======================================================================= E P I C A l e r t ======================================================================= Volume 11.08 April 29, 2004 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/EPIC_Alert_11.08.html ====================================================================== Table of Contents ====================================================================== [1] EPIC Files Gmail FOIA Requests; Groups Call for System Suspension [2] EPIC Files Brief in Maryland DNA Database Case [3] EPIC Urges FCC to Reject Expansion of CALEA [4] American Airlines Admits Disclosing Passenger Data [5] New U.S. Election Assistance Commission Begins its Work [6] News in Brief [7] EPIC Bookstore: MoveOn's 50 Ways to Love Your Country [8] Upcoming Conferences and Events ====================================================================== * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * F R E E D O M 2 . 0 : D I S T R I B U T E D D E M O C R A C Y - Dialogue for a Connected World Democracy * Transparency * Privacy * Public Voice May 20-22, 2004 * Washington, DC Register today at http://www.epic04.org * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ====================================================================== [1] EPIC Files Gmail FOIA Requests; Groups Call for System Suspension ====================================================================== Today, EPIC filed Freedom of Information requests with federal law enforcement and intelligence agencies seeking records concerning "use of Google search technology for law enforcement and intelligence purposes, and particularly the possible use of Google's Gmail service for law enforcement and intelligence investigations." The requests note that Google's Gmail is capable of performing functions for law enforcement and intelligence agencies that have been the subject of Congressional action and widespread public debate. Gmail is capable of storing a vast amount of personal communications data for link analysis, creating a honey pot for law enforcement requests to pervert the system for surveillance. Earlier, thirty-one privacy and civil liberties groups called upon Google to suspend Gmail, a free webmail system that provides users with an entire gigabyte of storage space but also scans the content of all e-mails for placement of advertising. Gmail raises a series of important privacy issues and has sparked a lively debate in the technology community regarding informed consent, risks associated with penetrating into the content of messages for advertising purposes, and the problem of law enforcement access to e-mail communications. The debate has been especially contentious because many computer users have great admiration for the company's search product and do not wish to see Google's friendly reputation change with the advent of invasive new products or its business methods deteriorate after a public offering that will necessarily orient its duties towards maximizing shareholder profit. The groups raised a series of risks to privacy posed by the service. First, the scanning of the actual content of e-mail messages for placement of advertising is an unprecedented invasion into the sanctity of communications. It is likely to reduce expectation of privacy in e-mail, and provide justifications for communications scanning for other purposes. Federal law sets forth some of the strongest protections for the content of communications, often referred to collectively as the "Title III warrant," which require probable cause, can only be triggered by the commission of serious criminal acts, and have accountability provisions including reporting and the ability to sue individuals who eavesdrop without justification. Gmail's defenders have claimed that scanning for ad placement is similar to scanning for spam, and that it can occur lawfully under an exception under wiretapping laws for maintenance of communications network. But this is a an improper invocation of the exemption -- it was created to ensure quality and integrity of the network, not to provide an "anything goes" exemption to wiretapping laws. For instance, telephone companies use the exemption to listen to calls to test audio quality; if the companies started actually extracting content from these conversations, the exemption would eviscerate the protections of the law and violate the expectations of telephone users. Google has countered this criticism by emphasizing that a computer, not a human, will scan the content of the e-mail, thereby making the system less invasive. The letter points out that computers can be more privacy invasive and, in fact, many privacy laws have passed because of the heightened privacy risks associated with computers' storage, memory, and associative capabilities. Regulations limiting telephone autodialers are such an example, where the persistence and capacity of a computer to initiate telemarketing calls faster than humans sparked the creation of two federal telemarketing laws in the 1990s. Second, Google's data retention policies and enticements to users to keep their e-mail for a long time create privacy risks under federal wiretapping laws. After 180 days, e-mail can be obtained by law enforcement with a mere subpoena rather than a full probable cause warrant. Elsewhere in the world, law enforcement is lobbying for mandatory data retention requirements that allow police to gain access to years of stored communications with little legal oversight. In effect, Gmail's retention implements these policies, and will facilitate law enforcement access to communications in some cases even after messages are deleted by the user. A third problem arises from the risk that Google will link its persistent search engine cookie with individuals' identities revealed by Gmail. This is not unlike the DoubleClick/Abacus debate, where DoubleClick could have linked its anonymous online tracking records with millions of identifiable records possessed by Abacus. Google has refused to promise not to link the two cookies. Finally, Gmail scans both the mail sent and received on the account. This raises serious quality of consent issues for senders of mail to the Gmail domain and may violate more stringent state wiretapping and international privacy laws. EPIC's FOIA Request: http://www.epic.org/privacy/gmail/foirequest.html Coalition Letter: http://www.privacyrights.org/ar/GmailLetter.htm ====================================================================== [2] EPIC Files Brief in Maryland DNA Database Case ====================================================================== EPIC has filed a "friend of the court" brief in Maryland v. Raines, a case that will determine whether compelled DNA production is an unreasonable search and seizure that violates the Fourth Amendment and the Constitution of Maryland. The case challenges the Maryland DNA Collection Act, which allows the State of Maryland to collect DNA from individuals who have committed felonies and certain misdemeanor offenses. Earlier this year, the Maryland General Assembly considered expanding the law to require collection of DNA from arrestees. Profiles of collected DNA are added to a state DNA database, which feeds into a national DNA database known as the Combined DNA Index System or CODIS, which is maintained by the FBI. EPIC's brief first pointed out that in many areas of the law Maryland provides stronger privacy protection than the federal Fourth Amendment. EPIC then challenged the fallacy that collecting DNA and taking fingerprints involve the same privacy concerns. While a fingerprint merely indicates whether an individual has been in a specific location, DNA can reveal health, gender, and familial information, EPIC argued. Furthermore, because members of the same family have similar DNA patterns, an individual's DNA profile may indirectly implicate a relative. Moreover, there is no uniform storage policy for DNA samples. Rather, each state has a different policy, and Maryland's is to retain samples indefinitely. Not only could samples end up in the hands of researchers, but international cooperation among law enforcement agencies has opened CODIS up to other governments. EPIC recently filed an amicus brief in United States v. Kincade, a case in which a parolee has challenged the federal DNA Analysis Backlog Elimination Act of 2000, which allows the government to take DNA samples from individuals in federal custody and parolees who have committed a qualifying offense. EPIC's amicus brief in Maryland v. Raines: http://www.epic.org/privacy/genetic/raines_amicus.pdf EPIC's amicus brief in United States v. Kincade: http://www.epic.org/privacy/genetic/kincade_brief.pdf For more information about privacy of DNA, see EPIC's Genetic Privacy Page: http://www.epic.org/privacy/genetic ====================================================================== [3] EPIC Urges FCC to Reject Expansion of CALEA ====================================================================== EPIC has filed comments urging the Federal Communications Commission to reject the request of federal law enforcement agencies to expand the Communications Assistance for Law Enforcement Act of 1994 (CALEA) to cover Internet Service Providers and "Voice over IP" services. CALEA currently requires telecommunications service providers to provide wiretapping access to law enforcement, but does not apply to Voice over IP (VoIP) or Internet Service Providers. The Department of Justice, Federal Bureau of Investigation, and Drug Enforcement Administration have petitioned the FCC to regulate Internet telephony in such a way that CALEA can be legally and technically applied. VoIP providers would have to rewire their networks to government specifications so that law enforcement officials could more easily listen in to VoIP calls. In its comments, EPIC brought to the Commission's attention the limitations in the language of CALEA, information obtained by EPIC under the Freedom of Information Act demonstrating likelihood of capturing information on non-suspects, and statements by the Department of Justice that show there is no demonstrable need for the request to expand CALEA. EPIC pointed out that Congress intentionally limited the scope of CALEA. The language of CALEA unambiguously excludes information services such as e-mail and Internet access. The legislative history of CALEA unequivocally states that "[t]he only entities required to comply with the functional requirements are telecommunications common carriers, the components of the public-switched network where law enforcement agencies have always served most of their surveillance orders." The legislative history is equally clear that "excluded from [CALEA's] coverage are "all information services, such as Internet service providers or services such as Prodigy and America-On-Line." The narrow scope of CALEA's mandate is best summarized by the legislative history's explanation that "the bill does not require reengineering of the Internet, nor does it impose prospectively functional requirements on the Internet[.]" In light of the clear Congressional intent that information services be excluded from the CALEA requirements, an extension of surveillance requirements to such networks could only occur if Congress revisited CALEA and addressed the Justice Department's concerns. EPIC argued that it is not for the Commission to extend the statutory mandate to networks and technologies that Congress clearly sought to exclude. Second, EPIC stated, law enforcement access to network traffic can result in the interception of communications of third parties not named or identified in court surveillance orders -- a phenomenon that never occurred in the traditional, circuit-switched telephone environment. As such, the expansion of CALEA's technical requirements urged by the Justice Department would make it difficult, if not impossible, for carriers to comply with the statutory command that they protect "the privacy and security of communications and call-identifying information not authorized to be intercepted." Internal FBI documents obtained by EPIC through Freedom of Information Act litigation show, beyond question, that surveillance conducted in packet-mode environments can result -- and indeed has resulted -- in the unauthorized capture of third-party communications. As the comments state, "the Commission would abdicate its responsibility to 'protect the privacy and security of communications not authorized to be intercepted' were it to expand CALEA's reach in the manner [the Justice Department] suggests." Finally, EPIC argued that the Department of Justice has not met its burden of demonstrating the need for the proceeding it requests or the remedy it seeks. In its "field guidance" discussing the USA PATRIOT Act amendments relating to electronic surveillance, the Justice Department acknowledged that it is only in "infrequent cases" that Internet Service Providers are not able to provide law enforcement with requested information. The Justice Department admits that even in the "rare" and "infrequent" cases where service providers cannot fully comply with a court order, law enforcement has, through the use of its own technology, been able to obtain the information it seeks (and, as EPIC has shown, sometimes more than that). EPIC comments on CALEA: http://www.epic.org/privacy/wiretap/calea/caleacomment4.12.04.pdf For more information about CALEA, see EPIC's Wiretapping Page: http://www.epic.org/privacy/wiretap/#DT ====================================================================== [4] American Airlines Admits Disclosing Passenger Data ====================================================================== American Airlines recently became the third commercial airline to admit turning over passenger information to the United States government or its contractors without the knowledge or consent of affected passengers. American announced that Airline Automation, a vendor working for the airline, gave 1.2 million passenger records in June 2002 to four companies that were competing for contracts with the Transportation Security Administration. The airline conceded that it had authorized the records to be disclosed to the agency, but not the contractors. Airline Automation disputed American's version of events, contending that the airline merely said that it would receive instructions from the Transportation Security Administration, which then asked that the data be transferred directly to the contractors "testing aviation security systems" for the agency. The Transportation Security Administration has repeatedly denied to Congress and the public that actual passenger information has been used to test the controversial second generation Computer Assisted Passenger Prescreening System, or CAPPS II. CAPPS II has been the target of Congressional scrutiny since the General Accounting Office released a report in February concluding that major concerns about the program previously identified by Congress had not been adequately addressed. The Department of Homeland Security, parent agency of the Transportation Security Administration, has announced that it is investigating the government's role in the disclosure. In related news, the European Parliament has passed a resolution challenging the European Commission's temporary agreement to share airline passenger data with the United States government. The Parliament also asked the European Union's top court to determine whether the agreement violates European privacy laws and whether the Parliament's consent is necessary for the agreement to enter into force. If the court finds that the agreement violates European laws, it will be annulled or declared invalid. Press Release, American Airlines, American Airlines Passenger Data Released In June 2002 (April 9, 2004): http://www.amrcorp.com/newsreleases.html Press Release, Airline Automation, Airline Automation, Inc. Provided Data With the Consent of American Airlines, Inc. (April 10, 2004): http://biz.yahoo.com/prnews/040410/nysa008_1.html For more information about the EU/U.S. agreement to share passenger data, see EPIC's EU/U.S. Passenger Data Disclosure Page: http://www.epic.org/privacy/intl/passenger_data.html ====================================================================== [5] New U.S. Election Assistance Commission Begins its Work ====================================================================== After the 2000 presidential election, many flaws in our nation's antiquated voting system were highlighted by a protracted recount of Florida ballots that culminated in a legal challenge to the process brought by then-candidate George W. Bush before the Supreme Court. Congress sought to remedy many of the problems identified by the apparent closeness of the presidential contest in Florida through the passage of the Help America Vote Act, which was signed into law on October 29, 2002. The law, among other things, created a four-member Commission to lead a new agency, the U.S. Election Administration Commission, which is expressly charged with formulating and implementing improvements in our nation's voting system. The Act also established a provisional ballot right for voters to insure that all those who enter polling places to cast their votes on Election Day will have the opportunity to do so. In addition, the law directed that all punch card and lever voting machines be replaced by either optical scan or direct recording electronic voting technology. The Senate confirmed the Commission's four members on December 9, 2003. Two members, each serving for four years, are Chairman Deforest B. Soaries, Jr. of New Jersey, and Commissioner Raymundo Martinez III of Texas. The other two members, who will serve for two years, are Vice Chair Gracia M. Hillman of the District of Columbia and Commissioner Paul S. DeGregorio of Missouri. The Commission held its first official public meeting on March 23, 2004 and will hold its first public hearing on May 5, 2004, at 9:00 a.m. on the Present Status of Computerized Electronic Voting Systems. The Commission will hear testimony from several groups of experts sitting on the Technology Panel, Vendor Panel, Election Administrator Panel, Research Panel and Advocacy Organization Panel. The hearing is open to the public and will take place at U.S. Environmental Protection Agency Headquarters, 1200 Pennsylvania Ave., NW, in Room 3000, Rachel L. Carson Great Hall, Ariel Rios North Building, Washington, DC. Soon the Election Assistance Commission will announce its choices to fill the fourteen positions of the Technical Guidelines Development Committee, which will be chaired by the Director of the National Institute of Standards and Technology. The Committee will develop standards and make recommendations on electronic voting technology to the Commission. Congress' fiscal year 2004 appropriations for the Commission were only $1.5 million of the authorized $10 million. Funding to the National Institute of Standards and Technology to do work on e-voting technology standards, as directed by law, was also decreased. In fact, Congress cut overall funding to the agency by estimates of as much as 14 percent, of which about 4 percent came from the computer security research area. At the beginning of this month, the Commission moved from temporary office space with the Federal Election Commission to its own address at 1225 New York Avenue, NW, Suite 1100, Washington, DC 20005. Help America Vote Act: http://fecweb1.fec.gov/hava/hava.htm Federal Election Commission: http://www.fec.gov For more information about voting law, see EPIC's Voting Page: http://www.epic.org/privacy/voting ====================================================================== [6] News in Brief ====================================================================== JUSTICE DEPT. WITHDRAWS RECORDS SUBPOENA The Department of Justice has withdrawn its subpoena for abortion records from New York-Presbyterian Hospital. The agency was seeking the records for its defense of the Partial Birth Abortion Ban Act in a trial taking place in the federal court for the Southern District of New York. The hospital had appealed the subpoena to the Second Circuit Court of Appeals, and the appeal was pending while the trial was in progress. By withdrawing its subpoena, the Justice Department has cleared the way for closing arguments in the trial. The New York trial is one of three trials on the constitutionality of the Partial Birth Abortion Ban taking place across the country. For more information about medical records privacy, see EPIC's Medical Privacy Page: http://www.epic.org/privacy/medical EPIC CALLS FOR PRIVACY-FRIENDLY FREE CREDIT REPORT SITE In passing the Fair and Accurate Credit Transactions Act of 2003, Congress directed the Federal Trade Commission to implement a centralized source where individuals could obtain a free credit report annually from each of the three nationwide credit reporting agencies. In comments to the Commission, EPIC was joined by Professor Daniel Solove in arguing that individuals should be able to use the source to obtain credit reports without allowing credit reporting agencies to resell their personal information. The comments also attempt to limit the credit reporting agencies' ability to claim that there are too many requests, thus justifying a delay in delivery of the credit report. Already under the law, the credit reporting agencies have a full fifteen days to comply with a request for a report. The comments argue that no more delay is necessary, as the credit reporting agencies regularly provide reports to retailers and other creditors within seconds of making a request. EPIC Comments on Free Credit Reports: http://www.epic.org/privacy/fcra/freereport.html For more information about credit reporting, see EPIC's Fair Credit Reporting Act Page: http://www.epic.org/privacy/fcra EPIC, PRIVACY INTERNATIONAL HOLD BIG BROTHER AWARDS EPIC and Privacy International recently held the 6th Annual U.S. Big Brother Awards, which are bestowed upon government and private sector organizations that have done the most to invade personal privacy in the United States. Instead of the trademark "boot on the head" golden statue of previous years, the "winners" were given large rolls of red tape to symbolize the growing frustration and delay individuals are subjected to as a result of privacy-invasive security measures. The recipient of the "Perversion of Justice" award was Seisint for its role in creating the Multistate Anti-Terrorism Information Exchange Program (MATRIX). "The Bureaucratic Indifference" award went to the Transportation Security Administration for its operation of the "No-Fly" list, a database of individuals that is distributed to airlines for purposes of stopping or searching suspected individuals. Northwest Airlines was given the "Blurring the Borders" award for its secret disclosure of passenger information to the government. California Senator Liz Figueroa received the one honor of the evening, the Brandeis Award, to honor her excellent work to protect and champion privacy. For more information about the awards, see the Privacy International Big Brother Awards Page: http://www.privacyinternational.org/bigbrother/us2004 EPIC PUBLISHES NANOTECHNOLOGY PRIVACY PAGE EPIC has published a new web page discussing the ethical and privacy implications of nanotechnology. The page was authored by University of Pennsylvania law student Eva Gutierrez. It traces the history of nanotechnology, funding for the field, the ethical implications of the technology, and privacy issues raised. Nanotechnology has profound potential for addressing environmental, health, and many other issues; it also raises new environmental, health, and privacy risks. Ms. Gutierrez's previous work for EPIC focused on firearms privacy, and her research highlighted the strong substantive and procedural protections for privacy of gun owners. EPIC's Nanotechnology Privacy Page: http://www.epic.org/privacy/nano EPIC's Firearms Privacy Page: http://www.epic.org/privacy/firearms ====================================================================== [7] EPIC Bookstore: MoveOn's 50 Ways to Love Your Country ====================================================================== MoveOn's 50 Ways to Love Your Country: How the Find Your Political Voice and Become a Catalyst for Change, MoveOn.org (Inner Ocean Publishing, Inc. 2004) http://www.powells.com/cgi-bin/biblio?inkey=7-193072229x-0 Launched several years ago in response to the Clinton impeachment, MoveOn is an activist group that strives to engage ordinary people in politics through electronic advocacy. MoveOn recently expanded its activism efforts to a more old fashioned medium -- paper -- when it published its advocacy guide MoveOn's 50 Ways to Love Your Country: How the Find Your Political Voice and Become a Catalyst for Change. MoveOn asked its members to send in stories describing how they worked to change the political landscape. After receiving 2,500 narratives of political action, MoveOn published 50 short essays from authors ranging in age from 16 to 82, living everywhere from Maine to Hawaii, all of whom share a passion for contributing to the political process. Each essayist describes an effort that he or she undertook to connect with others, encourage voter registration and turn out, harness the power of the media, personalize the political process, or make the political process personal. MoveOn adds tips to each essay to help readers successfully carry out that particular "way to love your country." One of the essayists is EPIC Senior Policy Analyst Lillie Coney, who worked with the Beaumont, Texas Get Out the Vote project in 1978 to encourage the area's African-American community to vote in large numbers. By increasing voter registration and promoting awareness of the population's voting strength, the project raised the number of voters from one or two in each African-American household to as many as six. That year, voter participation among the African-American population in Jefferson County, which includes several cities, rose from averages between 26 and 47 percent to over 50 percent during the primary, and almost 80 percent in the November general election. As a result, Lillie writes, "the once-ignored black vote became a symbol of raw political power, with enough influence to determine the outcome of critical local, state, and federal primary and general elections." This guide to activism is full of stories like Lillie's, highlighting work that brings transparency to the political process by offering ideas for effective action. This quick read provides inspiration and direction for those who are dissatisfied with the state of politics and want to change the situation, but aren't sure how or what to do. These essays make clear that action is power. As Al Gore says in his essay, "Woody Allen has famously said that 90 percent of success is showing up. That's true of democracy too. I'd argue that the other 10 is making sure you're registered beforehand." - Marcia Hofmann ================================ EPIC Publications: "The Privacy Law Sourcebook 2003: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2003). Price: $40. http://www.epic.org/bookstore/pls2003 The "Physicians Desk Reference of the privacy world." An invaluable resource for students, attorneys, researchers and journalists who need an up-to-date collection of U.S. and International privacy law, as well as a comprehensive listing of privacy resources. ================================ "FOIA 2002: Litigation Under the Federal Open Government Laws," Harry Hammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price: $40. http://www.epic.org/bookstore/foia2002 This is the standard reference work covering all aspects of the Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and the Federal Advisory Committee Act. The 21st edition fully updates the manual that lawyers, journalists and researchers have relied on for more than 25 years. For those who litigate open government cases (or need to learn how to litigate them), this is an essential reference manual. ================================ "Privacy & Human Rights 2003: An International Survey of Privacy Laws and Developments" (EPIC 2002). Price: $35. http://www.epic.org/bookstore/phr2003 This survey, by EPIC and Privacy International, reviews the state of privacy in over fifty-five countries around the world. The survey examines a wide range of privacy issues including data protection, passenger profiling, genetic databases, video surveillance, ID systems and freedom of information laws. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ "The Consumer Law Sourcebook 2000: Electronic Commerce and the Global Economy," Sarah Andrews, editor (EPIC 2000). Price: $40. http://www.epic.org/cls The Consumer Law Sourcebook provides a basic set of materials for consumers, policy makers, practitioners and researchers who are interested in the emerging field of electronic commerce. The focus is on framework legislation that articulates basic rights for consumers and the basic responsibilities for businesses in the online economy. ================================ "Cryptography and Liberty 2000: An International Survey of Encryption Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price: $20. http://www.epic.org/bookstore/crypto00& EPIC's third survey of encryption policies around the world. The results indicate that the efforts to reduce export controls on strong encryption products have largely succeeded, although several governments are gaining new powers to combat the perceived threats of encryption to law enforcement. ================================ EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at: EPIC Bookstore http://www.epic.org/bookstore "EPIC Bookshelf" at Powell's Books http://www.powells.com/features/epic/epic.html ====================================================================== [8] Upcoming Conferences and Events ====================================================================== Innovation Law and Policy Colloquium. Bell University Laboratories Centre for Innovation Law and Policy, University of Toronto. April 28, 2004. Toronto, Canada. Email rsvp.bul at utoronto.ca. Fourth Annual Future of Music Coalition Policy Summit. Future of Music Coalition. May 2-3, 2004. Washington, DC. For more information: http://www.futureofmusic.org/events/summit04. 2004 IEEE Symposium on Security and Privacy. IEEE Computer Society Technical Committee on Security and Privacy, in cooperation with the International Association for Cryptologic Research (IACR). May 9-12, 2004. Oakland, CA. For more information: http://www.cs.berkeley.edu/~daw/oakland04-cfp.html. International Conference on Data Privacy and Security in a Global Society. Wessex Institute. May 11-13, 2004. Skiathos, Greece. For more information: http://www.wessex.ac.uk/conferences/2004/datasecurity04/index.html. Global ICT Summit 2004: From Adversity to Success? The World's Best e-Content & e-Creativity Experience. World Summit Award, Global Alliance for Bridging the Digital Divide, World Wide Web Consortium Hong Kong, Internet Professionals Association, Hong Kong Cyberport, and Hong Kong General Chamber of Commerce. May 11-14, 2004. Hong Kong. For more information: http://www.esdlife.com/campaign/Global-ICT. Access to Information 2004. The Constitution Unit. May 12, 2004. London, England. E-mail samantha.boyle at capita.co.uk. Third Annual Workshop on Economics and Information Security. University of Minnesota Digital Technology Center. May 13-14, 2004. Minneapolis, MN. For more information: http://www.dtc.umn.edu/weis2004. Critical Infrastructure Information: Conference on the Issues. American University. May 14-16, 2004. Washington, DC. Email simpson at american.edu. Freedom 2.0: Distributed Democracy. Dialogue for a Connected World. Electronic Privacy Information Center. May 20-22, 2004. Washington, DC. For more information: http://www.epic04.org. Workshop on Privacy Enhancing Technologies. University of Toronto. May 26-28, 2004. Toronto, Canada. For more information: http://petworkshop.org/2004. RSA Conference 2004. RSA Security. May 31-June 1, 2004. Tokyo, Japan. For more information: http://www.medialive.jp/events/rsa2004/eng/default.html. Fifth Annual Institute on Privacy Law: New Developments & Compliance Issues in a Security-Conscious World. Practising Law Institute. June 7-8, 2004. San Francisco, CA. For more information: http://www.pli.edu. TRUSTe Symposium: Privacy Futures. June 9-11, 2004. International Association of Privacy Professionals. San Francisco, CA. For more information: http://www.privacyfutures.org. Access & Privacy Conference 2004: Sorting It Out. Government Studies, Faculty of Extension. June 10-11, 2004. University of Alberta. Edmonton, Alberta, Canada. For more information: http://www.govsource.net/programs/iapp/conference/main.nclk. 13th Annual CTCNet Conference: Building Connected Communities: The Power of People & Technology. June 11-13, 2004. Seattle, Washington. For more information: http://www2.ctcnet.org/conf/2004/session.asp. Fifth Annual Institute on Privacy Law: New Developments & Compliance Issues in a Security-Conscious World. Practising Law Institute. June 21-22, 2004. New York, NY. For more information: http://www.pli.edu. PORTIA Workshop on Sensitive Data in Medical, Financial, and Content-Distribution Systems. PORTIA Project. July 8-9, 2004. Stanford, CA. For more information: http://crypto.stanford.edu/portia/workshop.html. O'Reilly Open Source Convention. July 26-30, 2004. Portland, OR. For more information: http://conferences.oreilly.com/oscon. First Conference on Email and Anti-Spam. American Association for Artificial Intelligence and IEEE Technical Committee on Security and Privacy. July 30-31, 2004. Mountain View, CA. For more information: http://www.ceas.cc. Crypto 2004: The Twenty-Fourth Annual IACR Crypto Conference. International Association for Cryptologic Research, IEEE Computer Society Technical Committee on Security and Privacy, and the Computer Science Department of the University of California, Santa Barbara. Santa Barbara, CA. August 15-19, 2004. For more information: http://www.iacr.org/conferences/crypto2004. The Right to Personal Data Protection -- the Right to Dignity. 26th International Conference on Data Protection and Privacy Commissioners. September 14-16, 2004. Wroclaw, Poland. For more information: http://www.giodo.gov.pl/252/j/en. 2004 Telecommunications Policy Research Conference. National Center for Technology & Law, George Mason University School of Law. October 1-3, 2004. Arlington, VA. For more information: http://www.tprc.org/TPRC04/call04.htm. ====================================================================== Subscription Information ====================================================================== Subscribe/unsubscribe via Web interface: https://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ====================================================================== Privacy Policy ====================================================================== The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ====================================================================== About EPIC ====================================================================== The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ---------------------- END EPIC Alert 11.08 ---------------------- .