Previous Top News: 2014
- EPIC Asks Supreme Court to Protect Cellphone Privacy. EPIC, joined by twenty-four technical experts and legal scholars, has filed a "friend of the court" brief in a Supreme Court case concerning the warrantless search of a cell phone. In Riley v. California, the Court will determine whether the search of a phone following an arrest violates the Fourth Amendment if no warrant is obtained. Lower courts are currently divided on this issue. EPIC's amicus brief explains that "modern cell phone technology provides access to an extraordinary amount of personal data . . . Allowing police officers to search a person's cell phone without a warrant following an arrest would be a substantial infringement on privacy, is unnecessary, and unreasonable under the Fourth Amendment." EPIC's brief describes the vast amount of personal information available on the phone and from the phone. "From a cellphone," EPIC explains "users can even see into their homes and control devices and appliances." EPIC points out that "there is no need to allow warrantless searches when currently available techniques allow law enforcement to secure the cell phone data pending a judicial determination of probable cause." EPIC routinely participates in privacy cases before the US Supreme Court. For more information, see EPIC: Riley v. California, EPIC: EPIC Amicus Curiae Briefs. (Mar. 7, 2014)
- "An Analysis of the Review Group Recommendations for Intelligence Reform".
EPIC Executive Director
NYU Security Research Seminar(Mar. 11, 2014)
New York, NY
March 11, 2014
- "Civil Liberties Dead Zone: Do First and Fourth Amendment Rights Not Apply at the Border?".
EPIC Executive Director
Freedom of the Press Committee(Mar. 20, 2014)
National Press Club
March 20, 2014
- "Enhancing Trust and Boosting Innovation in the Digital Ecosystem".
EPIC Executive Director
OECD(Mar. 10, 2014)
Microsoft Policy Center
March 10, 2014
- After Weakening Privacy Law, Education Department Proposes "Best Practices" for Student Data. The Education Department has issued recommendations for schools that transfer student records to online educational service providers. Following the Department's changes to a federal student privacy law, private companies and government agencies have access to student records without obtaining student consent. In the recommendations, the agency explained that the current regulations do not require written agreements for schools to disclose student information to private companies. The Education Department recommended that schools establish policies for approving online educational services, create written contracts with private companies for the use of student data, and explain to parents and students how schools collect, use, and disclose student information. The agency warned that student data held by private companies may not be protected under federal privacy laws. EPIC had earlier sued the Education Department for weakening the privacy rule that prevented companies from getting access to student data. On March 13, 2014, the Education Department will hold a webinar on its student privacy best practices. For more information, see: EPIC: Student Privacy and EPIC: EPIC v. Dept. of Education. (Mar. 7, 2014)
- EPIC Urges FTC Investigation of WhatsApp Sale to Facebook. EPIC has filed a complaint to the Federal Trade Commission concerning Facebook's proposed purchase of WhatsApp. WhatsApp is a messaging service that gained popularity based on its strong pro-privacy approach to user data. WhatsApp currently has 450 million active users, many of whom have objected to the proposed acquisition. Facebook regularly incorporates data from companies it has acquired.The Federal Trade Commission has previously responded favorably to EPIC complaints concerning Google Buzz, Microsoft Passport, Changes in Facebook Privacy Settings, and Choicepoint security practices. However, the FTC approved Google's acquisition of Doubleclick over EPIC's objection. Facebook is currently under a 20 year consent decree from the FTC that requires Facebook to protect user privacy and to comply with the US-EU Safe Harbor guidelines. For more information, see EPIC: In re Google Buzz, EPIC: Microsoft Passport, EPIC: In re Facebook, and Privacy? Proposed Google/DoubleClick Merger. (Mar. 6, 2014)
- EPIC Presents 2014 Domestic Privacy Champion Award to Evan Hendricks. EPIC has presented the 2014 Domestic Privacy Champion Award to Evan Hendricks, the publisher of Privacy Times. Hendricks received the award in recognition of his work in consumer privacy protection and for his work in publishing Privacy Times, a significant resource in the privacy world. In 2013, EPIC presented the Domestic Privacy Champion Award to Susan Grant. On January 28, EPIC awarded Jan Philipp Albrecht with the International Privacy Champion Award as part of International Privacy Day. (Mar. 5, 2014)
- Citron, Felten, Lewis, Lysyanskaya, Marwick, McDonald, Moglen, and Vladeck Join EPIC Advisory Board. EPIC has announced the 2014 members of the EPIC Advisory Board. They are Danielle Citron, Professor at University of Maryland School of Law, Edward Felten, Professor of Computer Science and Public Affairs at Princeton University, Harry R. Lewis, Professor of Computer Science at Harvard University, Anna Lysyanskaya, Professor of Computer Science at Brown University, Alice E. Marwick, Assistant Professor of Media Studies at Fordham University, Aleecia M. McDonald, Director of Privacy at the Stanford Center for Internet & Society, Eben Moglen, Professor of Law and Legal History at Columbia Law School, and David Vladeck, Professor of Law at Georgetown University Law Center. The EPIC Advisory Board is a distinguished group of experts in law, technology, and public policy. Press Release For more information, see EPIC: EPIC Advisory Board. (Mar. 5, 2014)
- White House to Accept Public Comments on Big Data and Privacy Review. The White House is requesting public comments on the Obama Administration's "Big Data and the Future of Privacy" review. EPIC, joined by 24 consumer privacy, public interest, scientific, and educational organizations petitioned the Office of Science and Technology Policy last month to accept public comments. The petition stated, "The public should be given the opportunity to contribute to the OSTP's review of 'Big Data and the Future of Privacy' since it is their information that is being collected and their privacy and their future that is at stake." The letter sets out several important questions, including whether current laws are adequate and whether it is possible to maximize the benefits of big data while minimizing the risks to privacy. Comments are due by March 31, 2014. For more information, see EPIC: Big Data and the Future of Privacy. (Mar. 5, 2014)
- In FOIA Lawsuit, EPIC Obtains Secret Reports on Data Collection. In a Freedom of Information Act lawsuit, EPIC has obtained reports that detail the number of times the Surveillance Court authorized the use of techniques that gather the telephone numbers and metadata of phone customers and Internet users. The previously secret reports obtained by EPIC cover the period between 2000 and 2013. The reports reveal a dramatic increase in the use of these techniques in 2004 and then a significant reduction in 2008, likely the consequence of a shift to other investigative techniques. The documents show that nearly all applications to the Surveillance Court were approved without modifications. In 2013, EPIC petitioned the Supreme Court to end the bulk telephone record collection program. Former members of the Church Committee and dozens of legal scholars supported the EPIC petition. For more information see: EPIC v. Department of Justice - Pen Register Reports, EPIC: Foreign Intelligence Surveillance Court Orders 1979-2012, and In re EPIC. (Mar. 3, 2014)
- House Passes FOIA Reform Bill. The House of Representatives has passed the FOIA Oversight and Implementation Act of 2014. The bill would strengthen the Office of Government Information Services, require agencies to update their FOIA regulations, and mandate the use of a single, free website for submitting FOIA requests and appeals and receiving information about the status of the FOIA request. The bill would also require that agencies seeking to withhold information under one of the FOIA's exemptions demonstrate that there would be a "specific identifiable harm," tied to the purpose of the exemption, if disclosure occurred. The bill does not address several key transparency community proposals, including recommendations to limit the use of exemptions and to make it easier to track legislative proposals for new FOIA exemptions. The Senate is currently considering a similar bill. For more information see: EPIC: Open Government. (Feb. 28, 2014)
- EPIC Files FOIA Lawsuit for Information About Massive Telco Database "Hemisphere". EPIC has filed a Freedom of Information Act lawsuit for records about "Hemisphere," a massive telephone record collection program operated by the Drug Enforcement Agency in cooperation with AT&T. Under the program, law enforcement agencies access billions of detailed customer phone records, including location data, dating back to 1987 in routine criminal matters unrelated to national security. EPIC filed the complaint after the federal agency failed to respond to EPIC's FOIA request for information about the operation and legal authority for the program. EPIC has previously challenged the NSA's bulk collection of telephone records in a petition to the US Supreme Court. For more information, see EPIC: In re EPIC (NSA Telephone Record Surveillance), EPIC: Hemisphere and EPIC v. DEA (Hemisphere FOIA). (Feb. 28, 2014)
- Techno-Snooping: Privacy, Technology and the Evolving Rule of Law.
Techno-Snooping: Privacy, Technology and the Evolving Rule of Law
EPIC Associate Director
Colby College(Apr. 6, 2014)
April 6, 2014
- "Cloud Computing and the Law".
EPIC Executive Director
Ottawa Law Review(Feb. 27, 2014)
University of Ottawa
27 February 2014
- Supreme Court Allows Warrantless Search of Home. In a case that narrows the warrant requirement for searches of homes, the Supreme Court upheld the warrantless search of a suspect's home by the LAPD after the person objected. In Fernandez v. California, the officers returned to the apartment of the resident after he had been arrested, and obtained consent from a roommate to conduct a search. Justice Alito, writing for the 6-3 majority, found that the roommate's consent was sufficient once the defendant was no longer present. Justice Ginsburg, writing in a dissent joined by Justices Sotomayor and Kagan, argued that the decision "tells the police they may dodge" the warrant requirement and is contrary to a prior a decision of the Court. In Georgia v. Randolph, the Supreme Court previously ruled that when one occupant refuses to consent to a search, the other's consent is not sufficient to permit a search. EPIC has previously filed amicus briefs in a number of important Supreme Court Fourth Amendment cases. For more information, see EPIC: United States v. Jones, EPIC: Maryland v. King, EPIC: Amicus Curiae Briefs. (Feb. 26, 2014)
- White House and MIT to Host Conference on Big Data and Privacy. On March 3, 2014, the White House and MIT will cohost "Big Data Privacy: Advancing the State of the Art in Technology and Practice." The conference is part of the White House's Big Data and the Future of Privacy initiative and will feature keynotes from Counselor to the President John Podesta and Secretary of Commerce Penny Pritzker. Scholars, privacy advocates, government representatives and private sector leaders will explore the opportunities and challenges of big data and examine the use of Privacy Enhancing Techniques. President Obama has called for a "comprehensive review of big data and the future of privacy." In response, EPIC and a coalition of consumer and scientific organizations outlined key questions for the White House to explore, and also asked the Office of Science and Technology Policy to encourage public participation. For more information see EPIC: Big Data and the Future of Privacy, EPIC: Privacy and Consumer Profiling, and EPIC: Privacy Tools. (Feb. 24, 2014)
- Consumer Privacy, Data Security, and Cyber Liability.
"Consumer Privacy, Data Security, and Cyber Liability"
EPIC National Security Appellate Advocacy Fellow
Washington D.C. Bar Association
February 26, 2014
(Feb. 26, 2014)
- School Privacy Zone Summit: Protecting Student Data from the Classroom to the Cloud.
Director, EPIC Student Privacy Project
Common Sense Media and the Annenberg Retreat at Sunnylands(Feb. 24, 2014)
Pew D.C. Conference Center
February 24, 2014
- EPIC, Coalition Urge President Obama to Advance Privacy Bill of Rights. EPIC along with a coalition of over 40 public interest organizations has urged the President to implement the Consumer Privacy Bill of Rights, a comprehensive framework for privacy protection. The letter comes on the two-year anniversary of the Administration's introduction of the Privacy Bill of Rights, which includes baseline privacy principles, such as individual control and transparency, respect for context and focused collectionm and better access, accuracy, and accountability. The President called the Privacy Bill of Rights a "blueprint for privacy in the information age" and said his Administration "will work to advance these principles and work with Congress to put them into the law." The letter from the organizations states, "We urge you to work with those in Congress who favor the privacy rights of Americans, who support updates to privacy law, and who understand why this issue is so critical to so many Americans. And let those who stand in the way explain to their constituents why they believe that it is not necessary for Congress to do anything further to protect the fundamental rights of Americans." For more information, See EPIC: White House: Consumer Privacy Bill of Rights. (Feb. 24, 2014)
- EPIC Files Amicus Brief in Facebook Consumer Privacy Case, Urges Rejection of Settlement. EPIC has filed a amicus brief urging a federal appeals court to overturn a controversial consumer privacy settlement. If the Fraley v. Facebook settlement is approved, Facebook will display the images of Facebook users, including young children, for commercial endorsement without consent. Facebook users opposed "Sponsored Stories" and several have formally objected to the settlement, including a children's advocacy organization which said that the "settlement is actually worse than no settlement." The MacArthur Foundation also withdrew stating it should not have been designated to receive funds. EPIC's amicus brief in support of the objectors explains that the settlement is unfair to Facebook users and should be rejected. EPIC also notes that Chief Justice Roberts expressed concerns about a similar privacy settlement involving Facebook. EPIC and a coalition of consumer privacy organizations filed an extensive complaint with the Federal Trade Commission that eventually required Facebook to improve its privacy practices. For more information, see EPIC: In re Facebook and EPIC: Fraley v. Facebook. (Feb. 21, 2014)
- EPIC Urges FTC to Strengthen Safe Harbor Settlements. EPIC has submitted comments to the Federal Trade Commission, urging the agency to improve pending settlements in several Safe Harbor enforcement actions. According to the FTC, twelve companies misrepresented compliance with the EU-US privacy arrangement. EPIC recommended that the Commission revise the proposed orders to: (1) require the companies to comply with the Consumer Privacy Bill of Rights; (2) publish the companies' consent order compliance reports as they are submitted; and (3) strengthen the sanctions against a DNA testing firm, whose misrepresentations puts genetic information at risk. EPIC also noted that the Commission's ongoing failure to modify consent orders in response to public comments is "contrary to the interests of American consumers." For more information, see EPIC: EU Data Protection Directive and EPIC: Federal Trade Commission. (Feb. 21, 2014)
- DHS Open Government Report Reveals Increased Backlog and Use of Law Enforcement Exemptions. The Department of Homeland Security has released the 2013 Freedom of Information Act Report detailing the agencies attempts to comply with the federal open government law. The FOIA requires each agency to provide the numbers of requests received and processed, the time taken to respond, the outcome of each request, and other statistics. In 2013, the DHS reported a significant increase in its FOIA backlog, which rose from 28,553 unanswered requests in 2012 to 53,598 unanswered requests in 2013. Of the nine exemptions that an agency can invoke to withhold documents, DHS relied most heavily on exemption 7(C) (law enforcement records that if released would constitute an invasion of personal privacy) and 7(E) (law enforcement records that if released would disclose law enforcement techniques or procedures, which is significant because the DHS is not a law enforcement agency. DHS reported granting about 7% of requests for expedited processing. EPIC has prevailed in several FOIA lawsuits against DHS, and has also worked to reform the agency's FOIA processing practices for other requesters. For more information, see EPIC v. DHS - Body Scanner FOIA Appeal, EPIC v. DHS - Social Media Monitoring, and EPIC v. DHS - SOP 303. (Feb. 21, 2014)
- Massachusetts Court Upholds Privacy Protection for Location Records. In Commonwealth v. Augustine, the Massachusetts Supreme Judicial Court ruled that an individual has a reasonable expectation of privacy in cell phone location records held by a company. Article 14 of the Massachusetts Constitution, similar to the Fourth Amendment, provides that individuals should be free from "unreasonable searches, and seizures." The court held that obtaining two weeks of phone location records was a search, requiring a warrant. EPIC filed "friend of the court" briefs in Commonwealth v. Connolly, a similar case in Massachusetts concerning warrantless GPS tracking, and State v. Earls, a case in which the New Jersey Supreme Court held that location data is protected under the state constitution. EPIC also filed a brief in In re U.S. Application for Historical Cell Site Data, where an appeals court held that users have no reasonable expectation of privacy in location records under the Fourth Amendment. The Massachusetts Supreme Court considered all three cases. For more information, see EPIC: Location Privacy. (Feb. 20, 2014)
- Children's Advocacy Group Withdraws from Facebook Settlement. The Campaign for Commercial-Free Childhood has turned down $290,000 from a controversial consumer privacy settlement concerning Facebook's Sponsored Stories. The children's advocacy group said, "We now believe that this settlement is actually worse than no settlement. It harms vulnerable teenagers and their families under the guise of helping them...we cannot benefit from a settlement which we now realize is harmful to children and will impede future efforts to protect minors' privacy on Facebook." The MacArthur Foundation withdrew from the Fraley settlement last year, suggesting the funds be redirected to "other non-profit organizations engaged in the underlying issues." And in a related case, Chief Justice Roberts suggested that the Supreme Court will need to address "fundamental concerns surrounding the use of such remedies in class action litigation." EPIC has worked closely with consumer privacy organizations and federal courts to improve class action settlements, arguing that settlements in consumer privacy cases should improve consumer privacy and that awards should be allocated to organizations aligned with the interests of class members. For more information, see EPIC: Fraley v. Facebook. (Feb. 20, 2014)
- DHS Cancels Nationwide License Plate Tracking System. The Department of Homeland Security has cancelled a plan to build a national license plate tracking database. The database would have included the license plate records of car owners across the country, obtained from private companies and law enforcement agencies. The request for bids lacked any consideration of privacy protections. EPIC, through various Freedom of Information Act requests, had obtained extensive documents on the current programs operated by the Customs and Border Protection and the Federal Bureau of Investigation. The documents uncovered by EPIC show that both agencies failed to adequately address the privacy implications of license plate readers. For more information, see EPIC: License Plate Recognition Systems. (Feb. 20, 2014)
- "Privacy and Public Good: Reporting on Student Data".
Director, EPIC Student Privacy Project
SXSWedu(Mar. 4, 2014)
March 4, 2014
- Senators Rockefeller and Markey Propose Data Broker Legislation. Senators Rockefeller and Markey have introduced the The Data Broker Accountability and Transparency Act of 2014 (DATA Act). The proposed Act imposes transparency and accountability requirements on data brokers and other companies that profit from the collection and sale of consumer information. Under the DATA Act, consumers would be able to access their personal information, make corrections, and opt out of marketing schemes. The DATA Act would empower the FTC to impose civil penalties on violators, and would prohibit data brokers from collecting consumer data in deceptive ways. In 2009, EPIC testified in support of new legislation to regulate the data broker industry. In 2005, EPIC's complaint to the FTC against data broker Choicepoint lead to a $10 million settlement. For more information, see EPIC: Federal Trade Commission, EPIC: Choicepoint and EPIC: Privacy and Consumer Profiling. (Feb. 13, 2014)
- Senate Hears from Privacy Oversight Board, NSA "Metadata" Program is Ineffective. At a Senate Judiciary Committee hearing today, members of the Privacy and Civil Liberties Oversight Board discussed their review of the Section 215 program, concerning the collection of telephone records on US telephone customers. The Privacy Civil Liberties Board 238 page report found that the program was not effective and had not prevented any terrorist incidents. Recent reports also indicate that only 30% of phone records are actually collected, calling into question the value of the "metadata" program. Senate Judiciary Chairman Patrick Leahy stated that "the administration has not demonstrated" that the program "is uniquely valuable to justify the massive intrusion upon American's privacy." The President recently announced that the current bulk collection program would end and announced a transition process, requiring judicial approval of queries, prior to the expiration of the current authority on March 28. For more information, see EPIC: NSA Verizon Phone Record Monitoring. (Feb. 12, 2014)
- Court Denies EPIC Injunction in FOIA Case for Surveillance Reports. A federal judge has denied EPIC's motion for a preliminary injunction that would have required the Department of Justice to complete processing of EPIC's Freedom of Information Act Request for FISA "Pen Register" reports within 20 days. In EPIC v. DOJ, EPIC sought public disclosure of the reports that describe the collection of the bulk Internet metadata from 2004 to 2011. The Justice Department granted EPIC's request for expedited processing in November 2013, but has not yet disclosed any responsive records. After EPIC filed suit and moved for a preliminary injunction, the Justice Department notified EPIC that it intends to complete processing of the reports by February 28, 2014. For more information, see EPIC v. DOJ (FISA Pen Register Reports). (Feb. 11, 2014)
- EPIC Accepts NSA's Settlement Offer, Receives Attorneys Fees. EPIC has accepted the NSA's offer to settle a Freedom of Information Act case EPIC v. NSA. EPIC sought both National Security Presidential Directive 54, a Presidential Directive setting out the scope of the NSA's authority over computer networks in the United States, as well as documents related to NSPD 54. EPIC received some of the documents as a result of the lawsuit, "substantially prevailing" under the FOIA, and prompting the NSA to make a settlement offer to EPIC. As a consequence, EPIC will receive attorneys fees from the NSA. EPIC is simultaneously appealing the lower court's determination that NSPD-54 is not an "agency record" subject to the FOIA. It was the first time a federal court has ruled that a Presidential Directive is not subject to the Freedom of Information Act. For the appeal, EPIC has already filed a Statement of the Issue, and the parties are waiting for the D.C. Circuit Court of Appeals to set a briefing schedule. For more information, see EPIC v. NSA - Cybersecurity Authority. (Feb. 11, 2014)
- "On the Heels of the Week: Privacy, Fashion, and the Internet".
EPIC Administrative Law Counsel
New York State Bar Association(Feb. 10, 2014)
New York, NY
February 11, 2014
- EPIC, Coalition Urge White House to Listen to Public on "Big Data and Privacy". EPIC, joined by 24 consumer privacy, public interest, scientific, and educational organizations petitioned the White House's Office of Science and Technology Policy to accept public comments on the Big Data and The Future of Privacy study now underway. The Office's primary function is to advise the President on scientific and technological issues. The President announced the Big Data review during a recent speech on NSA reform. The petition calls on the Office of Science and Technology Policy to incorporate the concerns and opinions of the public and lays out a number of important questions to consider, including whether current laws are adequate and also whether it is possible to maximize the benefits of big data while minimizing the risks to privacy. For more information, see EPIC: Privacy and Consumer Profiling. (Feb. 10, 2014)
- Homeland Security Revised Traveler Screening Violates Federal Privacy Act. The Transportation Security Administration and Customs and Border Protection, components of the Department of Homeland Security, have announced plans for agency record disclosures without Privacy Act notifications. The agencies Common Operating Picture ("COP") program would permit TSA and CBP to exchange personal information held by the agencies to place travelers on federal watch lists. Although TSA and CBP have proposed new uses for personal data, the agencies have declined to solicit public comments as required by the Privacy Act. Currently, the agencies use the Automated Targeting System to perform "risk assessments." EPIC has called for DHS to suspend "risk-based" passenger profiling and to make public the algorithms that are used to assess travelers. For more information, see EPIC: Secure Flight, EPIC: Passenger Profiling, and EPIC: Air Travel Privacy. (Feb. 10, 2014)
- New Limits on NSA Telephone Record Program Established, Authority Expires March 28. The Foreign Intelligence Surveillance Court has granted the government’s motion to limit access by the NSA to the bulk telephone records provided by US telephone companies. Under the new rules, the government cannot "query" the telephone metadata until after the court finds that there is a "reasonable, articulable suspicion that the selection term is associated with" a terrorist organization. The new rules also limit query results to telephone numbers within "two hops" of the selector. President Obama announced the new legal requirement during his recent speech on surveillance reform, when he committed to end the NSA’s bulk record collection program. The NSA's authority to force US telephone companies to turn over records on all their customers will expire on March 28th. The President has recommended that the Intelligence Community and the Attorney General propose an alternative to the bulk collection program prior to that deadline. For more information, see EPIC: FISC and EPIC: NSA Verizon Phone Record Monitoring. (Feb. 7, 2014)
- EPIC Recommends Safeguards For Facial Recognition Technology. In a letter to the Department of Commerce, EPIC called on the agency to develop a facial recognition framework based on the Fair Information Practices ("FIPs"). The National Telecommunications and Information Administration is meeting to address the commercial use of facial recognition, which has seen a backlash. Google banned facial recognition apps and services and Europe required Facebook to discontinue the use of facial recognition for photo tagging. Today Senator Al Franken raised concerns about NameTag. Senator Franken, in a letter to the app developer, called for the delay of the apps release until best practices are established. In comments to the Federal Trade Commission, EPIC previously recommended the suspension of facial recognition technology until adequate safeguards are established. For more information, see EPIC: Face Recognition. (Feb. 5, 2014)
- FTC Chair Ramirez Urges Senate to Act on Data Security Legislation. The Senate Judiciary Committee hearing on "Privacy in the Digital Age: Preventing Data Breaches and Combating Cybercrime" followed a series of major data breaches at Target, Neiman Marcus, and Michaels, which compromised the personal data of tens of millions of consumers. Senator Leahy, who has introduced important data privacy legislation, said "In the digital age, Americans face threats to their privacy and security unlike any time before in our Nation's history." FTC Chair Edith Ramirez expressed strong support for federal data security legislation. (2h18m). In 2012 President Obama set out a framework for consumer privacy protection, the Consumer Privacy Bill of Rights, which is supported by consumer privacy organizations. For more information, see EPIC: Privacy Legislation, EPIC: Identity Theft, and EPIC: Federal Trade Commission. (Feb. 5, 2014)
- EPIC Launches Privacy Rights Blog. EPIC has launched a new Privacy Rights Blog, where staff members and guests will write longer-form posts about current issues, including student privacy, domestic surveillance technology, the Fourth Amendment, FOIA law, national security oversight, and consumer privacy. These posts will provide the EPIC staff with a new way to engage our readers, and we look forward to addressing important emerging issues. If you have comments or suggestions for future blog topics, please contact us at blog [at] epic [dot] org. For more information, see Privacy Rights Blog @ EPIC.org. (Feb. 5, 2014)
- "Big Surveillance Demands Big Privacy - Enter Privacy-Protective Surveillance".
Director, EPIC Domestic Surveillance Project
Toronto, Canada(Jan. 28, 2014)
January 28, 2014
- "I will reform our surveillance programs," President Obama Tells Nation. Stating that "America must move off a permanent war footing," President Obama announced (video) at the State of the Union that "working with this Congress, I will reform our surveillance programs." (50:30) The President continued, (text) "because the vital work of intelligence community depends on public confidence, here and abroad, that the privacy of ordinary people is not being violated." Citing the need to close the prison in Guantanamo, the President also said "we counter terrorism not just through intelligence and military action but by remaining true to our constitutional ideals and setting an example for the rest of the world." EPIC and other consumer privacy organizations have urged the President to move forward the Consumer Privacy Bill of Rights and to support the International Privacy Convention. (Jan. 29, 2014)
- "Assessing the Impact of PPD 28 on NSA Oversight".
Jeramie D. Scott,
EPIC National Security Counsel
Georgetown University’s Center for Security Studies(Jan. 30, 2014)
January 30, 2014
- EPIC Gives 2014 International Award to European Parliament Member Jan Albrecht. EPIC has given the 2014 International Champion of Freedom Award to European Parliament Member Jan Philipp Albrecht for "modernizing and defending the law of data protection." As a rapporteur for the Committee on Civl Liberties, Justice and Home Affairs, Albrecht has led the effort in the European Parliament to update European privacy law. He is also an outspoken defender of privacy rights and has promoted the investigation of the NSA program of mass surveillance. Albrecht received the award from EPIC at the annual Computers, Privacy, and Data Protection conference in Brussels. Previous award recipients include privacy activist Max Schrems, Canadian Privacy Commissioner Jennifer Stoddart, European Parliamentarian Sophie In't Veld, Australian Jurist Michael Kirby, and Constitutional Law Scholar Stefano Rodotà. The award is given by EPIC annually in recognition of January 28, International Privacy Day. (Jan. 27, 2014)
- 2014 CPDP Conference.
- "Freedom of Speech and Privacy".
Free Speech Dialogues(Feb. 6, 2014)
University of Texas
February 6, 2014
- "The Future of Information Privacy Protection".
Georgetown University Law Center(Feb. 4, 2014)
February 4, 2014
- Oversight Board Calls for End of NSA Telephone Records Program. Today the Privacy and Civil Liberties Oversight Board called for the end of the section 215 program that allows the NSA to collect the telephone records of all Americans. In a comprehensive report, the Oversight Board unanimously found that "the NSA's Section 215 program has not proven useful in identifying unknown terrorists or terrorist plots" and that "telephone calling records, when collected in bulk and subjected to powerful analytic tools, can reveal highly sensitive personal information." A majority of the board also concluded that Section 215 did not permit the routine collection of all telephone records on all Americans. The report set out 12 recommendations discussing additional privacy safeguards, greater transparency, and improvements to the Foreign Intelligence Surveillance Court. The members of the Oversight Board unanimously supported almost all of the recommendations. EPIC urged the Board last year at a public workshop to (1) find that section 215 does not permit the collection of all telephone records by the NSA; (2) improve reporting of FISA activities; (3) establish new safeguards for transparency and accountability; and (4) reconsider the Constitutional basis of metadata collection in light of the scope of the government's activities and recent Supreme Court opinions. EPIC had earlier petitioned the Supreme Court to find the 215 program unlawful. Former members of the Church Committee and dozens of legal scholars supported the EPIC petition. For more information, see EPIC: In re EPIC - NSA Telephone Record Surveillance. (Jan. 23, 2014)
- White House Announces Review of "Big Data and the Future of Privacy". Following the President's speech on reform of the intelligence collection programs, White House counselor John Podesta has announced "a comprehensive review of the way that 'big data will affect the way we live and work; the relationship between government and citizens; and how public and private sectors can spur innovation and maximize the opportunities and free flow of this information while minimizing the risks to privacy." This is the first major privacy initiative announced by the White House since the release of the Consumer Privacy Bill of Rights in 2012. The undertaking will involve key officials across the federal government, including the President’s Science Advisor and the President's Council of Advisors on Science and Technology. EPIC has participated in several workshops and studies concerning the intersection of privcy and "big data." (Jan. 23, 2014)
- EPIC, Amnesty International Urge President Obama to Support Privacy in Annual State of the Union. EPIC President Marc Rotenberg, Amnesty International Secretary General Salil Shetty, and members of the EPIC Advisory Board have asked President Obama to support privacy and the international privacy convention in the annual State of the Union speech next week. The State of the Union falls this year on January 28, which is also International Privacy Day. EPIC and Amnesty are urging the President to express support for privacy as a fundamental human right and to begin the process of ratification of the international Privacy Convention, supported by more than forty countries around the world. In 2013, many members of the US Congress, including Senator Patrick Leahy, expressed support for International Privacy Day. Members of the EPIC Advisory Board also wrote to then Secretary of State Hillary Clinton about the Privacy Convention, urging US support. For more information, EPIC - Council of Europe Privacy Convention, EPIC - Letter to Secretary Clinton (2010). (Jan. 23, 2014)
- Internet Data Privacy Colloquium, 2014 Governmental Information Collection Session.
EPIC Administrative Law Counsel
Dialogue on Diversity(Jan. 22, 2014)
January 22, 2014
- EPIC Files Appeal, Challenging Secrecy of Presidential Directives . EPIC has filed a Statement of the Issue Presented with the D.C. Circuit Court of Appeals. EPIC is appealing a lower court decision that NSPD 54 -- a Presidential Directive setting out the scope of the NSA's authority over computer networks in the United States -- is not subject to disclosure under the Freedom of Information Act. EPIC sought the Presidential Directive, signed by President Bush in January 2008, from the National Security Agency after the White House disclosed the existence of the Directive but not the substance. After the agency failed to respond to EPIC's FOIA request, EPIC filed an administrative appeal, and then a lawsuit. The lower court ruled in EPIC v. NSA that the Presidential Directive is not subject to the FOIA because it was not under "the control" of the NSA. It was the first time a federal court has ruled that an Presidential Directive is not subject to the Freedom of Information Act. EPIC is now asking the Court of Appeals to determine, "Whether the district court erred in holding that a Presidential Directive in the possession of a federal agency is not an agency record subject to the FOIA." For more information, see EPIC v. NSA: Cybersecurity Authority. (Jan. 22, 2014)
- "Civil Liberties Dead Zone: US Border Searches".
Former Secretary DHS
Freedom of the Press Committee(Feb. 13, 2014)
National Press Club
February 13, 2014
- Surveillance Seminar.
EPIC Appelate Advocacy Counsel
Close Up Foundation(Jan. 21, 2014)
January 21, 2014
- Obama Announces End of NSA Telephone Record Collection Program. In a widely anticipated speech (video) on reform of the NSA, President Obama announced he would end the NSA telephone record collection program, first requiring a court order for all queries and then ending the NSA massive record request prior to the next renewal. EPIC, legal scholars, the President’s Review Group, and sponsors of the USA FREEDOM Act, including Senator Patrick Leahy and Senator Ron Wyden had urged the President to take this step. The President also said that the Administration would move to implement “a majority of the recommendations” made by the Review Group. The President announced several other reform measures, including a public advocate for the Foreign Intelligence Surveillance Court, new privacy rights for non-US citizens, more transparency for data collection, a narrowed focus on foreign data collection, greater oversight of signals intelligence, a new Privacy Coordinator at the White House, and a new panel to look closely at privacy and “Big Data.” Still, the President may not have gone far enough to address the scope of NSA programs, the privacy rights of those outside the US, and the need to ensure stronger technical safeguards for Internet stability and reliability. The President also did not indicate whether the U.S. would move to ratify the Council of Europe Privacy Convention or seek legislation to enact the Consumer Privacy Bill of Rights. For more information, see White House Fact Sheet (Jan. 18, 2014)
- Supreme Court to Rule on Cellphone Privacy. Today the U.S. Supreme Court granted certiorari in Riley v. California and United States v. Wurie, two cases involving the warrantless search of an individual's cell phone incident to arrest. The Court will need to determine whether the Fourth Amendment limits a law enforcement officer from searching through the troves of data that are stored on an individual's cell phone when that individual is arrested. Courts have previously held that officers can search an individual's person and effects when they place them under arrest. But modern cell phones enable access to a wealth of personal data, which is unrelated to the Government’s reason for securing an arrestee. For more information, see EPIC: Riley v. California and EPIC: Amicus Curiae Briefs. (Jan. 17, 2014)
- Supreme Court Lets Stand Fourth Amendment Protections At the Border. This week the Supreme Court declined to review the decision of the Ninth Circuit in United States v. Cotterman, leaving in place expanded Fourth Amendment protections for searches occurring at the U.S. border. In Cotterman, the federal appeals court held that the Fourth Amendment requires a border agent to have reasonable suspicion before using forensic tools to search laptops, cameras, and other digital devices. The court emphasized that the "comprehensive and intrusive nature of the forensic examination" is the key factor in triggering greater Fourth Amendment scrutiny. EPIC has previously argued that advanced traveler screening methods should only be employed subject to privacy protections. For more information, see EPIC: Traveler Privacy, EPIC: Florida v. Jardines, and EPIC: Amicus Curiae briefs. (Jan. 15, 2014)
- Review Group to Senate: NSA Program Has Not Prevented Threats. Members of the President's Review Group presented their recommendations for NSA reform a Senate Judiciary Committee hearing. EPIC participated in the work of the Review Group. The export panel set out 46 recommendations on a range of issues from reforming intelligence surveillance directed at United States persons to promoting prosperity, security, and openness in the networked world. The Members stated the the NSA's bulk collection of metadata had not prevented threats against the United States and recommend that the it be ended. Acknowledging privacy concerns, former CIA Deputy Director Michael Morrell also stated that "there is quite a bit of content in metadata." Last year, EPIC filed a petition in the Supreme Court challenging the legality of the NSA's telephone record collection program. Legal scholars and former members of the Church Committee supported the EPIC petition. The Supreme Court dismissed the petition without ruling on the merits. For more information, see In re EPIC.
"there is quite a bit of content in metadata" - Morrell, former CIA Deputy Director (Jan. 15, 2014)
- Senator Markey Outlines New Student Privacy Legislation at EPIC Event. At a briefing on Capitol Hill hosted by EPIC, Senator Ed Markey announced plans to introduce legislation protecting student data. Senator Markey set out four principles his bill would cover: (1) student information may never be used to market products to children; (2) parents must have the right to access and amend student information held by private companies; (3) schools and private companies must safeguard student information; and (4) companies must delete student information after it is no longer needed for educational purposes. Senator Markey made the remarks at EPIC event "Failing Grade: Education Records and Student Privacy," which included leading experts in technology, student privacy, and the Chief Privacy Officer at the Department of Education. Last year, Senator Markey sent a letter to the Education Department, requesting information on the "impact of increased collection and distribution of student data" on privacy. The Education Department provided a response, suggesting that when schools outsource to private companies, they should ensure that the companies protect student data. For more information, see EPIC: Student Privacy. (Jan. 14, 2014)
- DHS Appeals Ruling in EPIC's "Internet" Kill Switch Case. The Department of Homeland Security has appealed a ruling for EPIC in a Freedom of Information Case involving Standard Operating Procedure 303, a protocol which describes the government's plan for deactivating wireless communications networks. Seeking information about the First Amendment and public safety implications of the protocol, EPIC filed a FOIA lawsuit against the agency. A federal court ruled that the protocol could not be withheld under the FOIA because it was not an investigative technique and DHS had not established that releasing the document would cause harm to any individual. Therefore, the court concluded, the documents EPIC sought should be turned over. The Department of Justice has now appealed that decision to the D.C. Circuit Court of Appeals. For more information, see EPIC: EPIC v. DHS (SOP 303) and EPIC: FOIA. (Jan. 13, 2014)
- EPIC Settles FOIA Case, Obtains Body Scanner Radiation Fact Sheets. EPIC has received the documents that were the subject of EPIC's Freedom of Information Act appeal to the D.C. Circuit in EPIC v. DHS (Body Scanner FOIA Appeal). The agency had previously withheld test results, fact sheets, and estimates regarding the radiation risks of body scanners used to screen passengers at airports. EPIC challenged the lower court's determination that the factual material was "deliberative" and therefore exempt from the FOIA. After filing an opening brief to the D.C. Circuit, EPIC participated in a new appellate mediation program. As a result of the mediation, EPIC obtained not only the records sought, but also attorneys' fees. The fact sheets show that the agency did not perform a "quantitative analysis" of risks and benefits before implementing the body scanner program. EPIC addressed that concern in the 2011 lawsuit EPIC v. DHS (Suspension of Body Scanner Program). That EPIC case also had a favorable outcome, and ultimately resulted in the removal of backscatter x-ray scanners from US airports. For more information, see EPIC v. DHS - Body Scanner FOIA Appeal and EPIC v. DHS - Suspension of Body Scanner Program. (Jan. 10, 2014)
- Senator Leahy Proposes Consumer Privacy Legislation. Senator Leahy has introduced the Personal Data Privacy and Security Act of 2014. The Act would strengthen privacy and data security by establishing a national standard for data breach notification, and requiring companies to create a data privacy and security program to protect and secure sensitive data. The bill follows a massive data breach at Target that compromised the personal data of more than 40 million consumers. Senator Leahy stated that the bill "aims to better protect Americans from the growing threats of data breaches and identity theft" and said there would be a hearing in the Judiciary Committee later this year. In 2012 President Obama set out a framework for consumer privacy protection, the Consumer Privacy Bill of Rights. For more information, see EPIC: Privacy Legislation and EPIC: Identity Theft. (Jan. 9, 2014)
- Federal Communications Commission Seeks Public Comment to Protect Phone Record Privacy. The Federal Communications Commission has invited public comments on a petition requesting the FCC to rule that the sale of consumer phone records to the government is a violation of the federal Communications Act. EPIC joined the petition, which was organized by Public Knowledge. In 2013, EPIC urged the FCC to determine whether AT&T violated the Communications Act when it sold private consumer call detail information to the Drug Enforcement Administration and Central Intelligence Agency. In 2013 EPIC also wrote to the FCC to explain that Verizon had likely violated the Communications Act when it disclosed telephone records to the NSA. Public comments on the petition are due January 17, 2014 and reply comments are due February 3, 2014. For more information, see EPIC: CPNI (Customer Proprietary Network Information), and EPIC: Foreign Intelligence Surveillance Act. (Jan. 7, 2014)
- Department of Defense Proposes Autonomous Drones, Expanded Surveillance Mission. A new Department of Defense report "Unmanned Systems Integrated Roadmap" sets out "a technological vision for the next 25 years" of drone deployment. The DOD report suggests that budgets cuts are increasing the need for autonomous drones with onboard intelligence. One documentary describes the role of the the Department of Defense developing sophisticated surveillance technologies. The new DOD report states that surveillance is one of the primary purposes for pursuing drone technology, particularly for "surveillance missions that involve prolonged observation." An EPIC FOIA request revealed that domestic drones deployed by the Department of Homeland Security can be deployed with the ability to intercept electronic communications and to recognize individuals on the ground. EPIC has recommended privacy safeguards to limit drone surveillance in the United States. For more information, see EPIC: Domestic Unmanned Aerial Vehicles and Drones. (Jan. 7, 2014)
- Federal Appeals Court Rules that Legal Policy Memos Can Be Withheld From the Public. The Court of Appeals for the D.C. Circuit has ruled that the FBI may withhold a memo prepared by the Office of Legal Counsel concerning the law governing "exigent letter" requests to telephone companies for call records. The decision affirmed an earlier opinion that the memo was privileged advice, and exempt from disclosure under the Freedom information Act. The Electronic Frontier Foundation argued that the memo was "working law" and not simply advice from government lawyers. However, the Court of Appeals found that the FBI had not itself adopted the advice of government lawyers. In a different case where the Department of State followed the guidance of Justice Department lawyers, EPIC filed a "friend" of the court brief in support of the New York Times and the ACLU and argued for the release of opinions of the Office of Legal Counsel. For more information, see EPIC v. NSA: Cybersecurity Authority and EPIC: New York Times v. DOJ. (Jan. 3, 2014)
- "Reforming the NSA".
"Reforming the NSA"
Diane Rehm Show(Jan. 6, 2014)
January 6, 2014
- Snapchat Data Breach Exposes 4.6 Million Usernames. A data breach has exposed the usernames and partial phone numbers of 4.6 million users of Snapchat, a popular photo- and video-sharing app. The breach was accomplished by exploiting a flaw that was previously brought to company's attention by security researchers. Last year, EPIC filed a complaint with the Federal Trade Commission regarding Snapchat's deceptive claim that photos would "disappear forever" after a set period of time. The Federal Trade Commission has thus far failed to take action on the EPIC complaint. For more information, see EPIC: Federal Trade Commission. (Jan. 2, 2014)
- "Big Data and Security in Europe: Challenges and Opportunities".
Research Councils UK(Jan. 21, 2014)
January 21, 2014
- "Privacy in the Networked World".
EPIC Appellate Advocacy Counsel
Alaska Telephone Association(Jan. 26, 2014)
January 26, 2014