A survey by the Pew Internet and American Life Project and the Berkman Center for Internet and Society found that while teens are disclosing more personal information on social media, the vast majority are actively taking steps to protect their privacy. 60 percent of teen Facebook users keep their profiles private and visible only to a select group of friends, and 56 percent felt confident in their ability to manage Facebook’s privacy settings. Most teens also reported deleting or blocking users on social media sites, or obscuring the content of their messages through inside or coded references. Other polls by Pew have found that a majority of parents were concerned about their children’s online privacy and that users were becoming more active in managing their social media accounts. For more information, see EPIC: Public Opinion on Privacy.
EPIC Administrative Law Counsel Khaliah Barnes testified before the Colorado State Board of Education on privacy issues concerning inBloom and other companies that acquire student information. In response to public outcry over a pilot program which grants these companies access to sensitive student data, the Colorado Board of Education hosted a public session. Representatives from inBloom, the Colorado Attorney General's Office, a local school district, and EPIC participated. EPIC recommended that Colorado ensure that students and parents have access to education records maintained by third party providers, and that students and their parents should be able to limit disclosure to third parties. In 2012, EPIC sued the Education Department for issuing regulations that failed to safeguard student privacy. For more information, see EPIC: EPIC v. The U.S. Department of Education and EPIC: Student Privacy.
EPIC filed a complaint with the Federal Trade Commission against Snapchat, the publisher of a mobile app that encourages user to share intimate photos and videos. The company represents that users can make photos and videos "disappear forever." In fact, the photos can be retrieved by others after they should have vanished. The EPIC complaint implicates Privacy Enhancing Technologies, which if properly implemented would minimize or eliminate the collection of personally identifiable information. The FTC described similar methods in a 2012 privacy report. Previously, EPIC filed a complaint at the FTC against AskEraser, which falsely represented that search queries would be deleted when in fact they were retained by the company and made available to law enforcement agencies. For more information, see EPIC: Federal Trade Commission.
Members of the bipartisan Privacy Caucus sent a letter to Google seeking answers to questions about Glass, a wearable computer that routinely records video and audio, and gathers locational data. Among several questions, the Members of Congress asked "how Google plans to prevent Google Glass from unintentionally collecting data about the user/non-user without consent?" and whether Glass would be able to use facial recognition technology. Recently, Attorneys general for 38 states and the District of Columbia reached a $7 million settlement with Google over the unauthorized collection of data from wireless networks, including private WiFi networks of residential Internet users. Early last year, Google collapsed its privacy policies, prompting objections from EPIC state attorneys general, members of Congress, and IT managers in the government and private sectors. For more information, see EPIC: Google Glass and Wearable Computers.
Following the controversy concerning the Justice Department’s subpoena of Associated Press calling records, the Obama administration announced support for a media shield law. The White House has asked Senator Charles E. Schumer to reintroduce the Free Flow of Information Act, a bill that would limit government access to information about confidential sources and would allow journalists to move to quash subpoenas of their phone records. EPIC is currently seeking the legal basis for the Justice Department’s subpoena of phone records through a Freedom of Information Act request. For more information, see EPIC: Free Flow of Information Act.
The Senate Judiciary Committee has approved an Amendment to the immigration bill to limit the range of drones surveillance in the United States. The immigration bill grants the Bureau of Customs and Border Protection authority to operate surveillance drones continuously within the border region. Senator Dianne Feinstein's (D-CA) Amendment reduces the patrol area of surveillance drones from 100 miles around the border to 25 miles. More than two-thirds of the US population lives within 100 miles of the border. In February 2013, EPIC petitioned the Bureau of Customs and Border Protection to suspend the border drone surveillance program pending the establishment of concrete privacy regulations. The petition followed the production of documents to EPIC under the Freedom of Information Act demonstrating that the border drones had the ability to intercept electronic communications and identify human targets. For more information, see EPIC: Domestic Unmanned Aerial Vehicles (UAVs) and Drones.
For the House Judiciary Committee hearing on Oversight of the United States Department of Justice, EPIC has sent a letter to Committee Members regarding the surveillance of Associated Press reporters. EPIC asked the Committee to determine whether the Justice Department complied with regulations on news media subpoenas, which were enacted in 1980 after passage of the Privacy Protection Act. For more information, see EPIC: Privacy Protection Act of 1980 and EPIC: Warrantless Surveillance Program.
EPIC has filed a Freedom of Information Act request with the Department of Justice Office of Legal Counsel, seeking documents explaining the DOJ's legal authority to search the electronic communications of reporters. Following news reports that the DOJ seized the telephone records of the Associated Press, EPIC's request seeks to discover the legal basis for the action as well as whether the DOJ could obtain the email or text messaging records of journalists. In 2005, EPIC filed the first FOIA request concerning the government's "warrantless wiretapping". EPIC eventually obtained emails and a memo (pdf) from a former high-level Justice Department official expressing doubt about the government's argument in favor of the legality of the program. EPIC also obtained internal messages (pdf) from the NSA's director to agency staff, defending the NSA's warrantless eavesdropping and discouraging employees from discussing the issue with the news media. For more information, see EPIC: Open Government, EPIC: New York Times v. DOJ.
EPIC has announced the recipients of the 2013 EPIC Champion of Freedom Awards. They are Senator Rand Paul, Senator Ron Wyden, and AP Reporter Martha Mendoza. Susan Grant will receive the EPIC Privacy Advocate award and David Flaherty will receive the EPIC Lifetime Achievement Award. The awards are given annually to courageous individuals who have defended privacy, open government, and democratic values. Previous recipients include federal judges, members of Congress, journalists, litigators, advocates, and philanthropists. The first EPIC Champion of Freedom Award was given to Senator Patrick Leahy in 2004. The 2013 award recipients will be honored at the EPIC Champion of Freedom Awards dinner in Washington, DC, Monday June 3, 2013. Tickets available.
EPIC has submitted comments to the U.S. Trade Representative addressing the Transatlantic Trade and Investment Partnership, a proposed trade agreement between the US and the European Union. In its comments, EPIC recommended that the TTIP negotiations exclude consumer privacy and data policy. Mindful of the US' progress in recent years on developing the Consumer Privacy Bill of Rights and the EU's General Data Protection Regulation, EPIC cautioned the USTR that an attempt to harmonize existing privacy regulations would not end well. If provisions about cross-border data flows arises, EPIC urged the USTR to ensure that consumers are given the highest level of privacy protections. EPIC also recommended that all drafts of negotiating texts be made publicly available since previous negotiating documents in similar trade agreement negotiations have been kept secret. EPIC has recently begun a new FOIA project to obtain information about the statements of US officials who participate in international negotiations concerning privacy and data protection. For more information, see EPIC: TTIP. and EPIC: Open Government.
The President issued an Executive Order and memorandum this week outlining the administration's new "Open Data Policy." According to the White House, the goal is to make information "accessible, discoverable, and usable by the public" and to "promote interoperability and openness." The Executive Order states that agencies should also "safeguard individual privacy, confidentiality, and national security." The White House has launched Project Open Data, a collection of code, tools, and case studies to help agencies adopt the open data policy. An article in Foreign Policy this week "Think Again: Big Data" raises provocative questions about the actual value of "Big Data." For more information on Open Government issues, see: EPIC: Open Government and EPIC: Privacy Act.
A federal court in Arizona has denied a motion to suppress evidence gathered by "StingRay" surveillance technology. The court in United States v. Rigmaiden held that investigators did not violate the Fourth Amendment. The court also held that the government's use of a cell site simulator or StingRay device was supported by a "mobile tracking device" warrant. EPIC recently argued that users have a reasonable expectation of privacy in the location of their mobile devices, and has also received hundreds of pages of documents related to the FBI's use of StingRay technology. For more information, see EPIC v. FBI: StingRay and EPIC: State v. Earls.