« April 2011 | Main | June 2011 »

May 2011 Archives

May 18, 2011

"Transforming to a Smarter Electric Power Grid"

Smart Grid Symposium "Transforming to a Smarter Electric Power Grid"

Lillie Coney,
EPIC Associate Director

Michigan State University
Dearborn, MI
May 18-19, 2011

May 11, 2011

Hearing on Privacy Legislation

Lillie Coney,
EPIC Associate Director

Senate Communications & Technology Committee
Pennsylvania State Senate
Harrisburg, PA
May 11, 2011

May 5, 2011

Global Internet Governance: Research and Public Policy Challenges for the Next Decade

Global Internet Governance: Research and Public Policy Challenges for the Next Decade

Sharon Goott Nissim,
EPIC Consumer Protection Fellow

American University School of International Service
Washington, D.C.
May 5-6, 2011

May 2, 2011

Public Submits Comments on Proposed Google Consent Order

Today marks the end of the public comment period for the Federal Trade Commission's landmark Consent Order with Google regarding Buzz, Gmail, and all Google products and services. As part of the legal order, Google must adopt a "Comprehensive Privacy Plan" to safeguard its users data and personal information. EPIC launched an online petition and a "Fix Google Privacy" page to promote public participation in the FTC's deliberations. The FTC's action against Google follows a Complaint and an Amended Complaint, filed by EPIC on behalf of Gmail subscribers and other users. For more information, see EPIC: In re Google Buzz.

May 3, 2011

EPIC Proposes "Fair Information Practices" for Google

Today EPIC submitted detailed comments on a landmark privacy agreement that requires Google to adopt a "Comprehensive Privacy Plan" to safeguard the privacy and personal information of Internet users. In comments to the Federal Trade Commission, EPIC recommended that the FTC require Google to adopt and implement comprehensive Fair Information Practices, as part of the Privacy Program. EPIC also recommended encryption for Google's cloud-based services, new safeguards for reader privacy, limitations on data collection, and warrant requirements for data disclosures to government officials. EPIC said that similar privacy safeguards should be established for other Internet companies. The FTC investigation and settlement arises from a complaint filed by EPIC with the Commission in February 2010. For more information, see EPIC: In re Google Buzz and FTC - Public Comments on In Re Google.

May 4, 2011

Senator Leahy Calls for Updates to Federal Privacy Law, Attorney General Confirms Sony Investigation

At a Justice Department oversight hearing, Senate Judiciary Chairman Patrick Leahy today urged Congress to enact the bipartisan Personal Data Privacy and Security Act. He also said that the "collection, use and storage of Americans’ sensitive personal information, including by mobile technologies, is an important privacy issue." He asked the Attorney General to work with the Congress on updates to the Electronic Communications Privacy Act and other Federal laws implicating Americans’ privacy. During the hearing, the Attorney General confirmed an investigation into the Sony network attack, considered the most serious data breach to date. For more information, see EPIC - Wiretapping, EPIC - Identity Theft.

Apple Releases iPhone Software Update

In response to concern over the collection of location data, Apple released a software update for mobile devices, available through iTunes. The update will limit the storage of location data to one week, stop the transfer of location data when the device is synced, and erase all location data from a device if a user turns off Location Services. Location data stored on the device will also now be encrypted. The recent changes were sparked by a research paper which revealed that Apple was routinely storing tracking data on Apple iPhones and iPads in a secret file "consolidated.db.". EPIC has commended Apple for moving quickly to address this problem. Last year EPIC warned Congress about the need to update federal privacy laws to address privacy risks with the collection of location data. For more information, see EPIC: iPhone and Privacy and EPIC: Locational Privacy.

May 6, 2011

"Data Breaches: No End in Sight"

Marc Rotenberg,
EPIC Executive Director

Democracy Now
May 6, 2011

Do Not Track Bills Introduced in Congress, Move Forward in California

Rep. Markey (D-MA) and Rep. Barton (R-TX) released a discussion draft of the "Do Not Track Kids Act of 2011." This Act establishes enhanced protections for the use and disclosure of the personal information of children and teens online. In February, Rep. Speier (D-CA) introduced the broader Do Not Track Me Online Act. And in California, the Senate Judiciary Committee voted to move their Do Not Track bill, SB 761, to the next stage in the Appropriations Committee. EPIC submitted a statement to Congress saying that an effective Do Not Track initiative must ensure that a consumer's decision to opt-out is "enforceable, persistent, transparent, and simple." For more information, see EPIC: Online Tracking and Behavioral Advertising.

May 9, 2011

2010 FISA Orders Up 19%, No Surveillance Request Turned Down

The Department of Justice has released the 2010 Foreign Intelligence Surveillance Act (FISA) report. In 2010, the Justice Department submitted 1,579 FISA search applications to the Foreign Intelligence Surveillance Court, a 19% increase over 2009. The court did not deny or modify any applications. Also in 2010 the FBI made 24,287 National Security Letter requests for information pertaining to 14,212 different U.S. persons. This is a substantial increase from the 14,788 national security letter requests concerning 6,114 U.S. persons in 2009. EPIC has recommended greater accountability for the Foreign Intelligence Surveillance Court. For more information, see: EPIC: Foreign Intelligence Surveillance Act Court Orders 1979-2010 and EPIC: Foreign Intelligence Surveillance Act.

May 12, 2011

Congressional Privacy Caucus: Location Based Services

Marc Rotenberg,
EPIC Executive Director

US House of Representatives
2123 Rayburn House Office Building
Washington, D.C.
May 12, 2011

May 10, 2011

Senate Judiciary Committee Holds Mobile Privacy Hearing

The Senate Judiciary Subcommittee on Privacy, Technology, and Law held a hearing on "Protecting Mobile Privacy: Your Smartphones, Tablets, Cell Phones and Your Privacy." Lawmakers heard testimony from the Federal Trade Commission, as well as from from Apple and Google representatives. Chairman Leahy said that safeguarding privacy "is one of the most important and challenging issues facing the nation," and indicated that he would introduce legislation to update the Electronic Communications Privacy Act. EPIC previously recommended new privacy safeguards for location data. For more information, see EPIC: Locational Privacy and EPIC: In re Google Buzz.

May 12, 2011

Federal Trade Commission Settles Kids' Privacy Case with Playdom

Playdom has agreed to pay $3 million to settle charges that it violated the Children's Online Privacy Protection Act (COPPA). The virtual game company failed to obtain notice and consent from parents before the collection and use of children's information. EPIC previously testified before the Senate Commerce Committee on the need to update COPPA and to clarify the law's application to mobile and social networking services. EPIC submitted similar comments to the Federal Trade Commission. For more information, see EPIC: COPPA.

EPIC Sues Federal Trade Commission for Details on Spy-Fi Investigation

EPIC filed a Freedom of Information Act lawsuit against the Federal Trade Commission over the agency's failure to disclose to EPIC information about the FTC's decision to end the Google Spy-Fi investigation. EPIC is specifically seeking documents that the FTC widely circulated to members of Congress and their staff that provide the basis for the agency's decision. Privacy agencies around the world found that Google unlawfully intercepted private communications traffic. Yet documents obtained earlier by EPIC under the FOIA suggest that the FTC did not even examine the data Google gathered from private residential Wi-Fi routers in the United States. EPIC is hosting a Capitol Briefing on May 18th on "Street View, Privacy, and the Security of Wireless Networks." For more information, see EPIC: Street View and EPIC: FTC.

May 13, 2011

White House Sets Out Cyber Security Plan

The White House has announced a far-reaching legislative proposal for cyber security. The plan proposal would standardize data breach reporting requirements, clarify penalties for computer crime, and create a regulatory framework for critical infrastructure. However, the plan also enables greater data collection across the federal government and expanded electronic surveillance. EPIC has previously called for cyber security legislation that strengthens security standards, requires encryption, promotes agency accountability, and safeguards personal data and privacy. EPIC has several pending FOIA lawsuits concerning the Administration's cyber security programs, including the Google/NSA collaboration. For more information, see EPIC: Cybersecurity and Privacy.

Congress Moves to Limit Funding for Airport Body Scanners

A House Appropriations Subcommittee has stripped $76 m out of the TSA budget for 2012, designated for the purchase of 275 airport body scanners. Chairman Jason Chaffetz (R-UT) said that the body scanners are "a nuisance. They’re slow. And they’re ineffective." Earlier this year, EPIC held a conference in Washington on "The Stripping of Freedom: A Careful Scan of the TSA Security Procedures." For more Information, see EPIC: Whole Body Imaging Technology, EPIC: EPIC v. DHS: Suspension of Body Scanner Program, and EPIC: Spotlight on Surveillance.

May 17, 2011

White Houses Releases International Cyberspace Plan

Following the release of proposed cyber security legislation last week, the White House today unveiled "International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World." The Strategy is ambitious and far-reaching, covering economic policy, foreign affairs, homeland security, and defense. The Strategy also emphasizes the need to safeguard fundamental freedom and privacy rights. To address growing concerns about online privacy, EPIC has recommended that the United States begin the process of ratifying the International Privacy Convention, which has been adopted by more than 40 countries. For more information see, EPIC - Privacy Convention.

EPIC Briefing to Explore Google Street View and Wi-Fi Privacy

EPIC will host a Capitol Briefing on Wednesday, May 18, 2011 on "Street View, Privacy, & the Security of Wireless Networks." The luncheon symposium will feature a panel with FTC Director of Consumer Protection David Vladeck and Former FTC Commissioner Pamela Harbour, and other experts. Sky Hook CEO Ted Morgan will demonstrate Wi-Fi scanning. Many countries have launched investigations of Google Street View after investigators found that Google unlawfully collected Wi-Fi data and intercepted private communications traffic. EPIC has recommended that the US FCC undertake an investigation. The Briefing will be held at the Capitol Visitor’s Center in room HVC-201 from 11:30 am to 1:30 pm. Registration information. For More Information, see EPIC: Street View and EPIC: FTC and follow #wifiprivacy.

Senator Leahy Introduces Bill to Update Digital Privacy Law

Senator Patrick Leahy (D-VT) has introduced the Electronic Communications Privacy Act (ECPA) Amendments Act to update the 1986 law for electronic mail and stored communications. Senator Leahy said "Since the Electronic Communications Privacy Act was first enacted in 1986, ECPA has been one of our nation’s premiere privacy laws. But today this law is significantly outdated and out-paced by rapid changes in technology . . ." The bill includes new provisions that clarifies access by government agents to locational data, but stops short of regulating the use of locational data by private firms. EPIC has said that safeguards for locational data are critical for users of new modern communications services. For more information, see EPIC: Wiretapping and Summary of Legislation.

May 19, 2011

European Privacy Officials Release New Report on Mobile Privacy

A report from the Data Protecting Working Party on Geolocation Services and Smart Mobile Devices recommends new privacy safeguards, including limitations on data collection and retention. Other recent reports from the Data Protection Working Party cover such topics as Data Breaches, Smart Meters, and RFID Applications. For more information, see EPIC - International Privacy Standards.

Senate Holds Hearing on Privacy and Mobile Services

The Senate Commerce Committee today explored "Consumer Privacy and Protection in the Mobile Marketplace." Chairman Rockefeller said that users of mobile services have "an expectation of privacy . . . a right to privacy." The FTC's David Vladeck stated that consumers face new threats in the mobile marketplace and described the agency's recent actions against Twitter and Google. In 2010, EPIC recommended new privacy safeguards for location data. For more information, see EPIC: Locational Privacy.

May 20, 2011

Congressional Leaders Strike Deal to Extend Patriot Act

Lawmakers in the House and the Senate have reached an agreement that would renew key provisions of the Patriot Act, though amendments are still possible. One of the sections, known as the "lone wolf" provision, allows terrorist investigations of non-citizens without having to show connections to a terrorist organization. The Patriot Act expanded the authority of law enforcement and intelligence agencies to monitor private communications and access personal information. Among other things, the Patriot Act amended the Foreign Intelligence Surveillance Act (FISA) to allow the FBI to use National Security Letters for In place of court-approved warrants. In 2010, 24,287 NSLs were issued, up 64% from the previous year. For more Information, see EPIC: USA Patriot Act and EPIC: Foreign Intelligence Surveillance Act.

EPIC Files Suit for Details on Mobile Body Scanners

EPIC has filed a Freedom of Information Act lawsuit against the Department of Homeland Security for unlawfully withholding documents concerning mobile body scanners. The mobile scanners can be used to monitor crowds, peering under clothes and inside bags. EPIC previously obtained documents describing the federal agency's plans to expand the use of these systems at railways, stadiums, and elsewhere. EPIC's suit asks a federal court to order disclosure of nearly 1,000 pages of additional records detailing the controversial program - records the agency has refused to make public. EPIC also has an ongoing lawsuit to suspend the controversial airport body scanner program. For more information see EPIC: Whole Body Imaging Technology and EPIC: EPIC v. DHS: Suspension of Body Scanner Program.

May 23, 2011

EPIC Calls Proposed Student Privacy Exemptions "Unlawful"

EPIC submitted a detailed statement to the Department of Education in response to a request for public comment on a proposal to expand exemptions in a law that protects the privacy of student information. The Family Educational Rights and Privacy Act limits the release of students' educational records. However, the Department of Education has proposed to relax privacy safeguards to permit widespread disclosure of student data, including unique students identification numbers, across federal and state agencies. EPIC said that the agency lacks the legal authority to establish the exemptions and that proposal would result in an "Unprecedented and Unlawful Release of Confidential Student Information." Individuals can submit their own comments on the Regulations.gov website. For more information, see EPIC: Student Privacy.

May 24, 2011

Senator Leahy Pursues Bipartisan PATRIOT Act Reform

As Congress consider renewal of the PATRIOT Act, Senator Patrick Leahy (D-VT) has proposed adoption of an amendment that will establish new privacy and civil liberties safeguards. The Amendment, cosponsored with Senator Rand Paul [R-KY], would sunset National Security Letter authority authority, mandate public reporting requirements, and create other protections. A similar amendment was endorsed by a majority of the Senate Judiciary Committee earlier this year. EPIC has obtained over 1,500 pages of government documents obtained through a related Freedom of Information Act lawsuit against the Department of Justice concerning PATRIOT Act abuses. For more information, see EPIC: USA PATRIOT Act.

May 25, 2011

FCC and FTC Announce Public Meeting on Locational Privacy

The Federal Communications Commission and the Federal Trade Commission will co-host a Location Based Services Forum on June 28, 2011. The event will include representatives from industry, consumer advocacy groups, and academia discussing the benefits and risks of location based services and industry best practices. The agencies are calling for public comment on location based services. EPIC previously submitted comments to the FCC on locational privacy in 2001 and 2006, requesting that the Commission establish guidelines for the protection of users' locational privacy. In 2010, EPIC specifically warned two Congressional committees about the privacy risks of location services in mobile phones. For more information, see EPIC: Locational Privacy.

May 26, 2011

House Examines White House Cybersecurity Proposal

The House of Representatives has held two hearings on the White House legislative plan for cybersecurity. The House Oversight and House Judiciary Committees questioned government officials and members of private industry on the proposal. Committee members showed particular interest in provisions that pre-empted stronger state laws and those that offered immunity to private industry for complying with government requests for information on data breaches. Rep. Watt (D-NC) asked how the proposal was unlike the controversial telecom immunity contained in the Patriot Act. The White House proposal is part of a series of initiatives driven by the 2009 Cyberspace Policy Review. EPIC has called for cybersecurity legislation that strengthens security standards, requires encryption, promotes agency accountability, and safeguards personal data and privacy. For more information, see EPIC: Cybersecurity and Privacy and EPIC: National Strategy for Trusted Identities in Cyberspace.

May 27, 2011

U.S. Department of Homeland Security Plans to Store EU Passenger Data for 15 Years

A draft agreement between the United States and the European Union will allow the U.S. Department of Homeland Security to store passenger data for up to 15 years. The passenger data includes names, addresses, phone numbers, and credit card information, and even ethnic origin, political opinions, and details of health or sex life. The 15 year time period in the proposed agreement is three times that allowed under Europe's existing Passenger Name Record regime. Members of the European Parliament have said that the draft agreement violates fundamental rights and violates data protection laws. An earlier EU-US agreement on Passenger Name Records was struck down by the European Court of Justice. For more information, see EPIC: EU-US Airline Passenger Data Disclosure.

EPIC Tells FTC To Step Up Enforcement Against Debt Collectors

EPIC submitted a statement to the Federal Trade Commission in response to a public request for feedback about new trends in technology, consumer protection, and the debt collection industry. EPIC argued that Congress has authorized the FTC to bring much stronger regulations to bare on the debt collection industry. The Federal Debt Collection Practices Act prohibits debt collectors from publicizing consumers' debts to any third party. Section 5 of The FTC Act bars unfair and deceptive trade practices. The Gramm-Leach-Bliley Act gives debt collectors an affirmative legal duty to protect the sensitive information they collect. Congress gave the FTC authority to enforce all three of these laws. EPIC cited the sharp rise in complaints to the agency about debt collectors and a recent criminal case against debt collectors who coordinated with an identity theft scheme in Buffalo, New York as compelling reasons for the agency to introduce meaningful enforcement actions. For more information, see EPIC: Identity Theft.

About May 2011

This page contains all entries posted to epic.org in May 2011. They are listed from oldest to newest.

April 2011 is the previous archive.

June 2011 is the next archive.

Many more can be found on the main index page or by looking through the archives.