EPIC DIGEST 00.00.00

---------------------------------------------------------------
EPIC DIGEST AT PRIVACY.ORG

EPIC-DIGEST is a weekly update of news, information, and action
items posted on privacy.org.

March 20-28, 2001

TOC------------------------------------------------------------

NEWS
Alleged Identity Theft Targeted Rich and Famous   
CNN on NSA  
Microsoft to Include P3P in MSIE 6  
Supreme Court Rejects Maternal Drug Tests  
Vulnerability Discovered in PGP  
H.R. 718 Clears Subcommittee  
Muris to Chair FTC  
Music Industry Tracking MP3 Trading  
Microsoftąs Secure PC Prevents Unlicensed Digital Music Sharing  
COE Cybercrime Treaty Favors Law Enforcement  
Indiana Legislators Attempt to Protect Officialsą E-mail  
Private Detectives Mining Personal Data  
CIA Data Mining  
Privacy Foundation Exposes TiVo Information Collection  
Bush Administration Opposes EU Privacy Clauses  
Lobbyists Attack Privacy Legislation  
More Spam Legislation Introduced  
Health Secretary May Change Privacy Rule  
Web Sites not in Compliance with Child Privacy Rules  
House Committee to Consider Spam Bill Today  
Wireless Spam Proliferates  

ACTION
Support the Privacy Coalition's Privacy Pledge

NEWS-----------------------------------------------------------

Alleged Identity Theft Targeted Rich and Famous

A suspect has used credit reports and other sources of information to
steal the identities of dozens of prominent business leaders and
celebrities.

Report: Hacker charged with heist using Internet and Forbes' richest
list, Siliconvalley.com (AP), March 19, 2001.
http://www.siliconvalley.com/docs/news/svfront/013863.htm

Greatest Net Dupe in History?, Wired (Reuters), March 20, 2001.
http://www.wired.com/news/culture/0,1284,42517,00.html

Man Broke Into Accounts of Celebrities, Police Say, New York Times,
March 21, 2001 (registration required).
http://www.nytimes.com/2001/03/21/technology/21CYBE.html
---------------------------------------------------------------

CNN on NSA

CNN is running a five-part series on the National Security Agency, and
its surveillance on worldwide communications.

Eavesdropping on the World, CNN. 
http://www.cnn.com/SPECIALS/2001/nsa/
---------------------------------------------------------------

Microsoft to Include P3P in MSIE 6

Microsoft is integrating the Platform for Privacy Preferences (P3P) in
the upcoming release of Internet Explorer. P3P is supported by a number
of high-profile businesses, but has been criticized by privacy advocates
as an ineffective system to protect individualsą privacy rights.

As Congress Mulls New Web-Privacy Laws, Microsoft Pushes System Tied to
Its Browser, Wall Street Journal, March 21, 2001 (subscription
required). 
http://interactive.wsj.com/articles/SB985132165383902742.htm

Microsoft's P3P Plan for Online Privacy Gets Some Support From Big
Companies, Wall Street Journal, March 21, 2001 (subscription required).
http://interactive.wsj.com/articles/SB985132310603798616.htm

Privacy experts rip IE cookie cutter, ZDNet, March 22, 2001.
http://www.zdnet.com/zdnn/stories/news/0,4586,5080018,00.html

Pretty Poor Privacy: An Assessment of P3P and Internet Privacy, EPIC Web
Page. 
http://www.epic.org/Reports/prettypoorprivacy.html
---------------------------------------------------------------

Supreme Court Rejects Maternal Drug Tests

In a 6 to 3 decision, the Supreme Court has held that public hospitals
may not test pregnant women for drug use and release the results to law
enforcement without the patientąs consent or a warrant. The case arose
from a South Carolina Public Hospitaląs policy of drug testing pregnant
women who exhibited certain symptoms linked to substance abuse.

Ferguson v. City of Charleston, 99-936, Supreme Court Web Site.
http://a257.g.akamaitech.net/7/257/2422/21mar20011130/
www.supremecourtus.gov/opinions/00pdf/99-936.pdf

Pregnant Women Must OK Drug Tests, MSNBC.com, March 21, 2001.
http://www.msnbc.com/news/547557.asp?cp1=1
---------------------------------------------------------------

Vulnerability Discovered in PGP

A flaw has been discovered and confirmed in the popular Pretty Good
Privacy (PGP) encryption format. It allows for forgery of digital
signatures. However, the flaw does not affect files that have been
encrypted with PGP.

Your E-Hancock Can Be Forged, Wired, March 21, 2001.
http://www.wired.com/news/politics/0,1283,42553,00.html
---------------------------------------------------------------

H.R. 718 Clears Subcommittee

H.R. 718, the Unsolicited Commercial Electronic Mail Act of 2001 allows
individuals to opt-out of spam, requires the sender to include a working
return address, and grants new rights to Internet Service Providers who
wish to prevent the transmission of spam from their servers. Last year,
the same bill passed the House but failed in a Senate committee.

Anti-spam measure backed by House panel, ZDNet (News.com), March 21,
2001. 
http://www.zdnet.com/zdnn/stories/news/0,4586,5079891,00.html

Congressional subcommittee approves anti-spam bill, Siliconvalley.com
(Reuters), March 21, 2001.
http://www.siliconvalley.com/docs/news/tech/038326.htm

After Spam, Baloney to Swallow, Los Angeles Times, March 22, 2001.
http://www.latimes.com/business/cutting/20010322/t000024775.html

House Commerce Committee To Consider Anti-Spam Bill, Newsbytes, March
23, 2001. 
http://www.newsbytes.com/news/01/163575.html
---------------------------------------------------------------

Muris to Chair FTC

George Mason University law professor Timothy Muris has been appointed
by President Bush to chair the Federal Trade Commission. Murisą
appointment establishes a republican majority on the five-member
commission. It is reported that Muris will relax antitrust and online
privacy enforcement.

Muris Appointment to Usher In Changes In FTC's Antitrust, Web-Privacy
Policy, Wall Street Journal, March 22, 2001 (subscription required).
http://interactive.wsj.com/articles/SB985217786923423022.htm

Bush Pick for FTC Was on '80s Staff, Washington Post, March 22, 2001.
http://washingtonpost.com/wp-dyn/articles/A39821-2001Mar21.html
---------------------------------------------------------------

Music Industry Tracking MP3 Trading

The music industry has employed a tracking system to determine which
Internet users are trading MP3s online. It is reported that the
technology can track users who transmit files via IRC in addition to
Napster.

Music industry tracking individual MP3 file sharers, The Register, March
22, 2001. 
http://www.theregister.co.uk/content/6/17805.html

Who is Spying on Your Downloads?, Salon, March 27, 2001.
http://salon.com/tech/feature/2001/03/27/media_tracker/index.html
---------------------------------------------------------------

Microsoftąs Secure PC Prevents Unlicensed Digital Music Sharing

Microsoft is developing a new computer called "Secure PC" that prevents
the unlicensed copying of digital music. The new computer would act as a
digital record player: Users could purchase and listen to content that
would only play on a secure version of Windows Media Player. Users,
however, could not copy or alter the content.

MS plans 'Secure PC' that won't copy pirated audio files, March 23,
2001. 
http://www.theregister.co.uk/content/4/17851.html

Your Rights Online: Development of the Secure PC Proceeds, Slashdot,
March 25, 2001. 
http://slashdot.org/yro/01/03/25/1528222.shtml
---------------------------------------------------------------

COE Cybercrime Treaty Favors Law Enforcement

The Council of Europe Convention on Cybercrime carries controversial
provisions that have not been brought to public attention. Among other
things, the Convention will prohibit "virtual child pornography," it
will require standard procedures for the capture and retrieval of online
information in real time, and it requires nations to share electronic
evidence. The Convention is intended to ease law enforcement access to
evidence and prosecution of suspects.

Watch Out: An International Treaty on Cybercrime Sounds Like A Great
Idea, Until You Read The Fine Print, Cryptome (IP Worldwide), April
2001. 
http://cryptome.org/cycrime-godwin.htm

Internet Crime-Fighting Plan May Open Door for Snoopers, International
Herald Tribune, March 23, 2001. 
http://www.iht.com/articles/14308.html

Your Rights Online: Reading the Fine Print on the Cybercrime Treaty,
Slashdot, March 24, 2001. 
http://slashdot.org/yro/01/03/24/0254252.shtml
---------------------------------------------------------------

Indiana Legislators Attempt to Protect Officialsą E-mail

Legislators in Indiana are attempting to pass a bill that would protect
the e-mail and Internet records of all public officials. The bill would
treat e-mail and Internet access information as non-public records that
would not be available under the state open records law.

Lawmakers Try To Seal Officials' E-Mail, Net Records, Newsbytes, March
23, 2001. 
http://www.newsbytes.com/news/01/163581.html
---------------------------------------------------------------

Private Detectives Mining Personal Data

Private Detectives increasingly are employed by companies who wish to
investigate computer crime, the release of trade secrets, and employee
Internet use.

Private labs help companies fight computer crime in secret,
SiliconValley.com (AP), March 25, 2001.
http://www.siliconvalley.com/docs/news/tech/047336.htm
---------------------------------------------------------------

CIA Data Mining

The Central Intelligence Agencyąs data mining capabilities include the
automatic translation and transcription of audio signals and web pages
from foreign languages into English.

Making Sense of the Deluge of Data, CIA Technologies Refine Mass of
Information Into Analysis, Washington Post, March 26, 2001.
http://washingtonpost.com/wp-dyn/articles/A57318-2001Mar25.html
---------------------------------------------------------------

Privacy Foundation Exposes TiVo Information Collection

The Privacy Foundation has discovered that the TiVo personal video
recorder collects information about usersą TV viewing habits, and
communicates the information back to the companyąs headquarters.

TiVoąs Data Collection and Privacy Practices, Privacy Foundation, March
26, 2001.
http://www.privacyfoundation.org/privacywatch/report.asp?id=62&action=0

Privacy Foundation criticizes TiVo practices, SiliconValley.com, March
25, 2001. 
http://www.siliconvalley.com/docs/news/depth/tivo032601.htm

Privacy Group Raises Questions About TiVo, New York Times (Reuters),
March 27, 2001 (registration required).
http://www.nytimes.com/reuters/technology/tech-tivo-privacy-dc.html

Personal Tech: TV that stares right back at you, US News and World
Report, April 2, 2001.
http://www.usnews.com/usnews/issue/010402/nycu/estrogen.brf.htm#tech
---------------------------------------------------------------

Bush Administration Opposes EU Privacy Clauses

Bush administration officials have objected to European standard
contract clauses that incorporate greater privacy protection than
recognized in US law. Administration officials say that such protections
impose unduly burdensome requirements that will harm business.

U.S. Objects to EU's Proposed Rules Affecting Trans-Atlantic E-Commerce,
Wall Street Journal, March 27, 2001 (subscription required).
http://interactive.wsj.com/articles/SB985648649580930632.htm

Bush Team Opposes Proposed Euro Privacy Rules, The Standard (Reuters),
March 27, 2001.
http://www.thestandard.com/article/display/0,1151,23137,00.html
---------------------------------------------------------------

Lobbyists Attack Privacy Legislation

Business groups have revamped efforts to block legislation that expands
privacy protection to individuals.

Firms Renew Assault on Privacy Rules, Los Angeles Times, March 27, 2001.
http://www.latimes.com/business/20010327/t000026306.html
---------------------------------------------------------------

More Spam Legislation Introduced

Senators Burns (R-MT) and Wyden (D-OR) introduced the S. 630, the Can
Spam Act. The bill seeks to reduce the transmission of unsolicited
commercial e-mail by establishing an opt-out standard and requiring that
spam messages include a valid return e-mail address.

S. 630, the Can Spam Act, THOMAS Database.
http://thomas.loc.gov/cgi-bin/bdquery/z?d107:s.00630:

Burns, Wyden Move to "Can" Spam, Press Release, Senator Burns Web Site.
http://burns.senate.gov/p010327a.htm

Senators Introduce Bill To Can Spam, Newsbytes, March 27, 2001.
http://www.newsbytes.com/news/01/163713.html

Spam, Tech Law Journal Daily Report, March 28, 2001.
http://www.techlawjournal.com/alert/2001/03/28.asp
---------------------------------------------------------------

Health Secretary May Change Privacy Rule

Secretary of Health Tommy Thompson intends to change medical privacy
regulations proposed by the Clinton administration in light of claims
that the privacy protections will burden business.

Thompson seeks industry-friendly changes to medical privacy rules, New
Jersey Online (AP), March 28, 2001.
http://www.nj.com/newsflash/index.ssf?/cgi-free/
getstory_ssf.cgi?a0426_BC_Thompson&&news&newsflash-washington

Thompson Says He Expects to Relax New Rules Guarding Medical Privacy,
Wall Street Journal, March 28, 2001 (subscription required).
http://interactive.wsj.com/archive/retrieve.cgi?id=SB985748086147588064.djm
---------------------------------------------------------------

Web Sites not in Compliance with Child Privacy Rules

A recent study released by the Annenberg Public Policy Center has found
that web sites for children have not incorporated basic privacy
protections. About half of the sites surveyed had privacy policies that
were difficult to locate or difficult to understand.

Annenberg Public Policy Center. 
http://www.appcpenn.org/

Web Sites Found Lax in Protecting Child Privacy, New York Times, March
28, 2001. 
http://www.nytimes.com/2001/03/28/technology/28PRIV.html
---------------------------------------------------------------

House Committee to Consider Spam Bill Today

The House Commerce Committee will consider H.R. 718, the Unsolicited
Commercial Electronic Mail Act today.

H.R. 718, the Unsolicited Commercial Electronic Mail Act of 2001, THOMAS
Database. 
http://thomas.loc.gov/cgi-bin/bdquery/z?d107:h.r.00718:

Cooking Up a Revised Spam Bill, Wired, March 27, 2001.
http://www.wired.com/news/politics/0,1283,42630,00.html
---------------------------------------------------------------

Wireless Spam Proliferates

Mobile phone users have been unpleasantly surprised by the newest spam
technique: The sending of unsolicited commercial text messages directly
to usersą phones.

Unsolicited Text Messages Irk Many Cellphone Users, Wall Street Journal,
March 28, 2001 (subscription required).
http://interactive.wsj.com/articles/SB985735340294663006.htm


ACTION---------------------------------------------------------

Support the Privacy Coalition's Privacy Pledge

The Privacy Coalition, a nonpartisan coalition of consumer, civil
liberties, educational, library, labor, and family-based groups
unveiled the Privacy Pledge last week.  The Pledge calls upon
legislators to promulgate laws that effectively protection
personal privacy.

The Privacy Pledge 
http://www.privacypledge.org/
---------------------------------------------------------------

Privacy.org is a joint project of the Electronic Privacy
Information Center (http://www.epic.org) and Privacy
International (http://www.privacyinternational.org). For more
information, e-mail Chris Hoofnagle at digest-editor@privacy.org.
---------------------------------------------------------------

How to unsubscribe from EPIC-DIGEST:

You can leave the EPIC-DIGEST by entering the subscription e-mail
address at http://www.privacy.org/digest.php and selecting
"unsubscribe." Or, you can send a blank e-mail message to
EPIC-DIGEST@lists.epic.org from the subscribed address with the
following text in the subject line: unsubscribe

If you experience difficulty with subscription issues, send a
message to digest-editor@privacy.org.
---------------------------------------------------------------

EPIC-DIGEST Privacy Policy: http://www.privacy.org/privacy.php
---------------------------------------------------------------
END EPIC-DIGEST