Latest News - September 16, 2014
The FBI announced that the Next Generation Identification system, one of the largest biometric databases in the world, has reached "full operational capability." In 2013, EPIC filed a Freedom of Information Act lawsuit about the NGI program. EPIC obtained documents that revealed an acceptance of a 20% error rate in facial recognition searches. Earlier this year, EPIC joined a coalition of civil liberties groups to urge the Attorney General Eric Holder to release an updated Privacy Impact Assessment for the NGI. The NGI is tied to "Rap Back," the FBI's ongoing investigation of civilians in trusted positions. EPIC also obtained FOIA documents revealing FBI agreements with state DMVs to run facial recognition searches, linked to NGI, on DMV databases. EPIC's recent Spotlight on Surveillance concluded that NGI has "far-reaching implications for personal privacy and the risks of mass surveillance." For more information, see EPIC: EPIC v. FBI - Next Generation identification.
EPIC has filed a Freedom of Information Act lawsuit to obtain test reports about an online voting program promoted by the Department of Defense. The records sought relate to the functionality and security of electronic voting systems. The California Secretary of State, Members of Congress, and voting rights advocates have tried to obtain these documents, but DOD has kept them secret even after promising public disclosure in 2012. Computer scientists have long warned about the risks of electronic voting systems. In the complaint, EPIC states that "it is absolutely critical for the documents sought in this matter be disclosed prior to further deployment of e-voting systems in the United States." The case is EPIC v. Department of Defense, No 14-1555 (D.D.C. filed 9/11/2014). For more information, see EPIC: EPIC v. DOD - E-voting Security Tests.
EPIC has filed an amicus curiae brief, joined by 33 technical experts and legal scholars, in support of a challenge to the NSA telephone record collection program. The case Smith v. Obama will be heard by the Court of Appeals for the Ninth Circuit this fall. Earlier this year, a lower court ruled that the Fourth Amendment does not protect telephone call record information because of a 1979 case Smith v. Maryland. In the brief for the federal appeals court, EPIC wrote that "changes in technology and the Supreme Court's recent decision in Riley v. California favor a new legal rule that recognizes the privacy interest inherent in modern communications records." EPIC routinely participates as a friend of the court in cases raising novel privacy and civil liberties issues. For more information, see EPIC: Smith v. Obama, EPIC: Riley v. California, and EPIC Amicus Briefs.
The Federal Trade Commission will host a workshop entitled "Big Data: A Tool for Inclusion or Exclusion?" The FTC will explore the effects of "big data" analytics on low-income and other underserved communities. Several members of the EPIC Advisory Board will be participating. Earlier this year, the FTC published a report on data brokers, warning that, "collecting and storing large amounts of data not only increases the risk of a data breach or other unauthorized access but also increases the potential harm that could be caused." The White House also convened a task force and published a report on "big data" this year. At EPIC's urging, the White House included public participation in the review process. EPIC submitted extensive comments, warning about the enormous risk to Americans of current "big data" practices but also made clear that problems are not new, citing the Privacy Act of 1974. In 2009, EPIC testified in support of new legislation to regulate the data broker industry. For more information, see EPIC: Big Data and the Future of Privacy, and EPIC: FTC.
According to the Pew Research Report "Social Media and the 'Spiral of Silence,'" most users of social media are afraid to talk about government surveillance on Facebook, Twitter, and other social platforms. Users were more willing to share their views on government surveillance if they thought others shared the same view. Those who thought they held minority views were more likely to self-censor—an effect known as the "spiral of silence." In 2012, EPIC obtained FOIA documents revealing that the Department of Homeland Security monitored social media for political dissent. A subsequent Congressional hearing led the DHS to cancel the program. For more information, see EPIC v. DHS: Media Monitoring and EPIC: Public Opinion on Privacy.
Education New York, a leading student privacy rights organization, is urging students and parents to opt-out of the use of educational records for marketing purposes. The data typically includes name, address, telephone number, birth date, and other personal information in student records. Education New York’s founder Sheila Kaplan stated, "I'm thrilled that with greater awareness of the issues, more parents have been joining the fight for students’ privacy rights." EPIC has long supported stronger privacy protections for student records. In 2012, EPIC sued the Education Department concerning changes to the student privacy law. Earlier this year, EPIC a hosted panel in Washington DC with Senator Ed Markey, "Failing Grade: Education Records and Student Privacy." For more information, see EPIC v. the Department of Education and EPIC: Student Privacy.
More than eight years after filing a Freedom of Information Act request for the legal justification behind the "Warrantless Wiretapping" program of President Bush, EPIC has now obtained a mostly unredacted version of two key memos (OLC54) and (OLC85) by former Justice Department official Jack Goldsmith. EPIC requested these memos just four hours after the New York Times broke the story about the program in December 2005. When the agency failed to release the documents, EPIC filed a lawsuit. The ACLU and the National Security Archive later joined the case. These two Office of Legal Counsel memos offer the fullest justification of the warrantless wiretapping program available to date, arguing that the president has inherent constitutional power to monitor American's communications without a warrant in a time of war. But some parts of the legal analysis, including possibly contrary authority, are still being withheld. The warrantless wiretapping program was part of "Stellar Wind," a broad program of email interception, phone record collection, and data collection undertaken by the NSA without the approval of Congress. For more information see EPIC: EPIC v. DOJ: Warrantless Wiretapping Program.
According to the Washington Post, the Department of Army will not deploy video surveillance cameras over the nation's capital. The announcement follows the release of documents to EPIC in a Freedom Information Act lawsuit. The blimps provide radar-based aerial surveillance and targeting capabilities. A recent video by the contractor Raytheon revealed that 24/7 video surveillance feed is easily incorporated. An Army Spokesperson told the Post that the blimps will "absolutely, 100 percent" not include video capacity. A similar EPIC FOIA case against the Bureau of Customs and Border Protection revealed that drones are designed to incorporate advance video surveillance gear even when not initially deployed. For more information, see EPIC: EPIC v. Army - Surveillance Blimps, EPIC: Domestic Unmanned Aerial Vehicles (UAVs) and Drones, and EPIC: Freedom of Information Act Litigation.
The Federal Trade Commission has reached a settlement with Google over allegations that the company unfairly charged parents millions of dollars for their children's in-app purchases. The settlement mandates that Google provides full refunds for unauthorized purchases. The FTC agreement will be subject to public comments. Comments are due October 6, 2014. The Commission has previously settled charges with Apple and sued Amazon for charging parents for their kids unauthorized in-app purchases. Previously EPIC has urged the FTC to require companies subject to privacy consent orders to adhere to the Consumer Privacy Bill of Rights. For more information, see EPIC: Federal Trade Commission and EPIC: Search Engine Privacy.
Verizon will pay the Federal Communications Commission $7.4 million to settle claims that the company violated the privacy rights of nearly two million consumers. The FCC found that Verizon failed to inform consumers of their privacy rights, including how to prevent their personal information from being used for marketing purposes. The Verizon payment is the largest consumer privacy settlement in FCC history. In 2013, EPIC urged the FCC to investigate Verizon's disclosure of customer record information to the NSA. Also, in response to a 2005 EPIC petition, the FCC strengthened privacy protections for telephone records, which EPIC defended in a "friend of the court" brief for the DC Circuit, establishing support for opt-in privacy safeguards. For more information, see EPIC: Customer Proprietary Network Information, EPIC: NCTA v. FCC (Concerning privacy of CPNI), EPIC: US West v. FCC (Privacy of Telephone Records), and In re EPIC (NSA Telephone Records Surveillance).
A data breach at Home Depot might have exposed millions of consumers' credit card records, according to an announcement from Home Depot's corporate center. "We're looking into some unusual activity that might indicate a possible payment data breach," the announcement read, "If we confirm a breach has occurred, we will make sure our customers are notified immediately." In the last year, 70 million Target customers, 33 million Adobe users, 4.6 million Snapchat users, and potentially all 148 million eBay users had their personal information exposed by database breaches. In May of this year, the President's science advisors surprisingly found little risk in the massive collection of personal data by companies. However, a recent FTC report on data brokers warned that "collecting and storing large amounts of data not only increases the risk of a data breach or other unauthorized access but also increases the potential harm that could be caused." EPIC has urged the White House to enact the Consumer Privacy Bill of Rights and to promote Privacy Enhancing Techniques that minimize or eliminate the collection of personally identifiable information. For more information, see EPIC: Big Data and the Future of Privacy, and EPIC: Identity Theft.
Antitrust officials in the European Union have begun an investigation into Facebook's acquisition of the messaging service WhatsApp. WhatsApp gained popularity based on its pro-privacy approach to user data. Following the announcement of Facebook's plan to acquire the company, EPIC filed two complaints with the Federal Trade Commission, urging the FTC to block the sale unless adequate privacy safeguards for WhatsApp users were established. The Commission then notified Facebook and WhatsApp that they must honor their privacy commitments to users but questions remain about future business practices. Now European antitrust regulators have served Facebook with a questionnaire of more than 70 pages to determine whether the merger violates European antitrust laws. For more information, see EPIC: In re WhatsApp, and EPIC: FTC.
Top News Archive
Defend Student Privacy.
Opt Out of Marketing:
Vote For EPIC's SXSWedu 2015 Panel
"Data Privacy: Can Innovation and Privacy Coexist?"
Vote for EPIC's SXSW Interactive 2015 Panel
"When Brands Get Creepy: Where to Draw the Line?"
EPIC in the News
A day in the life of a data mined kid
September 15, 2014
FBI's Facial-Recognition Technology Has Achieved 'Full Operational Capability'
September 15, 2014
More EPIC in the News >>
OECD Forum of the Knowledge Economy
Ministry of Internal Affairs
October 2, 2014
International Working Group on Data Protection and Telecommunications
October 14-15, 2014
OECD Experts on International Security Guidelines
October 27, 2014
More EPIC Events >>
Recent EPIC Events
EPIC 2014 Champion of Freedom Awards Dinner
June 2, 2014
January 14, 2014
USA Today: Facebook Study Sparks Outrage and an FCC Complaint
Designing Technology to Restore Privacy: Deborah C. Peel, MD at TEDxTraverseCity 2014
Privacy Video Archive >>
In re EPIC
In re EPIC
(Petition to U.S. Supreme Court Challenging NSA Telephone Records Program)
EPIC FOIA Cases
EPIC v. DOJ
(Government Surveillance Reports)
More EPIC FOIA Cases >>
EPIC Amicus Briefs
Riley v. California
(Warrantless Search of a Cell Phone During an Arrest)
More EPIC Amicus Briefs >>
Other EPIC Filings
Facebook - WhatsApp
More EPIC Filings >>