable for
their web archives. The controversy centers around a
recent libel case between the Times of London and a Mr.
Loutchansky, who sued the newspaper not only for articles
that were published in the printed edition, but later
launched additional claims based on the same material as
posted on the Times' website. The presiding judge ruled
that because these articles continued to be available
through the Internet, the statute of limitations did not
apply, thus leaving open the possibility that the
newspaper could be sued in perpetuity. In an opinion
piece published in the Guardian, Times editor Peter
Stothard, complained that the decision may force Internet
authors and publishers to either employ "armies of
lawyers to reconsider daily if they are justified in
continuing to publish every single item on their
websites" or "to stop publishing their full newspaper on
the net. The law has taken an enormous backward
step."
See Michael White, "New curbs on internet pedophiles
pledged," The Guardian, May 21, 2001 at http://www.guardianunlimited.co.uk/internetnews/story/0,7369,493921,00.html
Read Martin Bright, "Computer shops to block child
porn on Internet," The Observer, May 6, 2001 at http://www.observer.co.uk/uk_news/story/0,6903,486676,00.html
Cyber-Rights & Cyber-Liberties UK's letter to
Straw is posted under http://www.cyber-rights.org/reports/children_safety.htm
For more on Peacefire's concerns about blocking
software packages, see http://www.peacefire.org/info/blocking-software-faq.html
For more on libel suits based on web news archives,
see Peter Stothard, "Position impossible," The Guardian,
May 7, 2001 at http://www.guardianunlimited.co.uk/internetnews/story/0,7369,486882,00.html
[11] New EU copyright law may curb Net
speech
Questions are being raised about the impact of
recently enacted European intellectual property laws on
Internet expression.
The European Union has passed a new copyright
directive that may bar the creation of programs that
could be used to decrypt the encoding schemes on compact
discs and DVDs. Some observers fear that the EU directive
will have a harmful impact on freedom of expression,
particularly the right of individuals to make fair use of
otherwise protected works for public comment or similar
salutary purposes. Similar criticism has been leveled
against the United States Digital Millenium Copyright
Act, which the Motion Picture Association of America has
used in its lawsuit by against 2600 magazine over DeCSS-a
primitive program designed to allow people to play DVDs
on computers using the Linux operating system.
Not every European country has taken the same approach
provided under the new directive. In particular,
Denmark's culture ministry wants to restructure the
nation's copyright laws to "make it legal to make digital
copies for personal use," as explained by a government
spokesperson. While the proposal would place some limits
on the replication of entertainment files (such as
sharing of one's own music with other people), it would
allow Danes far greater leeway in their use and enjoyment
of digitized audiovisual works than most of Denmark's
neighbors. However, the proposal has drawn considerable
fire from intellectual property holders, particularly the
International Federation of the Phonographic
Industry.
A copy of the EU copyright directive is posted under
http://www.eurorights.org/eudmca/CopyrightDirective.html
See Mark Ward, "Pirates take on Hollywood," BBC News
Online, May 18, 2001 at http://news.bbc.co.uk/hi/english/sci/tech/newsid_1336000/1336496.stm
For more on Danish copyright proposals, see Joris
Evers, "Denmark Plans to Legalize Music Downloading," IDG
News, May 4, 2001 at http://www.thestandard.com/article/0,1902,24227,00.html
[12] Survey: online freedom growing, but still
threatened
A new report suggests that "[t]he trends in
freedom of the Internet are mixed."
Commissioned by Freedom House, "Press Freedom Study
2001" notes that "while...many traditionally
authoritative countries now permit relatively
unrestricted use of the Internet by citizens." The report
describes how countries such as Macedonia, Peru,
Madagascar, Oman and several others are generally "less
restrictive of the Internet" than of traditional media.
The survey further suggests that "[t]he implosion
of the Soviet Union resulted from similar freeing of
computers and automated telephones which defied
censors."
However, the study also cites at least 18 nations for
their restrictive Internet policies, including mainland
China, which has jailed numerous "cyber dissidents,"
imposes liability for "illegal" content (which can
include "messages critical of Beijing or of Communist
policy"), and uses stringent surveillance systems. In the
Middle East, many leaders want "economic gain through the
Internet" but engage in heavy blocking routines to stifle
robust discussion of "cultural and religious traditions."
Thus, Bahrain's government "wants the country to become
the telecommunications hub of the Gulf yet it suppresses
information critical of the ruling Al Khalifa family.
Access to the Internet is relatively widespread. ... Yet
surveillance is pervasive and Web sites have been
blocked." Moreover, the report notes how even "major
democracies" such as the United States and Australia
"where print and broadcast media are freest, nevertheless
restrict freedom on the Internet." Recently, Turkey has
enacted laws (subsequently vetoed by Turkish President
Ahmet Sezer) that would apply the same restrictions on
print media to the Internet reporting services, under the
pretext of preventing "untrue news, insults and similar
material."
The Freedom House report is available (in PDF format)
under http://www.freedomhouse.org/pfs2001/pfs2001.pdf
For a press release regarding this report, click
http://www.freedomhouse.org/media/pressrel/043001.htm
For more on Turkey's new restrictions on Internet
reporting, see John Ward Anderson, "Turkey in a Tangle
Over Control of Web," Washington Post, June 21, 2001,
page A19 at http://www.washingtonpost.com/wp-dyn/articles/A15069-2001Jun18.html
See also "Turkey sets fine for 'untrue news' Web
sites," Associated Press, June 7, 2001 at http://www.salon.com/tech/wire/2001/06/07/turkey/index.html
[13] New program to bypass Net censors
Computer scientists have developed a new program that
may help individuals to avoid Internet blocking
routines.
While the creators of the software, known as
Peekabooty, have not released many details, the program
reportedly allows various types of files to be stored
along its proprietary network. Users would then be able
to request and receive this material through a series of
encrypted messages.
Several public interest groups are wondering whether
Peekabooty will enable people to speak more freely
online. A spokesperson for Amnesty International pointed
out how most of his organization's "work is to
[inform] people, including those oppressed
themselves, about their rights and we have used the
internet from an early stage to do that." In addition,
the program is seen as a possible response to privacy
concerns that were heightened by passage of the
controversial UK Regulation of Investigatory Powers (RIP)
Act, which expanded the powers of the British government
in cyberspace. Caspar Bowden from the Foundation for
Information Policy Research noted how Peekabooty shows
how it is "easy to circumvent surveillance. It would only
be regarded as shocking if the government planned to
introduce more draconian legislation beyond the RIP Act."
Meanwhile, Peekabooty has angered proponents of blocking
software, some of whom are trying to develop
countermeasures.
Read Stuart Millar, "Hackers' plan to dodge
netwatchers," The Guardian, May 14, 2001 at http://www.guardianunlimited.co.uk/internetnews/story/0,7369,490271,00.html
See also Will Knight, "Hackers to unleash
anti-censorship tool," ZDNet UK, Apr. 30, 2001 at
http://www.zdnet.com/zdnn/stories/news/0,4586,2713742,00.html
Read "'No limits' browser planned," BBC News, May 6,
2001 at http://news.bbc.co.uk/hi/english/sci/tech/newsid_1313000/1313399.stm
For more on countermeasures against Peekabooty, see
Thomas C. Greene, "Censorware outfit targets cDc's
anonymity app 'Peekabooty,'" The Register (UK), May 18,
2001 at http://www.theregister.co.uk/content/6/19067.html
For more on Nudester, see Brad King, "Fleshing Out
Peer Filters," Wired News, May 15, 2001 at http://www.wired.com/news/technology/0,1282,43785,00.html
[14] Victory in anonymous Net speech case
Two recent cases have ended in victory for anonymous
free speech advocates.
In the first case, Global Telemedia International sued
two of its investors, Barry King and Ron Reader, for
posting statements on a financial online discussion board
under the names of "BDAMAN609" and "electrick_man,"
respectively. The corporation claimed these messages were
defamatory and had hurt its relations with its business
partners. However, a Federal Court in the United States
disagreed with Global Telemedia, holding that King's and
Reader's comments were not libelous because they were
mere opinions, not statements of fact. The court based
its determination on "the general context of the
postings, the colorful and figurative language of the
individual postings, the inability to prove the
statements true or false, and in one case, the posting of
documents to support the poster's statements." Indeed,
the presiding judge found that Global Telemedia had
launched the suit to intimidate King and Reader from
speaking about the company, and forced the company to pay
the two men's attorneys fees.
Meanwhile, medical supply company Medinex has decided
to drop its plans to sue several people who posted
critical online chatboard comments under various
pseudonyms. The Electronic Frontier Foundation (EFF-a
GILC member), which was helping to defend the chatboard
participants, hailed the decision as a further victory
for free speech. EFF's Lauren Gelman noted that
"Medinex's primary goal was to identify and silence their
critics. This is simply one more example of a company
dropping a spurious lawsuit once EFF steps in to protect
individuals right to speak anonymously."
For more on the Global Telemedia case, read Michael
Bartlett, "Company must pay attorney fees in chat room
speech case," Newsbytes, May 21, 2001 at http://www.computeruser.com/news/01/05/21/news3.html
An EFF press release about the Medinex case is posted
under http://www.eff.org/Legal/Cases/Medinex_v._Awe2bad4mdnx/20010522_eff_dismiss_
pr.html
[15] Final draft Euro cybercrime pact sparks
criticism
A new international cybercrime treaty may soon be
adopted despite heavy criticism from privacy groups and
industry leaders.
If adopted, the European Commission's Convention on
Cybercrime, which is supported by the Council of Europe,
would increase the data retention responsibilities of
network operators and service providers. Police would be
able to demand telecommunications data, including emails
and internet usage, for up to seven years. The treaty
requires domestic companies to comply with foreign
investigators, even when they are investigating
activities that are not crimes on domestic soil.
Corporations would be held liable for the online
activities of their employees, whether or not they were
aware of them, which means that corporations will have to
increase monitoring of employees. Additionally,
businesses would have to bear the cost of storing and
producing the computer data for law enforcement.
In response, several GILC member organizations,
including Privacy International, the Electronic Privacy
Information Center and the American Civil Liberties
Union, submitted a letter "to voice ... continuing
concerns regarding the development and form" of the
treaty. Among other things, the authors of the letter
argued that the portions of the treaty meant to protect
user privacy were "vague" and otherwise "not adequate to
address the significant demands and requirements for
privacy- invasive techniques in the rest of the
Convention." The letter's creators also pointed out how
the Cybercrime agreement would apparently erode user
privacy, with provisions that seem to require "that
countries adopt laws that can force users to provide
their encryption keys and the plain text of the encrypted
files," as well as "[a]llowing law enforcement
direct access to a service provider's network to conduct
surveillance, e.g., the U.S. Carnivore program," thus
providing "police with the ability to conduct broad
sweeps of network communications with only their
unsupervised assurance that they will only collect that
data which they are lawfully entitled to collect."
Additional concerns were voiced regarding the treaty's
mandatory requirements that signatory nations cooperate
with surveillance requests from other countries, even if
a targeted individual is acting legally in one of those
countries.
Meanwhile, Internet pioneer and WorldCom vice
president Vint Cerf has also expressed reservations about
the Cybercrime treaty, saying that the document "has
provisions which are in conflict with other already
agreed (EU) privacy laws." He was especially concerned
with the agreement's data retention requirements:" With
many terabytes of data moving over the Net every day,
accumulating any small fraction of that for any lengthy
amount of time such as months or years is a very, very
hard thing to ask." Even the European Union's own chief
privacy commissioner, Stefano Rodota, charged that the
agreement "still includes significant gaps concerning the
protection and liberties of the citizen."
The joint letter by EPIC, the ACLU and Privacy
International is posted under http://www.privacyinternational.org/issues/cybercrime/coe/ngo_letter_601.htm
Read Boris Grondahl, "Europe: Net Crime-Stoppers,"
Industry Standard, July 2, 2001 issue, at http://www.thestandard.com/article/0,1902,27400,00.html?printer_friendly=
See Robert Lemos, "Multi-nation cybercrime pact gets
OK," ZDNet News, June 22, 2001 at http://www.zdnet.com/zdnn/stories/news/0,4586,5093153,00.html
For German (Deutsch) language coverage, read Stefan
Krempl, "Cybercrime-Abkommen passiert eine der letzen
Hurden," Heise Telepolis, June 23, 2001 at http://www.heise.de/tp/deutsch/inhalt/te/7951/1.html
For more of Cerf's remarks, read "Internet founder
worried about EU cybercrime plans," Reuters, May 31, 2001
at http://www.zdnet.com/zdnn/stories/news/0,4586,2767085,00.html
Version 27 of the Council of Europe cybercrime treaty
is available (in Word format) under http://conventions.coe.int/treaty/EN/projets/cybercrime27.doc
[16] US gov't shuns ECHELON investigators
Attempts to uncover more details about a global
surveillance system have met with resistance from the
United States government.
Several weeks ago, a committee of European Parliament
members visited the United States in an attempt to
discover more details about ECHELON. ECHELON is popularly
used to describe a system that is designed to intercept
communications from around the world. It is supposedly
operated by the United States National Security Agency
(NSA) in conjunction with several other intelligence
agencies. Reports suggest that ECHELON is capable of
intercepting e-mail messages, faxes, and telephone
conversations.
However, officials from both the NSA and the U.S.
Central Intelligence Agency (CIA) cancelled meetings that
they had previously scheduled with the European panel.
The committee's chairman, Carlos Coelho, said that his
group was "very disappointed" with the apparent rebuffs;
in protest, the Parliamentary representatives returned
home a day early.
Afterwards, the committee published a report stating
that ECHELON does indeed exist and that individuals
should strongly consider encrypting their emails and
other Internet messages. However, the panel was unable to
confirm suspicions that ECHELON is used to conduct
industrial espionage, due to a lack of evidence.
Ironically, despite the apparent need for additional
investigation, the committee is due to disband within the
next few months.
Meanwhile, the Spanish government has apparently
signed a deal with the United States to receive
information collected using ECHELON. The consummation of
this pact was confirmed by Spanish Foreign Minister Josep
Pique, who tried to justify this arrangement on security
grounds. However, the agreement may raise a number of
privacy issues, particularly with regard to private
individuals who live in Europe. For example, US
government practices allow personal information regarding
non-US people that has been collected through ECHELON or
other similar means to be retained indefinitely, thus
increasing the likelihood of long-term government
surveillance of European citizens by the US and its
ECHELON partners.
For more on the reported sharing of ECHELON-collected
information with Spain, read Isambard Wilkinson, "US wins
Spain's favour with offer to share spy network material,"
Sydney Morning Herald, June 18, 2001 at http://www.smh.com.au/news/0106/18/text/world11.html
The draft report is available from http://fas.org/irp/program/process/europarl_draft.pdf
http://cryptome.org/echelon-ep.htm
See Steve Kettman, "Echelon Panel Calls It a Day,"
Wired News, June 21, 2001 at http://www.wired.com/news/print/0,1294,44721,00.html
For additional details as well as video coverage, see
"E-mail users warned over spy network," BBC News, May 29,
2001 at http://news.bbc.co.uk/hi/english/world/europe/newsid_1357000/1357264.stm
Read "Spy network accused of violating human rights,"
Mainichi Shinbun, May 28, 2001 at http://mdn.mainichi.co.jp/news/archive/200105/28/20010528p2a00m0dm005001c.html
See also Vernon Loeb, "European Panel Probing NSA
Departs Abruptly," Washington Post, May 11, 2001, page
A18, at http://www.washingtonpost.com/wp-dyn/articles/A12641-2001May10.html
Read Angus Roxburgh, "EU investigators 'snubbed' in
US," May 11, 2001 at http://news.bbc.co.uk/hi/english/world/europe/newsid_1325000/1325186.stm
[17] Smart beds, shirts and cars spark privacy
concerns
Various new products may allow you to be monitored
wherever you go-whether you are walking on the street, in
your car, or even while you sleep.
VivoMetric's Lifeshirt, for example, contains embedded
sensors that continuously monitor 40 physiological signs
of sickness and health while it is worn. This data is
recorded, sent over the Internet, and logged at the
VivoMetrics Data Center. Other new products on the market
raising privacy concerns include a wrist camera that can
take pictures and record up to 100 phone numbers, as well
as a GPS Pathfinder watch that can pinpoint your exact
latitude, longitude, altitude, and speed using orbiting
satellites. In addition, a new computerized multimedia
bed turns its computer screen ceiling off when it senses
when you've fallen asleep. It can also detect if you've
stopped breathing and will set off a series of
alarms.
Meanwhile, rental car companies have begun to track
their customers and, in at least one case, have started
to give out private speeding tickets. In the US, Acme
Rent-a-Car installed a GPS device on one of its cars and
monitored how quickly one of its customers was driving.
Acme charged that customer, James Turner, an extra US
$450 for driving at what it deemed an excessively high
speed, and even pointed out the exact location where he
had done so. Turner responded by suing in small claims
court, as well as filing a complaint with his state
Department of Consumer Protection.
However, it is not precisely clear if current laws can
protect consumers when any of the aforementioned devices
are used for detrimental purposes. David Sobel from the
Electronic Privacy Information Center (EPIC-a GILC
member) pointed out that the "challenge right now is to
ensure, before these services and capabilities are widely
deployed, that rules are in place."
For more on the Turner rental car tracking case, read
Robert Lemos, "Car spy pushes privacy limit," ZDNet News,
June 20, 2001 at http://www.zdnet.com/zdnn/stories/news/0,4586,2778752,00.html
For more on LifeShirt and other similar devices, read
Larry Hardesty, "Innovation: Clothed in Health,"
Technology Review, July/August 2001 issue, at http://www.technologyreview.com/magazine/jul01/innovation8.asp
For the manufacturer's explanation of how LifeShirt
works, click http://www.vivometrics.com/Products/index.html
For more on smart watches, read Anthony Zurcher, "Fast
Forward: Wearing the Net on Your Wrist," Washington Post,
May 11, 2001, page E1 at http://washingtonpost.com/wp-dyn/articles/A12678-2001May10.html
For more on smart beds, see "Sleep With Your
Computer?" ABC Good Morning America, Apr. 10, 2001 at
http://abcnews.go.com/sections/GMA/GoodMorningAmerica/GMA010409_MITbed.html
Further details on Telematics Net tracking of cars are
available from Eric Young, "Car 540819, Where Are You?"
The Industry Standard, Apr. 23, 2001 at http://www.thestandard.com/article/0,1902,23635,00.html
[18] Experts call for Carnivore rollback
Various politicians and civil society groups are
pushing to stop the United States government from using a
controversial spy program.
Carnivore, which was developed by the US Federal
Bureau of Investigations (FBI), is a device that is
attached to the server of a given Internet service
provider. It intercepts all Internet transmissions that
come through the server, then parses out pertinent
material, based on keywords provided by the
administrator. The latest version of the program, known
as Enhanced Carnivore or DCS 1000, uses the Windows 2000
operating system and apparently includes such features as
better filtering and triggering capabilities as well as
increased capacity (presumably to handle interception of
high-speed broadband networks).
Carnivore and its successor DCS 1000 have come under
heavy criticism over the past few months as being serious
threats to online privacy. Some of these concerns were
aired during discussions with US Attorney General John
Ashcroft by several organizations, including GILC members
the Electronic Privacy Information Center (EPIC), the
Electronic Frontier Foundation (EFF), the American Civil
Liberties Union (ACLU) and the Center for Democracy and
Technology (CDT). Similar feelings were raised by US
House Majority Leader Dick Armey, who (in a letter dated
June 14, 2001) expressed worries that Carnivore
"undermines the minimum expectation that individuals have
that their personal electronic communications will not be
examined by law enforcement devices unless a specific
court warrant has been issued."
Meanwhile, a new report indicates that the number of
US government wiretap requests continues to rise,
particularly with regard to newer technologies such as
cellular phones and pagers. Yet despite fears about the
increasing level of government surveillance along the
nation's telecommunications networks, it is unclear what
specific measures will be taken to protect individual
privacy. Indeed, the US Federal Communications Commission
recently denied a request for additional security
measures that might deter employees of telecom companies
from engaging in illegal eavesdropping on customers.
Rep. Armey's June 14 letter on Carnivore is posted
under http://www.freedom.gov/library/technology/ashcroftletter.asp
To learn about discussions between Attorney General
Ashcroft and various cyberliberties groups, click
http://www.epic.org/privacy/ashcroft_ltr_5_01.html
To read more about Enhanced Carnivore, click http://www.epic.org/privacy/carnivore/carnivorequestions.html
The official wiretap report is available (in PDF
format) via http://www.uscourts.gov/wiretap00/2000wttxt.pdf
For more on how the FCC ruling, read Brian Krebs, "FCC
Nixes FBI's Plan To Change Wiretap Law," Newsbytes, Apr.
16, 2001 at http://www.newsbytes.com/news/01/164541.html
The official FCC order is posted under http://www.fcc.gov/Daily_Releases/Daily_Business/2001/db0416/fcc01126.txt
[19] Industry privacy proposal draws
skepticism
A new plan that is supposed to protect Internet users'
privacy is getting a lukewarm reception.
The plan was created by the Network Advertising
Initiative (NAI), an advertising industry coalition that
includes DoubleClick. DoubleClick, which provides banner
ads to many websites, admitted several months ago to
tracking viewers through the Internet by placing digital
identification numbers in files known as "cookies" on a
user's hard drive, which it matches with name and address
information that has been collected by its partners.
Despite initial claims to the contrary, DoubleClick
expressed its intention to match this data with more
extensive information contained in millions of files
maintained by its merger partner Abacus Direct.
DoubleClick later halted its data-matching plan after a
intense public criticism.
The NAI has now set up 2 websites where computer users
can "opt-out" of profiling regimes that advertisers are
compiling about them. The idea is to let individuals come
to these clearinghouses to protect their privacy, rather
than visit numerous websites to make their preferences
known. NAI's Jeff Connaughton claims that these sites
show that his organization "is committed to addressing
users' privacy concerns."
Privacy advocates are considerably less enthusiastic
about these developments. Andrew Shen of the Electronic
Privacy Information Center (EPIC-a GILC member) said that
the NAI plan "doesn't necessarily improve the situation
at all. Most internet users still don't realize that such
third party profiling even exists. They're so invisible
to the average internet user that opt-out really isn't
enough."
Meanwhile, the relative lack of privacy standards in
the United States has caused a certain degree of
international friction. Specifically, European Union
representatives remain worried about proposed contracts
meant to implement a joint EU-US "safe harbor" privacy
agreement.
For more on attempts by advertisers to self-regulate,
read D. Ian Hopper, "Single web form to protect privacy,"
Associated Press, May 25, 2001 at http://australianit.news.com.au/common/storyPage/0,3811,2038782%255E442,00.html
See Rose Palazolo, "Apple Pie vs. Beignets,"
ABCNews.com (US), May 8, 2001 at http://abcnews.go.com/sections/scitech/DailyNews/InternetPrivacy010508.html
Read Guy de Jonquieres, "Hairs
raised over data privacy," Financial Times, May 7,
2001.
For further details on how many US companies lack
privacy plans, see Michael Bartlett, "Only One-Third Of
US Firms Have Privacy Plans," Newsbytes, May 9, 2001 at
http://www.newsbytes.com/news/01/165509.html
See also Lisa Jucca, "Microsoft to sign EU data
privacy pact," Reuters, May 15, 2001 at http://www.zdnet.com/zdnn/stories/news/0,4586,2760629,00.html
For further details on credit card security measures,
see Brian Ploskina, "Credit-Card Firms Bump Up Security,"
Interactive Week, May 24, 2001 at http://www.zdnet.com/intweek/stories/news/0,4164,2765170,00.html
[20] Rush to implement cellular phone
trackers
If the United States government has its way, you could
be tracked wherever you go-at least if you carry a
wireless phone.
A recently enacted US law requires cell-phone
manufacturers to equip 95 percent of all cell phones with
location-tracking technology, with an accuracy of about
1,000 feet or better, by 2005. This will require planting
GPS chips in cell phone handsets or installing new
infrastructure in cell sites. In addition, law
enforcement officials will be granted access to these
tracking features. These plans have drawn criticism from
privacy advocates, who are concerned that the information
collected through these regimes will be abused by both
government agents and commercial entities (including
advertisers).
Several groups, including some industry leaders, have
expressed interest in standards that would have companies
obtain their customers' consent before using their
personal information. Michael Altschul from the Cellular
Telecommunications and Internet Association explained:
"It's in the carriers interest to have customers carrying
their phones and having their phones turned on." At least
one bill to this effect may soon be introduced before the
United States Senate.
Read Doug Brown, "Wireless Privacy Legislation
Coming," Interactive Week, May 28, 2001 at http://www.zdnet.com/intweek/stories/news/0,4164,2765638,00.html
See also "Cell Phones to Have Location-Tracking by
2005," Fox News, Apr. 24, 2001 at http://foxnews.com/story/0,2933,14815,00.html
[21] ETour consumer list sale questioned
Should you trust a company that says it will never
sell personal information about you, "for any reason, at
any time, ever"?
The answer is apparently no, based on what has
happened with eTour.com. The bankrupt online vacation
company has decided to sell its entire set of consumer
information records to Internet encyclopedia firm Ask
Jeeves. The transaction occurred despite eTour's prior
promise to customers that it would not sell information
about them "for any reason, at any time, ever." Some 2
200 000 people are on the purchased consumer list, which
includes real names, ages, gender and email
addresses.
Privacy advocates have condemned the act as further
proof of the need for strong protection of personal data.
The Electronic Privacy Information Center (EPIC-a GILC
member) filed a complaint with the United States Federal
Trade Commission and State Attorneys General, asking them
to block this sale of personal information "as an unfair
and deceptive trade practice." In the complaint, EPIC
further noted that "the exchange of personal data between
eTour, Inc. and Ask Jeeves, Inc. is part of a growing
problem and recommends proactive solutions to prevent
such scenarios from occurring in the future." Indeed,
similar concerns have arisen after several online
companies (including EBay) recently altered their privacy
policies to explicitly allow such information sales to
take place.
The EPIC complaint is posted under http://www.epic.org/privacy/internet/etour.html
See Andrew Heavens & Stephanie Kirchgaessner,
"Privacy
concerns raised as eTour sells consumer list,"
Financial Times, May 23, 2001.
[22] New worm may actually protect
computers
There's a new computer worm on the loose-but this one
may do more good than harm.
The "Cheese" program is an apparent response to a
prior computer worm (known as Lion) that exploited
security breaches in machines that use Linux operating
systems. Like other worms, "Cheese" is propagated through
email messages and searches for weaknesses in target
systems. What makes this program special is that after
scanning a given computer's ports, it erects barriers to
protect against future Lion-type attacks. It even
includes notices that it "was not written with malicious
intent" and that is designed to prevent criminals from
"messing up your box even worse than it is already."
See Mark Ward, "Cheese beats crackers," BBC News
Online, May 22, 2001 at http://news.bbc.co.uk/hi/english/sci/tech/newsid_1344000/1344344.stm
[23] Macy's wedding site faces privacy
woes
Getting married soon? A number of people whom you
haven't invited may already know your plans in
detail.
North American retail giant Macy's runs a bridal
service (via WeddingChannel.com) that collects many types
of personal information. This data not only includes
customer names, credit card numbers, and phone numbers,
but also names, addresses and phone numbers of your
wedding guests wedding present information, details
regarding honeymoons, gifts and honeymoons dates and
places of festivities, dates and place of the wedding and
reception. Afterwards, it shares this data with a whole
host of recipients, including other department stores,
credit card agencies, magazine companies and various
advertisers. Depending upon the circumstances, according
to WeddingChannel.com's privacy policy, "anyone visiting
our website" may be able to search for and access this
information "by using first and/or last names and wedding
dates (and on some pages, city or state)."
Not surprisingly, these practices have drawn
considerable fire from privacy experts. Deborah Pierce of
the Electronic Frontier Foundation (EFF-a GILC member)
pointed out that "even if people understand that Macy's
is keeping information on them, they have no
understanding of just how far that information can travel
under the auspices of 'sharing' among marketing
affiliates. Here, we see information entrusted to Macy's
ending up at American Express and ESPN - something that
probably surprises most brides and grooms." Indeed, EFF
launched a campaign against Macy's practices, including a
form letter that netizens can use to voice their
concerns.
EFF's action alert about Macy's is available at
http://www.eff.org/Privacy/Marketing/20010612_eff_macys_alert.html
Also see WeddingChannel.com's privacy
policy.
[24] Webbug detection program available
A privacy software package has been launched that
specifically targets a new form of Internet tracking.
The Privacy Foundation has unveiled Bugnosis, a
special program to detect webbugs. Webbugs are tiny image
files which are being used increasingly to identify and
track computer users. Bugnosis, which can be downloaded
through the World Wide Web, is installed as a plug-in to
existing Internet browsers, causes individual computers
to say "uh-oh" when a webbug is encountered. It also logs
the URL associated with a given webbug as well as further
details as to the intruder's properties (such as whether
the bug is connected to other digital identification
files, including cookies). Moreover, Bugnosis places
marks a viewed site so that the user can actually see the
exact location of a particular webbug on the page. If the
program discovers that a webbug is associated with
certain well-known companies (such as Internet
advertising giant DoubleClick), it allows the user to
send an email message directly to the webbug owner for
further queries or outright complaints.
The Foundation hopes that this program will increase
public awareness and openness about these tracking
devices. For example, the organization argues that "Web
site privacy policies should disclose the use of Web
bugs. In fact, the general practice of online profiling
by third-party ad networks should be disclosed in privacy
policies, but is rarely mentioned."
To download Bugnosis, click http://www.bugnosis.org
For answers to frequently asked questions about
Bugnosis and webbugs in general, see http://www.bugnosis.org/faq.html
ABOUT THE GILC NEWS ALERT:
The GILC News Alert is the newsletter of the Global
Internet Liberty Campaign, an international coalition of
organizations working to protect and enhance online civil
liberties and human rights. Organizations are invited to
join GILC by contacting us at gilc@gilc.org.
To alert members about threats to cyber liberties, please
contact members from your country or send a message to
the general GILC address.
To submit information about upcoming events, new
activist tools and news stories, contact: GILC
Coordinator, American Civil Liberties Union 125 Broad
Street 17thFloor, New York, New York 10004 USA. email:
gilcedit@aclu.org
More information about GILC members and news is
available at http://www.gilc.org.
You may re-print or redistribute the GILC NEWS ALERT
freely. To subscribe to the alert, please send an mail to
gilc-announce@gilc.org
with the following message in the body: subscribe
gilc-announce
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A
GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)