EPIC logo
       @@@@  @@@@  @@@  @@@@      @    @     @@@@  @@@@  @@@@@
       @     @  @   @   @        @ @   @     @     @  @    @
       @@@@  @@@    @   @       @@@@@  @     @@@   @@@     @
       @     @      @   @       @   @  @     @     @  @    @
       @@@@  @     @@@  @@@@    @   @  @@@@  @@@@  @   @   @
   Volume 7.07                                     April 20, 2000
                            Published by the
              Electronic Privacy Information Center (EPIC)
                            Washington, D.C.
Table of Contents
[1] House Committee on Intelligence Examines NSA Surveillance
[2] EU Fixes Agenda for Hearing on Global Surveillance
[3] Appeals Court Rules that Source Code Is Protected Free Speech
[4] Pentagon Requests New FOIA Exemption
[5] Children's Internet Privacy Law Goes Into Effect
[6] EPIC Moves - New Address and Phone Number!
[7] EPIC Bookstore -- The Mvr Book Motor Services Guide 2000
[8] Upcoming Conferences and Events
[1] House Committee on Intelligence Examines NSA Surveillance
On April 12, the House Permanent Select Committee on Intelligence
conducted a hearing to examine the surveillance capabilities of the
National Security Agency (NSA).  The hearing follows increasing
worldwide concern about international communications monitoring and
the "Echelon" satellite interception system in particular.
Committee Chairman Porter Goss (R-FL) stated that the Committee
itself was "well versed" in NSA intelligence gathering capabilities
and was satisfied as to the legitimacy of its activities.  He
continued, however, that an open hearing was necessary and important
in order to reassure the American public that the NSA operates within
a strict legal framework.
Testifying before the Committee, the Director of the Central
Intelligence Agency (CIA), George J. Tenet, and Director of the NSA,
Lieutenant General Michael V. Hayden, explained that under FISA the
NSA is authorized to collect information only for foreign intelligence
purposes.  Both vehemently rejected the idea of unlawful snooping on
U.S. citizens claiming that even the most junior of their officers
were "unequivocally committed" to acting within the law and protecting
the rights of Americans.  As regards economic espionage, Hayden and
Tenet stressed that the U.S. intelligence community had neither the
resources, legal authority nor interest in collecting information for
the benefit of U.S. businesses and corporations.  Although, said Tenet,
signals intelligence can and does provide valuable economic
information to certain U.S. government agencies, the NSA is
"just not in the business of conducting industrial espionage."
One issue during the hearing was the sharing of information about U.S.
citizens between the NSA, CIA and domestic law enforcement agencies.
Lieutenant General Hayden acknowledged that this kind of cooperation
does take place when the dual interests of national security and law
enforcement converge.  However, he gave no clear indication of the
frequency of such occurrences.  This issue will be examined in more
detail during further hearings into NSA activities, which the House
Government Reform Committee, at the urging of Rep. Bob Barr (R-GA),
intends to hold later this spring.
EPIC is currently preparing a report on these issues to assist in
setting the agenda for these hearings.  The report is being written by
EPIC Senior Research Fellow Duncan Campbell, whose recent report for
the European Parliament has led to ongoing debates in Europe.
CIA Director George Tenet's statement before the House Permanent
Select Committee on Intelligence:
Prepared remarks of Representative Bob Barr:
European Parliament report, "Interception Capabilities 2000" (PDF):
[2] EU Fixes Agenda for Hearing on Global Surveillance
The European Parliament will meet on May 4th and is expected to
ratify proposals to modify international law to deal with
international telecommunications espionage, and to set up a temporary
special committee to further investigate the Echelon controversy.
The proposals, collectively known as the Echelon resolution, drafted
by Graham Watson MEP, Chairman of the Committee on Citizens' Freedoms
and Rights, Justice and Home Affairs, assert that international
spying on communications should be identified as a breach of
fundamental human rights.
The motion for debate in May argues that all future interceptions must
"have a legal basis, be in the public interest and be strictly limited
to the achievement of the intended objective . . . Any form of
systematic interception cannot be regarded as consistent with that
principle, even if the intended aim is to fight against international
crime."  It also bluntly asks that "any Member State operating such a
system should cease to use it" except for proper purposes of
internationally agreed sharing of information to fight serious crime
or terrorism.  If passed, only strictly military and defence matters
would be covered under the "national security" exemption to the
treaties joining Europe's nations.
The exact scope for the committee of enquiry will be settled at a
meeting of high level parliamentarians shortly afterwards.  Political
groupings within the Parliament have wrangled over what sort of
committee should be appointed, and the investigative powers it should
be granted.
For more on the European Parliament Committee on Citizens' Freedoms
and Rights, Justice and Home Affairs:
[3] Appeals Court Rules that Source Code Is Protected Free Speech
On April 4, the Sixth Circuit Court of Appeals issued a landmark
ruling in the case of Junger v. Daley, holding that encryption source
code is protected speech under the First Amendment.  Peter Junger is a
law professor who four years ago was informed by the U.S. Department
of Commerce that he would need an export license to post examples of
encryption source code on his website.  He then filed suit in the Ohio
federal district court claiming that this restriction on his right to
publish his encryption code constituted a prior restraint on speech in
violation of the First Amendment.
In July 1998, Judge Gwin of the U.S. District Court for the Northern
District of Ohio dismissed Junger's claim, holding that as source code
was "inherently functional" rather than "inherently expressive" it was
not protected speech under the First Amendment.  The Sixth Circuit
Court of Appeals reversed this ruling stating that because "computer
source code is an expressive means for the exchange of information and
ideas about computer programming . . . it is protected by the First
Amendment."  Having concluded thus, it referred the case back to the
district court to decide whether the current encryption export
regulations are unconstitutional.
This is the third constitutional challenge to the encryption export
regulations.  It remains to be seen whether the current regulations,
which were significantly relaxed in January of this year, can
withstand such legal scrutiny.
The Sixth Circuit decision on Junger v. Daley:
EPIC's amicus brief in support of Junger:
Professor Junger's archive of legal materials related to his case:
[4] Pentagon Requests New FOIA Exemption
Proposed legislative language would introduce a new exemption for the
Freedom of Information Act (FOIA).  The proposal would be attached to
the National Defense Authorization Act for Fiscal Year 2001, H.R.
4205, currently being considered by the House Committee on Armed
The proposed exemption would create a new exemption to allow the
Departments of Defense and Energy to withhold unclassified information
received in confidence from foreign governments or international
organizations.  The Pentagon believes the new exemption is necessary
to avoid the costs of securing such information as if it were
confidential information, currently the lowest level of national
security information.  Groups against the creation of a new level of
exempt information, including EPIC, have pointed out that the
storage of such information does not necessarily have to protected as
if it were confidential but merely at a level equal to the
precautions used by the foreign entity that provided the data.
More information on the proposed new exemption is available from the
Federation of American Scientists:
[5] Children's Internet Privacy Law Goes Into Effect
On April 21, the Children's Online Privacy Protection Act (COPPA) will
go into effect.  The law requires website operators to obtain parental
consent before the collection and use of personal information of
children up to the age of 13.  The type of parental consent necessary
is governed by a sliding scale depending on the use of that data.  For
example, if personal information collected from children is not passed
on to third parties, website operators will only have to receive an
email from parents allowing that use.  If similar personal information
is passed on to a third party, more reliable means of verification
such as a letter or credit card number will need to be supplied.
In related Internet privacy news, a new survey conducted by Odyssey,
a market research firm, reveals wide public mistrust of the Internet
companies with their personal information.  Eighty-two percent of
households surveyed agreed with the statement "the government needs to
step in and regulate how companies use personal information."  An even
more convincing 92 percent agreed that "I don't trust companies to
keep personal information about me confidential, no matter what they
The final rules implementing COPPA are available from the
Federal Trade Commission:
A more general guide to COPPA is online at:
[6] EPIC Moves - New Address and Phone Number!
EPIC has moved offices.  Please note the change.
1718 Connecticut Avenue, NW
Suite 200
Washington, DC 20009
tel: 202 483 1140
fax: 202 483 1248
[7] EPIC Bookstore -- The Mvr Book Motor Services Guide 2000
The Mvr Book Motor Services Guide 2000 : The National Reference
Detailing, in Practical Terms, the Privacy Restrictions, Access,
Procedures, Regulations by Michael L. Sankey (Editor)
The national reference detailing - in practical terms - the privacy
restrictions, access procedures, regulations and systems of all state
held driver and vehicle records.
EPIC Publications:
"Cryptography and Liberty 2000: An International Survey of Encryption
Policy," Wayne Madsen and David Banisar, editors, (EPIC 2000).
Price: $20. http://www.epic.org/crypto&/
EPIC's third survey of encryption policies around the world. The
results indicate that the efforts to reduce export controls on strong
encryption products have largely succeeded, although several
governments are gaining new powers to combat the perceived threats of
encryption to law enforcement.
"The Privacy Law Sourcebook: United States Law, International Law, and
Recent Developments," Marc Rotenberg, editor (EPIC 1999). Price: $50.
The "Physicians Desk Reference of the privacy world." An invaluable
resource for students, attorneys, researchers and journalists who need
an up-to-date collection of U.S. and International privacy law, as well
as a comprehensive listing of privacy resources.
"Filters and Freedom - Free Speech Perspectives on Internet Content
Controls," David Sobel, editor (EPIC 1999). Price: $20.
A collection of essays, studies, and critiques of Internet content
filtering.  These papers are instrumental in explaining why filtering
threatens free expression.
"Privacy and Human Rights 1999: An International Survey of Privacy Laws
and Developments," David Banisar, Simon Davies, editors, (EPIC 1999).
Price: $15. http://www.epic.org/privacy&humanrights99/
An international survey of the privacy and data protection laws found
in 50 countries around the globe.  This report outlines the
constitutional and legal conditions of privacy protection, and
summarizes important issues and events relating to privacy and
Additional titles on privacy, open government, free expression,
computer security, and crypto, as well as films and DVDs can be
ordered through the EPIC Bookstore: http://www.epic.org/bookstore/
[8] Upcoming Conferences and Events
Regulating the Internet: EU & US Perspectives. April 27-29, 2000.
European Union Center, the School of Communications, and the Center
for Law, Commerce & Technology at the University of Washington.
Seattle, WA. For more information:
Access Act Reform: The Destruction of Records and Proposed Access Act
Amendments. Riley Information Services. May 1, 2000. Westin Hotel.
Ottawa, Canada. For more information: http://www.rileyis.com/seminars/
Entrust SecureSummit 2000. May 1-4, 2000. Hyatt Regency Dallas at
Reunion. Dallas, TX. For more information: http://www.securesummit.com
Call for Papers -- 16th Annual Computer Security Applications
Conference. Deadline May 12, 2000. Sheraton Hotel. New Orleans, LA.
December 11-15, 2000. For more information: http://www.acsac.org/
Electronic Government: New Challenges for Public Administration and
Law. May 18, 2000. Center for Law, Public Administration, and
Informatization of Tilburg University, Netherlands. For more
information: http://schoordijk.kub.nl/crbi/egov/
Shaping the Network: The Future of the Public Sphere in Cyberspace.
Computer Professionals for Social Responsibility (CPSR). May 20-23,
2000. Seattle, WA. For more information:
New Millennium, New Horizons: Marketing and Public Policy Conference
2000. American Marketing Association. June 1-3, 2000. Marriott Metro
Center. Washington, DC. For more information:
First Annual Institute on Privacy Law: Strategies for Legal Compliance
in a High Tech and Changing Regulatory Environment. Practicing Law
Institute. June 22-23, 2000. PLI Conference Center. New York, NY.
For more information: http://www.pli.edu
Telecommunications: The Bridge to Globalization in the Information
Society. Biennial Conference of the International Telecommunications
Society. July 2-5, 2000. For more information:
First International Hackers Forum. The Green Planet. August 18-20,
2000. Zaporozhye, Ukraine. For more information:
KnowRight 2000 - InfoEthics Europe. Austrian Computer Society and
UNESCO. September 26-29, 2000. Vienna, Austria. For more information:
Privacy2000: Information and Security in the Digital Age. November 29,
2000. Adam's Mark Hotel. Columbus, Ohio. For more information:
Privacy: A Social Research Conference. New School University. October
5-7, 2000. New York, NY. For more information:
Subscription Information
The EPIC Alert is a free biweekly publication of the Electronic
Privacy Information Center. A Web-based form is available for
subscribing or unsubscribing at:
To subscribe or unsubscribe using email, send email to
epic-news@epic.org with the subject: "subscribe" (no quotes) or
Back issues are available at:
About EPIC
The Electronic Privacy Information Center is a public interest
research center in Washington, DC.  It was established in 1994 to
focus public attention on emerging privacy issues such as the Clipper
Chip, the Digital Telephony proposal, national ID cards, medical
record privacy, and the collection and sale of personal information.
EPIC is sponsored by the Fund for Constitutional Government, a
non-profit organization established in 1974 to protect civil liberties
and constitutional rights.  EPIC publishes the EPIC Alert, pursues
Freedom of Information Act litigation, and conducts policy research.
For more information, e-mail info@epic.org, http://www.epic.org or
write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC
20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax).
If you'd like to support the work of the Electronic Privacy
Information Center, contributions are welcome and fully
tax-deductible.  Checks should be made out to "The Fund for
Constitutional Government" and sent to EPIC, 1718 Connecticut
Ave., NW, Suite 200, Washington, DC 20009.
Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the
right of privacy and efforts to oppose government regulation of
encryption and expanding wiretapping powers.
Thank you for your support.
  ---------------------- END EPIC Alert 7.07 -----------------------
Return to:

Alert Home Page | EPIC Home Page