A Briefing On Public Policy Issues Affecting Civil Liberties Online
from
The Center For Democracy and Technology
(1) Vital Digital Issues Likely To Be On Congress' Agenda
(2) 2001-02 Saw Momentous Legislation Affecting Digital Privacy, E-gov
The 108th Congress, which began its business this week, will face a wide array of issues affecting the Internet. As in past years, it is likely that hundreds of Internet-related bills will be introduced. They will run the gamut from those that would advance privacy and the principle of user control to those that will pose threats to openness and other civil liberties online. It is impossible to predict what will be enacted before Congress adjourns in 2004 just before the presidential election, but here is CDT's overview of some key issues likely to receive serious consideration. We also take a look back at the 107th Congress (2001-02), when landmark legislation was enacted.
A critical debate resumes in Congress about how to protect copyrighted material in the new digital media -- a debate that could define how Americans watch TV, listen to music, and use their computers for years to come. Last year, the proposals - none of which passed - ranged from the Hollings bill on digital rights management, to the Berman bill on peer-to-peer file sharing, to the Boucher proposal to amend parts of the Digital Millennium Copyright Act (DMCA). Rep. Rick Boucher (D-VA) has already reintroduced his DMCA bill this week (H.R. 107).
For more on these issues: http://www.cdt.org/copyright/.
There have been rumblings about a PATRIOT Act II, which could propose further expansions of government surveillance power. Meanwhile, Congress should be pursuing oversight of the first PATRIOT Act. Much of the implementation of that law, particularly as it affects privacy, is shrouded in secrecy and gag orders.
Congress also should have its hands full overseeing creation of the new Department of Homeland Security (DHS). The House Republican leadership has announced a new select committee for oversight of homeland security issues. CDT is urging the Administration and Congress to immediately begin setting out privacy guidelines and oversight mechanisms to ensure that the new department's data analysis activities are focused, controlled and accountable, both for effectiveness in preventing terrorism and for the protection of civil liberties.
Sen. John Edwards (D-NC) has proposed creating a new domestic intelligence agency to take over the FBI's duties to collect intelligence within the United States. Sen. Edwards has emphasized that particularly intrusive investigations by such an agency should be subject to special controls.
The question of a national ID card will come up in the context of proposals to standardize features of state drivers' licenses, which will be debated in a bill reauthorizing federal highway funding.
Sen. Edwards' views on the topic: http://edwards.senate.gov/speeches/2002/homeland_12-18.html CDT's recent Policy Post on DHS: http://www.cdt.org/publications/pp_8.28.shtml. Resources on terrorism issues: http://www.cdt.org/security/010911response.shtml
The US still lacks baseline federal legislation to protect consumer privacy. Online and offline privacy issues are expected to come up in the course of the reauthorization fight over the 1996 amendments to the Fair Credit Reporting Act, which sunset at the end of 2003. Sen Richard Shelby (R-AL), incoming chairman of the Banking Committee, has said that he favors stronger privacy protections for financial data and opposes preemption of state laws. Sen. John McCain (R-AZ), chairman of the Senate Commerce Committee and author of an opt-out proposal in 2000, is also expected to address privacy issues, beginning with possible hearings this year.
A landmark e-government law was enacted last year (see below), but it failed to address gaps in Congress' own online resources. In 2003, there may be a move to put more Congressional material online.
More on access to government information online: http://www.cdt.org/righttoknow/
Once again, the last Congress failed to pass spam legislation, even though bills were approved at the committee level in both House and Senate. The "Controlling the Assault of Non-Solicited Pornography and Marketing" Act (the "CAN-SPAM" Act or S. 630) sponsored by Senators Conrad Burns (R-MT) and Ron Wyden (D-OR) passed out of the Senate Commerce Committee in May 2001 and the Unsolicited Commercial Electronic Mail Act (H.R. 718), sponsored by Rep. Heather Wilson (R-NM), was reported by both the Commerce and Judiciary Committees in the House, but neither received Floor consideration. The Direct Marketing Association announced in October 2001 that it would support federal anti-spam legislation as a method of helping legitimate marketers.
Other issues range from the Internet tax moratorium to virtual child pornography, identity theft, online gambling, and Internet censorship in repressive regimes. A bill introduced this week by Senate Democrats, the Justice Enhancement & Domestic Security Act (S. 22), includes provisions on child pornography online and provisions designed to protect against misuse of Social Security numbers and mitigate the harm to individuals victimized by ID theft.
The most momentous piece of legislation adopted by the last Congress (2001-02) was the USA PATRIOT Act, signed into law on October 26, 2001. The Act dismantled many privacy protections for communications and personal data.
Resources on the PATRIOT Act and other anti-terrorism measures can be found at http://www.cdt.org/security/010911response.shtml.
For a journalistic account of the passage of the PATRIOT Act , see "Six Weeks in Autumn," by Robert O'Harrow, The Washington Post Sunday magazine, Oct. 27, 2002 http://www.washingtonpost.com/wp-dyn/articles/A1999-2002Oct22.html
Nearly as important, the Homeland Security Act signed by President Bush on November 25, 2002, created the new Department of Homeland Security (DHS) and granted it momentous responsibilities and powers. The DHS, which comes into existence on January 24, will consolidate 22 separate agencies into a new Cabinet department with 170,000 employees. It will have wide-ranging authority to compile, analyze, and mine the personal information of Americans.
CDT's December 13, 2002, Policy Post on the Homeland Security Act: http://www.cdt.org/publications/pp_8.28.shtml.
The E-Government Act of 2002 includes an innovative and potentially far-reaching provision requiring federal government agencies to conduct privacy impact assessments before developing or procuring information technology or initiating any new collections of personally identifiable information.
CDT's November 21, 2002 Policy Post on the E-Gov Act: http://www.cdt.org/publications/pp_8.25.shtml.
The Cyber Security Enhancement Act, incorporated into the homeland security bill, includes a provision undermining privacy online by greatly expanding the ability of ISPs to "voluntarily" disclose information government officials. (Sec. 225.) Under the provision, the contents of email messages or instant messages can be given to any government official without a court order in an "emergency" even when there is no factual basis stated for the emergency and there is no imminent threat of injury.
CDT's more detailed analysis of the Cyber Security Enhancement Act is online at http://www.cdt.org/security/homelandsecuritydept/021210cdt.shtml.
A law was passed mandating creation of a ".kids" space within the ".us" Internet domain. Content in ".kids.us" is required to be age appropriate for children under the age of thirteen, and linking to domains outside ".kids.us" is prohibited. CDT and others raised serious questions about ".kids.us" as increasing government involvement in setting online content standards.
The text and legislative history can be found at http://thomas.loc.gov/cgi-bin/bdquery/z?d107:h.r.03833:
For CDT's position: http://www.cdt.org/dns/020912dotkids.shtml.
Detailed information about online civil liberties issues may be found at http://www.cdt.org/.
This document may be redistributed freely in full or linked to http://www.cdt.org/publications/pp_9.01.shtml.
Excerpts may be re-posted with prior permission of ari@cdt.org
Policy Post 9.01 Copyright 2003 Center for Democracy and Technology
