IP: Nice commentary on recent mischief: Internet Bills Abound in 106th Congress' First Session

[Dave Farber <farber () cis upenn edu>]

> CDT POLICY POST Volume 5, Number 27  November 23, 1999
>
> A BRIEFING ON PUBLIC POLICY ISSUES AFFECTING CIVIL LIBERTIES ONLINE
> from THE CENTER FOR DEMOCRACY AND TECHNOLOGY
>
> CONTENTS:
> (1) Internet Bills Abound in 106th Congress' First Session
> (2) Free Speech
> (3) Privacy
> (4) Wiretapping
> (5) Encryption
> (6) Intellectual Property; Digital Signatures; Online Gambling
> (7) Unfinished Business
> (8) Policy Post Administration
>
>
> _______________________________________________________________________
>
> (1) INTERNET BILLS ABOUND IN 106th CONGRESS' FIRST SESSION
>
> Congress has passed the last funding bills and adjourned until January
> 2000.  As usual, the final few weeks of the session were chaotic.  Here is
> CDT's recap of Congressional activity affecting the Internet, with a focus
> on laws enacted and those left behind over the past few months concerning
> free speech and privacy online.
>
> _______________________________________________________________________
>
> (2)  FREE SPEECH
>
> *  Filtering
>
> Several bills were introduced mandating the use of filtering software in
> schools and libraries receiving federal funding, but none was enacted this
> session. The one that got closest was sponsored by Rep. Ernest Istook
> (R-OK).  It would have required all schools and libraries receiving federal
> funding to filter minors' access to the Internet.  The House of
> Representatives added the Istook language to the bill to fund the
> federal departments of Labor, Health & Human Services, and Education, but
> in response to pressure from CDT and many other organizations and concerned
> citizens, Mr. Istook agreed to drop the language from the final version
> that was approved by the House and Senate.
>
> Similar language is also part of the Juvenile Justice Reform act, which,
> due to unrelated gun control issues, is still stalled in a House-Senate
> conference. A free-standing mandatory filtering bill, S.97, was passed by
> the Senate Commerce Committee, but was never brought before the full
> Senate. Several other similar bills were introduced in both the House and
> Senate, but saw no action. Undoubtedly, there will be further
> efforts to mandate filtering next year.
>
> CDT analysis of Istook language:
> http://www.cdt.org/publications/pp_5.23.shtml#2
>
> CDT statement on S.97: http://www.cdt.org/speech/statement/statement.shtml
>
>
> *  Commission on "Harmful to Minors" Content
>
> The COPA Commission received a new lease on life.  The Children's Online
> Protection Act (COPA) created a Commission to study technological and other
> means to protect children from material online that is harmful to minors.
> The Commission, which has been appointed but never met, was extended for
> one year.  It is expected to conduct hearings and issue a report.  This
> Commission will not be affected by the outcome of the First Amendment
> challenge to provisions of COPA regulating Internet content. CDT filed an
> amicus brief in support of that challenge, which has resulted in an
> injunction against COPA's censorship provisions:
> http://www.cdt.org/speech/090199amicus.shtml
>
> _______________________________________________________________________
>
> (3) PRIVACY
>
> *  Drivers Privacy
>
> In a surprise move, Senator Richard Shelby (R-AL) inserted a provision in
> the transportation spending bill that tightened rules limiting the
> disclosure by states of drivers license information.  Under the new law,
> states accepting federal transportation funds must obtain the express
> consent of a driver ("opt-in") before disclosing (1) the person's
> photograph, social security number, and medical or disability information
> for any purpose (with a few narrow exceptions); or (2) any of the foregoing
> information as well as name or address in response to a request for a
> specific record ("individualized look-up") or for marketing, surveys, and
> solicitations.
>
> The new provisions were enacted as the Supreme Court is reviewing the 1994
> Drivers Privacy Protection Act, which merely required states to offer
> individuals the ability to object -- "opt-out" -- of having their
> information shared.  Lower courts had held the 1994 act unconstitutional as
> an infringement on states' rights, but tying the privacy protections to
> federal highway funds is likely to insulate the tougher provisions from
> future challenge.
>
> *  Financial Privacy
>
> Major bank reform legislation passed without strong privacy protection.
> Instead, the new law includes weaker provisions requiring financial
> institutions to provide individuals with the ability to "opt-out" of the
> disclosure of personal information to third parties where the institution
> has no contract or relation with the third party. The Attorneys General of
> twenty states, and a wide range of privacy and consumer organizations, had
> called on Congress to provide individuals with the ability to control the
> use and disclosure of personal financial information among affiliated
> companies as well as unrelated companies.  Despite the weakness of the
> provisions enacted, the inclusion of any privacy language indicates the
> growing strength of the privacy issue.
>
> Efforts to protect financial privacy will continue next year.  Financial
> privacy bills have been introduced by Reps. Markey and Barton, and Sens.
> Leahy, Bryan, Harkin, Durbin and Feingold.  The Clinton Administration has
> indicated its support for additional legal protections for personal
> financial information.  Also, under the federal bank reform act, states may
> pass laws providing greater protection for personal financial information.
> Also pending in Congress is general Internet privacy legislation, such as
> Sen. Leahy's (D-VT)
> Electronic Rights for the Twenty-First Century Act, and S. 809, the Online
> Privacy Protection Act introduced by Sens. Burns (R-MT) and Wyden (D-OR).
>
> * Health Privacy
>
> Congress failed to meet its self-imposed August deadline to enact
> comprehensive rules to protect the privacy of personal health records, so
> in October the Administration used its authority under the Health Insurance
> Protection and Portability Act of 1995 to propose regulations to protect
> the privacy of electronic health records.  While the proposed regulations
> substantially improved upon the Administration's earlier legislative
> package, they must be strengthened in several important respects.
> Moreover, the regulations
> will have only a limited effect because the statutory authority to issue
> them was limited to electronic records.
>
> _______________________________________________________________________
>
> (4) WIRETAPPING
>
> *  Echelon
>
> The Intelligence Authorization Act included a provision requiring the
> intelligence agencies to submit to Congress a report detailing the legal
> standards under which they conduct electronic surveillance affecting the
> communications of Americans.  The report must be submitted in both
> classified and unclassified form.  It will provide the first public
> accounting since the 1970s of the global eavesdropping of the US government
> and its allies.  For background on the need for a Congressional inquiry
> into the surveillance activities of US government intelligence agencies,
> see: http://www.cdt.org/digi_tele/echelon_signon.html
>
> *  Wiretap oversight
>
> Congress managed to extend until May 2000 the requirement for publication
> of a yearly  report on wiretapping.  This report, issued each April by the
> Administrative Office of the US Courts, is the only information the public
> receives on how many wiretaps the government is performing, at what cost,
> and with what results.  It is the single most important tool for public
> oversight and accountability of the wiretap laws.  The reporting
> requirement was due to terminate in December as the result of a 1995 law
> intended to save money on government reports.  As the result of a small
> provision in the omnibus appropriations bill, it gets a 6 month reprieve.
> Efforts to permanently reauthorize the report will continue in January.
>
> *  Wireless location information
>
> The Wireless Communications and Public Safety Act of 1999 was enacted.  The
> main purpose of the bill was to give a boost to the implementation of 911
> as the national emergency services number for wireline, cellular and other
> wireless phones, but the bill contains an important privacy provision.
> Section 5, which originated with Rep. Ed Markey (D-MA), prohibits carriers
> from disclosing location information for commercial purposes without
> express customer approval.  In effect, the amendment made it clear that
> location information was covered by the so-called CPNI rules, the rules
> adopted under the 1996 Telecommunications Act to protect "customer
> proprietary network information."  However, location information may still
> be turned over to the government without a full Fourth Amendment warrant.
>
> _______________________________________________________________________
>
> (5) ENCRYPTION
>
> The Security and Freedom through Encryption (SAFE) Act, which would lift
> most export controls on strong encryption, was reported by 5 Committees in
> the House, but a vote by the full House was postponed in September when the
> Clinton Administration announced plans to substantially revise encryption
> policy.  Each of the five House Committees had approved a different version
> of the bill: three approved its export reform provisions, while two adopted
> gutting amendments.
>
> On November 22, the Administration began circulating draft regulations
> lifting many export controls in fulfillment of its September promise of
> reform.  If the final regulations adequately lift export controls, Congress
> is unlikely to bring up the SAFE Act.  A vote on SAFE in the full House
> would be a battle royale, as some members of Congress would offer
> amendments to preserve the export controls or promote backdoor key recovery
> systems.  A fight on SAFE would also set up a fight over government access
> to sensitive keys and other decryption information, the start of a complex
> debate over the future  of the Fourth Amendment in cyberspace.
>
> SAFE Act background and analysis: http://www.cdt.org/crypto/legis_106/SAFE/
>
> Administration's new policy: http://www.cdt.org/crypto/admin/
>
> _______________________________________________________________________
>
> (6) INTELLECTUAL PROPERTY; DIGITAL SIGNATURES; ONLINE GAMBLING
>
> *  Domain Names
>
> The omnibus budget bill passed by Congress included language to prevent
> "cybersquatting," the practice of fraudulently registering desirable domain
> names. The provisions would impose up  to $100,000 in civil liability for
> the "bad faith" registration of  domain names. The final version also
> includes language added in the House that creates liability for the
> registration of a domain name that is the name of an existing person in
> order to profit from the sale of the domain. The provisions have garnered
> criticism from free speech advocates and others who fear they will chill
> speech by small web site operators and could undermine the dispute
> resolution policies being established by the new international domain name
> organization, ICANN.
>
> *  Digital Signatures
>
> On its final day before adjourning for the year, the Senate approved
> digital signature legislation designed to give electronic contracts the
> same force of law as those made with paper and pen. The legislation
> establishes a federal framework for accepting digital signatures and other
> forms of electronic authentication within the context of contract law,
> normally a province of state government. Versions of the bill had prompted
> outcries from consumer groups and opposition from the White House, based on
> concerns that the bill would preempt many state consumer protections. The
> Senate bill appears to have removed many of the most controversial
> provisions of concern to consumer advocates, including those eliminating
> certain existing notice requirements.
>
> Earlier in the fall, the House passed its own version of the bill, which
> will have to be reconciled with the Senate bill when Congress returns in
> January.
>
> * Internet Gambling
>
> On its final day in town, the Senate also approved a bill banning most
> forms of Internet gambling. S.692 would make it a crime for those engaged
> in a gambling business to use the Internet to place wagers and for
> other activities. Exceptions are made for certain fantasy sports leagues,
> lotteries, and closed circuit horse and dog racing.  The bill would also
> prohibit online advertising for some legal gambling, including
> casinos.
>
> The Senate language removes some of the troubling provisions of earlier
> bills that would have forced ISP's to police Internet content by making
> them liable for Internet gambling traffic they carry. However, new
> take-down policies and other requirements would still be imposed on ISPs in
> order to be exempt from liability.
>
> The House is expected to take up its Internet gambling bill, H.R. 3125,
> when it returns this winter.
>
> _______________________________________________________________________
>
> (7) UNFINISHED BUSINESS
>
> Congress took no action on spam, medical records privacy, or general online
> privacy.  Bills remain before Congress that would regulate unsolicited
> email, ban online alcohol sales, and ban online gun sales.
>
> Congress also took no action on a variety of bills addressing the
> deployment of broadband Internet access services.  Among the bills are
> proposals that would variously (a) require cable companies to permit
> unaffiliated ISPs to offer cable modem service, (b) prevent the FCC from
> imposing such a requirement, (c) remove constraints on the ability of
> incumbent local telephone companies (such as Bell Atlantic) from offering
> interstate data services (including Internet backbone services), and (d)
> encourage the deployment of broadband services in rural communities.
>
> For more background information about many of these legislative efforts,
> visit CDT's Legislation Page online at http://www.cdt.org/legislation
>
> _______________________________________________________________________
>
> (8) POLICY POST ADMINISTRATION
>
> To subscribe to CDT's Policy Post list, send mail to majordomo () cdt org
> In the BODY of the message type "subscribe policy-posts" without the quotes.
>
> To unsubscribe from CDT's Policy Post list, send mail to majordomo () cdt org
> In the BODY of the message type "unsubscribe policy-posts" without the quotes.
>
> Detailed information about online civil liberties issues may be found
> at http://www.cdt.org/
>
> This document may be redistributed freely in full or linked to
> http://www.cdt.org/publications/pp_5.27.shtml.
> Excerpts may be re-posted with prior permission of ari () cdt org
>
> Policy Post 5.27 Copyright 1999 Center for Democracy and Technology