======================================================================= E P I C A l e r t ======================================================================= Volume 11.19 October 8, 2004 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/EPIC_Alert_11.19.html ====================================================================== Table of Contents ====================================================================== [1] Coalition Asks Congress to Deliberate 9-11 Comm. Recommendations [2] EPIC Urges Congress to Protect Social Security Numbers [3] Appeals Court Votes to Revisit E-Mail Interception Case [4] Business "Free Speech" Claims Fail to Block Do-Not-Call Registry [5] California Enacts New, Innovative Privacy Protections [6] News in Brief [7] EPIC Bookstore: Losing America [8] Upcoming Conferences and Events ====================================================================== [1] Coalition Asks Congress to Deliberate 9-11 Comm. Recommendations ====================================================================== The In Defense of Freedom Coalition sent a letter with over 40 signers to members of Congress outlining key points that should be considered as the House and Senate drafts legislation based on the 9-11 Commission recommendations. The letter defined specific areas of concern and made recommendations on how the goals of security and freedom can both be attained. Following the issuance of the 9-11 Commission's report, Congress is acting quickly to address the commission's recommendations, but the letter warned that there may be unintended negative consequences for privacy and civil liberties if precautions are not taken. Congress should be mindful of the known failure of current information sharing schemes to secure this nation against terrorist attacks, which have been deployed at the cost of civil rights and civil liberties. The letter also urged Congress to review how the changes proposed by the Commission may impact First Amendment freedoms, and to create appropriate checks to balance the application of new police powers. The letter made specific recommendations in six areas: oversight, identification requirements, accountability, transparency, and the need for internal checks of power. The coalition advocated that the creation of new government authority without the counterbalance of accountability is inconsistent with the American form of government. Congress should, in advance of establishing any National Intelligence Authority or similar entity, enact criminal and civil statutory disincentives to discourage abuse and misuse of information resources, and to protect privacy, civil rights, and civil liberties. The implementation of such a system must include structural checks and balances to preserve constitutional safeguards. The letter also encouraged Congress to hold more hearings on these issues and to solicit input from the many organizations who have worked to safeguard political rights so that these and other concerns can be thoroughly explored as Congress considers the 9-11 Commission's recommendations. The coalition letter is available at: http://www.indefenseoffreedom.org/statements/9-11_letter.pdf In Defense of Freedom: http://www.indefenseoffreedom.org For more information about the 9-11 Commission recommendations, see EPIC's 9-11 Commission Report Page: http://www.epic.org/privacy/terrorism/911comm.html ====================================================================== [2] EPIC Urges Congress to Protect Social Security Numbers ====================================================================== In testimony before the House Energy and Commerce Subcommittee on Consumer Protection, EPIC associate director Chris Hoofnagle urged Members to support legislation regulating the collection, use, and disclosure of individuals' Social Security Numbers (SSNs). The hearing concerned an amended version of H.R. 2971, the Social Security Number Privacy and Identity Theft Prevention Act of 2003. The bill was introduced by House Ways and Means Subcommittee on Social Security Chairman Clay Shaw (R-FL), but was referred to the Commerce Committee because it contains provisions affecting commercial use of the SSN and because it empowers the Federal Trade Commission to address "coercive disclosure," the practice requiring consumers to give up their SSNs for access to a product or service. H.R. 2971 is not likely to be enacted in this Congress, as the main legislative session comes to a close this week. However, the bill is likely to serve as a model for SSN legislation in the 109th Congress, which will convene in January 2005. The amended version of the bill contains many recommendations made by EPIC in earlier testimony (see EPIC Alert 11.12). At the hearing, EPIC continued to recommend that the legislation sharply reduce government and commercial sector reliance on the SSN and that exceptions be narrowly drawn and time-limited so that they eventually expire. The bill still contains problematic exemptions, including one that gives credit reporting agencies wholesale access to SSNs in government files. Another exemption allows use of the SSN for "public health purposes." EPIC will continue to track this legislation as Congress revisits the issue in 2005. EPIC's SSN testimony: http://www.epic.org/privacy/ssn/ssntestimony9.28.04.html For more information about SSN privacy, see the EPIC SSN Page: http://www.epic.org/privacy/ssn ====================================================================== [3] Appeals Court Votes to Revisit E-Mail Interception Case ====================================================================== The U.S. Court of Appeals for the First Circuit has voted to rehear its recent decision that that a company did not violate federal wiretap law when it accessed its customers' e-mail to view messages sent to them by a rival company. The court will review a panel's 2-1 ruling in July that an electronic communication is not "intercepted" if the communication is accessed while it is in temporary storage. This case involved an online literary clearinghouse that paired rare and used book dealers with book buyers. At the direction of Bradford Councilman, a high level officer of the company, a clearinghouse employee wrote a revision to the mail processing code to intercept, copy, and store all incoming messages from Amazon.com before they were delivered to and read by the intended recipients. Councilman and other clearinghouse employees accessed thousands of e-mails this way to gain a commercial advantage. The law at issue in this case involves the 1986 amendments to federal wiretap law. Prior to the amendments, only wire and oral communications were protected from interception under the Wiretap Act. The amendments extended protections against interception to electronic communications, and also sought to establish legal standards for access to e-mail in the possession of a service provider. The changes created two categories of electronic communications -- those "in transit," which enjoy relatively generous protection under the law, and those "in storage," which receive a lesser degree of legal protection. The categories that resulted from the amendments were viewed as complimentary efforts to protect the privacy of electronic communications. The "tiering" of communications resulted more from the effort to address specific concerns -- such as extending protections to electronic communications and creating safeguards for stored communications -- than to formally categorize the privacy protection for each type of information. In July, however, the First Circuit panel determined that the plain language of the law showed that Congress did not intend for the wiretap law's interception provisions to apply to electronic communications in electronic storage. The court found that when the clearinghouse obtained the e-mails, the messages were in temporary storage in a computer system. The panel noted that the parties had stipulated that the e-mails were not affected while they were transmitted through wires or cables between computers. In light of these findings, the panel determined that the e-mails were not in transit and subject to interception, but were instead stored communications. Because no "intercept" occurred, the panel held that the Wiretap Act could not have been violated. EPIC joined three other civil liberties groups to file an amicus brief last month encouraging the First Circuit to review the controversial ruling. The brief, filed by the Center for Democracy and Technology and joined also by the Electronic Frontier Foundation and the American Library Association, argued that the panel's decision failed to recognize the intent of Congress to protect the privacy of electronic communications, and creates serious constitutional questions under the Fourth Amendment guarantee against unreasonable search and seizure. The decision of the three-judge panel in United States v. Councilman: http://www.ca1.uscourts.gov/pdf.opinions/03-1383-01A.pdf The amicus brief filed by the Center for Democracy and Technology, EPIC, Electronic Frontier Foundation, and American Library Association: http://www.cdt.org/wiretap/20040902cdt.pdf The order for rehearing en banc: http://www.epic.org/redirect/councilman.html For more information about electronic surveillance, see EPIC's Wiretapping Page: http://www.epic.org/privacy/wiretap ====================================================================== [4] Business "Free Speech" Claims Fail to Block Do-Not-Call Registry ====================================================================== The Supreme Court refused to review a case bought by telemarketers who sought to invalidate the Telemarketing Do-Not-Call Registry. The Registry allows individuals to opt out of most telemarketing by making a call to 1-888-382-1222 or by visiting a government-run web site. In denying the telemarketers' petition for review, the Supreme Court let stand a lower court's opinion that the Registry is a constitutional and valid action of the Federal Trade Commission (see EPIC Alert 11.04). While the Supreme Court's action is not a ruling on the merits of the telemarketers' argument, it practically means that the Registry will operate without interference for the foreseeable future. The telemarketers deliberately brought their suit in a jurisdiction with favorable case precedent. They targeted the Tenth Circuit, as that jurisdiction decided U.S. West v. Federal Communications Commission, a case where the Court of Appeals previously held that requiring phone companies to obtain consent from consumers before selling their phone records violated the First Amendment (see EPIC Alert 6.13). The Court was dismissive of the privacy interests asserted, and found that the government did not adequately demonstrate how privacy would be harmed by exploitation of individuals' calling records. In a strongly worded dissent, Judge Briscoe argued that the opt-in regulation did not affect expressive activity, and that the challenge represented a "run-of-mill attack on an agency order 'clothed by ingenious argument in the garb' of First Amendment issues." The 1999 decision in U.S. West v. FCC gave industry groups hope that they could be free of the burdens of consumer protection and privacy by claiming that government regulations violated free speech rights. But since that decision, federal and state courts have adopted the dissenting reasoning of Judge Briscoe more often than not. In fact, the Tenth Circuit itself may be distancing itself from the U.S. West opinion, as it did not even cite that case when it upheld the Do-Not-Call Registry regulations. Since 1999, the Supreme Court has declined to review a number of cases where privacy laws survived commercial free speech challenges. In 2001 the D.C. Circuit Court of Appeals upheld the Fair Credit Reporting Act against a First Amendment challenge. That case, Trans Union v. FTC, stands strongly for the proposition that Congress can specify opt-in as the standard for protecting individuals' privacy, even if it results in fewer commercial solicitations. In a separate case involving the same parties, the D.C. Circuit rejected a First Amendment challenge to the provisions of the Gramm-Leach-Bliley Act prohibiting secondary use of Social Security numbers. The Supreme Court declined to review both cases. Several courts have upheld the Telephone Consumer Protection Act, a law that requires opt-in consent before unsolicited fax or recorded message solicitations can be sent. The TCPA was upheld against two First Amendment challenges in 1995 in the Ninth Circuit and one in 2003 in the Eighth Circuit. The Supreme Court declined to review all three cases. In 2002, the Second Circuit upheld a New York state "anti- blockbusting" law against a First Amendment challenge. In that case, real estate agents challenged a law allowing individuals to opt out of solicitations that attempted to churn the housing market by stoking fears of racial or ethnic influx. The Supreme Court declined to review that case as well. For more information about the Do-Not-Call Registry, see EPIC's Do-Not-Call Registry Timeline: http://www.epic.org/privacy/telemarketing/dnc Telemarketing Do-Not-Call Registry: https://www.donotcall.gov ====================================================================== [5] California Enacts New, Innovative Privacy Protections ====================================================================== The 2003-2004 California legislative sessions were marked by the passage of several significant privacy laws. California continues to be the leading state in developing new protections for privacy. The protections tend to be strong, giving individuals substantive rights to limit exploitation of personal information. Unlike laws recently passed by the U.S. Congress, California's privacy laws usually allow individuals to take wrongdoers to court. Perhaps the most significant privacy protections were created by SB 1, the California Financial Information Privacy Act (see EPIC Alert 10.17). SB1 is the strongest financial privacy law in the country, giving individuals the ability to limit disclosure of personal information even among companies that have common ownership. The banking industry, despite agreeing that the law was a good compromise, sought to preempt SB 1 through amendments to federal law and through a lawsuit challenging SB 1's provisions under the federal Fair Credit Reporting Act. EPIC, joined by a coalition of consumer and civil liberties groups representing 41 million individuals, filed a brief in the case arguing that SB 1 is not preempted by federal law (see EPIC Alert 11.17). California is taking strong steps against "list brokerage," the compilation of personal information from business transactions, warranty cards, or sweepstakes entries for resale to telemarketers, spammers, and junk mailers. Under SB 27, starting January 1, 2005, individuals will be able to ask California businesses whether they sell personal information to direct marketers. Upon receiving a request, the business must disclose the names and addresses of the recipients of personal information and the types of information disclosed within thirty days. SB 1633 requires notice and opt-in consent before businesses seek medical information from individuals that will be used for direct marketing purposes. AB 1950 requires businesses with data on California residents to implement reasonable security practices to protect personal information. The bill also requires businesses to ensure that information is secured when transferred to nonaffiliated third parties. Under federal law and Federal Trade Commission case precedent, there is no requirement that web sites have privacy policies. Instead, web site operators are only bound by privacy policies if they choose to post one. Now, under California's AB 68, operators of commercial web sites that collect personal information from the State's residents must post a privacy policy and abide by it. Under SB 1457, Californians can now sue spammers for damages when they send unsolicited commercial e-mail that is false or misleading. SB 1457 is a follow-up measure to an earlier California spam bill that prohibited spam unless affirmative consent had been obtained from the recipient. Congress largely preempted that legislation through passage of the CAN-SPAM Act. More information on the California privacy landscape is available from Privacy Rights Clearinghouse: http://www.privacyrights.org Official California legislative Information: http://leginfo.ca.gov/index.html ====================================================================== [6] News in Brief ====================================================================== US-VISIT EXPANDS TO INCLUDE VISA WAIVER TRAVELERS On September 30, the United States Visitor and Immigrant Status Indicator Technology (US-VISIT) program began screening travelers entering and leaving the United States through the Visa Waiver Program. The expansion will affect an estimated 13 million citizens from 27 nations -- including Japan, Australia, and many European countries -- who until now have been permitted to visit the United States for up to 90 days without a visa. As a result of the change, the U.S. government will collect biometrics from about 33,000 more travelers every day. The Japanese Foreign Ministry said that it intends to insist that the U.S. government delete fingerprints and photos of Visa Waiver visitors once they have left the country, as well as create a system to disclose how the government is using visitors' personal information. In related news, Privacy International has released a report on US-VISIT, urging that the increased surveillance at U.S. borders created by the program poses significant challenges to civil liberties. Privacy International report on US-VISIT: http://www.epic.org/redirect/pi_us-visit.html For more information about US-VISIT, see EPIC's US-VISIT Page: http://www.epic.org/privacy/us-visit COURT RULES PATRIOT ACT PROVISION UNCONSTITUTIONAL A New York district court on September 29 struck down a provision of the USA PATRIOT Act as unconstitutional under the First and Fourth Amendments. The provision requires Internet Service Providers and other businesses, upon request by the FBI, to surrender information about their customers, and then bars them from revealing that the disclosure ever took place. The FBI requests such information with a national security letter, which does not require judicial approval or oversight. The current version of this provision is an expansion of a 1986 law that allowed the FBI to use national security letters to seek evidence against "foreign powers or agents of foreign powers." The Patriot Act loosened this standard by simply requiring the information that the FBI seeks to be "relevant" to terrorism or intelligence gathering. The court ruled that the provision violates free speech rights under the First Amendment due to its permanent ban on disclosure, and violates limitations on search and seizure under the Fourth Amendment because it restricts judicial challenge to government searches. This is the second time a court has found a provision of the USA PATRIOT Act unconstitutional. In January, a federal court in California struck down a section making it illegal to give "expert advice or assistance" to groups that the government has designated "foreign terrorist organizations" as unconstitutionally vague under the First and Fifth Amendments. Court opinion finding national secruity letter provision of the USA PATRIOT Act: http://www.aclu.org/Files/getFile.cfm?id=16595 Documents about national security letters obtained by EPIC under the Freedom of Information Act: http://www.epic.org/privacy/terrorism/usapatriot/foia For more information about the national security letters, see EPIC's USA PATRIOT Act Page: http://www.epic.org/privacy/terrorism/usapatriot COUNCIL OF EUROPE URGES ADOPTION OF CYBERCRIME CONVENTION The Council of Europe is actively urging countries to sign in to law the Council of Europe Convention on Cybercrime. The Convention was signed in 2001 by 30 countries, but has since been ratified by only eight. Governments are wary of potentially being required to make data on their citizens available to other governments. The Council of Europe recently participated in the United Nations Consultation on the Working Group on Internet Governance, suggesting the Convention on Cybercrime is a model law that other countries should adopt nationally. The Council also held a high-level conference in Strasbourg to encourage ratification of the Convention. While interested in preventing cybercrime, governments are rightly concerned with many provisions of this Convention. The Information Technology Association of America is pressing the U.S. Senate for its ratification, as is President Bush. While it is widely agreed that an international approach to combating cybercrime is necessary, this Convention may force U.S. companies and law enforcement to investigate Americans for acts which are not illegal in this country -- a significant provision of the agreement, but one which is unconstitutional in the United States. In addition, many point out that this treaty is extraordinarily invasive and lacks strong privacy protections, that it could actually promote insecurity of computer systems through required disclosure of decryption keys, and that the criminal liability placed on businesses could increase their surveillance of employees. For more information about the Convention, see EPIC's page on the Convention on Cybercrime: http://www.epic.org/privacy/intl/ccc.html EPIC's statement in opposition to the Convention on Cybercrime: http://www.epic.org/privacy/intl/senateletter-061704.pdf SENATE COMMITTEE HOLDS HEARING ON INTERNET OVERSIGHT AND STABILITY On September 30, the Senate Commerce Committee held a hearing called "ICANN Oversight and Security of Internet Root Servers and the Domain Name System (DNS)." Representatives of the Internet Corporation for Assigned Names and Numbers (ICANN), the Department of State, the National Telecommunications and Information Administration, the Department of Homeland Security, Verisign Inc., and an administrator of the B Root Server were invited to testify on these issues. The Senators briefly questioned ICANN's progress in fulfilling its mandate, but spent more time inquiring about the stability of the root servers, at one point asking the B Root Administrator what keeps him up at night. His answer: root server administration and coordination is working well -- it is the end users that are a cause of concern. Ambassador Gross of the Department of State testified about the new United Nations Working Group on Internet Governance currently being established under the mandate of the World Summit on the Information Society. Many people around the world, particularly in developing countries, are dissatisfied with the way the Internet is governed and feel some degree of reform is necessary. The Working Group has been given the task of mapping out Internet governance and suggesting key areas that need attention. Despite the earnest testimony of Ambassador Gross, the Senators were apprehensive about the United Nations "meddling" and expressed no interest in the concerns of those who feel excluded in decisions concerning the global Internet. The Senators appeared pleased with the testimony and reassured that the Internet is stable. Testimony from the Senate hearing: http://commerce.senate.gov/hearings/witnesslist.cfm?id=1324 The Public Voice news on the Working Group on Internet Governance: http://www.thepublicvoice.org ====================================================================== [7] EPIC Bookstore: Losing America ====================================================================== Robert C. Byrd, Losing America: Confronting a Reckless and Arrogant Presidency (W.W. Norton & Company 2004). http://www.powells.com/cgi-bin/biblio?inkey=2-0393059421-2 Watching Senator Byrd deliver a speech from the floor of the United States Senate provides one of the better arguments for the creation of C-Span. A discussion on a legislative matter may include references to Periclean Athens, the Magna Carta, or the Founding Fathers. Say what you will about the former majority leader, this is a person who cares passionately about the history of democratic government. Thus a book by Senator Byrd on the functioning of the U.S. government after 9-11 is worth a close look. His attack on the President, and many of his own Congressional colleagues, rings as did the colonialists' broadside against another George when the country was founded. Although Senator Byrd spends much of the book exploring the rush to war (and the Congress' failure to preserve is own constitutional authority), it is the discussion of the USA PATRIOT Act and the Department of Homeland Security that will be of greatest interest to the civil liberties community. Senator Byrd says bluntly the USA PATRIOT Act was "a case study in the perils of speed, herd instinct, and lack of vigilance when it comes to legislating in the face of a crisis . . . The Congress basically got stampeded by Attorney General John Ashcroft, and the values of freedom, justice, and equality received a trampling in the headlong rush." Now, many critics of the USA PATRIOT Act would typically go on to say that some of the law's provisions were necessary and important, but Senator Byrd is reluctant to concede this point. He argues, as too few Members of Congress do, that "removing the wall" between traditional criminal investigations and foreign intelligence investigations "dangerously blurs the distinction between the two." Simply stated, the USA PATRIOT Act diminished constitutional safeguards and allowed the U.S. government to spy on its citizens. The discussion of the creation of Department of Homeland Security is another story of expansive executive powers. Though Senator Byrd obviously liked Tom Ridge, who would later become Secretary of the agency, he was not pleased about the proposal for the Department nor the secrecy with which it was introduced. He writes, "I believe that under the guise of creating a new Homeland Security Department, the president had succeeded in limiting Congressional oversight and removing limitations on executive power." Byrd points specifically to the changes in open government laws and open meeting requirements, and the consolidation of information sharing among law enforcement and intelligence agencies. "The fire walls intended to prevent the consolidation of such information and the massing of too much police power by the federal government have been removed." Senator Byrd's sharp assault on President Bush could be dismissed as election-year partisanship. But Byrd is not a radio show demagogue, trying to get on Larry King. He has served in the Congress for over fifty years. He has worked closely with many different presidents, and is as willing to criticize former Democratic presidents and he is to praise Republican. This President was recently rebuked by the Supreme Court for his attempt to designate an American citizen an "enemy combatant" without any judicial review. Senator Byrd's book tells us that this is only one of many instances where the President has sought to weaken the constitutional checks and balances that safeguard the liberty of America. -Marc Rotenberg ================================ EPIC Publications: "FOIA 2004: Litigation Under the Federal Open Government Laws," Harry Hammitt, David Sobel and Tiffany Stedman, editors (EPIC 2004). Price: $40. http://www.epic.org/bookstore/foia2004 This is the standard reference work covering all aspects of the Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and the Federal Advisory Committee Act. The 22nd edition fully updates the manual that lawyers, journalists and researchers have relied on for more than 25 years. For those who litigate open government cases (or need to learn how to litigate them), this is an essential reference manual. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, as well as recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2003: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2003). Price: $40. http://www.epic.org/bookstore/pls2003 The "Physicians Desk Reference of the privacy world." An invaluable resource for students, attorneys, researchers and journalists who need an up-to-date collection of U.S. and International privacy law, as well as a comprehensive listing of privacy resources. ================================ "Privacy & Human Rights 2003: An International Survey of Privacy Laws and Developments" (EPIC 2002). Price: $35. http://www.epic.org/bookstore/phr2003 This survey, by EPIC and Privacy International, reviews the state of privacy in over fifty-five countries around the world. The survey examines a wide range of privacy issues including data protection, passenger profiling, genetic databases, video surveillance, ID systems and freedom of information laws. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ "The Consumer Law Sourcebook 2000: Electronic Commerce and the Global Economy," Sarah Andrews, editor (EPIC 2000). Price: $40. http://www.epic.org/cls The Consumer Law Sourcebook provides a basic set of materials for consumers, policy makers, practitioners and researchers who are interested in the emerging field of electronic commerce. The focus is on framework legislation that articulates basic rights for consumers and the basic responsibilities for businesses in the online economy. ================================ "Cryptography and Liberty 2000: An International Survey of Encryption Policy," Wayne Madsen and David Banisar, authors (EPIC 2000). Price: $20. http://www.epic.org/bookstore/crypto00& EPIC's third survey of encryption policies around the world. The results indicate that the efforts to reduce export controls on strong encryption products have largely succeeded, although several governments are gaining new powers to combat the perceived threats of encryption to law enforcement. ================================ EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at: EPIC Bookstore http://www.epic.org/bookstore "EPIC Bookshelf" at Powell's Books http://www.powells.com/features/epic/epic.html ====================================================================== [8] Upcoming Conferences and Events ====================================================================== Privacy and Identity: The Promise and the Perils of a Technological Age. DePaul University Center for Intellectual Property Law and Information Technology and School of Computer Science, Telecommunications and Information Systems. October 14-15, 2004. Chicago, IL. For more information: http://facweb.cs.depaul.edu/research/vc/CIPLIT2004. 2004 CPSR Annual Conference: Making the Grade?: A Report Card on US Policies for the Information Society. Computer Professionals for Social Responsibility. October 16, 2004. Washington, DC. For more information: http://cpsr.org/conferences/annmtg04. 2004 Big Brother Awards Switzerland. October 16, 2004. Lucerne, Switzerland. For more information: http://www.bigbrotherawards.ch. DRM 2004: The Fourth ACM Workshop on Digital Rights Management. Association for Computing Machinery Special Interest Group on Security, Audit and Control. October 25, 2004. Washington, DC. For more info: http://mollie.engr.uconn.edu/DRM2004. 2004 Big Brother Awards Austria. October 26, 2004. Vienna, Austria. For more information: http://www.bigbrotherawards.at. Private and Private International Law Issues Raised by Electronic Commerce. The Hague Conference on Private International Law, the Netherlands Government and the International Chamber of Commerce. October 26-27, 2004. The Hague, Netherlands. For more information: http://www.hcch.net/doc/e-comm_infoe.pdf. IAPP Privacy and Data Security Academy & Expo. International Association of Privacy Professionals. October 27-29, 2004. New Orleans, LA. For more information: http://www.privacyassociation.org/html/conferences.html. Privacy and Security: Seeking the Middle Path. Office of the Information & Privacy Commissioner of Ontario; Centre for Innovation Law and Policy, University of Toronto; and Center for Applied Cryptographic Research, University of Waterloo. Toronto, Ontario, Canada. October 28-29, 2004. For more information: http://www.epic.org/redirect/uwaterloo_conf.html. 2004 Big Brother Awards Germany. October 29, 2004. Bielefeld, Germany. For more information: http://www.bigbrotherawards.de. The 2004 Isaac Pitblado Lectures: Privacy -- Another Snail in the Ginger Beer. The Law Society of Manitoba, The Manitoba Bar Association and the University of Manitoba Faculty of Law. November 19-20, 2004. Manitoba, Canada. For more information: http://www.lawsociety.mb.ca/shopping/default.asp. National Security, Law Enforcement and Data Protection. British Institute of International and Comparative Law Data Protection Research and Policy Group. December 8, 2004. London, UK. For more information: http:www.biicl.org. Seventh International General Online Research Conference. German Society for Online Research. March 22-23, 2005. Zurich, Switzerland. For more information: http://www.gor.de. CFP2005: Fifteenth Annual Conference on Computers, Freedom and Privacy. April 12-15, 2005. Seattle, WA. For more information: http://www.cfp2005.org. ====================================================================== Subscription Information ====================================================================== Subscribe/unsubscribe via web interface: https://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ====================================================================== Privacy Policy ====================================================================== The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ====================================================================== About EPIC ====================================================================== The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ---------------------- END EPIC Alert 11.19 ---------------------- .