"Bird's Eye View: Transatlantic Data Exposures and Regulatory Enforcement"
"Bird's Eye View: Transatlantic Data Exposures and Regulatory Enforcement"
Ginger McCall,
Director, EPIC Open Government Program
Privacy XChange
Scottsdale, AZ
November 3
« October 2014 | Main | December 2014 »
November 2014 Archives
November 3, 2014
November 19, 2014
"FUSION: Rise Up"
Marc Rotenberg,
EPIC President
Union Market
Washington, D.C.
November 19, 2014
(Request an Invite)
November 12, 2014
"Toward a European 'Marco Civil'?"
"Toward a European 'Marco Civil'?"
Marc Rotenberg,
EPIC President
Friedrich Ebert Stiftung
European Parliament
Brussels, Belgium
12 November 2014
November 20, 2014
"Watching the Watchers: Fighting Back in an Age of Ubiquitous Surveillance"
Marc Rotenberg,
EPIC President
Center for Digital Arts and Experimental Media
University of Washington
Seattle, Washington
November 20, 2014
(Register)
November 2, 2014
EPIC, Coalition Urge Investigation of Closure of Open Government Requests
EPIC and 13 other transparency organizations have asked the Office of Government Information Services to launch an investigation of impermissible closures of FOIA requests. Several federal agencies have notified FOIA requesters that unprocessed requests will simply be closed by the agency if there is no further communication. There is nothing in the FOIA law or agency regulations that allow for this practice. EPIC and the coalition have asked the FOIA ombudsman to investigate and to advise agencies to end the practice. For more information see: FOIA.ROCKS and EPIC: Open Government.
November 3, 2014
Federal Appeals Court to Hear Challenge to NSA Surveillance Program
The U.S. Court of Appeals for the D.C. Circuit is scheduled to hear arguments tomorrow (November 4, 2014) in Klayman v. Obama, a challenge to the NSA's domestic surveillance program. Klayman is one of several cases challenging the NSA's ongoing collection of domestic telephone records. In the Klayman case, Judge Richard Leon ruled that the NSA likely violated the Fourth Amendment. The government has appealed that decision. In a related case before the Ninth Circuit, EPIC filed an amicus curiae brief, arguing that communications data should be protected under the Fourth Amendment and that the 1979 decision Smith v. Maryland no longer applies, given the evolution of modern communications technology. Last year EPIC petitioned the US Supreme Court to end the NSA program, arguing that the Foreign Intelligence Surveillance Court exceeded its authority when it ordered Verizon to turn over all domestic call records to the NSA. The EPIC Petition was supported by legal scholars, technical experts, and former members of the Church Committee. For more information, see EPIC: Klayman v. Obama, EPIC: Smith v. Obama, In re EPIC.
November 5, 2014
Hearing on Proposed Amendments to the Federal Rules of Criminal Procedure
Hearing on Proposed Amendments to the Federal Rules of Criminal Procedure
Alan Butler,
EPIC Senior Counsel
Written Statement
Judicial Conference
Advisory Committees on Rules of Criminal Procedure
Washington, D.C.
November 5, 2014
November 4, 2014
EPIC Urges Department of Defense to Adopt Strong Open Government Rules
EPIC has submitted extensive comments to the Department of Defense, opposing several the agency's proposals to amend its Freedom of Information Act program. The agency plans to modify key terms and agency practices that would disadvantage FOIA requesters and are not consistent with the purpose of the open government law. EPIC's recommended model FOIA regulations, drafted by transparency and accountability groups that promote agency accountability. EPIC did support proposed changes by the agency that favor FOIA requesters and open government EPIC routinely submits comments on FOIA regulations, warning agencies not to erect new obstacles for those seeking information about government. The Defense Logistics Agency, Privacy and Civil Liberties Oversight Board, the Federal Trade Commission, and the Interior Department have adopted EPIC's recommendations on proposed FOIA rule changes. For more information, see FOIA.ROCKS and EPIC: Open Government.
November 5, 2014
EPIC to Oppose Changes to Judicial Rules that Would Allow Police Hacking
EPIC Senior Counsel Alan Butler will testify this week before the Judicial Conference Advisory Committee on Rules of Criminal Procedure regarding a proposed amendment to Rule 41, which governs the issuance of warrants by federal judges. The proposed amendment to Rule 41 would authorize judges to issue warrants permitting a law enforcement officer to use "remote access" to search digital files. Under the amended rule, these remote access or "computer hacking" warrants could be issued (1) in any case where the target device uses an Internet anonymizing service such as Tor, or (2) to search computers that are part of a botnet. In a written statement, EPIC's Butler argued that the proposed changes are not consistent with the Fourth Amendment because (1) there would be no notice prior to the search and (2) officers would not be required to show that delayed notice is necessary. EPIC previously filed an amicus brief in a federal appeals court, arguing that service of a warrant by fax violated a core procedural protection of the Fourth Amendment. For more information, see EPIC: United States v. Bach.
European Privacy Groups Boycott Google Roadshow
Leading European privacy organizations have turned down invitations from Google to participate in a series of events organized by the Internet giant, designed to raise questions about a decision of the European Court of Justice regarding the right to privacy. The European Consumer Organization (BEUC), the European Digital Rights Initiative (EDRi), and Privacy International are among several of the groups that are not participating in the Google meetings. EU policymakers have also challenged the company for attacking a judicial decision of the high court of the European Union, describing the tour as a "publicity stunt." For more information, see Fact Sheet on the Right to Be Forgotten, EPIC: Right to Be Forgotten, EPIC: International Privacy Law, EPIC: Expungement, and Rotenberg, "EU Court Strikes Blow for Privacy" (USA Today).
Court Dismisses Video Privacy Case Against Redbox
A federal court of appeals has ruled that a lawsuit against Redbox will not continue. The plaintiffs argued that Redbox's disclosure of personal information to a customer service center violated the Video Privacy Protection Act of 1988. The Seventh Circuit ruled that since customer service is part of Redbox's "ordinary course of business," the disclosure is permissible under the Act. The Court also determined that the statute created standing and that it was unnecessary to show additional harm. Earlier this year, a federal court ruled that a privacy class action lawsuit against Hulu, the video streaming service, could continue. In that case, Hulu shared user data with Facebook for advertising purposes, in violation of the VPPA. EPIC has supported the Video Privacy law since its inception and has defend the statute in Congressional testimony and amicus briefs. For more information, see EPIC: Harris v. Blockbuster; EPIC: Lane v. Facebook; and EPIC: Video Privacy Protection Act.
November 6, 2014
EPIC Prevails in Case Against FBI About Next Generation Identification
A Federal Court has ruled that EPIC "substantially prevailed" in its open government lawsuit against the FBI for information about the agency's massive biometric database. The Court has also awarded attorneys fees to EPIC. EPIC's lawsuit led to the disclosure of hundreds of pages about "Next Generation Identification", a vast FBI database program with fingerprints, DNA profiles, iris scans, palm prints, voice identification profiles, and photographs, on millions of Americans suspected of no crime. The Court found that "There can be little dispute that the general public has a genuine, tangible interest in a system designed to store and manipulate significant quantities of its own biometric data, particularly given the great numbers of people from whom such data will be gathered." EPIC has recommended new privacy safeguards and greater Congressional oversight of the NGI program and other identification techniques. For more information, see EPIC: EPIC v. FBI - Next Generation ID and EPIC: Spotlight on Surveillance on FBI's Next Generation Identification Program.
"Taking the 'OI' Out of FOIA"
"Taking the 'OI' Out of FOIA"
Ginger McCall,
Director, EPIC Open Government Project
Symantec EDGE
Washington, D.C.
November 6, 2014
November 12, 2014
EPIC Urges Privacy Board to Focus on Privacy Act Enforcement
EPIC has recommended that the Privacy and Civil Liberties Oversight Board prioritize Privacy Act enforcement. The Board is planning to host a conference "Defining Privacy." EPIC stated "The Privacy Act provides a sound framework for privacy protection in the United States. Government agencies within the PCLOB's purview contravene the Privacy Act's intent and pose substantial privacy risks by claiming broad exemptions from coverage under the Act. The Board must improve agency accountability by auditing programs for Privacy Act compliance and recommending expanded authorities under the Privacy Act." EPIC recently provided expert commentary at a Georgetown University Law Center conference celebrating the 40th anniversary of the Privacy Act. For more information, see EPIC: FAA v. Cooper, EPIC: Doe v. Chao, and EPIC: The Privacy Act of 1974.
November 13, 2014
"Expert Workshop: Cultures of Accountability"
"Expert Workshop: Cultures of Accountability"
Marc Rotenberg,
EPIC President
KU Leuven
Leuven, Brussels
13 November 2014
NSA Vows to Disclose Zero-Day Vulnerabilities
In a speech delivered at Stanford University, National Security Agency director Michael Rogers announced that the NSA will no longer stockpile "zero-day exploits", software glitches that could facilitate cyber espionage. In the past, the NSA has kept these vulnerabilities secret for use in counterintelligence. Admiral Rogers announced, "the default setting is if we become aware of a vulnerability, we share it." By disclosing vulnerabilities, the NSA allows software developers to fix the glitches and keep the internet more secure. Admiral Rogers recognized that "'a fundamentally strong Internet is in the best interest of the U.S.'" In December 2013, the President's Review Group on Intelligence and Communications Technologies recommended that "US policy should generally move to ensure that Zero Days are quickly blocked, so that the underlying vulnerabilities are patched on US Government and other networks." The Review Group report contains 45 other similar recommendations that EPIC generally supports and the White House has pledged to adopt. Earlier this year, the NSA's policies on zero-day exploits came under scrutiny when an glitch known as the "Heartbleed bug" threatened to undermine SSL encryption across the entire internet. For more information, see EPIC: In re EPIC and EPIC: NSPD-54 Appeal.
Post-Snowden, Social Media Users Concerned About Access to Personal Data
According to the Pew Research Report "Public Perceptions of Privacy and Security in the Post-Snowden Era," most users of social media are very concerned about businesses and government accessing their personal data. 80% of adults "agree" or "strongly agree" that Americans should be concerned about the government's monitoring of phone calls and internet communications. 64% believe there should be more regulation of advertisers. Almost all users rank their social security number as the most sensitive piece of personal data. EPIC has asked the House Committee on Homeland Security to suspend a DHS program that is monitoring social networks and media organizations. EPIC has recommended that the FTC to establish privacy protections for online advertising. EPIC has also urged the US Congress over many years to limit the use of the Social Security Number for commercial purposes. For more information, see EPIC: Public Opinion on Privacy, EPIC: Facebook Privacy, EPIC: Social Media Monitoring, and EPIC: Social Security Numbers.
EPIC Backs Internet Bill of Rights
Speaking at a conference in Brussels, "Toward a European Marco Civil," EPIC President Marc Rotenberg expressed support for The Declaration of Human Rights, an initiative of the Italian government led by Constitutional scholar Stefano Rodotà. Rotenberg said, "We must protect the political rights of Internet users, not simply the business models of Internet companies." The event was organized by the Fundamental Rights European Experts ("FREE") Group with the support of the Friedrich Eber Stiftung. For more information, see Civil Society Seoul Declaration and Madrid Privacy Declaration.
Senator Leahy Urges Swift Passage of USA Freedom Act
Senator Patrick Leahy (D-VT), Chairman of the Senate Judiciary Committee, has urged swift passage of the USA FREEDOM Act, which would end the government's dragnet collection of telephone records. The bipartisan bill, which Senator Leahy introduced in July, would also improve oversight accountability for domestic surveillance activities. It has broad bipartisan support among the Intelligence Community, the technology industry, and privacy advocates. Senator Leahy said "Congress should pass the bipartisan USA FREEDOM Act without delay." Last year EPIC petitioned the US Supreme Court to end the NSA bulk record collection program. Former members of the Church Committee and dozens of legal scholars supported the EPIC petition. For more information, see EPIC: In re EPIC - NSA Telephone Record Surveillance.
EPIC Urges Federal Court to Uphold FTC Authority to Protect Data Security
EPIC, joined by thirty-three technical experts and legal scholars, has filed an amicus brief in support of the Federal Trade Commission's authority to establish data security standards. EPIC described the extent of the data security risks in the United States, the important role of the FTC, and the danger of removing FTC authority to safeguard consumer data. EPIC said, "The FTC's authority to regulate business practices impacting consumer privacy is well established, the problem is obvious, and the agency has a clear record of success." EPIC cited 50 successful enforcement actions against companies that failed to safeguard customer data. EPIC also detailed the ongoing risks of identity theft and financial fraud facing American consumers. EPIC warned, "Removing the FTC's authority to regulate data security would be to bring dynamite to the dam." For more information, see EPIC: FTC v. Wyndham, EPIC: EPIC Amicus Curiae Briefs.
November 18, 2014
"The Right to Be Forgotten"
Marc Rotenberg,
EPIC President
Stewart Baker,
Former NSA General Counsel
The Diane Rehm Show
WAMU/NPR
November 18, 2014
1-800-433-8850
drshow@wamu.org
Surveillance Seminar
Surveillance Seminar
Alan Butler,
EPIC Senior Counsel
Close Up Foundation
DC JCC Community Hall
Washington, D.C.
November 18, 2014
November 17, 2014
Senator Markey Asks Justice Department About Cell Phone Tracking Program
Senator Edward J. Markey (D-MA) has sent detailed questions to Attorney General Holder about recent reports that law enforcement agencies have deployed aircraft equipped with cell tower simulators to capture mobile phone communication. The devices, known as "IMSI catchers" or "Stingray," identify and track cell phone users. Senator Markey wrote "the sweeping nature of this program and likely collection of sensitive records...raise important questions about how the Department protects the privacy of Americans" with no connection to unlawful activities. EPIC successfully sued the FBI to obtain documents about the agency's use of Stingray devices. EPIC has also filed amicus curiae briefs in the U.S. Supreme Court and the Supreme Court of New Jersey arguing that location tracking is a search under the Fourth Amendment and should only be conducted with a judicial warrant. For more information, see EPIC: Locational Privacy and EPIC v. FBI (Stingray).
FTC Fines TRUSTe, Privacy Certification Company
The Federal Trade Commission settled charges today that TRUSTe, a company that provides privacy certifications for online businesses including children's privacy and the US-EU Safe Harbor program, deceived consumers through its privacy seal program. The FTC charged TRUSTe with failure to conduct re-certifications for companies that displayed privacy seals, even though TRUSTe stated on its website that it conducted annual re-certifications. "TRUSTe promised to hold companies accountable for protecting consumer privacy, but it fell short of that pledge," said FTC Chairwoman Edith Ramirez. Under the consent agreement, TRUSTe is prohibited from misrepresenting its business practices to consumers. TRUSTe must also submit a detailed filing to the FTC every year, describing its COPPA recertification process and must pay a fine of $200K. In February, EPIC submitted comments to the Federal Trade Commission, urging the agency to improve pending settlements in several Safe Harbor enforcement actions, citing weaknesses in current Safe Harbor oversight. And just this month, EPIC filed a lengthy amicus brief in federal appeals court in support of the FTC's "Section 5" authority. For more information, see EPIC: FTC.
November 19, 2014
Senate Republicans Block US Surveillance Reform
An effort led by Senator Patrick Leahy (D-VT) to pass the USA FREEDOM Act failed on a narrow procedural vote last night. The FREEDOM Act would have ended the NSA's bulk collection of US telephone records. The bill would also improve oversight and accountability of the Foreign Intelligence Surveillance Act. Last year, EPIC petitioned the Supreme Court to suspend the bulk collection of Americans' telephone records. EPIC's petition was supported by dozens of legal scholars and former members of the Church Committee. EPIC also testified in Congress in support of improved reporting for domestic surveillance activities. For more information, see EPIC: Foreign Intelligence Surveillance Act Reform and In re EPIC.
November 20, 2014
Senate Committee Endorses FOIA Improvements Act
A bill cosponsored by Senator Patrick Leahy (D-VT) and Senator John Cornyn (R-TX) to improve the Freedom of Information Act has passed unanimously out of the Senate Judiciary Committee. The bill will strengthen the Office of Government Information Services, and will require new reporting on the use of exemptions and audits of agency FOIA processes. The FOIA Improvement Act codifies the presumption of openness and requires that agencies must demonstrate a foreseeable harm in order to withhold information. It will also close a loophole that allows agencies to still charge fees to requesters no matter how long the agency delays processing a request. The House of Representatives has already passed similar legislation. For more information see: EPIC: Open Government and FOIA.ROCKS.
EPIC Joins Call for Stronger Encryption Standards
EPIC, joined by several organizations, today urged the National Institute of Standards and Technology to adopt "secure and resilient encryption standards, free from back doors or other known vulnerabilities." The groups raised concerns that the National Security Agency would influence the standard-setting process to enable surveillance of private communications. EPIC previously advised NIST to remove its support for a random number generator algorithm that the NSA compromised. EPIC also recommended that NIST inform the public of the full extent of the NSA's involvement in the Cybersecurity Framework. EPIC President Marc Rotenberg first warned of the risk that the NSA would influence NIST encryption standards in testimony before Congress in 1989. For more information, see EPIC: Cryptography Policy.
November 24, 2014
White House to End Controversial "Secure Communities" Program
President Obama's executive action on immigration will end the "Secure Communities" program. Secure Communities is a controversial deportation program that relies on extensive data collection and biometric identification. Many states, including Illinois, New York, and Massachusetts, withdrew from the Homeland Security program, warning that it undermined public safety and encouraged racial profiling. Secure Communities will be replaced by the Priority Enforcement Program, a targeted program that will focus on removing convicted criminals. EPIC, joined by a coalition of 70 organizations, previously urged the Inspector General of the Department of Justice to review the Secure Communities program. For more information, see EPIC: Secure Communities and Privacy; See also TRAC: Immigration.
EPIC Seeks Reports on FISA Court Decisions
In a Freedom of Information Act lawsuit against the Department of Justice, EPIC filed a Motion for Summary Judgment on Friday arguing that the agency improperly withheld surveillance reports sought by EPIC. The semiannual reports, prepared for Congressional oversight committees, summarize significant FISA Court decisions and include the total number of FISA applications filed by the government and the number of U.S. persons targeted for surveillance. They are similar to reports that are routinely disclosed to the public. EPIC argued that the "FISA Pen Register" reports should also be disclosed because they describe topics of "utmost importance to the public and are necessary to inform the ongoing debate over current surveillance authorities." EPIC maintains a summary of all the annual FISA statistics published by the Attorney General. For more information, see EPIC v. DOJ: FISA Pen Register Reports and EPIC: FISA Court Orders.
November 25, 2014
WhatsApp Implements End-to-End Encryption
The messaging service WhatsApp has announced plans to implement end-to-end encryption for Android phones. WhatsApp gained popularity as a pro-privacy alternative to text messaging. However, privacy concerns were raised after Facebook's proposed acquisition of the company. EPIC filed two complaints with the Federal Trade Commission, urging the FTC to block the sale unless adequate privacy safeguards for WhatsApp users were established. The Commission then notified Facebook and WhatsApp that they must honor their privacy commitments to WhatsApp users. Now, WhatsApp has adopted the Open Whisper Systems protocols to ensure that users' messages are encrypted from sender to receiver and not simply between the user and the service provider. For more information, see EPIC: In re: WhatsApp.
November 26, 2014
EPIC Uncovers DOD Student Data Collection Procedures
The Department of Defense has released to EPIC documents on the "Joint Advertising and Market Research Studies" Recruiting Database. The database includes sensitive student information, including home address and grade point average. DOD obtains this information from high schools offering military aptitude tests, state DMVs, and commercial data brokers. The documents sought by EPIC shed light on how DOD collects, retains, uses, and safeguards student information within the database. The documents provided to EPIC also reveal that many parents demanded that DOD remove their children's records from the system. In 2005, EPIC, joined by more than 100 organizations, urged former Secretary of Defense Donald Rumsfeld to end the database because it collected unnecessary information, did not permit individuals to opt-out, and was housed at a private-sector direct marketing company. The agency now permits individuals to opt-out. For more information, see EPIC: Student Privacy and EPIC: DOD Recruiting Database.
Search
About November 2014
This page contains all entries posted to epic.org in November 2014. They are listed from oldest to newest.
October 2014 is the previous archive.
December 2014 is the next archive.
Many more can be found on the main index page or by looking through the archives.
Powered by
Movable Type Pro 6.3.3
Movable Type Pro 6.3.3