Computer underground Digest    Wed, Jan 15, 1992   Volume 4 : Issue 02

       Moderators: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)

CONTENTS, #4.02 ( Jan 15, 1992)
File 1--Re: Whole Earth Review Questions Technology
File 2--Craig's submission in #4.01
File 3--Subscribing to PHRACK
File 4--Report: 8th Chaos Computer Congress
File 5--Net "do-it-yourself" political activity (NEWSBYTES Reprint)
File 6--Political Organizing at the Individual Level
File 7--*DRAFT* "Guaranteeing Constitutional Freedoms"
File 8--The Compuserve Case (Reprint from EFF Vol 2, #3)
File 9--Senate Introduces Two FOIA Bills, S. 1929 & S. 1940

Issues of CuD can be found in the Usenet alt.society.cu-digest news
group, on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG,
and DL0 and DL12 of TELECOM, on Genie, on the PC-EXEC BBS at (414)
789-4210, and by anonymous ftp from ftp.cs.widener.edu (147.31.254.132),
chsun1.spc.uchicago.edu, and ftp.ee.mu.oz.au.  To use the U. of
Chicago email server, send mail with the subject "help" (without the
quotes) to archive-server@chsun1.spc.uchicago.edu.

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted as long as the source
is cited.  Some authors do copyright their material, and they should
be contacted for reprint permission.  It is assumed that non-personal
mail to the moderators may be reprinted unless otherwise specified.
Readers are encouraged to submit reasoned articles relating to the
Computer Underground.  Articles are preferred to short responses.
Please avoid quoting previous posts unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

----------------------------------------------------------------------

Date: Thu, 09 Jan 92 15:54:48 -0600
From: Neil W Rickert <rickert@CS.NIU.EDU>
Subject: File 1--Re: Whole Earth Review Questions Technology

In Cu Digest, #4.01 Tom White writes:

>  Is technological innovation invariably beneficial?  Do we control
>new technologies or do they control us?

This reminds me of the comments I occasionally have been heard to
make, with tongue only very slightly in cheek:

 In the old days, before Xerox became a household word, everyone
 participating in an important meeting would be given a copy of the
 documentation.  Attached was a check sheet.  He/she would read the
 documentation, cross his/her name off the check sheet, and pass the
 documents onto the next person listed.

 Today, everybody has an individual copy.  There is not so much of a
 rush to read it.  Thus everyone can put off reading it until the last
 minute or a little later, come to the meeting, and an important issue
 is voted on without one participant having read it, or having the
 courage to admit to not having read it.

  +++++++++++

 In the old days it was very costly to revise a draft, since the whole
 thing had to be redone from the start, with the possibility of new
 errors being introduced.  As a result many letters and memos were
 sent out with minor errors, because it was just not worth the trouble
 of correcting them.

 Today, with word processing, editing a memo or letter is much
 simpler.  As a result, drafts are revised ad infinitum.  The total
 number of man (and woman) hours spend on the document may be three or
 more times as much as before.  And the result - a few less minor
 typos, but no improvement in the essential meaningfulness and
 readability of the document.

  +++++++++++

 To top it off, there are probably thousands of MIPS (million
 instructions per second) of computing power dedicated to the sole
 purpose of printing address labels on junk mail, much of which will
 finish up in land fills without having been read.

------------------------------

Date: Sat, 11 Jan 92 0:23:33 EST
From: tadvocate@anonymous.com
Subject: File 2--Craig's submission in #4.01

Reply to: File 2--How The Government Broke The Law And Went Unpunished

>                             JUSTICE DENIED
>
>          How The Government Broke The Law And Went Unpunished
>
>                            by Craig Neidorf
>                            kl@stormking.com
>
>
> TO THE READER:
>
> During the summer of 1990, I wrote the following review of how the
> Privacy Protection Act of 1980 could have been applied to the above
> described incident.  After several months of trying to find a way to
> file a claim, I have finally come to realize that the goal I seek is
> unreachable because I do not possess the financial resources to hire
> legal counsel and no law firm or organization capable of handling the
> case will agree to take it on a contingency basis.  Furthermore, as I
> Protection Act of 1980 as described above.
>
> **********   Stuff Deleted***********
>
> *** What Are The Remedies?
>
> Section 106(a) provides a civil cause of action for damages for
> violations of the Act.  Such an action may be brought by any person
> aggrieved by a violation of the statute.
>
> WE DARE NOT GIVE UP THAT RIGHT!

Craig,  stop complaining.  You are going to law school.  File a pro se
action against the government.  File it and ask some of your
professors to help you out.  You'll learn more practical law then a
thousand class hours.

If we dare not give up our rights,  then we dare not stop.

The Advocate.

   [ This information published so that all members of the community can
know that they do not need to depend on lawyers to protect our rights.
The day an american may not protect his rights without a lawyer, is
the day his rights have died.]

PS  For those interested.  The supreme court is deciding a case where
a man was convicted of receiving child pornography only after being
targeted for 2 years in a blizzard of letters by undercover operators
into buying it by mail.  The supreme court will try to determine what
limits the government may not violate in enticing people into breaking
the law.

------------------------------

Date: Tue, 14 Jan 92 17:44:09 EST
From: Storm King ListServ Account <server@STORMKING.COM>
Subject: File 3--Subscribing to PHRACK

We here at phrack have been getting mail bouncing all over the place
due to people writing PHRACK@STOMKING.COM the correct contact for
phrack is at PHRACKSUB@STORMKING.COM.  Please correct this!

These days people must do the following to get on the phrack mailing
list.

     The distribution of Phrack is now being performed by the software
called Listserv.  All individuals on the Phrack Mailing List prior to
your receipt of this letter have been deleted from the list.

If you would like to re-subscribe to Phrack Inc. please follow these
instructions:

1.  Send a piece of electronic mail to "LISTSERV@STORMKING.COM".  The mail
    must be sent from the account where you wish Phrack to be delivered.

2.  Leave the "Subject:" field of that letter empty.

3.  The first line of your mail message should read:
    SUBSCRIBE PHRACK <your name here>

4.  DO NOT leave your address in the name field!
    (This field is for PHRACK STAFF use only, so please use a full name)

Once you receive the confirmation message, you will then be added to
the Phrack Mailing List.  If you do not receive this message within 48
hours, send another message.  If you STILL do not receive a message,
please contact
"SERVER@STORMKING.COM".

You will receive future mailings from "PHRACK@STORMKING.COM".

If there are any problems with this procedure, please contact
"SERVER@STORMKING.COM" with a detailed message.

Sincerly,
The Phrack Staff

------------------------------

Date: Tue, 14 Jan 92 12:15 MST
From: Moderators <tk0jut2@mvs.cso.niu.edu>
Subject: File 4--Report: 8th Chaos Computer Congress

((For those who do not receive either RISKS-L or TELECOM Digest,
we reprint the following form TELECOM Digest, Vol 13 #35 (14 Jan '92)).

          ***********************************************

Date: Tue, 14 Jan 1992 06:33:50 PST
From: Eric_Florack.Wbst311@xerox.com
Subject: Report: 8th Chaos Computer Congress

The following message was copied from RISKS-L.  Of particular interest
to TELECOM reader will be where the writer speaks of HACKTIC. That
such gatherings are becoming more sparsely populated is a positive
step.  But is it, perhaps, time for people such as the UN , or perhaps
the ITU, to invoke sanctions against countries that allow such groups
to thrive? ( Comments are my own ... I don't expect anyone else to
have the guts to agree with me.) (Grin)

                       -=-=-=--=-=-=

 Date: 9  Jan 92 16:37 +0100
 From: Klaus Brunnstein <brunnstein@rz.informatik.uni-hamburg.dbp.de>
 Subject: Chaos Congress 91 Report

                 Report: 8th Chaos Computer Congress

On occasion of the 10th anniversary of its foundation, Chaos Computer
Club (CCC) organised its 8th Congress in Hamburg (Dec.27-29, 1991). To
more than 400 participants (largest participation ever, with growing
number of students rather than teen-age scholars), a rich diversity of
PC and network related themes was offered, with significantly less
sessions than before devoted to critical themes, such as phreaking,
hacking or malware construction.  Changes in the European hacker scene
became evident as only few people from Netherlands (see: Hacktick) and
Italy had come to this former hackers' Mecca.  Consequently, Congress
news are only documented in German.  As CCC's founding members develop
in age and experience, reflection of CCC's role and growing diversity
(and sometimes visible alienity between leading members) of opinions
indicates that teen-age CCC may produce less spectacular events than
ever before.

This year's dominating theme covered presentations of communication
techniques for PCs, Ataris, Amigas and Unix, the development of a
local net (mousenet.txt: 6.9 kByte) as well as description of regional
(e.g.  CCC's ZERBERUS; zerberus.txt: 3.9 kByte) and international
networks (internet.txt: 5.4 kBytes), including a survey (netzwerk.txt:
53.9 kByte).  In comparison, CCC'90 documents are more detailed on
architectures while sessions and demonstrations in CCC'91 (in "Hacker
Center" and other rooms) were more concerned with practical navigation
in such nets.

Phreaking was covered by the Dutch group HACKTIC which updated its
CCC'90 presentation of how to "minimize expenditures for telephone
conversations" by using "blue" boxes (simulating specific sounds used
in phone systems to transmit switching commands) and "red" boxes
(using telecom-internal commands for testing purposes), and describing
available software and recent events.  Detailed information on
phreaking methods in specific countries and bugs in some telecom
systems were discussed (phreaking.txt: 7.3 kByte). More information
(in Dutch) was available, including charts of electronic circuits, in
several volumes of Dutch "HACKTIC: Tidschrift voor Techno-Anarchisten"
(=news for techno-anarchists).

     Remark #1: recent events (e.g. "Gulf hacks") and material presen-
ted on Chaos Congress '91 indicate that Netherland emerges as a new
European center of malicious attacks on systems and networks.  Among
other potentially harmful information, HACKTIC #14/15 publishes code
of computer viruses (a BAT-virus which does not work properly;
"world's shortest virus" of 110 bytes, a primitive non-resident virus
significantly longer than the shortest resident Bulgarian virus: 94
Bytes).  While many errors in the analysis show that the authors lack
deeper insight into malware technologies (which may change), their
criminal energy in publishing such code evidently is related to the
fact that Netherland has no adequate computer crime legislation.  In
contrast, the advent of German computer crime legislation (1989) may
be one reason for CCC's less devotion to potentially harmful themes.

    Remark #2: While few Netherland universities devote research and
teaching to in/security, Delft university at least offers introductory
courses into data protection (an issue of large public interest in NL)
and security.  Professors Herschberg and Aalders also analyse the
"robustness" of networks and systems, in the sense that students may
try to access connected systems if the addressed organisations agree.
According to Prof. Aalders (in a recent telephone conversation), they
never encourage students to attack systems but they also do not punish
students who report on such attacks which they undertook on their own.
(Herschberg and Alpers deliberately have no email connection.)

Different from recent years, a seminar on Computer viruses (presented
by Morton Swimmer of Virus Test Center, Univ. Hamburg) as deliberately
devoted to disseminate non-destructive information (avoiding any
presentation of virus programming).  A survey of legal aspects of
inadequate software quality (including viruses and program errors) was
presented by lawyer Freiherr von Gravenreuth (fehlvir.txt: 5.6 kByte).

Some public attention was drawn to the fact that the "city-call"
telephone system radio-transmits information essentially as ASCII.  A
demonstration proved that such transmitted texts may easily be
intercepted, analysed and even manipulated on a PC.  CCC publicly
warned that "profiles" of such texts (and those addressed) may easily
be collected, and asked Telecom to inform users about this insecurity
(radioarm.txt: 1.6 kByte); German Telecom did not follow this advice.

Besides discussions of emerging voice mailboxes (voicebox.txt: 2.8
kBytes), an interesting session presented a C64-based chipcard
analysis systems (chipcard.txt: 3.3 kBytes).  Two students have built
a simple mechanism to analyse (from systematic IO analysis) the
protocol of a German telephone card communicating with the public
telephone box; they described, in some detail (including an
elctronmicroscopic photo) the architecture and the system behaviour,
including 100 bytes of communication data stored (for each call, for
80 days!)  in a central German Telecom computer. Asked for legal
implications of their work, they argued that they just wanted to
understand this technology, and they were not aware of any legal
constraint.  They have not analysed possibilities to reload the
telephone account (which is generally possible, due to the
architecture), and they didnot analyse architectures or procedures of
other chipcards (bank cards etc).

Following CCC's (10-year old charta), essential discussions were
devoted to social themes.  The "Feminine computer handling" workshop
deliberately excluded men (about 25 women participating), to avoid
last year's experience of male dominancy in related discussions
(femin.txt: 4.2 kBytes).  A session (mainly attended by informatics
students) was devoted to "Informatics and Ethics" (ethik.txt: 3.7
kByte), introducing the international state-of-discussion, and
discussing the value of professional standards in the German case.

A discussion about "techno-terrorism" became somewhat symptomatic for
CCC's actual state.  While external participants (von Gravenreuth,
Brunnstein) were invited to this theme, CCC-internal controversies
presented the panel discussion under the technical title "definition
questions".  While one fraction (Wernery, Wieckmann/terror.txt: 7.2
kByte) wanted to discuss possibilities, examples and dangers of
techno-terrorism openly, others (CCC "ol'man" Wau Holland) wanted to
generally define "terrorism" somehow academically, and some undertook
to describe "government repression" as some sort of terrorism.  In the
controversial debate (wau_ter.txt: 9.7 kByte), few examples of
technoterrorism (WANK worm, development of virus techniques for
economic competition and warfare) were given.

More texts are available on: new German games in Multi-User
Domain/Cyberspace (mud.txt: 3.8 kByte), and Wernery's "Btx
documentation" (btx.txt: 6.2 kByte); not all topics have been
reported.  All German texts are available from the author (in
self-extracting file: ccc91.exe, about 90 kByte), or from CCC (e-mail:
SYSOP@CHAOS-HH.ZER, fax: +49-40-4917689).

------------------------------

Date: Wed, 15 Jan 1992 11:45:54 GMT
From: John F. McMullen (mcmullen@well.sf.ca.us)
Subject: File 5--Net "do-it-yourself" political activity (NEWSBYTES Reprint)

Warren Announces Do-It-Yourself "NET" Political Activity 1/13/92
WOODSIDE, CALIFORNIA, U.S.A., 1992 JAN 13 (NB)  -- Jim Warren, founder
of InfoWorld and the West Coast Computer Faire, has announced a plan
under which US taxpayers may let their legislators know their desire
for expenditure of tax revenues.

In a statement posted of the Whole Earth 'Lectronic Link (WELL),
Warren outlined a proposal under which taxpayers would fill out a form
that specifies the desires of the taxpayer for the uses of her/his tax
payment. The form will then be sent to the taxpayer's elected
representatives. Warren said "As we approach tax-day, it emphasizes
that we again worked more than a  third of last year for the
government and politicians. This year, let's  tell them how WE want
them to use the hard-earned money they take from us.  When we send in
our taxes, let's also send copies of this to our current  and
potential elected representatives, especially to this year's political
candidates. (Let's not blame the IRS; they're just doing what our
elected  representatives tell them to do.)    Please feel free to copy
this to friends, neighbors, customers, business  associates and
company and community bulletin boards."

The form, designed by Warren, provides spaces for the taxpayer to fill
in dollar and percentage figures for the expenditure of the funds.
Warren also committed, if taxpayers send copies of the forms to him,
to publish summary reports reflecting the desires of the aggregate of
the reporting taxpayers. Warren's form follows:

 To:  ______________________________
      ______________________________
      ______________________________
      ______________________________

 TAX ALLOCATION INSTRUCTIONS FROM A VOTER

Here are the taxes that I know you are taking from my work last
year, and  here is how I want you to use them.  (For other projects
that you or your  campaign donors desire, please depend on the
hidden taxes that I cannot  easily identify.)

   This is a very serious matter to me, even though this note is a
form.  Please respond and tell me how much of our earnings you, as
our elected  representative, want to take in taxes, and how much you
want to spend in  each budget-area.  Please send me _____ copies of
your response for my  friends, neighbors and business associates.
(And, a lack of response will  be noted as a response.)

 How to use MY taxes: Federal allocations: Fiscal-1992 Federal Budget
 1.      %  $      18.0%  $ 290,820M  National Defense
 2.      %  $         2.2%     35,679M  International Affairs
 3.      %  $         1.2%     18,934M  Science, Space and Technology
 4.      %  $         0.3%      4,129M  Energy
 5.      %  $         1.2%     19,708M  Natural Resources and Environment
 6.      %  $         1.2%     20,219M  Agriculture
 7.      %  $         6.5%    105,780M  Commerce and Housing Credit
 8.      %  $         2.1%     34,312M  Transportation
 9.      %  $         0.4%      5,768M  Community & Regional Development
 10.     %  $        2.9%     46,934M  Education,Employment, Soc.Services
 11.     %  $        5.0%     81,300M  Health
 12.     %  $         7.0%    113,811M  Medicare
 13.     %  $        13.8%    222,691M  Income Security
 14.     %  $        21.7%    351,109M  Social Security
 15.     %  $          2.1%     33,380M  Veterans' Benefits and Services
 16.     %  $          0.9%     14,842M  Administration of Justice
 17.     %  $          0.8%     12,688M  General Government
 18. 12.7%  $          12.7%    206,343M  Net Interest
  19.     %  $         <not an expense>  deficit reduction
  20.     %  $         0.0%          0   tax reduction/refund/rebate to me
    ------  ---------  ------ -----------
    100.0%  $   100.0% $1,618,447M  my taxes & your FY-1992 budget

   Thanking you for your attention to this constituent request, I
remain,
 From:______________________________
      ______________________________
      ______________________________
      ______________________________


Warren told Newsbytes that, following his posting, MicroTimes editor
Mary Eisenhart told him that he can include a copy of the form in an
up-coping column in that 200,000 circulation publication.

Warren also stated that any forms sent to him for summarization will
be held in the strictest confidence and not shown to others. He said
"I must hold them for the possibility that anyone doubts that the
basis for our published summary actually existed."

Warren also commented to Newsbytes on the potential of network
mobilization, saying "We have in the computer network the largest
circulation publication in the nation and it is free for the logon
cost.  This is the beginning of the implementation of effective
electronic citizenship.

Warren said that at least 2 other electronic political projects are
planned  for 1992.

(Barbara E. McMullen & John F. McMullen/Press Contact: Jim Warren,
415-851-2814 (fax); jwarren@autodesk.com (e-mail)/19920113)

------------------------------

Date: Tue, 14 Jan 92 18:45:21 EST
From: Jim Warren (jwarren@well.sf.ca.us)
Subject: File 6--Political Organizing at the Individual Level

Once every four years, with less opportunity each two years -- i.e.,
each election year -- citizen-groups have a brief-but-major
window-of-opportunity to obtain government by and for the People.  We
rarely use it effectively.

Civil liberties in the electronic frontier simply cannot wait until
1996.  By then, it may be too late to protect online rights, freedom
and privacy.
We need to act now.
We *can* act.  And we *can* be effective:

1.  Meet with candidates.
Do this in their offices, preferably, as a group of no more than 2-4
articulate, presentable spokespeople.  It helps if you have formal
backing of a group, but it is certainly not necessary.  What is
greatly persuasive to candidates is whether you are likely to sway a
group of voters.

2.  Be informative.
Plan a careful, logical, brief oral presentation of our concerns.
Back it up with a 2-10 page summary of major points, positions and
requests.  Supporting newspaper articles are particularly helpful.

3.  Seek explicit committments.
*Every* successful politician has mastered the art of *sounding*
sincerely interested and supportive without making committments.  Make
specific requests for specific action within a specific time-frame.
Request it in the form of an official policy- or position-statement
issued by the candidate, "so you can then publicize their position
throughout your group."  (Verbal assurances in private meetings are
unreliable.)  If they seem disinclined, politely indicate that you
will, regretfully, have to report that non-action or lack of explicit
commitment must be viewed as non-support, potentially even opposition,
on these time-sensitive issues.  Don't expect somethin' for nothin'.
If they seem inclined to commit --at a minimum, they will sound
sincerely concerned -- they will want to know what support you will
offer.  Expect them to ask for it and/or for your
formal endorsement.  Perhaps the best response to this is to say you
will vigorously circulate details of their committments throughout
your group.

4.  Indicate the group to whom you will report.
Long ago, when I last checked, the WELL had about 4,500 users.  BMUG
has ??  Brian Reid's latest estimates are that USENET had about
1,913,000 users on about 40,000 hosts.  There are probably around 15
million users on non-BBS computer networks in the U.S., public and
private.  The Internet has about 5,000 networks with around a million
hosts and anywhere from 5 to 10 million users.  The Fidonet BBS-net
probably has around 2 million users (I've asked

And, there's your own internal net at work or school.  Can you post
personal notes on it?  Are you a BBS sysop or host administrator with
authority to post a logon notice seen by everyone?  Seems like every user
ought to know who is willing to protect their online freedom and privacy.

  I phrased this in the second person -- "you" do it -- but, jus' for the
record:  I'm personally pursuing this with various federal and state
candidates on the San Francisco Peninsula.  I walk it like I talk it.  :-)

------------------------------

Date: Tue, 14 Jan 92 18:45:21 EST
From: Jim Warren (jwarren@well.sf.ca.us)
Subject: File 7--*DRAFT* "Guaranteeing Constitutional Freedoms"

  *This is a **draft***.  (I am working on additional phrasing
regarding computerized access to computerized legislation-in-progress,
so we may be citizens effectly informed of the legislative process.  I
also have some thoughts about enhancing citizen's access to their
personal information that is collected and shared by government
agencies.

  If you wish a copy of the final version for your own modification,
use and/or personal or group political action, please e-mail your
request to:
  jwarren@well.sf.ca.us   --or--   jwarren@autodesk.com  .
                      *************************

   GUARANTEEING CONSTITUTIONAL FREEDOMS INTO THE 21st CENTURY

  Harvard Law Professor Laurence H. Tribe, one of the nation's leading
Constitutional scholars, views technological threats to our
constitutional freedoms and rights as so serious that, for the first
time in his career, he has proposed a Constitutional Amendment:

  "This Constitution's protections for the freedoms of speech, press,
petition and assembly, and its protections against unreasonable
searches and seizures and the deprivation of life, liberty or property
without due process of law, should be construed as fully applicable
without regard to generated, stored, altered, transmitted or
controlled."

  Until and unless the unlikely event that such an Amendment is
adopted, legislation and regulation are the only alternatives to
assure modern protection of citizens against modern technological
threats against their constitutional rights and freedoms.

               PERSONAL COMMITMENT TO ACTION

  PREFACE:  It has been over two centuries since our Constitution and
Bill of Rights were adopted.  The great technological change in the
interum --especially in computing, telecommunications and electronics
-- now poses a clear and present danger to the rights and protections
guaranteed in those great documents.  Therefore:

will author or coauthor legislation reflecting the following
specifics, and I will actively support and testify in favor of any
similar legislation as may be introduced by others.  Further, I will
actively seek to have included in such legislation, explicit personal
civil and/or criminal penalties against any agent, employee or
official of the government who violates any of these statutes.  And
finally, I will keep all citizens who express interest in legislative
progress on these matters fully and timely informed.

  The protections guaranteed in the Constitution and its Amendments
shall be fully applicable regardless of the current technology of the
time.  In particular:

  SPEECH:  Freedom of speech shall be equally protected, whether by
voice or written as in the 18th Century, or by electronic transmission
or computer communication as in the 20th Century and thereafter.

  PRESS:  Freedom of the press shall be equally protected, whether by
print as in the 18th Century, or by computer distribution of
information, as in the 20th Century and thereafter.

  ASSEMBLY:  Freedom of assembly shall be equally protected, whether
by face-to-face meeting as in the 18th Century, or by computer-based
conference as in the 20th Century and thereafter.  The right to hold
confidential meetings shall be equally protected, whether they be by
personal meeting in private chambers, or by computer-based private
conferences.

  SELF-PROTECTION:  The right of the people to keep and use computers
and communications equipment and connections shall not be abridged by
the government.

  SEARCH & SEIZURE:  The right of the people to be secure in their
papers and effects, against unreasonable searches and seizures, shall
be fully applicable to their electronic mail, computerized information
and personal computer systems.

  WARRANTS:  No warrants for search or seizure shall issue for
computerized information, but upon probable cause, supported by oath
or affirmation, and particularly describing the computer system to be
searched and the specific information to be seized.

  SECURE INFORMATION VAULTS:  Just as search and seizure of letters in
a post-office, and papers in a bank-vault lock-box, and surveillance
of a telephone conversations by wire-tap each require a separate
warrant for each postal address, lock-box and telephone line, so also
shall a separate warrant be required for electronic mail or other
computer files of each suspect, when stored in a computer facility
shared by others, and such files stored in a shared facility by or for
a citizen who is neither named in a warrant nor associated with a
suspect so-named, may not be used against that citizen, if seized or
discovered during legal search of or for files of a suspect.

  SELF-INCRIMINATION:  No person shall be compelled in any civil or
criminal case to be a witness against himself or herself, nor be
compelled to translate or decode computerized information that may be
so incriminating.

  PRIVATE PROPERTY: Private property shall not be taken for public use
without just compensation, nor shall it be used nor sold by the
government for less than fair market value, in which case all such
proceeds shall promptly derive singularly to its owner prior to
government seizure.

  SPEEDY RELEASE:  Anyone not accused of a crime shall enjoy the right
to a speedy release and return of all of their property in undamaged
form, as may be seized under any warrant, particularly including their
computerized information.

        _________________________ title/office/office sought
        _________________________ address
        _________________________
        _________________________
        _________________________ campaign-office voice-phone number
        _________________________ campaign-office electronic-mail address

------------------------------

Date: Tue, 14 Jan 92 17:44:09 EST
From: Eff@org
Subject: File 8--The Compuserve Case (Reprint from EFF Vol 2, #3)

           THE COMPUSERVE CASE:
   A STEP FORWARD IN FIRST AMENDMENT PROTECTION FOR ONLINE SERVICES.
         By Mike Godwin (mnemonic@eff.org)

By now you may have heard about the summary-judgment decision in
Cubby, Inc. v. CompuServe, a libel case. What you may not know is why
the decision is such an important one. By holding that CompuServe
should not be liable for defamation posted by a third-party user, the
court in this case correctly analyzed the First Amendment needs of
most online services. And because it's the first decision to deal
directly with these issues, this case may turn out to be a model for
future decisions in other courts.

The full name of the case, which was decided in the Southern District
of New York, is Cubby Inc. v. CompuServe. Basically, CompuServe
contracted with a third party for that user to conduct a
special-interest forum on CompuServe. The plaintiff claimed that
defamatory material about its business was posted a user in that
forum, and sued both the forum host and CompuServe. CompuServe moved
for, and received, summary judgment in its favor.

Judge Leisure held in his opinion that CompuServe is less like a
publisher than like a bookstore owner or book distributor. First
Amendment law allows publishers to be liable for defamation, but not
bookstore owners, because holding the latter liable would create a
burden on bookstore owners to review every book they carry for
defamatory material. This burden would "chill" the distribution of
books (not to mention causing some people to get out of the bookstore
business) and thus would come into serious conflict with the First
Amendment.

So, although we often talk about BBSs as having the rights of
publishers and publications, this case hits on an important
distinction. How are publishers different from bookstore owners?
Because we expect a publisher (or its agents) to review everything
prior to publication. But we *don't* expect bookstore owners to review
everything prior to sale.  Similarly, in the CompuServe case, as in
any case involving an online service in which users freely post
messages for the public (this excludes Prodigy), we wouldn't expect
the online-communications service provider to read everything posted
*before* allowing it to appear.

It is worth noting that the Supreme Court case on which Judge Leisure
relies is Smith v. California--an obscenity case, not a defamation
case.  Smith is the Supreme Court case in which the notion first
appears that it is generally unconstitutional to hold bookstore owners
liable for content. So, if Smith v. California applies in a
online-service or BBS defamation case, it certainly ought to apply in
an obscenity case as well.

Thus, Cubby, Inc. v. CompuServe sheds light not only on defamation law
as applied in this new medium but on obscenity law as well. This
decision should do much to clarify to concerned sysops what their
obligations and liabilities are under the law.

                   +++++++++++++++++++++++++++++++

Highlights of the CompuServe decision (selected by Danny Weitzner):

"CompuServe's CIS [CS Information Service] product is in essence an
electronic, for-profit library that carries a vast number of
publications and collects usage and membership fees from its subscribers
in return for access to the publications. CompuServe and companies like
it are at the forefront of the information industry revolution. High
technology has markedly increased the speed with which information is
gathered and processed; it is now possible for an individual with a
personal computer, modem, and telephone line to have instantaneous
access to thousands of news publications from across the United States
and around the world.  While CompuServe may decline to carry a given
publication altogether, in reality, once it does decide to carry a given
publication, it will have little or no editorial control over that
publication's contents.  This is especially so when CompuServe carries
the publication as part of a forum that is managed by a company
unrelated to CompuServe.  "... CompuServe has no more editorial control
over ... [the publication in question] ... than does a public library,
book store, or newsstand, and it would be no more feasible for
CompuServe to examine every publication it carries for potentially
defamatory statements than it would for any other distributor to do so."
"...Given the relevant First Amendment considerations, the appropriate
standard of liability to be applied to CompuServe is whether it knew or
had reason to know of the allegedly defamatory Rumorville statements."

Cubby, Inc. v. CompuServe, Inc. (90 Civ. 6571, SDNY)

------------------------------

Date: Thu, 09 Jan 92 15:54:48 -0600
From: CuD Moderators (tk0jut2@mvs.cso.niu.edu)
Subject: File 9--Senate Introduces Two FOIA Bills, S. 1929 & S. 1940

The latest (Vol. 16, #4, Dec., 1991) issue of _First Principles_
reports on the status of two Freedom of Information Act (FOIA) bills
introduced in the Senate in late 1991. The proposed amendments would
make it easier for citizens to obtain information, but more
importantly, would expand the availability of information in electronic
form.  The following is abstracted from the article, "Senate
Introduces New FOIA Bills" (pp 6, 9), by Gary M. Stern.

     Senator Patrick Leahy (D-VT) introduced two bills to amend the
     Freedom of Information Act: S. 1939, the "Freedom of Information
     Improvement Act of 1991," and S. 1940, the "Electronic Freedom of
     Information Improvement Act of 1991 (cosponsored by Hank Brown
     (R-CO)). The latter bill, in particular, presents the best
     opportunity in many years to enact significant FOIA reforms.

     S. 1940 would require the government to respond to FOIA requests
     in electronic form as well as on paper. Section 4 of the bill
     states that "(a)n agency shall provide records in any form in
     which such records are maintained by that agency as requested by
     any person. (C)An agency shall make resonable efforts to provide
     records in an electronic form requested by any person, even where
     such records are not usually maintained in such form." Section 3
     of the bill would make the Federal Register accessible electronically
     and would require each government agency to publish an index of
     all information retrievable in electronic form, to describe all
     databases used by the agency, and to list all statutes that the
     agency uses to withhold information under exemption (b)(3).

In addition, S. 1940 would:

1) Address the problem of delays in responding to FOIA requests
2) Require the agency to notify the requester of "the total number
   of denied records and paes considered by the agency
   to have been responsive to the request."

S. 1939 would:

1) Narrow the scope of exemptions
2) Broaden the fee waiver and fee reduction requirements
3) Narrow the exemption concerning law enforcement records
4) Narrow the exemption to protect financial information

     The Senate Judiciary Subcommittee on Technology and the Law plans
     to hold hearings on the bills in March, 1992.  The ACLU/CNNS is
     organizing a lobbying coalition in support of both of these
     bills. FOr more information, please call Gary Stern at
     202-675-2327.

_First Principles_ is published by the Center for National Security
Studies, 122 Maryland Avenue, NE, Washington, DC 20002.
Subscriptions are $15/year (and $10 for students). Sample copies
are available on request.

------------------------------

End of Computer Underground Digest #4.02
************************************