Focusing public attention on emerging privacy and civil liberties issues

EPIC Alert 17.24

=======================================================================
                            E P I C   A l e r t
=======================================================================
Volume 17.24                                         December 10, 2010
-----------------------------------------------------------------------

                           Published by the
               Electronic Privacy Information Center (EPIC)
                           Washington, D.C.

              http://www.epic.org/alert/epic_alert_1724.html

                    "Defend Privacy. Support EPIC."
                         http://epic.org/donate
			

                  Report All Screening Experiences at
                   EPIC Body Scanner Incident Report
              http://epic.org/bodyscanner/incident_report/


=======================================================================
Table of Contents
=======================================================================
[1] Congress Addresses Issues with TSA, Body Scanners
[2] Public Protest Mounts Over Body Scanners
[3] Rapiscan Patent Raises New Health Concerns
[4] Google Patent to Use Street View Data to Identify Internet Users
[5] Europe Promotes Comprehensive Data Protection Framework
[6] EPIC Urges FOIA Ombudsman to Pursue FOIA Oversight
[7] News in Brief
[8] Upcoming Conferences and Events


TAKE ACTION: Stop Airport Strip Searches!
- JOIN Facebook Group "Stop Airport Strip Searches" and INVITE Friends
- DISPLAY the IMAGE http://thepublicvoice.org/nakedmachine.jpg
- SUPPORT EPIC http://www.epic.org/donate/

=======================================================================
[1] Congress Addresses Issues with TSA, Body Scanners
=======================================================================

Congress continues to challenge the Transportation Security
Administration's controversial full body scanner program. Senators and
Representatives have introduced legislation, sent letters, and held
hearings on the matter. EPIC has called the devices "invasive,
ineffective, and unlawful," and has filed a lawsuit to suspend body
scanner program.

On June 4, 2009, the House voted, 310 to 118, in favor of minimizing
body scans by restricting the program to individuals who first set off
metal detectors. On November 18, 2010, Representative Ron Paul (R-TX)
introduced the "American Traveler Dignity Act." The bill denies legal
immunity for any entity subjecting an individual to physical contact or
imaging rays "as a condition for such individual to be in an airport or
to fly in an aircraft." On December 5, 2010, Senator Charles Schumer
introduced the "Security Screening Confidential Data Privacy Act."
Senator Schumer's bill makes it a federal crime to record or distribute
images generated by the devices.

On November 19, 2010, Representatives Bennie G. Thompson (D-MS) and
Sheila Jackson-Lee (D-TX) sent a letter to Administrator John S.
Pistole, objecting to the new airport screening procedures.
Representatives Thompson and Lee wrote, "we are concerned about new
enhanced pat down screening protocols and urge you to reconsider
utilization of these protocols." The Representatives further said that
"the TSA should have had a conversation with the American public" and
should have ensured that "these changes do not run afoul of privacy and
civil liberties."

On the same day, Representative Rush Holt (D-NJ) sent a letter to Mr.
Pistole.  Representative Holt has a background as a scientist, and
called Mr. Pistole's attention to the fact that "excessive x-ray
exposure can act as a cancer rate multiplier." Representative Holt was
briefed by Dr. John Brenner of Columbia University, who informed Mr.
Holt that the devices "deliver to the scalp '20 times the average dose
that is typically quoted by TSA and throughout the industry.'"

In hearings before the Senate Committee on Commerce, Science, and
Transportation on November 16, 2010 and the House Committee on Homeland
Security on November 17, 2010, officials questioned Mr. Pistole about
the privacy and health implications of airport body scanners. Pistole
failed to provide proof of independent studies regarding radiation risks
and consistently downplayed privacy and religious concerns.

The American Traveler Dignity Act (Introduced by Rep. Ron Paul)
     http://www.campaignforliberty.com/blog.php?view=39468

Letter to John Pistole from Representatives Thompson and Jackson-Lee
     http://homeland.house.gov/SiteDocuments/20101119170706-48184.pdf

Letter to John Pistole From Representative Rush Holt
     http://www.epic.org/redirect/120310Holt.html

Senate Oversight Hearing: Transportation Security Administration
     http://www.epic.org/redirect/120310TSAhearing.html

EPIC: EPIC v. DHS (Suspension of Body Scanner Program)
     http://www.epic.org/redirect/120310EPICvDHS.html 

EPIC: Opening Brief in Legal Challenge to Body Scanner Program
     http://epic.org/privacy/litigation/EPIC_Body_Scanner_OB_Final.pdf

=======================================================================
[2] Public Protest Mounts Over Body Scanners
=======================================================================

A mounting public protest poses new challenges to the Transportation
Security Administration's body scanner program. A new poll by Zogby
International finds that 61% of Americans oppose the use of full body
scans and pat downs at airports. 48% of Americans went further and said
that they would probably seek alternatives to flying.

In the run up to holiday travel, FlyersRights.org, the largest
consumer's rights organization for airline passengers in the country,
urges its members to exercise their rights to opt out of the agency's
body scanners. The cause has earned wide support, including from "We
Won't Fly," a new travelers' rights organization, who also publicized
the privacy and health risks posed by the body scanner program.
Prominent consumer rights advocate Ralph Nader penned an editorial for
USA Today titled "TSA Is Delivering Naked Insecurity." Mr. Nader
discussed radiation and burn risks identified by credentialed medical
researchers. The Chair of the Libertarian Party Marc Hinkle expressed
support for EPIC's lawsuit to strike down the body scanner program in
federal court.

Multiple individuals have filmed hostile interactions with TSA agents
that occurred after they opted out of full body scans. Footage of these
confrontations has been posted and is available on YouTube. Eyewitnesses
complained to news outlets that airline security agents had aggressively
patted down screaming toddlers, rape survivors, and cancer patients with
sensitive physical conditions. Reports indicated that agents removed one
woman's prosthetic breast and spilled the content of a man's urostomy
bag onto his clothes and body.  Face the Nation anchor Bob Schieffer
asked Secretary of State Hillary Clinton if she would submit to a
patdown. Secretary Clinton declined: "No, I mean, who would?"

A social media grassroots campaign has developed, which led to the
widely publicized National Opt-Out Day on one of the busiest airline
travel days of the year: November 24, 2010. Airline passengers were
urged to object to body scanners and opt for enhanced pat-downs. On
November 26, 2010, "We Won't Fly" issued a press release citing
"multiple reports of the [TSA] shutting down full body scanners,
selecting fewer people for secondary screening, using less invasive
pat-downs and being unusually friendly and helpful to flyers."

"We Won't Fly" recently announced a new airline boycott for December 23,
2010.  EPIC is co-hosting a TSA Oversight Conference on January 6,
2011.

Zogby Poll: 61% of Americans Oppose Full Body Scans
     http://www.zogby.com/templates/printnews.cfm?id=1925

FlyersRights.org: Largest Non-Profit Airline Consumer Organization
     http://flyersrights.org/

We Won't Fly: Press Release
     http://wewontfly.com/tsa-blinks

USA Today: Ralph Nader, "TSA is Delivering Naked Insecurity"
     http://www.epic.org/redirect/120310USATodayNader.html

Face the Nation: Interviews of Secretary of State Hillary Clinton
     http://www.state.gov/secretary/rm/2010/11/151737.htm

EPIC: EPIC v. DHS (Suspension of Body Scanners)
     http://www.epic.org/redirect/120310EPICvDHS.html 

=======================================================================
[3] Rapiscan Patent Raises New Health Concerns
=======================================================================

The United States Patent Office has approved a new patent application
for full body scanners. The application was filed by Rapiscan, one of
the companies who contracts with the government to supply the scanners
to airports and other locations where screening is considered necessary.

The application provides a glimpse into hazards posed by a new class of
body scanners. The new patent depicts a scanner that is faster and more
compact than the ones that are used in airports today. However, the
scanners are also designed to depict more detailed images, including a
three-dimensional image "that can be rotated on the screen by the
operator to view a combined image of the front side and back side."

In order to provide these images, the new scanners utilize two scanner
arrays. Language in the patent application suggests that this setup is
likely to increase the health risks by raising radiation exposure. The
second scanner appears to be designed in order to capture radiation
signals strong enough to pass through a human body.

Other problems exist also. Like previous versions, the new body scanners
are designed to detect metals along with "plastics, ceramics, and
illicit drugs," though powders remains notably absent from the list. The
2009 Christmas Day Bomber had intended to use powdered explosives, which
he concealed on his person. In addition, the application makes it clear
that these machines are still being designed and built with means to
collect and store images, despite frequent statements by the
Transportation Security Administration that "the machines cannot store
images of passengers at airports."

Experts have asked the government to respond to questions about
radiation levels and privacy interests, even while the Administration
continues to expand the program. By the end of 2011, over 1,000 body
scanners are expected to be in use across the country. EPIC has filed a
Freedom of Information Act lawsuit  against the Department of Homeland
Security, seeking records concerning radiation emissions and exposure
associated with airport full body scanners.

USPTO: Rapiscan Patent (Nov. 2, 2010)
     http://www.epic.org/redirect/120310RapiscanPatent.html

Rapiscan Systems
     http://www.rapiscansystems.com/

TSA Blog (Nov. 17, 2010)
     http://www.epic.org/redirect/120310TSABlog1117.html

EPIC: EPIC v. DHS (Body Scanner Radiation)
     http://www.epic.org/redirect/120310radiation.html

=======================================================================
[4] Google Patent to Use Street View Data to Identify Internet Users
=======================================================================

In a pending patent application, Google describes its plans for using
wireless data, some captured by its Street View vehicles, to identify
and link users to their geographical location. In the application,
Google explains how it would verify a user's identity by sending the
user a "challenge" based on the user's geographic location. Then,
assuming the user's answer is correct, Google would "allow the user
access to one or more features." Wi-fi data collection is critical for
this patent application, as Google would use the collected information
to create these "challenges."

In fact, Google has been collecting wi-fi data in thirty countries over
a three-year period through its Street View vehicles, which Google
originally maintained merely collected images. Even after investigations
revealed Google was collecting wi-fi data, Google denied that it would
link wi-fi data to particular users, and omitted any mention of user
identification from its statement regarding its Street View wi-fi data
collection.

The Federal Communications Commission (FCC) has opened an investigation
into Google's secretive interception and collection of wi-fi data
collection. Earlier, the Chief of the Consumer and Governmental Affairs
Bureau for the Federal Communications Commission warned consumers that
Google's "behavior" raises important privacy concerns and said that the
collection of Wi-Fi data, "whether intentional or not . . . clearly
infringes on consumer privacy." In May, EPIC filed a complaint with the
Commission, asking it to investigate Google's possible violations of
federal wiretap law and the U.S. Communications Act.

In May, members of Congress asked the Federal Trade Commission to
investigate Google's secretive collection of wi-fi data as part of
Street View. In the letter, the Representatives asked the FTC whether
Google's actions "form the basis of an unfair or deceptive act or
practice that constitutes harm to consumers" and whether Google's
actions are "illegal under federal law." No response by the FTC to this
letter can be found on the Congressmen's website.

In addition, unlike the FCC, the Federal Trade Commission never pursued
an independent investigation of Street View, examined the data collected
by Google in the United States, or even acknowledged the findings of
other agencies. The Federal Trade Commission (FTC) recently sent a
letter to Google, ending its inquiry into Google Street View. EPIC has
requested documents from the FTC under the Freedom of Information Act to
determine the scope of inquiry and the reason it was ended.

USPTO: Google Patent Application
     http://www.epic.org/redirect/120310GooglePatent.html
     
Google: Submission to National Data Protection Authorities
     http://www.epic.org/redirect/120310GoogleNDPA.html
     
Google: European Public Policy Blog
     http://www.epic.org/redirect/120310GoogleBlog.html

Wall Street Journal: FCC Investigation
     http://www.epic.org/redirect/120310WSJFCC.html

FCC Blog: Staying Safe From Cyber Snoops
     http://reboot.fcc.gov/blog?entryId=493624

EPIC: Letter to FCC (May 21, 2010)
     http://www.epic.org/redirect/120310EPIC-FCC.html

FTC: Letter to Google (Oct. 27, 2010)
     http://www.ftc.gov/os/closings/101027googleletter.pdf

Letter from Markey and Barton to FTC (May 19, 2010)
     http://www.epic.org/redirect/120310MarkeyLTR.html
     
EPIC: Google Street View
     http://epic.org/privacy/streetview/

=======================================================================
[5] Europe Promotes Comprehensive Data Protection Framework
=======================================================================

On December 2-3, 2010 the Justice and Home Affairs Council of the
Council of the European Union will hold a policy debate on "a
comprehensive approach on personal data protection in the European
Union." The communication, sent to the European Parliament, The Council
of Europe, The Economic and Social Committee and The Committee of the
Regions, contained a draft strategy for improvements in data protection,
including a set of proposals to change the European Data Protection
Directive. The European Commission will use this policy review, with the
results of a public consultation, to revise the European Union Data
Protection Directive. Public submissions and comments can be made on the
European Commission's public consultation web site until January 15,
2011. The EU Commission will then propose legislation in 2011.

The Justice and Home Affairs Council is also expected to authorise the
opening of negotiations for agreements between the European Union and
Australia, Canada, and the United States of America for the transfer and
use of Passenger Name Record data. The aim of the agreements is to
prevent and combat terrorism and other serious translational crime.

The European Union is negotiating a comprehensive framework agreement
with the United States of America government that regulates the
protection of personal data once it has been transferred in the context
of law enforcement and security cooperation. The European Union is
seeking to ensure that any transmission of Passenger Name Record data to
third countries is done in a secure manner, in line with existing
European Union legal requirements and that passengers are able to
enforce their rights in relation to the processing of their data.

Appearing before the European Parliament on October 26, 2010, EPIC
President Marc Rotenberg urged the adoption of a comprehensive framework
to protect the flow of personal data between the United States and the
European Union. Citing the growing concern about the misuse of sensitive
data and the absence of effective legal remedies, Mr. Rotenberg said it
was time for the United States of America and the European Union to
develop an effective legal framework that would safeguard the rights of
citizens and the users of Internet-based services.

EPIC strongly supports full implementation of the EU Data Protection
Directive as well as other efforts to fully safeguard the fundamental
rights of citizens, consumers, and users of Internet-based services.

Council of the European Union: Press Release
     http://www.epic.org/redirect/120310COEpressrel.html

European Commission: Communication to the EU Parliament
     http://www.epic.org/redirect/111910ECcomm.html

EU Data Protection Directive 1995
     http://www.epic.org/redirect/111910DPD95.html

EPIC: EU Data Protection Directive
     http://epic.org/privacy/intl/eu_data_protection_directive.html

EPIC: EU-US Airline Passenger Data Disclosure
     http://epic.org/privacy/intl/passenger_data.html

=======================================================================
[6] EPIC Urges FOIA Ombudsman to Pursue FOIA Oversight
=======================================================================

EPIC filed a request with the Office of Government Services (OGIS), as
the FOIA Ombudsman, challenging the Department of Defense's unlawful
assertion that it has the statutory authority to administratively
withdraw a Freedom of Information Act (FOIA) request without input or
consultation from the requester. This is a patently unauthorized
assertion of authority under FOIA.

OGIS is authorized under FOIA to review policies and procedures of
administrative agencies, review compliance by administrative agencies,
and recommend policy changes to Congress and the President. As the FOIA
Ombudsman, the Office is also required to conduct audits of agencies'
FOIA implementation and issue reports.

FOIA provides for the affirmative disclosure of agency records and
requires that agencies release all records that are not exempted from
mandatory disclosure. The Department of Defense's own FOIA policies also
provide for the affirmative disclosure of records and state that the
only proper reason for not releasing a record is that the "request is
withdrawn by the requester."

The Department made its extra-legal assertion in response to a FOIA
request EPIC had filed seeking documents detailing the agency's
agreements with Project Vigilant, a private sector company that monitors
Internet Service Providers and provides information to federal agencies.
Project Vigilant professes to track more than 250 million Internet
Protocol (IP) addresses a day and claims that it can develop portfolios
on any name, screen name, or IP address.

The OGIS is authorized under FOIA to review policies and procedures of
administrative agencies, review compliance by administrative agencies,
and recommend policy changes to Congress and the President. The Office
is also required to conduct audits of agencies' FOIA implementation and
issue reports.

As a frequent FOIA litigant and an expert in FOIA statutory authority,
EPIC has a strong interest in ensuring that FOIA requests are processed
in a timely, lawful, and responsive manner. EPIC therefore requested
that the FOIA Ombudsman investigate the Department's policies and
determine how extensively the Department has been impermissibly
asserting the authority to "administratively withdraw" FOIA requests.
EPIC further requested that the FOIA Ombudsman publish a report of its
finding and issue guidance making clear that FOIA requests cannot be
administratively withdrawn by an agency without the requester's consent
or input.

Office of Government Information Services
     http://www.archives.gov/ogis/

EPIC: Letter to OGIS (Nov. 23, 2010)
     http://epic.org/foia/FOIA_Ombudsman_DoD_Ltr.pdf

Department of Defense
     http://www.defense.gov/

EPIC: Litigation Under the Federal Open Government Laws 2010
     http://epic.org/bookstore/foia2010/default.html

EPIC: Open Government
     http://epic.org/privacy/litigation/

=======================================================================
[7] News In Brief
=======================================================================

Federal Appeals Court Overturns Vermont Medical Privacy Law

The Second Circuit Court of Appeals has ruled that a Vermont privacy law
violates the First Amendment. The law regulated data mining companies
that sell or use doctors' prescribing records containing personal
information on patients. EPIC, and several privacy technology experts,
had filed a "friend of the court" brief in support of the law. Writing
in dissent and siding with EPIC, Judge Debra Ann Livingston said that
the majority reached the "wrong result," creating "precedent likely to
have pernicious broader effects" on medical privacy case law. A similar
medical privacy law was upheld by the First Circuit Court of Appeals.

Second Circuit Opinion
     http://epic.org/IMS%202d%20Cir%2011-23-10.pdf

EPIC's "Friend of the Court" Brief
     http://epic.org/privacy/ims_sorrell/epic_amicus.pdf

EPIC: IMS Health v. Sorrell
     http://epic.org/privacy/ims_sorrell/default.html

EPIC: IMS Health v. Ayotte
     http://epic.org/privacy/imshealth/


One Million LifeLock Victims to Receive Refund Checks

The Federal Trade Commission has announced that it would begin sending
refund checks to victims of LifeLock's deceptive practices. LifeLock
used false claims to sell identity protection services to consumers. In
March 2010, LifeLock settled claims brought against the company,
agreeing to pay $11 million to the Federal Trade Comission, and $1
million to a group of state attorney generals. As part of the
settlement, LifeLock is prohibited from making any deceptive statements
and must take stronger steps to protect consumer information. The
settlement is one of the largest FTC-state enforcement settlements on
record.

FTC: LifeLock refund checks
     http://www.ftc.gov/opa/2010/11/lifelock.shtm

FTC:  LifeLock settlement
     http://www.ftc.gov/opa/2010/03/lifelock.shtm

EPIC: Identity Theft
     http://epic.org/privacy/idtheft/


Public Comments Sought on Federal "Fusion Centers"

The Department of Homeland Security is seeking
comments on Fusion centers, intelligence databases that have
raised substantial privacy concerns.  Information in fusion centers
comes from many sources, including government agencies, private
sector firms and anonymous tipsters. EPIC has urged Congress
to improve accountability and oversight of this program. An EPIC
FOIA lawsuit also revealed that federal Fusion Centers undermine
state privacy and open government laws. Comments are due December
15, 2010. 

Notice of Privacy Act System of Records (75 FR 69693)
     http://edocket.access.gpo.gov/2010/2010-28588.htm

Notice of Proposed Rulemaking for Privacy Act Exemptions (75 FR 69603)
     http://edocket.access.gpo.gov/2010/2010-28569.htm

Notice of Privacy Act System of Records (75 FR 69689) 
     http://edocket.access.gpo.gov/2010/2010-28566.htm

Notice of Proposed Rulemaking for Privacy Act Exemptions (75 FR 96904)
     http://edocket.access.gpo.gov/2010/2010-28572.htm

EPIC: Statement to DHS on Fusion Centers (Sept. 19, 2007)
     http://epic.org/privacy/fusion/fusion-dhs.pdf

Department of Homeland Security: State and Local Fusion Centers
     http://www.dhs.gov/files/programs/gc_1156877184684.shtm

EPIC: Fusion Centers and Privacy
     http://epic.org/privacy/fusion/

EPIC: Total Information Awareness
     http://epic.org/privacy/profiling/tia/

EPIC: EPIC v. Virginia Department of State Police
     http://epic.org/privacy/virginia_fusion/
     

European Commission Working Toward a Cloud Computing Strategy For 2011

Neelie Kroes, Vice President for the Digital Agenda of the European
Commission, announced that the European Commission is working on a cloud
computing strategy, which requires the input of all European Union
authorities by early 2011. According to Kroes, every European cloud
customer should be able to know that their cloud supplier protects their
personal data efficiently and in line with EU personal data protection
standards, as well as that all the countries where the cloud touches the
earth - that is, where the servers are located - have legal frameworks
in place that guarantee adequate data protection and privacy. Kroes also
recommended the development of new laws and codes of practice. In March
2009, EPIC filed a complaint with the Federal Trade Commission over
Google's lack of adequate safeguards for its cloud computing services.

European Commission: Press Release
     http://www.epic.org/redirect/120310ECpressrel.html
     
EPIC: Cloud Computing
     http://epic.org/privacy/cloudcomputing/default.html


WikiLeaks Reveals State Department Directive to Collect Biometric Data

WikiLeaks released a cache of U.S. cables revealing that diplomats were
directed to collect biometric data from foreign officials to fulfill the
State Department's intelligence reporting and collection needs. The
directive, called the "National HUMINT Collection Directive (NHCD),"
required that data such as fingerprints, facial images, DNA, and iris
scans be collected whenever possible. The NHCD complies with the
National Intelligence Priorities Framework (NIPF), which authorizes the
Director of National Intelligence to establish intelligence priorities
and determine processes for collecting intelligence relevant to those
priorities.

Secret US Embassy Cables
     http://cablegate.wikileaks.org

National Intelligence Priorities Framework 
     http://www.epic.org/redirect/120310NIPF.html
     
EPIC: Iraqi Biometric Identification System
     http://epic.org/privacy/biometrics/iraq.html

EPIC: Biometric Identifiers
     http://epic.org/privacy/biometrics/


Federal Trade Commission Publishes Recommendations on Internet Privacy

The Federal Trade Commission released a preliminary staff report on
privacy, following a series of public roundtable discussions. The report
recommends the establishment of a Do Not Track mechanism, the adoption
of a "privacy by design" techniques, and the use of simplified consumer
privacy notices. However, the FTC report did not address the privacy
implications of cloud computing and social networking, the need for a US
privacy agency, or a comprehensive federal privacy law based on "Fair
Information Practices," as privacy groups had urged.

FTC: Protecting Consumer Privacy in an Era of Rapid Change
     http://ftc.gov/os/2010/12/101201privacyreport.pdf

FTC: Exploring Privacy
     http://www.ftc.gov/bcp/workshops/privacyroundtables/

EPIC: Comments to the FTC (Jan. 26, 2010)
     http://www.ftc.gov/os/comments/privacyroundtable/544506-00078.pdf

EPIC: Federal Trade Commission
     http://epic.org/privacy/internet/ftc/


European Union Opens Anti-Trust Investigation of Google

The European Commission announced it is investigating Google for
potential anti-trust violations. The Commission decided to initiate
formal proceedings against Google after complaints from search-service
providers "about unfavorable treatment of their services in Google's
unpaid and sponsored search results coupled with an alleged preferential
placement of Google's own services." EPIC previously filed a complaint
with the Federal Trade Commission regarding Google's proposed merger
with the advertising company DoubleClick and its implications for
consumer privacy. EPIC Executive Director Marc Rotenberg also testified
in Congress during the review of this merger, urging the Federal Trade
Commission to establish privacy safeguards as a condition of the merger.
When the Agency approved the merger without any conditions, EPIC charged
that the Agency had "reason to act, and authority to act, but failed to
do so."

Europa: Commission probes allegations of antitrust violations by Google
     http://www.epic.org/redirect/120310europa.html

EPIC: In the Matter of Google, Inc. and DoubleClick, Inc.
     http://epic.org/privacy/ftc/google/epic_complaint.pdf

EPIC: Testimony of Marc Rotenberg on Google / DoubleClick Merger
     http://www.epic.org/privacy/ftc/google/epic_test_092707.pdf

EPIC: Statement Regarding the Majority Opinion of the FTC
     http://epic.org/privacy/ftc/google/EPIC_statement122007.pdf

EPIC: Google DoubleClick
     http://epic.org/privacy/ftc/google/


FTC Acts Late and Ineffectively on EPIC Complaint Regarding Echometrix

The Federal Trade Commission announced a settlement of its charges
against Echometrix, over one year after EPIC filed a complaint in this
matter. Echometrix is a software company that sold "parental control
software" that collected data on children using the Internet for
marketing purposes. Under the settlement with the Agency, Echometrix
agreed not to share any data and to destroy the information it had
collected in its marketing database, but was not required to pay any
fines. EPIC's complaint to the Agency highlighted several aspects of
Echometrix products that threatened consumer privacy, and alleged that
Echometrix had engaged in unfair and deceptive trade practices and
violated the Children's Online Privacy Protection Act. In contrast to
the Federal Trade Commission, the Defense Department quickly canceled a
contract with Echometrix following EPIC's complaint, and the New York
Attorney General filed charges against the company, which resulted in
Echometrix paying a $100,000 penalty to the state of New York.

FTC: Press Release (Nov. 30, 2010)
     http://www.ftc.gov/opa/2010/11/echometrix.shtm

EPIC: In the Matter of Echomatrix, Inc.
     http://www.epic.org/redirect/092410echomatrix.html

EPIC: Echomatrix Documents
     http://www.epic.org/redirect/120310echomatrix.html

EPIC: Echometrix
     http://epic.org/privacy/echometrix/


================================
EPIC Publications:

"Litigation Under the Federal Open Government Laws 2008," edited by
Harry A. Hammitt, Marc Rotenberg, John A. Verdi, and Mark S. Zaid
(EPIC 2008). Price: $60.

http://epic.org/bookstore/foia2008/
	
Litigation Under the Federal Open Government Laws is the most
comprehensive, authoritative discussion of the federal open access
laws. This updated version includes new material regarding the
substantial FOIA amendments enacted on December 31, 2007. Many of the
recent amendments are effective as of December 31, 2008. The standard
reference work includes in-depth analysis of litigation under Freedom
of Information Act, Privacy Act, Federal Advisory Committee Act,
Government in the Sunshine Act. The fully updated 2008 volume is the
24th edition of the manual that lawyers, journalists and researchers
have relied on for more than 25 years.

================================

"Information Privacy Law: Cases and Materials, Second Edition" Daniel
J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.

http://www.epic.org/redirect/aspen_ipl_casebook.html

This clear, comprehensive introduction to the field of information
privacy law allows instructors to enliven their teaching of fundamental
concepts by addressing both enduring and emerging controversies. The
Second Edition addresses numerous rapidly developing areas of privacy
law, including: identity theft, government data mining and electronic
surveillance law, the Foreign Intelligence Surveillance Act,
intelligence sharing, RFID tags, GPS, spyware, web bugs, and more.
Information Privacy Law, Second Edition, builds a cohesive foundation
for an exciting course in this rapidly evolving area of law.

================================

"Privacy & Human Rights 2006: An International Survey of Privacy Laws
and Developments" (EPIC 2007). Price: $75.

http://www.epic.org/phr06/

This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy in over
75 countries around the world. The report outlines legal protections,
new challenges, and important issues and events relating to privacy.
Privacy & Human Rights 2006 is the most comprehensive report on privacy
and data protection ever published.

================================

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.

http://www.epic.org/bookstore/pvsourcebook

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS). This
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals for
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more involved in the
WSIS process.

================================

"The Privacy Law Sourcebook 2004: United States Law, International Law,
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:
$40.

http://www.epic.org/bookstore/pls2004/

The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource for students,
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world. It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as
well as an up-to-date section on recent developments. New materials
include the APEC Privacy Framework, the Video Voyeurism Prevention Act,
and the CAN-SPAM Act.

================================

"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.

http://www.epic.org/bookstore/filters2.0

A collection of essays, studies, and critiques of Internet content
filtering. These papers are instrumental in explaining why filtering
threatens free expression.

================================

EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

EPIC Bookstore
http://www.epic.org/bookstore

================================

EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents obtained from government agencies under the
Freedom of Information Act.

Subscribe to EPIC FOIA Notes at:
http://mailman.epic.org/mailman/listinfo/foia_notes

=======================================================================
[8] Upcoming Conferences and Events
=======================================================================

"Broadband Networks and Smart Grid at the Crossroad Between ICT &
Energy." Columbia Business School, New York, New York, 3 December 2010.
For More Information:
http://www4.gsb.columbia.edu/citi/events/bbnetworks.

"Computers, Privacy, and Data Protection Conference European Data
Protection: In Good Health?" Brussels, Belgium, 25-28 January 2011. For
More Information: http://www.cpdpconferences.org/.

"The Tenth Workshop on Economics of Information Security." The George
Mason University, 14-15 June 2011. For More Information:
http://weis2011.econinfosec.org/index.html.

"Computers, Freedom, and Privacy 2011." Georgetown Law Center,
Washington D.C., 14-16 June 2011. For More Information:
http://www.cfp2010.org/wiki/index.php/Announcement_of_CFP_2011.

=======================================================================
Join EPIC on Facebook
=======================================================================

Join the Electronic Privacy Information Center on Facebook

http://facebook.com/epicprivacy

http://epic.org/facebook

Start a discussion on privacy. Let us know your thoughts.
Stay up to date with EPIC's events.
Support EPIC.

=======================================================================
Privacy Policy
=======================================================================

The EPIC Alert mailing list is used only to mail the EPIC Alert and to
send notices about EPIC activities. We do not sell, rent or share our
mailing list. We also intend to challenge any subpoena or other legal
process seeking access to our mailing list. We do not enhance (link to
other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list, please follow the above instructions under "subscription
information."

=======================================================================
About EPIC
=======================================================================

The Electronic Privacy Information Center is a public interest research
center in Washington, DC. It was established in 1994 to focus public
attention on emerging privacy issues such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research. For more information, see http://www.epic.org or write
EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202
483 1140 (tel), +1 202 483 1248 (fax).

=======================================================================
Donate to EPIC
=======================================================================

If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible. Checks
should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009. Or you can contribute online at:

http://www.epic.org/donate

Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation of encryption and
expanding wiretapping powers.

Thank you for your support.

=======================================================================
Subscription Information
=======================================================================

Subscribe/unsubscribe via web interface:
http://mailman.epic.org/mailman/listinfo/epic_news

Back issues are available at:
http://www.epic.org/alert


The EPIC Alert displays best in a fixed-width font, such as Courier.


------------------------- END EPIC Alert 17.24 ------------------------