• Gillibrand DPA press conference photo

    Sen. Gillibrand Reintroduces Data Protection Act

    Sen. Kirsten Gillibrand has reintroduced the Data Protection Act which would create an independent Data Protection Agency in the U.S. to safeguard the personal data of Americans. EPIC, many leading consumer and civil rights organizations, privacy experts, and scholars support Senator Gillibrand's non-partisan bill. Last year, EPIC Advisory Board Member Professor Ari Waldman and EPIC Deputy Director Caitriona Fitzgerald stood with Senator Kirsten Gillibrand for introduction of the bill.

    Learn more »

  • What the FTC Could Be Doing (But Isn't) To Protect Privacy

    EPIC Report: What the FTC Could Be Doing (But Isn't) To Protect Privacy

    EPIC has released a report highlighting numerous statutory authorities that the Federal Trade Commission has failed to use to safeguard privacy. The report, What the FTC Could Be Doing (But Isn't) to Protect Privacy, identifies untapped or underused powers in the FTC's toolbox and explains how the FTC should deploy them to protect the public from abusive data practices.

    Read now »

  • EPIC Champions of Freedom Awards 2021

    Save the Date: EPIC Champions of Freedom Awards, Nov. 3

    Save the date for EPIC's Champions of Freedom Awards, taking place on November 3rd! This will be a hybrid event, pursuant to local health guidelines, with both in-person and virtual attendance options. EPIC will honor privacy advocates who work tirelessly to ensure that personal data is protected and to tackle the most important emerging privacy issues. Please save the date and join EPIC's celebration of those who protect privacy, freedom of expression, and democratic values in the information age!

    Learn more »

  • Liberty At Risk

    Liberty at Risk: Pre-trial Risk Assessment Tools in the U.S.

    Federal, state, and local governments use Risk Assessment Tools to make key decisions about defendants in criminal cases, depriving accused individuals of their liberty based on subjective assessments of the likelihood that they will flee or commit crimes in the future. Many of these tools are opaque and not subject to independent review. "Liberty at Risk: Pre-trial Risk Assessment Tools in the U.S." provides an overview of Risk Assessment Tools that practitioners and scholars can use to understand the nature of these systems, understand the broader context in which they are used, and help focus their evaluations of the fairness of these systems.

    Learn more »

  • Defend Privacy. Support EPIC.

    Defend Privacy. Support EPIC.

    EPIC is on the front lines of the major privacy and civil liberties debates. In 2020, EPIC has worked to protect democratic institutions, promote algorithmic transparency, and defend the right to privacy. We need your support. And EPIC is a top-rated non-profit - Charity Navigator (Four Star) and Guidestar (Gold). Please donate to EPIC today.

    Defend Privacy. Support EPIC. »

  • EPIC Word Cloud 2021

    EPIC 2021

    EPIC is on the front lines of the major privacy and civil liberties debates. In 2021, EPIC has important work to do on artificial intelligence, face surveillance, data protection, and algorithmic fairness, among many other issues. Please donate to EPIC today to help us continue this important work.

    Defend Privacy. Support EPIC. »

  • Alan Butler on CBS

    EPIC Files Complaint with FTC about Employment Screening Firm HireVue

    EPIC General Counsel Alan Butler discussing EPIC's case about the use of AI for employment screening on CBS News.

    Learn more »

  • Jeramie Scott on CBS

    EPIC's Jeramie Scott: Ban Face Surveillance

    EPIC Senior Counsel Jeramie Scott on CBS News discussing the dangers of face surveillance.

    Learn more »

  • EPIC - Ban Face Surveillance

    EPIC Launches Campaign to Ban Face Surveillance

    EPIC has launched a campaign to ban face surveillance. EPIC will publish information on face surveillance laws, reports, and protests worldwide.

    Learn more »

Top News

Ireland's Data Protection Commission Fines WhatsApp €225 million

The Irish Data Protection Commission (DPC) fined Facebook’s WhatsApp €225 million ($266 million) for privacy violations following a GDPR investigation that began in 2018. In the decision, the data privacy regulator explained that WhatsApp breached the GDPR’s rules about data transparency, including when it processed user information between WhatsApp and other Facebook companies. While the €225 million fine is a record for the DPC and the second largest fine ever issued under the GDPR, privacy advocate and EPIC Advisor Max Schrems noted “[t]he DPC also proposed an initial € 50 million fine and was forced by the other European data protection authorities to move towards € 225 million, which is still only 0.08% of the turnover of the Facebook Group. The GDPR foresees fines of up to 4% of the turnover.” EPIC has long urged the Federal Trade Commission to block or unwind Facebook's acquisitions of Instagram and WhatsApp. In 2014, EPIC and the Center for Digital Democracy warned the FTC that Facebook incorporates user data from companies it acquires, and that WhatsApp users objected to the acquisition. Despite these problems, the FTC allowed the merger to go forward.


EPIC Joins Call for Privacy Reform from Indian Government

EPIC has joined with several international privacy and human rights advocacy groups in a statement calling for privacy reform in the wake of allegations that the Indian government used Pegasus to surveil activists, journalists, and opponents. The statement highlights the fundamental right to privacy established under both the Indian Constitution and international human rights law, condemns the illegal use of spyware, and calls for (i) an independent investigation into allegations of Pegasus use; (ii) surveillance reform ensuring independent judicial oversight and providing for judicial remedy; and (iii) establishing a data protection framework that will respect privacy rights. EPIC has previously filed suit against the U.S. Department of Homeland Security to obtain records of a system designed to surveil journalists⁠—the surveillance effort was subsequently suspended. In addition, EPIC has previously joined coalition letters calling for surveillance reform within the U.S. and has testified before Congress regarding the risks of commercial spyware.


GAO Report Finds 10 Federal Agencies Plan to Expand Use of Facial Recognition Through 2023

In a new report, the Government Accountability Office (GAO) surveyed 24 federal agencies on their use of facial recognition technology. The report reveals that 18 of those agencies are using facial recognition for purposes including law enforcement, physical security/surveillance, and digital access. Ten of those agencies, including the Department of Homeland Security, the Department of Justice, and the State Department plan to expand their use of facial recognition in the near future by acquiring new systems. According to the GAO, 27 states and 6 municipalities currently allow federal agencies to access non-federal facial recognition systems. The GAO's report follows the office's June report that 42 federal law enforcement agencies are using facial recognition technology with little to no oversight. According to the report, many agencies were unaware that employees were using the technology. The report also reveals that the Department of the Interior accessed the DC-area NCR-FRILS facial recognition system. EPIC organized a coalition opposing the system, leading to its shutdown in July of this year. EPIC recently filed suit against the U.S. Postal Service for using of facial recognition and social media monitoring technology without completing statutorily required Privacy Impact Assessments.


EPIC Obtains Documents About DC's Use of Automated 'Risk Scores' for Public Benefit Recipients »

EPIC Submits Feedback on NIST AI Risk Management Framework »

Federal Trade Commission Refiles Facebook Antitrust Lawsuit »

EPIC Sues Postal Service to Halt Use of Facial Recognition, Social Media Monitoring »

World Health Organization Issues Guidance on Documenting and Tracking COVID-19 Vaccination Certificates »

EPIC & NCLC: Cruise Company Must be Held Responsible for Illegal Robocalls Made Using Lead Generators »

EPIC news Archive »

EPIC's Work

Open Government image

Open Government »

EPIC v. DOJ: Seeking the final report by Special Counsel Robert Mueller concerning Russian interference in the 2016 U.S. presidential election.

Appellate Advocacy image

Appellate Advocacy »

Department of Commerce v. New York: Whether the Department of Commerce and Census Bureau violated the Administrative Procedure Act when it added a citizenship question to the 2020 Census.

US Capitol

EPIC Policy Project »

EPIC provides expertise to shape strong privacy and open government laws at both the state and federal level.

US Needs a Data Protection Agency

Privacy Campaigns »

EPIC recently launched a campaign to promote the creation of a Data Protection Agency in the U.S.