======================================================================= E P I C A l e r t ======================================================================= Volume 11.13 July 12, 2004 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/EPIC_Alert_11.13.html ====================================================================== Table of Contents ====================================================================== [1] Supreme Court Upholds Block on Web Censorship Law [2] EPIC Calls for Suspension of Registered Traveler Program [3] Federal Court OKs Service Provider E-mail Interception [4] Judge Upholds Country's Strongest State Financial Privacy Law [5] Voter Identification Bills Introduced in Congress [6] News in Brief [7] EPIC Bookstore: Jennifer Government [8] Upcoming Conferences and Events ====================================================================== [1] Supreme Court Upholds Block on Web Censorship Law ====================================================================== The Supreme Court recently upheld in Ashcroft v. ACLU a lower court's injunction against enforcement of the Child Online Protection Act (COPA). COPA, passed by Congress in 1998, is a broad censorship law that restricts Internet speech and imposes penalties of up to $50,000 and six months in prison for posting, for commercial purposes, content that is "harmful to minors." In a 5-4 decision, the Court upheld the injunction on the basis that the government failed to rebut the argument that software filtering is a plausible, less-restrictive alternative to COPA's content-based regulation of Internet speech. Congress passed COPA in 1998 after the Supreme Court's 1997 ruling in Reno v. ACLU that the law's predecessor, the Communications Decency Act, was unconstitutional. EPIC joined with the ACLU to serve as plaintiff and co-counsel in the constitutional challenges to both laws. The Supreme Court's majority opinion, written by Justice Kennedy and joined by Justices Stevens, Souter, Thomas, and Ginsburg, held that "there is a potential for extraordinary harm and a serious chill upon protected speech" if the law goes into effect. The Court found that filtering software is likely a less restrictive means to regulate minors' access to harmful material because "filters impose selective restrictions on speech at the receiving end, not universal restrictions at the source." The Court also found that promoting filters is less damaging to First Amendment principles because COPA condemns as criminal entire categories of speech. Justice Kennedy also noted that COPA fails to effectively serve the government's interest in protecting children because the law does not prevent children from seeing inappropriate material originating outside the United States. In his dissenting opinion, Justice Breyer contended that the Court was wrong to conclude that Congress could have accomplished its goal of protecting children from Internet pornography in less restrictive ways. Breyer argued that the monetary and social costs of COPA's identification requirement impose only "a modest additional burden" on adult access to Internet content. The case has been remanded to the lower court for further proceedings. The opinion in Ashcroft v. ACLU is available at: http://www.supremecourtus.gov/opinions/03pdf/03-218.pdf EPIC's testimony concerning the privacy implications of COPA's identification requirement: http://www.epic.org/free_speech/copa/statement_6_00.html For more information about the case, see EPIC's COPA Litigation Page: http://www.epic.org/free_speech/copa ====================================================================== [2] EPIC Calls for Suspension of Registered Traveler Program ====================================================================== In formal comments to the Transportation Security Administration (TSA), EPIC has urged the agency not to deploy the final phase of the Registered Traveler program until it conducts a full evaluation of the program's privacy implications. EPIC argued that the agency should revise its information collection and maintenance practices to comply fully with the intent of the Privacy Act. EPIC made its recommendation in response to the agency's publication of a notice describing its plans to launch the pilot phase of Registered Traveler. The program asks individuals to volunteer to undergo invasive background checks and provide biometric information in exchange for the assurance that they will not be subjected to random secondary screening at airports. EPIC's comments noted the agency's record of secrecy and little regard for individual privacy interests in the development of other programs, pointing out that the agency has disclosed little information about the controversial second generation Computer Assisted Passenger Prescreening System (CAPPS II) in response to EPIC's repeated Freedom of Information Act requests and has also exempted the system from key Privacy Act provisions. EPIC noted that TSA has unnecessarily exempted Registered Traveler from crucial safeguards intended to promote record accuracy and secure the privacy of individuals whose information is maintained within the system. EPIC's comments addressed TSA's failure to provide individuals with meaningful access to personal information and meaningful opportunities to correct inaccurate, irrelevant, untimely and incomplete information. EPIC also noted Registered Traveler's exemption from the requirement that a system maintain only information that is "relevant and necessary" to perform the system's function, and asserted that TSA's broadly drawn "routine uses" of Registered Traveler data would only heighten the system's privacy problems. The Transportation Security Administration's notice on Registered Traveler is available at: http://www.tsa.gov/public/interweb/assetlibrary/Notice5-27-04.pdf EPIC's comments are available at: http://www.epic.org/privacy/airtravel/profiling/rt_comments.pdf More information about CAPPS II and passenger profiling is available at EPIC's Passenger Profiling Page: http://www.epic.org/privacy/airtravel/profiling.html ====================================================================== [3] Federal Court OKs Service Provider E-mail Interception ====================================================================== The U.S. Court of Appeals for the First Circuit has ruled that a company did not violate federal wiretap law when it used the e-mail service it provided to its subscribers to access their e-mail so it could review messages sent to them by a rival company. The issue in United States v. Councilman was whether an "intercept" of a communication occurred within the meaning of the Wiretap Act. In a 2-1 ruling, the court held that electronic communications are not "intercepted" if the communication is accessed while it is in temporary storage. This case involved the conduct of Interloc, an online literary clearinghouse that sought to pair its subscribers -- rare and used book dealers -- with book buyers. Bradford C. Councilman, former executive of the company, directed Interloc employees to write computer code to intercept and copy all incoming communications from Amazon.com to the subscriber book dealers, whom had been provided e-mail service by Interloc. According to the indictment, the Interloc systems administrator wrote a revision to the mail processing code designed to intercept, copy, and store all incoming messages from Amazon.com before they were delivered to the subscribers, and therefore, before the e-mail was read by the intended recipient. Councilman was charged with using the code to intercept thousands of messages. Councilman and other Interloc employees routinely read the e-mails sent to Interloc subscribers seeking to gain a commercial advantage. The law at issue in this case involved the 1986 amendments to federal wiretap law. Prior to the amendments, only wire and oral communications were protected from interception under the Wiretap Act. The amendments extended protections against interception to electronic communications, and also sought to establish legal standards for access to email in the possession of a service provider. The changes created two categories of electronic communications -- those "in transit," which enjoy relatively generous protection under the law, and those "in storage," which receive a lesser degree of legal protection. The categories that resulted from the amendments were viewed as complimentary efforts to protect the privacy of electronic communications. The "tiering" of communications resulted more from the effort to address specific concerns -- such as extending protections to electronic communications and creating safeguards for stored communications -- than to formally categorize the privacy protection for each type of information. Thus, it is unlikely that the Congress that passed the 1986 amendments believed that an ISP should be able to routinely review the contents of subscriber email. The Court, however, determined that the plain language of the law showed that Congress did not intend for the law's interception provisions to apply to electronic communications in electronic storage. The Court also found that when the company obtained the e-mails, the messages were in temporary storage in a computer system. The Court noted that the parties had stipulated that the e-mails were not affected while they were transmitted through wires or cables between computers. In light of these findings, the Court determined that the e-mails were not in transit and subject to interception, but were instead stored communications. Because no "intercept" occurred, the Court held that the Wiretap Act could not have been violated. In dissent, Judge Kermit V. Lipez warned that this interpretation of the Wiretap Act "would undo decades of practice and precedent regarding the scope of the Wiretap Act and would essentially render the act irrelevant to the protection of wire and electronic privacy." The opinion in United States v. Councilman is available at: http://www.ca1.uscourts.gov/pdf.opinions/03-1383-01A.pdf For more information about electronic surveillance, see EPIC's Wiretapping Page: http://www.epic.org/privacy/wiretap ====================================================================== [4] Judge Upholds Country's Strongest State Financial Privacy Law ====================================================================== A federal district judge in Sacramento, California has upheld the state's financial privacy law, SB1, against a challenge brought by financial services trade groups. The groups were unsuccessful in arguing that the law, known as the California Financial Information Privacy Act, was preempted by the federal Fair Credit Reporting Act (FCRA). SB1 is the strongest financial privacy law in the nation. It allows individuals to opt out of affiliate information sharing, and requires opt-in consent before financial services institutions sell personal data to third parties (see EPIC Alert 10.17.) SB1 was signed by former Governor Gray Davis after a four-year legislative battle. It became law only after major financial services companies, some of which have hundreds or even thousands of affiliates, dropped their opposition to the legislation. However, those companies later attempted to eliminate SB1's protections by preempting the law at the federal level in passing amendments to the FCRA. In holding that SB1 was not preempted by federal law, the Court reasoned that the FCRA does not trump all state laws regulating information sharing by affiliates. Rather, the FCRA pertains only to the sharing of consumer reports among affiliates; that is, information that is used for an enumerated purpose of the FCRA, such as credit granting. The court found that the Gramm-Leach-Bliley Act was the controlling law for the regulation of affiliate information sharing. That law, as a result of the "Sarbanes Amendment," preserves the right of states to pass more stringent protections for personal information that is exploited by financial services companies. California's SB1 took effect on July 1, and contains substantial monetary penalties for violation. It appears as though the financial services industry did not take steps to comply with the law, and as a result, is likely to pursue an injunction to delay implementation of the law and an expedited appeal. The opinion in ABA v. Lockyer is available at: http://www.epic.org/privacy/preemption/sb1dctorder.pdf SB 1, the California Financial Information Privacy Act: http://www.epic.org/redirect/sb-1.html EPIC Financial Privacy Resources: http://www.epic.org/privacy/financialresources.html ====================================================================== [5] Voter Identification Bills Introduced in Congress ====================================================================== Two bills introduced in this session of Congress would place more identification requirements on those seeking to register to vote. Rep. Phil Gringrey (R-GA) has introduced H.R. 4174, a bill that would require individuals to provide proof of United States citizenship as a condition of registering to vote. Rep. Henry Hyde (R-IL) has introduced H.R. 4530, a bill that would require any person registering or reregistering to vote to provide proof of citizenship. H.R. 4530 directs states not to provide a ballot to any individual unless he shows proof of citizenship. The states are to determine which documents will be acceptable proof of citizenship under the advisement of the Election Assistance Commission, Secretary of Homeland Security, and Secretary of State. The two bills have a total of eight co-sponsors between them, with two members' names appearing on both bills. A trade-off in privacy exists in the legal requirement of voter registration to participate in publicly held elections. Voter registration began its trek into common practice in the late 1890s, when it was championed as a means of discouraging repeat voting and the importation of voters from other jurisdictions to cast votes in local and some state elections. Each state is responsible for administering voter registration within its boundaries. Today, voter registration forms may include requests for name, current and previous address, home and work telephone numbers, birthplace, Social Security number, birth date, race, gender, and party affiliation. The Help America Vote Act, which became law in October 2002, requires voter registrants to submit proof of identity by providing a state issued identity document or the last four digits of their Social Security number. Since 1997, non-citizens may be deported for voting in local, state, or federal elections. HAVA also establishes a computerized statewide voter registration list requirement. Each state's election officer is directed to create a uniform centralized interactive computerized statewide voter registration list. The list is to be defined, maintained, and administered at the state level and contains information for every legally registered voter in each state. Under this system, the law directs that a "unique identifier" is to be assigned to each legally registered voter in a state. Further, the law directs that the list should be coordinated with other agency databases within the state. The system must be designed to allow any election official in the state, including local election officials, to obtain immediate electronic access to the information contained in the voter registration database. The system must also allow unlimited access to any local election official to the computerized list. This list will serve as the official index of registered voters for any federal or state election. The law does require that the appropriate state or local official shall provide adequate technological security measures to prevent unauthorized access to the computerized list. H.R. 4174: http://thomas.loc.gov/cgi-bin/bdquery/z?d108:h.r.4174: H.R. 4530: http://thomas.loc.gov/cgi-bin/bdquery/z?d108:h.r.4530: The Help America Vote Act is available at: http://www.fec.gov/hava/hava.htm National Committee for Voting Integrity: http://www.votingintegrity.org For more information about voter privacy, see EPIC's Voting Page: http://www.epic.org/privacy/voting ====================================================================== [6] News in Brief ====================================================================== FEDERAL TRADE COMMISSION SANCTIONS COMPANY FOR PRIVACY VIOLATIONS The Federal Trade Commission has charged Gateway Learning Corp., maker of Hooked on Phonics products, with violating federal law by renting out personally identifiable consumer information collected through its web site to direct marketers in violation of the company's privacy policy. The company had changed its privacy policy to allow sale of personal information, and attempted to apply the new policy retroactively without first obtaining customers' consent for data exploitation. The Commission noted that the disclosure included information provided directly to the company by consumers who bought Hooked on Phonics, including names, addresses, phone numbers, and age ranges and gender of the consumers' children. To settle the Commission's claims, Gateway has agreed not to make deceptive claims about how it will use consumer information in the future, promised not to make material changes to its privacy policy retroactively without obtaining consumers' consent, and forfeited the $4,608 it earned from leasing the consumer information. Federal Trade Commission press release: http://www.ftc.gov/opa/2004/07/gateway.htm In the Matter of Gateway Learning Corp.: http://www.ftc.gov/os/caselist/0423047/0423047.htm EPIC UNDERSCORES ROLE OF SOCIAL SECURITY NUMBER IN IDENTITY THEFT In a follow-up letter to testimony on enhancing Social Security number (SSN) privacy, EPIC and U.S. PIRG detailed the role that the SSN plays in identity theft. EPIC and U.S. PIRG explained to the House Ways and Means Subcommittee on Social Security that widespread business and government use of the SSN contributes to identity theft. The letter highlighted bad privacy practices, including the general use of the SSN as both an identifier and an authenticator, and sloppy credit granting practices where creditors facilitate identity theft by opening new accounts in victim's names. The letter also argued that private investigators and others who have access to SSN databases should be subject to the full privacy responsibilities established by the Fair Credit Reporting Act. EPIC's Letter on SSN and Identity Theft: http://www.epic.org/privacy/ssn/ssnanswers7.2.04.html EPIC Testimony on SSN Privacy: http://www.epic.org/privacy/ssn/ssntestimony6.15.04.html For more information about the role of Social Security Numbers in identity theft, see EPIC's SSN Privacy Page: http://www.epic.org/privacy/ssn EUROPEAN PARLIAMENT SUES TO VOID PASSENGER DATA AGREEMENT European Parliament President Pat Cox has announced his decision to ask the European Union Court of Justice to annul the Council of Europe's agreement between the European Community and the United States, allowing for transfer of Passenger Name Record (PNR) data on EU citizens to the U.S. Department of Homeland Security Bureau of Customs and Border Protection. Cox will also appeal the European Council's finding that the Bureau ensures adequate protection of transferred PNR data, satisfying the EU's Data Protection Directive (EU Directive 95/46/EC). Mr. Cox said the request "reflects the concern felt by a large majority in the European Parliament on the need to defend European citizens' fundamental rights and freedoms ... [B]oth the EU and the U.S. must guard against a new form of creeping extra-territoriality." EU Commission's Decision on Adequacy: http://www.epic.org/redirect/eu_adequacy.html EU-U.S. Agreement: http://europa.eu.int/eur-lex/en/com/pdf/2004/com2004_0190en01.pdf U.S.'s Undertakings: http://europa.eu.int/eur-lex/en/com/pdf/2004/com2004_0190en01.pdf For more information on the PNR transfer, see EPIC's Page on EU-U.S. Airline Passenger Data Disclosure: http://www.epic.org/privacy/intl/passenger_data.html SPYWARE BILL APPROVED BY HOUSE COMMITTEE The House Energy and Commerce Committee has voted 45-4 in favor of an anti-spyware bill, setting the stage for its consideration by the full House. The bill, termed the SPY ACT (Securely Protect Yourself Against Cyber Trespass Act), was passed after several changes were made to the original draft sent up by the House Subcommittee on Commerce, Trade, and Consumer Protection. The original draft of the bill prohibited deceptive practices related to spyware such as hijacking a computer's functions, changing homepages without authorization, and surreptitious keystroke logging. It also regulated "information collection programs" by mandating express consent before installation, the provision of an uncomplicated disabling function, and the disclosure of the type and purpose of collected information. The Federal Trade Commission was charged with enforcement and authorized to levy fines as large as $3 million for certain violations. Recent changes to the bill effectively exempt software located on servers from SPY ACT regulation, while also providing an explicit exemption for monitoring software used by network providers for security and anti-fraud purposes. The changes also allow bundled multiple information collection programs to seek user approval via a single notice, and water down the definition of when there is a change in collected information for which new user notice and consent will be required. The bill's sunset date has also been extended by a year to December 31, 2009. The current version of H.R. 2929 is available at: http://www.epic.org/redirect/hr2929_rev.html NATIONAL COMMITTEE FOR VOTING INTEGRITY LAUNCHES WEB SITE The National Committee on Voting Integrity, established to promote voter-verified balloting and to preserve privacy protections for elections in the United States, recently launched its web site, www.votingintegrity.org. The web site provides news about important developments in voting practice and the Committee's continuing activities, as well as an archive of letters, hearing testimony and other public Committee statements. The web archive includes the Committee's recent written testimony to the U.S. Election Assistance Commission hearing to review the use, security, and reliability of electronic voting systems, and its letter congratulating Commission Chairman Soaries for his "bold and decisive call for electronic voting companies to make the underlying software code of electronic voting technology available to election administrators." In addition, the web site provides a valuable resource for researchers to familiarize themselves with the key issues related to verifiable, private, democratic elections. Coverage includes direct record electronic voting machines, the Help America Vote Act, and centralized voter registration databases. Visit the National Committee on Voting Integrity web site at: http://www.votingintegrity.org ANONYMITY PROJECT WEB SITE NOW ONLINE The Anonymity Project has launched a web site that provides a description of research areas, interviews with project members, and other project information. Although the project is cross-disciplinary, it is based at the University of Ottawa, Faculty of Law. EPIC is a collaborator. The project consists of three broad research streams -- the nature and value of identity, anonymity and authentication; the constitutional and legal aspects of anonymity; and technologies that identify, anonymize and authenticate. Research results will be made publicly available on the web site. Visit "On the Identity Trail: Understanding the Importance of Anonymity and Authentication in a Networked Society" at: http://www.anonequity.org ===================================================================== [7] EPIC Bookstore: Jennifer Government ====================================================================== Max Berry, Jennifer Government (Vintage 2004). http://www.powells.com/cgi-bin/biblio?inkey=1-1400030927-4 "In Max Barry's twisted, hilarious vision of the near future, the world is run by giant American corporations (except for a few deluded holdouts like the French); taxes are illegal; employees take the last names of the companies they work for; The Police and The NRA are publicly-traded security firms; the U.S. government may only investigate crimes if they can bill a citizen directly. It's a free market paradise! "Hack Nike is a lowly Merchandising Officer who's not very good at negotiating his salary. So when John Nike and John Nike, executives from the promised land of Marketing, offer him a contract, he signs without reading it. Unfortunately, Hack's new contract involves shooting teenagers to build up street cred for Nike's new line of $2,500 sneakers. Scared, Hack goes to The Police, who assume he's asking for a subcontracting deal and lease the assassinations to the NRA. "Soon Hack finds himself pursued by Jennifer Government, a tough-talking agent with a barcode tattoo under her eye and a rabid determination to nail John Nike (the boss of the other John Nike). In a world where your job title means everything, the most cherished possession is a platinum credit card, and advertising jingles give way to automatic weapons in the fight for market share, Jennifer Government is the consumer watchdog from hell." ================================ EPIC Publications: "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, as well as recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2003: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2003). Price: $40. http://www.epic.org/bookstore/pls2003 The "Physicians Desk Reference of the privacy world." An invaluable resource for students, attorneys, researchers and journalists who need an up-to-date collection of U.S. and International privacy law, as well as a comprehensive listing of privacy resources. ================================ "FOIA 2002: Litigation Under the Federal Open Government Laws," Harry Hammitt, David Sobel and Mark Zaid, editors (EPIC 2002). Price: $40. http://www.epic.org/bookstore/foia2002 This is the standard reference work covering all aspects of the Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and the Federal Advisory Committee Act. The 21st edition fully updates the manual that lawyers, journalists and researchers have relied on for more than 25 years. For those who litigate open government cases (or need to learn how to litigate them), this is an essential reference manual. ================================ "Privacy & Human Rights 2003: An International Survey of Privacy Laws and Developments" (EPIC 2002). Price: $35. http://www.epic.org/bookstore/phr2003 This survey, by EPIC and Privacy International, reviews the state of privacy in over fifty-five countries around the world. The survey examines a wide range of privacy issues including data protection, passenger profiling, genetic databases, video surveillance, ID systems and freedom of information laws. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ "The Consumer Law Sourcebook 2000: Electronic Commerce and the Global Economy," Sarah Andrews, editor (EPIC 2000). Price: $40. http://www.epic.org/cls The Consumer Law Sourcebook provides a basic set of materials for consumers, policy makers, practitioners and researchers who are interested in the emerging field of electronic commerce. The focus is on framework legislation that articulates basic rights for consumers and the basic responsibilities for businesses in the online economy. ================================ "Cryptography and Liberty 2000: An International Survey of Encryption Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price: $20. http://www.epic.org/bookstore/crypto00& EPIC's third survey of encryption policies around the world. The results indicate that the efforts to reduce export controls on strong encryption products have largely succeeded, although several governments are gaining new powers to combat the perceived threats of encryption to law enforcement. ================================ EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at: EPIC Bookstore http://www.epic.org/bookstore "EPIC Bookshelf" at Powell's Books http://www.powells.com/features/epic/epic.html ====================================================================== [8] Upcoming Conferences and Events ====================================================================== O'Reilly Open Source Convention. July 26-30, 2004. Portland, OR. For more information: http://conferences.oreilly.com/oscon. 2004 UK Big Brother Awards. Privacy International. July 28, 2004. London, UK. For more information: http://www.privacyinternational.org/bigbrother/uk2004. First Conference on Email and Anti-Spam. American Association for Artificial Intelligence and IEEE Technical Committee on Security and Privacy. July 30-31, 2004. Mountain View, CA. For more information: http://www.ceas.cc. Crypto 2004: The Twenty-Fourth Annual IACR Crypto Conference. International Association for Cryptologic Research, IEEE Computer Society Technical Committee on Security and Privacy, and the Computer Science Department of the University of California, Santa Barbara. August 15-19, 2004. Santa Barbara, CA. For more information: http://www.iacr.org/conferences/crypto2004. Ninth National HIPAA Summit. September 12-14, 2004. Baltimore, MD. For more information: http://www.HIPAASummit.com. Public Voice Symposium: Privacy in a New Era: Challenges, Opportunities and Partnerships. Electronic Privacy Information Center, European Digital Rights Initiative (EDRi), and Privacy International. September 13, 2004. Wroclaw, Poland. For more information: http://www.thepublicvoice.org/events/wroclaw04/default.html. The Right to Personal Data Protection -- the Right to Dignity. 26th International Conference on Data Protection and Privacy Commissioners. September 14-16, 2004. Wroclaw, Poland. For more information: http://26konferencja.giodo.gov.pl. 2004 Telecommunications Policy Research Conference. National Center for Technology & Law, George Mason University School of Law. October 1-3, 2004. Arlington, VA. For more information: http://www.tprc.org/TPRC04/call04.htm. Health Privacy Conference. Office of the Information and Privacy Commissioner of Alberta. October 4-5, 2004. Calgary, Alberta, Canada. For more information: http://www.oipc.ab.ca/home/DetailsPage.cfm?ID=1453. IAPP Privacy and Data Security Academy & Expo. International Association of Privacy Professionals. October 27-29, 2004. New Orleans, LA. For more information: http://www.privacyassociation.org/html/conferences.html. Privacy and Security: Seeking the Middle Path. Office of the Information & Privacy Commissioner of Ontario; Centre for Innovation Law and Policy, University of Toronto; and Center for Applied Cryptographic Research, University of Waterloo. Toronto, Ontario, Canada. October 28-29, 2004. For more information: http://www.epic.org/redirect/uwaterloo_conf.html. CFP2005: Fifteenth Annual Conference on Computers, Freedom and Privacy. April 12-15, 2005. Seattle, WA. For more information: http://www.cfp2005.org. ====================================================================== Subscription Information ====================================================================== Subscribe/unsubscribe via web interface: https://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ====================================================================== Privacy Policy ====================================================================== The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ====================================================================== About EPIC ====================================================================== The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ---------------------- END EPIC Alert 11.13 ---------------------- .