Rebels in Black Robes Recoil at Surveillance of Computers

Damien Morton morton@dennisinter.com
Thu, 9 Aug 2001 16:57:40 -0400


Ive been having a ball setting my up corporate friends with triangleboy
access to safeweb. Cuts through blocking software like buttah.

Warms the cockles of my heart that they are using circumvention
technology intended to help chinese dissidents.

'Course, it kind of lessens the impact that they are using said
circumvention technology to check out www.rotten.com and such.

----------------------------------------------------
Damien Morton, Technical Director, Dennis Interactive

The glass is neither half-full nor half-empty. Its too big.

-----Original Message-----
From: Rodent of Unusual Size [mailto:Ken.Coar@Golux.Com]
Sent: Thursday, August 09, 2001 4:12 PM
To: Flatware or Road Kill?
Subject: Rebels in Black Robes Recoil at Surveillance of Computers


-------- Original Message --------
Subject: FWD: Rebels in Black Robes Recoil at Surveillance of Computers
Date: Wed, 08 Aug 2001 06:29:17 -0400
From: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
To: interest@another.pothole.com

<http://www.nytimes.com/2001/08/08/national/08COUR.html>

August 8, 2001

Rebels in Black Robes Recoil at Surveillance of Computers
By NEIL A. LEWIS

WASHINGTON, Aug. 7 -- A group of federal employees who believed that
the monitoring of their office computers was a major violation of
their privacy recently staged an insurrection, disabling the software
used to check on them and suggesting that the monitoring was illegal
and unethical.

This was not just a random bunch of bureaucrats but a group of federal
judges who are still engaged in a dispute with the office in
Washington that administers the judicial branch and that had installed
the software to detect downloading of music, streaming video and
pornography.

It is a conflict that reflects the anxiety of workers at all levels at
a time when technology allows any employer to examine each keystroke
made on an office computer. In this case, the concern over the loss of
privacy comes from the very individuals, federal judges, who will
shape the rules of the new information era.

The insurrection took root this spring in the United States Court of
Appeals for the Ninth Circuit, based in San Francisco and the largest
of the nation's 12 regional circuits, covering 9 Western states and
two territories. The Judicial Conference of the United States, the
ultimate governing body of the courts, is to meet on Sept. 11 to
resolve the matter.

The conflict between the circuit judges and the Administrative Office
of the Courts, a small bureaucracy in Washington, deteriorated to a
point that a council of the circuit's appeals and district judges
ordered their technology staff to disconnect the monitoring program on
May 24 for a week until a temporary compromise was reached. Because
the Ninth Circuit's was also linked to the Eighth and Tenth Circuits,
the shutdown affected about a third of the country and about 10,000
court employees, including more than 700 active and semiretired
judges.

Leonidas Ralph Mecham, who runs the Administrative Office of the
Courts, and who ordered the monitoring of all federal court workers,
said in a March 5 memorandum that the software was to enhance security
and reduce computer use that was not related to judicial work and that
was clogging the system. A survey by his office, he wrote, "has
revealed that as much as 3 to 7 percent of the judiciary browser's
traffic consists of streaming media such as radio and video
broadcasts, which are unlikely to relate to official business."

Officials in the judicial branch on both sides of the issue provided
several internal memorandums written as the dispute continued over the
weeks.

After the shutdown, Mr. Mecham complained in a memorandum that
disconnecting the software was irresponsible and might have resulted
in security breaches, allowing unauthorized outsiders access to the
judiciary's internal confidential computer network. "The weeklong
shutdown put the entire judiciary's data communication network at
risk," he wrote on June 15.

Mr. Mecham warned in that memorandum that on the days before the
software was disabled, there were hundreds of attempts at intrusion
into the judiciary's network from places like China and Iran.

But Chief Judge Mary Schroeder of the Ninth Circuit responded that the
concerns were overblown and that the circuit's technical people
carefully monitored computer activity during the week that the
software was disabled.

In a June 29 memorandum, she said that there was no evidence that the
electronic firewall used to block hacking had been breached and
suggested that Mr. Mecham had exaggerated the potential of a security
breach because having hundreds of attempted breaches per day was
routine and routinely blocked.

The Ninth Circuit disconnected the software, she wrote, because the
monitoring policy was not driven by concern over overloading the
system but Mr.  Mecham's concern over "content detection." Many
employees had been disciplined, she noted, because the software turned
up evidence of such things as viewing pornography, although they had
not been given any clear notice of the court's computer use policy.

Moreover, she wrote, the judiciary may have violated the law.

"We are concerned about the propriety and even the legality of
monitoring Internet usage," she wrote. Her memorandum said that the
judiciary could be liable to lawsuits and damages because the software
might have violated the Electronic Communications Privacy Act of 1986,
which imposes civil and criminal liability on any person who
intentionally intercepts "any wire, oral or electronic communication."

She noted that the Ninth Circuit had ruled just this year that the law
was violated when an employer accessed an employee Web site. In fact,
the issues of what is permissible by employers have produced a
patchwork of legal rulings and the matter has never been addressed
directly by the Supreme Court.

Judge Alex Kozinski, a member of the Ninth Circuit appeals court,
drafted and distributed an 18-page legal memorandum arguing that the
monitoring was a violation of anti- wiretap statute.

Judge Kozinski, widely known for his libertarian views, said the court
employees who were disciplined, an estimated three dozen, could be
entitled to monetary damages if they brought a lawsuit.

A spokesman for Mr. Mecham said that the software could not identify
specific employees but workstations. When unauthorized use was
detected, Mr. Mecham's deputy, Clarence Lee Jr., wrote to the chief
judge of the district, urging that the employee who used the
workstation be identified and disciplined. One such letter includes an
appendix listing the Web sites that employee had visited, some of them
pornographic. There is no evidence that any alleged abuse of the
system involved judges.

Judge Kozinski said: "Aside from my view that this may be a felony, it
is something that we as federal judges have jurisdiction to
consider. We have to pass on this very kind of conduct in the private
sphere."

Prof. Jeffrey Rosen of the George Washington University Law School,
author of a recent book on privacy, "The Unwanted Gaze" (Vintage
2001), said, "It's fascinating that the courts have to grapple with
these issues so close to home." The law is evolving, he said, adding:
"This drama with the judges reminds us of how thin the privacy
protections are. There's a real choice right now whether e-mail and
Web browsing should be regarded like the telephone or a postcard."

Judge Edwin L. Nelson, who is chairman of a judges' committee that
deals with computer issues, said in an interview that his group met
last week and drafted proposals to deal with monitoring. Judge Nelson
would not discuss the proposals but they are almost certain to
resemble policies used in the rest of the federal government, in which
clear notice is given to computer users that they may be monitored.

Jim Flyzik, vice chairman of an interagency group that considers
computer privacy issues in the federal government, said that each
department had its own policy but that clear and unambiguous
notification of monitoring was usually an element.

In the private sector, a survey by the American Management Association
this year found that 63 percent of companies monitored employees'
computer use.


http://xent.com/mailman/listinfo/fork