GLOBAL

INTERNET

LIBERTY

CAMPAIGN



NEWS

 GILC Actions 

 Presswire 


ISSUES

 Free Speech 

 Privacy 

 Cryptography

 Access


RESOURCES

 GILC Alert 

 Mailing List
 GILC Events 


ABOUT GILC

 Principles

 Members 

 Mail GILC 


Home Page

US Site
European Mirror

 

GILC Alert
Volume 7, Issue 2

March 13, 2003

 

Welcome to the Global Internet Liberty Campaign Newsletter.

             

Welcome to GILC Alert, the newsletter of the Global Internet Liberty Campaign. We are an international organization of groups working for cyber-liberties, who are determined to preserve civil liberties and human rights on the Internet.

We hope you find this newsletter interesting, and we very much hope that you will avail yourselves of the action items in future issues.

If you are a part of an organization that would be interested in joining GILC, please contact us at gilc@gilc.org.

If you are aware of threats to cyber liberties that we may not know about, please contact the GILC members in your country, or contact GILC as a whole.

Please feel free to redistribute this newsletter to appropriate forums.


Free expression

[1] Jailed Chinese Net dissident goes on hunger strike
[2] US high court hears library Net censor case
[3] Domain name seizures provoke alarm
[4] Tunisian gov't arrests 20 websurfers
[5] Norwegian DVD computer speech decision appealed
[6] Swiss Internet censorship plans lurch forward
[7] Former Yahoo exec cleared in French Net censor case
[8] News site temporarily shutdown after Microsoft complaint
[9] Web protestor wins Taubman domain name dispute
[10] Martus software may aid human rights reporting
[11] UK parliament email censors prevent debate on bills

Privacy

[12] UN investigating allegations of US gov't spying
[13] Fury over new DSEA surveillance proposal
[14] US Congress approves restrictions on TIA spy project
[15] Revised British snoop plans unveiled
[16] Russian mobile phone privacy scandal erupts
[17] Report: Ebay spies on customers, readily discloses personal info
[18] Xupiter spyware raises privacy concerns
[19] College Internet music lovers face tracking schemes

[20] New GILC member: Statewatch


[1] Jailed Chinese Net dissident goes on hunger strike

A Chinese citizen who was jailed for expressing his views online has started a hunger strike, while the fates of several other online critics remain in jeopardy.

Wang Jinbo had sent several essays via the Information Superhighway to overseas Chinese dissident groups. In these essays, among other things, he called for the political rehabilitation of people who participated in the 1989 Tienanmen Square protests. He was then arrested and sentenced to four years in jail on subversion charges. Last week, Wang began a hunger strike as an act of defiance against his continued detainment. His current condition is not known.

In a separate case, Chinese officials are restricting the amount of medicine provided to Qi Yanchen-a freelance journalist who urged political reform in several of his articles. After these items were posted on the Internet and in a Chinese policy magazine, Chinese government agents arrested, tried and convicted him of subversion. Qi, who is suffering from several serious ailments, including chronic colitis, has only been able to receive medicine through prison visits by his wife, and prison officials are only allowing her to visit every 2 months.

A third online dissident, Huang Qi, remains in jail awaiting a verdict even though his "trial" ended nearly a year-and-a-half ago. Huang, who ran the "Tianwing Missing Persons Website," had republished articles written by other people about the 1989 Tiananmen massacre, the Falun Gong spiritual movement and other topics deemed taboo by the government. Huang was subsequently charged with "instigation to subvert state power" and was reportedly beaten in jail. Reporters Sans Frontieres (RSF-a GILC member) issued a statement that "protested strongly" the postponement of his verdict, saying that the "inability of the court to prove his guilt is the best proof of his innocence."

Still another cyber-critic, Tao Haodong, has been sentenced to seven years in prison. He had previously posted 3 articles online that criticized the ruling Chinese regime. Tao's sentence came after being detained in July 2001 and a subsequent trial for subversion.

For background information on all these cases, visit the Digital Freedom Network (DFN-a GILC member) website under http://dfn.org/focus/china/netattack.htm

For more about Wang Jinbo and Qi Yanchen, visit the RSF website at http://www.rsf.fr/article.php3?id_article=5071

Additional details regarding Huang Qi are available from the RSF website under http://www.rsf.fr/article.php3?id_article=5050

Read "Chinese cyber dissident still awaiting sentence," Agence France Presse, 1 March 2003 at http://newsobserver.com/24hour/technology/story/787225p-5635129c.html

For more about the Tao Haodong case, visit the RSF website under http://www.rsf.fr/article.php3?id_article=4965


[2] US high court hears library Net censor case

The future of a controversial Internet speech law was recently debated before the United States Supreme Court.

The Children's Internet Protection Act essentially requires high schools and libraries to include blocking software on their computers. Institutions that refuse to do so (or implement policies to that effect) will lose federal funding. Last year, a Federal judicial panel held that the law, which was challenged by the American Library Association (ALA) as well as GILC members the American Civil Liberties Union (ACLU), the Electronic Frontier Foundation (EFF), and the Electronic Privacy Information Center (EPIC), violated the right to free expression protected under the First Amendment to the U.S. Constitution: "Any public library that adheres to CIPA's conditions will necessarily restrict patrons' access to a substantial amount of protected speech in violation of the First Amendment." The U.S. Justice Department then appealed to the Supreme Court.

During the subsequent high court hearing, there was discussion of the secretive nature of Internet blocking packages and their effects on library visitors. Justice David Souter complained that the companies that develop filtering software "will not even disclose what they are blocking. When libraries have historically made these decisions, they have known what they're blocking." In addition, Paul Smith, an attorney arguing on behalf of the ALA, warned that library users might be too embarrassed to complain even if the blocking packages have prevented them from accessing noncontroversial material: "You've got to go up and say `Please turn off the porn filter.'" The Court is expected to make a decision by July 2003.

Meanwhile, a Federal appeals court has once again struck down the so-called Child Online Protection Act (COPA), which made it a crime to use the Internet to pass along "for commercial purposes" information considered "harmful to minors." The decision came as part of a challenge to COPA by the ACLU on behalf of 17 groups and individuals, including EPIC and EFF. The panel held that COPA was not narrowly tailored and would prevent people from accessing forms of expression that were protected under the U.S. Constitution: "COPA will likely deter many adults from accessing restricted content, because many Web users are simply unwilling to provide identification information in order to gain access to content, especially where the information they wish to access is sensitive or controversial ... People may fear to transmit their personal information, and may also fear that their personal, identifying information will be collected and stored in the records of various Web sites or providers of adult identification numbers." The court had previously ruled that COPA was unconstitutionally overbroad because the statute relied on community standards to identify material that is harmful to minors. Subsequently, the U.S. Supreme Court disagreed with the appeals panel on the community standards issue, but sent the case back to the appeals court to determine whether COPA might be an unconstitutional for other reasons, which led to the latest decision.

An ACLU press release regarding the CIPA case is posted at http://www.aclu.org/Cyber-Liberties/Cyber-Liberties.cfm?ID=12018&c=55

Further information is available from the ALA website under http://www.ala.org/pio/presskits/cipa/cipa_statement.html

To read a brief regarding CIPA from the Online Policy Group (a GILC member), click http://www.onlinepolicy.org/action/legpolicy/cipasupremebrief030210.shtml

See Declan McCullagh, "Foes lock horns in Web filtering case," CNet News, 5 March 2003 at http://news.com.com/2102-1028-991199.html

See "Justices Take New Look at Web Porn," Associated Press, 5 March 2003 at http://www.cbsnews.com/stories/2003/03/04/supremecourt/printable542715.shtml

See also "US court to rule on net porn," BBC News Online, 6 March 2003 at http://news.bbc.co.uk/1/hi/world/americas/2823491.stm

The text of the trial court's decision in the CIPA case is available at http://www.paed.uscourts.gov/documents/opinions/02D0415P.HTM

To read the latest COPA appeals court decision (in PDF format), click http://www.ca3.uscourts.gov/opinarch/991324.pdf

Read Declan McCullagh, "Appeals court strikes down Net porn law," CNet News, 6 March 2003 at http://news.com.com/2102-1028-991477.html


[3] Domain name seizures provoke alarm

In separate cases, the United States and German governments have begun seizing domain names from users who allegedly have committed various crimes-a move that has drawn concern from cyber-rights activists.

In one such incident, the U.S. Department of Justice (DoJ) took over isonews.com, the name of a website that, among other things, supposedly sold microchips to allow Xbox computer game console consumers to play games from other geographic regions as well as bootleg versions. In addition, a court granted the DoJ's request to force visitors of various alleged drug paraphernalia websites, such as OmniLounge.com, to be redirected to a special government webpage. David Sobel from the Electronic Privacy Information Center (EPIC-a GILC member) warned that through these measures, the "government is suddenly in a position of being able to monitor the Web-surfing activities of unwitting individuals who believe they are going to a website ... but possibly implicating themselves into some law enforcement investigation."

On the other side of the Atlantic, Joker.com, a domain name registrar, has deleted the registration of a website (Ogrish.com) that features shocking news stories and images. The deletion was done at the request of German government officials who believed the site violated German speech laws that restrict the depiction of violence. The move came despite the fact that the Ogrish.com website is hosted in the U.S. and apparently complies with American speech laws.

Read "Feds Now Seizing Domain Names" Associated Press, 5 March 2003 at http://www.cbsnews.com/stories/2003/03/05/tech/printable542899.shtml

For more on the IsoNews.com case, read "US seizes bootleg games site," BBC News Online, 27 February 2003 at http://news.bbc.co.uk/1/hi/technology/2803927.stm

For more on the OmniLounge.com case, see Declan McCullagh, "U.S. crime-fighters seize Web sites," CNet News, 26 February 2003 at http://news.com.com/2102-1023-986225.html

Read Declan McCullagh, "German registrar bans Web site," CNet News, 11 February 2003 at http://news.com.com/2102-1023-984248.html

Further information in German (Deutsch) is available from "Registrar muss Domain in DNS sperren," Heise Online, 12 February 2003 at http://www.heise.de/newsticker/data/anw-12.02.03-001/


[4] Tunisian gov't arrests 20 websurfers

The Tunisian government apparently is expanding its efforts to stifle the flow of online information.

Authorities in the North African country have arrested 20 men who allegedly had visited various websites that have been deemed taboo by the ruling regime, including the official webpage of a banned Tunisian political party. They were then held for supposedly violating the North African nation's subversion laws. The users were taken to the capital, Tunis, and interrogated; the government has prevented family members from visiting their loved ones in detention.

The move is being seen as yet another example of the stringent controls Tunisian leaders are trying to impose on the Information Superhighway. Several months ago, the Tunisian government had arrested, tortured, then imprisoned Zouhair Yahyaoui for republishing a letter online written by his uncle that derided the country's legal system. During his detainment, he has been forced to share a cell with 100 other inmates, and prison authorities have reportedly denied him medical aid even though he has been suffering from several serious medical ailments. The conditions of his confinement were so severe that Yahyaoui briefly went on a hunger strike-a move that failed to convince his captors to change their ways.

See "Tunisian internet crackdown," BBC News Online, 18 February 2003 at http://news.bbc.co.uk/1/hi/world/africa/2777389.stm

For more about the Yahyaoui case, click http://www.tunezine.com


[5] Norwegian DVD computer speech decision appealed

Norwegian authorities have officially resumed efforts to prosecute a teenager over a DVD-related computer program.

In 1999, Jon Johansen created DeCSS to help Linux operating system users watch DVDs on their machines. Norwegian authorities briefly detained him in early 2000 for his activities but released him soon afterwards. Nearly 2 years later, he was arrested again on the theory that by developing DeCSS, he violated a Norwegian law against break-ins. Presiding judge Irene Sogn subsequently cleared Johansen of the charges and held that, among other things, there was "no evidence" that he had used DeCSS for illegal purposes.Norwegian prosecutors have since appealed the decision. Free speech advocates such as Shari Steele, the executive director of the Electronic Frontier Foundation (EFF-a GILC member), believe that the Judge Sohn's ruling should be upheld: "The lower court ruled unanimously that Johansen did not violate Norwegian law. Johansen did not violate any copyrights and Norway doesn't have a Digital Millennium Copyright Act that could prevent DVD owners from viewing their own DVDs on their own computers as we have here in the United States."

For further information, visit the EFF website under http://www.eff.org/IP/Video/DeCSS_prosecutions/Johansen_DeCSS_case/20030120_
eff_pr.php


[6] Swiss Internet censorship plans lurch forward

Recent events have generated public concern over the future of online free speech in Switzerland.

Nearly three months ago, a local Swiss magistrate, Francoise Dessaux, ordered many Swiss Internet service providers (ISPs) to block access to various websites and to modify domain name system servers so that "the name of the domain swiss-corruption.com points to an empty page." A number of groups, ranging from cyberlibertarians to industry leaders, immediately questioned the validity of this measure. The Swiss Internet User Group (SIUG-a GILC member) and the Swiss Network operators Group (Swinog) issued a joint press release arguing that the magistrate's order violated Swiss law, notably article 16 of the Swiss constitution, which guarantees to every person "the right to receive information freely, to gather it from generally accessible sources, and to disseminate it." SIUG and Swinog also pointed that the blocking measures (such as those envisioned under the order) could be easily bypassed, as a technical matter.

Subsequently, most Swiss providers at first refused to comply with the judge's request, but backed down for fear for further legal action. However, Guido Honegger of Swiss ISP green continued to hold out against Dessaux's command, and is now facing protracted litigation because of disobedience. Other ISPs like Init Seven AG are redirecting users who try to visit the banned sites to protest pages. In addition, the sites that were supposed to be blocked are still online, this time with new web addresses-a move that is being seen as evidence as to the futility of Dessaux's efforts.

Meanwhile, the Swiss federal office of justice has issued a proposal that may curb the ability of people to see and hear what they want online. The plan would revise Swiss laws (that originally targeted lotteries and betting) so that Internet service providers would be required to prevent their users from access to certain enumerated games. Violators could face a year in prison or fines of up to 1 Million Swiss francs (approximately EUR 660 000). Some observers fear that the scheme, if approved, will set a dangerous precedent and pave the way for harsher restrictions on Internet content. SIUG currently is planning to submit formal objections to the scheme.

A copy of Dessaux's order is available (in PDF format) under http://www.nrg4u.com:80/abuse/canton-de-vaud.pdf

The joint SIUG and Swinog press release is posted at http://www.siug.ch/presse/Presse.20021213.txt

For background information, read "Schweizer Richter verlangt Website-Sperrung von Providern," Heise Online, 12 December 2002 at http://www.heise.de/newsticker/data/hob-12.12.02-000/

Visit the homepage of Swiss ISP green at http://www.green.ch/

For more information about Init Seven, go to http://www.init7.net/

To view a sample protest page, click http://vaud.init7.net/

The relocated banned websites can be seen at http://www.c9c.net/swiss-corruption/info
http://www.freejustice.de/

The official homepage of the Swiss Federal office of justice is located at http://www.ofj.admin.ch/


[7] Former Yahoo exec cleared in French Net censor case

The French court has acquitted the former president of Internet portal giant Yahoo in a closely watched free speech case with international implications.

The case revolves around various Yahoo webpages that allowed people to auction off Nazi memorabilia. In 2001, a French court ordered Yahoo to prevent French Internet users from accessing such pages, based on French laws that generally prohibit Nazi-related goods from even being advertised, much less sold. Afterwards, three French groups went after Tim Koogle, who was Yahoo's president at the time, saying he violated similar French laws against justifying war crimes and "exhibiting a uniform, insignia or emblem of a person guilty of crimes against humanity." He could have been sentenced to five years in prison and faced heavy fines.

However, a French court rejected this second legal action. Among other things, the court held that justifying war crimes meant "glorifying, praising, or at least presenting the crimes in question favourably", and that Yahoo "manifestly did not fit that description". This rebuke comes nearly a year after a court in California rejected attempts to enforce the 2001 judgment in the United States, where Yahoo is principally located.

Read "Yahoo boss cleared over Nazi sales," BBC News Online, 11 February 2003 at http://news.bbc.co.uk/1/hi/world/europe/2750573.stm

See Jon Henley, "Yahoo! cleared in Nazi case," The Guardian, 12 February 2003 at http://www.guardian.co.uk/international/story/0,3604,893642,00.html

See also "Ex-Yahoo chief acquitted over Nazi relics," Reuters, 11 February 2003 at http://news.com.com/2102-1023-984148.html


[8] News site temporarily shutdown after Microsoft complaint

An entire computer operating systems news site temporarily went dark after copyright infringement allegations were leveled against one of its constituent webpages.

Neowin contains numerous articles regarding Microsoft Windows and related software. The site includes a forum section where individuals can post comments. Last week, an agent of Microsoft sent a takedown notice claiming that a particular forum message (about the Windows XP Peer-to-Peer Software Development Kit) infringed the company's copyrights. However, rather than speak with Neowin itself and try to get the offending page removed, the software giant sent the notice to the relevant service provider, who promptly shutdown the entire site.

The case is being seen as another example of the negative impact that expanded copyright powers have had on the Internet free speech. In a statement, Neowin and its webhost, Invision Power Services Hosting (IPS) complained that they "did not have the chance to remove the said content before the provider deleted (access to) the contents of the server without contacting Neowin or IPS. (IPS) received a copy of the e-mail that Microsoft sent and we can confirm it was a standard 'remove content' e-mail that did not warrant a total shutdown." Microsoft has since claimed that it was only concerned about a specific webpage and that it had "no objection" to restoring the Neowin site.

Read Joe Wilcox, "Microsoft speaks, site goes dark," CNet News, 7 March 2003 at http://news.com.com/2102-1025-991624.html


[9] Web protestor wins Taubman domain name dispute

A court in the United States has ruled that Internet domain names deserve to be protected under traditional free speech standards.

Henry Mishkoff initially registered various domain names related to the Taubman Company, which operates several shopping malls. Users who typed in those domain names would be sent to a fan website (created by Mishkoff) that included maps and images of various Taubman shopping centers, along with a prominent disclaimer explaining that the site was not official. The firm then sued Mishkoff, claiming his actions constituted trademark infringement. Mishkoff responded by changing his site to incorporate online criticism of the company's actions, and reserved several more Taubman-related names (such as "TaubmanSucks.com" and "WillowBendMallSucks.com"). The trial court agreed with the firm and banned Mishkoff from using the contested names.

However, a U.S. Federal appeals court threw out the trial court decision and ruled in favor of Mishkoff. The court discarded the company's claims that Mishkoff had engaged in trademark infringement, saying that Mishkoff's use of the names was "not 'in connection with the sale or advertising of goods or services,' and there is no likelihood of confusion among consumers." The panel went so far as to hold that domain names are eligible for protection under the First Amendment of the U.S. Constitution, which guarantees freedom of speech.

To read the text of the decision, click http://pacer.ca6.uscourts.gov/cgi-bin/getopn.pl?OPINION=03a0043p.06


[10] Martus software may aid human rights reporting

A new encryption-based computer tool might make it easier for people to report human rights abuses.

Martus (which means "witness" in Greek) is an open-source package can be downloaded from the Internet free of charge. The software, in theory, will allow human rights workers to run quasi-virtual private networks, so that reports of abuses and other sensitive information can be forwarded online in a secure fashion. Martus is currently being beta-tested and there are many logistical and legal issues that remain unresolved. For example, as currently structured, Martus requires users to have computers with Internet connections, which can be problematic in developing or war-torn countries where Internet access is often hard to come by. In addition, many countries have laws that ban computer encryption products altogether.

Nevertheless, there is hope that Martus will help people expose human rights violations without fear of reprisals. Jim Fruchterman from the Benetech Institute (which developed Martus), explained: "The best weapon against innocence being murdered is more information, more quickly, more accurately to the right people who can make a difference." Peter Bouckaert from Human Rights Watch (HRW-a GILC member) was optimistic about the new technology: ""This is a very significant step to revolutionizing the work we do."

The official Martus site is located at http://www.martus.org/

Read "Protecting the Innocent," Associated Press, 7 March 2003 at http://www.cbsnews.com/stories/2003/03/07/tech/printable543154.shtml


[11] UK parliament email censors prevent debate on bills

A new email filtering system is reportedly preventing British parliamentarians from discussing various political matters.

The British Parliamentary Communications Director has implemented changes in the way electronic mail will be handled. Under the new rules, messages that contain "profanities of a sexual or offensive nature" will not be tolerated. However, many details regarding the scheme have still yet to come to light, and it is not clear even to the affected politicians what words are actually being taken out.

Politicians in the United Kingdom are already complaining over the scheme's effect on their ability to debate several subjects. Among the 900 email messages that were censored, the system apparently blocked off portions of a new Sexual Offences Bill, as well as, ironically enough, a consultation paper about censorship. Paul Tyler, a spokesperson for the Liberal Democrats, fumed: "At a time when the government is insisting on robust Freedom of Information legislation, this level of interference is totally over the top. ... Censoring MPs discussions with their staff, colleagues and constituents is totally unacceptable."

Read "E-mail vetting blocks MPs sex debate," BBC News Online, 4 February 2003 at http://news.bbc.co.uk/1/hi/uk_politics/2723851.stm


[12] UN investigating allegations of US gov't spying

The United Nations has launched a high-level inquiry to find out whether United States government is secretly spying on UN diplomats.

The probe came after the Observer, a British newspaper, published what it claimed was an email message from Frank Koza, a high-ranking officer in the United States' National Security Agency (NSA). The email said that the NSA is stepping up efforts to conduct surveillance "particularly directed at the UN Security Council (UNSC) members (minus US and GBR of course) for insights as to how to membership is reacting to the on-going debate RE: Iraq, plans to vote on any related resolutions, what related policies/ negotiating positions they may be considering, alliances/ dependencies, etc - the whole gamut of information that could give US policymakers an edge in obtaining results favourable to US goals or to head off surprises." The missive emphasizes "efforts against UNSC members Angola, Cameroon, Chile, Bulgaria and Guinea, as well as extra focus on Pakistan UN matters." According to the Observer, these surveillance operations included the interception of the home and office telephones and the emails of UN delegates in New York.

Since these revelations, the U.S. government has steadfastly refused to deny or confirm whether they are indeed engaged in the type of surveillance described in aforementioned message. U.S. presidential spokesperson Ari Fleischer ducked the allegations by saying: "The administration never comments on anything involving any people involved in intelligence. The administration does not answer questions of that nature." Similarly, U.S. State Department spokesperson Richard Boucher stated: "It doesn't matter what the paper is or whether it's true or not, I wouldn't have any comment on that kind of allegation. I would not have any comment whatsoever on that kind of question or allegation because we never comment on intelligence matters, and I'm not going to do it now."

These non-responses have apparently failed to satisfy the UN or the government of Chile, which has begun its own investigation regarding these accusations. Meanwhile, a British Government Communications Headquarters (GCHQ) employee has reportedly been arrested for violating the Official Secrets Act in connection with the memo's release.

The text of memo is posted at http://www.observer.co.uk/iraq/story/0,12239,905954,00.html

See Martin Bright, Ed Vulliamy and Peter Beaumont, "UN launches inquiry into American spying," The Observer (UK), 9 March 2003 at http://www.observer.co.uk/iraq/story/0,12239,910657,00.html

Read "US Refuses to Comment on Report of 'Dirty Tricks' to Win UN Vote on Iraq," Agence France Presse, 4 March 2003 at http://truthout.org/docs_03/030603B.shtml

For audio coverage of this story (courtesy of the Pacifica Radio Network), click http://stream.paranode.com/democracynow/dn20030303.html

For further details in German (Deutsch), read Severin Weiland, "Chile will Aufklaarung ueber Spionagevorwurf," Spiegel Online, 6 March 2003 at http://www.spiegel.de/politik/ausland/0,1518,238929,00.html

For more information in Spanish (Espanol), read "EEUU espia las comunicaciones de los miembros de la ONU para anticiparse a sus decisiones sobre Irak," Delitos Informativos.com, 3 March 2003 at http://www.delitosinformaticos.com/noticias/104668920070714.shtml

See also "Denuncian espionage a Mexico en la ONU," Reforma (MX), 3 March 2003 at http://www.reforma.com/internacional/articulo/274216/


[13] Fury over new DSEA surveillance proposal

Privacy advocates are warning that a newly drafted proposal would massively expand the power of United States government to spy on its citizens.

A copy of the Domestic Security Enhancement Act (DSEA), which was purportedly drafted by the United States Department of Justice, was leaked to the Center for Public Integrity, a nonprofit group based in Washington D.C. Among other things, the DSEA would follow the approach of legislation that was passed in 2001 by further eroding or removing various restrictions on government surveillance. For example, the plan would make it easier for government agents to initiate surveillance and wiretapping of U.S. citizens under the authority of the highly secretive Foreign Intelligence Surveillance Court; indeed, the DSEA would permit the government, in certain cases, to bypass the Foreign Intelligence Surveillance Court completely and conduct wiretaps and searches without a warrant. The bill also provides for general surveillance orders to cover multiple functions of high tech devices (such as cellphones that can send email and TiVo video recording devices). Additionally, the proposal would permit searches, wiretaps and surveillance of U.S. citizens on behalf of foreign governments - including dictatorships and human rights abusers - in the absence of U.S. Senate-approved treaties.

A number of privacy experts and policy makers have given the bill strongly negative reviews. Marc Rotenberg from the Electronic Privacy Information Center (EPIC-a GILC member) called the proposal "breathtakingly bad. Apart from the dramatic expansion of government surveillance authority and government secrecy, (the DSEA) transfers enormous power from the Congress and the judiciary to the executive branch and gives the attorney general absolutely unprecedented authority. This is more than an assault on constitutional liberty--it is an attack on the constitutional system of checks and balances." Meanwhile, several ranking members of Congress issued a letter expressing "profound disappointment" with the way the Department of Justice's behavior, saying that the "Department's handling of this matter has only lent credence to suggestions that this Administration is intent on using the war on terrorism as a partisan political tool and the Justice Department is waiting to spring this bill on the Congress when the nation once again has endured a terrorist attack or is in the midst of war."

The text of the DSEA is available via http://publicintegrity.org/dtaweb/report.asp?ReportID=502&L1=10&L2=10&L3=0
&L4=0&L5=0

For an ACLU analysis of the bill, click http://www.aclu.org/SafeandFree/SafeandFree.cfm?ID=11817&c=206

The aforementioned letter from ranking members of Congress is posted at http://truthout.org/docs_02/021203D.htm

Read David Cole, "Patriot Act's Big Brother," The Nation (US), 27 February 2003 at http://www.thenation.com/doc.mhtml?i=20030317&s=cole

For more of Marc Rotenberg's comments, see Declan McCullagh, "Perspective: Ashcroft's worrisome spy plans," CNet News, 10 February 2003 at http://news.com.com/2012-1071-983921.html

See "New Anti-Terror Bill: Critics Cry Foul," CBSNews.com, 8 February 2003 at http://www.cbsnews.com/stories/2003/02/08/attack/main539929.shtml


[14] US Congress approves restrictions on TIA spy project

United States lawmakers have approved a proposal to curb the development of a shadowy United States government program that would collect a wide range of personal information.

A project of the U.S. Department of Defense (DoD), Total Informational Awareness (TIA) is designed to gather personal data on a grand scale, including emails, phone calls, financial records, transportation habits, and medical information. Its proponents believe that by scanning and analyzing this massive pile of data, government agents will be able to predict and prevent crime. Many specifics concerning this plan have yet to be determined, including methods to protect the security of the warehoused information and other prevent unauthorized access. Experts believe the recently created U.S. Department of Homeland Security will use TIA.

Critics (including GILC members the Center for Democracy and Technology, the Electronic Privacy Information Center, the Electronic Frontier Foundation and the American Civil Liberties Union) have charged that the TIA project will trample privacy rights by allowing this "super snoop" program for indiscriminate spying on innocent Americans. In an attempt to deflect this criticism, the DoD then announced that it would create several advisory boards to oversee the development of TIA. The announcement got a lukewarm reception from privacy advocates, who supported the creation of the advisory boards, but felt such panels were not a complete substitute for robust Congressional oversight.

Subsequently, the U.S. Congress approved an amendment to an omnibus budget bill that would bar the use of Federal funds for "research and development" of TIA unless the U.S. Secretary of Defense, Attorney General and the Director of Central Intelligence together provide a report about TIA that will, among other things, "the likely impact of the implementation of a system such as the Total Information Awareness program on privacy and civil liberties." The plan, which has since been signed into law, does include a loophole allowing President George W. Bush to certify that (1) it is not practicable to submit that report within 60 days, and (2) "the cessation of research and development on the Total Information Awareness program would endanger ... national security." The legislation also essentially bans any "department, agency, or element of the Federal Government" from deploying or implementing any portion of TIA against U.S. citizens without providing notice and getting specific authorization from Congress.

The text of the amendment is posted at http://www.epic.org/privacy/profiling/tia/pub_law_108-7.html

For an ACLU press release on this subject, click http://www.aclu.org/SafeandFree/SafeandFree.cfm?ID=11818&c=206

Will Doherty (of GILC members EFF and the Online Policy Group) has written a critique of TIA that is posted at http://alumweb.mit.edu/whatmatters/200301/

For further information in German (Deutsch), read "Keine Total Ueberwachung fuer US-Buerger," Heise Online, 12 February 2003 at http://www.heise.de/newsticker/data/pmz-12.02.03-002/

Read Andrew Cohen, "Congress Finally Wakes Up," CBSNews.com, 13 February 2003 at http://www.cbsnews.com/stories/2003/02/13/news/opinion/courtwatch/main540470.shtml

An EFF archive concerning TIA is located under http://www.eff.org/Privacy/TIA/

Visit the EPIC TIA webpage under http://www.epic.org/privacy/profiling/tia/


[15] Revised British snoop plans unveiled

The British government has released two sets of proposals that may have serious implications for privacy online.

Last year, the British authorities sought to vastly increase the number of organizations that could conduct surveillance under the much-maligned Regulation of Investigatory Powers act (RIP), which mandated telecommunications providers to facilitate government surveillance of email, mobile phone, fax and Internet activities. The list of agencies that would be given RIP wiretapping powers were not limited to law enforcement bodies and included such groups as the British Food Standards Agency and National Health Services-over 500 agencies in all. After a blizzard of protests, government shelved the plan.

Earlier this week, the British Home Office unveiled a modified version of the proposal that, among other things, allowed only a handful of additional government agencies to access telecommunications information. In addition, the Home Office released a second consultation paper, this time regarding a voluntary code of practice for retention of communications data, which could then be accessed by law enforcement agents. This second document recommends that telecom providers should store such data for up to a year. The types of data to be retained under the scheme might include email header information, web surfing habits, callers' and recipients' names, and the geographic locations of individual mobile phones.

Privacy advocates remain concerned over the government's intentions, especially with regard to the data retention issue. Ian Brown from the Foundation for Information Policy Research (FIPR-a GILC member) called the data retention consultation "a sham," charging that the Home Office had "failed to address any of the well-known substantive issues and are merely going through the motions so that they can come back with a compulsory scheme. Their problem is that the compulsory scheme will also be unlawful, will also be incredibly expensive and, on their own evidence, will fail to help with their problems."

A FIPR press release on the subject is posted at http://www.fipr.org/press/030311snooping.html

Read David Pallister, "New limits may allay fears on snooping," The Guardian, 12 March 2003 at http://politics.guardian.co.uk/homeaffairs/story/0,11026,912315,00.html

For video and text coverage, see "Cautious response to 'snoop' plans," BBC News, 11 March 2003 at http://news.bbc.co.uk/1/hi/technology/2840133.stm


[16] Russian mobile phone privacy scandal erupts

In Russia, privacy concerns continue to mount after personal information concerning three-and-a-half million customers of a major mobile phone company was exposed to the public.

The Mobile TeleSystems (MTS) database included sensitive customer details such as names, dates of birth, passport numbers and payment records. The scandal came to light in the end of January 2003 after compact discs containing the database appeared on the black market in Moscow. MTS press secretary Eva Prokofieva said that the database had been stolen and that the company had started its own internal investigation without seeking help from law enforcement agencies. But she refused to provide details as to the results of this investigation.

The incident has further cemented fears that many of Russia's most important institutions (government, corporate or otherwise) are not doing enough to protect individual privacy. The widespread and illegal collection and distribution of personal information databases is common in Russia-a problem that is made worse by government inaction, according to many experts. Thus, although it is true that the Russian Constitution and Criminal Code theoretically guarantee that personal privacy will be protected, these laws are rarely enforced largely because government officials have interpreted them in ways that allow privacy invasions to go on unabated. Nor has there been any legislation that might prevent such abuses. Civil rights activists say that this problem has deep roots, and view it as another after-effect of the past Soviet regime. Indeed, Sergei Smirnov from the Russian Human Rights Network (a GILC member) worries that these types of cases will happen again and again, until people in Russia begin to treat privacy as a fundamental freedom that requires constitutional protection.

For further details (in Russian), visit the Russian Human Rights Network homepage at http://www.hro.org/ngo/discuss/mts.htm

For press coverage in English, read "Personal Data Pirated from Russian Phone Files," CSO Online, 23 January 2003 at http://www.csoonline.com/news/index.cfm?id=800

Background information about online privacy in Russia is available from a Russian Human Rights Network report posted under http://www.hro.org/docs/reps/privacy/2002/eng/database.htm


[17] Report: Ebay spies on customers, readily discloses personal info

A senior Ebay official has admitted that his company is willing gives out personal information to government agents without a court order and spies on its customers.

As reported in the Israeli publication Haaretz Daily, Joseph Sullivan, the director of the Internet auction giant's "law enforcement and compliance" department, boasted during a recent conference that his company would readily turn over data concerning its nearly 62 million users worldwide: "There's no need for a court order. ... We don't make you show a subpoena, except in exceptional cases." He explained that his firm was able to do this because of its highly "flexible" privacy policy: "When someone uses our site and clicks on the `I Agree' button, it is as if he agrees to let us submit all of his data to the legal authorities. Which means that if you are a law-enforcement officer, all you have to do is send us a fax with a request for information, and ask about the person behind the seller's identity number, and we will provide you with his name, address, sales history and other details - all without having to produce a court order. We want law enforcement people to spend time on our site." He explained that Ebay has recorded and documented virtually every bit of data that has come through the Web site since it came online nearly 8 years ago. Apparently these surreptitious transfers of user information are quite common; Sullivan said that he received some 200 such requests for personal data per month, most of them unofficial requests through faxes or email messages. In addition to handing out personal details about users, Ebay has its own "investigators" who pore through the data pursuing what they believe to be "suspicious people" and "suspicious behavior."

Experts have suggested that Ebay's activities pose serious problems from a privacy standpoint. One such expert, Nimrod Kozlovski, said that Ebay's disclosure and investigation system "bypasses the rules on non-disclosure of details of financial transactions and the confidentiality of the banker-client relationship." He also scoffed at Ebay's claims that its users are willingly agreeing to be spied on: "The consent given in the user contract should be seen as `coerced consent,' in the absence of any opportunity to exercise free choice, with no real alternative but to agree. This is most certainly not conscious consent."

Read Yuval Dror, "Big Brother is watching you-and documenting," Haaretz Daily, 20 February 2003 at http://www.haaretzdaily.com/hasen/pages/ShArt.jhtml?itemNo=264863&contrassID=2
&subContrassID=5&sbSubContrassID=0&listSrc=Y

For further information in German (Deutsch), read "Flexibler Datenschutz bei Ebay," Heise Online, 21 February 2003 at http://www.heise.de/newsticker/data/anw-21.02.03-004/


[18] Xupiter spyware raises privacy concerns

Advertising companies have apparently found a new way to keep tabs on consumers-by secretly installing tracking software on users' personal computers.

One such product is distributed by Xupiter.com, and is often surreptitiously bundled with other downloaded computer programs. Once installed, Xupiter changes the user's browser home page, redirects searches to pre-selected sites, and automatically opens a "back door" into the computer both to let in ads and to send out information about the user via the Internet. The collected information can then be further distributed to marketing agencies and other interested parties. This scheme works with surprising ease, especially if the given machine's web browser uses low security settings.

Because they can difficult to remove, Xupiter's "adware" tracker, along with similar products with names like Gator and Brilliant Digital, have, in turn, spawned a new cottage industry for uninstall tools such as Ad-aware, Spybot, Doxdesk and Spyware Info. Patrick Kolla, who created Spybot, explained that an arms race has developed between people like him and adware manufacturers: "Spyware makers are looking for new, better-hidden places in the system to anchor themselves. The challenge for any anti-spyware software lies here in keeping the detection mechanisms as well as the detection database up-to-date at the same time."

Read John Borland, "A secret war," CNet News, 24 February 2003 at http://news.com.com/2102-1023-985524.html

See also "Web hijacker snares victims," BBC News Online, 31 January 2003 at http://news.bbc.co.uk/1/hi/technology/2712759.stm


[19] College Internet music lovers face tracking schemes

Several recent initiatives to track music files along the Internet may erode the privacy of consumers.

As part of one such initiative, a California-based company named Audible Magic has developed file fingerprint recognition tools that are now being tested at the University of Wyoming. These tools are supposed to scan traffic that flows along college's computer networks, including personal email messages. Eventually, this technology could, in theory, be used to prevent users from accessing or downloading materials off the Internet, although this blocking aspect has not been implemented yet. These moves come not long after the Recording Industry Association of America sent a letter to more than 2,000 university presidents essentially pressuring them to "make efforts" to curb file-sharing, a process it described as "inappropriate use of campus facilities to disseminate (copyrighted) materials."

While experts question whether these systems will actually work, monitoring technologies such as Audible Magic have raised public concern as to their potential impact on individual privacy. Electronic Privacy Information Center (EPIC-a GILC member) issued an open letter to universities warning that "the surveillance of individuals' Internet communications implicates important rights, and raises questions about the appropriate role of higher education institutions in policing private behavior. ... [T]he RIAA wishes to involve colleges and universities in the process of policing the communicative activities of students, staff, and faculty in a way that is significantly outside institutional missions. ... [W]e urge caution in adopting network monitoring and other similar methods to address concerns about infringement."

The aforementioned EPIC letter is posted at http://www.epic.org/privacy/student/p2pletter.html

See John Borland, "Fingerprinting P2P pirates," CNet News, 20 February 2003 at http://news.com.com/2102-1023-985027.html

For further information in German (Deutsch), read "US-Universitaat ueberwacht Campus-Netz wegen P2P Tauschborsen," Heise Online, 20 February 2003 at http://www.heise.de/newsticker/data/sha-20.02.03-000/


[20] New GILC member: Statewatch

Founded in 1991, Statewatch encourages the publication of investigative journalism and critical research in the fields of the state, civil liberties and openness in Europe. It has received numerous awards for its efforts to gain public access to European government documents, including papers regarding telecommunications surveillance initiatives. Statewatch is a non-profit volunteer group comprised of lawyers, academics, journalists, researchers and community activists; its European network of contributors is spread across 12 countries.

Visit the Statewatch homepage at http://www.statewatch.org


ABOUT THE GILC NEWS ALERT:

The GILC News Alert is the newsletter of the Global Internet Liberty Campaign, an international coalition of organizations working to protect and enhance online civil liberties and human rights. Organizations are invited to join GILC by contacting us at gilc@gilc.org.

To alert members about threats to cyber liberties, please contact members from your country or send a message to the general GILC address.

To submit information about upcoming events, new activist tools and news stories, contact:

Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004
USA

Or email:
cchiu@aclu.org

More information about GILC members and news is available at http://www.gilc.org.

You may re-print or redistribute the GILC NEWS ALERT freely.

This edition of the GILC Alert will be found on the World Wide Web under http://www.gilc.org/alert/alert72.html

To subscribe to the alert, please send an e-mail to
gilc-announce@gilc.org

with the following message in the body:
subscribe gilc-announce


PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)