home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Ian & Stuart's Australian Mac: Not for Sale
/
Another.not.for.sale (Australia).iso
/
fade into you
/
being there
/
Rants
/
EPIC Project Description
< prev
next >
Wrap
Text File
|
1994-11-11
|
15KB
|
303 lines
Electronic Privacy Information Center
666 Pennsylvania Ave., SE, Suite 301, Washington, DC 20003,
1 202 544 9240 (tel) 1 202 547 5482 (fax) epic@cpsr.org (email)
A Project of The Fund for Constitutional Government
and
Computer Professionals for Social Responsibility
April 1994
The National Information Infrastructure
Our communications world is rapidly changing. The convergence
of telephone, television, and computer technology has created a new
information "superhighway" referred to as the "National Information
Infrastructure" or NII.
The NII has become a priority of the Clinton administration
and has long been championed by Vice President Gore. While many
aspects of the NII initiative are commendable and worthy of the public
interest community's support, the administration's early
pronouncements on network privacy raise great concern. For instance,
the Information Infrastructure Task Force's "Agenda for Action,"
issued last year, contained the following passage:
Federal agencies are working with industry to develop new technologies
that protect the privacy of citizens, while enabling law enforcement
agencies to continue to use court-authorized wiretaps to fight
terrorism, drug rings, organized crime, and corruption. Federal
agencies are working with industry to develop encryption hardware and
software that can be used for this application.
This passage refers to the efforts of the FBI and the National
Security Agency (NSA) to dictate the design of the nation's
communications networks and to expand their ability to conduct
electronic surveillance. Indeed, for almost a decade the intelligence
community has sought to control the development of the nation's
advanced communications infrastructure, invoking the spectre of
"terrorism, drug rings, organized crime, and corruption" much as
"national security" was invoked during the Cold War.
More recently, the administration has launched two
surveillance initiatives that are cause for great concern.
The Clipper Chip
In February of this year, the government announced its
adoption of the so-called Clipper Chip, a communications "security"
device developed by the National Security Agency (NSA). Clipper and
related devices permit law enforcement and intelligence agencies to
intercept and "decrypt" private voice and data transmissions. As
William Safire wrote in the New York Times,
The "Clipper chip" --- aptly named, as it clips the wings of
individual liberty --- would encode, for Federal perusal whenever a
judge rubber-stamped a warrant, everything we say on a phone,
everything we write on a computer, every order we give to a shopping
network or bank or 800 or 900 number, every electronic note we leave
our spouses or dictate to our personal-digital-assistant genies.
In a poll conducted by Time magazine and CNN, 80 percent of
the American people opposed this surveillance initiative, and an
Internet petition organized by the EPIC staff generated 50,000
electronic messages urging the administration to abandon the Clipper
plan. Indeed, the EPIC staff has been in the forefront in opposing
the Clipper initiative and educating the public about its
ramifications for the information infrastructure.
The FBI's Proposed Wiretap Legislation
In recent testimony on Capitol Hill, FBI Director Louis Freeh
called for sweeping new legislation that would require designers of
the NII to make the emerging network "wiretap friendly." The FBI plan
would mandate that no communications system could be established
unless it guaranteed law enforcement the ability to intercept
communications. The proposal would also give the FBI an unprecedented
ability to collect detailed telephone and "transactional" records. As
with the Clipper initiative, public reaction to the FBI proposal has
been overwhelmingly negative. The response of the Detroit News was
typical:
No one wants criminals to have the upper hand, of course.
But democracy fast turns to tyranny when fundamental liberties like
privacy are suspended in the name of law enforcement. Americans
already concede a great deal of their privacy to Big Brother in the
name of crime fighting. ... Privacy, in any real sense of the word,
is eroding daily.
Unfortunately, public opposition to these initiatives has not
slowed the momentum toward greater surveillance capabilities in the
emerging communications infrastructure. The recent proposals are just
the latest in a series of FBI and NSA efforts to control our
information networks. Although Congress attempted to put the brakes
on these activities with the passage of the Computer Security Act in
1987, the intelligence community has marched forward:
! A 1989 "Memorandum of Understanding" between the NSA and a
civilian agency transferred authority for computer security back to
the intelligence community.
! A 1989 National Security Directive issued by President Bush
further expanded the authority of the NSA and encouraged the Agency to
set technical standards for the nation's communications system. The
secret directive was made public after EPIC staff forced its
disclosure in court.
! A 1991 Senate resolution, developed by the FBI, would have
urged private companies to develop new network services to facilitate
wire surveillance.
! An earlier legislative proposal, drafted by the FBI in 1992,
would have mandated that all communication equipment in the United
States be certified by the Attorney General as capable of wiretap.
It is clear that the surveillance capabilities of the FBI and
NSA are now being turned inward toward the citizens of the United
States. The late Sen. Frank Church observed in 1975 after conducting
a sweeping investigation of intelligence agency abuses, "the danger
lies in the ability of NSA to turn its awesome technology against
domestic communications." The recent developments have made clear the
importance of this warning.
Privacy at Risk
The implications of these recent developments are staggering.
If the intelligence and law enforcement agencies are able to dictate
the requirements of the nation's communications infrastructure, then
the freedom of future users of the nation's information networks are
at risk. It is already clear that the many costs of these proposals
include:
! Diminished privacy -- technologies that are intended for
privacy protection, such as cryptography, are deployed with secret
"backdoors" that make them less secure.
! Government secrecy -- in the name of "national security"
critical documents are withheld from public review and principles of
open government are suspended.
! Government accountability -- with secrecy comes the loss of
public review and the ability to determine whether government claims
reflect the true reality. Already, EPIC Freedom of Information
litigation has revealed that many of the FBI's dire claims are
unfounded.
! Routinized surveillance -- a network designed for surveillance
will be used for surveillance. Where once privacy was taken for
granted, in the not too distant future monitoring may soon be assumed.
Absent an effective public response, these problems
will mount. It is clear that the FBI and the NSA intend to push
forward. The question is whether the public will resist these
assaults on our fundamental rights.
Time to Act
While the information infrastructure of the future is now in
its infancy, the policy decisions that are about to be made will
determine the character of our society in the 21st century. The
systems now being designed will facilitate our social, political and
financial transactions to an extent difficult to imagine today. As
the pioneering cryptographer Whitfield Diffie recently told Congress,
At this moment in history, we are transferring our medium of
social interaction from the physical to the electronic at a pace
limited only by the development of our technology. Many of us spend
half the day on the telephone talking to people we may visit in person
at most a few times a year and the other half exchanging electronic
mail with people we never meet in person.
Communication security has traditionally been seen as an arcane
security technology of real concern only to the military and perhaps
the banks and oil companies. Viewed in light of the observations
above, however, it is revealed as nothing less than the
transplantation of fundamental social mechanisms from the world of
face to face meetings and pen and ink communication into a world of
electronic mail, video conferences, electronic funds transfers,
electronic data interchange, and, in the not too distant future,
digital money and electronic voting.
The privacy and security of the information infrastructure is
one of the most significant civil liberties issues to emerge in
decades. The fact that both the FBI and the NSA have made NII
surveillance a top priority -- one source said that the Justice
Department informed the Clinton transition team it was their "only"
priority -- should send a clear signal to us all about the importance
of this issue.
Unfortunately, few resources have been devoted to examining
the issue and working to ensure that basic constitutional values are
preserved in the new electronic environment. Even though the EPIC
staff has successfully raised many of the potential problems with the
various NSA/FBI proposals during the last few years, the absence of a
well focused project, specifically dedicated to this problem shows a
gaping hole in the public interest community. What is needed is a
specific project with expertise in civil liberties, national security,
and cryptography to promote oversight, accountability, and public
debate about these critical new developments.
What EPIC Will Do
EPIC will undertake an in-depth examination of government
efforts to build surveillance capabilities into the emerging
information infrastructure. The organization will examine efforts to
restrict the widespread use of privacy-enhancing technology, such as
cryptography. In furtherance of this review, we will continue to make
extensive use of the Freedom of Information Act (FOIA) to compel the
disclosure of relevant information withheld by the government. Given
that much of this information is likely to be concealed behind the
shield of classification, an important aspect of the project will be
to examine and challenge the use of "national security" secrecy to
withhold information concerning domestic communications systems.
At the conclusion of our review, we will produce a report and
disseminate widely our findings and recommendations. This report will
be an important contribution to the emerging debate on the design and
direction of the NII and will provide a counter-balance to the
perspective of the law enforcement and intelligence agencies. We are
specifically interested in pursuing the following questions:
! What are the civil liberties implications of the FBI's and the
NSA's activities? What are the potential consequences for the
development of the NII?
! What should be the proper role of the NSA and the FBI in this
area? What does the law require?
! Is legislation necessary? Is oversight necessary? What other
steps should be taken?
EPIC will conduct ongoing outreach, speak at conferences, work
with other organizations, and support similar efforts to document the
activities of the FBI and the NSA. Public education is particularly
important as the scope of the National Information Infrastructure
expands.
The Administration's NII initiative provides both risks and
opportunities. While there is a very real threat that an Orwellian
system of mass surveillance might emerge from an otherwise
well-intentioned development process, there is also a unique
opportunity to ensure that civil liberties and privacy become
essential design elements in the data highways of the future.
Sponsoring Organizations
FCG is a Washington-based, non-profit charitable rganization
established in 1974 to protect civil liberties and constitutional
rights. The FCG board of directors includes former government
officials, journalists and civil rights advocates.
CPSR is a non-profit membership organization, incorporated in
California in 1983. The CPSR National Advisory Board includes
distinguished computer scientists, legal scholars, journalists, and
public interest advocates. CPSR is based in Palo Alto, California and
has 2,500 members and 20 chapters across the United States.
EPIC Advisory Board (in formation)
Hon. John Anderson Prof. Chris Borgman, UCLA School of Information
Science David Burnham, TRAC Dr. Richard Claude, Human Rights Quarterly
Simon Davies, Privacy International Dr. David Chaum, Digicash Prof.
Oscar Gandy, Annenberg School of Communications Judy Krug, American
Library Association Prof. Gary Marx, University of Colorado Boulder
Dr. Peter G. Neumann, SRI International Michael Pertschuk, Advocacy
Institute Dr. Barbara Simons, USACM Dr. Willis Ware, RAND Institute
(affiliations are for identification)
EPIC Staff
Marc Rotenberg is the EPIC Project Director and served as head
of the CPSR Washington office. He was formerly counsel to the Senate
Judiciary Committee specializing in technology and the law. He is an
adjunct professor at Georgetown University Law Center where he teaches
information privacy law, and is a contributing editor to Government
Information Quarterly, the Computer Law and Security Report, and the
Encyclopedia of Computer Science. He is secretary of Privacy
International, an international human rights organization. He is a
graduate of Harvard College and Stanford Law School and a member of
the bar of the United States Supreme Court.
David Sobel is Legal Counsel for EPIC and served as CPSR Legal
Counsel. He was formerly counsel to the National Security Archive.
Since 1982, Mr. Sobel has litigated dozens of Freedom of Information
Act cases. His clients have included ABC News, the U.S. Student
Association, the Fund for Constitutional Government, the Nation
Magazine, Coretta Scott King and former Ambassador Kenneth Rush. Mr.
Sobel is a graduate of the University of Michigan and the University
of Florida Law School, and a member of the bar of the Court of Appeals
for the District of Columbia Circuit and other federal appellate
courts.
David Banisar is a Policy Analyst for EPIC. David has
organized several policy conferences on cryptography and privacy, is
editor of the International Privacy Bulletin and continues to research
privacy, electronic surveillance and security issues. He also
initiates FOIA requests and coordinates the posting of news to
electronic information services. David is a graduate of the
University of Maryland and the Catholic University Law School in
Washington, DC.