EFFector Online Volume org Publicati

Found at: gopher.meulie.net:70/EFFector/effect08.17

     ________________          _______________        _______________
    /_______________/\        /_______________\      /\______________\
    \\\\\\\\\\\\\\\\\/        |||||||||||||||||     / ////////////////
     \\\\\________/\          |||||________\       / /////______\
      \\\\\\\\\\\\\/____      ||||||||||||||      / /////////////
       \\\\\___________/\     |||||              / ////
        \\\\\\\\\\\\\\\\/     |||||              \////

EFFector Online Volume 08 No. 17      Oct. 18, 1995       editors@eff.org
A Publication of the Electronic Frontier Foundation        ISSN 1062-9424

ALERT: Urgent CDA Action Especially for SysOps, ISPs and Businesses
Who's Using Who?  Martin Rimm and the Antiporn Activists
  Cincinnati BBSers Fight Back
  Stratton Oakmont & Porush v. Prodigy - Update
  Istook Amendment a Threat to Non-Profits' Free Speech?
  Administration *Still* Chants "Voluntary", Forges Onward with Escrow
  "Oz Clipper" - Update
  FBI Child Pornography Investigation - Update & Key Escrow Tie-in
  International Online Child-Porn "Ring" Target of "Operation Starburst"
  Canadian Prosecutions for Textual & Faked "Child Pornography"
  Canadian Exon-alike on the Way?
  Canada & Holland Ratchet-up Privacy
  pgp.net - New World-Wide PGP Keyservice
  Swiss Data Protection Commish Warns About Lack of Security
  Bulgarian TV Censorship
  Coming Next Issue...
Upcoming Events
Quote of the Day
What YOU Can Do

* See http://www.eff.org/Alerts/ or ftp.eff.org, /pub/Alerts/ for more
nformation on current EFF activities and online activism alerts! *


Subject: ALERT: Urgent CDA Action Especially for SysOps, ISPs and Businesses

This is a letter devised by the Stop314 Coalition (of which EFF is a 
to the slew of Internet censorship bills that are coming closer and 
closer to passage. Congress sometimes ignores non-profit "special interests",
like us, but do often listen to well-organized industry opposition 
to or support of legislation. Please feel free to share this, without 
"spamming", with newsgroups and list moderators (who, after all, are a form 
of online service provider - the legislation in question may hold them 
companies' administrators, as well as other concerned businesses and 

There's a lot of talk about the evils of censorship, and on the net, no
of something bigger than just general kvetching and worry.

Take the letter below and forward it to your Internet Service Provider
and ask them to sign on.  Make a difference.

We all have a service provider, we can all participate in this.



A few months ago I put out a plea for business to sign onto a letter
that urged Congress to adopt a different tact with regards to regulating
the Internet.  Congress responded, with a public response that affirmed

Union), and Simona Nass of the SEA (Society of Electronic Access).

The letter opened doors for us, and was crucial in helping to sway the
opinions of many legislators considering both sides of the debate.

and good business.  Please consider doing so.

The deadline for signing onto this letter is Monday October 16th.  Please

Shabbir J. Safdar
Online Representative
Voters Telecommunications Watch


Directions for signing onto the business letter and a copy thereof:

   Read the electronic business and bulletin board letter below.  You
   can also find it at:

        Gopher:  gopher -p1/vtw/exon gopher.panix.com
        WWW URL: http://www.vtw.org/cdaletter/
        Email  : Send mail to files@vtw.org with "send cdaletter" in the
                 subject line.
   Send in the following information to vtw@vtw.org:

        Business name
        Owner or officer name
        Email address
        Phone number
        Description of business and anything else relevant

   Here's an example:
   $ Mail vtw@vtw.org

   My business would like to signon to the business and bbs letter.
   We are:

        Ed's Xcellent Online Node (EXON)
        J.J. Exon, Owner
        2323 Decency Road, Nebraska 10000-0000
        (402) 555-1212

        Ed's Xcellent Online Node is based in Nebraska and provides Internet
        service to many thoughtful and free-speech loving Nebraskans.
        We provide Internet access to over 1,500 residents and 400
        businesses.  We employ 35 full time employees.

   Mail sent!



[For more information on this effort, contact:
Shabbir J. Safdar (VTW) at shabbir@vtw.org or (718) 596-7234]

Dear member of Congress,

Laws restricting Internet speech, such as S314, the Exon/Coats
"Communications Decency Act" and the new Title 18 language in the
Managers Amendment to HR1555, will not help parents control their
children's access to objectionable material and will over-regulate
electronic businesses out of this growing industry.

These bills are currently in the Telecommunications Deregulation
conference right now, and we urge you to provide your input to the
conference committee to remove the criminal provisions mentioned
above from the final bill. 

Recently the House addressed the issue of children accessing
controversial material in cyberspace.  By affirming HR 1978 (the
Cox/Wyden Internet Freedom and Family Empowerment bill) they encouraged
children's access to the Internet while showing a concern for the First

Unfortunately Congress also passed two measures that do nothing to help
the Internet.  S314, the Exon/Coats Communications Decency Act, and the
new additions to Title 18 of the US Code were drafted without an
understanding of the technology or the business that we engage in.

This legislation imposes regulations on business so grave that many of
us wonder if we will be able to stay in business.

The great advantages of modern electronic communications--and the
to exchange information freely at speeds approaching that of light.
The bills we object to will force many sites to screen every message
that comes across, or to shut down access.  We ourselves are at some
that comes across our channels.

Should the laws proposing new regulations pass, the National Information

Let it be understood that objectionable material is available to
children right now on sites outside the United States and will continue
to be available to children if these changes to the criminal code
the reach of US laws.

What will help parents control their children's access to the Internet
s "parental control" tools and features, such as those provided by
today.  No one had to mandate them, they appeared because parent
consumers asked for them.  A list of them is attached for your

Once again, we urge you to express your opinion to the conference
committee.  The Telecommunications Deregulation bill that comes back to
the floor for a vote should contain HR1978 and exclude S314 and the new
Title 18 language from the HR1555 Managers Amendment.

Respectfully submitted,


[end of alert]

More information on Internet censorship legislation is available at:
ftp.eff.org, /pub/Censorship/Internet_censorship_bills/


From: Mike Godwin (mnemonic@eff.org)
Subject: Who's Using Who?  Martin Rimm and the Antiporn Activists
To those who have been investigating the scandal behind the fraudulent
Martin Rimm/Carnegie Mellon "cyberporn study" and the Time magazine cover
connection between Rimm's efforts and those of antiporn activists --
But the precise nature of the connection has not been clear until
Carlin Meyer and others, it is now apparent that Rimm had the assistance of
antiporn activists, including Bruce Taylor of the National Law Center for
Children and Families.
Thus, at the same time Rimm, himself no fundamentalist, was using the
antiporn activists to contrive a place for himself on the national stage,
the antiporn groups were using Rimm to manufacture evidence that
"cyberporn" was out of control and needed to be regulated.
Figuring out the connection between Rimm and the Taylor gang is like
assembling a mosaic from very numerous and very tiny pieces. Still, the
newsgroup that included the following response to Carl Kadie:
'You're a good guy, Carl. I'm the principle investigator of the study,
"Marketing Pornography on the Information Superhighway." It is being
cases before the Supreme Court.'
  'Another competing
   vision consists of a revised version of the Miller standard. Instead
   of using community standards, the proponents of the revised Miller
   standard advocate the creation of a per se list of sexual activities
   which are automatically and irrevocably deemed obscene. See Bruce A.
   Taylor, A Proposal for a Per Se Standard, 21 U.Mich. J.L. Ref. 255
U. of Mich. Journal of Law Reform that includes the Dietz-Sears
footnotes 15 and 56).
article (in which Taylor also boasts of his 15 years of experience in
"In all, this author has tried over 65 obscenity jury cases in several
the Ohio and Colorado Supreme Courts, United States Courts of Appeals for
the Sixth and Ninth Circuits, and the United States Supreme Court."
and Families. This means he *currently* shares a Fairfax, Va., suite of
offices with H. Deen Kaplan.
Georgetown, b) a vice president of the National Coalition for Children and
Families (formerly the National Coalition Against Pornography, aka NCAP),
and c) a member of the Georgetown Law Journal staff throughout last year
and currently on the journal's articles-selection committee.
John McMickle, who is now on the staff of Sen. Chuck Grassley and who was
the author of Grassley's net.indecency legislation. McMickle, who,
according to Danny Weitzner of the Center for Democracy and Technology,
s known to be a protege of Taylor's, was the person who had
advance knowledge of Marty's study (this is clear from a letter McMickle
early November of last year), and who later planned to call Marty as
a witness to Grassley's Senate hearing. A year ago at this time, McMickle
Donna Rice-Hughes's group, "Enough is Enough!") apparently prefer to
office only with likeminded individuals.
book" of online porn that the Senator brandished on the Senate floor.
this year, at approximately the time the issue of the Georgetown Law
Journal was originally set to be published. Hearings on the Grassley
legislation were set for July 24. Coincidentally, perhaps, that was four
Or perhaps it wasn't purely coincidental -- Rimm seems to have known
n March that his study would be featured in a Time cover story.
lawyers, including me, Danny Weitzner of Center for Democracy and
Technology, and Stephen Bates, then an Annenberg Fellow.
footnotes could result in his study's being branded as a political,
antiporn document, Rimm stressed the following in his request to me in
"In the meantime, we would
editing by any of the law journal staff, we see the following text in
footnote 53:
  'The second of the competing
   visions consists of a revised version of the Miller standard. Instead
   of using community standards, the proponents of the revised Miller
   standard advocate the creation of a per se list of sexual activities
   which are automatically and irrevocably deemed obscene. Bruce
   Taylor, A Proposal for a Per Se Standard, _______ J.L. Ref. ______
December version are echoed in footnote 93 of the final version of
the Rimm study. The main difference is that the citation for the Bruce
Taylor article is not complete in the older draft. The most reasonable 
nference from this fact is that the person who added that citation was
law journal would know to pull up the specifics. This is a strong 
ndication that a) the drafter of this footnote was a lawyer or law
t strongly suggests the likely background of the person who assisted
Marty with his legal scholarship.
author makes a point of thanking "Len Musil, J.D. 1988, Arizona State
University, who is clerking for CDL [Citizens for Decency through Law,
the antiporn organization then headed by Taylor], and who used his skills
as editor of his university and law school newspapers to edit this work
and conform its style to proper form."
timetable for Rimm's and the law journal's interactions goes something
like this:
Time article on the CMU censorship flap, written by Philip Elmer-DeWitt,
becomes available on America OnLine. It is also available in the 11-21-94
ssue, which may have been on the stands on 11-14-94.
editor for the Georgetown Law Journal, reads about Rimm's study, gets
a copy from Marty Rimm, suggests its publication to the Georgetown Law
Journal staff, the GLJ meets and decides to accept the article, and
Carlin Meyer is selected as a probable contributor.
Meredith Kolsky solicits Carlin Meyer's review of the Rimm article.
Kolsky thanks Meyer for agreeing to write a comment on the Rimm article
and ships a copy of the then-current draft of the study to Meyer. It is
from this draft -- the words "Copyright 1994" and "DO NOT CIRCULATE!!"
appear prominently on the cover -- that I have taken the earlier version
of Rimm's obscenity/child-porn legal footnote.
Based on this breathtaking timetable (it's astonishing that the
law-journal staff members physically survived the rapid acceleration of this
editorial decisionmaking process), it's certain that Marty had legal assistance

The likeliest answers to this question: Deen Kaplan, the Georgetown Law
Journal staff member and antiporn activist, is the author of
the legal footnotes and law-related text of the Rimm article, while
Bruce Taylor, who continues to spearhead the attempts to pressure
Congress into censoring the Internet, is the Supreme Court obscenity
litigator who served as a "referee" for Rimm.
could easily be listed as unindicted co-conspirators. The real crime,
of course, is that, even though the Rimm study itself has been
efforts to paint the Internet as vice den in dire need of Congressional
action -- continues unabated.

How much help did Martin Rimm receive in his legal footnotes and
To get an idea of the assistance Marty had clearly received before his
article was checked by the Georgetown Law Journal editors, take a look at
Rimm's footnote dealing with the legal and constitutional status of
obscenity and child pornography.
The footnote appears as Footnote 2 in the Georgetown Law Journal article,
but it was Footnote 1 in the version of the article the law journal
the footnote in the following way:
Material *deleted* from the first draft of the footnote is set off and
bracked with <>.
Material *added to* the first draft of the footnoate (i.e., that appears
n the final draft) is not set off, but appears in [[doubled square
Here's the footnote:
The question of whether a sexually explicit image enjoys First
  Amendment protection is the subject of much controversy and reflects a
  fundamental tension in contemporary constitutional jurisprudence.
  While this article discusses only the content and consumption patterns
  of sexual imagery currently available on the Internet and "adult" BBS,
  the law enforcement and constitutional implications are obvious. Thus,
  it is necessary to briefly discuss the constitutional status of
  sexually explicit images.
  Obscene material does not enjoy First Amendment protection. See Roth
  v. United States, 354 U.S. 476 (1957)
<<(opinion of Brennan, J.)>>
; Miller v. California, 413 U.S.
  15 (1973). In Miller, the Supreme Court established the current
  tripartite definition for obscenity.
  therefore outside the protection of the First Amendment, an image must
  (1) appeal to a prurient (i.e., unhealthy or shameful) interest in
  sexual activity, (2) depict real or simulated sexual conduct in [[a]]
  manner that, according to an average community member, offends
  contemporary community standards[[,]] and (3) according to [[a]] reasonable
  person, lack serious literary, artistic, political[[,]] or scientific
  value. Id. at 25-27; [[see also]] Pope v. Illinois, 481 U.S. 497, [[500-01]]
  (1987) [[(rejecting "ordinary member of given community" test, in favor
  of "reasonable person" standard for purposes of determining whether
  work at issue lacks literary, artistic, political, or scientific
  value)]]; Pinkus v. United States, 436 U.S. 293, [[298-301]] (1978)
  [[(excluding children from "community" for purpose of determining
  obscenity, but allowing inclusion of "sensitive persons" in the
  "community")]]; [[Ginzburg v. United States, 383 U.S. 463, 471-74 (1966)
 (allowing courts to examine circumstances of dissemination to
  determine existence of literary, artistic, political, or scientific
  value);]] see also United States v. Orito, 413 U.S. 139, [[143]] (1973)
 [[(holding that constitutionally protected zone of privacy for obscenity
 does not extend beyond the home)]]

  To complicate matters, all adult pornographic material
  [[is initially]] presumed to be nonobscene.
  Fort Wayne Books, Inc. v. Indiana, 489 U.S. 46, 62 (1989)
 [[(requiring judicial determination of obscenity
  before taking publication out of circulation);]]
  Marcus v. Search
  Warrant, 367 U.S. 717, 730-31 (1961) [[(requiring procedures for seizure
  of obscenity which give police adequate guidance regarding the
  definition of obscenity to ensure no infringement on dissemination of
  constitutionally protected speech)]]. Accordingly, law enforcers and
  prosecutors attempting to pursue an obscenity investigation or
  prosecution face constitutionally mandated procedural obstacles not
  present in other criminal matters. See New York v. P.J. Videos, Inc.,
  475 U.S. 868 (1986). For instance, the so-called "plain view"
  exception to the Fourth Amendment warrant requirement, whereby
  contraband plainly visible to a law enforcement officer may be seized,
  does not apply to allegedly obscene material because, prior to a
  judicial determination, nothing is obscene and therefore, a fortiori,
  nothing be can be considered contraband. See Lo-Ji Sales, Inc. v. New
  York, 442 U.S. 319, 325 (1979) [[(requiring that search warrants contain
  specific description of allegedly obscene items to be seized)]].
  In addition to obscenity, one other type of sexually explicit material
  does not enjoy constitutional protection. In New York v. Ferber, 458
  U.S. 747 (1982), the Supreme Court explicitly removed pornography
  depicting minors from the protective aegis of the First Amendment.
  That is, obscene or not, visual depictions of children engaged in
  sexual conduct are not constitutionally protected. Because the
  government interest
  identified [[by the Supreme Court]] as justifying
  removing child pornography from the protection of the First Amendment
  is more urgent than the government
  [[interest]] which
  [[justify]] denying
  protection to obscenity, and because the child pornography standard is
  far less vague than the obscenity standard, law enforcers and
  prosecutors are not bound by any unique procedural burdens here. See
  United States v. Weigand, 812 F.2d 1239 (9th Cir.), cert. denied, 484
  U.S. 856 (1987).
  In sum, the constitutional regime that the Supreme Court has
  established for pornography creates two distinct categories of
  sexually explicit imagery
  [[that]] are not protected by the First
  Amendment. While ascertaining whether a particular digital image
  contains a minor is not [[a]] Herculean labor, ascertaining whether a
  particular digital image is obscene in the abstract is well-neigh
  impossible. Accordingly,
  [[the research team]] will not attempt to pass on
  the question of obscenity as it applies to the digital images that are
  the subject of this
Two things are immediately clear to anyone accustomed to reading
law-review articles. The first is that Marty's footnote was scarcely
edited at all by the law-journal editors -- it was published in much the
than anything that makes clear that Marty had assistance from someone who
Finally, I suspect the transmutation of "this Author" to "the research
team" came at Marty's suggestion, and not the law-review editors'.


More information on the Rimm/CMU/Time "CyberPorn" scandal is available at:
ftp.eff.org, /pub/Censorship/Pornography/Rimm_CMU_Time/ 


Subject: Newsbytes

* Cincinnati BBSers Fight Back

On June 16, 1995, members of the Hamilton County, Ohio, Computer Crimes Task 
Force raided the offices of the Cincinnati Computer Connection BBS and 
mail of the subscribers.  The search warrant authorized the Task Force to 
the entire system, including thousands of private and public messages.
Though similar in many ways to the Steve Jackson Games v. US Secret 
Service case, which EFF helped bring to trial and win, this is the
first user class action suit challenging a government seizure of computer

The seven subscribers represent a class of thousands of users of the
Cincinnati Computer Connection electronic bulletin board.  The lead
BBS.  Other plaintiffs include Denise and Ben Kelley, active bulletin board
users and grandparents of seven; Nelda Sturgill, a registered nurse who
used the bulletin board to keep up with medical news and to swap recipes;
and Randy Bowling, who suffers from a speech impediment caused by a head
njury, who used CCC BBS as his primary way to communicate and to study
computer science. The users of the system claim that the wholesale 
and association and that the seizure of their private e-mail violated their

"The Task Force used a drift net to troll for a tiny amount of supposed
'computer porn,'" said Cincinnati civil rights lawyer Scott T. Greenwood,
amount of entirely irrelevant material, and shut down a constitutionally-

"We believe that the law prohibits the indiscriminate seizure of private
electronic communications," said Peter D. Kennedy, an Austin, Texas
attorney who also represents the plaintiffs, and who represented Steve
Jackson Games when that company sued the U.S. Secret Service for illegally
crime under investigation.  Here, the Task Force took everything, including
thousands of innocent persons' private mail and public notices."

Greenwood added, "Whether the sheriff and the computer 'net police' like
t or not, the Bill of Rights is not optional just because they don't like
t or understand it.  Shutting down a computer system and seizing people's

The lawsuit claims that Sheriff Leis and the Task Force violated the
First Amendment, the Fourth Amendment, several provisions of the federal
Electronic Communications Privacy Act of 1986, and Ohio common law privacy
on behalf of the seven plaintiffs and the entire class.

[The above largely excerpted from plaintiffs' press release.]

For a copy of the complaint filed by plaintiffs, see:
ftp.eff.org, /pub/Legal/Cases/Cincinnati_BBSers_v_Hamilton_County

* Stratton Oakmont & Porush v. Prodigy - Update

The Commericial Internet eXchange (CIX) reports that plaintiff Stratton 
Oakmont have, despite winning their case, decided to abandon the lawsuit,
other online service providers.  Prodigy had been building up to an appeal
(and may still need to file one) when Stratton Oakmont made their 
announcement. The CIX report states: "The outstanding question is whether 
the judge will let his adverse court decision stand, remove the decision 
or modify it.  It the judge does leave his decision in place, this could 
the US] in future litigation."
For more background information on this case, see:
ftp.eff.org, /pub/Legal/Cases/Stratton-Oakmont_Porush_v_Prodigy/

* Istook Amendment a Threat to Non-Profits' Free Speech?

Reps. Ernest Istook (R-OK), David McIntosh (R-IN), and Robert Ehrlich (R-MD)
are pushing what some call a censorship measure in the House 
appropriations bill. Istook is also the sponsor or co-sponsor of a lot 
of other questionable legislation, such as the "Personal 
Responsibility", "American Dream Restoration", "Taking Back Our 
Streets", "Family Reinforcement", and "National Security Revitalization" 
Acts of 1995, as well as a proposed amendment to the US Consitution 
allowing career politicians to remain in office longer.

The amendment in question, opposed staunchly by Senators Hatfield (R/OR) 
and Jeffords (R/VT), who wish to keep the amendment out of the Senate 
appropriations legislation., impose serious restrictions on political 
their funds on "advocacy" in the previous five years. This "advocacy" is 
lldefined, and would appear to apply to simply contacting legislators or
audits.  For-profit government contractors are, of course, exempted.

EFF has no position on this legislation at present, and public opinion on 
the measure seems generally somewhat hazy: Is it right for such organizations 
to be getting taxpayers' money in the first place?  And regardless of this,
sn't this maneuver censorious?  After all, real lobbying with federal
activism they can perform.  A not-for-profit organization called 
Children's Defense Fund has issued net-wide action alerts about the 
that the amendment's sponsors "may have subverted their cause when
they were caught FORGING a press release purportedly issued by the bill's
leading opponent, the Alliance for Justice, in order to attack the
Alliance at public hearings."  Your tax dollars at work?

Regardless of one's position on the propriety of funding private foundations
federally-funded non-profits and policy-makers.  One wonders what the 

* Administration *Still* Chants "Voluntary", Forges Onward with Escrow

Despite the fact that documents obtained from the FBI *prove* that the 
US Executive Branch expects to have to try to force Clipper-like key 
"escrow" onto the market, and outlaw other forms of encryption, the Dept. 
of Commerce's National Institute for Standards and Technology, and 
cryptographers, that the plan is intended to be completely voluntary.  

Maybe NIST has a bridge in Brooklyn for sale too?

Sept. 6-7, and again on Sept. 15, NIST hosted "workshops" on key escrow, 
n an effort to cajole industry into supporting a government-access-to-keys
(GAK) scheme dubbed "Clipper 2" by privacy advocates.  The government 
continually stressed the voluntary nature of this scheme. The new 
computing and telecom industry away from Clipper, Capstone and Tessera, 
the Administration's earlier attempts to make encryption 
"wiretap-friendly".  Instead, Clipper 2 simply demands that strong 
encryption keys be "escrowed" with a commercial, non-government escrow agent.

As has been noted before, this is an absolute perversion of the term 
"escrow".  Holding your crypto keys for *you* in case you lose them, or 
for your employer (assuming a work-related key) in the event of your 
to hold *your* keys for the convenience of law enforcement and 
ntelligence convenience is not escrow, but key surrender.

The scheme is fatally flawed in numerous ways, and is not particularly 
voluntary, since export will be denied for non-compliant cryptographic
length is far too short.

Clipper 2's larger plan includes allowing export of crypto with 
key-lengths up to 64 bits - as long as it's escrowed.. This is the carrot 
being held out to entrepreneurs wanting to export software and hardware 
much shorter.

The "workshops" took acceptance of key escrow as a given, and were aimed 
at settling technical issues, such as how to certify escrow agents to 
keep criminal figures out of the business, of NIST's draft FIPS (Federal

Boy, was NIST in for a surprise.  Voters Telecom Watch, and other 
attendees confirm, that at the Sept. 6-7 meetings, industry and public 
nterest groups panned the plan and small working groups setup by NIST to
evaluate the criteria unhappily participated, even openly revolting in 
nterfered with NIST's attempts at having a discussion about the
advocates didn't like the plan.  Therefore discussions of the details
the details and issued a statement condemning the whole ClipperII plan."

meeting was a staged presentation. Nearly every industry representative 
nsisted on proceeding."

Not surprisingly, proceed they did.  The Sept. 15 meeting had a larger 
number of government participants - including NSA employees - to keep 
everyone in line, as it were.

Worse yet, NIST has already announced that it fully intends to issue
Clipper 2 as an official standard.  As with Clipper, to hell with what 
the public says.  The Sept. 15 meeting had little in the way of dissent, 
ssue, and feel (probably correctly) that the government simply doesn't
care what objections they raise.  Some have even come out in support of 
Clipper 2.  Others, like Hewlett-Packard have looked for "alternative" 
containing the encryption algorithms (stronger versions of which could be 
export embargoed), but such proposals do not address the real issue here:
The export restrictions against encryption are unconstitutional.  

EFF hopes to settle this once and for all in court.  The Bernstein v. US 
Dept. of State case, sponsored by EFF to directly challenge the US ITAR 
crypto export restrictions, goes to trial Oct. 20, and will soon be 
followed by a similar lawsuit filed by Phil Karn.

As early as May 1994, NIST testified before Congress that key escrow 
"is meant to be used by both the government and the private sector on a 
n the future".  Somehow, the facts just don't let this statement ring true,
now or then.

On a lighter note, USAF Col. Mike Wiedemer, at the Inst. of Navigation GPS-95
conference, openly advocated widespread civilian use of strong encryption,
citing dangerous security holes in GPS (Global Positioning Systems), 
applications in consumer and industrial goods & services.  Such systems 
may be open to sabotage and surveillance without cryptographic protection.
[Reported in _Aviation_Week_&_Space_Technology_, and _Information_Warfare_.]

More info is available:

ftp.eff.org, /pub/Privacy/Key_escrow/

ftp.eff.org, /pub/Legal/Cases/Bernstein_v_DoS/

ftp.eff.org, /pub/Legal/Cases/Karn_Schneier_export/

ftp.eff.org, /pub/Privacy/ITAR_export/

ftp.eff.org, /pub/Privacy/Clipper/Clipper_FOIA/

Some of the http archives also provide pointers to off-site resources at
EPIC, CPSR, VTW, CDT, and other organizations, as well as 
ndividual-maintained sites that have more information about these topics.

* "Oz Clipper" - Update

Last issue, we reported that an attendee, Ross Anderson, of the Queensland 
U. of Tech. Cryptography Policy and Algorithms Conference in July of this 
year, reports that Steve Orlowski, Assistant Director, Australian 
attorney general's department, stated in a presentation, "the needs of 
the majority of users of the infrastructure for privacy and smaller 
financial transactions can be met by lower level encryption which could 
enforcement agencies could develop the capability to mount such 
encryption products would immediately attract attention to themselves."

Since then, Orlowski has issued a statement counter-criticising 
Anderson's critique.  He corrects an error which EFFector inadvertently
Attorney-General's Department should become a centralised interception 
authority.  In fact such a role would not be consistent with its role as 
a source of advice to Government." 

Orlowski also says that "the paper does not suggest, either directly or 
by implication, that individuals should be banned from using encryption", 
but admits, in effect, that it does suggest that citizens should be 
banned from using strong, uncompromised encryption: "Regarding the 
use of higher level encryption, the paper supports the concept of 
commercial key escrow where organisations hold their own keys but may be 
apply to individuals who could either hold there own keys or store them 

The NIST/NSA lovechild is on the loose globally it would seem.

Orlowski attempts to dodge the issue, saying: "If individuals were to use 
lower level encryption there would be no need for them to maintain copies 
of any keys for ["escrow"] systems.  To my mind this is preferable to a 
could be the result if universal key escrow were introduced."
This is just silly. Who has called for "universal key escrow"?  Even the 
NSA doesn't want that - it's not necessary in even the most paranoid 
ntelligence agent's imagination - weak encryption can already be cracked.
The entire debate is about whether strong encryption should be "escrowed" 
for government convenience.

Fortunately Orlowski's paper is couched in fairly tentative terms, and 
to settle on the crypto issue until 1997.

* FBI Child Pornography Investigation - Update & Key Escrow Tie-in

to 30000) online service users for violation of anti-childporn statutes, 
many (all?) of them apparently users of America Online rather the 
the wake of the Rimm/CMU/Time "CyberPorn" scandal, pointing fingers at 
the Internet.  The investigation appears to be targeting both the posters 
and subsequent downloaders of the illegal materials. This would appear to 
be the first large-scale case in which both alleged posters of child 
nvestigation.  The overall investigation has been elevated to "major
case" status - the highest level - by FBI officials, "who have given the 
financial support, according to FBI records", according to the 
_Cincinnati_Enquirer_.  That financial support has already reached at 
least $250,000 - and the FBI expects it to be "much higher" in the end.
According to _CE_, AOL is not expected to be a defendant, and is 
cooperating with the FBI by laying bare AOL's user records.

The FBI has arrested several dozen US users in the course of its 
nvestigation, ironically dubbed "Operation Innocent Images".  EFF is
aware of no civil liberties violations in the course of the raids and 
arrests, for once.  Maybe the lesson of Steve Jackson Games v. US Secret 
Service are sinking in.  For more info on the SJG case:
ftp.eff.org, /pub/Legal/Cases/SJG/

According to an unconfirmed report from an EFF volunteer from Wyoming, 
one raided suspect, a Wyoming elementary school teacher, committed 

The Electronic Privacy Information Center warns that FBI Dir. Louis 
Freeh stated in an address at the Internationl Cryptography Institute
conference in Sept. that the FBI encountered encrypted material during
the course of the investigation.  Freeh also brought up that a
cryptographically protected files.  Privacy advocates have for some time 
already arrested dozens of people, so their investigation does not appear 
to have been significantly impeded - expect to hear Freeh and others tout 
this "smoking gun" repeatedly in coming months as the Administration pushes 
for "Clipper 2" and other violations of your privacy.

EPIC's report of the Freeh speech also notes:
  The FBI Director characterized encryption as a "public safety"
  issue and stated that the FBI and law enforcement agencies
  around the world "will not tolerate" a situation in which the
  wide availability of encryption may impede those agencies'
  "public safety functions."  While noting that the current U.S.
  government policy is to encourage the "voluntary" adoption of
  key-escrowed encryption techniques, Freeh raised the specter of
  a mandated "solution."  Freeh stressed that the FBI "prefers" a
  "voluntary approach," but likened the encryption issue to last
  year's Digital Telephony debate, where the FBI first attempted
  to achieve voluntary compliance but eventually sought and
  obtained a legislative mandate to assure law enforcement access
  to digital communications.  Freeh indicated that "if consensus
  is impossible" on the encryption issue, the FBI "may consider
  other approaches."

More info on these and other child-porn cases will be archived at:
ftp.eff.org, /pub/Censorship/Pornography/Child_porn/

* International Online Child-Porn "Ring" Target of "Operation Starburst"

Associated Press reports that in July, nine people were arrested in Britain
for child pornography as a result of investigations in "Operation Starburst",
an inquiry launched in Birmingham, England, but targetting suspects as far
away as the US, Hong Kong, Canada, South Africa and Germany.  The 
child pornography distributors on AOL is unclear at present.

* Canadian Prosecutions for Textual & Faked "Child Pornography"

The controversial Canadian anti-child-porn laws, which target even 
fictional and fake representations, visual or otherwise, have already 
child pornography, when he posted to his private BBS a series of images 
n the creation which no child was sexually abused.  Ironically, the
counsel in the case didn't even bother to argue against the claim that 
the computer files in question were illegal. The judge said she certainly 
according to Electronic Frontier Canada.  EFC's Prof. David Jones, who 
evidence and judge for myself. Yup -- it's available down at the court 
makes it available to an even wider segment of the public.  Isn't there 

More recently, Fergus, Ontario, provincial police seized, on Aug. 2, a 
BBS, and charged the two young male system operators with distribution 
of child pornography.  The sysops had allegedly posted a text-only *story* 
card-carrying artists? Is freedom of artistic or literary expression not 
years of courses at an Art College? What are the implications for 

Surrey, British Columbia.  On Aug. 30, charges were finally filed (15-20 
counts of obscenity and child pornography).  After initial indications 
they wanted to proceed by indictment (possibly 2-5 years in jail), the 
(fine up to $2,000; up to 6 months in jail).  If the defendants do not 
ndicates that there's a good chance of the defendants being found
nnocent, due to the child porn laws being "constitutionally defective",
and the arguable fact that BBS distribution of allegedly obscene material 
the AABBS case, where Robert and Carleen Thomas were prosecuted in 
Memphis after Tennessee law enforcement downloaded sexually-explicit 
material from the the Thomases BBS in Calfornia.)

Cases like this hint that libraries carrying classic literature may become
targets of similar prosecutions, if they happen to have copies of 
Nabokov's _Lolita_ on their shelves.  Some suggest that such laws 
counter that no child was harmed in the production of literary 
and faked "child pornogrphy", and that the law is a violation of 
free speech rights.  Legislation similar to the Canadian law is currently 
under consideration in the US legislature.

* Canadian Exon-alike on the Way?

Canadian Minster of Parliament Rey Pagtakhan has introduced a legislative 
motion (M-384) to curb hate and pornography on the Internet.
More information is available at:
[I have not been able to figure out non-URL-form gopher paths for this,
unfortunately. "Traditional" gopher users will just have to surf to
these items directory by directory. - mech]

* Canada & Holland Ratchet-up Privacy

A new study released by The Ontario Information and Privacy Commission,
n collaboration with the Dutch Data Protection Authority (Registratiekamer),
"Privacy-Enhancing Technologies: The Path to Anonymity", recommends that
nternational infosystems standards should take into account the need to
examine whether or not a user's identity is truly requrired for various
dentifiable information should be kept to an absolute minimum, users
dentity, and privacy and data security commissioners should make every
effort to educate about privacy-enhancing technologies, and encourage the
use of security and privacy measures.  Switzerland already seems to be 
following this model (see article below). To obtain a copy of full 
for the report by name.

Additionally, the Canadian Standards Association (CSA) has released a new 
comprehensive review of the development and implementation of privacy 
codes, and it includes the "CSA Model Code" and describes methods for 
mplementation.  The Model Code is based on ten principles, that
the report: Accountability, Identifying Purposes, Consent, Limiting 
Collection, Limiting Use/Disclosure/Retention, Accuracy, Safeguards, 
Openness, Individual Access, and Challenging Compliance. More info about 
the CSA report is available from bankj@csa.mhs.compuserve.com

[Excerpted from EPIC and EFC informational posts.]

* pgp.net - New World-Wide PGP Keyservice

The domain "pgp.net" was registered last year in preparation for
key servers, software distribution sites and so on. The first steps to 
taken over the next few months.  The first additions are for the email
number of different names, none of which are particularly obvious to the
uninitiated.  Worse, many of them are run by students or employees
CERT teams.  Examples include those run by DFN-CERT (Germany), CERT-NL
(Netherlands) and OxCERT (Oxford University).  It is in the best
nterests of the teams that the keyservers be reliable and available.

We have, therefore, set up "keys.pgp.net" as a set of equal-priority MX
keyserver.  It probably doesn't matter which one, as the servers are
available, it should automatically try the other servers until one
the current mechanism.  It is also rather easier for documentation
However, we have also registered sub-domains of pgp.net.
machines for the United Kingdom.  At the moment we have the following

   keys.de.pgp.net      Germany          DFN-CERT
   keys.no.pgp.net      Norway           Univ. of Tromso
   keys.uk.pgp.net      United Kingdom   OxCERT, Oxford
   keys.us.pgp.net      United States    MIT

Large regions, such as the US, will eventually have several servers,
each of which will be the target of equal priority MX records.   We
expect the Netherlands to join in with keys.nl.pgp.net very shortly.

Allocation of key servers to the pgp.net domain is only the first step.
format [.].pgp.net.  This structure allows for local
customization and yet preserves the uniformity and simplicity of the
naming scheme.  For instance, the Web-site www.de.pgp.net would,

So far, only ftp.pgp.net and www.pgp.net have been allocated.   The URL
currently exists and will be kept up to date as the domain becomes more

Expect to see more developments along these lines later this year; all

* Swiss Data Protection Commish Warns About Lack of Security

Reuters news wire reports that, on Oct. 6, Swiss Data Protection 
Commissioner Odilo Guntern, saying he was prompted to speak by the rapid 
nternational or global rules for protection of information that are
legally binding for the Internet beyond national borders...Generally 
there are no obstacles to copying, altering, falsifying or delaying data 
n the Internet...every person who uses the Internet should be fully
aware of the ensuing dangers and risks". The Reuters report says 
Guntern noted that Internet users generally leave behind a data trail 
movements, set up profiles of user habits or even manipulate financial 

* Bulgarian TV Censorship

ClariNet reports that Bulgarian Chief Prosecutor Ivan Tatarchev, and Ivan 
Granitski of the state-controlled television service, plan to take 
fall of communism in Bulgaria in 1989, the two state tv channels "were 
flooded with erotic and violent western films," according to the ClariNet 
article.  An anonymous official is quoted as saying, "Purging the screen 
of programs some consider to be immoral is a complicated process as each 
of these shows involves substantial advertisement contracts with major 
companies."  The decision to censor shows that "promote violence, 
qualify for the dubious honor of this label, was expected to be reached 
n August, but we've receive no futher news regarding these actions.

* Coming Next Issue...

  Commerce Dept. IPWG Report on Online Intellectual Property Meets Resistance
   (was intended for this issue, but delayed for more research)
  Lobbyists Assault Public Govt. Info Online - Update
  Scientology v. Critics - Update
  A Look at Internet Domain Name Fees and Alternatives to InterNIC
  EFC Opposes Bell Canada Trademark on "The Net"
  Arthur Halavais Censored from Internet by Judge
  Minnesota v. the Whole Wide World
  PROFS Case - Update
  Tony Davis Case - Update
  Lorne Shantz Case - Update

...and more of course.

Appearance of articles conditional upon reasearch - if a piece of the 


Subject: Upcoming events

This schedule lists events that are directly EFF-related. A much more 

ftp: ftp.eff.org, /pub/EFF/calendar.eff

Oct. 19 * Library Fair 95: Information Access at the Smithsonian Institution
          Libraries; Smithsonian Ripley Center, Washington DC. Speakers
          include Shari Steele (EFF Staff Counsel)
          Email: libem011@sivm.si.edu

Oct. 20 * Bernstein v. Dept. of State goes to trial; Judge M.H. Patel's 
          courtroom, Federal Building, 450 Golden Gate Ave., San Francisco,
          Calif., 10:30am PST. This EFF-sponsored case challenges the ITAR
          export restrictions on encryption as unconstitutional.

Nov. 3-
     4  * Innovation and the Information Environment Conf.; U. of Oregon
          School of Law, Eugene, Or.  Speakers include Shari Steele (EFF
          Staff Counsel).
          Email: kaoki@law.uoregon.edu


Subject: Quote of the Day

"Technical solutions, such as they are, will only work if they are 
ncorporated into *all* encryption products. To ensure that this occurs,
legislation mandating the use of Government-approved encryption products or
adherence to Government encryption criteria is required."
  - FBI, NSA and Justice Department secret briefing document to the 
    National Security Council, Feb. 1993, "Encryption: The Threat,
    Applications and Potential Solutions", obtained by Freedom of 
    Information Act lawsuit by EPIC.

Find yourself wondering if your privacy and freedom of speech are safe 
the rush to make us secure from ourselves that our government 
Concerned that legislative efforts nominally to "protect children" will 
actually censor all communications down to only content suitable for 
the playground?

Join EFF!

Even if you don't live in the U.S., the anti-Internet hysteria will soon 
be visiting a legislative body near you.  If it hasn't already.


Subject: What YOU Can Do

* The Communications Decency Act & Other Censorship Legislation

The Communications Decency Act and similar legislation pose serious 
threats to freedom of expression online, and to the livelihoods of system 
operators.  The legislation also undermines several crucial privacy 

Business/industry persons concerned should alert their corporate govt.
affairs office and/or legal counsel.  Everyone should write to their own
Representatives and Senators, asking them to oppose Internet censorship 
legislation, and (when the list is available) everyone should write to 
the conference committee members to support the reasonable approaches of 
Leahy, Klink, Cox and Wyden, and to oppose the unconstitutional proposals of
Exon, Gorton and others.  System operators, please see the alert that is
the first article of this issue of the newsletter.

For more information on what you can do to help stop this and other 

ftp.eff.org, /pub/Alerts/

for information to ask@eff.org.

* The Anti-Electronic Racketeering Act

This bill is unlikely to pass in any form, being very poorly drafted, and 
flying colors [the jolly roger?] in the Senate. It's better to be safe 
than sorry. If you have a few moments to spare, writing to, faxing, or 
calling your Congresspersons to urge opposition to this bill is a good 
dea. If you only have time to do limited activism, please concentrate
on the CDA instead. That legislation is far more imminent that the AERA.

* Find Out Who Your Congresspersons Are

Writing letters to, faxing, and phoning your representatives in Congress
s one very important strategy of activism, and an essential way of
making sure YOUR voice is heard on vital issues.

EFF has lists of the Senate and House with contact information, as well
as lists of Congressional committees. (A House list is included in this
ssue of EFFector). These lists are available at:
ftp.eff.org, /pub/Activism/Congress_cmtes/

The full Senate and House lists are senate.list and hr.list, respectively.
Those not in the U.S. should seek out similar information about their
own legislative bodies.  EFF will be happy to archive any such
nformation provided.

try contacting your local League of Women Voters, who maintain a great 

* Join EFF!

You *know* privacy, freedom of speech and ability to make your voice heard
n government are important. You have probably participated in our online
campaigns and forums.  Have you become a member of EFF yet?  The best way to
opinions heard.  EFF members are informed and are making a difference.  Join
EFF today!

For EFF membership info, send queries to membership@eff.org, or send any
message to info@eff.org for basic EFF info, and a membership form.



EFFector Online is published by:

The Electronic Frontier Foundation
San Francisco CA 94117 USA
+1 415 668 7171 (voice)
+1 415 668 7007 (fax)
Membership & donations: membership@eff.org
Legal services: ssteele@eff.org
Hardcopy publications: pubs@eff.org
General EFF, legal, policy or online resources queries: ask@eff.org

Stanton McCandlish, Online Services Mgr./Activist/Archivist (mech@eff.org)

This newsletter is printed on 100% recycled electrons.

Reproduction of this publication in electronic media is encouraged.  Signed
articles do not necessarily represent the views of EFF.  To reproduce
ually at will.

To subscribe to EFFector via email, send message body of "subscribe
effector-online" (without the "quotes") to listserv@eff.org, which will add
you to a subscription list for EFFector.

Back issues are available at:
ftp.eff.org, /pub/EFF/Newsletters/EFFector/

To get the latest issue, send any message to effector-reflector@eff.org (or
er@eff.org), and it will be mailed to you automagically.  You can also get
the file "current" from the EFFector directory at the above sites at any 
time for a copy of the current issue.  HTML editions available at:
at EFFweb.  HTML editions of the current issue sometimes take a day or 
longer to prepare after issue of the ASCII text version.


End of EFFector Online v08 #17 Digest



Steve Gilmore                               
REBEL RIFFS - Makers of Mods for The 1990's!                                                
Compuserve:                                      100431,1102@compuserve.com
BBS:Digital Sound Power, Anthem, Sound and Vision
****                         SUPPORT YOUR LOCAL BBS!                    ****