EPIC Alert 20.08

<pre><blockquote>
=======================================================================
                    E P I C   A l e r t
=======================================================================
Volume 20.08                                      April 30, 2013
-----------------------------------------------------------------------

                   Published by the
       Electronic Privacy Information Center (EPIC)
                   Washington, D.C.

      http://www.epic.org/alert/epic_alert_20.08.html

            "Defend Privacy. Support EPIC."
                 http://epic.org/donate


========================================================================
Table of Contents
========================================================================

[1] EPIC Lawsuit Produces Details of Internet Monitoring
[2] Consumer Groups Oppose Delay of New Children's Privacy Rules
[3] EPIC Files Amicus Brief, Urges Disclosure of Secret Legal Memos
[4] EPIC to FAA:  Establish Privacy Standards for Drone Use
[5] Froomkin, Kaplan, 'Spaf,' Wu Join EPIC Advisory Board
[6] News in Brief
[7] EPIC in the News
[8] EPIC Book Review: 'Spam'
[9] Upcoming Conferences and Events


TAKE ACTION:  Comment on the TSA's 'Nude' Airport Body Scanners!
- COMMENTS to the TSA:  http://www.epic.org/redirect/TSAcomment/
- LEARN More:  http://epic.org/TSAcomment/
- SUPPORT EPIC:  http://www.epic.org/donate/


REGISTER NOW: EPIC Champion of Freedom Awards Dinner
               June 3, 2013, Washington DC
                        with
               Senator Rand Paul (R-KY)
               Senator Ron Wyden (D-OR)
               Pulitzer Prize Winner Martha Mendoza
               Consumer Advocate Susan Grant
               Privacy Scholar and Advocate David Flaherty
                                
               http://www.epic.org/june3/


========================================================================
[1] EPIC Lawsuit Produces Details of Internet Monitoring
========================================================================

As a result of a Freedom of Information Act lawsuit against the
Department of Homeland Security, EPIC has obtained documents that
reveal that the US government, defense contractors, and Internet
Service Providers are developing new strategies to monitor Internet
communications, possibly in violation of the federal wiretap act.

The documents obtained by EPIC reveal that the DOD's Office of General
Counsel encouraged defense contractors to adopt language providing
expansive consent to government monitoring, including the "monitoring
of data and communications in transit; "disclos[ure] for any purpose,
including to the Government;" and a statement that users have "'no
[reasonable] expectation of privacy' regarding communications or data
transiting or stored on the system." The broad consent is, according
to DOD slides also obtained under FOIA, "driven by the Wiretap Act
and Stored Communications Act." Nevertheless, the documents show
that Internet service providers requested immunity in case the
surveillance ran afoul of federal law.

The documents obtained by EPIC also cite the National Security
Presidential Directive 54 as one source of authority for the CS/IA
program. The Directive was issued under President George W. Bush, and
granted the National Security Agency broad authority over the security
of American computer networks, as well as creating the Comprehensive
National Cybersecurity Initiative. EPIC is currently pursuing the
release of the Directive in separate FOIA litigation.


CNET: "U.S. gives big, secret push to Internet surveillance:
Justice Department agreed to issue "2511 letters" immunizing AT&T and
other companies participating in a cybersecurity program from criminal 
prosecution under the Wiretap Act, according to new documents obtained
by the Electronic Privacy Information Center." Apr. 24, 2013.
    http://news.cnet.com/8301-13578_3-57581161-38/u.s-gives-big-secret-
    push-to-internet-surveillance/


EPIC:  EPIC v. DHS - Defense Contractor Monitoring
    http://epic.org/foia/dhs/defense-monitoring.html

DOD:  Defense Industrial Base Cybersecurity Activities (May 11, 2012)
    http://www.defense.gov/news/d20120511dib.pdf

EPIC:  FOIA Documents from DOD on Monitoring and Consent (Dec. 9, 2011)
    http://epic.org/privacy/cybersecurity/12-00333-doc-notice-sm.pdf

Federal Register:  Executive Order 13636 (Feb. 19, 2013)
    http://www.gpo.gov/fdsys/pkg/FR-2013-02-19/pdf/2013-03915.pdf

EPIC:  EPIC v. NSA - Cybersecurity Authority
    http://epic.org/privacy/nsa/epic_v_nsa.html


========================================================================
[2] Consumer Groups Oppose Delay of New Children's Privacy Rules
========================================================================

EPIC, as part of a group of consumer, privacy, and children's
advocates, have written to the Federal Trade Commission to oppose an
industry effort to delay implementation of the new Children's Online
Privacy Protection Act (COPPA) rule. The new rule expands the
definition of "personal information" to include geolocation information
and persistent identifiers (i.e., "cookies"), and prevents third-party
advertisers from secretly collecting children's personal information
for advertising purposes without parental consent. These new safeguards
were developed in response to the FTC's 2012 report, which found that
many mobile apps for children conceal data collection practices.

The group's letter indicates that more than two years have passed since
the Commission proposed the updates to COPPA. The Commission first set
out the revised COPPA rule for comment in September 2011, stating that
the agency was "deeply committed to helping to create a safer, more
secure online experience for children and . . . ensure[s] that COPPA
continues to meet its originally stated goals, even as online
technologies, and children's use of such technologies, evolve." The
letter also notes that the FTC had provided for three separate rounds
of comments before issuing a final rule in December 2012. The effective
date was set more than six months in advance in order to give the
industry "plenty of time to come into compliance."

In April 2013 two leading industry members submitted a letter to the
Commission, requesting an extension for the effective date. Instead of
coming into compliance by July 1, 2013 as planned, the industry groups
asked the FTC to push back the effective date to December 31, 2013.
EPIC's letter urges the FTC not to approve the extension, and to adhere
to the agency's stated goals and timelines. The letter states that
there is no "compelling reason for giving the industry more time to
comply with the law."
 
EPIC commented in both 2011 and 2012 in support of both the original
proposed COPPA rule change and a revised version. During the
Commission's first comment period, EPIC stated, "The proposed revisions
. . .  tak[e] better account of the increased use of mobile devices and
the new online information collection ecosystem. By incorporating the
[new] changes . . . the Commission can further strengthen the rule and
ensure that children's online privacy is adequately protected . . ."
EPIC's second set of comments reiterated support for the revisions,
but also advised the Commission to better define some new terms,
including "(1) 'personal information'; (2) 'operator'; and (3) 'website
or online service directed to children.'"

 
EPIC et al.:  Letter to FTC (Apr. 23, 2013)
    http://epic.org/redirect/043013-epic-letter-FTC-coppa.html

FTC:  Report on Mobile Apps for Kids (Dec. 2012)
    http://www.ftc.gov/os/2012/12/121210mobilekidsappreport.pdf

EPIC:  Comments on Proposed COPPA Rule (Dec. 23, 2011)
    http://epic.org/redirect/043013-epic-letter-FTC-coppa.html

EPIC:  Comments on Revised COPPA Rule (Sep. 24, 2012)
    http://epic.org/privacy/kids/EPIC-COPPA-2012-Rule-Rev-Cmts.pdf

EPIC:  Children's Online Privacy
    http://epic.org/privacy/kids/default.html

EPIC:  FTC
    http://epic.org/privacy/internet/ftc/


========================================================================
[3] EPIC Files Amicus Brief, Urges Disclosure of Secret Legal Memos
========================================================================

EPIC, joined by seven open-government organizations, has filed a
"friend of the court" brief in the case New York Times Co. v.
Department of Justice, urging a federal appeals court to order the US
government to disclose the legal authority for drone strikes. The
case centers on whether the Obama Administration is required, under
the Freedom of Information Act, to disclose legally binding opinions
from the DOJ's Office of Legal Counsel.

Both The New York Times and the ACLU made 2012 FOIA requests to the
White House Office of Legal Counsel, the legal interpreter of the
Executive Branch, seeking memos outlining the legal justification of
the Administration's overseas targeted killing program. The OLC refused
to disclose the legal opinions, stating that the opinions were
simultaneously classified and merely informal interagency memos.

EPIC's brief argues that these legal opinions cannot be withheld under
the FOIA. "By withholding these legal opinions, which direct the
actions of the government and impact private parties, the Department
is establishing secret law that is antithetical to democratic
governance," the brief states. The FOIA allows withholding only
properly classified materials. Legal analysis, separated from other
factual materials, does not meet the legal requirements for
classification, and therefore cannot be withheld under the FOIA; "Facts
may threaten national security. But a reasonably segregated legal
analysis or statement of law does not," the brief states.

In the past, the brief argues, the disclosure of OLC legal opinions has
"promote[d] public debate," facilitated Congressional oversight, and
prompted legal reforms. After the OLC memos detailing the use of
torture were released, the brief states, Congress debated and enacted
the Detainee Treatment Act of 2005, regulating the use of enhanced
interrogation techniques.


EPIC et al.:  "Friend of the Court" Brief in NYT v. DOJ (Apr. 22, 2013)
    http://epic.org/redirect/043013-epic-nyt-doj-amicus.html

EPIC:  New York Times Co. v. Dep't of Justice
    http://epic.org/amicus/foia/new-york-times/

DOJ:  Office of Legal Counsel
    http://www.justice.gov/olc/

EPIC:  Open Government
    http://epic.org/open_gov/


========================================================================
[4] EPIC to FAA:  Establish Privacy Standards for Drone Use
========================================================================

EPIC has submitted comments to the Federal Aviation Administration,
urging the agency to mandate minimum privacy standards for drone
operators.

In early 2012, Congress told the FAA to implement a comprehensive plan
to integrate drones into US airspace. Shortly afterwards, EPIC, joined
by over 100 other organizations, experts, and members of the public,
petitioned the FAA to address privacy issues as part of the drone
integration process. EPIC's petition explained that drones pose
substantial threats to privacy because "drones greatly increase the
capacity for domestic surveillance." The petition included a request
for agency action, urging the FAA to conduct notice-and-comment
rulemakings on drones' impact on privacy and civil liberties.

In February 2013, the FAA responded to EPIC's petition, announcing
that it would "address [privacy issues] through engagement and
collaboration with the public." As a result, the FAA published a
notice in the Federal Register that included proposed privacy
requirements for drone operators. These requirements include the
controlled transmission of data from the government operator to the
FAA, rules underscoring the importance of complying with existing
state and federal privacy laws, and implementation of privacy
standards based on Fair Information Practices, or FIPs.

EPIC's new comments recommend that the FAA use Fair Information
Practices as the foundation of the agency's proposed privacy standards.
The comments explain the significance of FIPs, noting that FIPs outline
rights and responsibilities that provide the basis for privacy laws.
EPIC wrote, "Not only have FIPs played a significant role in framing
privacy laws in the United States, but they have also contributed to
development of privacy laws around the world and to the development of
important international guidelines for privacy protection."

EPIC's comments also recommend that the FAA maintain a public database
of all drone operators, noting, "In order to ensure that drone
operators comply with the terms of their authorizations and with the
disclosed data collection and minimization practices, the FAA should
implement a system of regular, independent audits for drone operators."
The comments point out that audits are "a crucial oversight tool for
ensuring that behavior comports with the law and licensing
requirements."


EPIC:  Comments to FAA on Drone Policy (Apr. 23, 2013)
    http://epic.org/privacy/drones/EPIC-Drones-Comments-2013.pdf

FAA:  Request for Comments on Drone Policy (Feb. 22, 2013)
    http://www.regulations.gov/#!documentDetail;D=FAA-2013-0061-0001

FAA:  Announcement on Request for Comments (Feb. 14, 2013)
    https://faaco.faa.gov/index.cfm/announcement/view/13143

FAA:  Letter to EPIC re: Petition (Feb. 14, 2013)
    http://epic.org/privacy/drones/DOT-UAS-Privacy-Issues-Letter.pdf

EPIC et al:  FAA Petition (Feb. 24. 2012)
    http://epic.org/privacy/drones/FAA-553e-Petition-03-08-12.pdf

112th Congress:  Public Law 112-95 (2012)
    http://epic.org/redirect/043013-drone-public-law.html

EPIC: Domestic Unmanned Aerial Vehicles and Drones
    http://epic.org/privacy/drones/


========================================================================
[5] Froomkin, Kaplan, "Spaf," Wu Join EPIC Advisory Board
========================================================================

EPIC has announced four new members of the EPIC Advisory Board:  A.
Michael Froomkin, Sheila Kaplan, Eugene "Spaf" Spafford, and Tim Wu.
The EPIC Advisory Board is a distinguished group of experts in law,
technology, and public policy. 

A. Michael Froomkin is the Laurie Silvers and Mitchell Rubenstein
Distinguished Professor of Law at the University of Miami School of
Law. Professor Froomkin writes about and teaches Internet law,
administrative law, and e-commerce.

Sheila Kaplan is a student-privacy advocate and founder of Education
New York, a nonprofit education publication. Kaplan advocates for state
and federal legislation to protect children's privacy and conducts
outreach to inform parents of their rights under the Federal Education
Rights and Privacy Act.

Eugene Spafford is a professor of Computer Science at Purdue
University. A researcher with over 30 years experience in tcomputer
security, "Spaf"'s work is at the foundation of technologies related to
intrusion detection, firewalls, and whitelisting. Spaf is also the
founder and Executive Director of the Center for Education and Research
in Information Assurance and Security (CERIAS), the oldest and largest
academic multidisciplinary institute devoted to cybersecurity and
privacy in the US.

Tim Wu is the Isidor and Seville Sulzacher Professor of Law at Columbia
Law School and author of the books "The Master Switch" and "Who
Controls the Internet?" Wu's primary research areas are the Internet,
media, and communications industries. At Columbia he teaches copyright,
communications law and policy, and antitrust.

Joining the EPIC Board of Directors in 2013 are current Advisory Board
members David Farber, Joi Ito, and Jeff Jonas.


EPIC:  Advisory Board
    http://epic.org/epic/advisory_board.html

U. of Miami:  A. Michael Froomkin
    http://epic.org/redirect/froomkin-bio.html

Education New York:  Sheila Kaplan
    http://www.educationnewyork.com/about.html

EPIC:  Eugene Spafford
    http://epic.org/epic/advisory_board.html#spafford

Columbia U. Law School:  Tim Wu
    http://www.law.columbia.edu/fac/Tim_Wu
   
EPIC:  Board of Directors
    http://epic.org/epic/staff_and_board.html


========================================================================
[6] News in Brief
========================================================================

Public Opposes TSA Nude Body Scanners

Following a 2011 court mandate that the Transportation Security
Administration receive public comment on airport body scanners, the
public has stated an overwhelming opposition to invasive nude body
scanners. The mandate was in response to EPIC's lawsuit, EPIC v. DHS,
in which EPIC successfully challenged the TSA's unlawful deployment of
airport body scanners. The TSA will accept comments until June 24,
2013. To date, the public has submitted more than 3100 comments noting
various problems with the scanners, including privacy violations,
potential health risks, and the machines' inability to accurately
detect threats. EPIC has also filed appeals in two Freedom of
Information Act cases seeking documents related to airport body scanner
radiation risks and threat detection software.


DC Appeals Court:  Order for TSA on Scanners  (Jul. 15, 2011)
    http://epic.org/redirect/071911_circuit_opinion_epicvdhs.html
   
TSA:  Opportunity for Public Comment on Scanners
    http://www.regulations.gov/#!docketDetail;D=TSA-2013-0004

TSA:  Background on Body Scanner Commentary
    http://www.regulations.gov/#!documentDetail;D=TSA-2013-0004-0001

EPIC:  FOIA Request on Body Scanner Radiation Risks (Jul. 13, 2010)
    http://epic.org/privacy/backscatter/Body_Scanner_Radiation_FOIA.pdf

EPIC:  FOIA on Backscatter Threat Detection Software (Jun. 15, 2010)
    http://epic.org/privacy/EPICJune15FOIARequest.PDF

EPIC:  Comment on the TSA Nude Body Scanner Proposal
    http://epic.org/TSAcomment/

EPIC:  EPIC v. TSA (Body Scanner Radiation Risks)
    http://epic.org/redirect/043013-scanner-radiation-risks.html

EPIC v. TSA - Body Scanner Modifications (ATR)
    http://epic.org/privacy/body_scanners/epic_v_tsa.html

EPIC:  EPIC v. DHS (Suspension of Body Scanner Program)
    http://epic.org/privacy/body_scanners/epic_v_dhs_suspension_of_body.html


Senate Committee Clears Update to Email Privacy Law

The US Senate Judiciary Committee has approved a bill to update the
Electronic Communications Privacy Act, a 1986 law that provides privacy
protections for email and other digital communications. The update,
sponsored by Senator Patrick Leahy (D-VT) and co-sponsored by Senator
Mike Lee (R-UT), would extend protections to communications that reside
in "cloud storage." Earlier this month, the US Supreme Court declined
to review a decision by the South Carolina Supreme Court, which held
that ECPA does not protect emails stored on remote computer servers.
EPIC, joined by 18 national organizations, filed a "friend of the
court" brief in Jennings v. Broome, urging the Supreme Court to
clarify the scope of email privacy protections. In March 2013, EPIC
sent a letter to the US House Judiciary Committee, recommending a
comprehensive review of the law.


US Senate:  Status of ECPA Update (Apr. 25, 2013)
    http://www.govtrack.us/congress/bills/113/s607

US Senate:  Text of ECPA Update (S. 607) (Mar. 19, 2013)
    http://thomas.loc.gov/cgi-bin/query/z?c113:S.607:

Cornell University:  Text of ECPA (1986)
    http://www.law.cornell.edu/uscode/text/18/part-I/chapter-119

US Supreme Court:  Decision on Jennings v. Broome Cert. (Apr. 15, 2013)
    http://www.supremecourt.gov/orders/courtorders/041513zor_p86b.pdf

SC Supreme Court:  Decision in Jennings (Oct. 10, 2012)
   http://www.sccourts.org/opinions/HTMLFiles/SC/27177.pdf

EPIC et al.:  "Friend of the Court" Brief in Jennings (Feb. 7, 2013)
    http://epic.org/amicus/ecpa/jennings/EPIC-Amicus-Brief.pdf

EPIC:  Letter to US House re: ECPA (Mar. 18, 2013)
    http://epic.org/privacy/ecpa/EPIC-to-HJC-re-ECPA-3-18-2013.pdf

EPIC:  Electronic Communications Privacy Act
    http://epic.org/privacy/ecpa/

EPIC:  Jennings v. Broome
    http://epic.org/amicus/ecpa/jennings/
    

EPIC Appeals FOIA Lawsuits Seeking Body Scanner Information

EPIC has filed appeals in two Freedom of Information Act cases, after
seeking documents from the Department of Homeland Security and the
Transportation Security Administration related to airport body
scanners. EPIC filed FOIA requests with the agencies seeking records
related to radiation risks from body scanners and to the machines'
threat-detection software. The TSA is currently developing formal rules
for the use of body scanners in response to a 2011 court order in one
of EPIC's previous cases. Airport backscatter machines allow "digital
strip searches" of individuals who are not suspected of any crime.


DC Federal Court:  Opinion in EPIC v. DHS (Mar. 7, 2013)
    https://ecf.dcd.uscourts.gov/cgi-bin/show_public_doc?2010cv1992-20

DC Federal Court:  Opinion in EPIC v. TSA (Mar. 7, 2013)
    https://ecf.dcd.uscourts.gov/cgi-bin/show_public_doc?2011cv0290-23

EPIC:  FOIA Request on Body Scanner Radiation (Jul. 13, 2010)
    http://epic.org/privacy/backscatter/Body_Scanner_Radiation_FOIA.pdf

EPIC:  FOIA request on Automated Target Recognition Software
    http://epic.org/privacy/EPICJune15FOIARequest.PDF

EPIC:  DC Circuit Opinion on Body Scanners (Jul. 15, 2011)
    http://epic.org/redirect/071911_circuit_opinion_epicvdhs.html

EPIC:  EPIC v. DHS (Body Scanner Radiation Risks)
    http://epic.org/redirect/043013-scanner-radiation-risks.html

EPIC:  EPIC v. TSA, Body Scanner Automated Target Recognition
    http://epic.org/privacy/body_scanners/epic_v_tsa.html

EPIC:  EPIC v. DHS (Suspension of Body Scanners)
    http://epic.org/redirect/030113-epic-v-dhs-scan-suspension.html


White House Releases Unclassified Summary of President's Cyber Directive

The White House has released an unclassified summary of Presidential
Policy Directive 20, which sets out the cybersecurity authority of the
National Security Agency within the US and, in the process, raises more
issues about government surveillance of the Internet. The existence of
the Directive was detailed in a story in the Washington Post in 2012,
and EPIC immediately pursued the Directive's public release. According
to the Obama White House, PPD-20 "established principles and processes
for the use of cyber operations so that cyber tools are integrated with
the full array of national security tools." EPIC is still pursuing the
release of the full document.


The White House:  Unclassified Summary of PPD-20 (Jan. 2013)
    http://epic.org/redirect/043013-whitehouse-unclass-ppd-20.html

The Washington Post:  Article on PPD-20 (Nov. 14, 2012)
    http://epic.org/redirect/043013-washpost-article-ppd-20.html

EPIC:  FOIA Request to NSA re:  PPD 20 (Nov. 14, 2012)
    http://epic.org/redirect/043013-EPIC-foia-nsa-ppd20.html

EPIC:  FOIA Appeal to NSA re: PPD 20 (Nov. 27, 2012)
    http://epic.org/foia/nsa/NSA-PPD-Appeal.pdf

EPIC:  Cybersecurity Privacy Practical Implications
    http://epic.org/privacy/cybersecurity/

EPIC:  EPIC v. NSA (NSPD 54)
    http://epic.org/privacy/nsa/epic_v_nsa.html
   
   
House Subcommittee Considers Geolocation Privacy

The US House Subcommittee on Crime, Terrorism, Homeland Security, and
Investigations heard testimony April 25 on proposed Geolocation Privacy
safeguards for the collection and use of location data generated by
mobile phones and other devices. EPIC noted in a recent letter to the
House Judiciary Committee, and in testimony before the Maryland House
of Delegates and Texas House of Representatives on similar bills, that
ECPA does not protect location records. Courts are divided on whether
such records are protected by the Fourth Amendment.


US House Judiciary:  Hearing on Geolocation Privacy (Apr. 25, 2013)
    http://judiciary.house.gov/hearings/113th/hear_04252013.html

GPS.gov:  Geolocation Privacy Legislation
    http://www.gps.gov/policy/legislation/gps-act/

EPIC:  Letter to House Judiciary Committee re: ECPA (Mar. 18, 2013)
    http://epic.org/privacy/ecpa/EPIC-to-HJC-re-ECPA-3-18-2013.pdf

EPIC:  Testimony on Location Privacy before MD House (Feb. 26, 2013)
    http://epic.org/redirect/043013-epic-location-testimony-md.html

EPIC:  Testimony on Location Privacy before TX House (Mar. 26, 2013)
    http://epic.org/redirect/043013-epic-location-testimony-md.html

EPIC:  Locational Privacy
    http://epic.org/privacy/location_privacy/

EPIC:  Electronic Privacy Communications Act (ECPA)
    http://epic.org/privacy/ecpa/


DHS Releases Revised Privacy Assessment on Internet Monitoring Program

The Department of Homeland Security has released a Privacy Impact
Assessment for "Einstein 3 - Accelerated," a government cybersecurity
program that monitors Internet traffic, including scanning email
destined for .gov networks for malicious attachments and URLs.
According to DHS, the basis of the government's authority to perform
the monitoring is National Security Presidential Directive 54. EPIC
is pursuing FOIA litigation to force the government to release the
Directive to the public.


DHS:  Privacy Impact Assessment for Einstein 3 (Apr. 19, 2013)
    http://epic.org/redirect/043013-DHS-pia-einstein3.html

EPIC:  FOIA Request to NSA re: Presidential Directive 54 (Feb. 4, 2010)
    http://epic.org/foia/NSPD54_complaint.pdf

EPIC:  EPIC v. NSA - Cybersecurity Authority
    http://epic.org/privacy/nsa/epic_v_nsa.html
   
   
Polls Show Little Support for Expanding Government Surveillance

Polls conducted by Fox News and The Washington Post following the
Boston Marathon bombings show little public support for changes in the
scope of government surveillance. According to Fox News, when
respondents were asked, "Would you be willing to give up some of your
personal freedom in order to reduce the threat of terrorism?" more
said they would not (45%) compared to those who said they would (43%),
for the first time since the attacks of Sept. 11, 2001. A Washington
Post poll indicated that the public was more concerned (48%) that the
government would go too far to investigate terrorism than that it
would not go far enough (41%). A Rassmusen Poll conducted of likely
voters found that more than half of the respondents (54%) said economic
threats were a greater danger to the country than terrorism.


Fox News:  Poll on Bombings and Government Surveillance (Apr. 16, 2013)
    http://epic.org/redirect/043013-fox-news-surveillance-poll.html

The Washington Post:  Poll on Bombings/Surveillance (Apr. 17-18, 2013)
    http://epic.org/redirect/043013-washpost-surveillance-poll.html

Rasmussen Report on Terrorism and Safety  (Apr. 17-18, 2013)
    http://epic.org/redirect/043013-rasmussen-terrorism-poll.html

EPIC:  Public Opinion on Privacy
    http://epic.org/privacy/survey/

=======================================================================
[7] EPIC in the News
=======================================================================

"Surveillance Cameras Sought by Cities After Boston Bombs." Bloomberg
New, Apr. 29, 2013.
    http://www.bloomberg.com/news/2013-04-29/surveillance-cameras-
    sought-by-cities-after-boston-bombs.html


"DoJ Secretly Granted Immunity to Companies that Participated in
Monitoring Program." Wired, Apr. 24, 2013.
    http://www.wired.com/threatlevel/2013/04/immunity-to-internet-
    providers/


"US government's use of deep packet inspection raises serious
privacy questions." TechWorld, Apr. 24, 2013.
    http://news.techworld.com/security/3444019/dhs-use-of-deep-
    packet-inspection-technology-in-new-net-security-system-raises-
    serious-privacy-questions/


"U.S. gives big, secret push to Internet surveillance." CNet, Apr.
24, 2013.
    http://news.cnet.com/8301-13578_3-57581161-38/u.s-gives-big-
    secret-push-to-internet-surveillance/


"How college students can maintain online privacy." USA Today,
Apr. 23, 2013.
    http://www.usatoday.com/story/tech/personal/2013/04/23/
    college-students-online-privacy-tips/2107313/


"Speak out now on the TSA's full-body scanners." Chicago Tribune,
Apr. 23, 2013.
    http://www.chicagotribune.com/travel/sns-201304230000--tms--
    traveltrctntt-b20130423-20130423,0,4469728.story


"Security images spark privacy debate." Financial Times, Apr. 21,
2013.
    http://www.ft.com/cms/s/0/8e41cfa4-aa64-11e2-bc0d-00144
    feabdc0.html#axzz2R6BvAncA

   
"Now is your chance to tell the TSA what you think of 'nude' full-
body scanners." The Verge, Apr. 21, 2013.
    http://www.theverge.com/2013/4/21/4249418/tsa-nude-full-body-
    scanner-public-comment

   
"Surveillance Camera and National Security." CSPAN Video, Apr. 20,
2013.
    http://www.c-spanvideo.org/program/312269-3

"Invasion Of Privacy? RFID Tracking Kids On School Buses; Privacy
Advocates Concerned By 'Attendance Management' Pilot Program In Gordon
County, Ga." International Business Times, Apr. 20, 2013.
    http://www.ibtimes.com/invasion-privacy-rfid-tracking-kids-school-
    buses-privacy-advocates-concerned-attendance-managemen
t

"Rise of Domestic Drones Draws Questions About Privacy, Limiting Use."
PBS NewsHour, Apr. 19, 2013.
    http://www.pbs.org/newshour/bb/science/jan-june13/drones_04-18.html

"Stores' surveillance cameras can help crack crimes." USA Today,
Apr. 19, 2013.
    http://www.usatoday.com/story/money/business/2013/04/18/boston-
    bombs-retail-cameras-suspects-privacy/2093771/


"The Navigator: Speak out now on full-body scanners." The
Washington Post, Apr. 18, 2013.
    http://www.washingtonpost.com/lifestyle/travel/the-navigator-speak-
    out-now-on-full-body-scanners/2013/04/18/bf52c568-a5ea-11e2-8302-
    3c7e0ea97057_story.html


"Gov't didn't shut down cell networks in Boston--but it could have."
ArsTechnica, Apr. 16, 2013.
    http://arstechnica.com/tech-policy/2013/04/govt-didnt-shut-down
    -cell-networks-in-boston-but-it-could-have/


For More EPIC in the News: http://epic.org/news/epic_in_news.html


========================================================================
[8] Book Review:  'Spam'
========================================================================

"Spam:  A Shadow History of the Internet," Finn Brunton

http://epic.org/redirect/043013-spam-brunton.html

"Spam." It's a noun and a verb, a singular and plural entity. Like
junk email itself, the word is annoying, clich├ęd, amorphous - and, in
the hands of University of Michigan computer science professor Finn
Brunton - made almost elegant in a brief book not only about spam, but
also about how early Internet culture inherently bred a predisposition
to spam and how the changing dynamics of the Net indirectly fill our
bulging junk-mail boxes.

Brunton maintains that there have been "three epochs of spam,"
corresponding roughly with three distinct phases of Internet
development: from the early 1970s to 1995, when the founders of the
Internet were "trying to work out acceptable rules, mores, and
enforcement tools for online communication"; from 1995 to 2003,
beginning with the privatization of networks and ending in the dotcom
bust and the passage of the CAN SPAM Act; and from 2003 onward, which
has focused on user-created content and tools. In each era, according
to Brunton, the nature and technology of spam has been a "shadow" of
the Internet's development as a whole - from blaring, undirected ads
to search engine manipulation to sophisticated, targeted "phishing"
techniques.

Published by MIT Press, "Spam" is fundamentally an academic book, and
as a result is peppered with socio-technological terms; fortunately
Brunton handles them straightforwardly and unpretentiously.  Among
the more interesting concepts he introduces is "charivari," or
"spontaneous community justice."  Spammers, he says, have been located,
humiliated and shut down by being "outed" by charivari; unfortunately,
he adds, charivari offers "no constructive plan beyond humiliating and
shaming the offender, and dies away just as quickly as it flares up,"
allowing spammers to regroup and begin their dirty work anew.

"Spam," already a short book at just 200 pages of text, could have been
even shorter.  It's not lugubrious, just sometimes too self-
congratulatory in its name-dropping and in the minutiae of Internet
culture and development, particularly from the 1970s-1990s. This early
history would feel more relevant if more readers had a previous
knowledge of the people or technologies involved, and it's hard not to
feel excluded from the first-adopters club. At times "Spam" also seems
to veer from the title subject to other forms of online harassment,
including bullying and shaming. These are topics worthy of their own
books, but in this context cause Brunton's narrative to track a little
off-course.

As befits the subject matter, "Spam" is not a cheery read. The behind-
the-scenes machinations of creating and disseminating spam are creepily
fascinating - this is your opportunity, for example, to learn about the
genesis of the Nigerian banking scam - but the schadenfreude of reading
about cybercriminals knocking one another out with viruses and
occasional physical implements gets old quickly. Equally depressing is
Brunton's study of how users are duped by spam and scams again and
again; spammers' ability to home in on the latest weakness of online
culture continues to be remarkably effective.

Despite the book's shortcomings, "Spam" is filled with information that
all Internet users need to know in order to understand our technological
adversaries and their unconventional weaponry.


- EC Rosenberg

================================
EPIC Publications:

"Litigation Under the Federal Open Government Laws 2010," edited by
Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark
S. Zaid (EPIC 2010). Price: $75.

http://epic.org/bookstore/foia2010/

Litigation Under the Federal Open Government Laws is the most
comprehensive, authoritative discussion of the federal open access laws.
This updated version includes new material regarding President Obama's
2009 memo on Open Government, Attorney General Holder's March 2009 memo
on FOIA Guidance, and the new executive order on declassification. The
standard reference work includes in-depth analysis of litigation under:
the Freedom of Information Act, the Privacy Act, the Federal Advisory
Committee Act, and the Government in the Sunshine Act. The fully updated
2010 volume is the 25th edition of the manual that lawyers, journalists
and researchers have relied on for more than 25 years.

================================

"Information Privacy Law: Cases and Materials, Second Edition" Daniel J.
Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.

http://www.epic.org/redirect/aspen_ipl_casebook.html

This clear, comprehensive introduction to the field of information
privacy law allows instructors to enliven their teaching of fundamental
concepts by addressing both enduring and emerging controversies. The
Second Edition addresses numerous rapidly developing areas of privacy
law, including: identity theft, government data mining and electronic
surveillance law, the Foreign Intelligence Surveillance Act,
intelligence sharing, RFID tags, GPS, spyware, web bugs, and more.
Information Privacy Law, Second Edition, builds a cohesive foundation
for an exciting course in this rapidly evolving area of law.

================================

"Privacy & Human Rights 2006: An International Survey of Privacy Laws
and Developments" (EPIC 2007). Price: $75.

http://www.epic.org/phr06/

This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy in over
75 countries around the world. The report outlines legal protections,
new challenges, and important issues and events relating to privacy.
Privacy & Human Rights 2006 is the most comprehensive report on privacy
and data protection ever published.

================================

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.

http://www.epic.org/bookstore/pvsourcebook

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS). This
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals for
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more involved in the
WSIS process.

================================

"The Privacy Law Sourcebook 2004: United States Law, International Law,
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:
$40.

http://www.epic.org/bookstore/pls2004/

The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource for students,
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world. It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well
as an up-to-date section on recent developments. New materials include
the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the
CAN-SPAM Act.

================================

"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.

http://www.epic.org/bookstore/filters2.0

A collection of essays, studies, and critiques of Internet content
filtering. These papers are instrumental in explaining why filtering
threatens free expression.

================================

EPIC publications and other books on privacy, open government, free
expression, and constitutional values can be ordered at:

EPIC Bookstore http://www.epic.org/bookstore

================================

EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents obtained from government agencies under the
Freedom of Information Act.

Subscribe to EPIC FOIA Notes at:
http://mailman.epic.org/mailman/listinfo/foia_notes

=======================================================================
[9] Upcoming Conferences and Events
=======================================================================

American Library Association's "Choose Privacy Week," 1-7 May 2013.
For More Information:  http://www.alastore.ala.org/detail.aspx?ID=4116.

"ASAP 6th Annual National Training Conference." Speaker: Ginger McCall,
Director, EPIC Open Government Project. 15 May 2013, Arlington, VA. For
More Information:  http://www.accesspro.org/programs/trainingconf/
2013/index.cfm
.

EPIC Champion of Freedom Awards Dinner. 3 June 2013, Washington, DC. For
More Information:  http://epic.org/june3.

2013 Health Privacy Summit, 5-6 June 2013, Washington, DC. For More
Information:  http://www.healthprivacysummit.org/events/2013-health-
privacy-summit/event-summary-1bfa9be80d364092aeed1a8803377fa8.aspx
.

22nd Annual Computers, Freedom, & Privacy Conference. 25-26 June 2013,
Washington, DC. For More Information:  Contact Chris Calabrese at
ccalabrese@dcaclu.org.

=======================================================================
Join EPIC on Facebook and Twitter
=======================================================================

Join the Electronic Privacy Information Center on Facebook and Twitter:

http://facebook.com/epicprivacy

http://epic.org/facebook

http://twitter.com/epicprivacy

Join us on Twitter for #privchat, Tuesdays, 11:00am ET.

Start a discussion on privacy. Let us know your thoughts. Stay up to
date with EPIC's events. Support EPIC.

=======================================================================
Privacy Policy
=======================================================================

The EPIC Alert mailing list is used only to mail the EPIC Alert and to
send notices about EPIC activities. We do not sell, rent or share our
mailing list. We also intend to challenge any subpoena or other legal
process seeking access to our mailing list. We do not enhance (link to
other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list, please follow the above instructions under "subscription
information."

=======================================================================
About EPIC
=======================================================================

The Electronic Privacy Information Center is a public interest research
center in Washington, DC. It was established in 1994 to focus public
attention on emerging privacy issues such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research. For more information, see http://www.epic.org or write
EPIC, 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. +1 202
483 1140 (tel), +1 202 483 1248 (fax).

=======================================================================
Donate to EPIC
=======================================================================

If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible. Checks
should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite
200, Washington, DC 20009. Or you can contribute online at:

http://www.epic.org/donate

Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government and private-sector
infringement on constitutional values.

Thank you for your support.

=======================================================================
Subscription Information
=======================================================================

Subscribe/unsubscribe via web interface:
http://mailman.epic.org/mailman/listinfo/epic_news

Back issues are available at: http://www.epic.org/alert


The EPIC Alert displays best in a fixed-width font, such as Courier.


------------------------- END EPIC Alert 20.08------------------------
</pre></blockquote>

No TrackBacks

TrackBack URL: http://privacy.org/cgibin/mt/mt-tb.cgi/2274

Leave a comment