Landau, "A Gateway for Hackers:
The Security Threat in
the New Wiretapping Law"

National Academy Calls for Comprehensive Review of Counterterrorism Programs for Effectiveness, Privacy Impacts
According to a new report from the National Research Council, all U.S. agencies with counterterrorism programs that collect or "mine" personal data -- such as phone records or Web sites visited -- should be required to evaluate the programs' effectiveness, lawfulness, and impacts on privacy. The report -- "Protecting Individual Privacy in the Struggle Against Terrorism: A Framework for Program Assessment -- sets out a program checklist agencies should follow, and urges Congress to establish new restrictions on how agencies can collect and use personal data. Press Release. Podcast. Webcast. Report (pdf). EPIC has written extensively on the problems with data mining and opposed the establishment of Total Information Awareness. (Oct. 7)

UPDATED - Supreme Court Hears Argument in Police Database Errors Case.
Today, the U.S. Supreme Court heard arguments in Herring v. United States. The case will determine whether an arrest based on inaccurate information in a criminal justice database should be upheld. EPIC filed a "friend of the court" brief (pdf) in the case, urging the Justices to ensure the accuracy of police databases. The EPIC brief was filed on behalf of 27 legal scholars and technical experts and 13 privacy and civil liberty groups. EPIC explained how government databases are becoming increasingly unreliable, according to the government's own studies and urged the Court to “ensure an accuracy obligation on law enforcement agents who rely on criminal justice information systems.” The amici warned that, “to permit a good faith reliance on data that is inaccurate, incomplete, or out of date will actually exacerbate the problem and increase the likelihood of unfair treatment in the criminal justice system.” Transcript. For more, see EPIC's Herring v. U.S. page. (Oct. 7)

EPIC Publishes Open Government Litigation Manual
Today, EPIC published the 2008 edition of "Litigation Under the Federal Open Government Laws." It is the most comprehensive, authoritative discussion of the federal open access laws. The 24th edition of this standard reference work features updated content and a foreword by Senator Patrick Leahy, co-sponsor of the OPEN Government Act of 2007. The book contains the texts of the US open government laws, including the Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and the Federal Advisory Committee Act. Today's publication date celebrates International Right to Know Day, which was established to raise awareness of every individual's right of access to government-held information. For more, see EPIC's 2008 FOIA Litigation Manual. (Sept. 26)

EPIC Urges FTC to Establish Privacy Safeguards for RFID Tags
In comments to the Federal Trade Commission, EPIC reiterated recommendations (pdf) it made in 2004 to the consumer protection agency to address the risks to consumer safety of the unregulated use of RFID tags that reveal personal data. The FTC is hosting a “Transatlantic RFID Workshop on Consumer Privacy and Data Security" to discuss consumer concerns. The workshop follows an event, organized by the US Department of Commerce, promoting the benefits of RFID. Comments on RFID may be submitted to the FTC until October 23. For more, see EPIC's RFID Privacy page. (Sept. 22).

Senate Begins Hearings on FBI Attorney General Guidelines
The Senate Judiciary Committee is holding an oversight hearing on the FBI. The FBI is proposing to adopt new guidelines for domestic operations that would permit "assessments" of individuals without any suspicion of criminal wrongdoing that could then lead to full investigations. The proposed Guidelines also appear to rescind 2003 principles that limit the use of racial factors to national security investigations. Several Senators have expressed concern about the proposal. See EPIC Attorney General's Guidelines. (Sept. 17)

Identity Theft Legislation Passes Congress
The House of Representatives has approved the Identity Theft Enforcement and Restitution Act, legislation introduced by Senator Patrick Leahy that passed the Senate in 2007. The bill contains new provisions to provide restitution to victims of identity theft and expands the computer crime law to address the problem of spyware. The President is expected to sign the measure. Senator Leahy and Senator Specter are also pressing for passage of the Personal Data Privacy and Security Act, which addresses consumer concerns such as security breaches and the misuse of the Social Security Number. The bill is currently pending in the Senate. For more, see EPIC Identity Theft: Its Causes and Solutions. (Sept. 16).

Privacy08 - Third Party Candidates Issue Strong Statement on Privacy
Charging that the Republican and Democratic parties have ignored the "most important issues facing our nation," Presidential candidates Chuck Baldwin, Bob Barr, Cynthia McKinney, and Ralph Nader issued a strong statement on four key issues, including privacy. The Privacy Principle begins "We must protect the privacy and civil liberties of all persons under US jurisdiction." The candidates said the principles "should be key in the considerations of every voter this November and in every election." The announcement was made at a National Press Club event organized by Ron Paul's Campaign for Liberty. For more information on privacy and the 2008 presidential elections, visit Privacy08 and Friend the Cause. (Sept. 15).

Cloud Computing Raises Privacy Concerns
A new report from Pew Internet and American Life Project indicates that "cloud computing" applications, such as web-based email and other web apps, are raising new privacy concerns. The report Use of Cloud Computing: Applications and Services found that 69% of online Americans use webmail services, store data online, or use software programs such as word processing applications whose functionality is located on the web. At the same time, "users report high levels of concern when presented with scenarios in which companies may put their data to uses of which they may not be aware." For example, 90% of respondents said that they "would be very concerned if the company at which their data were stored sold it to another party," 80% say "they would be very concerned if companies used their photos or other data in marketing campaigns," and 68% of "users of at least one of the six cloud applications say they would be very concerned if companies who provided these services analyzed their information and then displayed ads to them based on their actions." For more information on public attitudes on privacy, see EPIC Public Opinion and Privacy Page. (Sept. 12)

EPIC Testifies Before the Homeland Security Committee
EPIC Associate Director Lillie Coney testified (pdf) at a Congressional hearing on "Ensuring America's Security: Cleaning Up the Nation's Watchlists". Ms. Coney said that there are several problems with the watchlist program: it is not subject to the Privacy Act, the watchlists are full of errors, the secure flight program may become a textbook case of "security theater," and the traveler redress program is not designed to do what it claims. For more information, see EPIC Spotlight on Surveillance: Secure Flight, EPIC Spotlight on Surveillance: Travel Redress Program, and EPIC Air Travel Privacy Page. (Sept. 9)

Presidential Candidate Bob Barr Speaks at Privacy 08 Event in Washington, DC
The Libertarian candidate for President Bob Barr spoke today at the National Press Club. The former Congressman urged the Republican and Democratic candidates to address the growing concerns in the United States about the protection of privacy. Mr. Barr is an outspoken critic of the REAL ID plan and the President's warrantless wiretapping program. The Privacy '08 Campaign is planning other forums for the candidates as the election approaches. (Sept. 5)

Conventions Begin, Privacy 08 Campaign Underway
With the Presidential Conventions beginning this week, EPIC has launched the Privacy 08 Campaign, a nonpartisan effort to promote privacy discussions during the 2008 Presidential campaign. After the political conventions are over, EPIC will host an event at the National Press Club on September 5, 2008 for one of the Presidential candidates who will speak about the privacy and civil liberties challenges facing the country. Join the Cause! Buy cool stuff! Support Privacy 08! (Aug. 25)

Appellate Court Holds that Watch List Decisions Subject to Court Review
A federal court has ruled that airline passengers who are on no-fly lists can sue to clear their names. The watch lists are filled with errors and generate many false positives, but adverse determinations are virtually impossible to challenge. Homeland Security Secretary Michael Chertoff has objected to court oversight, but refuses to disclose the details behind the lists. EPIC previously documented numerous errors and complaints regarding air travel watch lists. For more information, see EPIC's "Air Travel Privacy" page. (Aug. 21)

Warrantless Wiretapping Case Returns to Trial Court
Today, a lawsuit challenging AT&T's participation in President Bush's warrantless wiretapping program was sent back to trial court. The lawsuit arises from the government's surveillance of Americans' telephone and Internet communications in apparent violation of the Constitution and federal privacy laws. Telecom companies, including AT&T, helped the government spy on Americans. The trial court will apply recently-passed federal law to the case, which provides immunity for corporations' participation in the spy scheme under certain circumstances. In 2007, EPIC filed a "friend-of-the-court" brief in collaboration with the Stanford Constitutional Law Center, supporting judicial review of the domestic spy program. For more information, see EPIC's "Hepting v. AT&T" and "FISA" pages. (Aug. 21)

EPIC Protects Worker Privacy
In comments to the General Services Administration (GSA), EPIC argued for privacy protections for federal contractor employees. The GSA sought comments on implementing an executive order mandating that federal contractors use the E-Verify system. The GSA proposed rule would require that new hires and current employees be verified against databases known to contain millions of errors, with failures to verify leading to eventual termination. EPIC recommended fixing database errors, applying Privacy Act protections, and exempting current employees before implementing the rule. For more see EPIC's Spotlight on Surveillance: National Employment Database Could Prevent Millions of Citizens From Obtaining Jobs. (Aug. 11)

Previous Top News Archive

Spotlight on Surveillance

Proposed ‘Enhanced’ Licenses Are Costly to Security and Privacy

Hot Topics

October 2008
Automated Targeting System
Deep Packet Inspection
Domestic Surveillance
Facebook
FISA
Fusion Centers
Google/DoubleClick
Iraqi Biometric Identification System
Medical Record Privacy
National ID
National Security Letters
Open Government
Olympic Privacy
Passport Privacy
Phone Records
Search Engine Privacy
Social Networking Privacy
Voter Registration Databases

EPIC Docket Highlights

October 2008
EPIC v. FTC
EPIC v. VSP (Fusion Centers)
EPIC FTC Complaint (Google)
Gonzales v. ACLU
EPIC v. DHS (passenger data)
EPIC v. DOJ (NSA surveillance)
EPIC v. DOJ (IOB reports)
EPIC v. DOD (TIA/fee waiver)
Illegal Sale of Phone Records

EPIC amicus briefs:
Bunnell v. MPAA (Wiretap)
Crawford v. Marion County (Voter ID)
Doe v. Chao (Privacy Act)
BATF v. Chicago (FOIA)
Watchtower Bible v. Stratton (Anonymity)
Reno v. Condon (DPPA)
Smith v. Doe (Megans Law)
Gilmore v. Ashcroft (Secrecy)
ACLU v. DOD (Secrecy)
Gonzales v. Doe (Wiretap)
Hepting v. AT&T (Wiretap)
Herring v. US (Errors in databases)
Hiibel v. Nevada (Anonymity)
IMS Health v. Ayotte
(Medical privacy)
Kehoe v. Fidelity Bank (Consumer privacy)
Kohler v. Englade (DNA)
NCTA v. FCC (Phone records privacy)
New Jersey v. Reid
(ISP subscriber privacy)
Peterson v. NTIA (WHOIS data)
US v. Councilman (Wiretap)

Complete EPIC Docket