Electronic Privacy Information Center

About: Electronic Privacy Information Center is a nonprofit organization based out in Washington D.C., District of Columbia, United States. It is known for research contribution in the topics: Privacy law & Privacy policy. The organization has 7 authors who have published 12 publications receiving 423 citations.

Technology and Privacy: The New Landscape

Abstract: From the Publisher: Privacy is the capacity to negotiate social relationships by controlling access to information about oneself. As laws, policies, and technological developments increasingly structure our relationships with social institutions, privacy faces new threats and new opportunities. The essays in this book provide a new conceptual framework for analyzing and debating privacy policy and for designing and developing information systems. The authors are international experts in the technical, economic, and political aspects of privacy; the book's particular strengths are its synthesis of these three aspects and its treatment of privacy issues in Canada and in Europe as well as in the United States.

The Electronic Privacy Papers: Documents on the Battle for Privacy in the Age of Surveillance

Abstract: Partial table of contents: PRIVACY AND THE INFORMATION SNOOPERHIGHWAY Roadblocks on the Information Superhighway WIRETAPPING Overview of Wiretapping LOBBYING FOR SURVEILLANCE: THE DIGITAL TELEPHONY PROPOSAL Digital Telephony: The Public Response CRYPTOGRAPHY Cryptography: The Cure for the Common Bug THE BATTLE FOR CONTROL OF CRYPTOGRAPHY Early Skirmishes The Clipper Chip Proposal Clipping the Clipper: Public Response to Desktop Surveillance PUTTING THE GENIE BACK IN THE BOTTLE: EXPORT CONTROLS ON CRYPTOGRAPHY Atom Bombs, Fighter Planes, Machines Guns, and Cryptography: Export Controls BIG BROTHER AS THE KEEPER OF THE KEYS: WILL THE GOVERNMENT TAKE OVER CRYPTO? Banning Cryptography Software Key Escrow Epilog Bibliography of Books and Articles on Wiretapping and Cryptography Index.

Crypto policy perspectives

Abstract: 0 n April 16, 1993 the White House announced the Escrowed Encryption Initiative, \" a voluntary program to improve security and privacy of telephone communications while meeting the legitimate needs of law enforcement. \" The initiative included a chip for encryption (Clipper), to be incorporated into telecommunications equipment, and a scheme under which secret encryption keys are escrowed with the government; keys will he available to law enforcement officers with legal authorization. The National Security Agency (NSA) designed the system and the underlying cryptographic algorithm SKIPJACK, which is classified. Despite substantial negative comment, 10 months later the National Institute of Standards and Technology approved the Escrowed Encryption Standard (EES) as a voluntary federal standard for encryption of voice, fax, and computer information transmitted over circuit-switched telephone systems. Underlying the debate on EES are significant issues of conflicting public needs.' Every day, millions of people use telephones, fax machines, and computer networks for interactions that used to be the province of written exchanges or face-to-face meetings. Private citizens may want to protect their communications from electronic eavesdroppers. Law enforcement seeks continued access to criminals' communications (under legal authorization). In order to compete in the global marketplace, U.S. manufacturers want to include strong cryptography in thei, products. Yet national security interests dictate continued access to foreign intelligence. Both the EES and the controversy surrounding it are but the latest and most visible developments of a conflict inherent in the Information Age. Electronic communication is now an unavoidable component of modern life. Many times a day people transmit sensitive data over insecure channels: reciting credit card numbers over cellular phones (scanners are ubiquitous), having private exchanges over email (Internet systems are frequently penetrated), charging calls from airports and hotel lobbies (our personal identification numbers-PINS-are easily captured). The problem is magnified at the corporate level. For several years in the 1970% IBM executives con-ductcd thousands of phone conversationa about busincsa on the company's private microwave network-and those conversations were systematically eavesdropped on by Soviet intelligence agents. IBM's situation is not unique. Weak links exist throughout electronic communications, in networks and in distributed computer systems. Often the vulnerability of communications allows system penetration. Computer systems can he a weak link. Deceptive communication, can easily undermine users' confidence in a system. For example, a group of students at the University of Wiscon-sin forged an email letter of resignation from the director of housing to the chancellor …

Electronic privacy legislation in the United States

Abstract: The emergence of the National Information Infrastructure has raised concern about privacy protection in the United States. This is not surprising. Communication networks require privacy protection as public roads require safety. For a variety of reasons, it appears unlikely that the United States will develop adequate legal safeguards in the next few years for users of the information infrastructure. Good legislative schemes for communications privacy have been put forward in Japan, Europe, Canada, and several states in the United States (e.g., New York). Still, any system of national law will provide only partial protection for users of an international communications network. Therefore, the Internet community should develop a privacy policy, recognizing the special needs and practices of Internet users. This article outlines preliminary considerations for such a policy.

Enforcing Privacy Rights: Class Action Litigation and the Challenge of cy pres

Abstract: The enforcement of rights is a critical requirement of privacy law. Absent actual enforcement, there is little meaningful incentive for companies to comply with privacy requirements. Enforcement also helps to ensure that the individuals whose privacy is placed at risk are fairly compensated. In matters involving a large number of consumers, providing a remedy to all users affected by a company’s practice is difficult and often times inefficient. For this reason, courts in the US provide for “class action litigation”, lawsuits brought on behalf of a large number of individuals in similar circumstances. The theory is that it is more efficient to merge all of the individual suits that might otherwise be brought. But class action litigation has its own shortcomings. Attorneys who represent the class members frequently settle these cases with the companies and agree to terms that provide benefits to the company, such as eliminating the possibility of all future lawsuits, and sacrifice the benefits that the individuals who they purport to represent might otherwise achieve. US courts are sensitive to the problem of collusion between the lawyers in class action settlements and have increasingly scrutinised these agreements to ensure that the settlements protect the interests of class members and are consistent with the purposes for which the lawsuit was brought. In the area of consumer privacy, the problem is particularly serious with class action attorneys increasingly trading the privacy rights of Internet users for their own private benefit. As a consequence, US consumer privacy organisations are challenging the settlements and turning to the Federal Trade Commission and others to block their adoption. In this article, the authors recommend that the US courts continue to closely scrutinise these agreements for fairness to the class members. Regarding the allocation of funds from such settlements, the authors propose that courts adopt objective criteria to ensure that the monies will be distributed for purposes that serve the interests of the class and are consistent with the reason for the litigation. The authors contend that these factors are the fundamental requirements for cy pres allocations.