EPIC Alert 22.20

======================================================================= E P I C A l e r t ======================================================================= Volume 22.20 October 30, 2015 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, DC http://www.epic.org/alert/epic_alert_22.20.html "Defend Privacy. Support EPIC." http://epic.org/support ======================================================================= Table of Contents ======================================================================= [1] EU: Data Transfers under Safe Harbor Now Unlawful [2] FAA To Establish Drone Registration Database, Privacy Issues Remain [3] NM Supreme Court: Warrantless Aerial Surveillance Unconstitutional [4] In FOIA Request, EPIC Obtains Secret 'Umbrella Agreement' from EU [5] DC Circuit to TSA: Produce Schedule for Final Rule on Body Scanners [6] News in Brief [7] EPIC in the News [8] EPIC Bookstore [9] Upcoming Conferences and Events TAKE ACTION: Fight Back Against Illegal US/UK Surveillance! LEARN about Privacy International's "Did GCHQ Spy on You?" Campaign: https://www.privacyinternational.org/illegalspying MAKE A CLAIM with the Investigatory Powers Tribunal: http://www.ipt-uk.com/section.aspx?pageid=16 FOLLOW Privacy International on Facebook: https://www.facebook.com/PrivacyInternational TWEET Your Support: #DidGCHQSpyOnYou/ @privacyint SUPPORT EPIC: https://epic.org/support/ ======================================================================= [1] EU: Data Transfers under Safe Harbor Now Unlawful ======================================================================= The landmark ruling that invalidated the US-EU Safe Harbor data transfer arrangement also determined that national data protection agencies retain the legal authority to enforce fundamental rights and investigate data transfers. Enforcement actions are now unfolding in Europe. After the October 2015 Safe Harbor decision, the EU's primary concern has become ensuring clarity on the ruling's specifics. The European Union is now working with national data protection authorities to safeguard a coordinated enforcement approach. As a first step, the Article 29 Working Party, composed of privacy officials across Europe, issued a preliminary statement calling for solutions "enabling data transfers to the territory of the United States that respect fundamental rights," and to ensure that transfers that are still taking place under the Safe Harbour decision." The European officials also stated that for now Standard Contractual Clauses and Binding Corporate Rules might be lawfully used. However, the Working Party will further analyze these alternative data transfer solutions to determine whether they comply with the EU's Schrems decision, in which the EU Court of Justice determined that data from Facebook Ireland were covered under EU, not US, data privacy rules. The Working Party has given the European Commission and the United States three months to create an alternative to Safe Harbor before it takes enforcement action. Despite the Working Party's statement, German data protection chiefs concluded that the ruling allowed them to reject alternative data transfer solutions and to begin privacy enforcement actions. They have announced an investigation into EU-US data transfers by companies including Google and Facebook. European and American officials confirmed that the US and the EU have continued negotiations to reach a Safe Harbor 2.0 agreement. EPIC recognizes data protection a fundamental right and has urged the US to update privacy laws and enact a comprehensive privacy framework. EPIC will testify November 3 before the US House Energy & Commerce Committee on "Examining the EU Safe Harbor Decision and Impacts for Transatlantic Data Flows." Article 29 Working Party: Statement on Safe Harbor (Oct. 16, 2015) https://epic.org/redirect/103015-article-29-harbor-statement.html The Hill: "Germany to investigate Google, Facebook data transfers to US" (Oct. 28, 2015) http://thehill.com/policy/cybersecurity/258341-germany-to- investigate-google-facebook-data-transfers-to-us The Public Voice: "Fundamental Rights are Fundamental" (Oct. 28, 2015) http://thepublicvoice.org/NGO-FRF-Statement-ICDPPC37.pdf US House: Hearing on Safe Harbor (Oct. 27, 2015) https://epic.org/redirect/103015-house-harbor-hearing.html EU High Court: Press Release on Safe Harbor Decision (Oct. 6, 2015) https://epic.org/redirect/101615-safe-harbor-release.html EPIC: Max Schrems v Irish Data Protection Commissioner (Safe Harbor) https://epic.org/privacy/intl/schrems/default.html The New York Times: "Digital Privacy, in the U.S. and Europe," by EPIC President Marc Rotenberg (Oct. 13, 2015) http://www.nytimes.com/2015/10/13/opinion/digital-privacy-in-the- us-and-europe.html ======================================================================= [2] FAA To Establish Drone Registration Database, Privacy Issues Remain ======================================================================= The US Department of Transportation and the FAA have announced that drone operators will be required to register with a national drone database. A task force of 25-30 people will develop recommendations for the registration process by November 20, 2015. The registration requirement is aimed at protecting public safety and promoting accountability, but creates new privacy risks. It is unknown whether the task force will include privacy and safety advocates. EPIC called on the FAA and Department of Transportation to make public the members of the drone task force. EPIC also filed an expedited FOIA request for the information, citing the fast-approaching November 20 deadline for the task force's recommendations. EPIC has argued that the safe integration of drones into the national airspace cannot be accomplished without privacy considerations. In comments to the FAA earlier in 2015, EPIC underscored the need for privacy regulations, stating, "Drones cannot be safely integrated into or operated within the national airspace until the FAA establishes clear privacy rules to limit invasive recording and prevent dangerous self help" measures. EPIC filed suit against the FAA after the agency did not implement a Congressional ruling requiring a comprehensive plan for the integration of drones into US airspace, and rejected the 2012 EPIC-led petition for a public rulemaking on drone privacy safeguards. The agency also refused to consider privacy as part of a 2015 rulemaking on small commercial drones, maintaining that privacy was outside the rulemaking's scope. In EPIC v. FAA, EPIC argued that the agency's failure to establish privacy rules for commercial drones is a violation of law and should be overturned. The FAA has already granted over 1,600 exemptions for domestic drones to operate within the US. The agency claims it "began issuing 'blanket' Certificates of Waiver" earlier in 2015. The blanket authorizations allow "flights anywhere in the country at or below 200 feet except in restricted airspace." EPIC has called on the US Court of Appeals for the DC Circuit to direct the FAA to address drone privacy. Drone Task Force: Announcement of Registration Database (Oct. 19, 2015) https://epic.org/redirect/103015-drone-registration.html EPIC v. FAA: Petition for Review (Mar. 31, 2015) https://epic.org/redirect/041515-epic-drone-petition.html EPIC: EPIC v. FAA https://epic.org/privacy/litigation/apa/faa/drones/ EPIC: Opening Brief in EPIC v. FAA (Sept. 28, 2015) https://epic.org/redirect/093015-epic-faa-brief.html EPIC: Letter to FAA re: Drone Task Force Members (Oct. 26, 2015) https://epic.org/foia/faa/EPIC-Ltr-Foxx-Huerta-15-10-26.pdf EPIC: FOIA Request re: Drone Task Force Members (Oct. 21, 2015) https://epic.org/redirect/103015-epic-dot-drone-foia.html EPIC: Comments to FAA re: Domestic Drones (Apr. 24, 2015) https://epic.org/privacy/litigation/apa/faa/drones/EPIC-FAA-NPRM.pdf EPIC: Drones and UAVs https://epic.org/privacy/drones/ ======================================================================= [3] NM Supreme Court: Warrantless Aerial Surveillance Unconstitutional ======================================================================= The New Mexico Supreme Court has ruled that state police violated the Fourth Amendment by conducting warrantless aerial surveillance that interfered with the petitioner's house and property. The court found that "prolonged hovering close enough to the ground to cause interference with [petitioner] Davis' property transformed this surveillance from a lawful observation . . . .to an unconstitutional intrusion. . ." A concurring opinion determined that a bright-line rule against such surveillance under the New Mexico Constitution is "coextensive with the scope of his or her reasonable expectation of privacy from ground surveillance." EPIC submitted a "friend of the court brief" in support of Davis, and EPIC Senior Counsel Alan Butler presented oral argument before the New Mexico Supreme Court in February 2015. EPIC argued that aerial surveillance within the airspace surrounding an individual's home threatens privacy and property interests and thus violates the Fourth Amendment. EPIC also warned the New Mexico high court that "[d]rones will enable broader use of aerial surveillance by law enforcement" agencies, making it especially "necessary to establish privacy rights to protect against constant monitoring." EPIC frequently files amicus briefs in state and federal courts on important Fourth Amendment issues related to new technologies. EPIC recently filed a brief in Riley v. California, in which the US Supreme Court held that police must obtain a warrant to search a cell phone seized pursuant to a lawful arrest. EPIC also filed a brief in the Supreme Court case Florida v. Harris, arguing that the use of advanced investigative techniques raises important new privacy considerations that should inform the Court's Fourth Amendment analysis. New Mexico Supreme Court: Decision in State v. Davis (Oct. 19, 2015) http://www.nmcompcomm.us/nmcases/nmsc/slips/SC34,548.pdf EPIC: Amicus Brief in State v. Davis (Dec. 8, 2014) https://epic.org/redirect/103015-davis-amicus.html EPIC: State v. Davis https://epic.org/amicus/drones/new-mexico/davis/ EPIC: Riley v. California https://epic.org/amicus/cell-phone/riley/ EPIC: Florida v. Harris https://epic.org/amicus/harris/ EPIC: Drones https://epic.org/privacy/drones/ ======================================================================== [4] In FOIA Request, EPIC Obtains Secret 'Umbrella Agreement' from EU ======================================================================== The EU Commission, in response to an EPIC Freedom of Information Act request, has released the text of the EU-US data transfer agreement. US and EU officials finalized the so-called "Umbrella Agreement" in September 2015, but kept the final document secret. The Umbrella Agreement compels the United States to extend certain privacy protections, afforded to US citizens by the Privacy Act of 1974, to EU citizens. Such protections were proposed in the Judicial Redress Act of 2015, a bill recently passed by the US House of Representatives, and currently under consideration in the Senate. In a letter to the House Judiciary Committee, EPIC analyzed the bill and recommended specific changes to the Judicial Redress Act. While EPIC commended Congress for an interest in privacy, EPIC also made clear that the bill failed to adequately provide meaningful protections for data collected on non-U.S. persons, pointed to increasing public concern in the US about failure to enforce the law and argued that the bill could be improved by extending Privacy Act protections to "any natural person." EPIC also filed multiple FOIA requests with US federal agencies to obtain the Umbrella Agreement. The US government must respond to EPIC's FOIA request by November 2, 2015. EU: Umbrella Agreement Released to EPIC under FOIA (Oct. 23, 2015) https://epic.org/redirect/103015-foia-umbrella-eu.html US Congress: Judicial Redress Act, S. 1600 (Oct. 21, 2015) https://epic.org/redirect/103015-judicial-redress-act.html EPIC: Letter to House Judiciary Comm. re: Agreement (Sept. 16, 2015) https://epic.org/redirect/103015-epic-house-umbrella-letter.html EPIC: EPIC v. DHS, DOJ and State Department Umbrella Agreement https://epic.org/foia/eu-us-data-transfer/ EPIC: Letter to House Judiciary Committee (Sept. 17, 2015) https://epic.org/redirect/091615-epic-letter-agreement.html EU: Statement on "Umbrella Agreement" (Sep. 8, 2015) http://europa.eu/rapid/press-release_STATEMENT-15-5610_en.htm EU: Fact Sheet on "Umbrella Agreement" (Sep. 8, 2015) http://europa.eu/rapid/press-release_MEMO-15-5612_en.htm EPIC: The Privacy Act of 1974 https://epic.org/privacy/1974act/ EPIC: Council of Europe Privacy Convention https://epic.org/privacy/intl/coeconvention/ ======================================================================= [5] DC Circuit to TSA: Produce Schedule for Final Rule on Body Scanners ======================================================================= The Court of Appeals for the DC Circuit has ordered TSA to comply with the ruling in EPIC v. DHS and conduct an "expeditious" rulemaking on the use of airport body scanners at airports. The court order grants the TSA 30 days to submit a rulemaking plan to the court. EPIC's prior efforts to end TSA's controversial body scanner program laid the groundwork for this latest ruling. In July 2010, EPIC petitioned the DC Circuit Court to suspend the body scanner program, arguing, "The TSA has acted outside of its regulatory authority and with profound disregard for the statutory and constitutional rights of air travelers." EPIC asserted that the federal agency's controversial program violated the Administrative Procedures Act, the Privacy Act, the Religious Freedom Restoration Act, the Video Voyeurism Prevention Act and the Fourth Amendment. EPIC further stated that the body scanner program was "unlawful, invasive, and ineffective." In July 2011, the DC Circuit Court of Appeals ruled that the TSA had violated the Administrative Procedures Act by implementing body scanners as a primary screening method without first undertaking public notice and comment rulemaking. The court ordered the agency to "promptly" undertake the proper rulemaking procedures and allow the public to comment on the body scanner program. The backscatter x-ray devices were subsequently removed from US airports, though the millimeter devices remain. After the TSA failed to promptly initiate notice-and-comment rulemaking, EPIC filed multiple motions requesting the court to enforce its own order and force the agency to initiate the mandated process. The court declined these motions. By July 2015, TSA still had not completed the rulemaking process required by the ruling in EPIC v. DHS. As a result, in July 2015 the Competitive Enterprise Institute filed a Petition for Writ of Mandamus to issue a final rule as required by the EPIC v. DHS mandate. DC Circuit Court of Appeals: Order to TSA (Oct. 23, 2015) https://epic.org/redirect/103015-dc-circuit-tsa-order.html EPIC: EPIC v. DHS (Suspension of Body Scanner Program) http://www.epic.org/redirect/031111EPICvDHS.html DC Circuit Court of Appeals: Order in EPIC v. DHS (Jul. 15, 2011) http://epic.org/redirect/071911_circuit_opinion_epicvdhs.html CEI: Petition for Writ of Mandamus (Jul. 15, 2015) https://epic.org/redirect/103015-cei-mandamus.html ======================================================================= [6] News in Brief ======================================================================= Supreme Court to Hear Critical Consumer Privacy Case The US Supreme Court will hear arguments November 2 in Spokeo v. Robins, a Fair Credit Reporting Act case brought on behalf of consumers whose rights were violated by the "people search" website. EPIC, technical experts, legal scholars, 15 other groups and the US Solicitor General, filed amicus briefs in support of the plaintiff. Citing the national epidemic of data breaches, identity theft and financial fraud, EPIC argued to the Court that now is "not the time" for it "to limit the ability of individuals to seek redress for violations of privacy rights set out by Congress." The EPIC brief was endorsed by 31 technical experts and legal scholars, all members of the EPIC Advisory Board. EPIC: Spokeo v. Robins https://epic.org/amicus/spokeo/ EPIC: The Fair Credit Reporting Act https://epic.org/privacy/fcra/ EPIC: Amicus Brief to Supreme Court in Spokeo v. Robins (Sep. 8, 2015) https://epic.org/amicus/spokeo/EPIC-Amicus-Brief.pdf EPIC: EPIC Advisory Board https://epic.org/epic/advisory_board.html Untethered Army Surveillance Blimp Roams East Coast One of the military's two controversial surveillance blimps broke free from its tether at Aberdeen Proving Ground October 28 and drifted over Maryland before drifting to earth in rural Pennsylvania. According to The Baltimore Sun, the football-field-length blimp floated at 16,000 feet, dragged a 6,700-foot cable and cut power lines as it landed. As the result of a 2014 FOIA lawsuit, EPIC uncovered details about the Army's plan to fly two "JLENS" blimps over the Washington, DC area. The several thousand documents provided to EPIC describe the use of JLENS, as well as the Army's relationship with the contractor Raytheon, which has proposed video surveillance capabilities for the blimps. The Baltimore Sun: "JLENS blimp returns to Earth in Central Pennsylvania; military recovery 'in progress'" (Oct. 28, 2015) http://www.baltimoresun.com/news/maryland/harford/aberdeen-havre- de-grace/bs-md-jlens-blimp-loose-20151028-story.html EPIC: EPIC v. Army - Surveillance Blimps https://epic.org/foia/army/ The Washington Post: "Blimplike surveillance craft set to deploy over Maryland heighten privacy concerns" (Jan. 22, 2014) http://www.washingtonpost.com/business/technology/blimplike- surveillance-crafts-set-to-deploy-over-maryland-heighten-privacy- concerns/2014/01/22/71a48796-7ca1-11e3-95c6-0a7aa80874bc_story.html EPIC: FOIA Documents on JLENS (2015) https://epic.org/foia/army/#foia Case Against Facebook Moves Forward in Ireland Following the ruling that invalidated the Safe Harbor arrangement, the Irish High Court has declared that the Irish Data Protection Commissioner is "obliged to investigate" privacy activist Max Schrems' complaint and must follow "fair procedures under Irish and EU law." The Commissioner pledged a "quick and swift procedure." Facebook's last- minute motion to join the procedure was denied. "The Schrems case underscores the need for the U.S. to strengthen its right to privacy," EPIC's Marc Rotenberg told the Washington Post. EU High Court: Text of Safe Harbor Decision (Oct. 6, 2015) https://epic.org/redirect/101615-safe-harbor-text.html EPIC: Max Schrems v Irish Data Protection Commissioner (Safe Harbor) https://epic.org/privacy/intl/schrems/ Twitter: Max Schrems https://twitter.com/maxschrems EU Advocate General: Opinion in Schrems v. DP Committee (Sep. 23, 2015) https://epic.org/redirect/093015-schrems-dp-opinion.html EPIC: Max Schrems v Irish Data Protection Commissioner (Safe Harbor) https://epic.org/privacy/intl/schrems/default.html BEUC: "Historic victory for Europeans' personal data rights" (Oct. 6, 2015) http://www.beuc.eu/publications/historic-victory-europeans%E2%80%99- personal-data-rights/html Privacy International: "There is no Safe Harbour from U.S. Authorities" (Oct. 6, 2015) https://www.privacyinternational.org/node/653 EDRi: "Fifteen years late, Safe Harbor hits the rocks" (Oct. 6, 2015) https://edri.org/safeharbor-the-end/ The Washington Post: "How one Austrian student took on American tech companies over privacy - and won" (Oct. 19, 2015) https://www.washingtonpost.com/news/the-switch/wp/2015/10/19/how- one-austrian-student-took-on-american-tech-companies-over-privacy- and-won/ Civil Society Leaders Issue Declaration on Fundamental Rights Leading digital rights and consumer privacy organizations met in Amsterdam to issue the declaration "Fundamental Rights are Fundamental." Calling attention to the recent success of Max Schrems and the failure of self-regulation, the organizations stated that the University of Amsterdam/MIT "Bridges" report is "remarkably out of touch with the current legal reality and what we need to do to address it." The NGO leaders also criticized the organizers of the Amsterdam conference for "the failure to engage" many new challenges to data protection, including "Big Data" and drone surveillance. Privacy campaigner Simon Davies wrote, "There has never been a moment in history when the privacy regulator community needs to do more to restore trust and relevance. Instead, this week signals a new low in that trust." TechCrunch: "Call For Robust Privacy Legislation In Wake Of EU Safe Harbor Strike-Down" (Oct. 28, 2015) http://techcrunch.com/2015/10/28/fundamental-rights-vs-self- regulation/ EPIC: Max Schrems v Irish Data Protection Commissioner (Safe Harbor) https://epic.org/privacy/intl/schrems/ U. Amsterdam/MIT: "Privacy Bridges" Report (Oct. 21, 2015) https://privacybridges.mit.edu/ Amsterdam Privacy Conference 2015 (Oct. 23-26, 2015) http://www.apc2015.net/ EPIC: Big Data and the Future of Privacy https://epic.org/privacy/big-data/ EPIC: Domestic Unmanned Aerial Vehicles (UAVs) and Drones https://epic.org/privacy/drones/ The Privacy Surgeon: "Why Privacy Commissioners Are Betraying Human Rights" (Oct. 28, 2015) http://www.privacysurgeon.org/blog/incision/why-privacy- commissioners-are-betraying-human-rights/ Senator Leahy Opposes FOIA Exemptions in Cyberscurity Bill Senator Patrick Leahy (D-VT) has urged fellow US senators to remove a proposed open-government exemption from a pending cybersecurity bill. The Cybersecurity Information Sharing Act (CISA), stated Sen. Leahy, "contains an overly broad new FOIA exemption that is both unnecessary and harmful." Sen. Leahy called the FOIA "our nation's premier transparency law," and said that any modifications must go through the Senate Judiciary Committee. "The Senate must have an open and honest debate about the Senate Intelligence Committee's bill and its implications for Americans' privacy and government transparency," remarked Leahy. In 2014, EPIC won a five-year court battle against the NSA for the text of NSPD-54, the foundational legal document for US cyber security policies. EPIC has also set out recommendations for FOIA reform. Sen. Leahy (D-VT): Press Release on CISA Statements (Oct. 26, 2015) https://epic.org/redirect/103015-leahy-cisa-statement.html PC World: "U.S. Senate to battle Tuesday over controversial CISA cybersecurity bill" (Oct. 27, 2015) http://www.pcworld.com/article/2997811/security/senate-to-battle- tuesday-on-controversial-cisa-cybersecurity-bill.html EPIC: Text of NSPD-54 (Jan. 9, 2008) https://epic.org/privacy/cybersecurity/EPIC-FOIA-NSPD54.pdf EPIC: Cybersecurity Privacy Practical Implications https://epic.org/privacy/cybersecurity/ NGO Coalition: National Action Plan 2015 (Jun. 9, 2015) https://epic.org/open_gov/Model-Action-Plan-NAP-Final-20150609.pdf EPIC: FOIA.ROCKS FOIA.ROCKS House to Consider Bill on Vehicle Data Privacy and Cybersecurity The US House Energy and Commerce Committee held an October 21 hearing to consider draft legislation on vehicle data privacy and cybersecurity. The bill would require vehicle manufacturers to establish privacy policies and would prohibit vehicle data hacking. However, the bill provides only limited enforcement of the privacy and cybersecurity provisions. EPIC has previously recommended safeguards for vehicle event data recorders (EDRs) and urged the Transportation Department to protect driver privacy. EPIC has written on the privacy and security implications of the "Internet of Things," which includes cars. US House: Hearing on Vehicle Data Privacy (Oct. 21, 2015) https://epic.org/redirect/103015-house-vehicle-privacy-hearing.html US House: Discussion Draft of Vehicle Data Privacy Bill (Oct. 13, 2015) https://epic.org/redirect/103015-draft-vehicle-privacy-bill.html EPIC: Letter to NHTSA on Driver Privacy (Oct. 20, 2014) https://epic.org/privacy/edrs/EPIC-NHTSA-V2V-Cmts.pdf EPIC et al.: Comments to NHTSA on Driver Privacy (Feb. 11, 2013) https://epic.org/privacy/edrs/EPIC-Coal-NHTSA-EDR-Cmts.pdf EPIC: Automobile Event Data Recorders (Black Boxes) and Privacy https://epic.org/privacy/edrs/ EPIC: The Drivers Privacy Protection Act (DPPA) https://epic.org/privacy/drivers/ EPIC: Internet of Things (IoT) https://epic.org/privacy/internet/iot/ House Committee Examines Cell Phone Surveillance The US House Subcommittee on Information Technology held an October 21 hearing to examine law enforcement use of "StingRays," devices for tracking cell phone users. The Department of Justice recently adopted guidelines requiring a warrant before using StingRay technology to track the location of mobile devices. Senators Chuck Grassley (R-IA) and Patrick Leahy (D-VT) asked DHS Secretary Jeh Johnson to adopt a similar policy for DHS. California has passed a law requiring a warrant for a StingRay. Documents obtained by EPIC in a FOIA lawsuit revealed the FBI was using the cell-site simulators without a warrant. EPIC also filed amicus briefs in U.S. v. Jones and State v. Earls, arguing that a warrant is required to obtain location information from cell phone subscribers. US House: Hearing on Law Enforcement and Phone Tracking (Oct. 21, 2015) https://epic.org/redirect/103015-house-hearing-tracking.html US House: Subcommittee on Information Technology https://oversight.house.gov/subcommittee/information-technology/ Sen. Leahy: Press Release on DHS StingRay Policy (Sep. 29, 2015) https://epic.org/redirect/101615-leahy-stingray-release.html US DOJ: Guidance on StingRay Use (Sep. 2015) http://www.justice.gov/opa/file/767321/download EPIC: List of FOIA Documents Obtained in StingRay Suit (2012-2013) https://epic.org/foia/fbi/StingRay/#foia EPIC: EPIC v. FBI - StingRay / Cell Site Simulator https://epic.org/foia/fbi/StingRay/#foia EPIC: Amicus Brief in US v. Jones (Oct. 3, 2011) https://epic.org/amicus/jones/EPIC_Jones_amicus_final.pdf EPIC: Amicus Brief in State v. Earls (Oct. 2012) https://epic.org/amicus/location/earls/EPIC-Earls-Amicus-NJ-SCt.pdf ======================================================================= [7] EPIC in the News ======================================================================= "Supreme Court weighs the right to sue an Internet data site." ABA Journal, Nov. 1, 2015. http://www.abajournal.com/magazine/article/supreme_court_weighs_ the_right_to_sue_an_internet_data_site "We Are All Safe Now: NORAD's Big Ass Surveillance Balloon Crashed After Breaking Free." Vice News, Oct. 28, 2015. https://news.vice.com/article/we-are-all-safe-now-norads-big-ass- surveillance-balloon-not-blimp-crashed-after-breaking-free "You Can't Just Stick a Pin in It, and Several Other Facts About That Blimp." NBC News, Oct. 28, 2015. http://www.nbcnews.com/news/us-news/you-cant-just-stick-pin-it- other-facts-about-blimp-n453221 "Another Step toward Government Under Law." Cato Institute Blog, Oct. 27, 2015. http://www.cato.org/blog/another-step-toward-government-under-law "Senate Passes Cybersecurity Legislation." NASDAQ.org, Oct. 27, 2015. http://www.nasdaq.com/article/senate-passes-cybersecurity- legislation-20151027-01827 "TSA Ordered To Make Final Body Scanner Rule." Law360, Oct. 26, 2015. http://www.law360.com/privacy/articles/718726?nl_pk=31db333b-e066- 40e5-96e2-fa1cc4d23e3d&utm_source=newsletter&utm_medium=email&utm_ campaign=privacy "US and EU scramble for new data-transfer deal." DW.com, Oct. 26, 2015. http://www.dw.com/en/us-and-eu-scramble-for-new-data-transfer-deal/ a-18806249 "Drone Fliers Navigate Privacy Pitfalls Without FAA Guidance." Law360, Oct. 21, 2015. http://www.law360.com/privacy/articles/708682?nl_pk=31db333b-e066- 40e5-96e2-fa1cc4d23e3d&utm_source=newsletter&utm_medium=email&utm_ campaign=privacy "House passes bill expanding foreigners' data-privacy rights." The Daily Dot, Oct. 20, 2015. http://www.dailydot.com/politics/judicial-redress-act-data-privacy- house-passage/ "Max Schrems, European Law Student, Is Winning Against Facebook In A Data Privacy Case." Tech Times, Oct. 20, 2015. http://www.techtimes.com/articles/97276/20151020/max-schrems- european-law-student-is-winning-against-facebook-in-a-data-privacy- case.htm "Sony could pay up to $8M in hacking lawsuit." USA Today, Oct. 20, 2015. http://www.usatoday.com/story/life/web-to-watch/tech-gaming/2015/10/ 20/sony-pictures-entertainment-the-interview-hack-seth-rogen-james- franco/74283582/ "N.M. Supreme Court ruling may limit police's warrantless aerial searches." The Santa Fe New Mexican, Oct. 19, 2015. http://www.santafenewmexican.com/news/local_news/ruling-may-limit- police-aerial-searches/article_5bd7de1a-5ed8-5268-98e2-bbdea5875ef5 .html "How one Austrian student took on American tech companies over privacy and won." The Washington Post, Oct. 19, 2015. https://www.washingtonpost.com/news/the-switch/wp/2015/10/19/how- one-austrian-student-took-on-american-tech-companies-over-privacy- and-won/ "Redress for NSA Surveillance: The Devil Is in the Details." Lawfare, Oct. 19, 2015. https://www.lawfareblog.com/redress-nsa-surveillance-devil-details "Schools, Government Agencies Move to Share Student Data." Education Week, Oct. 19, 2015. http://www.edweek.org/ew/articles/2015/10/21/schools-government- agencies-move-to-share-student.html "EU Court Decision Threatens US Cloud Dominance." TechNewsWorld, Oct. 16, 2015. http://www.technewsworld.com/story/82619.html For More EPIC in the News: http://epic.org/news/epic_in_news.html ======================================================================= [8] EPIC Bookstore ======================================================================= "Privacy Law and Society, 3rd Edition," by Anita Allen, JD, PhD and Marc Rotenberg, JD, LLM. West Academic (Dec.2015). http://www.westacademic.com/Professors/ProductDetails.aspx?NSIID=48693 The Third Edition of "Privacy Law and Society" is the most comprehensive casebook on privacy law ever produced. It traces the development of modern privacy law, from the early tort cases to present day disputes over drone surveillance and facial recognition. The text examines the philosophical roots of privacy claims and the significant court cases and statues that have emerged. The text provides detailed commentary on leading cases and insight into emerging issues. The text includes new material on developments in the European Union, decisions grounded in fundamental rights jurisprudence, and exposes readers to current debates over cloud computing, online profiling, and the role of the Federal Trade Commission. Privacy Law and Society is the leading and most current text in the privacy field. =================================== "Privacy in the Modern Age: The Search for Solutions," edited by Marc Rotenberg, Julia Horwitz and Jeramie Scott. The New Press (May 2015). Price: $25.95. http://epic.org/buy-privacy-modern-age The threats to privacy are well known: The National Security Agency tracks our phone calls; Google records where we go online and how we set our thermostats; Facebook changes our privacy settings when it wishes; Target gets hacked and loses control of our credit card information; our medical records are available for sale to strangers; our children are fingerprinted and their every test score saved for posterity; and small robots patrol our schoolyards while drones may soon fill our skies. The contributors to this anthology don't simply describe these problems or warn about the loss of privacythey propose solutions. They look closely at business practices, public policy, and technology design and ask, "Should this continue? Is there a better approach?" They take seriously the dictum of Thomas Edison: "What one creates with his hand, he should control with his head." It's a new approach to the privacy debate, one that assumes privacy is worth protecting, that there are solutions to be found, and that the future is not yet known. This volume will be an essential reference for policy makers and researchers, journalists and scholars, and others looking for answers to one of the biggest challenges of our modern day. The premise is clear: There's a problem let's find a solution. Contributors include: Steven Aftergood, Ross Anderson, Christine L. Borgman (coauthored with Kent Wada and James F. Davis), Ryan Calo, Danielle Citron, Simon Davies, A. Michael Froomkin, Deborah Hurley, Kristina Irion, Jeff Jonas, Harry Lewis, Anna Lysyanskaya, Gary T. Marx, Aleecia M. McDonald, Dr. Pablo G. Molina, Peter G. Neumann, Helen Nissenbaum, Frank Pasquale, Dr. Deborah Peel, MD, Stephanie E. Perrin, Marc Rotenberg, Pamela Samuelson, Bruce Schneier, and Christopher Wolf. ===================================== "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. =================================== "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. =================================== "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. =================================== "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. =================================== EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore: http://www.epic.org/bookstore =================================== EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= November 13, 2015. "Privacy and Transparency: To Promote Online Freedom" (UNESCO panel) "Open Forum on 2016 Ministerial" (OECD panel) Speaker: Marc Rotenberg, EPIC President Internet Governance Forum, Joo Pessoa, Brazil. http://www.intgovforum.org/cms/igf-2015-website January 27, 2016. EPIC 2016 International Champions of Freedom Awards Event. Computers, Privacy, and Data Protection Conference, Brussels. http://www.cpdpconferences.org/ June 6, 2016. EPIC 2016 Champions of Freedom Awards Event. Washington, DC. ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://twitter.com/epicprivacy Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center (EPIC) is a non-profit, independent public interest research center in Washington, DC. EPIC was established in 1994 to focus public attention on emerging privacy issues. Today EPIC maintains one of the top privacy websites in the world. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, files amicus briefs on emerging privacy and civil liberties issues, and conducts policy research. For more information, visit http://www.epic.org. ======================================================================= Support EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/support Your contributions help support Freedom of Information Act litigation, strong and effective advocacy for the right of privacy, and continued public education. Thank you for your support. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 22.20-------------------------

Share this page:

Defend Privacy. Support EPIC.
US Needs a Data Protection Agency
2020 Election Security