roundtable: EPIC Alert 3.19 Forum
roundtable: EPIC Alert 3.19
EPIC Alert 3.19
Marc Rotenberg (rotenberg@epic.org)
22 Nov 1996 11:19:25 -0500
Message-Id: <n1363460602.71281@epic.org>
Date: 22 Nov 1996 11:19:25 -0500
From: "Marc Rotenberg" <rotenberg@epic.org>
Subject: EPIC Alert 3.19
To: "Persons" <Persons@epic.org>
=============================================================
@@@@ @@@@ @@@ @@@@ @ @ @@@@ @@@@ @@@@@
@ @ @ @ @ @ @ @ @ @ @ @
@@@@ @@@ @ @ @@@@@ @ @@@ @@@ @
@ @ @ @ @ @ @ @ @ @ @
@@@@ @ @@@ @@@@ @ @ @@@@ @@@@ @ @ @
==============================================================
Volume 3.19 November 21, 1996
--------------------------------------------------------------
Published by the
Electronic Privacy Information Center (EPIC)
Washington, D.C.
http://www.epic.org/
=======================================================================
Table of Contents
=======================================================================
[1] New Executive Order on Cryptography
[2] CDA Plaintiffs Ask Supreme Court to Affirm Decision
[3] Court Rules AOL Not Subject to First Amendment in Junk Mail Case
[4] EPIC Files Brief in Support of Crypto Rights
[5] FTC to Investigate Online Privacy
[6] NY Censorship Law Goes Into Effect
[7] Senators and Congress Criticize Clipper 4 Proposal
[8] Upcoming Conferences and Events
=======================================================================
[1] New Executive Order on Cryptography
=======================================================================
The White House announced on November 15 a new Executive Order on
cryptography. The Executive Order on the Administration of Controls on
Encryption Products directs the issuance of new regulations governing
export controls on cryptography. The provisions of the Order will take
effect upon the promulgation of final regulations implementing the changes
in the export regime.
The new regulations will likely retain many of the restrictions on
exporting cryptographic devices. The order finds that: "the export of
encryption products described in this section could harm national security
and foreign policy interests even where comparable products are or appear
to be available from sources outside the United States."
Under the Executive Order, control over exports of encryption products will
be transferred from the Department of State to the Department of Commerce.
At the same time, the Department of Justice will be given an expanded role
in determining whether encryption products can be exported. A Justice
Department representative will sit on all relevant review bodies and will
be a voting member of the Export Administration Review Board. Export
controls lawyers believe that this could result in fewer export approvals
given the previous positions of the Justice Department on the public
availability of strong encryption. Public disclosure or judicial review of
decisions to grant an export license is precluded because it would
purpertedely "reveal or implicate classified information that could harm
United States national security and foreign policy interests."
An accompanying memorandum also indicates that under the final implementing
regulations, source code will be controlled in the same manner as finished
products. Such restrictions may apply to books such as EPIC advisory board
member Bruce Schneier's "Applied Cryptography."
The final regulations will also require that any person who makes
encryption software available by means of "electronic bulletin boards and
Internet file transfer protocol sites" must "take precautions adequate to
prevent the unauthorized transfer of such code outside the United States."
This langauge is broader than the current provision in the International
Trafficing in Arms Regulations and may leave Online Service Providers,
bulletin board operators, and others subject to prosecution.
In a separate announcement, Vice President Gore announced that David Aaron,
the US Permanent Representative to the OECD, would be appointed Special
Envoy for Cryptography Policy. It is anticipated that Mr. Aaron will
attempt to promote key escrow encryption through bilateral and
multilaterial negotation. The United States has beenpressuring the OECD to
accept key escrow as an international standard. Previously, US lobbying
efforts have been led by the Justice Department and the NSA.
A detailed analysis by EPIC and more information on the Executive Order is
available at:
http://www.epic.org/crypto/export_controls/
=======================================================================
[2] Plaintiffs Ask High Court to Affirm CDA Decision
=======================================================================
On October 31, the plaintiffs in ACLU v. Reno filed a motion
asking the Supreme Court to affirm a lower court decision
that rejected as unconstitutional a law that allowed the government
to censor the Internet. The motion urged the Court to issue a
"summary affirmance" -- a finding that the lower court decision
issued in Philadelphia on June 12 was correct and therefore
does not merit further examination. EPIC is participating as both
a plaintiff and co-counsel in the landmark litigation.
The Communications Decency Act (CDA) was enacted as part of the
telecommunications reform legislation signed into law in February.
It makes it a crime, punishable by up to two years in jail and/or
a $250,000 fine, for anyone to engage in speech that is "indecent"
or "patently offensive" on computer networks if the speech can be
accessed or viewed by a minor. The plaintiffs argued -- and the
three-judge lower court panel agreed -- that because there is no
way to shield minors alone from online "indecency," the CDA
amounts to a criminal ban on constitutionally protected
communication among adults.
The text of the plaintiffs' motion to affirm, and other material
relevant to the litigation, is available at:
http://www.epic.org/free_speech/CDA/
=======================================================================
[3] First Amendment Ruling Issued in AOL Spam Case
=======================================================================
In an effort to provide some relief to subscribers besieged by
unsolicited commercial e-mail (or "spam"), America Online
blocked incoming mail originating from one of the biggest
commercial spammers, Cyber Promotions, Inc. Cyberpromotions
claimed that it had a right to provide information to AOL
subscribers. Not surprisingly, the dispute ended up in court, with the
mass-mailer arguing that AOL
was violating its First Amendment right to free speech.
A federal judge in Philadelphia issued a decision on November 4,
upholding AOL's right to block unsolicited commercial e-mail
addressed to its subscribers. Noting that the First Amendment's
free speech protections apply only to governmental entities, the
court examined AOL's activities and concluded that:
Although AOL has technically opened its e-mail system
to the public by connecting with the Internet, AOL has
not opened its property to the public by performing any
municipal power or essential public service and, therefore,
does not stand in the shoes of the State.
In other words, AOL operates a private forum and is thus subject
to the First Amendment. Unlike the government, said the court,
the online service can restrict speech within its borders. While
many AOL subscribers will likely welcome the immediate effect of
the decision -- relief from unwanted junk e-mail -- its long-term
consequences could include increased censorship by AOL and other
online services.
The text of the decision in Cyber Promotions, Inc. v. America
Online is available at:
http://www.epic.org/free_speech/
=======================================================================
[4] EPIC Files Brief in Support of Crypto Rights
=======================================================================
EPIC has filed a friend-of-the-court brief in support of computer security
expert Philip Karn's case against the State Department challenging crypto
export controls. Karn is testing the constitutionality of export
regulations that require a license before cryptographic source code can be
sent out of the country.
The brief argues that cryptographic source code is speech protected by
the First Amendment. Secondly, it argues that the current system of
licenses constitutes a prior restraint of speech prohibited by the
First Amendment.
The brief was also endorsed by the ACLU, the Internet Society and
the U.S. Public Policy Committee of the Association for Computing (USACM).
Oral Arguments in the case are scheduled to be heard on January 10,
1997, before the U.S. Court of Appeals for the District of Columbia Circuit.
A copy of the brief and additional information is available at:
http://www.epic.org/crypto/export_controls/
=======================================================================
[5] FTC to Investigate Online Privacy
=======================================================================
The Federal Trade Commission has been asked by three U.S. Senators to
investigate online privacy and report back to Congress with
recommendations. The senators, Richard Bryan (D-NV), Larry
Pressler (R-SD) and Fritz Hollings (D-SC), who sit on the Senate
Commerce Committee, sent the letter on October 8.
The letter asks the FTC to conduct research into online privacy
issues in the wake of the controversy over the LEXIS P-TRAK database.
The FTC had originally requested legislation to address the issue.
The letter requests that the FTC "investigate the compilation, sale,
and usage of electronically transmitted data bases that include
identifiable personal information of private citizens without their
knowledge." The FTC will focus on the rights of users and possible
abuses in online databases; its report is due in six months.
A copy of the letter to the FTC and more information on P-TRAK is
available at:
http://www.epic.org/privacy/
=======================================================================
[6] NY Censorship Bill Goes Into Effect
=======================================================================
A new law in New York State on Internet censorship went into effect on
November 1. The new law bans the distribution of "indecent" speech
that is "harmful to minors" if the person "intentionally uses any
computer communications system allowing the input, output, examination
or transfer, of computer data or computer programs from one computer to
another, to initiate or engage in such communications with a person who
is a minor."
The law provides defenses if the recipient or audience to an allegedly
obscene performance, consisted of persons or institutions having
scientific, educational, governmental or other similar justification
for possessing, disseminating or viewing the same." It also creates
defenses for using filtering software and identification of users to
verify their age.
The law is similar to the Communications Decency Act that was struck
down by two federal courts. New York Governor George Pataki signed into
law on September 4. The ACLU is currently gathering information for a
court challenge.
More information on Internet censorship is available from:
http://www.epic.org/free_speech/censorship/
=======================================================================
[7] Congress Criticizes Clipper 4 Proposal
=======================================================================
A bi-partisan group of twenty-one Senators and Congressmen wrote the
White House on October 15 criticizing the administration's Clipper 4
proposal. The group, led by Sen. Conrad Burns (R-MT) and Sen. Ron Wyden
(D-OR)
called the proposal "flawed" and stated, "We fear these defects will
continue to leave U.S. companies at a disadvantage in the world market".
The letter calls on the White House to work with Congress and public
interest groups and states that oversight hearings on crypto policy
will be held when Congress returns.
A copy of the letter and more information on the administration's
key escrow policy is available at:
http://www.epic.org/crypto/key_escrow/
=======================================================================
[8] Upcoming Conferences and Events
=======================================================================
"1997 RSA Data Security Conference." January 28-31, 1997. San Francisco,
CA. Contact: http://www.rsa.com
"Financial Cryptography 1997 (FC97)." February 24-28, 1997. Anguilla, BWI.
Sponsored by International Association for Cryptologic Research.
http://www.cwi.nl/conferences/FC97
"CFP97: Commerce & Community." March 11-14, 1997. Burlingame,
California. Sponsored by the Association for Computing Machinery.
Contact: cfp97@cfp.org or http://www.cfp.org
"Eurosec'97: the Seventh Annual Forum on Information Systems Quality
and Security. "March 17-19. 1997. Paris, France. Sponsored by XP
Conseil. Contact: http://ourworld.compuserve.com/homepages/eurosec/
"Ethics in the Computer Society" The Second Annual Ethics and Technology
Conference. June 6-7, 1997. Chicago, Ill. Sponsored by
Loyola University Chicago. http://www.math.luc.edu/ethics97
INET 97 -- "The Internet: The Global Frontiers." June 24-27, 1997.
Kuala Lumpur, Malaysia. Sponsored by the Internet Society. Contact:
inet97@isoc.org or http://www.isoc.org/inet97
"AST3: Cryptography and Privacy." September 15, 1997. Brussels, Belgium.
Sponsored by Privacy International and EPIC. Contact: pi@privacy.org.
"International Conference on Privacy." September 23-26, 1997.
Montreal, Canada. Sponsored by the Commission d'Acces a l'information
du Quebec.
(Send calendar submissions to alert@epic.org)
=======================================================================
The EPIC Alert is a free biweekly publication of the Electronic
Privacy Information Center. To subscribe, send email to
epic-news@epic.org with the subject: "subscribe" (no quotes)
or use the subscription form at:
http://www.epic.org/alert/subscribe.html
Back issues are available via http://www.epic.org/alert/
=======================================================================
The Electronic Privacy Information Center is a public interest
research center in Washington, DC. It was established in 1994 to focus
public attention on emerging privacy issues such as the Clipper Chip,
the Digital Telephony proposal, national id cards, medical record
privacy, and the collection and sale of personal information. EPIC is
sponsored by the Fund for Constitutional Government, a non-profit
organization established in 1974 to protect civil liberties and
constitutional rights. EPIC publishes the EPIC Alert, pursues Freedom
of Information Act litigation, and conducts policy research. For more
information, email info@epic.org, HTTP://www.epic.org or write EPIC,
666 Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. +1 202 544
9240 (tel), +1 202 547 5482 (fax).
If you'd like to support the work of the Electronic Privacy
Information Center, contributions are welcome and fully
tax-deductible. Checks should be made out to "The Fund for
Constitutional Government" and sent to EPIC, 666 Pennsylvania Ave.,
SE, Suite 301, Washington DC 20003. Individuals with First Virtual
accounts can donate at http://www.epic.org/epic/support.html
Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the
right of privacy and efforts to oppose government regulation of
encryption and funding of the National Wiretap Plan.
Thank you for your support.
---------------------- END EPIC Alert 3.19 -----------------------
![[CNI Home Page]](/Images/home.gif)