Skip to main content
Podcast Episode: Antitrust/Pro-Internet

EFFector - Volume 17, Issue 39 - Protect Passenger Privacy - Help Ground "Secure Flight"


EFFector - Volume 17, Issue 39 - Protect Passenger Privacy - Help Ground "Secure Flight"

EFFector       Vol. 17, No. 39       October 21, 2004

A Publication of the Electronic Frontier Foundation     ISSN 1062-9424

In the 310th Issue of EFFector:

Protect Passenger Privacy - Help Ground "Secure Flight"

The controversial "CAPPS II" passenger-profiling system may be dead, but its evil stepbrother, "Secure Flight," will live if we don't complain loudly enough. If something isn't done soon, the airlines will hand over to the Transportation Security Administration (TSA) the passenger records of as many as 54 million Americans in order to test the system. If you traveled domestically in June of 2004, that means you.

TSA has a very poor track record for protecting privacy, and it has also made it difficult for the public to comment on Secure Flight. In response, privacy advocate Bill Scannell has created a website that allows you to share your concerns directly with TSA, as well to speak out against the unauthorized use of your personal travel records to test Secure Flight:

The time to file your comments is now. Passenger records contain everything from credit card numbers to whether you requested a kosher meal. Yet TSA has not made clear how long it will hold on to this personal information, and it doesn't yet have a plan for helping people who are wrongly tagged as terrorists or security risks. Worst of all, it's far from clear that Secure Flight will be effective in fighting terrorism. It will rely chiefly on matching passenger identification with government watch lists - the same combo that repeatedly grounded Senator Ted Kennedy. (See .) Don't wait until it's too late - tell TSA that you don't agree to be used as a guinea pig, especially for a program this misguided:

More about Secure Flight:

California Poll Workers Told to Withhold Information from Voters

Santa Clara County, CA - Poll workers in Santa Clara County are being trained not to offer voters the choice of using paper ballots instead of electronic voting machines, EFF has learned. California Secretary of State Kevin Shelley has mandated that all of the state's polling places offer a paper ballot option, which would give people concerned about the reliability of e-voting machines the chance to vote using paper ballots at the polls. But Santa Clara County poll workers are being instructed not to tell voters that they can choose "paper or plastic." Instead, poll workers will make paper ballots available only if voters specifically request them.

Ed Cherlin, a poll worker being trained in Santa Clara County, said he was very disturbed to learn that he was not supposed to mention the paper option. "I object to the government telling me that I can't tell people about their rights," he said. Representatives of the voting commissions in Orange County and Riverside Counties confirm that they also will not be informing voters about the paper option at the polls. There are ten counties in California using paperless e-voting machines known as DREs. It is not clear at this time whether all ten are adopting similar policies.

"A voter should not specifically have to ask for a paper ballot. Any voter who expresses any level of concern about the voting process should be informed of this option," said EFF Staff Attorney Matt Zimmerman. "Anything less undermines the spirit of the Secretary of State's mandate and people's trust in the voting process."

For the original breaking news item:

More about e-voting:

Diebold Coughs Up Cash in Copyright Case

False Accusation of Infringement Results in Hefty Payment of Legal Fees, Damages

California - EFF has capped its historic victory in a copyright abuse case against electronic voting machine manufacturer Diebold. The corporation agreed to pay $125,000 in damages and fees. The settlement, a win for free speech advocates, comes after a California district court found that Diebold had knowingly misrepresented that online commentators, including Indymedia and two Swarthmore college students, had infringed the company's copyrights.

"It makes me happy that students in this situation in the future won't have to worry about big corporations breathing down their necks," said Nelson Pavlosky, one of the students.

Diebold is the first company to be held liable for violating section 512(f) of the Digital Millennium Copyright Act (DMCA), which makes it unlawful to use DMCA takedown threats when the copyright holder knows that infringement has not actually occurred. The section also stipulates that anyone who issues such frivolous threats must pay damages, including costs and attorneys' fees, to those harmed by the misrepresentations.

EFF and the Center for Internet and Society Cyberlaw Clinic at Stanford Law School sued on behalf of nonprofit Internet Service Provider (ISP) Online Policy Group (OPG) and the two students to prevent Diebold's abusive copyright claims from silencing public debate about voting. Diebold sent dozens of cease-and-desist letters to ISPs hosting leaked internal documents indicating flaws in Diebold's e-voting machines. The company claimed copyright violations and used the DMCA to demand that the documents be taken down. OPG refused to remove them in the name of free speech.

"The risk of substantial damages and fees should make companies pause before sending unfounded copyright threats," said EFF Staff Attorney Wendy Seltzer. "Plus ISPs can fight back against these false claims without taking a financial hit." "As a nonprofit ISP, it's great to have legal recourse when a company threatens us or our clients with frivolous lawsuits," added OPG Executive Director Will Doherty.

EFF is a member-supported nonprofit that represented OPG and the Swarthmore students pro bono. Thanks to the settlement, Diebold will pay the costs of the case.

For this release:

EFF to Trusted Computing Group: Preserve Meaningful Control for Computer Owners

In an effort to influence the development of controversial "trusted computing" technology, EFF recently submitted comments to the Trusted Computing Group's (TCG) best practices committee, the group that provides technical guidelines for developers. The committee previously released draft recommendations on how to prevent abuses of trusted computing technology - that is, ways to stop computers with a trusted computing platform module from "betraying" the owner. Unfortunately, these recommendations do not go far enough.

"Under TCG's guidelines, 'trusted' personal computers could allow spyware creators to exploit your system to their advantage or force you to use a pre-selected program or operating system when you access a particular website or online service," said EFF Staff Technologist Seth Schoen, author of the comments. "A trusted PC would also be able to limit your ability to study and modify the software you have installed - creating a significant barrier for technologists who want to develop new, compatible, or interoperable software."

Schoen also points out that the TCG committee appears to define "control" of a trusted computing chip as the ability to decide whether or not to use it - an absurdly narrow definition. "That would be like saying that an automotive hobbyist enjoys full control over an automobile because it can be turned on and off and driven anywhere, even if the hood has been glued shut and the design disallows any after-market modification," said Schoen.

EFF's comments offer suggestions for technical improvements to TCG's design that would preserve truly meaningful control for computer owners. EFF also warns that the current design will have anticompetitive effects and that despite TSG's recommendation to the contrary, it is likely to be used coercively. "TCG must commit to producing a technology that actually prevents these outcomes, rather than only issuing statements deploring them," said Schoen.

TCG is considering EFF's comments and those of other organizations as it revises its "Design, Implementation, and Usage Principles," which it is expected to publish later this year.

For EFF's comments to TCG:

More about trusted computing:

EFF Seeks Dynamic, Motivated Membership Coordinator

EFF is seeking a full time Membership Coordinator to start immediately and work out of EFF's San Francisco (Mission District) office.

The Membership Coordinator reports to the Development Director and is a key component of EFF's fundraising activities. The MC is responsible for managing all contact with EFF's 13,000+ members, helping to develop strategies to grow the membership, managing the donor and membership database, processing all donations to EFF, mailing regular thank-yous and renewal notices to donors, ensuring an efficient donation system, managing the donation pages of the website, and responding to any issues donors may have. The MC also manages all aspects of EFF's online shop, including order fulfillment. Additional responsibilities include various marketing projects, including oversight of the design and printing of t-shirts, hats, stickers, brochures, and other materials. The MC also attends a number of commercial conferences each year, managing the EFF booth presence and speaking informally with conference attendees.

The position requires enthusiasm and a flexible, can-do attitude. Having the initiative to sniff out and solve problems independently is essential, as is the dedication to perform daily tasks with minimal oversight. The position offers the opportunity to learn about all aspects of nonprofit fundraising, as well as digital civil liberties issues, in a hard-working, fun office environment. Experience managing a large contact database is required. A marketing background is a plus; nonprofit fundraising background is a big plus.

To apply, send cover letter and resume to:


miniLinks features noteworthy news items from around the Internet.

Indymedia Protests Seizure of Servers
Indymedia, a group of independent, progressive online journalists, has launched a campaign to protest the government seizure of two servers hosting several of its websites. While the servers have been returned, no one will say what happened or why. Now Indymedia is seeking signatures from people and organizations who condemn the seizure. Here's where you can sign on:

Florida E-voting Has Rocky Start
There have been a number of problems with the state's new voting system that debuted with early voting this week:,2645,65388,00.html

PopSci on E-voting
EFF's own Annalee Newitz explores the problems with today's voting machines and explains how they could be rectified:
(Popular Science)

E-voting Suit in New Jersey
A coalition of NJ citizens and election officials would like the state will abandon e-voting before the upcoming election:
(Registration unfortunately required.)

Let the Sun Shine on Silly Cease-and-Desist Letters
Hewlett-Packard was so peeved about what Sun Microsystems President and COO Jonathan Schwartz said about the company in his weblog, it sicced the lawyers on Sun. Now the Chilling Effects Clearinghouse has published the letter - and Sun's biting reply:

How Do C&Ds Affect Fair Use?
The Free Expression Policy Project investigates:

New Passports Will Leak Personal Data
The next generation of US passports will have embedded RFIDs, and some reports suggest that the information the chips broadcast won't be encrypted. Meaning anyone with an RFID reader could passively scan you, pulling the most intimate personal data right out of your pocket. Unbelievable:

EU Pushes Semi-Permanent Records
A new anti-terrorism plan requires that data about telephone calls and emails is retained for at least 12 months. You know, "just in case":

Playing Politics with PATRIOT on how election-year pressures are forcing out debate on PATRIOT expansion bills:

Chinese Company Trademarks "Happy Birthday"
"With increasingly fierce competition in the world toy market, the company realized the importance of branding." Whatever:
(The Economic Times)

New Scholarship Shows P2P Isn't Declining
According to the authors, P2P network traffic has not slowed down at all over the past three years - and that's not even taking into account the rise in encrypted traffic:

Online Chat with Verizon's Counsel
The Washington Post hosts a chat with Sarah Deutsch, the rock star attorney who helped Verizon protect its customers' privacy from Big Content:
(Registration unfortunately required.)

ASCAP Approves Web Radio Licenses
The country's largest licensing agency has approved a $1.7 billion deal that allows radio stations to rebroadcast content over the Net:
(Washington Post; reg. unfortunately required.)

Indian Gov't Minister Advocates Balanced IP
He notes that "the main issue remains how to balance the interest of creator in the society and that of the need of the society at large in an optimum way in this digital environment." Hear, hear:
(India News Online)

"VoterGate" on the Internet Archive
This new documentary, which includes an interview with EFF's own Cindy Cohn, is now available for free from the Internet Archive:
(Internet Archive)


EFFector is published by:

The Electronic Frontier Foundation
454 Shotwell Street
San Francisco CA 94110-1914 USA
+1 415 436 9333 (voice)
+1 415 436 9993 (fax)

Donna Wentworth, Web Writer/Activist

Membership & donation queries:

General EFF, legal, policy, or online resources queries:

Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements & articles may be reproduced individually at will.

Current and back issues of EFFector are available via the Web at:

Back to top

JavaScript license information