January 2001 Archives

« December 2000 | Main | February 2001 »

EPIC Submits FOIA Request to DoD on Children's Browsing

EPIC has filed a series of FOIA requests to obtain information from the Department of Defense and the agency's purchase of aggregate data on children's Internet browsing habits. The Department of Defense is paying $15,000 for data collected by N2H2. N2H2 collects data from children's Internet browsing behavior through the use of content filters installed at public and private schools and colleges across the country.

EPIC FOIA Request, EPIC Web Page.
The Army Is Watching Your Kid, Wired, January 29, 2001.
Group Wants Feds To Disclose Plans For Kids' Net Data, Newsbytes, January 29, 2001.

FTC's 'Consumer Sentinel' Online

The FTC's fraud-fighting site, the Consumer Sentinel, is online. The page features access to complaint information, consumer tips, and an online fraud complaint page.

Consumer Sentinel, FTC Web Page.
FTC Offers Fraud, Identity Theft Data Online, Newsbytes, January 30, 2001.

Online Privacy Legislation Introduced

Senator Edwards (D-NC) re-introduced a bill on Monday to address online privacy and the use of cookies. The bill, S. 197, requires web sites to gain consent from users before tracking their movements with cookies.

S. 197, THOMAS database.
Senator Edwards Proposes Spyware Law, Press Release, Sen. Edwards Web Page, January 29, 2001.
Senator introduces strong internet-privacy bill, Mercury Center (Reuters), January 30, 2001.

Australian Privacy Commissioner: Comply or Be Fined

The Australian Privacy Commissioner has given businesses a one year deadline to comply with the Private Sector Act of 2000. The Act regulates the collection, use, storage and disclosure of personal information.

Australian Privacy Commissioner's Web Site.
None of your business: privacy laws takes hold, Computerworld, January 24, 2001.

Australian ISPs Charge Police for Investigation Costs

Internet service providers in Australia will soon implement be repaid for costs associated with police investigations of Internet users. The payment schedule is a result of increased police investigations that require the participation of ISPs.

SA Police to pay for Net searches, IT News, January 22, 2001.

DoubleClick Reportedly Developing New Method to Combine Data

Following the end of the FTC's investigation of DoubleClick, the company may be implementing a new system for combining offline purchase data with clickstream information gained through the use of cookies.

E-Commerce Report: DoubleClick Seeking Ways to Protect Users' Anonymity, New York Times, January 29, 2001 (registration required).

Ashcroft Promises to Review Carnivore

In a response to a written question asked by Senator Herb Kohl (D-WI) regarding Carnivore, Attorney General nominee John Ashcroft responded that he would conduct a "�thorough review of Carnivore and its technical capabilities, and work closely with law enforcement to ensure that adequate measures are taken to secure personal privacy before the program is deployed."

Ashcroft to Chew On Carnivore, Wired News, January 27, 2001.
EPIC Carnivore Archive, EPIC Home Page.

Groups Sound Off on Access to Court Records

A number of organizations submitted comments to the Administrative Offices of the US Courts Friday regarding public access to electronic case files. Case files sometimes contain sensitive personal information, such as Social Security numbers, medical information, financial information, and family-conflict information. Unhindered access to this information may result in risks to personal privacy.

EPIC Public Access to Electronic Case Files Comments, EPIC Home Page.
National Commission Needed to Review Privacy of Court Records, Privacy Foundation Home Page.
Privacy group seeks review of Net access to court files, New York Times, January 26, 2001 (registration required).
Group Calls For Privacy Review Of Court Records Database, Newsbytes, January 26, 2001.
Privacy group seeks review of Net access to court files, CNET, January 26, 2001.
Privacy Groups, Journalists Clash Over Court Records Database, Newsbytes, January 29, 2001.

FDIC Releases Privacy Rule Handbook for Banks

The Federal Deposit Insurance Corporation released a privacy handbook for institutions attempting to comply with consumer financial information rules under the Gramm-Leach-Bliley Act (GLBA). Compliance with the GLBA provisions is required by July 1, 2001.

Privacy of Consumer Financial Information, FDIC Press Release, January 22, 2001.
FDIC Privacy Rule Handbook, FDIC Web Page.

Consumers International Survey: US and EU Web Site Ignore Privacy Standards

A survey of 751 web sites concluded that a high percentage of both US and EU web sites fail to protect users' privacy. The survey authors argue that existing governmental measures in place to protect privacy are inadequate.

Consumers International Report, Consumers International Web Page.
US And EU Websites Fall Short Of The International Standards On Privacy, Consumers International Press Release, January 25, 2001.
Consumer group: Online privacy protections fall short, Computerworld, January 24, 2001.
Most US, EU Sites Ignore Int'l Privacy Standards, Newsbytes, January 24, 2001.

Printing Error Causes Privacy Breach

A printing error by an American Express processing center that administers 401(k) accounts resulted in clients receiving other persons' account statements. Some clients received statements that included the Social Security Numbers, birth dates, and fund balances of coworkers and strangers. Andrew Shen, of EPIC, commented that: "More and more, the cause of privacy breaches isn't malicious intent but a programming mistake."

Retirement Plan's Error Discloses Personal Data, Washington Post, January 24, 2001.

DEA Agent Allegedly Sells Police Information to Private Investigators

A Drug Enforcement Administration Agent has been charged with illegally accessing law-enforcement computer systems, wire fraud, and bribery for allegedly selling data from police databases to private investigators.

DEA data theft raises privacy concerns, CNET, January 24, 2001.

More Online Privacy Legislation Introduced

Representatives Cannon (R-UT) and Eshoo (D-CA) have introduced federal privacy legislation requiring notice and opt-out for collection of personally-identifying information. The Bill, H.R. 237, is titled the Consumer Internet Privacy Enhancement Act.

H.R. 237, THOMAS Database.
Reps. Cannon and Eshoo Unveil Internet Privacy Legislation, Rep. Cannon Press Release, January 23, 2001.
Congress Takes on Internet Privacy Legislation, Silicon Valley News (Reuters), January 23, 2001.
Privacy bills emerging at federal and state levels, Computerworld, January 24, 2001.

State AGs Argue Against State Preemption on Privacy Legislation

The National Association of Attorneys General (NAAG) will urge Congress not to pass federal privacy legislation that preempts state efforts to protect privacy. NAAG will argue that consumers and competition will benefit from a scheme where states play an active role in shaping privacy policy.

NAAG Homepage.
States to Weigh In on Privacy, The Standard, January 23, 2001.

Proposed UK Legislation Grants More Power to Police

The Criminal Justice and Police Bill, currently being considered by the UK government, would broaden police powers to invade the privacy of citizens. The legislation allows an expansion of the DNA database, the copying and storage of computer hard drives, and allows the fining of suspects for certain misdemeanors without performing an arrest.

Criminal Justice and Police Bill, UK Home Office Page.
Privacy Battle Brews in England, Wired News, January 23, 2001.

Travelocity Exposed Customers' Information

A security breach at Travelocity.com, a popular travel web site, allowed Internet users to view the names, addresses, phone numbers, and e-mail addresses of 51,000 members without a password. This security breach is the newest in a series of incidents involving popular web sites such as Egghead.com and Creditcards.com. Jason Catlett, President of Junkbusters, commented: "There's a rush to be first with a new feature and to get the promotion running rather than making sure all of the doors are locked before they open the front gate."

Travelocity exposes customer information, CNET, January 22, 2001.
Travelocity Admits Security Lapse on Web Site, Washington Post, January 23, 2001.

Senator Predicts Privacy Legislation

Senator Wyden (D-OR) predicts that Congress will send a privacy bill to the President this year. Wyden is calling for legislation that allows private sector initiatives and specifies opt-out choice for consumers.

Sen. Wyden Predicts Congress Will Pass a Privacy Bill This Year, Tech Law Journal, January 22, 2001.

Bush Opts-Out of E-mail Use While in Office

Citing privacy concerns, President George W. Bush will not use e-mail while in office. Andrew Shen of EPIC commented: "E-mail is very permanent, and the executive office is not covered by the 1974 federal privacy act."

Internet Privacy Law Picks Up Steam, Newsfactor, January 22, 2001.

Rotenberg: Governments Should Protect Privacy, Consumer Interests

Marc Rotenberg, Executive Director of EPIC, writes in the current issue of the OECD Observer that governments have a role in protecting consumer and privacy interests but governments should not regulate content, information, or ideas.

Confidence and e-commerce, OECD Observer, January 2001.

FTC Ends DoubleClick Investigation

The FTC ended its investigation into the business practices of DoubleClick, Inc., a large supplier of Internet advertising. The investigation was initiated after EPIC filed a complaint with the FTC alleging that DoubleClick engaged in unfair and deceptive trade practices for making representations of anonymity while attempting to link its database with personally-identifiable information from Abacus Direct. In its decision Monday, the FTC did not address EPIC's allegations.

FTC letter to Christine Varney, attorney for DoubleClick, January 22, 2001.
EPIC's complaint against DoubleClick, February 2000.
FTC drops probe into DoubleClick privacy practices, CNET, January 22, 2001.
FTC clears DoubleClick, The Standard, January 22, 2001.
F.T.C. Drops DoubleClick Inquiry, New York Times, January 23, 2001 (registration required).

Complaints Received Under New Canadian Privacy Act

Canada's privacy commissioner has received four formal requests for investigation under the newly enacted Personal Information Protection and Electronic Documents Act. The Act provides broad privacy protections for Canadians, including a requirement for express opt-in consent before businesses can collect, use, or transfer personal information and the right to access personal information held in private databases.

Confidentiality fears swamping privacy watchdog, The Toronto Star, January 17, 2001.
Net privacy big issue: poll Eighty per cent of Canadian users concerned about personal information, Montreal Gazette, January 17, 2001.
Guarding consumer privacy isn't just the law -- it could keep your e-business from crumbling, Globe and Mail, January 25, 2001.

Update Agents and 'Spyware' May Monitor Software Users

Update agents, programs that may track browsing habits, computer configuration, or the availability of software patches, may extract personal and other information from a user's computer. Often, the user is unaware of the information transfer, as consent to the use of update agents and "spyware" is usually buried in the fine print of a user agreement.

How to Keep Vendors From Quietly Violating Your Privacy, New York Times, January 18, 2001 (registration required).

Industry Association Develops Principles for Online Privacy

???�?ican Electronics Association (AEA), a trade association of high-tech companies, has announced support for federal privacy legislation. The AEA's principles call for legislation that supercedes the right of state legislatures to develop stronger protections than those set by the federal government.

Electronics trade group backs privacy measures for the U.S., Wall Street Journal, January 18, 2001 (subscription required).
Tech industry consumer advocates set grapple with Congress over pressing Internet security issues, San Francisco Chronicle, January 29, 2001.
Tech to Bush: Leave Us Alone, AP, January 30, 2001.
Tech industry calls for privacy self-regulation, USA Today, January 30, 2001.
Group: Self Regulate Tech Privacy, New York Times, January 30, 2001 (registration required).

Jon Katz: Privacy And Dignity Are Being Eroded By Technology

In the second installment of an essay on technology and privacy, Jon Katz reviews U.S. and international privacy policies. Katz writes: "The U.S. codified the idea of constitutionally-guaranteed privacy, but other countries do a much better job of protecting it these days."

The Tightening Net: Part One, Slashdot, January 11, 2001.
The Tightening Net: Part Two, Slashdot, January 16, 2001.

Rep. Holt Introduces Bill to Regulate 'Information Collection Devices'

Rep. Holt (D-NJ) has introduced the Electronic Privacy Protection Act, which prohibits the manufacturing, sale, or use of information collection devices without proper labeling or notice and consent. The Act directs the FTC to establish rules for labeling and gaining consent from consumers using data-collecting devices.

H.R. 112, the Electronic Privacy Protection Act, THOMAS Database.

New Medical Regulations Allow Marketing to Patients

The new federal medical privacy regulations allow the use of patients' information for marketing and fundraising purposes. Doctors, hospitals, and health services companies will be able to send targeted health information and product promotions to individual patients. Privacy Consultant Robert Gellman said that the rule "�authorizes a kind of behavior that was once viewed as unethical or improper."

Medical Privacy's Tangled Web, Wired News, January 15, 2001.
Patient Files Opened to Marketers, Fundraisers, Washington Post, January 16, 2001.
Medical privacy rules give patients and marketers access to health data, U.S. News and World Report, January 29, 2001.

Electronic Court Filing Poses Privacy Challenges

The Judicial Conference of the United States has requested comments on the electronic case management system, which is to be adopted by the federal courts. The new system raises privacy challenges, as case information that had been previously stored in courthouses across the country may now be available to anyone with a computer. This information, including medical records, employment records, financial records, and social security numbers may be used for identity theft, data mining, and marketing.

Courts consider privacy perils of electronic filing, Legal Times (Law.com), January 16, 2001.
Public records and private details readily available on the Internet, San Diego Union-Tribune, January 16, 2001.
Judiciary Privacy Policy Comment Page.

Online Signatures May Eliminate Anonymous Web Surfing

Legislatures around the world are creating procedures for using legally-binding electronic signatures. The technology may bring convenience and security to e-commerce and business. However, EPIC's David Sobel notes: "If we get to the point where digital signatures are widely used, and everyone is expected to have one, it's likely to become a requirement for registering with Web sites�We're likely to get into a situation where you can't use the Internet anonymously any more."

New Laws on Online Signatures May Expand Trade by E-Mail, The International Herald Tribune, January 15, 2001.

MI Attorney General Settles Complaint Against eGames

eGames has settled a lawsuit alleging that the company failed to inform consumers of the presence of "spyware" in its programs. The company has agreed to stop producing software containing spyware, which included programs made by Conducent. The company has also agreed to post a privacy policy approved by the AG and provide a utility to remove the Conducent programs.

MI AG Press Release, Michigan AG Office, January 10, 2001,
Michigan Reaches Privacy Pact With eGames Over 'Spyware', Newsbytes, January 12, 2001.

Supermarket Card Databases May Be Sold, Obtained By Police

Grocery store savings cards offer discounts to shoppers in exchange for tracking consumer behavior. David Sobel, of EPIC, points out that shopping records could be obtained by court subpoena or purchased by a health or life insurance company to monitor lifestyle habits including smoking, consumption of alcohol, and consumption of unhealthy foods.

The Savings Swipe: What are you trading for discounts at the register?, Morning Call, January 11, 2001.

Sex Offender Web Pages Insecure

A media investigation into the security of state-run sex offender sites has shown that nine of the sites are insecure. Even inexperienced computer hackers could breach the security of some sites, raising the issue of whether criminals could erase their records or add the names of innocent persons to the offender databases.

Sex offender Web sites are insecure, MSNBC, January 11, 2001.

Germany Establishes 'Virtual Privacy Office'

German officials have established a education-oriented "Virtual Privacy Office" for consumers. In addition to privacy officials from Canada, Switzerland, and the Netherlands, all eighteen German Privacy Officers are affiliated with the site.

Do You Even Know Who's Watching?, Wired News, January 11, 2001.
Virtual Privacy Office.

EU Officials Consider Spam Ban

European Union officials are considering an enforcement scheme and other challenges presented by legislation that would prohibit the sending of unsolicited commercial e-mail. The officials favor the establishment of an opt-in system for the receipt of spam..

European Union ponders crackdown on spam, Nando Times, January 10, 2001.
EC Debates Opt-In Vs. Opt-Out, DMNews, January 24, 2001.

Dutch Employees Can Monitor Workers

Under a new data protection ordinance, companies in the Netherlands can monitor their workers' e-mail and Internet activity. However, the ordinance requires employers to communicate details about monitoring with staff and labor unions.

Dutch Employers Can Monitor Employees' Online Activities, Newsbytes, January 10, 2001.
The Dutch Data Protection Authority.

Anti-Wireless Spam Bill Introduced

Representative Holt (D-N.J.) has introduced legislation prohibiting the transmission of unsolicited commercial messages to wireless devices. H.R. 113 "would amend section 227 of the Communications Act of 1934 to prohibit the use of the text, graphic, or image messaging systems of wireless telephone systems to transmit unsolicited commercial messages."

Bill aims to block wireless junk email, CNET, January 10, 2001.
H.R. 113, the Wireless Telephone Spam Protection Act, THOMAS Database.
Wireless Industry Treads Carefully on Privacy, February 7, 2001.

EBay Changes Users' Privacy Preferences

EBay.com announced to customers that the company will change the privacy preferences of certain users who have opted out from receiving promotional materials. The company claims that the preference change will remedy a computer error that prevented new members from opting in to the receipt of promotional materials.

When It Came to Privacy on EBay, No Became Yes, New York Times, January 11, 2000 (registration required).
EBay warns glitch may bring unwanted e-mail, Washington Post, January 10, 2001.
EBay makes users 'bidder' Wired News, January 9, 2001.
Glitch annoys EBay Customers, Mercury Center (AP), January 9, 2001.

Click "Read More" to see the EBay e-mail to customers.

Business Lobby to Oppose Privacy Legislation

The U.S. Chamber of Commerce will oppose legislative efforts to implement federal standards for online privacy. Industry leaders say that legislation is unnecessary, and that the current self-regulatory scheme has not yet been given enough time to develop privacy protection.

US Chamber Vows To Fight Privacy Legislation, Newsbytes, January 9, 2001.

Microsoft Operating System Links Registration to Individual Computers

Windows Whistler will contain "Microsoft Product Activation for Windows" (WPA). WPA links the program to the machine, preventing subsequent installations on different computers. Activation of the program requires registration with a Microsoft-run license clearinghouse.

Whistler build adds anti-piracy lock, MSNBC, January 8, 2001.
New 'Whistler' build adds anti-piracy lock, Yahoo News (ZDNet), January 8, 2001.
Microsoft bolsters anti-piracy measures, CNET, January 12, 2001.
Consumer rights on the block?, ZDNet, January 17, 2001.

Michigan Secretary of State Sues Federal Government to Protect Privacy

Candice Miller, Michigan's Secretary of State, has filed suit against the federal government to block enforcement of a law that requires the State to collect social security numbers from seven million motorists. The federal requirement, part of a provision in the Welfare Reform Act of 1997, was intended to uncover citizens who owe child support payments.

Secretary Miller files lawsuit to protect Michigan residents� privacy, Michigan Department of State Press Release, January 4, 2001.
Suit claims invasion of privacy: State official wants to protect Social Security numbers, Detroit News, January 5, 2001.

Privacy Protections Extended to Child Killers

The two British boys who killed a toddler in 1993 are now adults and are to be released from a detention center this year. As a result of publicity and public anger surrounding the killings, a British court has extended privacy protections to the boys, including issuing them new identities and placing restrictions on media coverage.

British Court Grants Anonymity to Killers of Toddler, New York Times, January 9, 2001 (registration required).
When Killer Boys Grow Up: Two infamous 10-year-old murderers in Britain have become men. Do they merit new, anonymous lives?, Time, January 22, 2001.

Disney Offers $50,000 to Eliminate Toysmart.com Customer Database

According to a bankruptcy settlement in the Toysmart.com case, a Disney subsidiary will offer $50,000 to Toysmart.com to eliminate its customer database.
Toysmart.com's practices in regards to collecting personal identifying information from consumers were the focus of FTC privacy enforcement action in 2000.

Toysmart.com case settled: Disney unit will pay $50K for defunct firm, which will destroy its own customer records, CNNFN, January 9, 2001
Settlement Made in Toysmart Case to Protect Customer Names, Mercury Center (AP), January 9, 2001.
Disney Unit Is Offering $50,000 To Toysmart to Kill Customer List, Wall Street Journal, January 9, 2001 (subscription required).
FTC Announces Settlement With Bankrupt Website, Toysmart.com, Regarding Alleged Privacy Policy Violations, Federal Trade Commission Press Release, July 21, 2000.

Egghead.com: Hacker Did Not Access Credit Cards

Egghead.com, an Internet merchant, reported last month that a hacker gained access to its system, and possibly to its database of 3.5 million customers. Egghead.com spokespersons now claim that the hacker did not access customers' credit card numbers.

Egghead.Com: Credit Cards Are Safe, New York Times, January 8, 2001 (registration required).
Egghead says hacker didn't get access to cards, CNET, January 8, 2001. Egghead.com Says Hacker Did Not Nab Credit Card Numbers, Newsbytes.com, January 8, 2001.
Egghead: No Evidence That Hacker Stole Credit Card Info, Mercury Center (via Reuters), January 8, 2001.

Airline's Entry to Private Website May Have Been Unlawful

Hawaiian Airlines may have violated federal wiretap laws when an executive used a pilot's name to access a private web site that contained comments critical of the company. The 9th Circuit Court of Appeals ruled that accessing a private web site under false pretenses may constitute a violation of the Federal Wiretap Act and the Stored Communication Act.

Airline may be held liable for accessing Web site, CNET (Bloomberg News), January 8, 2001.
Konop v. Hawaiian Airlines, No. 99-55106, Findlaw.com.
Court withdraws opinion on Web site access, CNET (AP), August 29, 2001.

Rotenberg: Privacy Issues Are High on the Agenda in the Next Administration

In the current issue of the American Lawyer, EPIC's Marc Rotenberg writes that privacy issues will be high on the agenda for the incoming Administration. Key issues will include privacy safeguards for electronic commerce, Carnivore, changes to the federal wiretap statute, a privacy commission, and international standards for privacy protection. Rotenberg concludes, "The first President of the twenty-first century is likely to have a big impact on the future of privacy in America."

Can We Keep A Secret?: From consumer protections to FBI surveillance, privacy will be among the next president's most pressing issues, American Lawyer, January 2001.

Many Privacy Policies Fail to Inform of All Risks of Disclosure

Many privacy policies do not inform users that their information may be shared with third parties as a result of a subpoena or a business merger. This article discusses a number of services that may share information with third parties, including highway toll-collection systems, online discussion boards, enhanced 911 service, and supermarket membership cards.

The privacy tradeoff: Many consumers sacrifice privacy for convenience. But they may eventually pay a price, Boston Globe, January 8, 2001.

Canadian Privacy Act Offers Strong Protections

Canada's Personal Information Protection and Electronic Documents Act took effect this month. The Act provides broad privacy protections for Canadians, including a requirement for express opt-in consent before businesses can collect, use, or transfer personal information and the right to access personal information held in private databases.

New Year Resolutions - Your Privacy Responsibilities, TechnologyCanada.com, January 5, 2001.
Tougher Laws Protect Privacy, The Toronto Star, December 26, 2000.
The Personal Information Protection and Electronic Documents Act, Privacy Commissioner of Canada website.

Few Businesses Have Joined EU Safe Harbor Agreement

Only 12 American businesses have joined the European Union Safe Harbor Agreement. The provision allows American businesses to make transfers of private data with EU citizens without violating the EU Privacy Directive.

US Businesses Slow To Adopt EU Safe Harbor Agreement, Newsbytes.com, January 4, 2001.
Safe Harbor Is a Lonely Harbor, Wired News, January 5, 2001
European Union Directive on Data Protection, Privacy International website.
Safe Harbor Provisions, Department of Commerce website.

Nominee for Attorney General May Support Privacy

John Ashcroft, the Bush administration�s nominee for Attorney General, has been a strong advocate of lifting export controls on encryption technology. This support for encryption may foreshadow his stand on the Carnivore system.

US Attorney General nominee is pro-privacy, The Register, January 4, 2001.

Privacy Bills Introduced in House

Representative Frelinghuysen (R-NJ) has introduced three privacy bills in the House. The first, H.R. 89, calls upon the FTC to prescribe regulations to protect the privacy of Internet users. The second, H.R. 90, prohibits telemarketers from shielding their identities from caller ID systems. The last, H.R. 91, would regulate the use of Social Security numbers and related personally identifiable information.

Representative Paul (R-TX) introduced the Identity Theft Prevention Act. The Act would require the Social Security Administration to reissue new tax identifiers to all Americans. The new numbers would be the legal property of the recipient.

ISP Shield Bill, House Tech Measures Debut, Newsbytes.com, January 4, 2001.
Congressman Reintroduces Social Security Bill, DMNews, January 23, 2001.
Representative Paul�s remarks, GPO Access.
Representative Paul�s �Privacy Forum,� Congressional website.
H.R. 89, the Online Privacy Protection Act, THOMAS database.
H.R. 90, the Know Your Caller Act, THOMAS Database.
H.R. 91, the Social Security On-line Privacy Protection Act, THOMAS Database.
H.R. 220, the Identity Theft Protection Act THOMAS Database.

Bipartisan Group to Introduce Internet Privacy Legislation

Citing broad public support and a government study showing the ineffectiveness of industry self-regulation, a bipartisan group of senators and congressmen plan to introduce internet privacy legislation this year.

Privacy, broadband access top Capitol Hill agenda, CNET, January 3, 2001.
New Congress to Push Privacy, Wired News, January 7, 2001.

Most Employers Monitor Workers

In a recent study 74% of respondents reported that they monitor employee's Internet use at work, 72% monitor e-mail, and 51% monitor phone calls. The survey, conducted by the Society for Human Resource Management and the West Group, was based on a sample of human resources workers from 722 companies.

Careful -- should you read this? Monitoring employees: Eyes in the workplace, CNN.com, January 2, 2001.

FBI's Carnivore Not Deserving of Citizens' Trust

The St. Petersburg Times has published an editorial arguing that the FBI cannot be trusted to use the Carnivore program within the bounds of law. The institutional editorial highlights weaknesses in the Carnivore system, and the FBI's use of the system without a warrant.

Carnivore Devours Trust, St. Petersburg Times, January 3, 2001.
Carnivore changes name, not mission, USA Today, January 15, 2001.

Driver's License Photos to Be Included In Police Lineup System

A Florida Sheriff has received a grant from the Clinton Administration to create a digital photograph lineup system. The system will assist police in identifying suspects by comparing images taken from crime scene surveillance camera with "mug shots" from arrest records and photographs from driver's licenses.

All drivers may appear in digital lineups, St. Petersburg Times, December 22, 2000.

University Cancels Deal to Sell Patient Information

Boston University has cancelled a deal to sell its database of information on heart attack and stroke victims. Framingham Genomic Medicine had planned to sell access to the database to for-profit companies. The database, which was generated in part from public funds, includes 50 years of medical and behavioral information on 10,000 individuals.

BU Cancels Deal to Sell Patient Data, Boston Globe, December 29, 2000.