GILC Actions 



 Free Speech 





 GILC Alert 

 Mailing List
 GILC Events 




 Mail GILC 

Home Page

US Site
European Mirror


GILC Alert
Volume 7, Issue 7

October 10, 2003


Welcome to the Global Internet Liberty Campaign Newsletter.


Welcome to GILC Alert, the newsletter of the Global Internet Liberty Campaign. We are an international organization of groups working for cyber-liberties, who are determined to preserve civil liberties and human rights on the Internet.

We hope you find this newsletter interesting, and we very much hope that you will avail yourselves of the action items in future issues.

If you are a part of an organization that would be interested in joining GILC, please contact us at

If you are aware of threats to cyber liberties that we may not know about, please contact the GILC members in your country, or contact GILC as a whole.

Please feel free to redistribute this newsletter to appropriate forums.

Free expression

[1] Hollywood Net lawsuit blitz generates outcry
[2] China prosecutes gov't official over Net speech activities
[3] India bans Yahoo chat group over political content
[4] US gov't threatens reporters over Net security story
[5] World info society summit in turmoil
[6] Thai gov't pushes Net censor plans despite problems
[7] Australian measure may stop oversight of Net censors
[8] German anonymizing service receives favorable court ruling
[9] Court upholds weblinks' legality in Scientology case
[10] Uzbek free speech website censorship flap
[11] Russian gov't searches news Web site's office
[12] Report: Net censorship increasing worldwide


[13] Lawsuit: Microsoft dominance leads to Net security woes
[14] Loverspy service may violate Net privacy laws
[15] Controversy mounts over Bangladesh Net spy plans
[16] Congress agrees to shutdown TIA spy program
[17] British gov't again unveils a "Snoopers' Charter"
[18] Multiple bills would restore US privacy protections
[19] Privacy fears haunt built-in mobile phone recorders
[20] Report: Trusted Computing systems bad for Net rights
[21] Euro study calls for privacy rights restoration

[1] Hollywood Net lawsuit blitz generates outcry

As promised, a major recording industry conglomerate has sued numerous Internet users over their alleged file-sharing activities.

The Recording Industry Association of America has filed 261 lawsuits so far against various Internet users who they claim have engaged in copyright infringement by sharing music files online. Apparently not all of these users actually were infringers; the RIAA dropped at least one of its lawsuits after discovering that the intended target was a 65-year-old grandmother, Sarah Ward, who had never downloaded music over the Internet and did not have any children or grandchildren at home who might have done so. Cindy Cohn from the Electronic Frontier Foundation (EFF-a GILC member) expressed disgust at the RIAA's seemingly indiscriminate targeting of Ms. Ward: "She's had some sleepless nights over it. She said it's been terribly distressing." These efforts have also led to consternation from various members of the business community, including Charter Communications, which is fighting a RIAA subpoena for personal information regarding 150 of its customers who the Association claims are copyright infringers.

This battle over Internet rights has been especially intense at many universities. Some entertainment industry legal actions have met with resistance; for example, the American Civil Liberties Union (ACLU-a GILC member) and a local law firm have asked a Federal court to quash a subpoena for personal data regarding a Boston College student who allegedly engaged in peer-to-peer file sharing. However, some educational institutions have decided instead to engage in private censorship of the Internet to avoid potential copyright liability. For example, the University of Florida has instituted a new system named Icarus that reportedly detects and disrupts Internet users from engaging in file-sharing activity. The system first sends an email message and a pop-up window warning a given user that they are engaged in improper activity, then disconnects that person from the Information Superhighway for at least 30 minutes; additional alerts and longer suspensions are given to alleged repeat offenders. However, it is unclear what mechanisms are used to prevent Icarus from disrupting noninfringing or otherwise innocent behavior. A University of Florida official crowed that bandwidth usage had plummeted by 85 percent after Icarus installed, without explaining how many law-abiding Internet users were among those who had been forced offline.

Nevertheless, various leading entertainment industry figures remain undeterred by the seemingly detrimental impact their lawsuits have had on Internet speech. Indeed, during a recent United States Senate subcommittee hearing on the subject, RIAA Chairman and Chief Executive Officer Mitch Bainwol called for heavier Internet censorship (notably filtering) for the benefit of copyright holders.

Meanwhile, oddly enough, the maker of one popular file sharing program is issuing its own copyright threats to prevent the spread of information online. Sharman Networks, the maker of the Kazaa peer-to-peer program, claims that an unauthorized Lite version of the program (which comes devoid of various spyware routines contained in the regular version) violates the much-maligned U.S. Digital Millennium Copyright Act. The company then pressured Google not to provide weblinks to copies of the stripped-down derivative. Google customers who search for Kazaa Lite are simply not shown certain links and are given a notice that reads (in part): "In response to a complaint we received under the Digital Millennium Copyright Act, we have removed 3 result(s) from this page."

For the latest details, click read Stefanie Olsen, "Charter files suit against RIAA," CNET News, 6 October 2003 at

An ACLU press release regarding the Boston College case is posted at

For more information about the Senate subcommittee hearing, click

Read "Rapper backs download action," BBC News Online, 1 October 2003 at

An EFF press release regarding the Sarah Ward case is posted under

Read Benny Evangelista, "Download lawsuit dismissed/RIAA drops claim that grandmother stole online music," San Francisco Chronicle, 25 September 2003, page B1 at

Read John Borland, "RIAA's case of mistaken identity?" CNET News, 24 September 2003 at

Read "Grandmother piracy lawsuit dropped," BBC News Online, 25 September 2003 at

For more about the Icarus Internet disruption tool, read Katie Dean, "Florida Dorms Lock Out P2P Users," Wired News, 3 October 2003 at,1412,60613,00.html

For coverage in German (Deutsch), read "Uni Florida mit Servern gegen P2P auf dem Campus," Heise Online, 4 October 2003 at

To see the Google DMCA notice regarding Kazaa Lite, click

Read Declan McCullagh, "Google pulls links to Kazaa imitator," CNET News, 2 September 2003 at

See also Dinah Greek, "Google sucked into RIAA/P2P fight," VNUNet News, 2 September 2003 at

[2] China prosecutes gov't official over Net speech activities

Mainland Chinese authorities have arrested yet another person for speaking out online.
Li Zhi was a local finance official in the southwestern province of Sichuan who apparently conducted online discussions with various overseas dissidents. Chinese government agents have since detained him, claiming he had engaged in a "conspiracy to subvert state power." The authorities have searched his home and seized various items, including his computer. If convicted, he could spend the next 15 years in prison.

Li's arrest is being seen as evidence of Beijing's continued hostility to free speech through the Information Superhighway. Liu Qing, the president of Human Rights in China (HRIC), charged that "Monitoring e-mail and Internet chatrooms is an unacceptable invasion of privacy, and a reprehensible method of gathering evidence for prosecution of a political crime. Given the U.S. government's recent statements on China's human rights record, we hope the government will take particular note of this case and press for the immediate release of Li Zhi."

In addition, a Chinese appeals court has upheld a 5-year prison sentence for Huang Qi. He was the proprietor of, a website designed to publicize information about missing people that attracted postings about human rights abuses, corruption, and political issues. He was arrested over three years ago after visitors to Huang's site posted several supposedly "subversive" articles. He has been behind bars ever since and allegedly has been tortured by his captors. The appeals court proceedings were held in secret, and his lawyers were forced to withdraw from his defense under heavy pressure from government agents. Chinese authorities have also warned Huang's wife not to launch any further appeals.

Meanwhile, another Chinese Internet dissident has finally been released from jail. Nearly four years ago, Qi Yanchen was arrested, convicted and imprisoned on subversion charges for "putting out anti-government news" by posting pro-democracy articles on the Information Superhighway. Although it is unclear why he was released, Qi reportedly had been suffering from a variety of ailments, including an ear infection, colitis and gallstones.

For more information on the Li Zhi case, visit the Reporters Sans Frontieres (RSF-a GILC member) website at

Further details are available from the HRIC website under

See "China online dissident 'charged,'" BBC News Online, 24 September 2003 at

For more about the Huang Qi case, click

For more information about Qi Yanchen's release, visit the RSF website under

[3] India bans Yahoo chat group over political content

An Indian government order to censor a Yahoo chat group over its political content has led to user frustration and vehement objections from cyber-rights experts.

The order targeted a Yahoo group that featured political commentary regarding the northeastern state of Meghalaya, including discussions of government corruption, public works problems and police brutality. Indian authorities claimed that the website should be censored because it "contained material against the Government of India and the State Government of Meghalaya" and demanded that Yahoo take it down. When the company refused, Indian government officials ordered the country's Internet service providers (ISPs) to block their users from accessing the site. Many of those ISPs ended up blocking all Yahoo groups (not just the Meghalaya-oriented site in question) due to technical shortcomings.

According to Indian cyber-law expert Pawan Duggal, "This appears to be the first case where blocking of a particular website or sub-group has had the ramification of causing inconvenience to the netizens in the sense of depriving them of access to legal groups, other than the blocked URL." He warned that the legal provision that the government cited as justification for its actions "may be misused by political powers in the regime to silence political dissent, criticism and debate. The phenomenon of mirror sites and emerging technologies along with intelligent minds of netizens are likely to ensure that India's blocking adventure starts its march on a losing note." Indian Internet users have savaged the government over its blocking action; Harsh Kapoor of the South Asia Citizens' Web called the order "a violation of freedom of expression" that "sets a dangerous precedent of censorship and control over the Internet in India."

See "Indian Net Ban Overshoots Aim," Associated Press, 29 September 2003 at,1283,60628,00.html

Read "Outrage over India Yahoo ban," BBC News Online, 29 September 2003 at

See Dinesh C. Sharma, "India bans a Yahoo group," CNET News, 23 September 2003 at

Read Sandeep Dikshit, "Bid to block anti-India website affects users," The Hindu, 23 September 2003 at

See also Shibu Thomas, "'Anti-national' Yahoo Groups blocked," MidDay, 24 September 2003 at

[4] US gov't pressures reporters over Net security story

United States government attempts to access reporters' notes in various Internet cases have generated anxiety from press freedom advocates.

The U.S. Federal Bureau of Investigations (FBI) is trying to get notes from journalists who had reported on the case of Adrian Lamo. Government prosecutors allege that Lamo committed various computer crimes, including breaking into the internal computer network of the New York Times. FBI agent Christine Howard told a Wired News reporter to expect a Federal order to divulge all notes regarding Lamo, and has said that "[a]ll reporters who spoke with Lamo" will receive similar orders. Since then, letters have been sent to a number of other journalists following up on this threat, citing provisions of the Electronic Communications Transactional Records Act (which were recently amended by the much-maligned USA PATRIOT Act) and warning recipients "not to disclose this request, or its contents, to anyone." It is unclear whether such requests are actually legal; indeed, some law experts have suggested that the anticipated orders may actually violate Federal guidelines, which allow orders for reporters' materials only if "the information sought is essential to a successful investigation -- particularly with reference to directly establishing guilt or innocence." Those guidelines also require the government show beforehand that it has "unsuccessfully attempted to obtain the information from alternative non-media sources."

Several observers have expressed serious concern over whether these requests will deter press coverage and discussion of Internet security issues. Lee Tien of the Electronic Frontier Foundation (EFF-a GILC member) noted that the current administration "has been less than solicitous of the First Amendment" of the U.S. Constitution (which guarantees free speech and freedom of the press), "[s]o it should come as no surprise that they're treating journalists' notes as just another source of information."

After the ensuing outcry, FBI Deputy General Counsel Patrick Kelly issued a letter admitting that the Electronic Communications Transactional Records Act "does not apply under the circumstances of this case." Moreover, a U.S. Justice Department spokesperson admitted that the FBI did not properly follow internal procedures when it attempted to get reporters' notes regarding the Lamo case. However, the FBI has since sent revised letters asking reporters to "voluntarily take appropriate action to preserve relevant records and materials. ... FBI personnel will be in further communication with you to determine whether we can reach a mutual agreement."

For further information, visit the Reporters' Committee for Freedom of the Press website under

See Declan McCullagh, "My (brief) career as an ISP," CNET News, 10 October 2003 at

Read Noah Shachtman, "FBI Seeking Reporters' Notes," Wired News, 22 September 2003 at,1848,60538,00.html

[5] World info society summit in turmoil

Controversy continues to swirl over an upcoming World Summit on the Information Society (WSIS).

The WSIS, which is being organized by the International Telecommunications Union under the auspices of the United Nations (UN), is supposed to foster discussion regarding the socio-economic impact of new technologies. The goal of the Summit is "to develop and foster a clear statement of political will and a concrete plan of action for achieving the goals of the Information Society, while fully reflecting all the different interests at stake."

However, many groups have expressed concern over whether the Summit will pay sufficient attention to a number of issues, including human rights and the digital divide. These concerns have been heightened by two recent developments. For one thing, the organizers of the WSIS have excluded two human rights groups, Reporters Sans Frontieres (RSF-a GILC member) and Human Rights in China (HRIC), from participating in the summit. After being notified of this rejection, RSF secretary general Robert Menard questioned how the UN could "still expect to maintain the least credibility in the light of this kind of decision, which contravenes the most basic principles of freedom of expression."

In addition to rejecting RSF and HRIC, the president of Tunisia (which will host the second phase of the WSIS in 2005) has appointed General Habib Ammar to head the preparatory committee for the 2005 gathering. General Ammar, who had previously served as Commander of the Tunisian National Guard and as Interior Minister, has been cited by human rights activists for his forces' heavy use of torture against demonstrators and political opponents of the ruling regime. Numerous civil society organizations issued a joint statement expressing "stupor and indignation" about "the appointment by Tunisian President Ben Ali of General Habib Ammar. ... The signatory organizations are already preoccupied by the decision to hold the second phase of WSIS in a country known for its serious violations of human rights and the rule of law. They consider that naming this military man ... who has been denounced by the World Organization Against Torture for his activities, presents a real risk of compromising the proceedings of this Summit. This appointment has already tarnished the image of the WSIS and risks undermining the legitimacy of its outcome. The civil society organizations consider that the two principal objectives of the Summit, that is to say the struggle to overcome the digital divide and the respect for human rights and fundamental freedoms in the information and communication society, cannot be dissociated from each other."

These and other issues were hotly debated during a preparatory meeting held this past September. Due to these disagreements, summit organizers were forced to schedule an additional preparatory meeting for November 2004, just one month before the first WSIS phase (in Geneva) is to begin.

The civil society statement concerning the appointment of General Ammar is posted at

An archive of WSIS-related documents is available from the Imaginons un Reseau Internet Solidaire (IRIS-a GILC member) under

Read "Discord at digital divide talks," BBC News Online, 29 September 2003 at

See Monika Ermert, "World+dog fight over World Summit of The Information Society," The Register (UK), 27 September 2003 at

For coverage in German (Deutsch), see Monika Ermert, "WSIS: Ringen um die Netzverwaltung," Heise Online, 25 September 2003 at

See also Christianne Schulzki-Haddouti, "Kritik an Vorbereitungskonferenz zum WSIS," Heise Online, 23 September 2003 at

An RSF press release regarding the WSIS is posted at

[6] Thai gov't pushes Net censor plans despite problems

Government officials in Thailand are facing numerous problems in their efforts to restrict access to various types of online content.

Earlier this year, the Thai government had implemented a system that blocked several overseas and local websites between 10PM and 6AM. While the curfew supposedly was meant to prevent children from playing games through computer networks, the ban affected all Thai Internet users, no matter what their age or where they are located in the country. It was also unclear if the blocking was actually limited to gaming sites. Since then, the government instituted a new scheme to force Internet users to supply information from their national ID cards. More specifically, online game servers will collect such data from users, ostensibly to determine their age. It is unclear what procedures are in place to protect the privacy of people whose information is collected through this scheme or what detrimental impact the plan will have on free speech.

Meanwhile, Thai government attempts to impose a ratings system on websites has run aground after the committee charged with creating the system became bitterly divided over what should be banned. The 100-member panel that was convened by the country's Information and Communications Technology Ministry could not come to an agreement over whether to ban such materials as websites offering lucky lottery numbers and online drug retailers. These problems were further highlighted in a recent study by Chulalongkorn University strongly suggesting that government efforts to block controversial Internet content are doomed to failure. One of the scientists involved in the study explained: "It's impossible to block the sites and web filtering or blocking does not work anymore because these web sites can easily change their domain names."

Read Sasiwimon Boonruang, "Gov't can't block porn sites, claim researchers," Bangkok Post, 10 September 2003 at
See Karnjana Karnjanatawe, "Online game curfew to be relaxed next month," Bangkok Post, 10 September 2003 at

See also Porpot Changyawa, "Censors can't agree what to ban," Bangkok Post, 1 September 2003 at

[7] Australian measure may stop oversight of Net censors

The Australian Senate has approved a plan that critics say will reduce the accountability of government agents who restrict access to Internet content.

The plan came in the form of amendments to the country's Freedom of Information Act (FOI). Previously, FOI exemptions had allowed several government agencies, most notably the Australian Broadcasting Authority (ABA), to deny access (on a case by case basis) to information regarding a 4 year old scheme that restricted Internet content based on a rating system previously used for films. Thus, when Electronic Frontiers Australia (EFA-a GILC member) requested data regarding the government's content restriction system, the ABA obscured details such as website addresses and names/titles of prohibited online content prior to releasing the relevant documents. The new amendments create a blanket FOI exemption, thereby allowing the ABA, the Office of Film and Literature Classification (OFLC) and the Classification (Censorship) Boards to prevent the release of a broader range of information that does not include identifying information about, or copies of, prohibited content. Thus, documents that were previously released regarding the censorship scheme with some information blacked out will not be released at all.

Not surprisingly, these moves generated fierce resistance from various quarters, especially cyberliberties groups. EFA pointed out that the amendments were "designed to further prevent public scrutiny (and potential criticism) of the operation and administration of the Internet censorship regime. ... The government provided no justification whatsoever for these new broad exemptions." Instead, EFA called on the Australian government to amend current laws "to require the ABA and OFLC to make freely and publicly available the same amount of information about classification decisions concerning online content as has long been made readily available about classification of movies, publications and computer games."

Further information is available from the EFA website under

Read Sharon Mathieson, "Offensive sites banned under FOI," AAP, 10 September 2003 at,4057,7223234%255E15306,00.html

[8] German anonymizing service receives favorable court ruling

A new German court ruling has restored protections for anonymous online free speech.

The case revolved around the AN.ON anonymizing service, which utilizes a Java Anonymizing Proxy (JAP) from TU Dresden. The German Federal Office of Criminal Investigation Office (BKA) required AN.ON workers to store information collected regarding a user (as identified by that person's Internet Protocol address) for a certain period and to turn that data over to law enforcement. The BKA's actions drew objections from AN.ON and many other groups, including the Independent Center for Privacy Protection (ICPP), which calling the request "obviously illegal." A trial court rejected arguments made by the ICPP and AN.ON, holding that anonymisers without backdoors for law enforcement purposes to be illegal.

However, a district court in Frankfurt am Main essentially reversed the prior ruling. The higher court agreed with the ICPP and said that the BKA had "no legal ground" to support their request. In a press release, the Center applauded the decision, calling on "AN.ON users to defend the right to anonymity" and to fight "against plans in the German Parliament's Upper House" to require service providers to record data about their users.

The ICPP press release is posted at

[9] Court upholds weblinks' legality in Scientology case

A Dutch court has upheld the legality of weblinks on free speech grounds.

The case began in 1995 when a representative from the Church of Scientology along with a Dutch court officer appeared at the offices of Internet service provider (ISP) XS4ALL (a GILC member) and tried to take XS4ALL's servers. The Church was apparently aggrieved because several Scientology documents had been posted on an XS4ALL hosted website. Karin Spaink, a writer, heard of the dispute and subsequently reposted those documents on her own site, which was also hosted by XS4ALL. The Church eventually sued both Spaink and XS4ALL for copyright infringement, leading to years of court battles.

Eventually, the Dutch Court of Appeal rejected the Church's arguments and overruled two lower court decisions. One of those decisions had held that ISPs should be held liable for materials posted by their users and should remove weblinks to such materials. XS4ALL's Edith Mastenbroek commented that the appeals court ruling "establishes an important freedom of speech precedence for the Internet and ISPs in particular. Any laws set to control how ISPs interact with copyright laws must be made crystal clear."

The ruling is available (in PDF format) at

Read Matt Hines, "Scientology loss keeps hyperlinks legal," CNET News, 8 September 2003 at

[10] Uzbek free speech website censorship flap

The website of a free speech group in Uzbekistan has been blocked under mysterious circumstances.

Ozod Ovoz is a non-profit group that promotes freedom of expression and the press in the Central Asian nation. Earlier this year, it launched a website that contained numerous articles concerning Uzbek political issues, including criticism of the country's president, Islam Karimov. Several weeks ago, the website was rendered inaccessible throughout the country; people in Uzbekistan who tried to visit the site (including its editor) received a message warning that they were not authorized to access it. UzPAK, a government agency that provides nearly all Internet access in the Uzbekistan, is allegedly responsible for blocking the site.

The apparent censoring of Ozod Ovoz has drawn concern from a number of other free speech organizations. Reporters Sans Frontieres (RSF-a GILC member) issued a statement calling on the Uzbek government to explain itself with regard to these developments, noting that Uzbek "authorities regularly censor such critical news websites."

The Ozod Ovoz website is located at

For further information, visit the RSF website under

[11] Russian gov't searches news Web site's office

The operators of a Russian independent news website are facing serious pressure from government agents over a controversial Internet video.

Based in Moscow, provides coverage of a variety of issues, including ongoing armed struggle in Chechnya. This past August, an anonymous Internet user sent an email to Grani with a video of two prosecutors working for the pro-Russian administration in Chechnya who had been kidnapped last year. The video clip included footage showing one of the kidnapped prosecutors pleading for help from Boris Berezovsky, the exiled majority shareholder of Grani who is a staunch political opponent of Russian President Vladimir Putin. Russian government agents then did a surprise search of Grani's offices. The agents apparently went beyond the bounds of the search warrant (which only provided for investigators to get a copy of the video) and interrogated several Grani employees, including the publication's General Director Yulia Berezovskaya, editor Vladimir Korsunsky and military correspondent Vladimir Ermolin.

The plight of Grani has attracted the attention of various free press groups, including the Committee to Protect Journalists (CPJ-a GILC member). CPJ noted that there are still many disturbing questions that have yet to be answered regarding this case, including why the government felt the need to engage in such intrusive behavior.

For further information, visit the CPJ website under

Read "Prosecutors search office of pro-Berezovsky website," Gateway To Russia, 19 September 2003 at

[12] Report: Net censorship increasing worldwide

A new study suggests not only that Internet censorship is common around the world, but that efforts to stifle online free speech are becoming increasingly effective.

Entitled "Silenced," the report was released during a preparatory meeting of the World Summit on the Information Society (WSIS) in Geneva (see item [5] above). Among other things, researchers found that restrictions on Internet activity as well as government secrecy and communications surveillance have reached an unprecedented level across the globe. The twelve-month study found that a sharp escalation in control of the Internet since September 2001 may have outstripped the traditional ability of the medium to repel attempts at restriction: "The September 11, 2001 attacks have given numerous governments the opportunity to promulgate restrictive policies that their citizens had previously opposed. There has been an acceleration of legal authority for additional snooping, from increased email monitoring to the retention of Web logs and communications data. Simultaneously, governments have become more secretive about their own activities, reducing information that was previously available and refusing to adhere to policies on freedom of information." The report criticizes the United States and the United Kingdom "for creating initiatives hostile to Internet freedom" by, among things, setting "a technological and regulatory standard for mass surveillance and control of the Internet."

The report was compiled and edited by Privacy International (a GILC member) and the GreenNet Educational Trust. The project was funded by a grant from the Open Society Institute (a GILC member).

The report is available online at

[13] Lawsuit: Microsoft dominance leads to Net security woes

Is a software giant's market dominance having a detrimental impact on Internet security?

That's the question posed by a new lawsuit filed in Los Angeles. The lawsuit was filed on behalf of Marcy Hamilton, who claims that a flaw in a Microsoft-manufactured program allowed a fraudster to steal her personal information. The suit charges that Microsoft has failed to secure its software and should be held liable to users who have been affected by ensuing security breaches. In addition, the plaintiff's lawyers claim that "Microsoft's eclipsing dominance in desktop software" has exacerbated these problems and "has created a global security risk. ... As a result of Microsoft's concerted effort to strengthen and expand its monopolies and by tightly integrating applications with its operating system... the world's computer networks are now susceptible to massive, cascading failure."

The lawsuit came just after a report written by several prominent computer security experts suggested that Microsoft's near-monopoly in various fields endangered the infrastructure of the United States. The report, which was commissioned by the Computer and Communications Industry Association, expressed fears that Microsoft changes to its software that are supposed to enhance security would actually make it more difficult for individuals to switch to non-Microsoft products. One of the study's authors, Bruce Schneier, explained: "Under the guise of security, [Microsoft] achieving lock-in. It's using security technologies to extend the monopolies."

Read Robert Lemos and Ina Fried, "Lawsuit opens new can of worms for Microsoft," CNET News, 7 October 2003 at,39020384,39116969,00.htm

See "Microsoft faces fresh lawsuit," BBC News Online, 3 October 2003 at

See also Robert Lemos, "Report: Microsoft dominance poses security risk," CNET News, 24 September 2003 at

For press coverage in Spanish (Espanol), read "Microsoft afronta demanda colectiva por fallos de seguridad,", 5 October 2003 at

 [14] Loverspy service may violate Net privacy laws

A new commercial Internet spy program is drawing serious criticism from privacy advocates.

The program is being offered by a company named Loverspy. Under the system, targeted individuals are sent a doctored email greeting card. Unwitting individuals who open the card are lured to a website that will surreptitiously place a Trojan horse spy program on their respective computers. According to the company, the program can capture a wide range of Internet information, including passwords, chatroom data, screenshots, keystrokes and even web camera images (if the victim has such a camera already installed). This information is then sent to the Loverspy's server and forwarded to Loverspy clients, who can pay USD 89 to have such operations performed on up to 5 computers.

Many privacy advocates believe that the entire scheme may be illegal. Chris Hoofnagle of the Electronic Privacy Information Center (EPIC-a GILC member) warned that the Loverspy service "is clearly a wiretapping violation." He compared Loverspy's activities to Magic Lantern, a controversial computer virus concept proposed by the United States Federal Bureau of Investigations to allow remote interception of private Internet transmissions. Similarly, computer expert Mark Rasch believes that Loverspy's e-greeting surveillance scheme might be "a felony. Loading a program onto someone else's computer without their authorization is patently illegal." Late word is that the United States government has launched an investigation to determine whether Loverspy has indeed violated Federal wiretapping laws.

See "Are You Being 'Snooped'?", 10 October 2003 at

Read "The e-spy who loves you could be a felon," Reuters, 30 September 2003 at

[15]Controversy mounts over Bangladesh Net spy plans

Many observers fear that a new surveillance plan will seriously erode the privacy of Internet users in Bangladesh.

Under the plan, the South Asian nation's 2001 Telecommunications Act would be amended to allow intercepted Internet communications and phone calls in judicial proceedings. Previously, Bangladeshi authorities could not legally conduct wiretaps, and while it has been rumored that government agents have engaged in such activities anyway, they were not allowed to present the information gathered through wiretaps in court. The proposal also calls for government access to customer information that is held by telecommunications providers, and would alter the Act so that its general privacy guarantee would be subject to "national security laws."

Not surprisingly, the plan has been savaged by a number of experts and organizations. Indeed, the proposal is being compared to numerous past Bangladeshi restrictions on personal communications, such as requiring security clearances before obtaining mobile phones. Telecom experts Abu Sayed Khan warned that the amendments "represent a fundamental breach of our right to communicate. If they are enacted it will be a devastating blow for freedom of speech and will turn the country into a police state. Bangladesh already has some of the most restrictive laws in relation to internet and telephone access in the whole of Asia." Similar concerns were expressed by Reporters Sans Frontieres (RSF-a GILC member): "New information technology allows greater monitoring of personal messages and the Bangladesh Government must respect the privacy of its citizens and their right to communicate freely."

An RSF press release about the proposal is posted at

Read Alistair Lawson, "Anger at Bangladeshi snooping plans," BBC News Online, 23 September 2003 at

See also Mustak Hossain, "Move on to tap phone calls, bust e-mails," The Daily Star (BG), 4 September 2003 at

[16] Congress agrees to shutdown TIA spy program

Lawmakers in the United States have decided to essentially halt efforts to build a massive computer surveillance system.

Conceived by retired Admiral John Poindexter, the Terrorism Information Awareness (TIA) project (previously named Total Information Awareness) was being designed by a branch of the U.S. Department of Defense. Its goal was to gather and compile personal data on a grand scale, including identifying people at great distances by the irises of their eyes, the grooves in their face and their gait. The technology would also analyze such things as airline ticket purchases, visa applications, emails, and phone calls as well as educational, medical and financial records. Its proponents believed that by scanning and analyzing this massive pile of data, government agents would be able to predict and prevent terrorist acts.

In response to public outcry over the project's potential privacy implications, the U.S. Congress approved a plan to dismantle TIA. The legislation also bans the government from using the technology envisioned by TIA in any other successor program. However, the plan does authorize a separate, classified program for "processing, analysis, and collaboration tools for counter terrorism foreign intelligence," although there is language barring the domestic use of this program against Americans. Tim Edgar of the American Civil Liberties Union (ACLU-a GILC member) hailed the vote as "a resounding victory for individual liberty," but warned: "While TIA may be dead and buried, we must remain on a constant lookout for other super-snoop programs."

The text of the legislation is posted under

An ACLU press release on this subject is available at

For background information, read Carl Hulse, "Poindexter's office closed Department tried terrorism futures," New York Times, 26 September 2003 at

[17] British gov't again unveils a "Snoopers' Charter"

Undaunted by past criticism, the British government has released revised versions of proposals that may have serious implications for privacy online.

Last year, the British authorities sought to vastly increase the number of organizations that could conduct surveillance under the much-maligned Regulation of Investigatory Powers act (RIP), which mandated telecommunications providers to facilitate government surveillance. The list of agencies that would be given RIP wiretapping powers were not limited to law enforcement bodies and included such groups as the British Food Standards Agency and National Health Services-over 500 agencies in all. After a blizzard of protests, government shelved the plan, then unveiled a modified version of the proposal that, among other things, allowed only a handful of additional government agencies to access telecommunications information. In addition, the British Home Office released a second consultation paper, this time regarding a voluntary code of practice for retention of communications data, which could then be accessed by law enforcement agents. This second document recommends that telecom providers should store such data for up to a year. The types of data to be retained under the scheme might include email header information, web surfing habits, callers' and recipients' names, and the geographic locations of individual mobile phones. Privacy advocates and communications service providers remained concerned over the government's intentions, especially with regard to the data retention issue.

The Home Office has since released a further revised list of agencies that would be given broader access to telecommunications data. Under this multi-tiered scheme, several agencies, including the British atomic energy constabulary as well as the maritime and coastal agency, would be given automatic access to a full range of customer data, while a number of other groups (including designated agencies in all 468 local councils in the United Kingdom) would get access to subscriber information with the prior approval of the British communications commissioner. Additionally, the Home Office announced that telecom providers will be asked to retain customer records for up to a year for the benefit of law enforcement and other government agencies, and that they would force telecom providers to turn over such records if the code of practice did not work.

The emergence of these revised proposals has angered many privacy advocates. Shami Chakrabati, the director of Liberty (a GILC member), hoped that history would repeat itself: "After the original 'snoopers' charter' was published last year, the government was forced to retreat. ... We hope the same happens again." Ian Brown from the Foundation for Information Policy Research (FIPR-a GILC member) challenged the broad scope of the telecom data access provisions: "If sensitive data is stored for anti-terrorism purposes, it should not be available to a wide range of officials such as tax inspectors." Indeed, FIPR released an analysis of the Home Office's plans, complaining that while "they gave the impression of a change of heart ... closer examination of the detail of their proposals shows that their plans are almost entirely unchanged" from prior versions.

For more information regarding the data retention proposal, click

The text of the revised so-called "Snoopers' Charter" is posted (in PDF format) under

The aforementioned FIPR analysis is available at

Read Stuart Millar, "Blunkett revives plan to let agencies trawl phone and net users' records," The Guardian (UK), 13 September 2003 at,12597,1041392,00.html

See "'Snooper' powers to fight terror," BBC News Online, 13 September 2003 at

[18] Multiple bills would restore US privacy protections

The United States Congress is considering several proposals to remedy apparent privacy problems with legislation that was passed nearly two years ago.

Known as the USA PATRIOT Act, the 2001 legislation enhanced the ability of law enforcement officials to collect personal information, including through the Internet. Among other things, the Act allowed the U.S. government to make greater use of controversial spy tools such as Carnivore by applying loose pen register protections (previously used for such things as phone numbers) and apply them to the Information Superhighway, rather than requiring law enforcement agents to show probable cause that a crime is being committed and get a court order. It also expanded the powers of a secret United States court, created under the Foreign Intelligence Surveillance Act (FISA), whose procedural protections are not as strong as those of other tribunals. In addition, the law provided the government with the ability to conduct "sneak and peek" secret searches.

Although U.S. law enforcement agencies continue to seek further expansions of their surveillance powers, a growing public backlash against the USA Patriot Act has led to a bevy of counterproposals that would amend, delete or otherwise prevent implementation of many of the Act's provisions. One such proposal, sponsored by U.S. Representative C.L. "Butch" Otter, would essentially prohibit implementation of 2001-enacted law that allowed the use of "sneak and peak" warrants. Another bill, the True Patriot Act, would, among other things, render numerous provisions (including the "sneak and peek" and Internet pen register sections) of the 2001 legislation ineffective within 90 days; under the bill, U.S. President George W. Bush could request Congressional hearings "to determine whether a particular section should be removed from the list" of provisions to be deactivated. U.S. Senator Lisa Murkowski has also introduced broadly similar legislation.

Privacy advocates view these counterproposals as an encouraging sign. Greg Nojeim of the American Civil Liberties Union (ACLU-a GILC member) explained: "We now know that the PATRIOT Act and other measures went too far, too fast. ... We remain committed to ensuring that America remains both safe and free. History has shown the potential for abuse remains too high for Americans to simply 'trust the government.'"

The text of the True Patriot Act is available under

An ACLU press release about the True Patriot Act is available at

For more about the Murkowski bill, click

A press release from Rep. Otter concerning these proposals is posted under

Read Carolyn Lochhead, "Democrats seek rollback of Patriot Act," San Francisco Chronicle, 25 September 2003, page A4 at

See Sabrina Eaton, "Kucinich leads move in Congress to curb controversial Patriot Act," Cleveland Plain Dealer, 25 September 2003 at

An ACLU memo regarding efforts to further expand government surveillance powers is posted under

Read "Bush Seeks Terror Law Tweaks,", 10 September 2003 at

[19] Privacy fears haunt mobile phones with built-in wiretaps

Plans to rollout mobile phones with built-in wiretapping features have increased anxiety over individual privacy rights.

Japanese telecom giant NTT DoCoMo and Texas Instruments (TI) are hoping to manufacture mobile phones that would come with an innate ability to record phone calls and other information (such as videophone images). For example, the TI phone would apparently record the information as a digitally encoded file that could be stored on the phone or sent elsewhere, ostensibly through the Information Superhighway. In addition, at least two other companies, notably Nokia and Motorola, are offering phones with slightly less powerful "voice note" abilities that can capture short snippets of conversations. Many details regarding these systems are still hard to come by, such as storage capacities and restrictions on transmission of recorded conversations.

Nevertheless, a number of experts are worried that these and other mobile phone systems that could be used for surveillance purposes. Harvard Law School professor Jonathan Zittrain said that fair information practices (such as prior notice) should be applied: "It's only fair to warn somebody that their casual remarks can be transcribed and attributed to them worldwide. Otherwise, we'll all end up talking like lawyers."

Read Ben Charny, "Cell phone recording may breach privacy," CNET News, 3 September 2003 at

[20] Report: Trusted Computing systems bad for Net rights

A new report suggests that attempts to create "trusted computing" systems will have a damaging impact on individual rights in cyberspace.

Entitled "Trusted Computing: Promise and Risk," the report focuses on various n operating systems projects such as Microsoft's Next-Generation Secure

Computing Base (NGSCB, previously known as Palladium) as well as a hardware specification project run by the Trusted Computing Group consortium (TCG, previously known as the Trusted Computing Platform Alliance or TCPA). Proponents of these systems envision a scheme where NGSCB would be used on TCG-designed hardware; the combined scheme would create a special zone within a personal computer, where software could run and private data could be stored. The type of data that might be kept in the zone could include personal details such as credit card numbers. Information inside this zone generally would not be accessible even to other programs on the same computer, but applications that run within the zone could communicate with sources from outside the given computer, such as software manufacturers. Indeed, reports indicate that such systems will constantly monitor what goes on individual machines to make sure all operations are "trustworthy."

Critics fear that NGSCB and TCG-designed hardware will be used to control everything that users can do on their machines. Indeed, the study, which was published by the Electronic Frontier Foundation (EFF-a GILC member), warns that "trusted computing systems are being deliberately designed to support threat models in which the owner of a 'trusted' computer is considered a threat. These models are the exception rather than the rule in the history of computer and communications security, and they are not part of the rationales for trusted computing publicly offered by its proponents." The report goes on to suggest that any such trusted computing system could produce a monopoly where software providers can prevent people from using software from a competitor. The study goes on to suggest an alternative approach by which computer owners themselves would control what security systems are installed on their machines, instead of software manufacturers and data providers. "[T]reating computer owners as adversaries is not progress in computer security. The interoperability, competition, owner control, and similar problems inherent in the TCG and NCSCB approach are serious enough that we recommend against adoption of these trusted computing technologies until these problems have been addressed. Fortunately, we believe these problems are not insurmountable, and we look forward to working with the industry to resolve them."

A press release regarding this report is posted under

To read the report, click

[21] Euro study calls for privacy rights restoration

A report to a European Parliament committee suggests that various digital technologies may seriously erode individual privacy.

The report, entitled "Security and privacy for the citizen in the Post-September 11 digital age: A prospective overview," was released earlier this week. Among other things, the study documents the development of systems that bring "new risks and potential abuses to the privacy of personal data," ranging from biometrics, radio-frequency identity devices (RFIDs), mobile phone geolocational trackers and various Internet surveillance tools. In addition, the report notes how, over the past two years, "there has been a strong governmental reaction" to terrorist attacks that has enabled "security measures to be imposed that might previously have been objected to on the grounds that they encroached on privacy." The study's authors argue that, as a result of these forces, "the balance" between "citizen's security and privacy requirements" which had been "established over years of democratic process has been upset."

The report makes a number of suggestions for future action, including a call for policy makers to restore the balance between security and privacy before such technologies become commonly accepted, such as through "new regulations and enhanced educational policies." The European Union (EU) commissioner for research, Philippe Busquin, issued an accompanying statement warning: "Citizens are not prepared to let privacy be one of the casualties in the war on terrorism."

The report is available (in PDF format) via

A European Commission press release about the report is posted under|0|RAPID&lg=EN&type=PDF


The GILC News Alert is the newsletter of the Global Internet Liberty Campaign, an international coalition of organizations working to protect and enhance online civil liberties and human rights. Organizations are invited to join GILC by contacting us at

To alert members about threats to cyber liberties, please contact members from your country or send a message to the general GILC address.

To submit information about upcoming events, new activist tools and news stories, contact:

Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004

Or email:

More information about GILC members and news is available at

You may re-print or redistribute the GILC NEWS ALERT freely.

This edition of the GILC Alert will be found on the World Wide Web under

To subscribe to the Alert, or to change your subscription options (including unsubscribing), please visit