Slashdot Mirror

Uh, because the court didn't order any surveillance?

The court order is here. It grants permission to:

...search for and seize key related information from Nicodermo S. Scarfo's computer in the TARGET LOCATION by deploying recovery methods which will allow the Government to read and interpret data that was previously seized pursuant to a search warrant on January 15, 1999, as well as those to be seized under this present Court Order. (Emphasis mine.)

It seems from this that the judge indeed intended for a device to be used to get the private key. Scarfo's lawyers are just trying to argue that he should have specifically said "wiretap" if the device actually transmitted information. It's lawyerly semantics.

-

Yes they did. See for yourself.

-

The phone company owns the wires that carry your conversations. So I guess they have the right to "listen in," since you're using their equipment?

It's not quite that bad, yet, but the courts have ruled the the phone company has the right to sell your phone records; i.e. who you call, how often, and so on. This got some coverage on EPIC , where somebody did their homework and linked to these articles on Wired, MSN, and The New York Times.

Back to the issue: The boss, who "owns your time," wants to make sure he's getting all he's paid for. What's next? No posting of Dibert cartoons on your cubicle, since your co-workers will waste precious man-hours chuckling? No newspapers in tne bathroom, since they tend to encourage extra-long bathroom breaks? No more decaf?

I'm not saying that companies should or shouldn't have an absolute right to record your phone calls, read all your email, and require you to be fingerprinted. I am saying that micro-managerial, reactive approaches to eliminating "wasted time" seldom work. Happy employees free to spend a few moments surfing the web or answering a personal email will be more productive than unhappy employees living in fear of a draconian computer use policy.

The phone company owns the wires that carry your conversations. So I guess they have the right to "listen in," since you're using their equipment?

It's not quite that bad, yet, but the courts have ruled the the phone company has the right to sell your phone records; i.e. who you call, how often, and so on. This got some coverage on EPIC , where somebody did their homework and linked to these articles on Wired, MSN, and The New York Times.

Back to the issue: The boss, who "owns your time," wants to make sure he's getting all he's paid for. What's next? No posting of Dibert cartoons on your cubicle, since your co-workers will waste precious man-hours chuckling? No newspapers in tne bathroom, since they tend to encourage extra-long bathroom breaks? No more decaf?

I'm not saying that companies should or shouldn't have an absolute right to record your phone calls, read all your email, and require you to be fingerprinted. I am saying that micro-managerial, reactive approaches to eliminating "wasted time" seldom work. Happy employees free to spend a few moments surfing the web or answering a personal email will be more productive than unhappy employees living in fear of a draconian computer use policy.

Otherwise we'd have to ask those of you reading the featured article apply some mental floss and forget what you've just read, shred any hard-copies you took to the bathroom with you, and format hard drive just to insure that you haven't accidentally cached it somewhere.

"38. The Windows XP operating system leaves the user with little choice but to employ Passport. As soon as the user starts a computer and uses a modem, a dialog box appears on the screen stating: "You've just connected to the Internet. You need a Passport to use Windows XP Internet communications features (such as instant messaging, voice chat and video), and to access Net-enabled features. Click here to set up your Passport."

Am I reading this correctly as MS not allowing an internet connection at all without a Passport?

Actually, no. What the paper is saying is that the setup of Windows XP to use the Internet automatically (this is where the problem lies as the user has no control over its appearance) presents you with a screen that requires you to setup a Passport account in order to use Microsoft's Internet services (ie. multimedia, IM etc). It doesn't stop you from installing your own software. The scary part about this is that the average user (as opposed to technically adept "geeks" like most of the Slashdot audience here) don't know this, and this gives Microsoft an(other) unfair advantage over its competitors. Paragraph 44 of the complaint also shows this.

What people have to learn is that the more that people want to have everything taken care for them (the iMac's software was preinstalled because people wanted to take it out of the box, plug it in and use it), the less control they will have other what they can do with their computer. Giving the power to set up your PC to someone else (especially corporations) and they will mean that it will be less suited to what you want and more to what Microsoft (or Compaq or whoever the company is) wants. The answer is simple: stop treating the computer like it's a glorified, Internet-accessible TV. Computers are complex machines that can be custom-built for various purposes (eg. servers, graphics computers). They are meant to be interactive. You reap what you sow, and the less effort you put into setting up your computer, the less you'll get out of it. The reason that XP is able to exercise this level of control over your computer is that people will not make the effort to take that control.

Although I will protest against having to register an account just to download some software (this means you too, FilePlanet).

Self Bias Resistor

Can we still use this to undermine the act or are we back to square one?

IANAL, but I seem to recall several laws have been challenged, and overturned, without a live case to chew on. It would seem a major problem with a justice system that requires someone to risk jail and/or a fine to challenge a law. I believe that using an active case like this is just the "easy" way to force a judge to look at an issue, but there are other ways to get a hearing in court. One such example is the case of the Communications Decency Act that was struck down before being enforced. It was brought into the legal system not as the defense of a criminal case, but as an ACLU originated lawsuit, ACLU vs Reno. I do not know the legalities of when this can be done, perhaps someone can enlighten us on this?

From McIntyre vs. Board of Education:

an author's decision to remain anonymous, like other decisions concerning omissions or additions to the content of a publication, is an aspect of the freedom of speech protected by the First Amendment.

... In Talley, the Court held that the First Amendment protects the distribution of unsigned handbills urging readers to boycott certain Los Angeles merchants who were allegedly engaging in discriminatory employment practices. 362 U. S. 60. Writing for the Court, Justice Black noted that -[p]ersecuted groups and sects from time to time throughout history have been able to criticize oppressive practices and laws either anonymously or not at all.- Id., at 64. Justice Black recalled England's abusive press licensing laws and seditious libel prosecutions, and he reminded us that even the arguments favoring the ratification of the Constitution advanced in the Federalist Papers were published under fictitious names....

The specific holding in Talley related to advocacy of an economic boycott, but the Court's reasoning embraced a respected tradition of anonymity in the advocacy of political causes. This tradition is perhaps best exemplified by the secret ballot, the hard-won right to vote one's conscience without fear of retaliation.

Microsoft has an article, Privacy in Internet Explorer 6 that should answer your questions.

Namely, even on the "High" security setting, IE6 will accept 3rd-party cookies that have an "acceptable" P3P policy ("acceptable" is defined). If you'd read that document, it looks like they're implementing this rather well. They've made intelligent exceptions (e.g. "Special Provision for Legacy Opt-Out Cookies"), and they're very clear about IE6's behavior.

Now, I don't particularly like P3P, nor do I like feeling that M$ is shoving it down my throat. Is it the best possible solution? Perhaps not, but what else is there?

An earlier linked article at EPIC complains about how difficult most users find changing their cookie preferences and how confusing privacy is. Their solution? A "tools" page with 62 bloody links on it, to proxies, cookie managers, filters, PGP, SSH, anonymizers - most Windows users would have a heart attack just trying to understand the acronyms. That's supposed to be easier?? This is precisely the problem Microsoft is trying to address.

I hate to be an IE apologist, but IE6 kicks the shit out of Mozilla at cookie-handling. This is classic Microsoft strategy: move into a market space that has no standards and leverage their monopoly to say, "From now on, you're doing it our way." I don't like their monopoly powers, but no one else was even doing a half-assed job at this. What's the leading contender to P3P? There isn't one. You can install the something from EPIC's page (as far beyond the reach of most Windows users as recompiling a kernel), but I bet none of these have even 2% market penetration.

The only reason Microsoft could adopt P3P and take over this privacy space so easily is that the rest of the 'net has done such a piss-poor job of it for the last 10 years.

question: is control controlled by its need to control?
answer: yes

Microsoft has an article, Privacy in Internet Explorer 6 that should answer your questions.

Namely, even on the "High" security setting, IE6 will accept 3rd-party cookies that have an "acceptable" P3P policy ("acceptable" is defined). If you'd read that document, it looks like they're implementing this rather well. They've made intelligent exceptions (e.g. "Special Provision for Legacy Opt-Out Cookies"), and they're very clear about IE6's behavior.

Now, I don't particularly like P3P, nor do I like feeling that M$ is shoving it down my throat. Is it the best possible solution? Perhaps not, but what else is there?

An earlier linked article at EPIC complains about how difficult most users find changing their cookie preferences and how confusing privacy is. Their solution? A "tools" page with 62 bloody links on it, to proxies, cookie managers, filters, PGP, SSH, anonymizers - most Windows users would have a heart attack just trying to understand the acronyms. That's supposed to be easier?? This is precisely the problem Microsoft is trying to address.

I hate to be an IE apologist, but IE6 kicks the shit out of Mozilla at cookie-handling. This is classic Microsoft strategy: move into a market space that has no standards and leverage their monopoly to say, "From now on, you're doing it our way." I don't like their monopoly powers, but no one else was even doing a half-assed job at this. What's the leading contender to P3P? There isn't one. You can install the something from EPIC's page (as far beyond the reach of most Windows users as recompiling a kernel), but I bet none of these have even 2% market penetration.

The only reason Microsoft could adopt P3P and take over this privacy space so easily is that the rest of the 'net has done such a piss-poor job of it for the last 10 years.

question: is control controlled by its need to control?
answer: yes

Rajiv Varma

somebody wrote:
>>Talk about fast moving: 10 years old, and just look at all the pr0n you can snarf. Imagine where we'll be at 20!
and unformed wrote:
>umm...if i remember correctly, porn was a LOT easier to grab when the net was only 6-7 years old....before the Cyber Decency Act kicked in...

umm ... if i remember correctly, the Communications Decency Act was struck down by the US Supreme Court nearly three years ago. Whatchu talkin' bout, Willis?

You may be thinking of the Child Online Protection Act, which is presently being challenged at the Appeals Court level, with a review of the decision overturning it possible. But the COPA has been under injunction by an Appeals judge since 1998.

It can be a little hard to get to porn from certain libraries and other public institutions, and child pornography enforcement has stepped up (even while occasionally stomping on some Constitutional fingers), but in general porn remains as available as ever.

(Are you sure you're reading the real news, and not just Slashdot? I know from the editorial accuracy around here it would be hard to keep up.)

Oh, I see, you meant porn you didn't have to PAY for. Well, no wonder.
----
lake effect weblog

somebody wrote:
>>Talk about fast moving: 10 years old, and just look at all the pr0n you can snarf. Imagine where we'll be at 20!
and unformed wrote:
>umm...if i remember correctly, porn was a LOT easier to grab when the net was only 6-7 years old....before the Cyber Decency Act kicked in...

umm ... if i remember correctly, the Communications Decency Act was struck down by the US Supreme Court nearly three years ago. Whatchu talkin' bout, Willis?

You may be thinking of the Child Online Protection Act, which is presently being challenged at the Appeals Court level, with a review of the decision overturning it possible. But the COPA has been under injunction by an Appeals judge since 1998.

It can be a little hard to get to porn from certain libraries and other public institutions, and child pornography enforcement has stepped up (even while occasionally stomping on some Constitutional fingers), but in general porn remains as available as ever.

(Are you sure you're reading the real news, and not just Slashdot? I know from the editorial accuracy around here it would be hard to keep up.)

Oh, I see, you meant porn you didn't have to PAY for. Well, no wonder.
----
lake effect weblog

somebody wrote:
>>Talk about fast moving: 10 years old, and just look at all the pr0n you can snarf. Imagine where we'll be at 20!
and unformed wrote:
>umm...if i remember correctly, porn was a LOT easier to grab when the net was only 6-7 years old....before the Cyber Decency Act kicked in...

umm ... if i remember correctly, the Communications Decency Act was struck down by the US Supreme Court nearly three years ago. Whatchu talkin' bout, Willis?

You may be thinking of the Child Online Protection Act, which is presently being challenged at the Appeals Court level, with a review of the decision overturning it possible. But the COPA has been under injunction by an Appeals judge since 1998.

It can be a little hard to get to porn from certain libraries and other public institutions, and child pornography enforcement has stepped up (even while occasionally stomping on some Constitutional fingers), but in general porn remains as available as ever.

(Are you sure you're reading the real news, and not just Slashdot? I know from the editorial accuracy around here it would be hard to keep up.)

Oh, I see, you meant porn you didn't have to PAY for. Well, no wonder.
----
lake effect weblog

Nautilus (the phone encryption program, not the Gnome thing) was written in response to EPIC's obtaining those documents via the FOIA.

Nautilus (the phone encryption program, not the Gnome thing) was written in response to EPIC's obtaining those documents via the FOIA.

This was some time ago, so I had to refresh my knowledge base:

good description
Epic's rundown
Computer Security Resource Center version

in their cybercrime division?

*Scene: Budgetary meeting on Capitol Hill*

FBI rep: So, as you can see, numbers of cases solved are up, percentages of convictions are up, crime is down, and fraud is down.

Senate committee: But here there is a 1% decrease in the number of wiretaps

FBI: Yes, but...

Senate committee: But in your annual report you committed to increases of....5%, wasn't it

FBI: But....

Senate committee: No buts, your productivity is clearly down in your cybercrime division. Your request for $2.5 million extra for your cybercrime division this year is denied until you meet your targets.

FBI: But...

Chairman : Shush

FBI: B...

Chairman : I've got a whole bag of "shush's" here all with your name on them. Now go.

*FBI representative exits the room muttering "I hate you"*

Sorry, prior art. Mandatory key escrow cries failed once in the US, and they'll fail again. The day escrow is required is the day I renounce my citizenship.

Also, Bert-Jaap Koops's Crypto Law Survey.

They want to stretch all the RICO laws and all the Property Confiscation laws to the maximum.

Rarely do freedoms ever return. They are only taken away.

As David Banisar (of EPIC) said at the recent Computers, Freedom and Privacy conference, Carnivore is law enforcement's wet dream.

--

AMERICA ONLINE, INC. VS. CYBER PROMOTIONS, INC. C.A. NO. 96-5213
-snip-
The Court declares that Cyber Promotions, Inc. does not have a right under the First Amendment to the United States Constitution or under the Constitutions of Pennsylvania and Virginia to send unsolicited e-mail advertisements over the Internet to members of America Online, Inc. and, as a result, America Online, Inc. may block any attempts by Cyber Promotions, Inc. to do so.
-snip-

Sounds like good legal precedent to me.

"We request copies of all records concerning the Department of Defense's (DoD) communication with N2H2, Inc. or Roper Starch Worldwide, the products 'Bess,' 'Class Clicks,' and the 'Roper Youth Report,' and any similar activities pursued by DoD. This request includes, but is not limited to: minutes of meetings with N2H2 and Roper Starch representatives and others, notes, correspondence, submissions, reports, memoranda, electronic mail, and staff calendars and appointment books."

-E

I don't think corporations mean to strip anyone of anything, but common sense would point out most of the things they are being restrictive to are possibly done in an effort to avoid lawsuits, and this can be seen with earlier actions such as companies blocking certain types of emails floating around.

We still have groups like the A.C.L.U., EPIC, and others who continuously fight to retain what can be seen as questionable issues. These people are often unsung heroes who operate mainly out of the hopes of not becoming somewhat of communist country.

As to whether we're becoming too restrictive if you'd take a quick minute to view this article on strict regulations that were just passed on to the chinese, you would see that no matter how hard you think things are over here, things are much more difficult to live abroad.

It is a strange thing to see politicians playing games especially when we can't fully determine a rightful president without falling into some sort of 'agenda' from some right wing like sector who may have been afraid to fully count votes. Its also annoying to have politicians try to sneak in some shady bills in hopes no one would notice.

Thats life no matter where you go I guess...

Recently I went to Sweden in which I found things more relaxing although their taxes were higher I heard little complaints their and things were much more relaxed and I plan on heading out there within the next 2 years.

A static "Media Unique Key" in a separate, hidden area of the drive, identifies the individual drive. Making use of broadcast encryption and one way key algorithms, would-be hackers face a daunting number of keys to break.

Someone surely will break it sometime, but you have to stop and wonder when they state things like, "hidden area of the drive". Are they going to allow an individual group to validate the ethics of this. Some such as EPIC?

"It requires both drives to be compliant when data is to move from one disk to another," says Lotspiech. "And a compliant application to get all that data to the new drive".

So a hard drive containing small individual containing non-copyable files of say, Gartner reports, will essentially be unrestorable using existing backup programs.

How will this affect legacy systems and businesses who may not have the money to fully convert their systems should they want this technology.

Sounds like this has a long way to go and I'm sure many companies will oppose this.

F.B.I.'s Most Wanted Hacker

• It's not actually an official law until President Clinton signs it.
• The very same day that the president signed COPA into law, the ACLU filed a suit against it (and they've been winning so far).
• CIPA is different from COPA and CDA though, in many ways. One of the main differences is that COPA and CDA were criminal statutes, bound by stricter due-process considerations. CIPA is just an incentive-based "suggestion", similar to the 55mph thing, and so it's not bound by constitutional considerations as much.
• This law has been introduced 9 times over the past two years, all by Republicans.
• The American Library Association strongly opposes such a law.

• A general perception exists that Internet filtering is seriously flawed and in many situations unusable. It is also perceived that schools and libraries don't want filtering. These notions are naive and based largely on problems associated with earlier versions of client-based software that are admittedly crude and ineffective. Though some poor filtering products still exist, filtering has gone through an extensive evolution and is not only good at protecting children but also well-received and in high demand.

I'll just claim that I was trying to get work done, and cite Windows itself as an "illegal circumvention device".

The DMCA is ludicrous; I hope it gets overturned faster than the CDA did...
---
pb Reply or e-mail; don't vaguely moderate.

I don't think the intention was for the government to read messages sent to my girlfriend.

Neither was the intention of the German census for Hitler to be able to find all the Jews. Your comments are incredibly naive. If you've never heard all the arguments and reasons why, then I suggest you do some reading. EPIC and the book 1984 would be a good start. If, on the other hand, you've heard all the arguments and still have a bubbly-eyed adoration and faith in your government, then go be the first on the block to voluntarily install a telescreen in your bedroom, but leave us who really care about privacy alone.

--

6. Normal investigative procedures to decrypt the codes and keys necessary to decipher the "factors" encrypted computer file have been tried and have failed.

You really don't get how this works. Getting a judges signature for searches is easy. It is only the time that it takes to do that search which is a limiting factor. So, the FBI realizing this, has set about to place a piece of FBI hardware in place on-site at *EVERY* isp in America. This piece of hardware does not require a judge's signature to be used because it is controlled directly from the FBI's office. Yes, the FBI is suppose to get a judge's approval, but they don't have to with this setup. That is different from phone taps which intrinsically needs a judges signature (not just suppose to). The FBI cannot get a phone tap to go through without the judge's signature since the phone company won't allow it. The phone company controls it. Now, normally the ISP is suppose to control it. But the FBI has devised this horrific carnivore system. It means the isp does not control it, which means that there is not check in place to insure a judge's signature is received.

Well, sorry about that, I shifted my argument. What I really mean to say (in additon to what I've said) is that there's no slow down, no limiting step with carnivore. The FBI decides it wants info, it gets a judges signature (though I explained above how easy it is for them not to), and then it just pushes a couple of buttons from FBI headquarters and voila the search has taken place and the information has been seized. No limiting step. It's so easy that if you are not scared by this misplacement of power, you are very naive.

I hope someone has brought up that the FBI has already lied about the surveillance powers of Carnivore. The story broke about a week ago.

Carnivore can get a lot more info than the email headers (and content) which the FBI had claimed is the limits of its powers. No, in fact, carnivore can take everything the FBI wants it too. Read about it here:

Carnivore captures and archives 'unfiltered traffic'

New documents shed more light on FBI's "Carnivore"

Carnivore can monitor all internet traffic -- something the FBI had previously denied



the Slashdot article on recent carnivore devleopments

The reason peer to peer sharing technologies are currently doomed is that, if they're successful, there will be considerably more than a sensible number of people on the air.

I've been on Gnutella when half the net went there, and let me tell you, it wasn't pretty. Like most people, I had to hang up or get overwhelmed.

A similar problem has come up in shared VR. If a tenth of the people who signed on to Cybertown showed up at the same time, it would be madness. If the net is a "never-ending worldwide conversation", as Judge Steward Dalzell said, then a conversation of 10 million or 10,000 people, when you can't tune any of them out, is a conversation in Bedlam.

The easy problem is how to filter out the noise. The hard problem is trying to figure out what, to a particular user at a particular time, is signal and what is noise. Area of interest culling is only a partial solution. While I might be interested in erotic photographs of large aquatic mammals today, I'm not exclusively interested in Flipper and his friends. I might be interested tomorrow in the polyphonic motets of Lassus.

An even harder problem is identifying which of a particular set of resources offered that are allegedly within my current areas of interest are of actual interest. I'm not interested at all, for example, in Flipper stills of the Ranger and the stupid kids, and I already have the picture where Flipper stands on his tail. While the file name conventions that have arisen among mp3 file sharers are a step in the right direction (and they picked an easy domain), the conventions are far from universal, and as people have found out, sometimes spoofed and sometimes just ignorantly wrong.

(I'm tempted to say that a central server that acts like a Library of Congress classification system may be needed, and certainly would be a more useful role for a central server than mere file name storing.)

And, of course, this must be accomplished without the overhead that makes Gnutella such a pig. And remember, Gnutella hardly tries to accomplish any of this area of interest culling.

While the developers of Gnutella et al have spent considerable time on networking technology and user interfaces (despite appearances!), they haven't yet taken more than baby steps toward solving the real problem that will make peer-to-peer sink or swim: determining and using areas of interest.

Rev. Bob "Bob" Crispen

Is this a joke? The CDA was struck down as unconstitutional ages ago.

First I'd like to suggest that some big motorola customers get together and visit an attorney and have them write up a contract. This contract will state that, in return for purchasing products from a Motorola dealer, the dealer agrees to hold the customer's demographic information confidential, and forbid it to be shared with any third party - specifically name Motorola, but also say any third party.

If the dealer won't sign, ask them if they carry any of Motorola's competitors' products, and buy those instead. Alternatively, shop around for Motorola dealers willing to sign.

Rememeber, your information is your information, and while there may be no law to protect you, if the dealer signs such a contract, then you have civil law to protect you.

When such a contract has been drafted, put it on a web page and distribute the URL widely so that all Motorola customers may benefit.

Secondly, keep in mind that Motorola is a huge company. They have interests around the globe. Interested in buying a Mac? Print out the ZDNet article and bring it with you to the Apple dealer. Tell them you want to look inside the case of the Mac you're considering purchasing. Tell them you'd be happy to make the purchase if the PowerPC chip was manufactured by IBM, but you won't consider purchasing a Mac containing a Motorola brand PowerPC - the chip was jointly designed by Apple, IBM and Motorola and is actually manufactured by IBM and Motorola (multiply sourced). Second sourcing means you as a consumer have a choice.

Also look around you and think about what products you use that are made by Motorola. Do you do MacOS, BeOS, or QNX development? How about embedded or game consoles? Perhaps then you use Metrowerks Codewarrior for your development system (compiles for Windows too - I vastly prefer it to Visual C++ or Borland). Metrowerks is now a Motorola subsidiary. If so, drop a line to any contacts you may have at Metrowerks, give the URL to the ZDNet article, and ask them to let the folks they know at Motorola that this practice is unacceptible.

Do you actually design embedded hardware? Consider alternatives to Motorola products - again, IBM has some altnernatives - and let your rep at Motorola know that you're not going to be needing his services anymore - and tell him why.

Some links for you:

• The Electronic Privacy Information Center
• The Center for Democracy and Technology
• The Electronic Frontier Foundation
• JunkBusters

I think this would be a good idea but don't know if there's anyone with the resources to undertake the task. If you could make a business out of it, like maybe Enonymous' Privacy Ratings site, then that might work. I'd monitor it if there was such a site. Maybe someone would want to run something like FuckedCompany.Com but concentrate on slippery privacy practices.

I've found that PrivacyDigest and WebVeil do a pretty good job of keeping abreast of the news. Privacy Digest is better because it is more comprehensive, but WebVeil is selective, seeming to focus on privacy for consumers specifically rather than everything that is privacy under the sun. Otherwise, I just pay attention to and filter what the paranoids are saying in alt.privacy or check on the privacy issues section of Yahoo and Wired.

In the specifications for Carnivore 1.2 one of the features listed is:
"Remote control of system from another location [Rest of line blacked out]" from http://www.epic.org/privacy /ca rnivore/evolution.html

Now they could be talking about the user's system, which is really scary, but I read it to be talking about the Carnivore box. Which would seem to suggest a port or two being left open.

-prak

If you want a real organization looking after our privacy, then EPIC is the one to look at.

"The government defendants appeal the grant of summary judgment to the plaintiff, Professor Daniel J. Bernstein ("Bernstein"), enjoining the enforcement of certain Export Administration Regulations ("EAR") that limit Bernstein's ability to distribute encryption software. We find that the EAR regulations (1) operate as a prepublication licensing scheme that burdens scientific expression, (2) vest boundless discretion in government officials, and (3) lack adequate procedural safeguards. Consequently, we hold that the challenged regulations constitute a prior restraint on speech that offends the First Amendment. Although we employ a somewhat narrower rationale than did the district court, its judgment is accordingly affirmed."

Actually, you get to choose how to express yourself. That's settled (in general).

Supreme Court case: Hippie wants to have "Fuck the Draft" on his T-shirt. Argument of the government was that he didn't have to use the first word where little kiddies could read it. Government Loses. Cohen v. California (1971).

Now, this is just my gut feeling, but I think the FBI's concerns over access are just a ruse. The real concern (from a national security standpoint) is more likely that NTT (the buyer, Japan's national telephone monopoly) will use the tapping capabilities built into Verio's networks for gathering of intelligence (economic or otherwise) as an agent of the Japanese gov't or corporations.

-Isaac

Before we all get on the "France is standing up to government intrusion" bandwagon, let's remember that France is well-known for "borrowing" travelling executives' laptops at customs, long enough to copy the entire hard drive. And they have, at least once, completely trashed the hotel rooms of major aerospace executives during the Paris airshow to gather information.

Further, their "invading our citizens' privacy" complaints are ironic in light of their own law requiring private encryption keys to be held by third parties so the government can snoop.

Hell, they took a privacy-killing concept we invented and have repeatedly discarded as a bad idea, and implemented it as law. Fix that before you bitch about us, France.

EPIC has called France's encryption policies "perhaps the most restrictive in the world next to Russia".

They require a license to *IMPORT* crypto, and even DES keys are required to be deposited with the government.

Yeah, big on privacy, those French.

--

Yeah, and encryption is so tightly regulated there that nobody can keep a secret. So, they seem to want to at least be able to listen in.

According to the recent report by EPIC, France is now far more well-disposed towards crypto than they used to be.

As I understand it, the Office participated in an ad network to market its site. If you searched Altavista for "grow pot" , a Doubleclick banner would be served for the Drug Control office Web site and, of course, you'd be cookied (unless you filter). The paranoia is that the cookie potentially represents a personally identifiable piece of information that is understandable disconcerting if you believe the government is using the cookie to surreptitiously track you personally and determine what other sites you are visiting.

But "cookie" does not automatically equal "privacy invasion". I consider it to be a disservice to the education of the Web public for Jason Catlett (Junkbusters.Com), Mark Rotenberg (EPIC, and even Richard Smith (his expose' here) to contribute to this hysteria. I think it makes for good sensationalism to further the advocacy for electronic privacy. The Whitehouse's withering before the criticism is disappointing but understandable considering that any defense would have only powered the conspiracy theory. But in terms of the threat to privacy this represents, I think it only extends the broad and irrational fear of an incredibly useful and pervasive Web technology.

If you think I'm wrong, email me or post here so I can exercise the debate. I consider myself a pragmatic privacy advocate and am willing to listen to logic.

A of course NAL, bit my understanding of this decision is that it was just upholding an injunction. The full trial on all the information hasn't been heard yet, this is just a ruling on a motion about how things will remain during a trial.

Although, my understanding of injunctions was that they were supposed to be quick by their nature and purpose, and not drag on for years. I didn't even know that they could be appealed...

While I've only begun my research, here are a few resources that you -- and others should probably look into.

(It takes me a while to dig and digest info before I reply. I wonder how many people come and go before I can post)

The history of the ACLU challenge to COPA, including the filings, injunctions and hearings.

The Appellee brief (the basis of appeal) in the recently decided case, so you can see the issues that were specifically raised

And of course, no discussion can be complete without COPA itself

A of course NAL, bit my understanding of this decision is that it was just upholding an injunction. The full trial on all the information hasn't been heard yet, this is just a ruling on a motion about how things will remain during a trial.

Although, my understanding of injunctions was that they were supposed to be quick by their nature and purpose, and not drag on for years. I didn't even know that they could be appealed...

While I've only begun my research, here are a few resources that you -- and others should probably look into.

(It takes me a while to dig and digest info before I reply. I wonder how many people come and go before I can post)

The history of the ACLU challenge to COPA, including the filings, injunctions and hearings.

The Appellee brief (the basis of appeal) in the recently decided case, so you can see the issues that were specifically raised

And of course, no discussion can be complete without COPA itself

By the way, it's not actually a criticism of the system itself (its implementation), but of whether or not it fufills its goal (which they think it doesn't).

http://www.epic.org/reports/pretty poorprivacy.html

(Its currently missing in the article.)

The actual report is at http://www.epic.org/reports/pret typoorprivacy.html.

FTC Calls for Privacy Legislation to Protect Internet Users. On May 22, the Federal Trade Commission (FTC) released a report (PDF) on the results of its latest survey of website privacy policies. The survey documented that only 20% of a random sample of websites addressed basic elements of Fair Information Practices. Based on the findings of the survey, a majority of the FTC Commissioners have recommended that legislation is needed. On Thursday, the FTC will formally present its findings and recommendations in front of the Senate Commerce Committee. EPIC's latest survey, "Surfer Beware 3: Privacy Policies without Privacy Protection", also found that self-regulation provided an inadequate level of online privacy protection.

I just hope the EU doesn't fall for the same bait as did TrustE. Self-regulation isn't.

Sreeram.
----------------------------------
Observation is the essence of art.

FTC Calls for Privacy Legislation to Protect Internet Users. On May 22, the Federal Trade Commission (FTC) released a report (PDF) on the results of its latest survey of website privacy policies. The survey documented that only 20% of a random sample of websites addressed basic elements of Fair Information Practices. Based on the findings of the survey, a majority of the FTC Commissioners have recommended that legislation is needed. On Thursday, the FTC will formally present its findings and recommendations in front of the Senate Commerce Committee. EPIC's latest survey, "Surfer Beware 3: Privacy Policies without Privacy Protection", also found that self-regulation provided an inadequate level of online privacy protection.

I just hope the EU doesn't fall for the same bait as did TrustE. Self-regulation isn't.

Sreeram.
----------------------------------
Observation is the essence of art.

Anonymity must not be equated with privacy. As citizens, we have a right to privacy. We have no such right to anonymity.

I simply can not believe that depths to which some people will lie. Perhaps Seagrams is just ignorant of this, but as a US Citizen you do have a right to be anonymous. To speak anonymously, to buy things anonymously and yes, to even walk around, all day if you want, with a ski mask on to remain anonymous. You do have a right to anonymity. My guess is that Seagrams is saying this as part of a larger straw man argument to equate anonymity with criminal activity and hence to be able to dismiss it out of hand. Whatever the case, Edgar Bronfman, Jr., is totally and completely wrong. However, its this kind of thinking that is not only incorrect but its dangerous for us as citizens to dismiss his argument out of hand. Alot of people think this way, and alot of those people, like Mr. Bronfman, have tremendous power to change the laws so that anonymity can be restricted and to try and take that right away.

Here are some references to back my assertions on anonymity:

McIntyre v. Ohio
Flood Control on the Information Ocean: Living With Anonymity, Digital Cash, and Distributed Databases
Talley v. California
--
Python