Focusing public attention on emerging privacy and civil liberties issues

EPIC Alert 21.03

======================================================================= E P I C A l e r t ======================================================================= Volume 21.03 February 18, 2014 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/epic_alert_21.03.html "Defend Privacy. Support EPIC." http://epic.org/support ========================================================================= Table of Contents ========================================================================= [1] NSA Telephone Record Program Authority Expires March 28 [2] EPIC Accepts NSA's Settlement Offer, Receives Attorneys Fees [3] EPIC, Coalition Urge White House to Listen to Public on Big Data [4] EPIC Recommends Safeguards For Facial Recognition Technology [5] Privacy Board to Senate: NSA 'Metadata' Program Is Ineffective [6] News in Brief [7] EPIC in the News [8] EPIC Book Review: 'It's Complicated' [9] Upcoming Conferences and Events ========================================================================= [1] NSA Telephone Record Program Authority Expires March 28 ========================================================================= The Foreign Intelligence Surveillance Court has granted the US government's motion to limit the NSA's access to bulk telephone records provided by US telephone companies. Under the new rules, the government cannot "query" the telephone "metadata" until after the FISA Court finds that there is a "reasonable, articulable suspicion that the selection term is associated with" a terrorist organization. The new rules also limit query results to telephone numbers within two "hops" of the selector, rather than the current three "hops." President Obama announced the new legal requirement during his January 17 speech on surveillance reform, where he committed to end the NSA's bulk record collection program. The NSA's authority to force US telephone companies to turn over records on all their customers will expire on March 28, 2014. According to the President, substantive intelligence reform could come about via "a combination of existing authorities, better information sharing, and recent technological advances," President Obama added that "more work needs to be done to determine exactly how this system might work." To that end, he has "directed the Attorney General to work with the Foreign Intelligence Surveillance Court so that during this transition period, the database can be queried only after a judicial finding or in the case of a true emergency." In his January 28 State of the Union speech, President Obama told the nation that he "will reform our surveillance programs." "America must move off a permanent war footing," stated the President, announcing that "working with this Congress, I will reform our surveillance programs." "Because the vital work of intelligence community depends on public confidence, here and abroad," he stated, the US must ensure that "the privacy of ordinary people is not being violated." In a letter to the White House prior to the State of the Union address, EPIC President Marc Rotenberg, Amnesty International Secretary General Salil Shetty, and members of the EPIC Advisory Board asked President Obama to support privacy and the international privacy convention in his State of the Union speech, which fell on International Privacy Day. The letter urged the President to "affirm that privacy is a fundamental human right, and to begin the process of ratification of the international Privacy Convention," supported by more than 40 countries around the world. ODNI: Statement on NSA "Metadata" Telephony Program (Feb. 6, 2014) http://epic.org/redirect/021814-odni-nsa-statement.html The White House: President's Speech on NSA reform (Jan. 17, 2014) http://epic.org/redirect/012814-obama-nsa-speech.html The White House: Video of 2014 State of the Union (Jan. 28, 2014) http://whitehouse.gov/sotu EPIC et al.: Letter to White House re: Intl. Privacy (Jan. 22, 2014) http://epic.org/privacy/intl/EPIC-Obama-Privacy-Convention.pdf EPIC: Foreign Intelligence Surveillance Court (FISC) http://epic.org/privacy/terrorism/fisa/fisc.html EPIC: NSA: Verizon Phone Record Monitoring http://epic.org/privacy/nsa/verizon/ ======================================================================== [2] EPIC Accepts NSA's Settlement Offer, Receives Attorneys Fees ======================================================================== EPIC has accepted the NSA's offer to settle the Freedom of Information Act case EPIC v. NSA. EPIC sought National Security Presidential Directive 54, signed in 2008 by President George W. Bush, which set out the scope of the NSA's authority over computer networks in the US. The White House confirmed the existence of the Directive, but not the contents. In 2009, EPIC filed a Freedom of Information Act request with the NSA seeking both the text of the Directive - otherwise known as NSPD 54 - and documents related to it. When the agency failed to disclose any documents, EPIC filed an administrative appeal and then a lawsuit under the FOIA. Under the section of the Freedom of Information Act that governs the award of attorneys' fees, EPIC "substantially prevailed" in obtaining the documents and was therefore entitled to compensation for the costs of litigation. The NSA, however, decided to settle with EPIC for fees incurred, rather than litigating for a different amount. As a result, EPIC will receive attorneys' fees from the NSA. EPIC received two of the three requested documents in 2011. While a few coherent sections contained definitions of key terms and personnel management instructions, in general the documents were so heavily redacted that they contained no meaningful information. The DC District Court held in October 2013 that the final document, NSPD 54 itself, was not an "agency record" subject to the FOIA, and that because NSPD 54 originated in the White House, it was not in the "control" of the NSA. Agency "control" of a document is one of the requirements for establishing that the document qualifies for the FOIA. The district court's decision was the first time a federal court has ruled that a Presidential Directive is not subject to the Freedom of Information Act. EPIC is appealing the court's decision. EPIC has already filed a Statement of the Issue for the appeal, asking the DC Court of Appeals to determine "Whether the district court erred in holding that a Presidential Directive in the possession of a federal agency is not an agency record subject to the FOIA." The parties are currently waiting for the Appeals Court to set a briefing schedule. EPIC: Statement of the Issue Presented in EPIC v. NSA (Jan. 22, 2014) http://epic.org/privacy/nsa/Statement-of-Issue.pdf EPIC: Notice of Appeal in EPIC v. NSA - NSPD 54 (Dec. 17, 2013) http://epic.org/privacy/nsa/Notice-Appeal.pdf DC District Court: Ruling in EPIC v. NSA - NSPD 54 (Oct. 21, 2013) http://epic.org/foia/nsa/NSPD_54_Opinion.pdf EPIC: FOIA Request to NSA and NSD (Jun. 25, 2009) http://epic.org/privacy/nsa/NSPD54_FOIA_request.pdf The White House: Summary of NSPD 54 http://epic.org/redirect/012814-wh-nspd54-summary.html EPIC: EPIC v. NSA - Cybersecurity Authority http://epic.org/privacy/nsa/epic_v_nsa.html ========================================================================= [3] EPIC, Coalition Urge White House to Listen to Public on Big Data ========================================================================= EPIC, joined by 24 consumer privacy, public interest, scientific, and educational organizations, has petitioned the White House's Office of Science and Technology Policy to accept public comments on the "Big Data and the Future of Privacy" study now underway. The Office's primary function is to advise the President on scientific and technological issues, specifically issues of national concern. The petition calls on the Office of Science and Technology Policy to "conduct a review that incorporates the concerns and opinions of those whose data may be collected in bulk as a result of their engagement with technology." The petition also urges the OSTP to "consider a broad range of big data privacy issues" including whether current laws are adequate; whether it is possible to maximize the benefits of big data while minimizing the risks to privacy; and how can companies and government agencies be more "transparent" in their use of big data. President Obama announced the big data review during a January 2014 speech on NSA reform. The review, the President said, will look at "how the challenges inherent in big data are being confronted by both the public and private sectors; whether we can forge international norms on how to manage this data; and how we can continue to promote the free flow of information in ways that are consistent with both privacy and security." According to the official White House blog, the big data review report will anticipate "future technological trends and fram[e] the key questions that the collection, availability, and use of 'big data' raise." So-called "data brokers" use big data collections for consumer profiling. In December 2013 a US Senate report found that data brokers, which thus far have largely escaped federal regulation, lack transparency towards both businesses and consumers. In 2009, EPIC testified in support of new legislation to regulate the data broker industry. In 2005, EPIC's complaint to the FTC against data broker Choicepoint lead to a $10 million settlement. EPIC et al.: Petition for Public Comments to OSTP (Feb. 10, 2014) http://epic.org/privacy/Ltr-to-OSTP-re-Big-Data.pdf The White House: Blog Post on Big Data and Privacy (Jan. 23, 2014) http://epic.org/redirect/021814-wh-big-data-blog.html The White House: President's Speech on NSA reform (Jan. 17, 2014) http://epic.org/redirect/012814-obama-nsa-speech.html US Senate: Report on Data Broker Industry (Dec. 18, 2013) http://epic.org/redirect/021814-senate-data-broker-report.html EPIC: Congressional Testimony on Data Brokers (May 5, 2009) http://epic.org/linkedfiles/rotenberg_house_ctcp2221_1319.pdf EPIC: Congressional Testimony on Consumer Data (Mar. 15, 2005) http://epic.org/privacy/choicepoint/testimony3.15.05.pdf EPIC: Privacy and Consumer Profiling http://epic.org/privacy/profiling/ ========================================================================= [4] EPIC Recommends Safeguards For Facial Recognition Technology ========================================================================= In a February 5 letter to the US Department of Commerce's National Telecommunications & Information Administration (NTIA), EPIC called on the agency to develop a facial recognition framework based on the Fair Information Practices. EPIC recommended that there be "no surreptitious collection of identity or collection of identity that occurs without meaningful consent." EPIC further recommended "the suspension of facial recognition technology deployment until adequate safeguards and privacy standards are established." NTIA is holding a series of meeting to address the commercial use of facial recognition technologies. The goal of these meetings is to develop a code of conduct that applies the White House's 2012 "Consumer Privacy Bill of Rights" to facial recognition, which has seen a consumer backlash. For example, Google banned facial recognition apps and services from the company's Glass product in response to privacy concerns raised by the Congressional Privacy Caucus; in 2012, Facebook discontinued facial recognition for photo tagging and deleted the corresponding facial recognition templates for European users after an audit by Ireland's Data Protection Commissioner. Senator Al Franken (D-MN) recently raised concerns about NameTag, an app that uses facial recognition without the subjects' knowledge or consent. Senator Franken, in a letter to the app developer, called for the delay of the app's release until best practices are established. Franken's letter referenced his 2012 Senate hearing on facial recognition, stating that the hearing "established that the status quo is ripe for potential abuse by third parties who are willing to push the boundaries of privacy." In 2012 comments to the Federal Trade Commission, EPIC recommended the suspension of facial recognition technology until adequate safeguards were established. EPIC also highlighted facial recognition's risks to individual privacy and security and the corresponding lack of legal protection. FOIA documents obtained by EPIC in 2013 indicate that the FBI's "Next-Generation Identification" software accepts a 20% inaccuracy rate in facial recognition. EPIC: Letter to NTIA re: Facial Recognition Technology (Feb. 5, 2014) http://epic.org/privacy/facerecognition/EPIC-ltr-NTIA-FaceRecog.pdf NTIA: Multi-stakeholder Process: Facial Recognition (Jan. 24, 2014) http://epic.org/redirect/021814-ntia-facial-stakeholder.html The White House: Consumer Privacy Bill of Rights (Feb. 2012) http://www.whitehouse.gov/sites/default/files/privacy-final.pdf Cong. Privacy Caucus: Letter to Google re: Google Glass (May 16, 2013) http://joebarton.house.gov/images/GoogleGlassLtr_051613.pdf Irish Data Protection Office: Report on Facebook (Sept. 21, 2012) http://epic.org/redirect/092812-irish-facebook-audit.html Senator Al Franken (D-MN): Letter to NameTag App Maker (Feb. 5, 2014) http://www.franken.senate.gov/files/letter/140205NameTagLetter.pdf US Senate: Hearing on Facial Recognition (Jul. 18, 2012) http://epic.org/redirect/073012-senate-facial-hearing.html Sen. Al Franken: Statement at Senate Hearing (Jul. 18, 2012) http://judiciary.senate.gov/pdf/12-7-8FrankenStatement.pdf EPIC: Statement at Facial Recognition Hearing (Jul. 18, 2012) http://epic.org/redirect/073012-senate-facial-hearing.html EPIC: Face Recognition http://epic.org/privacy/facerecognition/ ========================================================================= [5] Privacy Board to Senate: NSA 'Metadata' Program Is Ineffective ========================================================================= At a February 12 US Senate Judiciary Committee hearing, members of the Privacy and Civil Liberties Oversight Board discussed their review and report on the NSA's Section 215 program, which concerns the bulk collection of US telephone records. The Privacy and Civil Liberties Board's 238-page report, released in January 2014, found that the 215 program was not effective and had not prevented any terrorist incidents: "Based on the information provided to the Board,including classified briefings and documentation," the Board writes, "we have not identified a single instance involving a threat to the United States in which the program made a concrete difference in the outcome of a counterterrorism investigation. Moreover, we are aware of no instance in which the program directly contributed to the discovery of a previously unknown terrorist plot or the disruption of a terrorist attack." Recent reports also indicate that only 30% of phone records are actually collected. During the hearing, Senator Richard Blumenthal (D-CT) emphasized that this low collection rate seemed to "raise questions not only about the efficacy of the program, but also about the legal foundation." PCLOB Chairman David Medine replied, "The Board recommends that the government end the program." Senate Judiciary Chairman Patrick Leahy (D-VT) stated, "The Administration has not demonstrated" that the program "is uniquely valuable to justify the massive intrusion upon Americans' privacy." Leahy then added, "The PCLOB report underscores the need to rein in the government's overbroad interpretation of Section 215 and to provide for greater transparency. Although the Administration is in the process of undertaking some preliminary and positive changes to the bulk phone records collection program, these reforms are not enough. Congress should heed the advice of the PCLOB, and shut this program down." President Obama recently announced that the current bulk collection program would end and announced a transition process that requires judicial approval of queries prior to the expiration of the current authority on March 28. EPIC has advocated for an end to the program and for greater transparency in domestic surveillance matters. US Senate Judiciary Committee: Hearing on 215 Program (Feb. 12, 2014) http://epic.org/redirect/021814-senate-215-hearing.html PCLOB: Report on 215 Program (Jan. 23, 2014) http://epic.org/redirect/012814-pclob-metadata-report.html Sen. Patrick Leahy: Hearing Statement on 215 Program (Feb. 12, 2014) http://www.judiciary.senate.gov/pdf/02-12-14LeahyStatement.pdf The White House: President's Speech on NSA reform (Jan. 17, 2014) http://epic.org/redirect/012814-obama-nsa-speech.html EPIC: NSA Verizon Phone Record Monitoring http://epic.org/privacy/nsa/verizon/ ======================================================================== [6] News in Brief ======================================================================== Court Denies EPIC's Injunction in FOIA Case Against US Justice Dept. A federal judge has denied EPIC's motion for a preliminary injunction that would have required the US Department of Justice to complete processing of EPIC's Freedom of Information Act Request for FISA "Pen Register" reports within 20 days. Judge Ketanji Brown Jackson of the DC District Court determined that EPIC had not satisfied the criteria set forward in asking for expediting processing. In the case EPIC v. DOJ, EPIC sought public disclosure of the reports that describe collection of bulk Internet "metadata" from 2004 to 2011. The Justice Department granted EPIC's request for expedited processing in November 2013, but has yet to disclose any responsive records. After EPIC filed suit and moved for a preliminary injunction, the Justice Department notified EPIC that it intends to complete processing of the reports by February 28, 2014. DC District Court: Memorandum Opinion in EPIC v. DOJ (Feb. 11, 2014) http://epic.org/foia/doj/pen-reg-trap-trace/PI-Opinion.pdf EPIC: FOIA Request to DOJ re: Pen Register Reports (Oct. 3, 2013) http://epic.org/foia/doj/pen-reg-trap-trace/EPIC-FOIA-PRTT.pdf EPIC: EPIC v. DOJ - Pen Register Reports http://epic.org/foia/doj/pen-reg-trap-trace/ Senators Rockefeller and Markey Propose Data Broker Legislation Senators Jay Rockefeller (D-WV) and Ed Markey (D-MA) have introduced the The Data Broker Accountability and Transparency Act of 2014 (DATA Act). The proposed Act imposes transparency and accountability requirements on data brokers and other companies that profit from the collection and sale of consumer information. Under the DATA Act, consumers would be able to access their personal information, make corrections, and opt out of marketing schemes. The DATA Act also would empower the FTC to impose civil penalties on violators and prohibit data brokers from collecting consumer data in deceptive ways. In 2009, EPIC testified in support of new legislation to regulate the data broker industry. In 2005, EPIC's complaint to the FTC against data broker Choicepoint lead to a $10 million settlement. Sens. Rockefeller & Markey: Press Release on DATA Act (Feb. 12, 2014) http://epic.org/redirect/021814-data-act-release.html Sens. Rockefeller & Markey: Text of DATA Act (Feb. 12, 2014) http://epic.org/redirect/021814-data-act-text.html US Senate: Report on Data Broker Industry (Dec. 18, 2013) http://epic.org/redirect/021814-senate-data-broker-report.html EPIC: Congressional Testimony on Data Brokers (May 5, 2009) http://epic.org/linkedfiles/rotenberg_house_ctcp2221_1319.pdf EPIC: Testimony at Hearing on Protection Consumer Data (Mar. 15, 2005) http://epic.org/privacy/choicepoint/testimony3.15.05.pdf EPIC: Choicepoint http://epic.org/privacy/choicepoint/ EPIC: Privacy and Consumer Profiling http://epic.org/privacy/profiling/ EPIC: DHS Revised Traveler Screening Violates Federal Privacy Act The Transportation Security Administration and Customs and Border Protection, components of the Department of Homeland Security, have announced plans for agency record disclosures without Privacy Act notifications. The agencies' Common Operating Picture ("COP") program would permit TSA and CBP to exchange personal information held by the agencies in order to place travelers on federal watch lists. Although TSA and CBP have proposed new uses for personal data, the agencies have declined to solicit public comments as required by the Privacy Act. Currently, the agencies use the Automated Targeting System to perform "risk assessments." EPIC has called for DHS to suspend "risk-based" passenger profiling and to make public the algorithms that are used to assess travelers. DHS: Privacy Impact Statement for COP Program (Jan. 31, 2014) http://epic.org/redirect/021814-dhs-cop-program-statement.html DHS: Privacy Impact Statement for ATS Program (Jun. 1, 2012) http://epic.org/redirect/070512-dhs-ats-pia.html GAO: Report on TSA Behavior Detection Programs (Nov. 2013) http://www.gao.gov/assets/660/658923.pdf EPIC: Comments on ATS (Jun. 21, 2012) http://epic.org/privacy/travel/ats/EPIC-ATS-Comments-2012.pdf EPIC: Comments on PreCheck Program (Oct. 10, 2013) http://epic.org/apa/comments/TSA-PreCheck-Comments.pdf EPIC: Comments on Passenger Profiling (Sept. 5, 2007) http://epic.org/privacy/travel/ats/epic_090507.pdf EPIC: Secure Flight http://epic.org/privacy/airtravel/secureflight.html EPIC: Passenger Profiling http://epic.org/privacy/airtravel/profiling.html EPIC: Air Travel Privacy http://epic.org/privacy/airtravel/ FTC Chair Ramirez Urges Senate to Act on Data Security Legislation FTC Chair Edith Ramirez has expressed strong support for federal data security legislation. Ramirez testified at a Feb. 4 US Senate Judiciary Committee hearing on "Privacy in the Digital Age: Preventing Data Breaches and Combating Cybercrime," held following a series of major data breaches at Target, Neiman Marcus, and arts-and-crafts chain Michaels, which compromised the personal data of perhaps hundreds of millions of consumers. "The Commission is here today to reiterate its bipartisan and unanimous call for federal data security legislation," Ramirez said. "With reports of data breaches on the rise, Congress needs to act. We support legislation that would strengthen existing data security standards and require companies, in appropriate circumstances, to notify consumers when there is a breach." Senator Patrick Leahy (D-VT), who has introduced his own data privacy legislation, said during the same hearing that "In the digital age, Americans face threats to their privacy and security unlike any time before in our Nation's history." FTC: Statement of Chair Ramirez at Data Breach Hearing (Feb. 4, 2014) http://epic.org/redirect/021814-ramirez-statement-data-breach.html US Senate Judiciary Committee: Hearing on Data Breaches (Feb. 4, 2014) http://epic.org/redirect/021814-senate-data-breach-hearing.html US Senate Judiciary Committee http://www.judiciary.senate.gov Sen. Leahy: Text of Personal Data Privacy Act http://epic.org/redirect/011314-leahy-data-privacy-act.html EPIC: Privacy Legislation http://epic.org/privacy/bill_track.html EPIC: Identity Theft http://epic.org/privacy/idtheft/ EPIC: Federal Trade Commission http://epic.org/privacy/internet/ftc/ ======================================================================== [7] EPIC in the News ======================================================================== "FBI data dragnet intercepting cellphone, computer info." The Tribune-Review, Feb. 15, 2014. http://triblive.com/news/allegheny/5533722-74/fbi-data-agency "Privacy group reaches NSA settlement, appeals case." The Hill, Feb. 14, 2014. http://thehill.com/blogs/hillicon-valley/technology/198447- privacy-group-reaches-nsa-settlement-appeals-case "EPIC Receives A Settlement For Legal Fees From The NSA In Its FOIA Lawsuit Targeting Presidential Cybersecurity Directives." TechDirt, Feb. 14, 2014. http://www.techdirt.com/articles/20140213/07595026210/epic-receives- settlement-legal-fees-nsa-its-foia-lawsuit-targeting-presidential- cybersecurity-directives.shtml "NSA Pays EPIC's Fees To Resolve Secret Directive Row." Law360, Feb. 13, 2014. http://www.law360.com/privacy/articles/509940/nsa-pays-epic-s- fees-to-resolve-secret-directive-row "Google Deal Machine Ramps Up to Pass Intel in Top Spot." Bloomberg News, Feb. 11, 2014. http://www.bloomberg.com/news/2014-02-11/google-deal-machine-ramps- up-to-pass-intel-in-top-spot.html "Privacy groups to Obama: Let the people have a say in big data reform." IT Pro Portal, Feb. 11, 2014. http://www.itproportal.com/2014/02/11/privacy-groups-to-obama-let- the-people-have-a-say-in-big-data-reform/#ixzz2tEWJJ6O6 "Surveillance Records Demand Kept in Knots." Courthouse News, Feb. 11, 2014. http://www.courthousenews.com/2014/02/11/65293.htm "Will the White House's Big Data Privacy Initiative Distract from the NSA Debate?" The Washington Post, Feb. 11, 2014. http://www.washingtonpost.com/blogs/the-switch/wp/2014/02/10/will-the- white-houses-big-data-privacy-initiative-distract-from-the-nsa-debate/ "White House urged to open up review into big data and privacy threats." The Guardian, Feb. 10, 2014. http://www.theguardian.com/technology/2014/feb/10/white-house- data-review-public "How John Podesta is changing Obama's White House." Politico, Feb. 6, 2014. http://www.politico.com/story/2014/02/john-podesta-white-house- barack-obama-administration-103191.html#ixzz2tEXHPKRU "Florida lawmakers to probe biometric scans in schools." Toronto Sun, Feb. 4, 2014. http://www.torontosun.com/2014/02/04/florida-lawmakers-to-probe- biometric-scans-in-schools "Bluetooth Smart, Wi-Fi raise the hackles of privacy advocates." Fierce Wireless, Feb. 1, 2014. http://www.fiercewireless.com/tech/story/bluetooth-smart-wi-fi-raise- hackles-privacy-advocates/2014-02-01 "NSA Hires Privacy Officer." The Escapist, Jan. 29, 2014. http://www.escapistmagazine.com/news/view/131778-NSA-Hires-Privacy- Officer "NSA taps Homeland Security veteran for 'impossible' privacy officer job." The Verge, Jan. 29, 2014. http://www.theverge.com/2014/1/29/5357948/nsa-hires-first-privacy- officer-from-the-department-of-homeland "The NSA Finally Names Its Internal Privacy Advocate." National Journal, Jan. 29, 2014. http://www.nationaljournal.com/technology/the-nsa-finally-names- its-internal-privacy-advocate-20140129 "Privacy vs. hackers and spies." The Hill, Jan. 28, 2014. http://thehill.com/blogs/hillicon-valley/technology/196656-privacy- vs-hackers-and-spies "Tech companies win right to disclose more about data requests." Contra Costa Times, Jan. 27, 2014. http://www.contracostatimes.com/news/ci_25004690/tech-companies-win- right-disclose-data-requests "DOJ Stalling Email Surveillance Disclosure, EPIC Claims." Law360, Jan. 24, 2014. http://www.law360.com/articles/503844/doj-stalling-email- surveillance-disclosure-epic-claims For More EPIC in the News: http://epic.org/news/epic_in_news.html ======================================================================== [8] EPIC Book Review: 'It's Complicated' ======================================================================== "It's Complicated: The Social Lives of Networked Teens," danah boyd http://epic.org/redirect/021814-its-complicated-boyd.html danah boyd's excellent "It's Complicated: The Social Lives of Networked Teens" is the result of nearly 10 years that boyd spent interviewing, communicating, and generally hanging out with teens who spend time on social networks. She asked them the questions that adults seem to ask constantly: Why do kids put so much information on the Internet? Why do they isolate themselves online instead of interacting with their peers? Why is my teenager always on her smartphone during family time? Isn't social media reducing her attention span and focus? Why use social media at all? "It's Complicated" compiles, dissects, and analyzes teens' responses to these questions. Although the information that boyd gathered reflects subtleties and nuance, the teens' feedback centers around a unifying theme: Context Matters. Behaviors that adults tend to view as the invidious effects of new technology - for example, teens checking their smartphones at the dinner table - are actually motivated by the same adolescent impulse to establish and develop identities separate from the nuclear family. In a different time, a teenager may have asked to be excused from the table early to hang out with friends. With a smartphone, a teenager can be physically present in one place and socially present in another. The behavior remains the same across generations; only the method of performing the behavior has changed. In one chapter, boyd gives the example of the disconnect between teens' and adults' understanding of social networking etiquette. Before the Internet, she says, teenagers used to worry that their parents were listening in to their phone conversations on the extension. Now they're worried that their parents are reading their Facebook posts. From the adult's perspective, listening in on the phone might clearly seem like eavesdropping, whereas a Facebook post might clearly seem public. But from the teen's perspective, both are methods of communication to be used for establishing communities and maintaining friendships, and an adult's intrusion into either constitutes a violation of the teen's burgeoning sense of autonomy and privacy. In other words, context matters. It's clear from both the tenor of boyd's descriptions of her teen interviewees and the honesty of the teens' answers to her questions that boyd is not a neutral intermediary between teens and adults. She is a teen advocate, working to channel teens' stories into a generational voice that even the most resistant adults can hear. This is not to say that the book is unsophisticated - on the contrary, it is a scholarly text, structured as academic argument and (mercifully) full of endnotes that elucidate references to sociologists, technologists, and media theorists. But is it nevertheless the teen perspective that propels the narrative. "It's Complicated" is a necessary and elucidating read for any adult that lives with, teaches, or interacts with today's wired teens. -- Julia Horwitz ========================================= EPIC Bookstore ========================================== "Litigation Under the Federal Open Government Laws 2010," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark S. Zaid (EPIC 2010). Price: $75. http://epic.org/bookstore/foia2010/ Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding President Obama's 2009 memo on Open Government, Attorney General Holder's March 2009 memo on FOIA Guidance, and the new executive order on declassification. The standard reference work includes in-depth analysis of litigation under: the Freedom of Information Act, the Privacy Act, the Federal Advisory Committee Act, and the Government in the Sunshine Act. The fully updated 2010 volume is the 25th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. http://www.epic.org/redirect/aspen_ipl_casebook.html This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore: http://www.epic.org/bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= Fourth Annual International Summit on the Future of Health Privacy. Washington, DC, June 4-5, 2014. For More Information: http://patientprivacyrights.org/summit/. IEEE Presents "Reintroducing Norbert Wiener in the 21st Century." Boston, 24-26 June 2014. For More Information: http://21stcenturywiener.org. ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://epic.org/facebook http://twitter.com/epicprivacy Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Donate to EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government and private-sector infringement on constitutional values. Thank you for your support. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 21.03------------------------