Electronic Privacy Information Center

FCC Backs Off Net Filtering Plan
FCC Chairman Kevin Martin has said that he will not pursue a government-mandated content filter as part of a proposal for a nationwide free wireless broadband network. EPIC had opposed the provision and said that it would create a dangerous precedent that would encourage governments to limit access to unpopular or controversial speech. For more information on content filters, see the EPIC publication "Filters and Freedom" available at Powell's and Amazon. (Jan. 6)

EPIC, Experts Urge Supreme Court: Protect Identity Management Techniques
EPIC filed a "friend of the court" brief in the United States Supreme Court, urging the Justices to protect techniques that allow individuals to safeguard privacy. The brief was filed on behalf of 17 legal scholars and technical experts. In Flores-Figueroa v. United States, the Court will be asked to determine whether individuals who include identification numbers that are not theirs, but don’t intentionally impersonate others, can be subject to harsh criminal punishments for "identity theft." EPIC explained that the crime of identity theft should require an intent to impersonate another as Congress made clear in the federal laws under review. The brief urges the Court to not "set a precedent that might inadvertently render the use of privacy enhancing pseudonyms, anonymizers, and other techniques for identity management unlawful." For more information, see EPIC's Flores-Figueroa page.
(Dec. 22)

Coalition Letter to President-elect Obama on the Future of Privacy
Thirty Privacy Coalition members sent a letter to President-elect Barack Obama on the importance of protecting privacy in the next administration. The organizations support the incoming president’s expressed position on privacy, consumer rights, and civil liberties. President-elect Obama stated support for strengthening of privacy protection by harnessing the power of technology to hold government and businesses accountable for violations of personal privacy. The coalition said that “[t]here is a clear need to address the spiraling problems of identity theft, security breaches, and the commercialization of personal information.” For more information visit EPIC’s A-Z Privacy Page. (Dec. 19)

Change in Yahoo Search Retention Leaves Privacy Questions Unresolved
Yahoo announced that, after 90 days, it will obscure some elements in the records that it keeps about all Internet users who use the company's services. The search company will continue to keep modified record locators, time/date stamps, web pages viewed, and a persistent user identifier, known as a "cookie" for an indefinite period. Yahoo is also retaining much of the IP address, which typically identifies a user's device, such as a laptop or a mobile phone. Privacy rules classify IP addresses as "personal data." Experts have criticized the partial deletion of IP address data as insufficient to protect consumers, and called for complete deletion. For more information, see EPIC's Search Engine Privacy page. (Dec. 18)

Department of Homeland Security releases Fusion Center Privacy Impact Assessment
The Department of Homeland Security has released the Privacy Impact Assessment for the State, Local, and Regional Fusion Center Initiative. The assessment examines the privacy implications of the State, Local and Regional Fusion Centers and the DHS' State and Local Program Management Office. In May, EPIC prevailed in its freedom of information request to disclose documents describing the federal government's involvement in efforts to limit Virginia's transparency and privacy laws and uncovered a secret contract between the State Police and the FBI that limits the rights of Virginia citizens to learn what information the State Police collect about them. For more information, see EPIC's page on Information Fusion Centers and Privacy. (Dec. 17)

Supreme Court Backs State Consumer Protection Law Today, America's highest court affirmed the authority of states
to establish safeguards that provide stronger consumer protections than
federal laws. Cigarette companies challenged a Maine consumer
protection law that prohibits unfair or deceptive trade practices,
claiming that a weaker federal law "pre-empted" the Maine measure.
However, the Supreme Court upheld the state protections, holding that
the Maine law was not pre-empted by the Federal Cigarette Labeling and
Advertising Act or federal regulators' authority. Many states have
passed strong consumer privacy laws that private companies hope to
preempt with weaker federal laws. The decision also follows
President-elect Barack Obama's statement that "a single
courageous state may, if its citizens choose, serve as a laboratory."
Obama's statement echoes Supreme Court Justice Louis Brandeis, who
advocated for state lawmakers' broad freedom to create innovative
consumer protections as "laboratories of democracy." For more
information, see EPIC's "Privacy Preemption Watch" page. (Dec. 15)

International Human Rights Day - Privacy is a Fundamental Right. December 10, International Human Rights Day, commemorates the 1948 adoption of the Universal Declaration of Human Rights. Human Rights Day 2008 marks the start of a year-long commemoration of the 61st anniversary of the Declaration. The document is the foundation of international human rights law, the first universal statement on the basic principles of inalienable human rights, and a common standard of achievement for all peoples and all nations. Article 12 of the Declaration includes privacy as a fundamental human right. The EPIC Privacy Law Sourcebook contains the complete Universal Declaration of Human Rights. For more information, watch this video. (Dec. 10)

European Court Rules UK DNA Retention Illegal
Today, the European Court of Human Rights ruled that the world largest DNA database, based in the United Kingdom, violated Article 8 of the European Convention on Human Rights which protects the right to privacy. Privacy International filed an amicus brief in this case. The European court considered several issues including familial searching, social stigmatization, and the protection of children's rights. The court, sitting as a Grand Chamber, ruled that applicants who have not been convicted of a crime are presumed innocent and that retaining indefinitely their genetic samples, fingerprints and DNA profiles interfered with the right to respect for private life. For more information on DNA database laws, see EPIC's Genetic Privacy page. (Dec. 4)

EPIC Calls For Disclosure of Federal Domestic Surveillance Guidelines
Today, EPIC filed a Freedom of Information Act request to force disclosure of new guidelines governing domestic surveillance. The Attorney General's Guidelines for Domestic FBI Operations became effective today, despite warnings from Congressional leaders that "these guidelines would permit FBI surveillance of innocent Americans with no suspicion and on the basis of their race, religion or national origin." Administration officials failed to make public the final, complete policies, which govern the conduct of field operatives while performing domestic investigations. "The guidelines grant the FBI broad authority to conduct domestic surveillance of many individuals suspected of no crime. Therefore it is necessary that the legal authority is made available to the public," EPIC said. For more information, See EPIC Attorney General's Guidelines. (Dec. 1)

EPIC, Media, Civil Liberties and Immigration Groups
Urge NPR to Drop Promotion for E-Verify
In a letter to National Public Radio, EPIC, the ACLU, the National
Immigration Law Center and Free Press have urged the NPR Ombudsman to discontinue a promotion for the controversial "E-Verify" program. The ad is running as a result of underwriting support from the Department of Homeland Security, but NPR guidelines allow only identification and not promotion for underwriters. See EPIC "Spotlight on Surveillance: E-Verify System - DHS Changes Name, But Problems Remain for U.S. Workers." (Dec. 1)

Senator Leahy Presses Justice Department on Telephone Privacy
Senator Patrick Leahy has asked the Department of Justice to provide information about investigations and prosecutions under the federal law that prohibits viewing confidential phone records information, following reports that Verizon employees improperly accessed President-elect Obama's cell phone records. The employees were dismissed but no criminal investigation was pursued. In 2007, EPIC testified before Congress on fraudulent access to phone records and urged Congress to establish stronger safeguards. For more information, see EPIC's illegal sale of phone records page. (Nov. 25)

Court Upholds New Hampshire Prescription Privacy Law
Today, the First Circuit Court of Appeals upheld a New Hampshire law that bans the sale of prescriber-identifiable prescription drug data for marketing purposes. In August, EPIC and 16 experts in privacy and technology filed a "friend of the court" brief urging the federal appellate court to reverse a lower court ruling that delayed enforcement of the New Hampshire Prescription Confidentiality Act. The experts said the lower court should be reversed because there is a substantial privacy interest in patient data that the lower court failed to consider. The New Hampshire Attorney General also defended the law, calling pharmaceutical representatives "invisible intruder[s] in the physician's examination room." Data mining companies challenged the law, claiming that the privacy measure violated their free speech rights. For more information, see EPIC's IMS Health v. Ayotte page. (Nov. 18)

EPIC Complaint Leads to Halt of Stalker Spyware Distribution
Following an EPIC complaint, a federal court has ordered CyberSpy Software to stop selling malicious computer software. In March, EPIC filed a complaint with the Federal Trade Commission alleging that the spyware purveyor engages in unfair and deceptive practices by: (1) promoting illegal surveillance; (2) encouraging "Trojan Horse" email attacks; and (3) failing to warn customers of the legal dangers arising from misuse of the software. The federal regulators agreed, and asked the court for a permanent injunction barring sales of CyberSpy's "stalker spyware," over the counter surveillance technology sold for individuals to spy on other individuals. The court entered a temporary restraining order on November 6, 2008. Further litigation is expected before the court rules on the government's request for a permanent ban. For more information, see EPIC's Personal Surveillance Technologies page and Domestic Violence and Privacy page. (Nov. 17)

Google "Flu Trends" Raises Privacy Concerns
Google announced this week a new web tool that may make it possible to detect flu outbreaks before they might otherwise be reported. Google Flu Trends relies on individual search terms, such as "flu symptoms," provided by Internet users. Google has said that it will only reveal aggregate data, but there are no clear legal or technological privacy safeguards to prevent the disclosure of individual search histories concerning the flu, or related medical concerns, such as "AIDS symptoms," "ritalin," or "Paxil." Privacy and medical groups have urged Google to be more transparent and publish the algorithm on which Flu Trends data is based so that the public can determine whether the privacy safeguards are adequate. For more information, see EPIC's Google Flu Trends page. (Nov. 12)

In EPIC Case for Wiretap Memos, Federal Judge to Review Justice Department Documents
In EPIC v. DOJ, EPIC, the ACLU, and the National Security Archive are seeking government documents regarding the President's warrantless wiretapping program. Today, a federal court ordered the Department of Justice to provide for inspection copies of legal memos authored by government lawyers. The opinions, prepared by the Office of Legal Counsel, provided the legal basis for the President to wiretap US citizens in the United States without court approval. EPIC began the Freedom of Information Act lawsuit in December 2005, after the New York Times first reported the details of the wiretap program. For more information, see EPIC's EPIC v. DOJ page. (Oct. 31)