Focusing public attention on emerging privacy and civil liberties issues

Privacy

Hot Topics and New Resources

Privacy by Topic: The A to Z's of Privacy

  • Air Travel Privacy. Materials on passenger profiling and other related proposals being proposed by the White House. For developments in the European Union, see EPIC's page on EU-US Passenger Data Disclosure.
  • Anonymity. Materials on the right to associate, receive information, and communicate anonymously.
  • AskEraser. Information on Ask.com's "AskEraser" search engine product, which has been criticized by privacy groups for reducing user privacy and failing to function as advertised.
  • Attorney General's Guidelines. Information about the ability of the FBI to investigate Americans.
  • Automated Targeting System. Information about the Automated Targeting System, which creates secret, terrorist "risk assessments" on tens of millions of U.S. citizens and foreign visitors.
  • Automobile Event Data Recorders (Black Boxes) and Privacy.
  • Backscatter. Plans were announced by the Transportation Security Administration to propose the trial use of backscatter x-ray for passenger screening at several U.S. airports.
  • Bill-Track (2008-2010)
  • Biometrics. Information about biometric technologies and privacy implications.
  • Body Scanners.
  • Cable TV Records. Text of the Cable TV Privacy Act of 1984.
  • Caller ID. Includes FCC rules, court cases and international materials.
  • CCTV.
  • Census. EPIC's guide to the risks of the census, including re-identification, and the Census Bureau's plans to include a Social Security Number requirement on the census form.
  • Children's Privacy. EPIC's page devoted to kids' privacy issues and the Children's Online Privacy Protection Act (COPPA) of 1998. Also see EPIC's page on Radio Frequency Identification tags (RFID) and children.
  • ChoicePoint, Inc. ChoicePoint is a "commercial data broker," a company that sells personal information for direct marketing, insurance, and to law enforcement agencies. ChoicePoint stores troves of personal information that the private and public sectors can access through any Internet-connected computer.
  • Clear ID.
  • Cloud Computing Internet users are being offered a range of remote computing services, which may not provide adequate protections for customers.
  • Conferences. List of upcoming conferences on privacy.
  • Consumer Profiling.
  • Cookies. What *are* those nasty little things, and who's been putting them on your hard drive? Check our cookies page for a list of good resources.
  • COPPA. Children's Online Privacy Protection Act
  • Copyright and Privacy. NII Copyright Protection Act raises privacy issues. Comments of the Digital Future Coalition and the Consumer Project on Technology.
  • Counter-terrorism. Congressional proposals to increase wiretapping, revise government guidelines on investigating domestic political groups and obtain easier access to credit reports and transactional information.
  • CPNI. Customer Proprietary Network Information (CPNI) and the history of the opt-in/opt-out debate surrounding the use and collection of customer data by telephone companies.
  • Crawford v. Marion County Election Board. EPIC and 10 legal scholars and technical experts submitted a brief in the case, which involves an Indiana law that requires each voter to obtain a government-issued photo ID card.
  • Credit Reports. See the EPIC Fair Credit Reporting Act Page.
  • Credit Scoring. Information about credit scores, a number used by lenders to determine whether to issue credit. Credit scores are being used in an increasing number of circumstances to evaluate individuals.
  • Cybersecurity.
  • Cryptography Policy. Information on the Clipper Chip, Key Escrow and other pending issues related to cryptography policy.
  • Cybersecurity.
  • Data Retention. Information about various data retention proposals in the European Union (EU). Some resources are available in French and Spanish.
  • Deep Packet Inspection. Deep Packet Inspection ("DPI") is a computer network packet filtering technique that involves the inspection of the contents of packets as they are transmitted across the network. The practice is controversial, and has been criticized by privacy and network neutrality advocates.
  • DHS Privacy Office.
  • Digital Cash. Federal Reserve Chairman Alan Greenspan delivered a major speech discussing privacy and electronic payment systems, noting the need for policies that "avoid the risk of a gradual, long-term erosion of privacy." Also, check out an earlier speech by Greenspan on the important role of cash transactions for consumers.
  • Digital Rights Management (DRM). The technologies used to secure digital files will enable profiling of consumers and prevent anonymous consumption of content.
  • Diplomatic Communications. The privacy norms protecting the communications of diplomats from interception.
  • Direct Marketing and Junk Mail. Information on Avrahami case and other attempts to protect personal information and stem the flow of junk mail.
  • DNS Security Extensions (DNSSEC) The Domain Name System (DNS) is a distributed hierarchical system used by servers that use the Internet Protocol (IP)to convert IP addresses (such as 85.135.343.120) into names and vice versa.
  • DOD Recruiting Database In May 2005, the Department of Defense (DOD) announced that it was going to create a massive database for recruiting. The DOD's "Joint Advertising and Market Research" system proposed to combine student information, Social Security Numbers (SSN), and information from state motor vehicle repositories into a mega database housed at a private direct marketing firm.
  • Domestic Violence. Information on EPIC's domestic violence and privacy project.
  • Doubletrouble. Information on DoubleClick Inc., and the company's acquisition of Abacus Direct.
  • Driving Records. The Driver's Privacy Protection Act (DPPA) sets out a framework for protecting DMV records.
  • Drones and UAVs.
  • Echometrix.
  • Electronic Mail. "Electronic Interaction in the Workplace: Monitoring, Retrieving and Storing Employee Communications in the Internet Age," a comprehensive analysis (from the *employer* perspective) by Mark S. Dichter and Michael S. Burkhardt (1999). For a different perspective, see the Ontario Privacy Principles for E-mail.
  • ENUM. "Electronic Numbering" is a system that allows a user to obtain contact information, such as a telephone, fax, and e-mail address with a single phone number.
  • EPIC Administrative Procedure Act Comments
  • E-Verify (Employment Verification by the Department of Homeland Security)
  • EU Data Protection Directive.
  • EU-US Passenger Data Disclosure. Information on air travel data disclosure developments between the European Union and the United States.
  • Expungement. Information about sealing or deleting criminal records.
  • Facebook. Facebook was started by Mark Zuckerberg as a social networking site for Harvard undergraduates in 2004. Facebook then expanded to other colleges and universities.
  • Face Recognition. Information and resources on facial recognition technology.
  • Fair Credit Reporting Act. Information and resources on protecting your credit report.
  • FAST Project.
  • FBI Watchlist.
  • Federal Trade Commission. Consumer protector or industry lapdog? What the FTC has done (or not done) on protecting privacy on the net and with credit reports.
  • Financial Privacy. Our financial privacy resources include in-depth discussions of the Fair Credit Reporting Act (law enforcement access and commercial privacy involving credit reporting agencies), the Gramm-Leach-Bliley Act (commercial privacy involving financial services), and the Right to Financial Privacy Act (law enforcement access to financial services records).
  • Firearms Privacy. This page discusses the privacy protections that have been created for gun owners. It derives from a paper written by University of Pennsylvania Law Student Eva Gutierrez.
  • FISA. The Foreign Intelligence Surveillance Act.
  • Former Secrets. Sample of documents released under FOIA.
  • Fusion Centers. ''Fusion centers'' are a means of bringing together information from distributed sources for the purpose of collection, retention, analysis, and dissemination. The term fusion centers was first coined by the Department of Defense (DOD) and refers to the fusing of information for analysis purposes. On November 9, 2002, the New York Times disclosed a massive DOD fusion center project managed by the Defense Advanced Research Project Agency (DARPA) known as Total Information Awareness (TIA). DARPA was developing a tracking system intended to attempt to detect terrorists through analyzing troves of information.
  • Gender and Electronic Privacy. Information on privacy-invasive behaviors that tend to be targeted at women, including cyberstalking, pretexting, and video voyeurism.
  • Genetic Privacy. Information on uses of genetic information and their privacy implications.
  • Global Entry
  • Google Street View.
  • Gramm-Leach-Bliley Act. Information on a 1999 federal law that establishes some protections against pretexting and limitations on data sharing for banks, insurance, and brokerage companies.
  • H1N1 and Privacy.
  • Harris v. Blockbuster.
  • Hepting et al. v. AT & T Corp. EPIC, in cooperation with the Stanford Constitutional Law Center, filed a "friend-of-the-court" brief in Hepting v. AT&T, which alleges that AT&T allowed the government to wiretap calls and e-mails without judicial authority.
  • Herring v. US. Information on a case concerning a faulty arrest based on incorrect information in a government database.
  • Hiibel v. Sixth Judicial District Court of Nevada. EPIC, joined by several scholars and technical experts, filed a "friend of the court" brief in Hiibel v. Sixth Judicial District Court of Nevada, a case in which the Supreme Court determined whether an individual may refuse to identify himself to police when there is no probable cause to arrest.
  • Homeless Management Information Systems and Domestic Violence The Homeless Management Information Systems are software applications that records, store and track characteristics and service needs of homeless individuals. The department of Housing and Urban Development (HUD) sets standards for this software, and it is supplied by vendors.
  • Identity Theft.
  • Identity Theft and Domestic Abuse. Generally, identity theft is the appropriation of another's personal information in order to commit fraud, or impersonate another person. There are a few basic types of identity theft, but they all share the same properties: Three parties parties are involved, and somehow one of the parties has gotten the personal information of the other.
  • Illegal Sale of Phone Records. Online data brokers and other companies openly advertise on the Internet that they can obtain others' phone records. For about $100, these companies will obtain all the calls made and initiated from a wireless phone, or toll calls from wireline phones. This is a dangerous and illegal practice. This information can be used by jealous spouses, stalkers, business competitors, political opponents, and others to learn about others' whereabouts and conversations.
  • IMS Health Inc. v. Ayotte. EPIC and 16 experts in privacy and technology filed a "friend of the court" brief in a case concerning a New Hampshire state law banning the sale of prescriber-identifiable prescription drug data for marketing purposes.
  • International Privacy. Information on international privacy laws and standards, including the recently enacted EU Data Protection Directive and proposals for Canada and the US. Also see the Privacy International Home Page
  • Internet Privacy. EPIC reports, Email privacy, America Online, the Federal Trade Commission, Spam and more.
  • iPhone Privacy.
  • Kohler v. Englade. EPIC submitted an amicus brief in Kohler v. Englade, in which police compelled a man, later cleared, to provide a DNA sample after he refused when the police cast a huge DNA dragnet, gathering samples from more than 1,200 men.
  • Lisbon Treaty and Privacy.
  • Location Privacy. People, Not Places, A Policy Framework for Analyzing Location Privacy Issues, by James C. White, gives a detailed overview of location privacy issues and provides a framework for approaching the issues in a coherent fashion.
  • LSSI. Information on the 2002 Spanish law on e-commerce. Many resources and articles are available in Spanish.
  • Medical Records. Information on current problems and pending legislation.
  • Microsoft Palladium. Information about Microsoft's plans to embed Digital Rights Management into hardware and software.
  • Microsoft Passport. Information about Microsoft's Passport, Hailstorm, and .NET systems. Also see the Project Liberty Page.
  • Microsoft Passport Investigation Docket Page. Information about Federal Trade Commission and European Commission investigations of Microsoft Passport.
  • Nanotechnology. Information on the privacy implications of nanotechnology, structures, devices and systems that have novel properties and functions because of their small size.
  • National ID Cards and REAL ID Act. Information about national ID cards and the REAL ID Act of 2005, a national identification system structured by the Department of Homeland Security.
  • National Security Letter. National Security Letters (NSLs) are an extraordinary search procedure which gives the FBI the power to compel the disclosure of customer records held by banks, telephone companies, Internet Service Providers, and others.
  • NCIC (National Crime Information Center). Information and action items on the largest criminal justice database in the United States.
  • NCTA v. FCC. EPIC joins 10 organizations and 13 experts in submitting a brief in support of opt-in consent for telephone records of consumers.
  • New Technologies. "Big Brother Goes High Tech" by Dave Banisar. A summary of new surveillance technologies. Information on EPIC and Privacy International's annual conference on Advanced Surveillance Technologies.
  • NSTIC.
  • Olympics Privacy. Information on the 2008 Olympic Games in China and the surveillance questions surrounding the Games.
  • Online Databases. What Big Brother holds on you. Information on IRS employee browsing, the SSA PEBES controversy, Filegate and FBI Databases.
  • Open Government.
  • Ostergren v. McDonnell.
  • Oversight. EPIC is calling on the Chief Privacy Officer of the Department of Homeland Security to release its overdue annual report to Congress.
  • PASS ID. Information on PASS ID legislation and REAL ID, which are both plans to establish a National ID system.
  • Passenger Profiling. Information about the privacy and security problems with government traveler profiling programs.
  • PATRIOT Act. Information on the USA PATRIOT Act, a law passed shortly after September 11, 2001 with sweeping implications for privacy.
  • Personal and Consumer Information. How personal information about you is stored, transferred and used.
  • Personal Data Protection.
  • Personal Privacy in an Information Society, Report of the Privacy Protection Study Commission, July 1977. This 1977 report was conducted pursuant to the Privacy Act of 1974. This version of the report was scanned by the Department of Health and Human Services, and is mirrored on the EPIC server.
  • Personal Surveillance.
  • Polygraph Testing. Information about the use of polygraphs or "lie detectors." This page presents a brief history of the polygraph, and the Employee Privacy Protection Act.
  • Postal Service Privacy. Information about privacy in U.S. Mail. Issues include "intelligent mail," search and seizure of the mails, and the problem of the Postal Service subsidizing junk mail companies.
  • Poverty and Privacy. An overview of welfare surveillance and new programs designed to track the homeless.
  • Preemption. Preemption is a restriction on state or local authority to pass laws or to enforce laws. In the privacy realm, preemption can prevent states from creating new solutions to privacy problems. This page explains preemption and why preempting state authority is a bad policy decision for individuals' rights.
  • The Privacy Act of 1974. The "Privacy Act" is the principal law protecting citizens' data from government use and misuse. The Privacy Act establishes "fair information practices" for personal information, restricts collection and use of personal information, and allows individuals to bring suit against the government for violations.
  • Privacy Protection Act of 1980. This page details the history and provisions of the Privacy Protection Act, a law that provides some protections for media organizations that are the target of government searches.
  • Privacy Report Held Hostage.
  • Privileges. This page discusses several privileges that protect privacy in the courtroom.
  • Profiling. How an entire industry dedicated to building dossiers on humans collects and exploits personal information from sources such as product warranty cards, product return forms, calls to customer service departments, surveys, and sweepstakes.
  • Project Liberty. A developing identification and authentication system that is similar to Microsoft Passport.
  • Privacy? Proposed Google/DoubleClick Deal. Information on the consumer privacy interests involved in proposed $3.1B merger of Google, the Internet's largest search profiling company, and DoubleClick, the Internet's largest targeted advertising company.
  • Protester Privacy.  Information on surveillance and disruption of peaceable protest by the American government as a part of the "War on Terrorism."
  • Public Opinion. What the American public thinks about privacy.
  • Public Records and Privacy. Public records are being used by profiling companies to build dossiers on citizens. These dossiers are often sold to law enforcement agencies.
  • REAL ID and Domestic Violence. REAL ID creates minimum standards for driver's licenses that states must implement by May 11, 2008. These standards effectively create a national ID with serious implications for domestic violence survivors.
  • Records, Computers and the Rights of Citizens, Report of the Secretary's Advisory Committee on Automated Personal Data Systems, July 1973. This 1973 report set the policy rationale for the Privacy Act of 1974. This version of the report was scanned by the Department of Health and Human Services, and is mirrored on the EPIC server.
  • Radio Frequency Identification (RFID). Information on how RFID systems can be used to track individuals (including children) and invade privacy. Also see Accommodating RFID Technology and Expectations of Privacy: An Examination and Proposed Guidelines, a white paper authored by University of Washington student Greg Plichta, and the EPIC Verichip page.
  • Right to Financial Privacy Act. Information about law enforcement access to bank records and the Right to Financial Privacy Act.
  • Secure Communities
  • Secure Flight. Information about the passenger prescreening program Secure Flight, which EPIC deems fundamentally flawed. The core of the program rests on watchlists so full of errors that the Department of Justice's Inspector General has suggested that there is "a deficiency in the integrity of watchlist information."
  • Shine the Light Law. California's S.B. 27, the "Shine the Light" law, empowers California consumers by requiring businesses to disclose how they sell personal information or requiring them to allow consumers to opt out.
  • Smart Grid.
  • Social Networks. Social networking Web sites, such as MySpace, Facebook, and Friendster have become established forums for keeping in contact with old acquaintances and meeting new ones.
  • Social Security Numbers. Information on how to protect your SSN, the text of the 1974 Privacy Act and various court cases on disclosure.
  • SPAM -- Unsolicited E-Mail. Resources on SPAM and pending proposals to curb it.
  • Student and School Records Privacy. Resources on the Federal Educational Rights and Privacy Act (FERPA), Protection of Pupil Rights Amendment (PPRA), drug testing and school searches.
  • Telemarketing. Information about telemarketing, federal and state attempts to restrict telemarketing, and what you can do to end annoying sales calls to your home.
  • Suspicious Activity Reporting
  • Ten Consumer Privacy Resolutions.
  • Theme Parks and Privacy. Information about the adoption of fingerprint scans by theme parks to monitor the use of passes held by guest as young as 10 years of age to enter and exit their facilities.
  • Trusted Computing. Computer architecture that presents new benefits and serious privacy risks for users.
  • United States Visitor and Immigrant Status Indicator Technology (US-VISIT). Information about US-VISIT, an integrated government-wide program intended to improve the nation's capability to collect information about foreign nationals who travel to the United States, as well as control the pre-entry, entry, status, and exit of these travelers.
  • Verichip. Verichip is a RFID tag that can be inserted under the skin for identification purposes. (October 2004)
  • Veterans Affairs Data Theft. Information about the 2006 information security breach by a Veterans Affairs employee resulted in the theft from his Maryland home of unencrypted data affecting 26.5 million veterans and current service members and their families.
  • Video Rental Records. Information on the Video Privacy Protection Act.
  • Video Surveillance. Provides links to numerous supplemental resources, guidelines, and news stories covering surveillance in Washington, DC and the United States in general, as well as internationally. Also see Privacy International's extensive page on Closed Circuit TV and video surveillance.
  • VAWA and Privacy. Privacy affecting provisions of the Violence Against Women Act.
  • Voter Photo ID.
  • Voter Registration.
  • Voting. Information about the new electronic voting machines and the threat they present to the integrity and privacy of U.S. elections.
  • WHOIS. Information on privacy issues surrounding domain name registration information.
  • Wiretapping and Electronic Surveillance. Updates on the digital telephony law, statistics, and other material on electronic surveillance.
  • Workplace Privacy. Workers of the world are exposed to numerous forms of surveillance while earning a living. This page contains updates on workplace privacy law, a summary of developments in the field, and resources for employees and employers.

General Privacy Information