========================================================================= ________________ _______________ _______________ /_______________/\ /_______________\ /\______________\ \\\\\\\\\\\\\\\\\ \ ||||||||||||||||| / //////////////// \\\\\\\\\\\\\\\\\/ ||||||||||||||||| / //////////////// \\\\\\_______/\ ||||||_______\ / //////_____\ \\\\\\\\\\\\\ \ |||||||||||||| / ///////////// \\\\\\\\\\\\\/____ |||||||||||||| / ///////////// \\\\\___________/\ ||||| / //// \\\\\\\\\\\\\\\\ \ ||||| / //// \\\\\\\\\\\\\\\\/ ||||| \//// ========================================================================= EFFector Online Volume 07 No. 08 May 6, 1994 editors@eff.org A Publication of the Electronic Frontier Foundation ISSN 1062-9424 In This Issue: EFF Summary of May 3 1994 Senate Clipper Hearing EFF Summary of May 3 1994 House Clipper & Digital Telephony Hearing USPS & IRS Mull National Identity Cards, Clinton to Sign Orders DOJ Clipper Documents Scheduled for Summer Release Under FOIA New Faces on EFF Board and Staff Note About EFFector - Are You Moving? What YOU Can Do ---------------------------------------------------------------------- Subject: EFF Summary of May 3 1994 Senate Clipper Hearing --------------------------------------------------------- May 4, 1994 The Senate Judiciary Subcommittee on Technology and the Law held a hearing on Tuesday (5/3) to examine the Administration's "Clipper Chip" Key Escrow Encryption proposal. Witnesses included Asst. Atty. Gen. Jo Ann Harris (Criminal Justice Division), NIST Deputy Director Raymond Kammer, Whitfield Diffie (of Sun Microsystems), Stephen Walker (President, Trusted Information Systems), and NSA director Vice Adm. J. M. McConnell. The discussion touched on a number of key issues, including the necessity of the Clipper proposal for law enforcement; the privacy interests of network users; the costs associated with implementing the Clipper scheme; export controls; and whether those intending to use communications networks to break the law would actually use Clipper as opposed to other encryption schemes. Although a variety of views were offered, few new developments emerged in this controversial debate. Assistant Attorney General Harris and NIST's Ray Kammer both stated that the Clipper Scheme and Key Escrow system would not provide law enforcement with any new surveillance abilities. Rather, Harris argued, Clipper is analogous to a translator. Harris stated, "All Clipper does is, after a court has authorized interceptions of communications, is that we get the ability to understand the content of legitimately intercepted communications". The Administration continues to maintain that the market would accept the Clipper standard based on the assumption that it is the strongest encryption scheme, regardless of who holds the keys. When pressed by Sen. Leahy on this issue, as well as on the question of whether criminals or terrorist organizations would be willing to use the Clipper standards, neither witness offered any assurances, and admitted that this is still an open question. Senator Leahy expressed skepticism: "I have serious questions about whether any sophisticated criminal or terrorist organization is going to use the one code endorsed by the U.S. Government and for which U.S. Government agents hold the decoding keys. There are a multitude of alternative encryption methods commercially available. If Clipper Chip does become the standard encryption method used by Americans, criminals may be forced to use Clipper to communicate with legitimate outsiders. But this is a big 'IF' ". In what may prove to be a significant development, NIST's Kammer conceded that additional fiscal authorization may be needed to fund the implementation of the Clipper proposal. If this is the case, Congress would be required to consider legislation to authorize funding, and at this point passage of such legislation is at best uncertain. EFF will continue to closely monitor this development, and will pass along information as it develops. Sun Microsystems Diffie urged a slow and careful approach to the Clipper issue, cautioning that a rush to implement Clipper may create a bureaucracy that would be difficult to dislodge at a later time. Diffie stressed the need for international for information security, and cautioned against attempts to use the power of technology to increase the power of government. Diffie added, "Integrity of political speech is the root of legitimate laws in a democratic society. We are in a position where if we do not make it a national priority to make privacy available", this integrity may be compromised. Steve Walker, of Trusted Information Systems, stressed the need for the removal of export control restrictions. He also countered the Administration's contention that very few foreign encryption alternatives exist; noting that his company had found over 340. Walker displayed several of these applications, and noted that because of export controls U.S. manufactures of encryption technology face a significant disadvantage on the world market. Although the Senate Hearing did not produce many new developments, it is significant to note that no members of the Subcommittee expressed outright support for the Clipper Chip proposal. Chairman Leahy, the most vocal panel member at Tuesday's hearing, was also the most skeptical, and as such the fate Clipper proposal is still very much in doubt. ------------------------------ Subject: EFF Summary of May 3 1994 House Clipper & Digital Telephony Hearing ---------------------------------------------------------------------------- Tuesday proved to be a busy day for Clipper on the Hill, as the House Science, Space and Technology Subcommittee on Technology, Environment and Aviation also considered the Clipper and Digital Telephony proposals. Witnesses on the panel included James Kallstrom of the FBI, NSA's Clinton Brooks, NIST Deputy Director Ray Kammer, Dr. Dorothy Denning, Dr. David Farber, EFF Executive Director Jerry Berman (on behalf of DPSWG), and Chmn. Willis Ware of the Congress/NIST System Security and Privacy Advisory Board. The discussion centered mainly on the Clipper issue. Unlike the Senate panel, there seemed to be some support for the Clipper proposal on the House Subcommittee. Rep. Dan Glickman (D-KS), Chairman of the House Intelligence Committee, declared his "cautious support", for the proposal, and stressed law enforcement's need for strong surveillance abilities. Subcommittee Chairman Valentine (D-NC), as well as Reps. Morella (R-MD) and Rohrabacher (R-CA) all expressed reservations. James Kallstrom urged full support of both the Clipper and Digital Telephony proposals on behalf of all law enforcement, citing the need to counter the increasing sophistication of digital communications technologies. Kallstrom painted a picture of a network populated by criminals, terrorists, and drug dealers which would pose a great danger to public safety, unless law enforcement is given the ability to intercept illegal communications. EFF's Jerry Berman countered this assertion by arguing that Clipper would only solve law enforcement's problems if criminals use it. The only way to do this, Berman added, would be to mandate the Clipper standard, something which the Administration does not claim to want to do. The only solution is for Congress to deny appropriation for Clipper and send the Administration back to the drawing board, Berman argued. Dr. Farber, appearing as an expert witness, stated that solutions to the Clipper issue will not come easily and will not come in one big step. Rather, a carefully considered and open approach is required. While stressing the need for encryption standards on communications networks, Dr. Farber cautioned against "smoke-filled-room standards" of encryption which are, in his view, likely to bead mistrust. Dr. Farber also argued for the removal of export controls on encryption technology. NSA's Clinton Brooks expressed support for Congressional Consideration of the Clipper issue. He argued that Clipper is a sound technological solution to a legitimate law enforcement and National Security dilemma, and that a public debate on its merits would eventually remove the misinformation and mistrust of government, and would prove Clipper to be in the public interest. Dr. Farber offered a strong caution to this, expressing the concern that a future administration may find it necessary to mandate the Clipper standard. Dr. Farber suggested that at the very least Congress weld into law a guarantee that Clipper remain voluntary, that the Judiciary be an escrow holder. He cautioned, in the words of Benjamin Franklin, "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety" ************** Written testimony & documents from the hearings are available as: ftp.eff.org, /pub/EFF/Policy/Crypto/Clipper/[filename] gopher.eff.org, 1/EFF/Policy/Crypto/Clipper, [filename] gopher://gopher.eff.org/11/EFF/Policy/Crypto/Clipper, [filename] http://www.eff.org/pub/EFF/Policy/Crypto/Clipper/[filename] where [filename] is: diffie_dpswg_sun_clipper.testimony - Senate testimony of W.Diffie (DPSWG/SUN) berman_eff_clip-dt.testimony - House testimony of Jerry Berman (EFF) brooks_nsa_clip-dt.testimony - House testimony of Clint Brooks (NSA) denning_clip-dt.testimony - House testimony of Dorothy Denning farber_clip-dt.testimony - House testimony of David Farber kallstrom_fbi_clip-dt.testimony - House testimony of James Kallstrom (FBI) kammer_nist_clip-dt.testimony - House testimony of Ray Kammer (NIST) ware_csspab_clip-dt.testimony - House testimony of Willis Ware (CSSPAB) clip-dt_hearings.docs - charter, witness list, diagrams. * More Senate testimony and spoken testimony from both hearings will be made available in the same directory when obtained. This material is also available from the EFF BBS: +1 202 638 6120. ------------------------------ Subject: USPS & IRS Mull National Identity Cards, Clinton to Sign Orders ------------------------------------------------------------------------ From: Mitch Ratcliffe Date: Thu, 5 May 1994 07:43:22 -0700 (PDT) Ever Feel Like You're Being Watched? You Will... Digital Media has learned that the Clinton administration is debating not if, but how, to create a card that every American will need in order to interact with any federal government agency. Combined with two potential executive orders and the Postal Service's designs on putting its stamp on personal and business electronic transactions, the card could open a window on every nuance of American personal and business life. The wrangling among the administration, the U.S. Postal Service, the Internal Revenue Service and Department of Defense, emerged into the public eye at this April's CardTech/SecureTech Conference. The gathering of security experts was convened to discuss applications for smart card and PCMCIA memory card technologies in business and government. The Postal Service, at the conference presented a proposal for a "general purpose U.S. services smartcard," which individuals and companies would use to authenticate their identities when sending and receiving electronic mail, transferring funds and interacting with government agencies, such as the I.R.S., Veterans Administration and the Department of Health and Human Services. President Clinton is also considering signing two executive orders that would greatly expand the government's access to personal records, including an order that would allow the I.R.S. to monitor individual bank accounts and automatically collect taxes based on the results, said sources close to the White House. The collection service will be presented as a convenient way to avoid filling out a tax return. The White House did not respond to requests for comments about this report. The Post Office: We deliver for you. The Postal Service's U.S. Card would be designed to use either smart cards (plastic cards with an embedded microprocessor carrying a unique number that can be read by a electromagnetic scanner and linked to computerized records stored on a network) or PCMCIA cards, which can contain megabytes of personal information. (You've probably seen this type card in AT&T's "You Will" ad campaign, which shows a doctor inserting a woman's card in a reader in order to access a recording of a sonogram). The Postal Service said it is considering AT&T and other companies' smart card technologies. In a slide presentation at the conference, Postal representative Chuck Chamberlain outlined how an individual's U.S. Card would be automatically connected with the Department of Health and Human Services, the U.S. Treasury, the I.R.S., the banking system, and a central database of digital signatures for use in authenticating electronic mail and transactions. The U.S. Card is only a proposal, Chamberlain insists. Yet the Postal Service is prepared to put more than a hundred million of the cards in citizens' pockets within months of administration approval, he said. "We've been trying to convince people [in the different agencies] to do just one card, otherwise, we're going to end up with two or three cards," said Chamberlain. He said in addition to the healthcare card proposed by President Clinton last year, various government agencies are forwarding plans for a personal records card and a transactions (or "e-purse") card. Chamberlain said the I.R.S in particular is pursuing plans for an identity card for taxpayers. Don't leave home without it. Though he did not name the U.S. Card at the time, Postmaster General Marvin Runyon suggested that the Postal Service offer electronic mail certification services during testimony before the Senate Governmental Affairs Subcommittee in March. The proposal is clearly intended as a way to sustain the Postal Service's national role in the information age, since it would give the agency a role in virtually every legally-binding electronic transaction made by U.S. citizens. For instance: * When sending or receiving electronic mail, U.S. Card users would be able to check the authenticity of a digital signature to screen out impostors. * Banking transactions (notably credit card purchases) that depend on authentication of the participants identities and an audit trail, would be registered in Postal Service systems. * Veterans, or for that matter college students and welfare recipients, could check their federal benefits using the identification data on their U.S. Cards. * Visitors to an emergency room would have instant access to medical records at other hospitals, as well as their health insurance information. These examples may seem benign separately, but collectively they paint a picture of a citizen's or business's existence that could be meddlesome at best and downright totalitarian at worst. Will buying a book at a gay bookstore with a credit card that authenticates the transaction through the Postal Service open a Naval officer up to court marshal? If you have lunch with a business associate on a Saturday at a family restaurant, will the IRS rule the expense non-deductible before you can even claim it? "There won't be anything you do in business that won't be collected and analyzed by the government," said William Murray, an information system security consultant to Deloitte and Touche who saw Chamberlain's presentation. "This [National Information Infrastructure] is a better surveillance mechanism than Orwell or the government could have imagined. This goddamned thing is so pervasive and the propensity to connect to it is so great that it's unstoppable." Deep Roots; Deep Pockets; Long History. Chamberlain said the Postal Service has been working for "a couple years" on the information system to back up the U.S. Card. He said the project was initiated by the Department of Defense, which wanted a civilian agency to create a national electronic communications certification authority that could be connected to its Defense Messaging System. Chamberlain said the Postal Service has also consulted with the National Security Agency, proponents of the Clipper encryption chip which hides the contents of messages from all but government agencies, like law enforcement. The National Aeronautics and Space Administration's Ames Research Laboratories in Mountain View, Calif. carried out the research and development work for Clipper. "We're designing a national framework for supporting business-quality authentication," said John Yin, the engineer heading up the U.S. Card- related research for NASA Ames' advanced networking applications group. "This is not specifically with just the Postal Service. We'll be offering services to other agencies and to third-party commercial companies that want to build other services on the card." For example, VISA or American Express could link their credit services to the U.S. Card. Yin, who works on Defense Messaging Systems applications, said his group has collaborated with "elements of Department of Defense" for the past year, but would not confirm the participation of the National Security Agency, a Department of Defense agency. The NSA is specifically prohibited from creating public encryption systems by the Computer Security Act of 1987. Yin also would not comment on the budget for the project, which other sources said was quite large and has spanned more than two years. A false sense of security? According to Yin, the cards would allow individuals or businesses to choose any encryption technology. "It's not our approach to say, 'Here's the standard, take it our leave it,'" he said. "We're not trying to create a monopoly, rather it's an infrastructure for interoperability on which a whole variety of services can be built." Yet, NASA, which is a participant in the CommerceNet electric marketplace consortium will "suggest" to its partners that they adopt the U.S. Card certification infrastructure, he said. The reality is that government agencies' buying power usually drives the market to adopt a particular technology -- not unlike the way the Texas Board of Education, the largest single purchaser of textbooks in the U.S., sets the standard for the content of American classroom curricula. Since, the administration has already mandated use of Clipper and its data-oriented sibling, the Tesserae chip, in federal systems it's fairly certain that the law enforcement-endorsed chips will find their way into most, if not all, U.S. Cards. Even in the unlikely event that one government agency should weather the pressure and pass on the Clipper chip, it's still possible to trace the source, destination, duration and time of transactions conducted between Clippered and non-Clippered devices. "Most of this shift [in privacy policy] is apparently being done by executive order at the initiative of bureaucracy, and without any Congressional oversight or Congressional concurrence, " Murray said. "They are not likely to fail. You know, Orwell said that bureaucrats, simply doing what bureaucrats do, without motivation or intent, will use technology to enslave the people." EDITOR'S NOTE: Digital Media has filed a Freedom of Information Act request for Clinton and Bush Administration, Postal Service, NSA, Department of Defense, NASA, I.R.S. and other documents related to the creation of the U.S. Card proposal. -- Mitch Ratcliffe Copyright 1994 by Mitch Ratcliffe and Seybold Publications. Mitch Ratcliffe Editor in Chief Digital Media: A Seybold Report 444 De Haro St., Ste. 128 San Francisco, Calif. 94107 415.575.3775 office godsdog@netcom.com ------------------------------ Subject: DOJ Clipper Documents Scheduled for Summer Release Under FOIA ---------------------------------------------------------------------- From: Lee Tien Date: Wed, 4 May 1994 08:00:28 -0700 As you know, there has been much debate about the Clipper Chip initiative, but relatively little hard information. John Gilmore, member of the board of directors of the Electronic Frontier Foundation, filed FOIA requests to numerous government agencies last April after the Clipper plan was announced. In June 1993, he filed a FOIA lawsuit against the Justice Department ("DOJ") and the Federal Bureau of Investigation ("FBI"). Gilmore v. FBI, et al, C-93-2117, U.S. District Judge Charles Legge, Northern District of California. As a result of this lawsuit, the Justice Department has agreed to a staggered release of some documents about Clipper and Digital Telephony. The Justice Department and Gilmore signed a joint stipulation and agreement on Friday, April 29, 1994, in which the Justice Department and several other federal agencies agreed to release documents over the next several months: a) DOJ's Office of Information and Privacy ("OIP") will transmit all documents recovered in its search for responsive documents that it has identified as requiring referrals or consultations to the appropriate agencies or DOJ components by May 31, 1994. OIP will complete processing of all documents that it has identified as not requiring referrals or consultations to other agencies or DOJ components by June 20, 1994. b) DOJ's Justice Management Division ("JMD") will complete processing of all documents recovered in its search for responsive documents, excluding documents which have been referred for processing to other agencies, by July 30, 1994. c) The Office of Management and Budget ("OMB") will respond to all DOJ consultation requests which OMB had received as of April 20, 1994 by May 20, 1994. d) The National Security Agency ("NSA") will respond to all DOJ consultation requests which it had received as of April 20, 1994 by July 18, 1994. NSA will complete processing of all documents which had been referred to it by DOJ as of April 20, 1994 for direct response to plaintiff by July 18, 1994. e) The National Security Council ("NSC") will respond to all DOJ consultation requests which NBC had received as of April 20, 1994 by July 29, 1994. f) The Department of Commerce and National Institute of Standards and Technology (collectively "Commerce") will respond to all DOJ consultation requests which Commerce had received as of April 20, 1994 by August 7, 1994. Commerce will complete processing of all documents which had been referred to it by DOJ as of April 20, 1994 for direct response to plaintiff by August 7, 1994. The documents being processed by the NSC include the Presidential Review Directive and Presidential Decision Directive which started the Clipper initiative. We have been informed that NSC is processing the two final versions as well as 68 draft versions. We have also been informed that documents produced in the course of the OMB legislative clearance process for the Digital Telephony Bill are being processed. This should provide insight into how the government decided to proceed with this bill. We have also been informed that there are approximately 25 documents produced in the course of the government's solicitation of industry views on Clipper. Obviously, we do not know how much useful information will be released. It is probable that the documents will be heavily redacted. Given the recent directives from the President and the Attorney General that all possible discretionary disclosures of information should be made, we hope, optimistically, that these disclosures will prove illuminating. Unfortunately, the FBI is not a party to this agreement. We are in the process of attempting to obtain the release of about 3000 pages of FBI records. FBI has told the Court that it will be approximately 2 years and 8 months before it will even begin processing Gilmore's request, and that actual processing will take about a year, if not more. We believe that this delay is unlawful and cannot be countenanced. The FBI offered to complete its processing a year from when we sign an agreement; we believe they should process these documents in a maximum of six months (which would be a year and a half from our original FOIA request). Note that this processing time only includes their initial response to us; they will undoubtedly withhold many documents and parts of documents which we will contest the withholding of. This will take additional time, probably years. Because we and the FBI have been unable to agree, we have presented this controversy to the Court, and Judge Legge will decide what deadlines to impose on the FBI. The agreement mentioned above does not include NSA except to the extent that NSA is reviewing documents submitted to it by the Department of Justice. We also filed a FOIA request with NSA for all of its documents on Clipper, and have received no response after a year. We have an existing lawsuit against NSA's pattern and practice of delay in responding to FOIA requests. Depending on how that suit develops, we will take some kind of legal action to force them to respond. Lee Tien (Attorney for John Gilmore) and John Gilmore tien@well.sf.ca.us gnu@toad.com PLEASE REDISTRIBUTE IF YOU LIKE. ****** UPDATE - Gilmore & Tien have appealed govt. lack of response. From: gnu@toad.com (John Gilmore) Date: 6 May 94 00:23:21 GMT Neither the Treasury Dept. nor the Commerce Dept. has responded further to our FOIA requests regarding the Clipper key database. Both agencies requested that we extend their time limits, and we did so; neither has responded within the new deadline of their choice. We have been in telephone contact with the agencies and just sent out formal appeal letters this week. Both agencies have gone way beyond the 10-day deadline (20 days if consultation with other agencies is needed) written into the Freedom of Information Act. As we all remember Tax Day, April 15th, let's also remember how the IRS penalizes us when *we* don't meet *their* deadlines -- and how much of a double standard the government holds with regard to its own timeliness. By law, these government agencies have 20 working days to process our new appeal. Appeals are sometimes handled by more competent people than ordinary FOIA requests, but adherence to time limits is not particularly common in appeals either. The next step twenty days after the appeal is to sue the government in Federal District Court for release of the records. As you might expect, this is also a lengthy process. In the two FOIA suits I now have in progress (against NSA and DoJ/FBI), the government has used every procedural trick in the book to delay the progress of the lawsuits, so that they can defer becoming accountable to the public as long as possible. [Copies of our two appeal letters are available from EFF. See below for more information.] There is a bill pending in Congress, S. 1782 by Sen. Leahy, Brown, and Kerry, that would provide penalties of up to $75/day against agencies that withhold information after the FOIA time limits, as well as paying the requester's attorney's fees and reasonable costs. It also provides that a requester will be given electronic records in their choice of machine-readable format if the records in that format can be made with "reasonable effort" (e.g. putting a tape in the tape drive). It makes other small improvements in the FOIA. Please ask your Senator or Representative to co-sponsor the "Electronic Freedom of Information Improvement Act of 1993". You can see its summary and current status by doing `telnet locis.loc.gov', then picking Federal Legislation, Current Congress, "retrieve S. 1782", and "display item 1 all". Please disseminate this information to all interested parties. John Gilmore gnu@toad.com Copies of the 2 appeal letters sent by Tien & Gilmore are available at: ftp.eff.org, /pub/EFF/Legal/Gilmore_v_NSA/clipper_foia_appeal.letters http://www.eff.org/pub/EFF/Legal/Gilmore_v_NSA/clipper_foia_appeal.letters gopher.eff.org, 1/EFF/Legal/Gilmore_v_NSA, clipper_foia_appeal.letters gopher://gopher.eff.org/11/EFF/Legal/Gilmore_v_NSA, clipper_foia_appeal.letters and at the EFF BBS, Outpost - EFF Online, +1 202 638 6120 ------------------------------ Subject: New Faces on EFF Board and Staff ----------------------------------------- Over the last few months, EFF has gained several new staffmembers, and 2 additional boardmembers. We're very glad to have them with us, and feel the are the best and the brightest. We'd like to introduce them to you. * Denise Caruso, EFF Boardmember Editorial Director of Information Services Technology & Media Group, Inc. Denise Caruso is one of the leading analysts and observers of the emerging industry of digital convergence. She is the editorial director of the Technology & Media Group, Inc. Technology and Media is a subsidiary of Friday Holdings, L.P., a new venture founded in May 1993 to create, acquire and invest in media properties. Friday Holdings was founded by Norman Pearlstine, former executive editor of the Wall Street Journal along with limited partners Paramount Communications, Inc., QVC Holdings, Inc., and Rainwater Media Partners. As editorial director, Caruso is developing a variety of information products, both print and electronic, that focus on the convergence of digital technology with traditional forms of communication, information and entertainment. Before joining Technology & Media, Caruso was the founding editor of Digital Media, a widely acclaimed newsletter published by Seybold Publications, a division of Ziff-Davis. Prior to her work at Digital Media, Caruso was a weekly technology columnist for the San Francisco Examiner and a contributor to the San Jose Mercury News on a wide range of technology subjects. In addition, Caruso has held editorial positions at a variety of trade publications, including the West Coast bureau of Electronics and Infoworld magazines. Caruso serves on the board of directors of the electronic Frontier Foundation. Caruso holds a BA in English from California Polytechnic State University in San Luis Obispo, Calif. * Jane Metcalfe, EFF Boardmember President and Co-founder, WIRED Magazine Ms. Metcalfe and her partner, Louis Rossetto, began planning for WIRED in January 1991 and eventually moved from Amsterdam to San Francisco to launch the title. The first issue was released at Macworld and the Consumer Electronics Show in January 1993. Prior to forming WIRED, Metcalfe worked at Electric Word magazine, an Amsterdam-based cult magazine covering such leading edge technologies as machine translation, optical character recognition and speech recognition. She started there as Director of Advertising Sales, moved to Director of Marketing when circulation campaigns began, and eventually became Associate Publisher. In 1987, Metcalfe was Director of Export Sales at the Paris-based fashion house Valentine Palomba, where she was responsible for the marketing and sales of women's apparel, footware and perfume to non-French markets. She introduced computers to her firm for accounting and catalog production. At her first job out of college, she was charged with co-developing a multi-currency accounting system for a Wang mini-computer, and was instrumental in setting up an asynchronous telecommunications link between Paris, Geneva and Washington, D.C. in 1984. Metcalfe graduated with honors from the University of Colorado with a degree in International Affairs. She was elected to the Board of the Electronic Frontier Foundation in January, 1994. * Mary Beth Arnett, EFF Staff Counsel As Staff Counsel, Mary Beth Arnett analyzes legislative proposals and regulatory proceedings on telecommunications infrastructure modernization. Before joining the Electronic Frontier Foundation, Ms. Arnett was an attorney for four years at a national law and policy research institute, where she published an extensive critique of two federal information disclosure programs involving community and workplace right-to-know laws. She evaluated how market forces, enforcement practices, and constitutional and statutory doctrines affect the Jeffersonian ideal of empowering citizens through information provision. Ms. Arnett served for six years as a public member of a state licensing and regulatory board, where she chaired an administrative rulemaking committee and testified before legislative committees. Ms. Arnett received her B.A. and J.D. from the University of Wisconsin. During law school, she served as Senior Managing Editor of the Wisconsin Law Review and was a judicial intern in the Wisconsin Supreme Court. * Janlori Goldman, EFF/ACLU Privacy & Technology Project Dir. Ms. Goldman will be coordinating EFF's Privacy & Technology Project, a way for EFF to develop it's own advocacy positions while also exploring information privacy isses with industry and other public interest organizations. Goldman will lead an effort to develop technolgical and legal means to increase individual control over personal information held by commerical and governmental parties, and will focus on a wide range of increasingly important topics, such as national federal ID card schemes, and the privacy of health care records. Goldman directed a previous Project on Privacy & Technology for the American Civil Liberties Union, which tackled caller ID, access to credit records, the FBI's National Crime Information Center, genetic fingerprinting and other modern privacy issues. She began her work for ACLU in 1984 at the Minneapolis chapter as a trial attorney, but relocated to Washington to work on privacy concerns, attending conferences, giving Congressional testimony, and analyzing legislation, as ACLU's only full-time privacy attorney. Prior to ACLU, Goldman was employed as a social worker helping Russian immigrants, and later as an attorney representing Vietnam veterans in Agent Orange cases. Goldman graduated in 1979 from Macalester College in St. Paul, and then attended Hofstra University Law School, graduating in 1984, an appropriate year for one of the best known privacy attorneys in America. * Jonah Seiger, EFF Project Coordinator Mr. Seiger will be responsible for coordinating EFF's policy working groups and for providing research and administrative support to our policy staff. He will also serve as an information collection and dissemination point for all of EFF's public policy activities. A native of Palo Alto California, Jonah graduated cum laude last May from the University of Michigan with a degree in Psychology and Studies in Religion. He joins EFF after serving as a legislative intern for the House Subcommittee on Telecommunications and Finance, chaired by Rep. Edward Markey (D-MA). In addition to his interest in communications policy, Jonah enjoys cooking, reading, and music (he is an avid guitar player). Please feel free to call on Jonah with questions regarding EFF's public policy working groups. [The complete EFF Board/Staff/Volunteer List is available as ftp.eff.org, /pub/EFF/Misc/staff.eff] ------------------------------ Subject: Note About EFFector - Are You Moving? Since a change of season is upon us, many people will be moving, going on vacation, dismantling their machines for that spring upgrade, and so forth. If you'll be off the net for a while or moving, or your mail will otherwise be bouncing, please unsubscribe yourself from the EFFector mailing list if you receive EFFector by email. You can do this by sending a message to listserv@eff.org, with a body of unsubscribe effector-online Subject line is ignored. To subscribe or re-subscribe to the list, send a similar message but containing subscribe effector-online You do not need to put your name or email address in these commands. You can find about how our listserver works and get descriptions of our mailing lists by sending the following message to listserv@eff.org: help longindex Thank you, and have a great spring and summer, where ever you'll be! ------------------------------ Subject: What YOU Can Do ------------------------ Experience should teach us to be most on our guard to protect liberty when the Government's purposes are beneficent. Men born to freedom are naturally alert to repel invasion of their liberty by evil-minded rulers. The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding." - Justice Louis D. Brandeis, dissenting, _Olmstead_v._United States_, 277 U.S. 479 (1928) You've been following the newspapers and reading EFFector Online. You know that today there are several battles being fought over the future of personal privacy. The Clipper chip, export restrictions, the Digital Telephony proposal - the arguments are numerous and complex, but the principles are clear. Who will decide how much privacy is "enough"? The Electronic Frontier Foundation believes that individuals should be able to ensure the privacy of their personal communications through any technological means they choose. However, the government's current restrictions on the export of encrytion software have stifled the development and commercial availability of strong encryption in the U.S. Rep. Maria Cantwell has introduced a bill (H.R. 3627) in the House that would liberalize export controls on software that contains encryption, but needs vocal support if the bill is to make it out of the committee stage. The decisions that are made today will affect our futures indefinitely. EFF is a respected voice for the rights of users of online technologies and EFF members receive regular online updates on the issues that affect our online communications and particpate in shaping the future. Now, more than ever, EFF is working to make sure that you are the one that makes these decisions for yourself. Our members are making themselves heard on the whole range of issues. To date, EFF has collected over 4800 letters of support for Rep. Cantwell's bill to liberalize restrictions on cryptography. We also have over 1400 letters supporting Sen. Leahy's open hearings on the proposed Clipper encryption scheme, scheduled for April 27, 1994. If you'd like to add your voice in support of the Cantwell bill, send email to cantwell@eff.org, Subject: I support HR 3627 Your letters will be printed out and hand delivered to Rep. Cantwell by EFF. You KNOW privacy is important. You have probably participated in our online campaigns. Have you become a member of EFF yet? The best way to protect your online rights is to be fully informed and to make your opinions heard. EFF members are informed and are making a difference. Join EFF today! ------------------------------ Why You Should Join the Electronic Frontier Foundation ====================================================== Every day decisions are being made that will affect your life online. Decisions about what sorts of technology you can use to protect the privacy of your communications. Decisions about what services you will be able to get over the emerging national information infrastructure. Decisions that are made before you even know that there are choices. The Electronic Frontier Foundation has been working since July 1990 to ensure that the civil liberties guaranteed in the Constitution and the Bill of Rights are applied to new communications technologies. Our members join EFF to make sure that they are informed about the issues and debates that will shape the future of electronic communications. EFF members enjoy the following benefits: * subscription to our quarterly hard copy newsletter Networks & Policy; * subscription to our biweekly electronic newsletter EFFector Online; * online bulletins that will keep you informed about the key legal, legislative and policy developments affecting your online communications; * an online response mechanism to make themselves heard on key issues. EFF is a respected voice for the rights of users of online technologies. We feel that the best way to protect your online rights is to be fully informed and to make your opinions heard. EFF members are informed, and are making a difference. Join EFF today! -------- 8< ------- cut here ------- 8< -------- MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION ================================================ Print out in monospaced (non-proportional) font and mail or fax to: Membership Coordinator - membership@eff.org Electronic Frontier Foundation 1001 G Street, NW, Suite 950 East, Washington, DC 20001 +1 202 347 5400 (voice) +1 202 393 5509 (fax) +1 202 638 6120 (BBS) Internet fax gate: remote-printer.EFF@9.0.5.5.3.9.3.2.0.2.1.tpc.int Or upload to the BBS, or our Internet ftp site: ftp.eff.org, /incoming SIGN ME UP! ----------- I wish to become a member of the Electronic Frontier Foundation. I enclose: ___ Regular membership -- $40 ___ Student membership -- $20 ___ SysOp membership -- $10* * SysOp members are required to bring in 10 new members to renew at the SysOp membership rate (otherwise normal rates apply). Send queries to membership@eff.org for more info. Special Contribution I wish to make an additional tax-deductible donation in the amount of $__________ to further support the activities of EFF and to broaden participation in the organization. PAYMENT METHOD: --------------- ___ Enclosed is a check or money order payable to the Electronic Frontier Foundation. ___ Please charge my: ___ MasterCard ___ Visa ___ American Express Card Number: _____________________________________________ Expiration Date: _________________________________________ Signature: _______________________________________________ NOTE: We do not recommend sending credit card information via electronic mail, unless it is encrypted! See end for EFF's PGP encryption public key. YOUR CONTACT INFORMATION: ------------------------- Name: __________________________________________________________ Organization: __________________________________________________ Address: _______________________________________________________ _______________________________________________________ _______________________________________________________ E-mail addresses: ______________________________________________ ______________________________________________ Phone: _____________________ FAX: ___________________________ **** SYSOP MEMBERSHIP SECTION *********************************** * Ph.: ____________________ Modem Type: ___________________ * * ____________________ _______________________________ * * ____________________ _______________________________ * * BBS Info: BBS Name: ________________________________________ * * SysOps:___________________________________________ * * Voice/Support Phone: _____________________________ * * Network Addresses: _______________________________ * * _______________________________ * * BBS Notes: (OS, modem types/speeds, Internet connectivity, * * access requirements, hours, fees, software, focus * * or special interests, unique features, etc.) * * ___________________________________________________ * * ___________________________________________________ * * ___________________________________________________ * * EFF will maintain a publicly available list of BBSs and * * similar services that support the efforts of the Electronic * * Frontier Foundation. Members with BBSs who support EFF at * * the Regular or Student rates can be listed as well. * * Include my BBS in the EFF Member BBS Directory _______ * ***************************************************************** PREFERRED CONTACT ----------------- ___ Electronic: Please contact me via the Internet address listed above. I would like to receive the following at that address: ___ EFFector Online - EFF's biweekly electronic newsletter (back issues available from ftp.eff.org, pub/EFF/Newsletters/EFFector). ___ Online Bulletins - bulletins on key developments affecting online communications. NOTE: Traffic may be high. You may wish to browse these publications in the Usenet newsgroup comp.org.eff.news (also available in FidoNet, as EFF-NEWS). ___ Paper: Please contact EFF through the US Mail at the street address listed above. NOTE: Paper documents available upon request. "Networks & Policy" Newsletter automatically sent via US Mail. PRIVACY POLICY -------------- EFF occasionally shares our mailing list with other organizations promoting similar goals. However, we respect an individual's right to privacy and will not distribute your name without explicit permission. ___ I grant permission for the EFF to distribute my name and contact information to organizations sharing similar goals. [This form came from EFFector Online - please leave this line on the form! If you found it elsewhere, please tell us where so we see how far it goes.] The Electronic Frontier Foundation is a nonprofit, 501(c)(3) organization supported by contributions from individual members, corporations and private foundations. Donations are tax-deductible. -------- 8< ------- cut here ------- 8< -------- EFF PGP Public Key for Encryption ================================= This is the ASCII-armored PGP 2.4 public key for the Electronic Frontier Foundation (EFF). Note that mail sent with this key will be considered addressed to EFF in general, not to a specific person, unless otherwise noted. To send personal information to someone at EFF, for whatever reason, please use that person's own key, or arrange some other method of communication. This key is provided principally for the sending of sensitive legal information, and the transmission of credit card numbers over the net securely when becoming a member of EFF. It takes us time and effort to decrypt, so please don't use this key trivially. Thank you. To add this key to your public key ring, do: pgp -ka pgpkey.eff pubring.pgp If your public key ring has another name, use that instead of pubring.pgp. For MacPGP, click on Key | Add Key, select pgpkey.eff as file to get key from, and pubring.pgp (or whatever your pubring is) for file to add key to. To encrypt a message, please see the PGP documentation, and remember that you will almost certainly need to generate the result as an ASCII-armored file, so you can email it (non-ASCII-armored PGP ciphertexts are binary, and will get mangled if you try to email them. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.4 mQCPAi2B6bAAAAEEANVTvM2dhZ0SHsgWOzfn1lRzZcNltsf3Bjt0t5GBuscoyPrD lfBwtzjkZTasK1MfAX/vrUl6BVKb18FCGhuJlmEaZqZ95q5mdsj4tAD18CDg0Jmv bAhWE/JxhhQDG2s9dt5x4GC+ofaHr8nlXKqjyMkb85EyVFHw85hLHLcPIDklABEB AAG0MkVsZWN0cm9uaWMgRnJvbnRpZXIgRm91bmRhdGlvbiAtIEVGRiA8YXNrQGVm Zi5vcmc+iQCVAgUQL+os4hibHbaiMfO5AQEYOAQArtVNhJeRpaShNFd7MQfOFLM9 hql2KBmyvs20/kiwLkGN8Se3GJPYPovBjiB+o9r1GOuc654kxu9KU0m/8SoafWeU p5jBnqlgGwXIo/v5twfKvSnhh75XyGrIwUvlLzxMQaym0slV7YgLUQozWIhuu95d r22qYYdD1PS2SuDpSGGJAJUCBRAtj6o5jC7pCgHDqtsBAVeNA/9ay5pJ7srK7+ns tstaxDe7NnAFLfezgO1yiNED0yM4cDeTNXgZDFNuhzBICmP6fBNSIaUUSwuiQnc8 do45WRo120PX/c+nLoYKeyu8iI0BWA6cjYwk3zKLxpETqpxxKthX6JJ2fxwpL6EQ dF+pmotwtbv3wIH/7FdaZh5r2Nu3/IkAlQIFEC2PJWg2QIGMNPTEcQEBQYoD/2W9 93Yz/c/qmjxpH50blqSPJhd//KYP6AQmmyxI6L+29KqjgflnI56Rk2QUJfs4SnS/ 3jB0H5v9U8u8YocvLsnWL7QvHt0fueoMBk6AFMxgQFzZP3s7dppFncYuiQ710hFL xKu2PFWeurEEZ2VD/KB5fUPdZnwd78bMVj4RIkyJiQCVAgUQLYHqDphLHLcPIDkl AQFBxAP/Q2+RNM218JhEBMcLxoWExWN7wIgIjQF+mZIMvXR9TjhsBtUWQM23XXMi zpQsTCu5/xqTe0OB5no8UfPgktieLyBGFleQgPeXlnmGzcoAeWV6DArFUCN7JKA1 589Zba0/vr4XQpaLgdGInw0nZAYvPKNsKrKl7H37zenmIN9UdTc= =f3Zf -----END PGP PUBLIC KEY BLOCK----- Administrivia ============= EFFector Online is published biweekly by: Electronic Frontier Foundation 1001 G Street, N.W., Suite 950 East Washington DC 20001, USA Phone: +1 202 347 5400, FAX: +1 202 393 5509 BBS: +1 202 638 6120 (300-14400bps V.32bis, 24hr.) Internet Address: eff@eff.org or ask@eff.org Coordination, production and shipping by: Stanton McCandlish, Online Activist/SysOp/Archivist Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. To subscribe to EFFector via email, send message body of "subscribe effector-online" (no quotes) to listserve@eff.org, which will add you a subscription to the EFFector mailing list. ------------------------------ Internet Contact Addresses -------------------------- Membership & donations: membership@eff.org Legal services: ssteele@eff.org Hardcopy publications: pubs@eff.org Technical questions/problems, access to mailing lists: eff@eff.org General EFF, legal, policy or online resources queries: ask@eff.org End of EFFector Online v07 #08 ****************************** $$