12/16. The Department of Homeland Security (DHS) issued a release that states that Secretary of Homeland Security "Tom Ridge and European Commissioner Frits Bolkestein have reached an agreement regarding the legal transfer of Passenger Name Record (PNR) data to Homeland Security. The agreement finds that Homeland Security’s handling of the PNR data is sufficient for an ``adequacy finding.´´"

The agreement does not require passengers consent to release of their personal information.

The DHS release continues that "This finding by the European Commission affirms under European law that protections to be implemented by Homeland Security are appropriate to guard passenger privacy.  By using 34 key elements of PNR data at borders and ports of entry, U.S. Customs and Border Protection (CBP) officers will be able to better screen passengers for the purposes of preventing and combating terrorism and transnational crimes.  The PNR data will be generally retained for no longer than three and one-half years."

Also on December 16, Frits Bolkestein, the member of the European Commission in charge of the Internal Market, Taxation and Customs, gave a speech in Strasbourg, France regarding airline passenger data.

Bolkestein (at right) spoke to the European Parliament Committees on Citizens' Freedoms and Rights, Justice and Home Affairs and Legal Affairs and the Internal Market.

He called this agreement a "political judgement".

The DHS release states that the DHS "will continue to negotiate with the European Commission to reach a permanent agreement for the transfer of PNR data to the Transportation Security Administration (TSA) for operational use by the Computer Assisted Passenger Prescreening System II (CAPPS II), which will identify high-risk passengers for additional screening."

Bolkestein stated that "the arrangement will not cover the US Computer Assisted Passenger Pre-Screening System (CAPPS II). The latter will only be considered in a second round of discussions yet to come. In any case, such discussions can only conclude once Congress' privacy concerns have been met, and so far they have not."

12/16. The Federal Communications Commission (FCC) has not yet initiated a notice of proposed rulemaking (NPRM) or notice of inquiry (NOI) proceeding regarding voice over internet protocol (VOIP) services. However, the FCC held a one day roundtable meeting on VOIP issues on December 1, 2003.

At that event the FCC asked that brief public comments be submitted within "two weeks". See, story titled "FCC Holds VOIP Forum" in TLJ Daily E-Mail Alert No. 790, December 2, 2003.

On December 16, Marc Rotenberg and Chris Hoofnagle of the Electronic Privacy Information Center (EPIC) wrote a letter to the FCC Chairman Michael Powell urging the FCC to extend privacy protections to users of VOIP services, but not to apply Communications Assistance to Law Enforcement Act (CALEA) requirements to VOIP services.

They argued that "a central requirement of a functional and trustworthy communications network is the assurance of privacy protection for users of the network" and that the FCC "must take affirmative steps to ensure strong privacy protections for users of VoIP service".

They also wrote that the "EPIC maintains our strong reservations regarding the application of the Communications Assistance to Law Enforcement Act (CALEA) requirements to this service. It is simply not coherent to argue that VOIP services should be free of government regulation and then for the government to require that communication service providers, hardware manufacturers, and network developers incorporate the most extreme communications surveillance requirements of the Federal Bureau of Investigation. CALEA, if applied to VOIP, would establish unprecedented regulation for new communications services."

In contrast, the Federal Bureau of Investigation (FBI), Department of Justice (DOJ) and Drug Enforcement Administration (DEA) submitted a comment [9 pages in PDF] in which they argued that "As the Commission drafts its VoIP notice of proposed rulemaking, Law Enforcement strongly urges the Commission to require VoIP providers to comply with CALEA to ensure that no new loophole is created that allows criminals, terrorists, and spies to use VoIP services to avoid lawfully authorized surveillance."

This is not the FBI's first communication to the FCC on this matter. It has made a number of ex parte presentations. See, story titled "FBI Wants Broadband Internet Access Classified As A Telecommunications Service So That CALEA Will Apply", in TLJ Daily E-Mail Alert No. 707, July 30, 2003.

There are currently three petitions pending at the FCC pertaining to VOIP: an AT&T petition, a Pulver.com petition (WC Docket No. 03-34), and a Vonage petition (WC Docket No. 03-211).

On December 11, 2003, Cisco Systems submitted a comment [PDF] regarding Pulver.com's petition pertaining to its Free World Dialup (FWD) service. Cisco wrote that the FWD is neither "telecommunications" nor a telecommunications service", and that it is "interstate". The gist of Cisco's argument is that FWD should not be subject to state by state regulation.

On December 10, Vonage submitted a comment [PDF] comparing its VOIP service to that of Pulver.com. It argues that it should not be subject to state regulation.

Vonage already has won one court case on this issue. On October 16, 2003, the U.S. District Court (DMinn) issued its Memorandum and Order [PDF] in Vonage v. Minnesota Public Utilities Commission, holding that Vonage is an information service provider, and that the Minnesota Public Utilities Commission (MPUC) cannot apply state laws that regulate telecommunications carriers to Vonage. The Court wrote that "State regulation would effectively decimate Congress's mandate that the Internet remain unfettered by regulation." See also, story titled "District Court Holds that Vonage's VOIP is an Information Service" in TLJ Daily E-Mail Alert No. 760, October 17, 2003.

12/16. Joshua Bolten, Director of the Office of Management and Budget (OMB), wrote a memorandum [17 pages in PDF] to the heads of all executive departments and agencies titled "E-Authentication Guidance for Federal Agencies".

Bolten wrote that "This guidance takes in account current practices in the area of authentication (or e-authentication) for access to certain electronic transactions and a need for government-wide standards and will assist agencies in determining their authentication needs for electronic transactions. This guidance directs agencies to conduct "e-authentication risk assessments" on electronic transactions to ensure that there is a consistent approach across government."

He added that "It also provides the public with clearly understood criteria for access to Federal government services online. Attachment B summarizes the public comments received on an earlier version of this guidance."

This memorandum is numbered M-04-04.

12/16. President Bush signed S 877, the "Controlling the Assault of Non-Solicited Pormography and Marketing Act of 2003", also known as the "CAN-SPAM Act of 2003". See, White House release and summary.

The House is in adjournment.

The Senate is in adjournment. (It will convene on January 20, 2004.)

The Supreme Court is in recess. (It will return on January 12, 2004.)

8:30 AM - 3:00 PM. The National Institute of Standards and Technology's (NIST) Board of Overseers of the Malcolm Baldrige National Quality Award will hold a meeting. The deadline to register to attend is December 15. Contact Virginia Davis at virginia.davis@nist.gov or 301 975-2361. See, notice in the Federal Register, November 25, 2003, Vol. 68, No. 227, at Page 66075. Location: NIST, Administration Building, Lecture Room A, Gaithersburg, MD.

8:30 AM - 5:00 PM. Day one of a two day meeting of the National Institute of Standards and Technology's (NIST) Information Security and Privacy Advisory Board (ISPAB). The agenda includes "Overview of Program Activities of the NIST Information Technology Laboratory's Computer Security Division", "Update by OMB on Privacy and Security Issues", and "Briefing by Department of Homeland Security Office Privacy Officer Nuala Connor-Kelly". See, notice in the Federal Register, November 21, 2003, Vol. 68, No. 225, at Page 65681. Location: Gaithersburg Hilton Hotel, 620 Perry Parkway, Gaithersburg, MD.

9:30 AM. The Federal Communications Commission (FCC) will hold a meeting. See, agenda [PDF]. Location: FCC, 445 12th Street, SW, Room TW-C05 (Commission Meeting Room).

10:00 AM - 12:00 NOON. The American Enterprise Institute (AEI) will host a panel discussion titled "Civil Liberties and the War on Terror". The speakers will be Michael Chertoff, David Cole, Patricia Wald, Ruth Wedgwood, and John Yoo. See, notice. Location: Twelfth floor, 1150 17th St., NW.

12:15 - 1:30 PM. The Federal Communications Bar Association's (FCBA) Wireless Committee will host a luncheon panel discussion titled "Wireless Telecommunications Bureau: Current Topics and Vision for the Future". The speakers will include John Muleta, Chief of the WTB. The price to attend is $15. For more information, contact laura.phillips@dbr.com or charla.rath@verizonwireless.com. RSVP to wendy@fcba.org. Location: Sidley Austin, 1501 K Street, NW, 6th Floor.

9:00 - 11:30 AM. The Executive Office of the President's (EOP) Office of Science and Technology Policy's (OSTP) National Science and Technology Council's (NSTC) Committee on Technology and Physical Infrastructure Working Group (formerly named the Subcommittee on Construction and Building) will hold a meeting that is closed to the public. For more information, contact Paul Domich at domich@nist.gov or 301 975-5624. Location: White House Conference Center, Jackson Room, 726 Jackson Place, NW.

12:00 NOON. The Federal Communications Bar Association's (FCBA) International Telecommunications Committee will host a brown bag lunch titled "The United Nations World Summit on Information Society (WSIS): Geneva 2003 and the Road to Tunisia 2005". The speaker will be David Gross, Deputy Assistant Secretary for International Communications and Information Policy, Department of State. RSVP to julie.kearney@mci.com. Location: Wiley Rein & Fielding, 1750 K Street, NW.

Deadline to submit reply comments to the Federal Communications Commission (FCC) regarding Northland Networks' petition pursuant to 47 U.S.C. § 252(e)(5) requesting that the FCC preempt the jurisdiction of the New York Public Service Commission to resolve a dispute between Northland and Verizon regarding reciprocal compensation and change of law provisions of their interconnection agreements. This is WC Docket No. 03-242. See, FCC notice [PDF].

Hanukkah.

Deadline to submit initial comments to the Copyright Office (CO) in response to its Notice of Inquiry (NOI) regarding notice and recordkeeping for use of sound recordings under statutory license. The CO published a notice in the Federal Register stating that it "is requesting public comment on the adoption of regulations for records of use of sound recordings performed pursuant to the statutory license for public performances of sound recordings by means of digital audio transmissions between October 28, 1998, and the effective date of soon-to-be-announced interim regulations." See, Federal Register: October 8, 2003, Vol. 68, No. 195, at Page 58054.

12/15. Three new members were appointed to the National Institute of Standards and Technology's (NIST) Information Security and Privacy Advisory Board: Bruce Brody (Associate Deputy Assistant Secretary for Cyber and Information Security at the Department of Veterans Affairs), Rebecca Leng (Deputy Assistant Inspector General for Information Technology and Computer Security at the Department of Transportation), and Howard Schmidt (VP and Chief Information Security Officer at Ebay).

12/15. Merit Janow was sworn in as a Member of the Appellate Body at the World Trade Organization (WTO). Janow's background includes teaching at Columbia University, working as a Deputy Assistant U.S. Trade Representative, and working for the law firm of Skadden Arps Slate Meagher & Flom. See, WTO release.

12/16. The Center for Democracy and Technology (CDT) released a report [39 pages in PDF] titled "Implications of the Broadcast Flag: A Public Interest Primer".

12/16. The Federal Communications Commission's (FCC) Wireline Competition Bureau (WCB) announced that it approved the application of OCMC, Inc. to acquire certain telecommunications assets of One Call Internet, Inc. (formerly know as One Call Communications, Inc.). See, FCC release [PDF].