EPIC Alert 18.03

                            E P I C   A l e r t
Volume 18.03                                         February 15, 2011

                           Published by the
               Electronic Privacy Information Center (EPIC)
                           Washington, D.C.


                    "Defend Privacy. Support EPIC."

                  Report All Screening Experiences at
                   EPIC Body Scanner Incident Report

Table of Contents
[1] Senate Seeks to Curtail Current TSA Screening Procedures
[2] Congress Unfriends Facebook
[3] Chairman Issa Investigates "Political Review" Policy at DHS
[4] EPIC Opposes Secret Evidence in Body Scanner Lawsuit
[5] NJ Supreme Court: Expungement Statute Does Not Cover Private Facts
[6] News In Brief
[7] EPIC Book Review: "State Power and Democracy"
[8] Upcoming Conferences and Events

TAKE ACTION: Stop Airport Strip Searches!
- JOIN Facebook Group "Stop Airport Strip Searches" and INVITE Friends
- DISPLAY the IMAGE http://thepublicvoice.org/nakedmachine.jpg
- SUPPORT EPIC http://www.epic.org/donate/

[1] Senate Seeks to Curtail Current TSA Screening Procedures

Senator Tom Udall of New Mexico has introduced Senate Amendment 51,
which would require the Transportation Security Administration (TSA) to
curtail current body scanner procedures by January 1, 2012. The TSA will
be required to install software that will block the images of
passengers' naked bodies that TSA officials currently obtain.

Senator Udall cited "the privacy of airline passengers" and "significant
privacy concerns" in a letter to constituents explaining the legislative
measure. The Senator explained that the Amendment would mean "a separate
TSA officer will no longer be required to view the image in a
remotely-located viewing room." Udall also emphasized that the full
pat-down option the TSA rolled out in November of 2010 failed to provide
an effective alternative for passengers mindful of risks to their

On February 2, 2011, EPIC filed a new Freedom of Information Act (FOIA)
lawsuit against the TSA seeking compliance with its request for
documents relating to the new procedures. EPIC's FOIA Project was
responsible for the initial revelations that TSA's body scanner devices
were designed to capture, store, and transfer the naked images they

In a separate suit in the D.C. Circuit Court of Appeals, EPIC has
requested a full suspension of the body scanner program, as it is
invasive, unlawful, and ineffective. Oral argument for EPIC's suit is
scheduled for March 10, 2011.

Amendment 51 (Sen. Tom Udall)

Sen. Tom Udall's Constituent Letter

EPIC: EPIC v. DHS (Suspension of Body Scanners)

EPIC: Automated Target Recognition FOIA Complaint

EPIC: Whole Body Imaging Technology

[2] Congress Unfriends Facebook

A February 2011 letter from Rep. Ed Markey (D-MA) and Rep. Joe Barton
(R-TX) to Mark Zuckerberg questions Facebook's plans to make users'
addresses and mobile phone numbers available to websites and application
developers. After heavy criticism, Facebook has suspended the policy,
but said it would go forward once it had made further changes. EPIC
Executive Director Marc Rotenberg said that, "Facebook is trying to blur
the line between public and private information. And the request for
permission does not make clear to the user why the information is needed
or how it will be used."

Congressmen Markey and Barton have previously written to Facebook,
responding to news that the social media giant's business partners
transmitted personal user data to advertising and Internet tracking
companies, in direct violation of Facebook's policies. EPIC, joined by
many consumer and privacy organizations, has two complaints pending at
the Federal Trade Commission charging that Facebook's earlier changes to
users' privacy settings constitute unfair and deceptive trade practices.
The Commission has failed to act on either of these complaints.

However, Facebook also has made a positive move to protect users'
privacy, announcing that they would be switching to full session
encryption, through HTTPS. Though the change is not yet the default
setting, users will be able to opt into HTTPS through their "Account
Settings." The switch to an encrypted network will promote both privacy
and security, particularly when users access Facebook from public
Internet access points. Previously, Facebook only used HTTPS when users'
passwords were being sent to the site. Third party applications
currently do not support HTTPS.

EPIC has previously recommended the adoption of strong privacy
techniques for cloud-based services. In 2009, EPIC filed a complaint
with the Federal Trade Commission, urging an investigation into Google's
cloud computing services to determine the adequacy of privacy and
security safeguards, but the Commission did not act on this complaint
either. Google subsequently established HTTPS by default for Gmail.

Reps. Markey and Barton: Letter to Facebook (February 2, 2011)

Facebook: Addresses and Mobile Phone Numbers

Reps. Markey and Barton: Letter to Facebook (October 18. 2010)

Facebook: HTTPS

EPIC: FTC Cloud Computing Complaint (March 17, 2009)

EPIC: Facebook

EPIC: In Re Facebook

EPIC: In Re Facebook II

EPIC: Cloud Computing

[3] Chairman Issa Investigates "Political Review" Policy at DHS

Rep. Darrell E. Issa (R-CA), chair of the House Committee on Oversight
and Government Reform, issued a letter to Secretary Janet Napolitano
demanding that the Department of Homeland Security (DHS) release all
documents regarding its policy of vetting Freedom of Information Act
(FOIA) requests through political appointees. "The public has a right to
know what its government is doing," Rep. Issa stated. Issa seeks
documents released to the Office of the Inspector General, the
Associated Press, and other congressional offices; e-mail between DHS
personnel and the White House; and Responsive e-mails to or from front
office personnel regarding FOIA.

Rep. Issa, citing President Obama's open government and transparency
memorandum, questioned the agency's adherence to those principles. After
a September briefing by Chief Privacy Officer Mary Ellen Callahan
concerning DHS's directive that required certain FOIA requests to be
vetted by political appointees, Callahan claimed to Issa that this was
not, in fact, the policy. Based on these assertions, Rep. Issa decided
to delay the committee's inquiry. However, when further evidence was
brought to his attention in January 2011 that DHS did have a policy of
vetting requests, Rep. Issa concluded that that the evidence "raise[d]
questions about the Department's commitment to the President's effort to
create 'an unprecedented level of openness in Government.'"

Rep. Issa also requested that a number of DHS Front Office personnel,
including Chief Privacy Officer Mary Ellen Callahan, Chief FOIA Officer
Catherine Papoi, and Chief of Staff to the Secretary Noah Kroloff, be
made available to the committee for transcribed interviews about DHS's
FOIA policy and procedures.

After reviewing documents released by DHS indicating the policy resulted
in the improper delay of FOIA requests, EPIC filed a letter recommending
that the FOIA Ombudsman conduct an investigation of DHS FOIA policies
and practices.  The DHS policy is contrary to federal law and Supreme
Court holdings, as the FOIA does not permit agencies to select requests
for political scrutiny.

Letter from Rep. Darrell E. Issa (R-CA) to Secretary Janet Napolitano

President Barack Obama: Memorandum on Transparency and Open Government

EPIC: letter to Director Miriam Nisbet, OGIS

Office of Government Information Services

DHS: FOIA Policy
Freedom of Information Act

EPIC: Open Government
EPIC: Federal Open Government Laws 2010

[4] EPIC Opposes Secret Evidence in Body Scanner Lawsuit

In EPIC’s case against the Department of Homeland Security and the
Transportation Security Agency to suspend the use of body scanners in
airports across the country, the government has asked the court for
permission to file secret evidence. Local procedural rules in the
District of Columbia Circuit state that information may only be entered
under seal where the information was under seal during the agency's
decision making process, and still "need[s] to remain under seal on
appeal." In opposition to the request, EPIC argued that these rules
presume that both parties will have access to sealed materials.

The agency used the term "Sensitive Security Information" to
characterize unclassified evidence it nonetheless wishes to hide from
public scrutiny. The law granting the agency authority to issue
"Sensitive Security Information" directives identifies four potential
legal justifications for doing so, none of which the agency cited in its
motion. The agency failed to give EPIC any opportunity to challenge
individual directives before filing its request.

In addition, the government offered a novel justification for filing
scientific research under seal, claiming that certain studies were
protected under copyright. An appeals court has previously held that
federal copyright laws do not protect intellectual property once it is
adopted as part of the law. In this case, it is apparent that Congress
did not intend the Copyright Act to give scientific researchers the
right to prevent full access to the legal justifications for TSA
regulations. The agency offered no legal justification for leveraging
copyright laws to prevent EPIC from scrutinizing its legal claims.

EPIC filed its opposition to the motion on February 10, 2011, requesting
that the Court deny the agency's motion, or in the alternative, provide
sealed copies of the materials which are available to both parties. Oral
argument for the case is scheduled for March 10, 2011.

DHS Motion to File Secret Evidence

EPIC Opposition to Motion

EPIC: EPIC v. DHS (Suspension of Body Scanners)

EPIC: Whole Body Imaging Technology

[5] NJ Supreme Court: Expungement Statute Does Not Cover Private Facts

The New Jersey Supreme Court heard oral arguments on September 14, 2010
in the case of G.D. v. Kenny. The plaintiff in the case, G.D., was an
aide to Brian Stack. In 2007, Stack decided to run for the New Jersey
Senate. However, the Hudson Country Democratic Organization ("HCDO")
supported Stack's opponent in the primary election.

After obtaining records of G.D.’s criminal history, HCDO created and
distributed 17,000 flyers alleging that G.D. was a "DRUG DEALER who went
to JAIL for FIVE YEARS for selling coke near a public school." The flyer
also displayed G.D.'s photo. Unknown to the advertising firm, an order
of expungement was entered in June 2006 for G.D.'s conviction. The
Department of Corrections continued to list information about G.D.'s
conviction and sentence as late as August 2008 despite the expungement

In a claim against HCDO for defamation, the appellate court found that
because the information on the flyers was true, it could not support a
defamation claim, and dismissed it. On appeal, the Supreme Court of New
Jersey held that defendants are entitled to assert truth as a defense,
even when the relevant facts are subject to an expungement order under a
state statute. The decision is a setback to the notion of “The Right to
be Forgotten.”

EPIC had filed an “friend of the court” brief in the case, highlighting
the increasing risk that private firms will make available inaccurate,
incomplete, and outdated information if expungement orders are not
enforced. Furthermore, EPIC argued that expungement is a judicial
determination that should be respected. The omission of expungement
judgments from court records introduces errors into databases sold by
states as well as commercial databases sold by data mining companies.
These errors can lead to a range of consequences - from inconvenience to
the loss of civil liberties.

EPIC: G.D. v. Kenny

EPIC: Expungement 

Press Release: “The Right to be Forgotten”

Superior Court of N.J. Appellate Division: G.D. v. Kenny 

NJ Supreme Court: G.D. v. Kenny
[6] News In Brief

NIST Seeks Comments on Guidelines for Cloud Computing

The National Institute for Standards and Technology (NIST) has announced
that it is accepting comments on two draft documents on cloud computing:
the NIST Definition of Cloud Computing and the Guidelines on Security
and Privacy in Public Cloud Computing. The documents were prepared after
the Federal Chief Information Officer asked NIST to develop standards
and guidelines to assist the federal government’s secure adoption of
cloud computing. EPIC has warned of the ongoing privacy risks associated
with cloud computing since its expansion into the public sphere in 2008.
In 2009, EPIC filed a complaint with the Federal Trade Commission,
urging an investigation into Google’s cloud computing services to
determine the adequacy of privacy and security safeguards.  Comments on
both NIST documents are due no later than February 28, 2011. 

National Institute for Standards and Technology

NIST: Press Release on Cloud Computing

NIST: Definition of Cloud Computing

NIST: Guidelines on Security and Privacy in Public Cloud Computing

EPIC: FTC Cloud Computing Complaint (March 17, 2009)
EPIC: Cloud Computing

EPIC: In re Google and Cloud Computing

EPIC Joins Campaign to Promote Transparency in Europe

EPIC has supported a global initiative led by Access Info, an
international human rights organization, to urge the Committee of Civil
Liberties, Justice, and Home Affairs (LIBE) of the European Parliament
to safeguard government transparency. Currently, the Committee is
considering a proposal to limit open government by hindering access to
certain documents. On January 28, 2011, a letter was sent on behalf of
Access Info and its supporters to the European Parliament, calling for
the alignment of regulations with the pro-transparency decisions of the
Court of Justice of the European Union. EPIC has joined 180
organizations, journalists, and activists in its support for Access
Info’s campaign. Over 90 countries worldwide have adopted laws,
constitutional amendments or regulations protecting the right to freedom
of information.

Access Info: Transparency in the European Union 

European Union: LIBE Committee

EPIC: Open Government 

EPIC: Privacy & Human Rights

FBI Handwritten Changes on NSLs to Expand Surveillance, Evade Oversight

EPIC used the Freedom of Information Act (FOIA) to obtain internal
reports that FBI Field Offices made unauthorized changes to National
Security Letters, absent any internal legal review. The Attorney
General's National Security Letter Guidelines explicitly require field
offices to clear all National Security Letter requests through the
National Security Law Branch of the FBI or the Chief Division Counsel.
The changes violated this safeguard and frustrated oversight. National
Security Letters (NSLs) are already an extraordinary search procedure,
which give the FBI the power to compel the disclosure of customer
records held by banks, telephone companies, Internet Service Providers,
and others. These entities are prohibited, or "gagged," from telling
anyone about their receipt of the NSL, which makes oversight difficult. 
The incident revealed by EPIC is yet another instance of the FBI's NSL
practices failing to abide by constitutional protections and the rule of

FOIA Request (July 2, 2009)

EPIC FOIA Note #17 (February 7, 2011)

EPIC: Intelligence Oversight Board: FOIA Documents on Legal Violations

Report of Unauthorized Change to FBI National Security Letter

[7] EPIC Book Review: "State Power and Democracy"

"State Power and Democracy: Before and During the Presidency of George
W. Bush," Andrew Kolin


In "State Power and Democracy," Andrew Kolin argues that the United
States government has consistently expanded its efforts, domestically
and abroad, to create a state of “surveillance and control.” To support
his arguments regarding the expansion of the “police state,” Kolin
follows the history of United States government responses to progressive
political movements over the last two centuries.

Kolin spends several chapters developing an argument that, even before
9/11, the United States government was laying foundations for extensive
surveillance and participating in officially-sanctioned violence. To
support his claims, Kolin details the history of the labor movement,
including the response to workers' rights movements over the last
hundred years. He also follows the history of U.S. involvement in
toppling communist and socialist-leaning regimes around the world.

Kolin openly attacks the CIA, claiming that it "demonstrates a
determination to develop torture into an exact science." He tracks the
agency's involvement in torture training at the School of the Americas
(later renamed "Western Hemisphere Institute for Security Cooperation"),
which boast such infamous alumni as Robert Viola, Manual Noriega, Juan
Valasco, and Guillermo Rodriguez, members of the Grupo Colina death
squad, officers in the notorious Battalion 3-16, and Augusto Pinochet's
secret police.

Kolin avoids the tendency to ascribe civil liberties violations to one
political party. Instead, he argues that both Republican and Democratic
administrations have participated in oppressive activities over the
course of the last two centuries. In particular, Kolin describes the
ways in which the Clinton Administration's policy initiatives laid the
groundwork for the civil liberties violations that would become routine
under George W. Bush’s Administration.

"State Power and Democracy" includes references to many important civil
liberties issues of the present day, including the PATRIOT Act,
Guantanamo Bay, the torture memos, and the broad surveillance of

Kolin ends the book on a reformative note, by detailing potential
reforms, and stating "it is with the possible combination of a
dysfunctional police state with a hint of reformism and the rising
expectations of mass movements that America will finally rid itself of
its police state."

-- Ginger McCall

EPIC Publications:

"Litigation Under the Federal Open Government Laws 2010," edited by
Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark
S. Zaid (EPIC 2010). Price: $75


Litigation Under the Federal Open Government Laws is the most
comprehensive, authoritative discussion of the federal open access laws.
This updated version includes new material regarding President Obama's
2009 memo on Open Government, Attorney General Holder's March 2009 memo
on FOIA Guidance, and the new executive order on declassification. The
standard reference work includes in-depth analysis of litigation under:
the Freedom of Information Act, the Privacy Act, the Federal Advisory
Committee Act, and the Government in the Sunshine Act. The fully updated
2010 volume is the 25th edition of the manual that lawyers, journalists
and researchers have relied on for more than 25 years.


"Information Privacy Law: Cases and Materials, Second Edition" Daniel
J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.


This clear, comprehensive introduction to the field of information
privacy law allows instructors to enliven their teaching of fundamental
concepts by addressing both enduring and emerging controversies. The
Second Edition addresses numerous rapidly developing areas of privacy
law, including: identity theft, government data mining and electronic
surveillance law, the Foreign Intelligence Surveillance Act,
intelligence sharing, RFID tags, GPS, spyware, web bugs, and more.
Information Privacy Law, Second Edition, builds a cohesive foundation
for an exciting course in this rapidly evolving area of law.


"Privacy & Human Rights 2006: An International Survey of Privacy Laws
and Developments" (EPIC 2007). Price: $75.


This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy in over
75 countries around the world. The report outlines legal protections,
new challenges, and important issues and events relating to privacy.
Privacy & Human Rights 2006 is the most comprehensive report on privacy
and data protection ever published.


"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.


This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS). This
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals for
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more involved in the
WSIS process.


"The Privacy Law Sourcebook 2004: United States Law, International Law,
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:


The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource for students,
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world. It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as
well as an up-to-date section on recent developments. New materials
include the APEC Privacy Framework, the Video Voyeurism Prevention Act,
and the CAN-SPAM Act.


"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.


A collection of essays, studies, and critiques of Internet content
filtering. These papers are instrumental in explaining why filtering
threatens free expression.


EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

EPIC Bookstore


EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents obtained from government agencies under the
Freedom of Information Act.

Subscribe to EPIC FOIA Notes at:

[8] Upcoming Conferences and Events

"Secondary and Intermediary Liability on the Internet." Stanford
Technology Law Review, Stanford Law School, 3 March 2011. For More

"Privacy and the Supreme Court." Columbia Law School, New York, New
York, 4 March 2011.

"The Web: Wiring Our World." UNIS-UN, New York, 4 March 2011. For More
Information: http://www.unis-un.org/unisun/.

"The Tenth Workshop on Economics of Information Security." The George
Mason University, 14-15 June 2011. For More Information:

"Computers, Freedom, and Privacy 2011." Georgetown Law Center,
Washington D.C., 14-16 June 2011. For More Information:

Join EPIC on Facebook

Join the Electronic Privacy Information Center on Facebook



Start a discussion on privacy. Let us know your thoughts.
Stay up to date with EPIC's events.
Support EPIC.

Privacy Policy

The EPIC Alert mailing list is used only to mail the EPIC Alert and to
send notices about EPIC activities. We do not sell, rent or share our
mailing list. We also intend to challenge any subpoena or other legal
process seeking access to our mailing list. We do not enhance (link to
other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list, please follow the above instructions under "subscription

About EPIC

The Electronic Privacy Information Center is a public interest research
center in Washington, DC. It was established in 1994 to focus public
attention on emerging privacy issues such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research. For more information, see http://www.epic.org or write
EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202
483 1140 (tel), +1 202 483 1248 (fax).

Donate to EPIC

If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible. Checks
should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009. Or you can contribute online at:


Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation of encryption and
expanding wiretapping powers.

Thank you for your support.

Subscription Information

Subscribe/unsubscribe via web interface:

Back issues are available at:

The EPIC Alert displays best in a fixed-width font, such as Courier.

------------------------- END EPIC Alert 18.03 ------------------------

Share this page:

Defend Privacy. Support EPIC.
US Needs a Data Protection Agency
2020 Election Security