----------------------------------------------------------------------
Privacynotes Digest
security Protecting Privacy is Good for Business
----------------------------------------------------------------------
Published by: Mike Banks Valentine Privacynotes
privacy@privacynotes.com www.privacynotes.com
----------------------------------------------------------------------
December 12, 2002 Issue #037
----------------------------------------------------------------------
.....IN THIS DIGEST.....
// -- MODERATOR COMMENT -- //
// -- NEW DISCUSSION -- //
"Best Ever Privacy Articles" ~Mike Banks Valentine
// -- PRIVACY NEWS -- //
"The Latest in Privacy Issues"
----------------------------------------------------------------------
// -- MODERATOR COMMENT -- //
This week I am particularly encouraged after receiving the CDT
Policy Post from the Center for Democracy and Technology and reading
of the governments moves to require privacy notices on all government
web sites and requiring government agencies to assess the privacy
implications of new laws and policies. The issue is available
online at the following address
http://www.cdt.org/publications/pp_8.25.shtml
I'll recap the highlights here and highly recommend that you
click on that link above and visit the page yourself if you are
not a subscriber to that publication. The Center for Decomcracy
and Technology is one organization that is strongly supporting
our rights to Digital Privacy and I hope you will give CDT your
support.
(1) NEW LAW TO REQUIRE PRIVACY IMPACT ASSESSMENTS FOR U.S. AGENCIES
The E-Government Act of 2002, passed by Congress this week and
soon to be signed into law, includes an innovative and potentially
far-reaching provision requiring federal government agencies to
conduct privacy impact assessments before developing or procuring
information technology or initiating any new collections of personally-identifiable
information.
Under the legislation, originally introduced by Senators Joe
Lieberman (D-CT) and Conrad Burns (R-MT), a privacy impact assessment
must address what information is to be collected, why it is being
collected, the intended uses of the information, with whom the
information will be shared, what notice would be provided to individuals
and how the information will be secured. To the extent practicable,
privacy impact assessments must be published. The Director of
the White House's Office of Management and Budget (OMB) will issue
guidelines for the assessments.
(2) PRIVACY NOTICES, INCLUDING P3P STATEMENTS, NOW REQUIRED
FOR AGENCIES
The E-Government Act also requires agencies to post privacy
notices on their Web sites, detailing agency practices and individual
rights. Most agencies already post written privacy notices after
the Clinton administration, under the leadership of Chief Privacy
Counselor Peter Swire, required them in an administrative order.
The new law will take the agencies one step further by requiring
"machine-readable" notices, such as those specified in the Platform
for Privacy Preferences (P3P) standards.
(3) E-GOVERNMENT ACT INCLUDES OTHER IMPORTANT PROVISIONS
The E-Government Act includes a host of other provisions that
could have an impact on how the public interacts with the government.
Many of these could have merited free-standing legislation. Most
of them have received little attention.
* Creates a specific position in OMB for the Administrator of
the Office of Electronic Government.
* Requires the Administrator of E-Gov to develop an online tutorial
explaining how to access government information services and information
on the Internet. Sec. 213 (f).
* Requires a National Academy of Sciences study on the digital
divide. Sec. 215.
* Establishes a very strict rule of confidentiality for information
collected by the federal government for statistical purposes,
which may prove to be especially important as Zip Code and other
data that is not strictly personal becomes easier to use for personal
profiling purposes. Secs. 501-513.
// -- NEW DISCUSSION -- //
== > TOPIC: BEST EVER PRIVACY ARTICLES
From: Mike Valentine
Two of the clearest articles ever on internet privacy and digital
identity are available online at the following addresses. I've
personally written to the author, attorney Bret Fausett to thank
him for his explanations and asked to reproduce those here, but
he said they prefer linking to them instead. Visit the site to
read these if you want the most concise and easy to understand
articles available when you want to explain these things to others
you know. Privacy issues can be complex and rather involved and
these two articles get my vote for the best available anywhere.
http://makeashorterlink.com/?M6D162EB2
http://makeashorterlink.com/?Y2E112EB2
// -- PRIVACY NEWS -- //
Moderator note: There are two ways to access previously listed
privacy news stories. One is to visit Privacynotes archives, the
other (simpler) way is to visit
http://privacynotes.com/privacy_news.html
where I also keep a privacy news archive.
From New York City to Seattle, police officials are looking
to do away with rules that block them from spying on people and
groups without evidence that a crime has been committed. They
say these rules, forced on them in the 1970's and 80's to halt
abuses, now prevent them from infiltrating mosques and other settings
where terrorists might plot. At the same time, federal and local
police agencies are looking for systematic, high-tech ways to
root out terrorists before they strike. In a sense, the scuba
dragnet was cumbersome, old-fashioned police work, albeit on a
vast scale. Now officials are hatching elaborate plans for dumping
gigabytes of delicate information into big computers, where it
would be blended with public records and stirred with sophisticated
software.
http://www.nytimes.com/2002/12/10/national/10PRIV.html
To illustrate the potential loss of privacy SF Weekly columnist
Matt Smith called Admiral John Poindexter at home, and helpfully
provided us with his address and telephone number, in a piece
published there. The disgraced Iran Contra felon - who was convicted
of conspiracy, obstruction, and lying to Congress and escaped
a custodial sentence on a technicality - has been given the job
of creating the largest dragnet of personal information ever devised.
DARPA will forage for details of every American's email, phone
communications and financial transactions. The extent of Total
Information Awareness was disclosed by the New York Times last
month. When reported John Markoff rang the Homeland Defense department,
they hadn't heard of the plan.
http://www.theregister.co.uk/content/6/28432.html
The legislation creating the Department of Homeland Security,
signed by President Bush on Monday, contains provisions that build
on law enforcement's ability to peek at e-mail, monitor credit
card purchases, bank transactions and travel patterns and shield
its own activities from scrutiny. Even critics acknowledge that
taken individually, each provision is just a tiny step toward
transforming the federal government into "Big Brother." But coupled
with a series of recent court rulings favorable to the Department
of Justice and new administration initiatives, privacy advocates
warn that the nation is indeed experiencing the beginnings of
a real-life Orwellian nightmare.
http://makeashorterlink.com/?S12F13FA2
