Computer underground Digest    Sun  Jan 22, 1995   Volume 7 : Issue 05
                           ISSN  1004-042X

       Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
       Archivist: Brendan Kehoe
       Retiring Shadow Archivist: Stanton McCandlish
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Copy Reader:       Laslo Toth

CONTENTS, #7.05 (Sun, Jan 22, 1995)

File 1--WIRED letter in re "HOPE" Conference
File 2--Cu Digest, #7.04, File 3--The InterNewt
File 3--Some Comments on Copyright from Legal Bytes
File 4--DOJ Computer Siezure Guide Lines
File 5--FEDGOVT>NII Security Issues Forum Public Meetings
File 6--Cu Digest Header Information (unchanged since 25 Nov 1994)

CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.

----------------------------------------------------------------------

Date: Fri, 20 Jan 1995 01:44:55 -0800
From: Emmanuel Goldstein <emmanuel@WELL.SF.CA.US>
Subject: File 1--WIRED letter in re "HOPE" Conference

When WIRED told me they were going to print my letter in response
to their wretched review of the Hackers On Planet Earth conference,
I had no idea they were going to cut so much of it out, including
some of the most important points. So here it is in its entirety
with permission to reprint and repost anywhere. * indicates those
sections that were deleted from WIRED (February issue).


10/31/94

Rants & Raves
Wired
PO Box 191826
San Francisco, CA 94109-9866

At first glance, Charles Platt's review of the Hackers On Planet
Earth conference (Wired 2.11, page 82) appears to be a parody of
itself. Here is an article that makes fun of journalists
attending the conference searching unsuccessfully for criminals
that is written by someone who is genuinely disappointed at not
finding any crime. But it doesn't take long to realize that Platt
takes his judgmental little discourse very seriously and, like so
many before him who have attempted to cover the hacker world, he
just doesn't get it.

* Platt is perplexed by the fact that hackers are trusting
* individuals who are open to diverse opinions, such as those set
* forth by former CIA operative Robert Steele. Only a very limited
* and narrow view of this segment of society would result in
* Platt's righteous indignation that we don't act like the
* criminals he imagines us to be. Perhaps ten years ago this
* Geraldo outlook would have been understandable but now that we're
* halfway through the nineties, the readers of Wired deserve a bit
* more than the chance to watch Charles Platt discover what color
* the sky is.

* The article is filled with hints of things being not quite right
* in the hacker world although Platt can never seem to put any of
* his fingers directly upon the problem. Is it the material we
* publish in 2600? Platt seems to disapprove of our motives, saying
* that we print "a lot more answers than questions" and that my
* "air of innocence doesn't jibe with the attitude and content" of
* the magazine. As a forum for hackers, it wouldn't be quite right
* if we stopped in our tracks every time there was the chance of
* someone's moral sensibilities being offended. And so we answer as
* many questions as we can. As for my having an air of innocence, I
* suppose I have one because I don't feel guilty of anything,
* despite Platt's crazy allegation that I'm constantly looking over
* my shoulder, expecting to be arrested at any minute. If I was
* really doing that, then it would sort of deflate the "air of innocence"
* accusation, now wouldn't it? It's rare to be condemned for being
* guilty and innocent at the same time but, in this article,
* nothing short of an accurate fact would surprise me.

Platt strongly implies that 2600 corrupts people by providing a
forum for hackers, an accusation I find offensive and typical of
those sensationalist reporters who will concoct any fact to sell
a story. 2600 provides a vital service to people who are curious
* as well as a means of diseminating information for people who
* wouldn't be able to reach an audience otherwise. Referring to our
* meetings as "2600 franchises" is the same height of stupidity
* that the federal government resorts to when they accuse us of
* engaging in conspiracies at each and every one of our
* get-togethers. If Platt had bothered to do some research, he
* would have found that these "franchises" are loosely knit groups
* of people throughout the world who share a common interest. It's
* got nothing to do with profit, big business, or the "growth
* industry" that Platt defines us as being.

* On a personal level, Platt seems especially enthralled by the
* fact that I use more than one name; he latches onto this fact as
* if it's the evidence he needs to prove the point he never makes.
* (Even the subtitle of the article - "Wired... discovers who
* Emmanuel Goldstein really is" - points to the importance of this
* "revelation".) The fact is that I've never made my use of
* multiple identities a secret - I strongly believe in the right to
* choose whatever name suits you. What's particularly ironic here
* is that Platt would probably have missed this little fact if I
* hadn't TOLD HIM about it in the first place! Too bad, Platt - you
* missed the real sinister subplot here: Hacker Editor Seeks to
* Discredit Self.

* Charles Platt found me to be "one of the most evasive human
* beings" he ever attempted to interview. I am honored. But, in all
* fairness, when one is organizing and running a conference, there
* isn't an abundance of time to do one on one interviews. We tried
* to accomodate Mr. Platt (an hour long interview and answers to
* all of his follow-up questions) but he wanted us to focus all of
* our attention upon him and walk him through the entire hacker
* world. There were reporters from dozens of countries in
* attendance. Even if we believed Platt's repeated assertion that
* his Wired article was more important and would get us tons of
* publicity, we didn't believe such preferential treatment was fair
* to anybody. Wired people requested - and received - more free
* passes to HOPE than any other organization - it was our
* assumption that with 1400 people to talk to and so many
* reporters, you folks would have been able to piece a semi-
* accurate story together.

* It's too bad Mr. Platt defined HOPE as being "very bland",
* "lame", and "devoid of subversive content". Perhaps this is why
* he saw fit to disrupt a lively seminar on cryptography by
* repeatedly shouting "Where's the crime? We're here to see crime!"
* while chugging a Zima. I'm completely unmoved by his dismay
* because anyone with such a narrow view of the hacker world is
* clearly incapable of ever appreciating it. Of all those in
attendance, the vast majority were captivated by something or
someone at some time during the conference. The rather simple
moral here is that if you spend all of your time looking for
things that don't exist, you'll wind up being very disappointed.
It's too bad Wired readers were robbed of the chance to see the
significance of the largest hacker event in history.





Emmanuel Goldstein
emmanuel@well.sf.ca.us
(HOPE co-organizer and 2600 editor)

------------------------------

Date: Fri, 20 Jan 95 08:54 MST
From: @netmgr.cso.niu.edu:larry@ambient.UUCP (Larry Mulcahy)
Subject: File 2--Cu Digest, #7.04, File 3--The InterNewt

Why does this venemous screed deserve to be in CUD?  In it, Batterson
only makes personal attacks against right wing figures, saying nothing
about issues.

Newt Gingrich is to be congratulated for his efforts to open up the
proceedings of congress to Internet access.  Numerous CUD articles have
called for this step.

The following article describes the "thomas" www site.

WASHINGTON--People worldwide will be able to plug into the workings of
Congress through the Internet in a new system House Speaker Newt
Gingrich called "a participatory dialogue on self-government." The new
computer system, which provides a wide range of information about US
laws and lawmakers through the Library of Congress, is named "Thomas" in
honor of Thomas Jefferson. It was unveiled at a news conference Thursday
by Gingrich, Librarian of Congress James H. Billington and Rep. Bill
Thomas (R-Calif.) chairman of the new Committee on House
Oversight. Gingrich, arrived late following a White House meeting with
President Clinton, but clearly stole the show at the Library of Congress
event as photographers in the packed room snapped him
ceaselessly. Bubbling with enthusiasm for the new computer system,
Gingrich said, "There is a pervasivel cynicism to the culture of
Washington which, fortunately, does not exist for the rest of the
country." "Because knowledge is power," Gingrich said, the system will
shift the balance of power "toward the citizens and out of the Beltway."

The new congressional system is available free of charge to users of the
Internet, the global network that links 2.2 million computers at
universities, corporations, government agencies and homes and is used by
more than 20 million people. The "Thomas" system includes full texts of
bills from the last Congress; the House's "Gopher" system, which has
directory information for lawmakers and committees, committee hearing
schedules, House floor schedules and visitor information; a text of the
new Republican-proposed changes in House procedures that lawmakers
approved Wednesday and early Thursday,and other materials. By the end of
the month, the Library of Congress will begin to make available to the
system full texts of bills from the new Congress.  Future materials to
be offered include full texts of the Congressional Record and the
Congressional Research Service's Bill Digest, a file containing
summaries and chronologies of legislation. These materials will "enable
the American public to search more easily for legislation and to
understand more fully the lawmaking process," said Billington.  The
system is "easy to use, and its search capabilities are unique," he
said. The new system will not compete with commercial computer services,
which will be able to repackage the congressional material, the Library
of Congress said in a statement. Gingrich drew applause when he said
that while the federal budget must be balanced, funding for the
congressional library--the world's largest with 16 million books--should
be increased. "We should strive to make it easy for every scholar to
interact electronically," Gingrich said. "The right challenge is to
start moving forward." (NOTE: If you have access to the World-Wide Web,
"Thomas" is at http://Thomas.loc.gov/.)

------------------------------

Date: Tue, 20 Dec 1994 14:04:56 -0600 (CST)
From: pkennedy <pkennedy@IO.COM>
Subject: File 3--Some Comments on Copyright from Legal Bytes

((MODERATORS' COMMENT: The follow is reproduced from Legal Bytes,
Vol 2, Number 2(Fall-Winter), 1994. Legal Bytes info:

David H. Donaldson, Jr., Editor-in-Chief <6017080@mcimail.com>
Peter D. Kennedy, Senior Editor <pkennedy@io.com>
Laura Prather, Contributing Editor <LSTAPLE+GDF%GDF@mcimail.com>

                   ================================

2.   COPYRIGHT AND JOINT AUTHORSHIP

     Along with protecting solo inspirations, the Copyright Act
also protects works created by two or more authors working
together.  Like joint owners of real estate, each "joint author"
has all the rights and powers of a sole author, including the right
to copy, display, perform, and create derivative works, and the
power to transfer that right to others.  What does it take to
become a joint author of a work?  The Copyright Act defines a joint
author's work as "a work prepared by two or more authors with the
intention that their contributions be merged into inseparable or
interdependent parts of a unitary whole."  The Act doesn't define,
however, *how much* of a contribution it takes to become a "joint
author."

     Melvin Nimmer, a revered scholar of copyright law, is credited
with originating a concept, adopted by many courts, that resulted
in a relatively low threshold of joint authorship.  Nimmer's
formulation was a "de minimis" demarcation line requiring that
"more than a word or line must be added by one who claims to be a
joint author" -- but perhaps not much more.  As long as one made
more than a *de minimis* contribution to a copyrighted work, the
contributor qualifies as a joint author even if his or her
contribution itself would not be copyrightable, standing alone.

     Recently, however, federal courts have reexamined the joint
authorship issue and turned away from Professor Nimmer's
formulation.  The Seventh Circuit Court of Appeals (covering
Wisconsin, Illinois and Indiana) in a case called ERICKSON v.
TRINITY THEODORE, INC., 13 F.3d 1061 (7th Cir. 1994), spurned
Nimmer's test for a younger, more attractive one proposed by
Professor Jack Goldstein.  Professor Goldstein's approach reasons
that before claiming to be a "joint author," a collaborator ought
to show that he or she could be an "author" based on his or her
contribution to the work.  That is, the collaborator's
contribution, standing alone, must qualify as an original,
copyrightable "work of authorship" before the collaborator is given
the potentially valuable and powerful status of a joint author.

     The Seventh Circuit decided that Professor Goldstein's test
better balanced society's interest in promoting creativity, on the
one hand, with the free exchange of ideas on the other, and adopted
it.  The court stated that authors who merely consult others for
ideas, reactions, editing or criticism (contributions that are not
typically copyrightable taken alone) should be protected from
claims of joint ownership by such contributors.  The court reasoned
that if mere suggestions, ideas or criticism could create joint
authorship, the title of the copyright in the final work might
remain fuzzy and subject to challenge.  The Seventh Circuit (always
attuned to the economic effects of legal rules) concluded that such
uncertainty of title would affect the commercial value of such
works and ought to be minimized.

     The Seventh Circuit did not leave collaborators completely
without rights:  collaborators can realize the value of their
contributions through contractual agreements, which can be used to
compensate persons who make valuable, but perhaps not
copyrightable, contributions to a work.  But the court decided that
copyrights -- government-created and protected rights -- will not
be casually granted to secondary collaborators.

     A good illustration of this shift in the willingness of courts
to recognize joint authorship is the recent case of BALKIN v.
WILSON, decided by a trial court in Michigan. (The opinion can be
found on Westlaw at 1994 Westlaw 518849, No. 4-94-CV-35 (W.D. Mich.
September 20, 1994).  Two professors, Balkin and Wilson, worked on
a project called "Literacy News:  Breaking the Language Barrier
Through Songs."  Balkin wrote songs and Wilson wrote teachers'
manuals to be used with the songs.  Wilson provided ideas and input
on the songs' content, claiming to have discussed with Balkin 70%
of them, but he didn't write any music or lyrics.  While the
project was never completed, Balkin gave Wilson tapes of the songs.

     Wilson copied the tapes and sold many of them to his students
and others.  Balkin registered a copyright in the songs, and sued
Wilson for an accounting of the money he made on the songs,
claiming that it was Balkin who had the exclusive right to copy and
sell the tapes.  Wilson argued that he was a joint author, which
would give him equal rights to copy and sell the tapes.  Wilson
admitted that his *ideas* and *discussions* with Balkin about the
songs were not copyrightable but he claimed that his contribution
to the final songs was more than "de minimis" -- enough to make
him a joint author (at least under Professor Nimmer's test).

     The district court agreed with the Seventh Circuit, though,
and used Professor Goldstein's "independently copyrightable"
approach instead.  Because the ideas and concepts that Wilson
contributed were not independently copyrightable, the court held
that Wilson did *not* have the right to copy and sell the tapes as
a joint author.  Collaborators like Wilson, the court said, must
look to contractual agreements, not copyright law, to be
compensated for their contributions.

     As these cases show, Professor Goldstein's approach is
appealing for two reasons:  First, it protects authors and those
who deal with them from the uncertainty of joint authorship claims
based on perhaps exaggerated opinions of the value of criticisms or
contributions.  Second, it provides more certainty to the
definition of joint authorship because it incorporates the already
well-defined concept of "copyrightability."  Courts can now simply
look to the law of copyright to determine whether a collaborator's
contribution entitles him or her to joint authorship status, rather
than try to define and apply an inevitably subjective level of "de
minimis-ness."  If the collaborator could have independently
copyrighted the contribution that was incorporated into the work in
question, he or she can claim joint ownership -- otherwise,
copyright law provides no remedy, and collaborators need to protect
themselves in other ways.
___________________________________________________________________

3.   DOING THE NON-LITERAL INFRINGEMENT TWIST

     Software companies have faced two major hurdles in figuring
out whether copyright laws protect their creations.  The first
hurdle has been crossed:  software has been declared to be more
than a "useful article" (which would not be protected by the
Copyright Act), but it can be an "original work of authorship"
entitled to legal protection.  There is no longer any question that
the *literal* elements of computer program -- the source code and
object code -- can be copyrighted just like books.

     The second hurdle is still being crossed:  whether, and to
what extent "non-literal" elements of software are also
copyrightable.  These non-literal elements include the program
architecture, structure, sequence and organization, operational
modules, and computer-user interfaces (the "look and feel" of
software).  This far more complicated question is still being
hashed out in the federal courts.

     Until recently, computer software companies who work (and may
end up in court) in territory covered by the U.S. Court of Appeals
for the Fifth Circuit (which includes all of Texas, Louisiana, and
Mississippi) have faced real uncertainty in how the Fifth Circuit
would react to claims of non-literal infringement -- where a party
claims its software's copyright has been infringed, not by literal
copying of code, but by mimicking its non-literal elements.

     In 1987, the Fifth Circuit had apparently indicated that it
would recognize only a narrow breed of non-literal infringement, if
at all.  In a case called PLAINS COTTON COOP. ASS'N v. GOODPASTURE
COMPUTER SERV., INC., 807 F.2d 1256 (5th Cir.), cert. denied, 484
U.S. 821 (1987).  The Fifth Circuit considered the claim of an
employer who owned a mainframe software program that facilitated
bidding on cotton orders.  An employee had left Plains Cotton,
formed a new company, and created a very similar software program
for a PC platform.  Despite many similarities between the two
programs' user interfaces and approaches to the data, the Fifth
Circuit held that there was insufficient evidence of copying of
*copyrightable* material, and reversed a temporary injunction that
had issued against the ex-employee's new company.

     The Fifth Circuit's PLAINS COTTON decision was made before
several other federal courts had developed and begun using the
"abstraction-filtration-comparison" approach to analyze claims of
non-literal infringement.  This analysis is generally considered to
provide far more protection for non-literal aspects of computer
programs than the Fifth Circuit's approach in PLAINS COTTON.  See
Legal Bytes, Vol. 1, Number 1 ("When is a Computer Program a
Copy?").

     The Fifth Circuit has now not only shed a remnant of
nineteenth century thinking, but has forged ahead on the cutting
edge of copyright protection.  This summer, in a case called
ENGINEERING DYNAMICS, INC. v. STRUCTURAL SOFTWARE, INC., 26 F.3d
1335 (5th Cir. 1994).  The Fifth Circuit held that similarities
between two computer programs' user interfaces could be the basis
of a copyright infringement claim, even though the underlying
programs were written in different languages and used different
instructions to create the similar interfaces.

     This decision was startling for several reasons, none of which
was directly related to case's facts.  One surprise was that a
current influential Fifth Circuit judge, Patrick E. Higgonbothom,
had previously taken a very different view of non-literal
infringement when he was a federal trial judge in Dallas.  In 1978,
he had ruled in SYNERCOM TECHNOLOGY, INC. v. UNIVERSITY COMPUTING
COMPANY, INC., 462 F. Supp. 1003 (N.D. Texas 1978), that mainframe
data input formats were not copyrightable because key-punched card
formats, as well as their sequence and organization, were non-
copyrightable ideas rather than the copyrightable expression of an
idea.  Another twist was that the defendant who won that case was
none other than Engineering Dynamics, Inc., ("EDI"), who later
became the plaintiff in ENGINEERING DYNAMICS, INC. v. STRUCTURAL
SOFTWARE, INC.  The attorney who successfully defended EDI against
a claim of non-literal infringement before Judge Higgonbothom --
Tom Cantrell -- was again hired by EDI to prosecute *its* claim of
non-literal infringement against Structural Software, Inc. ("SSI").

     After winning the 1978 case against Synercom, EDI continued to
refine the user interface to its program, including an 80-column
input format that was used with its mainframe software systems and
had become familiar to many users.  When EDI developed a new
computer interface program, it kept the familiar 80-column input
format.  In 1986, SSI entered the market with a product for
personal computers that borrowed heavily from EDI's familiar 80-
column format.  EDI, which had once claimed that computer user
interfaces couldn't be copyrighted, again used the same lawyer to
sue SSI, and claim claim that the interfaces that it had created
were copyrighted, and that SSI had infringed its copyright.
There wasno question that the two computer programs themselves
were literally different -- SSI's program was written for use with
PCs, using languages and approaches substantially different than
those used in EDI's mainframe program.

     At the time, SSI appeared to have a good defense.  The Fifth
Circuit had seemed to decide, in the PLAINS COTTON case, that non-
literal elements of a program warranted little copyright
protection.  PLAINS COTTON even had similar facts:  the defendant
had developed a PC-based program that was inspired by a mainframe
application and which copied its non-literal elements but which
did not copy the code.  In fact, when the trial judge reviewed
EDI's claims against SSI in light of PLAINS COTTON,the case looked
easy, and the judge dismissed all of EDI's copyright claims.

     In the meantime, however, the Fifth Circuit's approach in
PLAINS COTTON had gotten a lot of criticism.  No other court had
chosen to follow it, and several other courts had adopted the more
sophisticated "abstraction-filtration-comparison" analysis.  The
value and uniqueness of computer software does not reside solely
in its literal code, but also in the way in which the software
presents itself and interacts with the user.  These valuable and
unique non-literal elements can be mimicked using code that does
not copy the original program, and therefore several courts have
recognized claims of non-literal infringement.

     The changing law again benefitted EDI, as the Fifth Circuit
moved away from its PLAINS COTTON approach.  The court now
explicitly recognized that "non-literal aspects of copyrighted
works -- like structure, sequence, and organization -- may be
protected under copyright law."  Having thrown off the chains of
its prior opinion, the court adopted the three-part abstraction-
filtration-comparison method.  This fact-intensive inquiry requires
that the court first abstract the different levels of generality in
the two programs at issue.  The court then examines each level of
abstraction to filter out program elements that cannot be protected
under the Copyright Act, such as ideas, process, facts, public
domain information, and "scenes a fair material"; that is, material
in which the unprotected idea cannot be separated from expression
that can be protected, or material which is so standard in an
industry that it is indispensable.  After the "abstraction" and
"filtration" steps, the court compares the remaining protectible
elements with the allegedly infringing program to determine whether
the later program has copied substantially similar elements.

     Because the trial judge had not taken these steps, the Fifth
Circuit sent the case back for analysis.  The court cautioned that
the scope of copyright protection is not always constant across all
literary works.  It recommended a cautious approach when defining
the scope of protection available for computer user interfaces,
because interfaces are highly functional (function is not
protected) and because they often contain standardized technical
information that is not protected (such as the complex engineering
formulas common to both EDI and SSI's programs).  The court
suggested that, before finding infringement in user interfaces, a
party should stand ready to prove a greater degree of similarity
than what might be needed to show infringement of more literal
aspects of a program.

     Ironically, the developing copyright law allowed the same
company using the same lawyer to win both sides of the non-literal
infringement debate.  But recognizing non-literal infringement is
a two-edged sword:  while it may protect the value of unique
expression of ideas developed by programmers, it also makes it more
difficult to meet customer needs for new and better software
without sacrificing the familiarity customers have with the
friendly mugs of particular and popular user interfaces.

------------------------------

From: Dave Banisar <banisar@WASHOFC.EPIC.ORG>
Date: Fri, 20 Jan 1995 21:08:18 EST
Subject: File 4--DOJ Computer Siezure Guide Lines

Date	1/20/95
Subject	DOJ Computer Siezure Guide Lines
From	Dave Banisar
To	Interested People

EPIC Analysis of New Justice Department Draft Guidelines on Searching and
Seizing Computers

Dave Banisar
Electronic Privacy Information Center

The Electronic Privacy Information Center (EPIC) has obtained the
Department of Justice's recently issued draft "Federal Guidelines for
Searching and Seizing Computers."  EPIC obtained the document under the
Freedom of Information Act.  The guidelines provide an overview of the
law surrounding searches, seizures and uses of computer systems and
electronic information in criminal and civil cases.  They discuss current
law and suggest how it may apply to situations involving computers.  The
draft guidelines were developed by the Justice Department's Computer
Crime Division and an informal group of federal agencies known as the
Computer Search and Seizure Working Group.


Seizing Computers

A major portion of the document deals with the seizure of computers.  The
draft recommends the use of the "independent component doctrine" to
determine if a reason can be articulated to seize each separate piece of
hardware.  Prosecutors are urged to "seize only those pieces of equipment
necessary for basic input/output so that the government can successfully
execute the warrant."  The guidelines reject the theory that because a
device is connected to a target computer, it should be seized, stating
that "[i]n an era of increased networking, this kind of approach can lead
to absurd results."

However, the guidelines also note that computers and accessories are
frequently incompatible or booby trapped, thus recommending that
equipment generally should be seized to ensure that it will work.  They
recommend that irrelevant material should be returned quickly.  "[O]nce
the analyst has examined the computer system and data and decided that
some items or information need not be kept, the government should return
this property as soon as possible."  The guidelines suggest that it may
be possible to make exact copies of the information on the storage
devices and return the computers and data to the suspects if they sign
waivers stating that the copy is an exact replica of the original data.

On the issue of warrantless seizure and "no-knock warrants," the
guidelines note the ease of destroying data.  If a suspect is observed
destroying data, a warrantless seizure may occur, provided that a warrant
is obtained before an actual search can proceed.  For "no-knock"
warrants, the guidelines caution that more than the mere fact that the
evidence can be easily destroyed is required before such a warrant can be
issued.  "These problems . . . are not, standing alone, sufficient to
justify dispensing with the knock-and-announce rule."


Searching Computers

Generally, warrants are required for searches of computers unless there
is a recognized exception to the warrant requirement.  The guidelines
recommend that law enforcement agents use utility programs to conduct
limited searches for specific information, both because the law prefers
warrants that are narrowly tailored and for reasons of economy.  "The
power of the computer allows analysts to design a limited search in other
ways as well . . . by specific name, words, places. . . ."

For computer systems used by more than one person, the guidelines state
that the consent of one user is enough to authorize a search of the
entire system, even if each user has a different directory.  However, if
users have taken "special steps" to protect their privacy, such as using
passwords or encryption, a search warrant is necessary.  The guidelines
suggest that users do not have an expectation of privacy on commercial
services and large mainframe systems because users should know that
system operators have the technical ability to read all files on such
systems.  They recommend that the most prudent course is to obtain a
warrant, but suggest that in the absence of a warrant prosecutors should
argue that "reasonable users will also expect system administrators to be
able to access all data on the system."  Employees may also have an
expectation of privacy in their computers that would prohibit employers
from consenting to police searches.  Public employees are protected by
the Fourth Amendment and searches of their computers are prohibited
except for ""non-investigatory, work related intrusions" and
"investigatory searches for evidence of suspected work-related employee
misfeasance."

The guidelines discuss the Privacy Protection Act of 1980, which was
successfully used in the Steve Jackson Games case against federal agents.
They recommend that "before searching any BBS, agents must carefully
consider the restrictions of the PPA."  Citing the Jackson case, they
leave open the question of whether BBS's by themselves are subject to the
PPA and state that "the scope of the PPA has been greatly expanded as a
practical consequence of the revolution in information technology -- a
result which was probably not envisioned by the Act's drafters."  Under
several DOJ memos issued in 1993, all applications for warrants under the
Privacy Protection Act must be approved by a Deputy Assistant Attorney
General of the Criminal Division or the supervising DOJ attorney.

For computers that contain private electronic mail protected by the
Electronic Communications Privacy Act of 1986, prosecutors are advised to
inform the judge that private email may be present and avoid reading
communications not covered in the warrant.  Under the ECPA, a warrant is
required for email on a public system that is stored for less than 180
days.  If the mail is stored for more than 180 days, law enforcement
agents can obtain it either by using a subpoena (if they inform the
target beforehand) or by using a warrant without notice.

For computers that contain confidential information, the guidelines
recommend that forensic experts minimize their examination of irrelevant
files.  It may also be possible to appoint a special master to search
systems containing privileged information.

One important section deals with issues relating to encryption and the
Fifth Amendment's protection against self-incrimination.  The guidelines
caution that a grant of limited immunity may be necessary before
investigators can compel disclosure of an encryption key from a suspect.
This suggestion is significant given recent debates over the Clipper Chip
and the possibility of mandatory key escrow.


Computer Evidence

The draft guidelines also address issues relating to the use of
computerized information as evidence.  The guidelines note that "this
area may become a new battleground for technical experts."  They
recognize the unique problems of electronic evidence: "it can be created,
altered, stored, copied, and moved with unprecedented ease, which creates
both problems and opportunities for advocates."  The guidelines discuss
scenarios where digital photographs can be easily altered without a trace
and the potential use of digital signatures to create electronic seals.
They also raise questions about the use of computer generated evidence,
such as the results of a search failing to locate an electronic tax
return in a computer system.  An evaluation of the technical processes
used will be necessary:  "proponents must be prepared to show that the
process is reliable."


Experts

The DOJ guidelines recommend that experts be used in all computer
seizures and searches -- "when in doubt, rely on experts."  They provide
a list of experts from within government agencies, such as the Electronic
Crimes Special Agent program in the Secret Service (with 12 agents at the
time of the writing of the guidelines), the Computer Analysis and
Response Team of the FBI, and the seized recovery specialists (SERC) in
the IRS.  The guidelines reveal that "[m]any companies such as IBM and
Data General employ some experts solely to assist various law enforcement
agencies on search warrants."  Other potential experts include local
universities and the victims of crimes themselves, although the
guidelines caution that there may be potential problems of bias when
victims act as experts.


Obtaining a Copy of the Guidelines

EPIC, with the cooperation of the Bureau of National Affairs, is making
the guidelines available electronically.  The document is available via
FTP/Gopher/WAIS/listserv from the EPIC online archive at cpsr.org
/cpsr/privacy/epic/fed_computer_siezure_guidelines.txt. A printed version
appears in the Bureau of National Affairs publication, Criminal Law
Reporter, Vol. 56, No. 12 (December 21 1994).

About EPIC

The Electronic Privacy Information Center is a public interest research
center in Washington, DC.  It was established in 1994 to focus public
attention on emerging privacy issues relating to the National Information
Infrastructure, such as the Clipper Chip, the Digital Telephony proposal,
medical record privacy, and the sale of consumer data.  EPIC is sponsored
by the Fund for Constitutional Government and Computer Professionals for
Social Responsibility.  EPIC publishes the EPIC Alert and EPIC Reports,
pursues Freedom of Information Act litigation, and conducts policy
research on emerging privacy issues.  For more information email
info@epic.org, or write EPIC, 666 Pennsylvania Ave., S.E., Suite 301,
Washington, DC 20003. +1 202 544 9240 (tel), +1 202 547 5482 (fax).

The Fund for Constitutional Government is a non-profit organization
established in 1974 to protect civil liberties and constitutional rights.
Computer Professionals for Social Responsibility is a national membership
organization of people concerned about the impact of technology on
society. For information contact: cpsr-info@cpsr.org.

Tax-deductible contributions to support the work of EPIC should be made
payable to the Fund for Constitutional Government.

------------------------------

Date: Wed, 18 Jan 95 08:39:12 CST
From: hudspeth@JARHEAD.BITNET(Todd Hudspeth)
Subject: File 5--FEDGOVT>NII Security Issues Forum Public Meetings

This article was obtained from the Usenet group
"comp.internet.net-happenings."

>From sackman@plains.nodak.edu (Gleason Sackman)
Newsgroups: comp.internet.net-happenings
Subject--NII> NII Security Issues Forum Public Meetings (fwd)
Date: 17 Jan 1995 22:00:19 -0800

---------- Forwarded message ----------
Date: Thu, 12 Jan 1995 12:59:22 -0500
SENDER:CFRANZ@ntia.doc.gov
Subject--FEDGOVT>NII Security Issues Forum Public Meetings

OFFICE OF MANAGEMENT AND BUDGET

NOTICE OF PUBLIC MEETING

Agency:  Office of Management and Budget

Action:  National Information Infrastructure Security Issues
Forum:  Notice of Public Meetings and request for public comments

SUMMARY:  The National Information Infrastructure Security Issues
Forum will conduct two public meetings to continue a dialogue
between government and the private and public interest sectors on
issues related to the security of information on the National
Information Infrastructure (NII). Interested parties --
especially beneficiaries of Aid to Families with Dependent
Children and Food Stamps, and users of public information, and
participants in the sophisticated communications networks which
support the U.S. transportation and customs systems -- are
invited to submit a 1 - 2 page position statement and request to
testify.

     The meetings are sponsored by the NII Security Issues Forum
of the Information Infrastructure Task Force and Mega-Project III
of the U.S. Advisory Council on the NII.

DATES:  Both public meetings, "Security of the Electronic
Delivery of Government Information and Services" and "Security
for Intelligent Transportation Systems and Trade Information,"
will be held simultaneously on Friday, January 27, 1995, from
9:00 a.m. to 12:30 p.m. in Raleigh, North Carolina.


     Those wishing to testify should submit a 1 - 2 page position
statement and request to participate by January 20, 1995.
Individuals wishing to offer general comments or present
questions may request to do so during the meeting.  Written
comments may be submitted on paper or electronically, in ASCII
format, and will be accepted until February 10, 1995.

ADDRESSES:  The public meeting, "Security of the Electronic
Delivery of Government Information and Services," will be held in
the Auditorium of the North Carolina Museum of History, 1 East
Edenton Street, Raleigh, North Carolina.  The public meeting,
"Security for Intelligent Transportation Systems and Trade
Information," will be held in the Auditorium of the Department of
Cultural Affairs, 109 East Jones Street, Raleigh, North Carolina.
Both buildings are in close proximity to the North Carolina
Capitol Building.

     Position statements and requests to appear for the meeting,
"Security of the Electronic Delivery of Government Information
and Services,"   sent to the Government Information Technology
Services Working Group, marked to the attention of Ms. April
Ramey, U.S. Department of the Treasury, 1425 New York Avenue,
Room 2150 N.W., Washington, D.C.  20220.  Position statements may
also be submitted via fax to (202) 622-1595 or through electronic
mail to april.ramey@treas.sprint.com.  Electronic mail should be
submitted as unencoded, unformatted, ASCII text.

     Position statements and requests to appear for the meeting,
"Security for Intelligent Transportation Systems and Trade
Information," should be sent to the Volpe National Transportation
Systems Center of the Department of Transportation, marked to the
attention of Mr. Gary Ritter, DTS-21, at 55 Broadway, Cambridge,
MA, 02142.  Position statements may also be submitted via fax to
(617) 494-2370 or through electronic mail to
"Ritter@volpe1.dot.gov".  Electronic mail should be submitted as
unencoded, unformatted, ASCII text.

     Parties offering testimony are asked to provide them on
paper, and where possible, in machine-readable format.  Machine-
readable submissions may be provided through electronic mail
messages sent over the Internet, or on a 3.5" floppy disk
formatted for use in an MS-DOS based computer.  Machine-readable
submissions should be provided as unencoded, unformatted ASCII
text.

     Written comments should include the following information:
*    Name and organizational affiliation, if any, of the
     individual responding;
*    An indication of whether comments offered represent views of
    the respondent's organization or are the respondent's
     personal views; and
*    If applicable, information on the respondent's organization,
    including the type of organization (e.g., trade association,
   private corporation, non-profit organization) and general
areas of interest.

FOR FURTHER INFORMATION CONTACT:   For further information
relating to electronic delivery of information and services,
contact Ms. April Ramey of the Treasury Department at (202) 622-
1278.

     For further information relating to transportation and trade
issues, contact Mr. Gary Ritter at the Volpe National
Transportation Systems Center by telephone at (617) 494-2716.

SUPPLEMENTARY INFORMATION:

I.  Issues for Public Comment

A.   Background

     The public meetings are part of an ongoing dialogue with the
Administration to assess the security needs and concerns of users
of the National Information Infrastructure (NII).  The NII is a
system of high-speed telecommunications networks, databases, and
advanced computer systems that will make electronic information
more widely available and accessible than ever before.  For
example, citizens may be able to learn about federal benefits
programs through public kiosks, or may receive their social
security payments through direct deposit to their bank accounts.
As the U.S. transportation infrastructure becomes more complex,
Americans will benefit from the application of information
technologies to such operations as toll collection, motor vehicle
registration, and traffic routing.  This increased availability
and accessibility of services and products provided through
information technology will dramatically affect the way in which
individuals conduct their everyday affairs.

     Consequently, broad public and commercial use of the NII
hinges upon implementing technologies, policies, and practices
that not only ensure that users of information systems have
access to information when and where they need it, but that
subjects of information records are able to protect themselves
from unauthorized or inappropriate use of information.

     "Americans will not use the NII to its full potential unless
they trust that information will go where and when they want it
and nowhere else," declared Sally Katzen, Administrator of the
Office of Information Regulatory Affairs at OMB and chair of the
Forum.  "The Federal government is a primary user of the NII and
thus a catalyst for change.  Yet the NII will be designed, built,
owned, operated, and used primarily by the private sector, making
it essential that security on the NII be considered in
partnership with the public."

     To address these critical issues, the Vice President formed
the Information Infrastructure Task Force (IITF).  The IITF is
chaired by Secretary of Commerce Ron Brown and is comprised of
senior Administration officials having expertise in technical,
legal, and policy areas pertinent to the NII.  The mission of the
IITF is to articulate and implement the Administration's vision
for the NII.

     The NII Security Issues Forum was established within the
IITF to address the cross-cutting issue of security in the NII.
The Forum is chaired by Sally Katzen, Administrator of the Office
of Information and Regulatory Affairs in the Office of Management
and Budget.

     In addition to the IITF, the President has established the
U.S. Advisory Council on the National Information Infrastructure.
The Advisory Council represents industry, labor, and public
interest groups, and advises the Secretary of Commerce on issues
relating to the NII.  Mega-Project III, one of three work groups
of the Advisory Council, is responsible for addressing security,
intellectual property, and privacy issues as they relate to the
NII.

B.   Structure and Content of Public Meeting

     Security is linked inextricably to broad public use of the
NII.  The technologies, policies, and procedures used to ensure
the confidentiality, availability, and integrity of digitally
produced and transmitted information, information products, and
services on the NII will determine whether, how, and to what
extent digitally linked information services will be broadly used
in such critical applications as providing public information,
supporting the delivery of government services, utilizing
intelligent transportation systems, and conducting trade.

     Development of policies and procedures that will ensure the
security of public and private information and communications on
the NII requires study from different perspectives, whether that
of the subject of the information, the user of the information,
or the creator of the information.  The Forum and Mega-Project
III seek input from parties representing beneficiaries of federal
information and services and users of intelligent transportation
systems and trade data.

     Solutions to these concerns will come via technical
solutions, as well as legal and policy mechanisms.  The Forum and
Mega-Project III seek input in this area as well.  Specifically,
what legal measures, policy mechanisms, and technological
solutions, or combinations thereof, can be used to effectively
protect the security of federal benefits information or
transportation or trade data, delivered or made accessible on the
NII?

     A panel of witnesses drawn from the public will be assembled
to discuss the following topics with a panel of senior
Administration officials, members of the Security Issues Forum,
members of the Advisory Council, and policy makers at the State
level, and to field questions and comments from other members of
the public.

     Position statements for the meeting, "Security in the
Delivery of Electronic Information and Services," should address
four principal questions:

1.   How do you envision the NII being used to provide services
  and information electronically to citizens?  Specifically,
what types of services and information should be delivered
or made available?

2.   What risks and threats do you foresee in making services and
    information available via the NII?  Such threats might
include fraud, unauthorized access, breach of
     confidentiality or privacy, breach of integrity, and system
   performance.

3.   What legal, policy, and ethical issues do you foresee
     affecting usage of the NII?  Such issues may include
     liability, information/property rights, access,
     document/records management, legal admissibility/evidentiary
    requirements, and auditability.  Do some issues, such as
privacy and open access, tend to countervene each other?

4.   What kinds of administrative or technical solutions should
  be developed or promoted to address security, legal, and
ethical concerns?  Such solutions may include verifying
recipient and/or vendor eligibility, ensuring operational
and systems security, and establishing means to facilitate
settlement, detection, and prosecution.

     Position statements for the meeting, "Security for
Intelligent Transportation Systems and Trade Information," should
address five principal questions:

1.   Who should be permitted access to sensitive trade and
     transportation information systems?  How can inappropriate
  access and use be prevented?

2.   What technical and institutional safeguards in electronic
 data transmission, storage, and retrieval are needed to
protect the security of trade and transportation data?  Such
risks might include:  disclosure of proprietary and
     confidential business information, criminal access to trade
   and cargo records, disclosure of individual travel patterns
 or vehicle locations, or disclosure of transportation
     dispatch communications regarding sensitive cargo shipment
  routes, itineraries, and locations.

3.   What does an "appropriate level of security" consist of?  Is
    there a "one-size-fits-all" solution, or can policies be
established which flexibly meet diverse needs?

4.   Do certain systems merit greater degrees of security
     protection, such as traffic signal control systems, variable
    message signs, fleet location monitoring, electronic toll
collection, international trade data, and motor vehicle
registration records?

5.   Who should establish and enforce security policies?  How can
    government and the private sector work together to support a
   secure National Information Infrastructure?

II.  Guidelines for Participation in the Public Hearing

     Individuals who would like to participate on a panel must
request an opportunity to do so no later than January 20, 1995,
by submitting a brief, 1 - 2 page summary position statement.  If
approved, each participant will be allowed to present brief
opening remarks.  Primary participation, however, shall be during
the general discussion to follow, according to the format
described above.

     Participants in the public meeting will testify before and
participate in discussions with a panel consisting of members of
the Advisory Council, members of the Security Issues Forum, and
other Administration officials.

     Individuals not selected as panel participants may offer
comments or ask questions of the witnesses by requesting an
opportunity to do so and being recognized during the meeting by
the chairs of the meetings.  Oral remarks offered in this fashion
should not exceed three minutes.  No advance approval is required
to attend the public meetings, offer comments, or present
questions.

     The public meeting on "Security of the Electronic Delivery
of Information and Services" will be chaired by Mr. Jim Flyzik,
Chair of the Government Information Technology Services Working
Group of the IITF.

     The public meeting on "Security for Intelligent
Transportation Systems and Trade Information," will be co-chaired
by Ms. Ana Sol Gutierrez, Deputy Administrator of the Research
and Special Programs Administration of the U.S. Department of
Transportation, and Ms. Christine Johnson, Director of the
Intelligent Transportation Systems Joint Program Office of the
U.S. Department of Transportation.

     More information about the Clinton Administration's National
Information Infrastructure initiative can be obtained from the
IITF Secretariat.  Inquiries may be directed to Yvette Barrett at
(202) 482-1835, by e-mail to ybarrett@ntia.doc.gov, or by mail to
U.S. Department of Commerce, IITF Secretariat, NTIA, Room 4892,
Washington, D.C., 20230.

     For inquiries over the Internet to the IITF Gopher Server,
gopher, telnet (login = gopher), or anonymous ftp to
iitf.doc.gov.  Access is also available over the World-Wide-Web.
Questions may be addressed to nii@ntia.doc.gov.

     For access by modem, dial (202) 501-1920 and set modem
communication parameters at no parity, 8 data bits, and one stop
(N,8,1).  Modem speeds of up to 14,400 baud are supported.

Sally Katzen
Administrator, Office of Information and Regulatory Affairs
Certified to be a true copy of the original by John B. Arthur,
Associate Director for Administration

------------------------------


------------------------------

Date: Thu, 23 Oct 1994 22:51:01 CDT
From: CuD Moderators <tk0jut2@mvs.cso.niu.edu>
Subject: File 6--Cu Digest Header Information (unchanged since 25 Nov 1994)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send a one-line message:  SUB CUDIGEST  your name
Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on  internet);
and on Rune Stone BBS (IIRGWHQ) (203) 832-8441.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE:  In BELGIUM: Virtual Access BBS:  +32-69-844-019 (ringdown)
         In ITALY: Bits against the Empire BBS:  +39-461-980493
         In LUXEMBOURG: ComNet BBS:  +352-466893

  UNITED STATES:  etext.archive.umich.edu (192.131.22.8)  in /pub/CuD/
                  ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
                  aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
                  world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
                  uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/
                  wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
  EUROPE:         nic.funet.fi in pub/doc/cud/ (Finland)
                  ftp.warwick.ac.uk in pub/cud/ (United Kingdom)

  JAPAN:          ftp.glocom.ac.jp /mirror/ftp.eff.org/Publications/CuD
                  ftp://www.rcac.tdi.co.jp/pub/mirror/CuD

The most recent issues of CuD can be obtained from the NIU
Sociology gopher at:
  URL: gopher://corn.cso.niu.edu:70/00/acad_dept/col_of_las/dept_soci

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

------------------------------

End of Computer Underground Digest #7.05
************************************