Computer underground Digest    Wed  Sep 21, 1994   Volume 6 : Issue 83
                           ISSN  1004-042X

       Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
       Archivist: Brendan Kehoe
       Retiring Shadow Archivist: Stanton McCandlish
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Urban Legend Editor:  E. Greg Shrdlugold

CONTENTS, #6.83 (Wed, Sep 21, 1994)

File 1--EPIC Letter on Wiretap Bill
File 2--EFF Policy Dir. Jerry Berman, 09/13/94 HR Testimony on DigTel bill
File 3--Dig Teleph Bill (HR 4922) to be marked up in Sen. Judic. Comm
File 4-- For CUD: Pizza by E-mail in Santa Cruz
File 5--One Hundred Reasons to Oppose the FBI Wiretap Bill (CPSR)
File 6--Cu Digest Header Information (unchanged)

CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.

----------------------------------------------------------------------

Date: Wed, 21 Sep 1994 16:25:03 EST
From: David Sobel <dsobel@WASHOFC.EPIC.ORG>
Subject: File 1--EPIC Letter on Wiretap Bill

                     EPIC Letter on Wiretap Bill
                          September 13, 1994

Hon. Jack Brooks
Chairman
Committee on the Judiciary
U.S. House of Representatives
2138 Rayburn House Office Bldg.
Washington, DC 20515

Dear Chairman Brooks:

 We are writing with regard to H.R. 4922, the Federal Bureau
of Investigation's proposed wiretap legislation now pending before
the Judiciary Committee.  As you know, the current bill is the
most recent version to emerge from a process that began more than
two years ago, when the FBI first sought legislation to ensure its
ability to conduct electronic surveillance through mandated design
changes in the nation's information infrastructure.  The
Electronic Privacy Information Center (EPIC) has monitored that
process closely and has scrutinized the FBI's claims that remedial
legislation is necessary.  EPIC has sponsored conferences at which
the need for such legislation was debated with the participation
of the law enforcement community, the telecommunications industry
and privacy advocates.  We have also sought the disclosure of all
relevant information through a series of requests under the
Freedom of Information Act.  Having thus examined the issue, EPIC
remains unconvinced of the necessity or advisability of the
pending bill.


The Need for the Proposed Legislation

 As a threshold matter, we do not believe that a compelling
case has been made that new communications technologies hamper the
ability of law enforcement agencies to execute court orders for
electronic surveillance. For more than two years, EPIC has sought
the public disclosure of any FBI records that might document the
alleged problem.  To date, no such documentation has been
released.  We recently initiated litigation under the FOIA in
federal district court seeking disclosure of two internal FBI
surveys cited by Director Freeh in support of the proposed
legislation.  Through earlier litigation we discovered that no FBI
field offices had reported technical difficulties in executing
court-ordered electronic surveillance.  In fact, several field
offices reported that they had not encountered such problems.

 Without public scrutiny of factual information on the nature
and extent of the alleged technological impediments to
surveillance, the FBI's claims remain anecdotal and speculative.
Indeed, representatives of the telecommunications industry have
consistently maintained that they are unaware of any instances in
which a communications carrier has been unable to comply with law
enforcement's requirements.  For instance, in Congressional
testimony on March 18, 1994, Roy Neel, President of the United
States Telephone Association stated that,

     In the quarter century since the federal government
     first authorized court ordered wiretaps there have been
     tens of thousands of requests for assistance from local
     telephone exchange companies.  In virtually every
     instance the local telephone company provided the
     appropriate law enforcement authority with the timely
     assistance it needed to effect the intercept.

 Under these circumstances, the nation should not embark upon
a costly and potentially dangerous re-design of its telecommunica-
tions network solely to protect the viability of fewer than 1000
annual surveillances against wholly speculative impediments.


Increased Risk of Network Vulnerability

 Our nation's communications infrastructure has never before
been designed with the stated purpose of facilitating the
interception of private communications.  The proposed legislation
would require, for the first time, that the telephone network must
have vulnerabilities intentionally built into it.  The potential
pitfalls of such a course are apparent.  As the General Services
Administration noted in its analysis of an earlier version of the
FBI's proposal (which we obtained under the FOIA),

     The proposed legislation would assist eavesdropping by
     law enforcement, but it would also apply to users who
     acquire the new technology capability and make it easier
     for criminals, terrorists, foreign intelligence (spies)
     and computer hackers to electronically penetrate the
     phone network and pry into areas previously not open to
     snooping.  This situation of easier access due to new
     technology changes could therefore affect national
     security.

 As your report on the Computer Security Act of 1987 noted,
"lack of computer security is a serious problem since such systems
are the core of every modern organization."  H. Rpt. 100-153, Part
2, at 10.  With an ever-increasing flow of sensitive commercial
and personal information traveling through the communications
infrastructure, we should be seeking to strengthen the security of
those transmissions.  Unfortunately, as the GSA recognized, the
pending legislation is likely to have the precise opposite effect
on communications security.


A Threat to Privacy in the Future

     We also believe that the proposed legislation would establish
a dangerous precedent for the future.  While the FBI claims that
the legislation would not enhance its surveillance powers beyond
those contained in existing law, the pending bill represents a
fundamental change in the law's approach to electronic
surveillance and police powers generally.  The legislation would,
for the first time, mandate that our means of communications must
be designed to facilitate government interception.  While we as a
society have always recognized law enforcement's need to obtain
investigative information upon presentation of a judicial warrant,
we have never accepted the notion that the success of such a
search must be guaranteed.  By mandating the success of police
searches through the re-design of the telephone network, the
proposed legislation breaks troubling new ground.  The principle
underlying the pending bill could easily be applied to all
emerging information technologies and be incorporated into the
design of the National Information Infrastructure.  It could also
soon lead to the prohibition of encryption techniques other than
government-designed "key escrow" or "Clipper" type systems.

     In short, EPIC believes that the proposed FBI wiretap bill
raises substantial civil liberties and privacy concerns.  The
present need for the legislation has not been established and its
future implications are frightening.  In the spring of 1992, you
convened hearings on law enforcement's claimed need to restrict
the development and use of privacy-enhancing encryption
technology.  You observed that "the decisions we make in this area
could have a profound impact on the future of U.S. industry and
our society as a whole."  We share your concern and urge you to
examine closely both the claimed need for H.R. 4922 and its
desirability for our democratic society.





        Sincerely,

______________________________  ______________________________
Marc Rotenberg     David L. Sobel
Director      Legal Counsel

------------------------------

Date: Wed, 21 Sep 1994 16:22:11 EST
From: mech@eff.org (Stanton McCandlish)
Subject: File 2--EFF Policy Dir. Jerry Berman, 09/13/94 HR Testimony on DigTel b
ill

Electronic Frontier Foundation

Testimony of

Jerry J. Berman, Policy Director
Electronic Frontier Foundation

before the

United States House Of Representatives
Committee on Energy and Commerce
Subcommittee On Telecommunications and Finance

Hearing on

Digital Telephony Legislation (H.R. 4922)

September 13, 1994

Chairman Markey and Members of the Subcommittee:

        I want to thank you for the opportunity to testify today on the
recently introduced Digital Telephony bill (H.R. 4922, S. 2375).  Over
the past several years under the leadership of Chairman Markey,
Representatives Fields, Boucher, and others, the Subcommittee has
demonstrated knowledge, sensitivity, and vision in crafting our nation's
telecommunications policy.  I am pleased that the Subcommittee has
chosen to apply its experience and expertise to the extraordinarily
complex issues posed by the Digital Telephony legislation.
        The Electronic Frontier Foundation (EFF) is a public interest
membership organization dedicated to achieving the democratic potential
of new communications and computer technology and works to protect civil
liberties in new digital environments.  EFF also coordinates the Digital
Privacy and Security Working Group (DPSWG), a coalition of more than 50
computer, communications, and public interest organizations and
associations working on communications privacy issues.  I am testifying
today, however, only on behalf of EFF.
        Since 1992, the Electronic Frontier Foundation has opposed a
series of FBI Digital Telephony proposals, each of which would have
forced communications companies to install wiretap capability into every
communications network. However, earlier this year, when it became
apparent that some version of the bill would pass the Congress, Senator
Patrick Leahy and Representative Don Edwards asked EFF, along with
computer and communications industry groups, to participate in a process
that would yield a narrow bill that both met law enforcement needs and
had strong privacy protections.  The result of that process is the bill
before us today.
        EFF remains deeply troubled by the prospect of the federal
government requiring communications networks to be made "wiretap ready,"
but we believe that this legislation is substantially less intrusive
that the original FBI proposals. If Congress is going to act in this
area, it should work to improve and pass this version of the
legislation.
        As I testified to before a joint hearing of the House Subcommittee
on Civil and Constitutional Rights and the Senate Subcommittee on
Technology and the Law on August 11, 1994, we have worked diligently on
this legislation with all interested parties in an effort to strike a
careful balance between law enforcement's ability to conduct electronic
surveillance and the more important public good -- the right to privacy
guaranteed by the 4th amendment. The bill strikes this balance in a
number of critical areas:

        *  Law enforcement gains no additional authority to conduct
           electronic surveillance.  The warrant requirements specified
           under current law remain unchanged

        *  The standard for law enforcement access to online
           transactional records is raised to require a court order
           instead of a mere subpoena

        *  Information gleaned from pen register devices is limited to dialed
           number information only.  Law enforcement may not receive
           location-specific information

        *  The bill does not preclude a citizen's right to use encryption

        *  Privacy must be maintained in making new technologies
           conform to the requirements of the bill and privacy groups
           may intervene in the administrative standard-setting
           process.

         However, Mr. Chairman, the effectiveness of these privacy
protections, as well as the future of technological innovation and the
deployment of advanced telecommunications services to the American
public, turn on one critical issue which remains to be addressed:  Who
assumes the risk and pays the cost of complying with the bill's
requirements?  The government or industry?
          EFF believes that allocating the risk and cost to industry will
place privacy and security at risk if industry is required to foot the
bill for unnecessary or unwarranted surveillance capabilities.
Similarly, privacy may be shortchanged if industry takes short cuts to
save costs in meeting the legislation's requirements.   Industry may
also be discouraged from deploying new and innovative technologies
because of the costs of law enforcement compliance features.  Finally,
public accountability is undermined by making potentially significant
law enforcement costs without public scrutiny and debate.   In our view,
the public interest can only be served if government assumes the risk
and pays the costs of compliance.  While effective law enforcement may
be in the public interest, it should not come at the expense of other
public goods --  privacy, public accountability, and technological
innovation.  To resolve this issue, we believe that the legislation
should be amended to require government to pay all reasonable costs
incurred to meet the statute's requirements on an ongoing basis.

A.      Linkage of cost to compliance requirements in the first four
        years -- the FBI gets what it pays for and no more

        The bill authorizes, but does not appropriate, $500 million to be
spent by the government in reimbursing telecommunications carriers for
bringing their networks into compliance with the bill within the first
four years of enactment. The FBI maintains that this is enough money to
cover all reasonable expenses of retrofitting. The industry, however,
has consistently maintained that the costs are five to ten times higher.
Given the FBI's confidence in their cost estimate, we believe that
telecommunications carriers should only be required to comply to the
extent that they have been reimbursed.
        In his testimony before a joint hearing of the House Subcommittee
on Civil and Constitutional Rights and the Senate Subcommittee on
Technology and the Law on August 11, 1994, the FBI director stated that
"I think it would be [...] extremely unlikely for a district court judge
in the process which is contemplated by this legislation to force
compliance or use of any sanctions when compliance is impossible because
of the non-reimbursement which is the predicate in the legislation".
Based on the Director's previous testimony and other discussions with
the FBI, EFF believes that the bill should include a provision to
directly link telecommunications carriers liability with government
reimbursement for retrofitting.


B.      Government reimbursement for compliance costs after four years
        -- public accountability necessary

        The problem, Mr. Chairman, is that under the current bill, the
government is not responsible for paying the cost of meeting the
mandated capability requirements after four years, particularly with
respect to new services. The FBI has repeatedly argued that the costs
for incorporating surveillance capabilities in new services at the
design stage will be de minimis, a contention which most industry
representatives and EFF believe may not be correct.
        As this Subcommittee is aware, it is impossible to estimate
compliance costs for technologies which are not even on the drawing
boards.  The way to resolve the issue is to have the government assume
the risks.
        If costs for compliance after four years are truly de minimis,
then the expenses born by the taxpayers will be minimal.  If, however,
costs are substantial, the government should pay.  This will insure that
the government,  on a case-by-case basis and with an opportunity for
public oversight, determines if compliance is significant enough to pay
for out of taxpayers' funds.  This will also ensure that the government
sets law enforcement priorities.
        As I stated earlier,  if the telecommunications industry is
responsible for all future compliance costs, it may be forced to accept
solutions which short-cut the privacy and security of telecommunications
networks, or be forced to leave advanced features on the shelf, slowing
technological innovation and the development of the NII.  Linking
compliance to government reimbursement in the out years also has the
added benefit of providing public oversight and accountability for law
enforcement surveillance capability.
        The drafters of this legislation have wisely included public
oversight of government surveillance expenditures in the first four
years.  This same principal should be applied to out year compliance
costs.

C.      Ensure the right to deploy untappable services

        The enforcement provisions of the bill suggest, but do not state
explicitly, that services which are untappable may be deployed.
Having worked for many years towards the goal of promoting the
development of the NII, the members of this Subcommittee are clearly
aware that its promise and potential rest on the deployment of advanced
technologies and services.  EFF remains deeply concerned that
technological innovation and the deployment of advanced
telecommunications services to the public may be stifled if
telecommunications carriers are forced to incur huge costs for
compliance, or if the Government is allowed to prohibit a new feature or
service from being deployed.  Although EFF believes that the bill
intends to allow carriers to deploy untappable features or services,
the bill must clearly state that if it is technically and economically
unreasonable to make a service tappable, or if the government has failed
to reimburse a carrier for compliance costs, then it may be deployed,
without interference by a court.  Making the government responsible for
all reasonable costs of having new services comply with the legislation
will go a long way to insuring that this legislation will not be a drag
on innovation.

D.      Additional areas where strengthening is necessary

        In addition to our concerns about compliance costs, EFF believes
that the bill requires strengthening in the following areas before final
passage:


1.      Strengthened public process

        In the first four years of the bill's implementation, most of the
requests that law enforcement makes to carriers are required to be
recorded in the public record. However, additional demands for
compliance after that time are only required to be made by written
notice to the carrier.   To facilitate public scrutiny, the bill should
require all compliance requirements, whether initial requests or
subsequent modification, must be recorded in the Federal Register.

2.      Clarify definition of call identifying information

        The definition of call identifying information in the bill is too
broad. Whether intentionally or not, the term now covers network
signaling information of networks which are beyond the scope of the
bill.  As drafted, the definition would appear to require
telecommunications carriers to deliver not only the signaling
information generated by their own services, but also the signaling
information generated by information services and electronic
communication services that travel over the facilities of the
telecommunication carrier.  In many cases this may be technically
impractical.  Moreover, it is contrary to the policy adopted by the bill
to maintain a narrow scope.

3.      Review of minimization requirements in view of commingled
        communications

        The bill implicitly contemplates that law enforcement, in some
cases, will intercept large bundles of communications, some of which are
from subscribers who are not subject of wiretap orders. For example,
when tapping a single individual whose calls are handled by a PBX, law
enforcement may sweep in calls of other individuals as well. Currently
the Constitution and Title III requires "minimization" procedures in all
wiretaps, to minimize the intrusion on the privacy of conversations not
covered by a court's wiretap order.  In the world of 1968, when the
original Wiretap Act was passed, most subscribers telecommunications
facilities carried single conversations on single lines.  But today,
many conversations are co-mingled on one broadband communications
facility.  In order to ensure that constitutionally-mandated
minimization is maintained, the bill should recognize that stronger
minimization procedures may be required.

E. New privacy protections

        The Digital Telephony legislation before us includes significant
recognition that new communication technologies, and new patterns of
technology use, require new privacy protections.  Thanks to the work of
Senator Leahy and Representative Edwards and Senator Biden, the bill
contains a number of significant privacy advances, including enhanced
protection for the detailed transactional information records generated
by online information services, email systems, and the Internet.  These
protections should remain in the legislation.

1.      Expanded protection for transactional records sought by law
        enforcement

        Chief among these new protections is an enhanced protection for
transactional records from indiscriminate law enforcement access.  For
purposes of maintenance and billing, most online communication and
information systems create detailed records of users' communication
activities as well as lists of the information that they have accessed.
Provisions in the bill recognize that this transactional information
created by new digital communications systems is extremely sensitive and
deserves a high degree of protection from casual law enforcement access
which is currently possible without any independent judicial
supervision.
        EFF commends the authors of this legislation for recognizing that
law enforcement access to transactional records in online communication
systems (everything from the Internet to America OnLine to hobbyist
BBSs) threatens privacy rights.  Indiscriminate access to transactional
records implicates privacy interests because:

        * the records are personally identifiable,
        * they reveal the content of people's communications, and,
        * the compilation of such records makes it easy for law enforcement
          to create a detailed picture of people's lives online.

Based on this recognition, the draft bill contains the following
provisions:

        * Court order required for access to transactional records instead
          of mere subpoena

        In order to gain access to transactional records, such as a list
of to whom a subject sent email, which online discussion group one
subscribes to, or which movies a subject requested on a pay-per view
channel, law enforcement will have to prove to a court, by the showing
of "specific and articulable facts" that the records requested are
relevant to an ongoing criminal investigation. This means that the
government may not request volumes of transactional records merely to
see what it can find through traffic analysis. Rather, law enforcement
will have to prove to a court that it has reason to believe that it will
find specific information relevant to an ongoing criminal investigation
in the records it requests.
        With these provisions, we have achieved for all online systems a
significantly greater level of protection than exists today for records
such as email logs, and greater protection than currently exists for
telephone toll records. The lists of telephone calls that are kept by
local and long distance phone companies are available to law enforcement
without any judicial intervention at all. Law enforcement gains access
to hundreds of thousands of such telephone records each year, without a
warrant and without even notice to the citizens involved. Court order
protection will make it much more difficult for law enforcement to go on
"fishing expeditions" through online transactional records, hoping to
find evidence of a crime by accident.  We have also submitted a detailed
memorandum on the importance of protection and would ask that this
document be included in the record of these proceedings along with this
testimony.

        * Standard of proof much greater than for telephone toll records,
          but below that for content

        The most important change that these new provisions offer is that
law enforcement will: (a) have to convince a judge that there is reason
to look at a particular set of records, and; (b) have to expend the time
and energy necessary to have a United States Attorney or District
Attorney actually present a case before a court. However, the burden of
proof to be met by the government in such a proceeding is lower than
required for access to the content of a communication.

2.      New protection for location-specific information available in
        cellular, PCS and other advanced networks

        Much of the electronic surveillance conducted by law enforcement
today involves gathering telephone dialing information through a device
known as a pen register. Authority to attach pen registers is obtained
merely by asserting that the information would be relevant to a criminal
investigation. Under current law, courts must approve pen register
requests without any substantive review of the basis for law
enforcement's request. This legislation offers significant new limits on
the use of pen register data.
        Under this bill, when law enforcement seeks pen register
information from a telecommunications carrier, the carrier is forbidden
to deliver to law enforcement any information which would disclose the
location or movement of the calling or called party. Cellular phone
networks, PCS systems, and so-called "follow-me" services all store
location information in their networks. This new limitation is a major
safeguard which will prevent law enforcement from casually using mobile
and intelligent communications services as nation-wide tracking systems.

3.      New limitations on "pen register" authority

        Contemporary uses of pen registers also involve substantial
privacy invasion, even aside from location information.  Currently, law
enforcement is able to use pen registers to capture not only the
telephone number dialed, but also any other touch-tone digits dialed
which reflect the user's interaction with an automated information
service on the other end of the line, such as an automatic banking
system or a voice-mail password. If this bill is enacted, law
enforcement would be required to use "technology reasonably available"
to limit pen registers to the collection of calling number information
only.  We are aware that new pen register devices are now on the market
which automatically screen out all dialed digits except for the actual
telephone numbers.  Just as this bill would require telecommunications
carriers to deploy technology which facilitates taps, we believe that
law enforcement should be required to deploy technology which shields
users communications from unauthorized invasion.

4.      Bill does not preclude use of encryption

        Unlike previous Digital Telephony proposals, this bill places no
obligation on telecommunication carriers to decipher encrypted messages,
unless the carrier actually holds the key to the message as well.

5.      Automated remote monitoring precluded

        Law enforcement is specifically precluded from having automated,
remote surveillance capability. Any court-ordered electronic
surveillance must be initiated by an employee of the telecommunications
carrier, upon request by law enforcement.  Maintaining operational
separation between law enforcement agents and communication networks is
an important privacy safeguard.

6.      Privacy considerations essential to development of new technology

        One of the requirements that telecommunications carriers must meet
to be in compliance with the bill is that the wiretap access methods
adopted must protect the privacy and security of each user's
communication. If this requirement is not met, anyone may petition the
FCC to have the wiretap access requirements modified so that network
security is maintained. This requirement, just like those designed to
serve law enforcement's needs, must be carefully implemented and
monitored so that  the technology used to conduct wiretaps cannot also
jeopardize the security of the network as a whole. If network-wide
security problems arise because of wiretapping standards, then the
standards should be overturned.

F.      Improvements over previous Administration proposals

        In addition to the privacy protections added to this bill, we also
note that the surveillance requirements are not as far-reaching as the
original FBI version. A number of procedural safeguards are added which
seek to minimize the threatens to privacy, security, and innovation.
Though the underlying premise of the bill is still cause for concern,
these new limitations deserve attention:

1.      Narrow Scope

        The bill explicitly excludes Internet providers, email systems,
BBSs, and other online services. Unlike the bills previously proposed by
the FBI, this bill is limited to local and long distance telephone
companies, cellular and PCS providers, and other common carriers.

2.      Open process with public right of intervention

        The public will have access to information about the
implementation of the bill, including open access to all standards
adopted in compliance with the bill, the details of how much wiretap
capacity the government demands, and a detailed accounting of all
federal money paid to carriers for modifications to their networks.
Privacy groups, industry interests, and anyone else has a statutory
right under this bill to challenge implementation steps taken by law
enforcement if they threaten privacy or impede technology advancement.

3.      Technical requirements standards developed by industry instead of
        the Attorney General

        All surveillance requirements are to be implemented according to
standards developed by industry groups. The government is specifically
precluded from forcing any particular technical standard, and all
requirements are qualified by notions of economic and technical
reasonableness.

4.      Right to deploy untappable services

        Unlike the original FBI proposal, this bill recognizes that there
may be services which are untappable, even with Herculean effort to
accommodate surveillance needs. We understand that the bill intends to
allow untappable services to be deployed if redesign is not economically
or technically feasible.  These provisions, however, should be
clarified.

G.      Conclusion

        In closing, I would like to thank Chairman Markey and members of
the Subcommittee, as well as others who have worked so hard on this
legislation.  The Electronic Frontier Foundation looks forward to
working with all of you as the bill moves through the legislative
process.

------------------------------

Date: Thu, 22 Sep 1994 00:27:05 -0400 (EDT)
From: "Shabbir J. Safdar" <shabbir@PANIX.COM>
Subject: File 3--Dig Teleph Bill (HR 4922) to be marked up in Sen. Judic. Comm

     DISTRIBUTE WIDELY (though no later than October 15, 1994)

[If you've only got 2 minutes, skip down to the "What You Can Do"
 section.

The place to concentrate grass-roots efforts is now the Senate!  The
Senate half of this bill is about to be "marked up" in the Judiciary
Committee.  This is a great time to stop it.  Your Senator needs to
hear from you!]

The FBI's Wiretap bills (also known as the DT - Digital Telephony bills)
mandate that *all* communications carriers must provide wiretap-ready
equipment so that the FBI can more easily implement their court-ordered
wiretaps more easily.  The costs of re-engineering all communications
equipment will be borne by the government, industry and consumers.

The bill is vague and the standards defining "wiretap ready" do not
exist.  Furthermore, the FBI has yet to make a case which demonstrates
that they have been unable to implement a single wiretap.  Although
we as a society have accepted law enforcement's need to perform
wiretaps, it is not reasonable to mandate this functionality as a part
of the design.  In itself, that would be an important balance.  However
without any proof that this is indeed a realistic and present problem,
it is unacceptable and premature to pass this legislation today.

The Voters Telecomm Watch (VTW) does not believe the FBI has made a
compelling case to justify that all Americans give up their privacy.
Furthermore, the VTW does not believe the case has been made to justify
spending 500 million Federal dollars over the next 4 years to
re-engineer equipment to compromise privacy, interfere with
telecommunications privacy, and fulfill an unproven government need.


WHAT YOU CAN DO
  ========================
You can help stop this legislation before it is too late!
Contact your Senators, especially if they're on the Judiciary
Committee.  Faxes are best, phone calls are second best; email
is probably not the greatest method of showing your opposition.
Congress just doesn't handle email well yet.


Step 1.
Figure out which state you're in. :-)
Find your two Senators on the lists appended.

Step 2. Pick up the phone, or type up your letter.

Step 3. Express your opinion.  If you're at a loss for words, use
  our sample communique below:

SAMPLE PHONE CALL

The FBI's Digital Telephony bill (SB 2375) affects the delicate
balance between the public's privacy and law enforcement's need
to perform wiretaps.  It will require huge unknown amounts of
funding, and its need has not yet been justified by the FBI to
the public.

Please vote against SB 2375.

Thank you,

___________________

SAMPLE FAX
Dear Honorable Senator _______________,

The FBI's Digital Telephony bill (SB 2375) disturbs me
greatly.  The FBI has not yet made their case to the public
that we need to build wiretap functionality into the telephones
of 250 million people to justify wiretaps which have not yet
been proven to be difficult to implement.

Furthermore, no one has yet explained how we as a nation are
going to pay for the costs of this bill, which are at least 500
million dollars and likely to be higher.

The bill would clearly compromise the privacy of all Americans
with no counterbalancing benefit to either law enforcement or
the public.  The FBI has not yet demonstrated to the public a
need for this.

I urge you to oppose the Digital Telephony bill (SB 2375).

Sincerely,

___________________

Step 4. Feel good about yourself.  You've just participated in democracy
without leaving your seat.

Step 5. [Extra special bonus step for activists :-]
Before you hang up, ask your Senator's staff member what
their position is on SB 2375.  It's not an unreasonable question,
they were elected to represent people like you.  Mail the answer
to vtw@vtw.org.  We believe in making legislators accountable
for their positions.

For more information about the Digital Telephony bills, check the
Voters Telecomm Watch gopher site (gopher.panix.com) or contact Steven
Cherry, VTW Press Contact at (718) 596-2851 or stc@vtw.org.

VTW posts a Digital Telephony FAQ monthly to several Usenet newsgroups
including comp.org.cpsr.talk and comp.org.eff.talk.  Look for it or
contact us at vtw@vtw.org for a copy.

List of Senators on the Judiciary Committee:
p st name                       phone           fax
  ========================
D DE Biden Jr., Joseph R.       1-202-224-5042  na
Note: Sen. Biden is both the Chairman and a cosponsor of the bill
R UT Hatch, Orrin G.            1-202-224-5251  1-202-224-6331
D MA Kennedy, Edward M.         1-202-224-4543  1-202-224-2417
R SC Thurmond, Strom            1-202-224-5972  1-202-224-1300
D OH Metzenbaum, Howard         1-202-224-2315  1-202-224-6519
R WY Simpson, Alan K.           1-202-224-3424  1-202-224-1315
D AZ DeConcini, Dennis          1-202-224-4521  1-202-224-2302
R IA Grassley, Charles E.       1-202-224-3744  na
D VT Leahy, Patrick J.          1-202-224-4242  na
Note: Sen. Leahy is the bill's sponsor
R PA Specter, Arlen             1-202-224-4254  na
D AL Heflin, Howell T.          1-202-224-4124  1-202-224-3149
R CO Brown, Henry               1-202-224-5941  na
D IL Simon, Paul                1-202-224-2152  1-202-224-0868
R ME Cohen, William S.          1-202-224-2523  1-202-224-2693
D WI Kohl, Herbert H.           1-202-224-5653  na
R SD Pressler, Larry            1-202-224-5842  1-202-224-1630
D CA Feinstein, Diane           1-202-224-3841  na
D IL Moseley-Braun, Carol       1-202-224-2854  na


Complete list of Senators:
p st name                       phone           fax
  ========================
R AK Murkowski, Frank H.        1-202-224-6665  1-202-224-5301
R AK Stevens, Ted               1-202-224-3004  1-202-224-1044
D AL Heflin, Howell T.          1-202-224-4124  1-202-224-3149
D AL Shelby, Richard C.         1-202-224-5744  1-202-224-3416
D AR Bumpers, Dale              1-202-224-4843  1-202-224-6435
D AR Pryor, David               1-202-224-2353  na
D AZ DeConcini, Dennis          1-202-224-4521  1-202-224-2302
R AZ McCain, John               1-202-224-2235  na
D CA Boxer, Barbara             1-202-225-5161  na
D CA Feinstein, Diane           1-202-224-3841  na
D CO Campbell, Ben N.           1-202-225-4761  1-202-225-0228
R CO Brown, Henry               1-202-224-5941  na
D CT Dodd, Christopher J.       1-202-224-2823  na
D CT Lieberman, Joseph I.       1-202-224-4041  1-202-224-9750
D DE Biden Jr., Joseph R.       1-202-224-5042  na
R DE Roth Jr., William V.       1-202-224-2441  1-202-224-2805
D FL Graham, Robert             1-202-224-3041  na
R FL Mack, Connie               1-202-224-5274  1-202-224-8022
D GA Nunn, Samuel               1-202-224-3521  1-202-224-0072
R GA Coverdell, Paul            1-202-224-3643  na
D HI Akaka, Daniel K.           1-202-224-6361  1-202-224-2126
D HI Inouye, Daniel K.          1-202-224-3934  1-202-224-6747
D IA Harkin, Thomas             1-202-224-3254  1-202-224-7431
R IA Grassley, Charles E.       1-202-224-3744  na
R ID Craig, Larry E.            1-202-224-2752  1-202-224-2573
R ID Kempthorne, Dirk           1-202-224-6142  1-202-224-5893
D IL Moseley-Braun, Carol       1-202-224-2854  na
D IL Simon, Paul                1-202-224-2152  1-202-224-0868
R IN Coats, Daniel R.           1-202-224-5623  1-202-224-8964
R IN Lugar, Richard G.          1-202-224-4814  na
R KS Dole, Robert               1-202-224-6521  1-202-224-8952
R KS Kassebaum, Nancy L.        1-202-224-4774  1-202-224-3514
D KY Ford, Wendell H.           1-202-224-4343  na
R KY McConnell, Mitch           1-202-224-2541  1-202-224-2499
D LA Breaux, John B.            1-202-224-4623  na
D LA Johnston, J. Bennett       1-202-224-5824  na
D MA Kennedy, Edward M.         1-202-224-4543  1-202-224-2417
D MA Kerry, John F.             1-202-224-2742  na
D MD Mikulski, Barbara A.       1-202-224-4654  1-202-224-8858
D MD Sarbanes, Paul S.          1-202-224-4524  1-202-224-1651
D ME Mitchell, George J.        1-202-224-5344  na
R ME Cohen, William S.          1-202-224-2523  1-202-224-2693
D MI Levin, Carl                1-202-224-6221  na
D MI Riegle Jr., Donald         1-202-224-4822  1-202-224-8834
D MN Wellstone, Paul            1-202-224-5641  1-202-224-8438
R MN Durenberger, David         1-202-224-3244  na
R MO Bond, Christopher S.       1-202-224-5721  1-202-224-8149
R MO Danforth, John C.          1-202-224-6154  na
R MS Cochran, Thad              1-202-224-5054  na
R MS Lott, Trent                1-202-224-6253  1-202-224-2262
D MT Baucus, Max                1-202-224-2651  na
R MT Burns, Conrad R.           1-202-224-2644  1-202-224-8594
R NC Faircloth, D. M.           1-202-224-3154  1-202-224-7406
R NC Helms, Jesse               1-202-224-6342  na
D ND Conrad, Kent               1-202-224-2043  na
D ND Dorgan, Byron L.           1-202-225-2611  1-202-225-9436
D NE Exon, J. J.                1-202-224-4224  na
D NE Kerrey, Joseph R.          1-202-224-6551  1-202-224-7645
R NH Gregg, Judd                1-202-224-3324  na
R NH Smith, Robert              1-202-224-2841  1-202-224-1353
D NJ Bradley, William           1-202-224-3224  1-202-224-8567
D NJ Lautenberg, Frank R.       1-202-224-4744  1-202-224-9707
D NM Bingaman, Jeff             1-202-224-5521  na
R NM Domenici, Pete V.          1-202-224-6621  1-202-224-7371
D NV Bryan, Richard H.          1-202-224-6244  na
D NV Reid, Harry                1-202-224-3542  1-202-224-7327
D NY Moynihan, Daniel P.        1-202-224-4451  1-202-224-9293
R NY D'Amato, Alfonse M.        1-202-224-6542  1-202-224-5871
D OH Glenn, John                1-202-224-3353  na
D OH Metzenbaum, Howard         1-202-224-2315  1-202-224-6519
D OK Boren, David L.            1-202-224-4721  na
R OK Nickles, Donald            1-202-224-5754  1-202-224-6008
R OR Hatfield, Mark O.          1-202-224-3753  na
R OR Packwood, Robert           1-202-224-5244  na
D PA Wofford, Harris            1-202-224-6324  1-202-224-4161
R PA Specter, Arlen             1-202-224-4254  na
D RI Pell, Claiborne            1-202-224-4642  1-202-224-4680
R RI Chafee, John H.            1-202-224-2921  na
D SC Hollings, Ernest F.        1-202-224-6121  na
R SC Thurmond, Strom            1-202-224-5972  1-202-224-1300
D SD Daschle, Thomas A.         1-202-224-2321  1-202-224-2047
R SD Pressler, Larry            1-202-224-5842  1-202-224-1630
D TN Mathews, Harlan            1-202-224-1036  1-202-228-3679
D TN Sasser, James              1-202-224-3344  na
D TX Krueger, Robert            1-202-224-5922  na
R TX Gramm, Phil                1-202-224-2934  na
R UT Bennett, Robert            1-202-224-5444  na
R UT Hatch, Orrin G.            1-202-224-5251  1-202-224-6331
D VA Robb, Charles S.           1-202-224-4024  1-202-224-8689
R VA Warner, John W.            1-202-224-2023  1-202-224-6295
D VT Leahy, Patrick J.          1-202-224-4242  na
R VT Jeffords, James M.         1-202-224-5141  na
D WA Murray, Patty              1-202-224-2621  1-202-224-0238
R WA Gorton, Slade              1-202-224-3441  1-202-224-9393
D WI Feingold, Russell          1-202-224-5323  na
D WI Kohl, Herbert H.           1-202-224-5653  na
D WV Byrd, Robert C.            1-202-224-3954  1-202-224-4025
D WV Rockefeller, John D.       1-202-224-6472  1-202-224-1689
R WY Simpson, Alan K.           1-202-224-3424  1-202-224-1315
R WY Wallop, Malcolm            1-202-224-6441  1-202-224-3230

------------------------------

Date:     Fri, 16 Sep 1994 18:27 CDT
From:     Bill Higgins-- Beam Jockey <HIGGINS@FNALV.BITNET>
Subject: File 4-- For CUD: Pizza by E-mail in Santa Cruz

In Santa Cruz, a Pizza Hut will now accept pizza delivery orders by
e-mail.  Wow.

After a much-forwarded press release landed in my mailbox, I phoned
one of the numbers to see if it was a hoax (well, if it is, at least
they have the phones covered convincingly), then fired up Mosaic to
look at the WWW page.  I append some excerpts from the press release
and an account of the project snagged (with permission) from one of
the PizzaNet Web pages.

History has been made.  Ordering pizza from your computer.  It's the
fulfillment of a hacker dream at least as old as computer networking.
(Is this indeed the first time such a service has been available?)

Bill Higgins                            Internet: HIGGINS@FNAL.FNAL.GOV
Fermi National Accelerator Laboratory   Bitnet:   HIGGINS@FNAL.BITNET
=========
FOR IMMEDIATE RELEASE            CONTACT:

Rob Doughty                      Elisheva Steiner
Pizza Hut, Inc.                  The Santa Cruz Operation, Inc.
TEL: 316/681-9602                TEL: 408/427-7252

            SCO AND PIZZA HUT ANNOUNCE PILOT PROGRAM
               FOR PIZZA DELIVERY ON THE INTERNET

           "PizzaNet'' Program Enables Computer Users
               to Electronically Order Deliveries


WICHITA, KS AND SANTA CRUZ, CA, SCO FORUM94  (August 22, 1994) --
(NASDAQ:SCOC) In  a revolutionary  spin on  business use  of  the
Information Superhighway,  The Santa  Cruz Operation,  Inc. (SCO)
and Pizza  Hut, Inc.  today announced "PizzaNet," a pilot program
that  enables   computer  users,   for   the   first   time,   to
electronically order  pizza delivery  from their  local Pizza Hut
restaurant via the worldwide Internet.

Pizza Hut  will launch  the PizzaNet pilot in the Santa Cruz area
on August 22 and use it to study the feasibility of expanding the
program to  other cities  in  the  U.S.  and  around  the  world.
Technology for  the pilot  program includes the SCO Global Access
product, an integrated Internet business server solution. The SCO
Global Access  incorporates advanced  NCSA  Mosaic  software  for
browsing the  Internet, and  the  custom  "PizzaNet"  application
software developed by SCO's Professional Services organization.

[...]

To participate in the PizzaNet Pilot, customers in the Santa Cruz
area need  computers with  Internet access  and  any  version  of
Mosaic,  such  as  Windows,  Mac,  or  UNIX.  Customers  use  the
Internet's World  Wide Web  to access  the  centralized  PizzaNet
server at  Pizza Hut  Headquarters in  Wichita, Kansas.  This 486
system runs SCO Open Server and SCO Global Access software, using
the Mosaic  and Hypertext  Transfer Protocol to present customers
with a customized menu page for ordering pizza deliveries. Mosaic
is widely used at many technology companies, government agencies,
and universities.  It is  rapidly being  adopted by many business
and home  users in response to the continuing availability of new
and innovative business and information services.

The customer  uses the  menu pages  to enter  name, address,  and
phone information, along with orders for pizza and beverages. The
order is  then transmitted  via the Internet back to Wichita, and
then relayed  via modem  and conventional  phone lines to the SCO
Open  Server   system  at   the  customer's   nearest  Pizza  Hut
restaurant. The  local restaurant  can then  telephone first-time
users to  verify orders.  All money  changes hand at the point of
delivery.

[...]

Santa  Cruz  Internet  users  can  access  PizzaNet  by  entering
http://www.pizzahut.com. To  obtain more  information on  SCO via
the Internet, enter http://www.sco.com.

[End of press release.  Text of WWW page with URL
http://www.pizzahut.com/team.html begins:]

                          The PizzaNet Team

PizzaNet is the brainchild of two cooperating companies: Pizza Hut
Inc. (PHI), and The Santa Cruz Operation (SCO).

In particular, it was conceived by Jon Payne (PHI), and Doug Michels
(SCO) while in a meeting discussing potential uses for the
``Information Super-Highway.''

The idea sort of stewed for a while, until Jon contacted SCO
Professional Services, to see if he could get some help implementing
this idea. From there, Phil Neuman (SCO's webmaster) and Steph Marr
(SCO chief consultant on the project) sat down to figure out if this
scheme the bosses had cooked up was really do-able.

Apparently, they decided it was.

Jon provided some initial screen layouts, while Phil and Steph tried
to figure a transaction flow that could be dealt with in HTML forms.
Kurt Schmidt (PHI) was trying to figure out a way to interface into
the existing SCO-based branch automation system used in Pizza Hut
stores. Kurt made this as painless as possible by tying into an
existing interface used by Pizza Hut Customer Service Centers.

With the initial forms done, Steph left Santa Cruz (phil was replacing
SCO's Web Server with a new system at the time), and went to Wichita
to work on integration with Kurt and PHOEBE (the Pizza Hut Order Entry
Back End) and to help get the 56Kbps Alternet link to the Internet up
and running.

After a few false starts, a few hundred cups of coffee, and only a
couple of weeks, the link was made, and the first pizza was ordered
and delivered (to Phil in Santa Cruz) on Friday, 12 August, 1994.

The system is now in pilot test within Santa Cruz; given that it is
successful there, it will become available for use throughout
Cyberspace where ever Pizza Hut stores are within delivery distance.

Pizza in Cyberspace.

Well, if you're going to have food here, it might as well be Pizza.

Sorry, there's no beer. :-)

PizzaNet Services / Pizza Hut Inc. / webmaster@PizzaHut.COM

------------------------------

Date: Fri, 16 Sep 1994 14:06:07 EST
From: Marc Rotenberg <rotenberg@WASHOFC.EPIC.ORG>
Subject: File 5--One Hundred Reasons to Oppose the FBI Wiretap Bill (CPSR)

((CuD MODERATORS' NOTE: CPSR is compiling a list of reasons to oppose
the FBI Wiretap Bill (HR 4922). CuD will reprint them periodically,
and we produce the first three here. HR 4922 is opposed by a broad
spectrum of organizations and citizens, because it greatly expands the
FBI's ability to intercept electronic communications. The complete
text of HR 4922 was reprinted in CuD 6.73).

100 Reasons to Oppose the FBI Wiretap Bill

REASON 2:  The Constitution protects the right of privacy, not the use
           of wiretap.

     Privacy is a Constitutional right.  The Fourth Amendment protects
privacy and the right of individuals to be free from unreasonable
search and seizure.  Wiretapping is permitted by federal statute only
in narrow circumstances.  It has no Constitutional basis.  Congress
could outlaw all wiretapping tomorrow if it chose to do so, but it
could not easily repeal the Fourth Amendment.

REASON 21:  The wiretap bill mandates new technologies for data
            surveillance

    The wiretap bill says that "a telecommunications carrier shall
ensure that it can enable government access to call-identifying
information."   This is the first time the U.S. government has
required by law that communications networks be designed to
facilitate electronic data surveillance. Telecommunications
firms, equipment manufacturers, and those who work in the hi-tech
industry face a legal obligation to design networks for electronic
monitoring.

REASON 60:  The bill contains no provisions to protect the
            confidentiality of telephone toll records.

    Tens of thousands of telephone toll records are obtained each year
by subpoena.  This process which allows the government to gather
private records  from the telephone companies by simply signing a
statement effectively endruns the Fourth Amendment premise that a
judge must first decide if the search is reasonable.  Experts on
wiretap law believe that stronger protections for telephone toll
records should be a top priority if the federal wiretap law is to be
amended.  This issue is no where addressed in the legislation now
pending in Congress.

                          ==================

What To Do: Fax Rep. Jack
Brooks (202-225-1584).  Express your concerns about the FBI Wiretap
proposal.
                     ============================
((100 Reasons is a project of the Electronic Privacy Information
Center (EPIC) in Washington, DC.  For more information:
100.Reasons@epic.org))

------------------------------

Date: Thu, 13 Aug 1994 22:51:01 CDT
From: CuD Moderators <tk0jut2@mvs.cso.niu.edu>
Subject: File 6--Cu Digest Header Information (unchanged)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send a one-line message:  SUB CUDIGEST  your name
Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on  internet);
and on Rune Stone BBS (IIRGWHQ) (203) 832-8441.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE:   from the ComNet in LUXEMBOURG BBS (++352) 466893;
          In ITALY: Bits against the Empire BBS: +39-461-980493
          In BELGIUM: Virtual Access BBS:  +32.69.45.51.77 (ringdown)

  UNITED STATES:  etext.archive.umich.edu (192.131.22.8)  in /pub/CuD/
                  ftp.eff.org (192.88.144.4) in /pub/Publications/CuD
                  aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
                  world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
                  uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/
                  wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
  EUROPE:         nic.funet.fi in pub/doc/cud/ (Finland)
                  ftp.warwick.ac.uk in pub/cud/ (United Kingdom)

  JAPAN:          ftp.glocom.ac.jp /mirror/ftp.eff.org/

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

------------------------------

End of Computer Underground Digest #6.83
************************************