EPIC DIGEST 06.06.02

 
--------------------------------------------------------------- 
EPIC DIGEST AT PRIVACY.ORG

EPIC-DIGEST is an update of news, information, and action items 
posted on privacy.org.

June 6, 2002-August 14, 2002

TOC------------------------------------------------------------

NEWS
Supreme Court Appeal Denied in Profiling Case 
ND: 72% Opt for Opt-In 
Top 10 Police Database Abuses Released 
Popular Science: All Eyes Are On You 
Microsoft Announces Hailstorm 2.0: The Palladium System 
Supreme Court Upholds Student Drug Tests 
Several Cities Reject PATRIOT Act 
Dr. Koop.com Breaks Promise, Agrees to Sell Customer Data 
Your Grocery List Could Spark a Terror Probe 
Office of Homeland Security Advocates Biometrics 
Push to make juvenile records open 
Oregon Woman Gets $5.3 Million for Credit Reporting Company Errors 
Britain’s Patriot Act type snooping laws may be illegal 
GAO Releases Report on ID Theft Enforcement Results 
Fighting for Internet Privacy in Pakistan 
FCC: Fax.com Liable for $5.3M in Junk Faxing Fines 


NEWS-----------------------------------------------------------

Supreme Court Appeal Denied in Profiling Case 

The U.S. Supreme Court has denied the appeal of Trans Union to hear 
a case involving the sale of "tradelines," credit information that 
includes name, address, date of birth, telephone number, Social 
Security number, account type, opening date of account, credit 
limit, account status, and payment history.  The Circuit Court had 
ruled that the company could not sell tradelines for marketing 
purposes because they constituted a credit report for purposes of 
the Fair Credit Reporting Act (FCRA).  The Circuit Court also 
rejected Trans Union's claims that target marketing based on credit 
reports is protected by the First and Fifth Amendments.

Trans Union v. FTC, No. 01-1080 (US 2002).
http://a257.g.akamaitech.net/7/257/2422/10jun20021130/www.supremecou
rtus.gov/opinions/01pdf/01-1080.pdf 

Trans Union v. FTC, No. 00-1141 (D.C. Cir. 2001).
http://pacer.cadc.uscourts.gov/common/opinions/200104/00-1141a.txt

EPIC Profiling Page.
http://www.epic.org/privacy/profiling/
---------------------------------------------------------------

ND: 72% Opt for Opt-In 

In a statewide referendum yesterday, North Dakota voters chose to 
reestablish opt-in privacy protections for financial information.  
A "No" vote on Constitutional Measure Two rejected an opt-out 
standard for financial privacy that was adopted after the same weak 
standard passed Congress in 1999.  Banks in opposition to opt-in 
raised over $100,000 to defeat the measure.

N.D. voters say 'no' to bank bill, Bismarck Tribune, June 12, 2002.
http://www.bismarcktribune.com/display/inn_newscurrent/nws-0.txt

Bank privacy measure fails, Grand Forks (AP), June 12, 2002.
http://www.grandforks.com/mld/grandforks/3450535.htm

North Dakota 2002 Primary Results, North Dakota Secretary of State.
http://www.state.nd.us/sec/elections/2002/primary/results/

Constitutional Measure Two (PDF), North Dakota Secretary of State.
http://www.state.nd.us/sec/pdf/referredmeasureno2ballotlang2002.pdf
---------------------------------------------------------------

Top 10 Police Database Abuses Released 

TechTV has published a "Top 10" list of police database abuses.  
They include using police data to influence elections, to stalk and 
harass women, and to plan a murder.

Top 10 List of Police Database Abuses, TechTV, June 11, 2002. 
http://www.techtv.com/cybercrime/privacy/story/0,23008,3387549,00.ht
ml
---------------------------------------------------------------

Popular Science: All Eyes Are On You 

Popular Science Magazine has published a detailed account of 
consumer profiling focusing on individuals' daily activities.  The 
article exposes the risks to privacy that we all encounter on a 
daily basis.

All Eyes Are On You, Popular Science Magazine, July 2002.
http://www.popsci.com/popsci/science/article/0,12543,260388,00.html
---------------------------------------------------------------

Microsoft Announces Hailstorm 2.0: The Palladium System 

Through its subsidiary news company, MSNBC, Microsoft has sketched 
the details of Palladium, an authentication system bundled with 
Digital Rights Management Controls.  Details of the system are not 
fully known, however, the system appears to be a repackaged version 
of Hailstorm.  As described by Microsoft, Palladium would make the 
company the gatekeeper for authentication and the use of digital 
content.

Why Intel loves Palladium, The Register, June 25, 2002.
http://www.theregister.co.uk/content/3/25892.html

The Big Secret: An exclusive first look at Microsoft's ambitious-
and risky-plan to remake the personal computer to ensure security, 
privacy and intellectual property rights. Will you buy it?, MSNBC, 
July 1, 2002.
http://www.msnbc.com/news/770511.asp?cp1=1

Digital Rights Management Operating System, Patent Number 
6,330,670, December 11, 2001.
http://patft.uspto.gov/netacgi/nph-
Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=/netahtml/srchnum.htm&r=
1&f=G&l=50&s1='6,330,670'.WKU.&OS=PN/6,330,670&RS=PN/6,330,670

Loading and Identifying a Digital Rights Management operating 
system, Patent Number 6,327,652, December 4, 2001.
http://patft.uspto.gov/netacgi/nph-
Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=/netahtml/srchnum.htm&r=
1&f=G&l=50&s1=%276,327,652%27.WKU.&OS=PN/6,327,652&RS=PN/6,327,652
---------------------------------------------------------------
 
Supreme Court Upholds Student Drug Tests 

In a 5-4 decision, the Supreme Court upheld suspicionless drug 
testing for students engaged in any type of extracurricular 
activity.  

Board of Ed. of Independent School Dist. No. 92 of Pottawatomie 
Cty. v. Earls, No. 01-332 (2002).  
http://a257.g.akamaitech.net/7/257/2422/27jun20021045/www.supremecou
rtus.gov/opinions/01pdf/01-332.pdf

Supreme Court Upholds School Drug Tests, Washington Post, June 27, 
2002.
http://www.washingtonpost.com/wp-dyn/articles/A54482-2002Jun27.html
---------------------------------------------------------------
 
Several Cities Reject PATRIOT Act 

A number of cities have passed resolutions to reject the USA 
PATRIOT Act because they believe that the federal law gives the 
government too much power.  

Patriot Revolution? Cities From Cambridge to Berkeley Reject Anti-
Terror Measure, ABC News, July 1, 2002.
http://abcnews.go.com/sections/us/DailyNews/usapatriot020701.html
---------------------------------------------------------------

Dr. Koop.com Breaks Promise, Agrees to Sell Customer Data 

Dr. Koop.com, a medical information website founded by the esteemed 
Surgeon General C. Everett Koop, is selling customer data as a 
result of bankruptcy to vitacost.com.  The privacy policy of the 
site promises opt-in protections before information is passed to 
third parties—a quote on the site by Dr. Koop reads "Privacy is 
Central to the Doctor-Patient Relationship."  However, the company 
has broken its promise, and vitacost.com will receive personal 
information unless individuals opt-out by Sunday, July 7, 2002.

Dr. Koop.com Privacy Policy.
http://drkoop.com/aboutus/policies/privacy.html

Dr. Koop.com Privacy Center.
http://drkoop.com/aboutus/privacy/

Is Drkoop taking care of privacy?, ZDNET, July 1, 2002.
http://zdnet.com.com/2100-1106-941028.html
---------------------------------------------------------------

Your Grocery List Could Spark a Terror Probe 

In a chilling article Village Voice reporter Erik Baard details how 
customer information such as grocery purchases, which were once 
collected for marketing purposes are now increasingly being used 
for law enforcement purposes. Companies are voluntarily turning 
over information to the government without even informing 
consumers, let alone obtaining their consent. The story also 
discusses the government's effort to use data-mining software to 
finger potential criminals and terrorists.

Buying Trouble Village Voice, July 30, 2002
http://villagevoice.com/issues/0230/baard.php
---------------------------------------------------------------

Office of Homeland Security Advocates Biometrics 

"Biometrics show great promise" says Steve Cooper, chief 
information officer of the Office of Homeland Security. Speaking to 
Congressional staffers and corporate lobbyists, he described how 
the Bush administration plans on extensively using biometric 
identification technology in applications ranging from airport 
travel documents to building access control. He claims, however, 
that the technology will not be used to infringe on privacy and  
civil liberties.

Privacy still a priority, officials say Federal Computer Week,  
July 29, 2002.
http://www.fcw.com/fcw/articles/2002/0729/pol-priv-07-29-02.asp

EPIC Biometrics Page.
http://www.epic.org/privacy/biometrics
---------------------------------------------------------------

Push to make juvenile records open 

William "Todd" Adams was arrested on June 14 after being accused of 
molesting four young girls at a martial-arts center. Adams was 
hired by the state after an FBI background check, which came clean. 
The girls’ parents believe that Adams has sealed juvenile records 
held information that would have prevented him from being hired. 
They are petitioning lawmakers to open juvenile records but experts 
caution that a judge must decide to release information on a case 
by case basis. "The idea is that delinquent behavior when a child 
is young should not be held against them for the rest of their 
lives," said Mark Soler of the Youth Law Center, a nonprofit law 
office that works to protect abused and at risk children. The 
campaign in Maryland is part of a growing national trend to open up 
juvenile records. Nine states now open juvenile records to the 
public without any restrictions, according to the National Center 
for Juvenile Justice. The group said another 29 states do so under 
certain conditions, for example, if the offender was older than 14, 
or if the crime was serious, such as murder or rape. 

Maryland parents push to open juvenile records CNN, July 29, 2002.
http://www.cnn.com/2002/LAW/07/29/maryland.record.check/index.html

National Center for Juvenile Justice FAQ on Confidentiality Issues
http://brendan.ncjfcj.unr.edu/homepage/ncjj/ncjj2/faq/faq.htm

Youth Law Center
http://www.youthlawcenter.com/
---------------------------------------------------------------

Oregon Woman Gets $5.3 Million for Credit Reporting Company Errors 

Thomas of Klamath Falls, Oregon first discovered problems with her 
credit report in 1996 when a number of unfamiliar, unpaid debts 
appeared. She traced the bad debts to Upton, then of Stevenson, 
Wash., and reported her discovery to Trans Union. She also 
contacted the creditors who furnished the information to Trans 
Union.  In 1999, when she applied for a mortgage, the incorrect 
information reappeared on her Trans Union report. The incorrect 
reports delayed her mortgage by three months. She had to work hard 
to get the reports cleared again without any assistance from Trans 
Union. Trans Union had deleted some incorrect accounts in 1996, but 
by 1999 had reinstated most of them, according to her attorneys.  
In a lawsuit, she was awarded over $300,000 in regular damages and 
a $5 million punitive award damage was awarded.

Klamath Falls woman awarded $5.3 million in credit dispute.
http://oregonlive.com/business/oregonian/index.ssf?/xml/story.ssf/ht
ml_stand
ard.xsl?/base/business/1028030203179750.xml

Mistakes Do Happen: Credit Report Errors Mean Consumers Lose Public 
Interest Research Group, March 1998.
http://www.pirg.org/consumer/credit/mistakes/index.htm
---------------------------------------------------------------
 
Britain’s Patriot Act type snooping laws may be illegal 

Sweeping powers enabling law-enforcement and intelligence agencies 
to demand the communications records of British telephone and 
internet users may be illegal, according to legal advice obtained 
by the Information Commissioner. The Commissioner warned the Home 
Office that the new powers may breach human rights law because 
website, email or phone logs available strictly for national 
security investigations can be accessed by police or intelligence 
officers for more minor cases such as public health and tax 
collection. Assistant Commissioner David Smith said that, “The 
upshot of it all is someone who uses Ripa powers to get access to 
retained data may be breaching human rights law." He added: "There 
is agreement generally that the Home Office was in a hurry. They 
wanted to respond to the events of September 11 and they were under 
pressure, but they could have thought these issues through more."
 
Snooping laws may be illegal Guardian, July 31, 2002.
http://politics.guardian.co.uk/homeaffairs/story/0,11026,766811,00.h
tml
---------------------------------------------------------------

GAO Releases Report on ID Theft Enforcement Results 

The General Accounting Office released a report on Identity Theft 
today. The report provides information on how Identity Theft laws 
are being enforced at the Federal and State level. The report found 
no comprehensive data on enforcement results, but finds that it is 
increasingly being seen as a serious crime. Some police 
departments, however, still consider ID theft to be a non 
traditional crime and because it happens across several 
jurisdictions they see it as someone else’s problem. Additionally, 
the report finds that state and federal agencies are not making use 
of existing data sources such as the Federal Trade Commission’s 
Consumer Sentinel Network, which collects ID Theft data in one 
central database. Investigative departments have been reluctant to 
use this information because they have limited resources and ID 
theft cases take a lot of effort for relatively light sentences. 
The upshot of the report for consumers is that while the government 
is taking some steps to crack down on ID thieves, it is clear that 
consumers need to be ever vigilant about guarding their personal 
information.

Identity Theft: Greater Awareness and Use of Existing Data Are 
Needed GAO Report 02-766, June 2002.
http://www.gao.gov/new.items/d02766.pdf

FTC ID Theft Site.  
http://www.consumer.gov/idtheft/
---------------------------------------------------------------

Fighting for Internet Privacy in Pakistan 

The government of Pakistan is drafting rules to regulate 
cybercafes. Under the rules, Pakistan's thousands of unregulated 
cybercafes will be required to register with the government. Then, 
starting a month from now, the cafes will have to ask every 
customer for proof of identity.  The idea is to provide a way of 
tracking terrorists and deny them the use of computers in perfect 
anonymity. But critics say that the Internet in Pakistan provides a 
vital new zone of privacy for young people to communicate and to 
learn things the socially strict society severely limits. Experts 
also note that terrorists are likely to easily find loopholes in 
the system, and in any event their communications are not dependent 
on cybercafes. Most people, however, access the Internet through 
cybercafes in South Asia and it is their browsing habits that will 
be recorded. Neighboring India attempted to pass similar rules last 
year, but that measure failed after widespread public criticism. 

Cybercafe Crackdown May Trip Up Leering Boys New York Times, August 
1, 2002
http://www.nytimes.com/2002/08/01/international/asia/01LAHO.html?8hp
ib
---------------------------------------------------------------

FCC: Fax.com Liable for $5.3M in Junk Faxing Fines 

The Federal Communications Commission has just issued a notice 
alleging that notorious Junkfax company, Fax.com, is liable for 
$5,379,000 in fines.  According to the FCC, Fax.com sent 
unsolicited ads 489 times to fax machines in violation of the 
Telephone Consumer Protection Act (TCPA) of 1991.  That law 
requires opt-in consent before commercial advertisements can be 
sent to fax machines.

Complaint Against Fax.com (.DOC), FCC, August 7, 2002.
http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-02-226A1.doc

EPIC Telemarketing Page.
http://www.epic.org/privacy/telemarketing/
--------------------------------------------------------------- 

How to unsubscribe from EPIC-DIGEST:

You can leave the EPIC-DIGEST by entering the subscription e-mail 
address at 
http://www.privacy.org/digest.php and 
selecting "unsubscribe." There is also an administrative page for 
changes to 
your subscription at 
https://mailman.epic.org/cgi-bin/control/epic_digest Or, you can 
send a 
blank e-mail message to epic_digest-
request@mailman.epic.org from the subscribed address with the 
following 
text 
in the subject line: unsubscribe

If you experience difficulty with subscription issues, send a 
message 
to 
digest-editor@privacy.org.
---------------------------------------------------------------

Privacy.org is a joint project of the Electronic Privacy 
Information 
Center 
(http://www.epic.org) and Privacy International 
(http://www.privacyinternational.org). For more information, e-mail 
Chris 
Hoofnagle at digest-editor@privacy.org. 
---------------------------------------------------------------

EPIC-DIGEST Privacy Policy: http://www.privacy.org/privacy.php 
--------------------------------------------------------------- 
END EPIC-DIGEST