======================================================================= E P I C A l e r t ======================================================================= Volume 11.01 January 14, 2004 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/EPIC_Alert_11.01.html ====================================================================== Table of Contents ====================================================================== [1] US-VISIT Launched; U.S. Pushes for Passenger Info [2] Defense Department Report Blasts Total Information Awareness [3] Judge Sides With EPIC on FOIA Quick Review, But Rules for DOJ [4] FOIA Document Covers Palladium Privacy, Unique Identifier Issues [5] Officials Question DC Police Handling of Political Demonstrations [6] News in Brief [7] EPIC Bookstore: The Naked Crowd [8] Upcoming Conferences and Events ====================================================================== [1] US-VISIT Launched; U.S. Pushes for Passenger Info ====================================================================== The United States Visitor and Immigrant Status Indicator Technology (US-VISIT) has been launched at 115 airports and 14 seaports in the United States. The program, which draws on the resources of more than twenty existing information systems and databases, compares fingerprints and digital photographs of foreign nationals entering the country with biometric, biographical, and travel data to determine whether the visitor should be allowed into the United States. US-VISIT, which is scheduled to be implemented at all ports of entry by the end of 2005, has invoked international resentment and caused a judge in Brazil to order the retaliatory fingerprinting and photographing of U.S. citizens traveling to that country. The Department of Homeland Security (DHS) has scrambled to develop and deploy US-VISIT on the timeline set by Congress, issuing a privacy impact assessment (PIA) just days before US-VISIT started collecting biometric identifiers from visitors. Agencies are required by law to complete a PIA before developing new information technology that will collect or store personal information electronically, so that privacy protections are considered from the project's beginning. Senator Joe Lieberman (D-CT) criticized the late issuance of US-VISIT's PIA, noting "[a]fter hundreds of millions of dollars have been invested in the deployment of the next phase of US-VISIT, it seems highly unlikely that agency officials would reconsider the system's design or configuration, on the eve of deployment." EPIC recently filed comments in response to DHS's announcement that it will collect biometric and biographic information in the Arrival Departure Information System (ADIS), one of US-VISIT's component systems. EPIC argued that DHS should not exempt ADIS from Privacy Act requirements merely because of its use in US-VISIT because the Privacy Act protects only individuals who are not affected by US-VISIT. EPIC also urged DHS to reduce its proposed 100-year data retention period and comply with international privacy standards governing the collection and use of personal information. US-VISIT's deployment comes just a month after EPIC analyzed the program's possible uses in a "friend of the court" brief submitted in Hiibel v. Nevada, a case in which the U.S. Supreme Court will determine whether an individual may refuse to identify himself to police when there is no legal basis for an arrest. The brief identified US-VISIT as a system that may potentially be used by law enforcement to engage in public surveillance. The Supreme Court will hear oral argument in the case on March 22. For more information on US-VISIT, see EPIC's US-VISIT Page: http://www.epic.org/privacy/us-visit/default.html DHS's Privacy Impact Assessment for US-VISIT is available at: http://www.epic.org/privacy/us-visit/us-visit_pia.pdf EPIC's Comments on ADIS are available at: http://www.epic.org/privacy/us-visit/ADIS_comments.pdf EPIC's amicus brief in Hiibel v. Nevada is available at: http://www.epic.org/privacy/hiibel/hiibel_amicus.pdf For more information about the case, see EPIC's Hiibel v. Nevada Page: http://www.epic.org/privacy/hiibel/default.html ====================================================================== [2] Defense Department Report Blasts Total Information Awareness ====================================================================== Citing lack of foresight and the possibility of governmental abuse of power, the Department of Defense's Inspector General has released a report criticizing the agency's failure to consider privacy concerns when developing the Total Information Awareness (TIA) system. Initiated in 2002, TIA (later called Terrorism Information Awareness) was designed to integrate information systems in order to search and analyze vast quantities of data for indications of terrorist activity. TIA was also intended for eventual use by domestic law enforcement. The total budget for TIA and its 15 component programs was over half a billion dollars. Congress and the public repeatedly expressed concern about TIA, particularly with respect to privacy. The report notes that in February 2003 Congress stopped funding for TIA until the Pentagon "could prove that the program does not violate privacy rights." Funding for all but three of TIA's components was ultimately eliminated in September 2003. Noting that TIA was being transitioned into the operational environment as it was being developed, the report criticizes the agency for, among other things: failing to conduct a privacy impact assessment (PIA); initially providing limited oversight over TIA development; and failing to ensure that the agency's policy, privacy and legal experts were involved. The report concludes that the agency's failure to formally assess privacy implications for U.S. citizens means the Pentagon "risks spending funds to develop systems that may be neither deployable nor used to their fullest potential without costly revisions and retrofits." The report recommends that a PIA be conducted "before TIA type technology research continues" and that a privacy official be appointed to scrutinize the development of TIA-type technologies from a privacy perspective. Although TIA has mostly been scrapped, this report is significant because it suggests that a PIA should be completed for all TIA-type technology even if no firm requirement mandates it. In addition, the report speaks not just to TIA but also to the development of future TIA-type technologies. For that reason, it may help ensure that appropriate experts are involved in future projects and that privacy, policy, legal and protective measures are addressed during future TIA-type development. The DOD Inspector General's Report is available at: http://www.dodig.osd.mil/audit/reports/FY04/04-033.pdf For more information, see EPIC's Total Information Awareness page: http://www.epic.org/privacy/profiling/tia/ ====================================================================== [3] Judge Sides With EPIC on FOIA Quick Review, But Rules for DOJ ====================================================================== A federal district court has ruled that EPIC properly filed suit against the Department of Justice (DOJ) without first asking the agency to reconsider its decision not to "expedite" review of a Freedom of Information Act (FOIA) request. However, the court declined to order DOJ to expedite the release documents about the efforts of federal prosecutors to oppose legislative revisions to the controversial USA PATRIOT Act. In August, DOJ issued a memorandum urging all U.S. Attorneys "to call personally or meet with . . . congressional representatives" to talk over "the potentially deleterious effects" of denying funding for delayed notification warrants. EPIC requested information about the memorandum from DOJ. EPIC also asked that its request be processed quickly, noting that the memorandum received substantial media coverage and raised serious questions about the propriety of the prosecutors' lobbying efforts. DOJ refused to expedite processing, and EPIC filed suit in October. EPIC argued that it was entitled to sue DOJ after the agency refused to expedite processing, and that EPIC did not have to file an administrative appeal of DOJ's decision before going to court. EPIC also asserted that DOJ should be ordered to turn over the documents immediately because there was an urgency to inform the public about them, and because members of Congress and the media had questioned the appropriateness of the government's lobbying efforts in favor of the USA PATRIOT Act. DOJ countered with the claim that the court had no authority to consider EPIC's complaint, because EPIC had not asked the Department to reconsider its decision before filing suit. The agency also argued that media coverage of the memorandum was insubstantial and that the memorandum raised no questions about the government's integrity. Judge James Robertson agreed that EPIC could file suit when its request for expedited processing was denied, and did not first have to ask the agency to reconsider. However, he determined that there was no urgency to inform the public about the requested documents, nor enough media interest shown in the subject matter to warrant expedited precessing. The court's ruling is available at: http://www.epic.org/open_gov/foia/otter-decision.pdf EPIC's memorandum in support of its motion for a preliminary injunction is available at: http://www.epic.org/open_gov/foia/otter-pi.pdf For background information, see EPIC's USA PATRIOT Act page: http://www.epic.org/privacy/terrorism/usapatriot/ ====================================================================== [4] FOIA Document Covers Palladium Privacy, Unique Identifier Issues ====================================================================== EPIC has obtained a document concerning Microsoft Palladium from the National Institute of Standards and Technology (NIST) under the Freedom of Information Act. The document, a 32-page presentation that bears a 2002 copyright mark, was apparently given by Michael Aday, a senior program manager at Microsoft. Palladium, which is currently named the "Next Generation Secure Computing Base," is one variant of "Trusted Computing," a set of operating system technologies being developed primarily by Microsoft, AMD, Intel, IBM, and HP. The technology has profound implications for privacy and for altering the balance of power among computer users, media companies, and software programmers. While Microsoft has attempted to pitch Palladium as a tool for protecting individuals' privacy, as the presentation makes clear, the technology could establish an infrastructure of unique user identification and tracking. A slide on "Policy Issues" reads in part: "Since the Pd (Palladium) RSA key pair is unique to the platform, what steps should we take to defend against traffic analysis of user behavior?" The next reads: "The Issue: Palladium uses at least two sets of unique hardware keys . . . Essentially equivalent to unique machine identifiers." Trusted Computing does present some opportunity for greater computer privacy and security. For instance, the technology could improve encryption key storage, it would provide for a more secure boot process, and reduce the risk that keyloggers or other devices could intercept passwords or communications. However, the potential for control of computer users cannot be underestimated. Generally, it will reduce user control over the computer, resulting in software programmers being able to force upgrades, control which applications are approved to handle media, or even erase pirated content or applications. Depending on its implementation, the technology could eliminate online anonymity. It also could serve as the starting point for ubiquitous Digital Rights Management technologies. As Professor Ross Anderson has noted, Trusted Computing "will be more trustworthy from the point of view of software vendors and the content industry, but will be less trustworthy from the point of view of their owners. In effect, the TCG specification will transfer the ultimate control of your PC from you to whoever wrote the software it happens to be running." NIST Palladium Presentation: http://www.epic.org/privacy/consumer/microsoft/nistpalladium.pdf EPIC Palladium / Next Generation Secure Computing Base Page: http://epic.org/privacy/consumer/microsoft/palladium.html Ross Anderson's Trusted Computing FAQ: http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html ====================================================================== [5] Officials Question DC Police Handling of Political Demonstrations ====================================================================== On December 17 and 18, 2003, the City Council of the District of Columbia held hearings to examine the policies and practices of the Metropolitan Police Department regarding demonstrations within the District. The hearings were largely focused on police actions at anti-globalization and anti-war demonstrations in April 2000 and September 2002. The Council questioned the police over numerous accusations filed against the department including unprovoked assault, wrongful arrest, infiltration of protestor planning meetings and incitement of protestors to violence. Police Chief Charles H. Ramsey admitted that his department wasn't perfect and that it had made mistakes in its handling of demonstrations. However, Ramsey largely defended his department's actions, including sending undercover police officers to attend protestor planning meetings without any guidelines in place regarding such activities. EPIC sent a letter to Council Chairperson Kathy Patterson, supporting the Council's investigation and urging the Council to also consider the surveillance of protester activity and the maintenance of electronic databases on protestors. EPIC testified before the Council in the summer of 2002 on the risks that surveillance poses to constitutionally protected activity. The current letter to the DC Council cites a number of examples of police surveillance at political protests in Washington and elsewhere. Police are increasingly gathering information and creating criminal intelligence files without any reasonable suspicion of criminal activity. This conduct will only serve to inhibit protesters from exercising their constitutional rights. Until strict safeguards are implemented for surveillance and data collection at demonstrations, the freedom of expression of protestors, tourists, and D.C. residents will remain at risk. The Council is expected to issue a report of its investigation in early 2004. The prepared statement of Charles H. Ramsey, Chief of Police, December 18, 2003 is available at: http://mpdc.dc.gov/news/stmts/2003/12/121803.shtm For more information about free expression rights, see EPIC's Protester Privacy Page: http://www.epic.org/privacy/protest/ EPIC's Observing Surveillance Page: http://www.observingsurveillance.org/ ====================================================================== [6] News in Brief ====================================================================== COURT REFUSES TO HEAR CHALLENGE TO UNPRECEDENTED SECRECY The U.S. Supreme Court refused to hear a challenge to the government's refusal to release the names of more than 700 people who were detained after the September 11 terrorist attacks, most of whom have been since deported. The case, Center for National Security, et al. v. DOJ, was brought by several plaintiffs, including EPIC, when the government refused to release the identities in response to a Freedom of Information Act request submitted by a broad coalition of civil liberties and human rights groups. The Supreme Court docket for Center for National Security v. DOJ is available at: http://www.supremecourtus.gov/docket/03-472.htm CHECKPOINT STOPS OKAY IN CRIMINAL INVESTIGATIONS This week, in a 6-3 ruling, the U.S. Supreme Court held that police roadblocks are permissible when their purpose is to seek information regarding criminal activity. A man had challenged the police's ability to set up roadblocks when he was arrested for intoxication while stopped at a roadblock created to gather tips about a recent hit-and-run. The case, Illinois v. Lidster, is the latest development in the legal status of roadblocks. In 2000, the Court held that roadblocks for drug searches violated motorists' Fourth Amendment right of privacy. The Supreme Court docket for Illinois v. Lidster is available at: http://www.supremecourtus.gov/docket/02-1060.htm IRS TO FLAG FREE FILE TAXPAYERS The Internal Revenue Service (IRS) announced that it will use electronic flags to identify taxpayers filing through Free File, an IRS effort with private companies to provide free electronic tax filing to taxpayers. According to IRS Director of Electronic Tax Administration Terry Lutes, the identification of Free File taxpayers is essential to measuring the effectiveness of the Free File program and marketing, in its second year. The Free File program is part of an IRS effort to increase electronic filing among taxpayers. However, the tax software providers in the Free File program have strongly criticized the flagging of Free File taxpayers. Intuit, publisher of TurboTax, has stated that its software will not identify Free File users. TaxBrain, another Free File provider, has announced plans to withdraw from the Free File program. H & R Block, while remaining within the Free File program, has concerns about the identification, according to H & R Block Vice President Mark Ciaramitaro. IRS Free File Page: http://www.irs.gov/efile/article/0,,id=118986,00.html For more information about the IRS, see the EPIC IRS Page: http://www.epic.org/privacy/databases/irs/ EPIC's Letter to the Department of Treasury warning of misuse of personal filing information by Free File companies is available at: http://www.pirg.org/consumer/ral03march.pdf FAIRFAX COUNTY, VA GOP REPORT CRITICIZES E-VOTING SYSTEMS A report released last week by the Fairfax County, Virginia Republican Party strongly criticized the use of touch screen "e-voting" system in last November's local elections. The report declared that the new voting machines were "a failure" and that local officials lacked proper recovery policies, citing technical and procedural problems described in numerous accounts from both precinct workers and voters. The report further called for state regulations to guide local election boards. The November 2003 election was the first where Fairfax County used new touch screen voting machines made by Advanced Voting Solutions. Nearly 1000 of these touch screen machines were purchased last year by Fairfax County for $3.5 million. National Committee for Voting Integrity: http://www.votingintegrity.org Verified Voting Coalition http://www.verifiedvoting.com For more information about electronic voting, see EPIC's Voting Page: http://www.epic.org/privacy/voting/ SEN. LIEBERMAN ANNOUNCES PRIVACY PLAN Democratic presidential hopeful Joe Lieberman has vowed to introduce new protections for personal privacy and to break the "Bush Wall of Secrecy" in the federal government. Comparing President Bush to the Nixon administration, Lieberman blamed Bush for "failing to safeguard information that ought to stay private while keeping secret information that ought to be public." Lieberman's plan includes the establishment of a high-level Electronic Privacy Task Force and protections regarding identity theft, financial information, social security numbers, medical information and information about children. With respect to government information, Lieberman's plan includes a reversal of Attorney General Ashcroft's memorandum restricting the release of information by agencies under the Freedom of Information Act. Sen. Lieberman's Plan To Protect Personal Privacy And Break The Bush Wall Of Secrecy is available at: http://www.joe2004.com/site/News2?page=NewsArticle&id=6672 ====================================================================== [7] EPIC Bookstore: The Naked Crowd ====================================================================== The Naked Crowd: Reclaiming Security and Freedom in an Anxious Age, by Jeffrey Rosen (Random House 2004) http://www.powells.com/cgi-bin/biblio?inkey=62-0375508007-0 In the weeks and months following 9-11, the public accepted many new incursions into personal privacy. Airline passengers removed their shoes and stood arms outspread as uniformed officials peered through their carry-on baggage. The Department of Homeland Security proposed to color code all passengers based on the likelihood that they might commit a terrorist act. Banks asked new customers to provide detailed information that would be promptly transferred to federal investigators. This year, visitors entering the United States from other countries are fingerprinted and photographed. And the biometrics now being obtained from non-U.S. citizens will soon be required of U.S. citizens. Whether any of these measures has actually made the country safer is not an easy question to answer. The government's desire for information about the public seems matched only by its own excessive claims of secrecy. But what does seem clear is the willingness of the public, at least in some circumstances, to allow intrusions that before 9-11 would be quickly called "Orwellian" or, more precisely, the telltale symbols of a hi-tech police state. Jeff Rosen's new book "The Naked Crowd" is a timely and thoughtful response to the challenge that the American public faces today in preserving freedom. Although it recalls Vance Packard's popular "The Naked Society" of the '60s, Rosen is more Tocqueville than Packard. He is less concerned with blowing the whistle on Big Government and Big Business and more interested in trying to understand how Americans, with their unique strengths and weaknesses, should best respond. The question is whether a society enamored of reality TV and willing to post intimate personal details on a web log for thousands to view is prepared to assert a right of privacy and to do so in a way that reflects broad respect for the value of individuality and not simply coarse self-interest. The answer is possibly. Rosen looks to the Congress more than the courts as the main line of defense as new proposals for surveillance are set forward. He describes several of the significant victories of the last few years, including the collapse of John Poindexter's Total Information Awareness program and the defeat of a National ID card proposal. Though Congress did pass the badly misnamed USA PATRIOT Act, by comparison to a deferential and timid judiciary, it has been more willing to draw lines in the post-9-11 world. Rosen also proposes that new technologies be developed to enhance security while simultaneously safeguarding privacy. He cites the advantages of a "blob machine" that could reveal hidden weapons on an airline passenger as compared to the "naked machine" that would reveal the nude images of all airline passengers. A blob machine would accomplish the security goal without the privacy infringements. Still, skeptics may well ask whether a public willing to express a preference for the blob machine over the naked machine will also be willing to do the hard work of ensuring that the blob machine does not mutate. Already many of the surveillance systems upgraded since 9-11, such as the US VISIT program, established to track entry and exit at the border, are breaking out of their privacy chains. If US-VISIT is eventually merged with passenger profiling and other government databases, which seems to be the desire of all the stovepipe bashers in Washington, then these limited systems of surveillance will quickly congeal. In other words, a bunch of blob machines networked together will create a virtual naked machine. Even Rosen's courageous, pragmatic, post-911 American may not understand what has happened until it is too late. In the end, Jeffrey Rosen and Vance Packard are not so far apart. Packard opened his classic with the warning from Judge Learned Hand that freedom lies in the hearts of the people. Rosen, as well, believes a well informed public, willing to defend its freedoms, and able to assess risk and to take steps to be safe rather than simply feel safe is the best hope for preserving freedom after 9-11. - Marc Rotenberg ================================ EPIC Publications: "The Privacy Law Sourcebook 2002: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2002). Price: $40. http://www.epic.org/bookstore/pls2002/ The "Physicians Desk Reference of the privacy world." An invaluable resource for students, attorneys, researchers and journalists who need an up-to-date collection of U.S. and International privacy law, as well as a comprehensive listing of privacy resources. ================================ "FOIA 2002: Litigation Under the Federal Open Government Laws," Harry Hammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price: $40. http://www.epic.org/bookstore/foia2002/ This is the standard reference work covering all aspects of the Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and the Federal Advisory Committee Act. The 21st edition fully updates the manual that lawyers, journalists and researchers have relied on for more than 25 years. For those who litigate open government cases (or need to learn how to litigate them), this is an essential reference manual. ================================ "Privacy & Human Rights 2003: An International Survey of Privacy Laws and Developments" (EPIC 2002). Price: $35. http://www.epic.org/bookstore/phr2003/ This survey, by EPIC and Privacy International, reviews the state of privacy in over fifty-five countries around the world. The survey examines a wide range of privacy issues including data protection, passenger profiling, genetic databases, video surveillance, ID systems and freedom of information laws. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0/ A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ "The Consumer Law Sourcebook 2000: Electronic Commerce and the Global Economy," Sarah Andrews, editor (EPIC 2000). Price: $40. http://www.epic.org/cls/ The Consumer Law Sourcebook provides a basic set of materials for consumers, policy makers, practitioners and researchers who are interested in the emerging field of electronic commerce. The focus is on framework legislation that articulates basic rights for consumers and the basic responsibilities for businesses in the online economy. ================================ "Cryptography and Liberty 2000: An International Survey of Encryption Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price: $20. http://www.epic.org/bookstore/crypto00&/ EPIC's third survey of encryption policies around the world. The results indicate that the efforts to reduce export controls on strong encryption products have largely succeeded, although several governments are gaining new powers to combat the perceived threats of encryption to law enforcement. ================================ EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at: EPIC Bookstore http://www.epic.org/bookstore/ "EPIC Bookshelf" at Powell's Books http://www.powells.com/features/epic/epic.html ====================================================================== [8] Upcoming Conferences and Events ====================================================================== WHOLES - A Multiple View of Individual Privacy in a Networked World. Swedish Institute of Computer Science. January 30-31, 2004. Stockholm, Sweden. For more information: http://www.sics.se/privacy/wholes2004. Fear: Its Political Uses And Abuses, featuring Vice President Al Gore as Keynote Speaker. Social Research Journal. February 5-7, 2003. New York, New York. For more information: http://www.socres.org/fear. The New Fair Credit Reporting Act. Privacy & American Business. February 9-10, 2004. Washington, DC. Email info@pandab.org. O'Reilly Emerging Technology Conference. February 9-12, 2004. San Diego, CA. For more information: http://conferences.oreilly.com/etech. Antiterrorism and the Security Agenda: Impacts on Rights, Freedoms, and Democracy. International Civil Liberties Monitoring Group. February 17, 2004. Ottawa, Ontario, Canada. Email publicforum@iclmg.ca. IAPP 4th Annual Privacy & Security Summit & Expo. February 18-20, 2004. Washington, DC. For more information: http://www.privacyassociation.org/html/conferences.html. RSA Conference 2004 - The Art of Information Security. February 23-27, 2004. San Francisco, CA. For more information: http://www.rsaconference.com. Third Conference on Privacy and Public Access to Court Records. Courtroom 21 Project. February 27-28, 2004. Williamsburg, VA. For more information: http://www.courtroom21.net. Securing Privacy in the Internet Age. Stanford Law School. March 13-14, 2004. Palo Alto, CA. For more information: http://cyberlaw.stanford.edu/privacysymposium/. CFP2004: 14th Annual Conference on Computers, Freedom, and Privacy. Association for Computing Machinery (ACM). April 20-23, 2004. Berkeley, CA. For more information: http://www.cfp2004.org/. 2004 IEEE Symposium on Security and Privacy. IIEEE Computer Society Technical Committee on Security and Privacy, in cooperation with the International Association for Cryptologic Research (IACR). May 9-12, 2004. Oakland, CA. For more information: http://www.cs.berkeley.edu/~daw/oakland04-cfp.html. International Conference on Data Privacy and Security in a Global Society. Wessex Institute. May 11-13, 2004. Skiathos, Greece. For more information: http://www.wessex.ac.uk/conferences/2004/datasecurity04/index.html. The Third Annual Workshop on Economics and Information Security. University of Minnesota Digital Technology Center. May 13-14, 2004. Minneapolis, MN. For more information: http://www.dtc.umn.edu/weis2004/. Workshop on Privacy Enhancing Technologies. University of Toronto. May 26-28, 2004. Toronto, Canada. For more information: http://petworkshop.org/2004/. Access & Privacy Conference 2004: Sorting It Out. Government Studies, Faculty of Extension. June 10-11, 2004. University of Alberta. Edmonton, Alberta, Canada. For more information: http://www.govsource.net/programs/iapp/conference/main.nclk. O'Reilly Open Source Convention. July 26-30, 2004. Portland, OR. For more information: http://conferences.oreilly.com/oscon. First Conference on Email and Anti-Spam. American Association for Artificial Intelligence and IEEE Technical Committee on Security and Privacy. July 30-31, 2004. Mountain View, CA. For more information: http://www.ceas.cc/. Crypto 2004: The Twenty-Fourth Annual IACR Crypto Conference. International Association for Cryptologic Research, IEEE Computer Society Technical Committee on Security and Privacy, and the Computer Science Department of the University of California, Santa Barbara. Santa Barbara, CA. August 15-19, 2004. For more information: http://www.iacr.org/conferences/crypto2004/. ====================================================================== Subscription Information ====================================================================== Subscribe/unsubscribe via Web interface: http://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news Subscribe/unsubscribe via e-mail: To: epic_news-request@mailman.epic.org Subject: "subscribe" or "unsubscribe" (no quotes) Automated help with subscribing/unsubscribing: To: epic_news-request@mailman.epic.org Subject: "help" (no quotes) Problems or questions? e-mail < info@epic.org > Back issues are available at: http://www.epic.org/alert/ The EPIC Alert displays best in a fixed-width font, such as Courier. ====================================================================== Privacy Policy ====================================================================== The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information". Please contact info@epic.org if you would like to change your subscription e-mail address, if you are experiencing subscription/unsubscription problems, or if you have any other questions. ====================================================================== About EPIC ====================================================================== The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, e-mail info@epic.org, http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate/ Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ---------------------- END EPIC Alert 11.01 ---------------------- .