EFFector Vol. 17, No. 1 January 20, 2004
A Publication of the Electronic Frontier Foundation ISSN 1062-9424
In the 276th Issue of EFFector:
- EFF Action Alert: Airlines and Government Violate Your Privacy Again: Call for Hearings Now!
- Update on CAPPS II: What's Next?
- Guest Op-ed: "Your Finances, Your Liberties"
- Nominate a Pioneer for EFF's 2004 Pioneer Awards!
- Deep Links (11): SCO Sues Novell for Slander
- EFF Court Docket: 02.03.04 - MGM v. Grokster; 02.09.04 - OPG v. Diebold
- Staff Calendar: 01.22.04 - Fred von Lohmann speaks at "Washington in the West" Conference, Long Beach, CA.; 01.25.04 - Gwen Hinze speaks on file-sharing, Berkeley, CA.; 01.26.04 - Lee Tien speaks on privacy, Battle Creek, MI
Airlines and Government Violate Your Privacy Again
Call for Hearings Now!
Only four months ago, the news broke that JetBlue secretly handed over personal data on millions of air travelers to a government contractor. Now, Northwest Airlines has admitted to doing the very same thing, violating the privacy of more than ten million people by secretly providing NASA with passenger records that include names, addresses, itineraries, credit card information and more. But the bad news doesn't stop there: last week, the Transportation Security Administration (TSA) announced plans for "live testing" and implementation of CAPPS II, a passenger-profiling system that would make privacy violations of this kind routine for air travel. To top it off, TSA has threatened to issue a government "security directive" forcing the airlines to use their passengers as guinea pigs for the system.
Enough is enough. Congress must halt all current CAPPS II testing and hold public hearings to find out who is providing American travelers' personal data to the government and exactly what the information is being used for. Send this letter and urge Congress to get the answers now!
- Make your voice heard with the EFF Action Center
- Join EFF Today
- Washington Post story on Northwest and NASA (Registration unfortunately required.)
- EPIC press release and FOIA documents
- Discussion of Northwest Scandal and EU at Edward Hasbrouck's weblog,"The Practical Nomad"
- EFF's CAPPS II backgrounder
Update on CAPPS II: What's Next?
As noted in the Action Alert above, the Transportation Security Administration (TSA) last week confirmed plans to test and implement CAPPS II, a controversial passenger-profiling system that uses information in government and commercial databases to "tag" each passenger with a color-coded score indicating the level of security risk that he or she appears to pose.
EFF strongly opposes CAPPS II and is working to stop both testing and implementation. In addition to sounding the call for a Congressional investigation and hearings on CAPPS II, we will be monitoring developments in the next few months that may prove pivotal to the program's future:
- TSA will shortly issue its third Privacy Act notice on CAPPS II.
- The General Accounting Office (GAO) is scheduled to report on the privacy impacts of CAPPS II on February 15, as required by Section 519 of H.R. 2555, Department of Homeland Security (DHS) Appropriations Act of 2004, Public Law 108-90.
- The DHS Under Secretary for Border and Transportation Security is expected to "certify" that CAPPS II has adequate privacy protections under Section 607 of H.R. 2115, Federal Aviation Administration (FAA) Reauthorization Act of 2004, Public Law 108-176. The GAO is scheduled to report (again) on the privacy impacts of CAPPS II within 90 days of this "certification." Unfortunately, there is no deadline for the "certification," so we do not know when it will be be issued.
- Finally, the DHS is also scheduled to produce its own privacy impact assessment of CAPPS II around March 12, as required by Section 608 of the FAA Reauthorization Act.
"The JetBlue and Northwest scandals have given us a glimpse of what the future would be like with CAPPS II in place," said EFF Attorney and Equal Justice Works/ Bruce J. Ennis Fellow Kevin Bankston. "Millions of people have already been stripped of their privacy without even knowing it. If we don't stop CAPPS II now, that's only the beginning."
Guest Op-ed: "Your Bank Account, Your Liberties"
By George Paine
(Note: this op-ed was previously published in a longer form on January 2 at Warblogging.com)
On New Year's Eve, my debit and ATM card stopped functioning. When I got in touch with my bank the following Saturday I was told that it was disabled due to "possible fraud" and that I would have to visit the bank personally to review my account history and certify that no fraud occurred before my card could be reactivated.
I went to the bank that day and met with my banker, who greeted me by name as I arrived. He pulled up my account on his computer and scrolled through my financial history for the past several months. Together we set out to find anything suspicious. As the pages - the days - rolled by on-screen, I realized that these transactions brought back memories.
I mentioned this to him and he gave me a knowing smile. He began to extrapolate details of my life from the transactions. "So, here, on December 13th, you got a cup of coffee with a friend. Then you guys got some sushi...Is that place good? You took in a show. Had a couple of drinks afterward..."
He was right. That was exactly what I'd done that day. Eventually we got to my Christmas purchases. He asked if someone had liked a particular gift. I said that she did. He gave me a friendly wink.
It struck me then that this man knows where I eat, where I get my coffee, when and where I drink, when and where I travel. He knows where I buy books. He knows what political campaigns I've contributed to, and how much.
After we ruled out fraud, he reactivated my ATM card and I thanked him for the service. It was then that I noticed a small sign on his desk, an advertisement from a banking services company. It was designed to appear as patriotic as possible, right down to the American flag in the background. It read "USA PATRIOT Act compliance by..."
While I don't remember the name of the company that provided the advertisement to my banker, a quick Google search reveals many such companies. One of them is Aquilan, which offers a product called Aquilan Patriot Manager (APM). The APM tagline: "Know Your Customers. 'Red Flag' Suspicious Activity. Prevent Money Laundering."
My time with the banker was innocuous. But the PATRIOT Act requires banks to report any "suspicious activity" to the government. According to the Aquilan website, the complexity of the banking business these days makes correctly identifying such activity "nearly impossible," so banks use software like APM to make the impossible possible. But is it?
APM probably works much the same way as the fraud detection software that prevented me from accessing my own bank account. This means that it's just as likely to be flawed, just as likely to yield false positives. And just as likely to bring the FBI to my door as the fraud detection software was to bring me to the bank.
On December 13th, President Bush signed into law the "Intelligence Authorization Act for FY 2004." This bill contains a section that expands the FBI's power to access our bank records, and our interactions with most other businesses, without first obtaining permission from a judge.
No longer can a judge say, "You're on a fishing expedition. You can't see George Paine's banking information."
If this doesn't concern you, it should. Think back to the skeleton or two in your closet. Think about all the information that your bank records share about you.
The Fourth Amendment is written as it is for a reason - to prevent the abuse of power. The Constitution's framers understood that "power corrupts, and absolute power corrupts absolutely."
If you don't take the threat of abuse seriously, you need look no further than the FBI itself. Take, for example, COINTELPRO, a program conceived "to neutralize political dissidents" by "discrediting and publicly destroying" them.
Or consider the DEA's Kevin Tamez, Associate Special Agent in Charge of the New York office. On December 15th, Tamez was indicted for "illegally obtaining information from law enforcement [databases]" and using it to conduct his own private investigations.
It isn't wise to imagine that your status as a loyal and law-abiding citizen will protect you from having your personal records used against you. Dr. Martin Luther King was a loyal American citizen, yet was a target of COINTELPRO.
When the rubber hits the road things like loyalty and good citizenship don't matter. What matters is whether the people in power have been given the tools to abuse that power. Under PATRIOT and the Intelligence Authorization Act for FY 2004, they have them.
George Paine is the founder of Warblogging.com, a website "providing another voice in the chorus of Americans calling for a balanced and reasonable foreign policy and a domestic policy that respects the United States Constitution and the rule of law." For further details, see http://www.warblogging.com/about/.
Nominate a Pioneer for EFF's 2004 Pioneer Awards
EFF established the Pioneer Awards to recognize leaders on the electronic frontier who are extending freedom and innovation in the realm of information technology. This is your opportunity to nominate a deserving individual or group to receive a Pioneer Award for 2004.
The International Pioneer Awards nominations are open both to individuals and organizations from any country.
All nominations are reviewed by a panel of judges chosen for their knowledge of the technical, legal, and social issues associated with information technology.
This year's award ceremony will be held in Berkeley, California, in conjunction with the Computers, Freedom and Privacy conference (CFP), which takes place in mid-April.
How to Nominate Someone for a 2004 Pioneer Award:
You may send as many nominations as you wish, but please use one email per nomination. Please submit your entries via email to email@example.com.
We will accept nominations until February 1, 2004.
Simply tell us:
- The name of the nominee,
- the phone number or email address at which the nominee can be reached, and, most importantly,
- why you feel the nominee deserves the award.
Deep Links features noteworthy news items from around the Internet.
- SCO Sues Novell for
For falsely claiming copyright in - you guessed it - something else SCO thinks it owns.
- UK Teens Get
Censorship on the Go
British kids won't be viewing naughty images on their mobile phones anymore.
- It's Not Over Until...
John Ashcroft sings.
- Can You Track Me Now?
A new network software "engine" allows you to control who can locate you through your cell phone.
Technology Year in Review
How code affected your rights in 2003.
- Microsoft v.
Microsoft admits that it takes itself "too seriously" and backs off (a bit) from trademark claims against 17 year-old Mike Rowe.
- The Sound of Compromise
(Washington Post; registration unfortunately required.)
Digital music remains a tough nut to crack.
- Feds Solicit Input on
Punishments for Spammers
Sorry guys - the Eighth Amendment still applies.
- DirecTV Dragnet Grows
(Houston Chronicle; registration unfortunately required.)
The satellite giant has now threatened more than 100,000 people with legal action for simply purchasing multi-purpose smart card technology.
- History @ 99 Cents
Smithsonian Folkways will use Peppercoin micropayments to offer its extensive catalogue of American folk music at a familiar 99 cents a pop.
- Grand Theft Auto: Free Speech Edition
After a recent row over video game violence, one Florida city is trying to pass an ordinance to control pixellated expression:
EFF Court Docket
- February 3 - MGM v. Grokster
U.S. Court of Appeals
- February 9 - OPG v. Diebold
U.S. District Court, Northern California
280 South 1st street
San Jose, CA.
For a complete listing of EFF speaking engagements (with locations and times), please visit: http://www.eff.org/calendar/
- January 22- Fred von Lohmann speaks at "Washington in the
Long Beach, CA.
- 11:40 a.m. - 12:40 p.m.
- January 26- Lee Tien speaks on privacy, presenting to W.K.
Battle Creek, MI
10:00 a.m. - 11:00 a.m.
EFFector is published by:
The Electronic Frontier Foundation
454 Shotwell Street
San Francisco CA 94110-1914 USA
+1 415 436 9333 (voice)
+1 415 436 9993 (fax)
Donna Wentworth, Web Writer/Activist
To Join EFF online, or make an additional donation, go to:
Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements and articles may be reproduced individually at will.
To change your address or other information, please visit: http://action.eff.org/subscribe/
If you have already subscribed to the EFF Action Center, please visit: http://action.eff.org/login.asp/
To unsubscribe from the EFFector mailing list, send an email to firstname.lastname@example.org with the word "Remove" in the subject.
(Please ask email@example.com to manually remove you from the list if this does not work for you for some reason.)
Back issues are available at:
You can also get the latest issue of EFFector via the Web at:
Please send any questions or comments to firstname.lastname@example.org