MP3 News from Wired News - Kazaa Lite: No Spyware Aftertaste.

Kazaa, the most recent darling of the file-trading world, angered its users with spyware. Not for long though. A new application gets around that program, which ironically enough, has Kazaa crying foul.

CFP 2002.

Workshop on Privacy Enhancing Technologies.

Privacy and anonymity are increasingly important in the online world. Corporations and governments are starting to realize their power to track users and their behavior, and restrict the ability to publish or retrieve documents. Approaches to protecting individuals, groups, and even companies and governments from such profiling and censorship have included decentralization, encryption, and distributed trust.

Building on the success of the first anonymity and unobservability workshop (LNCS 2009, held in Berkeley in July 2000), PET2002 addresses the design and realization of such anonymity and anti-censorship services for the Internet and other communication networks. We are holding this workshop adjacent to the Twelfth Conference on Computers, Freedom, and Privacy (CFP2002) because the two are complementary, but we are not affiliated with that conference.

Privacy News from Wired News - Carnivore's New Leash on Life?

MattersIliev's system relies on technology, not Congress or federal judges, to keep Carnivore on a very short leash.

Much of the public outcry over Carnivore and similar eavesdropping methods arises because they take a vacuum-cleaner approach, sucking in all the data flowing through a network and then storing only the desired information. But if the snooperware is buggy or if police agencies go beyond what a court order allows, the system will snare far more traffic than it is authorized to retain.

Iliev's proposal, titled "Prototyping an Armored Data Vault" (PDF) and presented at the Privacy Enhancing Technologies workshop this week, says "a design goal is to store packets securely, so that they may be accessed only through the security mechanism imposed by the vault."

Here's how it works: An Internet service provider, university or corporation could choose to record all activities of people using the network. The data would be encrypted, with the only key able to unlock the information kept by the vault.

An FBI agent who wanted to access the information would obtain a search order that was digitally signed by a judge. The vault would recognize that signature and divulge only the information specified by the court. There would be no chance -- assuming the vault was programmed properly -- for a fishing expedition.

CNET NEWS.COM - PC invaders camp out in hard drives. "Spyware" programs infiltrate millions of hard drives every month--and get there with your express consent.

[ ... ]

Every month, millions of people agree to terms-of-service and privacy contracts they haven't read--and probably wouldn't understand if they tried--to download software without paying for it. Many are later disturbed to find their computers coopted by little-known companies to distribute advertisements, monitor online behavior, or help solve complicated computing problems.

Terms of service have long been a source of controversy, especially when they involve consumer privacy. But the issue was raised to alarming levels this month when consumers using the Kazaa program learned that they had unwittingly agreed to install software that could help turn their computers into nodes for a peer-to-peer network controlled by another company.

GigaLaw.com: Facts About Privacy and Cyberspace. By the American Bar Association

Privacy may be one of the most talked-about but least-understood legal issues on the Internet. Despite the attention, relatively few laws exist to protect privacy online, so it's important to be educated about the legal and business issues relating to privacy. These questions and answers provide a broad discussion of privacy issues in cyberspace.

This article was originally published on GigaLaw.com in August 2000

Newsbytes - More States Loosening Wiretap Restrictions - ....

Proposed changes to state wiretap laws triggered by the terrorist attacks on Sept. 11 would give states added surveillance power that could erode civil liberties, said a review of state-level legislation released today.

The review, conducted by a Washington-based non-profit that tracks legal and constitutional issues, examined how states approve and implement wiretaps. The Constitution Project seeks to determine whether laws compromise individual liberties.

ZDNet: AnchorDesk Radio: Wednesday, April 17.

Today's show is broadcast live from the Computers, Freedom, and Privacy conference in San Francisco. Guests include: Peter Swire, visiting professor of law at George Washington University; Deirdre Mulligan of UC-Berkeley's Boalt Law School; Ann Cavoukian, information and privacy commissioner for Ontario, Canada; and Kim Alexander of the California Voter Foundation...LISTEN NOW.

Requires either RealAudio or Windows Media Player.

Newsbytes - Long-Awaited Internet Privacy Bill Debuts On Thursday.

A key U.S. senator will introduce a controversial bill on Thursday that could give consumers greater control over how their personal information is used by online companies.

Senate Commerce Committee Chairman Ernest "Fritz" Hollings, D-S.C., will offer legislation that would require Internet businesses to obtain consumers' consent before collecting or sharing their "sensitive" personal information - such as financial or medical data, or religious or political affiliation - with third parties.

The bill would require businesses to provide consumers with a way to access their information, and to correct any inaccuracies in the data held about them.

The measure also would hold Internet companies accountable for protecting the confidentiality of such information, and would grant consumers a private right of action against those that fail to provide adequate access or security.

Privacy advocates generally support the bill and believe it would help boost consumer confidence in e-commerce.

Ari Schwartz, a policy analyst for the Center for Democracy and Technology, said the legislation contains several important compromises that were not included in earlier drafts of the measure.

For example, the majority of the restrictions in the bill are designed to safeguard sensitive consumer information, leaving companies free to share less-sensitive commercial data with third-party marketers unless the consumer affirmatively "opts out" of that arrangement.

The legislation also would preempt state privacy laws that govern the collection of sensitive data online - a key issue for e-commerce companies worried about the prospect of complying with 50 different online privacy laws.

"We think it's a good step toward coming up with something that is useful and can be put in place," Schwartz said. "We believe it's the kind of compromise that was necessary to move this package forward."

New York Times - free registration required Reaction to a Controversial Decision Is Passionate.

Reaction to the Supreme Court's decision to strike down a law prohibiting "virtual" child pornography was swift and passionate.

Representative Mark Foley, a Republican of Florida who is co-chairman of the Congressional Missing and Exploited Children's Caucus, said the Supreme Court had "sided with pedophiles over children."

Conversely, Eric M. Freedman, a law professor at Hofstra University, said, "The First Amendment had a very good day at the Supreme Court today."

The law that the Supreme Court struck down imposed heavy penalties on those who made or possessed images that merely looked like child pornography, including pictures of adults purporting to be minors and images created by computers that are virtually indistinguishable from real children.

SAP INFO - Internationally Endorsed Privacy Recommendation.

The World Wide Web Consortium (W3C) has endorsed a new standard for privacy online by issuing an official recommendation for the Platform for Privacy Preferences (P3P) 1.0.

BW Online | October 8, 2001 | Databases and Security vs. Privacy. National ID cards? The government doesn't need them. The real likelihood -- and potentially as dangerous -- is more use of existing info

The debate about whether or not the U.S should or would adopt a national identification-card system has emerged with a jolting intensity. Jolting because even through world wars and a cold war, in which the U.S. feared an enemy within the country as much as the armies outside, Americans resisted the creation of a national ID that they would carry to prove their citizenship (see BW Online, 10/4/01, "Don't Make Privacy the Next Victim of Terror"). Now, however, public surveys, congressional speeches, and remarks by high-profile CEOs are bringing the issue to the forefront, causing everyone to consider whether America is ready to adopt a card ID system -- like those widely used in other countries -- at the expense of our privacy.

The problem is, the debate over trading security provided by card IDs for a lower standard of privacy focuses on the wrong issue. The federal government and law enforcement don't need national ID cards. Indeed, the Bush Administration stated publicly last month that it had no intention of pushing for cards. Instead, law-enforcement and intelligence agencies can achieve many of the same goals of an ID card by increasing the collection and sharing of data among federal and state agencies, banks, transportation authorities, and credit-card companies.

People concerned about balancing privacy and security need to focus on this point and not get caught up in the red herring debate around the ID cards themselves.

[ ... ]

After September 11, it's only natural that the nation would search for ways to increase its security. But law enforcement has overstepped the boundaries of acceptable surveillance of Americans in the past. Widespread wiretapping of civil-rights leaders, including Martin Luther King, as well as Vietnam war dissidents including Jane Fonda and John Lennon during the 1960s and early 1970s led to stricter controls over the kind of information intelligence agencies could gather and the type of broad investigations they could conduct.

Fot those of you to young to remember. The program they are talking about that existed in the 1960's and 70's is COINTELPRO.

New York Times - free registration required Excerpts From Court's Opinions in Ruling on the Child Pornography Prevention Act. Following are excerpts from opinions in the Supreme Court's ruling today in Ashcroft v. Free Speech Coalition, which overturned provisions of the Child Pornography Prevention Act of 1996:

We consider in this case whether the Child Pornography Prevention Act of 1996 abridges the freedom of speech. The C.P.P.A. extends the federal prohibition against child pornography to sexually explicit images that appear to depict minors but were produced without using any real children. The statute prohibits, in specific circumstances, possessing or distributing these images, which may be created by using adults who look like minors or by using computer imaging. The new technology, according to Congress, makes it possible to create realistic images of children who do not exist.

By prohibiting child pornography that does not depict an actual child, the statute goes beyond New York v. Ferber (1982), which distinguished child pornography from other sexually explicit speech because of the state's interest in protecting the children exploited by the production process. As a general rule, pornography can be banned only if obscene, but under Ferber, pornography showing minors can be proscribed whether or not the images are obscene under the definition set forth in Miller v. California (1973). ... Like the law in Ferber, the C.P.P.A. seeks to reach beyond obscenity, and it makes no attempt to conform to the Miller standard. For instance, the statute would reach visual depictions such as movies, even if they have redeeming social value.

The principal question to be resolved then is whether the C.P.P.A. is constitutional where it proscribes a significant universe of speech that is neither obscene under Miller nor child pornography under Ferber.

New York Times - free registration required Civil Rights Group to Sue Over U.S. Handling of Muslim Men.

In a new challenge to the Bush administration's prolonged detention of hundreds of Muslim men after Sept. 11, a civil rights group says it will ask a federal court to declare the government's treatment of the men biased and unconstitutional.

A class-action lawsuit prepared by the group, the Center for Constitutional Rights, accused the government of arbitrarily holding Muslim detainees in prison for months on minor immigration violations, with no hearings to determine whether the government had probable cause to hold them.

They have also been subjected to excessively harsh treatment in jails in New Jersey and Brooklyn, the complaint said, and in some cases could not practice their religion, contact their families or seek the help of their consular officials.

The lawsuit will be filed today in United States District Court in Brooklyn, said Barbara J. Olshansky, a lawyer for the center.

"We want the world to know that we are treating students, tourists, people here for short period of time, as criminals," Ms. Olshansky said. "We're putting them into arbitrary detention, just like the worst totalitarian regimes we cry out all the time about in this country."