Focusing public attention on emerging privacy and civil liberties issues

EPIC Alert 16.22

=======================================================================
                        E P I C   A l e r t
=======================================================================
Volume 16.22                                          November 23, 2009
-----------------------------------------------------------------------

                       Published by the
            Electronic Privacy Information Center (EPIC)
                        Washington, D.C.

            http://www.epic.org/alert/epic_alert_1622.html

		"Defend Privacy. Support EPIC."
		    http://epic.org/donate


=======================================================================
Table of Contents
=======================================================================
[1] Internet Governance Forum Meets in Egypt
[2] EPIC Urges Smart Grid Privacy 
[3] EPIC Sues Department of Homeland Security over Imaging Technology
[4] European and United States Officials Examine Cross Border Privacy
[5] Revised Google Books Settlement Released
[6] News in Brief
[7] EPIC Bookstore: "Protectors of Privacy"
[8] Upcoming Conferences and Events
 - Join EPIC on Facebook http://facebook.com/epicprivacy
	- Privacy Policy
	- About EPIC
	- Donate to EPIC http://epic.org/donate
	- Subscription Information

=======================================================================
[1] Internet Governance Forum Meets in Egypt
=======================================================================
The Internet Governance Forum (IGF) had its fourth annual meeting this
month in Sharm El Sheikh, Egypt. The meeting brought together
technology, privacy, and security experts from all over the world,
including multiple members of EPIC's advisory board. The three-day
conference included a number of panels and workshops on privacy issues,
as part of a complete look at the future of the internet.

The IGF conference workshops were organized into the categories of
Access, Critical Internet Resources, Diversity, Openness, Security,
Capacity Building, and Development, and nearly every category included
workshops addressing privacy.  Some of the key privacy topics addressed
were balancing freedom of expression and privacy; content regulation,
surveillance, and sexuality rights; openness and online behavioral
targeting advertising; privacy and security; social networking; cloud
computing; and policy implications of the IPv6 transition.

EPIC Executive Director Marc Rotenberg served as moderator for the
plenary session on security, openness, and privacy, and spoke in a
workshop titled "Four Sisters--Information Security, Data Protection,
and Electronic Governance." EPIC Advisory Board members Bruce Schneier
and Simon Davies also attended and spoke in a workshop titled
"Security, Openness, and Privacy," and Advisory Board members Rebecca
Mackinnon and Vinton G. Cerf also participated in the conference.

EPIC Public Voice Coordinator Katitza Rodriguez was a key organizer for
the IGF. Katitza serves as a member of the Multistaker Advisory Group
(MAG), established by the the Secretary-General of the United Nations.
Its purpose is to assist the Secretary General in convening
the Internet  Governance Forums. The MAG comprises of Members
from governments,  the private sector and civil society,
including representatives from the  academic and technical communities.

The forum succeeded in its goal of being a platform that brings
together experts to discuss issues, exchange information, and share
best practices.  Next year's IGF meeting will be in Vilnius, Lithuania.

Internet Governance Forum:
     http://www.intgovforum.org/

IGF: Chairman's Summary, 2009 Meeting:
     http://www.epic.org/redirect/112209chairmansumm.html

The Public Voice - Privacy & Security Implications of Cloud Computing:
     http://thepublicvoice.org/events/egypt09/

EPIC: Cloud Computing:
     http://epic.org/privacy/cloudcomputing/
     
Internet Governance Caucus, MAG Nominations:
     http://www.igcaucus.org/mag-nominations

Katitza Rodriguez at the May 2009 MAG Meeting (YouTube):
     http://www.youtube.com/watch?v=4q76hpA6PmU


=======================================================================
[2] EPIC Urges Smart Grid Privacy 
=======================================================================
On November 10, EPIC filed comments with the National Institute of
Standards and Technology (NIST), urging the agency to implement robust
privacy protections in the Smart Grid. NIST had requested comments on
their draft framework and roadmap for Smart Grid standards on October
29, 2009.

The Smart Grid refers to a host of technologies that will modernize the
existing electrical grid. The proposed grid will allow unprecedented
communication between American energy providers and energy consumers,
permitting the bi-directional flow of both information and electricity.
Ideally, the Smart Grid will enable more efficient delivery of
electricity and will allow consumers to make more informed energy use
decisions.

The Smart Grid will also dramatically transform the ability of
providers of power services in the United States to track the
activities of consumers. For instance, the Smart Grid proposes to
coordinate power supply with users' past usage patterns. However, the
electrical usage patterns could reveal intimate, personal details about
users' lives, such as their medical needs, interactions with others,
and personal habits.

EPIC also warned that the Smart Grid could be used to track specific
appliance usage, which could also reveal sensitive personal
information. The availability of Smart Grid data also increases the
danger of physical harm from, for example, burglars, stalkers, or other
criminals. For instance, burglars could examine electricity usage data
in order to determine times when a particular house is vacant, or in
order to determine how many occupants it has. Similarly, stalkers or
domestic abusers could use the data in order to track a victim's
activity.

The Smart Grid also increases the risk of identity theft, as any
personally identifiable information in the data could be intercepted
and misused. Alternatively, identity thieves could use PII obtained
elsewhere to impersonate utility customers, which poses the risk of
fraudulent utility use and potential impact on credit reports Because
of the privacy implications of the Smart Grid, EPIC urged NIST to
establish comprehensive privacy regulations that limit the collection
and use of consumer data.

EPIC Comments:
     http://epic.org/privacy/smartgrid/EPIC%20Smart%20Grid%20Comments.pdf 

NIST Framework and Roadmap for Smart Grid Interoperability Standards
Release 1.0 (Draft):
     http://www.epic.org/redirect/112209nistframewkrdmp.html

EPIC: Smart Grid and Privacy:
     http://epic.org/privacy/smartgrid/smartgrid.html/

NIST Homepage:
     http://www.nist.gov/index.html

Privacy By Design: The Smart Grid:
     http://www.ipc.on.ca/images/Resources/pbd-smartpriv-smartgrid.pdf



=======================================================================
[3] EPIC Sues Department of Homeland Security over Imaging Technology
=======================================================================
On November 5, 2009, EPIC filed suit against the Department of Homeland
Security (DHS) regarding an unanswered Freedom of Information Act
request.  On April 14, 2009, EPIC had mailed a request to DHS for
records regarding the privacy protection capabilities of whole body
imaging technology. The agency never responded substantively to EPIC's
request. EPIC later filed an appeal, challenging the agency's lack of
response. Again, the agency failed to comply with its legal obligations
to disclose the records sought by EPIC.

Whole body imaging technology was originally introduced in 2007, when
the Transportation Security Administration (TSA), a component of DHS,
began testing the imaging technology to screen travelers.  These
machines produced detailed, three-dimensional images of individuals'
naked bodies and are being used at airport security checkpoints, court
houses, and correctional facilities.

While TSA originally provided assurances that the technology would not
be mandatory for passengers and would include a privacy algorithm that
blurred faces, the agency later withdrew these assurances.  In February
2009, TSA announced that it would require passengers at six airports to
submit to whole body imaging in place of the standard metal detector
search.  In April 2009, the agency announced plans to expand the
mandatory use of body imaging to all U.S. Airports.

This means that Whole Body Imaging devices will replace metal detectors
at the primary screening devices in US airports. As a consequence, the
TSA could obtain naked pictures of every airline passenger, including
children, who travel from a US airport.

In response to TSA's expansion of the program, the U.S. House of
Representatives passed H.R. 2200, a bill that would limit the use of
whole body imaging systems at airports.  The measure is still pending
in the Senate. 

EPIC's Complaint:
     http://epic.org/privacy/airtravel/backscatter/Complaint_110309.pdf

EPIC: Whole Body Imaging:
     http://epic.org/privacy/airtravel/backscatter/

TSA: Whole Body Imaging:
     http://www.tsa.gov/approach/tech/imaging_technology.shtm

H.R. 2200:
     http://www.epic.org/redirect/112209hr2200.html
     
Privacy Coalition Letter Regarding Whole Body Imaging:
     http://www.epic.org/redirect/112209dhswbiletter.html

DHS Response to Privacy Coalition Letter:
     http://privacycoalition.org/dhs-reply-wbi_ltr.pdf
 
=======================================================================
[4] European and United States Officials Examine Cross Border Privacy
=======================================================================

European and American officials, as well as corporate privacy
professionals and privacy advocates, met for a three-day conference
recently on cross-border data flows and privacy. The conference was
organized by the U.S. Department of Commerce, with the participation
and cooperation of the European Commission and the Article 29 Working
Party on Data Protection. It was held from November 16th to 18th at the
International Trade Center in Washington, D.C.

The conference was the fourth annual meeting to review progress on the
US-EU Safe Harbor Framework, which was implemented in 2005. The Safe
Harbor allows U.S. companies to engage in data transfers out of EU
member states without prior approval, in spite of U.S. data protection
laws failing to meet the requirements of the EU's 1998 Data Protection
Directive.

Panels were held on a number of topics with panelists from a variety of
backgrounds. Several panels on the Safe Harbor itself included speakers
from U.S. law firms, the U.S. Federal Trade Commission, the Article 29
Working Party, and others. Other panels addressed such issues as
security, privacy by design, social networking, and privacy protection
in cases of pandemic response.

EPIC Executive Director, Marc Rotenberg, participated in a panel on
behavioral advertising, data protection, and privacy, alongside
panelists from advertising companies and the FTC.

Across the Divide: Successfully Navigating Safe Harbor:
     http://www.regonline.com/builder/site/Default.aspx?eventid=765010

International Trade Administration: Safe  Harbor:
     http://www.export.gov/safeharbor/

EPIC: Federal Trade Commission:
     http://epic.org/privacy/internet/ftc/


=======================================================================
[5] Revised Google Books Settlement Released
=======================================================================
On November 14, the parties in the Google Books Settlement filed an
amended settlement in federal court. The revised settlement makes
several changes to the original settlement. It removes several foreign
rights holders from the settlement class, so that only rights holders
in the United States, the United Kingdom, Canada, and Australia remain.
It also attempts to address concerns about “orphan books,” or books
whose rights holders cannot be readily found through a reasonably
diligent search, by calling for the appointment of a trustee to
represent their rights.

The revised settlement also addresses antitrust concerns, dropping the
clause that forbade the Book Rights Registry from offering Google's
competitors a more favorable deal than the one Google received from the
Association of American Publishers and the Authors Guild. The
Department of Justice, authors, EPIC and other privacy advocates
criticized the original settlement.

EPIC argued that the settlement would create a single digital library,
operated by Google, but failed to limit Google's use of the personal
information collected. In a motion to intervene in the settlement EPIC
argued that it “mandates the collection of the most intimate personal
information, threatens well-established standards that safeguard
intellectual freedom, and imperils longstanding Constitutional rights,
including the right to read anonymously.” EPIC also warned that the
original deal threatened “to eviscerate state library privacy laws that
safeguard library patrons in the United States."

Similarly, FTC Chairman John Liebowitz called attention to privacy
concerns and the vast amount of consumer information that could be
collected under the original settlement. The Chairman expressed the
Commission's commitment to evaluating the privacy issues presented by
Google Books, a sentiment that was echoed by Commissioner Pamela Jones
Harbour in her statement. In a separate letter, FTC Consumer Protection
Director David C. Vladeck urged Google to address consumer privacy
concerns and to limit the secondary use of user data.

However, the revised settlement does little to address privacy and does
not fix the lack of user privacy protections. Professor Pamela
Samuelson of the University of California, Berkeley stated that
“[t]here are dozens of provisions in the settlement agreement that call
for monitoring of what users do with books and essentially no privacy
protections built into the settlement agreement.”

Amended settlement agreement:
http://www.epic.org/redirect/112209gbsettrev.html

Pamela Samuelson, “New Google Book Settlement Aims Only to Placate
Governments,” Huffington Post, November 17, 2009:
     http://www.epic.org/redirect/112209Samuelson.html

EPIC's Objections to the Original Settlement:
     http://epic.org/privacy/googlebooks/EPIC_Brief-GBS.pdf

DOJ's Statement Regarding the Original Settlement:
     http://thepublicindex.org/docs/letters/usa.pdf

FTC''s Statements Regarding the Original Settlement:
     http://www.ftc.gov/os/closings/090903leibowitzstatement.pdf
     http://www.ftc.gov/os/closings/090903harbourthstatement.pdf
     http://www.ftc.gov/os/closings/090903horvathletter.pdf

Authors' Objections to the Original Settlement: 
http://www.eff.org/files/filenode/authorsguild_v_google/File Stamped Brf.pdf

Other Privacy Advocates Objections to the Original Settlement:
     http://www.epic.org/redirect/112209gbobjections.html

EPIC: Google Books Settlement and Privacy:
     http://epic.org/privacy/googlebooks/

EPIC: Google Books Litigation:
     http://epic.org/privacy/googlebooks/litigation.html

EPIC: Google Books: Policy Without Privacy:
     http://epic.org/privacy/googlebooks/policy.html


=======================================================================
[6] News in Brief
=======================================================================
EPIC Complete's Takoma Park Election Manual Ballot Audit

EPIC completed the final phase of the manual ballot audit of the Takoma
Park, Maryland November 3, 2009 election. The manual audit completed
the oversight requirements imposed by the City of Takoma Park for the
Scantegrity voting system used by the city for its recent elections.
This was the first public election in the United States to deploy the
Scantegrity voting system.  Over 1600 votes cast ballots in the
election to elect their mayor and fill ward council positions.

EPIC Audit of Takoma Park Municipal Election November 3, 2009:
takoma_park_audit.pdf

Scantagrity:
     http://www.scantegrity.org/

Links: Takoma Park Election’s Office:
     http://www.takomaparkmd.gov/clerk/election/2009/index.html

Takoma Ballot verification Web page:
     http://scantegrity.org/takoma/checkcodes

EPIC’s Voting Privacy Page:
     http://epic.org/privacy/voting/
   


President Obama Nominates Brill and Ramirez for FTC

On November 17, 2009, President Obama nominated Julie Brill and Edith
Ramirez to be commissioners of the Federal Trade Commission. Brill,
North Carolina's top consumer advocate, serves as the senior deputy
attorney general and chief of consumer protection and antitrust for the
North Carolina Department of Justice. Ramirez, who specializes in
intellectual property and complex litigation matters, is a partner in a
Los Angeles, California law firm and has experience representing
companies such as Mattel, Inc. and Northrop Grumman Corp. In a press
release, President Obama stated, “These individuals bring a depth of
experience to their respective roles, and I am confident they will
serve my administration and the American people well. I look forward to
working with them in the months and years ahead.”

Federal Trade Commission:
     http://www.ftc.gov/commissioners/index.shtml

EPIC: Federal Trade Commission:
     http://epic.org/privacy/internet/ftc/. 

Brill Biography:
     http://www.law.columbia.edu/fac/Julie_Brill.

Ramirez Biography:
     http://www.quinnemanuel.com/attorneys/ramirez-edith.aspx.

White House Nominations  Press Release:
     http://www.epic.org/redirect/112209whitehouseprelease.html



Investigating Congressional Committee Acknowledges Privacy Coalition
Letter

House Homeland Security Committee Chairman Bennie Thompson has
responded to the Privacy Coalition letter regarding the Chief Privacy
Officer of the Department of Homeland Security. Chairman Thompson said
that "the Committee is in the process of reviewing the programs
outlined" in the letter, and thanked the Coalition for bringing the
issues to the attention of the committee. He further stated that the
Committee "will continue to examine the Department's programs and
policies and vigorously address privacy concerns and issues."

Letter from Chairman Thompson:
     http://epic.org/open_gov/homeland/HLS_Comm_Reply.pdf

Privacy Coalition - Letter to Chairman Thompson:
     http://epic.org/security/DHS_CPO_Priv_Coal_Letter.pdf

EPIC: DHS Privacy Office:
     http://epic.org/privacy/dhs-cpo.html

Privacy Coalition:
     http://privacycoalition.org/



Privacy Coalition Writes Letter Re: Fordham Child Privacy Study

A Fordham Law School study found that state educational databases
across the country ignore key privacy protections for the nation's
school children. The study reports that at least 32% of states
warehouse children's social security numbers; at least 22% of states
record student pregnancies; and at least 46% of the states track mental
health, illness, and jail sentences as part of the children's
educational records. Some states outsource the data processing without
any restrictions on use or confidentiality for children's information.
Access to this information and the disclosure of personal data may
occur for decades and follow children well into their adult lives.
These findings come as Congress is considering the Student Aid and
Financial Responsibility Act, which would expand and integrate the 43
existing state databases without taking into account the critical
privacy failures in the states' electronic warehouses of children's
information. 

Study Website:
     http://law.fordham.edu/childrensprivacy

Fordham Law School, Center on Law and Information Policy:
     http://www.epic.org/redirect/110609fordhamstudy.html

Student Aid and Financial Responsibility Act:
     http://www.epic.org/redirect/110609studentaidact.html

EPIC: Children's Online Privacy Protection Act:
     http://epic.org/privacy/kids/

EPIC: DOD Recruiting Database:
     http://epic.org/privacy/student/doddatabase.html



Demand Your dotRights Campaign Goes Public 

The ACLU of Northern California launched a new privacy campaign called
“Demand Your dotRights.” The campaign is intended to call attention to
the trail of digital information that is left by online activity. It
“provides a behind-the-scenes look at everything from social
networking, to photo sites, to search engines,” and educates
individuals on how they can regain control over their personal
information. The campaign also urges businesses and lawmakers to do
more to protect privacy.

Demand Your dotRights campaign website:
     http://www.dotrights.org/home

ACLU of Northern California announcement:
     http://www.epic.org/redirect/112209acluannouncement.html

EPIC: Facebook Privacy:
     http://epic.org/privacy/facebook

EPIC: Search Engine Privacy:
     http://epic.org/privacy/search_engine



Facebook Releases Revised Privacy Policy

On November 17, 2009, Facebook unveiled its new privacy policy.  The
new policy was announced after the social network site completed a
weeklong comment period. Facebooks said that new policy was designed to
be more easy to understand, and includes plain language and a simpler
structure. The company has also announced plans to add definitions of
key terms, screen shots of important pages and informational "learn
more" videos. However, the policy is problematic because it continues
to allow the disclosure of user information to third parties, including
"other companies, lawyers, courts or other government entities", in a
broad array of circumstances and relieves Facebook of any
responsibility for third party applications that "violate [Facebook's]
rules."

Facebook: Privacy Policy:
     http://www.facebook.com/policy.php

EPIC: Social Networking Privacy:
     http://epic.org/privacy/socialnet/

Facebook Blog: New Privacy Policy Adopted:
     http://blog.facebook.com/blog.php?post=181160577130
     


D.C. Circuit Hears Argument in Warrantless GPS Tracking Case

On November 17, 2009, the D.C. Circuit heard oral argument in United
States v. Jones, a case addressing the legality of warrantless GPS
tracking by the government. In the case, FBI agents attached a GPS
tracker to the appellant’s car while the car was on private property.
The device transmitted the position of the car every ten seconds,
allowing the FBI to track its position for a full month, all without a
warrant. In a similar case, Commonwealth v. Connolly, EPIC filed a
“friend-of-the-court” brief with the Massachusetts Supreme Judicial
Court, urging it to require police to obtain a warrant before engaging
in GPS tracking. That court held not only that police were required to
obtain a warrant, but also mandated that such warrants must expire
after fifteen days.

Electronic Frontier Foundation: U.S. v. Jones:
     http://www.eff.org/cases/us-v-jones

New York Times: Editorial: GPS and Privacy Rights:
     http://www.nytimes.com/2009/11/23/opinion/23mon3.html

EPIC: Commonwealth v. Connolly:
     http://epic.org/privacy/connolly/

EPIC: Commonwealth v. Connolly Amicus Brief:
     http://epic.org/privacy/connolly/042009amicus.pdf



=======================================================================
[7] EPIC Bookstore: "Protectors of Privacy"
=======================================================================
Protectors of Privacy: Regulating Personal Data in the Global Economy
By Abraham L. Newman Available at:
http://www.epic.org/redirect/112209bookreview.html

“You have zero privacy anyway. Get over it.” 
- Scott McNealy, CEO of Sun Microsystems

“Everyone has the right to the protection of personal data concerning
him or her.” 
- Article 8-1, Charter of Fundamental Rights of the European Union

In Protectors of Privacy: Regulating Personal Data in a Global Economy,
Professor Abraham Newman compares the attitudes and approaches of The
United States and the European Union with respect to privacy in the
computer age. Newman argues that, while the United States surpasses
other countries in terms of technological advancements, the European
Union has much more comprehensive data privacy protection, which has
shown to be more effective than the United States' self-regulatory
approach.

Newman opens the book with a description of the security issues that
face consumers across the globe today. The problems center on data
retention by governments, corporations, and private firms: “In 2004,
Wal-Mart alone stored more than 460 terabytes of consumer information.
..[and one study] estimates that four federal agencies alone purchased
$30 million in personal information from [data mining] firms in 2005.”
With so much information stored in these databases, personal
information is left exposed, vulnerable to security breaches and
general misuse. The United States suffers over $50 billion in losses as
a result of identity theft and fraud every year. Storage of personal
data has occurred not only in the United States, but also abroad, and
thus the need for regulation of personal information has become a focus
for countries around the world. Many of the international debates
surrounding privacy protection deal with differences in the scope of
regulation, what Newman describes as either comprehensive regulations,
as the Europeans have adopted, or limited regulations, as the United
States has adopted.

Europe has emerged as the leader in establishing comprehensive
protection for personal information. In Chapter Four, Newman argues
that the success of Europe's comprehensive regulations, namely the
European Union's 1995 data privacy directive, is attributed to the
“institutionalization of data privacy authorities with expertise,
statutory authority, and network ties.” A significant result of the
directive was the emergence of transgovernmental cooperation, by way of
the Article 29 Working Party, which has compelled companies like Google
to alter their data retention policies in order to maintain compliance
with the group. Throughout the years, the Article 29 Working Party has
pushed for limiting data retention periods and encouraging data
retention principles, even in the wake of the terrorist attacks in
Madrid and the United Kingdom.

The United States, however, takes a different approach to privacy when
terrorism or a threat to national security is involved. After the
September 11, 2001 terrorist attacks, the federal government
implemented security measures that would require international airlines
to report to the U.S. Customs Bureau extensive traveler information
that could be retained for a period of up to three years, without
offering travelers the right to review or correct any of the stored
information. The Article 29 Working Party was particularly concerned
with the United States' government and agency access to carrier
databases and the exchange of personal information. After negotiations,
the European Commission finally allowed the transfer of data from
European airlines to the U.S. Customs Bureau, but gained a small
victory as the transfers would not include access to carrier databases
and also would not include sensitive information.

Newman's finest, and perhaps most significant, observation which also
serves as the underlying theme to the book, centers on the idea that
regulatory authority is truly the driving force behind successful data
protection measures. Europe emphasizes regulatory power, exemplified by
its data privacy authorities, and also operates using “coercive tools
to shape international outcomes.” According to Newman, the persuasive
appeal of regulatory solutions often is affected by the threats that
serve as incentives for compliance and motivation for negotiations.  On
the other hand, the United States' self-regulatory approach is focused
on “convincing” rather than “coercing,” and has slowly moved away from
delegating authority to independent agencies, instead favoring small
government and a focus on accountability. This new focus, however, has
“unintentionally undermined the power resources available to the United
States to promote its interests globally.”  As a result, the United
States faces difficult challenges, in light of Europe's comprehensive
and broadly adopted approach to privacy protection, to develop and
enforce its rules in the global market.

--Kim Nguyen

================================
EPIC Publications:

"Litigation Under the Federal Open Government Laws 2008," edited by
Harry A. Hammitt, Marc Rotenberg, John A. Verdi, and Mark S. Zaid
(EPIC 2008). Price: $60.

http://epic.org/bookstore/foia2008/
	
Litigation Under the Federal Open Government Laws is the most
comprehensive, authoritative discussion of the federal open access
laws. This updated version includes new material regarding the
substantial FOIA amendments enacted on December 31, 2007. Many of the
recent amendments are effective as of December 31, 2008. The standard
reference work includes in-depth analysis of litigation under Freedom
of Information Act, Privacy Act, Federal Advisory Committee Act,
Government in the Sunshine Act. The fully updated 2008 volume is the
24th edition of the manual that lawyers, journalists and researchers
have relied on for more than 25 years.

================================

"Information Privacy Law: Cases and Materials, Second Edition" Daniel
J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.

http://www.epic.org/redirect/aspen_ipl_casebook.html

This clear, comprehensive introduction to the field of information
privacy law allows instructors to enliven their teaching of fundamental
concepts by addressing both enduring and emerging controversies. The
Second Edition addresses numerous rapidly developing areas of privacy
law, including: identity theft, government data mining and electronic
surveillance law, the Foreign Intelligence Surveillance Act,
intelligence sharing, RFID tags, GPS, spyware, web bugs, and more.
Information Privacy Law, Second Edition, builds a cohesive foundation
for an exciting course in this rapidly evolving area of law.

================================

"Privacy & Human Rights 2006: An International Survey of Privacy Laws
and Developments" (EPIC 2007). Price: $75.
http://www.epic.org/phr06/

This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy in over
75 countries around the world. The report outlines legal protections,
new challenges, and important issues and events relating to privacy.
Privacy & Human Rights 2006 is the most comprehensive report on privacy
and data protection ever published.

================================

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.

http://www.epic.org/bookstore/pvsourcebook

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS). This
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals for
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more involved in the
WSIS process.

================================

"The Privacy Law Sourcebook 2004: United States Law, International Law,
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:
$40.

http://www.epic.org/bookstore/pls2004/

The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource for students,
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world. It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as
well as an up-to-date section on recent developments. New materials
include the APEC Privacy Framework, the Video Voyeurism Prevention Act,
and the CAN-SPAM Act.

================================

"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.

http://www.epic.org/bookstore/filters2.0

A collection of essays, studies, and critiques of Internet content
filtering. These papers are instrumental in explaining why filtering
threatens free expression.

================================

EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

EPIC Bookstore
http://www.epic.org/bookstore


================================

EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents obtained from government agencies under the
Freedom of Information Act.

Subscribe to EPIC FOIA Notes at:
https:/mailman.epic.org/mailman/listinfo/foia_notes


=======================================================================
[8] Upcoming Conferences and Events
=======================================================================
The Innovation Economy, Aspen Institute, Reagan Conference Center,
Washington, DC, Nov 30 - Dec 1, 2009.
For more information:
http://theinnovationeconomy.org/

Law in Cyberspace:  Legal Blogging & the Courts, Northwestern School of
Law, Chicago, IL, 4th Annual Judicial Symposium on Civil Justice
Issues, December 7, 2009.
For more information:
http://www.epic.org/redirect/112209nwconference.html

FTC Privacy Roundtable: Exploring Existing Regulatory Frameworks,
FTC Conference Center, Washington, DC, December 7, 2009.
For more information:
http://www.ftc.gov/opa/2009/11/privacyrt.shtm

"Reconceptualizing the FTC's Understanding of Privacy", Willard Hotel
Washington, DC, IAPP Confernce, December 8, 2009.
For more information:
http://www.epic.org/redirect/112209conference.html

Annual Privacy Coalition meeting, EPIC, Washington, DC,
January 21-23, 2010.
For more information: http://www.theprivacycoalition.org

"Reader Privacy: Should Library Standards Apply Online?," University
of North Carolina, Chapel Hill, January 22, 2010.

Data Privacy Day, January 28, 2010. 
For more information:
http://www.thepublicvoice.org

"Computers, Privacy, and Data Protection: An Element of Choice,"
Brussels, Belgium, January 29-30, 2010.
For more information:
http://www.cpdpconferences.org/

RSA 2010, San Francisco, March 1-5, 2010.
For more information:
http://www.rsaconference.com/2010/usa/

Association for Practical and Professional Ethics, Cincinnati,
March 5, 2010.
For more information:
http://www.indiana.edu/~appe/annualmeeting.html

Privacy 2010, Stanford, March 23 - 25, 2010.
For more information:
http://codex.stanford.edu/privacy2010

=======================================================================
Join EPIC on Facebook
=======================================================================

Join the Electronic Privacy Information Center on Facebook

http//facebook.com/epicprivacy

http://epic.org/facebook

Start a discussion on privacy. Let us know your thoughts.
Stay up to date with EPIC's events.
Support EPIC.


=======================================================================
Privacy Policy
=======================================================================

The EPIC Alert mailing list is used only to mail the EPIC Alert and to
send notices about EPIC activities. We do not sell, rent or share our
mailing list. We also intend to challenge any subpoena or other legal
process seeking access to our mailing list. We do not enhance (link to
other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list, please follow the above instructions under "subscription
information."


=======================================================================
About EPIC
=======================================================================

The Electronic Privacy Information Center is a public interest research
center in Washington, DC. It was established in 1994 to focus public
attention on emerging privacy issues such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research. For more information, see http://www.epic.org or write
EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202
483 1140 (tel), +1 202 483 1248 (fax).

=======================================================================
Donate to EPIC
=======================================================================

If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible. Checks
should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009. Or you can contribute online at:

http://www.epic.org/donate

Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation of encryption and
expanding wiretapping powers.

Thank you for your support.


=======================================================================
Subscription Information
=======================================================================

Subscribe/unsubscribe via web interface:
http://mailman.epic.org/mailman/listinfo/epic_news

Back issues are available at:
http://www.epic.org/alert


The EPIC Alert displays best in a fixed-width font, such as Courier.


------------------------- END EPIC Alert 16.22 ------------------------

.