[11781] in Commercialization & Privatization of the Internet
INFORMATION POLICY ONLINE-APRIL
daemon@ATHENA.MIT.EDU (iia.ipo@his.com)
Tue Apr 19 14:12:30 1994
From: iia.ipo@his.com
Date: Tue, 19 Apr 94 08:49:56
To: com-priv@psi.com
Reply-To: iiaipo@his.com
iiiiii iiiiii a INFORMATION POLICY ONLINE
ii ii aaa
ii ii aaa An Internet Newsletter
ii ii aaa published by the
ii ii aaaaaaaaa Information Industry Association
ii ii aaa 555 New Jersey Ave., N.W.
ii ii aaa Washington, DC 20001
ii ii aaa Internet: <iia.ipo@his.com>
iiiiii iiiiii aaaaaaa Volume 1, Number 2, April 1994
-----------------------------------------------------------------
*****************************************************************
IN THIS ISSUE:
[1] How Washington Fights Crime
[2] Health Care Reform Spotlights Privacy of Health Care Records
[3] IIA Pushes Fair Information Practices Guidelines
[4] Opperman on Internet
[5] This Could (Really!) Be the Year for Telecommunications
Legislation
[6] Calif. Bill Would Require All State Govt. Information to Be
Disseminated via Internet
[7] Federal Software Copyright Proposal Revived
[8] Seminar Announcement: "Copyright Protection and the
Information Superhighway: Writing the Rules of the Road"
[9] About "Information Policy Online" and the Information
Industry Association
*****************************************************************
[1]
HOW WASHINGTON FIGHTS CRIME
by
Steve Metalitz
Senior Vice President of IIA and
Editor of Information Policy Online
It is spring and an election year, so inevitably the
thoughts of Washington policymakers turn to crime -- not
committing it but fighting it. Crime bills are perennial
political crowd pleasers. This year, there have been some
particularly strange twists to this biennial federal ritual.
>From both ends of Pennsylvania Avenue, efforts are underway to
help the nation fight violent crime by... restricting the flow of
information. Information companies, not usually thought of as
major players in the crime policy fields, need to jump in to
protest this notion.
The Senate jumped the gun in this race last fall, when it
passed the Driver's Privacy Protection Act (DPPA) as part of an
omnibus crime measure. Because, in a few celebrated cases,
criminals have located their victims by looking up their license
plates in public records maintained by state motor vehicle
agencies, Sen. Barbara Boxer (D-CA) persuaded her colleagues to
order all states to shut off all public access to these records,
with a few limited exceptions.
The House of Representatives broke ranks by actually holding
two hearings in February on the companion measure, sponsored by
Rep. James Moran (D-VA). Efforts have been underway since then
to moderate the impact of the legislation, which would set a
disastrous precedent for restricting access to all kinds of
public records held by state and local governments. The March 21
redraft of the DPPA takes some steps in the right direction. It
would allow, for example, broader access to motor vehicle records
for use in research, litigation, and security investigations, and
would make the penalties for improper disclosure more realistic.
But it leaves unchanged the basic premise: that these
traditionally public records should be "presumed secret" and that
the federal government should dictate which business uses of such
records are permissible or forbidden.
The House crime bill hit a last-minute snag just before
Congress' spring recess. The revised version of DPPA will be
offered as an amendment to the crime bill on the House floor,
probably during the week of April 10. It is almost sure to pass,
and the final text of the legislation will be written by a House-
Senate conference committee later in the spring. Now would be an
excellent time to acquaint your House member [write to him or her
at U.S. House of Representatives, Washington, DC 20515] with the
value of access to public records, and to urge him or her to
share this concern with members of the House Judiciary Committee,
from which the conference committee members will be drawn.
A better publicized initiative to fight crime through
information policy is the brainchild of federal law enforcement
agencies. The Digital Telephony and Communications Privacy
Improvement Act of 1994 is a recycled version of a Bush
Administration idea -- to require all the nation's
telecommunications systems to be designed to facilitate law
enforcement interceptions of voice and data traffic in digital
formats. While the Republicans proposed to make telephone
ratepayers foot the bill for the cost retrofitting and design
changes needed to achieve this goal, the current Democratic
version would hand the check to the taxpayers. So far, Congress
has been unenthusiastic about the digital telephony proposal --
in great part, because a broad alliance representing the computer
and telecommunications industries, and public interest groups,
have raised so many questions about it. Speaking at a hearing on
March 18, FBI Director Louis Freeh portrayed an effort to prevent
digital technology from working a "de facto repeal" of law
enforcement's authority to fight crime and terrorism through
court-ordered wiretapping, while coalition witnesses denounced
federal attempts to impede the development of valuable
communications technologies and to turn the telephone network
into a gigantic surveillance apparatus.
The digital telephony proposal exemplified a trend. Several
pending federal initiatives have the stated aim of increasing
government's ability to monitor traffic on today's and tomorrow's
information networks. The proposals range from cutting-edge
cryptography such as the "Clipper Chip" proposal [see story in
last month's IPO] to simple "law enforcement exemptions to laws
such as the Fair Credit Reporting Act that were passed to protect
personal privacy. The motivation is to give law enforcement
better tools for fighting crime, but the impact could spread far
beyond, into the perceptions of consumers and businesses about
the security or insecurity of information networks and
technologies.
Not surprisingly, while federal officials are eager to talk
about fighting crime, they are not always so enthusiastic about
discussing these broader issues. For example, while the inquiry
by the National Telecommunications and Information Administration
into privacy and telecommunications covers as extraordinary range
of questions about how the private sector acquires, uses and
disseminates information, issues of governmental access to
personal information are explicitly off limits. In the NTIA
inquiry, as well as in the debate over DPPA and digital
telephony, the information industry will continue to offer a
broader perspective on attempts to fight crime by restricting the
flow of information.
*****************************************************************
[2]
HEALTH CARE REFORM SPOTLIGHTS
PRIVACY OF HEALTH CARE RECORDS
Representative Gary Condit (D-CA) has introduced long
anticipated legislation regarding privacy guidelines for the use
and disclosure of health care records. "Regardless of how the
health delivery and payment system is restructured," said Condit,
"there is and will continue to be a need for a code of fair
information practices." He referred to several studies and an
Equifax/Louis Harris public opinion poll as support for the
necessity of introducing legislation addressing uniform health
confidentiality legislation.
The bill, H.R. 4077, specifies that it covers only
"protected health information," which is defined as "any
information, whether oral or recorded in any form or medium, that
is created or received by a health use trustee or a public health
trustee in a state and relates to the past, present, or future
physical or mental health of an individual, or payment for the
provision of health care to an individual and identifies the
individual..." A health care trustee is a person who receives or
creates protected health information.
Although information companies generally support the
legislation, it raises questions for them. What impact
will this legislation have for other types of information
regulated by the government? How broadly will the definition of
"protected health information" be interpreted? Will this bill
prevail or will it be one of the privacy guidelines in other
health care reform legislation?
Condit's version seems likely to prevail because the
subcommittee he chairs, the Subcommittee on Information, Justice,
Transportation, and Agriculture, has jurisdiction over any
section of any bill that addresses health care information. One
thing is certain: health care information collection and privacy
continue to be legislatively "hot" topics.
*****************************************************************
[3]
IIA PUSHES FAIR INFORMATION
PRACTICES GUIDELINES
The Information Industry Association has adopted and is
espousing Fair Information Practices Guidelines. The FIP
Guidelines have three main audiences:
- Policymakers at all levels of government contemplating
regulation of corporate information practices to
protect privacy [See previous story];
- Information companies who can use the guidelines to
make their own privacy policies to address customers'
concerns; and
- Members of the public who have growing concern about
the way companies handle personal information.
The guidelines consist of five general principles.
1. Companies are encouraged to:
a) establish a policy on fair information practices regarding
personally identifiable information they collect, use and
distribute;
b) make this policy publicly available;
c) review the policy periodically and update it if needed; and
d) establish means and standards for monitoring compliance with
the policy and establish accountability for it.
2. Companies are encouraged to:
take reasonable and appropriate steps to protect personally
identifiable information against risks such as loss, and
unauthorized access, use, modification, disclosure or
destruction. If such information is provided to third
parties, companies are encouraged to require those third
parties to have comparable protections.
3. Companies are encouraged to:
promulgate policies and practices that address the conditions
associated with their receipt of all personally identifiable
information, including the following:
a) When such information is requested directly from the
individual, the company is encouraged to disclose to him/her
how it intends to use the information.
b) When a company obtains such information from other private
sources, it should be used only for purposes consistent with
the conditions under which it was obtained.
c) Collection, use and distribution of personally identifiable
information should be in accordance with all applicable laws
and regulations, including those pertaining to records
collected by a government entity and made available to the
public.
4. Companies are encouraged to:
take steps to attain and maintain the highest practicable level
of information quality, consistent with industry practice and
customer need.
5. Companies are encouraged to:
establish and implement an inquiry and inspection procedure,
under which an individual can:
a) Learn if the company has personally identifiable information
about him/her;
b) Have the information communicated within a reasonable time
and under reasonable conditions;
c) Have the company correct or delete inaccurate or incomplete
personally identifiable information, or, if appropriate,
have the company identify the source of the information so
that the individual can seek to have the inaccurate or
incomplete information corrected or deleted;
d) Receive a prompt explanation if the company cannot fulfill
an inquiry and inspection request, or if the company elects
not to change or delete personally identifiable information
which the individual has challenged as inaccurate or
incomplete.
IIA publishes the Fair Information Practices Guidelines
together with a commentary on each principle and an 18-point Fair
Information Practices Checklist to help companies develop or
improve their fair information practices or privacy/data
protection policies.
*****************************************************************
[4]
OPPERMAN ON INTERNET
Vance K. Opperman, member of the U.S. Advisory Council on
the National Information Infrastructure, has established an
Internet address: <opperman@research.westlaw.com>.
For persons without access to the Internet, a post office
box has been established:
Opperman/Internet
P.O. Box 64503
St. Paul, MN 55164-0503
Vance K. Opperman is President of West Publishing Company
and a member of the Information Industry Association.
*****************************************************************
[5]
THIS COULD BE THE YEAR
FOR TELECOMMUNICATIONS LEGISLATION
Some might call it March madness, but last month hopes were
raised that Congress will actually pass comprehensive
telecommunications reform legislation. The two House committees
charged with the issue reported out substantially similar
versions of legislation that is expected to go before the full
House in April. On the Senate side, the Commerce Committee
continued its hearings on schedule. Both chambers appear to be
making progress rapidly on the issues of greatest concern to
information companies.
In the House, the Energy & Commerce and the Judiciary
Committees have both completed action on H.R. 3626 (the Brooks-
Dingell bill) and H.R. 3636, legislation authored by
Telecommunications Subcommittee Chairman Ed Markey. Before mark-
up, three primary issues of importance to information providers
arose. First, the issue of defining electronic publishing for
the purpose of establishing RBOC (regional Bell operating
companies) separate subsidiary requirements moved ahead. The
original version of H.R. 3626 contained language which almost
every information provider agreed was inadequate to guarantee
that the information services marketplace remain competitive.
After mark-ups were complete, the Judiciary Committee had agreed
to a definition that is very similar to what is contained in the
Senate bill, S. 1822. While Energy & Commerce members did not go
quite so far, the general consensus in Washington is that
Chairman John Dingell's (D-MI) acceptance of expanding the
definition can only bode well for future actions.
The second major issue that ended favorably for electronic
publishers was a clear recognition that states are not allowed to
regulate rates for information services. Chairman Markey, at his
subcommittee mark-up in February, had introduced a new version of
H.R. 3636 which would have changed longstanding FCC policy and
allowed states to regulate the rates charged by information
providers. In the final analysis, however, the bill maintained
the status quo, so that the marketplace and not regulators will
set the rates.
Finally, both Committees acted to endorse strong
requirements that RBOCs must provide customer proprietary network
information to all electronic publishers on the same terms and
conditions that they supply such information to any electronic
publishers, including their own subsidiaries.
Because of differences in the versions of the bills reported
out by each Committee, Chairman Brooks and Chairman Dingell are
expected to work together to iron out areas of conflict. It
appears that they will take a consensus bill to the House floor
for action before May 1.
On the Senate side, work continues. The Committee plans to
continue hearings on its legislation, S. 1822, through early
spring, but it is not certain whether mark-up will occur prior to
House floor action. However, Chairman Hollings has indicated
that he too believes this will be the year when Congress enacts a
comprehensive telecommunications reform measure.
*****************************************************************
[6]
CALIF. BILL WOULD REQUIRE ALL STATE GOVT.
INFORMATION TO BE DISSEMINATED VIA INTERNET
A bill introduced in the California legislation would
require that state public information which is currently
computerized be available to the public at no cost by computer.
The bill would require the CA Office of Information Technology in
the Department of Finance to develop a plan to make copies of all
information that is computerized by any state agency and that is
subject to disclosure under three existing statutes accessible to
the public in computer-readable form.
In its current form, the bill, AB 2451, prohibits agencies
from charging fees as a condition of accessing the information.
However, during the debate surrounding last year's legislation to
make CA legislative information available via the Internet, some
lawmakers suggested that there be a "two-tier" pricing scheme for
the information made available electronically. Under a proposed
two-tier pricing structure, members of the public would be
charged one price for the information or receive it for free and
commercial users would pay a higher fee. The proponents of
two-tier pricing want to use the higher commercial fees to raise
revenue.
*****************************************************************
[7]
FEDERAL SOFTWARE COPYRIGHT PROPOSAL REVIVED
Buried deep within a mammoth bill to reform the way the
military and federal civilian agencies buy products and services
is a bad idea that could make the federal government's
information less accessible to information companies and to the
general public. The idea is to allow the federal government to
claim copyright in computer software developed by its employees.
That would overturn a century-old policy that helps ensure that
federal data are accessible to all comers for all appropriate
uses.
In past years, the proposal to give the federal government
copyright over computer programs has been limited to software
developed in cooperative research and development agreements
between federal laboratories and non-federal researchers. The
current proposal is far broader. It would amend section 105 of
the Copyright Act -- the longstanding prohibition on copyright in
works of the U.S. government -- to make the government the
copyright owner of ANY computer program developed by a federal
employee on the job. Potentially, software that is needed to
access census data, Library of Congress files, federal scientific
and technical data -- even the planned Government Information
Locator Service itself -- could be claimed by the federal
government and licensed exclusively, creating a de facto monopoly
over previously public information.
Of all places, this sweeping government power play over
public information popped up in S. 1587, the Federal Acquisition
Streamlining Act, introduced by Sen. John Glenn (D-OH). In
February, as the bill moved onto the fast track for Senate
action, an industry coalition assembled to fight the federal
copyright provision. In March, fifteen coalition members --
including all the leading software trade associations, library
organizations, and some press and public interest groups -- wrote
the chairs of the two committees considering the bill. Calling
the federal software copyright plan "profoundly problematic," the
signers urged the committees to drop this provision.
It appears that no one involved with Congressional
consideration of S. 1587 had ever focused on this particular
provision of the complex procurement legislation, so it may be
possible to have it removed as the bill moves toward enactment.
The Administration has given mixed signals about the proposal,
and the outcome remains unclear. Letters from information
companies and concerned citizens to Senators, particularly those
serving on the Armed Services or Governmental Affairs committees,
would be timely NOW!
*****************************************************************
[8]
PRE-CONFERENCE SEMINAR
AT INFO TELECOM '94
The Information Industry Association is sponsoring a pre-
conference seminar at Info Telecom '94.
TITLE: "Copyright Protection and the Information
Superhighway: Writing the Rules of the Road"
DATE: Monday, April 25, 1994
TIME: 1:00 to 5:00 p.m.
PLACE: Ritz Carlton Hotel
2100 Massachusetts Ave., N.W.
Washington, DC
COST: $100 for IIA members; $195 for non-members
The seminar will focus on two major questions:
(1) What are the practical risks faced by content providers in
an online networked environment? and
(2) What technological and/or legal solutions are essential for
proprietary rights holders to do business in the new
networked information environment?
Speakers include Howard Reblitz (CCH Inc.), Stephen L.
Haynes (West Publishing), Joseph L. Ebersole (Law Offices of
Joseph L. Ebersole), Henry Perritt (Villanova Law School), and
Kenneth Allen (IIA).
**************************************************************
[9]
ABOUT "INFORMATION POLICY ONLINE"
INFORMATION POLICY ONLINE (IIA-IPO) is an online newsletter
published on the Internet by the Information Industry Association
and distributed free of charge. The purpose of the Newsletter is
to inform readers of events and activities affecting information
policy, and to present an information industry viewpoint
concerning these events and activities.
IIA-IPO is copyrighted by the Information Industry
Association; however, IIA-IPO is distributed without charge and
may be freely reproduced and redistributed. Please acknowledge
IIA-IPO as the source of the information when quoting or
redistributing the newsletter.
TO SUBSCRIBE TO IIA-IPO: Send the message "subscribe" to
<iiaipo-request@his.com>.
ARCHIVES. IIA-IPO is archived. To get archived copies, ftp
to <ftpmail@his.com> with the message "GET FILENAME." Individual
monthly issues are archived with file names "iia0394.zip" for
March 1994, "iia0494.zip" for April 1994, etc.
-----------------------------------------------------------------
ABOUT THE INFORMATION INDUSTRY ASSOCIATION
THE INFORMATION INDUSTRY ASSOCIATION represents leading
organizations involved in the generation, processing,
distribution and use of information. IIA is home base for
businesses offering the innovative products and services
that make up the information marketplace.IIA fosters a responsive
and responsible forum for promoting a competitive and growing
information marketplace.
-----------------------------------------------------------------
-----------------------------------------------------------------
President of the IIA: Kenneth B. Allen
Editor of Information Policy Online: Steven J. Metalitz, IIA
Vice President and General Counsel
Consulting Editor: J. Timothy Sprehe, Sprehe Information
Management Associates
For messages to IIA-IPO: <iia.ipo@his.com>
Voice: (202) 639-8262. Fax: (202) 638-4403.
-----------------------------------------------------------------
*****************************************************************
