Daily updates on privacy stories in the news.

February 2001 Archives

« January 2001 | Main | March 2001 »

ACLU, EFF Defend Online Anonymity

The American Civil Liberties Union and the Electronic Frontier Foundation have taken legal action to defend the anonymity of persons who posted to Internet bulletin boards. The groups wish to heighten the legal standard that must be met before a court can force Internet service providers to reveal the identities of anonymous posters.

ACLU Defends Internet Anonymity, Newsbytes, February 26, 2001.
Lawsuits challenge anonymous speech online, SiliconValley.com (AP), April 2, 2001.

Bush Administration Delays Medical Privacy Regulations

The Bush Administration, at the request of health care lobbyists, has delayed the implementation of medical privacy regulations adopted in the last days of the Clinton presidency. The rules would have required medical service providers to gain consent before accessing patients' records.

Bush delays medical privacy rules, MSNBC (Reuters), February 26, 2001.

Judicial Conference to Conduct Privacy Hearing

The Judicial Conference of the United States, the body that sets policy for the federal courts, will hold a hearing on public access to electronic court files this week. The body will consider the privacy implications of creating a nationwide standard for publishing case files electronically.

Courts Face Privacy Conundrum, Wired, February 26, 2001
EPIC Comments on Public Access to Electronic Case Files, EPIC web site.
Judicial Privacy Policy Comment Page.

N2H2 Ends Data Selling Plan

N2H2, a company that collects data on children through the use of Internet content filtering software, has announced that it will discontinue the practice of selling reports on children's Internet browsing habits. EPIC had filed a series of FOIA requests to determine what information N2H2 was collecting from children and selling to the Department of Defense.

Internet Co. Drops Data - Selling Plan, New York Times, February 22, 2001 (registration required).
EPIC FOIA letter to DoD, EPIC Web Site.
Bess Won't Go There Profile of a Censorware Company, part I, The Spectacle, August 8, 2001.

IBM Ends Plan to Implement CPRM

IBM has withdrawn its proposal to digitally mark content with Content Protection for Removable Media (CPRM) technology.

IBM pulls digital tagging plan, CNET, February 22, 2001.

MD Legislature Considers Online Privacy Bill

Legislators in Maryland are debating the merits of a new online privacy bill that offers notice and opt-in consent for consumers. Despite widespread public support for such a measure, banking, retailing, health, telecommunications, and software lobbyists attempted to kill the legislation.

House leaders back bill to protect online privacy Industry lobbyists strive to weaken it, Baltimore Sun, February 22, 2001.

Sen. Nelson Signs Privacy Pledge

Senator Nelson (D-FL) has signed the Privacy Coalition's Privacy Pledge. The Senator also announced the introduction of two bills to promote privacy. The first would require customer consent before a business could share financial or medical information. The second establishes criminal penalties for those who steal or misuse Social Security numbers.

The Privacy Pledge.
Keep personal data private, Vero Beach Press Journal, February 20, 2001.

Judges to Conduct Hearing on Electronic Public Access to Court Documents

A subcommittee of the Judicial Conference of the United States will hold a panel hearing next month to evaluate the privacy and security issues involved with electronic public access to court documents.

Public Hearing Over Online Court Documents Planned, Newsbytes, February 20, 2001.

Harvard Professor Announces Development of Unbreakable Code

Dr. Michael Rabin and Yan Zong Bing have developed a cryptography system that erases the encryption key as it is used. The developers claim that the system is unbreakable.

The Key Vanishes: Scientist Outlines Unbreakable Code, New York Times, February 20, 2001.

Credit Card Fraud in EU Rises 50%

Credit card fraud increased by 50% last year in the European Union. While Internet transactions represent 2% of transactions in the EU, Internet transactions constituted 50% of all customer complaints.

EU-Wide credit card fraud soared 50 percent in 2000, Mercury Center (Reuters), February 19, 2001.

AOL Time Warner Considers Merging of Customer Info

AOL Time Warner may merge databases collected from Internet and cable subscription services. The customer information involved includes magazine subscriptions, web sites visited, channels ordered via cable, and programs watched on television.

AOL Time Warner in privacy dilemma: Mining its huge database may irk Net subscribers, Mercury Center (LA Times), February 19, 2001.

VeriSign Selling DNS Records, EPIC Urges Congressional Action

VeriSign, the parent company of Network Solutions, has been selling customer data from DNS records for over a year. This information includes the names and addresses of individuals who have registered domain names. EPIC has urged Congress to hold hearings on the issue.

EPIC Letter, EPIC Web Site.
Domain database sale--marketers delight, privacy nightmare?, ZDNET (WSJ), February 16, 2001.
VeriSign Has Been Selling Customer Data For A Year, Newsbytes, February 16, 2001.
Privacy, Tech Law Journal Daily E-Mail Alert, February 20, 2001.

Senator Introduces SSN Privacy Bill

Senator Shelby (R-AL) introduced S. 324, the Social Security Privacy Act. The bill would prohibit the sale and purchase of social security numbers and amend the Gramm-Leach-Bliley Financial Services Modernization Act to promote privacy.

S. 324, the Social Security Privacy Act, THOMAS Database.
Shelby Introduces Social Security Number Privacy Protection Legislation, Press Release, Senator Shelby Web Site, February 14, 2001.
US Senator seeks to boost bank bill privacy, ZDNET (Reuters), February 15, 2001.
Privacy Bill, Tech Law Journal Daily E-mail Alert, February 16, 2001.

Representatives Introduce Spam Bill

Representatives Wilson (R-NM) and Green (D-TX) have introduced the Unsolicited Commercial E-Mail Act of 2001. The bill prohibits sending unsolicited commercial e-mail that contains certain misrepresentations.

H.R. 717, the Unsolicited Commercial E-Mail Act of 2001, THOMAS Database.

Dutch ISPs, Privacy Advocates Object to Interception Requirement

Dutch Internet Service Providers warn that compliance with government mandates on communication interception standards may cause widespread bankruptcies. Privacy advocates also objected to the interception obligations, showing that technology that facilitates interception leads to increased government intrusions.

Interception Requirements Get Dutch Internet Providers Into Trouble, Heise, February 15, 2001.

Consumer Reports: Filters Remain Ineffective

A recent study by Consumer Reports magazine found that Internet content filters fail to block 1 in 5 sites deemed objectionable. The magazine editors report that the effectiveness of filters has not improved since the magazine last tested the programs four years ago.

Digital chaperones for kids, Consumer Reports Magazine, March 2001.
Web filters far from perfect, Consumer Reports says, Nandotimes (AP), February 15, 2001.

Advice on Protecting Online Privacy

The Christian Science Monitor published an article today detailing techniques to protect online privacy.

Some practical advice on protecting your identity online, Christian Science Monitor, February 15, 2001.

Bank of America Allegedly Sold Consumers' Credit Reports

A suit has been brought against Bank of America for allegedly selling thousands of consumers' credit reports to unaffiliated third parties.

Suit Says Bank Of America Violates Financial Privacy � Update, Newsbytes, February 14, 2001.

Census Examining 'Re-identification'

Marketers and data aggregators may be attempting to link individuals with their anonymously-submitted census forms. The U.S. Census Bureau is employing a number of techniques to combat re-identification. "Data-swapping," for instance, is the practice of switching data points on one citizen with another citizen's data.

Census bureau blurs data to keep names confidential, MSNBC.com (WSJ), February 14, 2001.

Reps Introduce Privacy Commission Study Act

Representatives Hutchinson (R-AR) and Moran (D-VA) have reintroduced the Privacy Commission Act. The bill would create a commission to study a wide range of privacy issues.

Reps. Asa Hutchinson, Jim Moran Introduce Privacy Commission Act, Rep. Hutchinson Web Site, February 13, 2001.
Privacy Commission Act, Rep. Hutchinson Web Site.
Bills Introduced, Tech Law Journal Daily Report, February 14, 2001.

Nazis Allegedly Monitored Citizens with IBM Technology

In a new book titled "IBM and the Holocaust," Edwin Black argues that the Nazis employed IBM technology to organize personal data on citizens and target them for extermination.

IBM hit with Holocaust victims' lawsuit, Mercury Center (AP), February 11, 2001.
IBM implicated in Nazi extermination of Jews, The Register, February 12, 2001.
Chief Auschwitz historian denies that IBM system was used in Auschwitz, Mercury Center (AP), February 12, 2001.

SafeWeb to Provide Privacy to CIA

SafeWeb, a commercial provider of online privacy tools, is now providing privacy protection to the CIA. The CIA reportedly is using a SafeWeb program called "Triangle Boy" to gain online anonymity.

SafeWeb.
Small Start-Up Helps the CIA To Mask Its Moves on the Web, Wall Street Journal, February 12, 2001 (subscription required).
Is Internet Anonymity Marketable?, Washington Post, February 16, 2001.

HP Joins US-EU Safe Harbor

Hewlett Packard has joined the US-EU Safe Harbor, an agreement purporting to protect flows of personal data between the two regions.

Safe Harbor, Department of Commerce Web Site.
HP to bridge US and EU privacy policies, Vnunet.com, February 13, 2001.

The Privacy Coalition Launches Privacy Pledge

The Privacy Coalition, a nonpartisan coalition of consumer, civil liberties, educational, library, labor, and family-based groups, launched the Privacy Pledge. The Pledge calls upon legislators to support laws that guarantee effective privacy protection.

The Privacy Pledge, The Privacy Coalition.
The Privacy Coalition Press Release, EPIC Web Site.
Privacy Coalition Asks Lawmakers to Sign Pledge, February 12, 2001.
Privacy Coalition Wants Legislators to Sign a Pledge, Tech Law Journal, February 12, 2001.
Coalition to Urge Officials to Endorse Privacy Pledge, Los Angeles Times, February 12, 2001.
Privacy groups to Congress: Get your act together, MSNBC.com, February 13, 2001.

Health Care Industry Mounts Attack on Medical Regulations

Lobbyists from the health care industry are attempting to weaken or delay the implementation of regulations adopted during the final weeks of the Clinton administration. Among other things, the rules specify that health care providers must obtain consent before using or disclosing patients' medical records. The Bush administration is reportedly looking for ways to revise and simplify the rules.

Medical Industry Lobbies to Rein In New Patients Privacy Rules, February 12, 2001 (registration required).
Getting Personal: Medical privacy reform in jeopardy, CBS Marketwatch, February 12, 2001.
Health-care Industry Lobbies Bush To Erode Patients New Privacy Code, Chicago Tribune, February 12, 2001.

Privacy-Promoting Programmers Win Anti-Censorship Award

Lorrie Cranor, Avi Rubin, and Marc Waldman, the creators of Publius, were honored with an award for the "Best Circumvention of Censorship" by the Index on Censorship. Publius is a web-publishing system that distributes files in fragments on the Internet. The system allows for anonymous publishing that is almost impossible to censor.

Best Circumvention of Censorship, Index on Censorship Web Page.
Publius Censorship Resistant Publishing System, Publius Web Page.

School Privacy Legislation Reintroduced

Senators Richard Shelby (R-AL) and Christopher Dodd (D-CT) reintroduced legislation that would require that schools obtain parental consent before collecting personal information from children for commercial use.

S. 290, the Student Privacy Protection Act, THOMAS Database.
Sens. Shelby, Dodd Reintroduce Student Privacy Bill � Update, Newsbytes, February 8, 2001.

FBI Renames Carnivore

The FBI has renamed Carnivore in an apparent attempt to minimize public concern over the Internet monitor tool. Carnivore is now called "DCS1000," which is short for "digital collection system."

FBI takes the teeth out of Carnivore's name, CNET, February 9, 2001.
Your Rights Online: A Privacy Invasion By Any Other Name, Slashdot, February 12, 2001.

Cyber-Terrorism Resolution Calls for Increased Vigilance

Citing an exponential growth in online crimes, Representatives Saxton (R-NJ) and Chambliss (R-GA) introduced a House Resolution declaring that "cyberterrorism" is an emerging threat to national security. The Resolution calls for public-private partnerships to combat the "cyber menace," a revised legal framework for prosecuting "hackers," and a new interagency study to assess the treat posed by cyberterrorists.

House Concurrent Resolution 22, THOMAS Database.
Reps. Saxton, Chambliss Intro Cyber-Terrorism Measure, Newsbytes, February 8, 2001.

EPIC to Establish Public Interest Project

The Electronic Privacy Information Center has announced the creation of the Internet Public Interest Opportunities Program (IPIOP). The program, made possible by a $1,000,000 grant from Professor Pamela Samuelson and Robert Glushko, will provide opportunities for law students to pursue public interest issues associated with technology and the Internet.

EPIC Press Release, EPIC Web Site.

Napster, Gnutella Users May Be Scanned, Spammed

BigChampagne, a marketing company, has been scanning the MP3 collections of Napster users and targeting ads based on their music tastes. The company apparently also targets ads based on users' search criteria. In a related story, Gnutella, a popular peer-to-peer file sharing program, may allow others to acquire users' cookies and other files.

Let Others Sue, Marketer BigChampagne Licks Chops Over Rich Napster Data, Inside.com, February 8, 2001.
The Napster parasites, Salon, February 9, 2001.
Gnutella swapping cookies, too, CNET, February 8, 2001.

UK Insurance Company Using Genetic Screening

Norwich Union Life, one of Britain's largest insurance companies, revealed at a House of Commons Committee meeting that genetic tests were used for screening potential buyers of life insurance.

Insurance firm admits using genetic screening, The Times, February 8, 2001.

FBI: Carnivore Doesn't Endanger Privacy

According to the FBI, Carnivore can be fine-tuned to capture only the network packets of a specific suspect. Further, to capture both the content and headers of a suspect's online communications, the agency must gain approval from a judge and senior Justice Department officials.

In Tapping the Net, the F.B.I. Insists Privacy Is Not a Victim, New York Times, February 8, 2001 (registration required).
Wiretap Laws: Defining Limits of Privacy Rights, New York Times, February 8, 2001 (registration required).

Companies Mount Challenge to VT Internet Law

A coalition of Internet companies and public interest groups have filed a complaint alleging that a recently-enacted Vermont law violates free speech rights. The law prohibits the communication of nudity or sexual content where it may be considered "harmful to minors."

Civil Libertarians Attack Yet Another State Cyber-Porn Law, Newsbytes, February 7, 2001.
Suit Challenges Vermont's Internet Law, Internet World, February 8, 2001.

EFF and Liberty Project Urge Court to Protect Anonymous Critics

The Electronic Frontier Foundation and the Liberty Project have asked a court to protect the identities of two persons who posted criticism of an ambulance company on an Internet bulletin board anonymously. The groups argue that the right of the "John Does" to speak anonymously is protected by the constitution, and that the company is simply attempting to expose the identities of its critics.

Free Speech Advocates Join Forces to Protect Anonymous Speech in Cyberspace, EFF Press Release, EFF Web Page.
Speech Groups Fight for Chat Anonymity, Newsbytes, February 7, 2001.
Free speech advocates push for anonymous chat rooms, CNET, February 7, 2001.

New Amazon Affiliate Program Can Track Users

Amazon's new "honor system," a scheme that allows Internet users to donate money to their favorite web sites, also increases the ability of the company to track users. An Amazon spokesperson claims that the company will "hobble" their servers to prevent the collection of personally-identifiable information from the program.

Is Amazon's Honor Plan Honorable?, Wired, February 6, 2001.
Amazon to collect donations for poor Web sites - at a price, Register, February 6, 2001.

Security Breached at World Economic Forum

Computer hackers were able to circumvent security precautions at the World Economic Forum and gain access to information on 1,400 prominent leaders. 80,000 pages of information, including the cell-phone and credit card numbers of Bill Clinton and Bill Gates were accessed.

Database Hacked at Davos Forum, Washington Post, February 6, 2001.

Internet Law Journal on Search and Seizure, Cyber Crime, and Web Seals

The February issue of the Internet Law Journal has just been published online. It includes articles on the new federal guidelines for searching and seizing computers, the Council of Europe Cyber Crime Convention and web privacy seals.

New Federal Guidelines for Searching and Seizing Computers-from servers to PDAs, Internet Law Journal, February, 2001.
Cracking Concerns Over Cyber Crime Treaty, Internet Law Journal, February, 2001.
Privacy Standards for Web Sites: Web Seals, Internet Law Journal, February, 2001.

Legislation to Strengthen Privacy Regulations

Senator Leahy (D-VT) has promised to propose legislation to alter the health care privacy regulations released by the Clinton Administration. Leahy's legislation would grant patients a private right of action against companies that misuse or sell their information. The legislation would also include opt-in provisions to require patient consent before medical records could be used for marketing.

Leahy Promises To 'Fill In Gaps' In Healthcare Privacy Rules, Newsbytes, February 5, 2001.

Privacy Foundation Exposes 'Email Wiretapping'

The Privacy Foundation has uncovered a method to spy on email messages sent in HTML format. By planting a JavaScript program in an HTML email, the message could be secretly returned to the sender every time it is forwarded. The Privacy Foundation Advisory suggests methods to prevent this security problem.

Email Wiretapping, Privacy Advisory, Privacy Foundation Web Page.
A New Trick Gives Snoops Easy Access to E-Mail, New York Times, February 5, 2001 (registration required).

EU Study: Spam Costs Users $9.4 Billion

A new study conducted by the European Commission estimates that E-mail spam causes users $9.4 billion in connection costs every year.

Commission study: "Junk" e-mail costs internet users euro 10 billion a year worldwide, EU Study, EU Web Page.
Spam Costs Users $9.4 Billion - EU Study, Newsbytes, February 2, 2001.
E-mail marketers question EU proposal, CNN.com, February 5, 2001.

FTC Approves Safe Harbor for Children's Online Privacy

The FTC approved the first "safe harbor" guidelines for web site compliance with the Children's Online Privacy Protection Act (COPPA). The approved guidelines were submitted by the Children's Advertising Review Unit of the Council of Better Business Bureaus.

First "Safe Harbor" Approved for Children's Online Privacy Protection Act, February 1, 2001.
FTC agrees to self-regulation for children's privacy at Web sites, Computerworld, February 2, 2001.
FTC OK's Kid's Privacy Safe Harbor Program, Newsbytes, February 2, 2001

CPC to Hold Hearings on Web Bugs

The Congressional Privacy Caucus, the bi-partisan, bi-cameral group of federal legislators, will examine the use of "web bugs" in hearings later this month. Web bugs are transparent GIF images that are used to track Internet users as they browse the Internet.

Privacy Foundation Web Bug Page.
Lawmakers to eye 'Web bugs' at upcoming hearing, Computerworld, February 2, 2001.
Lawmakers Announce Plans on Internet Privacy Law, Iwon.com (Reuters), February 1, 2001.

Juno to Employ Users' Computers for Virtual Supercomputer Project

Juno has announced the "Virtual Supercomputer Project," a plan to employ the "unused resources of the Juno subscriber base" for distributed computing. Under the project, subscribers to Juno's free Internet service would leave their computers running 24 hours a day. When the computer is not in use, Juno's system would run the computer's processor and hard disk drive to perform computations for third parties.

Juno Announces Virtual Supercomputer Project, Juno Press Release, February 1, 2001.
Juno to Harvest Wasted PC Power, CNET, February 1, 2001.
Juno and privacy, Slashdot, February 2, 2001.
Juno Announces Web Service Plan, New York Times, February 2, 2001 (registration required).

Trade Association Supports Federal Legislation With State Preemption

The Information Technology Industry Council (ITI), an industry association including AOL Time Warner, Microsoft, and Intel, has advocated federal privacy legislation. However, the group supports legislation that preempts state attempts at providing broader protection to consumers.

IT Industry Council Signals Privacy-Law Advocacy, Newsbytes, February 1, 2001.

Orwell v. Kafka: A Debate on Privacy Metaphors

Daniel Solove, a professor at Seton Hall Law School, argues in a soon to be published article that Kafka's The Trial provides more accurate privacy metaphors than Orwell's 1984. A working draft of the paper is online.

Privacy and Power: Computer Databases and Metaphors for Information Privacy, Seton Hall Law Web Page.
Kafkaesque? Big Brother? Finding the Right Literary Metaphor for Net Privacy, New York Times, February 2, 2001 (registration required).

Big Brother at the Super Bowl

Police video cameras were used at the Super Bowl to scan every person as they entered the stadium. The images captured were compared against a database of suspected criminals and terrorists.

Police Video Cameras Taped Football Fans, Washington Post, February 1, 2001.
Call It Super Bowl Face Scan I, Wired, February 2, 2001.
And Now, the Good Side Of Facial Profiling, Washington Post, February 4, 2001.
Police Taking Look at Facial Scans, Picking Criminals Out of Crowds a Privacy Concern, Los Angeles Times, March 19, 2001.

Sen. Dodd Joins Privacy Caucus

Senator Christopher Dodd (D-CT) has joined the Congressional Privacy Caucus (CPC). The CPC is a bi-partisan, bi-cameral body dedicated to privacy issues.

Congressional Privacy Caucus Announces New Member, Sen. Shelby Press Release, February 1, 2001.

FTC Identifies Companies Selling Personal Information

The Federal Trade Commission has identified 200 firms that are collecting personal financial information and selling it others. The FTC's investigation, Operation Detect Pretext, focuses on the practice where a person poses as a real customer in order to gain information on others from financial institutions.

FTC puts Web scammers on notice, Computerworld, January 31, 2001.
FTC Watches for Violations of Privacy Law, Washington Post, February 1, 2001.

Nortel Networks Develops New Tracking Software

Nortel Networks has developed a software suite that allows ISPs to secretly track users' online movements. The program initiative, "Personal Internet," can target advertisments to users based upon credit card purchase history or web browsing history.

Nortel's Net 'Tracking' System Irks Privacy Groups, EcommerceTimes, January 31, 2001.
Nortel Netware Sets Off Alarms, Wired, January 31, 2001.

Tech Association Announces Self-Regulatory Guidelines

In the wake of numerous privacy bills introduced on the state and federal level, the Personalization Consortium has developed self-regulatory privacy standards for industry. The guidelines specify notice, opt-out, access, and other requirements.

Web Firms Up Ante on Privacy Regulation, EcommerceTimes, January 31, 2001.
Personalization trade group proposes privacy guidelines, Computerworld, January 31, 2001.

AMA Releases Report on Health Information Privacy

The American Medical Associations' Ethical Force Program has released a consensus report on protecting health information privacy.

AMA E-Force Report, AMA Web Page.

EC Seeks Comment on Online Crime

The European Commission is seeking public comment on its activities and plans to address online crime.

EC Request for Cyber-Crime Comments, EC Web Page.

Toysmart Customer List to Be Destroyed

A bankruptcy judge approved the destruction of the Toysmart.com customer list database. A Disney subsidiary had offered $50,000 to purchase and destroy the list. However, under the new ruling, Toysmart may destroy the list without transfering the information to the Disney subsidiary.

Mass. Judge Says Toysmart Can Destroy Customer List, Newsbytes, January 30, 2001.

Recent Privacy Violations Show Need for Privacy Regulation

The recent privacy violations of DoubleClick, Nortel Networks, and N2H2 Inc. demonstrate that comprehensive privacy legislation is needed.

Self-Regulation Champions Dig Own Graves - Privacy Advocates, Newsbytes, January 30, 2001.