The Hacker's Encyclopedia 1998

home *** CD-ROM | disk | FTP | other *** search

/ The Hacker's Encyclopedia 1998 / hackers_encyclopedia.iso / zines / eff / eff816.txt < prev next >

Wrap

Text File | 2003-06-11 | 62.8 KB | 1,338 lines

========================================================================= ________________ _______________ _______________ /_______________/\ /_______________\ /\______________\ \\\\\\\\\\\\\\\\\/ ||||||||||||||||| / //////////////// \\\\\________/\ |||||________\ / /////______\ \\\\\\\\\\\\\/____ |||||||||||||| / ///////////// \\\\\___________/\ ||||| / //// \\\\\\\\\\\\\\\\/ ||||| \//// ========================================================================= EFFector Online Volume 08 No. 16 Oct. 7, 1995 editors@eff.org A Publication of the Electronic Frontier Foundation ISSN 1062-9424 IN THIS ISSUE: ALERT: Congress Action Resumes on Internet Censorship Legislation The Latest News What You Can Do Now Letter from Senator Russ Feingold (D-WI) to Committee Chronology of the CDA For More Information List Of Participating Organizations Crypto Export Controls on Trial - Come on Down! Council of Europe Issues Anti-Privacy Policy Recommendations Newsbytes EFF Update EFF's Farber Wins ACM SIGCOMM Award for Lifelong Contribution to Networking Clinton Administration Lied About Clipper Being Voluntary - Proof! Hints of "OzClipper"? Australian Atty. General's Dept. Wants Key Escrow Church of Scientology Cases - Update ALERT: SEC EDGAR Database Endangered by Lobbyists Coming Next Issue... Upcoming Events Quote of the Day What YOU Can Do Administrivia * See http://www.eff.org/Alerts/ or ftp.eff.org, /pub/Alerts/ for more information on current EFF activities and online activism alerts! * ---------------------------------------------------------------------- Subject: ALERT: Congress Action Resumes on Internet Censorship Legislation -------------------------------------------------------------------------- CAMPAIGN TO STOP THE EXON/COATS COMMUNICATIONS DECENCY ACT (SEE THE LIST OF CAMPAIGN COALITION MEMBERS AT THE END) Update: -Latest News: Feingold releases letter to Committee members identifying First Amendment issues with CDA legislation. -What You Can Do Now: Send a letter to Feingold congratulating him for speaking up for free speech. Put your business or bulletin board on record as supporting free speech and opposing censorship for cyberspace! CAMPAIGN TO STOP THE UNCONSTITUTIONAL COMMUNICATIONS DECENCY ACT Oct 1, 1995 PLEASE WIDELY REDISTRIBUTE THIS DOCUMENT WITH THIS BANNER INTACT REDISTRIBUTE ONLY UNTIL November 25, 1995 REPRODUCE THIS ALERT ONLY IN RELEVANT FORUMS Distributed by the Voters Telecommunications Watch (vtw@vtw.org) ________________________________________________________________________ CONTENTS The Latest News What You Can Do Now Letter from Senator Russ Feingold (D-WI) to Committee Chronology of the CDA For More Information List Of Participating Organizations ________________________________________________________________________ THE LATEST NEWS Many people who have been following the attempts to censor the Internet may have seen the Senate floor debate. If you did, you were treated to the sight of Senators Leahy (D-VT) and Feingold (D-WI) passionately attempting to explain to 84 members of the Senate exactly just what the Internet was, and why passing laws against indecency are inappropriate in this medium. Both Senators spoke passionately, and for those that understand this technology, something clicked. The 16 members that voted against the censorship legislation will be rewarded by reminders to their voters about their rational, non-hysterical, positions on free speech at the end of the year. In the meantime, we believe that you should congratulate Senators Feingold on his stand for free speech, and for sticking up for the net. Quite often Senator Leahy gets most of the credit for this position. Let's be honest, he deserves it because of his long standing rational approach to our issues. However it's a big tent, and free speech can always use another defender. (Directions for contacting Feingold's office below) Last week Senator Feingold sent a letter to several committee members outlining the First Amendment problems with the measures passed by the Senate (the Communications Decency Act) and the House (the Manager's Amendment) and asked that these be deleted. A copy of that letter is enclosed below, and we thank Senator Feingold's office for making available an electronic copy (so we didn't have to type it in!). Remember, send Senator Feingold a thank you. He's earned it. [What comes below is unchanged from the last alert] The House and Senate have passed a total of four different pieces of legislation aimed at dealing with children's access to information on the Internet. Each of the four was profiled in BillWatch #13 which you can retrieve from URL:http://www.vtw.org/billwatch/issue.13.html. Here are the four pieces of legislation and a short summary of each of them. HR1978: "Internet Freedom and Family Empowerment Act" (Cox/Wyden) This bill takes the approach of encouraging industry to provide parents with tools to restrict their childrens' access to the net. It contains no new criminal provisions. This approach was affirmed by the House 421-4 on August 4, 1995. (Yes, that's a landslide) S314: "The Communications Decency Act" (Exon/Coats) This bill makes many types of constitutionally-protected speech (including lewd, lascivious, and indecent speech) criminal when used through a telecommunications device. This provision was affirmed by the Senate 84-16 on June 14, 1995. House amendment to HR1555: "Child Protection, User Empowerment, and Free Expression in Interactive Media Study Act" (Klink/Leahy) This bill directs the Department of Justice to study and see if there are places in current law where existing obscenity laws are unenforcible on computer networks. This approach was affirmed by a committee voice vote. House amendment to HR1555: <unnamed> This amendment was submitted at the last minute through the Manager's Mark, a collection of several amendments to HR1555 that were voted on as a block. This amendment takes constitutionally-protected speech and criminalizes it when it is expressed online. Most legislators had no idea that they voted on this last amendment; the summary of the Manager's Mark did not mention these new criminal provisions. There was no applicable House vote on *just this* provision. The House-Senate conference committee now has the task of deciding which of these are allowed into the final Telecommunications Deregulation bill for the last floor vote. ________________________________________________________________________ WHAT YOU CAN DO NOW 1. Send Senator Feingold a letter telling him you appreciate him standing up for free speech in cyberspace. Be polite and check your spelling. Most importantly, READ HIS LETTER FIRST before you send mail. He took the time to write it, shouldn't you take the time to read it? Email or paper mail are recommended, since they will have the least impact on the staff. Telephone calls are less desirable, but certainly appropriate if that is the only way that is convenient for you. The Senator can be reached at: P ST Name and Address Phone Fax = == ======================== ============== ============== D WI Feingold, Russell 1-202-224-5323 na 502 HSOB russell_feingold@feingold.senate.gov Washington, D.C. 20510 [This is from the last alert. We are still collecting signons to the letter though, and we don't have nearly enough Internet Service Providers. -Shabbir] 2. It's crucial that we tell Congress how their decision in the conference committee will affect businesses and bulletin boards in cyberspace. We're coordinating a letter from Internet businesses and bulletin boards to explain to Congress just what these poorly-drafted regulations will mean to them. Read the electronic business and bulletin board letter below. You can also find it at: Gopher: gopher -p1/vtw/exon gopher.panix.com WWW URL: http://www.vtw.org/cdaletter/ Email : Send mail to files@vtw.org with "send cdaletter" in the subject line. 3. If you work for a business that uses bulletin boards or public networks, convince the owners to sign onto the letter. Companies that should sign this include Internet service providers, Web designers (big and small), Internet consultants and trainers, Internet restaurants and bars, software companies that develop Internet-related software, companies that advertise or publish through the Internet or bulletin boards, writers who publish through the Internet, and many others! If you belong to a bulletin board, ask the sysop if he or she will sign onto the letter. 4. Ask the BBS sysop or the business owner to mail in the following information to vtw@vtw.org: Business name Owner or officer name Address Email address Phone number Description of business and anything else relevant Here's an example: $ Mail vtw@vtw.org My business would like to signon to the business and bbs letter. We are: Ed's Xcellent Online Node (EXON) J.J. Exon, Owner 2323 Decency Road, Nebraska 10000-0000 (402) 555-1212 jj@exon.net Ed's Xcellent Online Node is based in Nebraska and provides Internet service to many thoughtful and free-speech loving Nebraskans. We provide Internet access to over 1,500 residents and 400 businesses. We employ 35 full time employees. -James ^D Mail sent! $ 5. If you don't subscribe to a BBS or have an affiliation with a business that uses public networks, but belong to a professional organization or an advocacy group, consider sending Congress the ACLU letter included below with your local group's name on it. Simply replace the material in parentheses with your own information. 6. Relax! You just did a lot of good with only email as a tool. Isn't that great? ________________________________________________________________________ LETTER FROM SENATOR RUSS FEINGOLD (D-WI) [NOTE: This letter was sent to: Sen. Larry Pressler Sen. Fritz Hollings Rep. Thomas Bliley Rep. John Dingell House Committee on Commerce Senate Committee on Commerce, Science, & Technology All of these individuals have a hand in the shaping of the conference committee process that will define the outcome of the Telecommunications Deregulation bill, and therefore, the Internet censorship legislation. Each letter was identical, so we have only included one here. -Shabbir] Tuesday September 26, 1995 The Honorable Thomas Bliley Chairman, Committee on Commerce U.S. House of Representatives Washington, D.C. 20515 Dear Chairman Bliley, Soon your Committee will begin Conference deliberations on H.R. 1555 and S.652, telecommunications reform legislation, with members of the Senate Committee on Commerce, Science and Transportation. During those deliberations, I urge you to strike the potentially unconstitutional provisions regarding on-line indecency contained in both the Senate and House versions of this legislation. The Exon-Coats amendment, added to S. 652 on the Senate floor, included provisions which I believe would violate the First Amendment rights of Internet users and have a chilling effect on further economic and technological development of this exciting new form of telecommunications. Specifically I have objected to the indecency provisions of S. 652 for the following reasons: 1) Indecent speech, unlike obscenity, is protected under the First Amendment to the U.S. Constitution; 2) An outright ban on indecent speech on computer networks is not the "least restrictive means" of protecting children from exposure to such speech on the Internet. There are a number of existing tools available today to allow parents to protect their children from materials which they find inappropriate; 3) A ban on indecent speech to minors on the Internet will unnecessarily require adults to self censor their communications on the Internet; 4) Since "indecency" will be defined by community standards, protected speech by adults will be diminished to what might be considered decent in the most conservative community in the United States and to what might be appropriate for very young children; 5) The "on-line indecency" provisions will establish different standards for the same material that appears in print and on the computer screen. Works that are completely legal in the bookstore or on the library shelf would be criminal if transmitted over computer networks; 6) The Supreme Court has ruled that the degree to which content can be regulated depends on the characteristics of the media. The unique nature of interactive media must be considered when determining how best to protect children. S. 652 ignores the degree to which users have control over the materials to which they are exposed as well as the decentralized nature of interactive technology which liken it more to print media than broadcast media. Section 403 of H.R. 1555, known as the Hyde amendment, raises equally serious concerns with respect to the First Amendment and appears antithetical to other provisions contained in the House Bill. The prohibitions against on-line indecency contained in the Hyde language will have a similar chilling effect on the on-line communications of adults. The Hyde amendment is also inconsistent with the more market-oriented and less intrusive provisions of Sec. 104 of H.R. 1555, the On-Line Family Empowerment Act introduced by Congressmen Cox and Wyden, as adopted by the House. Section 104 recognizes that First Amendment protections must apply to on-line communications by prohibiting FCC content regulation of the Internet. The Cox/Wyden provisions also promote the use of existing technology to empower parents to protect their children from objectionable materials on the Internet, and encourages on-line service providers to self-police offensive communications over their private services. In addition, the Hyde amendment is incompatible with Section 110 of H.R. 1555, which demands a report by the Department of Justice (DOJ) on existing criminal obscenity and child pornography statutes and their applicability to cyber-crime. Sec. 110 also requires an evaluation of the technical means available to enable parents to exercise control over the information that their children receive on the Internet. Perhaps most significantly, Sec. 110 embraces the application of First Amendment speech protections to interactive media. H.R. 1555, while embracing the principles of restraint with respect to new criminal sanctions on protected speech and the promotion of a free-market parental empowerment approach, simultaneously ignores both of those axioms with the Hyde provision. By imposing new criminal sanctions on indecent speech and amending existing criminal statutes, the Hyde amendment rushes to judgement before the DOJ study has even begun. Recently, the Senate Judiciary Committee held the first-ever Congressional hearing on the issue of cyberporn. Based on the testimony of the witnesses, which included parents as well as victims of cyberporn, it became clear that the objectionable communications on the Internet are already covered by existing criminal statutes. The concerns raised at the hearing centered upon trafficking of child pornography, the proliferation of obscenity, and the solicitation and victimization of minors via the Internet. However, those offenses are already violations of criminal law. Indeed, recent press accounts indicate that law enforcement officers are already aggressively prosecuting on-line users for violations of criminal law relating to obscenity and child pornography. It is critical that we use law enforcement resources to prosecute criminal activity conducted via the Internet and not be distracted by the issue of indecency which has not been identified as a serious concern by users or parents. It was clear, during our recent Senate Hearing, that the witnesses' concerns about the Internet did not relate to indecent speech or the so-called "seven dirty words". It is incumbent upon Congress to wait for the results of the study required by H.R. 1555 before embracing overly restrictive, potentially unnecessary and possibly unconstitutional prohibitions on indecent speech contained in both versions of telecommunications reform legislation. I urge the Conference Committee to reject the Exon/Coats and Hyde provisions during your deliberations and to maintain the Cox/Wyden amendment adopted overwhelmingly by the House of Representatives. If the United States is to ever fully realize the benefits of interactive telecommunications technology, we cannot allow the heavy hand of Congress to unduly interfere with communications on this medium. Thank you for your consideration of this very important matter. Sincerely, Russell D. Feingold United States Senator cc: Members, Committee on Commerce ________________________________________________________________________ CHRONOLOGY OF THE COMMUNICATIONS DECENCY ACT Sep 26, '95 Sen. Russ Feingold urges committee members to drop Managers Amendment and the CDA from the Telecommunications Deregulation bill Aug 4, '95 House passes HR1555 which goes into conference with S652. Aug 4, '95 House votes to attach Managers Amendment (which contains new criminal penalties for speech online) to Telecommunications Reform bill (HR1555). Aug 4, '95 House votes 421-4 to attach HR1978 to Telecommunications Reform bill (HR1555). Jun 30, '95 Cox and Wyden introduce the "Internet Freedom and Family Empowerment Act" (HR 1978) as an alternative to the CDA. Jun 21, '95 Several prominent House members publicly announce their opposition to the CDA, including Rep. Newt Gingrich (R-GA), Rep. Chris Cox (R-CA), and Rep. Ron Wyden (D-OR). Jun 14, '95 The Senate passes the CDA as attached to the Telecomm reform bill (S 652) by a vote of 84-16. The Leahy bill (S 714) is not passed. May 24, '95 The House Telecomm Reform bill (HR 1555) leaves committee in the House with the Leahy alternative attached to it, thanks to Rep. Ron Klink of (D-PA). The Communications Decency Act is not attached to it. Apr 7, '95 Sen. Leahy (D-VT) introduces S.714, an alternative to the Exon/Gorton bill, which commissions the Dept. of Justice to study the problem to see if additional legislation (such as the CDA) is necessary. Mar 23, '95 S314 amended and attached to the telecommunications reform bill by Sen. Gorton (R-WA). Language provides some provider protection, but continues to infringe upon email privacy and free speech. Feb 21, '95 HR1004 referred to the House Commerce and Judiciary committees Feb 21, '95 HR1004 introduced by Rep. Johnson (D-SD) Feb 1, '95 S314 referred to the Senate Commerce committee Feb 1, '95 S314 introduced by Sen. Exon (D-NE) and Gorton (R-WA). ________________________________________________________________________ FOR MORE INFORMATION Web Sites URL:http://www.vtw.org/exon/ URL:http://epic.org/ URL:http://www.eff.org/pub/Alerts/ URL:http://www.cdt.org/cda.html URL:http://outpost.callnet.com/outpost.html FTP Archives URL:ftp://ftp.cdt.org/pub/cdt/policy/freespeech/00-INDEX.FREESPEECH URL:ftp://ftp.eff.org/pub/Alerts/ Gopher Archives: URL:gopher://gopher.panix.com/11/vtw/exon URL:gopher://gopher.eff.org/11/Alerts Email: vtw@vtw.org (put "send alert" in the subject line for the latest alert, or "send cdafaq" for the CDA FAQ) cda-info@cdt.org (General CDA information) cda-stat@cdt.org (Current status of the CDA) ________________________________________________________________________ LIST OF PARTICIPATING ORGANIZATIONS In order to use the net more effectively, several organizations have joined forces on a single Congressional net campaign to stop the Communications Decency Act. American Communication Association * American Council for the Arts * Arts & Technology Society * Association of Alternative Newsweeklies * biancaTroll productions * Boston Coalition for Freedom of Expression * Californians Against Censorship Together * Center For Democracy And Technology * Centre for Democratic Communications * Center for Public Representation * Citizen's Voice - New Zealand * Cloud 9 Internet *Computer Communicators Association * Computel Network Services * Computer Professionals for Social Responsibility * Cross Connection * Cyber-Rights Campaign * CyberQueer Lounge * Dutch Digital Citizens' Movement * ECHO Communications Group, Inc. * Electronic Frontier Canada * Electronic Frontier Foundation * Electronic Frontier Foundation - Austin * Electronic Frontiers Australia * Electronic Frontiers Houston * Electronic Frontiers New Hampshire * Electronic Privacy Information Center * Feminists For Free Expression * First Amendment Teach-In * Florida Coalition Against Censorship * FranceCom, Inc. Web Advertising Services * Friendly Anti-Censorship Taskforce for Students * Hands Off! The Net * Human Rights Watch * Inland Book Company * Inner Circle Technologies, Inc. * Inst. for Global Communications * Internet On-Ramp, Inc. * Internet Users Consortium * Joint Artists' and Music Promotions Political Action Committee * The Libertarian Party * Marijuana Policy Project * Metropolitan Data Networks Ltd. * MindVox * MN Grassroots Party * National Bicycle Greenway * National Campaign for Freedom of Expression * National Coalition Against Censorship * National Gay and Lesbian Task Force * National Public Telecomputing Network * National Writers Union * Oregon Coast RISC * Panix Public Access Internet * People for the American Way * Republican Liberty Caucus * Rock Out Censorship * Society for Electronic Access * The Thing International BBS Network * The WELL * Voters Telecommunications Watch (Note: All 'Electronic Frontier' organizations are independent entities, not EFF chapters or divisions.) ________________________________________________________________________ End Alert ------------------------------ Subject: Crypto Export Controls on Trial - Come on Down! -------------------------------------------------------- On October 20th in San Francisco, we'll have the first public hearing in the EFF/Bernstein lawsuit, which seeks to have the export laws on cryptography declared unconstitutional. You are invited! Meet at the Federal Building in San Francisco, 450 Golden Gate Avenue. The first "oral arguments" in the Bernstein crypto export case will happen there, starting at 10:30am PST, in Judge Marilyn Hall Patel's courtroom, upstairs. We've been FedExing legalese back and forth for months; now we get to explain the case in person. You can meet our intrepid lawyers, who are slaving away without pay, _in_durance_vile_, to protect our rights! Shake hands with an NSA lawyer specially flown in for the occasion! Meet some local journalists! And watch the wheels of justice grind as the judge first explores our case. In this case, Dan Bernstein, ex-grad-student from UC Berkeley, is suing the State Department, NSA, and other agencies, with help from EFF. Our main argument is that the export controls on crypto software are a "prior restraint on publication" which is unconstitutional under the First Amendment unless handled very delicately by a court (not just by an agency acting on its own). These agencies restrained Dan's ability to publish a paper, as well as source code, for the crypto algorithm that he invented. There are additional arguments along the lines that the State Department and NSA take a lot more liberties during the export process than their own regulations and laws really permit. Like Phil Karn's case, this lawsuit really has the potential to outlaw the whole NSA crypto export scam. We could make your right to publish and export crypto software as well-protected by the courts as your right to publish and export books. Of course, the government would appeal any such decision, and it will take years and probably an eventual Supreme Court decision to make it stick. But you can be there at the very beginning. Please make a positive impression on the judge. Show her -- by showing up -- that this case matters to more people than just the plaintiff and defendant. That how it gets decided will make a difference to society. That the public and the press are watching, and really do care that it gets handled well. We'll have to be quiet and orderly while we're in the courthouse. There will be no questions from the audience (that's us), but the session will be tape-recorded, and you can take notes if you like. Banners and inflamatory t-shirts are probably not a good idea. Consider this a dress-up day. The particular issue in front of Judge Patel on the 20th is whether the case should be thrown out. The government is arguing that it should. It's a mess of legal details about whether the Judicial Branch has the right to decide questions like this, and over whether we have really properly claimed a Constitutional rights violation. It will teach most observers something about how the courts work, and how the NSA and State Dept use bureaucratic tricks to avoid facing the real issues. We have managed to drag in some of these issues, like whether there is sufficient "expression" in software that the First Amendment should protect publishers of software. It's possible, but unlikely, that the judge will decide then-and-there. We will get some clues to how she is leaning, based on her questions and comments. Her written decision will come out some days or weeks later. Don't bring any interesting devices unless you're willing to check them with the lobby guards for the duration. They seem to want to hold onto guns, "munitions", and even small pocketknives, before they'll let you go upstairs to the courtrooms. Full background and details on the case are in the EFF archives at: ftp.eff.org, /pub/Privacy/ITAR_export/Bernstein_case/ gopher.eff.org, 1/Privacy/ITAR_export/Bernstein_case http://www.eff.org/pub/Privacy/ITAR_export/Bernstein_case/ ------------------------------ Subject: Council of Europe Issues Anti-Privacy Policy Recommendations --------------------------------------------------------------------- Sept. 11, 1995, the Committee of Ministers to Member States of the Council of Europe, a European Union advisory body, issued "Recommendation No. R (95) 13: Concerning Problems of Criminal Procedure Law Connected with Information Technology". The recommendation states in part: The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe. [...] Concerned at the risk that electronic information systems and electronic information may also be used for committing criminal offenses; Considering that evidence of criminal offenses may be stored and transferred by these systems; Noting that criminal procedure laws of members states often do not yet provide for appropriate powers to search and collect evidence in these systems in the course of criminal investigations; [...] Recalling Recommendation No. R (81) 20 of the Committee of Ministers on the harmonisation of laws relating to the requirement of written proof and to the admissibility of reproductions of documents and recordings on computers, Recommendation No. R. (85) 10 on letters rogatory for the interception of telecommunications, Recommendations No. R (87) 15 [sic] regulating the use of personal data in the police state and Recommendations No. R (89) 9 on computer-relating crime, Recommends the governments of member states: i. when reviewing their internal legislation and practice, to be guided by the principles appended to this recommendation [...] The appended principles contain, in part, the following: [...] 3. During execution of a search, investigating authorities should have the power, subject to appropriate safeguards, to extend the search of other computer systems within their jurisdiction which are connected by means of a network and seize the data therein, provided immediate action is required. [...] 5. in view of the convergence of information technology and telecommunications, law pertaining to technical surveillance for the purpose of criminal investigations, such as interception of telecommunications, should be reviewed and amended, where necessary, to ensure their applicability. 6. The law should permit investigating authorities to avail themselves of all necessary technical measures that enable the collection of traffic data in the investigation of crimes. [...] 8. Criminal procedure laws should be reviewed with a view to making possible the interception of telecommunications and the collection of traffic data in the investigation of serious offenses against the confidentiality, integrity and availability of telecommunications or computer systems. [...] 9. Subject to legal privileges or protection, most legal systems permit investigating authorities to order persons to hand over objects under their control that are required to serve as evidence. In a parallel fashion, provisions should be made for the power to order persons to submit any specified data under their control in a computer system in the form required by the investigating authority. 10. Subject to legal privileges or protection, investigating authorities should have the power to order persons who have data in a computer system under their control to provide all necessary information to enable access to a computer system and the data theirin. Criminal procedure law should ensure that a similar order can be given to other persons who have knowledge about the functioning of the computer system or measures applied to secure the data therein. 11. Specific obligations should be imposed on operators of public and private networks that offer telecommunications services to the public to avail themselves of all necessary technical measures that enable the interception of telecommunications by the investigating authorities. 12. Specific obligations should be imposed on service providers who offer telecommunications services to the public, either through public or private networks, to provide information to identify the user, when so ordered by the compentant investigating authority. 14. Measures should be considered to minimise the negative effects of the use of cryptography on the investigation of criminal offenses, without affecting its legitimate use more than is strictly necessary. [...] 17. The power to extend a search to other computer systems should also be applicable when the system is located in a foreign jurisdiction, provided that immediate action is required. In order to avoid possible violations of state sovereignity or international law, an unambigious legal basis for such extended search and seizure should be established. Therefore, there is an urgent need for negotiating international agreements as to how, when and to what extent such search and seizure should be permitted. 18. Expedited and adequate procedures as well as a system of liason should be available according to which the investigating authorities may request the foreign authorities to promptly collect evidence. For that purpose the requested authorities should be authorized to search a computer system and seize data with a view to its subsequent transfer. The requested authorities should also be authorized to provide trafficking data rtelated to a specific telecommunication, intercept a specific telecommunication or identify its source. For that purpose, the existing mutual legal assistance instruments need to be supplemented. [...] The document does also include a few less ominous points, such as: 2. Criminal procedure laws should permit investigating authorities to search computer systems and seize data under similar conditions as under traditional powers of search and seizure. The person in charge of the system should be informed that the system has been searched and of the kind of data that has been siezed. The legal remedies that are provided for in general against search and seizure should be equally applicable in case of search in computer systems and in case of seizure of data therein. But, in general, the document appears almost as if written to be a police and intelligence agency wishlist, assaulting encryption and several other aspects of privacy. The proposal amounts to a call for a pan-European "Digital Telephony"-style surveillance network, where no system is secure, where no parties are unidentified, and in which all participant actions are logged and trackable, with all system operators required to yield such information to authorities, even foreign police or intelligence agencies. How did this happen? Unconfirmed reports indicate that many representatives on this advisory body, such as the Finnish assistant director of Criminal Police (a rather Freudian title...), support "extremely broad powers for the police" according to one commentator, and shouted down more moderate members of the panel, such as the Norwegian representative, while representing their personal pro-police-state views as typical of their entire government - even though the matter is currently, and has been for two years, under debate in the Finnish government, for example, and is hardly a settled policy issue. An EFF boardmember was told by a White House official that the Clinton Administration is leaning heavily on foreign governments, especially those in Europe, to implement restictions on strong encryption and to push for key "escrow". This is not really news - other Executive Branch statements have said as much in the past, but it is clear that the demise of Clipper as a workable system has done little to slow down the Administration's ardent desire to wiretap the world. It seems likely that the European recommendations may be due in part to this pressure. It is not presently clear how much, if any, real weight with European policy makers the Committee of Ministers' recommendations will have. The Council of Europe has no legislative power, either in members' individual nations, or at the European Union level, unlike the European Commission. However, Peter Csonka, the chairman of the committee that drafted the document (and an administrative officer at the Council's division of crime problems) says, "it is rare for countries to reject Council of Europe recommendations", according to an article in _Communications_Week_International_. The article also suggests that the Council recommendations were intended to roughly coincide with a Commission proposal for a pan-European encryption standard. We currently do not have any information on any such standard proposal, and the _CWI_ article had several errors in it, so this is to be taken with a grain of salt. Contrary to the _CWI_ report, the Council recommendations do not call directly for a crypto ban, or key "escrow", only for weak encryption and some kind of law enforcement access to keys (and only if you interpret it that way.) The _CWI_ article, for whatever it might be worth, also reports that opposition to this measure was expressed by Mike Strezbek, VP responsible for European telecomms at JP Morgan, who said that his organization "will challenge any attempt to limit the power of our network encryption technologies very strongly". It also noted that "Czonka said that the Council had given consideration to business interests but had tried to strike a balance between privacy and justice." However, "it remains possible that cryptography is available to the public which cannot be deciphered. This might lead to the conclusion to put restrictions on the possession, distribution, or use of cryptography." The source document of these statements is not current know to us. A correspondent, Ross Anderson, warns that apparently another international organization, the OECD, has called a conference of its members in December to devise a strategy on encryption. It's clear that many pieces are missing from this picture. Any info our readers might have that can shed some light on the dark spots will be appreciated. What news we do have is fairly disturbing and certainly cause for concern. You can examine the full text of the recommendations at: ftp.eff.org, /pub/Global/Multinational/Privacy/ gopher.eff.org, 1/Global/Multinational/Privacy http://www.eff.org/pub/Global/Multinational/Privacy/ ------------------------------ Subject: Newsbytes ------------------ * EFF Update We apologize for any delays that new members experience in having their memberships processed. We'll be catching up on the backlog shortly! We've also made a shorter and more convenient membership form (available at http://www.eff.org/pub/EFF/join.eff). Other membership changes include expansion of the sysop membership category to include others who want to do EFF membership recruiting, and expansion of the student membership category to also include those with low incomes. Sysop/recruiter members may renew at sysop/recruiter rates for the time being, regardless of whether they can show that they've fulfilled the recruiting requirement. We did not have a workable system in place to keep track of sysop member recruitment, so until we do, we'll just take your word for it. We furthermore apologize for an error in one of our site indexes. As a visitor noted, we had improperly identified "militia" and "terrorist" in a file description. This has been fixed. EFF has no position on militia issues (other than attempts to broaden censorship and surveillance on the pretext of alleged links between militias and terrorism. For more information on such moves by legislators and agencies, keep an eye on http://www.eff.org/pub/Censorship/Terrorism_militias.) As noted in the index file, materials on both topics are housed in the same directory since the tactics and rhetoric of regulators pushing for censorship using "terrorism" on the one hand, or "militias" on the other is remarkably similar. * EFF's Farber Wins ACM SIGCOMM Award for Lifelong Contribution to Networking Professor David Farber is the winner of this year's ACM SIGCOMM (Special Interest Group in Data Communications) award for lifelong contribution to data networking. He was presented this award during the ACM SIGCOMM 1995 conference to held Aug 28 to Sep 1 1995. David J. Farber has been a Professor in the Computer and Information Science Department at the University of Pennsylvania since 1987. He received his B.S. in Electrical Engineering and an M.S in Mathematics from the Stevens Institute of Technology in 1956 and 1962 respectively. He is a member of the American Association for the Advancement of Science (AAAS); Association for Computing Machinery (ACM) and the Institute of Electrical and Electronics Engineers (IEEE). He is also on the Board of Directors of the Electronic Frontier Foundation. Prof. Farber is a co-founder of the CSNET national research network. He worked in the early 1970's on ring networks and in the early 80's proposed MEMNET, one of the first distributed shared memory networks. He is one of the Principal Investigators on the AURORA gigabit testbed. Prof. Farber's current research interests are in high speed communication networks, distributed computing, operating systems, distributed collaboration, and microprocessor architecture. * Clinton Administration Lied About Clipper Being Voluntary - Proof! Newly-released government documents show that key federal agencies concluded more than two years ago that the "Clipper Chip" encryption initiative will only succeed if alternative security techniques are outlawed. The Electronic Privacy Information Center (EPIC) obtained the documents from the Federal Bureau of Investigation under the Freedom of Information Act. EPIC, a non-profit research group, received hundreds of pages of material from FBI files concerning Clipper and cryptography. The conclusions contained in the documents appear to conflict with frequent Administration claims that use of Clipper technology will remain "voluntary." Critics of the government's initiative, including EPIC and EFF, have long maintained that the Clipper "key-escrow encryption" technique would only serve its stated purpose if made mandatory. According to the FBI documents, that view is shared by the Bureau, the National Security Agency (NSA) and the Department of Justice (DOJ) as a whole. In a "briefing document" titled "Encryption: The Threat, Applications and Potential Solutions," and sent to the National Security Council in February 1993, the FBI, NSA and DOJ concluded that: Technical solutions, such as they are, will only work if they are incorporated into *all* encryption products. To ensure that this occurs, legislation mandating the use of Government-approved encryption products or adherence to Government encryption criteria is required. Likewise, an undated FBI report titled "Impact of Emerging Telecommunications Technologies on Law Enforcement" observes that "[a]lthough the export of encryption products by the United States is controlled, domestic use is not regulated." The report concludes that "a national policy embodied in legislation is needed." Such a policy, according to the FBI, must ensure "real- time decryption by law enforcement" and "prohibit[] cryptography that cannot meet the Government standard." The FBI conclusions stand in stark contrast to public assurances that the government does not intend to prohibit the use of non-escrowed encryption. EPIC has recently also filed a brief in support of CPSR's FOIA lawsuit against NSA, seeking allegedly improperly classified NSA documents on Clipper. EFF boardmember John Gilmore and his attorney, Lee Tien have also filed related FOIA requests and lawsuits against NSA and other agencies. [Largely excerpted with minor edits from EPIC press releases.] The full version of the EPIC statements & Brief, and documents from the CPSR and Gilmore/Tien cases, are available at: ftp.eff.org, /pub/Activism/FOIA/Clipper_FOIA/ gopher.eff.org, 1/Activism/FOIA/Clipper_FOIA http://www.eff.org/pub/Activism/FOIA/Clipper_FOIA/ For more information, see also: http://www.epic.org/crypto/ban/fbi_dox/ * Hints of "OzClipper"? Australian Atty. General's Dept. Wants Key Escrow An attendee, Ross Anderson, of the Queensland U. of Tech. Cryptography Policy and Algorithms Conference in July of this year, reports that Steve Orlowski, Assistant Director, Australian attorney general's department, stated in a presentation, "the needs of the majority of users of the infrastructure for privacy and smaller financial transactions can be met by lower level encryption which could withstand a normal but not sophisticated attack against it. Law enforcement agencies could develop the capability to mount such sophisticated attacks. Criminals who purchased the higher level encryption products would immediately attract attention to themselves." Orlowski also indicated that the Attorney General's office would be intersted in serving as the central federal decryption agency, that banks and other entities using strong encryption should have their crypto keys "escrowed", and that the OECD countries will hold a meeting later this year on cryptography policy. Orlowski, however, curiously noted that encryption has yet to become any kind of problem for law enforcement and that police actually, and effectively, use transactional records and other "traffic analysis" information to nab the bad guys. Anderson also reports that he learned at the conference that the intelligence agencies of several nations have already held a classified crypto-policy meeting in Germany in March, and have agreed to press their governments for laws requiring key escrow and banning strong encryption. * Church of Scientology Cases - Update CoS organizations Religious Technology Center and Bridge Publications continue to pursue legal sanctions against critics, who claim they are posting CoS documents in a fair-use manner. Early this year, RTC and Bridge filed suit against Dennis Erlich, a former Scientology minister, his BBS operator, Tom Klemesrud, and Klemesrud's ISP, Netcom, and convinced a judge to issue a temporary restraining order (TRO) and writ of seizure that allowed CoS to raid the Erlich's home and confiscate what it said were infringing materials and their method of dissemination (Erlich's computer equipment). Later, after instigating a raid on a Finnish anonymous remailer and sending a series of almost identical legal threats to critics posting CoS documents, which the church claims both copyright and trade secret protection for, Bridge and RTC filed similar suits against anti-cult group FACTNet and two of its directors in Colorado, while Bridge separately filed a similar suit against another FACTNet director, Arnie Lerma, on the East Coast, naming the Washington Post and two Post employees as co-defendants. Using the original writ of seizure against Erlich as evidence of the "emergency" nature of their request, CoS convinced both of the other judges to issue similar search-and-seize orders. The FACTNet and Post defendants are all charged with copyright and trade secret violation, just like the Erlich and the other California defendant, but in the more recent cases, the documents in question came from *publicly-accessible court records* from a previous case (CoS Int'l. v. Fishman & Geertz). Aug. 30, Judge Brinkema, presiding over the Virginia case, appeared wrathful at the church's misuse of the writ of seizure, deciding plaintiffs had "unclean hands" in a "dirty search" according to an unofficial transcript (we hope to provide the official court documents shortly). Brinkema rescinded the writ and temporary restraining order against the defendants, and was particularly concerned about the First Amendment implications of the actions against the Washington Post. The judge explicitly permitted fair use by defendants of the documents at issue, and expressed skepticism that CoS would win the larger case itself on the merits of either copyright or trade secret claims. Brinkema also ordered the return of all seized materials. Sept. 12, Judge Kane, presiding over the Colorado case, vacated the writ a judge under him had issued, and he too ruled that until the case begins in earnest, defendants may use the documents within fair use guidelines. Kane found it highly unlikely that CoS would succeed on the merits of its case, and found that the trade secret arguments were particularly weak. Kane reinforced this decision with an order issue 3 days later, after CoS had appealed to a Supreme Court Justice (appeal denied). CoS failed to return all of the seized materials, citing First Amendment religious freedom, but Kane has appointed defense's computer expert witness, at plaintiffs' expense, to examine the materials and provide for return off all seized items, minus the documents at issue in the case, which are to be held in the custody of the court rather than plaintiffs' attorneys. Sept. 22, Judge Whyte finally issued his own ruling in the California case against Erlich, Netcom and Klemesrud. He too vacated the writ of seizure and TRO against the defendants, and did something very uncommon: he questioned the constitutionality of his own orders! Nevertheless, alone of the three judges, Whyte appears to believe that CoS will succeed in its suit on the merits of their copyright argument, though remains skeptical about the merits of the trade secret claim. Whyte was also critical of the internet itself, stating: "The court is troubled by the notion that any Internet user, including those using "anonymous remailers" to protect their identity, can destroy valuable intellectual property rights by posting them over the Internet, especially given the fact that there is little opportunity to screen postings before they are made...The anonymous (or judgment proof) defendant can permanently destroy valuable trade secrets, leaving no one to hold liable for the misappropriations...Computer files can be easily uploaded and copied from one location to another and are easy to transport, conceal or delete. The ability of users to post large amounts of protected works nearly instantaneously over the Internet makes it a rather dangerous haven for copyright infringers." But this isn't all that's been happening. CoS-unfriendly posts to the Usenet newsgroup alt.religion.scientology (and many other newsgroups including comp.org.eff.talk) are being cancelled frequently by an anonymous person or persons, dubbed the "CancelPoodle". Some critics allege that CoS itself is doing this. One a.r.s. participant who received a legal threat from CoS lawyers also alleges that CoS private investigator Gene Ingram, wanted in at least one state on felony charges, attempted to frame him for "terrorist acts". Others report dissimilar but equally strange harassment. Worse yet, the raid have not only not stopped, but spread back across the Atlantic. Dutch Internet access provider XS4All was raided after the same documents central to the FACTnet and Washington Post cases were posted to an XS4All user's WWW pages. CoS had demanded the removal of the material, and XS4All complied, but somehow they were able to convince the Netherlands authorities to permit search and seizure of XS4All's computers anyway. Dutch journalist Karin Spaink suggests in a recent article that the real reason for the raid "probably was that a former XS4ALL-based remailer had been used to post anonymously in a.r.s." Dutch Internetters appear to be almost uniformly outraged at the CoS seizure action, and copies of the documents that sparked the raid, the "Fishman Declaration", which contains copies of "secret" CoS religious works, have spread like wildfire among Dutch WWW pages and other sites around the world, from China to Australia. This protest action has even been joined by noted European author Marcel Moring, Dutch Member of Parliament Oussama Cherribi, and a national television network, among at least 70 other sites in Holland. Oussama compared the situation to the Salman Rushdie affair, and a newpaper reported that he "will not remove the documents from his homepage until a Dutch court rules that he has to." Another Parliament Member has sent queries to the Dutch Justice Dept. asking if they are aware of the events, and whether Justice agrees that system operators need extra legal protection, and will work to "remedy the currently unclear legal position of Internet providers". CoS continues to mail legal threats to the Dutch users and their service providers, to date without much apparent effect. For every "Fishman" site that goes down, several more pop up. For more information on these increasinly convoluted cases and events, see: ftp.eff.org, /pub/Legal/Cases/Scientology_cases/ gopher.eff.org, 1/Legal/Cases/Scientology_cases http://www.eff.org/pub/Legal/Cases/Scientology_cases/ * ALERT: SEC EDGAR Database Endangered by Lobbyists September 28, the Securities and Exchange Commission (SEC) began providing Internet access to the EDGAR database, at http://www.sec.gov/ - the datbase was oringially administered by the Internet Multicasting Service, but SEC has finally agreed to make it's own records avialable to the public. Early in August, Internet Multicasting Service (IMS) announced that it was ending its NSF-funded free dissemination of EDGAR filings from its town.hall.org site on October 1, 1995. On July 27, 1995 a bill was introduced in the House of Representatives to privatize the EDGAR system. On Aug. 14th, the SEC held a meeting on the future of EDGAR, and there was a great deal of support for the free NYU/IMS EDGAR dissemination project. To their credit, SEC announced that it would find a way to continue a free Internet dissemination program for the EDGAR data, and did just that, establishing the www.sec.gov system. Lobbyists for the Information Industry Association (IIA) have actively opposed this project and are working actively to have it killed. If you have opinions on the issue, it is crucial that you make your views known by writing to Chairman Levitt of the SEC in care of: sec@town.hall.org EDGAR on the Internet began two years ago as a trial project with New York University and the non-profit Internet Multicasting Service. Over 3 million documents were distributed and the current rate of access is over 17,000 documents per day. The Internet database makes key financial information available to people who did not have it before: students, public interest groups, senior citizen investment clubs, and many others. Lobbyists contend that free access to simple keyword searches and unprocessed bulk databases threatens the retail information industry. Those concerned about public access to governement information believe that the opposite is true: free access to raw data expands the market of potential users. Evidence of this is that Moody's, RR Donnelley, and Disclosure all signed contracts offering to help the Internet Multicasting Service, provide the EDGAR material. There is still a crucial role for the information industries. They provide value added in the form of real- time access, extensive historical databases, consulting, re-formatted documents, and extracts of key portions of documents. However, putting raw data on the Internet 24 hours after publication is *not* value added and the companies that will thrive in the information age do not view this as a threat. This issue is a key test of the Republican "Contract With America". The Paperwork Reduction Act, which took effect on October 1, was a key part of the "Contract" and stated that government data should not be made available at inflated prices to a few special interests. The SEC EDGAR project carries out the provisions of that law that state that data *must* be available through a "diversity of public and private sources" and the public must get access to key government databases in a "timely and equitable manner." The EDGAR database is not a product to be auctioned off to the highest bidder: it is fuel for the information economy. The non-profit public interest group Taxpayer Assets Project (TAP) calls EDGAR "the world's most important and valuable database of financial information." If you feel strongly for or against this project, you should let your views be known now. [Largely excerpted, with minor edits, from a Internet Multicasting Service action alert by Carl Malamud, and a TAP update.] * Coming Next Issue... Cincinnati BBSers Fight Back Stratton Oakmont & Porush v. Prodigy - Update International Online Child-Porn "Ring" Target of "Operation Starburst" Canadian Prosecutions for Textual & Faked "Child Pornography" Canadian Exon-alike on the Way? Commerce Dept. IPWG Report on Online Intellectual Property Meets Resistance Canada & Holland Ratchet-up Privacy pgp.net - New World-Wide PGP Keyservice Swiss Data Protection Commish Warns About Lack of Security Bulgarian TV Censorship and more of course. ------------------------------ Subject: Upcoming events ------------------------ This schedule lists events that are directly EFF-related. A much more detailed calendar of events likely to be of interest to our members and supporters is maintained at: ftp.eff.org, /pub/EFF/calendar.eff gopher.eff.org, 1/EFF, calendar.eff http://www.eff.org/pub/EFF/calendar.eff Oct. 10- 11 * US NII Advisory Council meeting; Pittsburgh, Penn. Open to the public; members of this civilian council include EFF board members Esther Dyson and David Johnson. Contact: +1 212 482 1835 (voice) Oct. 13 * Seminar on Forecasting the Technological Future in Information Systems; Annenberg School of Communication Public Policy Center, U. of Pennsylvania. Speakers include EFF co-founder Mitch Kapor. Contact: +1 215 898 7041 (voice; ask for Oscar Gandy) Oct. 19 * Library Fair 95: Information Access at the Smithsonian Institution Libraries; Smithsonian Ripley Center, Washington DC. Speakers include Shari Steele (EFF Staff Counsel) Email: libem011@sivm.si.edu Nov. 3- 4 * Innovation and the Information Environment Conf.; U. of Oregon School of Law, Eugene, Or. Speakers include Shari Steele (EFF Staff Counsel). Email: kaoki@law.uoregon.edu ------------------------------ Subject: Quote of the Day ------------------------- "Technical solutions, such as they are, will only work if they are incorporated into *all* encryption products. To ensure that this occurs, legislation mandating the use of Government-approved encryption products or adherence to Government encryption criteria is required." - FBI, NSA and Justice Department secret briefing document to the National Security Council, Feb. 1993, "Encryption: The Threat, Applications and Potential Solutions", obtained by Freedom of Information Act lawsuit by EPIC. Find yourself wondering if your privacy and freedom of speech are safe when bills to censor the Internet are swimming about in a sea of of surveillance legislation and anti-terrorism hysteria? Worried that in the rush to make us secure from ourselves that our government representatives may deprive us of our essential civil liberties? Concerned that legislative efforts nominally to "protect children" will actually censor all communications down to only content suitable for the playground? Join EFF! Even if you don't live in the U.S., the anti-Internet hysteria will soon be visiting a legislative body near you. If it hasn't already. ------------------------------ Subject: What YOU Can Do ------------------------ * The Communications Decency Act & Other Censorship Legislation The Communications Decency Act and similar legislation pose serious threats to freedom of expression online, and to the livelihoods of system operators. The legislation also undermines several crucial privacy protections. Business/industry persons concerned should alert their corporate govt. affairs office and/or legal counsel. Everyone should write to their own Representatives and Senators, asking them to oppose Internet censorship legislation, and everyone should write to the conference committee to support the reasonable approaches of Leahy, Klink, Cox and Wyden, and to oppose the unconstitutional proposals of Exon, Gorton and others. For more information on what you can do to help stop this and other dangerous legislation, see: ftp.eff.org, /pub/Alerts/ gopher.eff.org, 1/Alerts http://www.eff.org/pub/Alerts/ If you do not have full internet access, send your request for information to ask@eff.org. * The Anti-Electronic Racketeering Act This bill is unlikely to pass in any form, being very poorly drafted, and without much support. However, the CDA is just as bad and passed with flying colors [the jolly roger?] in the Senate. It's better to be safe than sorry. If you have a few moments to spare, writing to, faxing, or calling your Congresspersons to urge opposition to this bill is a good idea. If you only have time to do limited activism, please concentrate on the CDA instead. That legislation is far more imminent that the AERA. * Find Out Who Your Congresspersons Are Writing letters to, faxing, and phoning your representatives in Congress is one very important strategy of activism, and an essential way of making sure YOUR voice is heard on vital issues. EFF has lists of the Senate and House with contact information, as well as lists of Congressional committees. (A House list is included in this issue of EFFector). These lists are available at: ftp.eff.org, /pub/Activism/Congress_cmtes/ gopher.eff.org, 1/EFF/Issues/Activism/Congress_contact/ http://www.eff.org/pub/Activism/Congress_contact/ The full Senate and House lists are senate.list and hr.list, respectively. Those not in the U.S. should seek out similar information about their own legislative bodies. EFF will be happy to archive any such information provided. If you are having difficulty determining who your Representatives are, try contacting your local League of Women Voters, who maintain a great deal of legislative information. * Join EFF! You *know* privacy, freedom of speech and ability to make your voice heard in government are important. You have probably participated in our online campaigns and forums. Have you become a member of EFF yet? The best way to protect your online rights is to be fully informed and to make your opinions heard. EFF members are informed and are making a difference. Join EFF today! For EFF membership info, send queries to membership@eff.org, or send any message to info@eff.org for basic EFF info, and a membership form. ------------------------------ Administrivia ============= EFFector Online is published by: The Electronic Frontier Foundation P.O. Box 170190 San Francisco CA 94117 USA +1 415 668 7171 (voice) +1 415 668 7007 (fax) Membership & donations: membership@eff.org Legal services: ssteele@eff.org Hardcopy publications: pubs@eff.org General EFF, legal, policy or online resources queries: ask@eff.org Editor: Stanton McCandlish, Online Services Mgr./Activist/Archivist (mech@eff.org) This newsletter printed on 100% recycled electrons. Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements may be reproduced individ- ually at will. To subscribe to EFFector via email, send message body of "subscribe effector-online" (without the "quotes") to listserv@eff.org, which will add you to a subscription list for EFFector. Back issues are available at: ftp.eff.org, /pub/EFF/Newsletters/EFFector/ gopher.eff.org, 1/EFF/Newsletters/EFFector http://www.eff.org/pub/EFF/Newsletters/EFFector/ To get the latest issue, send any message to effector-reflector@eff.org (or er@eff.org), and it will be mailed to you automagically. You can also get the file "current" from the EFFector directory at the above sites at any time for a copy of the current issue. HTML editions available at: http://www.eff.org/pub/EFF/Newsletters/EFFector/HTML/ at EFFweb. HTML editions of the current issue sometimes take a day or longer to prepare. ------------------------------ End of EFFector Online v08 #16 Digest ************************************* $$