epic.org: June 2013 Archives

"Privacy in a Digital World"

Marc Rotenberg,
EPIC Executive Director

The Washington Post
Washington, DC
June 6, 2013

Posted by EPIC on June 6, 2013 5:20 PM | Permalink | TrackBacks (0)

"All Eyes on Privacy: Transparency in the New Economy"

Marc Rotenberg,
EPIC Executive Director

The National Journal / The Atlantic
Newseum
Washington, DC
June 13, 2013

Posted by EPIC on June 13, 2013 5:28 PM | Permalink | TrackBacks (0)

EPIC Submits Comments on the "Internet of Things"

EPIC has submitted comments to the Federal Trade Commission in advance of a workshop on the Internet of Things. The "Internet of Things" refers to the growing capacity of devices to communicate via the Internet. EPIC’s comments listed several privacy and security risks posed by the Internet of Things, such as the collection of data about sensitive behavior patterns and an increase in the power imbalance between consumers and service providers. EPIC then made several recommendations, such as requiring companies to adopt Privacy Enhancing Techniques, respect a consumer’s choice not to tracked, profiled, or monitored, minimize data collection, and ensure transparency in both design and operation of Internet-connected devices. For more information see EPIC: Federal Trade Commission.

Tags:

Posted by EPIC on June 3, 2013 10:57 AM | Permalink | TrackBacks (0)

Google Bans Facial Recognition Glass Apps

Google announced that it will not approve any facial recognition apps for Google Glass, pending the development of privacy safeguards. "[W]e won't add facial recognition features to our products without having strong privacy protections in place," the company said in a blog post. In comments on facial recognition to the Federal Trade Commission last year, EPIC recommended that the Federal Trade Commission enforce Fair Information Practices against commercial actors when collecting, using, or storing facial recognition data. "In the absence of guidelines and legal standards, EPIC recommends a moratorium on the commercial deployment of facial recognition techniques," EPIC wrote to the FTC in early 2012. For more information, see EPIC: Facial Recognition and EPIC: Federal Trade Commission.

Tags:

Posted by EPIC on June 3, 2013 11:00 AM | Permalink | TrackBacks (0)

Supreme Court Rules Against DNA Privacy

A deeply divided Supreme Court ruled Monday that law enforcement may warrantlessly collect DNA samples from people arrested, but not yet convicted, of crimes. In Maryland v. King, the Court held that when the police have probable cause to arrest someone, the collection of DNA is analogous to fingerprinting or photographing. The decision was 5-4. Writing in dissent, Justice Scalia, joined by Justice Ginsburg, Kagan, and Sotomayor, stated "Make no mistake about it: . . . your DNA can be taken and entered into a national database if you are ever arrested, rightly or wrongly, and for whatever reason." EPIC wrote a "friend of the court" brief arguing against warrantless DNA searches. EPIC's brief described the rapid expansion of DNA collection in the United States and the lack of sufficient safeguards for private genetic information. For more information, see EPIC: Maryland v. King and EPIC: Genetic Privacy.

Tags:

Posted by EPIC on June 3, 2013 3:42 PM | Permalink | TrackBacks (0)

"A Privacy Agenda for 2013"

Marc Rotenberg,
EPIC Executive Director

Health Privacy Summit
Georgetown University Law Center
Washington, DC
June 5, 2013

Posted by EPIC on June 5, 2013 10:15 AM | Permalink | TrackBacks (0)

"Privacy in a Digital World"

Marc Rotenberg,
EPIC Executive Director

Washington Post Forum
Washington, DC
June 11, 2013

(Register)

Posted by EPIC on June 11, 2013 10:17 AM | Permalink | TrackBacks (0)

Sweeping NSA Domestic Surveillance Order Approved Without Any Ties to Foreign Intelligence Collection

An unprecedented order from the Foreign Intelligence Surveillance Court indicates that the FBI and the NSA obtained vast amounts of data on Verizon customers without any ties to a foreign intelligence investigation. Last year, in testimony for the House Judiciary Committee, EPIC urged Congress not to renew the Foreign Intelligence Surveillance Act without first establishing appropriate oversight mechanisms. EPIC warned "there is simply too little known about the operation of the FISA today to determine whether it is effective and whether the privacy interests of Americans are adequately protected." For more information, see EPIC: Foreign Intelligence Surveillance Act, EPIC: Clapper v. Amnesty Int'l, and EPIC: USA Patriot Act.

Tags:

Posted by EPIC on June 6, 2013 1:37 PM | Permalink | TrackBacks (0)

EPIC to Congress: 'NSA Domestic Surveillance Program is Unlawful'

EPIC has sent a letter to Congress charging that the National Security Agency's demand for domestic telephone records is unlawful. EPIC stated, "The Foreign Intelligence Surveillance Court ordered an American telephone company to disclose to the NSA records of wholly domestic communications. The FISC lacks the legal authority to grant this order." EPIC's letter calls on Congress to conduct hearings and determine whether the specialized court, charged with overseeing the collection of foreign intelligence, may also authorize surveillance of solely domestic communications. For more information, see EPIC: Foreign Intelligence Surveillance Act, EPIC: Clapper v. Amnesty Int'l, and EPIC: USA Patriot Act.

Tags:

Posted by Julia Horwitz on June 7, 2013 12:10 PM | Permalink

Congress Begins Investigation of NSA Domestic Surveillance Program

Following the revelation of that the National Security Agency is monitoring domestic communications, members of Congress are initiating new oversight proceedings. The Senate Intelligence Committee will review the program's legal authority. Members of the House Judiciary Committee wrote to President Obama, saying, "We believe this type of program is far too broad and inconsistent with our nation's founding principles." During a hearing of the Senate Appropriations Committee, Sen. Mark Kirk (R-IL)asked Attorney General Eric Holder whether the NSA has spied on members of Congress. EPIC has sent a letter to leaders in Congresscalling for an investigation into the NSA's activities, and alleging that the FISC's authorization of the Verizon search was unlawful. For more information, see EPIC: Foreign Intelligence Surveillance Act, EPIC: Clapper v. Amnesty Int'l, and EPIC: USA Patriot Act.

Tags:

Posted by Jeramie D. Scott on June 7, 2013 1:02 PM | Permalink | TrackBacks (0)

EPIC Seeks Legal Justification for NSA Domestic Surveillance Program

EPIC has filed a Freedom of Information Act request with the Department of Justice, seeking the agency's justification for the NSA domestic surveillance program. The Department of Justice authorized a request for "all call detail records or 'telephony metadata' created by Verizon for communications . . . (ii) wholly within the United States, including local telephone calls." By statute, the scope of the Foreign Intelligence Surveillance Court is limited to investigations concerning the collection of foreign intelligence. The Department of Justice and the President have been acknowledged that the Department conveyed information about the program to Congress. EPIC has asked Congress to determine whether the special court exceeded its authority when it compelled Verizon to turn over the records of millions of telephone customers. For more information, see EPIC: Foreign Intelligence Surveillance Act, EPIC: Clapper v. Amnesty Int'l, and EPIC: USA Patriot Act.

Tags:

Posted by Jeramie D. Scott on June 7, 2013 5:07 PM | Permalink | TrackBacks (0)

Classified NSA Cybersecurity Directive Sought by EPIC Establishes NSA Cyberattack Authority

Presidential Policy Directive 20 orders the creation of potential targets for Offensive Cyber Effects Operations by the NSA. According to the classified document, the "Government shall identify potential targets of national importance where [cyberattacks] can offer a favorable balance of effectiveness and risk . . ." The Directive was signed last October and EPIC immediately filed a Freedom of Information request seeking public release of the policy as it implicates the privacy of domestic communications. The NSA refused to release the Directive. The White House released a summary of the Directive, but failed to disclose information about the NSA's proposed cyberattacks. PPD-20 was made available to the public in a post to the Guardian by Glenn Greenwald. For more information, see EPIC: Presidential Directives and Cybersecurity, EPIC: EPIC v. NSA - Cybersecurity Authority and EPIC: Cybersecurity Privacy Practical Implications.

Tags:

Posted by EPIC on June 8, 2013 4:32 PM | Permalink | TrackBacks (0)

EPIC Urges Federal Health Agency to Safeguard Mental Health Records

In comments to the Department of Health and Human Services, EPIC underscored the importance of medical privacy, particularly concerning mental illness. In response to President Obama's plan to reduce gun violence, the federal agency is considering allowing states to report certain mental illness information to the FBI for inclusion in National Instant Criminal Background Check System. EPIC warned that the proposal could result in incorrect determinations and may also discourage people from receiving medical care. EPIC recommended that the federal agency: (1) require that states be held accountable for disclosing excess medical information; (2) requires that states notify the FBI of incorrect or outdated mental illness record; and (3) encourage states to maintain mental health record accuracy. For more information, see EPIC: Medical Privacy and EPIC: Gun Owners' Privacy .

Tags:

Posted by EPIC on June 11, 2013 4:21 PM | Permalink | TrackBacks (0)

Senators Push For Release of Foreign Intelligence Surveillance Court Orders

A bipartisan group of senators, led by Senator Jeff Merkley (D-OR) and Senator Mike Lee (R-UT), has proposed a bill that would declassify the opinions of the Foreign Intelligence Surveillance Court. In 2012 testimony before the House Judiciary Committee, EPIC recommended the publication of Foreign Intelligence Surveillance Court Opinions prior to the renewal of the FISA Amendments Act. Last week, EPIC charged the Foreign Intelligence Surveillance Court with acting outside of its authority. In a letter to Congress, EPIC stated, "The Foreign Intelligence Surveillance Court ordered an American telephone company to disclose to the NSA records of wholly domestic communications. The FISC lacks the legal authority to grant this order." EPIC asked Congress to conduct hearings and determine whether the specialized court, charged with overseeing the collection of foreign intelligence, may also authorize surveillance of solely domestic communications. EPIC has also filed Freedom of Information Act request a with the Department of Justice, seeking the agency's justification for the NSA domestic surveillance program. For more information, see EPIC: Foreign Intelligence Surveillance Act, EPIC: Clapper v. Amnesty, and EPIC: USA Patriot Act.

Tags:

Posted by EPIC on June 12, 2013 12:28 PM | Permalink | TrackBacks (0)

EPIC Calls on FCC to Investigate Unlawful Disclosure of Consumer Phone Records

In a letter to Federal Communications Commission Chairwoman Mignon Clyburn, EPIC urged the FCC to determine whether Verizon violated the Communications Act when it released consumer call detail information to the National Security Agency. In response to an unprecedented Foreign Intelligence Surveillance Court order which focused on solely domestic communications, Verizon released telephone customer information to the NSA, including telephone numbers and time and call duration. Congress explicitly charged the Commission with investigating unauthorized disclosures of consumer call detail information. EPIC's letter stated that Verizon violated legal protections for consumer phone records when it disclosed consumer information in response to a facially invalid order. For more information, see EPIC: Foreign Intelligence Surveillance Act, EPIC: Clapper v. Amnesty Int'l, and EPIC: USA Patriot Act.

Tags:

Posted by EPIC on June 12, 2013 1:01 PM | Permalink | TrackBacks (0)

European Commissioner Asks Attorney General to Explain US Spying

European Justice Commissioner Viviane Reding has demanded that U.S. Attorney General Eric Holder explain the scope of US data collection about EU citizens. "Direct access of US law enforcement to the data of EU citizens on servers of US companies should be excluded unless in clearly defined, exceptional and judicially reviewable situations," the Commissioner wrote. The Commissioner's request is similar to that made by other European officials, such as German Justice Minister Sabine Leutheusser-Schnarrenberger, who also stated that "all facts must be put on the table." Recent reports indicate that United States lobbied the European Commission to weaken a comprehensive data protection law now pending in the European Parliament. Earlier this year, EPIC joined a coalition of leading US consumer and civil liberties organizations that expressed concern about the role of US officials in the development of European privacy law. The letter stated that "without exception," members of the European Parliament reported that the US government was "mounting an unprecedented lobbying campaign to limit the protections that European law would provide." For more information, see EPIC: EU Data Protection Regulation.

Tags:

Posted by EPIC on June 13, 2013 5:35 PM | Permalink | TrackBacks (0)

EPIC, Bamford, Diffie, Schneier Call for Suspension of NSA Domestic Surveillance Program Pending Public Comment

EPIC, joined by leading privacy experts including James Bamford, Whitfield Diffie, and Bruce Schneier, has petitioned the National Security Agency to suspend its domestic surveillance program pending public comment. EPIC's petition states "NSA's collection of domestic communications contravenes the First and Fourth Amendments to the United States Constitution, and violates several federal privacy laws, including the Privacy Act of 1974, and the Foreign Intelligence Surveillance Act of 1978 as amended." EPIC's petition further states that NSA’s domestic surveillance "substantively affects the public to a degree sufficient to implicate the policy interests" that require public comment, and that "NSA's collection of domestic communications absent the opportunity for public comment is unlawful." EPIC intends to renew its request each week until the NSA responds. For more information and to join EPIC’s petition, see: EPIC: NSA Petition.

Tags:

NSA
privacy

Posted by EPIC on June 17, 2013 9:20 AM | Permalink | TrackBacks (0)

Supreme Court Upholds Privacy of Driver Records

The Supreme Court ruled on Monday that attorneys cannot use DMV records to solicit clients. In Maracich v. Spears, the Court ruled that solicitation is not a permissible use of state motor vehicle records under the Driver's Privacy Protection Act. State DMV records contain a huge amount of sensitive personal information, including Social Security Numbers and medical information. EPIC filed a "friend of the court" brief discussing the wide range of personal information contained in DMV records and the risks of identity theft. For more information, see EPIC: Maracich v. Spears and EPIC: Driver's Privacy Protection Act.

Tags:

Posted by EPIC on June 17, 2013 11:08 AM | Permalink | TrackBacks (0)

FBI Performs Massive Virtual Line-up by Searching DMV Photos

Through a Freedom of Information Act request, EPIC obtained a number of agreements between the FBI and state DMVs. The agreements allow the FBI to use facial recognition to compare subjects of FBI investigations with the millions of license and identification photos retained by participating state DMVs. EPIC also obtained the Standard Operating Procedure for the program and a Privacy Threshold Analysis that indicated that a Privacy Impact Assessment must be performed, but it is not clear whether one has been completed. EPIC is currently suing the FBI to learn more about its development of a vast biometric identification database. For more information, see EPIC: Face Recognition and EPIC: Biometric Identifiers.

Tags:

Posted by EPIC on June 17, 2013 5:25 PM | Permalink | TrackBacks (0)

EPIC Joins Coalition to Demand a Congressional Investigation into NSA Surveillance

Today, EPIC joined a coalition of over 100 civil liberties organizations and Internet companies to demand that Congress initiate a full-scale investigation into the National Security Agency's surveillance programs. In the letter sent to Congress this morning, the coalition emphasized the need for public transparency and an end to dragnet surveillance: "This type of blanket data collection by the government strikes at bedrock American values of freedom and privacy." EPIC is also leading a petition to the NSA to suspend its program of collecting information on all individuals in the United States. EPIC intends to renew its request to the Agency every week until the NSA responds. For more information see EPIC: NSA Petition.

Tags:

Posted by EPIC on June 19, 2013 11:10 AM | Permalink | TrackBacks (0)

Privacy Officials Seek Answers on Google Glass

Over thirty privacy officials, including the Privacy Commissioner of Canada and the Chairman of the Article 29 Working Party, have written to Google demanding information on Google Glass. "[W]e would strongly urge Google to engage in a real dialogue with data protection authorities about Glass," they wrote, and listed eight specific questions, including how Glass complies with privacy laws and how Google intends to use the information collected by Glass. Recently, members of the Bi-Partisan Privacy Caucus wrote to Google with similar questions about Glass. Following the letter, Google announced that it would not approve any facial recognition apps for Glass. For more information, see EPIC: Google Glass.

Tags:

Posted by EPIC on June 19, 2013 3:02 PM | Permalink | TrackBacks (0)

European Privacy Authorities Give Google 3 Months to Comply with Law

European data protection authorities have ordered Google to comply with data protection law or face fines. The French Data Protection Authority, which led the investigation into Google's consolidation of user data, said that "Google has not implemented any significant compliance measures" and gave the company three months to comply with its requirements. The decision follows an investigation triggered by the collapse of the Google privacy policy in March 2012, which allowed the company to combine user data across 60 Internet services to create detailed profiles on Internet users. Last year, EPIC sued the Federal Trade Commission to force the FTC to enforce the terms of a settlement with Google that would have prohibited Google’s changes in business practices. Google's consolidation also prompted objections from state attorneys general, members of Congress, and IT managers in the government and private sectors. For more information, see EPIC: Google Buzz and EPIC: Enforcement of Google Consent Order.

Tags:

Posted by EPIC on June 20, 2013 4:02 PM | Permalink | TrackBacks (0)

EPIC Recommends Privacy Protections for Natural Disaster Survivors

In comments to the National Institutes of Health, an agency component of Health and Human Services, EPIC urged the agency to safeguard personally identifiable information following natural disasters. The agency proposes to use the PEOPLE LOCATOR system and related mobile app ReUnite™ to reunite "family and friends who are separated during a disaster." The PEOPLE LOCATOR system allows third parties to enter highly sensitive information about each missing or located individual, which in turn is accessed by the public. The system stores disaster survivor information including name, location, date of birth, race, religion, health status, address, and photographs. EPIC recommended that the agency: (1) limit its data collection to relevant information, (2) protect the security of the system by implementing data access control and establishing data quality standards; (3) define a record retention and disposal schedule; and (4) establish guidelines, which adhere to the Fair Information Practices, for disclosures to third parties like Google. For more information, see EPIC: Locational Privacy.

Tags:

Posted by EPIC on June 20, 2013 5:36 PM | Permalink | TrackBacks (0)

Location Tracking

Alan Butler,
EPIC Appellate Advocacy Counsel

Computers, Freedom, and Privacy Conference 2013
Washinton, D.C.
June 25, 2013

Posted by EPIC on June 25, 2013 5:58 PM | Permalink | TrackBacks (0)

EPIC Opposes DHS Biometric Collection

EPIC has submitted comments to the Department of Homeland Security, staunchly opposing the agency's border biometric collection, facilitated through the Office of Biometric Identity Management program. Since at least 2004, DHS has collected fingerprint and facial photos from individuals entering the United States. DHS then disseminates this information to DHS agency components, other federal agencies, and "federal, state, and local law enforcement agencies," and the "federal intelligence community." Currently, at least 30,000 individuals from federal, state, and local governments access the data contained obtained by DHS's biometric collection program. DHS shares this biometric data with foreign governments, including Canada, Australia, and the United Kingdom. In its comments, EPIC urged the agency to cease collecting biometric information without proper privacy safeguards in place. Should the agency continue to collect this sensitive information, EPIC recommends that DHS: (1) impose strict information security safeguards on its biometric information collection and limit its dissemination of biometric information; (2) conduct a comprehensive privacy impact assessment on the biometric collection program; (3) grant individuals Privacy Act rights before collecting additional biometric information; and (4) adhere to international privacy standards. For more information, see EPIC: US-VISIT and EPIC: Biometric Identifiers.

Tags:

Posted by EPIC on June 21, 2013 10:26 AM | Permalink | TrackBacks (0)

NSA Targeting and Minimization Procedures Released

The Guardian has posted the procedures used by the National Security Agency to target non-US citizens under the Foreign Intelligence Surveillance Act, as well as the minimization procedure for information collected about US citizens. The documents indicate that "[a] person whose location is not known will be presumed to be a non-United States person," and that the NSA maintains databases of the telephone numbers, email accounts, and other identifiers of US citizens. EPIC recently petitioned the NSA to suspend its domestic surveillance pending public comment. Last year, in testimony for the House Judiciary Committee, EPIC urged Congress not to reauthorize the FISA Amendments Act until adequate oversight procedures were in place. For more information, see EPIC: Foreign Intelligence Surveillance Act and EPIC: NSA Petition.

Tags:

Posted by EPIC on June 21, 2013 10:37 AM | Permalink | TrackBacks (0)

Twitter Activism: What the Success of #PrivChat Can Teach You

Amie Stepanovich,
Director, EPIC Domestic Surveillance Project

Computers, Freedom, and Privacy Conference 2013
Washington, D.C.
June 25, 2013

Posted by EPIC on June 25, 2013 11:11 AM | Permalink | TrackBacks (0)

Homegrown Drones

Amie Stepanovich,
Director, EPIC Domestic Surveillance Project

Computers, Freedom, and Privacy Conference 2013
Washington, D.C.
June 26, 2013

Posted by EPIC on June 26, 2013 11:13 AM | Permalink | TrackBacks (0)

Senator Rand Paul Seeks Answers About FBI's Domestic Drone Use

Senator Rand Paul issued a letter to FBI Director Robert Mueller seeking answers about the FBI's domestic use of drones. In a Senate Judiciary Committee hearing on FBI oversight, Director Mueller admitted that the FBI uses drones for domestic surveillance. Mueller also stated there were no guidelines in place to regulate the FBIs use of drones and protect the privacy of Americans. EPIC petitioned the Federal Aviation Administration last year to conduct a public rulemaking to address the threat to privacy and civil liberties the domestic use of drones pose. EPIC also petitioned the Bureau of Customs and Border Protection this year to establish privacy regulations for its use of drones. For more information, see EPIC: Domestic Unmanned Aerial Vehicles (UAVs) and Drones.

Tags:

Posted by EPIC on June 21, 2013 12:26 PM | Permalink | TrackBacks (0)

Senator Leahy Introduces Legislation to Limit NSA Domestic Surveillance

Senator Patrick Leahy (D-VT), joined by several other Senators, has introduced a bill that will amend certain provisions of the USA PATRIOT ACT and the FISA Amendments Act to address recent revelations about domestic surveillance by the National Security Agency. The provisions of the bill will increase the threshold for the NSA to obtain domestic metadata and require court-approved minimization procedures. In addition, the bill will move up expiration dates on surveillance authorities to June 2015. In a statement, Senator Leahy said, "these are all commonsense, practical improvement that will ensure that the broad and powerful surveillance tools being used by the Government are subject to appropriate limitations, transparency, and oversight." EPIC recommended similar proposals in testimony last year before the House Judiciary Committee. For more information, see EPIC: Foreign Intelligence Surveillance Act and EPIC: NSA Petition.

Tags:

Posted by EPIC on June 25, 2013 9:31 AM | Permalink | TrackBacks (0)

EPIC Urges Federal Government to Stop Virtual Strip Searches in US Airports

EPIC has submitted extensive comments opposing the TSA's decision to deploy body scanners in US airports. The D.C. Circuit Court of Appeals forced TSA to accept public comment on the controversial screening program following EPIC's lawsuit in EPIC v. DHS. In that case, EPIC successfully challenged the TSA's unlawful deployment of the body scanners which rendered images of air travelers stripped naked. More than 5,000 comments were submitted by the public, many on behalf of organizations and associations, and almost all opposed the agency's decision. EPIC's comments described the lack of adequate privacy safeguards for the backscatter x-ray scanners, the ineffectiveness of the devices, and the potential health risks to travelers. EPIC urged the agency to end the body scanner program and instead use noninvasive walk through metal detector and explosive trace detection devices. The agency has already removed hundreds of backscatter devices from US airports. EPIC brought the lawsuit after earlier EPIC FOIA lawsuits uncovered documents that revealed the devices were capable of storing and recording images of naked air travelers. For more information, see EPIC: Comment on the TSA Nude Body Scanner Proposal.

Tags:

Posted by EPIC on June 25, 2013 3:09 PM | Permalink | TrackBacks (0)

EPIC FOIA Document Reveals CIA Collaboration in Domestic Surveillance

According to a Central Intelligence Agency Inspector General's report obtained by EPIC under the Freedom of Information Act, the CIA collaborated with the New York Police Department in domestic surveillance efforts. The CIA is prohibited from participating in domestic surveillance, but the report finds that the agency had embedded four officers within the NYPD over the past decade and that collaboration with the NYPD was fraught with "irregular personnel practices," that it lacked "formal documentation in some important instances," and that "there was inadequate direction and control" by agency supervisors. The Inspector General's Report was prepared in response to an investigation by the Associated Press which showed that the NYPD and the CIA had collaborated on a program of domestic surveillance targeting Muslims and persons of Arab descent. The CIA originally claimed that there was "no evidence that any part of the agency's support to the NYPD constituted 'domestic spying,'" a statement that is contradicted by the Inspector General's Report obtained by EPIC. A front-page story in the New York Times discusses the findings in more detail. The case is EPIC v. CIA, Case No. 12-02053 (D.D.C. filed Dec. 20, 2012). For more information see: EPIC: EPIC v. CIA - Domestic Surveillance and EPIC: Open Government.

Tags:

Posted by EPIC on June 27, 2013 9:25 AM | Permalink | TrackBacks (0)

EPIC, Coalition Endorse "Washington Statement," Support Data Protection

EPIC has joined a coalition of civil society groups in support of the Washington Statement - a declaration in support of strong international standards for privacy protection. The Washington Statement was released in conjunction with the annual Computers, Freedom, and Privacy conference held in Washington, DC. The conference brought together activists and representatives of government, civil society, and academia. The Statement provides, "privacy is a basic human right set out in Articles 17 and 19 of the International Covenant on Civil and Political Rights and Article 12 of the Universal Declaration of Human Rights." The signers call on US policymakers to end unlawful surveillance of Internet communications, and urge EU policymakers to move forward with an updated legal framework for data protection. For more information, see Madrid Privacy Declaration and EPIC: the Public Voice.

Tags:

privacy

Posted by EPIC on June 27, 2013 6:05 PM | Permalink | TrackBacks (0)

EU Officials Recommend Do Not Track by Default

The International Working Group on Data Protection released a white paper on online behavioral advertising. The group of leading privacy experts from around the world noted that web tracking allows companies to "monitor every single aspect of the behavior of an identified user across websites." The Working Group also observed that the current efforts of the W3C to develop a DNT track standard could "remain a sugar pill instead of being a proper cure and would such be useless." The Working Group recommended "the default setting should be such that the user is not tracked" and that there be no invisible tracking of users. Senator Rockefeller, the Commerce Committee Chairman, has introduced legislation to regulate the commercial surveillance of consumers online. For more information, see EPIC: Online Tracking and Behavioral Advertising and EPIC: Federal Trade Commission.

Tags:

Posted by EPIC on June 28, 2013 3:03 PM | Permalink | TrackBacks (0)

FCC Updates Privacy Rules for Mobile Devices, EPIC Provided Comments

The Federal Communications Commission has ruled telecommunications carriers must follow the safeguards for Consumer Proprietary Network Information for information stored on mobile devices. "When a telecommunications carrier collects CPNI using its control of its customers' mobile devices, and the carrier or its designee has access to or control over the information, the carrier is responsible for safeguarding that information," the Commission wrote. Chairwomen Clyburn wrote that "[p]rotecting consumer privacy is a key component of our mission to serve the public interest," while Commissioner Rosenworcel urged the Commission to take note of the growing "market incentives to keep our data and slice and dice it to inform commercial activity." EPIC participated in the agency review and filed comments urging the Commission to require mobile carriers to implement fair information practices and to adopt techniques for encryption. EPIC has also asked the FCC to investigate Verizon for unlawfully disclosing the telephone records of millions of Americans in response to an invalid order from the Foreign Intelligence Surveillance Court. For more information, see EPIC: Customer Proprietary Network Information.

Tags:

CPNI
privacy

Posted by EPIC on June 28, 2013 4:51 PM | Permalink | TrackBacks (0)

Federal and State Wiretaps Up 24%, Primary Target Mobile Devices According to 2012 Report

The Administrative Office of the United States Courts has issued the the 2012 Wiretap Report. The annual report, provides comprehensive data on all federal and state wiretap applications, including the types of crimes investigated, as well as the costs involved and whether arrests or convictions resulted. In contrast, the annual report from the Foreign Intelligence Surveillance Court provides almost no information about a surveillance authority that is routinely directed toward the American public. According to the 2012 Wiretap Report, 3,395 intercept orders were issued in 2012. Of these orders, 3,292 (97%) targeted "portable devices" and 7 were "roving" taps to target individuals using multiple devices. The vast majority (87%) of wiretaps were issued in narcotics investigations, though some involved multiple offenses. In 2012, installed wiretaps were in operation for an average of 39 days, 3 days below the average in 2011. Encryption was reported for 15 wiretaps in 2012 and for 7 wiretaps conducted during previous years. In four of these wiretaps, officials were unable to decipher the plain text of the messages. This is the first time that jurisdictions have reported that encryption prevented officials from obtaining the plain text of the communications since the Administrative Office began collecting encryption data in 2001.There were 3,743 arrests related to these intercepts, which resulted in 455 (12%) convictions. EPIC maintains a comprehensive index of the annual wiretap reports and FISA reports. For more information, see EPIC: Title III Wiretap Orders - Stats, EPIC: Wiretapping, and EPIC: Foreign Intelligence Surveillance Act.

Tags:

Posted by EPIC on June 28, 2013 5:31 PM | Permalink | TrackBacks (0)

EPIC Renews Call for Suspension of NSA Domestic Surveillance Program

Almost 2,000 members of the public have joined EPIC's petition to the National Security Agency, urging the suspension of the NSA domestic surveillance program pending public comment. EPIC, joined by leading privacy experts including James Bamford, Whitfield Diffie, and Bruce Schneier, first petitioned the agency on June 17, 2013. EPIC's petition states "NSA's collection of domestic communications contravenes the First and Fourth Amendments to the United States Constitution, and violates several federal privacy laws, including the Privacy Act of 1974, and the Foreign Intelligence Surveillance Act of 1978 as amended." EPIC's petition further states that NSA's domestic surveillance "substantively affects the public to a degree sufficient to implicate the policy interests" that require public comment, and that "NSA's collection of domestic communications absent the opportunity for public comment is unlawful." EPIC intends to renew its request each week until the NSA responds. For more information and to join EPIC’s petition, see EPIC: NSA Petition.

Tags:

NSA
privacy

Posted by EPIC on June 28, 2013 6:26 PM | Permalink | TrackBacks (0)