EPIC DIGEST 04.24.01

---------------------------------------------------------------
EPIC DIGEST AT PRIVACY.ORG

EPIC-DIGEST is a weekly update of news, information, and action
items posted on privacy.org.

April 17-24, 2001

TOC------------------------------------------------------------

NEWS
FTC Prosecutes Pretexters  
Dutch Government Considers Information Safes  
CME Releases Report on COPPA Compliance  
FTC Settles Three COPPA Cases  
Privacy Advocates Meet with Attorney General  
Court Protects Anonymous Speech  
TILJ on E-SIGN, PGP, Opt-In, and CPRM  
Law Review Article Addresses Spam  
SDMI Attempts to Suppress Circumvention Paper 

ACTION
Support the Privacy Coalition's Privacy Pledge

NEWS-----------------------------------------------------------

FTC Prosecutes Pretexters

The Federal Trade Commission has filed three lawsuits to stop
information brokers from illegally obtaining privacy financial
information through "pretexting." Pretexting is the use of false
pretenses, fraudulent statements, or impersonation to obtain financial
information of another person.

As Part of "Operation Detect Pretext" FTC Sues to Halt "Pretexting", FTC
Press Release, FTC Web Site, April 18, 2001.
http://www.ftc.gov/opa/2001/04/pretext.htm

Pretexting: Your Personal Information Revealed, FTC Consumer Alert, FTC
Web Site. 
http://www.ftc.gov/bcp/conline/pubs/credit/pretext.htm

Three Charged With Selling Confidential Data in FTC Sting, Washington
Post, April 19, 2001.
http://washingtonpost.com/wp-dyn/articles/A33811-2001Apr18.html

Pretexting, Tech Law Journal Daily Report, April 19, 2001.
http://www.techlawjournal.com/alert/2001/04/19.asp

FTC v. Guzzetta d/b/a Smart Data Systems, FTC Complaint, FTC Web Site.
http://www.ftc.gov/os/2001/04/pretextingsmartdatacomplaint.pdf

FTC v. Information Search Inc. and David Kacala, FTC Complaint, FTC Web
Site.
http://www.ftc.gov/os/2001/04/pretextinginformationsearchcomplaint.pdf

FTC v. Garrett, FTC Complaint, FTC Web Site.
http://www.ftc.gov/os/2001/04/pretextingdiscreetdatacomplaint.pdf
---------------------------------------------------------------

Dutch Government Considers Information Safes

A recent commission proposal advocates the creation of digital safe
deposit boxes for Dutch citizens. Citizens, government, and law
enforcement would have access to the register of information. Citizens
would also be encouraged to store their medical and financial
information in the register.

Dutch Propose Digital Information Safes, Slashdot, April 19, 2001.
http://slashdot.org/articles/01/04/19/0339237.shtml

Digital Safe-Deposit for Dutch Citizens, Telepolis, April 17, 2001.
http://www.ct.heise.de/tp/english/inhalt/te/7393/1.html
---------------------------------------------------------------

CME Releases Report on COPPA Compliance

The Center for Media Education has released a report showing that the
Childrenąs Online Privacy Protection Act of 1998 has limited
manipulative business practices. However, protecting childrenąs privacy
online could be improved by promoting clear and prominent privacy
policies, limiting the amount of information collected, allowing
anonymous registration, and by increasing compliance with parental
consent requirements.

Children's Online Privacy Protection Act (COPPA) - The First Year, CME
Report, CME Web Site. 
http://www.cme.org/children/privacy/coppa_rept.pdf
---------------------------------------------------------------

FTC Settles Three COPPA Cases

The Federal Trade Commission has settled three cases against web sites
that violated childrenąs privacy, and ran afoul of the Childrenąs Online
Privacy Protection Act. The three sites were illegally collecting
personally identifying information from children. The three site
operators have agreed to pay $100,000 in civil penalties for the
violations and erase all personally identifying information collected
since the COPPA rule was put into effect.

FTC Announces Settlements with Web Sites That Collected Children's
Personal Data Without Parental Permission, FTC Press Release, FTC Web
Site. 
http://www.ftc.gov/opa/2001/04/girlslife.htm

The Value Of Privacy, Slashdot, April 19, 2001.
http://slashdot.org/articles/01/04/19/216243.shtml

FTC cracks down on kid's privacy offenders, ZDNet, April 19, 2001.
http://www.zdnet.com/zdnn/stories/news/0,4586,5081427,00.html

FTC Sues to Stop Gathering of Personal Data, The Standard (Computer
World), April 19, 2001.
http://www.thestandard.com/article/0,1902,23825,00.html
---------------------------------------------------------------

Privacy Advocates Meet with Attorney General

Privacy advocates met with Attorney General John Ashcroft yesterday to
discuss law enforcement surveillance. The chief topic of discussion was
Carnivore, the police Internet surveillance tool which has been employed
at least 25 times to monitor people. Attorney General Ashcroft
reportedly has not taken a stand on Carnivore.

Privacy advocates confront attorney general, Nandotimes (AP), April 19,
2001.
http://www.nandotimes.com/noframes/story/0,2107,
500474872-500728913-504136106-0,00.html
---------------------------------------------------------------

Court Protects Anonymous Speech

A federal court in Washington has denied the request of an Internet
company to learn the names of persons who anonymously criticized it in a
chat room discussion. The court held that the company had not provided
sufficient evidence to overcome the postersą First Amendment rights.

Court ruling big win for Net privacy, Seattle Times, April 20, 2001.
http://seattletimes.nwsource.com/html/businesstechnology/134286864_privacy20.ht
ml 
---------------------------------------------------------------

TILJ on E-SIGN, PGP, Opt-In, and CPRM

The Internet Law Journal has published its April 2001 issue online.
Topics include E-SIGN (Electronic Signatures), Pretty Good Privacy, the
opt-in and opt-out debate, and content protection for removable media
(CPRM).

E-SIGN and State Electronic Signature Laws: What Comes Home in The Sea
of Legislation?, TILJ, April 2001.
http://www.tilj.com/content/ecomarticle04140101.htm

Just how good is Pretty Good Privacy (PGP)?, TILJ, April 2001.
http://www.tilj.com/content/ecomheadline04140101.htm

Industry Wants to Opt Out of "Opt-In", TILJ, April 2001.
http://www.tilj.com/content/ecomarticle04140102.htm

IBM Backs Away from CPRM on Hard Drives, Focuses on Portable Media,
TILJ, April 2001. 
http://www.tilj.com/content/ipheadline04140101.htm
---------------------------------------------------------------

Law Review Article Addresses Spam

Professor David Sorkin has published a law review article on spam. The
article discusses the difficulty in defining spam, failed
self-regulatory attempts to curb spam, and possible legal and technical
solutions to address the spam problem.

Technical and Legal Approaches to Unsolicited Electronic Mail, David E.
Sorkin, University of San Francisco Law Review, 2001.
http://www.spamlaws.com/articles/usf.html
---------------------------------------------------------------

SDMI Attempts to Suppress Circumvention Paper

The Secure Digital Music Initiative (SDMI) is threatening a suit against
a Princeton University Professor for publishing a paper exposing
weaknesses in watermark technology. Digital rights management (DRM)
systems, such as SDMI and copyright protection for removable media
(CPRM) often invade privacy by requiring a purchasers of electronic
content to identify themselves and their rights to access the file.

RIAA Attacks SDMI Challenge, Cryptome.org, April 20, 2001.
http://cryptome.org/sdmi-attack.htm

DMCA and SDMI, Tech Law Journal Daily Report, April 24, 2001.
http://www.techlawjournal.com/alert/2001/04/24.asp

Record Panel Threatens Researcher With Lawsuit, New York Times, April
24, 2001 (registration required).
http://www.nytimes.com/2001/04/24/technology/24MUSI.html


ACTION---------------------------------------------------------

Support the Privacy Coalition's Privacy Pledge

The Privacy Coalition, a nonpartisan coalition of consumer, civil
liberties, educational, library, labor, and family-based groups
unveiled the Privacy Pledge last week.  The Pledge calls upon
legislators to promulgate laws that effectively protection
personal privacy.

The Privacy Pledge 
http://www.privacypledge.org/
---------------------------------------------------------------

Privacy.org is a joint project of the Electronic Privacy
Information Center (http://www.epic.org) and Privacy
International (http://www.privacyinternational.org). For more
information, e-mail Chris Hoofnagle at digest-editor@privacy.org.
---------------------------------------------------------------

How to unsubscribe from EPIC-DIGEST:

You can leave the EPIC-DIGEST by entering the subscription e-mail
address at http://www.privacy.org/digest.php and selecting
"unsubscribe." Or, you can send a blank e-mail message to
EPIC-DIGEST@lists.epic.org from the subscribed address with the
following text in the subject line: unsubscribe

If you experience difficulty with subscription issues, send a
message to digest-editor@privacy.org.
---------------------------------------------------------------

EPIC-DIGEST Privacy Policy: http://www.privacy.org/privacy.php
---------------------------------------------------------------
END EPIC-DIGEST