Focusing public attention on emerging privacy and civil liberties issues

EPIC Alert 19.18

======================================================================= E P I C A l e r t ======================================================================= Volume 19.18 September 28, 2012 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/epic_alert_19.18.html "Defend Privacy. Support EPIC." http://epic.org/donate ======================================================================== Table of Contents ======================================================================== [1] Courts Award EPIC Fees and Set Deadline for Body Scanner Rulemaking [2] EPIC Urges Supreme Court to Uphold Review of Wiretapping Programs [3] Facebook Ceases Facial Recognition in EU [4] Senate Leaves Internet Privacy Law Intact [5] DHS Releases 2012 Privacy Report [6] News in Brief [7] EPIC in the News [8] Book Review: 'Some Remarks: Essays and Other Writing' [9] Upcoming Conferences and Events TAKE ACTION: September 28 is "International Right to Know" Day! ADVOCATE FOIA Rights: http://epic.org/redirect/092812-foiamaterial.html WATCH the FOIA Day Video: http://epic.org/redirect/092812-foiavid.html LEARN about Global Info Rights: http://www.foiadvocates.net/en/mapping SUPPORT EPIC: http://epic.org/donate ======================================================================== [1] Courts Award EPIC Fees and Set Deadline for Body Scanner Rulemaking ======================================================================== EPIC has obtained decisions in two federal court cases concerning the controversial body scanner program. A federal district court has ruled that EPIC "substantially prevailed" in a Freedom of Information Act lawsuit that resulted in the disclosure of information about the agency's plan to deploy body scanners at bus and train stations, sporting events, and other public venues. EPIC also obtained documents detailing the development of body scanner technology that would be deployed in roving, so-called "Z-Backscatter" vans. As a result EPIC is entitled to attorneys' fees and costs. Because EPIC was successful in obtaining documents, the court found that EPIC had "substantially prevailed" in the FOIA lawsuit and that "EPIC has demonstrated a public benefit arising from the disclosed records." EPIC has several related FOIA lawsuits concerning new systems of mass surveillance. The Court of Appeals for the DC Circuit has also issued a ruling on EPIC's recent petition on the controversial body scanner program. After the court's initial 2011 ruling mandating that the TSA "promptly" undertake notice and comment rulemaking, a year passed without agency action. EPIC then urged the court to require the Secretary of Homeland Security to begin a public comment process or suspend the program. The agency subsequently replied that it "finalize documents" by February 2013. The DC Court of Appeals' ruling lays out a firm deadline for the TSA, stating that it expects the agency to publish the rule before the end of March 2013. DC Circuit Court: Ruling in EPIC v. DHS No. 12-1307 (Sept. 25, 2012) http://epic.org/privacy/body_scanners/DC-Cir-Mandamus-Order.pdf DC Circuit Court: Memorandum Opinion in EPIC v. DHS (May 20, 2011) http://epic.org/foia/dhs/EPIC-v-DHS-Fees-Ruling-09-14-12.pdf EPIC: EPIC v. DHS (Mobile Body Scanners Lawsuit) http://epic.org/redirect/092812-epicvdhs-scannersuit.html EPIC: EPIC v. DHS (Suspension of Body Scanner Program) http://epic.org/redirect/092812-epicvdhs-scannersuspend.html ======================================================================= [2] EPIC Urges Supreme Court to Uphold Review of Wiretapping Programs ======================================================================= EPIC, joined by 32 technical experts and legal scholars and six privacy and transparency organizations, has filed a "Friend of the Court" brief in Clapper v. Amnesty International USA, a case before the US Supreme Court. At issue in Clapper is whether a group of journalists, attorneys, and non-profit organizations can challenge the US government's interception of their international communications. The Clapper case tests whether economic and professional costs related to the reasonable fear of being monitored under the Foreign Intelligence Surveillance Act constitute an injury sufficient to give the plaintiffs "standing" to challenge the law under Article III of the US Constitution. The case also has broad implications for public oversight of surveillance activity. The plaintiffs in Clapper are challenging the current foreign intelligence surveillance system put into place by the FISA Amendments Act of 2008 after the exposure of the George W. Bush Administration's warrantless wiretapping program. The plaintiffs originally argued that the current surveillance system allows the government to collect their private, international communications with clients, sources, and colleagues, thus forcing the plaintiffs to incur substantial monetary costs in order to maintain confidentiality. Government attorneys argued, meanwhile, that the plaintiffs had not sufficiently established that their communications had or would be collected under the FISA Amendments Act. The US Second Circuit Court of Appeals sided with the plaintiffs in 2011, determining that the plaintiffs' fears were objectively reasonable given the "imminent threat" that their communications would be collected. The US government subsequently appealed to the Supreme Court, which agreed to hear the case for the 2012 term. EPIC's amicus brief for the Supreme Court argues that the government's ability to collect Americans' international communications is nearly "unbounded," and that the public may "reasonably" fear that their private communications will be collected under FISA due to the lack of adequate public reporting and oversight. The brief also points out that the oversight procedures included in the FISA Amendments Act are inadequate to protect private communications because they focus on "targeting" procedures that occur after collection, rather than limiting the collection of private communications in the first place. "In order to maintain both security and privacy," the brief concludes, "the government requires complementary tools that maximize efficiency. When the law gives new authority to conduct electronic surveillance, there should also be new means of oversight and accountability. The FISA Amendments Act fails this test." Oral argument in the case will take place before the Supreme Court on October 29, 2012. EPIC et al.: "Friend of the Court" Brief in Clapper (Sept. 24, 2012) http://epic.org/amicus/fisa/clapper/EPIC-Amicus-Brief.pdf EPIC: Clapper v. Amnesty Int'l USA http://epic.org/amicus/fisa/clapper/ DNI James R. Clapper, Jr.: Brief in Clapper v. Amnesty (July 2012) http://epic.org/amicus/fisa/clapper/DNI-Brief.pdf Amnesty International et al.: Brief in Clapper (Aug. 2012) http://epic.org/amicus/fisa/clapper/Amnesty-et-al-Brief.pdf EPIC: Foreign Intelligence Surveillance Act (FISA) http://epic.org/privacy/terrorism/fisa/ ======================================================================== [3] Facebook Ceases Facial Recognition in EU ======================================================================== The Irish Data Protection Commissioner has issued a report determining that Facebook has implemented many of the Commissioner's recommendations, such as halting the automatic use of facial recognition through "tag suggestions." Facebook Europe has agreed to give EU users the choice over the use of facial recognition, grant users access to their facial recognition template, and delete the facial recognition data of EU citizens by October 15. Facebook has agreed that it will revive facial recognition technology in the EU only after obtaining permission from European data protection agencies. The Commissioner's report also contains findings on 16 other subjects related to Facebook's privacy practices, including advertising, access requests, data retention, pseudonymous profiles, and disclosures to third parties. Facebook's record on implementing the Commissioner's recommendations has been mixed; for example, Facebook has improved transparency and enhanced users' ability to delete and access their data, but it has not yet improved user education or user targeting based on sensitive terms. Full implementation "is planned to be achieved by a specific deadline," although that deadline remains unspecified. The report also notes, however, that it "does not involve formal decisions by the Office on the complaints it has received in relation to [Facebook]." The Federal Trade Commission recently finalized a settlement with Facebook, first announced in November 2011, which bars Facebook from changing privacy settings without users' affirmative consent or misrepresenting the privacy or security of users' personal information. In comments filed with the FTC earlier in 2012, EPIC recommended that Facebook be prevented from creating facial recognition profiles without users' consent. Although the FTC decided to adopt the settlement without any modifications, the Commission said in a response to EPIC that facial recognition data is included within the settlement's definition of "covered information." In the February 2012 comments, EPIC also recommended that the FTC enforce Fair Information Practices against commercial actors that collect, use or store facial recognition data. In the absence of such safeguards, EPIC urged "the suspension of facial recognition technology deployment until adequate safeguards and privacy standards are established." Irish Data Protection Commissioner: Facebook Audit (Sept. 21, 2012) http://epic.org/redirect/092812-irish-facebook-audit.html FTC: Press Release re: Final Facebook Settlement (Aug. 18, 2012) http://ftc.gov/opa/2012/08/facebook.shtm FTC: Initial Facebook Settlement (Nov. 29, 2011) http://www.ftc.gov/os/caselist/0923184/111129facebookcmpt.pdf EPIC: Facebook Settlement Comments (Dec. 27, 2011) http://epic.org/redirect/092812-epic-fb-settlement-comments.html EPIC: Comments on Facial Recognition (Jan. 31, 2012) http://epic.org/privacy/facerecognition/EPIC-Face-Facts-Comments.pdf EPIC: Federal Trade Commission http://epic.org/privacy/internet/ftc/ EPIC: Facebook and Facial Recognition http://epic.org/privacy/facebook/facebook_and_facial_recognitio.html ======================================================================= [4] Senate Leaves Internet Privacy Law Intact ======================================================================= A Senate Committee has left a key Internet privacy law intact after law enforcement agencies after a last-minute protest by law enforcement agencies.The National District Attorneys' Association and the National Sheriffs' Association were concerned about a provision in the amendment requiring law enforcement to obtain search warrants before accessing files stored in the cloud. The VPPA updates were championed by Netflix and other providers of streaming video content; in the proposed ruling, companies could obtain blanket consent from consumers over the use of their data. The Video Privacy Protection Act was passed in 1988 in reaction to public disclosure of then-Supreme Court nominee Robert Bork's video rental records. In 2011, the US House passed HR 2471, a bill similar to the current Senate proposal, which also would allow companies to obtain blanket consent to disclose consumer video viewing records. In testimony before the Senate in January, EPIC strongly opposed the amendment and instead recommended changes to provide greater safeguards for Internet users. EPIC Executive Director Marc Rotenberg urged the Senate not to adopt HR 2471 because the amendment "undermines meaningful consent" and does not protect consumer privacy. Rotenberg also warned that once Netflix users give the company blanket permission to disclose their information, Netflix could divulge this information to any party - including law enforcement - at any time. EPIC's testimony underscored that the 1988 Video Privacy Protection Act was a "smart, forward- looking, technology neutral" privacy law that could be modernized to ensure protection of "the collection and use of personal information by companies offering new video services." Meanwhile, a federal court in California has held that the VPPA protects the privacy of Hulu subscribers. As the court explained, "Congress was concerned with protecting the confidentiality of private information about viewing preferences regardless of the business model or media format involved." Senate Judiciary Committee: Hearing on VPPA Amendment (Sept. 20, 2012) http://epic.org/redirect/092812-senate-vppa-hearing.html US House: Amendment to the VPPA (HR 2471) http://thomas.loc.gov/cgi-bin/bdquery/z?d112:h.r.02471: EPIC: Testimony Before US Senate on VPPA (Jan. 31, 2012) http://epic.org/privacy/vppa/EPIC-Senate-VPPA-Testimony.pdf US District Court of CA: In Re Hulu Privacy Litigation (Aug. 10, 2012) http://epic.org/privacy/vppa/In-re-Hulu-Order-On-Mot-To-Dismiss.pdf EPIC: Video Privacy Protection Act of 1988 http://epic.org/privacy/vppa/ Video Privacy Protection Act of 1988 http://www.law.cornell.edu/uscode/18/2710.html EPIC: Letter to Rep. Mel Watt (D-NC) re: HR 2471 (Dec. 5, 2011) http://epic.org/privacy/vppa/EPIC-on-HR-2471-VPPA.pdf ======================================================================== [5] DHS Releases 2012 Privacy Report ======================================================================== The Department of Homeland Security has released its 2012 Privacy Office Annual Report to Congress. The report details the expansion of the National Counterterrorism Center's five-year retention policy for records on US Persons, the agency's social media-monitoring initiatives, and privacy training for fusion centers personnel; however, it does not discuss several new DHS-funded initiatives, including the Future Attribute Screening Technology, or FAST, a "Minority-Report"-like proposal for "pre-crime" detection. Also, according to the report the Transportation Security Administration has still failed to adopt privacy safeguards for airport body scanners. Two DHS Privacy Office investigations led to the finding of agency non- compliance. One of those investigations involved DHS's use of social media monitoring. EPIC filed a FOIA request on DHS' social media monitoring program in April 2011, then filed suit against DHS in December 2011 in order to force the disclosure of documents related to the monitoring program, which searched for both suspicious "keywords" and dissent against government programs. Earlier in 2012, Congress held an oversight hearing on the DHS social media monitoring program, and cited the documents obtained by EPIC. While the report acknowledges agency shortcomings, it also touts DHS privacy and transparency training as well public engagement through speaker series, a redesigned FOIA site, and quarterly privacy advocacy meetings. Significantly, the report fails to address the lack of timely notice-and-comment rulemakings, particularly the TSA's lack of rulemaking on body scanners, ordered by a court in 2011 in response to a suit brought by EPIC. The report discusses DHS' increased use of Privacy Compliance Reviews (PCRs), which cover programs including cybersecurity, information sharing, and the use of social media. The DHS Privacy Office used these reviews to fail eight of its own agency programs for their lack of privacy compliance documentation. None of the eight programs are identified in the report, nor are any details of their lack of privacy compliance. The DHS Chief Privacy Office must present annual reports to Congress and is also required by law to ensure that new agency programs do not diminish privacy in the US. DHS Privacy Office: 2012 Annual Report to Congress (Sept. 2012) http://epic.org/redirect/092812-dhs-2012-privacy-report.html EPIC: DHS Privacy Office http://epic.org/privacy/dhs-cpo.html EPIC: Future Attribute Screening Technology (FAST) http://epic.org/privacy/fastproject/ EPIC: Fusion Centers http://epic.org/privacy/fusion/ EPIC: EPIC v. DHS (Social Media Monitoring) http://epic.org/foia/epic-v-dhs-media-monitoring/ EPIC: EPIC v. DHS (Suspension of Body Scanner Program) http://epic.org/redirect/092812-epicvdhs-scannersuspend.html ======================================================================== [6] News in Brief ======================================================================== EPIC Asks FTC to Investigate Facebook-Datalogix Data-Matching Scheme EPIC, joined by the Center for Digital Democracy, has asked the Federal Trade Commission to investigate whether Facebook's data- matching arrangement with data analytics firm Datalogix violates a recent privacy settlement between the FTC and Facebook. Currently, Facebook is matching users' personal information with personal information held by Datalogix. The settlement, first announced in November 2011 and adopted in August 2012, prohibits Facebook from changing privacy settings without users' affirmative consent or misrepresenting the privacy or security of users' personal information. Previously, EPIC had asked the FTC to determine whether Facebook's "Timeline" feature, which makes archived user data widely available, or Facebook's biometric tagging of user photos violated the terms of the consent order. The FTC has not made a determination on the EPIC Timeline request; Facebook has recently suspended facial recognition in the EU, and facial "tagging" in the US. EPIC/CDD: Letter to FTC on Facebook/Datalogix (Sept. 27, 2012) http://epic.org/privacy/facebook/EPIC-Ltr-FB-Datalogix.pdf EPIC: Facebook-Datalogix Relationship http://epic.org/privacy/facebook/facebook_and_datalogix.html FTC: Press Release on Final Settlement with Facebook (Aug. 10, 2012) http://ftc.gov/opa/2012/08/facebook.shtm FTC: Settlement with Facebook (Nov. 29, 2011) http://www.ftc.gov/os/caselist/0923184/111129facebookcmpt.pdf EPIC: Complaint to FTC re: User Facial Recognition (Jun. 10, 2011) http://epic.org/redirect/092812-epic-fb-face-complaint.html EPIC: Letter to FTC re: Facebook Timeline http://epic.org/privacy/facebook/EPIC_Facebook_FTC_letter.pdf EPIC: Facebook and Facial Recognition https://epic.org/privacy/facerecognition/ EPIC: Facebook Privacy http://epic.org/privacy/facebook/ EPIC: Federal Trade Commission http://epic.org/privacy/internet/ftc/ Congress Recommends TSA Address Scanner Privacy and Health Concerns "Rebuilding TSA into a Smarter, Leaner Organization," a new report by the US House Homeland Security Committee, critiques the Transportation Security Administration for "failing to meet taxpayers' expectations." The report recommends that the TSA sponsor "an independent analysis" of the health risks of body scanners and install privacy filters on all devices. The report also cites the 2011 decision in EPIC v. DHS, pointing out that the TSA has failed to abide by the ruling of a federal appeals court to "act promptly" to receive public comments. A Washington, DC appeals court ruled last week that the TSA must begin public commentary on the scanners by March 2013. US House Homeland Security Committee: Report on TSA (Sept. 20, 2012) http://epic.org/redirect/092812-homeland-tsa-report.html US House Homeland Security Committee http://homeland.house.gov/ DC Circuit Court: Order for Rulemaking in EPIC v. DHS (Sept. 25, 2012) http://epic.org/privacy/body_scanners/DC-Cir-Mandamus-Order.pdf EPIC: EPIC v. DHS (Suspension of Body Scanners) http://epic.org/redirect/092812-epicvdhs-scannersuspend.html EPIC: Full Body Scanner Radiation Risks http://epic.org/redirect/092812-scan-radiation-risks.html EPIC: EPIC v. TSA (Body Scanner Modifications and ATR) http://epic.org/privacy/body_scanners/epic_v_tsa.html US House Renews Foreign Intelligence Surveillance Powers The US House has voted to reauthorize the FISA Amendments Act of 2008. The Act authorizes surveillance programs intended to target foreign agents, but allows collection of private communications of US citizens without individualized suspicion. In May 2012, EPIC Executive Director Marc Rotenberg testified before the House Judiciary Committee on the legislation and recommended new oversight procedures. The Senate has yet to consider the measure. EPIC recently submitted a "Friend of the Court" brief to the US Supreme Court in Clapper v. Amnesty International USA, a case involving the FISA Amendments Act. US House: Vote on FISA Amendments Act http://thomas.loc.gov/cgi-bin/bdquery/z?d112:h.r.5949: US House: FISA Amendments Act of 2008 http://epic.org/redirect/092812-fisa-amendments-2008.html US House: Testimony of EPIC's Marc Rotenberg on FISA (May 31, 2012) http://epic.org/redirect/092812-epic-fisa-testimony.html US House: House Judiciary Committee http://judiciary.house.gov/ EPIC et al.: "Friend of the Court" Brief in Clapper (Sept. 24, 2012) http://epic.org/amicus/fisa/clapper/EPIC-Amicus-Brief.pdf EPIC: Clapper v. Amnesty Int'l USA http://epic.org/amicus/fisa/clapper/ EPIC: Foreign Intelligence Surveillance Act http://epic.org/privacy/terrorism/fisa/ FTC Finalizes Settlement with Myspace The Federal Trade Commission has finalized the terms of a settlement with social networking site Myspace. The settlement follows from allegations that Myspace allowed advertisers to access users' personally identifying information after promising to keep such information private, and requires Myspace to implement a comprehensive privacy program, submit to independent audits, and refrain from future privacy misrepresentations. EPIC commented on the settlement, recommending that the FTC make the settlement at least as protective as the agency's previous settlement with Facebook, and requiring Myspace to implement practices consistent with the White House's Consumer Privacy Bill of Rights. In response to EPIC's comments, the FTC decided to accept the proposed settlement without modification but stated that "the privacy program mandated under the consent order will require Myspace to address many of the consumer protections discussed in your comment." FTC: Press Release on FTC-Myspace Settlement http://ftc.gov/opa/2012/09/myspace.shtm FTC: Text of FTC-Myspace Settlement (May 8, 2012) http://www.ftc.gov/os/caselist/1023058/120508myspaceorder.pdf EPIC: Comments on FTC-Myspace Settlement http://epic.org/privacy/socialnet/EPIC-Myspace-comments-FINAL.pdf FTC: Press Release on Settlement with Facebook (Nov. 29, 2011) http://ftc.gov/opa/2011/11/privacysettlement.shtm The White House: Consumer Privacy Bill of Rights (Feb. 2012) http://www.whitehouse.gov/sites/default/files/privacy-final.pdf FTC: Response to EPIC Commentary on Myspace Settlement (Dec. 9, 2011) http://ftc.gov/os/caselist/1023058/120911myspaceletterepic.pdf EPIC: Federal Trade Commission http://epic.org/privacy/internet/ftc/ EPIC: Social Networking Privacy http://epic.org/privacy/socialnet/ New Government Report Highlights Drone Privacy Risks A new report from the Government Accountability Office outlines the risks of increased domestic UAV, or "drone," use following adoption of the FAA Modernization and Reform Act of 2012. The GAO report, "Unmanned Aircraft Systems: Measuring Progress and Addressing Potential Privacy Concerns Would Facilitate Integration into the National Airspace System," notes the widespread privacy concerns about drones operating in US airspace. The report found that such concerns "include the potential for increased amounts of government surveillance using technologies placed on UAS, the collection and use of such data, and potential violations of constitutional Fourth Amendment protections against unreasonable search and seizures." The report also notes that "non-military unmanned aircraft system GPS signals are unencrypted, risking potential interruption of command and control. . . ." Earlier in 2012, EPIC warned Congress about the "substantial legal and constitutional issues involved in the deployment of aerial drones by federal agencies." Also in 2012, EPIC, joined by over 100 organizations, experts, and members of the public, petitioned the FAA to begin a rulemaking to establish privacy safeguards. GAO: Report on Drone Use (Sept. 2012) http://www.gao.gov/assets/650/648348.pdf US Congress: FAA Modernization and Reform Act of 2012 (Jan. 3, 2012) http://thomas.loc.gov/cgi-bin/query/z?c112:H.R.658: EPIC: Testimony Before US House on Drone Use (Jul. 19, 2012) http://epic.org/privacy/testimony/EPIC-Drone-Testimony-7-12.pdf EPIC et al.: Petition to FAA on US Drone Use (Feb. 24, 2012) http://epic.org/privacy/drones/FAA-553e-Petition-03-08-12.pdf EPIC: Unmanned Aerial Vehicles (UAVs) and Drones http://epic.org/privacy/drones/ ======================================================================= [7] EPIC in the News ======================================================================= "Privacy groups call for FTC probe into Facebook's new ad-tracking partnership." The Hill, Sept. 27, 2012. http://epic.org/redirect/092812-thehill-datalogix-epic.html "Privacy groups seek investigation of Facebook's retail data sharing." ArsTechnica, Sept. 27, 2012. http://epic.org/redirect/092812-arstechnica-datalogix-epic.html "Appeals Court Caves to TSA Over Nude Body Scanners." Wired, Sept. 25, 2012. http://www.wired.com/threatlevel/2012/09/appeals-court-caves/ How Europe Is Taking Online Privacy Far More Seriously Than The U.S." ThinkProgress, Sept. 25, 2012. http://epic.org/redirect/092812-thinkprogress-epic-eu.html "Facebook Can ID Faces, but Using Them Grows Tricky." The New York Times, Sept. 21, 2012. http://epic.org/redirect/092812-nyt-facial-epic.html "Divided Court OK's Facebook's Privacy Foundation." MediaPost, Sept. 20, 2012. http://epic.org/redirect/092812-mediapost-fbprivacy-epic.html "Senate delays Netflix, e-mail privacy fix after cops protest." CNet, Sept. 20, 2012. http://epic.org/redirect/092812-cnet-VPPA-epic.html "Senators prepare to vote on Netflix and e-mail privacy." CNet, Sept. 20, 2012. http://epic.org/redirect/092812-cnet-preVPPA-epic.html "Drones In U.S.: More Unmanned Aircraft Will Be Flying In Domestic Airspace By 2015." The Huffington Post, Sept. 19, 2012. http://epic.org/redirect/092812-huffpo-drones-epic.html "New House bill targets mobile device tracking software." ZDNet, Sept. 13, 2012. http://epic.org/redirect/092812-zdnet-mobile-epic.html For More EPIC in the News: http://epic.org/news/epic_in_news.html ======================================================================= [8] Book Review: 'Some Remarks' ======================================================================= "Some Remarks: Essays and Other Writing," Neal Stephenson http://epic.org/redirect/092812-some-remarks-stephenson.html Crypto-hacker hero Neal Stephenson really likes to organize, reorganize, and categorize information. But he writes best when he focuses on ideas that occupy the interstices between categories. Stephenson claims that "Some Remarks," a 20-year compendium of essays, interviews, and short fiction, eschews the "pitilessly accurate historical record" and is instead "a shameless whitewashing of that historical record, picking only the good stuff." This interstitial cherry-picking provides readers with an extraordinary insight into Stephenson's career. Of the "17 1/2" works included in "Some Remarks," there are "2 1/2" works of short fiction, eight essays, a lecture, two interviews, a b ook forward, and three pieces of journalistic reporting. The bulk of the book consists of two of these three articles, which are, unfortunately, also two of the driest pieces in the collection. Stephenson's essays are more succinct and more compelling than his journalism, and they cover the widest swath of subject matter. "Arsebestos" is a previously unpublished essay exploring the merits of a treadmill desk. "Blind Secularism," Stephenson's oldest effort, attempts to encourage the secular-minded reader to try to understand radical acts of the faithful on their own terms. "Locked In" is a rambling essay about rockets. Stephenson's essays are rife with categories. "Turn On, Tune In, Veg Out," for example, divides media consumption habits into two styles: "geeking out" and "vegging out." His Foreword to David Foster Wallace's "Everything and More" separates attitudes about phenomenology into "priestly" and "bad boy;" academic attitudes into "Coastal" and "Midwestern American College Town;" science writing for amateurs into four numbered "Types." Neal Stephenson's prose only really shines, however, in his hacker fiction, when he abandons the categorical and embraces the interstitial. "The Great Simeleon Caper" is a kind of hacker's bildungsroman, in which a recent college grad who works in Internet tech support discovers his true place in the world: hacking between network code and user interface. In "Spew," a hacker tasked with profiling a young woman finds that neither the Internet nor real-world interactions alone can provide him with the most revelatory information about his target; instead, he must rely on his intuition about the space between her online and real-world presence. In his final essay, Stephenson confesses, "The quality of my e-mails and public speaking is, in my view, nowhere near that of my novels." He's right. The short stories in this collection are, like the rest of his writing, packed full of theories and ideas and explanations. But in his fiction, Stephenson avoids his tendency to sort his ideas into categories, and allows his prose to flow naturally from the spaces between them. -- Julia Horwitz ================================ EPIC Publications: "Litigation Under the Federal Open Government Laws 2010," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark S. Zaid (EPIC 2010). Price: $75 http://epic.org/bookstore/foia2010/ Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding President Obama's 2009 memo on Open Government, Attorney General Holder's March 2009 memo on FOIA Guidance, and the new executive order on declassification. The standard reference work includes in-depth analysis of litigation under: the Freedom of Information Act, the Privacy Act, the Federal Advisory Committee Act, and the Government in the Sunshine Act. The fully updated 2010 volume is the 25th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. http://www.epic.org/redirect/aspen_ipl_casebook.html This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore http://www.epic.org/bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= 3rd Annual Privacy, ATI and Security Congress. 4-5 October 2012, Ottawa, ON. For More Information: http://www.rebootconference.com/ events/information-privacy-security-congress-2012/. Amsterdam Privacy Conference. 7-10 October 2012, Amsterdam. For More Information: http://www.ivir.nl/news/CallforPapersAPC2012.pdf. "Reform of the EU Data Protection Framework." EU Parliament, Brussels, 9-10 October 2012. For More Information: http://www.europarl.europa.eu/ webnp/cms/lang/fr/pid/1779. "The Evolving Internet," University of Pennsylvania School of Law, 19-20 October 2012, Philadelphia. For More Information: http://www.pennumbra.com/symposia/. The Public Voice Conference. 22 October 2012, Punta del Este, Uruguay. For More Information: http://www.thepublicvoice.org/. 34th International Conference of Data Protection and Privacy. 23-25 October 2012, Punta del Este, Uruguay. For More Information: http://www.privacyconference2012.org/english/sobre-la-conferencia/ noticias/noticia-destacada. PIPA Conference 2012: "Privacy on the Go." 1-2 November 2012, Calgary, Alberta. For More Information: http://privacyconference2012.ca. "Computers, Privacy and Data Protection: Reloading Data Protection." 23-25 January 2013, Brussels. For More information: http://www.cpdpconferences.org/. ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://epic.org/facebook http://twitter.com/epicprivacy Join us on Twitter for #privchat, Tuesdays, 11:00am ET. Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Donate to EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 19.18 ------------------------