Focusing public attention on emerging privacy and civil liberties issues

EPIC Alert 21.09

======================================================================= E P I C A l e r t ======================================================================= Volume 21.09 May 16, 2014 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/epic_alert_21.09.html "Defend Privacy. Support EPIC." http://epic.org/support ========================================================================= Table of Contents ========================================================================= [1] EU Court Rules Google Must Respect Right to Delete Links [2] White House Publishes Report on 'Big Data and Future of Privacy' [3] EPIC Snapchat Complaint Results in 20-Year FTC Consent Order [4] EPIC Sues Army for Information About DC Surveillance Blimps [5] House Bill Would End Bulk Surveillance, Improve NSA Oversight [6] News in Brief [7] EPIC in the News [8] EPIC Book Review: 'Dragnet Nation' [9] Upcoming Conferences and Events SAVE THE DATE: June 2, 2014. EPIC's 2014 Champions of Freedom Dinner, hosted by Bruce Schneier. http://epic.org/june02. TAKE ACTION: Reset the Net! SIGN the Pledge Against Net Surveillance: https://www.resetthenet.org/ WATCH the Video: https://www.youtube.com/watch?v=qKk8MHFLNNE LEARN about Privacy Tools: http://epic.org/privacy/tools.html SUPPORT EPIC: http://epic.org/support ========================================================================= [1] EU Court Rules Google Must Respect Right to Delete Links ========================================================================= The European Court of Justice has upheld the "right to be forgotten" and ruled that search engines may be required to delete links about individuals upon that individual's request. The case was filed by Mario Costeja González against Google Spain in 2010. Costeja González argued that Google should no longer link his name to an auction notice for a 1998 foreclosure sale of his home, originally published in a Spanish newspaper, and contended that because he had resolved his finances in the intervening years, the evidence of the repossession should be expunged. The Court ruled in favor of Costeja González, finding that a search engine, "by searching automatically, constantly and systematically for information published on the internet" is a collection of data within the definition of the EU Data Protection Directive of 1995. Furthermore, the Court determined, because a search engine "is liable to affect significantly the fundamental rights to privacy and the protection of personal data," search-engine operators must comply with the Directive's requirements. The Court found the newspaper that published the information was not subject to the ruling because it was news organization. Similarly, the Spanish data protection agency that directed Google to remove the link did not impose any privacy obligations on the newspaper. The Court concluded that because Google Inc. had a subsidiary (Google Spain) operating within the territory of Spain (a Member State) even though Google itself is based within a non-member state (the US), that Google operated as "an 'establishment' within the meaning of the directive." Google's attorneys asserted that the data was not processed within Spain, but the Court determined that because of Google's intention to "promote and sell, in the Member State in question, advertising space offered by the search engine in order to make the service offered by the engine profitable," the company has an obligation in certain cases to remove page links displayed by third parties, even if the information published by those third parties is itself lawful. The Court further ruled that since privacy is a fundamental right, the "right to be forgotten" overrules the economic interests of the company and the public interest in access to the private information. This decision of the European Court follows another important privacy decision in which the Court struck down the EU Data Retention Directive, holding that its was particularly serious interference with private life. Both opinions rely on Article 7 and Article 8 of the European Charter of Fundamental Rights, which establish privacy as a constitutional right within the European Union. EPIC has maintained broad support for the privacy rights of Internet users and the specific right to "expunge" information held by commercial firms. EPIC: EU Court's Decision ("Right to Be Forgotten") (May 13, 2014) http://epic.org/privacy/google/eu/ EU Court: Google Opinion (May 13, 2014) http://epic.org/redirect/051614-eu-google-decision.html EU Court: Data Retention Opinion (April 9, 2014) http://epic.org/privacy/intl/C0293-2012-EN.pdf EPIC: In re Facebook https://www.epic.org/privacy/inrefacebook/ EPIC: Expungement https://www.epic.org/privacy/expungement/ Marc Rotenberg: USA Today, “EU Strikes Blow for Privacy” (May 14, 2014) http://www.usatoday.com/story/opinion/2014/05/14/ european-union-google-privacy-epic-editorials-debates/9104063/ ======================================================================== [2] White House Publishes Report on 'Big Data and Future of Privacy' ======================================================================== The White House has released a report on big data and the future of privacy. The report, "Big Data: Seizing Opportunities, Preserving Values," offers several recommendations to the President, including "(1) advance the Consumer Privacy Bill of Rights; (2) pass national data breach legislation; (3) extend privacy protections to non-U.S. persons; (4) ensure data collected on students in schools is used for educational purposes; (5) expand technical expertise to stop discrimination; and (6) amend the Electronic Communications Privacy Act." The report identifies discrimination as a key privacy consequence when big data is used improperly. "[B]ig data analytics have the potential to eclipse longstanding civil rights protections in how personal information is used in housing, credit, employment, health, education, and the marketplace," the report states, adding that big data "could enable new forms of discrimination and predatory practices." Soon after the White House announced the big data and privacy review in January 2014, EPIC, joined by 24 consumer privacy, public interest, scientific, and educational organizations, petitioned the Office of Science and Technology Policy to accept public comments. "The public should be given the opportunity to contribute to the OSTP's review of 'Big Data and the Future of Privacy' since it is their information that is being collected and their privacy and their future that is at stake," the petition stated. The White House subsequently requested public comments. EPIC's extensive comments warned the White House about the enormous risk to Americans of current "big data" practices but also made clear that problems are not new, citing the Privacy Act of 1974, which responded to the challenges of "data banks." EPIC's comments noted recent dramatic increases in identity theft and security breaches, highlighted the vulnerability of student data, and called for the swift enactment of the Consumer Privacy Bill of Rights and the end of opaque algorithmic profiling. "It is vitally important to update current privacy laws to minimize collection, secure the information that is collected, and prevent abuses of predictive analytics," EPIC wrote. The White House report incorporates several recommendations from EPIC and other privacy organizations. Separately, a report from the President’s Council of Advisors on Science and Technology published “Big Data: A Technological Perspective,” which found that the so-called “notice and consent” model does not protect privacy. (Remarkable that it took the top scientists in the country to figure that out.) The White House: Report on Big Data (May 1, 2014) http://epic.org/redirect/051614-wh-big-data.html PCAST: Big Data: A Technological Perspective (May 1, 2014) http://epic.org/redirect/051614-pcast-big-data.html EPIC: Petition to OSTP re: Big Data Public Comments (Feb. 10, 2014) http://epic.org/privacy/Ltr-to-OSTP-re-Big-Data.pdf EPIC: Comments on Big Data and the Future of Privacy (Apr. 4, 2014) http://epic.org/privacy/big-data/EPIC-OSTP-Big-Data.pdf EPIC: Big Data and the Future of Privacy http://epic.org/privacy/big-data/default.html ========================================================================= [3] EPIC Snapchat Complaint Results in 20-Year FTC Consent Order ========================================================================= Following a 2013 EPIC complaint, the FTC has signed a consent order with Snapchat, the maker of a mobile app that encourages users to share intimate photos and videos. Snapchat advertised the app as a way for users to send photos, videos, and message without having those messages stored on the recipient's mobile device. Snapchat stated that the app allowed users to "Snap an ugly selfie or a video, add a caption, and send it to a friend (or maybe a few). They'll receive it, laugh, and then the snap disappears" - presumably forever, according to Snapchat's marketing materials. In fact the images are not deleted entirely, and can be accessed by those with the right knowledge and software. "Snapchat photos and videos remain available to others even after users are informed that the photos and videos have been deleted," EPIC's complaint states. According to the complaint, rather than deleting the images, Snapchat simply changes the file extension to .NOMEDIA, cloaking the file from the user. But by removing the .NOMEDIA extension, the pictures become viewable again. In announcing the settlement, FTC Chairwoman Edith Ramirez said, "If a company markets privacy and security as key selling points in pitching its service to consumers, it is critical that it keep those promises. Any company that makes misrepresentations to consumers about its privacy and security practices risks FTC action." Under the settlement, Snapchat will be subject to 20 years of privacy audits, and will be prohibited from making false claims about company privacy policies. EPIC: Snapchat Complaint to FTC (May 16, 2013) https://www.epic.org/privacy/ftc/EPIC-Snapchat-Complaint.pdf FTC: Snapchat Order (May 8, 2014) http://epic.org/redirect/051614-ftc-snapchat-order.html FTC: Press Release on Snapchat Order (May 8, 2014) http://epic.org/redirect/051614-ftc-snapchat-release.html EPIC: Federal Trade Commission https://www.epic.org/privacy/internet/ftc/ ========================================================================= [4] EPIC Sues Army for Information About DC Surveillance Blimps ========================================================================= EPIC has filed a Freedom of Information Act lawsuit against the Department of the Army for documents about the Joint Land Attack Cruise Missile Defense Elevated Netted Sensor Systems, or JLENS, a sophisticated surveillance system to be deployed over Washington, DC during the next three years. The JLENS was originally deployed in Iraq. JLENS is comprised of two 250-foot blimps. One blimp conducts aerial and ground surveillance over a 340-mile range, while the other has precision tracking and targeting capability. A military test determined that "JLENS' sophisticated radars were able to follow [swarming boat] targets while simultaneously tracking aircrafts, cars and trucks." JLENS operators can observe surface moving targets in real time using a "long-range surveillance, target acquisition, tracking, range-finding and laser designation for the HELLFIRE missile and all tri-service and NATO laser-guided munitions." EPIC's initial FOIA request asked the Army for JLENS technical specifications as well as any policies limiting domestic surveillance. EPIC's goal in the FOIA request and subsequent FOIA lawsuit is to determine what surveillance data the Army plans to collect during the three-year JLENS test, as well as how the Army plans to process, store, redact, or delete that data. EPIC has previously urged Congress to establish privacy safeguards for aerial drones. EPIC also recommended requiring notice of all drone surveillance policies through the Administrative Procedure Act. EPIC: EPIC v Army Complaint re: JLENS (May 6, 2014) https://www.epic.org/foia/army/Complaint.pdf EPIC: EPIC FOIA Request to US Army (Nov. 1, 2013) https://www.epic.org/foia/army/FOIA-Request.pdf EPIC: Testimony before Congress re: Drone Privacy (Jul. 12, 2012) http://www.epic.org/privacy/testimony/EPIC-Drone-Testimony-7-12.pdf EPIC: EPIC v. Army - Surveillance Blimps https://www.epic.org/foia/army/ EPIC: Drone Privacy https://www.epic.org/privacy/drones/ EPIC: Spotlight on Surveillance: Drone Privacy https://www.epic.org/privacy/surveillance/spotlight/0805/ ========================================================================= [5] House Bill Would End Bulk Surveillance, Improve NSA Oversight ========================================================================= The US House Judiciary Committee has unanimously passed the USA Freedom Act, 32-0. The bill, sponsored by Rep. James Sensenbrenner (R-WI), prevents bulk collection of phone records and other business records and limits the scope of phone record searches. The House Intelligence Committee also passed the bill via a voice vote, but has yet to consider the Intelligence Committee's own NSA Reform bill. The bill still needs to be considered by the House as a whole. The USA Freedom Act explicitly prohibits bulk collection, adds a "two hop" call detail requirement to Section 215, improves transparency and oversight, and establishes an "amicus" position appointed by the Foreign Intelligence Surveillance Court in order to provide outside perspectives. Senator Patrick Leahy (D-VT), Chairman of the Senate Judiciary Committee and the original co-sponsor of the bill in the Senate, issued a statement supporting the vote but voicing his concerns that the newly amended bill does not include adequate National Security Letter protections, transparency reforms, or a strong special advocate at the FISA Court. In 2012, EPIC testified before the House Judiciary Committee on the need for public reports and the declassification of significant FISA Court opinions prior to renewal of the FISA Amendments Act. In 2013, EPIC filed a petition with the US Supreme Court, alleging that the bulk collection of telephone record was unlawful. The EPIC petition was supported by dozens of legal scholars and former members of the Church Committee. Rep. Jim Sensenbrenner (R-WI): Text of USA Freedom Act (May 2014) http://sensenbrenner.house.gov/uploadedfiles/usafreedomact.pdf Sen. Leahy (D-VT): Press Release on USA Freedom Act (May 7, 2014) http://epic.org/redirect/051614-leahy-freedom-release.html EPIC: Testimony on FISA Amendments Act of 2008 (May 31, 2012) http://epic.org/privacy/testimony/EPIC-FISA-Amd-Act-Testimony-HJC.pdf EPIC: Petition to Supreme Court on Metadata Collection (Jul. 8, 2013) http://epic.org/EPIC-FISC-Mandamus-Petition.pdf EPIC: Foreign Intelligence Surveillance Act Reform http://epic.org/privacy/terrorism/fisa/reform/ EPIC: In re EPIC - NSA Telephone Records Surveillance http://epic.org/privacy/nsa/in-re-epic/ ======================================================================== [6] News in Brief ======================================================================== EPIC Obtains Letter re: DOJ Non-Investigation of Google Street View Via a Freedom of Information Act request, EPIC has obtained the closing letter from the Department of Justice to Google attorneys in the "Street View" matter, which centered around Google's capture and collection of private US Wi-Fi data over several years. The disclosure of Google's activity occurred after a European data protection authority discovered that Google's Street View vehicles also captured private Wi-Fi data. More than 12 countries subsequently investigated Google's programs, and at least nine found Google guilty of violating their laws. The letter from the DOJ states that US officials were aware that Google's "equipment collected 'payload' data, including contents of e-mail and Internet addresses typed by users," but the Department "decided not to seek charges" against Google for violating the Wiretap Act. The Ninth Circuit Court of Appeals recently affirmed a federal court's decision to allow a class action lawsuit against Google to move forward for wiretap violations stemming from the Street View program. EPIC: FOIA Documents from DOJ re: Street View (May 6, 2014) http://epic.org/redirect/051614-doj-streetview-docs.html EU: Press Release on Google Street View Discovery (Apr. 23, 2010) http://epic.org/redirect/051614-eu-streetview-release.html 9th Circuit Court: Decision in Joffe v. Google (Dec. 27, 2013) http://epic.org/redirect/011314-9th-circuit-joffe.html EPIC: Investigations of Google Street View http://epic.org/privacy/streetview/ EPIC: Joffe v. Google http://epic.org/amicus/google-street-view/ 2014 FISA Report: Surveillance Orders Down; Questions on Scope Remain The US Department of Justice has published the 2013 FISA Report. The brief report provides summary information about the government's use of the Foreign Intelligence Surveillance Act, or FISA. In 2012 the Foreign Intelligence Surveillance Court granted 1,789 FISA orders and 212 "Section 215" orders. In 2013, there were 1,588 requests to conduct FISA surveillance, with 34 modifications. The Surveillance Court also granted 178 business record orders under Section 215, with 141 modified by the court. The significant number of modified orders indicates that the government's initial applications are too broad; for example, the Surveillance Court authorized the NSA's controversial phone "metadata" collection program under a modified order. It is possible that in 2013 the court authorized other bulk collection programs. US Justice Dept.: 2013 FISA Report (Apr. 30, 2014) http://www.justice.gov/nsd/foia/foia_library/2013fisa-ltr.pdf FISC: Modified Order Authorizing Metadata Program (Aug. 29, 2013) http://epic.org/redirect/051614-fisc-modified-order.html EPIC: Foreign Intelligence Surveillance Act Court Orders 1979-2014 http://epic.org/privacy/wiretap/stats/fisa_stats.html Facebook Introduces New Privacy Features Amidst growing concern about Facebook's disclosure of user information to third parties, the company has announced two new privacy options. Users now may decide how much personal information to disclose to Facebook apps before signing up. Users may also test apps anonymously without transmitting their Facebook User IDs to the developer. The changes appear to be a response to the FTC's 2011 Consent Order, pursued by EPIC and a coalition of privacy organizations, that requires Facebook to obtain express affirmative consent from users before disclosing personal information to third parties. In the first report on Internet privacy, "Surfer Beware: Personal Privacy and the Internet" (1997), EPIC said web sites should "support anonymity while developing policies and practices to protect information privacy." Facebook: Anonymous and Updated Facebook Logins (Apr. 30, 2014) http://epic.org/redirect/051614-facebook-new-logins.html FTC: Consent Order Against Facebook (Nov. 29, 2011) http://ftc.gov/os/caselist/0923184/111129facebookagree.pdf EPIC: 'Surfer Beware' (1997) http://epic.org/reports/surfer-beware.html EPIC: Facebook Privacy http://epic.org/privacy/facebook/ EPIC: Internet Anonymity http://epic.org/privacy/anonymity/ EPIC: FTC http://epic.org/privacy/internet/ftc/ Court Denies Hulu's Motion to Dismiss Privacy Case A federal court in California has ruled that a privacy class-action lawsuit against Hulu, the video streaming service, may continue. Hulu users allege that the company violated the Video Privacy Protection Act by transferring personally identifiable information to both Facebook and the advertising company comScore. The presiding judge ruled that Hulu's transfer to Facebook of unique IDs, including the user IP addresses, Facebook IDs, and video titles, would violate the video privacy law. However, the judge also determined that Hulu transmitted only anonymized user IDs to comScore and therefore there could be no legal violation - even though, according to the ruling, "[A] unique anonymized ID alone is not [Personally Identifiable Information] but context could render it not anonymous and the equivalent of the identification of a specific person." In 2009, EPIC filed a "friend of the court" brief in Harris v. Blockbuster, a similar case in which a company disclosed consumers' identities and video rental histories to Facebook. US District Court (No. CA): Ruling in Hulu Privacy Case (Apr. 28, 2014) http://www.courthousenews.com/2014/04/30/Hulu Order.pdf EPIC: Video Privacy Protection Act http://epic.org/privacy/vppa/ EPIC: "Friend of the Court" Brief in Harris v. Blockbuster (Nov. 3, 2009) http://epic.org/amicus/blockbuster/Blockbuster_amicus.pdf EPIC: Harris v. Blockbuster http://epic.org/amicus/blockbuster Privacy Case Moves Forward Against Facebook and Zynga The Ninth Circuit Court has found that Facebook and Zynga may have violated Facebook's privacy policies when the companies disclosed user information for advertising purposes. Separately, the court ruled that there was no violation of the Electronic Communications Privacy Act because the disclosed data (including Facebook IDs and HTTP referers) are not "contents" of a communication. Congress is set to consider several ECPA reforms, and could amend the court's ruling by clarifying that the law prevents the disclosure of personally identifiable information. 9th Circuit Court: Ruling in Zynga Privacy Case (May 8, 2014) http://epic.org/redirect/051614-9th-circuit-zynga-privacy.html 9th Circuit Court: Ruling in Zynga ECPA Case (May 8, 2014) http://epic.org/redirect/051614-9th-circuit-zynga-ecpa.html EPIC: Electronic Communications Privacy Act http://epic.org/privacy/ecpa/ EPIC: Facebook Privacy http://epic.org/privacy/facebook/ ======================================================================== [7] EPIC in the News ======================================================================== Podcast: "Explaining Europe's historic online privacy ruling." Constitution Daily, May 15, 2014. http://blog.constitutioncenter.org/2014/05/podcast-explaining- europes-historic-online-privacy-ruling/ "EU strikes a blow for privacy: Opposing view." Op-Ed by EPIC President Marc Rotenberg, USA Today, May 14, 2014. http://www.usatoday.com/story/opinion/2014/05/14/european-union- google-privacy-epic-editorials-debates/9104063/ "Americans Will Never Have the Right to Be Forgotten." Time, May 14, 2014. http://time.com/98554/right-to-be-forgotten/ "New European ruling game-changing for U.S. companies." USA Today, May 14, 2014. http://www.usatoday.com/story/money/business/2014/05/13/ google-search-european-court-of-justice/9027645/ "Regulating Domestic Drones to Protect Privacy and Public Safety." NPR's "The Diane Rehm Show," with EPIC President Marc Rotenberg, May 13, 2014. http://thedianerehmshow.org/shows/2014-05-13/regulating-domestic- drones-protect-privacy-and-public-safety "Off the Record in a Chat App? Don't Be Sure." The New York Times, May 8, 2014. http://www.nytimes.com/2014/05/09/technology/snapchat-reaches- settlement-with-federal-trade-commission.html "Snapchat Settles With FTC After Being Dishonest With Users About Privacy." TechCrunch, May 8, 2014. http://techcrunch.com/2014/05/08/snapchat-settles-with-ftc-after- being-dishonest-with-users-about-privacy/ "FTC: Snapchat misled users about disappearing messages." UPI, May 8, 2014. http://www.upi.com/Business_News/2014/05/08/FTC-Snapchat-misled- users-about-disappearing-messages/7101399570832/ "Snapchat Settles FTC Charges." The Wall Street Journal, May 8, 2014. http://online.wsj.com/news/articles/SB10001424052702304655304579550 010332216676?mod=djemalertTECH "Privacy groups mull action after Facebook deal with fitness app." The Hill, May 6, 2014. http://thehill.com/policy/technology/205352-privacy-groups-mull- action-after-facebook-deal-with-fitness-app "Privacy Coalition Calls For Net Reset in June." ThreatPost, May 6, 2014. http://threatpost.com/privacy-coalition-calls-for-net-reset-in- june/105921 "Students and Data Privacy." Letter to the Editor by EPIC President Marc Rotenberg and EPIC Student Privacy Project Director Khaliah Barnes. The New York Times, May 3, 2014. http://nytimes.com/2014/05/04/business/students-and-data-privacy .html "Student Privacy Laws Need Updating, White House Report Says." Education Week, May 1, 2014. http://blogs.edweek.org/edweek/marketplacek12/2014/05/student_ privacy_laws_need_updating_white_house_report_says.html "Privacy Fears Over Student Data Tracking Lead to InBloom's Shutdown." Bloomberg Business Week, May 1, 2014. http://www.businessweek.com/articles/2014-05-01/inbloom-shuts-down- amid-privacy-fears-over-student-data-tracking "White House seeks privacy balance in a 'Big Data' world." Reuters, May 1, 2014. http://www.reuters.com/article/2014/05/01/usa-obama-privacy- idUSL2N0NN19B20140501 "White House asks Congress to update consumer electronic privacy laws." Al Jazeera America, May 1, 2014. http://america.aljazeera.com/articles/2014/5/1/white-house- electronicprivacy.html "W.H. 'big data' review spotlights privacy debate." Politico, May 1, 2014. http://www.politico.com/story/2014/05/white-house-big-data-reveiew- 106241.html?hp=l4 "Call for Limits on Web Data of Customers." The New York Times, May 1, 2014. http://www.nytimes.com/2014/05/02/us/white-house-report-calls-for- transparency-in-online-data-collection.html?hp For More EPIC in the News:http://epic.org/news/epic_in_news.html ======================================================================== [8] EPIC Book Review: 'Dragnet Nation' ======================================================================== "Dragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance," Julia Angwin http://www.amazon.com/gp/product/0805098070 Investigative journalist Julia Angwin takes us along for the ride as she tries to opt-out of the seemingly inescapable mass surveillance in today's society. Her efforts reveal just how much our world has become a "dragnet nation." "Dragnet Nation" begins with a "lay of the land" with respect to surveillance. Angwin notes that "the modern era of dragnets marks a new type of surveillance: suspicionless, computerized, impersonal, and vast in scope." In fact, Angwin observes, the technology of our conveniences is the same technology that facilitates 24/7 mass surveillance. Angwin enumerates the means by which our information is continuously collected into massive data sets held by both the government and private sector - cell phone location tracking, online ad tracking, license plate readers, and social networks, just to name a few. The book's central action is Angwin's attempts to avoid the dragnet nation while maintaining a life in the modern world. First, she determines who holds her personal data: Social networks, various government agencies, and hundreds of data brokers. Her next step - obtaining or removing her data from the clutches of these entities - is met with varying degrees of success. Data brokers, she says, are opaque and secretive, lack straightforward methods to opt-out, and ironically require even more personal information in order for her to disentangle herself. Angwin describes the trust she has in data brokers to remove her data as "the kind of trust you place in a mob enforcer. You hand over a bribe, but you're never quite sure if it will get results." The latter part of "Dragnet Nation" follows Angwin's attempts to use more privacy-enhancing technologies and services including encryption, ad-blockers, search engines that did not track her searches, and "faraday bags" that blocked her cell phone signal when not in use. Her endeavors towards greater privacy are mixed, but her overall message is clear: The dragnet nation is with us, perhaps to stay, and privacy means moving along as stealthily as possible within its confines. "Dragnet Nation" is a lucid and compelling story about the importance of privacy and how hard it is to opt-out of our current surveillance society. The book also provides guidance for a new way forward. And is Angwin herself optimistic or pessimistic about the future or privacy and anonymity? A little of both, but as we journey with her she provides humorous anecdotes, helpful advice, and experience that constantly reminds us how we are perpetually swept up in the dragnet of big data. --Jeramie D. Scott =================================== EPIC Bookstore =================================== "Litigation Under the Federal Open Government Laws 2010," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark S. Zaid (EPIC 2010). Price: $75. http://epic.org/bookstore/foia2010/ Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding President Obama's 2009 memo on Open Government, Attorney General Holder's March 2009 memo on FOIA Guidance, and the new executive order on declassification. The standard reference work includes in-depth analysis of litigation under: the Freedom of Information Act, the Privacy Act, the Federal Advisory Committee Act, and the Government in the Sunshine Act. The fully updated 2010 volume is the 25th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. http://www.epic.org/redirect/aspen_ipl_casebook.html This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore: http://www.epic.org/bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= Education Writers Association Presents "Student Data Privacy: Politics and Practicalities." Featured Speaker: Director of EPIC's Student Privacy Project Khaliah Barnes. Nashville, TN, May 19, 2014. For More Information: http://www.ewa.org/agenda/agenda-67th- national-seminar. Computers, Freedom & Privacy. Warrenton, VA, June 8-10, 2014. For More Information: http://cfp.org/2014. Fourth Annual International Summit on the Future of Health Privacy. Washington, DC, June 4-5, 2014. For More Information: http://patientprivacyrights.org/summit/. IEEE Presents "Reintroducing Norbert Wiener in the 21st Century." Boston, 24-26 June 2014. For More Information: http://21stcenturywiener.org. ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://epic.org/facebook http://twitter.com/epicprivacy Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.orgor write EPIC, 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Support EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/support Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government and private-sector infringement on constitutional values. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 21.09------------------------