epic.org: April 2014 Archives

Techno-Snooping: Privacy, Technology and the Evolving Rule of Law

Ginger McCall,
EPIC Associate Director

Colby College
Watervillie, ME
April 6, 2014

Posted by EPIC on April 6, 2014 5:28 PM | Permalink | TrackBacks (0)

Privacy, Security, and Secrecy After Snowden

Alan Butler,
EPIC Appellate Advocacy Counsel

Cardozo School of Law
New York, NY
April 2, 2014

Posted by EPIC on April 2, 2014 1:09 PM | Permalink | TrackBacks (0)

Data Privacy in the Digital Age

"Data Privacy in the Digital Age"

Marc Rotenberg,
EPIC Executive Director

Indiana Law Review Symposium
Indianapolis, IN
April 4, 2014

Posted by EPIC on April 4, 2014 1:10 PM | Permalink | TrackBacks (0)

EPIC's Contemporary Privacy Litigation: Challenging The Surveillance State

Alan Butler,
EPIC Appellate Advocacy Counsel

University of New Hampshire School of Law
Concord, NH
April 8, 2014

Posted by EPIC on April 8, 2014 1:12 PM | Permalink | TrackBacks (0)

EPIC Supports Challenge to National Security Letter "Gag Orders"

EPIC has filed an amicus curiae brief in In re National Security Letter, a case challenging the government's bulk collection of customer records without judicial approval. Under the current law, companies are not even allowed to discuss these subpoenas or reveal information about the number of NSLs they receive each year. EPIC argued in its friend of the court brief that this "gag order" provision frustrates the public's right to know about a far-reaching government surveillance program. EPIC routinely provides information to the public about government surveillance programs, but is unable to inform the public about NSL surveillance because of the provision now under review by a federal appeals court. For more information, see EPIC: In re NSL and EPIC: National Security Letters.

Tags:

Posted by EPIC on April 1, 2014 12:18 PM | Permalink | TrackBacks (0)

Restoring Trust in Data Protection

"Restoring Trust in Data Protection"

Marc Rotenberg,
EPIC President

Academy of European Law
Brussels, Belgium
7 April 2014

Posted by EPIC on April 7, 2014 2:13 PM | Permalink | TrackBacks (0)

EPIC to Commerce Department: Uphold the Public's Right to Know

In comments to the Commerce Department about proposed changes to the agency's Freedom of Information Act regulations, EPIC urged the agency not to prematurely close requests. EPIC supported several changes that will make it easier for the public to obtain information from the government agency, but objected to a specific proposal that would allow the agency to terminate pending FOIA requests if requesters do not "reasonably describe the records sought." EPIC said the change was contrary to the purpose of the open government law. EPIC routinely comments on agency proposals that impact the rights of FOIA requesters. The Privacy and Civil Liberties Oversight Board, the Federal Trade Commission, and the Interior Department have adopted EPIC's recommendations on proposed FOIA rule changes. For more information, see EPIC: Open Government.

Tags:

Posted by EPIC on April 1, 2014 2:58 PM | Permalink | TrackBacks (0)

Judge Approves Controversial Settlement Over Objection of Consumer Privacy Organizations

A federal judge in California has approved a settlement agreement in a lawsuit against Google that will allow the company to continue to sell data about users' browsing history to advertisers. EPIC and several other consumer privacy organizations objected to the settlement, stating that it requires no change in Google's business practices and provides no benefit to those on whose behalf the case was brought. EPIC and the groups also recommended that the court adopt an objective basis for distributing cy pres funds, noting that the awards are often made for the benefit of the lawyers settling the case and not the class members. Class action settlements have come under increasing scrutiny in recent years, with courts increasingly concerned about collusion between attorneys and faux settlements that do not reflect the purpose of the initial lawsuit. In a case that reached the Supreme Court, Chief Justice Roberts said that courts will need to look more closely at these settlements to determine whether there are fair, whether organizations designated to receive funds reflect the interests of class members, and also the obligation of judges to carefully review these proposals. For more information, see EPIC: Search Engine Privacy and EPIC: Google Buzz.

Tags:

Posted by EPIC on April 1, 2014 3:10 PM | Permalink | TrackBacks (0)

EPIC v. NSA: EPIC Appeals Lower Court Decision on Presidential Directive

EPIC has filed its opening brief in EPIC v. NSA. EPIC is seeking to obtain NSPD-54, a Presidential Directive on cyber security that was widely circulated to federal agencies and senior policy advisors. EPIC submitted a Freedom of Information Act request to the NSA for NSPD-54 and several related documents. The NSA turned over some of the materials to EPIC but withheld the Directive. EPIC then sued the agency to force disclosure of the document but a court ruled sue sponte that the NSA did not have control over NSPD-54, and thus it was not an "agency record" subject to release. It was the first time a federal court had ruled that a Presidential Directive was not subject to FOIA. In the appeal, EPIC argued that the agency has the document and therefore bears the burden of proving it is not an "agency record." EPIC also pointed out that the lower court failed to apply the control test followed by other courts, and that the NSA itself never claimed that NSPD-54 was not an agency record. For more information, see EPIC: Presidential Directives and Cybersecurity and EPIC v. NSA: NSPD-54 Appeal.

Tags:

Posted by EPIC on April 1, 2014 5:13 PM | Permalink | TrackBacks (0)

NGO Coalition Tells President "Establish Privacy Protections for Big Data"

EPIC along with more than 20 other organizations sent comments to the White House on "Big Data and the Future of Privacy." The organization urged the President to establish new safeguards for organizations collecting "big data" including transparency, accountability, robust privacy techniques, and meaningful evaluation. The groups also urged the President to enact the Consumer Privacy Bill of Rights. The incidents of security beaches and identity theft continue to increase in the United States. Meanwhile a new report reveals that consumers are secretly scored by businesses. And the President recently decided to renew the NSA's ineffective telephone record collection program. The White House agreed to accept public comments after EPIC and two dozen organizations petitioned the Office of Science and Technology Policy. The White House has sponsored several conferences on Big Data and the Future of Privacy, though some of the meeting have been closed to the public. A report from the White House is expected on April 17. For more information, see EPIC: Big Data and the Future of Privacy.

Tags:

Posted by EPIC on April 2, 2014 5:42 PM | Permalink | TrackBacks (0)

After Public Outcry, Microsoft Reverses Course on Email Search

After criticism by bloggers, consumers, and privacy advocates - including EPIC - Microsoft will change a troubling provision in its privacy policy. In March, Microsoft searched a blogger's private Hotmaill account to determine whether the subscriber to the Microsoft service received leaked versions of Windows 8. At the time, Microsoft claimed that the search was permissible under the Microsoft Online terms of service. This week Microsoft, announced it would no longer search customers' accounts itself if it suspected wrongdoing and would instead refer such matters over to law enforcement. According to Microsoft, Hotmail has 170 million active users. For more information see: EPIC: Consumer Privacy Bill of Rights.

Tags:

Posted by EPIC on April 5, 2014 2:59 PM | Permalink | TrackBacks (0)

EPIC Warns White House About Privacy Risks of "Big Data"

In response to a request from the White House, EPIC has submitted extensive comments on "Big Data and the Future of Privacy." EPIC warned the White House about the enormous risk to Americans of current "big data" practices but also made clear that problems are not new, citing the Privacy Act of 1974 which responded to the challenges of "data banks." EPIC noted the dramatic increases in identity theft and security breaches. EPIC called for the swift enactment of the Consumer Privacy Bill of Rights and the end of opaque algorithmic profiling. EPIC wrote "It is vitally important to update current privacy laws to minimize collection, secure the information that is collected, and prevent abuses of predictive analytics." EPIC and more than 20 organizations previously urged the White House to establish privacy protections for user data that is being gathered by large companies and government agencies. A report from the White House is expected on April 17. For more information, see EPIC: Big Data and the Future of Privacy.

Tags:

Posted by EPIC on April 7, 2014 10:01 AM | Permalink | TrackBacks (0)

European High Court Strikes Down Data Retention Law

In a far-reaching and dramatic opinion, the European Court of Justice has ruled that the mass storage of telecommunications data violates the fundamental right to privacy and is illegal. The Data Retention Directive required telephone and Internet companies to keep traffic and location data as well as user identifying information for use in subsequent investigations of serious crimes. According to the Court, the Directive imposed "a wide-ranging and particularly serious interference with the fundamental rights to respect for private life and to the protection of personal data, without that interference being limited to what is strictly necessary." The Court found that the collection of metadata constitutes the processing of personal data and must therefore comply with Article 8 of the Charter of Rights. The Court also said to find a privacy violation, "it does not matter whether the information on the private lives concerned is sensitive or whether the persons concerned have been inconvenienced in any way." Last year EPIC, joined by dozens of legal scholars and former members of the Church Committee, urged the US Supreme Court to find the NSA's telephone record collection program unlawful. For more information, see EPIC - Data Retention, In re EPIC.

Tags:

Posted by EPIC on April 8, 2014 9:57 AM | Permalink | TrackBacks (0)

FOIA Groups Support EPIC in Case Against NSA

Several open government organizations, including Public Citizen, the Sunlight Foundation, the Project on Government Oversight, Citizens for Responsibility and Ethics in Washington, the Center for Effective Government and Openthegovernment.org have filed an amicus brief supporting EPIC in EPIC v. NSA. EPIC is seeking to obtain a Presidential Directive on cyber security that was widely circulated to federal agencies and senior policy advisors. EPIC submitted a Freedom of Information Act Request to the NSA for NSPD-54 and several related documents. After the agency refused to disclose the Directive, EPIC sued the NSA under the Freedom of Information Act. The NSA then disclosed several documents but argued it could withhold NSPD-54 under a narrow legal exemption. Suprisingly, a federal court ruled sue sponte that NSPD-54 was not an "agency record" and simply dismissed the case. The FOIA groups argued that the judge's decision was contrary to FOIA law because NSPD-54 is an agency record and also because courts cannot dismiss such cases particularly when the agency itself thought it was subject to the law. For more information see: EPIC v. NSA.

Tags:

Posted by EPIC on April 8, 2014 11:59 AM | Permalink | TrackBacks (0)

FTC Commissioner Wright Meets with Industry Lobbyists, Not Consumer Representatives

Through a Freedom of Information Act request, EPIC obtained the appointment calendar of FTC Commissioner Wright. The Commissioner's calendar reveals many meetings with corporate presentatives but no meetings with public interest organizations representing consumers. One of FTC's primary missions is to protect consumers from unfair and deceptive business practices. Commissioner Wright became an FTC Commissioner in January 2013. Since then he has met with representatives from Apple, Microsoft, Verizon, Qualcomm, the Network Advertising Initiative, and the Consumer Data Industry Association. He has attended industry conferences and given talks at trade association meetings. EPIC tried several times to arrange a meeting between Commissioner Wright and the Privacy Coalition—a nonpartisan coalition of consumer, civil liberties, educational, family, library, and technology organizations. The Privacy Coalition has hosted meetings with many FTC commissioners over the past decade. After repeatedly declining a meeting with the consumer privacy organizations, EPIC filed a FOIA request for the FTC Commissioner's appointment calendar. For more information, see EPIC: Federal Trade Commission.

Tags:

Posted by EPIC on April 8, 2014 5:25 PM | Permalink | TrackBacks (0)

Federal Agencies Fail to Safeguard "Big Data," Breaches Doubled in Just a Few Years

The Government Accountability Office has issued a report, warning that federal agencies "have not been consistent or fully effective in responding to data breaches." The GAO found that "the number of reported information security incidents involving personally identifiable information has more than doubled over the last several years." The report further states, "the increasing number of cyber incidents at federal agencies, many involving the compromise of personally identifiable information, highlights the need for focused agency action to ensure the security of the large amount of sensitive personal information collected by the federal government." EPIC recently warned the White House about the enormous risks to Americans of current "big data" practices. EPIC and more than 20 organizations have urged the Administrations to establish strong privacy safeguards and improve accountability across the government and private sector. For more information, see EPIC: Big Data and the Future of Privacy.

Tags:

Posted by EPIC on April 10, 2014 9:43 AM | Permalink | TrackBacks (0)

FTC Responds to EPIC Complaint on WhatsApp and Privacy

The Federal Trade Commission has notified Facebook and WhatsApp that they must honor their privacy commitments to users. According to the letter from the Director of the FTC Bureau of Consumer Protection, "if the acquisition is completed and WhatsApp fails to honor these promises, both companies could be in violation of Section 5 of the FTC Act and potentially the FTC's order against Facebook." The FTC letter followed a detailed complaint from EPIC and CDD concerning the privacy implications of the $19B sale to Facebook. WhatsApp had assured users of strong privacy safeguards prior to the sale. The FTC letter concludes "hundreds of millions of users have entrusted their personal information to WhatsApp. The FTC staff continue to monitor the companies' practices to ensure that Facebook and WhatsApp honor the promises they have made to those users." For more information, see EPIC: In re: WhatsApp, EPIC: In re: Facebook and EPIC: Federal Trade Commission.

Tags:

Posted by EPIC on April 10, 2014 2:27 PM | Permalink | TrackBacks (0)

Car Data Privacy Bill Moves Forward in Senate

The Senate Commerce Committee voted unanimously to approve the Driver Privacy Act, a bipartisan bill that would provide privacy safeguards for event data recorders or "black boxes." Introduced by Senators John Hoeven (R-ND) and Amy Klobuchar (D-MN), the bill prohibits unauthorized access to data that records the activities of drivers. Under the Act, data could only be obtained with: (1) written consent of all of the car owners or lessees; (2) a court or administrative order; (3) a federal transportation safety investigation if personally identifiable information is redacted; (4) emergency car crash medical response; or (5) traffic safety research if personally identifiable information is redacted. Last year EPIC, consumer privacy organizations, and members of the public, urged the National Highway Traffic Safety Administration to protect driver privacy by establishing many of the proposed safeguards in the Driver Privacy Act. For more information, see EPIC: Event Data Recorders and Privacy.

Tags:

Posted by EPIC on April 10, 2014 4:32 PM | Permalink | TrackBacks (0)

Court Upholds FTC Authority to Safeguard Data Privacy

A federal judge has ruled that the Federal Trade Commission has the power to enforce data security standards. In the case FTC v. Wyndham, the Commission alleged that criminals stole hundreds of thousands of credit card numbers from hotel guests because Wyndham Hotels maintained lax data security. Wyndham responded that the FTC could not bring an enforcement action against the company without first publishing regulations. Judge Esther Salas held that the FTC's authority to investigate "unfair or deceptive" business practices included data protection. FTC Chairwoman Edith Ramirez stated earlier, "Companies should take reasonable steps to secure sensitive consumer information. When they do not, it is not only appropriate, but critical, that the FTC take action on behalf of consumers." For more information, see EPIC: Federal Trade Commission, and EPIC: Big Data and the Future of Privacy.

Tags:

Posted by EPIC on April 11, 2014 9:52 AM | Permalink | TrackBacks (0)

EPIC v. DOJ: No Analysis of PRISM Legality

In a recently concluded Freedom of Information Act lawsuit, EPIC tried to obtain legal analysis concerning the controversial PRISM surveillance program. The Justice Department responded that "no responsive records" exist. An earlier FOIA case brought by EPIC revealed that the Office of Legal Counsel provided advice on the warrantless wiretapping program of President Bush. But apparently no similar memos exist on the legality of the mass collection of Internet traffic by the NSA. For more information, see EPIC v. DOJ (PRISM).

Tags:

Posted by EPIC on April 11, 2014 9:59 AM | Permalink | TrackBacks (0)

Worthwhile Tradeoffs: Surveillance in a Constitutional Democracy Part 1

Alan Butler,
EPIC Appellate Advocacy Counsel

National Constitution Center
Philadelphia, PA
April 17, 2014

Posted by EPIC on April 17, 2014 3:47 PM | Permalink | TrackBacks (0)

Coalition Urges White House to Recognize EU Opinion; End NSA Telephone Records Program

In a letter to the White House, a coalition of US organizations urged the Administration to recognize the recent opinion by the Court of Justice, the highest court in Europe, that ended a European data retention mandate. The European law required telephone and internet companies to retain metadata on customers for national security purposes. The European Court of Justice ruled that this practice violates the fundamental right to privacy and is illegal. The US groups argue that the opinion "bears directly on the White House's review of the NSA Telephone Records Collection Program and also the White House study of Big Data and the Future of Privacy." The groups urged the White House to 1) recognize the Court's decision in its upcoming report on big data and privacy; and 2) end the NSA telephone record collection program. The letter states that the decision by European Court "is the most significant legal opinion from any court in the world on the risks of big data and the ongoing importance of privacy protection." Last year EPIC, joined by dozens of legal scholars and former members of the Church Committee, urged the US Supreme Court to find the NSA's telephone record collection program unlawful. More recently, EPIC submitted extensive comments warning the White House of the enormous risks of current big data practices. For more information, see EPIC: Data Retention and EPIC: Big Data and the Future of Privacy.

Tags:

Posted by EPIC on April 16, 2014 9:50 AM | Permalink | TrackBacks (0)

When Bytes Bite Back: Tunneling through the Data Mines

"When Bytes Bite Back: Tunneling through the Data Mines"

Ginger McCall,
EPIC Associate Director

University of Kansas
Kansas City, KS
April 25, 2014

Posted by EPIC on April 25, 2014 2:45 PM | Permalink | TrackBacks (0)

EPIC Obtains Documents About FTC's Facebook Investigation

As the result of a Freedom of Information Act request, EPIC has received several hundred pages of documents related to the Federal Trade Commission's investigation of Facebook business practices. The documents include assessments by the FTC of Facebook's privacy changes and communications with the company. EPIC has repeatedly pressed the Commission to enforce the 2012 Consent Order which barred the company from future changes to privacy settings without user consent and committed Facebook to develop a "comprehensive privacy program." EPIC also recently filed a complaint with the FTC about Facebook's acquisition of Whatsapp, an instant messaging service. The EPIC complaint resulted in a stern warning from the FTC not to violate Whatsapp user privacy. For more information see: EPIC: Facebook Privacy.

Tags:

Posted by EPIC on April 16, 2014 5:33 PM | Permalink | TrackBacks (0)

Appeals Court Orders Release of Classified Legal Analysis, EPIC Filed Amicus Brief

A federal court of appeals has ruled that the Department of Justice must release the legal analysis justifying the controversial "targeted killing" drone program. The government argued in New York Times v. Department of Justice that the analysis should be exempt from release as a privileged communication. But the ACLU and the New York Times, supported by EPIC and other open government organizations, argued that because the government relied on the legal reasoning to justify the drone program it cannot be kept secret. The Second Circuit agreed, ruling that the after "senior Government officials have assured the public" that the program is "lawful and that . . . advice establishes the legal boundaries," it can no longer claim that the document is exempt from FOIA. EPIC has pursued a similar case for more than seven years, seeking the disclosure of the OLC's legal analysis of the Warrantless Wiretapping program. And earlier this year EPIC wrote in the New York Times that if "the Justice Department expects others to follow its advice, the analysis that supports its conclusions should be made public." For more information, see EPIC: New York Times v. DOJ and EPIC: EPIC v. DOJ - Warrantless Wiretapping Program.

Tags:

Posted by EPIC on April 21, 2014 12:53 PM | Permalink | TrackBacks (0)

Pew Survey Finds Opposition to Drones, Robots, and Google Glass

A national survey conducted by Pew Research Center and Smithsonian Magazine find the American public optimistic about revolutions in health science and transportation, and concerned about technologies of surveillance. According to the survey, 63% of Americans think it would be a change for the worse if "personal and commercial drones are given permission to fly through most U.S. airspace," while 22% think it would be a change for the better. And 65% expressed concern about increased dependence on robots. Similarly, 53% of Americans think it would be a change for the worse if most people wear implants or other devices that constantly show them information about the world around them. Women are especially wary of a future in which these devices are widespread. Google Glass, an example of such technology, has come under scrutiny from Data Protection authorities as well as Congress. EPIC, joined by 100 other organizations and experts, petitioned the Federal Aviation Administration to address public concerns about privacy and drones. For more information, see EPIC: Google Glass and Privacy and EPIC: Domestic Drones.

Tags:

Posted by EPIC on April 21, 2014 6:25 PM | Permalink | TrackBacks (0)

Amid Privacy Backlash, Student Data Firm Dissolves

inBloom, a private company that acquired student information from school districts across the country, has shut down. The company said its work "has been stalled because of generalized public concerns about data misuse..." inBloom and other companies, including Google, acquired student data following revisions to the Family Educational Rights and Privacy Act by the Department of Education that significantly weakened the student privacy law. In 2012, EPIC sued the Education Department for removing student privacy protections. Last year, EPIC testified before the Colorado State Board of Education on student privacy issues concerning inBloom. Early this year, EPIC called for a Student Privacy Bill of Rights, an enforceable student privacy and data security framework. For more information, see EPIC: Student Privacy.

Tags:

Posted by EPIC on April 21, 2014 6:36 PM | Permalink | TrackBacks (0)

Supreme Court to Hear Cell Phone Privacy Cases

The Supreme Court is set to hear oral arguments next week in two cases concerning the warrantless search of a cell phone following an arrest. EPIC filed a "friend of the court" brief, signed by twenty-four technical experts and legal scholars, arguing that the Fourth Amendment requires a warrant because of the vast amount of personal information available on a cellphone. EPIC wrote, "Allowing police officers to search a person's cell phone without a warrant following an arrest would be a substantial infringement on privacy, is unnecessary, and unreasonable under the Fourth Amendment." Also the Supreme Court this week agreed to review a case considering whether the police may detain a person based on a mistaken interpretation of the law. In Heien v. North Carolina, the person was detained by the police because of a broken taillight. EPIC routinely files amicus briefs in cases raising novel privacy issues. For more information, see EPIC: Riley v. California and EPIC: Amicus Curiae Briefs.

Tags:

Posted by EPIC on April 24, 2014 4:37 PM | Permalink | TrackBacks (0)

Tech Standard Dropped Because of Suspected NSA Influence

Following an extensive public comment process, the National Institute of Standards and Technology has removed a cryptographic algorithm from its guidance for random number generators deployed by government vendors. NIST recommends that current users of Dual_EC_DRBG transition to one of the three remaining approved algorithms as quickly as possible. NIST cited in own evaluation and "a lack of public confidence in the algorithm." Last year the NY Times reported that the NSA had intentionally weakened cryptographic standards to enable surveillance, raising concerns about the reliability of key Internet standards. In February, NIST released new guidelines for the development of cryptographic standards. EPIC, joined by several organizations, urged the agency to explain the extent of NSA's role in the standards development process. EPIC previously recommended that NIST inform the public of the full extent of the NSA's involvement in the Cybersecurity Framework. The Computer Security Act of 1987 was passed explicitly to prevent NSA involvement in domestic computer security. For more information, see EPIC: Computer Security Act of 1987.

Tags:

Posted by EPIC on April 24, 2014 4:58 PM | Permalink | TrackBacks (0)

Report Reveals Rise in Teens' Desire for Online Privacy

A report released by the Intelligence Group, a "youth-focused, research-based consumer insights company," reveals that teens want more online privacy than ever before. According to the report, only 11% of teens currently share "a lot about themselves online" - a 7% decrease from the same age group last year. By contrast, 17% of young adults aged 19- to 24 and 27% of adults aged 25 to 34 currently share "a lot about themselves online." The report also indicates that "about 18% of teens share content on social media at least once a day, including status updates, photos, pins, or articles, compared with 28% of 19- to 24-year-olds and 35% of 25- to 34-year-olds." Recently, EPIC objected to a settlement agreement that would allow Facebook to use images of teens in online advertising. EPIC has also filed comments with the FTC supporting stronger regulations to protect children's data online. For more information, see EPIC: Fraley v. Facebook, EPIC: COPPA and EPIC: FTC.

Tags:

Posted by EPIC on April 25, 2014 11:46 AM | Permalink | TrackBacks (0)

Patent to Block Facial Recognition Follows Sale of Google Glass

A patent for a technology that shields users from nearby video cameras has emerged. The patent describes a detector that would blur the images of people on portable camera displays, preventing video surveillance. The patent surfaced following Google's release of Google Glass for sale by the general public. Google is seeking a patent for a contact lens style for Glass that would escape public detection. Google is also seeking to trademark the word "glass," which the US Patent and Trademark Office opposes. EPIC previously submitted comments to the Federal Trade Commission recommending the suspension of facial recognition techniques pending the establishment of privacy safeguards. For more information, see EPIC: Google Glass and Privacy, EPIC: Facial Recognition and EPIC: Federal Trade Commission.

Tags:

Posted by EPIC on April 25, 2014 12:12 PM | Permalink | TrackBacks (0)

DHS Releases Cybersecurity Report, NSA Role Remains Murky

The Department of Homeland Security had published the first Privacy and Civil Liberties Assessment Report. The report examined several federal agencies, including the Department of Defense and the Office of the Director of National Intelligence, regarding cybersecurity activities. Executive Order 13636, "Improving Critical Infrastructure Cybersecurity," requires the reports as well as the creation of a cybersecurity framework. Last year, EPIC recommended civilian control of domestic Cybersecurity and clarification of the NSA's involvement. The Privacy and Civil Liberties Assessment Report and the cybersecurity framework both fail to clarify the NSA's role in cybersecurity. For more information, see EPIC: Cybersecurity Privacy Practical Implications.

Tags:

Posted by EPIC on April 25, 2014 12:46 PM | Permalink | TrackBacks (0)

Teacher Seminar: Surveillance and Privacy

Khaliah Barnes,
Director, EPIC Student Privacy Project

Close Up Foundation
Arlington, VA
April 28, 2014

Posted by EPIC on April 28, 2014 2:46 PM | Permalink | TrackBacks (0)

The National Security Agency 2014: What are the Prospects for Reform?

"The National Security Agency 2014: What are the Prospects for Reform?"

Marc Rotenberg,
EPIC President

National Press Club
Holeman Room
Washington, DC
April 30, 2014

Posted by EPIC on April 30, 2014 10:17 AM | Permalink | TrackBacks (0)

Supreme Court Considers Privacy of Cell Phones

Today the U.S. Supreme Court heard two cases presenting the question of whether the warrantless search of a cell phone following an arrest violates the Fourth Amendment. A transcript of arguments in the first case, Riley v. California, is here and the second case, United States v. Wurie, is here. The Justices acknowledged that the search of a cell phone is unlike the search of a physical object. Justice Kagan stated "People carry their entire lives on cell phones." EPIC argued in its "friend of the court" brief, signed by twenty-four prominent legal and technical scholars, that "Allowing police officers to search a person’s cell phone without a warrant following an arrest would be a substantial infringement on privacy, is unnecessary, and unreasonable under the Fourth Amendment." According to the Pew Research Group, 90% of American adults have smart phones. Approximately 12 million Americans are arrested each year. For more information, see EPIC: Riley v. California and EPIC Blog - Argument Recap: Justices Look to Limit Warrantless Cell Phone Searches.

Tags:

Posted by EPIC on April 29, 2014 4:48 PM | Permalink | TrackBacks (0)

Google Stops Scanning Student Emails, Ends Data Collection for Advertising

Google has announced it will stop scanning student emails for advertising purposes. Google has also stated that it will no longer display new advertisements in its Apps for Education. Google's announcement follows the demise of inBloom, a private company that acquired student data from school districts across the country. Amid public backlash, inBloom announced it was shutting down. Google and inBloom gained access to student data pursuant to the Education Department's revised regulations that significantly weakened the Family Educational Rights and Privacy Act, a federal student privacy law. EPIC had previously sued the Education Department for weakening the privacy law that protects student data. Earlier this year, EPIC called for a Student Privacy Bill of Rights, an enforceable student privacy and data security framework. For more information, see EPIC: Student Privacy.

Tags:

Posted by EPIC on April 30, 2014 11:26 AM | Permalink | TrackBacks (0)