« June 2017 | Main | August 2017 »

July 2017 Archives

July 3, 2017

In Voter Privacy Case, EPIC Files for Temporary Restraining Order

EPIC today filed for a Temporary Restraining Order to block a demand from a Presidential Commission for millions of state voter records. In papers filed in federal district court in Washington, D.C., EPIC explained that the Commission failed to produce and publish a Privacy Impact Assessment, required by Federal law. EPIC also charged that the Commission’s demand for detailed voter histories violated the Constitutional right to privacy. And EPIC explained that the Commission had already committed two egregious security blunders—(1) directing state election officials to send voter records to an unsecure web site and (2) proposing to publish partial SSNs that would enable identity theft and financial fraud. The Court gave the government until Wednesday, July 5 to file an opposition. EPIC will then file a reply. A ruling is expected by the end of the week. The EPIC lawsuit follows a letter from 50 voting experts and 20 privacy organizations urging state election officials to oppose the Commission’s demand. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by John Davisson on July 3, 2017 5:34 PM |

July 5, 2017

EPIC FOIA: EPIC Seeks Details of Election Commission Demand for Voter Data

EPIC has submitted an urgent FOIA request for details of the Election Commission's attempt to gather voter records from state election officials. The Commission requested dates of birth, party affiliation, partial SSNs, voter history, and felony convictions and military service status. EPIC wants the Commission to turn over records about compliance with the Federal Advisory Committee Act, the Privacy Act, and the E-Government Act. EPIC is also seeking communications among Commission officials as well as information about the failure to conduct a Privacy Impact Assessment. Over 40 states now partially or fully oppose the request for voter records. In a related lawsuit, EPIC v. Commission, EPIC has filed for a Temporary Restraining Order to block the Commission's efforts.

Tags:

Posted by Caitriona Fitzgerald on July 5, 2017 7:32 AM |

Kobach Responds in EPIC Case to Block Release of State Voter Rolls

In a declaration filed in federal court in Washington, DC, Kris Kobach, Kansas Secretary of State and Vice Chair of the Presidential Advisory Commission on Election Integrity, said that he “intended” that the voter data he requested from the states not be sent by email (the letter to the states indicated otherwise). Kobach also said that “the Commission intends to maintain the data on the White House computer systems.” Kobach acknowledged that “numerous states have indicated that they will decline to provide all or some portion of the information, in some cases because state law prohibits such transfer of information.” Kobach also said, “As of July 5, 2017, no Secretary of State had yet provided to the Commission any of the information requested in my letter.” There is no indication that the Commission has completed a Privacy Impact Assessment or complied with the requirements of the Federal Advisory Committee Act. EPIC filed an emergency motion earlier this week to block the disclosure of state voter information to the Commission, calling the data demand a violation of the Constitutional right to privacy. The Department of Justice has filed an opposition.

Tags:

Posted by John Davisson on July 5, 2017 4:48 PM |

EPIC Urges TSA to Consider Alternative to Biometric Collection

In comments to the Transportation Security Administration, EPIC urged the agency to consider alternatives to expanding the collection of biometric identifiers for the TSA Pre-Check application. EPIC explained the potential for biometric identifiers to be used for purposes other than determining eligibility for Pre-Check and the substantial personal privacy risks for applicants if the databases associated with Pre-Check were compromised. EPIC also proposed privacy enhancing alternatives, such as limiting the storage of biometric identifiers or providing information on how to have information removed from databases associated with Pre-Check. EPIC routinely highlights the risks of large, overbroad government databases and the privacy risks inherent in the collection of biometric information.

Tags:

Posted by EPIC on July 5, 2017 6:30 PM |

EPIC Provides Suggestions for "Self-Driving" Vehicle Legislation

EPIC has sent a statement to Congress ahead of a hearing to discuss proposed self-driving vehicle legislation. The House Energy & Commerce Committee drafted several bills related to the development and deployment of "self-driving" vehicles. EPIC urged the Committee not to pre-empt states from issuing their own self-driving vehicle regulations, to encourage developers to be transparent in the development of autonomous vehicles, and to urge that advocacy groups be included in connected car advisory councils. EPIC has been a leading advocate for privacy and safety in the development of connected and autonomous vehicle and has participated in workshops, written to NHTSA, and actively informed Congress of privacy and safety related developments in connected and autonomous vehicles.

Tags:

Posted by EPIC on July 5, 2017 6:50 PM |

EPIC Backs Privacy Act Protections for "Insider Threat" Database

EPIC has sent comments to the Department of Justice criticizing a proposed "insider threat" database. This database replaces a similar database that was proposed and later rescinded by the FBI last fall and would allow the DOJ to collect virtually unlimited amounts of personal data from employees, contractors, interns, and visitors to DOJ facilities. Citing the size and scope of the database combined with recent government data breaches, EPIC warned that the database was putting federal employees and contractors at risk. EPIC has consistently warned against inaccurate, insecure, and overbroad government databases.

Tags:

Posted by EPIC on July 5, 2017 6:50 PM |

July 6, 2017

EPIC Files Response to Election Commission in Voter Privacy Case

In a reply filed today in federal district court, EPIC charged that the President's Election Commission "has conceded the obvious: the privacy implications of this unprecedented demand for voter roll data from across the country are staggering." EPIC rebutted every point in the government's response, noting that the Commission often failed to cite any support for its extraordinary claims to gather personal data outside of federal privacy law. Members of the EPIC Advisory Board, experts in computer technology, contributed affidavits that underscored the vulnerabilities of the Commission's plan to aggregate personal voter data. EPIC also called Vice Chair Kobach's statements "alternately misleading or meritless." EPIC said the Commission's actions "places at risk the privacy interests of registered voters across the country." In EPIC v. Commission, EPIC is seeking to block the transfer of sensitive voter data to a Presidential Commission on Election Integrity. EPIC explained to the Court that it has "a clear likelihood of success on the merits."

Tags:

Posted by EPIC on July 6, 2017 2:25 PM |

UPDATE - Court Sets Friday Hearing for EPIC v. Commission

The federal District Court in Washington, DC has scheduled a hearing on Friday, July 7, 2017 at 4:00 pm, to consider EPIC's motion for a Temporary Restraining Order. EPIC is seeking to block the transfer of sensitive voter data to a Presidential Commission on Election Integrity. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by EPIC on July 6, 2017 3:15 PM |

July 10, 2017

Court Sets Monday Deadline in EPIC Voter Privacy Case

A federal court set a Monday, 4 p.m. deadline for the government to file a brief in EPIC v. Commission. The court is expected to rule shortly in EPIC's lawsuit to block the President's Election Commission from collecting state voter records from across the country. In a series of filings with the court, EPIC explained that the Commission failed to prepare a Privacy Impact Assessment as required by Federal law. EPIC also charged that the Commission's demand for detailed voter histories violated the Constitutional right to privacy. And EPIC explained that the Commission has already committed multiple egregious security blunders, including directing state election officials to send voter records to an unsecure website that is not approved for storing the public's personal data. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by EPIC on July 10, 2017 10:10 AM |

EPIC, Coalition Urge Nations to Defend Strong Encryption

EPIC, and over 60 organizations urged the governments of Australia, Canada, New Zealand, the United Kingdom, and the United States to respect and defend strong encryption. These five nations, which make up a surveillance partnership of intelligence agencies, met recently to discuss national security and the challenge of encryption. The Coalition letter called for the rejection of "policies that would prevent or undermine the use of strong encryption." EPIC has advocated for strong encryption since its founding in 1994 and published the first comprehensive survey of encryption use around the world. EPIC also maintains a page on Privacy and Public Opinion.

Tags:

Posted by EPIC on July 10, 2017 4:00 PM |

EPIC Obtains Privacy Procedures for IRS Private Debt Collection

As the result of a Freedom of Information Act request to the IRS, EPIC has obtained hundreds of documents detailing procedures that bind private debt collectors dealing with U.S. taxpayers. Following a Congressional mandate, the IRS outsourced debt collection for some U.S. taxpayers to private debt collection agencies. Transfer of personal and financial data to private entities raises data security and privacy concerns, and also makes scams and threatening phone collection tactics easier to perpetrate. A group of U.S. senators has already accused one of the four companies of engaging in abusive and illegal phone contacts. The documents obtained by EPIC show how the IRS monitors the companies and the procedures companies must follow when contacting taxpayers. EPIC also obtained the privacy and data security requirements imposed on the debt collectors, details of how they must handle complaints, and the IRS contracts for all four companies. In FOIA lawsuit EPIC v. IRS, EPIC is also seeking therelease of President Trump's Tax records from the agency.

Tags:

Posted by EPIC on July 10, 2017 4:05 PM |

UPDATE - EPIC Lawsuit - Election Commission Suspends Collection of State Voter Data

The President’s Election Commission announced today it would suspend the collection of state voter data in response to a lawsuit filed by EPIC last week in Washington, DC. EPIC had challenged the Commission’s use of a Department of Defense website to collect millions of state voter records—an unsecure system that is not approved for storing the public’s personal data. EPIC also charged that the Commission lacked authority to gather state voter data and said that the Commission had violated the right to information privacy. The Commission said it would not use the “SAFE” system to collect personal data. The Commission also told states “not to submit any data until this Court rules” on EPIC’s motion. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by John Davisson on July 10, 2017 4:31 PM |

July 11, 2017

Civil Rights Groups Join EPIC in Challenge to Election Commission

Several civil rights organizations have filed lawsuits challenging the Presidential Election Commission, which EPIC sued last week. The groups include the American Civil Liberties Union, the Lawyers Committee for Civil Rights Under Law, and Public Citizen. The organizations raised several challenges similar to those in EPIC v. Commission. In response to the EPIC lawsuit, the Commission has suspended the collection of voter data from the states.

Tags:

Posted by Caitriona Fitzgerald on July 11, 2017 7:15 AM |

In Voter Privacy Case, EPIC Urges Court to Issue TRO

In a court filing on Tuesday, EPIC urged a federal court to issue a temporary restraining order to block the collection of voter data by the Presidential Election Commission. "The Commission may not play 'hide the ball' with the nation's voter records," EPIC wrote. "With such vast demands for personal information come commensurate responsibilities to provide security and privacy, and to comply with all legal obligations. Surely that is fundamental for an organization charged with promoting 'election integrity.'" On Monday, the Commission suspended the collection of voter data in response to EPIC's suit. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by EPIC on July 11, 2017 9:55 AM |

EPIC Posts Legal Team for Voter Privacy Case

The EPIC legal team for EPIC v. Commission includes EPIC President Marc Rotenberg (lead counsel), EPIC Senior Counsel Alan Butler, EPIC Policy Director Caitriona Fitzgerald, EPIC National Security Counsel Jeramie Scott, and EPIC Appellate Advocacy Fellow John Davisson. In EPIC v. Commission, EPIC is seeking to block the efforts of the President's Election Commission from obtaining state voter records.

Tags:

Posted by EPIC on July 11, 2017 10:10 AM |

In Voter Privacy Case, EPIC Sues White House IT Director

EPIC has sued the White House IT Director as part of EPIC's ongoing case to block the transfer of sensitive voter data to the Presidential Election Commission. The White House IT Director, as well as the Commission, are required by law to publish a Privacy Impact Assessment before collecting any personal information. As EPIC explained to the Court earlier today, "The Commission may not play 'hide the ball' with the nation's voter records. With such vast demands for personal information come commensurate responsibilities to provide security and privacy, and to comply with all legal obligations." The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by EPIC on July 11, 2017 12:45 PM |

EPIC Voter Privacy Case - Court Sets Briefing Schedule, Data Collection Suspended, Commission to Meet

A federal court has ordered additional briefing in EPIC's lawsuit to block the collection of state voter records by the Presidential Election Commission. The court asked EPIC to file an amended motion by Thursday, July 13. The Commission would then respond to EPIC by Monday, July 17. A ruling will likely follow. The court noted that "no additional voter roll information will be collected until this Court issues a ruling, and that information that has already been collected will be purged." Earlier this week, the Commission suspended collection of voter data in response to EPIC's lawsuit. The Commission is scheduled to hold its first public meeting on July 19, in Washington, DC. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by EPIC on July 11, 2017 4:45 PM |

Senators Demand Presidential Election Commission Rescind Its Request for Voter Data

Twenty-four Senators have sent a letter to the Presidential Election Commission demanding that the Commission abandon its attempt to collect nationwide voter data. "This request is unprecedented in scope and raises serious privacy concerns," the Senators wrote. "The requested data is highly sensitive and after recent data breaches and cyber-attacks targeting our election infrastructure, we are deeply concerned about how the Commission will maintain the security and privacy of the data." The Senators also wrote that "the Commission's lack of focus on legitimate threats, such as foreign cyber-attacks on our election infrastructure," was "troubling." In EPIC v. Commission, EPIC is seeking to block the Commission from obtaining state voter records.

Tags:

Posted by EPIC on July 11, 2017 6:00 PM |

July 12, 2017

Congress Defends Power of Local Authorities to Regulate Drone Privacy

Both the Senate and House are considering bi-partisan drone bills to protect the ability of states and local government to safeguard privacy. The House's Drone Innovation Act, sponsored by Rep. Jason Lewis (R-MN) and the Senate's Drone Federalism Act, sponsored by Sen. Diane Feinstein (D-CA), would ensure that FAA regulations do not preempt legitimate interests of local governments to protect personal privacy. Earlier this year, EPIC submitted a statement to the House Transportation Committee and a statement to the Senate Commerce Committee to emphasize the unique privacy risks of drones. EPIC explained that the FAA has failed to establish necessary privacy safeguards and that the states must be free to protect privacy interests. In 2015, EPIC sued the agency, arguing the FAA failed to protect the public from aerial surveillance. EPIC v. FAA is currently before the D.C. Circuit Court of Appeals. Argument will likely take place this fall.

Tags:

Posted by EPIC on July 12, 2017 10:30 AM |

EPIC Seeks Evidence of Election Commission Compliance with State Procedures

EPIC has submitted urgent FOIA requests to the General Services Administration, the Election Commission, and the Arkansas Secretary of State for information about the State of Arkansas's production of voter data to the federal Commission. The request follows EPIC's lawsuit to block the transfer of state voter records to the Commission. In a hearing in federal court on July 7th, the Department of Justice revealed that Arkansas had transferred voter histories to the Commission, contradicting an July 5th statement by Vice Chair Kobach that no such transfers had occurred. EPIC is now seeking records of the Commission's compliance with Arkansas procedures for obtaining voter registration data, including designation of appropriate data elements, payment of fees, compliance with security requirements, and completion of necessary forms. In EPIC v. Commission, EPIC has argued that "As a matter of law, there is no 'publicly available' voter data that may be transferred to the Commission."

Tags:

Posted by EPIC on July 12, 2017 6:05 PM |

July 13, 2017

In Voter Privacy Case, EPIC Files Amended Motion, Seeks to End Collection of Records by Presidential Commission

In a motion filed today, EPIC urged a federal court to issue a preliminary injunction to block the collection of state voter records by the Presidential Election Commission. The Commission suspended collection of personal voter data earlier this week in response to EPIC's lawsuit. But as EPIC told the court, "the threat to voter privacy and democratic institutions remains. The Commission intends to move forward, pending this Court's determination. It has established a new server within the White House to receive the voter data. It has advised state election officials that further communications regarding this undertaking are forthcoming." A response from the Commission is due Monday, July 17. The Commission is scheduled to hold its first public meeting on July 19, in Washington, DC. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by EPIC on July 13, 2017 5:45 PM |

Appeals Court Considers Case that Aligns Privacy and FOI

The Ninth Circuit U.S. Court of Appeals heard oral arguments today in an open government case with implications for informational privacy. A group of anonymous medical employees challenged the release of personal information sought under a state public records act. EPIC filed a "friend-of-the-court" brief in the case arguing that withholding personal information is consistent with open government and constitutionally required. "Open government laws and privacy laws are complimentary: the aim is to maximize both the public's access to information about the government and to safeguard personal privacy to the greatest extent feasible," EPIC wrote. EPIC has argued for similar privacy protections in ATF v. Chicago, Chicago Tribune v. University of Illinois, Ostergren v. Cuccinelli, NASA v. Nelson, and FCC v. AT&T.

Tags:

Posted by EPIC on July 13, 2017 5:55 PM |

July 14, 2017

EPIC Raises Questions About FBI Surveillance Programs

In a statement to Congress, EPIC told members of the Senate Judiciary Committee to press the nominee for FBI Director, Christopher Wray, on his views of FBI databases and domestic surveillance programs. EPIC again expressed concern about the size and scope of the FBI's Next Generation Identification system which stores personal and biometric information on millions of individuals. EPIC also expressed concern over the FBI's failure to issue timely privacy impact assessments, lack of transparency on drone use, and plans to monitor social media. EPIC urged the Committee to obtain the nominee's views on these matters and to ensure his commitment to protect privacy and ensure transparency at the FBI.

Tags:

Posted by EPIC on July 14, 2017 9:10 AM |

July 17, 2017

EPIC Launches "51 Reasons - Protect Voter Data"

EPIC has established a new web site in response to the request from the Presidential Commission on Election Integrity for state voter records. "51 Reasons to End the Collection of State Voter Records by the Presidential Election Commission" includes comments from state election officials, specialists in election integrity, news organizations, voters, and public officials across the country, who have described the Commission's plan as "unlawful," "politicized," "unprecedented," "naive," "crazy," "ill-conceived," "poorly executed," "outrageous," and "a breach of trust with voters." In EPIC v. Commission, EPIC is seeking to end the Commission's collection of personal data of registered voters.

Tags:

Posted by EPIC on July 17, 2017 10:10 AM |

UPDATE - EPIC Files Reply, Urges Court to Block Collection of State Voter Records

In a brief filed this afternoon in Washington, DC, EPIC urged a federal court to issue a temporary restraining order and prevent the collection of state voter records by the Presidential Election Commission. Calling the Commission’s plans to “collect the nation’s voting records” “outside of the privacy laws” that protect personal data “alarming and absurd,” EPIC asked the Court to block this "ill-conceived, poorly executed, and unlawful plan.” EPIC warned that the Commission has “already revealed personally identifiable information” from those who have expressed opposition to the plan. In the original motion, EPIC argued that the Commission had failed to undertake and publish a Privacy Impact Assessment, failed to issue a Federal Advisory Committee Act notice, and violated the constitutional right to information privacy. The Commission, which temporarily suspended the program last week in response to EPIC’s lawsuit, filed an opposition brief earlier on Monday. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by John Davisson on July 17, 2017 4:32 PM |

July 18, 2017

EPIC Calls for End to Collection of State Voter Records by Presidential Commission

In a statement today for a Forum organized by the House Judiciary Committee and the Congressional Black Caucus, EPIC President Marc Rotenberg called for an end to the efforts of the Presidential Commission on Election Integrity to gather state voter records. Rotenberg said the program was "ill-conceived, poorly executed, and most likely unconstitutional." EPIC brought suit against the Commission, charging violations of federal laws and the federal constitution, and noting also that the Commission's plan to gather data on a military site that returned error messages was pure incompetence. The Commission has since suspended the program, pending a decision by the federal court in EPIC's case. But the Commission meets this week in Washington to discuss next steps. In the prepared statement, Rotenberg said, "I hope the Commission will simply announce the termination of the program. But if it does not, EPIC will pursue its case until we obtain a favorable outcome. And we welcome the many organizations across the country that have also filed lawsuits." The case is EPIC v. Commission, No. 17-1320 (D.D.C. July 3, 2017).

Tags:

Posted by EPIC on July 18, 2017 11:45 AM |

FBI Warns of Privacy Risks with Internet-Connected Toys

The FBI released a Public Service Announcement warning consumers about the privacy risks of internet-connected toys. "Smart toys and entertainment devices for children are increasingly incorporating technologies that learn and tailor their behaviors based on user interactions," the FBI wrote in the PSA, adding that the toys "could put the privacy and safety of children at risk due to the large amount of personal information that may be unwittingly disclosed." Last year, EPIC and several consumer organizations filed a complaint with the Federal Trade Commission alleging that the "My Friend Cayla" doll violates U.S. privacy law. EPIC's complaint spurred a congressional investigation and toy stores across Europe have removed Cayla from their shelves.

Tags:

Posted by EPIC on July 18, 2017 1:30 PM |

July 19, 2017

70 Members of Congress Oppose Election Commission's Request for State Data

A group of more than 70 U.S. Representatives sent a letter to the Presidential Election Commission on Tuesday urging the Commission to "immediately" withdraw a nationwide request for state voter data. "The federal government has an obligation to protect the personally identifiable information of the American people," the letter reads. "We believe your June 28 request to the States would do the opposite by ignoring the critical need for robust security protocols when transmitting and storing sensitive personally identifiable information and by centralizing it in one place." As the letter notes, the Commission suspended the collection of personal voter data last week in response to EPIC's lawsuit. EPIC has asked a federal court in Washington, DC to issue an injunction against the Commission and indefinitely block the transfer of election records. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by EPIC on July 19, 2017 5:30 PM |

July 20, 2017

EPIC Files FOIA Lawsuit Over Border Biometrics, Expanded Tracking

EPIC has filed a FOIA lawsuit against Customs and Border Protection for information about the agency’s deployment of a biometric entry/exit tracking system, including at US airports. Trump's recent Executive Order regarding immigration ordered the expedited implementation of a biometric entry/exit tracking system, which will include U.S. citizens. Biometric techniques, including facial recognition, lack proper privacy safeguards. EPIC previously sued the FBI over the Bureau’s Next Generation Identification database, which contains face prints, fingerprints, and other biometrics of millions of Americans. EPIC's lawsuit against the FBI revealed that biometric identification is often inaccurate.

Tags:

Posted by Caitriona Fitzgerald on July 20, 2017 12:52 PM |

July 21, 2017

Civil Rights, Voting Rights Groups File Suits to Block Release of Voter Data

The Texas NAACP and the League of Women Voters of Texas have filed suit against state election officials to prevent the transfer of personal voter data to the Presidential Election Commission. "The information sought by the Commission is not widely available in Texas, but instead may be released only under certain circumstances and conditions imposed by Texas's voting laws," the complaint reads. The suit notes that the state's disclosure of election records to the Commission, "even if cabined to information generally available to candidates or other organizations who are entitled to request voter information under Texas law, would undermine, and run afoul of, the State's carefully-crafted regulation of the use of voter data." The Texas case joins at least two other lawsuits—one in Florida and one in New Hampshire—seeking to block state officials from providing voter data to the Election Commission. In Washington DC, EPIC has filed suit against the Commission and is urging a federal court to issue a preliminary injunction. The Commission suspended the collection of personal voter data last week in response to EPIC's lawsuit. The Court is expected to rule on EPIC's motion shortly. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by EPIC on July 21, 2017 9:55 AM |

July 24, 2017

EPIC's Voter Data Case Moves Forward After Court Denies Injunction

A federal district court in Washington, DC has denied EPIC’s motion for an injunction against the Presidential Election Commission and declined to block the Commission’s nationwide collection of voter data. As EPIC told the court last week, the Commission failed to undertake and publish a Privacy Impact Assessment before collecting voter data and violated the constitutional right to information privacy. The court agreed that EPIC had “standing” to bring the case because the Commission had “an obligation to disclose information” and because the Commission’s actions “required [EPIC] to expend resources” in order to obtain a Privacy Impact Assessment. But the court concluded that it could not halt the Commission’s plan to aggregate millions of voter records because the Commission is exempt from statutes that govern the conduct of federal “agencies.” The court noted, however, that “this determination may need to be revisited” at a later time. The court also warned the Commission must “strictly abide” by promises to only collect information that is “already publicly available” and to “de-identif[y]” voter data “to the extent it is made public.” EPIC intends to press forward with the lawsuit, which led the Commission to suspend the collection of voter data two weeks ago. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017). [Press Release]

Tags:

Posted by John Davisson on July 24, 2017 2:58 PM |

EPIC to Congress: Examine Facial Recognition Surveillance at the Border

EPIC has sent a statement to the House Homeland Security Committee in advance of a hearing on "Technology's Role on Securing the Border." EPIC alerted the Committee to EPIC's recent FOIA lawsuit about the federal government's deployment of a biometric "entry/exit tracking system," including at US airports. A recent Executive Order on immigration will push forward the biometric identification system, and will include citizens returning to the U.S. EPIC has warned that biometric identification techniques, such as facial recognition, lack proper privacy safeguards. EPIC noted that the federal agency pursuing the border identification program is also deploying drones, and should comply with state laws and a 2015 Presidential Memorandum that limit drone surveillance.

Tags:

Posted by EPIC on July 24, 2017 6:05 PM |

July 25, 2017

EPIC Appeals Decision in Voter Data Case

EPIC has appealed the decision of a federal district court which declined to block the collection of sensitive voter data by the Presidential Election Commission. EPIC had argued that the Commission failed to complete a Privacy Impact Assessment before collecting voter data and violated the constitutional right to information privacy. Though the district court agreed that EPIC had standing to bring the lawsuit, the court concluded that it couldn't halt the data collection because, according to the court's opinion, the Commission is exempt from the obligation to undertake a privacy assessment. EPIC's case, which led the Commission to suspend the collection of voter data two weeks ago, will now be reviewed on an expedited basis by the U.S. Court of Appeals for the District of Columbia. "Absent expedited review," EPIC warned, "the Commission will be allowed to systematically amass the sensitive, personal information of the nation's voters without establishing any procedures to protect voter privacy or the security and integrity of the data." The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017).

Tags:

Posted by EPIC on July 25, 2017 5:10 PM |

EPIC v. ODNI: EPIC Opposes Intelligence Agency Refusal to Release Russia Report

EPIC has opposed the Director of National Intelligence’s refusal to release a critical government report about Russian interference with the 2016 Presidential election. In EPIC v. ODNI, EPIC seeks the public release of the agency’s report on the Russian interference. EPIC filed suit after the ODNI published only a limited, declassified version of the report. In filings in federal district court, EPIC explained that the ODNI’s failure to provide EPIC partial information cannot satisfy the Agency’s obligations under the FOIA. EPIC stated that release is “necessary for the public to evaluate the Intelligence Community response to the Russian interference, assess threats to democratic institutions, and ensure that agencies are taking appropriate measures to protect U.S. electoral institutions against future attack.” Long after the attack on U.S. democratic institutions, “significant information asymmetry between the public and its government remains,” EPIC said. EPIC v. ODNI is a part of the EPIC Cybersecurity and Democracy Project, which focuses on US cyber policies, threats to election systems and foreign attempts to influence American policymaking.

Tags:

Posted by John Davisson on July 25, 2017 6:27 PM |

July 26, 2017

European Court Halts Retention, Bulk Transfer of Passenger Data

The top EU Court has struck down an EU-Canada agreement on the processing of airline passenger records. The Passenger Name Record agreement mandated data retention and permitted the bulk transfer of personal data provided by passengers booking a flight. The Court of Justice of the EU explained "the PNR agreement may not be concluded in its current form because several of its provisions are incompatible with the fundamental rights recognised by the EU." The data can reveal "a complete travel itinerary, travel habits, relationships existing between two or more individuals, and information on the financial situation of air passengers, their dietary habits or their state of health." The European Digital Rights Initiative praised the outcome. The EU and US have a similar agreement that permits retention of personal data for 15 years. EPIC has criticized overbroad passenger data transfers, and argued the EU-US agreement violates the EU data protection directive.

Tags:

Posted by EPIC on July 26, 2017 11:00 AM |

July 27, 2017

EPIC to Senate Judiciary: FBI Response to Russia Attack Must Be Examined

Following a hearing on Russian Interference with the 2016 U.S. Election, EPIC has sent a statement to the Senate Judiciary Committee. EPIC urged the Committee to explore whether the FBI Victim Notification procedures were followed once the FBI became aware of the Russian cyberattack on the DNC and the RNC. In a Freedom of Information Act lawsuit EPIC v. FBI, EPIC obtained the FBI notification procedures that would have applied during the 2016 Presidential election. The documents indicate that the FBI Cyber Division is to "notify and disseminate meaningful information to victims and the CND [Computer Network Defense] community." The obvious question at this point, said EPIC, is whether the FBI followed the required procedures for Victim Notification once the Bureau became aware of this attack. In a related FOIA case, EPIC v. ODNI, EPIC is seeking the public release of the complete report of the intelligence community on the Russian interference with the 2016 election.

Tags:

Posted by EPIC on July 27, 2017 11:15 AM |

EPIC Opposes Commission's Renewed Request for Voter Data

EPIC has sent an Advisory to state election officials, urging opposition to the renewed request for state voter data. The EPIC Advisory follows a letter from the Presidential Election Commission to state election officials. Following EPIC’s lawsuit, seeking a temporary restraining order, the Commission suspended collection of the data. The court ruled on the TRO motion, which EPIC has now appealed. The recent letter falsely claims that the Commission is only seeking “publicly available information.” In fact, the Commission’s June 28 letter called for the release of social security numbers, criminal records, military statuses, and other personal information protected by state laws. California Secretary of State Alex Padilla, and many state election officials, have reaffirmed their opposition to the Commission's effort to gather state voter data.

Tags:

Posted by Caitriona Fitzgerald on July 27, 2017 12:00 PM |

EPIC Urges Congress to Focus on FCC and Privacy

EPIC has sent a statement to the House Commerce Committee for a hearing on the Federal Communications Commission. EPIC urged the Committee to affirm the FCC's role in protecting online privacy. EPIC also asked the Committee to press the nominees to repeal a FCC regulation that requires the retention of telephone customer records for 18 months. EPIC filed a petition urging the repeal of this mandate more than two years ago and the FCC recently docketed the petition for public comment. Every comment received by the FCC favored the EPIC petition to end the data retention mandate. EPIC has submitted multiple comments to the FCC for strong online privacy protections.

Tags:

Posted by EPIC on July 27, 2017 5:45 PM |

Report Shows Increase in Open Government Lawsuits, EPIC Among Nation's Leading FOIA Litigators

A new report from the FOIA Project shows a "dramatic rise" in the number Freedom of Information Act lawsuits filed by nonprofit and advocacy groups. According to TRAC, these organizations now account for more FOIA suits than "any other single class." EPIC was the fifth most frequent litigator among nonprofit and advocacy groups nationwide. In 2017, EPIC has filed five FOIA lawsuits. EPIC is currently litigating EPIC v. ODNI, EPIC v. FBI, and EPIC v. IRS, three of the leading open government cases concerning Russian interference with the 2016 Presidential election. Last week, EPIC filed a new FOIA lawsuit against Customs and Border Protection for information about the agency's deployment of a biometric entry/exit tracking system, including at US airports. For more information about EPIC's latest open government work, visit: https://epic.org/open_gov/.

Tags:

Posted by EPIC on July 27, 2017 5:50 PM |

July 31, 2017

EPIC Files FTC Complaint to Stop Google from Tracking In-Store Purchases

EPIC has filed a complaint with the FTC asking the Commission to investigate Google's tracking of in-store purchases. According to EPIC, Google collects billions of credit and debit card transactions and then links that personal data to the activities of Internet users. Google claims that it protects online privacy but refuses to reveal details of the algorithm that "deidentifies" consumers while tracking their purchases. EPIC's complaint asks the FTC to stop Google's tracking of in-store purchases and determine whether Google adequately protects consumer privacy. EPIC has filed several successful FTC complaints that led to FTC investigations, including complaints about changes to Facebook's privacy preferences and the launch of Google Buzz. EPIC has also focused on the adequacy of privacy techniques, with complaints against AskEraser (search histories that are not deleted) and Snapchat (images that do not "vanish"). EPIC's recent complaint against Google notes that the company is seeking to extend its dominance of online advertising to the physical world.

Tags:

Posted by EPIC on July 31, 2017 9:00 AM |

Search


About July 2017

This page contains all entries posted to epic.org in July 2017. They are listed from oldest to newest.

June 2017 is the previous archive.

August 2017 is the next archive.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type Pro 6.3.3