EPIC - Electronic Privacy Information Center

Focusing public attention on emerging privacy and civil liberties issues

Senate Approves FDA Transparency Amendment

The Senate has approved a pro-transparency amendment sponsored by Senator Patrick Leahy (D-VT) to the Food and Drug Administration Safety and Innovation Act. Senator Leahy's amendment will preserve public access to information in the agency's possession related to drugs and pharmaceuticals. The Act originally would have allowed the agency to deny public access to information relating to drugs obtained from a federal, state, local, or foreign government agency if that agency had requested that the information be kept confidential. Many members of the government transparency and accountability community objected in a letter to Congress, highlighting the importance of transparency regarding drug information and the potential health and safety risks created by the original language. For more information, see Openthegovernment.org and EPIC: Open Government.

Facebook Users Force Vote on Privacy Changes

Facebook users have registered enough comments on Facebook's proposed privacy changes to force a vote on the issue. A provision in Facebook’s Statement of Rights and Responsibilities states that Facebook will allow users to vote on proposed alternatives if more than 7,000 users comment on a proposed change. The vote is binding if "more than 30 percent of all active registered users as of the date of the notice vote." Facebook's Data Use Policy accumulated 10,500 comments in English. The group Europe v. Facebook generated 30,000 comments on the German version of the page. The FTC recently issued a proposed settlement with Facebook that follows from complaints filed by EPIC and other consumer and privacy organizations in 2009 and 2010. The settlement bars Facebook from changing privacy settings without the affirmative consent of users or misrepresenting the privacy or security of users' personal information. For more information, see EPIC: Facebook Privacy, and EPIC: FTC Facebook Settlement.

Supreme Court Set to Review Wiretap Case

The Supreme Court has agreed to hear Clapper v. Amnesty International USA, a challenge to the FISA Amendments Act of 2008. The Act expanded the Government's authority to engage in warrantless surveillance, and followed news of the Bush administration's program to wiretap international communications. A group of lawyers, journalists, and public interest organizations, who regularly engage in international communications, challenged the new law saying they feared that their private communications would be intercepted. The US Court of Appeals for the Second Circuit ruled that the case could proceed even though the plaintiffs had not established that they were subject to surveillance. The Government filed a petition for the Supreme Court to hear the case, which was granted today. EPIC recently filed an amicus brief in a Supreme Court case, First American v. Edwards, raising similar Article III standing issues in the context of a consumer protection statute. EPIC also filed an amicus brief along with the Stanford Constitutional Law Center and other interested groups, in Hepting v. AT&T, a case challenging AT&T's involvement in the FISA warrantless wiretapping program. For more information, see EPIC: Foreign Intelligence Surveillance Act (FISA).

EPIC Urges the Drug Enforcement Administration to Uphold Privacy Act Protections

In response to a notice of proposed rulemaking, EPIC has submitted comments to the Drug Enforcement Administration of the Department of Justice, urging the agency to uphold Privacy Act protections, and to not claim broad exemptions from the Privacy Act. The proposed rule would exempt the agency from complying with crucial Privacy Act provisions, including the rights of record access and correction, and the duty to only collect relevant and necessary personal information. The proposed rule would even excuse the agency from any civil liability arising from willful Privacy Act violations. Following the Supreme Court decision in FAA v. Cooper, EPIC has set out proposed changes to the Privacy Act that would compensate individuals for provable nonpecuniary harms caused by willful violations of the Privacy Act. For more information, see EPIC: FAA v. Cooper and EPIC: The Privacy Act of 1974.

Federal Appeals Court Backs Justice Department in Voting Rights Dispute

The Court of Appeals for the District of Columbia Circuit issued an opinion rejecting Shelby County, Alabama's constitutional challenge to the preclearance requirements of the Voting Rights Act of 1965. The Court held that Section 5 of the Act, which requires "covered jurisdictions" to show that new voting procedures, such as Voter ID requirements, are nondiscriminatory before those changes can be put into effect, is constitutional. Shelby County challenged the preclearance requirements after Congress reauthorized Section 5 in 2006. The Department of Justice recently blocked Voter ID laws in South Carolina and Texas through the Section 5 preclearance process. EPIC has argued that unreasonable voter ID requirements are an impermissible burden on the right to vote. For more information, see EPIC: Voter Photo ID and Privacy and EPIC: Crawford v. Marion County.

House Approves Amendment to Defense Spending Bill to Limit Defense Drones Surveillance

The House of Representatives has approved an amendment, introduced by Congressman Landry (R-LA), to the National Defense Authorization Act to prohibit information collected by Department of Defense drones without a warrant from being used as evidence in court. New legislation requires the Federal Aviation Administration to develop rules governing the operation of drones in the U.S. National Airspace. Shortly after passage, EPIC, joined by over 100 organizations, experts, and members of the public, submitted a petition to the FAA requesting a public rulemaking on the privacy impact of drone use in US airspace. The petition is still pending with the agency. For more information, see EPIC: Unmanned Aerial Vehicles (UAVs) and Drones.

Privacy Board Approved by Judiciary Committee, Vote Moves to Senate

The Senate Committee on the Judiciary has approved President Obama's five nominees for the Privacy and Civil Liberties Oversight Board. The Board is an independent entity charged with ensuring that fundamental rights are protected in the implementation of government programs, including cybersecurity. Originally convened in 2004, the five seats on the Board have remained vacant for the past five years. Senator Leahy, the Chairman of the Judiciary Committee, said, "When we worked to create this board, we did so to ensure that our fundamental rights and liberties would be preserved…The Senate should move quickly to confirm the nominees to the board so that they can get to their important work." For more information, see EPIC: 9/11 Commission Report and "The Sui Generis Privacy Agency: How the United States Institutionalized Privacy Oversight After 9-11."

EPIC Supports Geolocation Privacy Act, Suggests Improvement

In a Statement for the Record, EPIC has expressed support for H.R. 2168, the "Geolocational Privacy and Surveillance Act," which prohibits the interception of location information by private parties and government agents acting without a search warrant. The bill will be considered at a hearing before the House Subcommittee on Crime, Terrorism, and Homeland Security. EPIC said "as communications technologies evolve, new forms of personal information are generated that require new legal safeguards." EPIC also recommended that Congress adopt purpose-specification and data limitation requirements for data stored by private companies, require affirmative consent prior to the collection of location data, and clarify an exception that permits the interception of location data made available through publicly accessible systems. For more information, see EPIC: Location Privacy.

FAA Revises Drone License Procedures, Privacy Petition Still Pending

The Federal Aviation Administration has announced new procedures for government agencies that operate drones in the United States. The procedures will streamline the process through which government agencies, including local law enforcement, receive drone licenses. However, the FAA has so far failed to establish privacy safeguards for drone use. On February 24, 2012, EPIC, joined by over 100 organizations, experts, and members of the public, submitted a petition to the FAA requesting a public rulemaking on the privacy impact of drone use in US airspace. For more information, see EPIC: Unmanned Aerial Vehicles (UAVs) and Drones.

EPIC Proposes Update to Privacy Act to Address Recent Supreme Court Decision

Following the recent decision of the Supreme Court in FAA v. Cooper, EPIC has set out proposed changes to the Privacy Act that would compensate individuals for provable nonpecuniary harms caused by willful violations of the Privacy Act. In Cooper, the Supreme Court held that the Privacy Act "does not unequivocally authorize" compensatory damages for mental or emotional distress. Justice Sotomayor, joined by Justices Ginsburg and Breyer, wrote in dissent that "the primary, and often only, damages sustained as a result of an invasion of privacy are . . . mental or emotional distress." EPIC recommended that the Privacy Act explicitly define "actual damages" to include provable mental and emotional distress. EPIC's letter follows an earlier request from Senator Daniel Akaka (D-HI) for comment on S.1732, the Privacy Act Modernization for the Information Age Act of 2011. For more information, see, EPIC: FAA v. Cooper and EPIC: The Privacy Act of 1974.

EPIC Calls on FTC to Develop Substantive Privacy Protections at Workshop on Mobile Advertising

EPIC submitted comments to the Federal Trade Commission for the May 30 workshop on mobile advertising disclosures. EPIC recommended that the agency focus on the development of substantive privacy protections, such as the Consumer Privacy Bill of Rights announced by the President earlier this year, for mobile services. EPIC also recommended that the workshop address a series of problems with the "notice and consent" approach, as well as the merits of innovative, nonverbal approaches proposed by privacy scholars. The workshop follows an FTC report calling for privacy legislation and an investigation that documented privacy problems with mobile applications for children. For more information, see EPIC: Federal Trade Commission.

On Google Spy-Fi, Senator Durbin Calls for Update to Wiretap Law, FCC Chair Agrees Law Should Protect Unencrypted Communications

In a hearing with Federal Communications Commission Chairman Julius Genachowski, Senator Dick Durbin (D. IL.) criticized the agency's decision to issue a mere $25,000 fine against Google following the investigation of Street View data collection. (Hearing video beginning at 64:20) Senator Durbin said that Google's interception and collection of private wi-fi communication was a clear violation of privacy. Chairman Genachowski defended the agency's decision but agreed with the committee chairman that "the law should protect people even if they have unencrypted wi-fi." Senator Durbin said that he would consider changes to the law if that is necessary. Senator Durbin also asked the FCC to provide the legal memoranda supporting the FCC's decision not to find Google guilty of violating the Communications Act. EPIC has a similar FOIA request pending with the agency. For more information, see EPIC: FCC Investigation of Google Street View and EPIC: Electronic Communications Privacy Act.