💾 Archived View for gemini.spam.works › mirrors › textfiles › magazines › CUD › cud1018.txt captured on 2022-06-12 at 11:07:50.
-=-=-=-=-=-=-
Computer underground Digest Sun Mar 15, 1998 Volume 10 : Issue 18
ISSN 1004-042X
Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
Archivist: Brendan Kehoe
Shadow Master: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Field Agent Extraordinaire: David Smith
Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
CONTENTS, #10.18 (Sun, Mar 15, 1998)
File 1--Filtering software poses legal pitfalls.
File 2--USACM Letter on HR 2652, the "Collections of Information
File 3--How Fast Is The Internet Going Right This Second?
File 4--Policy Post 4.4: CONGRESS PREPARES TO TAKE UP CRYPTO AGAIN
File 5--EFFector 11.02: ACTION ALERT: Database Copyright Bill v. Fair Use
File 6--Cu Digest Header Info (unchanged since 7 May, 1997)
CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.
---------------------------------------------------------------------
Date: Sun, 15 Mar 1998 20:52:18 -0500
From: "David J. Loundy" <David@Loundy.com>
Subject: File 1--Filtering software poses legal pitfalls.
Published in the Chicago Daily Law Bulletin, March 12, 1998 at page 5.
---------------------------------------------------------------
Filtering software poses legal pitfalls.
Copyright 1998 by David Loundy
Archived at http://www.Loundy.com/CDLB/
To subscribe, send the message
"subscribe" to Loundy-request@netural.com
-----------------------------------------------------------------
A decision is expected shortly in a case brought in the United States
District Court for the Eastern Division of Virginia, Mainstream Loudoun v.
Board of Trustees of the Loudoun County Public Library, No. CA-97-2049-A,
which is being watched carefully by libraries, legislatures, civil rights
activists and the anti-pornography crowd. The suit concerns the use of
"filtering software" (often referred to as "blocking software" or simply as
"censorware").
Filtering software is designed to screen Internet material for
"inappropriate" content. Such software packages have been widely adopted,
especially in light of their endorsement by President Clinton at a White
House Summit following the U.S. Supreme Court's mention of the software as
perhaps being a preferable alternative to legislation such as the ill-fated
Communications Decency Act. Various states have also jumped on the
bandwagon by proposing legislation that would require the installation of
such software or other means of content restriction in schools and public
libraries.
Sen. John McCain, R-Ariz., has also introduced legislation in the U.S.
Senate (S1619 IS, available on the Internet at
ftp://ftp.loc.gov/pub/thomas/c150/s1619.is.txt), which would deny certain
funds to schools and libraries that fail to implement a filtering or
blocking system for Internet-connected computers.
There are a few problems with these legislative attempts and other
voluntary efforts to install such software: the software packages do not
work as well as most people think they do, and they also erroneously block
Constitutionally protected material. To understand the legal pitfalls
associated with filtering software, it is necessary to look at the
technology and how it operates.
Filtering software works by employing a variety of schemes. Two common
blocking schemes used in filtering software either screen, based on the
presence of key words, or block certain addresses. Some filtering software
packages will search for words present in Internet material which match a
list of prohibited terms. If a prohibited term is present, the material is
blocked from viewers. Other filtering software may block material based on
its URL (Uniform Resource Locator-- a standardized way of describing an
Internet address, be it a web page, a usenet news post, an e-mail address,
or an FTP file archive). Blocked URLs are usually included on a list that
comes with the software after the manufacturer examines the material and
classifies it as objectionable to a particular audience. Thus, users are
offered options to filter particular types of material they wish to avoid,
such as material which contains sexual content, violence, profanity, etc.
Users must obtain updated lists to account for new sites that are found or
addresses that have changed after the software was purchased.
Unfortunately, both of these filtering schemes are flawed. First of all,
key word blocking will not block images. Second, if a key word filter
blocks key words appearing in an address, such as in a domain name, all of
the content appearing at that domain will be blocked, regardless of what
material is actually housed at that domain. Third, key words can be
circumvented. For instance, if a filter blocks the word "breast" it might
not block "bre_ast." And fourth, if the list of blocked key words is
expanded too greatly, then inoffensive content may also be blocked, as
occurred in the famous incident where part of the White House web site was
blocked by a filtering package because the software blocked occurrences of
the word "couple"-- which was used to describe Bill and Hillary Rodham
Clinton.
Filtering software which blocks based on the material's address may allow
for more precision in theory, but it also suffers some drawbacks in
practice. To block based on a URL requires that all URLs be checked and
classified. This is generally a subjective endeavor allowing for
inaccuracies in classification and, thus, filtering.
Blocking by URL is fundamentally an impossible proposition. The Internet is
growing too quickly for a small software company to keep up with the
volumes of new material. It is not economically feasible for a software
company to hire sufficient numbers of people to rate every web site and
usenet news group, much less stay abreast of changing content. As a result,
some filtering software may block an entire domain or portion thereof as a
short-cut. If the domain belongs to an Internet service provider, then
access to all of the service provider's clients' web sites may be blocked
because of the rating assigned to one or two of the service provider's
users. In addition, some content may be available through a database which
spontaneously generates web pages, and therefore has no stable address to
block.
Any legislation that requires that all inappropriate material be blocked
cannot be complied with using existing technology. All of the existing
filtering technology may be considerably over-inclusive in its
restrictions, a state of affairs that is not likely to survive last year's
U.S. Supreme Court decision in Reno v. ACLU, 117 S.Ct. 2329 (1997).
Additionally, the Constitutional tests for obscenity and indecency both
include a "community standards" element. Any statute that requires that
access be blocked to "obscene," "indecent," or "illegal" material requires
evaluation based on local community standards. Some filtering package
promoters make the claim that their software blocks only illegal material.
This is a nonsensical claim. Either the software must employ the judgment
of the software company as to what material is inappropriate, or each
individual community must rate the entire Internet (as the McCain bill
would require of each school board or library).
These issues are being squarely debated in the Mainstream Loudoun case. In
this case, U.S. District Judge Leonie Brinkema (who, at the end of
February, struck down as unconstitutional a Virginia statute which sought
to restrict State employees' access to sexually explicit material using
state-owned computers) is faced with the issue of whether the Loudoun
public library is violating the First Amendment by requiring the use of
filtering software on library computers.
A citizens' group and a few assorted plaintiffs are suing the Loudoun
Library Board, claiming that the "X-Stop" filtering software installed on
library computers is infringing their Constitutional rights. Specifically,
the plaintiffs argue that the library policy "is a harsh and censorial
solution in search of a problem." It restricts all users to content suited
to the most sensitive users, and threatens criminal penalties to any who
try and circumvent the block. None of the libraries in the County system
had complained that there was a problem with inappropriate material, and
the library board was presented with data "that less than two-tenths of one
percent of the information available on the Internet is even arguably
'pornographic'" before it imposed what some consider to be the nation's
most restrictive access policy.
In addition, the plaintiff's have argued that the policy requires the
software to perform, in essence, a legal test to determine what material is
inappropriate. Furthermore, enforcement of the library policy requires that
Internet terminals be placed in full view, thus increasing, rather than
reducing, the chance that library patrons will be exposed to material they
find offensive. This public placement of terminals may also have a chilling
effect by dissuading patrons from looking even at unfiltered content which
they do not want to share with any library patron who may be in the area.
The plaintiffs also argued that the legislation is overbroad and that the
filtering software removes the ability of a parent to determine what his or
her children (or self) should be allowed to see.
Perhaps the plaintiffs' best argument against the legislation is that the
filtering software would block material on the Internet that is available
to library patrons by simply picking up the same material from the
library's shelves. (An argument not likely to be as effective is that the
policy requiring blocking software violates the library's own "Freedom for
Ideas-- Freedom From Censorship" policy (as well as the American Library
Association's principals of freedom and its explicit resolution condemning
the imposition of filtering software).)
The defendants' arguments are also interesting, but unpersuasive. The
defendants argue that the legislation is based on a policy restricting the
library's obtaining of objectionable material at a library patron's
request. However, the library board has argued that calling up material
from a remotely located machine on an Internet-connected computer is
analogous to using the library facilities to request an interlibrary loan
of the material. The defendants have stated that as far as they know "no
court has ever held that libraries are required by the First Amendment to
fulfill a patron's request to obtain a pornographic film-- or any other
information-- through an interlibrary loan." Furthermore, they argue that
there is Supreme Court precedent in a sharply divided case (Board of
Education v. Pico, 457 U.S. 853 (1982)) that intimates that school boards
should have the freedom to decide what materials to house in their
libraries.
The interlibrary loan argument is unpersuasive because the Internet
connection and its benefits are already present in the library, and the
library staff is not needed to arrange for the transfer of any content
available to an Internet-connected library computer. The software which
restricts access to certain material, on the other hand, is brought into
the library by its staff in order to remove access to material which would
otherwise be freely available to library patrons but for the blocking
software. A better analogy would be for the librarians to tell patrons that
they may read any books in the library, except the ones the librarians grab
out of the patron's hands if they try to take the restricted books off the
shelf.
I predict that some of the legislation requiring blocking of Internet
content will pass. I also predict the library patrons will win (as,
hopefully, will the plaintiffs who challenge any passed filtering
legislation). The stakes in this debate are high. At issue here are small
battles in schools and libraries.
However, there are two issues more important than whether the Loudoun
County libraries allow uncensored Internet access. First, there are whole
countries that use "proxy servers" that function as national filtering
software. Some proposed filtering-enabling schemes, such as PICS (Platform
for Internet Content Selection), constitute what some believe to be the
ultimate tool for government censorship by building a mechanism for
censorship into the Internet's infrastructure. While countries are entitled
to their own Internet content laws, the mainstreaming of such tools should
proceed only with care and consideration as to the potential effects.
The second issue, to return to the beginning, is that these filtering tools
do not work as most people believe them to work. People need to understand
what they may be missing, and to what they may still be subjected.
Filtering software is not the Holy Grail, at best, it is the Holy Colander.
http://www.Loundy.com/CDLB/1998-Censorware.html
______________________________________________________________________
David J. Loundy | E-Mail: David@Loundy.com
| WWW: http://www.Loundy.com/
Davis, Mannix & McGrath | Listserv (for my Technology
125 S. Wacker Drive, Suite 1700 | Law column): Send a message
Chicago, IL 60606-4402 | reading "subscribe" to
Phone: (312) 332-0954 | Loundy-request@netural.com
______________________________________________________________
Opinions are mine, not my employer's, & are subject to change without
notice. You are not now my client, this is not meant as legal advice.
------------------------------
Date: Fri, 6 Mar 1998 06:55:33 -0500
From: ACM US Public Policy Office <usacm_dc@ACM.ORG>
Subject: File 2--USACM Letter on HR 2652, the "Collections of Information
March 5, 1998
Representative Howard Coble
Chairman
House Judiciary Subcommittee on Courts and Intellectual Property
2239 Rayburn House Office Building
United States House of Reprsentatives
Washington, D.C. 20515
Dear Chairman Coble,
We are writing to express our concern about H.R. 2652, the
"Collections of Information Antipiracy Act." The Association for Computing
(ACM) recognizes the need to protect investments made in large data
collections. However, the proposed legislation fails to recognize the
legitimate needs of academic, professional, scientific, and ordinary users
of data. Therefore, we believe that the legislation, as currently drafted,
is generally not in the interests of the computing profession or of the
general public.
The ACM is the largest, international professional association of
computer scientists with 60,000 members in the United States. We have a
particular interest in the development of intellectual property policies
that serve a broad mission. We believe that such policies should ensure the
continued vibrancy of not-for-profit publishers, students, researchers, and
the general public, even as they seek to protect commercial investments.
Sensible legislative proposals should promote the "Progress of Science and
the Useful Arts" by allowing exemptions for public-good uses in libraries,
universities, and laboratories. They should not establish perpetual
protection for data while eliminating the "fair use" upon which the
research community is heavily dependent.
ACM has developed considerable expertise in the copyright issues
associated with the creation of electronic databases. The ACM publishes
many journals, some of which include research results derived from data
collection. Additionally, ACM has an on-line searchable database. Under
the proposed legislation, the extraction of a substantial unauthorized "use
in commerce" of the data compilations will be prohibited if it would "harm"
the original compiler's market. Thus, the owner of the data compilation
will have the authority to determine which users may access the data if
more than a "substantial" amount of data from the compilation is requested.
This limitation on the use of data is contrary to the traditional
scientific research model. In the U.S., data collections are routinely
reused and revised in the course of scientific and academic research
without royalties being exchanged. The bill also includes an overly broad
definition of what constitutes "information" and no definition of
"substantiality." This, too, could have a chilling effect on academic
research and publication.
The fair use provisions in H.R. 2652 fall far short of the
exemptions necessary to permit researchers to verify others' results,
educators to demonstrate models in classrooms, scientists to make use of
government databases, and other traditionally protected uses. Such "full
and open" use of data is indispensable to effective and accurate research.
The fair use provisions allow only extractions which do "not harm the
actual or potential market for the product." "Full and open" is defined in
the scientific community as data and information derived from publicly
funded research which is made available with as few restrictions as
possible, on a nondiscriminatory basis, for no more than the cost of
reproduction and dissemination. The inadequate fair use provisions in H.R.
2652 do not meet this definition. Furthermore, this also impacts citizens,
who currently have the right to full and open access to data from databases
created by their government and by organizations funded by the government,
no matter if someone else has also published the data.
H.R. 2652 would create proprietary rights in compilations of
scientific information which are now in the public domain; thus,
unauthorized extraction or use of this information, of the kind which
scientists are accustomed to make today, would appear to harm the market
for the compilation as a matter of definition. For example, all the names
and numbers registered with NSF's contractors (Network Solutions and ISI)
pertaining to the Internet are freely accessible. The public can access
such data for any legal reasons, including operating Internet routers and
directory services. The extraction of data from this compilation could be
limited by H.R. 2652. Naturally, this principle extends to all sorts of
financial and other data which major publishers resell.
We recognize it is important to protect investments made in data
collection. However, we do not believe it has been demonstrated that
further legislation is necessary. The "Collections of Information
Antipiracy Act" is overly broad in its application of the misappropriation
doctrine and will affect both the computing community and scientific
research generally. We believe that there are alternative technical
approaches that may better serve the interests of users of new digital
technologies. We would be very pleased to work with you on a study of these
issues.
We would look forward to working with you on this effort. If you
have any questions, please contact Lauren Gelman at 202/544-4859.
Sincerely yours,
Dr. Barbara Simons
Chair, U.S. Public Policy Committee
The Association For Computing Machinery
cc: House Judiciary Subcommittee on Courts and Intellectual Property
Rep. Henry J. Hyde, Chairman, House Judiciary Committee
Rep. John Conyers, Jr., Ranking Member, House Judiciary Committee
Rep. Newt Gingrich, Speaker of the House, U.S. House of Representatives
Rep. Richard Armey, Majority Leader, U.S. House of Representatives
Rep. Richard Gephardt, Minority Leader, U.S. House of Representatives
Rep. F. James Sensenbrenner, Jr., Chairman House Science Committee
Rep. George Brown, Ranking Member, House Science Committee
Rep. Vernon Ehlers, Vice Chairman, House Science Committee
Sen. Orrin G. Hatch, Chairman, Senate Judiciary Committee
Sen. Patrick J. Leahy, Ranking Minority Member, Senate Judiciary
Committee
/\ /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
Association for Computing, + http://www.acm.org/usacm/
Office of U.S. Public Policy * +1 202 544 4859 (tel)
666 Pennsylvania Ave., SE Suite 302 B * +1 202 547 5482 (fax)
Washington, DC 20003 USA + gelman@acm.org
------------------------------
Date: Mon, 9 Mar 1998 12:35:56 -0500 (EST)
From: mds@MDS.PRWIRE.COM
Subject: File 3--How Fast Is The Internet Going Right This Second?
How Fast Is The Internet Going Right This Second?
ACTON, Mass., March 9 /PRNewswire/ -- The Internet Traffic Report
(at www.internettrafficreport.com) can tell you. The site gives an
independent, real-time measure of how well "traffic" is moving on the Internet
highway -- city by city, country by country, and for the Internet as a whole.
Checking the site can tell you if it's a good time to do a big download or
search, and historical performance graphs show when traffic is usually down.
The site can also be used to determine if it's your ISP that's performing
badly, or if the whole Internet is bogged down. Some people even like to check
the site just to confirm particularly hideous Internet performance.
The Traffic Report collects data on package loss and response time each
hour from routers around the world, mapping them into global and local
performance indices. The site also includes graphs of Internet speed over the
past 24 hours and the previous week.
The site could be of use to your readers, but I also thought it might be
of use to you as a source of independent data for stories about Internet
performance.
We're in the process of compiling a list of reporters and editors who'd
like to be notified by email each time the Internet's performance spikes or
plunges. We'll only contact you in the case of the most extreme performance
variations, and will include some analysis or explanation, when possible.
The Internet Traffic Report is part of Andover.net, a network for
technology-oriented consumers, which provides everything from technology news
to the world's largest collection of free software sites.
If you'd like to be put on our notification list, or would like more
information on the site, please feel free to contact me at 978-635-5300 or
sarahlawson@mediaone.net.
SOURCE Andover.net
-0- 03/09/98
------------------------------
Date: Fri, 6 Mar 1998 17:55:21 -0500
From: Graeme Browning <gbrowning@CDT.ORG>
Subject: File 4--Policy Post 4.4: CONGRESS PREPARES TO TAKE UP CRYPTO AGAIN
Source: CDT POLICY POST Volume 4, Number 4 March 6, 1998
_____________________________________________________________________________
CONGRESS PREPARES TO TAKE UP CRYPTO AGAIN
Congress is back in session and the ongoing debate on encryption controls
has moved front and center. This spring Congress will be considering
diametrically opposed approaches to the regulation of encryption, including
an FBI proposal that would, for the first time, control the type of
encryption programs Americans may use within their own borders. The most
recent developments are outlined below.
(1) Sens. McCain and Kerrey propose revised crypto bill
Senators John McCain (R-AZ) and Robert Kerrey (D-NE) have a new version of
their Secure Public Networks Act, S.909. The revised draft includes several
changes in response to industry and privacy concerns. Despite these
changes, CDT remains opposed to S. 909 for one fundamental reason: the
revised draft still seeks, through a series of incentives (export controls,
government procurement and liability safe-harbors), to require encryption
users to surrender control over their keys on the government's terms.
Major changes in the revised McCain-Kerrey bill include: