Patricia J. Paoletta is a partner at Wiley Rein & Fielding, a law firm that specializes in high-tech privacy cases. Ms. Paoletta has served as a senior legal advisor to the FCC. She says the privacy policy debate shifted after September 11 and is about to shift again.

[ ... ]

There have been two bodies of privacy concerns: one against government intrusion and one against online marketers using our personal information for commercial ends. After September 11, there was a big pull for the government to get more access to private information and data to protect us from terrorists. I think in the next Congressional session, you will see a return to the focus on consumer protection against online marketers. Risks have been accruing for corporations that misuse information.

Slashdot | Sun Includes Microsoft-Like Automatic Updates Clause.

Neill_Smith writes "Following on from Microsoft forcing automatic updates on their users if they want to stay secure, Sun seems to be trying to be trying something similar. They have given themselves permission to 'automatically download, install, and execute applets, applications, software extensions, and updated versions' in the license agreement (hit download) for the JDK on linux (and possibly other platforms)."

RAND report - You've Got Dissent! Chinese Dissident Use of he Internet and Beijing's Counter-Strategies. by Michael S. Chase, James C. Mulvenon $20.00, (paperback, 130 pp.)     ISBN: 0-8330-3179-1     MR-1543, © 2002 All materials are available as free, downloadable PDF files. You will need Adobe Acrobat Reader to view them

RAND News Release: August 26, 2002 - Rand Report Says Internet Unlikely To Spark Major Political Change In China In Near Future.

The report, which is one of the most thorough analyses ever of Internet use by Chinese dissidents and China's response, found that the government's crackdown on dissidents is succeeding in cyberspace. As a result, while the Internet may ultimately support change, this will more probably occur in an evolutionary manner.

Titled You've Got Dissent, the report was produced by two RAND centers: The International Security and Defense Policy Center and the Center for Asia Pacific Policy. Michael Chase and James Mulvenon, both RAND analysts, authored the report.

The Chinese government has successfully stifled the spread of Internet-based dissent primarily by employing old "Leninist techniques," according to the RAND report. These techniques include strict government regulations, surveillance, arrests, confiscation of equipment, and the use of informants. At least 25 people have been arrested in the past two years because of their on-line activities, according to the RAND report.

There also is evidence that the Chinese government is using the Internet for its own political purposes, spreading criticism of dissidents electronically and bombarding dissidents' e-mail addresses with thousands of bogus messages.

Political News from Wired News - China Dissidents Thwarted on Net.

Chinese dissidents are doing their best to use the Internet to bring democratic change to their society, but government crackdowns and the nation's rural demographics mean that more freedoms are unlikely to come soon, says a private study.

Released by RAND, the report, "You've Got Dissent," said that while dissidents use the Internet for liberation, the Chinese government uses the same tools to keep an eye on activists.

"There was a lot of very loose talk about how the Internet was going to bring down all the authoritarian regimes," said James Mulvenon, one of the authors of the report released this week. However, he said, "the Chinese government has proven surprisingly nimble over the past five or six years in surpassing the technological challenges the dissidents have presented them."

CNET NEWS.COM By Declan McCullagh - Will Canada's ISPs become spies?

The Canadian government is considering a proposal that would force Internet providers to rewire their networks for easy surveillance by police and spy agencies.

A discussion draft released Sunday also contemplates creating a national database of every Canadian with an Internet account, a plan that could sharply curtail the right to be anonymous online.

The Canadian government, including the Department of Justice and Industry Canada, wrote the 21-page blueprint as a near-final step in a process that seeks to give law enforcement agents more authority to conduct electronic surveillance. A proposed law based on the discussion draft is expected to be introduced in Parliament late this year or in early 2003.

Arguing that more and more communications take place in electronic form, Canadian officials say such laws are necessary to fight terrorism and combat even run-of-the-mill crimes. They also claim that by enacting these proposals, Canada will be following its obligations under the Council of Europe's cybercrime treaty, which the country is in the process of considering.

If the discussion draft were to become law, it would outlaw the possession of computer viruses, authorize police to order Internet providers to retain logs of all Web browsing for up to six months, and permit police to obtain a search warrant allowing them to find "hidden electronic and digital devices" that a suspect might be concealing. In most circumstances, a court order would be required for government agents to conduct Internet monitoring.

Canada and the United States are nonvoting members of the Council of Europe, and representatives from both countries' police agencies have endorsed the controversial cybercrime treaty, which has drawn protests from human rights activists and civil liberties groups. Of nearly 50 participating nations, only Albania has formally adopted, or ratified, the treaty.

Michael Geist, a professor at the University of Ottawa who specializes in e-commerce law, says that the justification for adopting such sweeping changes to Canadian law seems weak.

"It seems to me that the main justification they've given for all the changes is that we want to ratify the cybercrime treaty and we need to make changes," Geist said. "To me that's not a particularly convincing argument. If there are new powers needed for law enforcement authority, make that case."

Geist added that "there's nothing in the document that indicates (new powers) are needed. I don't know that there have been a significant number of cases where police have run into problems."

Slashdot | Your Rights Online - Canadian ISPs Could Take On Big Brother Role. QGambit writes: "C|Net is reporting that the Canadian Government is considering a proposal that would force ISPs to keep logs of web browsing for up to 6 months, allow police to get search warrants allowing them to find 'hidden electronic and digital devices' and ban the possession of computer viruses. Canada and the U.S. have both endorsed this proposal, contained in a cybercrime treaty of the Council of Europe. Both countries are non-voting members of the Council. George Radwanski, Canada's privacy commissioner has not yet commented on the proposal."

The text of the proposal is here (PDF)

Slashdot | "Ask Slashdot" - Is Win2k + SP3 HIPAA Compliant?

Chris asks: "Our company deals with medical records in a peripheral sort of way (as they pertain to student loans), and due to new laws we are required to be HIPAA compliant by April. After reading the discussion on here about the new EULA for Win2k SP3, I had a disturbing thought. As far as I can tell, if you use Windows 2000 then you're going to be out of compliance whatever you do. If you install the patch, then theoretically Microsoft could access those medical records (possibly by accident) without 'due cause or need' in the process of updating your machine. If you don't patch your system then you'll fail the security requirements of the law." --- If  Win2k with SP3 is not HIPAA compliant (and I stress the if  because no one has made a statement either way, yet) what can non-compliant Medical IT departments do?