Computer underground Digest Wed, Jan 15, 1992 Volume 4 : Issue 02 Moderators: Jim Thomas a
Computer underground Digest Wed, Jan 15, 1992 Volume 4 : Issue 02
Moderators: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
CONTENTS, #4.02 ( Jan 15, 1992)
File 1--Re: Whole Earth Review Questions Technology
File 2--Craig's submission in #4.01
File 3--Subscribing to PHRACK
File 4--Report: 8th Chaos Computer Congress
File 5--Net "do-it-yourself" political activity (NEWSBYTES Reprint)
File 6--Political Organizing at the Individual Level
File 7--*DRAFT* "Guaranteeing Constitutional Freedoms"
File 8--The Compuserve Case (Reprint from EFF Vol 2, #3)
File 9--Senate Introduces Two FOIA Bills, S. 1929 & S. 1940
Issues of CuD can be found in the Usenet alt.society.cu-digest news
group, on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG,
and DL0 and DL12 of TELECOM, on Genie, on the PC-EXEC BBS at (414)
789-4210, and by anonymous ftp from ftp.cs.widener.edu (126.96.36.199),
chsun1.spc.uchicago.edu, and ftp.ee.mu.oz.au. To use the U. of
Chicago email server, send mail with the subject "help" (without the
quotes) to firstname.lastname@example.org.
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted as long as the source
is cited. Some authors do copyright their material, and they should
be contacted for reprint permission. It is assumed that non-personal
mail to the moderators may be reprinted unless otherwise specified.
Readers are encouraged to submit reasoned articles relating to the
Computer Underground. Articles are preferred to short responses.
Please avoid quoting previous posts unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
Date: Thu, 09 Jan 92 15:54:48 -0600
From: Neil W Rickert
Subject: File 1--Re: Whole Earth Review Questions Technology
In Cu Digest, #4.01 Tom White writes:
> Is technological innovation invariably beneficial? Do we control
>new technologies or do they control us?
This reminds me of the comments I occasionally have been heard to
make, with tongue only very slightly in cheek:
In the old days, before Xerox became a household word, everyone
participating in an important meeting would be given a copy of the
documentation. Attached was a check sheet. He/she would read the
documentation, cross his/her name off the check sheet, and pass the
documents onto the next person listed.
Today, everybody has an individual copy. There is not so much of a
rush to read it. Thus everyone can put off reading it until the last
minute or a little later, come to the meeting, and an important issue
is voted on without one participant having read it, or having the
courage to admit to not having read it.
In the old days it was very costly to revise a draft, since the whole
thing had to be redone from the start, with the possibility of new
errors being introduced. As a result many letters and memos were
sent out with minor errors, because it was just not worth the trouble
of correcting them.
Today, with word processing, editing a memo or letter is much
simpler. As a result, drafts are revised ad infinitum. The total
number of man (and woman) hours spend on the document may be three or
more times as much as before. And the result - a few less minor
typos, but no improvement in the essential meaningfulness and
readability of the document.
To top it off, there are probably thousands of MIPS (million
instructions per second) of computing power dedicated to the sole
purpose of printing address labels on junk mail, much of which will
finish up in land fills without having been read.
Date: Sat, 11 Jan 92 0:23:33 EST
Subject: File 2--Craig's submission in #4.01
Reply to: File 2--How The Government Broke The Law And Went Unpunished
> JUSTICE DENIED
> How The Government Broke The Law And Went Unpunished
> by Craig Neidorf
> TO THE READER:
> During the summer of 1990, I wrote the following review of how the
> Privacy Protection Act of 1980 could have been applied to the above
> described incident. After several months of trying to find a way to
> file a claim, I have finally come to realize that the goal I seek is
> unreachable because I do not possess the financial resources to hire
> legal counsel and no law firm or organization capable of handling the
> case will agree to take it on a contingency basis. Furthermore, as I
> Protection Act of 1980 as described above.
> ********** Stuff Deleted***********
> *** What Are The Remedies?
> Section 106(a) provides a civil cause of action for damages for
> violations of the Act. Such an action may be brought by any person
> aggrieved by a violation of the statute.
> WE DARE NOT GIVE UP THAT RIGHT!
Craig, stop complaining. You are going to law school. File a pro se
action against the government. File it and ask some of your
professors to help you out. You'll learn more practical law then a
thousand class hours.
If we dare not give up our rights, then we dare not stop.
[ This information published so that all members of the community can
know that they do not need to depend on lawyers to protect our rights.
The day an american may not protect his rights without a lawyer, is
the day his rights have died.]
PS For those interested. The supreme court is deciding a case where
a man was convicted of receiving child pornography only after being
targeted for 2 years in a blizzard of letters by undercover operators
into buying it by mail. The supreme court will try to determine what
limits the government may not violate in enticing people into breaking
Date: Tue, 14 Jan 92 17:44:09 EST
From: Storm King ListServ Account
Subject: File 3--Subscribing to PHRACK
We here at phrack have been getting mail bouncing all over the place
due to people writing PHRACK@STOMKING.COM the correct contact for
phrack is at PHRACKSUB@STORMKING.COM. Please correct this!
These days people must do the following to get on the phrack mailing
The distribution of Phrack is now being performed by the software
called Listserv. All individuals on the Phrack Mailing List prior to
your receipt of this letter have been deleted from the list.
If you would like to re-subscribe to Phrack Inc. please follow these
1. Send a piece of electronic mail to "LISTSERV@STORMKING.COM". The mail
must be sent from the account where you wish Phrack to be delivered.
2. Leave the "Subject:" field of that letter empty.
3. The first line of your mail message should read:
4. DO NOT leave your address in the name field!
(This field is for PHRACK STAFF use only, so please use a full name)
Once you receive the confirmation message, you will then be added to
the Phrack Mailing List. If you do not receive this message within 48
hours, send another message. If you STILL do not receive a message,
You will receive future mailings from "PHRACK@STORMKING.COM".
If there are any problems with this procedure, please contact
"SERVER@STORMKING.COM" with a detailed message.
The Phrack Staff
Date: Tue, 14 Jan 92 12:15 MST
Subject: File 4--Report: 8th Chaos Computer Congress
((For those who do not receive either RISKS-L or TELECOM Digest,
we reprint the following form TELECOM Digest, Vol 13 #35 (14 Jan '92)).
Date: Tue, 14 Jan 1992 06:33:50 PST
Subject: Report: 8th Chaos Computer Congress
The following message was copied from RISKS-L. Of particular interest
to TELECOM reader will be where the writer speaks of HACKTIC. That
such gatherings are becoming more sparsely populated is a positive
step. But is it, perhaps, time for people such as the UN , or perhaps
the ITU, to invoke sanctions against countries that allow such groups
to thrive? ( Comments are my own ... I don't expect anyone else to
have the guts to agree with me.) (Grin)
Date: 9 Jan 92 16:37 +0100
From: Klaus Brunnstein
Subject: Chaos Congress 91 Report
Report: 8th Chaos Computer Congress
On occasion of the 10th anniversary of its foundation, Chaos Computer
Club (CCC) organised its 8th Congress in Hamburg (Dec.27-29, 1991). To
more than 400 participants (largest participation ever, with growing
number of students rather than teen-age scholars), a rich diversity of
PC and network related themes was offered, with significantly less
sessions than before devoted to critical themes, such as phreaking,
hacking or malware construction. Changes in the European hacker scene
became evident as only few people from Netherlands (see: Hacktick) and
Italy had come to this former hackers' Mecca. Consequently, Congress
news are only documented in German. As CCC's founding members develop
in age and experience, reflection of CCC's role and growing diversity
(and sometimes visible alienity between leading members) of opinions
indicates that teen-age CCC may produce less spectacular events than
This year's dominating theme covered presentations of communication
techniques for PCs, Ataris, Amigas and Unix, the development of a
local net (mousenet.txt: 6.9 kByte) as well as description of regional
(e.g. CCC's ZERBERUS; zerberus.txt: 3.9 kByte) and international
networks (internet.txt: 5.4 kBytes), including a survey (netzwerk.txt:
53.9 kByte). In comparison, CCC'90 documents are more detailed on
architectures while sessions and demonstrations in CCC'91 (in "Hacker
Center" and other rooms) were more concerned with practical navigation
in such nets.
Phreaking was covered by the Dutch group HACKTIC which updated its
CCC'90 presentation of how to "minimize expenditures for telephone
conversations" by using "blue" boxes (simulating specific sounds used
in phone systems to transmit switching commands) and "red" boxes
(using telecom-internal commands for testing purposes), and describing
available software and recent events. Detailed information on
phreaking methods in specific countries and bugs in some telecom
systems were discussed (phreaking.txt: 7.3 kByte). More information
(in Dutch) was available, including charts of electronic circuits, in
several volumes of Dutch "HACKTIC: Tidschrift voor Techno-Anarchisten"
(=news for techno-anarchists).
Remark #1: recent events (e.g. "Gulf hacks") and material presen-
ted on Chaos Congress '91 indicate that Netherland emerges as a new
European center of malicious attacks on systems and networks. Among
other potentially harmful information, HACKTIC #14/15 publishes code
of computer viruses (a BAT-virus which does not work properly;
"world's shortest virus" of 110 bytes, a primitive non-resident virus
significantly longer than the shortest resident Bulgarian virus: 94
Bytes). While many errors in the analysis show that the authors lack
deeper insight into malware technologies (which may change), their
criminal energy in publishing such code evidently is related to the
fact that Netherland has no adequate computer crime legislation. In
contrast, the advent of German computer crime legislation (1989) may
be one reason for CCC's less devotion to potentially harmful themes.
Remark #2: While few Netherland universities devote research and
teaching to in/security, Delft university at least offers introductory
courses into data protection (an issue of large public interest in NL)
and security. Professors Herschberg and Aalders also analyse the
"robustness" of networks and systems, in the sense that students may
try to access connected systems if the addressed organisations agree.
According to Prof. Aalders (in a recent telephone conversation), they
never encourage students to attack systems but they also do not punish
students who report on such attacks which they undertook on their own.
(Herschberg and Alpers deliberately have no email connection.)
Different from recent years, a seminar on Computer viruses (presented
by Morton Swimmer of Virus Test Center, Univ. Hamburg) as deliberately
devoted to disseminate non-destructive information (avoiding any
presentation of virus programming). A survey of legal aspects of
inadequate software quality (including viruses and program errors) was
presented by lawyer Freiherr von Gravenreuth (fehlvir.txt: 5.6 kByte).
Some public attention was drawn to the fact that the "city-call"
telephone system radio-transmits information essentially as ASCII. A
demonstration proved that such transmitted texts may easily be
intercepted, analysed and even manipulated on a PC. CCC publicly
warned that "profiles" of such texts (and those addressed) may easily
be collected, and asked Telecom to inform users about this insecurity
(radioarm.txt: 1.6 kByte); German Telecom did not follow this advice.
Besides discussions of emerging voice mailboxes (voicebox.txt: 2.8
kBytes), an interesting session presented a C64-based chipcard
analysis systems (chipcard.txt: 3.3 kBytes). Two students have built
a simple mechanism to analyse (from systematic IO analysis) the
protocol of a German telephone card communicating with the public
telephone box; they described, in some detail (including an
elctronmicroscopic photo) the architecture and the system behaviour,
including 100 bytes of communication data stored (for each call, for
80 days!) in a central German Telecom computer. Asked for legal
implications of their work, they argued that they just wanted to
understand this technology, and they were not aware of any legal
constraint. They have not analysed possibilities to reload the
telephone account (which is generally possible, due to the
architecture), and they didnot analyse architectures or procedures of
other chipcards (bank cards etc).
Following CCC's (10-year old charta), essential discussions were
devoted to social themes. The "Feminine computer handling" workshop
deliberately excluded men (about 25 women participating), to avoid
last year's experience of male dominancy in related discussions
(femin.txt: 4.2 kBytes). A session (mainly attended by informatics
students) was devoted to "Informatics and Ethics" (ethik.txt: 3.7
kByte), introducing the international state-of-discussion, and
discussing the value of professional standards in the German case.
A discussion about "techno-terrorism" became somewhat symptomatic for
CCC's actual state. While external participants (von Gravenreuth,
Brunnstein) were invited to this theme, CCC-internal controversies
presented the panel discussion under the technical title "definition
questions". While one fraction (Wernery, Wieckmann/terror.txt: 7.2
kByte) wanted to discuss possibilities, examples and dangers of
techno-terrorism openly, others (CCC "ol'man" Wau Holland) wanted to
generally define "terrorism" somehow academically, and some undertook
to describe "government repression" as some sort of terrorism. In the
controversial debate (wau_ter.txt: 9.7 kByte), few examples of
technoterrorism (WANK worm, development of virus techniques for
economic competition and warfare) were given.
More texts are available on: new German games in Multi-User
Domain/Cyberspace (mud.txt: 3.8 kByte), and Wernery's "Btx
documentation" (btx.txt: 6.2 kByte); not all topics have been
reported. All German texts are available from the author (in
self-extracting file: ccc91.exe, about 90 kByte), or from CCC (e-mail:
SYSOP@CHAOS-HH.ZER, fax: +49-40-4917689).
Date: Wed, 15 Jan 1992 11:45:54 GMT
From: John F. McMullen (email@example.com)
Subject: File 5--Net "do-it-yourself" political activity (NEWSBYTES Reprint)
Warren Announces Do-It-Yourself "NET" Political Activity 1/13/92
WOODSIDE, CALIFORNIA, U.S.A., 1992 JAN 13 (NB) -- Jim Warren, founder
of InfoWorld and the West Coast Computer Faire, has announced a plan
under which US taxpayers may let their legislators know their desire
for expenditure of tax revenues.
In a statement posted of the Whole Earth 'Lectronic Link (WELL),
Warren outlined a proposal under which taxpayers would fill out a form
that specifies the desires of the taxpayer for the uses of her/his tax
payment. The form will then be sent to the taxpayer's elected
representatives. Warren said "As we approach tax-day, it emphasizes
that we again worked more than a third of last year for the
government and politicians. This year, let's tell them how WE want
them to use the hard-earned money they take from us. When we send in
our taxes, let's also send copies of this to our current and
potential elected representatives, especially to this year's political
candidates. (Let's not blame the IRS; they're just doing what our
elected representatives tell them to do.) Please feel free to copy
this to friends, neighbors, customers, business associates and
company and community bulletin boards."
The form, designed by Warren, provides spaces for the taxpayer to fill
in dollar and percentage figures for the expenditure of the funds.
Warren also committed, if taxpayers send copies of the forms to him,
to publish summary reports reflecting the desires of the aggregate of
the reporting taxpayers. Warren's form follows:
TAX ALLOCATION INSTRUCTIONS FROM A VOTER
Here are the taxes that I know you are taking from my work last
year, and here is how I want you to use them. (For other projects
that you or your campaign donors desire, please depend on the
hidden taxes that I cannot easily identify.)
This is a very serious matter to me, even though this note is a
form. Please respond and tell me how much of our earnings you, as
our elected representative, want to take in taxes, and how much you
want to spend in each budget-area. Please send me _____ copies of
your response for my friends, neighbors and business associates.
(And, a lack of response will be noted as a response.)
How to use MY taxes: Federal allocations: Fiscal-1992 Federal Budget
1. % $ 18.0% $ 290,820M National Defense
2. % $ 2.2% 35,679M International Affairs
3. % $ 1.2% 18,934M Science, Space and Technology
4. % $ 0.3% 4,129M Energy
5. % $ 1.2% 19,708M Natural Resources and Environment
6. % $ 1.2% 20,219M Agriculture
7. % $ 6.5% 105,780M Commerce and Housing Credit
8. % $ 2.1% 34,312M Transportation
9. % $ 0.4% 5,768M Community & Regional Development
10. % $ 2.9% 46,934M Education,Employment, Soc.Services
11. % $ 5.0% 81,300M Health
12. % $ 7.0% 113,811M Medicare
13. % $ 13.8% 222,691M Income Security
14. % $ 21.7% 351,109M Social Security
15. % $ 2.1% 33,380M Veterans' Benefits and Services
16. % $ 0.9% 14,842M Administration of Justice
17. % $ 0.8% 12,688M General Government
18. 12.7% $ 12.7% 206,343M Net Interest
19. % $ deficit reduction
20. % $ 0.0% 0 tax reduction/refund/rebate to me
------ --------- ------ -----------
100.0% $ 100.0% $1,618,447M my taxes & your FY-1992 budget
Thanking you for your attention to this constituent request, I
Warren told Newsbytes that, following his posting, MicroTimes editor
Mary Eisenhart told him that he can include a copy of the form in an
up-coping column in that 200,000 circulation publication.
Warren also stated that any forms sent to him for summarization will
be held in the strictest confidence and not shown to others. He said
"I must hold them for the possibility that anyone doubts that the
basis for our published summary actually existed."
Warren also commented to Newsbytes on the potential of network
mobilization, saying "We have in the computer network the largest
circulation publication in the nation and it is free for the logon
cost. This is the beginning of the implementation of effective
Warren said that at least 2 other electronic political projects are
planned for 1992.
(Barbara E. McMullen & John F. McMullen/Press Contact: Jim Warren,
415-851-2814 (fax); firstname.lastname@example.org (e-mail)/19920113)
Date: Tue, 14 Jan 92 18:45:21 EST
From: Jim Warren (email@example.com)
Subject: File 6--Political Organizing at the Individual Level
Once every four years, with less opportunity each two years -- i.e.,
each election year -- citizen-groups have a brief-but-major
window-of-opportunity to obtain government by and for the People. We
rarely use it effectively.
Civil liberties in the electronic frontier simply cannot wait until
1996. By then, it may be too late to protect online rights, freedom
We need to act now.
We *can* act. And we *can* be effective:
1. Meet with candidates.
Do this in their offices, preferably, as a group of no more than 2-4
articulate, presentable spokespeople. It helps if you have formal
backing of a group, but it is certainly not necessary. What is
greatly persuasive to candidates is whether you are likely to sway a
group of voters.
2. Be informative.
Plan a careful, logical, brief oral presentation of our concerns.
Back it up with a 2-10 page summary of major points, positions and
requests. Supporting newspaper articles are particularly helpful.
3. Seek explicit committments.
*Every* successful politician has mastered the art of *sounding*
sincerely interested and supportive without making committments. Make
specific requests for specific action within a specific time-frame.
Request it in the form of an official policy- or position-statement
issued by the candidate, "so you can then publicize their position
throughout your group." (Verbal assurances in private meetings are
unreliable.) If they seem disinclined, politely indicate that you
will, regretfully, have to report that non-action or lack of explicit
commitment must be viewed as non-support, potentially even opposition,
on these time-sensitive issues. Don't expect somethin' for nothin'.
If they seem inclined to commit --at a minimum, they will sound
sincerely concerned -- they will want to know what support you will
offer. Expect them to ask for it and/or for your
formal endorsement. Perhaps the best response to this is to say you
will vigorously circulate details of their committments throughout
4. Indicate the group to whom you will report.
Long ago, when I last checked, the WELL had about 4,500 users. BMUG
has ?? Brian Reid's latest estimates are that USENET had about
1,913,000 users on about 40,000 hosts. There are probably around 15
million users on non-BBS computer networks in the U.S., public and
private. The Internet has about 5,000 networks with around a million
hosts and anywhere from 5 to 10 million users. The Fidonet BBS-net
probably has around 2 million users (I've asked
And, there's your own internal net at work or school. Can you post
personal notes on it? Are you a BBS sysop or host administrator with
authority to post a logon notice seen by everyone? Seems like every user
ought to know who is willing to protect their online freedom and privacy.
I phrased this in the second person -- "you" do it -- but, jus' for the
record: I'm personally pursuing this with various federal and state
candidates on the San Francisco Peninsula. I walk it like I talk it. :-)
Date: Tue, 14 Jan 92 18:45:21 EST
From: Jim Warren (firstname.lastname@example.org)
Subject: File 7--*DRAFT* "Guaranteeing Constitutional Freedoms"
*This is a **draft***. (I am working on additional phrasing
regarding computerized access to computerized legislation-in-progress,
so we may be citizens effectly informed of the legislative process. I
also have some thoughts about enhancing citizen's access to their
personal information that is collected and shared by government
If you wish a copy of the final version for your own modification,
use and/or personal or group political action, please e-mail your
email@example.com --or-- firstname.lastname@example.org .
GUARANTEEING CONSTITUTIONAL FREEDOMS INTO THE 21st CENTURY
Harvard Law Professor Laurence H. Tribe, one of the nation's leading
Constitutional scholars, views technological threats to our
constitutional freedoms and rights as so serious that, for the first
time in his career, he has proposed a Constitutional Amendment:
"This Constitution's protections for the freedoms of speech, press,
petition and assembly, and its protections against unreasonable
searches and seizures and the deprivation of life, liberty or property
without due process of law, should be construed as fully applicable
without regard to generated, stored, altered, transmitted or
Until and unless the unlikely event that such an Amendment is
adopted, legislation and regulation are the only alternatives to
assure modern protection of citizens against modern technological
threats against their constitutional rights and freedoms.
PERSONAL COMMITMENT TO ACTION
PREFACE: It has been over two centuries since our Constitution and
Bill of Rights were adopted. The great technological change in the
interum --especially in computing, telecommunications and electronics
-- now poses a clear and present danger to the rights and protections
guaranteed in those great documents. Therefore:
will author or coauthor legislation reflecting the following
specifics, and I will actively support and testify in favor of any
similar legislation as may be introduced by others. Further, I will
actively seek to have included in such legislation, explicit personal
civil and/or criminal penalties against any agent, employee or
official of the government who violates any of these statutes. And
finally, I will keep all citizens who express interest in legislative
progress on these matters fully and timely informed.
The protections guaranteed in the Constitution and its Amendments
shall be fully applicable regardless of the current technology of the
time. In particular:
SPEECH: Freedom of speech shall be equally protected, whether by
voice or written as in the 18th Century, or by electronic transmission
or computer communication as in the 20th Century and thereafter.
PRESS: Freedom of the press shall be equally protected, whether by
print as in the 18th Century, or by computer distribution of
information, as in the 20th Century and thereafter.
ASSEMBLY: Freedom of assembly shall be equally protected, whether
by face-to-face meeting as in the 18th Century, or by computer-based
conference as in the 20th Century and thereafter. The right to hold
confidential meetings shall be equally protected, whether they be by
personal meeting in private chambers, or by computer-based private
SELF-PROTECTION: The right of the people to keep and use computers
and communications equipment and connections shall not be abridged by
SEARCH & SEIZURE: The right of the people to be secure in their
papers and effects, against unreasonable searches and seizures, shall
be fully applicable to their electronic mail, computerized information
and personal computer systems.
WARRANTS: No warrants for search or seizure shall issue for
computerized information, but upon probable cause, supported by oath
or affirmation, and particularly describing the computer system to be
searched and the specific information to be seized.
SECURE INFORMATION VAULTS: Just as search and seizure of letters in
a post-office, and papers in a bank-vault lock-box, and surveillance
of a telephone conversations by wire-tap each require a separate
warrant for each postal address, lock-box and telephone line, so also
shall a separate warrant be required for electronic mail or other
computer files of each suspect, when stored in a computer facility
shared by others, and such files stored in a shared facility by or for
a citizen who is neither named in a warrant nor associated with a
suspect so-named, may not be used against that citizen, if seized or
discovered during legal search of or for files of a suspect.
SELF-INCRIMINATION: No person shall be compelled in any civil or
criminal case to be a witness against himself or herself, nor be
compelled to translate or decode computerized information that may be
PRIVATE PROPERTY: Private property shall not be taken for public use
without just compensation, nor shall it be used nor sold by the
government for less than fair market value, in which case all such
proceeds shall promptly derive singularly to its owner prior to
SPEEDY RELEASE: Anyone not accused of a crime shall enjoy the right
to a speedy release and return of all of their property in undamaged
form, as may be seized under any warrant, particularly including their
_________________________ title/office/office sought
_________________________ campaign-office voice-phone number
_________________________ campaign-office electronic-mail address
Date: Tue, 14 Jan 92 17:44:09 EST
Subject: File 8--The Compuserve Case (Reprint from EFF Vol 2, #3)
THE COMPUSERVE CASE:
A STEP FORWARD IN FIRST AMENDMENT PROTECTION FOR ONLINE SERVICES.
By Mike Godwin (email@example.com)
By now you may have heard about the summary-judgment decision in
Cubby, Inc. v. CompuServe, a libel case. What you may not know is why
the decision is such an important one. By holding that CompuServe
should not be liable for defamation posted by a third-party user, the
court in this case correctly analyzed the First Amendment needs of
most online services. And because it's the first decision to deal
directly with these issues, this case may turn out to be a model for
future decisions in other courts.
The full name of the case, which was decided in the Southern District
of New York, is Cubby Inc. v. CompuServe. Basically, CompuServe
contracted with a third party for that user to conduct a
special-interest forum on CompuServe. The plaintiff claimed that
defamatory material about its business was posted a user in that
forum, and sued both the forum host and CompuServe. CompuServe moved
for, and received, summary judgment in its favor.
Judge Leisure held in his opinion that CompuServe is less like a
publisher than like a bookstore owner or book distributor. First
Amendment law allows publishers to be liable for defamation, but not
bookstore owners, because holding the latter liable would create a
burden on bookstore owners to review every book they carry for
defamatory material. This burden would "chill" the distribution of
books (not to mention causing some people to get out of the bookstore
business) and thus would come into serious conflict with the First
So, although we often talk about BBSs as having the rights of
publishers and publications, this case hits on an important
distinction. How are publishers different from bookstore owners?
Because we expect a publisher (or its agents) to review everything
prior to publication. But we *don't* expect bookstore owners to review
everything prior to sale. Similarly, in the CompuServe case, as in
any case involving an online service in which users freely post
messages for the public (this excludes Prodigy), we wouldn't expect
the online-communications service provider to read everything posted
*before* allowing it to appear.
It is worth noting that the Supreme Court case on which Judge Leisure
relies is Smith v. California--an obscenity case, not a defamation
case. Smith is the Supreme Court case in which the notion first
appears that it is generally unconstitutional to hold bookstore owners
liable for content. So, if Smith v. California applies in a
online-service or BBS defamation case, it certainly ought to apply in
an obscenity case as well.
Thus, Cubby, Inc. v. CompuServe sheds light not only on defamation law
as applied in this new medium but on obscenity law as well. This
decision should do much to clarify to concerned sysops what their
obligations and liabilities are under the law.
Highlights of the CompuServe decision (selected by Danny Weitzner):
"CompuServe's CIS [CS Information Service] product is in essence an
electronic, for-profit library that carries a vast number of
publications and collects usage and membership fees from its subscribers
in return for access to the publications. CompuServe and companies like
it are at the forefront of the information industry revolution. High
technology has markedly increased the speed with which information is
gathered and processed; it is now possible for an individual with a
personal computer, modem, and telephone line to have instantaneous
access to thousands of news publications from across the United States
and around the world. While CompuServe may decline to carry a given
publication altogether, in reality, once it does decide to carry a given
publication, it will have little or no editorial control over that
publication's contents. This is especially so when CompuServe carries
the publication as part of a forum that is managed by a company
unrelated to CompuServe. "... CompuServe has no more editorial control
over ... [the publication in question] ... than does a public library,
book store, or newsstand, and it would be no more feasible for
CompuServe to examine every publication it carries for potentially
defamatory statements than it would for any other distributor to do so."
"...Given the relevant First Amendment considerations, the appropriate
standard of liability to be applied to CompuServe is whether it knew or
had reason to know of the allegedly defamatory Rumorville statements."
Cubby, Inc. v. CompuServe, Inc. (90 Civ. 6571, SDNY)
Date: Thu, 09 Jan 92 15:54:48 -0600
From: CuD Moderators (firstname.lastname@example.org)
Subject: File 9--Senate Introduces Two FOIA Bills, S. 1929 & S. 1940
The latest (Vol. 16, #4, Dec., 1991) issue of _First Principles_
reports on the status of two Freedom of Information Act (FOIA) bills
introduced in the Senate in late 1991. The proposed amendments would
make it easier for citizens to obtain information, but more
importantly, would expand the availability of information in electronic
form. The following is abstracted from the article, "Senate
Introduces New FOIA Bills" (pp 6, 9), by Gary M. Stern.
Senator Patrick Leahy (D-VT) introduced two bills to amend the
Freedom of Information Act: S. 1939, the "Freedom of Information
Improvement Act of 1991," and S. 1940, the "Electronic Freedom of
Information Improvement Act of 1991 (cosponsored by Hank Brown
(R-CO)). The latter bill, in particular, presents the best
opportunity in many years to enact significant FOIA reforms.
S. 1940 would require the government to respond to FOIA requests
in electronic form as well as on paper. Section 4 of the bill
states that "(a)n agency shall provide records in any form in
which such records are maintained by that agency as requested by
any person. (C)An agency shall make resonable efforts to provide
records in an electronic form requested by any person, even where
such records are not usually maintained in such form." Section 3
of the bill would make the Federal Register accessible electronically
and would require each government agency to publish an index of
all information retrievable in electronic form, to describe all
databases used by the agency, and to list all statutes that the
agency uses to withhold information under exemption (b)(3).
In addition, S. 1940 would:
1) Address the problem of delays in responding to FOIA requests
2) Require the agency to notify the requester of "the total number
of denied records and paes considered by the agency
to have been responsive to the request."
S. 1939 would:
1) Narrow the scope of exemptions
2) Broaden the fee waiver and fee reduction requirements
3) Narrow the exemption concerning law enforcement records
4) Narrow the exemption to protect financial information
The Senate Judiciary Subcommittee on Technology and the Law plans
to hold hearings on the bills in March, 1992. The ACLU/CNNS is
organizing a lobbying coalition in support of both of these
bills. FOr more information, please call Gary Stern at
_First Principles_ is published by the Center for National Security
Studies, 122 Maryland Avenue, NE, Washington, DC 20002.
Subscriptions are $15/year (and $10 for students). Sample copies
are available on request.
End of Computer Underground Digest #4.02
E-Mail Fredric L. Rice / The Skeptic Tank