Patriotism, Power, &
Privacy Online

Protection versus Privacy:
The USA Patriot Act and Free Speech Online

Steve Worona Held on Thursday, March 7, 2002 at 4:30 pm in PNW 212

Steve Worona, EDUCAUSE Director of Policy and Networking Programs

Steve Worona discussed the pros and cons of this new legislation with particular emphasis on the effects this will have on college communities across our nation. He has lectured internationally on a wide range of topics, focusing most recently on the impact of technology on our social and legal system. After more than 30 years at Cornell University, Steve Worona joined EDUCAUSE as Director of Policy and Networking Programs. At Cornell, Worona developed CUinfo (the first Campus-Wide Information System) and Dear Uncle Ezra (the first online counseling service), and managed award-winning projects in electronic publishing, digital libraries, and factory automation. He taught courses in both the Computer Science Department and Graduate School of Management, and co-founded Cornell's Computer Policy and Law Program. He is coordinating EDUCAUSE programs in such areas as leading-edge authentication systems, computer and network security, and management of the .EDU top-level Internet domain.

USA Patriot Act: The Big Picture
2 min, 30 secs


  • Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism
  • Signed into law 10/26/01
  • 342 Pages
    • In 6 weeks???
  • Untested
  • Controversial
    • DoJ: What's the big deal?
    • EFF: "...sweeping new powers..."

Privacy is a Moving Target
1 min, 13 secs


  • New Yorker Cartoon
  • Phone conversations used to be private
  • Cell phone conversations are no longer private
  • Privacy now means something different than it did just five years ago
    • Used to be much more important
    • Privacy is a moving target

"Privacy" is not in the Constitution
3 min, 23 secs


The Fourth Amendment:
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and siezures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be siezed."

Trap and Trace
3 min, 48 secs


  • Court order for "trap and trace" may now be written to include more.
    • Old: Outgoing and incoming phone numbers
    • New: "Routing, addressing, and signaling" info (but excludes "content")
  • Court orders for trap and trace don't have to identify a specific ISP
    • You may ask USAG for a "certification"
  • Unclear how much work you have to do to comply (but they'll pay for it)
  • Unclear whether a court can order Carnivore ("DCS 1000") installed

Subpoenas and Court Orders to ISP's

Part 1: 3 min, 40 secs


Part 2: 2 min, 26 secs
/>

  • Old: Name, address, phone number, types of services used, length of use
  • New: Connection times and duration, calling number, IP address, credit card
  • Much-expanded capabilities under FISA (Foreign Intelligence Surveillance Act)
    • Old: Travel/lodging (bus, air, car, hotel) records
    • New: "Any tangible thing"
    • New: Anyone related to an "authorized investigation…to protect against international terrorism or clandestine intelligence"
    • Plus: No disclosure of FISA order

FERPA and ECTA
1 min, 44 secs


You may disclose information from education records (FERPA) and e-mail content (ECTA) if you have a reasonable belief that there is an emergency involving immediate danger of death or serious physical injury and that disclosure may help prevent this.

Hackers et al
2 min, 27 secs


  • ISPs may now request assistance from law enforcement in pursuing "trespassers", allowing law enforcement to intercept all of a trespasser's communications
    • Concern: Once invited in, will law enforcement monitor only the trespasser's communication?
    • Reply: The law has explicit provisions to limit this, and so, presumably, any other evidence would be suppressable
  • ISPs have expanded capabilities for seeking damages against trespassers
  • Note that this has nothing to do with terrorism

Reasons for Law Compliance Before the USA/PATRIOT Act
5 min, 1 secs


Evolution of ISP Liability
  • 1991: Cubby v. CompuServe
    • ISP as distributor (e.g., bookstore, library)
  • 1994: Stratton Oakmont v. Prodigy
    • ISP as publisher (e.g., newspaper)
  • 1996: Telecommunications Act of 1996
    • Section 230 of the CDA
  • 1997: Zeran v. America Online, Inc.
    • No ISP liability, per CDA
  • 1999: Lurmey v. Prodigy
    • Stratton Oakmont was wrongly decided
WCPSC Faculty Director: Wini Wood
Maintained by: Anne Manning
Date Created: 25 August 2008
Last Modified: 25 August 2008
Expires: 31 December 2009