GILC Actions 



 Free Speech 





 GILC Alert 

 Mailing List
 GILC Events 




 Mail GILC 

Home Page

US Site
European Mirror


GILC Alert
Volume 5, Issue 1

February 16, 2001


Welcome to the Global Internet Liberty Campaign Newsletter


Welcome to GILC Alert, the newsletter of the Global Internet Liberty Campaign. We are an international organization of groups working for cyber-liberties, who are determined to preserve civil liberties and human rights on the Internet.

We hope you find this newsletter interesting, and we very much hope that you will avail yourselves of the action items in future issues.

If you are a part of an organization that would be interested in joining GILC, please contact us at

If you are aware of threats to cyber liberties that we may not know about, please contact the GILC members in your country, or contact GILC as a whole.

Please feel free to redistribute this newsletter to appropriate forums.

Free Expression

[1] Big trouble for China's Internet
[2] New US filtering law helps Defense tracking?
[3] Malaysia gov't battles Net newspaper
[4] US Congress holds domain name hearings
[5] Yahoo bans controversial Net auctions
[6] New skirmishes in DVD weblinks cases
[7] BT lawsuit: We Own All Links
[8] War over virtual images ban
[9] Internet via TV to be censored?
[10] Middle East Net free speech battles
[11] Pakistani gov't bans Internet use
[12] UK proposal: ISPs as gov't censors
[13] 20 enemies of the Internet

Privacy and Encryption

[14] Nortel's new antiprivacy device
[15] World leaders database hacked
[16] Dutch hearings on global ECHELON spy system
[17] Toysmart to destroy customer database
[18] EBay discards user privacy settings
[19] New British anti-privacy legislation
[20] Travelocity & Egghead security breaches
[21] DoubleClick privacy investigation halted
[22] New security flaw in forwarded email

[23] Upcoming CFP 2001 conference

[1] Big trouble for China's Internet

Over the past few weeks, Chinese Internet users have been beset with a myriad of new problems, from threats of execution to network outages.

For one thing, Communist China has now instituted harsher measures for speech activities on the Internet, ranging from fines for online swearing to the death penalty. These new standards came in a recent ruling from the country's highest court. Under these guidelines, Communist officials can executive people who send news or data that "gravely harms the country or people, or has particularly odious circumstances." Individuals who transmit information that "causes extremely grave harm to national security or interests" may face 10 year prison sentences. The ruling failed to define exactly what types of activities would fall within these categories, which may allow Chinese government agents tremendous leeway in in silencing and penalizing dissenters. Indeed, a company in Guangdong province has been fined after an employee merely used curse words in an online chat room. These efforts are being backed up with the forced installation of blocking software in many cybercafes throughout the country, including cities in the interior such as Chongqing.

In the latest development, Communist agents have tried Huang Qi, the proprietor of the "Tianwing Missing Persons Website," on charges of "instigation to subvert state power." Huang had merely posted articles written by other people regarding the 1989 Tiananmen massacre, the Falun Gong spiritual movement and other subjects, which are generally forbidden by government censors. Court access during the trial was so tightly restricted that neither Huang's family nor foreign diplomats were allowed to attend. However, Huang's wife said that her husband had been beaten in jail; indeed, the trial was postponed after Huang collapsed during the proceedings.

Jan van der Made of Human Rights Watch (a GILC member) noted that Huang Qi's case "is designed to send a warning to anyone who uses the Internet to transmit 'sensitive' material." He argued that these and other incidents are cause for alarm amongst the global community: "It's precisely when serious violations arise that the human rights dialogues with China should be put to the test. Are exchanges on human rights confined to polite rhetoric, or will China's dialogue partners take issue with the treatment of people like Huang Qi?"

These measures seem to support the findings of a recent report created under the auspices of the Committee to Protect Journalists (CPJ). In "The Great Firewall," A. Lin Neumann noted that the growth of the Internet in China has been hampered by the efforts of Communist apparachiks, who continue to repress online dissenters: "Ever since the Internet was allowed into China in 1995, all service has been funneled through government servers whose administrators capriciously block access to Western news sites, Chinese dissident sites, Taiwanese newspapers, and other material deemed objectionable. A powerful Ministry of Information Industry has been created to regulate Chinese access to the Internet, while the Ministry of State Security has been assigned to monitor local use of the Internet." As noted earlier, mainland Chinese officials have also resorted to harsh criminal penalties because, as one source mentions in the report, "You don't have to arrest too many people before everyone gets the message. The government here is very good at intimidation."

Unfortunately, Chinese Internet users may have even more serious problems to worry about. A major undersea cable to Shanghai was severed for reasons that have yet to be determined, thus cutting much of the country off from the online world. Although telecom workers have made partial repairs, many Chinese netizens may be stuck offline for weeks.

For the latest on the Huang Qi trial, visit the Digital Freedom Network (DFN-a GILC member) website under

See "Chinese website creator goes on trial," BBC News, Feb. 13, 2001 at

See also "China Tries Man for Website," Associated Press, Feb. 13, 2001 at,1294,41779,00.html

To read more of Jan Van der Made's comments, visit the Human Rights Watch webpage under

For the latest on China's Internet outage, read Anita Narayan, "China Telecom recovers part of damaged U.S.-China cable connection," China Online, Feb. 12, 2001 at 50.asp

See also "Chinese cut off from internet," BBC News, Feb. 9, 2001 at

For more on China's new death penalty for web informants, read "Leaking Chinese Secrets Now Deadly," Associated Press, Jan. 22, 2001 at,1597,265990-412,00.shtml

For further details on Chinese fines for using curse words on the Internet, see "Curses! Guangdong firm fined for employee's online swearing," China Online, Jan. 30, 2001 at

For additional information on new filtering software in Chinese cybercafes, read "New software censors Web in Chongqing Net cafes," China Online, Feb. 1, 2001 at

To read "The Great Firewall" report on Internet censorship in China, click

[2] New US filtering law benefits Defense tracking?

Why is the United States Department of Defense interested in the web surfing habits of children?

That's the question being posed after a recent article in the Wall Street Journal. The article described an apparent collaboration between the Defense Department and N2H2-a leading manufacturer of Internet filtering software. Under this arrangement, the company worked with new media marketing firm Roper Starch Worldwide to sell data about its users, including the online activities of more than 13 million children. This information was collected through one of N2H2's products, an Internet blocking program called Bess, which tracked kids as they journeyed along the Information Superhighway. The Defense Department then purchased "Class Clicks" reports based on this data. N2H2 has confirmed that Department subscribed to this service for at least a year.

After these revelations came out, the Electronic Privacy Information Center (EPIC-a GILC member) formally requested the Defense Department to provide more details regarding how it tracks children through the Web. EPIC's Chris Hoofnagle questioned "what purpose children's Internet browsing habits have to do with national defense. Whether or not it's permissible for the government to collect this information about kids, from a policy standpoint kids have no choice except to use those computers that have filtering devices attached, and it's inappropriate for marketers to be gathering data from this captive market."

This report comes after Congress passed a massive new filtering bill. The so-called "Children's Internet Protection Act" was included as part of a Labor-Health and Human Resources funding bill, and combines several different filtering schemes. Among other things, the law essentially requires high schools and libraries to include blocking software on all of their computers. Institutions that refused to do so (or implement policies to that effect) would lose federal funding. CIPA was approved despite vehement opposition to this plan from a broad coalition of groups such as GILC members the American Civil Liberties Union (ACLU), the Electronic Frontier Foundation (EFF) and the Center for Democracy and Technology (CDT).

Experts worry that this new law, in light of the government kid tracking scheme, is a severe threat to both free expression and privacy. ACLU staff attorney Chris Hansen noted that the new plan marked "the first time since the development of the local, free public library in the 19th century that the federal government has sought to require censorship in every single town and hamlet in America." Indeed, several groups, including the American Library Association (ALA) and the ACLU, are now vowing to sue over the new measure, claiming that it violates free speech rights that are protected by the United States Constitution.

These fears were further fueled by a recent report from a leading consumer magazine that suggests Internet filters are not very effective in preventing children from accessing controversial content. In this study, Consumer Reports tested several popular filtering packages, and discovered that nearly every one of these programs had a blocking failure rate of at least 20%. The one program that AOL's Young Teen, had a significant side effect, in that it blocked a very large number (63%) of websites with noncontroversial content. The report also noted the fact that sexually explicit material appears on only 2 percent of all websites. Based on all of these findings, Consumer Reports concluded that filtering software "is no substitute for parental supervision." It seems that many adults agree with this assessment; a Jupiter Research survey (cited in the Consumer Reports article) found that most parents (about 70%) have made it a point to be present when their children surf the Information Superhighway.

To read EPIC's request for information, click

See also Brian Krebs, "Group Want Feds To Disclose Plans For Kids' Net Data," Newsbytes, Jan. 29, 2001 at

The text of CIPA is posted at

To read an ACLU press release on this subject, visit

To read EFF's comments on CIPA, click

For an ALA press release on this subject, visit

For press coverage of these developments, see "Filters and the First Amendment," Associated Press, Feb. 8, 2001, at

See also D. Ian Hopper, "ACLU to Fight Internet Filtering," Associated Press, Dec. 20, 2000 at

To see the Consumer Reports filtering study, read "Digital chaperones for kids," Consumer Reports, March 2001, at

See also

[3] Malaysia bans journalists

Malaysian authorities are apparently trying to shut down an award-winning newspaper due to its critical reporting on government policies.

Officials have blocked writers from Malaysiakini (also known as Malaysia Now) out of press conferences and numerous gatherings. The decision was apparently prompted by the publication's extensive coverage and scrutiny of Malaysian Prime Minister, Mahatir Mohammed. Curiously, Deputy Prime Minister Chor Chee Heung said that Malaysiakini correspondents were rightfully kept out of these events because they lacked official press licenses-a charge that starkly contrasts with past promises by the government that it would not censor Internet news agencies and their activities. Other observers have suggested that the government's moves were partly due to reports that the e-newspaper received funding from foreign sources who had previously been the targets of Mahatir in his speeches.

Malaysiakini editors seemed unfazed by these restrictions. Co-founder Steven Gan said that these moves were clear evidence that the "government is wary of our journalists going to functions and daring to ask tough questions. We are going to test the boundaries of this one and continue attending government functions. They will have to kick us out."

See "Malaysia Bans News Site," Associated Press, Feb. 5, 2001 at,1283,41610,00.html

[4] US Congress holds domain name hearings

Lawmakers in the United States are voicing concern over a controversial organization responsible for administering the domain name system.

Subcommittees of both the United States House of Representatives and Senate recently held hearings about domain name policy. These sessions were held partly to address concerns by many leading experts that the Internet Corporation for Assigned Names and Numbers (ICANN) was unfair when it tentatively approved only seven new Top-Level Domains. Some of these difficulties were voiced in a letter issued by a coalition of scholars and cyber-rights groups, including the Internet Democracy Project, a joint initiative by GILC members the Electronic Privacy Information Center (EPIC), Computer Professionals for Social Responsibility and the American Civil Liberties Union (ACLU). The letter's creators argued that artificial limitations placed on the number of generic top-level domain names, such as ".com," and ".org," present a serious threat to freedom of expression. The groups also say that the closed process imposed by both ICANN and the U.S. Commerce Department violates the Due Process clause of the U.S. Constitution and the Federal Administrative Procedures Act (APA).

At the House hearing, several politicians expressed concern that the domain name body was unresponsive to the needs of the Internet community. Representative John Dingell worried aloud that ICANN was essentially undemocratic and "not accountable to anyone except God Almighty." Another Congressman, Charles Pickering, feared that ICANN procedures might become a Constitution of the Internet and said that there was a need for "immediate reform." Meanwhile, the chairman of the subcommittee, Fred Upton, said that in his mind, "legitimate questions have been raised by several of our witnesses about the fairness of the application and selection process."

Similar concerns were raised at a later Senate hearing. Senator Conrad Burns, the subcommittee chairman, said that his "greatest fear" was that "the administration of the Internet will be changed in foolish, even disastrous ways while very few people are watching." In addition, Sen. Barbara Boxer attacked current registrar policies, saying that they did not provide sufficient protection for the privacy of individual domain name holders against stalkers. Both Burns and Upton have hinted that additional hearings regarding ICANN activities may soon be held.

An audio recording of the House hearing is available under

To read the Internet Democracy Project letter, visit

For further background information, click

For press coverage of the House event, see Ariana Eunjung Cha, "Losers, Lawmakers Worked Up Over Internet Suffixes," Washington Post, Feb. 9, 2001, page E3 at

Read Anick Jesdanun, "Internet Board Defends Name Choices," Associated Press, Feb. 8, 2001 at

For German language press coverage, read Monika Ermert, "Neue Internet-Domains: Augen zu und durch..." Heise Online, Feb. 8, 2001 at

For press coverage of the Senate hearing, read "Senate to Scrutinize ICANN More Closely," Reuters, Feb. 14, 2001 at,1151,22210,00.html

See also Juliana Gruenwald, "Senators Promise More Scrutiny of ICANN," Interactive Week, Feb. 14, 2001 at,4164,2686052,00.html

For German language coverage of the Senate hearing, read Monika Ermert, "ICANN-'single point of failure' des Internet," Heise Online, Feb. 15, 2001 at

[5] Yahoo bans controversial Net auctions

Free speech advocates are livid after a major web portal decided to block Internet users from accessing a number of auction sites.

Yahoo is now blocking access to websites that offer items that, in its judgment, somehow "promote or glorify hatred or violence." Yahoo said that its ban is unrelated to a recent French court ruling that required the company to block French Internet users from accessing the webpages in the United States that allowed auctions of Nazi memorabilia. The ruling was made pursuant to French laws that generally prohibit such goods from even being advertised, much less sold. If Yahoo fails to comply, it will have to pay fines amounting to US $13,000 per day.

Despite the ruling, it was unclear whether the decision was enforceable in the U.S. Yahoo had initially sued in an American court to forestall enforcement of the French court judgment. However, the winners in the French court case have now moved to block Yahoo by getting a similar ruling in the United States. Curiously, Yahoo has decided to start blocking Internet users anyhow, even though these legal battles have yet to be resolved.

Many experts fear that these developments may undermine free speech in cyberspace. For one thing, numerous studies have shown that filtering software is error prone and often blocks out otherwise uncontroversial speech. Even in instances when Nazi sites are targeted, observers worry that such items as German history textbooks will be suppressed. Interestingly, Yahoo had advanced these same arguments months ago as part of its legal defense; a Yahoo spokesperson tacitly admitted that the company's new program of self-censorship was "not foolproof." Yet despite these programs, similar efforts are underway in other areas of the Internet; the German Constitutional Protection Office is now seeking restrictions on Napster file-swapping software because the program could theoretically be used to transfer hate-oriented files.

For the latest details, see Steven Bonisteel, "French Group Moves To Quash Yahoo Lawsuit In US," Newsbytes, Feb. 8, 2001 at

See also "French Sue Yahoo, Again," Reuters, Jan. 22, 2001 at

Read Troy Wolverton and Erich Luening, "Will Yahoo's ban on auctioned Nazi items work?" CNet News, Jan. 3, 2001 at

See also Jean Eaglesham, "Yahoo bans hate propaganda," Financial Times, Jan. 3, 2001 at

For more on German efforts to restrict Napster, see Tony Smith, "Napster partner urged to curb Nazi song swaps," The Register (UK), Dec. 20, 2000 at

For further details on Yahoo's countersuit, read Jim Hu, "Yahoo: Auctions immune from French laws," CNet News, Dec. 21, 2000 at

For more information on these latest moves in French, see the following item from Imaginons un Reseau Internet Solidaire (IRIS-a GILC member) at

More French language information is available via

[6] New skirmishes in DVD weblinks cases

The court battles continue over entertainment industry attempts to ban information regarding a controversial DVD-related computer program.

Since then, the California Supreme Court held that at least one of the defendants, Matthew Pavlovich, could not be held liable due to jurisdictional problems. Cyberliberties advocates applauded the court's decision. "The [California] Supreme Court has re-affirmed the principle that you don't lose your Constitutional due process rights when you enter cyberspace," stated Allonn Levy, who is defending Pavlovich in cooperation with the Electronic Frontier Foundation (EFF-a GILC member). Similarly, EFF staff attorney Robin Gross described the court order as "proof that perseverance is required to preserve liberty when litigating these issues."

Meanwhile, in the New York case, EFF is appealing the trial court's ruling, which banned journalists from providing information about DeCSS information on their website. In its court papers, EFF attorneys argued that trial court's decisions created "upside-down structure" that reached "far beyond the bounds of copyright law, threatening liability for members of the media, scientific speakers and fair users, all of whom have traditionally enjoyed broad First Amendment protection for their speech." Similar sentiments were expressed by several other groups, including fellow GILC members the American Civil Liberties Union (ACLU) and the Electronic Privacy Information Center (EPIC), who submitted a brief that, among other things, compared weblinks to "digital footnotes" and warned that banning such links would violate free speech rights.

EFF's brief in the New York case is available via

The ACLU's brief in the New York case is posted (in PDF format) under

For press coverage of the New York case, see Lisa M. Bowman, "Nothing says free speech like posting DVD-hacking code," ZDNet News, Jan. 26, 2001 at,4586,2679166,00.html

Read Brad King, "Copyright: Your Right or Theirs?" Wired News, Jan. 19, 2001 at,1294,41199,00.html

The California Supreme Court order is posted at

See Evan Hansen, "DeCSS case runs into Calif. Roadblock," ZDNet News, Dec. 15, 2000 at,4586,2665270,00.html

[7] BT lawsuit: We Own All Links

A major telecommunications giant is claiming that it invented weblinks and that members of the Internet community should pay the company for the privilege of using this technology.

British Telecom has filed a lawsuit against Prodigy, an Internet Service Provider that counts several million Americans as customers. That seems to be the message being sent by British Telecom (BT). The company alleges that it possesses intellectual property rights over all links based on a patent it filed in the 1970s (which was granted in 1989). A BT spokesperson crowed that the firm "patented the principle of the hyperlink in the mid-70s when people were still wearing kipper ties and flares." The communications giant is now demanding licensing fees from Prodigy; if BT wins this test case, experts believe that the company will go after other targets along the Information Superhighway in its quest for royalties.

These claims come despite several apparent flaws in BT's arguments. Among other things, the language contained in the cited patent (no. 4,873,662) is extremely vague, and might be used to describe virtually any type of network file transfer, including processes that British Telecom had no hand in inventing. Moreover, it is unclear just why BT waited for decades to assert its purported intellectual property rights. This argument was buttressed by a recently unearthed video of Stanford researchers' demonstration of weblinks that was apparently filmed in 1968-several years before BT said it invented the technology. Finally, many experts believe there are strong public policy reasons to disregard BT's claim because of its potentially destructive impact on Internet free expression.

Read Tim Richardson, "Prodigy to fight BT's 'shameless' hyperlinks patent lawsuit," The Register (UK), Dec. 15, 2000 at

See also Tim Richardson, "Film evidence challenges BT's claim to hypertext patent," The Register (UK), Sept. 15, 2000 at

[8] War over virtual images ban

Should computerized images that are mere figments of the imagination be banned?

That's the question that the United States Supreme Court is set to answer. The case involves the so-called Child Pornography Protection Act (CPPA), includes a strict ban on any image that even "appears to be" or "conveys the impression" of someone under 18 engaged in sexually explicit conduct. This ban still applies in instances where no model was used and the given picture was completely fictitious.

Not surprisingly, the CPPA has drawn heavy fire from free speech advocates, who have argued that law essentially punishes thought. Nadine Strossen, president of the American Civil Liberties Union (ACLU-a GILC member), warned that the statute "shifts the focus away from protecting actual children from actual harm in the production process and looks at potential harm that might result because of the mental impact of the images on the mind of the viewer. The reasoning that the viewer might have a bad idea and might go out and commit a bad act would be an end to free speech. Anything that we see or read might drive somebody to commit an anti-social act. Indeed, everything from literary classics to the Bible have had that effect."

After the CPPA was passed, a lower Federal appeals court ruled that the Act violated the right to freedom of expression. The court seemed particularly troubled by the fact that under the CPPA, "[i]mages that are, or can be, entirely the product of the mind are criminalized. ... While the government is given greater leeway in regulating child pornography, materials or depictions of sexual conduct 'which do not involve live performance or photographic or other visual reproduction of live performances, retain[s] First Amendment protection.'" However, the Supreme Court subsequently agreed to hear an appeal of the case. Oral arguments in Reno v. Free Speech Coalition are slated for fall 2001.

Meanwhile, this debate over the criminalization of virtual images has started to take international dimensions. A provision within a new proposed Council of Europe cybercrime convention contains language similar to the challenged CPPA, which may lead signatory nations to ban material that depicts people who merely appear to be having in sexually explicit conduct with a minor, including "realistic images" which "may include morphed images of natural persons." Oddly enough, the official explanatory memorandum that accompanies this draft treaty boldly states: "It is not relevant whether the conduct depicted is real or simulated." The convention had already received heavy criticism from many privacy advocates.

To see video and a transcript of Ms. Strossen's comments, see "Technology and Pornography," ABC News Nightline (US), Feb. 12, 2001 at s.html

See "Real Porn, Fake Porn," CBS News, Jan. 22, 2001 at,1597,266102-412,00.shtml

The lower appeals court decision can seen at

To see the latest version (draft 25) of the Council of Europe cybercrime treaty, click

To see the explanatory memorandum for the CoE treaty, visit

To read a recent GILC letter regarding the Council of Europe cybercrime treaty, visit

[9] Internet via TV to be censored?

Grownups who access the web through new television broadcast technology may only be able to see content suitable for children.

That's according to current plans from Wavexpress and iBlast. The two companies are working to allow Internet access via television signals. This is done by enlisting local television station affiliates to send and receive Internet transmissions. However, there are concerns whether the content that is provided through these new systems will have to conform with regulations in the United States that apply to TV programs, which generally restrict what can be said or seen on-air (such as explicit music lyrics). Rather than challenge these regulations and determine whether they apply to the Internet, the firms have decided to conform with the television-based restrictions. According to one iBlast spokesperson, "There hasn't been anything on the books to deal with the bits, and whether those individual bits fall under regulations. The safest thing for us is to follow the broadcast standards."

This decision came despite past court decisions suggesting that the free speech on the Internet deserves the same level of protection given to traditional forms of expression such as books or pamphlets. The issue is likely to become more important as other similar technologies (such as the DirectTV satellite based system, which includes embedded Web-type content) become popular.

See Brad King, "TV-Distributed Web to Be PG-13," Wired News, Feb. 7, 2001 at,1283,41616,00.html

[10] New Middle East Net free speech battles

From around the Middle East, people are struggling to use the Internet as a way to voice their opinions freely.

In Egypt, the state Ministry of Culture banned three novels for their allegedly obscene content. The move was apparently prompted by religious fundamentalists, who were incensed by any mention of such subjects as drinking and homosexuality. Aggrieved literati then responded by posting at least one of these books, Tawfik Abdul Rahman's "Before and After," on the World Wide Web. Similarly, other individuals who are threatened with censorship, such as Cairo Times publisher Hisham Qassem, have counterattacked with threats of their own to publish their works on the Information Superhighway. However, there are now fears that the same censorship schemes that the Egyptian government applied to books and other traditional means of expression may now be applied to the Internet. As scholar Ferial Ghazoul explained about free speech in general, "It is worrisome, because there is a kind of campaign by the Minister of Culture to undermine certain kinds of literature on the grounds that it is against public morality. Once you allow something like this to happen, how do you back down? They are playing with fire."

Indeed, Saudi Arabian officials have now blocked their citizens from visiting SafeWeb--a special portal that uses encryption technology to allow private individuals users to surf the Internet The reason? As one Saudi Internet user stated, "I have been able to use SafeWeb to access the many sites that have been blocked by my government, such as chat rooms and international news sites." Interestingly, SafeWeb CEO Stephen Hsu has taken this decision almost as a badge of honor: "When we set out to build the SafeWeb technology, we quickly realized the socially transformative effects it could have on closed societies like China, Iran and Saudi Arabia. We have been working to develop technology to fight censorship and promote freedom of expression and a significant portion of our traffic is coming from highly regulated countries. We are pleased to see that our efforts are beginning to make a difference in the international community." The firm is now developing technology to circumvent Saudi-type blocking schemes.

However, several Middle Eastern nations have gone beyond mere technology to restrict Internet use. Turkish officials have even gone so far as to arrest children merely for being inside Internet cafes. According to reports, government agents have warned kids not to re-enter such establishments, using such bizarre pronouncements as "We want you to become people who do some good for the state; we want to see you in nice places, not bad ones."

For more on developments in Egypt, see Sarah Gauch, "Egypt halts printing of books, but they're on the Web," Christian Science Monitor, Jan. 29, 2001 at

Read Jayson Matthews, "SafeWeb Doubles Usage, Blocked By Saudis,", Dec. 19, 2000 at,2198,3531_540131,00.html

See also "Turkish Children Arrested in Internet cafes," Reuters, Jan. 9, 2001 at,1151,21354,00.html

For German language information about the arrests of Turkish children, read "Türkische Kinder im Internetcafe verhaftet," ZDNet Deutschland, Jan. 10, 2001 at

[11] Pakistani gov't bans Internet use

Here's a way to stop newsleaks-institute a complete ban on Internet use.

That's apparently the approach being taken by the leaders of Pakistan, which has outlawed government use of the Internet. When asked for an explanation, a government spokesperson was seemingly unable to come up with concrete examples of where Internet use actually had caused significant harm, and could only provide suppositions and mere theories: "The logic behind the ban was to restrict flow of unauthorised information. There is a possibility that some information which the government does not want to make public, could reach some undesirable person or an organisation through e-mail, chat or data-transfer facility."

Meanwhile, this move already has had some serious side effects. The new measure has had a particularly negative impact on scientists, many of whom have found themselves cut off from the outside world. As one affected user noted, "Many of us were left with no option but to acquire an Internet connection out of our own pocket. We, the researchers and scientists, wonder the government 'strategy' to restrict the flow of information. It was also against the spirit of government's own policy to provide Internet and e-mail facility in as many as 296 cities of the country. On one hand the government was spending an amount of Rs 5 billion on the development of IT sector with a view to promoting computer culture which certainly cannot be materialised without involving all government departments in this regard."

Read Mubashir Zaidi, "Pakistan Govt bans use of Internet," Hindustan Times, Dec. 21, 2000 at

[12] UK proposal: ISPs as gov't censors

The British government has withdrawn plans that might have forced Internet service providers (ISPs) to engage in censorship on the state's behalf.

The proposals originally had surfaced in response to the Kilshaw case, where two children had been given up for adoption via the Internet to two different sets of parents. Afterwards, British health minister John Hutton issued a threatening letter to the United Kingdom's Internet Service Provider Association, suggesting that they could be held legally liable for such questionable content. The letter further warned that if service providers did not take appropriate measures "they are committing an offence and may face prosecution."

Hutton's apparent ultimatum led to a storm of protest from many members of the UK Internet community, who feared that ISPs would have to act as government agents and screen the activities of private Internet users, for fear of lawsuits. Subsequently, Hutton retreated from the strong language in his prior statement. In a radio interview, he conceded: "We are not saying to all the UK ISPs that they must go away now and check all the material on their servers, that would be completely unreasonable and we are not unreasonable."

Read Patrick Butles, "U-Turn on adoption website crackdown," The Guardian (UK), Jan. 22, 2001 at,3858,4121763,00.html

The text of Hutton's letter is posted at,7890,426520,00.html

New US online music bills?

[13] 20 enemies of the Internet

Reporters Sans Frontieres has issued a new report that lists twenty countries as "real enemies" of the Internet. The group cited these nations for restricting their citizens' access to the Internet, and for stifling free expression.

The study revealed that in many nations, such as Turkmenistan, the most common restriction was requiring Internet users "to subscribe to a state-run Internet Service Provider (ISP)." Other countries allow access only in certain cities, or charge prohibitively expensive usage fees. The penalties can be very harsh, and often include imprisonment as well as heavy fines, as evidenced by several high profile cases in China, Cuba and Sierra Leone and Cuba. Along with these nations, this year's list included Iraq, North Korea, Vietnam, Azerbaijan, Kazakhstan, Kirghizia, Tajikistan, Belarus, Burma, Iran, Libya, Saudi Arabia, Sudan, Syria, Tunisia and Uzbekistan.

RSF called on the governments of these countries to "abolish the state monopoly on internet access and, where appropriate, stop controlling private ISPs, cancel the obligation for citizens to register with the government before obtaining internet access, abolish censorship through the use of filters, and stop blocking access to certain sites maintained by foreign servers, protect the confidentiality of internet exchanges, particularly by lifting controls on electronic mail," and "call off the legal proceedings undertaken against internet users who have done no more than exercise their right to freedom of expression."

To read the full report, click

[14] Nortel's new antiprivacy device

Is it truly necessary to build spyware into computer networks to help advertisers and service providers track people through the Internet?

That's what consumer advocates are asking after Nortel Networks, the telecommunications manufacturer, announced a new "Personal Internet" initiative. This plan, which includes both hardware and software, would allow numerous companies (including advertisers, Internet service providers and others) not only to track computer users through the Information Superhighway, but to figure out their real names and addresses. This information, in turn, could be cross-linked to credit card records and other such databases. The manufacturer is hoping its inventions will allow advertisers to target their blitzes at consumers with the help of ISPs. Indeed, Nortel marketing vice-president Selina Lo crowed that this technology "allows ISPs to capture a user. Your ISP knows about you: they know who you are, they know your address, they know your preferences. Any kind of personalization that is targeted at you would be best done at that point."

Privacy advocates are alarmed by the invasive nature of this project. Jason Catlett of compared this service to having "the Post Office looking into your mail in order to decide what kind of junk to send you. This is a disturbing development, to find a supplier of Internet infrastructure touting its surveillance capabilities. For most people, the idea that their ISP is watching where they go is unacceptable." Moreover, experts have pointed out that unlike other tracking technologies such as cookies (which can be blocked by the user), private individuals have virtually no way to avoid Nortel's tracking schemes, short of switching ISPs. Yet despite these thorny problems, several major companies, including Yahoo and Lycos, are already testing Nortel's new tracking technology through their websites.

Read Sascha Segan, "They Know Where You Live," (US), Jan. 30, 2001 at

See also "Nortel unveils Web tracking technology," Associated Press, Jan. 31, 2001 at

See also Scott Morrison, "Nortel to enable web tracking," Financial Times, Jan. 30, 2001 at

[15] World leaders database hacked

A database that contained sensitive personal information about many of the world's leaders has suffered a serious security breach.

The list of victims read like a who's who of global politicians, including former United States President Bill Clinton, South African President, Thabo Mbeki, and former U.S. Secretary of State Madeleine Albright. The database contained data on participants of the recent World Economic Forum in Davos, Switzerland. The equivalent of some 80,000 pages of information were taken, which included such tidbits as credit-card information, cell-phone numbers and passport data. A Forum spokesperson said the intruders managed collect details on nearly 1400 attendees.

The incident has heightened concerns over whether governments around the world have done enough to protect Internet privacy. Ironically, many of the affected leaders had opposed various measures to protect the rights of citizens online (such as widespread dissemination of encryption software). Indeed, while the Davos Forum featured roadblocks, barbed-wire barricades and other measures against terrorists, considerable doubts have been raised about whether the same level of protection was provided against hackers.

Read William Drozdiak, "Database Hacked at Davos Forum," Washington Post, Feb. 6, 2001, page E1, at

[16] Dutch hearings on global ECHELON spy system

The Dutch government has apparently confirmed the existence of a super-secret spying network, and lawmakers are hoping to find more details.

These moves are centered around ECHELON, a highly classified system designed to intercept communications from around the world. ECHELON is reportedly operated by the US National Security Agency (NSA), in conjunction with several other intelligence agencies, including Great Britain's Government Communications Headquarters (GCHQ), and Australia's Defence Signals Directorate (DSD). According to experts, ECHELON is capable of intercepting e-mail messages, faxes, telephone conversations.

After years of denying the existence of ECHELON, the Dutch government issued a letter stating that although it "does not have official confirmation of the existence of Echelon by the governments related to this system, it thinks it is plausible this network exists. The government believes not only the governments associated with Echelon are able to intercept communication systems, but that it is an activity of the investigative authorities and intelligence services of many countries with governments of different political signature."

These revelations worried Dutch legislators, who had convened a special hearing on the subject. During the hearing, several experts, including representatives from GILC members Bits of Freedom and Jansen & Janssen, argued that there must be tougher oversight of government surveillance activities. There was also considerable criticism of Dutch government efforts to protect individual privacy, particularly the fact that no information had been made available relating to Dutch intelligence service's investigation of possible ECHELON abuses.

Read Jelle van Buuren, "Hearing On Echelon In Dutch Parliament," Heise Telepolis, Jan. 23, 2001 at

See also Jelle van Buuren, "Dutch Government Says Echelon Exists," Heise Telepolis, Jan. 20, 2001 at

[17] Toysmart to destroy customer database

Here's a way to protect the privacy of netizens: destroy the files that have been compiled on them.

That's the apparent solution in the case of The failed retailer had planned to sell 250,000 files that included customers' credit card numbers, as well as their names and addresses. This move seems to contradict Toysmart's own privacy policy, which said that the company would never sell such data. Afterwards, the United States Federal Trade Commission (FTC) sued the dot-com for deceptive trade practices. However, the FTC abruptly settled with Toysmart, allowing the bankrupt e-tailer to sell most of its customer files, under certain conditions. These conditions include destroying data collected from Internet users who were 13 years old or younger.

Unsatisfied with this result, nearly 38 states stepped in to block the deal. Eventually, a further compromise was reached. Under the latest agreement (which was approved by the presiding Federal judge), Buena Vista Internet Company (a Walt Disney subsidiary) would pay US $50000 to Toysmart, and the bankrupt dot-com would destroy the list, after all claims against Toysmart were settled. Toysmart executives would have to submit a sworn affidavit detailing how the personal information database was destroyed. The money paid by Buena Vista would then be portioned out to the dot-com's creditors.

Read Brian Krebs, "Mass. Judge Says Toysmart Can Destroy Customer List," Newsbytes, Jan. 30, 2001 at

See also D. Ian Hopper, "Toysmart Database to Be Destroyed," Associated Press, Jan. 10, 2001 at

[18] EBay discards user privacy settings

Does EBay really care about consumer privacy?

That's what people are asking the online auctioneer changed the customer profiles of some 6 million customers. According to reports, a bug in EBay's sign-up system altered several default settings for user registration purposes. Among the many changes were answers to questions like "Do you want to receive calls from telemarketers?" Though the default answer was supposed to be "yes," the bug modified this setting to "no." Though many new users apparently were happy to be free of extra advertisements, EBay decided to change their settings back to "yes." An EBay spokesperson claimed that the company provided notice and a 14 day period for customers to object.

However, EBay's decision to change user preferences to let telemarketers call customers has generated considerable outrage. One customer seemed to suggest that EBay's supposed attempts to contact users were less than effective: "Someone has decided to arbitrarily unselect my preference to not get called by eBay telemarketers! I can't find the words to describe how amazed I am at the boldness of the people responsible for this." Richard M. Smith of the Privacy Foundation chided EBay, saying that the company's latest action "stretches credibility" and that it was "not a nice thing. I don't see how it's an error that they simply chose 'no' as a default. If there was an error, it was the company's."

See Ben Charny, "eBay switches some customer privacy settings," CNet News, Jan. 9, 2001 at

[19] New British anti-privacy legislation

The British government has introduced more legislation that may greatly erode privacy online.

The Criminal Justice and Police Bill comes just after Parliament had approved the controversial Regulation of Investigatory Powers (RIP) Act. The RIP bill requires all Internet traffic in the UK to be sent through a division of the M.I.5-the chief investigatory agency of the British government. The new law also authorizes more government agencies to conduct electronic surveillance. The bill expands the types of data that can be intercepted, including "traffic data" such as passwords and lists of visited websites. Finally, the proposal forces cybernauts to either provide encryption keys to the police when requested, or prove in court that they don't have such keys. RIP continues to be derided a broad coalition of groups, including cyberliberties advocates and computing firms. More recently, British Internet service providers have attacked government investigators for requiring them to waste vast amounts of money and resources just to catering to law enforcement wiretapping requests.

For more on the Criminal Justice and Police bill, read Michelle Delio, "Privacy Battle Brews in England," Wired News, Jan. 23, 2001 at,1294,41352,00.html

To find out more on British corporate complaints regarding law enforcement RIP requests, see Michelle Delio, "ISPs 'RIP' Into British Police," Wired News, Jan. 19, 2001 at,1294,41288,00.html

See also Jean Eagleshame, "Internet companies hit at police ignorance of e-mail," Financial Times, Jan. 16, 2001 at

[20] Travelocity & Egghead security breaches

Several prominent e-tailers inadvertently exposed personal information on thousands of computer users.

Travelocity, which handles online air travel and hotel bookings, has admitted that data regarding nearly 45 000 of its customers was exposed on its website. The collected information included such items as names, home and e-mail addresses as well as telephone numbers. According to company executive Jim Marsicano, the files should have been deleted as part of routine security measures, but for some reason they were left out in the open. The firm is now in the process of notifying possible victims by e-mail.

Meanwhile, an intruder managed to break into the customer database of software seller Egghead. Initially, the company feared that some 3.7 million credit card numbers had been stolen, prompting it to call in the United States Federal Bureau of Investigations. Subsequent internal investigations have suggested that the intruder might not have extracted credit card numbers from the database; nevertheless, the incident has renewed public concerns that dot-coms are not doing enough to protect consumer privacy.

For more on the Travelocity situation, read "Travelocity Admits Security Lapse on Web Site," Associated Press, Jan. 24, 2001 at html

See also Troy Wolverton, "Travelocity exposes customer information," CNet News, Jan. 22, 2001 at

Further information regarding the Egghead security breach is available from Robert Lemos, "Egghead says hacker didn't get access to cards," CNet News, Jan. 8, 2001 at

[21] DoubleClick privacy investigation halted

Federal regulators in the United States have abruptly stopped investigating an Internet advertising firm that may have violated the privacy of some 90 million American households.

DoubleClick, which provides banner ads to many websites, had already admitted to tracking viewers through the Internet. It apparently placed digital identification numbers in files known as "cookies" on a user's hard drive, which it matches with name and address information that has been collected by its partners. About a year ago, DoubleClick expressed its intention to match this data with more extensive information contained in millions of files maintained by its merger partner Abacus Direct. When DoubleClick purchased Abacus Direct, it said it would not engage in this form of computer matching.

These moves had led to lawsuits and fierce criticism. In a belated attempt to quiet these fears, DoubleClick revised its policies so that customers can "opt-out" of the tracking system. However, many observers, including Marc Rotenberg of the Electronic Privacy Information Center (EPIC-a GILC member), believed that these latest moves would do very little to protect personal information concerning individuals in cyberspace.

Soon afterwards, officials from the US Federal Trade Commission began to investigate whether DoubleClick had improperly handled customer data. However, after months of effort, FTC official Joel Winston issued a letter announcing that the inquiry was over. To the astonishment of privacy advocates, Winston held that "DoubleClick never used or disclosed" personally identifiable data "for purposes other than those disclosed in its privacy policy." Meanwhile, DoubleClick has continued to post its cookie-based advertisements on the Internet; to date, the number of websites with DoubleClick ads stands at over 1500.

See "Doubleclick Probe Over," Associated Press, Jan. 23, 2001 at

[22] New security flaw in forwarded email

Watch out if you forward email messages. Thanks to a newly discovered security flaw, you may be sending your comments to unintended recipients.

This flaw allows people to spy on readers who receive specially tagged messages. By using special programs written in Javascript language, a would-be wiretapper can lace a given e-mail transmission with special codes. If this e-mail is forwarded, the wiretapper can find out any comments from the person who forwards the message. This technique works with which appears in many commonly used e-mail programs, including Microsoft Outlook and Netscape 6, but does not seem to affect users of Eudora or AOL mail systems.

Privacy advocates have raised red flags over this development. Richard M. Smith of the Privacy Foundation mentioned that this technology "could prove particularly enticing in a negotiation to learn what the other side is really thinking. It could conceivably be used to harvest thousands of email addresses as a message is forwarded around the world. I even tested an email wiretap with a friend who is a congressional staffer. You can imagine the possibilities." Observers have pointed to a past British court ruling that held insurance giant Norwich Union liable for defamation against its rival Western Providence for messages that were sent through Norwich's internal e-mail system. As a partial solution, concerned users can disable Javascript implementation on their e-mail programs.

To read a Privacy Foundation tipsheet on this subject, see

See also Mark Ward, "When sending is spying," BBC News Online, Feb. 6, 2001 at

For further information in German, read Ernst Corinth, "Email is watching you!" Heise Telepolis, Feb. 7, 2001 at

[23] Upcoming CFP 2001 conference

The Computers Freedom and Privacy 2001 conference will take place March 6-9 in Cambridge, Massachusetts. Topics for discussion include a number of issues regarding free speech in cyberspace, including the extent to which trademark and other intellectual property laws should be applied to the Internet. There will also be sessions regarding international aspects, such as the Council of Europe cybercrime treaty and new initiatives from the G8 nations.

Two events are scheduled to coincide with these sessions. On March 7, Privacy International (a GILC member) will present the US Big Brother Awards to the government and private sector organizations that have done the most to invade personal privacy in United States. Specifically, four "Orwells" will be presented in the categories of worst Government Official/Most Heinous Government Organization, Most invasive company, Most Appalling Project, Lifetime Menace. "Winston" awards will also be given to groups and individuals who have made exemplary efforts to protect against intrusive behavior. Later, on March 8, the Electronic Frontier Foundation (EFF-a GILC member) will present the Tenth Annual Pioneer Awards. These prizes are dedicated to innovators who are expanding knowledge, freedom, efficiency, and utility in the information technology world.

The official CFP 2001 website is located at

To find out more on the Big Brother Awards, or to submit a nomination, visit

Additional details on EFF's Pioneer Awards are available via


The GILC News Alert is the newsletter of the Global Internet Liberty Campaign, an international coalition of organizations working to protect and enhance online civil liberties and human rights. Organizations are invited to join GILC by contacting us at To alert members about threats to cyber liberties, please contact members from your country or send a message to the general GILC address.

To submit information about upcoming events, new activist tools and news stories, contact: GILC Coordinator, American Civil Liberties Union 125 Broad Street 17thFloor, New York, New York 10004 USA. email:

More information about GILC members and news is available at You may re-print or redistribute the GILC NEWS ALERT freely. To subscribe to the alert, please send an mail to with the following message in the body: subscribe gilc-announce