Skip to main content

EFFector - Volume 2, Issue 7 - Steve Cisler Writes About Computers, Freedom and Privacy II

EFFECTOR

EFFector - Volume 2, Issue 7 - Steve Cisler Writes About Computers, Freedom and Privacy II

############                        ##########       Volume 2 Number 7
############                        ##########         April 10, 1992
####                                ###    ###                       
##########    ########## ########## ###    ### ####    ####          
##########    ########## ########## ###    ### #####   ####          
##########    ####       ####       ###    ### ######  ####          
####          ########   ########   ###    ### ############          
####          ########   ########   ###    ### #### #######          
############# ####       ####       ########## ####  ######          
############# ####       ####       ########## ####   #####          
############# ####       ####       ########## ####    #### ## ## ## 
                                                                     
|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|                  EFFector
|                                          |                   ONline
|            THE CISLER REPORT:            |                         
|        Steve Cisler writes about         |               eff@eff.org
|    Computers, Freedom and Privacy II     |                         
|                                          |         155 Second Street
|               WHAT A DEAL!               |       Cambridge, MA 02141
|        EFF offers spiffy t-shirts        |            (617) 864-0665
|                                          |                         
|                                          |   666 Pennsylvania Ave.SE
|                                          |     Washington, DC  20003
|                                          |            (202) 544-9237
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~                          


              COMPUTERS, FREEDOM, AND PRIVACY-2: A REPORT
                    by Steve Cisler (sac@apple.com)


[The opinions and views expressed are those of the author, Steve Cisler,
and not necessarily those of  Apple Computer, Inc. Misquotes of people's
statements are my responsibility. Permission is granted for re-posting 
in electronic form or printing in whole or in part by non-profit
organizations or individuals. Transformations or mutations into 
musicals, docudramas, morality plays, or wacky sitcoms remain the right 
of the author. This file may be found on the Internet in ftp.apple.com 
in the alug directory.
                  -Steve Cisler, Apple Computer Library.
                        Internet address: sac@apple.com ]

      The Second Conference on Computers, Freedom, and Privacy, (March
18-20, 1992. Washington,D.C.).was sponsored by the Association for
Computing Machinery and thirteen co-sponsors including the American
Library Association and a wide variety of advocacy groups.

      The diversity of the attendees, the scope of the topics covered,
and the dynamism of the organized and informal sessions gave me a
perspective I had lost in endless conferences devoted only to library,
information, and network issues. I can now view the narrower topics of
concern to me as a librarian in new ways. Because of that it was one of
the best conferences I have attended. But there's a danger of these
issues being re-hashed each year with "the usual suspects" invited each
time to be panelists, so I urge you, the readers, to become involved and
bring your own experiences to the next conference in 1993 in the San
Francisco Bay Area.

++====================================================================++

                          Wednesday, March 18

      The day began with concurrent tutorials on the following topics:
      Getting on the Net (Mitchell Kapor, Electronic Frontier
Foundation);
      Making Information Law and Policy (Jane Bortnick, Congressional
Research Service);
      Communications and Network Evolution (Sergio Heker, JVNCNet),
      Private Sector Privacy (Jeff Smith, Georgetown University);
      Constitutional Law for Non-lawyers (Mike Godwin, EFF);      
Computer Crime (Don Ingraham, Alameda County (CA) District Attorney);
      Modern Telecommunications: Life After Humpty- Dumpty (Richard
Wolff, Bellcore);
      International Privacy Developments (David Flaherty, Univ. of
Western Ontario);

and the one I attended...
          Information Law and Policy: Jane Bortnick,
          Congressional Research Service (CRS)

      In Bortnick's tutorial, she covered the following points:
        1)Setting information policy is not a linear process, and it's
not clear how or when it is made because of many inputs to the process.
        2) Many policies sit on the shelf until a crisis, and the right
technology is either in place, or certain people grab it. 
        3)Events create renewed interest in information policy.
        4)Industry, academic, or non-governmental groups play an
important role by testifying before committees studying policy and by
lobbying.
        5)CRS is the institutional memory for Congress because of the
rapid turnover in the staff on the Hill. 
        6) The challenge is to develop policy that does not hinder or
hold things up, but there is a high degree of uncertainty, change, and
lack of data. The idea is to keep things as open as possible throughout
the process.

      Bortnick said that the majority of laws governing information
policy were written in an era of paper; now electronic access is being
added, and Congress is trying to identify fundamental principles, not
specific changes.
      Because of the economic factors impinging on the delivery of
information, members of Congress don't want to anger local cable, phone,
or newspaper firms. 
      To get sensible legislation in a rapidly changing environment you
have to, paradoxically, slow down the legislative processes to avoid
making bad laws. Nevertheless, in a crisis, Congress can sometimes work
very quickly. 
      We have to realize that Congress can't be long term because of
annual budget cycles and because of the hard lobbying by local 
interests.
      In making good policy and laws, building consensus is the key.

The current scope of information policy:
        -spans broad range of topics dealing with information 
collection, use, access, and dissemination
        -global warming has a component because new satellites will dump
a terabyte a day: who is responsible for storage, access, adding value 
to all of this data?
         -many bills have the phrase: "and they will establish a
clearinghouse of information on this topic"
         -information policy has increasingly become an element within
agency programs
        -impact of information technologies further complicates debate
        -result=more interested players from diverse areas.

       Congress has many committees that deals with these issues. CRS
gets 500,000 requests for information a year: 1700 in one day.   After
"60 minutes" is broadcast CRS gets many requests for information. from
Congress.

      Jim Warren asked several questions about access to government
information. There was a general discussion about how the Library of
Congress would be digitized (size, cost, copyright barriers).  It was
noted that state level experiments affected federal activity, especially
the states that are copyrighting their information (unlike the federal
government).

      The discussion about Congressional reluctance to communicate via
electronic mail with constituents: a new directory does not even list
some fax numbers that had been quasi-public before some offices felt
inundated with fax communications.

++====================================================================++


                            Keynote Address:
        Al Neuharth, The Freedom Forum and founder of USA Today
            "Freedom in cyberspace: new wine in old flasks"

      Lunch, following the tutorials, was followed by an address by Al
Neuharth. The high points were:
      1. First amendment freedoms are for everyone. Newspaper publishers
should not relegate anyone to 2nd class citizenship or the back of the
bus.
      2. The passion for privacy may make our democracy falter.
      3. Publishing of disinformation is the biggest danger, not
information-glut.

      Commenting on American Newspaper Publishers Assn. to keep RBOCs 
out of information business, Neuharth noted that the free press clause in 
the Bill of Rights does not only apply to newspapers. Telcos have first
amendment rights too. "ANPA is spitting into the winds of change", he
said, and some newspaper publishers are not happy with this stance, so
there is a lot of turmoil.  People should get their news when, how and
where they want it: on screen or tossed on the front porch. Telcos have
yet to demonstrate expertise in information gathering and dissemination;
they have an outmoded allegiance to regulation .

      He strongly criticized the use of anonymous sources by newspapers.
Anonymous sources, he said, provide misinformation that does irreparable
harm. The Washington Post is the biggest user of confidential sources.
Withholding of names encourages fabricating and misinformation. Opinions
and style should not be hidden in news pages but kept on the editorial
page.


++====================================================================++

               Wednesday Afternoon Session: Who Logs On?
                  Given by Robert Lucky of Bell Labs:

Speaking personally, Lucky covered the following points:
      1. Fiber to the home: who pays for it?
          The consumers will pay and the consumer will benefit. How much
they will pay and how much they will benefit is what matters.
          We must to install wideband switching and we will.The drama is
mainly economic and political, not technical. It will happen in 40 
years.  Asked what fiber will bring that copper will not, Lucky took the
Field of Dreams approach: supply of bandwidth will create demand.
      2. Access and privacy.
          This is a personal quandary for Lucky. Intimate communications
will be coming-- individual cells on each pole and an individual number
for each person. "I like to call anybody from my wrist, but I hate 
having people calling me." 
          If you have access, you can't have privacy. The right to be
left alone takes away from the 'right' from other people.  Lucky was the
first of many to raise the problems of the FBI recommend legislation,
the Digital Telephony Amendment, that would require re-design of present
network so that surveillance could take place, and that the cost of
doing this would be 20 cents a month per subscriber.  It will be hard to
find conversations, but you will pay for this.  He viewed this with
grave concern; it's a bad idea. He is all for getting drug kings but he
wants his privacy.

      3. Lucky's observations on the Internet/NREN:
          One of the wonderful things is the sense of freedom on the
Internet. Anonymous ftp. There are programs and bulletin boards.  Sense
of freedom of information and freedom of communication, but nobody seems
to pay for it. It just comes. As a member of AT&T, this needs to be
transitioned to a commercial enterprise. Government is not good at this;
intellectual property  lawyers will build walls, and hackers may screw 
it up too. "I still want all the freedom in the commercial enterprise."

      Linda Garcia of the OTA (Office of Technology Assessment) spoke
about access issues and said it was a cost/benefit problem.  Rural areas
should be able construct a rural area network (RAN). Take small
businesses, educators, hospitals and pool their demand for a broadband
network. Government could act as a broker or community organizer and
transfer the technology. Rural communities should not be treated the 
same way as urban areas. The regulatory structure should be different for
rural Maine than for lower Manhattan. See her OTA reports "Critical
Connections and Rural America at the Crossroads"  for in-depth 
treatments of these issues.

      Al Koppe of New Jersey Bell outlined the many new services being
rolled out in NJ at the same time they are maintaining low basic rates.
        --In 1992 there will be narrowband digital service for low
quality video conferencing; in 1994 wideband digital service.
        --Video on demand, entertainment libraries and distance learning
applications will be coming along soon after.
        --Koppe predicted a 99% penetration by 1999 with  complete fiber
by 2010. This will be a public network and not a private one. It will
still be a common carrier.
      This is a very aggressive and optimistic plan, an important one 
for all of us to watch. Lucky said he had never seen a study that shows 
video on demand services can be competitive with video store prices. The
big question remains: how does a business based on low-bandwidth voice
services charge for broadband services? It remains a paradox.

      Brian Kahin, Kennedy School of Government, discussed the growth of
the Internet and policy issues:
        --points of access for different users
        --network structure and current NSFNet controversy
      He said the NREN debate is one between capacity (enabling high end
applications)   and connectivity (number of resources and users online).

++====================================================================++

          Afternoon Session: Ethics, Morality, and Criminality

      Mike Gibbons of the FBI chaired this session which was one of the
central themes for all present. In the same room we had law enforcement
(LE) representatives from state, local, and federal governments, civil
libertarians, and convicted computer criminals, as well as some victims.

      The FBI views the computer as a tool, and Gibbons told a story
about the huge raid on Lyndon LaRouche's data center in Virginia where
400 LE types took part.  I had the feeling that Gibbons was telling his
own hacker story because the audience would appreciate the challenges
that faced him more than LE supervisors without a technical knowledge of
computers would appreciate it. He was also involved in the Robert Morris
case.

      Mike Godwin of EFF agrees that it is not  ethical to access other
people's computer without permission, but Mike represents those who may
have acted unethically but still have rights.

      Case involving Craig Neidorf of _phrack_ who felt that his
publication of a  Bell South document was within the 1st amendment . 
Bell South pegged the Document cost was $70K because it included the Vax
workstation and the software in the cost! There was a question whether
that document was property at all. LE folks can make good faith 
mistakes, but Craig had to spend $100,000 and that the prosecutor and
Secret Service never admitted they were wrong.

      Jim Settle from FBI sets policy on computer crime and supervisor 
of computer crime squad.  Background in Univacs in 1979. There is not a lot
of case law on computer crimes. LE was computer stupid and is not out
there to run over people's rights.  They discuss moral issues even when
an action was legal.

      Don Delaney of the New York State Police: He has been dealing with
PBX and calling card fraud; he talks to students about perils of
computer crime, and works with companies who have been hit. Every day at
least one corporation has called him. $40,000 to $400K loss in a short
time. He has found glitches in the PBX software; he complained that few
PBX salespeople tell the customers about remote access units through
which criminals gain access. Once this happens the number is sold on the
street in New York at about $10 for 20 minutes. Even Westchester County
Library was hit. People used binoculars to read the PIN numbers on
caller's cards as they dialed in Grand Central Station. Delaney called
this 'shoulder surfing' and noted that cameras, camcorders, and
binoculars are being used regularly.

      Mitch Kapor raised the issue of the Digital Telephony Amendment. 
It is proposed legislation to amend 18 USC 2510 (government can intercept
communications on showing probable cause as they did with John Gotti)
Settle of the FBI asked: "What happens if the technology says you can't
do it? You change the tech. to allow it or  you repeal the law that
allows wire tap.  Don Parker of SRI  said it is essential to have 
wiretap ability as a tool for LE.

      The FBI under the Department of Justice has authority to use
wiretaps in its operations. This has been one of the most effective 
tools that law enforcement has, but with the advent of digital telephony
such as ISDN, the LE community is worried that no capability exists to
intercept these digital signals, and this will preclude the FBI and 
other LE officials from intercepting electronic communications.

      The FBI proposes an amendment to the Communications Act of 1934 to
require electronic services providers to ensure that the government will
e able to intercept digital communications. There are a number of parts
to the bill:
      1. the FCC shall determine the interception needs of the DOJ and
issue regulations 120 days after enactment.
      2. Service providers and pbx operators to modify existing telecom
systems within 180 days and prohibit use of non-conforming equipment
thereafter, with penalties of $10,000 per day for willful offenders.
      3. Gives FCC the authority to compensate the system operators by
rate structure adjustment for required modifications. That is, the user
will pay for this decreased security desired by the government.

      Godwin said he believes that wiretap is okay when procedures are
followed, but you have to decide what kind of society you want to live
in. The FBI asked, "Are you going to say that crime is okay over the
phones and that it should not be controlled?" He implied that not making
changes to the law would leave cyberspace open to sophisticated
criminals, many of whom have more resources for technology that does the
LE community. For more information on this there is a 10 page 
legislative summary.

++====================================================================++

                        The Evening of Day One:

      There were Birds of a Feather (BOF) sessions that were less formal
and with less attendance. Nevertheless, they were some of the high 
points of the conference.

      Where else would one find the law enforcement types switching 
roles with computer intruders who had to defend a system against an attack?
Kudos to Mike Gibbons for setting this up.

      There was also a panel of hackers (I use the term in the broadest
and non-pejorative sense) including "Emmanuel Goldstein"--the nom de
plume for the editor of 2600: The Hacker's Weekly; Craig Neidorf, 
founder of phrack; Phiber Optik, a young man who recently plea bargained to
a couple of charges; and Dorothy Denning, chair of the CS department at
Georgetown University.

      Goldstein (this was a character in Orwell's 1984 who was a front
for the establishment!) sees hackers as intellectuals on a quest for
bugs which, when corrected, help the system owner.He is extremely
frustrated over media treatment of hackers, yet he was open to a
Japanese camera crew filming the casual meetings of 2600 readers that
took place in the hotel lobby throughout the conference.  He said that
hackers and system administrators work together with each other in
Holland.

      As an example of lax system management there was a military
computer during the middle east war had a password of Kuwait'. Don 
Parker of SRI believes that Goldstein should not continually blame the
victim.

      Many of the hackers and publishers strongly believed that  
"knowing how things work is not illegal." The current publisher of Phrack
said, "I believe in Freedom of Speech and want to tell people about new
technology."

      Most librarians would agree, but much of the problem was what some
people did with that knowledge. An interesting discussion followed about
who was responsible for security: vendors, system administrators, or
public law enforcement personnel. Phiber Optik is now maintaining a Next
machine on the Net and complained that answers to technical questions
cost $100 per hour on the Next hotline.

++====================================================================++

               Electronic Money: Principles and Progress
                         Eric Hughes, DigiCash

      Electronic money uses public key encryption. People can recognize
your digital signature, but cannot read it. The goal is to create a bank
on the Internet that only uses software and affords the user complete
anonymity. There is the bank, the buyer, and the seller. Money flows 
from the bank in a money loop. Bank does not know what is signs but it
knows that it did sign it and will honor the electronic check.  This would
allow financial transactions and privacy for the buyer.

      In a library setting this would mean I could buy an item
electronically (a document, image, code) and nobody could link it with 
my name. My buying habits would be private, and a person roaming through 
the transactions might see that someone purchased the computer simulation
"Small furry animals in pain" but would not know the name of the
purchaser.

      Doing private database queries will become more and more important
as the network is used for more business activities. The DigiCash scheme
has multi-party security and is a safe way of exchanging files and
selling them in complete privacy.  It's also very cheap and the
unlinkability is very important.

      In the discussion session the issue of drug lords using the system
was raised. DigiCash has limited its transactions to less than $10,000,
and most would be far less. A British attendee said that stores had to
keep extensive records for VAT tax audits, so EEC and US regulations
would conflict with the goals of DigiCash.


++====================================================================++

                       Thursday Morning Sessions
                                    
                    For Sale: Government Information

      This was staged as a role playing advisory panel where a grad
student made a broad and complicated request for information in a
particular format. The panelist made short statements about their
interests and then tried to answer the pointed questions from George
Trubow of John Marshall Law School.

Dwight Morris (LA Times):
      His job is to get government data and turn it into news stories. 
He noted that the FOIA is a joke; it's a last resort. Vendors are foia-ing
the agencies and then trying to sell those foia requesters software to
read the data tapes!

Ken Allen of the Information Agency Association:
      The government should not elude the appropriations process by
selling information, nor should the agency control content. The IIA is
against exclusive contracts.

Mitch Freedman,Westchester Co. Library  ALA Coordinator for Access to
Information: 
      Are many people asking for access for this information, or will 
the coding benefit many users in the long run? He mentioned of WINDO 
program, freedom of access, and its link to informed democracy.

Franklin Reeder, Office of management and Budget:
      He observed that unusable databases in raw form mean that choice 
of format is irrelevant. There may be broader demand for this information,
and the database should be provided with interfaces for many users.
      Government agencies should not turn to information provision for
revenues; it becomes an impediment to access. "I don't think the public
sector should be entrepreneurial. "

Costin Toregas, Public Technology, Inc.--owned by cities and counties in
U.S. and Canada:
       We should re-examine our language when discussing information and
access. How do you recover the costs of providing the new technological
access mechanisms. The provision of this should be high priority.

Robert Belair, Kirkpatrick and Lockhart, deals in FOIA and privacy
issues:
      Choice of format is an issue, and in general we are doing a bad
job.  Belair notes that FOIA requests are not cheap.  There are $2-4,000
fees from government agencies--even more than the lawyer fees!

      Questions:

      Denning: no view of where technology is taking us. Why not put the
FOIA information online?
      Freedman says the Owens bill handles this.
      Weingarten says that one agency is planning for a db that has no
equipment to handle it yet.
      Belair: we will get change in FOIA and the Owens bill is good. 
      Toregas: A well-connected community  is crucial.

      Harry Goodman asked Ken Allen if he still believed that "libraries
be taken off the dole."
      Allen denied he said this but Goodman had it on tape! Allen said
privatization is a red herring. Government agencies might not be the 
best way to provide the access to information.  Allen says it should be by
diverse methods.

      Glenn Tenney, running for Congress in San Mateo County (CA), said
he had trouble getting information on voting pattern of the members of
Congress and to buy it would have cost thousands of dollars.(
       Ken Allen replied that a private company had developed the
information from raw material, but others thought this was basic
information that should be available to all citizens. Other people 
wanted the Congressional Records online (and cheap); others wanted the
private sector to do it all and to get the government to partner in such
projects.

++====================================================================++

              Free Speech and the Public Telephone Network

      Jerry Berman of the EFF: 
        --Do telcos have the right to publish over their own networks?
        --What are the implications of telcos as newspapers vs. telcos 
as common carrier? Aren't safeguards needed to compel free access for all
players?
        --There is already discrimination on the 900 services (provision
or billing for porno businesses).
        --When the public finds out what is on the network, there will 
be a big fight.
        --Will we follow the print model or the broadcasting model?
        --How can a new infrastructure secure a diversity of speech and
more participants, and how we can break the deadlock between cable,
papers, and telcos.

      Henry Geller, Markle Foundation (FCC/NTIA) : 
        -- The key is the common carrier nature of the telephone 
networks and that they should carry all traffic without determining what is
appropriate. 
        --Congress can't chose between warring industries, so it won't
act on some of these telecomm issues.
        --Broadband area: if the bits flowing are TV programming, the
telco is forbidden to provide.  Print model is a good one to follow, not
the cable or broadcast model. He mentioned  CNN's squelching of NBC 
cable channel.

      John Podesta (Podesta Associates):  
        --There are forces that are trying to push messengers off the
road and keep the network from being diverse. 
        --We need a network with more voices, not just those of the
owners. 
        --We will be faced with censorship by the government and network
owners (MCI, US West);
        --There will be more invasion of privacy
      Six things have to happen:
      1. More competition via open platform. Personal ISDN at low
tariffs.
      2. Structural safeguards
      3. Common carriers should be content neutral when providing access
      4. Originators should bear responsibility for obscene or salacious
postings.
      5. Protect net against invasion of privacy. Debate is whether it
will be easier or harder to wiretap in the future.
      6. Don't adopt broadcast or cable model for network; both are more
restrictive with regards to First Amendment issues.

      Bob Peck (ACLU):
        --Government  ban on RBOCs providing information is a first
amendment issue, but there is also an issue of access. How do we make
sure that everyone gets charged the same rates?
        --The Rust vs. Sullivan decision could affect network use;
abortion clinics could not answer any questions about the topic. US 
Govt.  claimed: "We paid for the microphone; we just want to be able to
control what is said." This is being argued in other cases by DOJ  
and should be resisted.

      Eli Noam (NYU):
        --Coming from state government he tried to be an oxymoron, a
"forward-looking state utility commissioner".
        --Telcos say: If anyone can use the common carrier, why not
themselves.
        --Free speech is rooted in the idea of scarcity and restraints 
to access.
        --When you have 9000 channels, who cares?
        --There will be no scarcity. He predicts people will be video
literate. Video will have new obscene phone calls.
        --We are over-optimistic about the short term and too cautious
about long term effects.
        --Telecommuting is already happening on a significant scale.
        --We will have telecommunities, subcultures of special interest
groups.
        --Our political future is based on jurisdiction. Is there a new
form of political entity emerging that transcends time zones?
        --Information glut: The key issue will be how you filter and
screen it.
        --Handling the information will be a big issue.The user's brain
is the ultimate bottleneck. 
        --Internet news is about 18 MB a day.  
        --Screening will be by the network itself or by user groups and
telecommunities.
        --Rights of individuals vs. the governments. Is the first
amendment a local ordinance?
        --We need power over international interconnection. Fly the flag
of teledemocracy.

++====================================================================++

                       Lunch with Bruce Sterling

      Bruce Sterling, author of The Difference Engine (with William
Gibson) and a new title, The Hacker Crackdown, gave an outstanding
performance/speech entitled "Speaking the Unspeakable" in which he
represented three elements of the so- called computer community who were
not at CFP-2.

        --The Truly Malicious Hacker:
           "Your average so-called malicious user -- he's a dweeb! He
can't keep his mouth shut! ....Crashing mainframes-- you call that
malice? Machines can't feel any pain! You want to crash a machine, try
derailing a passenger train. Any idiot can do that in thirty minutes,
it's pig-easy, and there's *nothing* in the way of security. Personally 
I can't understand why trains aren't de-railed every day."

         --A narco-general who has discovered the usefulness of his
contacts with the North American law enforcement communities--and their
databases:
            "These databases that you American police are maintaining.
Wonderful things....The limited access you are granting us only whets 
our appetite for more. You are learning everything about our
criminals....However, we feel that it is only just that you tell us 
about your criminals.....Let us get our hands on your Legions of Doom. I
know it would look bad if you did this sort of thing yourselves. But you
needn't."

        --A data pirate from Asia:
           "The digital black market will win, even if it means the
collapse of your most cherished institutions....Call it illegal, call it
dishonest, call it treason against the state; your abuse does not 
matter; those are only words and words are not as real as bread. The only
question is how much suffering you are willing to inflict on yourselves,
and on others, in the pursuit of your utopian dream."

      Sterling's speech was a hilarious, yet half-serious departure from
the usual fare of conferences and is well worth obtaining the audio or
video cassette. I also recommend you attend the American Library
Association conference in late June 1992 when Sterling will address the
LITA attendees.

++====================================================================++

                          Who's in Your Genes

Who's in Your Genes was an overview of genetic data banking, and a
discussion of the tension between an individual's right to privacy and
the interests of third parties. DNA forensic data banks and use of
genetic records by insurers were explored. Madison Powers was
chair. Panelists included  John Hicks, FBI Lab; Paul Mendelsohn,
Neurofibromatosis, Inc.; Peter Neufeld, Esq.; Madison Powers,
Kennedy Center for Ethics, Georgetown University.

++====================================================================++


               Private Collection of Personal Information

      This was another role-playing session where the participants took
positions close to those they would hold in real life. Ron Plessor of
Piper and Marbury acted as the 'scene setter and facilitator'. It was he
who posed the broad question "Should the government have a role in the
privacy debate?" and asked the panelists to debate about the
establishment of a data protection board (as proposed by Congressman 
Wise in H.R. 685d).

      Janlori Goldman of the ACLU enthusiastically embraced the role of
general counsel to the Data Board. She questioned the representatives
from the fictitious private enterprises who were planning a supermarket
discount shoppers' program where all items are matched with the 
purchaser and mailing lists would be generated with this fine-grained
information.

      "It would be good to come to the board before you start the
service." Her tone was very ominous, that of a friendly but all powerful
bureaucrat. "Bring your papers and come on in to  discuss your project.
Let's keep it informal and friendly this time to prevent the more formal
meeting."  She even alluded to making  subpoenas and getting phone
records of the direct marketeers. She would not offer the marketeers
assurances of confidentiality in their discussion, and even though this
was role playing, several people around me who had thought the idea of a
board would be useful, changed their mind by the end, partly because of
her fervor.

      At the Q&A session about 25 people dashed for the microphones,
making this session the most provocative of all. At least it touched a
chord with everyone.

++====================================================================++

      On the evening of March 19, the Electronic Frontier Foundation
presented the EFF Pioneer awards to those individuals who have done the
most to advance liberty, responsibility, and access to computer-based
communications. I was honored to serve as a judge and read the large
number of nominations. Each person or institution made a strong
impression on me, and it was difficult to narrow it down to five people.
The recipients each made a very moving statement after they were called
to the podium by Mitchell Kapor of the EFF.

++====================================================================++

                                March 20

        Privacy and Intellectual Freedom in the Digital Library
                        Bob Walton of CLSI, Inc.

      Walton discussed the transformation of libraries as collections of
books into digital libraries with falling technological costs and
volatile questions of intellectual property and reimbursement.

      Gordon Conable, Monroe (MI) County Library system, spoke of
libraries as First Amendment institutions, ones where Carnegie saw the
provision of free information as a public good. However, the economics 
of digital information are quite different, and this causes problems, as
does the government using the power of the purse to control speech (Rust
vs. Sullivan).

      I spoke about the case of Santa Clara County (CA) Library
defending its open access policy when a citizen complained about
children checking out videos he thought should be restricted. It was a
good example of how the whole profession from the branch librarian on up
to the California State Librarian presented a unified front in the face
of opposition from some parts of the community and the San Jose Mercury
News, the local paper that waffled somewhat on its own stance.

      Jean Polly of Liverpool Public Library spoke about the problems
running a library BBS where religious fundamentalists dominated the
system, but outlined her library's many activities (smallest public
library as an Internet node) and her plans for the future.

++====================================================================++


                          Who Holds the Keys?

      In a sense the cryptography discussion was one of the most
difficult to follow, yet the outlines of a very large battlefield came
into view by the end of the session. The two sides are personal privacy
and national security. Should the government be allowed to restrict the
use of cryptography? (Only weakened schemes are allowed to be legally
exported.) What legal protections should exist for enciphered
communications?

      David Bellin of the Pratt Institute stood up and spoke in code. He
thought encrypted speech was protected and that he should have the right
to associate with his peers through encryption (to prevent snooping). He
did not believe the technology is controllable, nor that there is safety
and one end and freedom at the other.

      Jim Bidzos of RSA Data Security said we need a review of
cryptographic policy. The long term effects of the current
confrontational relationship will be bad. John Gilmore of Cygnus Support
felt that the public should discuss cryptographic issues and not behind
closed doors. This is a good time for network people, manufacturers, and
the government to work together. John Perry Barlow sees encryption as an
answer to the problem of having lots of privacy. Using the drug war
rationale to prohibit export is a bad idea. Whitfield Diffie, of Sun
Microsystems gave an excellent overview of the philosophy of encryption
and why it's important as we move from face-to-face communications to
electronic. There are a number of policy problems:
        --a bad person might be able to protect information against all
assaults.  In a free society a person is answerable for your actions, 
but a totalitarian society uses prior restraint. What will ours become?
        --Can a so-called 'free society' tolerate unrestricted use of
cryptography? Because cryptography can be done on standard processors
with small programs, and because covert channels are hard to detect,
enforcement of a strong anti-crypto law would require drastic measures.

      I asked Jim Bidzos about the government agencies beating their
swords into plowshares by looking for new roles in a world without a
Soviet threat. He thought NSA could use budget hearings to say that with
a lean/mean military budget, a modest increase in crypto capability 
might give the government more lead time in an emergency.

      One member of the audience challenged Bidzos to go ahead and
export RSA outside of the US. Barlow responded "Come on, Jim. The
Russians are already using RSA in their  launch codes." To
which Bidzos replied, "My revenue forecasts are being revised downward!"
 Barlow answered, "You would not have gotten any royalties
from them anyway."  Bidzos: "Maybe..." 

      With only a partial understanding of some of the technology
involved (cryptography is a special field peopled mainly by
mathematicians and intelligence officials), I think that this will be 
the issue of the 90s for libraries. It may be a way to protect both privacy
and intellectual property in the digital libraries of the future.


++====================================================================++

                              Final Panel:
                  Public Policy for the 21st Century,
            moderated by Mara Liasson, National Public Radio

      "How will information technologies alter work, wealth, value,
political boundaries?... What will the world be like in a decade or
two?... What public policies now exist that may pull the opposite
direction from the economic momentum and will lead to social tension and
breakage if not addressed properly?"

      Peter Denning, George Mason University:
        People used to have faith that strong governments would bring
salvation through large programs (he named failures). The poor track
record of government and changes in comms technology have accelerated 
the decline of the faith.

      Mitchell Kapor:
        He sees digital media as the printing press of the 21st century. 
The WELL and others make us realize we are not prisoners of geography, 
so our religious, hobby, or academic interests can b shared by the enabling
technologies of computers. "Individuals flourish from mass society with
this technology"  Openness, freedom, inclusiveness will help us make a
society that will please our children and grandchildren.

      Simon Davies, Privacy International:
        "There is possibly a good future, but it's in the hands of
greedy men.  I see a world with 15 billion beings scrambling for life,
with new frontiers stopping good things.  For 14 billion they are very
pissed off, and that our wonderful informational community (the other
billion) becomes the beast. It will be something most of the world will
do without. If we recognize the apocalypse now we can work with the
forces."

      Esther Dyson, EDventure Holding, Inc.:
        She thinks that cryptography is a defensive weapon. The free-
flow of cryptic information is dangerous to the powerful.  She want more
markets and less government. Large concentrations of power makes her
suspicious. Global protected networks will help those in the
minority(disagreeing with Davies). We don't have one global villages but
many. How do we avert tribalism of class?

      Roland Homet, Executive Inc.:
        Homet was more conciliatory. America has a penchant for ordered
liberty. It  uses toleration and restraint to keep forces working
together.

++====================================================================++

Lance Hoffman, of the George Washington University and organizer of the
conference, deserves a great deal of credit for a smooth running yet
exciting three days.

There will be a CFP-3 in the San Francisco area next year. If you find
these issues to be a major force in your professional life, we hope you
will be able to attend next year. Traditionally, there have been
scholarships available, but these depend on donations from individuals
and firms.

               End of Report/ Steve Cisler sac@apple.com

                       -==--==--==-<>-==--==--==-

             ELECTRONIC FRONTIER FOUNDATION OFFERS T-SHIRTS

For a $10 donation, EFF will send you a spiffy 100% cotton white T-shirt 
with the new black and red EFF logo tastefully displayed on front, and the 
following on the back:
                                    
                          ELECTRONIC FRONTIER
                               FOUNDATION
                              eff@eff.org

                        (50's style graphic with
                    large building sitting on world)

                     Serving Cyberspace since 1990

They come in sizes XL and child's S only. Send your $10 check or
money order to

The Electronic Frontier Foundation
ATT:  Rita/ T-Shirts
155 Second Street
Cambridge MA  02141

"What a DEAL!  People will be hard-pressed to find a shirt of the same
quality with such fantastic silk-screening for less than $20 in any
T-shirt store in the country.  (You can quote me on that.)" 
    -- Brendan Kehoe  upon receiving his shirt.

*** Mention that you are an EFFector Online reader, and we will ***
             waive all shipping and handling charges!

                       -==--==--==-<>-==--==--==-

            MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION

In order to continue the work already begun and to expand our efforts
and activities into other realms of the electronic frontier, we need the
financial support of individuals and organizations.

If you support our goals and our work, you can show that support by
becoming a member now. Members receive our quarterly newsletter,
EFFECTOR, our bi-weekly electronic newsletter, EFFector Online (if you
have an electronic address that can be reached through the Net), and
special releases and other notices on our activities.  But because we
believe that support should be freely given, you can receive these
things even if you do not elect to become a member.

Your membership/donation is fully tax deductible.

Our memberships are $20.00 per year for students, $40.00 per year for
regular members.  You may, of course, donate more if you wish.

Our privacy policy: The Electronic Frontier Foundation will never, under
any circumstances, sell any part of its membership list.  We will, from
time to time, share this list with other non-profit organizations whose
work we determine to be in line with our goals.  But with us, member
privacy is the default. This means that you must actively grant us
permission to share your name with other groups. If you do not grant
explicit permission, we assume that you do not wish your membership
disclosed to any group for any reason.

---------------- EFF MEMBERSHIP FORM ---------------

Mail to: The Electronic Frontier Foundation, Inc.
         155 Second St. #27
         Cambridge, MA 02141

I wish to become a member of the EFF  I enclose:$__________
            $20.00 (student or low income membership)
            $40.00 (regular membership)
            $100.00(Corporate or company membership.
                    This allows any organization to
                    become a member of EFF. It allows
                    such an organization, if it wishes
                    to designate up to five individuals
                    within the organization as members.)

    |     I enclose an additional donation of $___________

Name:______________________________________________________

Organization:______________________________________________

Address: __________________________________________________

City or Town: _____________________________________________

State:_______ Zip:________ Phone:(    )_____________(optional)

FAX:(    )____________________(optional)

Email address: ______________________________

I enclose a check [  ]   .
Please charge my membership in the amount of $_____________
to my Mastercard [  ]     Visa [  ]      American Express [ ]  

Number:____________________________________________________

Expiration date: ____________

Signature: ________________________________________________

Date:______________________

I hereby grant permission to the EFF to share my name with
other non-profit groups from time to time as it deems
appropriate   [  ]  .
                       Initials:___________________________

 =====================================================================
                    EFFector Online is published by
                   The Electronic Frontier Foundation
                 155 Second Street, Cambridge MA 02141
                 Phone:(617)864-0665 FAX:(617)864-0866
                     Internet Address: eff@eff.org
   Reproduction of this publication in electronic media is encouraged
               To reproduce signed articles individually,
        please contact the authors for their express permission.
 =====================================================================

Back to top

JavaScript license information