« April 2017 | Main | June 2017 »

May 2017 Archives

May 1, 2017

European Data Protection Supervisor Backs "E-Privacy" Directive Updates

European Data Protection Supervisor Giovanni Buttarelli, one of Europe's top privacy officials, published an opinion backing a key update to EU privacy law. The updated e-Privacy Regulation would extend consumer safeguards to users of all online communications services, cover content and metadata, and limit tracking of internet users. The EDPS welcomed the "ambitious attempt to provide for the comprehensive protection of electronic communications." However, the EDPS opinion also emphasized the need to strengthen privacy protections, raising concern about the proposal's complexity and failure to cover data processing beyond communications services providers. The EDPS's statement follows a supportive opinion from the Article 29 Working Party, an expert group of European privacy officials. EPIC recently hosted Mr. Buttarelli in Washington, DC to speak before the Privacy Coalition, a nonpartisan association established in 1995 to promote dialogue on emerging privacy issues between civil society organizations and policy leaders.

EPIC Urges Senate Committee to Investigate FBI's Massive Biometric Database

EPIC has sent a statement to the Senate Judiciary Committee for an upcoming FBI oversight hearing. EPIC urged the Committee to investigate the FBI's Next Generation Identification system, a massive biometric database. EPIC has sought to ensure that the FBI database complies fully with the federal Privacy Act which the Bureau has opposed. EPIC explained to the Senate Committee that an individual's ability to control disclosure of identity "is an essential aspect of personal security and privacy." In a leading FOIA lawsuit, EPIC v. FBI, EPIC also uncovered documents which revealed high error rates in the biometric system. EPIC has filed a FOIA lawsuit against the FBI for information about the agency's plans to transfer biometric data to the Department of Defense.

May 2, 2017

EPIC Renews Call for Connected Cars Safeguards

In comments to the FTC and NHTSA ahead of a June workshop, EPIC underscored the need to safeguard consumers and improve vehicle security. EPIC also defended the role of states that are developing new safeguards for connected vehicles. For more than a decade, EPIC has been a leading advocate for privacy and security measure for connected vehicles. EPIC routinely submits comments to federal agencies regarding the unique challenges that these vehicles present. EPIC has also testified before Congress, filed amicus briefs, and submitted statements on the risks of autonomous vehicles.

EPIC v. ODNI: EPIC Anticipates Release of Report on Russian Hacking

In a Freedom of Information Act lawsuit EPIC v. ODNI, EPIC anticipates the May 3 release of the Complete Assessment of the Russian interference in the 2016 presidential election. In January 2017, the Director of National Intelligence released a limited, declassified version report about the "multi-pronged attack" on democratic institutions. EPIC filed a FOIA suit for public release of the Complete Assessment of Russian interference. As EPIC explained in an op-ed in The Hill and statements to Congress, the "public has a right to know the details when a foreign government attempts to influence the outcome of a U.S. presidential election." In accordance with the briefing schedule in the case, the ODNI must release all non-exempt portions of the Complete Assessment on May 3, 2017 to EPIC. EPIC is also pursuing two related FOIA cases as part of the Democracy and Cybersecurity Project. In EPIC v. FBI, EPIC is seeking records concerning the FBI's investigation of Russian interference. In EPIC v. IRS, EPIC is seeking release of President Trump’s Tax records.

EPIC to Congress: Protect Student Privacy

EPIC has sent a statement to the House Committee on Oversight for the upcoming hearing on the FAFSA ("Free Application for Federal Student Aid") data breach, which compromised more than 100,000 taxpayer records. EPIC urged the Committee to protect student privacy. EPIC's testimony: (1) explained how the U.S. Education Department weakened key safeguards for student records, (2) described the privacy risks that students today face, (3) underscored the need for data security safeguards for student information, and (4) recommended that Congress adopt EPIC's Student Privacy Bill of Rights. EPIC has previously urged Congress, the Education Department, and the Federal Trade Commission to strengthen student privacy.

May 3, 2017

Intelligence Agency Provides Non-Responsive Response in EPIC Lawsuit for Russia Report

The Director of National Intelligence has failed to provide a sufficient response in EPIC v. ODNI, concerning release of the report on the Russian interference in the 2016 Presidential election. The intelligence agency was required to release all “non-exempt portions" of the report to EPIC on May 3, 2017. However the agency withheld the entire document, refusing to provide even partial information that should have been released to EPIC under the Freedom of Information Act. As EPIC made clear in the complaint, “There is an urgent need to make available to the public the Complete ODNI Assessment to fully assess the Russian interference with the 2016 Presidential election and to prevent future attacks on democratic institutions.” EPIC will challenge the agency’s response as the litigation continues in federal district court in Washington, DC. EPIC v. ODNI is a part of the EPIC Cybersecurity and Democracy Project, which focuses on US cyber policies, threats to election systems and foreign attempts to influence American policymaking.

Continue reading "Intelligence Agency Provides Non-Responsive Response in EPIC Lawsuit for Russia Report" »

May 4, 2017

Senators Introduce Bill to Remove Personal Data from Cargo Manifests

Senators Steve Daines (R-MT) and Gary Peters (D-MI) have introduced a bill that would remove personally identifiable information from shipping manifest sheets that are released to the public. According to the bill's sponsors, the Moving Americans Privacy Protection Act seeks to protect people who make international moves from "identity theft, credit card fraud and unwanted solicitations." EPIC maintains a page on identity theft and launched "Data Protection 2016," a non-partisan campaign to make data protection an issue in the 2016 election.

Spending Measure Increases FTC Funding by $6 Million

The spending measure recently approved by Congress allocates $313 million to the FTC for fiscal 2017. According to the Senate summary, the allocation is for the FTC "to detect and eliminate illegal collusion, prevent anticompetitive mergers, combat consumer fraud, fight identity theft and promote consumer privacy." The amount is an increase of $6 million, or about 2 percent, over 2016 levels. EPIC has consistently urged the FTC to exercise its full authority in protecting consumers and has filed numerous consumer privacy complaints with the FTC, including a recent complaint about "toys that spy." Earlier this year, an EPIC-led coalition detailed 10 steps for the FTC to protect consumers in 2017.

May 2, 2017

Surveillance Report Shows Uptick in "Backdoor Searches"

The ODNI 2016 Transparency Report provides new details about government surveillance activities. According to the ODNI, there was a 10% increase in the use of “backdoor searches” under Section 702. These searches occur when a government search targets a U.S. person under a law intended to permit only surveillance of non-US persons. This controversial practice is one of the reasons lawmakers oppose renewal of Section 702.

May 5, 2017

EPIC To Senate Judiciary - "Public Has Right to Know About Russia Ties"

EPIC has sent a statement to the Senate Judiciary Committee for a hearing on "Russian Interference in the 2016 United States Election." EPIC described its Freedom of Information Act cases against the FBI and the ODNI to obtain records about activities aimed at undermining democratic institutions. EPIC is also pursuing the release of any FISA orders for Trump Tower, as well as Donald Trump's tax returns. EPIC wrote the "need to understand Russian efforts to influence democratic elections cannot be overstated.”

May 7, 2017

Goldberg, Kasparov, Rivest and Wald to Receive EPIC 2017 Awards

EPIC has announced the recipients of the 2017 Champions of Freedom Awards. They are privacy attorney Carrie Goldberg, human rights advocate Garry Kasparov, and Judge Patricia Wald. Computer scientist Ron Rivest will receive the 2017 EPIC Lifetime Achievement Award. Event hosts include Danielle Citron, John Podesta, Marc Rotenberg, Bruce Schneier, and Manoush Zomorodi. The 2017 EPIC Awards dinner will be held at the National Press Club in Washington, DC on Monday, June 5, 2017. Tickets are available.

May 8, 2017

On Cyber Policy, EPIC Urges Senate to Protect Consumers, Democratic Institutions

In advance of a hearing on "Cyber Threats Facing America: An Overview of the Cybersecurity Threat Landscape," EPIC has sent a statement to a Senate Committee urging Congress to protect democratic institutions, following the Russian interference with the 2016 presidential election. EPIC explained that "data protection and privacy should remain a central focus" of cyber security policy. EPIC also recommended that Congress strengthen the federal Privacy Act and establish a U.S. data protection agency. EPIC recently launched the EPIC Cybersecurity and Democracy Project that will focus on US cyber policies, threats to election systems and foreign attempts to influence American policymaking.

May 9, 2017

Former Attorney General Testifies about Russian Influence with Key Trump Advisor

In a hearing before a Senate Judiciary Subcommittee, former Acting Attorney General Sally Yates said she warned the White House that General Michael Flynn "could be blackmailed by the Russians" who knew he had lied about his Russian contacts. Yates also said the DOJ came forward out of concern that both administration officials and the American people "had been misled." As a part of the Democracy and Cybersecurity Project, EPIC is pursuing a Freedom of Information Act request for records of DOJ's investigation of Russian interference, EPIC explained to the Senate committee that "the public has 'the right to know' the extent of Russian interference with democratic elections and the steps that are being taken to prevent future attacks."

EPIC Urges Transparency in Negotiation of US-UK Intercept Treaty

EPIC has sent a statement to the Senate Judiciary Committee for a hearing on "Law Enforcement Access to Data Stored Across Borders." According to news reports, the United States and the United Kingdom are seeking to establish an agreement for direct access to personal data outside their legal jurisdictions. A secret agreement is under negotiation. In November 2016, EPIC filed a FOIA Request related to the US-UK agreement. Last week, the Justice Department alerted EPIC that responsive documents had been located and would be referred to the State Department for additional processing. EPIC has long advocated for transparency concerning international agreements. In 2016, EPIC obtained the "Umbrella Agreement" after a successful Freedom of Information Act lawsuit.

EPIC Joins Coalition to Urge FOIA Compliance On Congress-Agency Communications

EPIC joined a coalition of civil society organizations to urge the House Committee on Financial Services to rescind guidance declaring communications between the Department of Treasury and the Committee are exempt from public access. In the letter to Chairman Jeb Hensarling (R-TX), the coalition stated the move represented "a troubling precedent" that "improperly restrict[s] the ability of the public to use FOIA." Records in the possession of federal agencies are presumptively available to the public under the Freedom of Information Act. EPIC and a coalition also recently urged the Immigration and Customs Enforcement to comply with the FOIA and "fully disclose information on immigration enforcement cooperation between federal and non-federal law enforcement agencies." For more information about EPIC's latest open government work, visit: https://epic.org/open_gov/.

In Merger Reviews, EPIC Advocates for Privacy, Algorithmic Transparency

EPIC has sent a statement to the Senate Judiciary Committee ahead of a hearing on the new Antitrust Chief. EPIC urged the Committee to consider the role of consumer privacy and data protection in merger reviews. EPIC warned that "monopoly platforms" are reducing competition, stifling innovation, and undermining privacy. EPIC pointed to the FTC's failure to block the Google/DoubleClick merger which accelerated Google's dominance of Internet advertising and the WhatsApp/Facebook merger which paved the way for Facebook to access confidential WhatsApp user data. EPIC also suggested that "algorithmic transparency" would become increasingly important for merger analysis. EPIC is a leading consumer privacy advocate and regularly submits complaints urging investigations and changes to unfair business practices.

May 11, 2017

D.C. Circuit: California Water Well Information Exempt from Public Disclosure

The D.C. Circuit Court of Appeals has ruled that information about a government project to manage water in the California is exempt from disclosure under the Freedom of Information Act. The Court found that Exemption 9, which covers "geological and geophysical information…concerning wells," permitted the Bureau of Reclamation to withhold information about well location and depth information. "Congress enacted FOIA to 'permit access to official information long shielded unnecessarily from public view,'" the Court said. However, the D.C. Circuit rejected the arguments of environmental group AquAlliance that the legislative history indicated the exemption only applied to oil and gas wells; the Court said it should "assume that Congress meant what it said, and said what it meant." EPIC frequently fights overbroad agency withholding of public records. In EPIC v. FBI, a FOIA lawsuit seeking release of FBI privacy assessments, a court sided with EPIC and agreed that the agency did not justify withholding records under a FOIA exemption for law enforcement procedures and techniques.

May 12, 2017

EPIC: 'Not Possible' for FAA to Regulate Drone Hazards Without Privacy Rules

EPIC has filed a reply brief in EPIC v. FAA, a lawsuit concerning the FAA's failure to establish privacy rules for small commercial drones. EPIC sued the FAA after the agency refused to issue drone privacy rules. Congress had required a "comprehensive plan" for drone deployment in the United States, and more than 100 experts and organizations petitioned the agency for privacy safeguards. In a brief filed last month, the FAA acknowledged "that cameras and other sensors attached to [drones] may pose a risk to privacy interests" but continued to deny the agency's responsibility to set privacy rules. EPIC wrote in reply, "It is not possible to address the hazards associated with drone operations without addressing privacy in the final rule for small commercial drone." EPIC also explained that the FAA "profoundly mischaracterizes the aviation technology at issue" by suggesting that cameras are simply add-ons. "Drone cameras are an integral component of drone operations," EPIC explained. "Without a camera, it would be almost impossible to operate a commercial drone."

Executive Order on Cybersecurity Finally Released

A long delayed Executive Order on cybersecurity was released this week. The Order continues many of the cybersecurity policies of the Obama and Bush administrations. The Executive Order requires agency heads to use the NIST Framework to manage cybersecurity risk, and to provide a risk management report. The Order also requires Cabinet officials to devise a strategy for international cooperation in cybersecurity. However, the Order does not address Russia's cyber interference with the 2016 Presidential Election. EPIC, and a group of forty leading experts in law and technology, had urged the White House to strengthen privacy and data protection, and support strong encryption. The EPIC Cybersecurity and Democracy Project focuses on US cyber policies, threats to election systems and foreign attempts to influence American policymaking.

EPIC Files Emergency Motion to Preserve Records in FBI Russian Interference FOIA Case

EPIC has filed an emergency motion today in EPIC v. FBI, a Freedom of Information Act case for records concerning the Russian Interference with the 2016 Presidential Election. In papers filed with a federal district court in Washington, DC, EPIC cited Donald Trump's abrupt firing of the FBI Director, and concerns expressed by Members of the House and Senate regarding the possible destruction of FBI records related to the investigation. EPIC asked the Court to issue a preservation order and to impose sanctions if the order is violated. Today, the FBI also released records to EPIC, including the agency's procedures for notifying the victims of cyberattacks. The case is EPIC v. FBI, No. 17-121, before Judge Royce C. Lamberth. [Press Release]

May 15, 2017

Court of Appeals Grants Rehearing in FTC v. AT&T Mobility

The Ninth Circuit Court of Appeals has granted rehearing of a decision that stripped the FTC of its authority over companies engaged in "common carrier" activities. The grant of rehearing vacates the court's earlier holding that the common carrier exemption to FTC authority is status-based, not activity-based. EPIC and a coalition of consumer advocates had filed a friend-of-the-court brief urging reconsideration of the court's decision, warning that the decision "could immunize from FTC oversight a vast swath of companies that engage in some degree in common carrier activity." EPIC previously filed an amicus brief in FTC v. Wyndham to defend the FTC's "critical role in safeguarding consumer privacy and promoting stronger security standards."

EPIC v. FBI: Agency Cyber Hack Notification Procedures Fall Short

In Freedom of Information Act lawsuit EPIC v. FBI, EPIC has obtained the FBI notification procedures that would have applied to the Russian cyberattacks during the 2016 Presidential election. The documents obtained by EPIC establish that the FBI Cyber Division is to "notify and disseminate meaningful information to victims and the CND [Computer Network Defense] community." The Cyber Division specifically notifies the "individual, organization, or corporation that is the owner or operator of the computer at the point of compromise or intrusion." The analysis to determine whether or not to notify the victim, as well as FBI procedures for approval or deferral of notification, the timing of notification, the method of notification, and more were all redacted by the agency. EPIC intends to challenge theses withholdings. The FBI's response raises questions about whether the agency fulfilled the obligation to properly notify the victims of the Russian cyberattacks.The Intelligence Community assessed that both major US political parties were attacked. The FBI also produced notification procedures for threats to life or serious bodily injury, and certain procedures under the Foreign Intelligence Surveillance Act. Next in the case, EPIC anticipates the release, on May 26, of FBI communications with political organizations and federal agencies concerning the Russian interference.

May 17, 2017

EPIC Asks FTC to Stop System for Secret Scoring of Young Athletes

EPIC has filed a complaint with the Federal Trade Commission to stop the secret scoring of young tennis players. The EPIC complaint concerns the "Universal Tennis Rating", a proprietary algorithm used to assign numeric scores to tennis players, many of whom are children under 13. "The UTR score defines the status of young athletes in all tennis-related activity; impacts opportunities for scholarship, education and employment; and may in the future provide the basis for 'social scoring' and government rating of citizens," according to EPIC. EPIC urged the FTC to “find that a secret, unprovable, proprietary algorithm to evaluate children is an unfair and deceptive trade practice.” In 2015, EPIC launched a campaign on "Algorithmic Transparency" and has pursued several cases, including one for rating travelers and another for assessing guilt or innocence, that draw attention to the social risks of secret algorithms.

EPIC FOIA: EPIC Seeks Memos of Trump Conversations with FBI Director

EPIC has filed an urgent Freedom of Information Act request with the Federal Bureau of Investigation for former Director James Comey's memos concerning his communications with President Trump. On May 16th, 2017, the New York Times reported Mr. Comey documented "every phone call and meeting he had with the president." The memos tracked "what he perceived as the president's improper efforts to influence a continuing investigation," the Times said. EPIC has filed a formal FOIA request for the public release of all of Director Comey's memos, including a memo describing his meeting with President Trump concerning National Security Advisor Flynn's resignation. Leaders of the Senate Intelligence Committee and House Oversight Committee both requested the FBI to turn over the memos to Congress. EPIC also recently filed an emergency motion to preserve records in EPIC v. FBI, a FOIA lawsuit for records concerning the Russian Interference with the 2016 Presidential Election.

May 18, 2017

Facebook Fined $122 Million for Misleading Europe on Privacy Risks of WhatsApp Merger

The EU has fined Facebook $122 million for misleading the European Commission during the investigation of the Facebook-WhatsApp Merger. Following Facebook's acquisition of WhatsApp, WhatsApp transferred users' personal data to Facebook and violated the company's privacy promises. Facebook had downplayed the risks of the merger, saying that WhatsApp users' personal data could not be linked with their Facebook accounts. "U.S. antitrust law has failed to keep up with the digital economy and the emergence of monopoly services," EPIC president Marc Rotenberg told the New York Times. "There is far too much 'lock in' with a dominant provider, and far too much consolidation of personal data." The head of BEUC, the European consumer association, said "It is very disappointing that the Commission decided not to revise its original decision on the Facebook merger with WhatsApp." EPIC recently urged the Senate Judiciary Committee to consider the role of consumer privacy and data protection in merger reviews and highlighted the FTC's failure to block the Facebook-WhatsApp merger.

May 19, 2017

EPIC Opposes State Department Plan to Collect Social Media Identifiers for Visa Applicants

In comments to the State Department, EPIC urged the agency to drop a plan to obtain the social media identifiers of individuals applying for visas to enter the U.S. EPIC argued that the proposal threatens important First Amendment rights, risked, abuse, and would disproportionately impact certain minority groups. EPIC has previously opposed DHS proposals to collect social media information and recently submitted a FOIA request following statements made by the Homeland Security Secretary, indicating DHS planned to ask individuals for social media passwords before allowing entry into the U.S.

Court Strikes Down FAA Registration Requirement for Hobbyist Drones

A federal appeals court has struck down the FAA's rule requiring hobbyists to register their drones. The D.C. Circuit ruled that a registration requirement violated the FAA Modernization Act which forbade regulations for "model aircraft," including unmanned drones "flown for hobby or recreational purposes." EPIC is currently challenging the FAA's failure to establish privacy rules for "small, commercial" drones. Congress required a "comprehensive plan" for drone deployment in the United States, and more than 100 experts and organizations petitioned the agency for privacy safeguards. EPIC v. FAA is full briefed and arguments before the D.C. Circuit are anticipated this fall.

Rep. Blackburn Proposes Online Privacy Bill, Would Preempt Stronger State Protections

Rep. Marsha Blackburn (R-TN) has introduced the The Browser Act, H.R. 2520, aimed at protecting online privacy. The Browser Act would apply to Internet ISPs as well as Internet companies, such, as Google and Facebook, and would generally require "opt-in" consent before sensitive information could be collected or disclosed. However, the bill lacks a private right of action or a remedy for violations. The bill gives enforcement authority to the FTC which has mostly failed to protect consumers online privacy. The bill lacks data breach notification, and would overwrite stronger state privacy laws that protect consumers. In comments to the FCC and elsewhere, EPIC has set out a comprehensive framework for online privacy.

FBI Opposes EPIC Preservation Order in FBI Russian Interference FOIA Case

The FBI is opposing EPIC's emergency motion to preserve records in a Freedom of Information Act case for records of the Russian Interference with the 2016 Presidential Election. Following Donald Trump's abrupt firing of FBI Director James Comey, EPIC asked a federal court to issue a preservation order for records at issue in EPIC v. FBI and to impose sanctions if the order is violated. EPIC cited irregular circumstances surrounding the firing of the FBI Director, as well as concerns expressed by members of Congress and Senators regarding the possible destruction of FBI records. In the filing today, the FBI suggested that EPIC would have to provide actual evidence of destruction of records before a court could issue a preservation order to prevent destruction of records.

May 22, 2017

EPIC to House Committee: IRS Must Release Trump Tax Records

In advance of an IRS Oversight hearing, EPIC has sent a statement to the House Appropriations Committee regarding EPIC v. IRS, the case in which EPIC is seeking release of President Trump's tax records. According to EPIC, "There has never been a more compelling FOIA request presented to the IRS." In the request to the IRS, EPIC explained that the IRS Commissioner may release tax returns to "correct misstatements of fact" and to ensure the "integrity and fairness" of the tax system. EPIC is currently pursuing several high level FOIA cases, including EPIC v. FBI and EPIC v. ODNI, to determine the scope of Russian interference with the 2016 Presidential election.

EPIC Tells Congress: Limit Use of Social Security Numbers

EPIC has sent a statement to the House Ways & Means Committee and House Committee on Oversight and Government Reform in advance of a hearing on "Protecting Americans' Identities: Examining Efforts to Limit the Use of Social Security Numbers." EPIC warned about the danger of SSN-related identity theft. "Given the growing risk of identity theft coupled to the SSN and the ease of alternative systems, there is simply no excuse for the use of SSNs in either the public or private sector," said EPIC. EPIC has long urged Congress and state legislators to limit use of the SSN.

May 23, 2017

Senator Warner asks FTC to Take Action on Toys that Spy

Senator Mark Warner has sent a letter to the Federal Trade Commission expressing his concern about connected toys that spy on children. "I worry that protections for children are not keeping pace with consumer and technology trends shaping the market for these products," Senator Warner said in the letter. Senator Warner asked FTC Acting Chairwoman Maureen Ohlhausen to respond to several questions, including whether the FTC has "taken any action with respect to 'My Friend Cayla' or other products manufactured by Genesis Toys." EPIC filed a complaint with the FTC in December, 2016, alleging that toys My Friend Cayla and i-Que Intelligent Robot violate federal privacy laws. The complaint spurred international efforts to ban the toys from the marketplace and a congressional investigation into the toy makers' data practices.

May 30, 2017

DC Circuit Rules in Second EPIC Airport Body Scanner Case

In a cursory per curium opinion, the D.C. Circuit denied EPIC's petition for review of the TSA's final rule mandating body scanners in U.S. airports. EPIC argued in EPIC v. DHS II that the TSA had failed to justify body scanners as compared with less invasive, more effective screening techniques, such as magnometers combined with explosive trace detection. Public comments overwhelmingly favored EPIC's recommendations to the federal agency. EPIC also argued that the TSA's decision to end the opt-out was contrary to the DC Circuit's earlier opinion EPIC v. DHS I which held that passengers could opt-out of the invasive screening technique. As Judge Ginsburg explained in the earlier case, "Despite the precautions taken by the TSA, it is clear that by producing an image of the unclothed passenger, an AIT scanner intrudes upon his or her personal privacy in a way a magnetometer does not." Judge Ginsburg further said, "any passenger may opt-out of AIT screening in favor of a patdown, which allows him to decide which of the two options for detecting a concealed, nonmetallic weapon or explosive is least invasive."

May 31, 2017

EPIC Continues Opposition to Social Media Searches of Visa Applicants

In comments to Customs and Border Protection, EPIC opposed a plan to obtain social media information from visa applicants. EPIC said the CBP proposal threatens First Amendment rights, risked abuse, and would disproportionately impact minority groups. EPIC has previously opposed proposals to collect social media information from individuals seeking to enter the United States. In a FOIA lawsuit against DHS, EPIC obtained documents which revealed that federal agencies gather social media comments to identify individuals critical of the government. EPIC is currently pursuing a FOIA request about a revised DHS plan to require disclosure of social media passwords before allowing entry into the country.

FBI Postpones Insider Threat Database

The FBI has postponed a plan to establish an "insider threat database" of FBI employees that would have included vast amounts of personal data, such as medical diagnostics and biometric data, on FBI employees, family members, dependents, relatives, and other personal associations. EPIC submitted comments critical of the agency plan that would have also removed important Privacy Act safeguards. The Department of Justice suggested that the delay is temporary and that a similar database may still be established for Department of Justice components. EPIC has consistently warned against inaccurate, insecure, and overly intrusive government databases.

The FOIA Project Provides 2017 FOIA Report

A new report from The FOIA Project tracks many of the Freedom of Information Act lawsuits filed by media organizations and journalists in 2017. According to TRAC, forty-five new FOIA lawsuits were filed by thirty-nine news organizations and reporters. The New York Times, with six FOIA suits, filed suit most frequently. In second place is EPIC, which has already filed four FOIA lawsuits in 2017, including a suite of lawsuits under the new EPIC Democracy and Cybersecurity Project focused on preserving democratic institutions. In EPIC v. ODNI EPIC seeks public release of the January 2017 report of the intelligence community on Russian hacking, and in EPIC v. IRS EPIC seeks release of President Trump's Tax records. In EPIC v. FBI, EPIC has already obtained the Bureau's procedures for notifying organizations that are the target of a cyber attack. EPIC has asked Congress to determine whether the FBI did enough to notify US political organizations about Russian cyber attacks during he 2016 Presidential election.

About May 2017

This page contains all entries posted to epic.org in May 2017. They are listed from oldest to newest.

April 2017 is the previous archive.

June 2017 is the next archive.

Many more can be found on the main index page or by looking through the archives.