GILC Actions 



 Free Speech 





 GILC Alert 

 Mailing List
 GILC Events 




 Mail GILC 

Home Page

US Site
European Mirror


GILC Alert
Volume 5, Issue 4

June 26, 2001


Welcome to the Global Internet Liberty Campaign Newsletter


Welcome to GILC Alert, the newsletter of the Global Internet Liberty Campaign. We are an international organization of groups working for cyber-liberties, who are determined to preserve civil liberties and human rights on the Internet.

We hope you find this newsletter interesting, and we very much hope that you will avail yourselves of the action items in future issues.

If you are a part of an organization that would be interested in joining GILC, please contact us at

If you are aware of threats to cyber liberties that we may not know about, please contact the GILC members in your country, or contact GILC as a whole.

Please feel free to redistribute this newsletter to appropriate forums.

Free Expression

[1] Hague treaty poses Net speech problems
[2] China pushes new Net speech rules
[3] Professor files suit over digital discussions
[4] Iranian cybercafes closed
[5] EBay & Yahoo hate bans ineffective
[6] Problematic French Info Society law creeps forward
[7] Domain name convention generates more controversy
[8] Spain unveils webpage curbs
[9] Court battles brew over US blocking laws
[10] Possible UK Net speech restrictions
[11] New EU copyright law may curb Net speech
[12] Survey: online freedom growing, but still threatened
[13] New program to bypass Net censors
[14] Victories in anonymous Net speech cases

Privacy and Encryption

[15] Final draft Euro cybercrime pact sparks criticism
[16] US gov't shuns ECHELON investigators
[17] Smart shirts, beds, cars spark privacy concerns
[18] Industry privacy proposal draws skepticism
[19] Experts call for Carnivore spyware rollback
[20] Rush to implement cellular phone trackers
[21] eTours consumer list sale questioned
[22] New worm may actually protect computers
[23] Macy's wedding site faces privacy woes
[24] Webbug detection program available

[1] Hague treaty poses Net speech problems

A controversial multinational agreement regarding court judgments has run into difficulties, including questions as to its impact on Internet free speech.

The Hague Convention on Jurisdiction and Foreign Judgments is essentially designed to make it easier to enforce court rulings across borders. The types of judgments covered by the treaty include many kinds of civil lawsuits, and apparently encompasses speech-related torts such as libel and defamation. The treaty also mentions various types of intellectual property-based actions. The document is currently being negotiated by representatives of many countries, including mainland China, the United States, the United Kingdom, Germany, Japan, Korea and Australia.

Consumer groups and free speech activists have warned that the Convention may have a detrimental impact on Internet users, particularly with regard to freedom of expression. These critics also point out that the few public policy provisions within the treaty will not be sufficient to protect citizens from liability based on speech restrictions in other countries (such as China). Jamie Love from the Consumer Project on Technology fears that the treaty "will strangle the Internet with a suffocating blanket of overlapping jurisdictional claims, expose every Web page publisher to liabilities for libel, defamation and other speech offenses from virtually any country, (and) effectively strip Internet service providers of protections from litigation over the content they carry."

Yet despite these warnings, during recent drafting sessions held in the Netherlands, negotiators reportedly decided to strengthen several intellectual property standards within the pact. This move sparked outrage from many cyberlibertarians; Richard Stallman of the Free Software Foundation charged that "[p]eople don't realize what a disaster this could be."

For the latest coverage, read Lisa M. Bowman, "Global treaty-threat to the Net?" ZDNet News, June 22, 2001 at,4586,5093109,00.html

See also Boris Grondahl, "Your Court of Mine?" Industry Standard, June 25, 2001 issue, at,1902,27176,00.html

To see a list of Hague convention member nations, click

A prior draft of the treaty is posted under

[2] China pushes new Net speech rules

It's been a tough couple of weeks for Chinese Internet activists.

Chinese commisars recently convicted and sentenced Liu Weifang for posting several messages that criticized Communism. In addition, Chinese officials have reportedly charged four men (Jin Haike, Xu Wei, Yang Zili and Zhang Honghai) with subversion. These people apparently participated in a political reform discussion group that included numerous postings on the Internet. Yang Zili, in particular, had previously run website that included articles on the suppression of the Falun Gong spiritual movement, economic disparities in Chinese society and other controversial subjects. In a third case, Chinese government agents have arrested Hu Dalin for posting remarks from his father (a retired policy expert) on the Information Superhighway. Meanwhile, a Chinese court has rejected an appeal from Jiang Shihua, who received a two-year prison sentence for pro-democracy statements that he made via an Internet chatroom back in August 2000.

Mainland Chinese authorities also have unveiled a new proposal that may have a detrimental impact on Internet expression. While details are sketchy, the draft regulations apparently would make it a crime for ordinary computer users to do various activities through their homepage. A preliminary analysis by the Chinese electronic publication VIP Reference has revealed that the list of proscribed acts includes publishing news, setting up unmoderated chatboards, or allowing software downloads. In addition to these measures, Chinese government officials are pressuring companies to engage in self-censorship, on the pretext of security.

More recently, the Chinese government has launched what has been termed the biggest crackdown on cybercafes since the nation entered the Information Superhighway. Forty thousand officials are said to have taken part in this effort, which has affected some 56 800 cafes. Besides forcing these establishments to log their customers' activities and installing spyware devices, government agents have forced at least 6000 cybercafes offline.

For the latest details on the cybercafe crackdown, read "China Closes Internet Cafes," International Herald Tribune, June 15, 2001 at

For additional information concerning the Liu Weifang case, visit the Digital Freedom Network (DFN-a GILC member) website under

See "China's Safe Haven: Net Cafes," Reuters, June 12, 2001 at,1294,44465,00.html

To read VIP Reference's analysis (in Chinese) of the proposed online regulations, click

For more on possible Chinese Net content restrictions, read "China to Strengthen Supervision of Internet," China News Digest, May 18, 2001 at

For more on the arrest of Yang Zili, see "China charges four academics," BBC News, May 21, 2001 at

See also Jian-Min Li & Wu Yiyi, "Four 'New Youth Society' Organizers Arrested in Beijing: Report," China News Digest, May 23, 2001 at

[3] Professor files suit over digital discussions

A university professor has filed suit against the entertainment industry in an effort to protect his free speech rights.

The case centers on the Secure Digital Music Initiative (SDMI), a software standard that several major entertainment companies are supporting as a way to deter copying of sound files. Confident of the program's strength, the creators of SDMI challenged computer scientists to break through its protections. One of the would-be contestants, Professor Eric Felten of Princeton University, was told by SDMI's sponsors not to reveal the results of his work. Prof. Felten refused to work under these conditions and instead launched an independent study of SDMI with several other programmers. After his team cracked the code, the SDMI consortium warned him that "Any disclosure of information gained from participating in the Public Challenge would be outside the scope of activities permitted by the Agreement and could subject you and your research team to actions under the Digital Millennium Copyright Act."

The professor and his fellow researchers then filed a lawsuit, claiming a First Amendment right to publish the findings at a Washington computer research conference in August. Felten, who is being represented in this case by the Electronic Frontier Foundation (EFF-a GILC member), maintained that "[s]tudying digital access technologies and publishing the research for our colleagues are both fundamental to the progress of science and academic freedom. The recording industry's interpretation of the DMCA would make scientific progress on this important topic illegal."

A copy of the EFF brief is posted under

An EFF press release regarding this case is available at

A copy of the Felten team research paper regarding SDMI's flaws as well as the aforementioned SDMI letter is posted under

Read Mike Musgrove, "Group Sues to Publish Flaws Found in Anti-Piracy Technology," Washington Post, June 7, 2001, page E8 at

[4] Iranian cybercafes closed

Iranian government agents have shutdown hundreds of cybercafes in an apparent attempt to restrict the flow of news.

In the capital, Tehran, the Department to Supervise Public Places has closed more than 400 such establishments. Department officials tried to justify their actions on the grounds that the cafes did not have licenses, despite the fact that the government does not actually issue such permits. One government spokesperson conceded that the closures were actually meant to "control and supervise the activities of Internet cafes, in order to purify materials which go awry of Islamic norms."

These moves drew heavy fire from free speech advocates. Robert Menard from Reporters Sans Frontieres pointed out that "The cybercafes were an easy means to communicate outside Iran and to be informed via foreign web sites. In closing them down, the hard-liners show once again that they want to prevent Iranian citizens and especially the youth from being freely informed."

More information (including Mr. Menard's remarks) are available from the Digital Freedom Network (DFN-a GILC member) under

[5] EBay & Yahoo hate bans ineffective

Attempts by two major Internet companies to ban various types of Internet content have met with only mixed success.

Several months ago, web portal Yahoo decided to start blocking Internet users from items that, in its judgment, somehow "promote or glorify hatred or violence." Online auctioneer EBay soon followed suit. These moves had come after a French court ruled that Yahoo had to block French Internet users from accessing the webpages in the United States that allowed auctions of Nazi memorabilia. The decision was made based on French laws that generally prohibit such goods from even being advertised, much less sold. Yahoo has since filed suit in a U.S. Federal court to prevent the French order from being enforced.

However, these bans have affected many non-Nazi individuals, including numerous historical enthusiasts. One embittered collector pointed out that "[t]he Nazis burned books in their time and eBay bans trade. My only interest in this material is that it is physical evidence of a chapter of history. Now I guess I'll have to go to the Nazi speakeasy." Indeed, far from staunching the flow of Nazi memorabilia, the restrictions launched by Yahoo and EBay have apparently fueled an explosion of websites for the trading of German World War II items.

Meanwhile, Yahoo has continued to contest the French ruling by suing in a California court. Several organizations, including the American Civil Liberties Union (ACLU-a GILC member) and the Center for Democracy and Technology (CDT) argued that American court acceptance of the prior French decision could lead to application of Internet speech restrictions from a variety of countries to United States citizens, including laws from mainland China, Syria, Singapore and many other nations. The presiding judge in the California case then rejected an attempt to throw out the suit, in part due to concerns that "because of the global nature of the Internet, virtually any public web site can be accessed by end-users anywhere in the world, and in theory any provider of Internet content could be subject to legal action in countries which find certain content offensive."

However, this ruling has not discouraged additional efforts to prevent Internet users from visiting various controversial websites. A French group has now sued 13 Internet service providers, hoping to block access to a particular webpage. Moreover a special Law on Information Society ("Loi sur Societe de l'Information") will soon be considered by the French legislature that, if enacted, would allow French judges to use "all necessary measures" to block the flow of any data that is deemed offensive (see item 6 below).

For coverage of the latest developments in France, read "French Human Rights Group Sues ISPs Over Failure to Censor U.S.-Based Hate Site," E-Commerce Law Daily, June 20, 2001 at

To read the court opinion denying the motion to dismiss, click

To read the Amicus Curiae brief in this case from the ACLU, CDT and other groups, see

See Julia Scheeres, "Nazi Sellers Just Moving On," Wired News, May 8, 2001,1272,43610,00.html

For more on Yahoo's new restrictions, see Damien Cave, "The porn crusaders,", May 11, 2001 at

See also David Hencke, "No Yahoo! for racist UK website," The Guardian, May 1, 2001 at,7369,481398,00.html

For more on America Online's Net blacklist, see Jeffrey Benner, "AOL's New Filter on the Block," Wired News, May 7, 2001 at,1848,43576,00.html

[6] Problematic French Info Society law creeps forward

A new battle is brewing over a controversial French plan that some experts say will have a detrimental impact on Internet freedom.

The French government has released a long-anticipated draft Law on the Information Society ("Loi sur Societe de l'Information" or LSI). Under this proposal, Internet service providers (ISPs) would now be made civilly liable when they have been informed of apparently illegal content and have not deleted this content or denied access to it. This circle of liability applies not only to host providers, but also to access providers and telecom operators; in effect, this law cements the free speech restrictions that were issued in a recent French court ruling against Internet portal Yahoo (see item 5, above). The plan would also curb anonymous free speech by allowing the government to request ISPs to keep log files on their customers' activities for up to one year. In addition, the draft Law would force individuals to grant the government access to private encryption keys, and would place import/export restrictions on encryption software.

The draft Law has received considerable criticism, particularly from the French cyber-liberties group IRIS (a GILC member), which has pointed out that while the proposal is intended to implement the European Electronic Commerce Directive, the text of the plan seems to go far beyond the Directive's provisions. IRIS has also criticized the provisions regarding 1-year retentions of customer log files, arguing that they contradict the recommendations of France's own data protection authority (CNIL) for a three month limit. These difficulties are likely to be debated by the National Assembly in the fall; the bill itself may not be enacted until next year. Indeed, the draft Law could become a serious issue in France's upcoming (2002) Presidential and National Assembly elections.

A special IRIS dossier on this proposal (in French) is posted at

[7] Domain name convention generates more controversy

Controversy continues to surround the organization tasked with managing the world's domain name system.

During its recent meetings in Stockholm, the Board of Directors for the Internet Corporation for Assigned Names and Numbers did not set a specific target date for introducing additional top-level domains (such as .union or .humanrights) beyond the seven TLDs it approved in November 2000. The ICANN Board did go forward with plans to create a special Task Force to "monitor the introduction of new TLDs." This Task Force is scheduled to issue a report by September 2001. Previously, several groups had urged ICANN to move more swiftly in expanding the number of generic top-level domains, including the United States government. In a letter issued days before the Stockholm meetings commenced, U.S. Secretary of Commerce Don Evans had called on ICANN to open more domains, saying that "[c]ompetition and innovation would be well-served by wider choice of" gTLDs.

The Stockholm meetings also saw continued public disillusionment with its current operating structure. For example, the proprietors of country-code top-level domains (such as .uk for the United Kingdom and .fr for France) voted unanimously to leave ICANN's Domain Name Support Organization. These ccTLD operators are now seeking more direct representation within ICANN, which may include seats on ICANN's Board of Directors. Meanwhile, ICANN's Board approved a budget for the upcoming year that included no specific money for public elections. This decision came despite the fact that ICANN so far has held elections for only 5 of its 9 At-Large Director seats.

Meanwhile, ICANN's Domain Name Support Organization is soliciting comments on how to protect the privacy of domain name registration data. Questions have arisen as to whether this information, which can include such things as real names, phone numbers and home addresses, is being used for mass marketing purposes, including spam. A similar effort is being launched to help determine the future of .org, after registry giant Verisign agreed to give up control of this top-level domain by 2002.

To read the ICANN Board resolution on new gTLDs, click 04jun01.htm#ProcessforMonitoringandEvaluationofNewTLDProgram

To read Secretary Evans' letter, click

To read the ICANN Board resolution on its upcoming year's budget, visit

To read the ICANN Budget for July 1, 2001-June 30, 2002, see

See Steve Kettman, "ICANN Cannot, Say Critics," Wired News, June 9, 2001 at,1294,44613,00.html

For further coverage of possible changes to ICANN governance structures, read Juliana Gruenwald, "ICANN May Face Restructuring," Interactive Week, June 7, 2001 at,4164,2770858,00.html

The ICANN DNSO Whois privacy study is available under

For further coverage of the registrant data privacy study, see Brian Krebs, "ICANN To Gauge Privacy Concerns Over 'Whois' Database," Newsbytes, June 11, 2001 at

Additional details on future plans for .org are available under

[8] Spain unveils webpage curbs

Planning to create your own webpage? Better talk to the government least if you are in Spain.

The Spanish Science and Technology Ministry has issued a draft Law of Information Society Services and Electronic Commerce. This directive, which could be approved in the Spanish Parliament soon, has defined the concept of "society of information services" in such a way that it would treat virtually all exchanges of online information as an economic activity. Specifically, it would require Internet users to register their webpages with the government and pay fees. Most websites that are not "properly" registered would be considered illegal and have to face fines of up to 175 000 Euros. The plan would also place certain obligations on Internet service providers, who could be held liable for the activities of their users.

Several groups have expressed concerns about this measure, including Kriptopolis (a GILC member), in that it may stifle the Internet activities of noncommercial users, who might not be able fulfill all the legal and bureaucratic requirements. Carlos Sanchez Almeida, an Internet law expert from Barcelona, said that the Law would limit "freedom of expression in the Internet ... as it is in countries like China, Vietnam or Saudi Arabia." Indeed, public anxiety over this issue apparently has grown so strong that the opposition Socialist party has requested a formal explanation from the minister of Culture and Telecommunications as to the directive's possible effects.

The text of the proposal is posted under

For further coverage of these developments, see Julia Scheeres, "Fears of a Website Inquisition," Wired News, May 29, 2001 at,1367,44110,00.html

See also "Los socialistas claman contra la nueva ley que regulara Internet," ABC (Spain), May 11, 2001 at

[9] Court battles brew over US blocking laws

A controversial three-year old Internet content law has gained new life.

The United States Supreme Court has agreed to hear arguments regarding the so-called Child Online Protection Act (COPA). Enacted in 1998, COPA made it a crime to use the Internet to pass along "for commercial purposes" information considered "harmful to minors." The statute was enacted in response to a 1997 decision by the High Court that struck down the Communications Decency Act and applied traditional free speech protections to the Information Superhighway.

COPA was swiftly challenged by the American Civil Liberties Union (ACLU-a GILC member) on behalf of 17 groups and individuals. In June 2000, a U.S. Federal appeals court unanimously ruled that COPA was an unconstitutional restriction on free speech. However, the United States Attorney General, John Ashcroft, petitioned the Supreme Court, asking the tribunal to uphold COPA-an entreaty that the High court has now accepted. Oral arguments are expected to take place this fall.

An ACLU press release on the COPA appeal is posted at

Read "High Court to Hear Net Porn Case," Associated Press, May 21, 2001 at,1283,43963,00.html

See also "Supreme Court to review child porn law," Reuters, May 21, 2001 at,4586,2763573,00.html

[10] Possible UK Net speech restrictions

A wave of proposals may make it harder for British Internet users to express themselves online.

UK Home Secretary Jack Straw is pushing plans to restrict access to various forms of Internet content. Under this scheme, blocking mechanisms would be pre-installed on all new computers sold. Indeed, several major computer and software companies, including Microsoft, have already pledged to help build blocking packages into new machines. Ratings systems would be encouraged, and service providers who fail to meet certain criteria would not be able to receive government "family friendly" certification. In addition, a special Task Force on this issue would be created that will include representatives from government agencies and major corporations.

Many questions remain as to the implementation and utility of these measures. In a letter to Straw, Cyber-Rights & Cyber-Liberties UK (a GILC member) expressed several reservations regarding this project, including the fact that "[a]s far as can be seen, no attempt was made to consult or involve civil liberties or public interest organisations with the work of the Task Force or while the proposals for setting up such a body was discussed. Without such wider involvement, the Task Force may not fully address all concerns including issues related to human rights." Indeed, numerous groups, including Peacefire (a GILC member), have warned in the past that blocking software packages are often ineffective and tend to censor noncontroversial content.

Meanwhile, another controversy has arisen over the extent to which press journals can be held liable for their web archives. The controversy centers around a recent libel case between the Times of London and a Mr. Loutchansky, who sued the newspaper not only for articles that were published in the printed edition, but later launched additional claims based on the same material as posted on the Times' website. The presiding judge ruled that because these articles continued to be available through the Internet, the statute of limitations did not apply, thus leaving open the possibility that the newspaper could be sued in perpetuity. In an opinion piece published in the Guardian, Times editor Peter Stothard, complained that the decision may force Internet authors and publishers to either employ "armies of lawyers to reconsider daily if they are justified in continuing to publish every single item on their websites" or "to stop publishing their full newspaper on the net. The law has taken an enormous backward step."

See Michael White, "New curbs on internet pedophiles pledged," The Guardian, May 21, 2001 at,7369,493921,00.html

Read Martin Bright, "Computer shops to block child porn on Internet," The Observer, May 6, 2001 at,6903,486676,00.html

Cyber-Rights & Cyber-Liberties UK's letter to Straw is posted under

For more on Peacefire's concerns about blocking software packages, see

For more on libel suits based on web news archives, see Peter Stothard, "Position impossible," The Guardian, May 7, 2001 at,7369,486882,00.html

[11] New EU copyright law may curb Net speech

Questions are being raised about the impact of recently enacted European intellectual property laws on Internet expression.

The European Union has passed a new copyright directive that may bar the creation of programs that could be used to decrypt the encoding schemes on compact discs and DVDs. Some observers fear that the EU directive will have a harmful impact on freedom of expression, particularly the right of individuals to make fair use of otherwise protected works for public comment or similar salutary purposes. Similar criticism has been leveled against the United States Digital Millenium Copyright Act, which the Motion Picture Association of America has used in its lawsuit by against 2600 magazine over DeCSS-a primitive program designed to allow people to play DVDs on computers using the Linux operating system.

Not every European country has taken the same approach provided under the new directive. In particular, Denmark's culture ministry wants to restructure the nation's copyright laws to "make it legal to make digital copies for personal use," as explained by a government spokesperson. While the proposal would place some limits on the replication of entertainment files (such as sharing of one's own music with other people), it would allow Danes far greater leeway in their use and enjoyment of digitized audiovisual works than most of Denmark's neighbors. However, the proposal has drawn considerable fire from intellectual property holders, particularly the International Federation of the Phonographic Industry.

A copy of the EU copyright directive is posted under

See Mark Ward, "Pirates take on Hollywood," BBC News Online, May 18, 2001 at

For more on Danish copyright proposals, see Joris Evers, "Denmark Plans to Legalize Music Downloading," IDG News, May 4, 2001 at,1902,24227,00.html

[12] Survey: online freedom growing, but still threatened

A new report suggests that "[t]he trends in freedom of the Internet are mixed."

Commissioned by Freedom House, "Press Freedom Study 2001" notes that "while...many traditionally authoritative countries now permit relatively unrestricted use of the Internet by citizens." The report describes how countries such as Macedonia, Peru, Madagascar, Oman and several others are generally "less restrictive of the Internet" than of traditional media. The survey further suggests that "[t]he implosion of the Soviet Union resulted from similar freeing of computers and automated telephones which defied censors."

However, the study also cites at least 18 nations for their restrictive Internet policies, including mainland China, which has jailed numerous "cyber dissidents," imposes liability for "illegal" content (which can include "messages critical of Beijing or of Communist policy"), and uses stringent surveillance systems. In the Middle East, many leaders want "economic gain through the Internet" but engage in heavy blocking routines to stifle robust discussion of "cultural and religious traditions." Thus, Bahrain's government "wants the country to become the telecommunications hub of the Gulf yet it suppresses information critical of the ruling Al Khalifa family. Access to the Internet is relatively widespread. ... Yet surveillance is pervasive and Web sites have been blocked." Moreover, the report notes how even "major democracies" such as the United States and Australia "where print and broadcast media are freest, nevertheless restrict freedom on the Internet." Recently, Turkey has enacted laws (subsequently vetoed by Turkish President Ahmet Sezer) that would apply the same restrictions on print media to the Internet reporting services, under the pretext of preventing "untrue news, insults and similar material."

The Freedom House report is available (in PDF format) under

For a press release regarding this report, click

For more on Turkey's new restrictions on Internet reporting, see John Ward Anderson, "Turkey in a Tangle Over Control of Web," Washington Post, June 21, 2001, page A19 at

See also "Turkey sets fine for 'untrue news' Web sites," Associated Press, June 7, 2001 at

[13] New program to bypass Net censors

Computer scientists have developed a new program that may help individuals to avoid Internet blocking routines.

While the creators of the software, known as Peekabooty, have not released many details, the program reportedly allows various types of files to be stored along its proprietary network. Users would then be able to request and receive this material through a series of encrypted messages.

Several public interest groups are wondering whether Peekabooty will enable people to speak more freely online. A spokesperson for Amnesty International pointed out how most of his organization's "work is to [inform] people, including those oppressed themselves, about their rights and we have used the internet from an early stage to do that." In addition, the program is seen as a possible response to privacy concerns that were heightened by passage of the controversial UK Regulation of Investigatory Powers (RIP) Act, which expanded the powers of the British government in cyberspace. Caspar Bowden from the Foundation for Information Policy Research noted how Peekabooty shows how it is "easy to circumvent surveillance. It would only be regarded as shocking if the government planned to introduce more draconian legislation beyond the RIP Act." Meanwhile, Peekabooty has angered proponents of blocking software, some of whom are trying to develop countermeasures.

Read Stuart Millar, "Hackers' plan to dodge netwatchers," The Guardian, May 14, 2001 at,7369,490271,00.html

See also Will Knight, "Hackers to unleash anti-censorship tool," ZDNet UK, Apr. 30, 2001 at,4586,2713742,00.html

Read "'No limits' browser planned," BBC News, May 6, 2001 at

For more on countermeasures against Peekabooty, see Thomas C. Greene, "Censorware outfit targets cDc's anonymity app 'Peekabooty,'" The Register (UK), May 18, 2001 at

For more on Nudester, see Brad King, "Fleshing Out Peer Filters," Wired News, May 15, 2001 at,1282,43785,00.html

[14] Victory in anonymous Net speech case

Two recent cases have ended in victory for anonymous free speech advocates.

In the first case, Global Telemedia International sued two of its investors, Barry King and Ron Reader, for posting statements on a financial online discussion board under the names of "BDAMAN609" and "electrick_man," respectively. The corporation claimed these messages were defamatory and had hurt its relations with its business partners. However, a Federal Court in the United States disagreed with Global Telemedia, holding that King's and Reader's comments were not libelous because they were mere opinions, not statements of fact. The court based its determination on "the general context of the postings, the colorful and figurative language of the individual postings, the inability to prove the statements true or false, and in one case, the posting of documents to support the poster's statements." Indeed, the presiding judge found that Global Telemedia had launched the suit to intimidate King and Reader from speaking about the company, and forced the company to pay the two men's attorneys fees.

Meanwhile, medical supply company Medinex has decided to drop its plans to sue several people who posted critical online chatboard comments under various pseudonyms. The Electronic Frontier Foundation (EFF-a GILC member), which was helping to defend the chatboard participants, hailed the decision as a further victory for free speech. EFF's Lauren Gelman noted that "Medinex's primary goal was to identify and silence their critics. This is simply one more example of a company dropping a spurious lawsuit once EFF steps in to protect individuals right to speak anonymously."

For more on the Global Telemedia case, read Michael Bartlett, "Company must pay attorney fees in chat room speech case," Newsbytes, May 21, 2001 at

An EFF press release about the Medinex case is posted under pr.html

[15] Final draft Euro cybercrime pact sparks criticism

A new international cybercrime treaty may soon be adopted despite heavy criticism from privacy groups and industry leaders.

If adopted, the European Commission's Convention on Cybercrime, which is supported by the Council of Europe, would increase the data retention responsibilities of network operators and service providers. Police would be able to demand telecommunications data, including emails and internet usage, for up to seven years. The treaty requires domestic companies to comply with foreign investigators, even when they are investigating activities that are not crimes on domestic soil. Corporations would be held liable for the online activities of their employees, whether or not they were aware of them, which means that corporations will have to increase monitoring of employees. Additionally, businesses would have to bear the cost of storing and producing the computer data for law enforcement.

In response, several GILC member organizations, including Privacy International, the Electronic Privacy Information Center and the American Civil Liberties Union, submitted a letter "to voice ... continuing concerns regarding the development and form" of the treaty. Among other things, the authors of the letter argued that the portions of the treaty meant to protect user privacy were "vague" and otherwise "not adequate to address the significant demands and requirements for privacy- invasive techniques in the rest of the Convention." The letter's creators also pointed out how the Cybercrime agreement would apparently erode user privacy, with provisions that seem to require "that countries adopt laws that can force users to provide their encryption keys and the plain text of the encrypted files," as well as "[a]llowing law enforcement direct access to a service provider's network to conduct surveillance, e.g., the U.S. Carnivore program," thus providing "police with the ability to conduct broad sweeps of network communications with only their unsupervised assurance that they will only collect that data which they are lawfully entitled to collect." Additional concerns were voiced regarding the treaty's mandatory requirements that signatory nations cooperate with surveillance requests from other countries, even if a targeted individual is acting legally in one of those countries.

Meanwhile, Internet pioneer and WorldCom vice president Vint Cerf has also expressed reservations about the Cybercrime treaty, saying that the document "has provisions which are in conflict with other already agreed (EU) privacy laws." He was especially concerned with the agreement's data retention requirements:" With many terabytes of data moving over the Net every day, accumulating any small fraction of that for any lengthy amount of time such as months or years is a very, very hard thing to ask." Even the European Union's own chief privacy commissioner, Stefano Rodota, charged that the agreement "still includes significant gaps concerning the protection and liberties of the citizen."

The joint letter by EPIC, the ACLU and Privacy International is posted under

Read Boris Grondahl, "Europe: Net Crime-Stoppers," Industry Standard, July 2, 2001 issue, at,1902,27400,00.html?printer_friendly=

See Robert Lemos, "Multi-nation cybercrime pact gets OK," ZDNet News, June 22, 2001 at,4586,5093153,00.html

For German (Deutsch) language coverage, read Stefan Krempl, "Cybercrime-Abkommen passiert eine der letzen Hurden," Heise Telepolis, June 23, 2001 at

For more of Cerf's remarks, read "Internet founder worried about EU cybercrime plans," Reuters, May 31, 2001 at,4586,2767085,00.html

Version 27 of the Council of Europe cybercrime treaty is available (in Word format) under

[16] US gov't shuns ECHELON investigators

Attempts to uncover more details about a global surveillance system have met with resistance from the United States government.

Several weeks ago, a committee of European Parliament members visited the United States in an attempt to discover more details about ECHELON. ECHELON is popularly used to describe a system that is designed to intercept communications from around the world. It is supposedly operated by the United States National Security Agency (NSA) in conjunction with several other intelligence agencies. Reports suggest that ECHELON is capable of intercepting e-mail messages, faxes, and telephone conversations.

However, officials from both the NSA and the U.S. Central Intelligence Agency (CIA) cancelled meetings that they had previously scheduled with the European panel. The committee's chairman, Carlos Coelho, said that his group was "very disappointed" with the apparent rebuffs; in protest, the Parliamentary representatives returned home a day early.

Afterwards, the committee published a report stating that ECHELON does indeed exist and that individuals should strongly consider encrypting their emails and other Internet messages. However, the panel was unable to confirm suspicions that ECHELON is used to conduct industrial espionage, due to a lack of evidence. Ironically, despite the apparent need for additional investigation, the committee is due to disband within the next few months.

Meanwhile, the Spanish government has apparently signed a deal with the United States to receive information collected using ECHELON. The consummation of this pact was confirmed by Spanish Foreign Minister Josep Pique, who tried to justify this arrangement on security grounds. However, the agreement may raise a number of privacy issues, particularly with regard to private individuals who live in Europe. For example, US government practices allow personal information regarding non-US people that has been collected through ECHELON or other similar means to be retained indefinitely, thus increasing the likelihood of long-term government surveillance of European citizens by the US and its ECHELON partners.

For more on the reported sharing of ECHELON-collected information with Spain, read Isambard Wilkinson, "US wins Spain's favour with offer to share spy network material," Sydney Morning Herald, June 18, 2001 at

The draft report is available from

See Steve Kettman, "Echelon Panel Calls It a Day," Wired News, June 21, 2001 at,1294,44721,00.html

For additional details as well as video coverage, see "E-mail users warned over spy network," BBC News, May 29, 2001 at

Read "Spy network accused of violating human rights," Mainichi Shinbun, May 28, 2001 at

See also Vernon Loeb, "European Panel Probing NSA Departs Abruptly," Washington Post, May 11, 2001, page A18, at

Read Angus Roxburgh, "EU investigators 'snubbed' in US," May 11, 2001 at

[17] Smart beds, shirts and cars spark privacy concerns

Various new products may allow you to be monitored wherever you go-whether you are walking on the street, in your car, or even while you sleep.

VivoMetric's Lifeshirt, for example, contains embedded sensors that continuously monitor 40 physiological signs of sickness and health while it is worn. This data is recorded, sent over the Internet, and logged at the VivoMetrics Data Center. Other new products on the market raising privacy concerns include a wrist camera that can take pictures and record up to 100 phone numbers, as well as a GPS Pathfinder watch that can pinpoint your exact latitude, longitude, altitude, and speed using orbiting satellites. In addition, a new computerized multimedia bed turns its computer screen ceiling off when it senses when you've fallen asleep. It can also detect if you've stopped breathing and will set off a series of alarms.

Meanwhile, rental car companies have begun to track their customers and, in at least one case, have started to give out private speeding tickets. In the US, Acme Rent-a-Car installed a GPS device on one of its cars and monitored how quickly one of its customers was driving. Acme charged that customer, James Turner, an extra US $450 for driving at what it deemed an excessively high speed, and even pointed out the exact location where he had done so. Turner responded by suing in small claims court, as well as filing a complaint with his state Department of Consumer Protection.

However, it is not precisely clear if current laws can protect consumers when any of the aforementioned devices are used for detrimental purposes. David Sobel from the Electronic Privacy Information Center (EPIC-a GILC member) pointed out that the "challenge right now is to ensure, before these services and capabilities are widely deployed, that rules are in place."

For more on the Turner rental car tracking case, read Robert Lemos, "Car spy pushes privacy limit," ZDNet News, June 20, 2001 at,4586,2778752,00.html

For more on LifeShirt and other similar devices, read Larry Hardesty, "Innovation: Clothed in Health," Technology Review, July/August 2001 issue, at

For the manufacturer's explanation of how LifeShirt works, click

For more on smart watches, read Anthony Zurcher, "Fast Forward: Wearing the Net on Your Wrist," Washington Post, May 11, 2001, page E1 at

For more on smart beds, see "Sleep With Your Computer?" ABC Good Morning America, Apr. 10, 2001 at

Further details on Telematics Net tracking of cars are available from Eric Young, "Car 540819, Where Are You?" The Industry Standard, Apr. 23, 2001 at,1902,23635,00.html

[18] Experts call for Carnivore rollback

Various politicians and civil society groups are pushing to stop the United States government from using a controversial spy program.

Carnivore, which was developed by the US Federal Bureau of Investigations (FBI), is a device that is attached to the server of a given Internet service provider. It intercepts all Internet transmissions that come through the server, then parses out pertinent material, based on keywords provided by the administrator. The latest version of the program, known as Enhanced Carnivore or DCS 1000, uses the Windows 2000 operating system and apparently includes such features as better filtering and triggering capabilities as well as increased capacity (presumably to handle interception of high-speed broadband networks).

Carnivore and its successor DCS 1000 have come under heavy criticism over the past few months as being serious threats to online privacy. Some of these concerns were aired during discussions with US Attorney General John Ashcroft by several organizations, including GILC members the Electronic Privacy Information Center (EPIC), the Electronic Frontier Foundation (EFF), the American Civil Liberties Union (ACLU) and the Center for Democracy and Technology (CDT). Similar feelings were raised by US House Majority Leader Dick Armey, who (in a letter dated June 14, 2001) expressed worries that Carnivore "undermines the minimum expectation that individuals have that their personal electronic communications will not be examined by law enforcement devices unless a specific court warrant has been issued."

Meanwhile, a new report indicates that the number of US government wiretap requests continues to rise, particularly with regard to newer technologies such as cellular phones and pagers. Yet despite fears about the increasing level of government surveillance along the nation's telecommunications networks, it is unclear what specific measures will be taken to protect individual privacy. Indeed, the US Federal Communications Commission recently denied a request for additional security measures that might deter employees of telecom companies from engaging in illegal eavesdropping on customers.

Rep. Armey's June 14 letter on Carnivore is posted under

To learn about discussions between Attorney General Ashcroft and various cyberliberties groups, click

To read more about Enhanced Carnivore, click

The official wiretap report is available (in PDF format) via

For more on how the FCC ruling, read Brian Krebs, "FCC Nixes FBI's Plan To Change Wiretap Law," Newsbytes, Apr. 16, 2001 at

The official FCC order is posted under

[19] Industry privacy proposal draws skepticism

A new plan that is supposed to protect Internet users' privacy is getting a lukewarm reception.

The plan was created by the Network Advertising Initiative (NAI), an advertising industry coalition that includes DoubleClick. DoubleClick, which provides banner ads to many websites, admitted several months ago to tracking viewers through the Internet by placing digital identification numbers in files known as "cookies" on a user's hard drive, which it matches with name and address information that has been collected by its partners. Despite initial claims to the contrary, DoubleClick expressed its intention to match this data with more extensive information contained in millions of files maintained by its merger partner Abacus Direct. DoubleClick later halted its data-matching plan after a intense public criticism.

The NAI has now set up 2 websites where computer users can "opt-out" of profiling regimes that advertisers are compiling about them. The idea is to let individuals come to these clearinghouses to protect their privacy, rather than visit numerous websites to make their preferences known. NAI's Jeff Connaughton claims that these sites show that his organization "is committed to addressing users' privacy concerns."

Privacy advocates are considerably less enthusiastic about these developments. Andrew Shen of the Electronic Privacy Information Center (EPIC-a GILC member) said that the NAI plan "doesn't necessarily improve the situation at all. Most internet users still don't realize that such third party profiling even exists. They're so invisible to the average internet user that opt-out really isn't enough."

Meanwhile, the relative lack of privacy standards in the United States has caused a certain degree of international friction. Specifically, European Union representatives remain worried about proposed contracts meant to implement a joint EU-US "safe harbor" privacy agreement.

For more on attempts by advertisers to self-regulate, read D. Ian Hopper, "Single web form to protect privacy," Associated Press, May 25, 2001 at,3811,2038782%255E442,00.html

See Rose Palazolo, "Apple Pie vs. Beignets," (US), May 8, 2001 at

Read Guy de Jonquieres, "Hairs raised over data privacy," Financial Times, May 7, 2001.

For further details on how many US companies lack privacy plans, see Michael Bartlett, "Only One-Third Of US Firms Have Privacy Plans," Newsbytes, May 9, 2001 at

See also Lisa Jucca, "Microsoft to sign EU data privacy pact," Reuters, May 15, 2001 at,4586,2760629,00.html

For further details on credit card security measures, see Brian Ploskina, "Credit-Card Firms Bump Up Security," Interactive Week, May 24, 2001 at,4164,2765170,00.html

[20] Rush to implement cellular phone trackers

If the United States government has its way, you could be tracked wherever you go-at least if you carry a wireless phone.

A recently enacted US law requires cell-phone manufacturers to equip 95 percent of all cell phones with location-tracking technology, with an accuracy of about 1,000 feet or better, by 2005. This will require planting GPS chips in cell phone handsets or installing new infrastructure in cell sites. In addition, law enforcement officials will be granted access to these tracking features. These plans have drawn criticism from privacy advocates, who are concerned that the information collected through these regimes will be abused by both government agents and commercial entities (including advertisers).

Several groups, including some industry leaders, have expressed interest in standards that would have companies obtain their customers' consent before using their personal information. Michael Altschul from the Cellular Telecommunications and Internet Association explained: "It's in the carriers interest to have customers carrying their phones and having their phones turned on." At least one bill to this effect may soon be introduced before the United States Senate.

Read Doug Brown, "Wireless Privacy Legislation Coming," Interactive Week, May 28, 2001 at,4164,2765638,00.html

See also "Cell Phones to Have Location-Tracking by 2005," Fox News, Apr. 24, 2001 at,2933,14815,00.html

[21] ETour consumer list sale questioned

Should you trust a company that says it will never sell personal information about you, "for any reason, at any time, ever"?

The answer is apparently no, based on what has happened with The bankrupt online vacation company has decided to sell its entire set of consumer information records to Internet encyclopedia firm Ask Jeeves. The transaction occurred despite eTour's prior promise to customers that it would not sell information about them "for any reason, at any time, ever." Some 2 200 000 people are on the purchased consumer list, which includes real names, ages, gender and email addresses.

Privacy advocates have condemned the act as further proof of the need for strong protection of personal data. The Electronic Privacy Information Center (EPIC-a GILC member) filed a complaint with the United States Federal Trade Commission and State Attorneys General, asking them to block this sale of personal information "as an unfair and deceptive trade practice." In the complaint, EPIC further noted that "the exchange of personal data between eTour, Inc. and Ask Jeeves, Inc. is part of a growing problem and recommends proactive solutions to prevent such scenarios from occurring in the future." Indeed, similar concerns have arisen after several online companies (including EBay) recently altered their privacy policies to explicitly allow such information sales to take place.

The EPIC complaint is posted under

See Andrew Heavens & Stephanie Kirchgaessner, "Privacy concerns raised as eTour sells consumer list," Financial Times, May 23, 2001.

[22] New worm may actually protect computers

There's a new computer worm on the loose-but this one may do more good than harm.

The "Cheese" program is an apparent response to a prior computer worm (known as Lion) that exploited security breaches in machines that use Linux operating systems. Like other worms, "Cheese" is propagated through email messages and searches for weaknesses in target systems. What makes this program special is that after scanning a given computer's ports, it erects barriers to protect against future Lion-type attacks. It even includes notices that it "was not written with malicious intent" and that is designed to prevent criminals from "messing up your box even worse than it is already."

See Mark Ward, "Cheese beats crackers," BBC News Online, May 22, 2001 at

[23] Macy's wedding site faces privacy woes

Getting married soon? A number of people whom you haven't invited may already know your plans in detail.

North American retail giant Macy's runs a bridal service (via that collects many types of personal information. This data not only includes customer names, credit card numbers, and phone numbers, but also names, addresses and phone numbers of your wedding guests wedding present information, details regarding honeymoons, gifts and honeymoons dates and places of festivities, dates and place of the wedding and reception. Afterwards, it shares this data with a whole host of recipients, including other department stores, credit card agencies, magazine companies and various advertisers. Depending upon the circumstances, according to's privacy policy, "anyone visiting our website" may be able to search for and access this information "by using first and/or last names and wedding dates (and on some pages, city or state)."

Not surprisingly, these practices have drawn considerable fire from privacy experts. Deborah Pierce of the Electronic Frontier Foundation (EFF-a GILC member) pointed out that "even if people understand that Macy's is keeping information on them, they have no understanding of just how far that information can travel under the auspices of 'sharing' among marketing affiliates. Here, we see information entrusted to Macy's ending up at American Express and ESPN - something that probably surprises most brides and grooms." Indeed, EFF launched a campaign against Macy's practices, including a form letter that netizens can use to voice their concerns.

EFF's action alert about Macy's is available at

Also see's privacy policy.

[24] Webbug detection program available

A privacy software package has been launched that specifically targets a new form of Internet tracking.

The Privacy Foundation has unveiled Bugnosis, a special program to detect webbugs. Webbugs are tiny image files which are being used increasingly to identify and track computer users. Bugnosis, which can be downloaded through the World Wide Web, is installed as a plug-in to existing Internet browsers, causes individual computers to say "uh-oh" when a webbug is encountered. It also logs the URL associated with a given webbug as well as further details as to the intruder's properties (such as whether the bug is connected to other digital identification files, including cookies). Moreover, Bugnosis places marks a viewed site so that the user can actually see the exact location of a particular webbug on the page. If the program discovers that a webbug is associated with certain well-known companies (such as Internet advertising giant DoubleClick), it allows the user to send an email message directly to the webbug owner for further queries or outright complaints.

The Foundation hopes that this program will increase public awareness and openness about these tracking devices. For example, the organization argues that "Web site privacy policies should disclose the use of Web bugs. In fact, the general practice of online profiling by third-party ad networks should be disclosed in privacy policies, but is rarely mentioned."

To download Bugnosis, click

For answers to frequently asked questions about Bugnosis and webbugs in general, see


The GILC News Alert is the newsletter of the Global Internet Liberty Campaign, an international coalition of organizations working to protect and enhance online civil liberties and human rights. Organizations are invited to join GILC by contacting us at To alert members about threats to cyber liberties, please contact members from your country or send a message to the general GILC address.

To submit information about upcoming events, new activist tools and news stories, contact: GILC Coordinator, American Civil Liberties Union 125 Broad Street 17thFloor, New York, New York 10004 USA. email:

More information about GILC members and news is available at You may re-print or redistribute the GILC NEWS ALERT freely. To subscribe to the alert, please send an mail to with the following message in the body: subscribe gilc-announce