Focusing public attention on emerging privacy and civil liberties issues

EPIC Alert 21.14

======================================================================= E P I C A l e r t ======================================================================= Volume 21.14 July 30, 2014 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/epic_alert_21.14.html "Defend Privacy. Support EPIC." http://epic.org/support ========================================================================= Table of Contents ========================================================================= [1] Lawsuit Against Google for Privacy Changes Moves Forward [2] EPIC Files Lawsuit For Details of Government Profiling System [3] EPIC Uncovers Complaints from Ed. Dept. re: Misuse of Records [4] EPIC Urges Privacy Board to Address 12333 Surveillance Authority [5] EPIC, Consumer Groups Challenge Facebook on Web Snooping [6] News in Brief [7] EPIC in the News [8] EPIC Book Review: 'Rise of the American Corporate Security State' [9] Upcoming Conferences and Events ========================================================================= [1] Lawsuit Against Google for Privacy Changes Moves Forward ========================================================================= A federal court in California has ruled that a class action privacy lawsuit against Google can continue. The plaintiffs in the case are Android users who allege that Google concealed a plan to modify privacy policies and also violated the privacy policy for Google Play. The court dismissed similar claims brought by different groups of Google users. However, the court ruled that Android users who downloaded at least one Android app through Google Play may bring breach of contract and fraud claims against Google. The lawsuit arose in 2012 after Google collapsed the privacy policies of over 60 Google products and services, including Gmail, Google+, YouTube, and the Android mobile operating system. Rather than keeping personal information about a user of a given Google service separate from information gathered from other Google services, Google consolidated user data and created a single merged profile for each user. In response to the policy change, eight members of Congress wrote to Google, asking the company to explain the "steps [that] are being taken to ensure the protection of consumers' privacy rights." State Attorneys General, European Justice Officials, technical experts, and IT managers in government and the private sector also expressed concern about the 2012 Google policy change. European privacy officials concluded that the changes did not comply with the European Union Data Protection Directive, and European Justice Minister Viviane Reding said that the changes violated European Union law "in numerous respects." In 2012, EPIC objected to the same change in Google's policy and urged the Federal Trade Commission to block the change based on a 2011 consent order in which Google agreed not to combine user data without user consent. After the FTC failed to act, EPIC sued the agency. A federal court dismissed EPIC's lawsuit because the "decision to enforce the Consent Order is committed to agency discretion and is not subject to judicial review." At the time, even though the court found that it lacked jurisdiction over agency enforcement actions and was unable to compel the FTC to enforce the consent order, the court acknowledged "serious concerns" with Google's changes. Reuters: "Google must face U.S. privacy lawsuit over commingled user data" (Jul. 22, 2014) http://www.reuters.com/article/2014/07/22/us-google-privacy- lawsuit-idUSKBN0FR1XA20140722 EPIC: Letter from Congress to FTC re: Google Privacy (Feb. 17, 2012) http://epic.org/redirect/073014/congress-ftc-letter.html Google: Blog Post on Updated Terms of Service (Jan. 2012) http://epic.org/redirect/073014/google-blog-tos.html EPIC: EPIC v. FTC (Enforcement of the Google Consent Order) http://epic.org/privacy/ftc/google/consent-order.html FTC: In the Matter of Google, Inc. (Oct. 24, 2011) http://epic.org/redirect/071614-ftc-google-2011.html EPIC: Federal Trade Commission http://epic.org/privacy/internet/ftc/ EPIC: Google Buzz https://www.epic.org/privacy/ftc/googlebuzz/ ======================================================================== [2] EPIC Files Lawsuit For Details of Government Profiling System ======================================================================== EPIC has filed a Freedom of Information Act lawsuit over a controversial Department of Homeland Security datamining program called the "Analytical Framework for Intelligence." The program, implemented through Customs and Border Protection, collects a vast amount of sensitive personal information obtained from government agencies and commercial data aggregators, including, according to the complaint, "full name, address, age, gender, race, physical characteristics, marital status, residency status, country of citizenship, city and country of birth, date of birth, Social Security Number, vehicle information, travel information, document information, passport information, law enforcement records, and familial and other contact information." Additionally, the program "permits DHS AFI analysts to upload and share information that may be relevant from other sources, such as the Internet or traditional news media, into projects, responses to [Requests for Information] RFIs, or final intelligence products." The system is used by the DHS for "link analysis, anomaly detection, change detection analysis, temporal analysis, pattern analysis, and predictive modeling." The system similarly incorporates "risk assessment" scores from the Automated Targeting System, also operated by the DHS. The risk assessment scores are essentially a terrorist risk rating to all individuals attempting to enter or exit the US or those even very indirectly involved in the transit, importation, or exportation of merchandise to and from the US. EPIC's original April 2014 FOIA request for information on the Analytical Framework for Intelligence sought: "(1) All AFI training modules, request forms, and similar final guidance documents that are used in, or will be used in, the operation of the program; (2) Any records, memos, opinions, communications, or other documents that discuss potential or actual sources of information not currently held in DHS databases, or potential or actual uses of information not currently held in DHS databases; (3) Any records, contracts, or other communications with commercial data aggregators regarding the AFI program; and (4) The Privacy Compliance Report initiated in August 2013 by the DHS Privacy Office." DHS did not respond to EPIC's request in the statutory 20-day limit, nor did the agency send a letter to EPIC explaining why it would not send the information. EPIC previously submitted comments to DHS urging the agency to suspend the Automated Targeting System, arguing that the use of such factors as race and nationality in a government database is unconstitutional. The Automated Targeting System was initially created to screen shipping cargo but has expanded to monitor individuals and create risk assessment profiles on Americans who are not suspected of any crime. EPIC: Complaint in EPIC v. CBP (Jul. 18, 2014) http://epic.org/foia/cpb/EPIC-v-CBP-Complaint.pdf EPIC: Initial FOIA Request on Analytical Framework (Apr. 8, 2014) http://epic.org/foia/epic_v_cbp.html DHS: Privacy Impact Assessment on Datamining Program (Jun. 1, 2012) http://epic.org/redirect/073014/dhs-pia-datamining.html DHS: 2013 Data Mining Report to Congress (Feb. 2014) http://epic.org/redirect/073014/dhs-datamining-report.html EPIC: Automated Targeting System http://epic.org/privacy/travel/ats/ ========================================================================= [3] EPIC Uncovers Complaints from Ed. Dept. re: Misuse of Records ========================================================================= EPIC has obtained documents from the Department of Education detailing parent and student complaints about the misuse of educational records. The Department released the documents in response to an EPIC Freedom of Information Act request. The documents reveal that schools and districts have disclosed students' personal records without consent, possibly in violation of the Family Educational Rights and Privacy Act (FERPA), and that the Department failed to investigate many FERPA complaints. EPIC is expecting to receive more documents about the agency's enforcement of the federal student privacy law. The Education Department administers FERPA, a federal student privacy law applicable to educational agencies and institutions receiving federal funds for Department programs. Subject to certain exceptions, FERPA grants students the right to prohibit disclosure of their education records. FERPA also grants students due process rights, like the right to access their education records and the right to amend or delete "inaccurate, misleading or otherwise inappropriate data" within a student education record. The Education Department investigates complaints filed by parents and students alleging that agencies and institutions have violated their FERPA rights. The Department also has the authority to conduct FERPA investigations even if students have not filed or have withdrawn a complaint. Since 2008, the Education Department has issued FERPA regulations that have significantly expanded the circumstances under which schools can disclose education records without student consent. In April 2014, EPIC submitted a FOIA request to the Education Department, seeking: "(1) all FERPA complaints the Education Department received since the 2008 FERPA regulations went into effect; (2) all records detailing the number of investigations the Education Department initiated in response to complaints and on its own since the 2008 FERPA regulations went into effect; and (3) all records related to completed investigations since the 2008 FERPA regulations went into effect." The FOIA documents demonstrate that parents and students routinely contact the Education Department seeking assistance with alleged FERPA violations. Students report being denied access to their education records and having their records disclosed without their authorization. Despite student and parental complaints, the Education Department declined to investigate numerous FERPA violation allegations. In 2012, EPIC sued the Education Department over changes to FERPA, arguing that the changes significantly weakened student privacy protections and that the agency did not have statutory authority to amend the law. EPIC: EPIC FERPA FOIA Document Set 1 (Dec. 2010) http://epic.org/privacy/student/EPIC-FERPA-1.pdf EPIC: EPIC FERPA FOIA Document Set 2 (Mar. 2011) http://epic.org/privacy/student/EPIC-FERPA-2.pdf EPIC: EPIC FERPA FOIA Document Set 3 (Jun. 2011) http://epic.org/privacy/student/EPIC-FERPA-3.pdf EPIC: EPIC FERPA FOIA Document Set 4 (Sep. 2010) http://epic.org/privacy/student/EPIC-FERPA-4.pdf EPIC: EPIC FERPA FOIA Document Set 5 (Aug. 2010) http://epic.org/privacy/student/EPIC-FERPA-5.pdf EPIC: EPIC FERPA FOIA Document Set 6 (Oct. 2010) http://epic.org/privacy/student/EPIC-FERPA-6.pdf EPIC: EPIC FERPA FOIA Document Set 7 (Oct. 2010) http://epic.org/privacy/student/EPIC-FERPA-7.pdf EPIC: EPIC FERPA FOIA Document Set 8 http://epic.org/privacy/student/EPIC-FERPA-8.pdf EPIC: EPIC FERPA FOIA Document Set 9 (Feb. 2011) http://epic.org/privacy/student/EPIC-FERPA-9.pdf EPIC: EPIC FERPA FOIA Request (Apr. 15, 2014) http://epic.org/privacy/student/EPIC-FERPA-FOIA-Request.pdf EPIC: Student Privacy http://epic.org/privacy/student/ EPIC: Open Government http://epic.org/open_gov/ EPIC: EPIC v. U.S. Department of Education http://epic.org/apa/ferpa/ ========================================================================= [4] EPIC Urges Privacy Board to Address 12333 Surveillance Authority ========================================================================= At a July 23 public hearing of the President's Privacy and Civil Liberties Oversight Board, EPIC National Security Counsel Jeramie Scott urged Board the to focus on surveillance conducted under Executive Order 12333. The Executive Order, signed in 1981, grants broad surveillance authority to the Intelligence Community with minimal oversight. 12333 has enabled vast surveillance of Americans, but has received little attention. Mr. Scott noted former NSA head General Keith Alexander's statement to the Senate that the "NSA conducts the majority of its SIGNIT activities solely pursuant to the authority provided by Executive Order (EO) 12333." These activities include tapping the main communication links between Google and Yahoo data centers located around the world and collecting millions of contact lists from email and instant message accounts. The only oversight of the surveillance conducted under 12333 comes from the Executive branch of government, which, according to EPIC, "has proven to be ineffective at best in limiting surveillance overreach." As noted in Mr. Scott's statement, Congress has admitted to very little oversight of 12333 and the Order does not fall within the purview of the Foreign Intelligence Surveillance Court. Mr. Scott urged the Oversight Board to review 12333 and recommended that the Board oversee: "1. The extent to which information on United States Persons is captured by surveillance conducted under 12333. 2. The extent to which collection under 12333 results in the retention and/or dissemination of non-target data. 3.The effectiveness of current oversight and minimization procedures." Scott also pressed the Board release a public report of the 12333 review. EPIC previously encouraged the Privacy and Civil Liberties Board to establish greater legal protection for metadata, increase safeguards for personal data, and minimize data collection. At the Board's first public meeting in 2012, EPIC recommended that the Board ensure Privacy Act adherence and investigate privacy concerns with the Fusion Center program, closed-circuit television surveillance, body scanners, surveillance drones, and Suspicious Activity Reporting. Thus far, the Privacy Board has focused almost entirely on the "Section 215" and "Section 702" surveillance programs. PCLOB: Public Meeting (Jul. 23, 2014) http://epic.org/redirect/073014/pclob-meeting.html US Archives: Executive Order 12333 (Dec. 4, 1981) http://epic.org/redirect/073014/EO-12333.html EPIC: Statement of EPIC's Jeramie Scott at PCLOB (Jul. 23, 2014) http://epic.org/redirect/073014/epic-scott-statement.html US Senate: Statement of Former NSA Director Alexander (Oct. 2, 2013) http://epic.org/redirect/073014/alexander-testimony.html EPIC: Executive Order 12333 http://epic.org/privacy/surveillance/12333/ Privacy and Civil Liberties Oversight Board http://www.pclob.gov/ ========================================================================= [5] EPIC, Consumer Groups Challenge Facebook on Web Snooping ========================================================================= EPIC, along with a coalition of consumer groups, has urged the Federal Trade Commission to block Facebook's plan to collect users' web browsing history. Facebook recently announced plans to collect detailed user web-browsing data for advertising purposes. Users who object were told to opt-out by downloading a cookie from a third-party website. The consumer groups' letter noted that this requirement "has the effect of punishing the users who are most diligent about their privacy: the minute users clear their cookies, they also delete the opt-out preference. Thus, even consumers who work to exercise their ability to opt out must remain vigilant, even after taking the appropriate privacy precautions." Previously, Facebook had said that it does not monitor users' web browsing activities. Now, wrote the consumer groups, "Facebook has now completely reversed its stance to the detriment of users of the service. Contrary to its prior representations, upon which users may have relied, the company will now routinely monitor the web browsing activities of its users and exploit that information for advertising purposes." The groups therefore recommended that "[t]he FTC should examine whether Facebook's changein business practices violates the consent order between Facebook and the FTC." Furthermore, the practice may violate a Federal Trade Commission order prohibiting Facebook from changing business practices without users' express consent. Facebook is under a 20-year consent decree from the FTC that requires users' express affirmative consent before disclosing personal information that exceeds the restrictions imposed by users' privacy settings. The groups asked the FTC "to act immediately to notify the company that it must suspend its proposed change in business practices to determine whether it complies with current U.S. and EU law." EPIC has also filed a FOIA request, seeking the FTC's communications with Facebook about this change. TACD: Letter to Congress (Jul. 29, 2014) http://epic.org/redirect/073014/tacd-facebook-letter.html EPIC: FOIA Request to FTC (Jun. 20, 2014) https://epic.org/privacy/ftc/facebook/FB-FOIA-Request.pdf FTC: Press Release on Consent Order (Aug. 10, 2012) http://epic.org/redirect/073014/ftc-facebook-settlement.html EPIC: Facebook Privacy https://epic.org/privacy/facebook/ EPIC: Online Tracking and Behavioral Targeting http://epic.org/privacy/consumer/online_tracking_and_behavioral.html EPIC: FTC https://epic.org/privacy/internet/ftc/ ======================================================================== [6] News in Brief ======================================================================== Senators Markey and Hatch Introduce Student Privacy Legislation Today Senators Edward Markey (D-MA) and Orrin Hatch (R-UT) introduced legislation to require privacy safeguards for education records and prohibit the use of student information for advertising purposes. The "Protecting Student Privacy Act of 2014" would give students the right to access and amend their records that are held by private companies. The bill also requires schools to minimize the amount of personally identifiable information transferred to private companies, and requires companies to destroy student information "when the information is no longer needed for the specified purpose." The bill incorporates many of the proposals EPIC set out in the Student Privacy Bill of Rights. Senator Markey announced plans to introduce student privacy legislation earlier in 2014 at EPIC's public panel on student privacy. Sen. Ed Markey (D-MA): Text of Student Privacy Bill (Jul. 14, 2014) http://epic.org/redirect/073014/markey-student-privacy-bill.html EPIC: Student Privacy Bill of Rights (Mar. 2014) http://epic.org/privacy/student/bill-of-rights.html EPIC: "Education Records and Student Privacy" Panel (Jan. 14, 2014) http://epic.org/events/student-privacy14/ EPIC: Student Privacy http://epic.org/privacy/student/ Senator Leahy Introduces Bill to End NSA Bulk Record Collection Senator Patrick Leahy (D-VT), joined by Democratic and Republican Senators, has introduced legislation to end the NSA's practice of collecting Americans' telephone records. Leahy described the bill as "the most significant reform of government surveillance authorities since Congress passed the USA PATRIOT Act 13 years ago." The USA FREEDOM Act would require require the government to specify specific "search terms" to obtain telephone record information. The government would have to demonstrate that it has a "reasonable, articulable suspicion" that the search term is associated with a foreign terrorist organization. The bill also requires a comprehensive transparency report for the use of FISA surveillance authorities. However, the bill exempts the FBI from certain reporting requirements. Civil liberties organizations support the bill. EPIC previously filed a Petition for Mandamus with the US Supreme Court, seeking to end the bulk collection of American's phone records. EPIC's petition was supported by legal scholars, technical experts and former members of the Church Committee. Sen. Patrick Leahy: Text of USA FREEDOM Act (July 2014) http://www.leahy.senate.gov/download/hen14602 Openthegovernment.org: Support for USA FREEDOM Act (Jul. 29, 2014) http://www.openthegovernment.org/node/4567 EPIC: Petition to US Supreme Court re: Section 215 (Jul. 8, 2013) http://epic.org/EPIC-FISC-Mandamus-Petition.pdf EPIC: In re EPIC - NSA Telephone Records Surveillance http://epic.org/privacy/nsa/in-re-epic/ EPIC: Foreign Intelligence Surveillance Act Reform http://epic.org/privacy/terrorism/fisa/reform/ EPIC Seeks Government Report on Security of Internet Voting EPIC has filed a Freedom of Information Act request with the US Department of Defense for records detailing the security of online voting. The agency administers the Federal Voting Assistance Program, which has promoted online voting and provided funding to states for Internet voting technology. Computer scientists have expressed concern about the reliability of these systems and privacy risks to voters. At a 2012 Congressional hearing, the agency promised to release the results of security tests it had conducted on voting software. Because the agency has failed to make the test results public, EPIC has demanded these results, as well as related documents, be disclosed. EPIC: FOIA Request to DoD re: Online Voting (Jul. 17, 2014) http://epic.org/privacy/voting/EPIC-FVAP-FOIA-Request-071714.pdf Defense Dept.: Federal Voting Assistance Program http://www.fvap.gov/ Verified Voting: Blog Post on Internet Voting (Feb. 15, 2013) http://epic.org/redirect/073014/verified-voting.html GPO: Congressional Hearing on Voting Assistance Program (Sep. 13, 2012) http://epic.org/redirect/073014/voting-hearing.html Politico: "DoD won't release e-voting penetration tests" (Jun. 16, 2014) http://epic.org/redirect/073014/politico-evoting.html EPIC: Open Government http://epic.org/open_gov/ EPIC: Voting Privacy http://epic.org/privacy/voting/ Senator Seeks Facebook Mood Study Investigation Following EPIC Complaint Senator Mark Warner (D-VA) has asked the Federal Trade Commission to investigate the legality of Facebook's emotional manipulation study. In a letter to the Commission, Senator Warner stated, "it is not clear whether Facebook users were adequately informed and given an opportunity to opt-in or opt-out." He also asked the FTC to conduct an investigation on whether "this 2012 experiment violated Section 5 of the FTC Act or the 2011 consent agreement with Facebook," two issues raised in EPIC's July 3 FTC complaint on the same topic. "The company purposefully messed with people's minds," EPIC wrote. EPIC's complaint also charged that Facebook violated a consent decree that required the company to respect user privacy, and also engaged in a deceptive trade practice. EPIC has asked the FTC to require that Facebook make public the "News Feed" algorithm. Sen. Mark Warner (D-VA): Blog Post on Facebook Investigation http://epic.org/redirect/073014/warner-facebook.html Sen. Warner: Letter to FTC re: Facebook Mood Study (Jul. 9, 2014) http://www.scribd.com/doc/233238030/Warner-Letter-to-FTC-7-9-14 EPIC: Complaint to FTC re: Facebook Mood Study (Jul. 3, 2014) http://epic.org/redirect/073014/epic-facebook-mood-complaint.html FTC: Proceedings Against Facebook (Aug. 10, 2012) http://epic.org/redirect/073014/ftc-facebook-2012.html EPIC: In re: Facebook (Psychological Study) http://epic.org/privacy/internet/ftc/facebook/psycho/ EPIC: In re: Facebook http://epic.org/privacy/inrefacebook/ EPIC: Federal Trade Commission http://epic.org/privacy/internet/ftc/ Obama Drone Order Fails to Safeguard Privacy According to published reports, President Obama is set to issue an executive order on drone privacy. The order calls for the development of voluntary best practices for the commercial use of drones. Senator Ed Markey (D-MA) and Representative Peter Welch (D-VT) immediately responded to the reports with a letter to the President urging "strong, enforceable rules - not voluntary best practices...." EPIC has testified in Congress in support of a comprehensive drone privacy law, calling for drone legislation to include use limitations, data retention limitations, transparency, and public accountability. The Federal Aviation Administration agreed to address drone privacy issues after an EPIC-led coalition petitioned the agency in 2012. In 2013, EPIC urged the agency to mandate minimum privacy standards for drone operators. Politico: "President Barack Obama to issue executive order on drone privacy" (Jul. 23, 2014) http://www.politico.com/story/2014/07/executive-order-drone- privacy-barack-obama-109303.html#ixzz38oOabREB Sen. Markey and Rep. Welch: Letter re: Drone Order (Jul. 24, 2014) http://epic.org/redirect/073014/markey-welch-letter.html EPIC: Congressional Testimony re: Drones (Mar. 20, 2013) http://epic.org/redirect/032913-epic-drone-testimony.html FAA: Letter to EPIC re: Petition (Feb. 14, 2013) http://epic.org/privacy/drones/DOT-UAS-Privacy-Issues-Letter.pdf EPIC et al.: Letter to FAA re: Drones (Feb. 24, 2012) http://epic.org/privacy/drones/FAA-553e-Petition-03-08-12.pdf EPIC: Comments to FAA on Drone Privacy Standards (Apr. 23, 2013) http://epic.org/apa/comments/EPIC-Drones-Comments-2013.pdf EPIC: UAVs and Drones http://epic.org/privacy/drones/ Annual Report: Federal and State Wiretaps Up 5% in 2013 The Administrative Office of the US Courts has issued the 2013 Wiretap Report, detailing the use of surveillance authorities by law enforcement agencies. This annual report, one of the most comprehensive issued by any agency, provides an insight into the debate over surveillance authorities and the use of privacy-enhancing technologies. In 2013, wiretap applications increased 5%, up from 3,576 to 3,395. Authorities encountered encryption during 41 investigations, but encryption prevented the government from deciphering messages in only nine cases. This statistic contradicts claims that law enforcement agencies are "going dark" as new technologies emerge. Of the 3,074 individuals arrested based on wiretaps in 2013, only 709 were convicted based on wiretap evidence. EPIC has repeatedly called on greater transparency of FISA surveillance, citing the Wiretap Report as a model for other agencies. EPIC also maintains a comprehensive index of the annual wiretap reports and FISA reports. US Courts: Wiretap Report 2013 (July 2014) http://epic.org/redirect/073014/2013-wiretap-report.html Washington Post: "Proliferation of new online communications services pose hurdles for law enforcement" (July 26, 2014) http://www.washingtonpost.com/world/national-security/ proliferation-of-new-online-communications-services-poses-hurdles- for-law-enforcement/2014/07/25/645b13aa-0d21-11e4-b8e5-d0de80767fc2 _story.html EPIC: Testimony on FISA Amendments Act of 2008 (May 31, 2012) http://epic.org/redirect/061912-epic-fisa-amdt-statement.html EPIC: Title III Wiretap Orders - Stats http://epic.org/privacy/wiretap/stats/wiretap_stats.html EPIC: Wiretapping http://epic.org/privacy/wiretap/ EPIC: Foreign Intelligence Surveillance Act http://epic.org/privacy/terrorism/fisa/ ======================================================================== [7] EPIC in the News ======================================================================== "Leahy Bill Aims to Rein In Government Snooping." Tech News World, July 30, 2014. http://www.technewsworld.com/story/80814.html "Privacy Consortium Urges Regulators to Block Facebook's New Ad Policy." The Wall Street Journal, July 29, 2014. http://blogs.wsj.com/digits/2014/07/29/privacy-consortium-urges- regulators-to-block-facebooks-new-ad-policy/ "Privacy Coalition Urges FTC To Block Facebook's Behavioral-Advertising Plan." Media Post, July 29, 2014 http://www.mediapost.com/publications/article/230990/privacy- coalition-urges-ftc-to-block-facebooks-be.html "Groups push feds to halt Facebook's tracking." The Hill, July 29, 2014. http://thehill.com/policy/technology/213634-privacy-groups-push- feds-to-investigate-facebook "Privacy Groups Blast Facebook for Persistent Tracking." Politico, July 29, 2014. http://www.politico.com/morningtech/0714/morningtech14813.html "Activist group sues US border agency over new, vast intelligence system." Ars Technica, July 21, 2014. http://arstechnica.com/tech-policy/2014/07/activist-group-sues-us- border-agency-over-new-vast-intelligence-system/ "Justices' cellphone privacy ruling may have broad impact." USA Today, July 20, 2014. http://www.usatoday.com/story/news/nation/2014/07/20/supreme-court- cellphone-privacy-nsa-terrorism/12779997/ "On the Line: Privacy and Security on Mobile Devices [video]." Voice of America, July 17, 2014. http://www.voanews.com/media/video/1960147.html "FTC Urged To Protect Consumers From Secret Psych Experiments." Media Post, July 17, 2014. http://www.mediapost.com/publications/article/230262/ftc-urged-to- protect-consumers-from-secret-psych-e.html "Facebook teams up with Nielsen to track what you are watching? [video]." Fox Business News, July 15, 2014. http://video.foxbusiness.com/v/3676618113001/facebook-teams-up- with-nielsen-to-track-what-you-are-watching/#sp=show-clips For More EPIC in the News: http://epic.org/news/epic_in_news.html ======================================================================== [8] EPIC Book Review: 'Rise of the American Corporate Security State' ======================================================================== "The Rise of the American Corporate Security State: Six Reasons to Be Afraid," Beatrice Edwards http://amzn.to/UzL2lu "The Rise of the American Corporate Security State" is an intriguing read about the close ties between corporate wealth and government power. Beatrice Edwards, the Executive Director the Government Accountability Project, weaves stories into her argument that highlight the issue succinctly and starkly. Edwards contends in the first half of the book that surveillance is expanding, the consolidated control of information is increasing, and the separation of powers is eroding. At the heart of her argument are the Snowden revelations, which exposed the true extent of our national security state, including the government's dragnet approach to intelligence collection and the lack of meaningful oversight by the legislative and judicial branches. Edwards lists the government's extensive efforts to maintain control over information: Consistently overclassifying documents, fighting tooth-and-nail against Freedom of Information Act requests, and demonizing all who expose government wrongdoing. The second half of the book focuses on the increasingly cozy relationship between corporations and the government. This relationship often leads to government contracts with corporations that bilk the American people of their tax dollars with unnecessary and ineffective programs. The government-corporate relationship and the hazards it can foster are epitomized by the financial industry and the 2008 financial crisis. Edwards warns the relationships are getting cozier, especially as the government uses cybersecurity as an excuse to gain greater access to the information corporations collect on us. "The Rise of the American Corporate Security State" exposes how the power of the corporate state is leading to the erosion of our democracy: Our privacy is diminishing; our freedoms are impaired; checks and balances are eroding; and corporate entities are almost never called to account for their wrongdoing. The prognosis for our democracy is dire, but Edwards offers practical steps to save it because "the battle for equality and fairness is not yet over." -- Jeramie D. Scott ======================================= EPIC Book Store ======================================= "Litigation Under the Federal Open Government Laws 2010," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark S. Zaid (EPIC 2010). Price: $75. http://epic.org/bookstore/foia2010/ Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding President Obama's 2009 memo on Open Government, Attorney General Holder's March 2009 memo on FOIA Guidance, and the new executive order on declassification. The standard reference work includes in-depth analysis of litigation under: the Freedom of Information Act, the Privacy Act, the Federal Advisory Committee Act, and the Government in the Sunshine Act. The fully updated 2010 volume is the 25th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. http://www.epic.org/redirect/aspen_ipl_casebook.html This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore: http://www.epic.org/bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= "The Privacy Class Action Landscape," Featuring EPIC President Marc Rotenberg. Boston: American Bar Association Annual Conference, Aug. 8, 2014. For More Information: http://www.americanbar.org/groups/tort_ trial_insurance_practice/events_cle/annual_2014/cle.html. "Developing Policies for the Internet of Things," Featuring EPIC President Marc Rotenberg. Aspen, CO: Aspen Institute Communication and Society Program, Aug. 13-16, 2014. For More Information: http://www.aspeninstitute.org/policy-work/communications-society. ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://epic.org/facebook http://twitter.com/epicprivacy Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Support EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/support Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government and private-sector infringement on constitutional values. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 21.14------------------------