Computer underground Digest Sun June 6 1999 Volume 11 : Issue 25

Computer underground Digest    Sun  6 June, 1999   Volume 11 : Issue 25
                           ISSN  1004-042X

       Editor: Jim Thomas (
       News Editor: Gordon Meyer (
       Archivist: Brendan Kehoe
       Curry Editor:       Etaion Shrdlu, III
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Cu Digest Homepage:

CONTENTS, #11.25 (Sun, 6 June, 1999)

File 1--Where's CuD been?
File 2--Encryption's Bounty
File 3--Australian Surveillance (Excerpt)
File 4--Internet Society Censors the Press
File 5--[B92press] NetAid 2 - Press Release
File 6--Censorware Project protests FCC page on blocking software
File 7--EPIC Alert 6.08
File 8--Cu Digest Header Info (unchanged since 10 Jan, 1999)



Date:    Mon, 07 Jun 99 11:52 CDT
From:    Cu Digest 
Subject: file 1--Where's CuD been?

We've received many, many inquiries asking about the absence of
CuDs for the list two months or so. The problem has simply been a
continuing time crunch. Writing projects, teaching, conferences,
and developing a few new on line courses, and other time drains
have left little time for much else.

Many of the items sent by readers in the past few months are now
dated. I apologize for not getting them into print.  Each week,
it seemed as if a CuD could be sent out, but each week something
"urgent" took up "CuD time."

With luck, we'll be back on track in the next few weeks, and with
this issue, we'll start to clear out some of the still-relevant

Within the next 3 weeks, we will have a special issue or two
on online education and the ethics of online research.

Thanks for all the inquiries, and as usual, thanks for all the
supportive email.



Date: Mon, 17 May 1999 03:38:21 GMT
Subject: file 2--Encryption's Bounty

The SLAC Bulletin consists of occasional updates to Sex, Laws and Cyberspace,
by Jonathan Wallace and Mark Mangan (Henry Holt 1996), about Internet
censorship. To subscribe to the list, point your browser to Unsubscription information
appears at the bottom of this message.

ENCRYPTION'S BOUNTY: Victory in Bernstein

By Jonathan Wallace
May 16, 1999

A federal appeals court has confirmed that source code is a form of
expression protected by the First Amendment. The case, Bernstein
v. Department of Justice, involved a challenge to the federal regulations
restricting the export of software which includes strong encryption.

Plaintiff Daniel J. Bernstein is a professor of computer science at the
University of Illinois, Chicago. As a doctoral student some years ago, he
developed an encryption method which he called Snuffle--"a zero-delay
private-key stream encryptor based upon a one-way hash function".
He then sought guidance from the State Department on whether he could
distribute information about Snuffle internationally. The government
replied that  Snuffle was a "munition" under the International Traffic in
Arms regulations ("ITAR"). This meant that an export license would be
required (and impossible to obtain) if Bernstein wished to send source
code or even a paper explaining Snuffle to a conference overseas.

Why is our government so fearful of its cotizens exporting crypto? The
Ninth Circuit Court of Appeals quotes a "high ranking State Department

"Policies concerning the export control of cryptographic products
are based on the fact that the proliferation of such products
will make it easier for foreign intelligence targets to deny the
United States Government access to information vital to national
security interests."

In other words, the use of strong crypto by intelligence targets
makes spying harder.

Government regulations even banned the posting of cryptographic
information on the Internet because it could then be downloaded
from anywhere. If you post source code on a server here in the United
States and a citizen of France downloads it, an illegal export has occurred.

Over the years, U.S. government crypto policy has had the unintended
consequence of making our software companies less competitive, while
entirely failing to limit the availability of strong encryption overseas.
For some years U.S. companies were not allowed to export products that
used stronger than 64-bit keys. Since consumers of business communication
products (for example, Lotus Notes) wanted a stronger encryption feature, they
increasingly turned to competing products from France and elsewhere.
Ultimately, U.S. companies hit on the work-around of developing their
own encryption products overseas, then importing them into the United
States--an approach that was perfectly legal and highlighted the senselessness
of the U.S. export regulations.

The court held that the export licensing requirements for encryption
source code were an unconstitutional prior restraint under the First

Anyone who has closely studied the process by which courts adjudicate
constitutional matters knows that cases are won by means of persuading
judges to place new matters in old pigeonholes. The
innovative lawyers in the Bernstein case persuaded the court
hold that computer source code is First Amendment speech. Once this
was established, the rest of the case fell into place very easily.
Bernstein had been required to seek a federal licence to speak. "Pre-publication
licensing schemes" have a long and disfavored history in this country.

Why is source code speech? "The distinguishing feature of source code,"
said the court, "is that it is meant to be read and understood by humans
and that it can be used to express an idea or a method." It found that
source code is a particularly appropriate way of describing cryptographic
ideas, better than plain English or straightforward mathematical
notation: "By utilizing source code, a cryptographer can express algorithmic
ideas with precision and methodological rigor that is otherwise difficult to
achieve." An advantage of source is that it facilitates peer review;
the code can be compiled and tested by others. Although not required for
First Amendment protection, the court noted that Snuffle "was also intended,
in part, as political expression." Bernstein was deliberately challenging
ITAR by creating code which utilized a one-way hash function--an
approach he believed was not restricted by the existing regulations.

The government did not deny that source code is a form of human
expression, but claimed that the regulations were aimed only at the
functional ability of source code to direct a computer after being compiled
into object code. The court rejected this: "The government's argument,
distilled to its essence, suggests that even one drop of
'direct functionality' overwhelms any constitutional protections that
expression might otherwise enjoy. This cannot be so."

Bernstein won his battle the moment he convinced the court that source code
is speech. In a string of cases beginning with Near v. Minnesota
in 1917, and continuing through more recent disputes involving
the Pentagon Papers and Progressive magazine's attempt to publish
nuclear information, federal courts have usually fended off government
attempts to prevent publication of protected speech.

Similarly to the Bernstein case, most prior restraint cases
involve national security matters. However, the Supreme Court in
the Pentagon Papers case had noted that
national security concerns only justify a prior restraint when
publication would "surely result in direct, immediate, and irreparable damage
to our Nation or its people."  Here the government had failed to
argue that the international publication of Snuffle would
"directly and immediately imperil national security."

Schemes of prior restraint may, however, survive constitutional
attack if the due process rights of the speaker are respected. In 1965,
the Supreme Court formulated a test under which a prior
restraint might be found constitutional: (1) any restraint must be
for a specified brief period of time; (2) there must be expeditious
judicial review; and (3) the censor must bear the burden
of going to court to suppress the speech in question and must also
bear the burden of proof (Freedman v. Maryland, 380 U.S. 51 (1965)).

The appeals court found that ITAR flunked the Freedman test.
Although the regulations required that an export license
decision be made within 90 days, the agency might simply decide
to refer the application to the President, who could sit on it
forever. Secondly, ITAR denied the opportunity for prompt
judicial review, because an administrative appeals process,
also not bounded by time limits, was required before litigation
could commence.

"We conclude," said the court, "that the challenged regulations allow the
government to restrain speech indefinitely with no clear
criteria for review. As a result, Bernstein and other scientists
have been effectively chilled from engaging in valuable scientific expression."

The court went on to offer some social underpinnings
for its decision. It noted that a rise in surveillance of
cell phones, email and electronic commerce transactions has brought
"our ability to shield our affairs from prying eyes" to a new low.
"The availability and use of secure encryption may
offer an opportunity to reclaim some portion of the privacy
we have lost." We are each, said the Court, the potential
recipients of "encryption's bounty."


Date: Thu, 27 May 1999 20:28:09 -0500
From: James R Black 
Subject: file 3--Australian Surveillance (Excerpt)

the following url may be of interest.  thanx for your terrific
work always!
james black


((CuD Moderators' note: Here's an exceprt))

   Sunday 23 May 1999 [INLINE]

Careful, they might hear you


     Australia has become the first country openly to admit that it
     takes part in a global electronic surveillance system that
     intercepts the private and commercial international communications
     of citizens and companies from its own and other countries. The
     disclosure is made today in Channel 9's Sunday program by Martin
     Brady, director of the Defence Signals Directorate in Canberra.

     Mr Brady's decision to break ranks and officially admit the
     existence of a hitherto unacknowledged spying organisation called
     UKUSA is likely to irritate his British and American counterparts,
     who have spent the past 50 years trying to prevent their own
     citizens from learning anything about them or their business of
     ``signals intelligence'' - ``sigint'' for short.

     In his letter to Channel 9 published today, Mr Brady states that
     the Defence Signals Directorate (DSD) ``does cooperate with
     counterpart signals intelligence organisations overseas under the
     UKUSA relationship".

     In other statements which have now been made publicly available on
     the Internet (, he also says that DSD's purpose ``is
     to support Australian Government decision-makers and the Australian
     Defence Force with high-quality foreign signals intelligence
     products and services. DSD (provides) important information that is
     not available from open sources".

     Together with the giant American National Security Agency (NSA) and
     its Canadian, British, and New Zealand counterparts, DSD operates a
     network of giant, highly automated tracking stations that illicitly
     pick up commercial satellite communications and examine every fax,
     telex, e-mail, phone call, or computer data message that the
     satellites carry.



Date: 3 Jun 1999 00:22:08 GMT
From: rh120@WATSUN.CC.COLUMBIA.EDU(Ronda Hauben)
Subject: file 4--Internet Society Censors the Press

Sadly the Internet Society doesn't seem to value a diversity
of viewpoints and is penalizing our newsletter and its editors
by denying us press passes this year.

I want to bring to your attention the Internet Society's
(ISOC) refusal to grant editors of the Amateur Computerist
a press pass for this coming INET '99.

We wrote a criticism of what happened at the IFWP meeting
last year and also an article about INET '98 pointing
out that there was a narrow agenda for the topics for
the conference which left out consideration of library issues,
community networking issues and other such public concerns
about the current and future state of the Internet.

Apparently, those in the press who are critical of ISOC's
narrow agenda lose the right to press passes to their

We were encouraged to apply for the press pass and to send
an issue of the Amateur Computerist. After the issue was
received, our application was rejected.

Editors of the Amateur Computerist have attended two previous
ISOC conferences on a press pass INET '96 and INET '98 and
reported on both conferences in the Amateur Computerist and
in accounts that went out over the Internet and are in
various other online or periodical journals.

We have more than fulfilled any criteria given by ISOC to be
entitled to a press pass, but are being denied press passes.

ISOC's narrow agenda of support for ecommerce as the present and
future of the Internet is a deliberate effort to deny the public
their ability to have public purposes and public participation
on the present and future Internet.

Also several of those in the Internet Society leadership have been
active promoting ICANN to take over essential functions of the Internet
in the interests of some hidden private sector entities.

One of the reasons that I have been told that a press pass
was denied is for participating in the IFWP meetings
(chaired by David Maher) after the INET '98 meeting.

At the INET '98 press conference all the press were invited
to participate in and cover the IFWP meeting which followed
INET '98.

Also after talking with Jon Postel after the press conference
last year about that users were being disenfranchised by the plan
creating ICANN, he said to go to the IFWP meeting and to make these
concerns known.

There was an effort to do so.

The response by an official of ISOC was to tell an editor
of the Amateur Computerist that she wasn't allowed
to participate in the IFWP meeting or that she would have to give
up her press pass.

That was a criteria distinctly different from what had
been announced at the press conference and also from
a criteria applied to anyone else from the press.

ISOC it seems has enpowered people to make up the rules
as they go along and to try to deprive the press of
any right to a critical reporting of what happens
or else one will lose ones press pass.

The Internet Society is supposedly created to education
the public about the Internet. However, it has done
all it can to hide what is happening with the creation
of ICANN to take over essential functions of the Internet
from the cooperative and public way they were previously
owned and controlled.

We have asked for a way to appeal this denial and
have not been given any procedure to do so.


For the issue of the Amateur Computerist reporting on
INET '98 see

About ICANN, See Cone of Silence by John Horvath


Date: Sun, 6 Jun 1999 21:38:51 +0200 (CEST)
Subject: file 5--[B92press] NetAid 2 - Press Release


June 4, 1999


FREE B92 ANNOUNCES - NETAID 2 - June 15, 1999

'Gather together with us in cyberspace, where everybody is listening to

The Free B92 team invites you to join us for the second installment of
NetAid - the unique live webcast that last month sent sounds and lifted
spirits around the globe. NetAid - 2 takes place on June 15, 1999, on
the following URL:

This 24-hour live music forum follows the great success of the NetAid -
1, which was held on May 15, 1999, on the 10th birthday of the banned
independent Belgrade broadcaster - B92. Highlights from NetAid - 1
include Sonic Youth in concert, a live stream from Mike Watt in
California, a specially recorded song by Anastasia, the dedicated
broadcast of Vienna's FM4 to NetAid, and exclusive mixes by John
Acquaviva, Charlie Hall, Miles Hollway, B.L.I.M., Jamie Myerson,
Electric Indigo and others.

NetAid is primarily an artistic venture, which seeks to harness the
creative energy of music to counter the forces of destruction and to
express the power of peace. NetAid is not a typical benefit action, as
the primary goal is to collect music and to benefit from your art rather
than from your money.



We need exclusive music that represents you - it could be anything, from
one song to a whole concert. We accept your MP3 files, CDs, MD and DAT
tapes, from any sound source. If you can organize a live stream from
your studio, just let us know!

Material can be sent to our snail mail address:
Help B92/NetAid
De Balie
Kleine-Gartman Plantsoen 10
1017 RR Amsterdam
The Netherlands

Our e-mail address (Gordan Paunovic, event organiser) is:

For further details on FTP or Real Audio Server, please write to the
above e-mail address.

Support messages

If you support NetAid, and our goal to oppose the use of violence as a
means to solve political problems, and are not able to organize a live
stream session or send us any music right now, you can still join in.
Just send us a support message to our voice box at the following number:

+31 20 4216439

For more info. on Free B92 and our NetAid archives check out our

Thank you for you support, and see and hear you on NetAid - 2, June 15,

FreeB92-NetAid team


Date: Tue, 25 May 1999 23:20:00 -0400
From: Jonathan Wallace 
Subject: file 6--Censorware Project protests FCC page on blocking software

 "The FCC decision to post a section on 'Browsing the Internet Safely:
Software Filters' is
highly inappropriate. We hope you will reconsider the necessity of this
section of the webpage, or at the very least remove what amounts to
product endorsements and add links to sites that expose their inherent
flaws. To do otherwise will mislead parents into thinking - despite your
brief disclaimer - that the problem of 'browsing the internet safely'
can be wholly  and easily solved by purchasing a piece of software."


Full text is at

(CuD Moderator's note: Here's the letter):

     May 16, 1999

     Hon. William E. Kennard, Chairman
     Federal Communications Commission
     445 12th Street, S.W.
     Washington, D.C. 20554

     Dear Mr. Chairman:

     The FCC decision to post a section on "Browsing the Internet
     Safely: Software Filters" is highly inappropriate. We hope you will
     reconsider the necessity of this entire section of the webpage, or
     at the very least remove what amounts to product endorsements and
     add links to sites that expose their inherent flaws. To do
     otherwise will mislead parents into thinking - despite your brief
     disclaimer - that the problem of "browsing the internet safely" can
     be wholly and easily solved by purchasing a piece of software.

     The Censorware Project ( is an organization
     founded to oppose the use of such software in government
     institutions and to provide consumers with information about the
     flaws in these products. We were particularly shocked by the FCC's
     recommendation of censorware products for several reasons.

     First, as the page itself notes, the FCC has no jurisdiction
     whatever over the Internet. As the Supreme Court established for
     once and for all in Reno v. ACLU, the Net is not a scarce resource
     and is therefore entitled to the same extensive First Amendment
     protection as print. Since the FCC's jurisdiction over broadcast is
     based on the rationale of "spectrum scarcity", which does not exist
     as pertains to the Internet, the FCC cannot have any imaginable
     grounds for involvement with Internet content. We understand that
     "many parents have asked for help." But it would not be the FCC's
     place to report on how parents may prevent their children from
     reading pornographic novels; the decision in Reno v. ACLU means it
     is just as inappropriate for you to evaluate home censorship of the

     Second, each of the products you list, and to whose web pages you
     link, blacklist material which is not "harmful to minors" by any
     legal definition. Cybersitter in particular is a product with a far
     right bias, which blocks the National Organization for Women as a
     "radical lesbian" site. Listing Cybersitter on your page is
     tantamount to suggesting that citizens turn to the Christian
     Coalition for advice on guiding their child's reading.

     Third, each of these blacklists is negligently compiled, meaning
     that the companies violate the promises they make (which you repeat
     on your page) to engage in a careful review of every site before
     adding it to the blacklist. In its several reports, The Censorware
     Project has offered hundreds of examples of sites blacklisted by
     these censorware products which cannot possibly have been looked at
     by a human being. A classic example was the Maple Soccer youth
     sports site, which repeatedly turned up on the Cyberpatrol
     blacklist after first being publicized by one of our reports. In an
     article in the Wall Street Journal last week, one of our members,
     James Tyre, disclosed the existence of two domains which contain no
     content whatever yet are blocked by Surfwatch. Accidental
     blacklisting occurs when a censorware publisher's "spider"
     (software which searches for keywords) finds suspicious text in a
     non-pornographic context (eg, "twelve year old girls" on a soccer
     league page.) The hundreds of examples we have found establish
     beyond any doubt that the censorware companies do not inspect every
     site they block.

     Fourth, these products do not, and cannot possibly, achieve their
     stated goals. The amount of content on the Web is too huge, and the
     staffs of these companies far too small, to block more than a small
     percentage of the hardcore pornography on the Net. By recommending
     the use of censorware, you are recommending a placebo. Your page
     states, "While filtering software is a useful parental tool, it is
     no substitute for active involvement with children who use the
     Internet." The second statement--that censorware is no substitute
     for parental supervision--is correct. The first, that it is a
     useful parental tool, is questionable, given the blacklisting of
     benign content while much hardcore porn goes unblocked.

     Fifth, your page makes no mention of the fact that serious
     criticisms have been leveled at the efficacy of censorware projects
     and the truth of the marketing claims made about them. The FCC is
     therefore in a position of recommending controversial and
     questionable products to the American people.

     Sixth, we believe that it is wrong for the FCC to recommend
     particular commercial products. This is especially harmful since it
     appears that, like many consumers, you are unaware of their flaws.
     These products are notorious for outrageous and impossible
     marketing claims which you have repeated as if they were reality.
     These products are represented as doing a job which is in fact
     impossible to do: the scouring of the entire Internet, which
     contains an overwhelmingly large quantity of dynamically changing

     Seventh, you fail to mention that the use of censorware products
     has been found unconstitutional (for many of the reasons we give
     here) in public libraries, in the case of Mainstream Loudoun v.
     Board of Trustees. You have been personally quoted as advocating
     that E-rate funding be conditioned on the installation of
     censorware. We believe that such a requirement would be
     unconstitutional under the Loudoun precedent, and we hope that the
     FCC will not support such legislation.

     Again, it is our request that the FCC remove the reference to
     censorware from its site, for the reasons given here.

     Very truly yours,

     The Censorware Project


Date: Tue, 1 Jun 1999 18:03:57 -0500
From: EPIC-News List 
Subject: file 7--EPIC Alert 6.08

   Volume 6.08                                       June 1, 1999

                            Published by the
              Electronic Privacy Information Center (EPIC)
                            Washington, D.C.


[1] Congress Looks at Internet Privacy; EPIC Testifies
[2] Firm Ends "John Doe" Lawsuit After Learning Identities
[3] IFEA Urges FCC to Provide Balanced Info on Filtering
[4] House Demands Access to NSA Files on Echelon
[5] Court Rules that Media "Ride-Alongs" Violate Fourth Amendment
[6] Australia Close to Enacting Internet Censorship Law
[7] EPIC Bill-Track: New Bills in Congress
[8] Upcoming Conferences and Events

[1] Congress Looks at Internet Privacy; EPIC Testifies

On May 27, the Subcommittee on Courts and Intellectual Property of the
House Judiciary Committee held an oversight hearing on Electronic
Communications Privacy Policy Disclosures.  The focus of the hearing
was a recent industry survey on industry self-regulation and the
question of whether self-regulation would adequately protect online
privacy.  The industry survey followed a 1998 survey by the FTC on
Internet privacy policies and the 1997 EPIC survey, "Surfer Beware:
Personal Privacy and the Internet."

Testifying at the hearing were John Bentivoglio, Chief Privacy Officer,
U.S. Department of Justice; Jill Lesser, Vice President, Domestic
Public Policy, America Online, Inc.; Christine Varney, Chair, Online
Privacy Alliance; Jerry Berman, President, Center for Democracy and
Technology; Marc Rotenberg, Executive Director, Electronic Privacy
Information Center; Jerry Cerasale, Senior Vice President, Government
Affairs; Direct Marketing Association, Inc.; and Terry Pittman, Board
of Directors, TRUSTe.

EPIC Director Marc Rotenberg said that much more needs to be done to
protect online privacy.  "Current efforts to promote industry
self-regulation will not adequately address the public concerns about
privacy and the Internet."  Mr. Rotenberg said that "industry privacy
policies are literally papering over the growing problem of privacy
protection online."" He recommended that Congress help assemble the
building blocks for a privacy policy, including the establishment of a
privacy agency, the enforcement of Fair Information Practices, and the
development of new techniques that limit or eliminate the collection of
personally identifiable information.

While it is unclear at this point what steps Congress might take to
protect privacy on the Internet, it seems unlikely that the issue will
be going away anytime soon.  Public concerns about privacy continue to
rise as does the skepticism in Europe over the Commerce Department's
Safe Harbor proposal, which would allow the processing of data on
European citizens by U.S. firms without any legal framework to protect
privacy in place.

Senator John McCain (R-AZ), Chairman of the Senate Commerce Committee,
has announced that he will hold hearings on Internet privacy later this

The text of EPIC's testimony on Internet privacy is available at:

[2] Firm Ends "John Doe" Lawsuit After Learning Identities

A closely-watched case involving online anonymity has ended abruptly
after the plaintiff corporation learned the identities of 21 "John Doe"
defendants.  Raytheon Co. recently dismissed its lawsuit against a
group of people it claimed were spreading company secrets on an
Internet message board after the defense contractor succeeded in
obtaining the individuals' names.  The dismissal suggests that it may
have been the company's sole objective to identify the individuals,
without any intention of litigating the merits of its claims.  Such
legal tactics would raise serious questions about the potential for
abuse of the judicial discovery procedures in similar cases pending
around the country (see EPIC Alert 6.06).

In February, Raytheon filed suit against 21 "John Doe" defendants,
accusing the group of anonymously discussing rumored mergers and
acquisitions, impending divestitures and possible defense contracts on
a public message board.  In support of its suit, the company obtained
subpoenas against several Internet service providers, and eventually
learned the identities of all 21 defendants.  Several were believed to
be Raytheon employees who have left the company since the disclosures
(the circumstances of their departures have not been made public).

While many of the cases pending around the country involve serious
charges of alleged wrongdoing, there is no mechanism currently in place
to distinguish between someone who is hiding behind their anonymity to
commit a crime or other wrongful act, and someone with a legitimate and
lawful desire to communicate anonymously.  The outcome of the Raytheon
case is troubling because it suggests that judicial discovery
procedures can be used to destroy an individual's anonymity without any
determination of the validity of the underlying legal claim.  Until the
courts or Congress establish basic ground rules to govern discovery in
these cases, the number of subpoenas is likely to increase, with a
resulting chilling effect on anonymous Internet speech.

[3] IFEA Urges FCC to Provide Balanced Info on Filtering

In response to a speech delivered by Federal Communications Commission
Chairman William Kennard in which he encouraged the use of Internet
filters, more than a dozen organizations sent a letter to the Chairman
on May 13 urging him to present balanced information on the pros and
cons of filtering software at the Commission website.  The FCC's
"Parents, Kids & Communications" web page currently provides links to
the vendors of various software filtering products.

The members of the Internet Free Expression Alliance (IFEA) signing the
letter included EPIC, the American Booksellers Foundation for Free
Expression, the American Civil Liberties Union, the National Coalition
Against Censorship and People For the American Way Foundation.  The
groups told Kennard that "the public -- and policymakers -- must
closely examine filtering systems and carefully evaluate the filtering
criteria they employ, as poorly designed systems can damage the unique
character of the Internet."  They noted that "several independent
studies of these products indicate that the vendors often gloss over
some of the serious shortcomings of their filtering systems. We believe
that an objective and useful "information page" must apprise parents of
these findings."

In the interest of presenting a balanced view of the benefits and
detriments of filtering products, the IFEA members asked Kennard to
provide links to the critical studies, including EPIC's "Faulty
Filters" report, which documented the negative effects of a "family-
friendly" search engine.

The text of IFEA's letter is available at:

[4] House Demands Access to NSA Files on Echelon

Following recent revelations in Australia and Canada on the
international signals intelligence network known as ECHELON, Reps.
Porter Goss and Bob Barr have requested access to National Security
Agency files concerning the legality of the surveillance system.  On
May 13, Barr succeeded in attaching a requirement to the Intelligence
Authorization Act that would require the National Security Agency, the
CIA and the Justice Department to prepare a report on ECHELON for the
Congress within 60 days of its enactment.  The report would describe
the legal standards employed by elements of the Intelligence Community
in conducting signals intelligence activities, including electronic
surveillance.  This would include systems like ECHELON that eavesdrop
on international telecommunications.  As Barr explained, Congress

     is concerned about the privacy rights for American citizens
     and whether or not there are constitutional safeguards
     being circumvented by the manner in which the intelligence
     agencies are intercepting and/or receiving international
     communications back from foreign nations that would otherwise
     be prohibited by the prohibitions and the limitations on the
     collection of domestic  intelligence.

Strict limitations were placed on the ability of intelligence agencies
to collect information about U.S. citizens in the 1970s in the wake of
Watergate and other abuses.  Rep. Goss, who chairs the powerful House
Permanent Select Committee on Intelligence, had requested access to
files held by NSA's General Counsel, but the agency rebuffed the
request citing "attorney-client privilege."  In a report issued as part
of the Intelligence Authorization Act for fiscal year 2000, Goss wrote:
"for the first time in the committee's history, an Intelligence
Community element of the United States Government asserted a claim of
attorney-client privilege as a basis for withholding documents from the
committee's review."

The European Parliament's report on ECHELON is available at:

[5] Court Rules that Media "Ride-Alongs" Violate Fourth Amendment

The Supreme Court ruled on May 24 that police may not bring the media
into a home during the execution of a warrant, though the Court chose
not to allow the individuals who filed suit to recover against the
police for the Fourth Amendment violation.  The case -- Wilson v. Layne
-- grows out a 1992 search in which a team of Deputy United States
Marshals and Montgomery County (Maryland) Police, accompanied by a
reporter and a photographer from the Washington Post, entered the home
of the parents of a federal fugitive.  Petitioner Charles Wilson,
dressed only in a pair of briefs, ran into the living room to
investigate.  Discovering at least five men in street clothes with guns
in his living room, he angrily demanded that they state their business,
and repeatedly cursed the officers.  The officers quickly subdued him
on the floor.  His wife then entered the living room to investigate,
wearing only a nightgown.  She observed her husband being restrained by
the armed officers.

When their protective sweep was completed, the officers learned that
the man they sought was not in the house, and they departed.  During
the time that the officers were in the home, the Washington Post
photographer took numerous pictures.  The print reporter was also
apparently in the living room observing the confrontation between the
police and Charles Wilson.  At no time, however, were the reporters
involved in the execution of the arrest warrant.  The Washington Post
never published its photographs of the incident.  The Wilsons sued the
law enforcement officials in their personal capacities for money
damages.  They contended that the officers' actions in bringing members
of the media to observe and record the attempted execution of the
arrest warrant violated their Fourth Amendment rights.

The Supreme Court held that a media "ride-along" in a home violates the
Fourth Amendment.  The Court said it violates the Fourth Amendment
rights of homeowners for police to bring members of the media or other
third parties into their homes during the execution of a warrant when
the presence of the third parties in the home was not in aid of the
warrant's execution.  However, the Court held that because the state of
the law was not "clearly established" at the time the entry in this
case took place, the officers are entitled to qualified immunity.
Justice Rehnquist delivered the opinion for the Court, which was
unanimous on the issue of whether a violation of the Fourth Amendment
occurred.  In a concurring opinion, Justice Stevens said that the
petitioners should have been able to recover against the police.

In a separate decision, the Supreme Court has agreed to review the
Drivers Privacy Protection Act of 1994.  At issue in that case is
whether Congress can limit the disclosure of personal information held
by state agencies. That case is Reno v. Condon.

The text of the decision in Wilson v. Layne is available at:

[6] Australia Close to Enacting Internet Censorship Law

The Australian government may be on the verge of enacting one of the
world's most restrictive Internet content laws.  Last week, the
Australian Senate approved a bill that would extend the Broadcasting
Services Act 1992 to the Internet.  The law currently applies to film
and video and limits access to material involving drugs, sex, violence,
or nudity, or containing obscene language.  The law is based upon a
ratings system similar to that used for commercial films in the United
States. But the Australian ratings go further, with restrictive ratings
applied to material that "incites" violence or depicts acts that
"offend against the standards of morality, decency, and propriety
generally accepted by reasonable adults."

The Australian Broadcasting Authority (ABA) administers the law and
monitors covered media for compliance.  Should the pending legislation
be enacted, the ABA would be granted authority to require Internet
access providers to monitor the content carried via their networks and
shut down sites suspected of violating the law.  "The government has
turned Australia into the global village idiot", according to
Electronic Frontiers Australia (EFA) spokesperson Danny Yee. "This Bill
is a direct attack on freedom of speech,"" even though "surveys and
polls show that most Australians don't want more censorship."  EFA has
organized protests against the pending censorship law in Sydney,
Melbourne, Brisbane, Perth and Adelaide.

More information on the Australian campaign against Internet censorship
is available at:

[7] EPIC Bill-Track: New Bills in Congress


H.R.1685. Internet Growth and Development Act of 1999. A bill to
provide for the recognition of electronic signatures for the conduct of
interstate and foreign commerce; to restrict the transmission of
certain electronic mail advertisements; to authorize the Federal Trade
Commission to prescribe rules to protect the privacy of users of
commercial Internet websites; to promote the rapid deployment of
broadband Internet services; and for other purposes. Title III is
entitled "Online Privacy Protection." Sponsored by Rep. Rick Boucher
(introduced 5/05/99).  Referred to the Committee on Commerce, and in
addition to the Committee on the Judiciary.

H.R.1790. Chemical Safety Information and Safe Security Act of 1999. A
bill to provide for public disclosure of accidental release scenario
information in risk management plans, and for other purposes.
Sponsored by Rep Tom Bliley (introduced 5/13/99).  Referred to the
Committee on Commerce, and in addition to the Committees on Government
Reform, and the Judiciary.


S.942. Taxpayer Right-To-Know Act of 1999. A bill to amend the Internal
Revenue Code of 1986 to require the Secretary of the Treasury to
develop an Internet site where a taxpayer may generate a receipt for an
income tax payment which itemizes the portion of the payment which is
allocable to various Government spending categories.  Sponsored by Sen.
Charles E. Schumer, (introduced 5/03/99).  Referred to the Committee on

S.976. Youth Drug and Mental Health Services Act. A bill to amend Title
V of the Public Health Service Act to focus the authority of the
Substance Abuse and Mental Health Services Administration on community-
based services children and adolescents; to enhance flexibility and
accountability; to establish programs for youth treatment; and to
respond to crises, especially those related to children and violence.
Section 404 Part C subpart I establishes a national data infrastructure
"for the purpose of developing and operating . . . data collection,
analysis, and reporting systems." Sponsored by Sen. Bill Frist
(introduced 5/06/99).

S.1043. Internet Regulatory Freedom Act of 1999. A bill to provide
freedom from regulation by the Federal Communications Commission for
the Internet. Sponsored by Sen. John McCain (introduced 5/13/99).
Referred to the Committee on Commerce.

[8] Upcoming Conferences and Events

Encryption Controls Workshop. May 13, 1999. Raleigh, NC. Sponsored by
the U.S. Dep't of Commerce. Contact: (202) 482-6031

INET 99.  San Jose, Calif., June 22-25, 1999.  Sponsored by the
Internet Society.  Contact:

Privacy Laws & Business 12th Annual International Conference -- "New
Data Protection Law: Issues, Solutions, Action."" June 28-30th 1999, St
John's College, Cambridge, United Kingdom.  Contact: Privacy Laws &
Business, Tel: + 44 (0) 181 423 1300, Fax: + 44 (0) 181 423 4536,
e-mail:, or

ABA Annual Conference, Section of International Law and Practice.
"Privacy Issues in Electronic Commerce." Aug 9. Atlanta, Georgia.

The 21st International Conference on Privacy and Personal Data
Protection.  Hong Kong, September 13-14, 1999.  A distinguished group
of over 50 speakers/panelists from overseas and Hong Kong will explore
the theme of  "Privacy of Personal Data, Information Technology &
Global Business in the Next Millennium."" Sponsored by the Office of
the Privacy Commissioner for Personal Data in Hong Kong.  Contact:

"A Privacy Agenda for the 21st Century."" Sept 15. Hong Kong Convention
and Exhibition Centre, Hong Kong PRC. Contact:
Information Security Solutions Europe 1999. Oct 4-6. Maritim proArte
Hotel, Berlin, Germany. contact

Subscription Information

The EPIC Alert is a free biweekly publication of the Electronic Privacy
Information Center. A Web-based form is available for subscribing or
unsubscribing at:

To subscribe or unsubscribe using email, send email to with the subject: "subscribe" (no quotes) or

Back issues are available at:


Date: Sun, 10 Jan 1999 22:51:01 CST
From: CuD Moderators 
Subject: file 8--Cu Digest Header Info (unchanged since 10 Jan, 1999)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup:

Or, to subscribe, send post with this in the "Subject:: line:

Send the message to:


The editors may be contacted by voice (815-753-6436), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message:   UNSUB CU-DIGEST
(NOTE: The address you unsub must correspond to your From: line)

The mailing list is automated, so no human lies at the other end.

CuD is readily accessible from the Net:
  UNITED STATES: ( in /pub/CuD/CuD
    Web-accessible from:
         ( in /pub/Publications/CuD/
         in /doc/EFF/Publications/CuD/
  EUROPE: in pub/cud/ (United Kingdom)

The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.


End of Computer Underground Digest #11.25

<--">Return to the Cu Digest homepage

Page maintained by: Jim Thomas -