Thread: Peer-To-Peer News - The Week In Review - June 25th, '05
View Single Post
Old 23-06-05, 07:13 PM   #2
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,018
Default
Cinexpo 2005

Organized Crime Rings Have Become A Formidable Threat To The Street-Level Fight Against Piracy In Europe

Jimmy Katz could hardly believe his eyes as he read the May 12 Wall Street Journal: Vladimir Ovsyannikov, a member of Russia's Duma parliament, was publicly admitting that he used his legislative privileges to protect a powerful businessman in his constituency, who also happened to be a well-known DVD, video game and software pirate.

For Katz, vp Europe, Middle East and Africa at the Motion Picture Assn.'s Brussels office, the politician's relationship with the copyright thief summed up the entrenched links between piracy and organized crime in Europe.

"Piracy in Russia is as bad as it can get," Katz says. "The piracy rate is 90%; the number of DVD lines at optical disk plants is increasing, flooding the local market and spreading into Europe, the United Kingdom and the Middle East. The manufacturers and distributors are very much in the grip of organized crime."

Russian movie piracy is among the worst in Europe, where gangsters increasingly are using intellectual- property theft as a front for other unlawful activities, including human, drugs and arms smuggling, plus money laundering. It's guaranteed to be the subject of the moment at this year's Cinema Expo International -- running Monday-June 30 at the Amsterdam RAI International Exhibition and Congress Center -- where one seminar is called "A Wake-up Call: European Perspectives on Movie Theft."

But growing piracy problems are hardly confined to Russia.

"In several other (European) countries, criminal gang masters are involved in large-scale piracy," says Ted Shapiro, deputy managing director at the MPA's Brussels office and vp general counsel Europe. "We've had raids where drugs, guns, knives are found. These are not nice people; they know very well that the penalty for piracy is far less than it is for smuggling an ounce of cocaine or heroin."

In the U.K. alone, where terrorists and Chinese gangs are among the worst perpetrators, the national film industry loses about £400 million ($732 million) a year to pirates.

If the numbers reveal anything, it's that the country's anti-piracy battle has a long way to go. Last year, the U.K.'s Federation Against Copyright Theft and the British government's HM Revenue & Customs seized more than 3 million unauthorized DVDs, compared with 314,000 illegal videos confiscated in 2001. The MPA estimates more than 35 million are actually sold, making the U.K. the second- worst-affected territory after the U.S.

U.K. custom officers at airports are constantly impounding oil paintings, stuffed animals and even computer accessories that are used to disguise smuggled illegal DVDs. China, Malaysia and Pakistan are the U.K.'s biggest source of pirated DVDs, and, according to FACT, the proceeds are being used to fund organized crime and human trafficking.

In addition, Britain's piracy situation is exacerbated by the discovery that more than 25% of illegal DVDs purchased in the country are bought at the workplace, says Paris-based research company IPSOS.

The country's online piracy via peer-to-peer (P2P) file-sharing and DVD-burning also is expected to grow as broadband Internet penetration is forecast to exceed 12 million homes by 2008. Last year, a British Video Assn. study estimated that 1.7 million illegitimate movies and TV programs were downloaded, nearly three times the quantity calculated the previous year.

FACT's seizure of DVD-R (recordable blank DVD) for reproducing illegal copies soared 200% in the first quarter of this year.

Elsewhere on the continent, piracy and technology have converged in Germany to form especially sophisticated distribution channels called "release groups," whereby pirates dub local or Hollywood movies into German to sell as pirate DVDs before the films open in theaters.

Before the movies are officially distributed, the release groups unleash copies on P2P networks for illegal downloads. France, Italy and the Netherlands also have a growing number of release groups.

In one of the most effective anti-piracy investigations to date, in April, FACT's German counterpart, GVU, smashed the operations of a release group known as "Flatline" -- described as "the largest local source of German-dubbed pirate movies on the Internet."

In Southern Italy, family owned cottage industries are set up to download and burn unlicensed DVDs.

Currently, camcorder piracy is not a statutory crime in European nation states as it is in the U.S. But anti-piracy organizations fear Europe's lax laws might tempt serial camcorder pirates to cross the Atlantic.

"We're beginning to press governments in Europe to make it criminal to operate a recording device in cinemas," says Dara MacGreevy, MPA vp and anti-piracy director for Europe, the Middle East and Africa.

Elsewhere, regulators and movie industry representatives are hitting back where it hurts at regional and national levels. Several new initiatives have been launched to bolster Europe's anti-piracy resources:

FACT has received financial support to open a new unit designed to provide enforcement authorities with the necessary evidence for clamping down against movie counterfeiters. The unit, which goes into effect in September, will use analytical software called I2 on FACT's database to gain extra know-how and identify trends that will make anti-piracy probes more effective.

In March 2004, an anti-piracy initiative called the Industry Trust for IP Awareness was launched in Britain to help employers nationwide block copyright theft in the workplace.

Brussels-based International Video Federation, which represents national video associations in 15 European markets, aims to back local campaigns similar to those by the Industry Trust for IP Awareness.

France's video sector is adopting the government-sanctioned anti-piracy charter launched by the music industry in July 2004. The charter invites local ISPs to help discourage illegal downloads among subscribers.

At the Dutch Film Festival in Utrecht on Sept. 28, the Netherlands' movie industry, video distributors, video retail chains and cinema exhibitors will join forces to spread their anti-piracy message to the public in a €500,000 ($614,000) campaign featuring its new Web site, www.filmwereld.net. In addition to featuring anti-piracy TV and cinema ads, the site will explain why movie piracy is a crime punishable with a maximum of four years in prison and a €45,000 ($55,000) fine and will be used to launch a future survey to see if its message is effectively reaching consumers.

At the regional level, the European Commission has embarked on a survey designed to learn about copyright enforcement and infringement among the European Union's trading partners, including Asia, Eastern Europe and Latin America. The move aims to help make the EU's Copyright Directive and Enforcement Directive more effective.

Currently, the Copyright Directive's provisions have been incorporated into national law in all but three of the EU's 25 states. France, Finland and Spain claim more pressing local issues have delayed their implementation of the agreement. The deadline for local adoption of the Enforcement Directive, which permits civil prosecution for copyright theft, is 2006.

But the industry is confident the legislations will be adopted throughout Europe, facilitating their battles against IP infringement.

"Most of the former Eastern European markets had already adopted the provisions to join the EU, and we've seen improvements in those countries," MacGreevy says. "Several of them have really improved their enforcement regimes."
http://www.hollywoodreporter.com/thr..._id=1000965008




P2P Networks Not Only Reason For Sagging CD Sales

A report just issued by the Organization for Economic Cooperation and Development (OECD), an alliance of developed nations, has concluded that peer-to-peer (P2P) networks are not solely to blame for any drop in music sales, and that other factors also may be at work.

The report, titled "Digital Broadband Content: Music," prepared by the Working Party on the Information Economy for the Directorate for Science, Technology and Industry of the OECD, begins by noting that there are a large number of legitimate online music services available to consumers. Indeed, "access to broadband and technological developments have lead to the rapid creation of online music services that change the way music is accessed and consumed."

According to the report, "the overall digitization of music, changing ways of listening to music, the diversification of delivery platforms and sharing are likely to have increased the time listened to music." However, "the unauthorized downloading of copyrighted content over the Internet has raised considerable concerns."

The report notes that in 2003, the value of global recorded music sales was approximately $32 billion. OECD countries accounted for about 94% of that market. One can reasonably infer that the value of global recorded music sales has only gone up since 2003.

Turning to P2P, the report states that as of October, 2004, there were almost 10 million simultaneous users on all P2P networks. The United States comprises more than half of the simultaneous file-sharing users.

The OECD acknowledges in the report that the use of P2P networks to exchange unauthorized copyrighted material "presents a significant challenge to the music industry and to enforcement of intellectual property rights." The report states that "there is currently a considerable volume of copyright infringement that is taking place among users of peer-to-peer networking software," and that "this unfair competition puts pressure on legitimate online music and other content services and may have slowed commercial services that offer access to online content."

Still, the report comes out and declares that "it is very difficult to establish a basis to prove a causal relationship between the size of the drop in music sales and the rise of file sharing." Instead, the OECD opines that sales of CDs and the success of online music services "likely" have been affected "to some degree" by other factors, such as "physical piracy and CD burning, competition from others, newer entertainment products and faltering consumer spending in some markets."

The report concludes that if "Internet-based piracy is effectively addressed, licensed file-sharing and new forms of 'super-distribution' could be important growth factors." Thus, the stated challenge is to "make file-sharing a business model for the licensed delivery of copyrighted material." That's easier said than done, as most P2P networks operate in an unlicensed manner.

So, what is the upshot? Yes, the availability of digital music online probably has increased music listening time. And yes, while P2P networks are not the only source of infringement of copyrighted works of music, and there are other causes, P2P networks certainly do facilitate such infringement in certain instances. No doubt then, the music industry will continue to search for ways to license digital music content while attempting to ward off infringement.

Eric Sinrod is a partner in the San Francisco office of Duane Morris (www.duanemorris.com), where he focuses on litigation matters of various types, including information technology disputes. His column appears Wednesdays at USATODAY.com. His Web site is www.sinrodlaw.com, and he can be reached at ejsinrod@duanemorris.com. To receive a weekly e-mail link to Mr. Sinrod's columns, please send an e-mail with the word Subscribe in the subject line.
http://www.usatoday.com/tech/columni...6-22-p2p_x.htm




A Matter of Substance OmniMedia Unveils P2P Piracy Elimination Platform
Press Release

A Matter of Substance OmniMedia (AMOS) has partnered with Intent MediaWorks to launch its "Piracy Prevention Platform" - a state of the art encryption, tracking, and distribution system, built to stop the theft of music and films through the Internet.

AMOS/INTENT announced it has developed and implemented the solution to the piracy problem; which the critical supreme-court ruling of

MGM vs. Grokster pulls to the headlines - Making P2P the place where all eyes are pointed at for the future of the entertainment business.

DCIA estimates that in the time-span it took iTunes to sell 350 Million tracks, 70 Billion dollar's worth of music and film have been illegally downloaded via the peer-to-peer (P2P) networks and the WEB. Billions of dollars are unfairly stolen from artists and content creators. And yet consumers have not been presented with a compelling alternative, until now.

The new AMOS/INTENT platform encrypts music and film files, launches it into the P2P jungle attached to a sponsor-ad, essentially making the track a 'free gift' from advertiser to consumer. The same encryption can alternatively completely block the spread of the file into the P2P stream. "To address these issues and be the solution AMOS has partnered with Intent MediaWorks and employed a new consumer friendly business-model for protection and distribution for all forms of media content on the Web," said, Eytan Rockaway, AMOS Co-Founder and CEO.

By executing this new business model, AMOS/INTENT connects the proven power of ad-dollars directly into the plight of the artist, without charging the consumer: "The kids download for free (the 'price' of viewing an ad)- the artist gets paid for their song- and the advertiser hits a highly targeted demographic- so everyone goes home happy," says Ohad Maiman, AMOS Co-Founder and CEO.

AMOS/INTENT is committed to "being the solution" to piracy of music and feature films. Any and all media AMOS presses and distributes will be protected with encryption technology that will allow the content to be intentionally distributed via the Internet. This will occur by embracing the precise and limitless reach, as well as remarkable speed of online viral distribution.

"Our encryption allows us to 'sell' that content in the same place where hundreds of millions of consumers (still growing, matter of fact doubling in # each year) download illegally for free. We accurately introduce ad-dollar target-demographics to matching fan bases, we sell songs at better prices than iTunes or any other online store, we allow free previews, we provide free trailers," says Joey P, AMOS A&R and Director of Marketing.

AMOS represents the future business models of record labels and film studios. It is more cost effective, more precise with target audiences, as well as more empowering to the artists and consumers.

Being a record label and a Film/TV studio, AMOS believes that protecting an artist's creative content in the current digital world of piracy is the most important change necessary in the industry.

The music industry continues to implode and scramble to address these painful issues that have cut into billions of revenue. Everyone in the entertainment industry has been waiting for a solution to the problem of illegally traded files. AMOS/INTENT Says the solution has arrived.

This is a monumental moment in the history of entertainment. AMOS welcomes your submissions as well as inquiries regarding the new platform as well as their unique mode of distribution.

If Mr. George Lucas had consulted AMOS/INTENT a few months ago, he would have been able to harness the potential of P2P file swapping and profit - instead of having Star Wars stolen six hours after its premier.

The future is embracing the Internet intentionally rather than fighting it. And A Matter of Substance is poised to be the trailblazer in this brave new digital world.
http://home.businesswire.com/portal/...&newsLang =en




"Complete garbage"

Cohen on Avalanche

A bunch of people have been pestering me about Avalanche recently, so I'll comment on it.

First of all, I'd like to clarify that Avalanche is vaporware. It isn't a product which you can use or test with, it's a bunch of proposed algorithms. There isn't even a fleshed out network protocol. The 'experiments' they've done are simulations.

It's a bad idea to give much weight to simulations, especially of something so hairy as real-world internet behavior. I spent most of my talk at stanford explaining why it's difficult to benchmark, much less simulate, BitTorrent in a way which is useful. But we can look at their simulation to see if it might at least be ballpark.

Let's see, here's their simulation of 'tit-for-tat':

Ø To simulate a tit-for-tat scenario, the simulator keeps track of the difference between uploaded blocks minus downloaded blocks from a user S (source) to a user D (destination). If the difference is larger than the pre-configured value (typically 2 when we study tit-for-tat), then the source S will not send any block to D even if there is spare upload capacity at S and spare download capacity at D.



I can't fathom how they came up with this. Researching either the source code or the documentation on the BitTorrent web site would have shown that the real choking algorithms work nothing like this. Either they just heard 'tit-for-tat' and just made this up, or they for some odd reason dredged up BitTorrent 1.0 and read the source of that. You see, BitTorrent work this way when it was nowhere near functional yet, and the first test among multiple peers (6 if my memory serves) showed that it sucks. It was promptly rewritten, way back in late 2001. This gaffe alone makes their simulation completely worthless, but it isn't the only one:

Ø Whenever a user joins the system it picks four nodes at random and makes them its neighbors (provided that they have not exceeded the maximum number of neighbors, which is set to six in most of our experiments). The simulator supports dynamic user populations with nodes joining and leaving the system, and topology reconfigurations. In fact, at the end of each round, if a node determines that the utilization of its download capacity in the most recent rounds drops below a certain threshold (10% in most of our experiments), then it tries to discover and connect to new neighbors. Similarly, if the user has exceeded its maximum number of neighbors, then it will drop some of the old neighbors at random.



So in their simulations peers have 4-6 neighbors with a strong preference for 4. BitTorrent in the real world typically uses 30-50. Since BitTorrent depends entirely on its neighbors for information related to piece selection, this limitation has ratcheted the amount of useful information BitTorrent gets to the absolute minimum possible without making the system not work at all.

They also don't simulate varying transfer rate abilities, transfer rate abilities varying over time, or endgame mode.

In other words, intentionally or not, the simulation is completely rigged against BitTorrent.

The central idea here is basically 'Let's apply error correcting codes to BitTorrent'. This isn't a new idea, everybody comes up with it. In fact I saw fit to mention that it's a dubious idea before. (Some people will point out that 'error correcting codes' isn't the right term for the latest and greatest of this sort of technology, to which I say 'whatever'.) The main reason that this is a popular idea is that recent work in error correcting techology is very cool. While it is very cool, and very applicable to sending information across lossy channels, the case for using it in BitTorrent is unconvincing.

What error correction can in principle help with is that it the chances that any given peer has data which is of interest to another peer. In practice this isn't really a problem, because rarest first does a very good job of piece distribution, but error correction can in principle do as well as is theoretically possible, and rarest first is in fact less than perfect in practice.

One thing badly missing from this paper is back-of-the-envelope calculations about all of the work necessary to implement error correction. Potential problems are on the wire overhead, CPU usage, memory usage, and disk access time. Particularly worrisome for their proposed scheme is disk access. If the size of the file being transferred is greater than the size of memory, their entire system could easily get bogged down doing disk seeks and reads, since it needs to do constant recombinations of the entire file to build the pieces to be sent over the wire. The lack of any concrete numbers at all shows the typical academic hand-wavy 'our asymptotic is good, we don't need to worry about reality' approach. Good asymptotics are one thing, but constant multipliers can be killer, and it's necessary to work out constant multipliers for all pontentially problematic constants, not just the easy ones like CPU.

The really big unfixable problem with error correction is that peers can't verify data with a secure hash before they pass it on to other peers. As a result, it's quite straightforward for a malicious peer to poison an entire swarm just by uploading a little bit of data. The Avalanche paper conveniently doesn't mention that problem.

As you've probably figured out by now, I think that paper is complete garbage. Unfortunately it's actually one of the better academic papers on BitTorrent, because it makes some attempt, however feeble, to do an apples to apples comparison. I'd comment on academic papers more, but generally they're so bad that evaluating them does little more than go over epistemological problems with their methodology, and is honestly a waste of time.

If you're interested in doing more fleshed out research on error correction in BitTorrent, I suggest starting with a much less heavyweight approach. Having peers transfer the xor of exactly two pieces could potentially get most of the benefits of full-blown network coding.
http://www.livejournal.com/users/bramcohen/




Time On Your Hands?

Peruse the Morpheus boards for the latest dustup between the big M and Limewire.
http://www.morpheusforum.com/showthread.php?t=23




Surveillance

Libraries Say Yes, Officials Do Quiz Them About Users
Eric Lichtblau

Law enforcement officials have made at least 200 formal and informal inquiries to libraries for information on reading material and other internal matters since October 2001, according to a new study that adds grist to the growing debate in Congress over the government's counterterrorism powers.

In some cases, agents used subpoenas or other formal demands to obtain information like lists of users checking out a book on Osama bin Laden. Other requests were informal - and were sometimes turned down by librarians who chafed at the notion of turning over such material, said the American Library Association, which commissioned the study.

The association, which is pushing to scale back the government's powers to gain information from libraries, said its $300,000 study was the first to examine a question that was central to a House vote last week on the USA Patriot Act: how frequently federal, state and local agents are demanding records from libraries.

The Bush administration says that while it is important for law enforcement officials to get information from libraries if needed in terrorism investigations, officials have yet to actually use their power under the Patriot Act to demand records from libraries or bookstores.

The library issue has become the most divisive in the debate on whether Congress should expand or curtail government powers under the Patriot Act, and it was at the center of last week's vote in the House approving a measure to restrict investigators' access to libraries.

The study does not directly answer how or whether the Patriot Act has been used to search libraries. The association said it decided it was constrained from asking direct questions on the law because of secrecy provisions that could make it a crime for a librarian to respond. Federal intelligence law bans those who receive certain types of demands for records from challenging the order or even telling anyone they have received it.

As a result, the study sought to determine the frequency of law enforcement inquiries at all levels without detailing their nature. Even so, organizers said the data suggested that investigators were seeking information from libraries far more frequently than Bush administration officials had acknowledged.

"What this says to us," said Emily Sheketoff, the executive director of the library association's Washington office, "is that agents are coming to libraries and they are asking for information at a level that is significant, and the findings are completely contrary to what the Justice Department has been trying to convince the public."

Kevin Madden, a Justice Department spokesman, said that the department had not yet seen the findings and that he could not comment specifically on them. But Mr. Madden questioned the relevance of the data to the debate over the Patriot Act, noting that the types of inquiries found in the survey could relate to a wide range of law enforcement investigations unconnected to terrorism or intelligence.

"Any conclusion that federal law enforcement has an extraordinary interest in libraries is wholly manufactured as a result of misinformation," Mr. Madden said.

The study, which surveyed 1,500 public libraries and 4,000 academic libraries, used anonymous responses to address legal concerns. A large majority of those who responded to the survey said they had not been contacted by any law enforcement agencies since October 2001, when the Patriot Act was passed.

But there were 137 formal requests or demands for information in that time, 49 from federal officials and the remainder from state or local investigators. Federal officials have sometimes used local investigators on joint terrorism task forces to conduct library inquiries.

In addition, the survey found that 66 libraries had received informal law enforcement requests without an official legal order, including 24 federal requests. Association officials said the survey results, if extrapolated from the 500 public libraries that responded, would amount to a total of some 600 formal inquires since 2001.

One library reporting that it had received a records demand was the Whatcom County system in a rural area of northwest Washington.

Last June, a library user who took out a book there, "Bin Laden: The Man Who Declared War on America," noticed a handwritten note in the margin remarking that "Hostility toward America is a religious duty and we hope to be rewarded by God," and went to the Federal Bureau of Investigation. Agents, in turn, went to the library seeking names and information on anyone checking out the biography since 2001.

The library's lawyers turned down the request, and agents went back with a subpoena. Joan Airoldi, who runs the library, said in an interview that she was particularly alarmed after a Google search revealed that the handwritten line was an often-cited quotation from Mr. bin Laden that was included in the report issued by the Sept. 11 commission.

The library fought the subpoena, and the F.B.I. withdrew its demand.

"A fishing expedition like this just seems so un-American to me," Ms. Airoldi said. "The question is, how many basic liberties are we willing to give up in the war on terrorism, and who are the real victims?"

The survey also found what library association officials described as a "chilling effect" caused by public concerns about the government's powers. Nearly 40 percent of the libraries responding reported that users had asked about changes in practices related to the Patriot Act, and about 5 percent said they had altered their professional activities over the issues; for instance, by reviewing the types of books they bought.

Representative Bernard Sanders, independent of Vermont, who sponsored the House measure to curtail the power to demand library records, said he was struck by the 40 percent response.

"What this demonstrates is that there is widespread concern among the American people about the government having the power to monitor what they are reading," Mr. Sanders said.

The margin of the vote on Mr. Sanders's measure, which passed 238 to 187, with support from 38 Republicans, surprised even some backers, but Bush administration officials say they are hopeful the decision will be reversed and have threatened a veto of any measure that would limit powers under the Patriot Act.

Carol Brey-Casiano, who runs the library system in El Paso and is president of the library association, said she, too, sensed a public unease.

"We're concerned about protecting people's privacy," she said. "People will say to me, 'I've read about the Patriot Act, and does that mean the government can come in and ask you what I'm reading?' And my answer to them has to be, 'Yes, they can,' and quite frankly, I can't even tell anyone if that happened, because there's a gag order."

Investigators have long had the ability to seek out library records in tracking leads in criminal inquiries. In two of the most noted cases, investigators in the 1990's used library records to search for the Unabomber, who wrote detailed and unusual academic treatises in his string of bombings over almost two decades, and for New York's "Zodiac Killer," who had cited the writing of an obscure occult poet.

Government officials say that while they have no interest in using their expanded powers under the Patriot Act to monitor Americans' reading habits, they do not believe that libraries should be safe havens for terrorists. They point to several cases in which Sept. 11 hijackers and other terror suspects used library computers to send e-mail messages.

Perhaps the fiercest counterattack from the Bush administration on the issue came in 2003 from John Ashcroft, then the attorney general, who said in a speech in Washington that groups like the American Library Association had bought into "breathless reports and baseless hysteria" about the government's interest in libraries.

"Do we at the Justice Department really care what you are reading?" Mr. Ashcroft asked. "No."

Ms. Sheketoff at the library association acknowledged that critics of the study may accuse the group of having a stake in the outcome of the Patriot Act debate. "Sure, we have a dog in this fight, but the other side has been mocking us for four years over our 'baseless hysteria,' and saying we have no reason to be concerned," she said. "Well, these findings say that we do have reason to be concerned."
http://www.nytimes.com/2005/06/20/po...20patriot.html




Social Security Opened Its Files for 9/11 Inquiry
Eric Lichtblau

The Social Security Administration has relaxed its privacy restrictions and searched thousands of its files at the request of the F.B.I. as part of terrorism investigations since the Sept. 11, 2001, attacks, newly disclosed records and interviews show.

The privacy policy typically bans the sharing of such confidential information, which includes home addresses, medical information and other personal data. But senior officials at the Social Security agency agreed to an "ad hoc" policy that authorized the release of information to the bureau for investigations related to Sept. 11 because officials saw a "life-threatening" emergency, internal memorandums say.

The Internal Revenue Service also worked with the bureau and the Social Security agency to provide income and taxpayer information in terror inquiries, law enforcement officials said. Officials said the I.R.S. information was limited because legal restrictions prevented the sharing of taxpayer information except by court order or in cases of "imminent danger" or other exemptions. The tax agency refused to comment.

The Social Security memorandums were obtained through a Freedom of Information Act request by the Electronic Privacy Information Center, a civil liberties group here. Copies were provided to The New York Times.

Social Security and law enforcement officials said that they were sensitive to privacy concerns and had put safeguards in place, but that they believed that the information gave investigators a valuable tool.

"We ran thousands of Social Security numbers," said a former senior F.B.I. official who insisted on anonymity because the files involved internal cases.

"We got very useful information, that's for sure," the former official said. "We recognized the value of having that information to track leads, and, to their credit, so did the Social Security Administration."

Some privacy advocates and members of Congress, although sympathetic to the extraordinary demands posed by the Sept. 11 investigation, said they were troubled by what they saw as a significant shift in privacy policies.

Representative Carolyn B. Maloney, a New York Democrat who has sought information from the Social Security agency on the issue, said the new policy had "real civil liberties implications for abuse." Ms. Maloney questioned whether Congress was adequately informed.

"If we don't know when the Social Security Administration decides to change its rules to disclose personal information," she said, "I think Americans have a right to be skeptical about their privacy."

The director of the Open Government Project at the Electronic Privacy Information Center, Marcia Hofmann, acknowledged the need for investigators to have access to vital information.

"But an ad hoc policy like this is so broad that it allows law enforcement to obtain really sensitive information by merely claiming that the information is relevant to the 9/11 investigation," Ms. Hofmann said. "There appears to be very little oversight."

In addition to easing its rules, the Social Security agency agreed to waive normal privacy restrictions for information related to the F.B.I. investigation of the sniper shootings in the Washington region in 2002, the internal memorandums show. It does not appear that any information was ultimately turned over.

The agency agreed two days after the Sept. 11 attacks to give the F.B.I. access to material from its files to obtain information on the hijackers, anyone with "relevant information" on the attacks and victims' relatives.

Under Social Security Administration policy, which goes beyond federal privacy law, such information cannot typically be shared with law enforcement officials unless the subject has been indicted or convicted of a crime. The loosening of the policy was updated and reauthorized last year, the internal documents show, and Social Security officials said Tuesday that it remained in place.

Social Security officials said they were not aware of recent F.B.I. requests for information from their files in the inquiry.

It appears that there was a flood of requests for at least a year after the attacks and perhaps longer, as bureau agents sought personal and financial information on illegal immigrants and other suspects who might be using fraudulent Social Security information. Some of the hijackers used fake Social Security numbers.

Officials at the Social Security Administration said the policy directives since Sept. 11 identified 11 offices - 10 in the inspector general's office and one in the privacy office - authorized to approve the F.B.I. requests.

"Thankfully, these requests don't come up that often," Jonathan Cantor, the privacy officer at the agency, said. "You just have to look at each situation as it comes in, and it's my job to balance the privacy of the records against legitimate requests for that information."

Mr. Cantor said that the bureau had made requests for financial and employment information from Social Security files, but that the agency had referred them to the I.R.S. because it was not legally allowed to release taxpayer information.

James Huse, who was the inspector general at the Social Security agency until March 2004, said his agency provided relevant identifying information to the bureau on possible terror suspects but relied on the tax agency to determine what information it would turn over on a suspect's income and employment.

The F.B.I. requests "came in by the thousands," Mr. Huse said in an interview. "They would give us the names of people suspected of being terrorists for whatever reason, and we'd match them against Social Security indices to see if these people were real, did they have Social Security numbers, things like that."

He said that most of the names and numbers run by the bureau did not match up to Social Security records, and that he was unaware of cases of governmental abuse in the requests. Mr. Huse added that "on a big-volume name check like that you wouldn't really know if you had a frivolous name thrown in or not."

A major debate is under way on access for the F.B.I. and other law enforcement agencies in national security investigations to confidential information like library checkout lists, hospital records or airline manifests. Bush administration officials say it is imperative for investigators to have broad tools to track terror suspects.
http://www.nytimes.com/2005/06/22/po...rtner=homepage




Gov't. Collected Airline Passenger Data
Leslie Miller

The federal agency in charge of aviation security collected extensive personal information about airline passengers even though Congress forbade it and officials said they wouldn't do it, according to documents obtained Monday by The Associated Press.

The Transportation Security Administration bought and is storing details about U.S. citizens who flew on commercial airlines in June 2004 as part of a test of a terrorist screening program called Secure Flight, the documents indicate.

"TSA is losing the public's trust," said Tim Sparapani, a privacy lawyer with the American Civil Liberties Union. "They have a repeated, consistent problem with doing one thing and then saying they did another."

Secure Flight and its predecessor, CAPPS II, have been criticized for secretly obtaining personal information about airline passengers and failing to do enough to protect it.

The TSA and several airlines were embarrassed last year when it was revealed that airlines gave personal information on 12 million passengers to the government without the travelers' permission or knowledge. An inspector general's report found TSA misled the public about its role in acquiring the data.

Class-action lawsuits have been brought against airlines and government contractors for sharing their passengers' information. As a result, airlines agreed to turn over passenger data for testing only after they were ordered to do so by the government in November.

According to the documents, which will be published in the Federal Register this week, the TSA gave the data, known as passenger name records, to its contractor, Virginia-based EagleForce Associates. Passenger name records can include a variety of information, including name, address, phone number and credit card information.

EagleForce then compared the passenger name records with commercial data from three contractors that included first, last and middle names, home address and phone number, birth date, name suffix, second surname, spouse first name, gender, second address, third address, ZIP code and latitude and longitude of address. The reason for the comparison was to find out if the passenger name record data was accurate, according to the TSA.

EagleForce then produced CD-ROMs containing the information _ except for latitude and longitude and spouse's first name _ "and provided those CD-ROMs to TSA for use in watch list match testing," the documents said. TSA now stores that data.

According to previous official notices, TSA had said it would not store commercial data about airline passengers.

The Privacy Act of 1974 prohibits the government from keeping a secret database. It also requires agencies to make official statements on the impact of their record keeping on privacy.

The TSA revealed its use of commercial data in a revised Privacy Act statement to be published Wednesday in the Federal Register.

"This is like creating an FBI file, not just some simple check, and then they're storing the data," said Sparapani, the ACLU attorney.

TSA spokesman Mark Hatfield said the program was being developed with a commitment to privacy, and that it was routine to change Privacy Act statements during testing.

"Secure Flight is built on an airtight privacy platform, and the GAO (Government Accountability Office) and Congress are providing close oversight every step of the way," Hatfield said. "The purpose of the testing is to define what the program will ultimately look like."

The TSA said it is protecting the data from theft and carefully restricting access to it.

Congress said no money could be spent to test such an identity verification system "until TSA has developed measures to determine the impact of such verification on aviation security and the Government Accountability Office has reported on its evaluation of the measures." That language was part of the Homeland Security Department spending bill, which became law Oct. 18.

The GAO issued its report on Secure Flight testing on March 28. The report gave the TSA a failing grade, saying the program hadn't met nine of 10 criteria that Congress said it must meet before being implemented.

Hatfield said appropriate congressional committees were briefed in December on the contract awarded to EagleForce on Feb. 22.

But Bruce Schneier, a security expert who serves on the TSA-appointed oversight panel for Secure Flight, said the agency was explicitly told not to try to verify passengers' identity with commercial data.

"They're doing what they want and they're working around any rules that exist," Schneier said.

Last week, the Homeland Security Department's chief privacy officer, Nuala O'Connor Kelly, announced she's conducting an investigation of the TSA's use of commercial data for Secure Flight testing.
http://wireservice.wired.com/wired/s...toryId=1051751
JackSpratts is offline   Reply With Quote