Focusing public attention on emerging privacy and civil liberties issues

EPIC Alert 18.12

======================================================================= E P I C A l e r t ======================================================================= Volume 18.12 June 21, 2011 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/epic_alert_1812.html "Defend Privacy. Support EPIC." http://epic.org/donate ======================================================================= Table of Contents ======================================================================= [1] EPIC's FTC Complaint Urges Probe of Facebook's Facial Recognition [2] EPIC Testifies Before Congress on Data Breach Legislation [3] Court Awards Funds to EPIC in Google Buzz Case [4] EU Data Supervisor Suggests Repeal of Data Retention Directive [5] House Passes Budget for TSA, Cuts Funding for Body Scanners [6] News in Brief [7] EPIC Book Review: "Virtual Freedom" [8] Upcoming Conferences and Events TAKE ACTION: Facebook Privacy 2011! - READ EPIC's complaint to FTC: http://epic.org/redirect/0611FBFTC.html - WATCH EPIC on ABC Nightline: http://epic.org/redirect/0611FB.html - SUPPORT EPIC http://www.epic.org/donate/ ======================================================================= [1] EPIC's FTC Complaint Urges Probe of Facebook's Facial Recognition ======================================================================= EPIC and several other privacy organizations, including the Center for Digital Democracy, Consumer Watchdog, and the Privacy Rights Clearinghouse, have filed a complaint with the Federal Trade Commission over Facebook's new facial recognition system. Alleging that the feature constituted an "unfair and deceptive" business practice, EPIC urged the FTC to launch an immediate investigation into Facebook's facial-recognition policies, including determining the extent of potential harm to consumer privacy and safety, and requiring stronger privacy protections for Facebook users. Facebook's new automated tagging feature uses facial recognition software to identify individuals in users' photographs. In the FTC complaint, EPIC alleged that "[u]sers could not reasonably have known that Facebook would use their photos to build a biometric database in order to implement a facial recognition technology under the control of Facebook." Even if a user is able to opt-out of being tagged in photos, there is no way to opt-out of being added to Facebook's facial recognition biometric database itself. Data-protection officials from the European Union have launched their own investigation into Facebook's facial-recognition system, via the directives of the EU's Article 29 Data Protection Working Party. The privacy regulation bodies of both the UK and Ireland have indicated interest in beginning similar probes. The State of Connecticut's Attorney General, George Jepsen, has publicly raised concerns over the Facebook system. In a June 16 press release, he stated that he had contacted Facebook directly to discuss the issue. EPIC: Facebook Complaint (June 10, 2011) http://epic.org/redirect/062111facebookftccomplaint.html EPIC: Facebook Privacy http://epic.org/privacy/facebook/ EPIC: Facial Recognition http://epic.org/privacy/facerecognition/ EPIC: Biometrics http://epic.org/privacy/biometrics/ Facebook: Making Photo Tagging Easier http://www.facebook.com/blog.php?post=467145887130&_fb_noscript=1 European Union: Article 29 Data Protection Working Party http://epic.org/redirect/062111eudataworkinggroup.html CT AG: Press Release on Facebook Facial Recognition (June 16, 2011) http://www.ct.gov/ag/lib/ag/press_releases/2011/061611facebook.pdf ======================================================================= [2] EPIC Testifies Before Congress on Data Breach Legislation ======================================================================= EPIC Executive Director Marc Rotenberg testified before a House Energy and Commerce subcommittee on June 15 regarding proposed legislation that would require greater protection for sensitive consumer data and timely notification in case of breach. EPIC recommended modifications to the SAFE Data Act, but supported the overall goal of limiting harm to consumers who are victims of data breaches. The SAFE Data Act was introduced by Representative Mary Bono Mack (R-CA), Chair of the Subcommittee on Commerce, Manufacturing and Trade. Under the proposed legislation, companies are required to assess and address vulnerabilities within their systems and participate in data minimization practices such that such that only personal information "reasonably needed for legitimate business purposes" should be retained. The bill also requires law enforcement and the Federal Trade Commission to be notified within 48 hours of discovery of a data breach. If a security assessment suggests that the data breach "presents a reasonable risk of identify theft, fraud, or other unlawful conduct", the company must notify all affected US customers within 48 hours. The legislation does not allow a private cause of action against a company, although the FTC and state attorneys general are empowered to enforce the statute. EPIC's Rotenberg urged the Subcommittee to adopt language that would create a data minimization requirement: "If you can't protect it, don't collect it." He also agreed with the 48-hour requirement for notification. However, he stated, companies should not have the discretion to determine whether a particular data breach presented a "reasonable risk of identity theft, fraud, or other unlawful conduct"; instead, notification should be routine. Mr. Rotenberg also suggested changes to the definition of "Personal Information" to apply to all unique information, regardless of other information taken with it, including Social Security numbers and Facebook user IDs. EPIC's testimony included examples of breaches at Southern California Medical-Legal Consultants, affecting 300,000 consumers; Citigroup (200,000 customers); PlayStation Network, (100 million users), and Epsilon (up to 100 million customers). Marc Rotenberg, Testimony on the SAFE Data Act, June 15, 2011 http://epic.org/redirect/062111EPICtestimonyhousecommerce.html Subcommittee on Commerce, Manufacturing and Trade Hearing on (H.R. ___) http://epic.org/redirect/062111hearingdetail.html Discussion Draft of the SAFE Data Act (H.R. ____) http://epic.org/redirect/062111safedatadiscussiondraft.html United States House of Representatives: Congresswoman Mary Bono Mack http://bono.house.gov/ EPIC: Identity Theft http://epic.org/privacy/idtheft/ ======================================================================= [3] Court Awards Funds to EPIC in Google Buzz Case ======================================================================= A Federal district court in California overseeing the Google Buzz class-action case has revised a proposed settlement agreement to ensure that EPIC receives a portion part of the cy pres settlement funds. "Cy pres" ("as near as possible") is a legal doctrine that allows courts to allocate funds to protect the interests of individuals in a class action settlement. In February 2011, the Court ordered distribution of settlement funds to organizations "who would reasonably benefit the class through established Internet privacy education and policy programs." EPIC's complaint to the Federal Trade Commission about Google Buzz resulted in sweeping new privacy safeguards for Google users; however, the orignal settlement proposed by class action attorneys excluded EPIC from receiving settlement funds. On May 31, Northern California District Court Judge James Ware held that "the Court does not find good cause to exclude EPIC from the list of recipients of the cy pres funds." The court revised the settlement agreement to reallocate the cy pres funds, and awarded EPIC $500,000. Executive Director Marc Rotenberg spoke on EPIC's behalf: "We appreciate the court's recognition of EPIC's important work." In re: Google Buzz: Final Approval of Settlement (May 31, 2011) http://epic.org/redirect/062111finalbuzzapproval.html FTC: "Deceptive Privacy Practices in [Google Buzz]" (Mar. 31, 2011) http://www.ftc.gov/opa/2011/03/google.shtm EPIC: Google Buzz Complaint (Feb. 2010) http://epic.org/privacy/ftc/googlebuzz/GoogleBuzz_Complaint.pdf EPIC: Google Buzz Supplemental Complaint (Mar. 2010) http://www.epic.org/redirect/040811EPICgoogle_supcomp.html EPIC: In re: Google Buzz http://epic.org/privacy/ftc/googlebuzz/default.html ======================================================================= [4] EU Data Supervisor Suggests Repeal of Data Retention Directive ======================================================================= European Union Data Protection Supervisor Peter Hustinx has raised the possibility of repealing Europe's Data Retention Directive, which requires telecommunication companies and Internet service providers to retain user data for law enforcement purposes. The Directive applies to traffic and location data and the "related data necessary to identify" a user. Each EU member state must retain this data for a period of six months to two years from the date of the user's communication. The Directive also requires each EU member state to enact procedures that grant law enforcement access to the data. According to Hustinx, the Directive does not provide clear guidance about why this data must be retained or who will have access to it. Similarly, Hustinx believes that the Directive does not sufficiently justify the necessity of the data retention, lacks foreseeability, and is overly intrusive. He also notes that statistics on access requests indicate that a retention period of up to two years "goes far beyond" what is necessary. In light of these concerns, Hustinx has asked the European Commission to consider all other options, "including the possibility of repealing the Directive." Hustinx also states that this data retention interferes with the right to privacy as defined in articles of both the European Convention of Human Rights and the European Union Charter of Fundamental Rights. EPIC has opposed data retention obligations and has specifically recommended data minimization techniques to safeguard the privacy and security of Internet users. European Parliament and EU Council: 2006 Data Retention Directive http://epic.org/redirect/062111EU2006dataretentiondirective.html EU Data Protection Supervisor: View of Data Directive (May 31, 2011) http://epic.org/redirect/062111euevaluationreport.html European Court of Human Rights: European Convention on Human Rights http://epic.org/redirect/062111euhumanrights.html European Union: Charter of Fundamental Rights http://www.europarl.europa.eu/charter/pdf/text_en.pdf EPIC: Data Retention http://epic.org/privacy/intl/data_retention.html EPIC: EU Data Protection Directive http://epic.org/privacy/intl/eu_data_protection_directive.html ======================================================================= [5] House Passes Budget for TSA, Cuts Funding for Body Scanners ======================================================================= The House approved the 2012 budget for the Transportation Security Administration, cutting $270 million from the amount originally requested by the Agency. The cuts include $76 million that had been designated for the purchase of 275 airport body scanners. Leading lawmakers and consumer activists have called attention to the health risks associated with the scanners, as well as their invasiveness. Representative Jason Chaffetz (R-UT) criticized the machines as "slow" and "ineffective." In 2005, the TSA began testing body scanners to screen air travelers. Body scanners produce detailed three-dimensional images of individuals. Security experts have described whole body scanners as the equivalent of "a physically invasive strip-search." The agency operates the body scanner devices at airports throughout the United States; as of early 2011, nearly 80 US airports had installed the scanners, with many more deployments planned. In 2010, EPIC filed a lawsuit to suspend the deployment of body scanners at US airports. EPIC subsequently obtained documents establishing that the TSA required the machines to be capable of storing, recording, and transferring detailed images of naked air travelers, contrary to the Agency's pubic claims. EPIC asserts that the Agency's controversial program violates the Administrative Procedures Act, the Privacy Act, the Religious Freedom Restoration Act, the Video Voyeurism Prevention Act, and the Fourth Amendment. On June 10, the Campaign for Liberty hosted the "Ban the Scan" rally in New York, featuring anti-scanner activist and former Miss USA, Susie Castillo. The Campaign is working to eliminate body scanners in New York City. Rep. Chaffetz and Ms. Castillo were among the recipients of EPIC's 2011 Champion of Freedom Awards. House of Representatives: DHS Appropriations Act, 2012 (June 6, 2011) http://thomas.loc.gov/cgi-bin/bdquery/z?d112:h.r.2017: Reuters: Number of Body Scanners in US Airports http://epic.org/redirect/062111usbodyscanners.html EPIC: Whole Body Imaging Technology http://epic.org/privacy/airtravel/backscatter/ EPIC: EPIC v. DHS (Body Scanners) http://epic.org/privacy/airtravel/backscatter/epic_v_dhs.html EPIC: EPIC v. DHS (Suspension of Body Scanner Program) http://epic.org/redirect/062111epicscannersuspensionsuit.html EPIC: Annual Champion of Freedom Awards http://epic.org/2011/06/reps-chaffetz-and-holt-susie-c.html ======================================================================= [6] News in Brief ======================================================================= 21st Annual Computers, Freedom & Privacy: "The Future is Now" EPIC hosted this year's Computers, Freedom & Privacy conference, held in Washington DC, from June 14-16. More than 300 attendees participated in over 100 panels and events at the Georgetown University Law Center. Senator Patrick Leahy (D-VT) gave the keynote speech, which centered around the importance of continuing the privacy debate and his efforts to update the Electronic Communications Privacy Act. CFP features panels with top government decision makers, policy advocates, researchers and leading experts in cybersecurity and privacy worldwide. Computers Freedom & Privacy: Main Page http://www.cfp.org/2011/wiki/index.php/Main_Page EPIC: Senator Leahy Introduces Bill to Update Digital Privacy Law http://epic.org/2011/05/senator-leahy-introduces-bill.html Twitter: Computers, Freedom & Privacy 2011 http://twitter.com/#!/cfp11 Privacy Advocates Receive 2011 EPIC Champion of Freedom Awards At the 2011 EPIC awards dinner, Congressman Jason Chaffetz (R-UT), Congressman Rush Holt (D-NJ), The Wall Street Journal, and TV actress and former Miss USA, Susie Castillo received the EPIC awards for the defense of civil liberties and human rights, and for raising public awareness of new challenges to privacy. Representative Chaffetz pursued meaningful oversight of the Transportation Security Administration and helped strengthen the Freedom of Information Act. Representative Holt is a leading champion for Patriot Act reform. The Wall Street Journal's investigative series "What They Know" exposed how the world's most popular web sites secretly track and monitor consumers' online behavior. Jeffrey Rosen and danah boyd cohosted the event in Washington, D.C. Ralph Nader presented the EPIC Citizen Activist award to Susie Castillo, a leading advocate for the dignity of air travelers. EPIC: Champion of Freedom Awards Dinner http://epic.org/june13/ Congressman Chaffetz: Representing the 3rd District of Utah http://chaffetz.house.gov/ Representative Rush Holt: Serving New Jersey's 12th District http://holt.house.gov/ Wall Street Journal: "What They Know Series" (2010) http://epic.org/redirect/062111whattheyknowwsj.html Susie Castillo: Susie's TSA Petition to Congress http://www.susiecastillo.net/ EPIC, Others Urge Homeland Security to Stop National ID System EPIC and a coalition of privacy, consumer rights, and civil rights organizations have filed a statement to the Department of Homeland Security in opposition to the proposed expansion of the employment verification system, "E-Verify." The agency announced plans to incorporate state driver license records into the information cross-checked by E-Verify, which could significantly expand the use of the Homeland Security database. The coalition claims that the DHS proposal is unlawful and is analogous to the REAL ID Act, which has been rejected by 24 states as of Feb. 2011. EPIC has testified before Congress and published a "Spotlight on Surveillance" report about E-Verify. EPIC: Comments on E-Verify (June 8, 2011) http://epic.org/redirect/062111e-verifycomments.html Federal Register: Notice on E-Verify (May 9, 2011) http://www.gpo.gov/fdsys/pkg/FR-2011-05-09/html/2011-11291.htm EPIC: Testimony on E-Verify (June 7, 2007) http://epic.org/privacy/ssn/eevs_test_060707.pdf EPIC: Spotlight on Surveillance (July 2007) http://epic.org/privacy/surveillance/spotlight/0707 Congressman Markey Commends EPIC for Filing Facebook Complaint Congressman Ed Markey (D-MA) expressed support for the complaint filed by EPIC and other consumer groups over Facebook's new automated photo- tagging feature. In a published statement, Congressman Markey said, "The Federal Trade Commission should investigate this important privacy matter, and I commend the consumer groups for their filing. When it comes to users' privacy, Facebook's policy should be: 'Ask for permission, don't assume it.' Rather than facial recognition, there should be a Facebook recognition that changing privacy settings without permission is wrong. I encourage the FTC to probe this issue and will continue to closely monitor this issue." EPIC and affiliated groups now have several complaints regarding Facebook pending at the FTC. Rep. Ed Markey: Markey Supports Consumer Groups (June 13, 2011) http://epic.org/redirect/062111markeyproconsumer.html EPIC: Facebook Complaint (June 10, 2011) http://epic.org/redirect/062111facebookftccomplaint.html EPIC: Facebook Complaint (Dec. 17, 2009) http://epic.org/privacy/inrefacebook/EPIC-FacebookComplaint.pdf Senator Leahy Introduces Data Privacy Bill Senator Patrick Leahy (D-VT) has introduced the Data Privacy Bill of 2011, which is aimed at increasing protection for Americans' personal information and privacy in the realm of electronic communications. The bill establishes a national security breach notification standard, and requires businesses to safeguard consumer information and allow consumers to correct inaccurate information. Senator Leahy previously sponsored the Personal Data Privacy and Security Act in 2005 and has introduced similar legislation in the last three Congresses. Senator Leahy also recently commended EPIC's work at the "Computers, Freedom & Privacy" conference in Washington D.C. Sen. Patrick Leahy: Data Privacy Bill of 2011 http://epic.org/redirect/062111leahyprivacytext.html S. 1332: Personal Data Privacy and Security Act of 2005 http://www.govtrack.us/congress/bill.xpd?bill=s109-1332 EPIC: Identity Theft http://epic.org/privacy/idtheft/ Sen. Leahy: Press Release of Data Privacy Bill of 2011 (May 17, 2011) http://epic.org/redirect/062111leahyprivacypressrelease.html Whitehouse.gov to Track Users for Two Years On June 3, the White House modified the privacy policy for whitehouse.gov. The new policy, which, at nearly 3,500 words, is more than twice as long as the former version, states the White House web site now uses persistent Google Analytics cookies that track users for up to two years. Previously, whitehouse.gov employed only single-session cookies, which were automatically deleted when users closed their browsers. The site does not provide a means for visitors to opt out of receiving cookies. This new policy reflects changes the Obama Administration made in 2010, permitting Federal web sites to incorporate tracking cookies. EPIC opposes the use of cookies, which collect user information for later use. White House: Our Online Privacy Policy (new version) www.whitehouse.gov/privacy White House: Our Online Privacy Policy (old version) www.whitehouse.gov/privacy/archive OMB: Guidance for Use of Web Measurement and Customization Tools http://epic.org/redirect/062111fedwebsiteanalytics.html EPIC: Internet Cookies www.epic.org/privacy/internet/cookies/ EPIC: White House's Weird Opt-Out Privacy Policy for Federal Web Sites www.epic.org/2010/06/white-house-adopts-weird-opt-o.html EPIC: Privacy and Consumer Profiling www.epic.org/privacy/profiling/ Privacy Study: More Americans Distrust Big Business than Big Government In June, the Center for the Digital Future at the University of Southern California's Annenberg School released the "2011 Digital Future Report". The annual survey of 1,926 Americans ages 12 and older found that 48% of Internet users are concerned about companies tracking their online activities, while only 38% are concerned about government monitoring. "Many of us are worried that the Big Brother in our lives is actually Big Business," says Jeffrey I. Cole, Director of the Center for the Digital Future. However, the study found only 33% of Internet users believe it safe to voice their political opinions online. The report also found limited enthusiasm for online voting. The study's results are consistent with EPIC's previous coverage of public opinion research, reflecting widespread concern about both private sector and government abuses of privacy. Center for the Digital Future: 2011 Digital Future Report Press Release http://epic.org/redirect/062111digitalpressrelease.html Center for the Digital Future: 2011 Digital Future Report http://epic.org/redirect/062111digitalreport.html EPIC: Public Opinion on Privacy http://www.epic.org/privacy/survey EPIC: Privacy and Consumer Profiling http://www.epic.org/privacy/profiling/ Ontario Privacy Commission: De-Identification Still Valid Privacy Tool Ontario, Canada's Information and Privacy Commissioner, Ann Cavoukian, has released a report stressing that de-identification of consumer information remains a powerful tool for safeguarding privacy. In her report, "Dispelling the Myths Surrounding De-identification: Anonymization Remains a Strong Tool for Protecting Privacy," Cavoukian and co-author, University of Ottawa Medical School professor Khaled El Emam, refute arguments that all data can be "re-identified" with a specific individual with little effort; rather, they claim, anonymization and de-identification of medical data can protect sensitive patient records. Although the report focuses on medical data collection, Cavoukian and El Emam state, "the same arguments apply in the broader context of personal information." EPIC has advocated against the re-identification of data, most recently in the pending Supreme Court case "IMS Health v. Sorrell." Ottawa Privacy Commissioner: Report on De-Identification http://www.ipc.on.ca/images/Resources/anonymization.pdf EPIC: Resources on Re- and De-Identification http://epic.org/privacy/reidentification/ EPIC: IMS Health v. Sorrell http://epic.org/privacy/ims_sorrell/ UNESCO Calls for Proposals re: Global Internet Privacy Research UNESCO has submitted a call for proposals to conduct research on Internet privacy, regulation, and legal protections worldwide. Areas of focus include Africa, the Arab States, Asia/Pacific, Europe/North America, and Latin America/the Caribbean. Proposed research will explore global legal and human rights trends arising from individuals' Internet use, particularly use of Internet-based applications such as search engines, social networking sites, and microblogging. Research results will inform UNESCO Member States about existing Internet privacy policies and practices, so that further action may be discussed and taken. Deadline for proposals is July 1, 2011. EPIC takes a strong stance on global Internet governance and individual privacy worldwide. UNESCO: Calls for Proposals on Global Internet Privacy Survey http://epic.org/redirect/062111unesco_proposals.html EPIC: Global Internet Governance http://epic.org/2011/05/global-internet-governance-res.html ======================================================================= [7] EPIC Book Review: "Virtual Freedom" ======================================================================= "Virtual Freedom: Net Neutrality and Free Speech in the Internet Age," Dawn C. Nunziato http://epic.org/redirect/062111nunziato-virtual-freedom.html "Virtual Freedom" is a comprehensive survey of the history of net neutrality and its role in our modern digital world. George Washington University law professor Dawn C. Nunziato draws from legal and technological history to fashion a compelling argument for treating Internet Service Providers (ISPs) and other powerful Internet entities as "public entities" with respect to the First Amendment, thus preventing them from restricting the free flow of information over the Internet. Nunziato's argument begins with her distinction between the "negative" and "affirmative" conceptions of the First Amendment. In the negative conception, emphasis is placed on individual speech decisions, free from state interference only; in the affirmative conception, citizens are sheltered from the inadequate protections of the marketplace. In Nunziato's view, "the affirmative conception of the First Amendment recognizes that individuals have a right to participate in democratic self-government by expressing their views, and in turn by being exposed to a variety of viewpoints." The central theme of "Virtual Freedom" is that an affirmative conception of the First Amendment supports government regulation of "powerful private actors" - those entities that exert control over the large-scale dissemination of information simply by their existence. To make this point, Nunziato takes the reader on a detailed common-law history of the First Amendment from the 1930's through to the present day, tracing the legal justification for an application of Constitutional standards to private ISPs and search engines. Most convincing to Nunziato's case is her use of real examples, both in the US and internationally, that demonstrate the disastrous consequences when net neutrality is not enforced. Numerous anecdotes provide details on abuses by Internet companies, from blocking emails and interrupting file transmissions to content blocking and manipulation of search results. These accounts provide lay readers with real-world stories connecting them to what might be an otherwise overly technical and legal discussion. -- Amie Stepanovich ================================ EPIC Publications: "Litigation Under the Federal Open Government Laws 2010," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark S. Zaid (EPIC 2010). Price: $75 http://epic.org/bookstore/foia2010/ Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding President Obama's 2009 memo on Open Government, Attorney General Holder's March 2009 memo on FOIA Guidance, and the new executive order on declassification. The standard reference work includes in-depth analysis of litigation under: the Freedom of Information Act, the Privacy Act, the Federal Advisory Committee Act, and the Government in the Sunshine Act. The fully updated 2010 volume is the 25th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. http://www.epic.org/redirect/aspen_ipl_casebook.html This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at: EPIC Bookstore http://www.epic.org/bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [8] Upcoming Conferences and Events ======================================================================= EPIC Testimony on "Cybersecurity and Data Protection in the Financial Sector." Senate Committee on Banking, Housing, and Urban Affairs, Washington, DC, 21 June 2011. For More Information: http://epic.org/redirect/062111senate_cyber_finance_hearing.html "Online Tracking Protection and Browsers." Brussels, Belgium, 22-23 June 2011. For More Information: trackingprotection@apcoworldwide.com. ICANN Board Meeting. Singapore. 19-24 June 2011. For More Information: http://www.icann.org/. "Aligning Privacy Accountability with your Business Strategy:" Privacy Laws and Business 24th Annual International Conference. St. John's College, Cambridge, United Kingdom, 11-13 July 2011. For More Information: www.privacylaws.com/annualconference. EPIC Public Voice Conference. Mexico City, Mexico, 31 October 2011. For More Information: http://www.thepublicvoice.org/. Computers, Privacy, & Data Protection 2012: European Data Protection: Coming of Age. Brussels, Belgium, 25-27 January 2012, Call for Papers Abstracts Deadline 1 June 2011. For More Information: http://www.cpdpconferences.org. ======================================================================= Join EPIC on Facebook ======================================================================= Join the Electronic Privacy Information Center on Facebook http://facebook.com/epicprivacy http://epic.org/facebook Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Donate to EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 18.12 ------------------------