cfp logo text info   
text info
back to home
program committee
about Toronto

Full Program

Tuesday, April 4 | Wednesday, April 5 | Thursday, April 6 | Friday, April 7

Tuesday, April 4

Workshop on Freedom and Privacy by Design - 9 AM - 5:30 PM

The CFP conference has traditionally focused strongly on legal remedies as essential instruments in the fight to ensure freedom and privacy.  But law is often very slow to catch up to technology, and has limited reach when considering the global scope of modern communication and information technologies.

This workshop instead explores using technology to bring about strong protections of civil liberties which are guaranteed by the technology itself – in short, to get hackers, system architects, and implementers strongly involved in CFP and its goals. Our exploration of technology includes (a) implemented, fielded systems, and (b) what principles and architectures should be developed, including which open problems must be solved, to implement and field novel systems that can be inherently protective of civil liberties.

We aim to bring together implementers and those who have studied the social issues of freedom and privacy in one room, to answer many questions.  Consider implementation issues, for example:  how can we avoid having to trade off privacy for utility?  What sorts of tools do we have available?  What sorts of applications may be satisfied by which architectures?  What still needs to be discovered or implemented?  Is open source software inherently more likely to protect civil liberties, or not?  Should we push for its wider adoption?

In addition, how can we motivate businesses to field systems that are inherently protective of their users’ civil liberties—even or especially when this deprives businesses of commercially-valuable demographic data?  How can we encourage users to demand that implementers protect users’ rights?

And finally given some particular goal(s) for a particular project or technology—such as protecting privacy—can we tell in advance if the end result is likely to help?  How can we tell if a system, once fielded, has achieved its goal(s)?

The intended end products of this workshop are ideas for systems that we should field, and implementation strategies for fielding them.

[intro paper]

Participants in the workshop include:

Location: Queens Quay

Morning Tutorials - 9 AM - 12:30 PM

(includes a 30 minute coffee break)

T1 – Constitutional Law in Cyberspace

Sure, you’d like to be the next bigshot constitutional lawyer in cyberspace, but who has time for three years of law school? What you need is a shortcut, and this tutorial is it. In three short hours, you’ll learn the basics of the constitutional law of cyberspace, with an emphasis on free-speech and privacy issues. This tutorial is designed to inform non-lawyers and lawyers alike about the Constitutional issues that underlie computer-crime and computer civil-liberties cases, as well as about the policy issues relating to intellectual property and jurisdiction on the Net.  Its goal is to prepare attendees to understand the full range of Constitutional and civil-liberties issues discussed both at the main panels and presentations at CFP 2000 and in the hallways and bars of Toronto hotels. Canadians welcome! (The Charter of Rights will be discussed too.)

  • Mike Godwin, Senior Legal Editor, American Lawyer Media
Location: Wellington

T2 – How Did We Get Where We Are: A Brief History of Privacy and Surveillance in the U.S.

How did we get from a society in which Ben Franklin published a book on codes and cryptography and Thomas Jefferson routinely encrypted his mail to one in which Congress envisions making non-escrowed encryption a crime? This tutorial will provide valuable information for assessing  today’s privacy debates. Robert Ellis Smith, publisher of Privacy Journal,  will provide an overview of data collection, Census taking, wiretapping, credit reporting, and direct marketing since the beginning of the nation.   Anita Allen-Castellitto, professor of law at the University of Pennsylvania, will discuss women’s involvement in the development of privacy protection.  In addition, there will be presentations on the development of legal protections of privacy from the famous Brandeis-Warren article in 1890 to the creation of a Code of Fair Information Practices in the 1970s, which has been codified in most American and European laws since then; and finally a look at mass-media gossip, from its beginnings in the early 19th Century through the revival of supermarket tabloids and electronic gossip in the 1990s. The session will end by tracing the development of the World Wide Web in the 1990s and its impact on privacy.

Location: Bay

T3 – Intellectual Property

The goal of this tutorial is to introduce non-specialists to the basic principles of the major intellectual property regimes - trade secret, patent, copyright, and trademark - with an eye both towards understanding the common themes that link them together and the distinct features of each. We will discuss the different kinds of information that each of these regimes protects, the nature of the rights that each grants to “owners,” and the ways that each protects against duplication or appropriation of information by others. We will also address the ways that these long-standing doctrines may be changing in response to the global revolution in information technologies.

Location: Yonge

12:30 - 2 PM - Lunch (on your own)

Afternoon Tutorials - 2 - 5:30 PM

(includes a 30 minute coffee break)

T4 – The Electronic Communications Privacy Act

In the U.S., the landmark Electronic Communications Privacy Act of 1986 (ECPA) governs the acquisition and disclosure of those classes of information--such as electronic mail, user activity logs, and subscriber account information--that lie at the core of computer network privacy. Unfortunately, ECPA's intricate (and in places convoluted) structure has long bedeviled service providers, law enforcement investigators, legal commentators, and even judges, leading one federal appeals court to call ECPA "famous (if not infamous) for its lack of clarity." Steve Jackson Games v. United States Secret Service, 36 F.3d 457, 462 (5th Cir. 1994).

This tutorial, intended for laypeople and lawyers alike, will attempt to dispel the confusion about ECPA, as an aid to understanding some of the larger policy questions presented at CFP 2000. The speaker will break down ECPA's rules by category (contents of communications vs. transactional/account records; permissive vs. mandatory disclosure; etc.) and explain those rules in plain English. A major focus will be on the rules relating to law enforcement access to e-mail and other customer information.

Location: Wellington

T5 – Everything You Need to Know to Argue About Cryptography

Cryptography is at the heart of many of the hottest topics at CFP. Cryptographic techniques can help assure privacy, thwart government and private-sector surveillance, provide anonymity, create electronic contracts, prevent fraud, create new kinds of markets, and protect the information economy.  Unfortunately, cryptography can be as baffling as it is exciting, especially to the non-mathematically trained. This tutorial will provide a brief introduction to how cryptography works, what it can and can’t do, and what cryptographers spend their time worrying about, with the aim of giving participants the background needed to participate meaningfully in the debate over cryptography policy.

  • Brian LaMacchia, Microsoft
Location: Yonge

T6 – Privacy Policies: Public Protection or Trojan Horse?

From mouse pointers tracking your on-line browsing to strangers reading your e-mail, stories about online privacy invasions appear more and more frequently in the headlines. Indeed, the impacts of public concern about the security, confidentiality and privacy of personal information have shifted from the micro-economic to the political and macro-economic realms. In recognition of this reality, and to help ensure the continuing loyalty of customers and success of e-commerce operations, many Websites now sport elaborate “privacy policies”—some of which are even “certified” by recognized third parties. This tutorial will provide a general overview of the laws, industry standards, and practical concerns that govern online privacy. It will consider the issues, opportunities, and pitfalls presented by third party audit and certification of privacy policies, and introduce participants to the key players in the area. It will also offer suggestions and ideas about what makes an effective privacy policy for the Web. Finally, participants will join in an open discussion of the legal, ethical, and practical implications of privacy policies in our cyber-paced world. After all, even lawyers don’t always read the fine print.

Location: Bay

Welcome Reception, sponsored by Zero-Knowledge Systems Inc. - 8 PM

739 Queen St. West (West of Bathurst)

Join us for a relaxing evening of jazz and billiards at the RAQ N WAQ pool lounge hall, a short taxi ride from the Westin. If you’re not in the mood for a game, the hall has plenty of cozy places to enjoy quiet conversation with new and old friends. We’ve rented out the entire hall for CFP2000 attendees. Food, drinks, and a live jazz trio will round out the evening. Invitation required at the door.

Wednesday, April 5

Unless otherwise noted, all sessions will be held in the Harbour Ballroom

8-8:45 AM – Continental Breakfast

Location: Harbour Foyer

8:45-9:30 AM – Opening Session

Conference welcome: Lorrie Cranor, CFP2000 Conference Chair; Ann Cavoukian, Information and Privacy Commissioner/Ontario, Canada

Canada welcome: Bruce Phillips, Privacy Commissioner of Canada

Keynote speaker: Austin Hill, Zero-Knowledge Systems Inc.
The road less traveled: A vision of the future of Privacy and Identity in a technological world

An exploration of the future of identity, reputation, privacy and trust in a technological environment proliferated by databases, profiling and invasions of privacy.

As technology and the Internet become more central to daily life, individual privacy is increasingly at risk. Internet fridges, wireless devices with global positioning, and public key infrastructures requiring digital signatures for strong authentication are just a few examples of technologies that will continue to erode personal privacy in the coming years.

This keynote will explore alternative ways to develop technology while protecting individual privacy. Minimal disclosure protocols, reputational credentials, data mining and information brokers will be discussed with respect to the potential for ensuring more privacy in the future digital world than we've come to expect in the current physical world.

9:30-10:45 AM – Domain Names under ICANN: Technical Management or Policy Chokepoint

Domain name management can be regarded as strictly an issue of technical stability, or can also be seen as a potential “chokepoint” in an otherwise open, decentralized medium. In this panel, privacy advocates and technical experts will discuss the potential bottlenecks for free expression and privacy, such as the Whois Database, and possible technical alternatives to domain names, such as identifiers, in light of the current controversy over the proper role of the Internet Corporation for Assigned Names and Numbers.

10:45-11:15 AM – Coffee Break, sponsored by Interliant, Inc.

11:15 AM - 12:30 PM – New Justice Technologies: Does Existing Privacy Law Contemplate Their Capabilities?

In response to the growing demands on the criminal justice community and its expanding desire and need for information, many states and localities are increasing their information gathering, analysis and sharing capabilities by implementing new information technologies. The justice system, however, has been gathering, analyzing, and passing information from one component to another since the “justice process” began. What makes today’s automated and seamless sharing of this information different from the “file cabinet and telephone” system of yesterday? What makes Internet access to court records “more public” than checking files at the courthouse? What makes the digital fingerprints different from ink and paper fingerprint cards used since the early 1900’s? And, is the use of other computerized biometric identifiers helping to prevent mistaken identity or overreaching our sense of personal privacy?

12:30-2 PM – Lunch

Luncheon speaker: Steve Talbott
How Technology Can Enslave Us

No machine can enslave us. Slavery is what happens when we become machines ourselves -- and it may surprise you to notice in what ways we have already become machines. Of course, conceiving, building, and interacting with machines gives us good practice for becoming machines, if that is our inclination. But these same activities can also give us good practice at rising above mechanisms. First, however, we have to recognize the challenge and accept it. There are not many signs, yet, that this challenge is widely recognized in our society.

I will review a number of the symptoms of our "sleepwalking" with our machines, and try my best to hold out some hope.


Location: Frontenac Ballroom

2:15-3:30 PM – Security and Privacy in Broadband Internet Services

Tomorrow’s consumer Internet connection is likely to be broadband provided by either Digital Subscriber Line (DSL) or cable modem. These services pose increased privacy and security issues over today’s dial up connections. The increasing use of home networks also complicates the situation. Industrial and academic users have implemented substantial security measures, but the typical consumer has neither the knowledge nor a convenient means to implement these. Our panelists represent providers, consumers and the research community. They will discuss such questions as: Is there really a problem? What technical and policy approaches can be used? What are the proper roles of government, industry, and consumers? Will security and privacy become marketing issues? And what should the knowledgeable consumer do to enhance the security and privacy of their broadband Internet service?

3:30-4:00 pm – Coffee Break, sponsored by IBM

4:00-5:15 pm – Privacy Commissioners: Powermongers, Pragmatists or Patsies?

Most industrialized societies have now established independent "watchdog" agencies responsible for the oversight and enforcement of their privacy protection laws. Four Privacy Commissioners (from Hong Kong, Australia, Berlin and Ontario) discuss the powers and responsibilities of their respective offices. The panel will explore two case scenarios, involving the development of personal surveillance systems in public and private sectors.  These cases will reveal how each Commissioner makes strategic decisions about how to advance the privacy interest in his or her jurisdiction. 

5:15-5:45 PM – Speaker: Mozelle W. Thompson, FTC Commissioner

5:45-6 PM – Get Me Pastry Cline - 25 Years of Privacy Journal's Wacky Mail

On the twenty-fifth anniversary of Privacy Journal, publisher Robert Ellis Smith relates the crazy fan mail, computer-addressing snafus, and threats from government agencies and corporate entities he has known since first publishing a monthly newsletter on privacy in 1974.

6-7:15 PM – The 2000 Orwell Awards and Reception

Presented by Privacy International, the awards highlight the invasive activities of governments and companies worldwide, as well as lauding those who have resisted their efforts. For more information see:

Location: Frontenac Foyer

7:30-9:15 PM – Dinner

Dinner speaker: Neal Stephenson

Location: Frontenac Ballroom

9:30 PM - 12 AM – BOFs

Cyberselfish Reading/Booksigning

Noted contrarian Paulina Borsook will premiere her long-awaited Cyberselfish/A Critical Romp through the Terribly Libertarian Culture of High-Tech. Her publisher has arranged for a shipment of books straight from the printing press so that CFP attendees will be the first on the planet to be exposed to this gonzo tour through Silicon Valley subculture. The crypto wars, Bionomics, high-tech philanthropy, and the pre-Conde Naste Wired are among the subjects covered in Borsook’s exploration of the romance between high-tech and libertarianism.

Location: Pier 4

Electronic Frontier Canada (EFC) Open Evening: “Freedom and Privacy in Canadian Cyberspace: The Charter of Rights and Freedom in its Adolescence”

Canada has been voted by some as the best place in the world to live. The Canadian Charter of Rights and Freedoms is clearly still in its adolescence. Our equivalent of the ACLU, EFF and EPIC don’t have comparable funding and resources. Our pre-charter approach has put a lot of faith in our institutions to take care of us. Especially in cyberspace, we have not figured out where to draw the line between what needs to be protected and what can reasonably be prohibited. Join us over coffee to meet some Canadian faces, discuss the Canadian experience, and answer the questions: How do we achieve or realize the rights of freedom of expression and privacy in cyberspace? What are the right mechanisms to protect these rights?

  • Peter Hope-Tindall, dataPrivacy Partners Ltd
  • Pippa Lawson, PIAC
  • David Jones, EFC
  • Robert Cribb, The Toronto Star
Location: Pier 9

Present Your Thoughts to a National Task Force on the Internet and Democracy

The Democracy Online Project, a two year public education and advocacy initiative funded by a grant from The Pew Charitable Trusts, is launching a National Task Force on the Internet and Democracy. It is Co-Chaired by former U.S. Representatives Patricia Schroeder and Rick White and already has sixteen distinguished members. Task Force Director David M. Anderson will receive and relay informal "testimony" on ideas that participants believe would harness the democratizing potential of the Internet.
  • David Anderson, Democracy Online Project
Location: Pier 5

Hacktivism: Social Activism in the Network Society

For the last five years, TAO Communications ( has been active in bringing technology to social movements, as well as bringing social movements to the network society. TAO Toronto will offer an open workshop and presentation discussing some of the strategies, successes, and challenges, involved in working with marginalized and diverse groups. Whether its translating technical jargon into human terms, or helping people to understand the reality of the Internet (privacy etc), our program of social 'Hacktivism' has helped a considerable number of otherwise non-technical people gain the literacies required to employ effective network communications. Within this workshop, we will discuss the promises and challenges of how 'Hacktivism' can aid social movements in raising public awareness, influencing policy, or organizing labour.
  • Jesse Hirsh, TAO Communications
Location: Pier 7

Reconciling Title V (Privacy) of The Financial Services Modernization Act of 1999 with The "Safe Harbor" Provisions

Title V - Privacy of the Financial Services Modernization Act of 1999 establishes the data protection practices which must be followed by U.S. financial institutions. We will examine the provisions of this statute and evaluate whether they are consistent with the Safe Harbor provisions which have been proposed by the U.S. Department of Commerce in response to the European Privacy Directive. The participants will discuss the sufficiency of privacy protection in both bodies of law and suggest alternative approaches. Those interested in the P3P Project are encouraged to attend.
  • Julia Gladstone, Bryant College
Location: Dockside IV

Appropriate Privacy for Political Organizations

Political organizations are involved in the operations of the state, which is an instrument for wielding deadly force responsibly. The range of political organizations is very broad, from local churches to global ideological movements. All have some need for privacy in their planning and operations, if only to ensure interpersonal comfort. Organizations subject to pressure from violence users (official and otherwise), for whatever reason, have a correspondingly greater need for privacy. The state, in turn, may insist on rights to invade it. This BOF session will explore ways to determine a process of selecting appropriate measures to protect privacy in all political organizations, at every scale, and the constitutional and conventional guarantees that apply to politics.
  • Craig Hubley, Craig Hubley & Associates
Location Pier 8

Latest News From a New Privacy Survey

Everyone interested in discussing initial results of a NEW privacy survey, should attend this session. This survey hopes to contribute to the understanding of consumer concerns and behavior relative to privacy on the WWW. Gale Meyer and Julie Earp, Co-Directors of the Internet Security and Privacy Project at North Carolina State University (College of Management, Division of Ecommerce) are conducting this web-based Internet privacy survey. At this BOF session, they will present their preliminary findings.
  • Gale Meyer, North Carolina State University
  • Julie Earp, North Carolina State University
Location: Dockside II

Britain's RIP Bill

Britain seemed to have abandoned its three-year pursuit of GAK, but the new "Regulation of Investigatory Powers" (RIP) Bill has been described as "key-escrow through intimidation". Persons not complying with a decryption notice will be presumed guilty of withholding a key, and face a two-year jail sentence unless they can prove (bold) that it has been lost, forgotten or destroyed. Notices can be issued without judicial authority by intelligence agencies, police or local officials, and routinely contain a "secrecy clause" which indefinitely prohibits disclosure of their existence (except to a lawyer) on penalty of five years jail. Notices can be served not only on criminal suspects but any individual or organization where there is lawful authority to obtain data, and may insist that keys rather than plaintext are provided. RIP also compels ISPs to maintain equipment to comply with general or "trawling" tapping-warrants, and requires unlimited quantities of "traffic data" to be handed over without oversight. With almost no publicity from a domestic media baffled by Internet politics, and few constitutional safeguards against "reverse-burden-of-proof", the Bill is expected to become law by July.

Location: Dockside III

Thursday, April 6

Unless otherwise noted, all sessions will be held in the Harbour Ballroom

8-8:45 AM – Continental Breakfast

Location: Harbour Foyer

8:45-9:30 AM – Keynote speaker: Duncan Campbell

Global Surveillance / The Evidence for ECHELON


Since 1996, there has been increasing global interest in and awareness of the extent of automated surveillance of global telecommunications systems, primarily but not exclusively by the signals intelligence (sigint) agencies of the United States and its English-speaking allies (NSA, etc). Although many codenames are in use, the informed public now know the system as ECHELON. This was the secret codename linked to the unprecendented global enlargement of this capability which began around 1985, and has continued on an ever-increasing scale since 1990. More recent evidence suggests that the original ECHELON system came into existence about 1971.

This presentation will look at and assimilate the best available evidence for interception capabilities and the implications for personal and commercial privacy and security. It will review the lack of proper legal authority controlling such activities, and review the privacy procedures such as have been disclosed by the interception agencies. A key matter for consideration is whether technological processes now involved in automated intelligence processing nullify privacy protection safeguards (such as they are) contained in laws such as the US Foreign Intelligence Surveillance Act (FISA).

9:30-10:45 AM – Intellectual Property and the Digital Economy

New laws are proposed or adopted frequently to strengthen intellectual property rights. Contract and technical protections are strengthening intellectual property protection as well. This past year saw adoption of new trademark domain name cybersquatter legislation, significant developments in the legal protection for the contents of databases, approval of a new licensing law for computer information, and more legislation and caselaw on digital copyright issues, not to mention endorsement of e-commerce and business method patents that will have substantial impacts on computers, freedom and privacy. Some have even proposed giving individuals property rights in their personal information as a way to protect privacy. What are the commercial imperatives seeming to drive toward ever stronger intellectual property rights?  How valid are they? What price does society pay for ever stronger intellectual property rights?  Is it worth it?

10:45-11:15 AM – Coffee Break, sponsored by Microsoft

11:15 AM - 12:30 PM – Negotiating the Global Rating and Filtering System: Opposing Views of the Bertelsmann Foundation’s Self-regulation of Internet Content Proposal

The perceived problem of objectionable material on the Internet—particularly pornography, child pornography, and hate speech—continues to be a contentious public policy issue.  The latest “solution” to this problem has been advanced by the Bertelsmann Foundation in its September 1999 “Self-regulation of Internet Content Proposal.”  The proposal seeks to balance the protection of children with adults’ free speech rights by implementing a voluntary global Internet content rating and filtering regime. This panel will explore whether the Bertelsmann proposal indeed strikes an acceptable balance, or if it merely replicates the same free speech problems associated with earlier Internet rating and filtering technologies.

12:30-2 PM – Lunch

Luncheon speaker: Jessica Litman
The Demonization of Piracy

Location: Frontenac Ballroom

2:15-3:30 PM – Parallel Sessions

Circumvention: Tool for Freedom or Crime?

  • Organizer: Alex Fowler, Electronic Frontier Foundation
  • Paul Schwartz, Brooklyn Law School
  • Barry Steinhardt, American Civil Liberties Union
  • Declan McCullagh, Wired News
  • Robin Gross, Electronic Frontier Foundation
Location: Pier 4

Infomediaries and Negotiated Privacy

If data privacy is information self-determination, what is the future role of technology and corporations in assisting individuals to articulate their determinations? One fashionable business model is the “infomediary,” a company that acts as a data-broker on behalf of consumers, monetizing permission to use personal information. The best-known "negotiated privacy" technology, the Platform for Privacy Preferences (P3P), aims to provide automated matching of privacy “terms” for online interactions. Are these developments what people want? Will they protect privacy? Might they make laws unnecessary, or are new laws actually needed to make them work? What does recent experience suggest for the future?

Location: Harbour Ballroom

Human Subjects Research in Cyberspace

Academic research using human subjects aims to inform scholars and the public and is bound by principles and laws meant to protect the privacy and autonomy of research subjects.  Market research and journalism have different aims and are not bound by the same principles and laws. Panelists will review standard protections for human subjects, some of the special problems raised for research involving subjects in cyberspace, compare the different practices of journalists and market researchers, and discuss with attendees whether journalists and market researchers should be bound by similar rules as academic researchers.

  • Organizer: Bruce Umbaugh, Director, Center for Practical and Interdisciplinary Ethics and Asst. Professor of Philosophy, Webster University [paper]
  • Amy Bruckman, Electronic Learning Communities Group and Asst. Prof., Georgia Tech, founder, MediaMOO
  • Julian Dibbell, writer, author of My Tiny Life: Crime and Passion in a Virtual World
  • Sanyin Siang, American Association for the Advancement of Science

Location: Pier 5

Network society as Seen by Two European Underdogs

This session will provide documentation of the state of development of the Internet in Europe, with some specific data on trends in Italy and Spain. Why is Italy the largest market in Europe for mobile phones, but not for the Internet? What role does Spain have (or should have) in the fast-growing Spanish-speaking Internet? We will review a number of problems – and proposed solutions. What can be learned from the experience of Italy and Spain that is interesting also for other countries?

Location: Pier 7/8

The Media and Privacy: Friend, Foe or Folly?

The media has been the greatest proponent of freedom of information, freedom of expression and freedom of speech. However, the media has also been one of the worst violators of privacy rights through the activities of the “Paparazzi” and various so-called “investigative” tabloid journalists. This panel will examine the issues surrounding the role of the media and privacy. Specifically, it will examine legislative and self-regulation models governing the behavior of the press.

Location: Pier 9

3:30-4:00 PM – Coffee Break, sponsored by America Online

4-5:15 PM – “Who Am I and Who Says So?”: Privacy and Consumer Issues in Authentication

Industry is in the early stages of building one of the most far-reaching and important pieces of infrastructure for the Information Age – the means for identifying who a person is online and whether they are authorized to do something. New “digital signature” and “electronic authentication” systems will soon be a part of the electronic commerce landscape, used by people to buy and sell things on the Web, to submit forms to the government online, or to “sign” binding documents transmitted electronically. At the same time, the rules that govern electronic authentication – including the liability of parties, the privacy of personal information collected to guarantee signatures, and legal obligations of “signing” a document – raise important privacy and consumer concerns. These issues must be addressed if people are to ultimately trust and use electronic commerce.

5:15-6:00 PM – Keynote speaker: Tim O’Reilly

Open Source:  The Model for Collaboration in the Age of the Internet

Linux and other open source projects such as Perl and Apache are not just of interest to computer programmers or Wall Street bankers hoping to profit from their efforts. These projects give us key insights into the nature of collaboration in the age of the Internet.

The Internet itself started out as a way for computer scientists and other researchers to work together over large distances. In the 1990's, the Internet was discovered as a consumer phenomenon, and is in the process of transforming everything from business processes to entertainment to how people learn and communicate. But in the mad rush to commercialize the Internet, we may be losing sight of the technical and social processes that created this tremendous innovation.

The Internet is at bottom an experiment in group collaboration, a self-extending evolutionary technology driven by the needs of its participants to share information. Traditionally, the Internet, and the open source projects associated with it, have governed themselves, set their own standards, and invented new tools from the bottom up. They provide essential lessons for anyone wanting to exploit the power of the internet to coordinate the efforts of widely distributed groups.

7 PM – St. Lawrence Hall – EFF Pioneer Awards and Reception

The Electronic Frontier Foundation is sponsoring the Ninth Annual EFF Pioneer Awards to recognize significant contributions to the advancement of rights and responsibilities in the Information Society. The EFF Pioneer Awards are international and nominations are open to all. The deadline for nominations is March 10, 2000. See The awards reception is sponsored by

9:30 PM -12 AM – BOFs

Freeing the Law: Universal Access to Legal Research Materials

This session will focus on the mission of the Free Law Consortium (FLC).  FLC seeks to develop highly innovative, non-proprietary and medium-neutral standards for the publication of legal documents that will permit a variety of organizations to create and maintain a registry of public legal documents (such as court opinions, statutes and regulations) that is accessible, easily searchable and delivered free to the public via the Internet.  Information will be presented on the relevant technologies and architecture (such as Legal XML) as well as plans for garnering widespread acceptance.

  • Ernest Miller, Yale Law School, Class of 2000
  • Mark Kerr, Yale Law School, Class of 2000
Location: Pier 7

TechnoLibertarianism – Threat or Menace?

Those who have entered cyberspace in the last few years have encountered a strange creature there – the technolibertarian. Rarely encountered in the “real world,” this ubiquitous online species has sown fear, uncertainty, and doubt wherever it goes. What caused the overpopulation of this species in the online niche? Is it coincidence or is cyberspace a natural habitat for libertarianism? Will technolibertarianism fade away as the net matures or will this online phenomenon have an impact on the larger world beyond cyberspace? Attorney, author, and cypherpunk Duncan Frissell will discuss the phenomenon in a factual, humorous, and non-ideological fashion.

  • Duncan Frissell,
Location: Pier 8

Health Information Privacy

Rapid advances and exponential growth in computer and telecommunications technology have taken individual records revealing the most intimate details of one's life, habits, and genetic predisposition from the private sector into the public arena in derogation of privacy considerations. Offering a means of streamlining and improving health care delivery through speed and enormous storage capacity, computerized medical information also presents new challenges as it impacts our right of privacy and expectation of confidentiality. This problem is of sufficient importance to merit proposed federal legislation to protect the privacy of medical records. This BOF session will address substantive issues contained in the proposed rules as well as other provisions which would be helpful in protecting the rights of citizens.
  • Marcia Weiss, Point Park College
Location: Dockside II

Infomediaries, Privacy, and Trust

We will talk about the impact of infomediaries on privacy in the context of questions such as this one: how can enterprises that seek to make money from marketing our personal data expect us to trust them? We intend to follow up on the "Infomediaries and Negotiated Privacy" panel and to allow room for more fine-grained discussion of concerns about infomediaries.
  • Tom Maddox, PrivacyPlace Magazine
Location: Pier 9

CryptoRights Root Key Ceremony

Join us at the Birth of a new Key! The Cryptorights Foundation will be generating its new "root" key in a very public ceremony. If you've been reading about "Public Key Infrastructures" (PKIs) in the media but don't really know what they are or how they work, this is a rare opportunity for you to come learn about public key cryptography from some very experienced crypto people (who are also involved in human rights work), and to be present at the Birth of a new root key and a new PKI. This will be a PGP root key, not an X.509 root key, so The newly-generated CRF "root" key, which will be used as the certifying Meta-Introducer key in the CRFs PKI, will also be split (using a cryptographic technique to protect it from misuse), and signed by everyone present who has a PGP key, in order to give it validity (and stature) in the global Web of Trust. Representatives of the CRF will also be generating their personal Trusted Introducer keys, which will be signed in front of everyone by the Meta-Introducer key. If this paragraph didn't make much sense to you now, then you should definitely come to the ceremony and listen to the Tutorial immediately preceding the Ceremony. Please join us for this very special (and educational!) birth...
  • Dave Del Torto ( , Cryptorights, Executive Director
  • Robert Guerra (, Special Project Leader (Canada)
Location: Pier 4

Permission E-mail Marketing

Opt-in e-mail marketing is being heralded as the anti-spam. Although it is much better than spam, is it doing enough? And, without industry definitions of opt-in, for what are people signing up? This session will focus on incentive marketers (CyberGold and MyPoints) and e-list brokers (YesMail, PostmasterDirect, and everyone else under the sun) and what they're doing, and not doing, with personal data used for permission e-mail marketing.
  • Jad Duwaik, OptInk
Location: Dockside IV

April 2000: A Turning Point for Kids' Online Privacy

April 21, 2000 marks the enactment of the Children’s Online Privacy Protection Act (COPPA), which includes a variety of provisions -– including the mandate that companies must obtain verifiable parental consent before collecting personal information from children under age 13. What does COPPA mean for Web sites that offer kids contests, chat or e-mail? What does "verifiable parental consent" mean? This session covers why COPPA is good news for everyone, and the steps companies are taking to comply with the law.
  • Alison Pohn, The FreeZone Network
Location: Dockside III

The Developing Caselaw of Privacy: A Survey and Discussion

We intend to present a survey of privacy litigation outcomes in order to develop an idea of how the law of privacy is developing. Once roughly established, we wish to solicit ideas on: (1) what normative and positivist claims can be made to guide courts in their privacy implicated adjudications; and (2) how to effect the development of a body of laws reflective of these normative and positivistic claims.
  • Keith Enright, Entelechy
Location: Pier 5

Freedom and Privacy in Online Community Settings

For many of us, finding or creating a forum to express our views and to socialize with interesting people over time is best part of being online. Freedoms, rights and concerns about losing either take on a life of their own in complex conversation environments. This is a chance to swap stories of the evolution of the computer-mediated communities we know. We will look at some of the highlights in this year's adventures in confidentiality, anonymity, freedom of expression, hate speech, stickiness, pranks, censorship, stalking, heartless hazing, astonishing orchestrated acts of kindness and more. Please join us and contribute your latest anecdotes, questions and observations.
  • Gail Williams, Director of Communities, (Table Talk & The WELL)
  • Wendy M. Grossman, writer and Co-chief Sysop of the Fleet Street Forum, for British journalists
  • Bruce Umbaugh, Director, Center for Practical and Interdisciplinary Ethics, Webster University

Friday, April 7

Unless otherwise noted, all sessions will be held in the Harbour Ballroom

8-8:45 AM – Continental Breakfast

Location: Harbour Foyer

8:45-9:30 AM – Building Diversity Online

  • Moderator: Karen Coyle, California Digital Library
  • Greg Bishop,

9:30-10:45 AM – Internet Voting: Spurring or Corrupting Democracy? – A Debate

Proponents say that Internet voting for government elections will make the process easier and eliminate barriers to voting. Opponents respond that this promising technology is insecure and unsettled, and stress the need for full public debate and testing before deployment. What are tradeoffs among convenience, security, integrity, and other important factors? This debate between strong advocates is followed by observations from experts in computer security and election administration.

10:45-11:15 AM – Coffee Break and PGP Keysigning

11:15 AM – 12:30 PM

CFP2000 Hot Topics: Health Privacy

  • Moderator: Ari Schwartz, Center for Democracy and Technology
  • Greg Miller, MedicaLogic Inc.
  • Peter Swire, Chief Privacy Counnselor, US Office of Management and Budget
  • Angela Choy, Georgetown Health Privacy Project
  • Rebecca Daugherty, Reporters Committee for the Freedom of the Press

12:30-2 PM – Lunch

Luncheon speaker: Whitfield Diffie
We Can Tap It for You Wholesale

For reasons of efficiency, business computing is moving away from the networks of autonomous desktop machines that characterized the 80s and 90s towards an outsourcing model of thin desktops and fat servers that is in style reminiscent of the timesharing systems of the 60s and 70s. One unappreciated consequence is the increasing centralization of control over the office worker's environment. The resulting loss of ability to maintain individual machine configurations will add a new dimension of workplace surveillance, even for high level professionals and will adversely affect the privacy of all who work with computers.

Location: Frontenac Ballroom

2:15-3:30 PM – Parallel Sessions

Broadband and Speech

Today small or unpopular speakers can speak on the Internet on roughly equal footing (with roughly the same quality of voice) as large corporations and media outlets. As broadband technologies emerge, however, that rough equality may be lost, and speech on the Internet may come to be dominated by wealthy speakers. Canada has a newly created and unique regulatory regime that will have to deal with these problems down the road. How do the different parties hope to continue to ensure freedom of expression in the future?

Location: Dockside III

Is Technology Neutral? Space, Time and the Biases of Communication

Canadian political economist Harold Innis recognized the central role that communication media play in controlling consciousness, social organization, and cultural expectations. Through his “bias of communication” thesis, he explicated how communication is biased in terms of its control over time or space. This panel brings together some provocative theorists and technology writers to discuss the biases of digital communication: how has digitization influenced our socio-economic, cultural, and political landscapes?  What have been some of the unintended consequences of our technological imperative upon communities – both virtual and real, on urban planning and design? Have digital technologies been reinforced as control technologies? How has digitization reconfigured our environment, shaped democracy, and what are some of its unanticipated consequences?

  • Moderator: Leslie Regan Shade, Department of Communication, University of Ottawa [paper]
  • Paulina Borsook, Journalist, Author,Cyberselfish [paper]
  • Reg Whitaker, Author, The End Of Privacy: How Total Surveillance Is Becoming A Reality, York University, Toronto
  • Marita Moll, Canadian Teachers' Federation [paper]
Location: Dockside IV

Indirect Threats to Freedom and Privacy: Governance of the Internet

Civil libertarians most often identify threats to freedom and privacy on the Internet in direct corporate and government strategies. Other policies may indirectly influence civil liberties, as well. For example, standards bodies, such as the World Wide Web Consortium (W3C) and the Internet Engineering Task Force (IETF), design governance institutions that set standards and policies affecting the Internet. We will address how the decisions of these bodies touch on both substantive and philosophical issues of freedom and privacy on the Internet and discuss possibilities for influencing decision making processes in these areas.

Location: Dockside II

Personal Data Privacy in the Pacific Rim: A Real Possibility?

This session explores the state of affairs in personal data privacy in the Asia Pacific countries from the computing, legislative, political, cultural, and social perspectives. Although privacy is a fundamental human right recognized in the Universal Declaration of Human Rights, the modus operandi of the governments in this region is that of control. The following contextual issues will be covered to determine whether there is an opportunity to begin a new era of personal data protection: basic concepts of rights and privacy, citizen awareness of personal data privacy, roles of government and Data Privacy Legislation, corporate compliance to data privacy legislation, initiatives to deal with new technology innovations.

Location: Dockside I

Campaign Finance Law and Free Expression

The Internet is uniquely decentralized, abundant, inexpensive, and user-controlled. U.S. campaign finance laws were developed for the centralized, scarce, and expensive media of radio, television and print. Some say that initial efforts to apply the election law to these new and varied Internet communications have yielded troubling results, threatening to burden — even silence — the voice of average citizens in American political life. Others argue that without strict regulation of campaign laws online, the Internet becomes a way to avoid current laws.

Location: Harbour Ballroom

3:40-5:00 PM – Ten Years of CFP: Looking Back, Looking Forward

In this session, we will celebrate the 10th year of the Computers, Freedom and Privacy conference by looking back over the issues that have been discussed over the past 10 years and looking forward to the issues we are likely to face over the next 10 years.

Home | Participation | Register | Program | Accommodations | Transportation | Program Committee | Sponsors | About Toronto | Credits | Privacy Policy