• Mission & Governance
• Services Overview
• How to Get Involved
• Standing Committees
• NCSL Foundation

• Issue Areas: A-Z
• State-Federal Relations
• NCSL Standing Committees
• News from D.C. and the States

• About State Legislatures
• Elections, Campaigns & Redistricting
• NCSL's StateConnect Directory
• Web Sites

• Online Guide to NCSL Services
• Staff Sections and Networks
• Meetings & Professional Development
• Staff Directories

• Meetings Calendar
• Online Registration
• Meetings Home Page
• Legislative Summit

• Bookstore
• State Legislatures Magazine
• NCSL's StateConnect Directory

News from the States

Spring/Summer 2003

In this issue:

Committee Update
Supreme Court Upholds Sex Offender Registration Laws
Super Digital Millennium Copyright Act (DMCA)
Protecting Children from Online Predators
IT Workers Required to Report Child Pornography
States Limit Cookies
Streamlined Sales and Use Tax Agreement Update
Federal Telemarketing Act Signed into Law
State Funding of E911

The next meeting of the NCSL Communications, Technology and Interstate Commerce Committee will be in San Francisco, California, July 21-25, 2003 during the Annual Meeting. The Committee agenda  includes programs on e-commerce, e-mail privacy, regulation of broadband and local exchange services, telecommunications and e-commerce taxation, streamlining sales taxes, Internet privacy, cyber security, justice technology and more. A special highlight of the meeting will be a tour to Silicon Valley for a first-hand look at new IT products and services. See the Committee web page for more information.  Also, check the at-a-glance agenda to find all the information technology and telecommunications programs during the San Francisco meeting.

- Submitted by Jo Anne Bourquard and Neal Osten

The Supreme Court has upheld Megan's Law allowing states to post the photographs and names of convicted sex offenders on the Internet. Intended to help citizens keep track of possible sexual predators in their neighborhoods, the justices agreed that "Megan's Law" did not violate a defendant's due process rights, nor did it amount to unconstitutional extra punishments. See Smith v. Doe, Connecticut Dept. of Public Safety v. Doe decisions and News.com.

At issue in one ruling was whether Alaska's Megan's Law, which applies to sex offenders who committed offenses before the effective date of the statute, unconstitutionally imposes "punishment" in violation of the ex post facto clause of the U.S. Constitution.

Writing for the majority, Justice Anthony Kennedy stated: "Our system does not treat dissemination of truthful information in furtherance of legitimate governmental objection as punishment."

In a second ruling, the court unanimously overturned a ruling in Connecticut that required a sex offender to have a hearing on whether they are "currently dangerous" before putting them in such a registry. Chief Justice, William Rehnquist, wrote that even if the petitioner "could prove he is not likely to be currently dangerous, Connecticut has decided that the registry information of all offenders -- currently dangerous or not -- must be publicly disclosed."

The rulings have far reaching consequences since 38 states currently post some kind of proprietary information about sex offenders on the Internet. Moreover, every state has a version of the registries modeled after "Megan's law," named after Megan Kanka, a 7-year-old New Jersey girl who was kidnapped, raped, and murdered by a twice-convicted sex offender who lived across the street.

NCSL joined the National Governors Association, the National League of Cities, the U.S. Conference of Mayors, the National Association of Counties, the International County/City Managers Association and the Council of State Governments in filing an amici curiae in the Connecticut case. The brief argued that the registries do not impose an unconstitutional extra punishment. 41 state attorneys general also filed briefs in support of the states' position.

Read the opinion.

Sex offender registration and community notification by state

- Submitted by Blake Harrison

At least seven states (Delaware, Illinois, Maryland, Michigan, Pennsylvania, Virginia and Wyoming) have enacted Digital Millennium Copyright Act (DMCA) measures that make it a crime to possess "unlawful communication and access devices." These state "Super DMCA" laws broaden the provisions of the federal Digital Millennium Copyright Act (DMCA) and allow communication service providers to limit connections to the Internet, cable or satellite television lines.

In 2003, Arkansas, Colorado, Florida, Georgia, Massachusetts, Oregon, South Carolina, Tennessee and Texas introduced bills containing similar Super DMCA provisions. None of the bills became law. The Colorado legislation was enacted, but subsequently vetoed by the Governor.

The bills forbid four general categories of activity:

• Possession, development, distribution or use of any communication device associated with a communication service without authorization from the service provider.
• Suppression of the origin of communication from the service provider.
• Possession, development, distribution or operation of any unlawful access device.
• Preparation or publication of any instructions for creating any device with knowledge that such a device will be used to violate the other prohibitions.

Critics of Super DMCA argue that these laws are unnecessary and represent an intrusion into the livelihood of law-abiding citizens, giving communication service providers unilateral control over what a person can connect to his or her home entertainment systems. They say these laws could impede security research and create an enormous opening for anti-competitive conduct by restricting originality. They also maintain that the language of the proposed legislation inadvertently would outlaw the use of security technologies such as encrypted email and firewalls. Most firewalls, which utilize technology that translates and conceals the source and destination of email traffic, would be ineffectual, severely undermining privacy and security. The legislation would increase the vulnerability of communications and the Internet at a time when cyber security is so vital.

- Submitted by Janna Goodwin

Protecting Children from Online Predators

Sixty-five percent of American children use the Internet from home, school, or some other location. And while the Internet can offer many educational resources and enriching experiences for children, it may also be a threat to their safety. A 2000 National Center for Missing and Exploited Children survey of youth ages 10 to 17 found that approximately one in five received a sexual solicitation or approach over the Internet in the preceding year.

More than half the states have laws that specifically prohibit electronic luring or solicitation of minors by computer for the purpose of inducing them to engage in illegal sexual conduct. Laws that do not include specific references to electronic communication may still be used against online predators, but specific language can make the laws easier to enforce.

In 2003, Idaho (H.B. 266), Georgia (H.B. 462) and Utah (H.B. 334) enacted legislation relating to computer enticement of children.

- Submitted by Pam Greenberg

At least four states -- Arkansas, Missouri, South Carolina, and South Dakota -and Congress (U.S. Code Title 42, Section 13032) have enacted laws requiring computer technicians or Internet service providers to report child pornography if they encounter it in the scope of their work. The laws do not require technicians or service providers to search for the illegal material, only to report it if they find it. Similar laws apply to film developers who encounter child pornography on the job.

Critics charge that this type of law unfairly transfers law enforcement duties to individuals who may not be qualified to handle evidence or determine what constitutes child pornography. Supporters say reporting mandates for photo labs have proven effective, and that similar laws for IT workers will help combat child pornography on the Internet. A similar bill has been introduced in Illinois.

- Submitted by Pam Greenberg

A growing area of concern on the internet are Web sites that use cookies without providing a privacy policy that lets the user know what cookies are being used. The Merriam-Webster Online dictionary defines a cookie as "a small file or part of a file stored on a World Wide Web user's computer, created and subsequently read by a Web site server, and containing personal information (as a user identification code, customized preferences, or a record of pages visited)." The cookies that cause the most concern are those that allow a site operator to collect personal information the user provides to the website and then share that information with a third party.

Two states have enacted legislation to govern how state agency Web sites use cookies and collect personal information. Montana's Governmental Internet Information Privacy Act requires government Web sites to have a conspicuous notice to the user that information is being collected. The act also requires sites to obtain the user's agreement to the collection of the information and to provide information about how to contact the Web site operator. Virginia's statute requires that the site administrator establish a privacy policy that includes information on the site's use of cookies as well as what information is gathered and how it will be used. Illinois H.B.0032 is waiting approval by the governor. If passed, it will allow government Web sites to use cookies only to aid transactions and will restrict the use of permanent cookies.

In addition to these laws governing state use of cookies, at least eleven states (Arizona, Arkansas, Illinois, Maine, Maryland, Michigan, Montana, New York, South Carolina, Texas, and Virginia) have laws requiring state government Web sites or state portals to establish privacy policies and procedures, or to incorporate machine-readable privacy policies into their Web sites.

- Submitted by Anna Deel and Pam Greenberg

Streamlined Sales and Use Tax Agreement Update

As of July 2003, twenty states have enacted legislation to conform with the terms of the Streamlined Sales and Use Tax Agreement in an effort to achieve uniformity and simplification in state sales and use tax collection. The states include Arkansas, Iowa, Indiana, Kansas, Kentucky, Minnesota, Nebraska, Nevada, North Carolina, North Dakota, Ohio, Oklahoma, South Dakota, Tennessee, Texas, Utah, Vermont, Washington, West Virginia and Wyoming. The voluntary agreement will become operational when at least 10 states, representing at least 20 percent of the population, are certified to be compliant with the Agreement.

- Submitted by Neal Osten (D.C.) and Graham Williams (Denver)

On March 11, 2003, President Bush signed into law the "Do-Not-Call Implementation Act" (P. L. 108-10). The act authorizes the Federal Trade Commission (FTC) to collect fees to fund its national do-not-call registry. In 1994, Congress passed the Consumer Fraud and Abuse Prevention Act that gave the FTC the discretion to create a national do-not-call program. The 1994 law makes it illegal for a telemarketer to call after a consumer has requested not to be. And, it requires telemarketers to keep "do-not-call" lists.

In addition to authorizing the collection of fees to fund the national registry, the 2003 law requires the FTC and the Federal Communications Commission (FCC) to send out separate reports to Congress containing information on any inconsistencies between do-not-call rules issued by each agency and any proposals to remedy the inconsistencies. Among other items, the two agencies are to report to Congress on the number of persons paying fees for access to the registry and the amount of the fees. And, they are to provide a review of enforcement proceedings under the Telemarketing Sales Rule and the Telephone Consumer Protection Act.

Consumers continue to add their telephone numbers to the National Do Not Call Registry at a brisk pace. As of July 3, 2003, 16.9 million telephone numbers had been added to the registry. Internet registration is available at www.donotcall.gov and telephone registration is available by calling 1-888-382-1222.

As of July 1, 2003, 38 states have created their own state do-not-call acts. The primary intent of the first law, passed in Florida, was to protect the elderly.

- Submitted by Bob Boerner

Jennifer Koon, daughter of New York State Assemblyman David Koon, was abducted and killed in 1993. Before dying, she called 911 on her cellular telephone, hoping that an emergency or law enforcement official would come to her aid. Unfortunately, unlike a call to a 911 center on a traditional telephone, emergency operators are not always able to pinpoint the location of the cellular telephone caller.

In 1996, the Federal Communications Commission (FCC) set deadlines for implementing Enhanced 911 service - a system that will track cellular telephone callers who need emergency assistance. The FCC required that within six months of a 911 center's request, cellular telephone companies must provide a service that shows a caller's telephone number and the location of the cellular tower used to relay the call. According to the FCC, five of the six nationwide carriers have fulfilled about 70 percent of these requests.

In the second stage, begun in 2001, wireless companies must respond to 911 center requests by providing the technology that can locate callers more precisely by using global positioning satellites and telephone networks. The system has been established in 16 states.

Twenty-one state legislatures considered a variety of related E911 measures in 2003 including increasing monthly subscriber fees and establishing interim working groups. Indiana lawmakers (S.B. 401) revised the types of investments in which money in the wireless emergency telephone system fund may be placed. Mississippi (H.B. 446) required commercial mobile radio service to provide wireless enhanced 911 services. And, Virginia lawmakers (S.B. 942, Chapter 0341) outlined how providers can collect the wireless E 911 surcharge.

- Submitted by Bob Boerner