EPIC has filed an emergency motion today in EPIC v. FBI, a Freedom of Information Act case for records concerning the Russian Interference with the 2016 Presidential Election. In papers filed with a federal district court in Washington, DC, EPIC cited Donald Trump's abrupt firing of the FBI Director, and concerns expressed by Members of the House and Senate regarding the possible destruction of FBI records related to the investigation. EPIC asked the Court to issue a preservation order and to impose sanctions if the order is violated. Today, the FBI also released records to EPIC, including the agency's procedures for notifying the victims of cyberattacks. The case is EPIC v. FBI, No. 17-121, before Judge Royce C. Lamberth. [Press Release]
A long delayed Executive Order on cybersecurity was released this week. The Order continues many of the cybersecurity policies of the Obama and Bush administrations. The Executive Order requires agency heads to use the NIST Framework to manage cybersecurity risk, and to provide a risk management report. The Order also requires Cabinet officials to devise a strategy for international cooperation in cybersecurity. However, the Order does not address Russia's cyber interference with the 2016 Presidential Election. EPIC, and a group of forty leading experts in law and technology, had urged the White House to strengthen privacy and data protection, and support strong encryption. The EPIC Cybersecurity and Democracy Project focuses on US cyber policies, threats to election systems and foreign attempts to influence American policymaking.
EPIC has filed a reply brief in EPIC v. FAA, a lawsuit concerning the FAA's failure to establish privacy rules for small commercial drones. EPIC sued the FAA after the agency refused to issue drone privacy rules. Congress had required a "comprehensive plan" for drone deployment in the United States, and more than 100 experts and organizations petitioned the agency for privacy safeguards. In a brief filed last month, the FAA acknowledged "that cameras and other sensors attached to [drones] may pose a risk to privacy interests" but continued to deny the agency's responsibility to set privacy rules. EPIC wrote in reply, "It is not possible to address the hazards associated with drone operations without addressing privacy in the final rule for small commercial drone." EPIC also explained that the FAA "profoundly mischaracterizes the aviation technology at issue" by suggesting that cameras are simply add-ons. "Drone cameras are an integral component of drone operations," EPIC explained. "Without a camera, it would be almost impossible to operate a commercial drone."