Computer underground Digest Sun Jan 22, 1995 Volume 7 : Issue 05 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe Retiring Shadow Archivist: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Copy Reader: Laslo Toth CONTENTS, #7.05 (Sun, Jan 22, 1995) File 1--WIRED letter in re "HOPE" Conference File 2--Cu Digest, #7.04, File 3--The InterNewt File 3--Some Comments on Copyright from Legal Bytes File 4--DOJ Computer Siezure Guide Lines File 5--FEDGOVT>NII Security Issues Forum Public Meetings File 6--Cu Digest Header Information (unchanged since 25 Nov 1994) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. ---------------------------------------------------------------------- Date: Fri, 20 Jan 1995 01:44:55 -0800 From: Emmanuel Goldstein Subject: File 1--WIRED letter in re "HOPE" Conference When WIRED told me they were going to print my letter in response to their wretched review of the Hackers On Planet Earth conference, I had no idea they were going to cut so much of it out, including some of the most important points. So here it is in its entirety with permission to reprint and repost anywhere. * indicates those sections that were deleted from WIRED (February issue). 10/31/94 Rants & Raves Wired PO Box 191826 San Francisco, CA 94109-9866 At first glance, Charles Platt's review of the Hackers On Planet Earth conference (Wired 2.11, page 82) appears to be a parody of itself. Here is an article that makes fun of journalists attending the conference searching unsuccessfully for criminals that is written by someone who is genuinely disappointed at not finding any crime. But it doesn't take long to realize that Platt takes his judgmental little discourse very seriously and, like so many before him who have attempted to cover the hacker world, he just doesn't get it. * Platt is perplexed by the fact that hackers are trusting * individuals who are open to diverse opinions, such as those set * forth by former CIA operative Robert Steele. Only a very limited * and narrow view of this segment of society would result in * Platt's righteous indignation that we don't act like the * criminals he imagines us to be. Perhaps ten years ago this * Geraldo outlook would have been understandable but now that we're * halfway through the nineties, the readers of Wired deserve a bit * more than the chance to watch Charles Platt discover what color * the sky is. * The article is filled with hints of things being not quite right * in the hacker world although Platt can never seem to put any of * his fingers directly upon the problem. Is it the material we * publish in 2600? Platt seems to disapprove of our motives, saying * that we print "a lot more answers than questions" and that my * "air of innocence doesn't jibe with the attitude and content" of * the magazine. As a forum for hackers, it wouldn't be quite right * if we stopped in our tracks every time there was the chance of * someone's moral sensibilities being offended. And so we answer as * many questions as we can. As for my having an air of innocence, I * suppose I have one because I don't feel guilty of anything, * despite Platt's crazy allegation that I'm constantly looking over * my shoulder, expecting to be arrested at any minute. If I was * really doing that, then it would sort of deflate the "air of innocence" * accusation, now wouldn't it? It's rare to be condemned for being * guilty and innocent at the same time but, in this article, * nothing short of an accurate fact would surprise me. Platt strongly implies that 2600 corrupts people by providing a forum for hackers, an accusation I find offensive and typical of those sensationalist reporters who will concoct any fact to sell a story. 2600 provides a vital service to people who are curious * as well as a means of diseminating information for people who * wouldn't be able to reach an audience otherwise. Referring to our * meetings as "2600 franchises" is the same height of stupidity * that the federal government resorts to when they accuse us of * engaging in conspiracies at each and every one of our * get-togethers. If Platt had bothered to do some research, he * would have found that these "franchises" are loosely knit groups * of people throughout the world who share a common interest. It's * got nothing to do with profit, big business, or the "growth * industry" that Platt defines us as being. * On a personal level, Platt seems especially enthralled by the * fact that I use more than one name; he latches onto this fact as * if it's the evidence he needs to prove the point he never makes. * (Even the subtitle of the article - "Wired... discovers who * Emmanuel Goldstein really is" - points to the importance of this * "revelation".) The fact is that I've never made my use of * multiple identities a secret - I strongly believe in the right to * choose whatever name suits you. What's particularly ironic here * is that Platt would probably have missed this little fact if I * hadn't TOLD HIM about it in the first place! Too bad, Platt - you * missed the real sinister subplot here: Hacker Editor Seeks to * Discredit Self. * Charles Platt found me to be "one of the most evasive human * beings" he ever attempted to interview. I am honored. But, in all * fairness, when one is organizing and running a conference, there * isn't an abundance of time to do one on one interviews. We tried * to accomodate Mr. Platt (an hour long interview and answers to * all of his follow-up questions) but he wanted us to focus all of * our attention upon him and walk him through the entire hacker * world. There were reporters from dozens of countries in * attendance. Even if we believed Platt's repeated assertion that * his Wired article was more important and would get us tons of * publicity, we didn't believe such preferential treatment was fair * to anybody. Wired people requested - and received - more free * passes to HOPE than any other organization - it was our * assumption that with 1400 people to talk to and so many * reporters, you folks would have been able to piece a semi- * accurate story together. * It's too bad Mr. Platt defined HOPE as being "very bland", * "lame", and "devoid of subversive content". Perhaps this is why * he saw fit to disrupt a lively seminar on cryptography by * repeatedly shouting "Where's the crime? We're here to see crime!" * while chugging a Zima. I'm completely unmoved by his dismay * because anyone with such a narrow view of the hacker world is * clearly incapable of ever appreciating it. Of all those in attendance, the vast majority were captivated by something or someone at some time during the conference. The rather simple moral here is that if you spend all of your time looking for things that don't exist, you'll wind up being very disappointed. It's too bad Wired readers were robbed of the chance to see the significance of the largest hacker event in history. Emmanuel Goldstein emmanuel@well.sf.ca.us (HOPE co-organizer and 2600 editor) ------------------------------ Date: Fri, 20 Jan 95 08:54 MST From: @netmgr.cso.niu.edu:larry@ambient.UUCP (Larry Mulcahy) Subject: File 2--Cu Digest, #7.04, File 3--The InterNewt Why does this venemous screed deserve to be in CUD? In it, Batterson only makes personal attacks against right wing figures, saying nothing about issues. Newt Gingrich is to be congratulated for his efforts to open up the proceedings of congress to Internet access. Numerous CUD articles have called for this step. The following article describes the "thomas" www site. WASHINGTON--People worldwide will be able to plug into the workings of Congress through the Internet in a new system House Speaker Newt Gingrich called "a participatory dialogue on self-government." The new computer system, which provides a wide range of information about US laws and lawmakers through the Library of Congress, is named "Thomas" in honor of Thomas Jefferson. It was unveiled at a news conference Thursday by Gingrich, Librarian of Congress James H. Billington and Rep. Bill Thomas (R-Calif.) chairman of the new Committee on House Oversight. Gingrich, arrived late following a White House meeting with President Clinton, but clearly stole the show at the Library of Congress event as photographers in the packed room snapped him ceaselessly. Bubbling with enthusiasm for the new computer system, Gingrich said, "There is a pervasivel cynicism to the culture of Washington which, fortunately, does not exist for the rest of the country." "Because knowledge is power," Gingrich said, the system will shift the balance of power "toward the citizens and out of the Beltway." The new congressional system is available free of charge to users of the Internet, the global network that links 2.2 million computers at universities, corporations, government agencies and homes and is used by more than 20 million people. The "Thomas" system includes full texts of bills from the last Congress; the House's "Gopher" system, which has directory information for lawmakers and committees, committee hearing schedules, House floor schedules and visitor information; a text of the new Republican-proposed changes in House procedures that lawmakers approved Wednesday and early Thursday,and other materials. By the end of the month, the Library of Congress will begin to make available to the system full texts of bills from the new Congress. Future materials to be offered include full texts of the Congressional Record and the Congressional Research Service's Bill Digest, a file containing summaries and chronologies of legislation. These materials will "enable the American public to search more easily for legislation and to understand more fully the lawmaking process," said Billington. The system is "easy to use, and its search capabilities are unique," he said. The new system will not compete with commercial computer services, which will be able to repackage the congressional material, the Library of Congress said in a statement. Gingrich drew applause when he said that while the federal budget must be balanced, funding for the congressional library--the world's largest with 16 million books--should be increased. "We should strive to make it easy for every scholar to interact electronically," Gingrich said. "The right challenge is to start moving forward." (NOTE: If you have access to the World-Wide Web, "Thomas" is at http://Thomas.loc.gov/.) ------------------------------ Date: Tue, 20 Dec 1994 14:04:56 -0600 (CST) From: pkennedy Subject: File 3--Some Comments on Copyright from Legal Bytes ((MODERATORS' COMMENT: The follow is reproduced from Legal Bytes, Vol 2, Number 2(Fall-Winter), 1994. Legal Bytes info: David H. Donaldson, Jr., Editor-in-Chief <6017080@mcimail.com> Peter D. Kennedy, Senior Editor Laura Prather, Contributing Editor ================================ 2. COPYRIGHT AND JOINT AUTHORSHIP Along with protecting solo inspirations, the Copyright Act also protects works created by two or more authors working together. Like joint owners of real estate, each "joint author" has all the rights and powers of a sole author, including the right to copy, display, perform, and create derivative works, and the power to transfer that right to others. What does it take to become a joint author of a work? The Copyright Act defines a joint author's work as "a work prepared by two or more authors with the intention that their contributions be merged into inseparable or interdependent parts of a unitary whole." The Act doesn't define, however, *how much* of a contribution it takes to become a "joint author." Melvin Nimmer, a revered scholar of copyright law, is credited with originating a concept, adopted by many courts, that resulted in a relatively low threshold of joint authorship. Nimmer's formulation was a "de minimis" demarcation line requiring that "more than a word or line must be added by one who claims to be a joint author" -- but perhaps not much more. As long as one made more than a *de minimis* contribution to a copyrighted work, the contributor qualifies as a joint author even if his or her contribution itself would not be copyrightable, standing alone. Recently, however, federal courts have reexamined the joint authorship issue and turned away from Professor Nimmer's formulation. The Seventh Circuit Court of Appeals (covering Wisconsin, Illinois and Indiana) in a case called ERICKSON v. TRINITY THEODORE, INC., 13 F.3d 1061 (7th Cir. 1994), spurned Nimmer's test for a younger, more attractive one proposed by Professor Jack Goldstein. Professor Goldstein's approach reasons that before claiming to be a "joint author," a collaborator ought to show that he or she could be an "author" based on his or her contribution to the work. That is, the collaborator's contribution, standing alone, must qualify as an original, copyrightable "work of authorship" before the collaborator is given the potentially valuable and powerful status of a joint author. The Seventh Circuit decided that Professor Goldstein's test better balanced society's interest in promoting creativity, on the one hand, with the free exchange of ideas on the other, and adopted it. The court stated that authors who merely consult others for ideas, reactions, editing or criticism (contributions that are not typically copyrightable taken alone) should be protected from claims of joint ownership by such contributors. The court reasoned that if mere suggestions, ideas or criticism could create joint authorship, the title of the copyright in the final work might remain fuzzy and subject to challenge. The Seventh Circuit (always attuned to the economic effects of legal rules) concluded that such uncertainty of title would affect the commercial value of such works and ought to be minimized. The Seventh Circuit did not leave collaborators completely without rights: collaborators can realize the value of their contributions through contractual agreements, which can be used to compensate persons who make valuable, but perhaps not copyrightable, contributions to a work. But the court decided that copyrights -- government-created and protected rights -- will not be casually granted to secondary collaborators. A good illustration of this shift in the willingness of courts to recognize joint authorship is the recent case of BALKIN v. WILSON, decided by a trial court in Michigan. (The opinion can be found on Westlaw at 1994 Westlaw 518849, No. 4-94-CV-35 (W.D. Mich. September 20, 1994). Two professors, Balkin and Wilson, worked on a project called "Literacy News: Breaking the Language Barrier Through Songs." Balkin wrote songs and Wilson wrote teachers' manuals to be used with the songs. Wilson provided ideas and input on the songs' content, claiming to have discussed with Balkin 70% of them, but he didn't write any music or lyrics. While the project was never completed, Balkin gave Wilson tapes of the songs. Wilson copied the tapes and sold many of them to his students and others. Balkin registered a copyright in the songs, and sued Wilson for an accounting of the money he made on the songs, claiming that it was Balkin who had the exclusive right to copy and sell the tapes. Wilson argued that he was a joint author, which would give him equal rights to copy and sell the tapes. Wilson admitted that his *ideas* and *discussions* with Balkin about the songs were not copyrightable but he claimed that his contribution to the final songs was more than "de minimis" -- enough to make him a joint author (at least under Professor Nimmer's test). The district court agreed with the Seventh Circuit, though, and used Professor Goldstein's "independently copyrightable" approach instead. Because the ideas and concepts that Wilson contributed were not independently copyrightable, the court held that Wilson did *not* have the right to copy and sell the tapes as a joint author. Collaborators like Wilson, the court said, must look to contractual agreements, not copyright law, to be compensated for their contributions. As these cases show, Professor Goldstein's approach is appealing for two reasons: First, it protects authors and those who deal with them from the uncertainty of joint authorship claims based on perhaps exaggerated opinions of the value of criticisms or contributions. Second, it provides more certainty to the definition of joint authorship because it incorporates the already well-defined concept of "copyrightability." Courts can now simply look to the law of copyright to determine whether a collaborator's contribution entitles him or her to joint authorship status, rather than try to define and apply an inevitably subjective level of "de minimis-ness." If the collaborator could have independently copyrighted the contribution that was incorporated into the work in question, he or she can claim joint ownership -- otherwise, copyright law provides no remedy, and collaborators need to protect themselves in other ways. ___________________________________________________________________ 3. DOING THE NON-LITERAL INFRINGEMENT TWIST Software companies have faced two major hurdles in figuring out whether copyright laws protect their creations. The first hurdle has been crossed: software has been declared to be more than a "useful article" (which would not be protected by the Copyright Act), but it can be an "original work of authorship" entitled to legal protection. There is no longer any question that the *literal* elements of computer program -- the source code and object code -- can be copyrighted just like books. The second hurdle is still being crossed: whether, and to what extent "non-literal" elements of software are also copyrightable. These non-literal elements include the program architecture, structure, sequence and organization, operational modules, and computer-user interfaces (the "look and feel" of software). This far more complicated question is still being hashed out in the federal courts. Until recently, computer software companies who work (and may end up in court) in territory covered by the U.S. Court of Appeals for the Fifth Circuit (which includes all of Texas, Louisiana, and Mississippi) have faced real uncertainty in how the Fifth Circuit would react to claims of non-literal infringement -- where a party claims its software's copyright has been infringed, not by literal copying of code, but by mimicking its non-literal elements. In 1987, the Fifth Circuit had apparently indicated that it would recognize only a narrow breed of non-literal infringement, if at all. In a case called PLAINS COTTON COOP. ASS'N v. GOODPASTURE COMPUTER SERV., INC., 807 F.2d 1256 (5th Cir.), cert. denied, 484 U.S. 821 (1987). The Fifth Circuit considered the claim of an employer who owned a mainframe software program that facilitated bidding on cotton orders. An employee had left Plains Cotton, formed a new company, and created a very similar software program for a PC platform. Despite many similarities between the two programs' user interfaces and approaches to the data, the Fifth Circuit held that there was insufficient evidence of copying of *copyrightable* material, and reversed a temporary injunction that had issued against the ex-employee's new company. The Fifth Circuit's PLAINS COTTON decision was made before several other federal courts had developed and begun using the "abstraction-filtration-comparison" approach to analyze claims of non-literal infringement. This analysis is generally considered to provide far more protection for non-literal aspects of computer programs than the Fifth Circuit's approach in PLAINS COTTON. See Legal Bytes, Vol. 1, Number 1 ("When is a Computer Program a Copy?"). The Fifth Circuit has now not only shed a remnant of nineteenth century thinking, but has forged ahead on the cutting edge of copyright protection. This summer, in a case called ENGINEERING DYNAMICS, INC. v. STRUCTURAL SOFTWARE, INC., 26 F.3d 1335 (5th Cir. 1994). The Fifth Circuit held that similarities between two computer programs' user interfaces could be the basis of a copyright infringement claim, even though the underlying programs were written in different languages and used different instructions to create the similar interfaces. This decision was startling for several reasons, none of which was directly related to case's facts. One surprise was that a current influential Fifth Circuit judge, Patrick E. Higgonbothom, had previously taken a very different view of non-literal infringement when he was a federal trial judge in Dallas. In 1978, he had ruled in SYNERCOM TECHNOLOGY, INC. v. UNIVERSITY COMPUTING COMPANY, INC., 462 F. Supp. 1003 (N.D. Texas 1978), that mainframe data input formats were not copyrightable because key-punched card formats, as well as their sequence and organization, were non- copyrightable ideas rather than the copyrightable expression of an idea. Another twist was that the defendant who won that case was none other than Engineering Dynamics, Inc., ("EDI"), who later became the plaintiff in ENGINEERING DYNAMICS, INC. v. STRUCTURAL SOFTWARE, INC. The attorney who successfully defended EDI against a claim of non-literal infringement before Judge Higgonbothom -- Tom Cantrell -- was again hired by EDI to prosecute *its* claim of non-literal infringement against Structural Software, Inc. ("SSI"). After winning the 1978 case against Synercom, EDI continued to refine the user interface to its program, including an 80-column input format that was used with its mainframe software systems and had become familiar to many users. When EDI developed a new computer interface program, it kept the familiar 80-column input format. In 1986, SSI entered the market with a product for personal computers that borrowed heavily from EDI's familiar 80- column format. EDI, which had once claimed that computer user interfaces couldn't be copyrighted, again used the same lawyer to sue SSI, and claim claim that the interfaces that it had created were copyrighted, and that SSI had infringed its copyright. There wasno question that the two computer programs themselves were literally different -- SSI's program was written for use with PCs, using languages and approaches substantially different than those used in EDI's mainframe program. At the time, SSI appeared to have a good defense. The Fifth Circuit had seemed to decide, in the PLAINS COTTON case, that non- literal elements of a program warranted little copyright protection. PLAINS COTTON even had similar facts: the defendant had developed a PC-based program that was inspired by a mainframe application and which copied its non-literal elements but which did not copy the code. In fact, when the trial judge reviewed EDI's claims against SSI in light of PLAINS COTTON,the case looked easy, and the judge dismissed all of EDI's copyright claims. In the meantime, however, the Fifth Circuit's approach in PLAINS COTTON had gotten a lot of criticism. No other court had chosen to follow it, and several other courts had adopted the more sophisticated "abstraction-filtration-comparison" analysis. The value and uniqueness of computer software does not reside solely in its literal code, but also in the way in which the software presents itself and interacts with the user. These valuable and unique non-literal elements can be mimicked using code that does not copy the original program, and therefore several courts have recognized claims of non-literal infringement. The changing law again benefitted EDI, as the Fifth Circuit moved away from its PLAINS COTTON approach. The court now explicitly recognized that "non-literal aspects of copyrighted works -- like structure, sequence, and organization -- may be protected under copyright law." Having thrown off the chains of its prior opinion, the court adopted the three-part abstraction- filtration-comparison method. This fact-intensive inquiry requires that the court first abstract the different levels of generality in the two programs at issue. The court then examines each level of abstraction to filter out program elements that cannot be protected under the Copyright Act, such as ideas, process, facts, public domain information, and "scenes a fair material"; that is, material in which the unprotected idea cannot be separated from expression that can be protected, or material which is so standard in an industry that it is indispensable. After the "abstraction" and "filtration" steps, the court compares the remaining protectible elements with the allegedly infringing program to determine whether the later program has copied substantially similar elements. Because the trial judge had not taken these steps, the Fifth Circuit sent the case back for analysis. The court cautioned that the scope of copyright protection is not always constant across all literary works. It recommended a cautious approach when defining the scope of protection available for computer user interfaces, because interfaces are highly functional (function is not protected) and because they often contain standardized technical information that is not protected (such as the complex engineering formulas common to both EDI and SSI's programs). The court suggested that, before finding infringement in user interfaces, a party should stand ready to prove a greater degree of similarity than what might be needed to show infringement of more literal aspects of a program. Ironically, the developing copyright law allowed the same company using the same lawyer to win both sides of the non-literal infringement debate. But recognizing non-literal infringement is a two-edged sword: while it may protect the value of unique expression of ideas developed by programmers, it also makes it more difficult to meet customer needs for new and better software without sacrificing the familiarity customers have with the friendly mugs of particular and popular user interfaces. ------------------------------ From: Dave Banisar Date: Fri, 20 Jan 1995 21:08:18 EST Subject: File 4--DOJ Computer Siezure Guide Lines Date 1/20/95 Subject DOJ Computer Siezure Guide Lines From Dave Banisar To Interested People EPIC Analysis of New Justice Department Draft Guidelines on Searching and Seizing Computers Dave Banisar Electronic Privacy Information Center The Electronic Privacy Information Center (EPIC) has obtained the Department of Justice's recently issued draft "Federal Guidelines for Searching and Seizing Computers." EPIC obtained the document under the Freedom of Information Act. The guidelines provide an overview of the law surrounding searches, seizures and uses of computer systems and electronic information in criminal and civil cases. They discuss current law and suggest how it may apply to situations involving computers. The draft guidelines were developed by the Justice Department's Computer Crime Division and an informal group of federal agencies known as the Computer Search and Seizure Working Group. Seizing Computers A major portion of the document deals with the seizure of computers. The draft recommends the use of the "independent component doctrine" to determine if a reason can be articulated to seize each separate piece of hardware. Prosecutors are urged to "seize only those pieces of equipment necessary for basic input/output so that the government can successfully execute the warrant." The guidelines reject the theory that because a device is connected to a target computer, it should be seized, stating that "[i]n an era of increased networking, this kind of approach can lead to absurd results." However, the guidelines also note that computers and accessories are frequently incompatible or booby trapped, thus recommending that equipment generally should be seized to ensure that it will work. They recommend that irrelevant material should be returned quickly. "[O]nce the analyst has examined the computer system and data and decided that some items or information need not be kept, the government should return this property as soon as possible." The guidelines suggest that it may be possible to make exact copies of the information on the storage devices and return the computers and data to the suspects if they sign waivers stating that the copy is an exact replica of the original data. On the issue of warrantless seizure and "no-knock warrants," the guidelines note the ease of destroying data. If a suspect is observed destroying data, a warrantless seizure may occur, provided that a warrant is obtained before an actual search can proceed. For "no-knock" warrants, the guidelines caution that more than the mere fact that the evidence can be easily destroyed is required before such a warrant can be issued. "These problems . . . are not, standing alone, sufficient to justify dispensing with the knock-and-announce rule." Searching Computers Generally, warrants are required for searches of computers unless there is a recognized exception to the warrant requirement. The guidelines recommend that law enforcement agents use utility programs to conduct limited searches for specific information, both because the law prefers warrants that are narrowly tailored and for reasons of economy. "The power of the computer allows analysts to design a limited search in other ways as well . . . by specific name, words, places. . . ." For computer systems used by more than one person, the guidelines state that the consent of one user is enough to authorize a search of the entire system, even if each user has a different directory. However, if users have taken "special steps" to protect their privacy, such as using passwords or encryption, a search warrant is necessary. The guidelines suggest that users do not have an expectation of privacy on commercial services and large mainframe systems because users should know that system operators have the technical ability to read all files on such systems. They recommend that the most prudent course is to obtain a warrant, but suggest that in the absence of a warrant prosecutors should argue that "reasonable users will also expect system administrators to be able to access all data on the system." Employees may also have an expectation of privacy in their computers that would prohibit employers from consenting to police searches. Public employees are protected by the Fourth Amendment and searches of their computers are prohibited except for ""non-investigatory, work related intrusions" and "investigatory searches for evidence of suspected work-related employee misfeasance." The guidelines discuss the Privacy Protection Act of 1980, which was successfully used in the Steve Jackson Games case against federal agents. They recommend that "before searching any BBS, agents must carefully consider the restrictions of the PPA." Citing the Jackson case, they leave open the question of whether BBS's by themselves are subject to the PPA and state that "the scope of the PPA has been greatly expanded as a practical consequence of the revolution in information technology -- a result which was probably not envisioned by the Act's drafters." Under several DOJ memos issued in 1993, all applications for warrants under the Privacy Protection Act must be approved by a Deputy Assistant Attorney General of the Criminal Division or the supervising DOJ attorney. For computers that contain private electronic mail protected by the Electronic Communications Privacy Act of 1986, prosecutors are advised to inform the judge that private email may be present and avoid reading communications not covered in the warrant. Under the ECPA, a warrant is required for email on a public system that is stored for less than 180 days. If the mail is stored for more than 180 days, law enforcement agents can obtain it either by using a subpoena (if they inform the target beforehand) or by using a warrant without notice. For computers that contain confidential information, the guidelines recommend that forensic experts minimize their examination of irrelevant files. It may also be possible to appoint a special master to search systems containing privileged information. One important section deals with issues relating to encryption and the Fifth Amendment's protection against self-incrimination. The guidelines caution that a grant of limited immunity may be necessary before investigators can compel disclosure of an encryption key from a suspect. This suggestion is significant given recent debates over the Clipper Chip and the possibility of mandatory key escrow. Computer Evidence The draft guidelines also address issues relating to the use of computerized information as evidence. The guidelines note that "this area may become a new battleground for technical experts." They recognize the unique problems of electronic evidence: "it can be created, altered, stored, copied, and moved with unprecedented ease, which creates both problems and opportunities for advocates." The guidelines discuss scenarios where digital photographs can be easily altered without a trace and the potential use of digital signatures to create electronic seals. They also raise questions about the use of computer generated evidence, such as the results of a search failing to locate an electronic tax return in a computer system. An evaluation of the technical processes used will be necessary: "proponents must be prepared to show that the process is reliable." Experts The DOJ guidelines recommend that experts be used in all computer seizures and searches -- "when in doubt, rely on experts." They provide a list of experts from within government agencies, such as the Electronic Crimes Special Agent program in the Secret Service (with 12 agents at the time of the writing of the guidelines), the Computer Analysis and Response Team of the FBI, and the seized recovery specialists (SERC) in the IRS. The guidelines reveal that "[m]any companies such as IBM and Data General employ some experts solely to assist various law enforcement agencies on search warrants." Other potential experts include local universities and the victims of crimes themselves, although the guidelines caution that there may be potential problems of bias when victims act as experts. Obtaining a Copy of the Guidelines EPIC, with the cooperation of the Bureau of National Affairs, is making the guidelines available electronically. The document is available via FTP/Gopher/WAIS/listserv from the EPIC online archive at cpsr.org /cpsr/privacy/epic/fed_computer_siezure_guidelines.txt. A printed version appears in the Bureau of National Affairs publication, Criminal Law Reporter, Vol. 56, No. 12 (December 21 1994). About EPIC The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues relating to the National Information Infrastructure, such as the Clipper Chip, the Digital Telephony proposal, medical record privacy, and the sale of consumer data. EPIC is sponsored by the Fund for Constitutional Government and Computer Professionals for Social Responsibility. EPIC publishes the EPIC Alert and EPIC Reports, pursues Freedom of Information Act litigation, and conducts policy research on emerging privacy issues. For more information email info@epic.org, or write EPIC, 666 Pennsylvania Ave., S.E., Suite 301, Washington, DC 20243. +1 202 544 9240 (tel), +1 202 547 5482 (fax). The Fund for Constitutional Government is a non-profit organization established in 1974 to protect civil liberties and constitutional rights. Computer Professionals for Social Responsibility is a national membership organization of people concerned about the impact of technology on society. For information contact: cpsr-info@cpsr.org. Tax-deductible contributions to support the work of EPIC should be made payable to the Fund for Constitutional Government. ------------------------------ Date: Wed, 18 Jan 95 08:39:12 CST From: hudspeth@JARHEAD.BITNET(Todd Hudspeth) Subject: File 5--FEDGOVT>NII Security Issues Forum Public Meetings This article was obtained from the Usenet group "comp.internet.net-happenings." >From sackman@plains.nodak.edu (Gleason Sackman) Newsgroups: comp.internet.net-happenings Subject--NII> NII Security Issues Forum Public Meetings (fwd) Date: 17 Jan 1995 22:00:19 -0800 ---------- Forwarded message ---------- Date: Thu, 12 Jan 1995 12:59:22 -0500 SENDER:CFRANZ@ntia.doc.gov Subject--FEDGOVT>NII Security Issues Forum Public Meetings OFFICE OF MANAGEMENT AND BUDGET NOTICE OF PUBLIC MEETING Agency: Office of Management and Budget Action: National Information Infrastructure Security Issues Forum: Notice of Public Meetings and request for public comments SUMMARY: The National Information Infrastructure Security Issues Forum will conduct two public meetings to continue a dialogue between government and the private and public interest sectors on issues related to the security of information on the National Information Infrastructure (NII). Interested parties -- especially beneficiaries of Aid to Families with Dependent Children and Food Stamps, and users of public information, and participants in the sophisticated communications networks which support the U.S. transportation and customs systems -- are invited to submit a 1 - 2 page position statement and request to testify. The meetings are sponsored by the NII Security Issues Forum of the Information Infrastructure Task Force and Mega-Project III of the U.S. Advisory Council on the NII. DATES: Both public meetings, "Security of the Electronic Delivery of Government Information and Services" and "Security for Intelligent Transportation Systems and Trade Information," will be held simultaneously on Friday, January 27, 1995, from 9:00 a.m. to 12:30 p.m. in Raleigh, North Carolina. Those wishing to testify should submit a 1 - 2 page position statement and request to participate by January 20, 1995. Individuals wishing to offer general comments or present questions may request to do so during the meeting. Written comments may be submitted on paper or electronically, in ASCII format, and will be accepted until February 10, 1995. ADDRESSES: The public meeting, "Security of the Electronic Delivery of Government Information and Services," will be held in the Auditorium of the North Carolina Museum of History, 1 East Edenton Street, Raleigh, North Carolina. The public meeting, "Security for Intelligent Transportation Systems and Trade Information," will be held in the Auditorium of the Department of Cultural Affairs, 109 East Jones Street, Raleigh, North Carolina. Both buildings are in close proximity to the North Carolina Capitol Building. Position statements and requests to appear for the meeting, "Security of the Electronic Delivery of Government Information and Services," sent to the Government Information Technology Services Working Group, marked to the attention of Ms. April Ramey, U.S. Department of the Treasury, 1425 New York Avenue, Room 2150 N.W., Washington, D.C. 20240. Position statements may also be submitted via fax to (202) 622-1595 or through electronic mail to april.ramey@treas.sprint.com. Electronic mail should be submitted as unencoded, unformatted, ASCII text. Position statements and requests to appear for the meeting, "Security for Intelligent Transportation Systems and Trade Information," should be sent to the Volpe National Transportation Systems Center of the Department of Transportation, marked to the attention of Mr. Gary Ritter, DTS-21, at 55 Broadway, Cambridge, MA, 02142. Position statements may also be submitted via fax to (617) 494-2370 or through electronic mail to "Ritter@volpe1.dot.gov". Electronic mail should be submitted as unencoded, unformatted, ASCII text. Parties offering testimony are asked to provide them on paper, and where possible, in machine-readable format. Machine- readable submissions may be provided through electronic mail messages sent over the Internet, or on a 3.5" floppy disk formatted for use in an MS-DOS based computer. Machine-readable submissions should be provided as unencoded, unformatted ASCII text. Written comments should include the following information: * Name and organizational affiliation, if any, of the individual responding; * An indication of whether comments offered represent views of the respondent's organization or are the respondent's personal views; and * If applicable, information on the respondent's organization, including the type of organization (e.g., trade association, private corporation, non-profit organization) and general areas of interest. FOR FURTHER INFORMATION CONTACT: For further information relating to electronic delivery of information and services, contact Ms. April Ramey of the Treasury Department at (202) 622- 1278. For further information relating to transportation and trade issues, contact Mr. Gary Ritter at the Volpe National Transportation Systems Center by telephone at (617) 494-2716. SUPPLEMENTARY INFORMATION: I. Issues for Public Comment A. Background The public meetings are part of an ongoing dialogue with the Administration to assess the security needs and concerns of users of the National Information Infrastructure (NII). The NII is a system of high-speed telecommunications networks, databases, and advanced computer systems that will make electronic information more widely available and accessible than ever before. For example, citizens may be able to learn about federal benefits programs through public kiosks, or may receive their social security payments through direct deposit to their bank accounts. As the U.S. transportation infrastructure becomes more complex, Americans will benefit from the application of information technologies to such operations as toll collection, motor vehicle registration, and traffic routing. This increased availability and accessibility of services and products provided through information technology will dramatically affect the way in which individuals conduct their everyday affairs. Consequently, broad public and commercial use of the NII hinges upon implementing technologies, policies, and practices that not only ensure that users of information systems have access to information when and where they need it, but that subjects of information records are able to protect themselves from unauthorized or inappropriate use of information. "Americans will not use the NII to its full potential unless they trust that information will go where and when they want it and nowhere else," declared Sally Katzen, Administrator of the Office of Information Regulatory Affairs at OMB and chair of the Forum. "The Federal government is a primary user of the NII and thus a catalyst for change. Yet the NII will be designed, built, owned, operated, and used primarily by the private sector, making it essential that security on the NII be considered in partnership with the public." To address these critical issues, the Vice President formed the Information Infrastructure Task Force (IITF). The IITF is chaired by Secretary of Commerce Ron Brown and is comprised of senior Administration officials having expertise in technical, legal, and policy areas pertinent to the NII. The mission of the IITF is to articulate and implement the Administration's vision for the NII. The NII Security Issues Forum was established within the IITF to address the cross-cutting issue of security in the NII. The Forum is chaired by Sally Katzen, Administrator of the Office of Information and Regulatory Affairs in the Office of Management and Budget. In addition to the IITF, the President has established the U.S. Advisory Council on the National Information Infrastructure. The Advisory Council represents industry, labor, and public interest groups, and advises the Secretary of Commerce on issues relating to the NII. Mega-Project III, one of three work groups of the Advisory Council, is responsible for addressing security, intellectual property, and privacy issues as they relate to the NII. B. Structure and Content of Public Meeting Security is linked inextricably to broad public use of the NII. The technologies, policies, and procedures used to ensure the confidentiality, availability, and integrity of digitally produced and transmitted information, information products, and services on the NII will determine whether, how, and to what extent digitally linked information services will be broadly used in such critical applications as providing public information, supporting the delivery of government services, utilizing intelligent transportation systems, and conducting trade. Development of policies and procedures that will ensure the security of public and private information and communications on the NII requires study from different perspectives, whether that of the subject of the information, the user of the information, or the creator of the information. The Forum and Mega-Project III seek input from parties representing beneficiaries of federal information and services and users of intelligent transportation systems and trade data. Solutions to these concerns will come via technical solutions, as well as legal and policy mechanisms. The Forum and Mega-Project III seek input in this area as well. Specifically, what legal measures, policy mechanisms, and technological solutions, or combinations thereof, can be used to effectively protect the security of federal benefits information or transportation or trade data, delivered or made accessible on the NII? A panel of witnesses drawn from the public will be assembled to discuss the following topics with a panel of senior Administration officials, members of the Security Issues Forum, members of the Advisory Council, and policy makers at the State level, and to field questions and comments from other members of the public. Position statements for the meeting, "Security in the Delivery of Electronic Information and Services," should address four principal questions: 1. How do you envision the NII being used to provide services and information electronically to citizens? Specifically, what types of services and information should be delivered or made available? 2. What risks and threats do you foresee in making services and information available via the NII? Such threats might include fraud, unauthorized access, breach of confidentiality or privacy, breach of integrity, and system performance. 3. What legal, policy, and ethical issues do you foresee affecting usage of the NII? Such issues may include liability, information/property rights, access, document/records management, legal admissibility/evidentiary requirements, and auditability. Do some issues, such as privacy and open access, tend to countervene each other? 4. What kinds of administrative or technical solutions should be developed or promoted to address security, legal, and ethical concerns? Such solutions may include verifying recipient and/or vendor eligibility, ensuring operational and systems security, and establishing means to facilitate settlement, detection, and prosecution. Position statements for the meeting, "Security for Intelligent Transportation Systems and Trade Information," should address five principal questions: 1. Who should be permitted access to sensitive trade and transportation information systems? How can inappropriate access and use be prevented? 2. What technical and institutional safeguards in electronic data transmission, storage, and retrieval are needed to protect the security of trade and transportation data? Such risks might include: disclosure of proprietary and confidential business information, criminal access to trade and cargo records, disclosure of individual travel patterns or vehicle locations, or disclosure of transportation dispatch communications regarding sensitive cargo shipment routes, itineraries, and locations. 3. What does an "appropriate level of security" consist of? Is there a "one-size-fits-all" solution, or can policies be established which flexibly meet diverse needs? 4. Do certain systems merit greater degrees of security protection, such as traffic signal control systems, variable message signs, fleet location monitoring, electronic toll collection, international trade data, and motor vehicle registration records? 5. Who should establish and enforce security policies? How can government and the private sector work together to support a secure National Information Infrastructure? II. Guidelines for Participation in the Public Hearing Individuals who would like to participate on a panel must request an opportunity to do so no later than January 20, 1995, by submitting a brief, 1 - 2 page summary position statement. If approved, each participant will be allowed to present brief opening remarks. Primary participation, however, shall be during the general discussion to follow, according to the format described above. Participants in the public meeting will testify before and participate in discussions with a panel consisting of members of the Advisory Council, members of the Security Issues Forum, and other Administration officials. Individuals not selected as panel participants may offer comments or ask questions of the witnesses by requesting an opportunity to do so and being recognized during the meeting by the chairs of the meetings. Oral remarks offered in this fashion should not exceed three minutes. No advance approval is required to attend the public meetings, offer comments, or present questions. The public meeting on "Security of the Electronic Delivery of Information and Services" will be chaired by Mr. Jim Flyzik, Chair of the Government Information Technology Services Working Group of the IITF. The public meeting on "Security for Intelligent Transportation Systems and Trade Information," will be co-chaired by Ms. Ana Sol Gutierrez, Deputy Administrator of the Research and Special Programs Administration of the U.S. Department of Transportation, and Ms. Christine Johnson, Director of the Intelligent Transportation Systems Joint Program Office of the U.S. Department of Transportation. More information about the Clinton Administration's National Information Infrastructure initiative can be obtained from the IITF Secretariat. Inquiries may be directed to Yvette Barrett at (202) 482-1835, by e-mail to ybarrett@ntia.doc.gov, or by mail to U.S. Department of Commerce, IITF Secretariat, NTIA, Room 4892, Washington, D.C., 20240. For inquiries over the Internet to the IITF Gopher Server, gopher, telnet (login = gopher), or anonymous ftp to iitf.doc.gov. Access is also available over the World-Wide-Web. Questions may be addressed to nii@ntia.doc.gov. For access by modem, dial (202) 501-1920 and set modem communication parameters at no parity, 8 data bits, and one stop (N,8,1). Modem speeds of up to 14,400 baud are supported. Sally Katzen Administrator, Office of Information and Regulatory Affairs Certified to be a true copy of the original by John B. Arthur, Associate Director for Administration ------------------------------ ------------------------------ Date: Thu, 23 Oct 1994 22:51:01 CDT From: CuD Moderators Subject: File 6--Cu Digest Header Information (unchanged since 25 Nov 1994) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send a one-line message: SUB CUDIGEST your name Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (203) 832-8441. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown) In ITALY: Bits against the Empire BBS: +39-461-980493 In LUXEMBOURG: ComNet BBS: +352-466893 UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/cud/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) JAPAN: ftp.glocom.ac.jp /mirror/ftp.eff.org/Publications/CuD ftp://www.rcac.tdi.co.jp/pub/mirror/CuD The most recent issues of CuD can be obtained from the NIU Sociology gopher at: URL: gopher://corn.cso.niu.edu:70/00/acad_dept/col_of_las/dept_soci COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #7.05 ************************************