GLOBAL INTERNET LIBERTY
CAMPAIGN
NEWS
ISSUES
RESOURCES
ABOUT
GILC
GILC Alert
December 15, 1999
Welcome to the Global Internet Liberty Campaign Newsletter
Welcome to GILC Alert, the newsletter of the Global Internet Liberty Campaign. We are an international organization of groups working for cyber-liberties, who are determined to preserve civil liberties and human rights on the Internet.
We hope you find this newsletter interesting, and we very much hope that you will avail yourselves of the action items in future issues.
If you are a part of an organization that would be interested in joining GILC, please contact us at gilc@gilc.org.
If you are aware of threats to cyber liberties that we may not know about, please contact the GILC members in your country, or contact GILC as a whole.
Please feel free to redistribute this newsletter to appropriate forums.
Free Expression
[1] Australian net censorship plans steamroll forward
[2] Yahoo censors chat boards
[3] Seattle police get Usenet gag orders
[4] Chinese Internet dissidents sentenced
[5] Ebay attacked for sale of controversial materials
[6] U.S. cybersquatting bill passed
[7] Bulgaria drops ISP licensing plans
[8] New Zealand Commission: ISPs should be liable
[9] Thai police plot shutdown of US web server
[10] German Compuserve executive's conviction reversed
Privacy and Encryption
[11] Echelon global surveillance network comes under scrutiny
[12] Popular audio software secretly tracks users
[13] Euro wiretapping plans are back
[14] UK wiretapping bill shelved
[15] New Australian law allows police to hack private computers
[16] Australian ISP leaves passwords vulnerable, suffers break in
[17] International domain name commission wants you
[18] Paris Internet policy forum held
[1] Australian net censorship plans steamroll forward
The Australian government is roaring ahead with its plans to censor inappropriate Internet content, despite scathing criticism from Electronic Frontiers Australia (EFA--a GILC member).
The Australian Broadcasting Authority (ABA) has issued new rules regarding access to restricted websites. Under the "Restricted Access Systems Declaration 1999 (No.1)", individuals would have to register for the right to view Internet content that is likely to be rated "R". The regulations would require certain "[m]andatory data items for the electronic lodgement of an application" including "name of applicant; declaration that applicant is 18 years of age or over; and either credit card details; or digital signature". The Declaration would even force registrants to provide such things as birth certificates or passports if they want to register in paper form.
The ABA's standards are effective January 1, 2000. These regulations are part of a much larger plan to prevent anyone in Australia from accessing sites that refuse classification or are rated X. Additionally, the scheme would deny Australian children access to any R-rated websites. The list of materials that can be classified as "R" (depending upon whether the treatment is deemed unsuitable for minors) includes such subjects as "suicide, crime, corruption, marital problems, emotional trauma, drug and alcohol dependency, death and serious illness, racism, religious issues".
These moves came after EFA loudly objected to a prior draft version of these requirements. EFA had previously noted that the rules would "require users to provide personal identifying information that goes far beyond proof of age. This is likely to act as a deterrent even for genuine adults." The cyberliberties group had also suggested that the regulations might place an "administratively onerous" burden on many Internet companies. EFA had even discovered numerous technical flaws in Consultation Paper's provisions, which might make the entire scheme unworkable.
As an alternative, EFA had recommended "the ABA drop this proposal altogether and replace it with guidelines for placing warnings on web sites that may be unsuitable for children."
In related news, the Australian government has already chosen members of a new NetAlert advisory board, which will have several tasks, including the development of screening software and complaint hotlines operation. EFA immediately denounced the new body as a "Nanny committee", and expressed fears that the board was "yet another example of the paternalism exhibited by the current government. Time will tell."
The ABA's new rules for access to restricted websites can be seen at:
http://www.aba.gov.au/about/public_relations/newrel_99/130nr99.htmFor EFA's stern warnings about NetAlert, go to http://www.efa.org.au
For the Australian government's official press release concerning NetAlert, see
http://www.dcita.gov.au/nsapi-text/?MIval=dca_dispdoc=4642=NewsroomEFA's comments on a draft version of the restricted system access rules can be seen at:
http://www.efa.org.au/Publish/ABAresp9911.html
[2] Yahoo censors chat boards
Want to talk about a "controversial" subject? Don't do it on Yahoo.
Yahoo Inc. has admitted to deleting materials it deems sensitive out of its chat boards. The Internet portal operator has taken down truthful articles, even in cases whether subjects of those articles did not complain. One of Yahoo's senior producers firmly stated that the company could prohibit messages that seem to "cause confusion", without regard to whether the messages were accurate. The list of censored topics included several transmissions concerning the efficiency of Lockheed Martin Corp. and other defense contractors.
Critics immediately charged Yahoo with muzzling open discussion of serious issues. David Sobel from the Electronic Privacy Information Center (EPIC--a GILC member) suggested that ''From the user's perspective, it's the worst of both worlds.'' In particular, he cited several cases where Yahoo outed authors of Internet messages, who thought their anonymity would be protected.
For more information, see Ross Kerber, "Yahoo censoring chat boards even when postings' subjects haven't complained", Boston Globe, November 3, 1999, at D01.
[3] Seattle police get Usenet gag order
Watch out if you're in a heated online debate with someone from Washington state (US).
In Seattle, a local judge has issued what may be the first ever Internet gag order. The court prohibited one individual, Scott Abraham, from participating in discussion on the Usenet newsgroup "rec.alpine.skiing" for a year, or face felony charges. The judge will now check all postings and screen out any messages that she deems unsuitable. She even warned users to stay away from the newsgroup, or at least refrain from discussion of any subject other than Alpine skiing.
These strong measures come after a war of words arose on the Usenet newsgroup "rec.alpine.skiing". The arguments got so vicious that several participants issued death threats.
An Australian government employee, Anthea Kerrison, passed along some of these messages to Leanne Shirey, a detective with the Seattle Police Department. Shirey, who was apparently worried about possible violence related to the World Trade Organization (WTO) summit to be held in Seattle, started monitoring the newsgroup, then sent out her own message, telling "all participants in the RSA newsgroup to stop all postings that do not have to do with skiing." Curiously, the department's message contained paternalistic language such as "Ignore anything that is not friendly and ski related. Not responding in any way will make all involved the better adults."
Afterwards, Shirey encouraged one of the newsgroup users to file a complaint in Washington state court. The complaint was pursuant to a new stringent state law which was purportedly designed to prevent harassment in cyberspace. The filing of the complaint led to the judge's edicts.
A number of legal experts deplored the ruling. Shari Steele from the Electronic Frontiers Foundation (EFF--a GILC member) said that the gag order was simply "too broad. A more appropriate order would be one that prohibited threatening language in messages targeted to a specific individual."
For further information, see Craig Bicknell, "Usenet Ban a Slippery Slope?", Wired News, November 16, 1999, at http://www.wired.com/news/politics/0,1283,32550,00.html
Also see Bert H. Hoff, "When is it a Felony to Talk about Zoom Skis?", MenWeb News Services, November 12, 1999, at http://www.vix.com/menmag/gagorder.htm
For Detective Leanne Shirey's ultimatum, visit:
http://www.deja.com/=dnc/[ST_rn=ps]/getdoc.xp?AN=534130036=text
[4] Chinese Internet dissidents sentenced
Beijing is renewing efforts to stifle dissent in cyberspace.
Recently, a mainland Chinese court gave Wu Yilong an eleven year prison sentence. Wu had allegedly sent e-mail messages to several pro-democracy organizations in other countries. Prosecutors also accused him of posting articles on the Internet regarding the China Democracy Party.
This move comes as Communist China has expanded programs to intercept transmissions along the so-called Information Superhighway. According to the U.S. State Department, Chinese government "authorities often monitor telephone conversations, fax transmissions, electronic mail and Internet communications of foreign ... diplomats and journalists, as well as Chinese dissidents, activists and others."
Meanwhile, Internet use in China continues to grow. Chinese officials have suggested that the Asian power will be among the world's three largest Internet markets within the next five years.
For further information, see Kevin Platt, "'Cybercops' Police China", ABCNews.com (US), November 17, 1999, at http://more.abcnews.go.com/sections/tech/DailyNews/chinacybercops991117.html
[5] Ebay attacked for sale of controversial materials
Ebay has come under fire for allowing the sale of "offensive" materials.
The Simon Wiesenthal Center has taken the online auctioneer to task for the sale of Nazi memorabilia. The Center begged the company "to review its policy of marketing items, many of which glorify Nazism." The group pointed out German laws that prohibit the sale of such goods, even though the Center is headquartered in Los Angeles and Ebay's customers are not all located in Germany.
The associate dean of the Simon Wiesenthal Center, Rabbi Abraham Cooper, claimed his goal was "not to get Ebay indicted". However, in the past, the organization has sued other companies such as Amazon.com, attempting to thwart the sale of books it deemed distasteful.
To see the Wiesenthal Center's press release on this subject, visit http://www.wiesenthal.com/itn/pr112999.html
[6] U.S. cybersquatting bill passed
A new U.S. law may restrict the rights of Internet users to register domain names.
In a last minute flurry of legislative activity, the U.S. Congress approved a proposal that would prevent average citizens from using well-known names in Universal Resource Locators (URLs). The proposal was contained in a massive Consolidated Appropriations package (see H.Rept. 106-479). The law was supposed to stop ordinary individuals from registering multiple domain names associated with famous companies or people (e.g. www.nike.com). However, several organizations, including the Electronic Frontier Foundation (EFF--a GILC member) have voiced strong objections to such legislation because it might curtail free speech. Other observers, including certain White House officials, were concerned that the proposal might severely hamper efforts by the Internet Corporation for Assigned Names and Numbers (ICANN) to create global standards for domain names.
The bill was passed in response to several instances where registrants have relinquished their domain names in exchange for monetary compensation. The new statute does contain certain exceptions, particularly for users who register an otherwise infringing name in good faith. It remains to be seen whether this law will have an adverse impact on cyberspace, particularly on the creators of websites which protest the actions of well-known companies or individuals.
For an excerpt of the Consolidated Appropriations Act containing provisions relevant to domain names, see http://thomas.loc.gov/home/omni99/12586.txt
For the full text of the Consolidated Appropriations Act in conference report form (H.Rept. 106-479), see http://thomas.loc.gov/home/omni99/BigReport.html
To see EFF's comments regarding an earlier version of the bill, see http://www.eff.org/pub/GII_NII/DNS_control/19991025_hr3028_alert.html
ICANN's home page is located at http://www.icann.org
[7] Bulgaria drops ISP licensing plans
Bulgarian government plans to license all ISPs are no more.
Bulgarian officials tried to impose a strict set of guidelines on Internet Service Providers. The regulations included a system of taxes and fees which would have severely restricted the operations of many ISPs throughout the Eastern European country.
The Internet Society of Bulgaria (a chapter of the Internet Society--a GILC member) filed a lawsuit to forestall implementation of these proposals. A number of other groups, including the Bulgarian Association for Information Technologies and the Bulgarian Internet Association, joined the fight to prevent these measures from taking effect. Thousands of e-mail messages were sent to Bulgarian Prime Minister Ivan Kostov, protesting the new scheme.
As a result of this eleven month effort and ensuing public uproar, officials from the Bulgarian communications ministry re-categorized ISPs as "free services", essentially ending this particular effort to restrict the growth of the Internet.
For more information from the Internet Society of Bulgaria, visit http://www.isoc.bg/kpd/
[8] New Zealand Commission: ISPs should be liable
ISPs in New Zealand are bracing for a possible avalanche of lawsuits.
These preparations come after an official New Zealand law commission recommended holding Internet Service Providers liable for material that they host. This suggestion was one of several measures that were supposed "to remove the immediate barriers to electronic commerce". ISPs would lose in cases where they had "actual knowledge of existence of information on the web site which would be actionable at civil law or constitute a crime".
The Commission did suggest that any such standard should incorporate an "innocent dissemination defence". Furthermore, the board believed ISPs should not be liable "for the reposting of information by a third party that has previously been removed." However, the group would require providers to delete infringing material as soon as it was discovered. This requirement might put a great deal of strain on many Internet hosts, given the fast pace at which many messages are transmitted and posted.
For more information, see Chris Barton, "Act would make ISPs liable", New Zealand Herald, November 23, 1999, at http://www.nzherald.co.nz/nzherald99/story.cfm?theClassification=search&theStoryID=103651
[9] Thai police attempt shutdown of US web server
Thailand authorities have attempted to block public access to several American web servers, all in the name of law and order.
The Thai government has already managed to wring concessions from one Maryland (US) Internet Service Provider (ISP). The ISP deleted a website which contained fake nude photographs of several Thai actresses. Colonel Yanaphon Youngruen of the Thai Police Information System Centre admitted that the authorities had tried several elaborate techniques, in the hopes of hunting down the site's creators. Yanaphon even made the startling suggestion that "[b]anner companies, e-mails and even bank accounts need to be checked to see who the guilty person is.''
Thai officials have also made demands on GeoCities (an Internet host owned by Yahoo Inc.) to remove a website which was created by opponents of the current Thai administration. These dissidents included Pulo separatists who support greater autonomy for several southern Moslem provinces in Thailand. Yanaphon described the group as "a terrorist organization".
In addition, Thailand's Crime Suppression Division has issued a directive to 17 ISPs inside the southeast Asian country, telling them to shut out websites which contain deceptive nude photographs of Thai actresses.
For more information, see Natee Vichitsorasatra, "Porn swoop worries Net advocates", The Nation (Thailand), November 27, 1999, at http://203.146.51.4/nationnews/1999/199911/19991127/53089.html
[10] German Compuserve conviction reversed
A German court has reversed the conviction of a corporate executive for failing to block questionable Internet material.
The appeals court ruled in the case of Felix Somm, who formerly headed CompuServe Corp.'s German activities. Previously, the Munich Administrative Court had found him guilty of allowing child pornography to be sent across the network in thirteen instances. The conviction was based on the idea that Mr. Somm should have denied Compuserve customers access to various websites. However, in reversing the guilty verdict, the higher tribunal held that the technology to prevent such access was unavailable.
Observers had feared the original ruling would jeopardize free speech in cyberspace, forcing ISPs to scan through private Internet transmissions and censor out content that was deemed unsuitable.
For further information, see Imre Karacs, "Germany clears Net chief of child porn charges", The Independent (UK), November 18, 1999, at http://www.independent.co.uk/news/Digital/Update/net181199.shtml
See also "Compuserve Off the Porno Hook in Germany", eMarketer, November 22, 1999, at http://www.emarketer.com/enews/bizbit_112299.html
[11] Echelon global surveillance network comes under scrutiny
Several new efforts may help to expose the truth about a global electronic spy network, known as ECHELON.
A broad band of organizations has unveiled a new website, Echelonwatch.org, which is designed to educate the public about the activities of ECHELON. The site is administered by the American Civil Liberties Union (ACLU--a GILC member), in conjunction with several other organizations, including the Electronic Privacy Information Center (EPIC--a GILC member), the Free Congress Foundation, Cyber-Rights and Cyber-Liberties UK (a GILC member), and the Omega Foundation.
"Echelon is perhaps the most powerful intelligence gathering network in the world," said Barry Steinhardt, Associate Director of the ACLU. "But it is still very much a black box, which apparently operates without the oversight of Congress or the courts. Echelon can no longer be dismissed as an X-Files fantasy. The reports to the European Parliament make it quite clear that Echelon exists and that its operation raises profound civil liberties issues."
The homepage contains links to several documents, including answers to Frequently Asked Questions about ECHELON, as well as the aforementioned European Parliament reports.
In another related move, EPIC has sued for the release of documents regarding the legal standards by which ECHELON operates. The lawsuit was made pursuant to the United States Freedom of Information Act (FOIA). A Congressional committee had requested these documents earlier this year, but officials from the United States National Security Agency (NSA) refused to divulge this information. NSA reputedly operates ECHELON in conjunction with several other national intelligence organizations, including UK's Government Communications Headquarters (GCHQ) and Australia's Defence Signals Directorate (DSD).
To visit Echelonwatch.org, go to http://www.echelonwatch.org
For more on EPIC's press release about its FOIA efforts, see http://www.epic.org/open_gov/foia/nsa_suit_12_99.html
For further press coverage of EPIC's efforts to uncover ECHELON, see Robert Lemus, "Privacy group sues NSA over spy net", ZDNet News, December 3, 1999, at
http://www.zdnet.com/zdnn/stories/news/0,4586,2404126,00.html
[12] Popular audio software secretly tracks users
Do you use audio software on your computer? Someone else might be listening in.
Millions of people use products from RealNetworks to hear compact discs and Internet related audio files. What these people didn't know was that the company assigned identification numbers to its customers, then apparently tracked their activities through the Information Superhighway.
After RealNetworks admitted to these practices, aggrieved users filed two class action lawsuits against the software maker. The plaintiffs claimed the firm had engaged in fraud, unfair business practices, invasions of privacy and violations of consumer protection laws. In one of these suits, filed in California state court, the alleged victims of the tracking scheme asked for $500 million.
Since the revelations, the company has offered an upgrade that allows users to blank out ID numbers from its products with zeroes. However, in spite of these disclosures, TrustE, an industry-based initiative to ensure computer privacy, refused to withdraw its seal of approval from RealNetworks' website.
For more information, see Courtney Macavinta, "Real Faces Second Privacy Suit", CNET News.com, November 10, at http://abcnews.go.com/sections/tech/cnet/cnet_realsuit991110.html
[13] Euro wiretapping plans are back
Previously discarded plans to create a European surveillance system have been resurrected.
These plans, known as ENFOPOL, had been dropped several months ago. However, new proposals in Germany and Austria have helped breathe new life into these proposals. Under the new version of ENFOPOL, rather than building a unified surveillance network in one fell swoop, communications interception facilities reportedly will be built on a national basis at first. "Legal assistance" treaties between constituent countries will then ensure standardization and cooperation between these facilities.
Many of the basic ideas for a European tapping network apparently had been agreed upon several weeks ago, in a Moscow meeting of representatives from the G-8 nations. The new system is likely to become operational within two to three years.
For more information in German, see Christiane Schulzki-Haddouti, "Information is the raw material of police work", Telepolis, November 26, 1999, at http://www.heise.de/tp/deutsch/inhalt/te/5532/1.html
For an English translation of Schulzki-Haddouti's article, see http://cryptome.org/eurointerpol.htm
For additional documents on ENFOPOL, visit http://cryptome.org/enfopol-fipr.htm
Further background information is available at http://archiv.quintessenz.at/archiv/msg00612.html http://archiv.quintessenz.at/archiv/msg00569.html
[14] UK wiretapping bill shelved
After intense public criticism, the British government temporarily withdrew its attempt to expand its surveillance powers in cyberspace.
Several months ago, the UK Home Office had proposed new sweeping changes in the way law enforcement agencies obtain permission to intercept private communications. These changes were included in an Electronic Communications Bill, which was supposed to improve e-commerce. Under the proposal, individuals who refused to provide computer encryption keys to the police when asked could be sent to jail for up to two years. ISPs would have to stay silent about government surveillance or face five year prison sentences. The bill would also have decreased security for private e-mail messages.
These measures were blasted by many experts in the field. An audit commissioned by the Foundation for Information Policy Research (FIPR) and Justice severely criticized the bill for its deleterious impact on civil liberties. Among other comments, the report noted the proposal's profoundly negative effect on the right to a fair trial and the right against self-incrimination. The authors of the audit also asserted that the government's plans did not provide enough safeguards against potential government abuse.
British officials have admitted to these concerns, but have expressed hope of reviving the proposals within the next few months.
For further details, see Madeleine Acey, "U.K. Bill Combines E-Spying, Crypto Control", TechWeb, November 17, 1999, at http://www.techweb.com/wire/story/TWB19991117S0009
The FIPR's opinion is available at http://www.fipr.org/ecomm99/ecommaud.html
More background information is available from Richard Reeves, "Police power to read e-mails 'is breach of rights'", (London) Observer, October 24, 1999, at
http://www.newsunlimited.co.uk/observer/uk_news/story/0,3879,95331,00.html
[15] New Australian law allows police to hack private computers
The Australian parliament has enacted new laws which may make it easier for government authorities to break into private computers.
The proposals were included in the Australian Security Intelligence Organisation (ASIO) Amendment Bill of 1999. Provisions in the bill allow the Australian government to intrude on non-governmental computer systems and alter any data contained within. Theoretically, such alteration is only allowed to the extent "necessary" to permit government tapping. However, the measure includes expansive language as to the magnitude of government power in these matters, allowing the authorities to engage in any and all activities that are "reasonably incidental."
<>Many observers fear that the ASIO bill will amount to the legitimatization of Big Brother in the digital arena. Greg Taylor of Electronic Frontiers Australia (EFA--a GILC member) said, "I hate to use the word 'Orwellian,' but I can't think of anything better to describe this." He called the legislation "another stop down the path of legalized surveillance of all information by authorities."
For further details, see Stewart Taggart, "Orwellian Nightmare Down Under?", Wired News, December 4, 1999, at http://wired.lycos.com/news/politics/0,1283,32853,00.html
See also William Maher, "Parliament passes ASIO bill", Newswire, November 26, 1999 at http://www.newswire.com.au/9911/asio.htm
[16] Australian ISP leaves passwords vulnerable, suffers break in
Think your Internet passwords are safe? Think again.
Optus is one of the biggest Internet Service Providers in Australia. In a surprising turn of events, the company left unprotected a massive file that contained the login passwords to everyone of its customers--nearly 100,000 in all. After a later "unauthorised intrusion", the ISP told its users to change their passwords, admitting that the security of the network had been compromised. Strangely enough, Optus only issued the warning a full 18 hours after it became aware of the problem. The firm even went so far as to contact the authorities regarding the incident.
Since then, Optus claims it has repaired the breach. The exact extent of the damage to its users, however, is not yet known.
Full story at David Akin, "Optus calls police after ISP breached", ABC News Online(Australia), November 4, 1999, at http://www.abc.net.au/news/science/internet/1999/11/item19991103191534_1.htm
[17] International domain name commission wants you
Want to say something about how domain names are created?
The Internet Corporation for Assigned Names and Numbers (ICANN) is looking for volunteers to serve on its Membership Implementation Task Force. ICANN was created several years ago to deal with several Internet protocol related issues, including domain name registration.
The official role of this Task Force is to "generate and implement strategies for outreach and recruitment of a broad and numerous membership that is globally representative of the Internet user community; design effective membership authentication and online election procedures; and undertake such other membership implementation responsibilities as may be assigned to it by the Board or the President."
The deadline for "Expressions of Interest" is December 21, 1999.
Further information on ICANN's plans can be seen at http://www.icann.org/at-large/call-1dec99.htm
Expressions of Interest should be sent to Andrew McLaughlin at mclaughlin@icann.org
[18] Paris Internet policy forum held
On November 27, Imaginons un Reseau Internet Solidaire (IRIS--a GILC member) sponsored a forum in Paris to discuss future Internet policy. At this conference, the participants approved a motion designed to promote "non-commercial interests and solidarity" throughout cyberspace.
Among the adopted principles was the idea that "[r]espect for individual and public liberties ... should prevail over all other considerations." The group expressed the belief that "[c]ontent labelling cannot be accepted except in a voluntary and positive manner." The motion also contained language stating "The protection of fundamental rights of citizens takes place through the guarantee of confidentiality--which includes the total liberalization of cryptography and the non-traceability of messages--as well as by the strictest protection of their personal data."
The full text of this motion (in French) is located at: http://www.assises.sgdg.org/motion-finale-assises99.html
An English translation of this statement is available at: http://www.assises.sgdg.org/motion-assises99-en.html
ABOUT THE GILC NEWS ALERT:
The GILC News Alert is the newsletter of the Global Internet Liberty Campaign, an international coalition of organizations working to protect and enhance online civil liberties and human rights. Organizations are invited to join GILC by contacting us at gilc@gilc.org. To alert members about threats to cyber liberties, please contact members from your country or send a message to the general GILC address.
To submit information about upcoming events, new activist tools and news stories, contact: GILC Coordinator, American Civil Liberties Union 125 Broad Street 17thFloor, New York, New York 10004 USA. email: gilcedit@aclu.org
More information about GILC members and news is available at http://www.gilc.org. You may re-print or redistribute the GILC NEWS ALERT freely. To subscribe to the alert, please send an mail to gilc-announce@gilc.org with the following message in the body: subscribe gilc-announce
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)