EFFector Vol. 11, No. 12 Sep. 16, 1998 [email protected] A Publication of the Electronic Frontier Foundation ISSN 1062-9424 IN THE 140th ISSUE OF EFFECTOR: * ALERT: House Hearing on CDA II: Contact Legislators ASAP! + ACTION + MESSAGES + COMMITTEE CONTACT INFO + SUMMARY * ALERT: Letters to Senators on database and WIPO bills needed now + ACTION + MESSAGES + SENATOR CONTACT INFO + SUMMARY * Minor Changes to US Crypto Policy Miss the Real Issue: Privacy * Other Headlines at http://www.eff.org * Administrivia See http://www.eff.org for more information on EFF activities & alerts! _________________________________________________________________ ALERT: House Hearing on CDA II: Contact Legislators ASAP! Electronic Frontier Foundation Alert, Sept. 16, 1998 (partially expires Sept. 17, 1998; please do not redistribute after Oct. 1, 1998; check Web site for update.) (This is an unfortunately short-notice alert; sometimes Congress acts rapidly and with little warning.) ACTION: Please IMMEDIATELY call and fax the House Commerce Committee (contact info below), and urge the members of the Telecommunications Subcommittee to REJECT the Internet censorship bill known as the "Child Online Protection Act" (a.k.a. "CDA II"), H.R. 3783. Next visit the alert page of the Blue Ribbon Campaign for Online Free Speech: http://www.eff.org/br and follow the instructions to contact your own legislators to oppose this and related legislation (you can send your legislators a free fax via the Web!) ___________________________________ MESSAGES: When contacting the Committee, if you wish to elaborate on why the Subcommittee should reject this bill, here are some basic talking points: 1. This legislation contains most of the unconstitutional flaws of the original CDA. 2. Though the sponsors of this bill claim it is intended to address only commercial pornographers intentionally targeting minors, the actual language of the bill is vague and overbroad, and will sweep in much more than explicit for-profit visual materials. The bill will censor a wide variety of legitimate, protected expression, for adults as well as children. 3. Congress's own posting of the Starr report would likely violate H.R. 3783. 4. It is the responsibility (and right) of parents, not the federal government, to decide what is or is not appropriate for minors to have access to, and to supervise minors. In the classroom, this is a local, not federal, issue. 5. What is appropriate for a 5-year-old is not the same thing as what is appropriate for a 16-year-old, and this bill fails to take account of this basic fact. 6. Intentionally providing a minor with "harmful matter", online or offline, is already illegal under general obscenity and harmful-to-minor statutes. Congress cannot expand this to a ban on all online publication (which the bill amounts to; the Supreme Court has already found that the kind of age verification this bill, like the CDA, calls for is impractical. Feel free to use your own wording of course. The last point can be skipped when contacting the Committee by voice phone, since it is long and rather technical. Other points can be shortened for voice calls, e.g., "The bill will censor a lot more than the commercial pornographers it aims at," for point 2. ___________________________________ COMMITTEE CONTACT INFO: The House Commerce Committee * Phone: +1-202-225-2927 (say you are calling about markup in the Telecommunications Subcommittee) * Fax: +1-202-225-1919 (attn: Telecommunications Subcommittee) * E-mail: [email protected] (you may wish to also e-mail your comments, attn: Telecommunications Subcommittee, for good measure.) There is insufficient time to contact individual legislators' offices. The markup is likely to be completed by early afternoon at the latest. More information on contacting Congress is available at: http://www.eff.org/congress/ ___________________________________ SUMMARY: The Subcommittee on Telecommunications, Trade, and Consumer Protection of the House Commerce Committee will meet tomorrow morning (Thu., Sep. 17, 1998) to examine legislation intended to establish restrictions on online publication of content deemed "harmful to minors" on the Net. The untitled bill, which many refer to as "CDA II", would block many adults from receiving or posting a wide variety of legitimate material online that falls under vague harm criteria and includes many of the same constitutional defects as the original Communications Decency Act (CDA). In the name of protecting young users of the Internet, CDA II is intended to enact a wide-ranging ban on Web posting of material deemed "harmful to minors." The bill number is H.R. 3783, and it is a companion bill to the Senate's S. 1482, passed as an amendment to an appropriations bill that cleared the Senate over the summer. H.R. 3783 was introduced by Rep. Michael Oxley (R-OH-5). _________________________________________________________________ ALERT: Letters to Senators on database and WIPO bills needed now Copyright clashes likely to define final weeks of 105th Congress Electronic Frontier Foundation Alert, Sept. 16, 1998 (expires Sept. 28, 1998). (This is a modified version of a Digital Future Coalition alert; the full text, with background information and a sample letter to Senators, is available at: http://www.eff.org/Alerts/19980916_dfc_alert.html EFF is a member of the Digital Future Coalition.) ACTION: Please write or call your Senators this week to urge: (1) no Senate action on controversial database protection legislation; and (2) strong support for including the House's version of fair use protection in any final version of WIPO copyright treaty legislation. Please write to both of your Senators this week in support of preserving the critical balance between protecting information and affording reasonable access to it as key Committees struggle with two intellectual property bills: the "Collections of Information Antipiracy Act" (H.R. 2652/S. 2291, and Title V of H.R. 2281) and the "Digital Millennium Copyright Act" (H.R. 2281/S. 2037). If you are uncertain who your Senators are, you can look them up by entering your ZIP code into the Senator search form at: http://congress.nw.dc.us/cgi-bin/alertpr.pl?dir=dfc&alert;=dfc1 ___________________________________ MESSAGES: Please ask both of your Senators to write, and speak personally, to Judiciary Committee Chairman Orrin Hatch (R-UT) and Ranking Member Patrick Leahy (D-VT), contact info below, requesting that they: 1. DEFER Senate action until the next Congress on any special interest database protection legislation, including the "Collections of Information Antipiracy Act" (S. 2291/H.R. 2652), AND that they remove this controversial legislation from the "Digital Millennium Copyright Act" (H.R. 2281) with which it was merged by the House early last month; AND 2. NOT ACCEPT any version of fair use protection weaker than that adopted in the House version of H.R. 2281 when the House and Senate meet to reconcile their different versions of the "Digital Millennium Copyright Act" in the next few weeks. SPECIAL NOTE: Because of their leadership roles, it's especially important that (using the contact info provided below): * UTAH and VERMONT residents write directly to Mr. Hatch and Mr. Leahy; and * MISSISSIPPI and OKLAHOMA residents contact Senate Majority Leader Trent Lott (R-MS) and Deputy Leader Don Nickels (R-OK); and * ARIZONA and SOUTH CAROLINA residents reach Sens. John McCain (R-AZ) and Ernest Hollings (D-SC). ___________________________________ SENATOR CONTACT INFO: Postal letters may be addressed to your Senator like so: Hon. [full name here] United States Senate Washington, DC 20510 Phone and fax information for the legislators mentioned above: Party Name Phone Fax State ---------------------------------------------------------------- R UT Hatch, Orrin G. 1-202-224-5251 1-202-224-6331 D VT Leahy, Patrick J. 1-202-224-4242 1-202-224-3595 R MS Lott, Trent 1-202-224-6253 1-202-224-2262 R OK Nickles, Don 1-202-224-5754 1-202-224-6008 R AZ John McCain 1-202-224-2235 1-202-228-2862 D SC Ernest Hollings 1-202-224-6121 1-202-224-4293 More information on contacting Congress is available at: http://www.eff.org/congress/ ___________________________________ SUMMARY: With the passage of WIPO treaty implementing legislation (the "Digital Millennium Copyright Act", H.R. 2281 and S. 2037), Congress is moving to resolve differences between the House and Senate-passed versions in conference committee. A serious problem remains with the legislation. The dreadful "Collections of Information Antipiracy Act" (H.R. 2652 and S. 2291, better known as the database protection bill), was amended into the House WIPO bill (H.R. 2281) as Title V of that bill, in somewhat moderated form. H.R. 2652/Title V is extremely problematic and has not been passed by the Senate. With its inclusion in the House WIPO bill, H.R. 2652/Title V will now be considered in conference (without having to pass the Senate separately) unless the Senate conferees strip it from the House WIPO bill they will be merging with the "clean" Senate WIPO bill. The House and Senate hope to finalize the legislation within the next two weeks, thus the request for immediate action. _________________________________________________________________ Minor Changes to US Crypto Policy Miss the Real Issue: Privacy Inadequate White House Crypto Policy Changes (Sep. 16, 1998) A new change to US Administration encryption export policy appeases some particular industry segments, but completely fails to address the heart of the encryption export debate - individual privacy rights - and continues to sacrifice privacy and security for law enforcement and intelligence agency convenience. The new minor improvement to the policy, announced Sep. 16, 1998 in a White House press release, would allow US companies in certain countries to use strong encryption to protect trade secrets, and would add US-based insurance and medical corporations to the industry segments allowed to export and use strong encryption overseas for internal security use, in most countries. On the negative side, the new policy implies that only such institutions are "legitimate" users of strong encryption, and further advances law enforcement's demanded "key recovery" scheme by making it easier for key recovery-weakened encryption systems to receive more generalized export approval. (Key recovery, also known as "key escrow" or "trusted third party" systems, are encryption systems in which the government, or a party trusted by government, has access to the plaintext of all users' encrypted messages - analogous to all individual's house keys being "escrowed" with local police, "just in case" they ever want to search your home.) Despite the Administration's claim that the new policy "meets the full range of national interests: promotes electronic commerce, supports law enforcement and national security and protects privacy," EFF believes that these minor reforms do nothing at all to address the core issue of end-user privacy. Moreover, in encouraging key recovery it actually undermines privacy and computer security, at a time when major improvements in both areas are desperately needed. Though the changes would ease the burden on handful of industry concerns, the general policy continues to harm US competitiveness in the software industry, since foreign competitors are under no such market restrictions and can supply the demand for strong encryption in ways their US counterparts cannot. The new policy fails to address any of the issues raised by two EFF projects. Beginning in 1995, we have supported a series of (ongoing) lawsuits, including Bernstein v. Dept. of Justice, challenging the constitutionality of the entire crypto export regime. In 1998, our DES Cracker Project proved that the US government's Data Encryption Standard (DES) is woefully insecure, yet this is the level of encryption encouraged and allowed for general export and use by even the revised regulations. Additional problems with the new regulatory policy: * The new regulations still lack due process and provide the Administration with full discretion to suppress free expression in cryptography without judicial involvement; * they unconstitutionally require a "one-time review" by the government of almost any publication or private transaction in encryption software; and, * the real details of this latest development remain secret - the Administration has only released a vague statement, not actual regulations. The devil, as always, is in the details. For more information on this controversy see: * White House encryption policy update press release (full text) http://www.eff.org/pub/Privacy/ITAR_export/1998_export_policy/HTML/19980916_admin_statement.html * New York Times article http://www.nytimes.com/library/tech/98/09/cyber/articles/16encrypt.html * Wired News article http://www.wired.com/news/news/politics/story/15037.html * EFF Encryption Export Policy Archive http://www.eff.org/pub/Privacy/ITAR_export/ * EFF Key Escrow/Key Recovery Policy Archive http://www.eff.org/pub/Privacy/Key_escrow/ _________________________________________________________________ Other Headlines at http://www.eff.org Visit our web site to see what else is hot in online civil liberties. * "Cryptography is not a weapon": ACLU, EFF, and EPIC join an international call to remove controls on cryptography under the Wassenaar Arrangement (Sept. 15, 1998) http://www.eff.org/pub/Privacy/Foreign_and_local/Multinational/HTML/19980915_gilc_wassenaar_statement.html * EFF and other members of Internet Free Expression Alliance testify against Net censorship bills in Congress (Sep. 11, 1998) http://www.ifea.net/joint_statement_9_98.html * EFF opposes vague & overbroad California anti-spam bill (Sep. 9, 1998) http://www.eff.org/pub/Social_responsibility/Spamming_and_net_abuse/Foreign_and_local/CA/HTML/19980909_eff_ab1629_letter.html * Fed. court holds that online materials cannot be censored until ruled illegal (Aug. 17, 1998) http://www.eff.org/pub/Legal/Cases/Sheehan_v_Experian/HTML/19980817_dwyer_order.html * "Your papers please..." - EFF comments on US Dept. of Transportation's troubling national ID proposal (Aug. 7, 1998) http://www.eff.org/pub/Privacy/ID_SSN_fingerprinting/HTML/19980807_eff_dot_comments.html * EFF criticizes House passage of anti-fair-use online copyright & database protection legislation (Aug. 5, 1998; Inter@ctive Week article) http://www.zdnet.com/intweek/daily/980805b.html * EFF letter to legislators opposing misguided anti-spam bill HR 3888 (July 29, 1998) http://www.eff.org/pub/Social_responsibility/Spamming_and_net_abuse/HTML/19980729_eff_hr3888_letter.html * EFF re-launches Blue Ribbon Campaign to combat censorship of the Internet - Four online new media groups join the Campaign by exhibiting the Blue Ribbon on their Web sites (June 15, 1998) http://www.eff.org/blueribbon/relaunch_br_pr_061598.html * More headlines & information http://www.eff.org/more.html _________________________________________________________________ Administrivia EFFector is published by: The Electronic Frontier Foundation 1550 Bryant St., Suite 725 San Francisco CA 94103 USA +1 415 436 9333 (voice) +1 415 436 9993 (fax) Editor: Stanton McCandlish, Program Director/Webmaster ([email protected]) Membership & donations: [email protected] Legal services: [email protected] General EFF, legal, policy or online resources queries: [email protected] Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements may be reproduced individually at will. To subscribe to EFFector via email, send message body of: subscribe effector-online to [email protected], which will add you to a subscription list for EFFector. To unsubscribe, send a similar message body, like so: unsubscribe effector-online Please tell [email protected] to manually remove you from the list if this does not work for some reason. Back issues are available at: http://www.eff.org/pub/EFF/Newsletters/EFFector To get the latest issue, send any message to [email protected] (or [email protected]), and it will be mailed to you automagically. You can also get: http://www.eff.org/pub/EFF/Newsletters/EFFector/current.html