Focusing public attention on emerging privacy and civil liberties issues
  • USA Today 07-04-14
  • Riley v. California
  • EPIC v NSA
  • “We
  • EPIC's Marc Rotenberg Attends A Briefing At The White House on NSA Telephone Surveillance
  • Special Message from dahah boyd: In an era where privacy issues are ever-present, we need EPIC's diligence. Please support their important work! Support EPIC.
  • 2014 Logo

Latest News - July 31, 2014

Senators Markey and Hatch Introduce Student Privacy Legislation

Today, Senators Edward Markey (D-MA) and Orrin Hatch (R-UT) introduced legislation to require privacy safeguards for education records and prohibit the use of student information for advertising purposes. The "Protecting Student Privacy Act of 2014" would give students the right to access and amend their records that are held by private companies. The bill also requires schools to minimize the amount of personally identifiable information transferred to private companies. The bill requires companies to destroy student information "when the information is no longer needed for the specified purpose." The bill incorporates many of the proposals EPIC set out in the Student Privacy Bill of Rights. Senator Markey announced plans to introduce student privacy legislation earlier this year at EPIC's public panel on student privacy. For more information, see EPIC: Student Privacy.

Senator Leahy Introduces Bill to End NSA Bulk Record Collection

Today Senator Patrick Leahy (D-VT), joined by Democratic and Republican Senators, introduced legislation to end the NSA's practice of collecting telephone records of Americans. Leahy described the bill as "the most significant reform of government surveillance authorities since Congress passed the USA PATRIOT Act 13 years ago." The USA Freedom Act would require require the government to specify specific "search terms" to obtain telephone record information. The government would have to demonstrate that it has a "reasonable, articulable suspicion" that the search term is associated with a foreign terrorist organization. The bill also requires a comprehensive transparency report for the use of FISA surveillance authorities. However, the bill exempts the FBI from certain reporting requirements. Civil liberties organizations support the bill. EPIC previously filed a Petition for Mandamus with the U.S. Supreme Court, seeking to end the bulk collection of American's phone records. EPIC's petition was supported by legal scholars, technical experts, and former members of the Church Committee. For more information, see In re EPIC and EPIC: FISA Reform.

Federal and State Wiretaps Up 5% in 2013 According to Annual Report, But Stats Don't Support FBI Claims of "Going Dark"

The Administrative Office of the U.S. Courts has issued the 2013 Wiretap Report, detailing the use of surveillance authorities by law enforcement agencies. This annual report, one of the most comprehensive issued by any agency, provides an insight into the debate over surveillance authorities and the use of privacy-enhancing technologies. In 2013, wiretap applications increased 5%, from 3,576 to 3,395. Authorities encountered encryption during 41 investigations, but encryption prevented the government from deciphering messages in only 9 cases. This statistic contradicts claims that law enforcement agencies are "going dark" as new technologies emerge. Of the 3,074 individuals arrested based on wiretaps in 2013, only 709 individuals were convicted based on wiretap evidence. EPIC has repeatedly called on greater transparency of FISA surveillance, citing the Wiretap Report as a model for other agencies. EPIC also maintains a comprehensive index of the annual wiretap reports and FISA reports. For more information, see EPIC: Title III Wiretap Orders, EPIC: Wiretapping, and EPIC: Foreign Intelligence Surveillance Act.

EPIC, Consumer Groups Challenge Facebook on Web Snooping

EPIC, along with a coalition of consumer groups, has urged the Federal Trade Commission to block Facebook's plan to collect users' web browsing history. Facebook recently announced plans to collect user data from sites all over the web. But the practice may violate a Federal Trade Commission order prohibiting Facebook from changing its business practices without users' express consent. The groups asked the FTC "to act immediately to notify the company that it must suspend its proposed change in business practices to determine whether it complies with current U.S. and EU law." EPIC has also filed a FOIA request, seeking the FTC's communications with Facebook about this change. For more information, see EPIC: Facebook Privacy, EPIC: Online Tracking and Behavioral Privacy, and EPIC: FTC.

Obama Drone Order Fails to Safeguard Privacy

According to reports, President Obama is set to issue an executive order on drone privacy. The order would call for the development of voluntary best practices for the commercial use of drones. Senator Markey and Representative Welch immediately responded to the reports with a letter to the President urging "strong, enforceable rules - not voluntary best practices...." EPIC has testified in Congress in support of a comprehensive drone privacy law. EPIC called for drone legislation to include use limitations, data retention limitations, transparency, and public accountability. The Federal Aviation Administration agreed to address drone privacy issues after an EPIC-led coalition petitioned the agency two years ago. Last year, EPIC urged the agency to mandate minimum privacy standards for drone operators. For more information, see EPIC: Domestic Drones.

EPIC Tells Congress FTC Does Not Enforce Consent Orders

EPIC has sent a letter to the House Committee on Oversight and Government Regulation stating that the Federal Trade Commission rarely enforces "Section 5" consent orders. EPIC also said that the Commission has never modified a consent order in response to public comments or required companies to implement the Consumer Privacy Bill of Rights. The Committee believed the Commission has gone too far to protect the privacy of American consumers. EPIC wrote "the opposite is true." Senator Rockefeller also wrote a letter, urging the Committee not to interfere in the FTC's "well-established legal authority." For more information, see EPIC: Wyndham Hotels and EPIC: FTC.

EPIC Urges Privacy Board to Address Concerns About 12333 Surveillance Authority

EPIC National Security Counsel Jeramie Scott has urged the Privacy and Civil Liberties Oversight Board to focus on surveillance conducted under Executive Order 12333. The Executive Order, signed in 1981, granted broad surveillance authority to the Intelligence Community with little oversight. The Order has enabled vast surveillance of Americans, but has received little attention. EPIC previously urged the Privacy Board to establish greater legal protection for metadata, increase safeguards for personal data, and minimize data collection. At the Board's first public meeting in 2012, EPIC recommended that the Board ensure Privacy Act adherence and investigate privacy concerns with the Fusion Center program, closed-circuit television surveillance, body scanners, surveillance drones, and Suspicious Activity Reporting. So far, the Privacy Board has focused almost entirely on "section 215" and "section 702" surveillance programs. For more information, See EPIC: Executive Order 12333.

Privacy Lawsuit Against Google for Policy Change Moves Forward

A federal court in California has ruled that a class action privacy lawsuit against Google can continue. The plaintiffs are Android users who sued Google in 2012 after the company consolidated user data across many separate services, including Gmail, Google+, and Youtube. They allege that Google concealed a plan to modify its privacy policies and also that Google violated the privacy policy for GooglePlay. After dismissing similar claims, the court held that the case may now go forward. In 2012, EPIC objected to the same change in Google's policy and urged the Federal Trade Commission to block the change because of a 2011 consent order in which Google agreed not to combine user data without user consent. After the FTC failed to act, EPIC sued the agency. Members of Congress, state Attorneys General, European Justice Officials, technical experts, and IT managers in government and the private sector also expressed concern about the 2012 Google policy change. For more information, see EPIC: EPIC v. FTC (Google Consent Order) and EPIC: FTC.

EPIC Files Lawsuit For Details of Government Profiling System

EPIC has filed a Freedom of Information Act lawsuit about a controversial government data mining program, operated by the Department of Homeland Security. The "Analytical Framework for Intelligence" contains a vast amount of sensitive personal information obtained from government agencies and the private sector. The system is used by the DHS for link analysis, anomaly detection, pattern analysis, and predictive modeling. The system also incorporates "risk assessment" scores from the Automated Targeting System also operated by the DHS. EPIC has urged the suspension of the risk assessment system, arguing that the use of such factors as race and nationality in a government database is unconstitutional. The case is EPIC v. Customs and Border Protection, No 14-1217 (D.D.C. filed 7/18/2014). For more information see: EPIC: Automated Targeting System, EPIC: Open Government and EPIC: EPIC v. Customs and Border Protection (Analytical Framework for Intelligence).

EPIC Uncovers Complaints from Education Department about Misuse of Education Records

EPIC has obtained documents from the Department of Education detailing parent and student complaints about the misuse of educational records. The Department released the documents in response to an EPIC Freedom of Information Act request. The documents reveal that schools and districts have disclosed students' personal records without consent, possibly in violation of the Family Educational Rights and Privacy Act. The documents also reveal that the Department failed to investigate many FERPA complaints. EPIC is expecting to receive more documents about the agency’s enforcement of the federal student privacy law. For more information, see EPIC: Student Privacy and EPIC: Open Government.

EPIC Seeks Government Report about Security of Internet Voting

EPIC has filed a Freedom of Information Act request with the Department of Defense for records detailing the security of online voting. The agency administers the Federal Voting Assistance Program, which has promoted online voting and provided funding to states for internet voting technology. Computer scientists have expressed concern about the reliability of these systems and privacy risks for voters. At a Congressional hearing in 2012, the agency promised to release the results of security tests it had conducted on voting software by December 2012. Because the agency has failed to make the test results public, EPIC has demanded these results, as well as related documents, be disclosed. For more information see: EPIC: Open Government and EPIC: Voting Privacy.

Following EPIC Complaint, Senator Seeks Investigation of Facebook User Manipulation Study

Senator Mark Warner has asked the Federal Trade Commission to investigate the legality of Facebook's emotional manipulation study. In a letter to the Commission, Senator Warner stated that "it is not clear whether Facebook users were adequately informed and given an opportunity to opt-in or opt-out." He asked the FTC to conduct an investigation to see "if this 2012 experiment violated Section 5 of the FTC Act or the 2011 consent agreement with Facebook," two issues raised in EPIC's earlier complaint. "The company purposefully messed with people's minds," wrote EPIC in a complaint to the Commission. EPIC charged that Facebook violated a consent decree that required the company to respect user privacy and also engaged in a deceptive trade practice. EPIC has asked the FTC to require that Facebook make public the News Feed algorithm. For more information, see EPIC: In re Facebook, EPIC: In re Facebook (Psychological Study), and EPIC: FTC.

Top News Archive