« October 2013 | Main | December 2013 »

November 2013 Archives

November 8, 2013

Keynote: 2013 Annual Dinner Celebration

Keynote: 2013 Annual Dinner Celebration

Amie Stepanovich,
Director, EPIC Domestic Surveillance Project

American Civil Liberties Union of Rhode Island
Providence, RI
November 8, 2013

Posted by EPIC on November 8, 2013 3:35 PM | | TrackBacks (0)

November 14, 2013

CATO Institute Capitol Hill Briefing: Mission Creep at the TSA and the Case for Privatization

CATO Institute Capitol Hill Briefing: Mission Creep at the TSA and the Case for Privatization

Khaliah Barnes,
EPIC Administrative Law Counsel

121 Cannon House Office Building
Washington, DC
November 14, 2013

Tags:

Posted by EPIC on November 14, 2013 5:09 PM | | TrackBacks (0)

November 8, 2013

The Year in Government Information: NSA Surveillance, Bin Laden Photos, White House Logs and More

The Year in Government Information: NSA Surveillance, Bin Laden Photos, White House Logs and More

Alan Butler,
EPIC Appellate Advocacy Counsel

ABA Administrative Law Conference
Washington, D.C.
November 8, 2013

Tags:

Posted by EPIC on November 8, 2013 5:55 PM | | TrackBacks (0)

November 6, 2013

In re EPIC: The Challenge to the NSA Telephone Record Collection Program

"In re EPIC: The Challenge to the NSA Telephone Record Collection Program"

Marc Rotenberg,
EPIC President

Stanford Center for Internet and Society
Stanford Law and Technology Association
Stanford Law School
Palo Alto, CA
November 6, 2013

Posted by EPIC on November 6, 2013 10:53 AM | | TrackBacks (0)

November 8, 2013

"Does the U.S. have the balance between American civil liberties and its surveillance practices correct?"

Marc Rotenberg,
EPIC President

Council on Foreign Relations
New York, New York
November 8, 2013

Posted by EPIC on November 8, 2013 12:38 PM | | TrackBacks (0)

November 1, 2013

EPIC Obtains Information About Government-Corporate Cybersecurity Practices

As a result of a Freedom of Information Act lawsuit against the Department of Homeland Security, EPIC has obtained documents which reveal that the Department of Defense required companies to disclose information about Internet traffic on private networks. These documents contradict Homeland Security’s assertions that companies participating in a DOD pilot project would not be compelled to transmit information to federal agencies. The documents obtained by EPIC under the FOIA also indicate that the National Security Agency, a branch of the Department of Defense, is engaging in offensive cybersecurity measures. A statement to the Senate, EPIC warned that the National Security Agency has become a "black box" for public information about cybersecurity. For more information, see EPIC v. DHS: Defense Contractor Monitoring.

Tags:

Posted by EPIC on November 1, 2013 1:49 PM | | TrackBacks (0)

NIST Releases Cybersecurity Framework, Silent on NSA's Role

The National Institute for Standards and Technologies has released the Preliminary Cybersecurity Framework. Earlier this year, President Obama directed NIST to develop a Framework for Cybersecurity. In Executive Order 13636, the President said the NIST Framework should protect individual privacy and civil liberties. EPIC submitted comments to the NIST supporting the protections for civil liberties, recommending separate treatment for computer crimes and "cyberterrorism" and official acknowledgement of the 1992 OECD Security Guidelines. In September 2013, the Guardian, the New York Times, and ProPublica reported that the National Security Agency directed NIST to reduce a key security standard. NIST has not commented on any involvement that NSA had in the development of the Framework. For more information see EPIC: Cybersecurity Privacy Practical Implications.

Tags:

Posted by EPIC on November 1, 2013 2:35 PM | | TrackBacks (0)

EPIC FOIA - EPIC Uncovers Information About Debt Collector Practices from Education Dept.

Pursuant to a Freedom of Information Act lawsuit against the Education Department, EPIC has obtained documents which reveal that many private debt collection agencies maintain incomplete and insufficient quality control reports. As government contractors, debt collectors are required to follow the Privacy Act, a federal law that protects personal information. The Education Department also requires student debt collectors to submit quality control reports indicating whether the companies maintain accurate student loan information. The documents obtained by EPIC in this FOIA lawsuit reveal that many companies provide small sample sizes to conceal possible violations of the Act. The documents also show that many companies do not submit required information about Privacy Act compliance to the Education Department. EPIC has recently settled the case and obtained attorneys fees for making this information available to the public. For more information, see EPIC v. Education Department - Private Debt Collector Privacy Act Compliance.

Tags:

Posted by EPIC on November 1, 2013 6:12 PM | | TrackBacks (0)

November 4, 2013

Supreme Court Lets Stand Contested Facebook Settlement, But Chief Justice Cautions About Future Cases

The Supreme Court has denied a petition for review in Marek v. Lane, a decision upholding the class action settlement of Facebook’s controversial "Beacon" Program. The settlement provided substantial fees to attorneys, no benefits to class members, and established a funding entity, controlled in part by Facebook "Cy press" ("as near as possible") is a legal doctrine that allows courts to allocate funds to protect the interests of individuals when there is a class action settlement, but concerns have been raised about the misuse of cy pres procedures. Chief Justice Roberts, focusing on the "unusual" allocation of funds in the Facebook matter, suggested that the Supreme Court would eventually need to address "fundamental concerns surrounding the use of such remedies in class action litigation" including "how to assess its fairness as a general matter; whether new entities may be established as part of such relief; if not, how existing entities should be selected; what the respective roles of the judge and parties are in shaping a cy pres remedy; [and] how closely the goals of any enlisted organization must correspond to the interests of the class." EPIC and other consumer privacy organizations have routinely raised similar concerns about abuse of the class action process. For more information, see EPIC: Fraley v. Facebook, EPIC: Lane v. Facebook, and EPIC: In re: Google Buzz.

Tags:

Posted by EPIC on November 4, 2013 4:17 PM | | TrackBacks (0)

November 8, 2013

Oversight Board Adopts EPIC's Recommendations in New FOIA Rule

In response to extensive comments submitted by EPIC, the Privacy and Civil Liberties Oversight Board has issued a final rule that will govern its Freedom of Information Act, Privacy Act, and Sunshine Act practices. The Board's initial draft of the rule allowed the agency to encourage other agencies to classify information, reserved the Board's right to terminate public participation in Board meetings "at any time for any reason," and contained vague, broad definitions that would permit the oversight agency to withhold information and delay document production. In response, EPIC proposed new language for inclusion in the final rule. The Board adopted nearly all of EPIC's proposed changes. EPIC routinely comments on agency proposals that impact the rights of FOIA requesters. For example, EPIC submitted extensive comments to the Defense Logistics Agency of the Department of Defense, warning the agency not to erect new obstacles for FOIA requesters. For more information, see EPIC: APA Comments and EPIC: Open Government.

Tags:

Posted by EPIC on November 8, 2013 2:03 PM | | TrackBacks (0)

November 11, 2013

FAA Releases Drone Roadmap, Privacy Not Required for Test Sites

In a press release, the Federal Aviation Administration announced the "roadmap" for the integration of drones into domestic airspace. After considering numerous public comments on the privacy impact of aerial drones, the FAA proposed a regulation that requires test site operators to develop privacy policies but does not require any specific baseline privacy protections. The FAA rulemaking came about in response to an extensive petition submitted by EPIC, broadly supported by civil liberties organizations and the general public. EPIC urged the agency to require adherence to the Fair Information Practices, disclosure of data collection and minimization practices, and independent audits. For more information, see EPIC: Domestic Unmanned Aerial Vehicles (UAVs) and Drones.

Tags:

Posted by EPIC on November 11, 2013 11:18 PM | | TrackBacks (0)

November 8, 2013

"In re EPIC: The Challenge to the NSA Telephone Record Collection Program"

Marc Rotenberg,
EPIC President

New York University Law School
New York, NY
November 8, 2013

Posted by EPIC on November 8, 2013 10:39 AM | | TrackBacks (0)

November 14, 2013

"When Worlds Collide: Technology, Privacy, and Security"

Marc Rotenberg,
EPIC President

Appellate Judges Education Institute
10th Annual Summit
San Diego, CA
November 14, 2013

Posted by EPIC on November 14, 2013 10:47 AM | | TrackBacks (0)

November 12, 2013

EPIC Prevails in FOIA Case About "Internet Kill Switch"

In a Freedom of Information Act case brought by EPIC against the Department of Homeland Security, a federal court has ruled that the DHS may not withhold the agency's plan to deactivate wireless communications networks in a crisis. EPIC had sought "Standard Operating Procedure 303," also known as the "internet Kill Switch," to determine whether the agency's plan could adversely impact free speech or public safety. EPIC filed the FOIA lawsuit in 2012 after the the technique was used by police in San Francisco to shut down cell service for protesters at a BART station, who had gathered peacefully to object to police practices. The federal court determined that the agency wrongly claimed that it could withhold SOP 303 as a "technique for law enforcement investigations or prosecutions." The phrase, the court explained, "refers only to acts by law enforcement after or during the prevention of a crime, not crime prevention techniques." The court repeatedly emphasized that FOIA exemptions are to be read narrowly. For more information, see EPIC: EPIC v. DHS (SOP 303) and EPIC: FOIA.

Tags:

Posted by EPIC on November 12, 2013 5:04 PM | | TrackBacks (0)

Supreme Court to Consider EPIC Challenge to NSA Program This Week

The Supreme Court is scheduled to consider EPIC's challenge to the NSA telephone record collection program at conference this week. EPIC has asked the Court to overturn an order of the Foreign Intelligence Surveillance Court that compelled Verizon to produce all of the telephone records of all of its customers to the NSA. EPIC said that this order clearly exceeded the authority of the surveillance court. The EPIC Petition was distributed to the Justices last week along with briefs by former Church committee members and prominent scholars in information law, federal jurisdiction, and constitutional law, who all urged the Supreme Court to grant the EPIC petition. For more information, see In re EPIC.

Tags:

Posted by EPIC on November 12, 2013 5:12 PM | | TrackBacks (0)

November 13, 2013

Privacy Groups to FTC: Investigate Role of US Firms in NSA Surveillance

Consumer privacy organizations in the US have asked the Federal Trade Commission to determine whether US companies turned over private customer data to the National Security Agency. "We urge you to open an investigation to determine whether any failure by these companies to comply with the Commission's orders may have contributed to the improper disclosure of customer data," the groups wrote. The organizations, which have brought many privacy complaints to the FTC, stated that the disclosure of user data "directly implicates the jurisdiction of the Federal Trade Commission." According to the organizations, "it is inconceivable that when faced with the most significant breach of consumer data in U.S. history, the Commission could ignore the consequences for consumer privacy." EPIC previously wrote to the Federal Communications Commission regarding the unlawful provision of call detail records to the NSA. The Supreme Court is scheduled to consider EPIC's challenge to the NSA telephone record collection program at conference this week. For more information, see In re EPIC.

Tags:

Posted by EPIC on November 13, 2013 11:36 AM | | TrackBacks (0)

November 14, 2013

"Collect it All: America's Surveillance State"

"Collect it All: America's Surveillance State"

Amie Stepanovich,
Director, EPIC Domestic Surveillance Project

New America Foundation
Washington, D.C.
November 14, 2013

Posted by EPIC on November 14, 2013 3:50 PM | | TrackBacks (0)

November 16, 2013

"Drones Around the Globe: Proliferation and Resistance"

"Drones Around the Globe: Proliferation and Resistance"

Amie Stepanovich,
Director, EPIC Domestic Surveillance Project

CODEPINK
Washington, D.C.
November 16, 2013

Posted by EPIC on November 16, 2013 3:52 PM | | TrackBacks (0)

November 19, 2013

"Surveillance and Foreign Intelligence Gathering in the United States: The Current State of Play"

"Surveillance and Foreign Intelligence Gathering in the United States: The Current State of Play"

Marc Rotenberg,
EPIC President

Georgetown University Law Center,
Center on National Security and the Law
Washington, DC
November 19, 2013

Posted by EPIC on November 19, 2013 3:55 PM | | TrackBacks (0)

November 14, 2013

Government Audit Finds TSA's Behavioral Analysis Program "Ineffective"

The Government Accountability Office issued a report to Congress finding that the Transportation Security Administration's behavioral analysis program, known as "Screening of Passengers by Observation Techniques" (SPOT), is ineffective. The GAO determined that there is no scientifically valid evidence for behavior indicators, and that TSA screeners cannot reliably interpret passenger behavior. The GAO report also notes that the there have been significant concerns over racial and ethnic profiling. There are around 3,000 TSA officers currently assigned to the SPOT program, which has cost approximately $900 million since 2007. The GAO recommended the Congress reduce further funding of the program. In testimony before the 9/11 Commission in 2003, EPIC warned that "It is easy to construct a device that can determine whether a person is carrying a gun before he boards an airplane. It is much more difficult to construct a device that can probe his thoughts and determine his intent to commit a crime." Since that time, EPIC has objected to the DHS's practice of assigning threat profiles based on race, ethnicity, and gender. EPIC has also called upon the TSA to undertake a comprehensive audit of the civil rights impact of airport screening policies on racial and religious minorities. For more information, see EPIC: Passenger Profiling.

Tags:

Posted by EPIC on November 14, 2013 4:11 PM | | TrackBacks (0)

November 18, 2013

Bipartisan Introduction of Do Not Track Kids Legislation in Senate and House

Senators Markey (D-MA) and Kirk (R-IL), along with Representatives Barton (R-TX) and Rush(D-IL), have introduced the Do Not Track Kids Act, comprehensive children's online privacy legislation. The bill would amend the Children's Online Privacy Protection Act by extending protection to teens ages 13-15, requiring consent for the collection of personal information, and creating an "eraser button" that allows children to delete personal information. California recently enacted a bill, which also provides for an "eraser button" that would require websites to allow minors to remove their own information. The bill would also require online companies to explain the types of personal information collected, how that information is used and disclosed, and the policies for collection of personal information. EPIC recommended similar update to COPPA in testimony before the Senate Commerce Committee in 2010. For more information, see EPIC: Children's Privacy.

Tags:

Posted by EPIC on November 18, 2013 11:22 AM | | TrackBacks (0)

States Reach $17 Million Settlement with Google Over Privacy Violations

The Maryland Attorney General Douglas Gansler, joined by attorneys general in 36 states and the District of Columbia, has reached a $17 million settlement with Google over privacy violations. Google violated state consumer protection and privacy law by placing advertising tracking cookies on Safari browsers despite telling users that it would honor the default Safari privacy settings, which prevented the placement of such cookies. The Federal Trade Commission fined Google $22.5 million last year over similar practices which violated an earlier settlement that was the result of a complaint filed by EPIC. EPIC previously objected to the Google-DoubleClick merger on privacy grounds and specifically warned that Google’s use of Doubleclick techniques would lead to impermissible tracking of Internet users. Earlier EPIC had urged the Federal Trade Commission and other consumer protection agencies to support advertising models that are not linked to actual user identity. For more information, see EPIC: Google Buzz, EPIC: Google/DoubleClick Merger.

Tags:

Posted by EPIC on November 18, 2013 1:40 PM | | TrackBacks (0)

Supreme Court Declines EPIC's Challenge to NSA Domestic Surveillance Program, Leaves in Place Order of Surveillance Court

Today the Supreme Court denied review of In re EPIC, a direct challenge to the NSA telephone record collection program. EPIC argued that an order of the secretive Surveillance Court that required Verizon to turn over all customer records exceeded legal authority. "It is simply not possible that every phone record in the possession of Verizon is relevant to a national security investigation," EPIC stated. EPIC asked the Supreme Court to overturn the order of the Foreign Intelligence Surveillance Court. Prominent legal scholars and members of the Church Committee who wrote the law agreed. Four groups filed amicus briefs in support and urged the Supreme Court to grant EPIC’s petition. However, the Supreme Court, without comment, declined to hear the case. For more information, see In re EPIC, In re EPIC Press Release.

Tags:

Posted by EPIC on November 18, 2013 3:03 PM | | TrackBacks (0)

EPIC Urges FCC to Investigate AT&T’s Practice of Selling Consumer Phone Records

In a letter to Federal Communications Commission Chairman Tom Wheeler, EPIC urged the FCC to determine whether AT&T violated the Communications Act when it sold private consumer call detail information to the Drug Enforcement Administration and Central Intelligence Agency. EPIC's letter follows an earlier letter where EPIC asked the FCC to resolve whether Verizon violated the Communications Act when it released consumer call detail information to the National Security Agency. EPIC's letter also informed the Commission that the National Association of Regulatory Utility Commissioners has issued a draft resolution underscoring the crucial role of the FCC in protecting consumer information. For more information, see EPIC: In re EPIC and EPIC: Foreign Intelligence Surveillance Act.

Tags:

Posted by EPIC on November 18, 2013 5:05 PM | | TrackBacks (0)

November 19, 2013

"The Internet of Things: Privacy and Security in a Connected World"

"The Internet of Things: Privacy and Security in a Connected World"

David Jacobs,
Consumer Protection Counsel

Federal Trade Commission
Washington, D.C.
November 19, 2013

Posted by EPIC on November 19, 2013 5:29 PM | | TrackBacks (0)

EPIC Files FOIA Request with FTC About Facebook Investigation

EPIC filed a Freedom of Information Act request with the Federal Trade Commission for documents concerning the FTC's recent "investigation" of Facebook's policy changes. The investigation concerned changes to Facebook’s Data Use Policy that permit the use of the names, images, and content of Facebook users for commercial endorsement without user consent. Following announcement of the proposed change, EPIC and several several privacy groups wrote to the FTC objecting to the changes as a violation of a 2011 consent order with Federal Trade Commission. Senator Markey also expressed concern about the policy changes. The Commission opened an investigation which was then quietly closed allowing Facebook to go forward with the changes. For more information, see EPIC: Federal Trade Commission and EPIC: FOIA.

Tags:

Posted by EPIC on November 19, 2013 10:05 AM | | TrackBacks (0)

"Student Privacy and Cloud Computing Working Meeting"

Khaliah Barnes,
EPIC Administrative Law Counsel

Berkman Center for Internet & Society
Harvard University
November 18-19, 2013

Posted by EPIC on November 19, 2013 10:14 AM | | TrackBacks (0)

November 20, 2013

Federal Court Awards EPIC $30,000 in Social Media Monitoring Case

EPIC has prevailed in a fee dispute with the Department of Homeland Security in an open government case concerning the government’s monitoring of social media. EPIC filed a FOIA request after the agency announced plans to gather information from "online forums, blogs, public websites, and message boards." After the DHS refused to produce documents, EPIC filed suit and obtained more than 500 pages describing the agency program. When the agency subsequently moved to dismiss the case, a federal judge ruled that EPIC had "substantially prevailed." And when the DHS sought to give EPIC a token amount in settlement, the court had harsh words for the agency. The court described EPIC's work in the case as "the sort of public benefit that FOIA was designed to promote." The case is EPIC v. DHS, No. 11-2261 (D.D.C. Nov. 15, 2013). For more information, see EPIC v. DHS: Social Media Monitoring.

Tags:

Posted by EPIC on November 20, 2013 2:57 PM | | TrackBacks (0)

November 22, 2013

United Nations Considers Privacy Resolution

In response to growing concern about the scope of electronic surveillance, the U.N. General Assembly is considering a resolution affirming that privacy is a fundamental right. Civil society organizations have long urged international organizations to update and strengthen global frameworks for privacy protection. The UN resolution now under consideration is a response to reports that the United States conducted surveillance of many foreign leaders, including Brazil's President Dilma Rousseff and German Chancellor Angela Merkel. Brazil and Germany are leading the effort at the United Nations on the privacy resolution. The European Parliament is pursuing an investigation of the "Mass Surveillance of EU Citizens." And the United States Congress is considering legislation, such as the USA FREEDOM Act, to reign in surveillance activities. For more information, see Public Voice - The Madrid Declaration.

Tags:

Posted by EPIC on November 22, 2013 2:55 PM | | TrackBacks (0)

November 25, 2013

EPIC Files Lawsuit to Determine Legal Authority For PRISM Program

EPIC has filed a Freedom of Information Act lawsuit against the Department of Justice's Office of Legal Counsel for the secret legal analyses that justifies the use of the NSA PRISM program. PRISM is a program that allows the FBI and NSA to collect information - including the contents of internet users' communications - directly from internet service providers, and without a warrant. Through this lawsuit, EPIC seeks to clarify which, if any, legal authority would permit such extensive domestic surveillance of personal activities. The secrecy of these opinions is of increasing concern to Open Government advocates. EPIC, joined by a coalition of FOIA organizations, recently filed an amicus brief in support of a New York Times lawsuit for opinions of the Office of Legal Counsel. For more information, see EPIC v. DOJ - PRISM.

Tags:

Posted by EPIC on November 25, 2013 4:24 PM | | TrackBacks (0)

November 27, 2013

"New Efforts To Limit NSA Surveillance Powers"

"New Efforts To Limit NSA Surveillance Powers"

Marc Rotenberg,
EPIC Executive Director

The Diane Rehm Show
WAMU / NPR
Washington, DC
November 27, 2013

Posted by EPIC on November 27, 2013 5:50 PM | | TrackBacks (0)

Europe May Suspend Data Transfer Agreement with US

The European Commission released a report questioning the effectiveness of the U.S.-EU Safe Harbor framework. The Safe Harbor arrangement allows data to be transferred from EU Member States to companies in the U.S. that have promised to adhere to a set of privacy practices. The report cited "large scale access by intelligence agencies to data transferred to the US by Safe Harbour certified companies" as a key concern. The report of the European Commission recommends a variety of measures designed to strengthen Safe Harbor, such as increasing investigations into compliance, limiting the national security exception to cases that are "strictly necessary or proportionate," and facilitating access by EU citizens to alternative dispute resolution providers. EPIC has previously recommended that the US support the EU Data Protection Regulation and adopt an international framework for privacy protection. For more information, see EPIC: EU Data Protection Directive.

Tags:

Posted by EPIC on November 27, 2013 4:40 PM | | TrackBacks (0)

Search


About November 2013

This page contains all entries posted to epic.org in November 2013. They are listed from oldest to newest.

October 2013 is the previous archive.

December 2013 is the next archive.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type Pro 6.3.3