Privacy News Highlights
01–08 March 2007
Contents:
UK – Children of 11 to be
Fingerprinted, Stored in massive Database
UK – DNA Info Will Be Stolen if
Included in ID Cards
CA – Canadian Privacy Officials Collaborate on Efforts to
Combat Identity Theft
US – Bill Gates Calls For New
Consumer Privacy Law
US – Woman Accuses Yahoo of Stealing
Her Image
CA – Privacy Sings Two Tunes: Consent Stifles Service
Innovations
CA – Canada.com Pawns Webmail to US Provider; Says PIPEDA
No Longer Applies
WW – Spam on The Rise Worldwide
US – Microsoft & DOD Sign Deal
to Develop EHR Data-Mining Tool
EU – Art. 29 Working Party Issues
Opinion on Transfer of PNR to U.S. Authorities
EU – Anti-Terror Data Law Takes
Effect In Germany
EU – EU Warns Microsoft of Possible
Further Fines
WW – Study Forecasts 988 Billion
Gigabytes of Digital Information in 2010
UK – Banks Unleash Paper Tigers Over
Terror Data Probe
AU – Debt Companies Target ‘Good’
Shoppers
CA – Toronto Police Urged to Make Grow-Op List Public
US – HHS’s Kolodner Addresses
Trials, Privacy
CA – Toronto’s SickKids Notifies Study Participants of
Stolen Laptop
UK – “Nothing to Fear over ID Cards
Privacy,” Says UK Passport Chief
CA – Ontario to Get Toughest ID Check System in Canada
CA – Airports Give Thumbs-Up to ID System
CA – 1 in 6 Canadians Hit by Identity Theft, Survey
Suggests
US – Research Firm Gartner Says ID
Theft Continues to Rise
CA – ID Analytics Announces Breach Analysis Services
WW – New Certification Makes It
Harder for Phishers to Create Counterfeit Web sites
WW – New Online Data Privacy
Computer Based Training Program Offered
US – Man Sues Microsoft for Failing
to Protect his Privacy
WW – Wikipedia Wants ID from
Self-Proclaimed Experts
US – DOJ Takes Aim at Image-Sharing
Sites
HK – Trans-Border Data-Transfer
Privacy Under Study in Hong Kong
UK – UK’s RFID-Equipped Passports Readable Through Envelope
US – Senate RFID Caucus Holds First 2007 Meeting
US – Activists Claim Success: No RFID Chips Required in Driver’s License
Regulations
EU – European Retailer Embeds RFID
Chips in Shoes
WW – Tizor Launches First Data
Auditing & Protection Blog
WW – Security Tip of the Day: USB
Drives
AU – Australian Government Defends
Access Card as Criticisms Grow
US – White House Board OKs
Eavesdropping Program
EU – Italy Tops Global Wiretap League: Report
UK – Road Tolls as Privacy Friendly
Dismissed As “Nonsense”
US – NYC Council Passes Nightclub
Videosurveillance Security Law
US – House Moves to Outlaw Phone
Number Spoofing
US – ISPs fear SAFETY Act Retention Requirements
UK – Customer Respect Group: Telcos
Need to Boost Consumer Privacy Online.
US – DHS Issues REAL ID Act Guidelines
US – FTC Seeks to Stop “Demand Side”
of Spyware
US – Senators Introduce Amendment to
Delay Implementation of REAL ID Act
US – Washington State Senate Delays
Adopting National ID Standards
US – Colorado and Montana Drop
Do-Not-Mail Bills
US – New York Taxi Drivers May
Strike Over GPS Requirement
Children aged 11 to 16 are to have their fingerprints
taken and stored on a secret database, internal
Former Home Secretary Charles Clarke has called for
DNA details to be put on the identity cards database – despite warnings it will
be accessed by crooks. Mr Clarke argues that current Government plans for ID
cards are too timid and that the more information placed on them, the safer
they will be from abuse. But this week the Home Office admitted fraudsters can
already scan biometric passports without our knowledge. And campaigners warned
that putting DNA on the database would take
Federal, provincial and other Canadian privacy
officials met recently to assess ways to address the escalating ID theft
problem in the name of Fraud Prevention Month. They agreed that law enforcement
agencies, governments and businesses must work together to find solutions to
overcome identity theft. The group also agreed that action is needed to halt
the increase in spam. The officials also noted that “
Microsoft Chairman Bill Gates asked Congress to pass a
comprehensive privacy law this year, allowing consumers to control how their
personal information is used. Gates repeated past Microsoft calls for a
wide-ranging privacy law during a speech at advocacy group the Center for
Democracy and Technology’s (CDT) annual gala dinner Wednesday. A comprehensive
privacy bill should allow consumers to control their personal data, should
provide transparency about what their data is used for, and should notify them
when their data has been compromised, Gates said. [Source]
[Press
release]
An
Don Lenihan (Crossing Boundaries) has written an
opinion piece looking at the challenges of governmental handling of privacy.
The article discusses how societal views of consent have limited e-government
and how we need to be aware of differences to the private sector. Lenihan’s
opinion is that the public is more lenient with the private sector’s access to
their personal information than they are with the government. [Source]
Apparently, CanWestGlobalAsperOmniMedia has outsourced
the Canada.com e-mail service to an American company, Velocity Services, Inc.
This is the blurb
from the Canada.com website: “canada.com e-mail (the “Service”) is provided
by Velocity Services, Inc. (“VSI”), a company located in and conducting its
business from the
Messaging security firms are reporting that spam is on
the rise, according to this ConsumerAffairs.com article. One such firm,
MessageLabs, reported that “77.8%of all sent emails for the month of February
from ‘new and unknown bad sources’ were spam, or 1 in every 1.29 e-mails” —a 2%
increase from January. The company attributes the increase to spammers using
the Valentine’s Day holiday as an opportunity to step up traffic. Another firm,
Kapersky Lab, published a 2006 report indicating that China, Russia and the
United States are the largest producers of spam, with the majority originating
in the U.S. [Source]
See also: [Denmark -
Opinion poll puts snail mail in the lead]
Microsoft is partnering with the Department of Defense
(DOD) to develop tools for analyzing the health records of 9.1 million DOD
beneficiaries. Together, Microsoft and the Army’s Telemedicine and
The Art. 29 Working Party has issued its opinion aimed
at travel agents/airlines that provide travel services to passengers flying to
and from the
Protection against possible terrorist attacks is the
motivator behind
The European Commission warned Microsoft last week it
faced further fines in its antitrust case for seeking unreasonable prices from
software makers for interoperability information. The latest formal charges
could lead to new fines against the
In 2006, 161 exabytes of digital information were
created and copied, continuing an unprecedented period of information growth,
according to a new report by IDC researchers. This digital universe equals
approximately three million times the information in all the books ever
written. The previous best estimate came from researchers at the
British banks have responded to European privacy
watchdogs, who claim they broke the law by letting
Australian and
CTV News has obtained a list of the more than 1,000
homes in Toronto that have been used as marijuana grow-operations since 2003,
but there are calls to make the information available to the public. Police
Chief Bill Blair says the force is considering posting the addresses on its
website, but he said there are some legal and privacy issues involved. CTV
obtained the list after filing a Freedom of Information request. Some city
councillors said it was material even they couldn’t get their hands on. [Source]
Robert Kolodner, interim
national coordinator for health information technology, announced that his
office is poised to request proposals for contracts that would fund trial
implementations of state, regional and local health information exchanges.
Kolodner made the announcement during a keynote address this week at the
Healthcare Information and Management Systems Society conference in
·
If
they want their information to automatically flow to their primary-care
physician and personal health record.
·
If
they want to prevent the flow of information to certain providers or payers.
·
If
they want to block all flow of their personal information.
Kolodner also discussed allowing consumers to be able
to make corrections to their medical record. [Source]
[Patient control of
EHR data on network gets mixed reaction] [Health
Care Pros Debate Interoperability Standards] [Privacy
Concerns Abound With Commercial Databases of Medical Data]
The Hospital for Sick Children (SickKids) is notifying
patients that have participated in 10 different research studies about a stolen
laptop that contained their personal health information. The laptop was stolen
on January 4, 2007 from the car of a physician who was doing data analysis. SickKids
reported the incident to
UK – Laptop Theft Exposes Information on County Council
Staff — Bank and national insurance information of
more than 16,000 staff is at risk for identity theft since a laptop was stolen
from an employee of the
US – FBI Investigates Security Breach Involving
Patient Information —
US – State Health Officials Issue Apology for HIV Patient
Information Breach — The
identities of at least 53 patients in
IR – Stolen Computers Raise Data Theft Fears in
Northern Ireland — 55
computers have been stolen from Northern Ireland civil servants over a
nine-year period. The value of the stolen equipment is 90,900 Euros. A Northern
Ireland Office spokesperson said “We need to know what information was there.
... We need an assurance that personal information was not on these computers.”
A Department of Finance and Personnel spokesperson said the computers did not
hold confidential information. [Source]
US – Texas A&M System Breach Forces Password
Changes — All users of
JP – Missing Hard Disk Holds Student and Alumni Data — An external hard disk containing PII of
approximately 8,800 students and graduates of Tokyo University of Science was
stolen on February 24. A professor had taken the device home with him, but the
bag it was in was stolen while he was on a train home. The professor will face
punishment. [Source]
US – Stolen Computers Hold Child Patient Data — Two laptop computers stolen from a
locked vehicle in the parking lot of
US – Thief Stole Credit Card Numbers from Seed Site — A cyber thief broke into the web site of
Johnny’s Selected Seeds and stole sensitive customer data, including credit
card numbers; in all, 11,500 accounts were compromised. Approximately 20 of the
stolen card numbers have been used fraudulently. The site is now under 24-hour
monitoring to prevent a recurrence; other security measures have also been
implemented. Johnny’s has notified all people whose account information was
stolen. The initial intrusion occurred on 07 February. A company official said “criminals
gained access to our internal systems and gathered enough information to allow
then to gain access to our web site.” [Source]
US – Stolen Metro State Computer Holds Student Data — A laptop computer stolen from a faculty
member’s office at a Denver State College held names and SSNs of students who
took courses from a professor from fall 1999 through fall 2002. The professor
may face disciplinary action. In addition,
The man in charge of the government’s national ID
cards scheme has dismissed claims the cards will lead to a personal audit trail
of each citizen’s movements and transactions. Privacy groups have claimed
records of each time an ID card is used, where and what it is used for will
create a vast personal tracking database of every individual on the National
Identity Register. But James Hall, CEO of the Identity and Passport Service
(IPS), said in an online webchat on the
The Ontario Convenience Store Association (OCSA) has
unveiled what is the toughest system of ID checks for age restricted products
in the country. The ‘We Expect ID’ program is a rigorous age verification
system to prevent youth from getting access to restricted products sold through
convenience stores, including: alcohol, tobacco, movies, adult-themed
magazines, lottery tickets, fireworks and other combustibles. “‘We Expect ID’
has been under development by the convenience store industry for over two years
and takes a zero-tolerance approach to keeping restricted products away from
youth,” said Dave Bryans, President of the OCSA. “With this system, anyone that
appears under the age of 25 who intends to purchase a restricted product must
present their driver’s license and have it swiped as proof of age.” In each and
every case, store employees must swipe customers’ licenses through the lottery
terminal. The terminal reads the age information from the magnetic stripe on
the back of each license and presents the person’s age prominently on the
terminal’s display. [Source]
[Press
Release] [OCSA
Presentation] Coverage: [New ID checks could violate
privacy: Minister]
Security is soaring at Canadian airports with the
rollout of a dual biometric-based airport identification card program by the
Canadian Air Transport Security Authority (CATSA). The Restricted Area Identity
Card (RAIC) program, implemented across 29 Canadian airports, was an initiative
by the Ministry of Transport that began in 2002 in a bid to beef up security at
Identity theft has hit one out of every six adult
Canadians - more than 4.2 million people - either directly or within their
immediate households, a survey suggests. The poll, conducted in 2006 by the Strategic
Counsel for the Competition Bureau of Canada, suggests that 17% of Canadians
aged 18 or older have either been victimized themselves or had an incident
affect someone in their homes. Even more people have been hit by marketing
fraud, according to the survey: 31% or about one in three adults. Yet Canadians
are not likely to complain to the authorities when they are victimized in
marketing frauds, according to the survey. “It remains the case that few people
make a significant effort to report or resolve an incident of marketing fraud,”
the report said, with 43 per cent saying that they “did nothing.” [Source] [Source]
Stamford, Conn.-based research firm Gartner released a
report on Tuesday that states that about 15 million Americans were victims of
identity theft between mid-2005 and mid-2006. This is more than a 50 percent
increase from the Federal Trade Commission’s estimate of 9.9 million in 2003.
According to Gartner, the amount of money that victims are losing also is
increasing and they are recovering less of it. The report comes in contrast to
a study released by Javelin Strategy and Research last month that showed
identity theft on the decline. [Source] [Source] See also: [New
twist on ID theft: 7 admit they sold theirs] [Password
problems lead to ID theft, report] and also: [Tennessee
Lawmaker Pushes Identity Theft Bill] [Tougher
ID Theft Penalties Headed to Oklahoma House Floor] [Mississippi
Identity-theft protection bill moving forward] and, generally: [Developing
Best Practices to Combat ID Theft, Part 1, Part
II]
ID Analytics, an Identity Risk Management company, has
announced the availability of Breach Analysis Services for enterprises. This
intent of this service is to determine whether a data breach is truly a source
of identity theft or related harm. [Source]
Microsoft has developed a new seal of approval for Web
sites, called an Extended Validation Secure Sockets Layer (EV SSL) certificate,
which is intended to reassure consumers that they are dealing with secure Web
sites. The certification process will require third party certifiers, such as
VeriSign and Entrust, to implement more rigorous guidelines for Web sites
seeking approval. Sites that have an EV SSL authentication will display a green
address bar and users will be able to see the country in which the site is
based. [Source] [Source]
Watchfire announced
a new Computer Based Training curriculum tailored specifically for privacy
professionals. Organizations understand the importance of data privacy but need
help educating employees to ensure proper protection. Watchfire is now offering
WebXM Privacy training curriculum to meet the specific needs of our privacy and
compliance customers. This extends the Company's recently announced Fanatical
Success Program-a program which not only provides companies with the best
technology, but is dedicated to closing the knowledge gap amongst user groups,
building out sustainable processes, and supporting customers 100 percent along
the way. [Source]
A man in jail “awaiting trial for alleged gun crimes
is suing Microsoft for privacy violations.” Michael Alan Crooker says when he
bought his computer at
Following revelations that a high-ranking member of Wikipedia's
bureaucracy used his cloak of anonymity to lie about being a professor of
religion, the free Internet encyclopaedia plans to ask contributors who claim
such credentials to identify themselves. Wikipedia founder Jimmy Wales said
that contributors still would be able to remain anonymous. However, he said
they should only be allowed to cite some professional expertise in a subject if
those credentials have been verified. [Source]
The Bush administration has accelerated its Internet
surveillance push by proposing that Web sites must keep records of who uploads
photographs or videos in case police determine the content is illegal and
choose to investigate. That proposal surfaced Wednesday in a private meeting
during which U.S. Department of Justice officials, including Assistant Attorney
General Rachel Brand, tried to convince industry representatives such as AOL
and Comcast that data retention would be valuable in investigating terrorism,
child pornography and other crimes. [Source]
The Hong Kong Government will map out the best way
forward on privacy issues relating to trans-border data transfer, taking into
account the interests of relevant stakeholders, Secretary for the Civil Service
Denise Yue says. She told lawmakers today the Personal Data (Privacy) Ordinance
is under review, which covers Section 33 which is not yet in operation. The
section prohibits the transfer of personal data from
Using equipment readily available on the Internet, the
Daily Mail was able to construct a device that can read information from an
RFID-equipped passport. Within four hours, the Mail managed to download enough
information to create a phony passport without opening the envelope in which
the new passport was delivered. The RFID chip holds an electronic copy of the
photo page from the passport, an electronic photo and a device that ensures the
other two files have not been altered. To access these files, the computer
needs the key that is printed in the last line of the passport’s
machine-readable zone on the photo page. The Mail was able to determine the
code relatively easily because it virtually always includes the holder’s birth
date and the passport’s expiration date. Furthermore, attackers are not locked
out after any number of incorrect attempts. [Source] [Source] [Source]
The US Senate RFID Caucus held its first event of 2007
on Capitol Hill thsi week called “RFID and Innovation:
Citizens Against Government
Waste (CAGW)
declared a victory for taxpayers and drivers after the Department of Homeland
Security (DHS) released proposed regulations for personal identification that
do not mandate the use of RFID technology. CAGW has released two reports, “Real ID: Big Brother Could Cost Big Money“
and “Border Security: PASS Card Fails on Cost,
Privacy“ criticizing RFID-based identification. The group claims the
total cost of issuing new licenses with RFID chips could reach $17.4 billion
and the average cost of a license would shoot from between $10 to $20 to more
than $93. In contrast, the National Conference of State Legislatures estimated
that it would cost $9 to $13 billion to implement REAL ID Act regulations based
on current licensing techniques. RFID also threatens privacy, said CAGW in a
release, raising the possibility of identity thieves remotely accessing their
victims’ personal information with a hand-held scanner. [Source]
One of
Tizor Systems, a provider of enterprise data auditing
and protection solutions for the data center, has announced the launch of the DataAuditingBlog, the first blog about data
auditing and its related subjects, targeted at professionals charged with
security, IT and compliance for their companies as well as IT auditors,
database practitioners, customers and partners focused on the data security
industry. “There are a lot of terms including data auditing, protection,
leakage and encryption being thrown around right now and recent data breaches
as well as an expanding roster of compliance regulations have led to heightened
awareness and confusion for both the public and enterprises responsible for
critical data. My hope is that by blogging weekly about data auditing and
related topics that I will provide a collaborative setting to start
collectively clarifying the issues around auditing for compliance and data
protection.” [Source] [Blog] See also: [Security
alerts often go unnoticed by IT pros. Why?]
Tip: Don’t plug in USB drives that you find lying
around. Criminals can use them to steal your data – People’s natural curiosity
and desire to help were exploited by consultant Steve Stasiukonis, who was
hired to check security awareness at a credit union. He loaded malicious
software on old thumbnail drives and left the drives on the ground and tables
in the parking lot and smoking areas. Each time a curious, helpful person
plugged any of the thumb drives into his computer, it loaded software and
reported who had taken the bait. His test was harmless, but criminals can use
the same technique to take control of our computers. [Source]
At the first day of Australian Senate committee
hearings into the access card system, which will hold 16 million photographs,
the Government dismissed the idea the store would be linked to closed circuit
television systems, but has admitted police and security agencies will be able
to use the system to identify suspect individuals. The Government has fought
claims that the Access Card will develop into an identity card and is proposing
heavy penalties against non-government bodies who demand it for identification
purposes. Opponents have suggested that the Access Card scheme is a taxpayer
subsidy for banks to adopt smartcard technology, No ID Card campaign director
Anna Johnston has told a Senate inquiry: “The Bill is silent on how the
smartcard infrastructure may be used by business, yet the chief technology
architect is due to tell an industry summit how the card could become the ‘common
railroad’ for retail,” she said. “Australians deserve to know whether the
scheme is effectively a taxpayer subsidy for banks and retailers, which have
not otherwise seen the business case for adopting smartcards.” Ms Johnston said
it was outrageous to expect the public or parliament to agree to spending $1.1
billion on the scheme “without the Government first showing us all the details”.
[Source]
[Source]
[Access
card laws may be tightened] [Australia
Govt ‘Misled’ Card Inquiry: Greenleaf]
A White House privacy board has determined that two of
the Bush administration’s controversial surveillance programs, electronic
eavesdropping and financial tracking, do not violate citizens’ civil liberties.
After operating mostly in secret for a year, the five-member Privacy and Civil
Liberties Board is preparing to release its first report to Congress next week.
[Source]
[Source] See also: [Top
Secret: We’re Wiretapping You] and [West
Virginia warrantless surveillance in homes struck down by court] and [DHS Profiling Program Raises Privacy Flags]
Invoking the name of the 24-year-old woman who was
raped and killed after leaving a
Congress is considering a bill to outlaw fraud and
harassment through spoofing -- altering phone numbers that appear on caller ID
-- after a similar measure died last year. A bill to outlaw spoofing to defraud
or cause harm is headed to the House Committee on Energy and Commerce. The
Subcommittee on Telecommunications and the Internet approved the bill after a
hearing Wednesday. The bill, H.R. 251, would allow victims of domestic
violence, crime tipsters, and others with legitimate reasons to conceal their
numbers while providing an alternative on caller ID. That distinction clarifies
language in the bill that was offered up last year. [Source]
Privacy advocates aren’t the only ones up in arms over
a bill currently being debated in Congress that would require Internet service
providers (ISP) to retain records on subscribers. ISPs themselves are saying
the bill contains no clear guidelines for records retention methods or
archiving periods for data, and said they are growing nervous about the storage
and data management costs that might result if the bill becomes law. The
passage prompting debate in the industry is Sec. 6 of the Internet Stopping
Adults Facilitating the Exploitation of Today’s Youth Act of 2007 (SAFETY), the
newest of several versions of Internet records.retention measures introduced to
Congress Feb. 5 by Rep. Lamar Smith, R-Tex. So far, previous versions of the
legislation have all died in committee. The bill, which is still being debated
in the House, is the first formal bill to be introduced to Congress on this
issue. [Source]
The Customer Respect Group, a research and consulting
firm that researches how corporations treat their online customers, this week
released findings from its First Quarter 2007 Online Customer Respect Study of
the Telecommunications Industry. The study’s findings indicate that
telecommunications companies are not addressing consumers’ privacy concerns to
the extent found in other high-tech industries and the retail sector. The study
found that telcom firms collect more personal data than other companies.
Oftentimes, the data the company seeks is not related to the customer’s
request. The study analyzed 54 Web sites in the
[Customer
Respect Group] [Study]
The Department of Homeland Security (DHS) has issued
guidelines to instruct states how to implement new driver’s licenses. DHS also
has agreed to extend the implementation deadline past the initial May 2008
deadline. States that are unable to meet the deadline will have until Dec. 31,
2009, to launch the program, which requires states to introduce physical and
electronic safeguards for the cards and at the registry locations. In the
162-page “Notice of Proposed Rulemaking,” DHS states that “any system developed
for purposes of the REAL ID Act will build in appropriate privacy and security
mechanisms to reduce the risk of unauthorized access, misuse, fraud, and
identity theft.” [Source] [Source]
[Source]
See also: [Opponents
Of REAL ID Act Issue New Call For Repeal Of Federal Law] [Draft Proposed Regulations]
[Coverage]
[ACLU
Slams Draft DHS Regulations on Real ID, Says Delay Fails to Address Privacy and
Civil Liberties Concerns]
The Federal Trade Commission plans to escalate its
attack against what is called adware or spyware by going after some of the
big-name Internet advertisers that hire the online distributors. “We need to
stop the demand side of spyware,” said Jon Leibowitz, one of the five
commission members and a Democrat. The FTC is sending letters to up to 200
major corporations to warn them to monitor how their ad dollars are used
online. Said Leibowitz: “This is a wake-up call to put them on notice. That
would be a good way to choke off the money.” The FTC move follows
with three
major online advertisers] and [Best
Practices: Factors for Use in the Evaluation of Potentially Unwanted
Technologies] and [Malware Increased
172 Percent in 2006, According to Report]
Senate debate on anti-terrorism legislation heated up
over national standards for driver’s licenses. The opening debate in the Senate
on The Improving America’s Security Act of 2007 – which would implement
the Sept. 11 bipartisan commission’s recommendations – included a flare-up over
implementation of the REAL ID Act. Sen. Susan Collins, R-Maine, introduced a
REAL ID amendment to postpone the law’s implementation date until May 2010. The
amendment also called for technology experts and privacy advocates to weigh in
on the standards. The overall bill includes provisions to improve privacy
protections, including more independence for a board that monitors whether
anti-terrorism programs violate civil liberties and annual reports from federal
agencies on data-mining technology. [Source]
[REAL ID
Deadline Evaporates Under Pressure ] [A brief
history of Real ID] [Highlights
of Proposed Rulemaking] [Cost
and Privacy Concerns Cited In New Rules for Driver’s Licenses] [ACLU Praises
Akaka-Sununu Real ID Repair Proposal]
Colorado Rep. Sara Gagliardi tabled a do-not-mail bill
on March 1. A week earlier, Montana Rep. Franke Wilmer killed a do-not-mail
bill. Both had received opposition from retailers, unions, and other
associations, including the National Letter Carriers Association. Both bills
would create a do-not-mail registry similar to the do-not-call registry.
Gagliardi said she plans to reintroduce a revised version of her bill next
year. Similar bills are pending in
New York Taxi drivers are threatening to strike over
the new tracking technology and credit card payment systems the Taxi &
Limousine Commission is requiring them to install in their vehicles. More than
100 drivers and medallion owners bundled up in scarves and ski caps for a rally
in front of the Commission headquarters on
--------