EPIC Alert 22.21

======================================================================= E P I C A l e r t ======================================================================= Volume 22.21 November 11, 2015 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, DC http://www.epic.org/alert/epic_alert_22.21.html "Defend Privacy. Support EPIC." http://epic.org/support ======================================================================= Table of Contents ======================================================================= [1] EPIC Calls for Comprehensive Overhaul of US Privacy Law [2] EPIC Obtains Documents on Boater Tracking Program [3] EPIC Sues for Release of Secret EU-US 'Umbrella Agreement' [4] In EPIC Lawsuit, FAA Concedes Drone Privacy Risks [5] Drone Registration Task Force Fails to Include Privacy Groups [6] News in Brief [7] EPIC in the News [8] EPIC Book Review: 'Reclaiming Conversation' [9] Upcoming Conferences and Events TAKE ACTION: Fight Back Against Illegal US/UK Surveillance! LEARN about Privacy International's "Did GCHQ Spy on You?" Campaign: https://www.privacyinternational.org/illegalspying MAKE A CLAIM with the Investigatory Powers Tribunal: http://www.ipt-uk.com/section.aspx?pageid=16 FOLLOW Privacy International on Facebook: https://www.facebook.com/PrivacyInternational TWEET Your Support: #DidGCHQSpyOnYou/ @privacyint SUPPORT EPIC: https://epic.org/support/ ======================================================================= [1] EPIC Calls for Comprehensive Overhaul of US Privacy Law ======================================================================= EPIC President Marc Rotenberg testified November 3 before the US House Energy & Commerce Committee to call for a comprehensive modernization of US privacy law. The Committee invited EPIC to the hearing "Examining the EU Safe Harbor Decision and Impacts for Transatlantic Data Flows." "The United States should update its privacy law because it is long overdue, because it is widely supported, and because the ongoing failure to modernize our privacy law is imposing an enormous cost on American consumers," said Mr. Rotenberg. Safe Harbor, established in 2000 and struck down by the European Court of Justice in September 2015, was a US-EU industry-developed self- regulatory trade framework that simply did not work. Consumer groups and scholars long criticized Safe Harbor, noting that almost a decade had passed before the Federal Trade Commission brought an enforcement action against a US company. EPIC recommended to the Committee that the US should take four steps to update domestic privacy law: "(1) enact the Consumer Privacy Bill of Rights, (2) Modernize the Privacy Act, (3) establish an independent data protection agency, and (4) ratify the International Privacy Convention." There exists a "growing consensus on both sides of the Atlantic, supported by consumer groups and business leaders, to recognize that privacy is a fundamental human right," Mr. Rotenberg added. Several members of Congress expressed support for changes in US privacy law to address the problems identified in the Schrems decision. EPIC: Testimony before US House on Safe Harbor (Nov. 3, 2015) https://epic.org/redirect/111015-epic-safe-harbor-testimony.html US House: Hearing on Safe Harbor (Nov. 3, 2015) https://epic.org/redirect/111015-house-safe-harbor-hearing.html EU Commission: Press Release on New Data Framework (Nov. 6, 2015) http://europa.eu/rapid/press-release_IP-15-6015_en.htm EU Commission: Directive re: Safe Harbor (Nov.6, 2015) https://epic.org/redirect/111015-eu-safe-harbor-directive.html Morning Consult: "Data Sharing Deal With E.U. Will Only Be a Start" (Nov.3, 2015) http://morningconsult.com/2015/11/data-sharing-deal-with-e-u-will- only-be-a-start/ The Public Voice: "Fundamental Rights are Fundamental" (Oct. 28, 2015) http://thepublicvoice.org/NGO-FRF-Statement-ICDPPC37.pdf EU High Court: Press Release on Safe Harbor Decision (Oct. 6, 2015) https://epic.org/redirect/101615-safe-harbor-release.html EPIC: Max Schrems v Irish Data Protection Commissioner (Safe Harbor) https://epic.org/privacy/intl/schrems/default.html ======================================================================= [2] EPIC Obtains Documents on Boater Tracking Program ======================================================================= In response to an EPIC FOIA lawsuit, the US Coast Guard has released more than 100 pages of documents about a controversial boater-tracking program called the National Automated Information System, or NAIS. NAIS is a surveillance network that collects and processes information about vessels in US coastal and territorial waters. Transceivers located near US ports and costal areas gather information from vessels equipped with the Automatic Identification System (AIS), a ship-to-ship collision avoidance system used worldwide. A ship equipped with AIS broadcasts a regular stream of voiceless data, including the vessel's name, course, speed, classification, call sign, registration number and Maritime Mobile Service Identity. Most vessels over 65' operating in US waters are required to carry AIS; it is optional for owners of smaller craft. Once NAIS transceivers receive AIS data from a vessel, that information is stored, processed and transmitted to the Coast Guard and other agencies and entities. The system currently receives about 92 million AIS messages a day from 12,700 unique vessels. EPIC has expressed support for the use of AIS for maritime safety but warned about the retention and the transfer of information about boaters to other federal agencies for purposes unrelated to maritime safety. The Coast Guard has indicated that NAIS data is used for "detecting anomalies, monitoring suspicious vessels, and pinpointing the location of potential threats." This, stated EPIC in the original FOIA request, "raises questions as to how 'anomalies,' 'suspicious vessels,' and 'potential threats' are identified; who makes such identifications; and what effect these designations carry." According to the Coast Guard documents obtained by EPIC, boaters have "no expectation of privacy with regard to any information transmitted on AIS." The documents also reveal that the agency fuses AIS data with other intelligence data to develop detailed profiles on boaters. The agency has transferred AIS data, which is subject to the Privacy Act, to at least 75 federal, state, local and private entities. EPIC first submitted a FOIA request to the Coast Guard in May 2015, and appealed in July 2015, after the USCG did not respond within the statutory deadline. The suit EPIC v. US Coast Guard is ongoing, and EPIC is anticipating the release of additional documents. EPIC: EPIC v. US Coast Guard (NAIS) https://epic.org/foia/dhs/uscg/nais/ EPIC: Complaint to Coast Guard re: FOIA (Sep. 18, 2015) https://epic.org/foia/dhs/uscg/nais/Complaint-15-1527.pdf EPIC: FOIA Appeal to USCG (Jul. 7, 2015) https://epic.org/redirect/111015-epic-uscg-foia-appeal.html EPIC: Initial FOIA Request to USCG (May 29, 2015) https://epic.org/redirect/111015-epic-uscg-foia-request.html EPIC: NAIS Documents https://epic.org/foia/dhs/uscg/nais/#foia EPIC: Privacy Act of 1974 https://epic.org/privacy/1974act/ ======================================================================= [3] EPIC Sues for Release of Secret EU-US 'Umbrella Agreement' ======================================================================= EPIC has sued the US Department of Justice to obtain a secret data transfer agreement between the United States and the European Union. US and EU officials finalized the so-called "Umbrella Agreement" in September 2015, but have kept the final document secret even as Congress was voting on provisions to implement the text. EPIC filed the FOIA lawsuit in the federal district court in Washington, DC. On September 8, European and US officials announced the conclusion of an agreement on data protection for transatlantic criminal investigations. The Agreement's stated goal is to provide data protection for transferred personal information. EPIC filed an initial FOIA request for the full text of the Agreement with several federal agencies and to the European Commission. The Commission provided EPIC with the text of the Agreement, but no US agencies produced documents by the requested deadline. As EPIC explained in the complaint, "The Agreement would require Congress to amend certain provisions of the federal Privacy Act of 1974." The stated aim of the US and EU negotiators is to ensure that the privacy protections and redress rights afforded to US persons under the Privacy Act are available to non-US persons under the new Judicial Redress Act of 2015. "However," argued EPIC, "the text of the Judicial Redress Act does not support this conclusion." "The DOJ has withheld from the public the text of an Agreement that is central to legislation currently pending before Congress and critical to a related negotiation between the United States and the European Union that implicates the fundamental rights of Americans and Europeans," wrote EPIC in the lawsuit. EPIC: Complaint in EPIC v. DOJ (Nov. 4, 2015) https://epic.org/foia/eu-us-data-transfer/1-Complaint.pdf EPIC: EPIC v. DOJ Umbrella Agreement https://epic.org/foia/eu-us-data-transfer/ US Congress: Judicial Redress Act of 2015 (Mar. 18, 2015) https://www.congress.gov/bill/114th-congress/house-bill/1428 EPIC: Privacy Act of 1974 https://epic.org/privacy/1974act/ ======================================================================== [4] In EPIC Lawsuit, FAA Concedes Drone Privacy Risks ======================================================================== The Federal Aviation Administration has filed a response brief in EPIC v. FAA. EPIC's lawsuit challenges the agency's failure to establish privacy rules for domestic drone operations as mandated by Congress in the FAA Modernization and Reform Act of 2012. In its response brief, the FAA conceded that the agency's comprehensive plan "recognizes the privacy issues that may be heightened by the unique capabilities" of small drones. The FAA further acknowledged that "the size and the unique characteristics and capabilities" of small drones "may pose risks to individual privacy." In February 2012, EPIC and more than 100 organizations and privacy experts petitioned the FAA to institute privacy safeguards for drone operations. The FAA denied EPIC's petition, stating that the privacy issues raised therein exceeded the scope of the agency's current small- drone rulemaking. In September 2015, EPIC sued the FAA for denying the petition and for failing to regulate the privacy implications of increased drone operations. EPIC argued that Congress mandated the FAA to address those privacy implications by ordering the FAA to develop a "comprehensive plan" for drone integration. EPIC also challenged the agency's denial of EPIC's petition as "arbitrary and capricious" because the agency failed to explain how the petition's stated privacy issues exceeded the rulemaking scope, and how the petition did not present immediate safety concerns. On October 19, the FAA announced the implementation of a federal drone registry for civilian drones weighing less than 55 lbs. The FAA also created a Drone Registration Task Force, charged with developing recommendations for the drone registration process. EPIC filed an expedited Freedom of Information Act request for the Task Force membership list, which was not released until October 29, and for the minutes of the November 3 -5 Drone Registration Task Force meeting, which was closed to the public. The Drone Registration Task Force is currently accepting comments on the drone registration process; EPIC plans to submit comments by mid- November. EPIC: FAA Response Brief in EPIC v. FAA (Nov. 4, 2015) https://epic.org/privacy/drones/epicvfaa/1581988-FAA-Brief.pdf EPIC: EPIC v. FAA https://epic.org/privacy/litigation/apa/faa/drones/ EPIC: Opening Brief in EPIC v. FAA (Sep. 28, 2015) http://epic.org/redirect/111015-epic-faa-opening-brief.html EPIC: Drone Petition (March 8, 2012) http://epic.org/apa/lawsuit/EPIC-FAA-Drone-Petition-March-8-2012.pdf EPIC: Drone Registration Task Force https://epic.org/privacy/drones/registration/ EPIC: FOIA Request Drone Task Force Membership (Oct. 21, 2015) http://epic.org/foia/faa/EPIC-15-10-21-DOT-FOIA-20151021-Request.pdf EPIC: FOIA re: Drone Task Force Nov. 3-5 Minutes (Nov. 6, 2015) https://epic.org/redirect/111015-epic-foia-drone-minutes.html Fed. Register: FAA Drone Registration Comment Process (Oct. 22, 2015) https://epic.org/redirect/111015-drone-comment-process.html EPIC: Domestic Unmanned Aerial Vehicles (UAVs) https://epic.org/privacy/drones/ ======================================================================= [5] Drone Registration Task Force Fails to Include Privacy Groups ======================================================================= The FAA has released the membership list of the Drone Registration Task Force, which is charged with drafting recommendations for the new Federal Drone Registry. The Task Force will be co-chaired by Earl Lawrence, Director of the FAA's UAS Integration Office, and Dave Vos of Google X. The deadline for the Task Force's recommendations is November 20. Notably, the Task Force does not include any privacy organizations or privacy experts. The registration requirement is aimed at protecting public safety and promoting accountability, but creates new privacy risks. Prior to the release of the Task Force members' names, EPIC filed an expedited FOIA request for the membership list and called on the FAA to publicly release the information. Although the Task Force member list has since been released, the Task Force meeting location and agenda were not. EPIC has argued that the safe integration of drones into the national airspace cannot be accomplished without establishing privacy rules. In comments to the FAA earlier in 2015, EPIC underscored the need for privacy regulations, stating, "Drones cannot be safely integrated into or operated within the national airspace until the FAA establishes clear privacy rules to limit invasive recording and prevent dangerous self help" measures. EPIC filed suit against the FAA in September 2015 after Congress enacted a law requiring a comprehensive plan for the integration of drones into US airspace, and the FAA's denial of a 2012 EPIC-led petition for a public rulemaking on drone privacy safeguards, backed by more than 100 organizations and privacy experts. The agency also refused to consider privacy as part of a 2015 rulemaking on small commercial drones, maintaining that privacy was outside the rulemaking's scope. In EPIC v. FAA, EPIC recently argued that the agency's failure to establish privacy rules for commercial drones is a violation of law and should be overturned. The FAA has already granted over 1,600 exemptions for domestic drones to operate within the US. The agency claims it "began issuing 'blanket' Certificates of Waiver" earlier in 2015, which allow "flights anywhere in the country at or below 200 feet except in restricted airspace." EPIC has filed suit in the US Court of Appeals for the DC Circuit to direct the FAA to issue a privacy regulation. FAA: "FAA Announces Drone Task Force Members" (Oct. 29, 2015) https://epic.org/redirect/111015-drone-task-force.html EPIC: Drone Registration Task Force https://epic.org/privacy/drones/registration/ EPIC: EPIC v. FAA - Petition for Review (Mar. 31, 2015) https://www.faa.gov/news/updates/?newsId=84125 EPIC: EPIC v. FAA https://epic.org/privacy/litigation/apa/faa/drones/ EPIC: Opening Brief in EPIC v. FAA (Sep. 28, 2015) http://epic.org/redirect/111015-epic-faa-opening-brief.html EPIC: Letter to FAA re: Drone Task Force Members (Oct. 26, 2015) https://epic.org/foia/faa/EPIC-Ltr-Foxx-Huerta-15-10-26.pdf EPIC: FOIA Request re: Drone Task Force Members (Oct. 21, 2015) http://epic.org/foia/faa/EPIC-15-10-21-DOT-FOIA-20151021-Request.pdf EPIC: Comments to FAA re: Domestic Drones (Apr. 24, 2015) https://epic.org/privacy/litigation/apa/faa/drones/EPIC-FAA-NPRM.pdf EPIC: Domestic Drones and UAVs https://epic.org/privacy/drones/ ======================================================================= [6] News in Brief ======================================================================= Court Suspends NSA Phone Record Collection Program A federal court in Washington, DC has ordered the National Security Agency to halt the bulk collection of domestic telephone records, ruling that the indiscriminate collection violates the Fourth Amendment. Following the USA Freedom Act, the telephone records program will expire at the end of November. The government has moved to stay the judge's order. In 2013, EPIC brought the first challenge to the NSA surveillance program in the Supreme Court. EPIC has also testified before Congress on the need to reform the Foreign Intelligence Surveillance Court, and led a broad coalition urging the President to end the NSA surveillance program. DC Federal District Court: Order in Klayman v. Obama (Nov. 9, 2015) https://ecf.dcd.uscourts.gov/cgi-bin/show_public_doc?2013cv0851-158 EPIC: NSA: Verizon Phone Record Monitoring https://epic.org/privacy/nsa/verizon/ US Congress: USA Freedom Act (Jun. 2, 2015) https://www.congress.gov/bill/114th-congress/house-bill/2048 EPIC: In re EPIC https://epic.org/privacy/nsa/in-re-epic/ EPIC: Statement before House on FISA Amendments (May 31, 2012) http://epic.org/redirect/061912-epic-fisa-amdt-statement.html EPIC et al.: Letter to President to End 215 Program (Jun. 17, 2014) http://epic.org/privacy/Coalition-Ltr-to-End-NSA-Bulk-Collection.pdf Privacy Groups Urge Ninth Circuit to Find NSA Metadata Program Illegal EPIC and other privacy groups have filed a friend of the court brief in United States v. Moalin, the first criminal case challenging the NSA's warrantless surveillance of Americans' telephone records. A lower court refused to reopen the case after it was revealed that data acquired by the NSA provided the primary evidence for the criminal conviction. EPIC and other groups argued in the brief that metadata is protected under the Fourth Amendment. EPIC previously argued in Smith v. Obama that "changes in technology and the Supreme Court's recent decision in Riley v. California favor a new legal rule that recognizes the privacy interest inherent in modern communications records." In In re EPIC, EPIC petitioned the Supreme Court to end the NSA's bulk telephone record collection program, which occurred with passage of the USA Freedom Act. EPIC et al.: Amicus Brief to Supreme Court in Moalin (Nov. 5, 2015) https://epic.org/redirect/111015-epic-amicus-moalin.html EPIC: US v. Moalin https://epic.org/amicus/fisa/215/moalin/ EPIC: Amicus Brief in Smith v. Obama (Sep. 19, 2014) https://epic.org/amicus/fisa/215/smith/EPIC-Amicus-14-35555.pdf EPIC: Smith v. Obama https://epic.org/amicus/fisa/215/smith/ EPIC: Riley v. CA https://epic.org/amicus/cell-phone/riley/ EPIC: In re EPIC - NSA Telephone Records Surveillance https://epic.org/privacy/nsa/in-re-epic/ US Congress: USA Freedom Act (Jun. 2, 2015) https://www.congress.gov/bill/114th-congress/house-bill/2048 EPIC, Coalition: Release Number of Americans Caught in NSA Surveillance EPIC, joined by over 30 other organizations, has urged Director of National Intelligence James Clapper to disclose data on how many Americans are caught up in NSA surveillance of foreign targets. Americans' communications are incidentally collected under Section 702 of the Foreign Intelligence Surveillance Act, and the FBI searches this data without a warrant or judicial oversight. EPIC, in testimony before Congress and comments to the Privacy and Civil Liberties Oversight Board, has repeatedly called for greater oversight and transparency of surveillance authorities. EPIC et al.: Letter to ODNI re: Surveillance (Oct. 29, 2015) https://epic.org/redirect/111015-coalition-letter-odni.html EPIC: Foreign Intelligence Surveillance Act (FISA) https://epic.org/privacy/terrorism/fisa/ EPIC: Congressional Testimony on FISA (May 31, 2012) https://epic.org/privacy/terrorism/fisa/ EPIC: Comments to PCLOB re: EO 12333 (Jun. 16, 2015) https://epic.org/redirect/063015-epic-comments-12333.html European Commission Issues Guidance on Data Transfers Post-Schrems The European Commission has published guidelines for EU-US data transfer after the invalidation of the Safe Harbor framework. The Commission explained that the Safe Harbor case "underlined the importance of fundamental right to data protection." The Commission also emphasized the ongoing role of the independent data protection agencies and the Article 29 Working Party. Negotiators are attempting to create a revised arrangement. NGOs have stated that fundamental rights must be protected in all data transfers. In recent testimony before Congress, EPIC recommended several updates to US privacy law. EPIC's Marc Rotenberg said "these changes will benefit consumers and businesses on both sides of the Atlantic." EU Commission: Guidelines on EU-US Data Transfers (Nov. 6, 2015) https://epic.org/redirect/111015-eu-data-guidelines.html EU Court of Justice: Ruling in Safe Harbor Decision (Oct. 6, 2015) https://epic.org/redirect/101615-safe-harbor-text.html EU Commission: Press Release on New Guidance (Nov. 6, 2015) http://europa.eu/rapid/press-release_IP-15-6015_en.htm EPIC: Max Schrems v Irish Data Protection Commissioner (Safe Harbor) https://epic.org/privacy/intl/schrems/ EU Commission: Commissioner's Remarks on Safe Harbor (Oct. 26, 2015) http://europa.eu/rapid/press-release_SPEECH-15-5916_en.htm EPIC: Testimony before Congress on Safe Harbor (Nov. 3, 2015) https://epic.org/redirect/111015-epic-safe-harbor-testimony.html US Releases Updated Open Government Plan The United States has released the Third Open Government National Action Plan, an initiative pursued by countries and NGOs participating in the Open Government Partnership. In response to recommendations proposed by EPIC and a coalition of civil society groups, the Obama Administration pledged to modernize implementation of the FOIA, streamline record declassification and increase transparency of the intelligence community. The White House, however, failed to incorporate other recommendations such as publishing FISC opinions and pledging to limit the use of the FOIA's b(5) Exemption. EPIC and others previously called on President Obama to address weaknesses in open government administration and push for meaningful FOIA reform. White House: Third Open Government National Action Plan (Oct. 27, 2015) https://epic.org/redirect/111015-wh-national-plan.html Open Government Partnership http://www.opengovpartnership.org/about EPIC et al.: Recommendations for National Action Plan (Jun. 9, 2015) https://epic.org/open_gov/Model-Action-Plan-NAP-Final-20150609.pdf FOIA.ROCKS: Recommendations to the White House (Oct. 23, 2014) http://foia.rocks/recommendations.html Rep. Chaffetz Bill Would End Warrantless Stingray Surveillance Rep. Jason Chaffetz (R-UT) has introduced a bill in the US Congress that would prohibit government agencies from using cell-site simulators (also known as Stingrays) without a warrant in most circumstances. The Cell-Site Simulator Act of 2015 also would explicitly exclude Stingrays from the pen register statute currently used by law enforcement to conduct Stingray operations with less than probable cause. The government still would be able to conduct warrantless Stingray operations under the Foreign Intelligence Surveillance Act or in emergencies. An EPIC FOIA lawsuit in 2012 revealed that the FBI was using Stingrays without a warrant. EPIC has also filed amicus briefs arguing that cell phone location data is protected by the Fourth Amendment. Rep. Chaffetz: "Cell-Site Simulator Act of 2015" (Oct. 27, 2015) https://epic.org/redirect/111015-chaffetz-stingray-bill.html EPIC: EPIC v. FBI - Stingray / Cell Site Simulator https://epic.org/foia/fbi/stingray/ Cornell U. Legal Information Institute: Text of Pen Register Statute https://www.law.cornell.edu/uscode/text/18/3127 EPIC: List of FOIA Documents re: Stingray FOIA Suit (2012-2013) https://epic.org/foia/fbi/stingray/#foia EPIC: Amicus Brief to US Supreme Court in US v. Jones (Oct. 3, 2011) https://epic.org/amicus/jones/EPIC_Jones_amicus_final.pdf EPIC: Amicus Brief to NJ Supreme Court in State v. Earls (2012) https://epic.org/amicus/location/earls/EPIC-Earls-Amicus-NJ-SCt.pdf Tech Funding Bills Could Upgrade Student Privacy Congress may soon incorporate student privacy safeguards into legislation for digital learning in the classroom. Congress needs to merge two bills that provide technology funding for schools but require extensive student data collection - the "Every Child Achieves Act of 2015" (S. 1177) and the "Student Success Act" (H.R. 5). Pending student privacy bills include the "Student Privacy Protection Act of 2015" (H.R. 3157), the "Student Privacy Protection Act of 2015" (S. 1341), the "Student Digital Privacy and Parental Rights Act of 2015" (H.R. 2092) and the "Protecting Student Privacy Act of 2015" (S. 1322). EPIC supports establishment of a Student Privacy Bill of Rights. EPIC: Student Privacy https://epic.org/privacy/student/ US Senate: "Every Child Achieves Act of 2015" (S. 1177) (Jul. 16, 2015) https://www.congress.gov/114/bills/s1177/BILLS-114s1177es.pdf US House: "Student Success Act'' (H.R. 5) (Jul. 13, 2015) https://www.congress.gov/114/bills/hr5/BILLS-114hr5pcs.pdf US Senate: "Student Privacy Protection Act" (S. 1341) (Jul. 22, 2015) https://www.congress.gov/114/bills/hr3157/BILLS-114hr3157ih.pdf US House: "Student Digital Privacy and Parental Rights Act" (HR 2092) (Apr. 29, 2015) https://www.congress.gov/114/bills/hr2092/BILLS-114hr2092ih.pdf US Senate: "Protecting Student 5 Privacy Act" (S. 1322) (May 13, 2015) https://www.congress.gov/114/bills/s1322/BILLS-114s1322is.pdf EPIC: Student Privacy Bill of Rights https://epic.org/privacy/student/bill-of-rights.html Snapchat Announces It Will Store User Content Forever Snapchat, a popular mobile app that once promised "to vanish" user messages, photos and videos, will now store user content forever, following changes to the site's Terms of Service. Snapchat now claims the right to "host, store, use, display, reproduce, modify, . . .and publicly display" users' content forever. This change may violate Snapchat's 2014 consent order with the Federal Trade Commission, which prohibits the company from making false claims about how it protects user information. The FTC's 2014 consent order resulted from EPIC's complaint which stated that the company violated Section 5 because "Snapchat photos and videos remain available to others even after users are informed that the photos and videos have been deleted." EPIC: In re: Snapchat https://epic.org/privacy/student/bill-of-rights.html Snapchat: Terms of Service https://www.snapchat.com/terms FTC: Snapchat Order (May 8, 2014) http://epic.org/redirect/051614-ftc-snapchat-order.html FTC: Press Release on Snapchat Order (May 8, 2014) http://epic.org/redirect/051614-ftc-snapchat-release.html EPIC: Snapchat Complaint to FTC (May 16, 2013) https://www.epic.org/privacy/ftc/EPIC-Snapchat-Complaint.pdf ======================================================================= [7] EPIC in the News ======================================================================= "Facebook brings face recognition to Messenger to speed up sharing." USA Today, Nov. 10, 2015. http://www.usatoday.com/story/tech/2015/11/09/facebook-messenger- photo-magic/75479820/ "Influencers: Europeans should be able to sue over data misuse in US." CSMonitor Passcode, Nov. 10, 2015. http://passcode.csmonitor.com/influencers-europeans "FAA Tells DC Circ. Drone Privacy Challenge Doesn't Fly." Law360, Nov. 5, 2015. http://www.law360.com/privacy/articles/723976 "Watchdog Files Suit To Make US-EU Data Agreement Public." Law360, Nov. 5, 2015. http://www.law360.com/privacy/articles/723745 "Privacy Group Wants Info on U.S. Data-Sharing Deal." Courthouse News, Nov. 5, 2015. http://www.courthousenews.com/2015/11/05/privacy-group-wants-info- on-u-s-data-sharing-deal.htm "American firms scramble for answer to EU data dilemma." The Hill, Nov. 4, 2015. http://thehill.com/policy/cybersecurity/259058-american-firms- scramble-for-answer-to-eu-data-dilemma "Data Sharing Deal With E.U. Will Only Be a Start." Morning Consult, Nov. 3, 2015. http://morningconsult.com/2015/11/data-sharing-deal-with-e-u-will- only-be-a-start/ "US Needs Tough Privacy Laws For Int'l Data Flow, Reps. Told." Law360, Nov. 3, 2015. http://www.law360.com/privacy/articles/722118 "Hill Hones In on U.S.-E.U. Data Safe Harbor." Multichannel, Nov. 3, 2015. http://www.multichannel.com/news/congress/hill-hones-data-safe- harbor/395028 "EU's Safe Harbor decision reveals rift between US economic, privacy issues." CS Monitor, Nov. 3, 2015. http://www.csmonitor.com/Technology/2015/1103/EU-s-Safe-Harbor- decision-reveals-rift-between-US-economic-privacy-issues "The Problem With Using Secret Computer Code To Put People In Jail." Fast Company, Nov. 2, 2015. http://www.fastcoexist.com/3052420/the-problem-with-using-secret- computer-code-to-put-people-in-jail "What are the rules when a site publishes false information about you?" IT World, Nov. 2, 2015. http://www.itworld.com/article/3000474/what-are-the-rules-when-a- site-publishes-false-information-about-you.html "Supreme Court case pits privacy rights against Internet data brokers." Los Angeles Times, Nov. 1, 2015. http://www.latimes.com/nation/la-na-supreme-court-data-privacy- 20151102-story.html For More EPIC in the News: http://epic.org/news/epic_in_news.html ======================================================================= [8] EPIC Book Review: 'Reclaiming Conversation' ======================================================================= "Reclaiming Conversation: The Power of Talk in a Digital Age," by Sherry Turkle http://www.amazon.com/gp/product/1594205558/ Conversation is a fundamental human and societal need, says MIT's Sherry Turkle in her newest book, "Reclaiming Conversation." Our digital-media-obsessed culture, she argues, is depriving us of genuine intimacy. But "conversation cures," says Turkle. In fact, Turkle asserts that face-to-face communication cures the very ills brought about by over- reliance on digital technology, including lack of empathy, self-esteem, creativity, a careful work product and the shriveling of self, family, social circles and professional and educational organizations. Turkle introduces Henry David Thoreau's motif of "three chairs" early in "Reclaiming Conversation." For Thoreau - no slouch at appreciating solitude and downtime - they signified "'one chair for solitude, two for friendship, and three for society.'" For Turkle, they represent the ability to be comfortably alone with oneself; with family, friends and intimates; and in the larger constructs of school and the workplace. But she also injects the "fourth chair," or the looming presence of technology in all contemporary human interactions, into Thoreau's mix. People can't be comfortable having a live, meandering, unscripted and unedited conversation, Turkle argues, until they have unstructured time to sit with themselves. Nor can you succeed in a three-chair organizational environment without functioning confidently in a room with two chairs. Too much time interacting with that "fourth chair," she argues, and you will find yourself "treating machines like people, treating people like machines." Turkle's clear and unadorned writing increases the believability and palatability of her thesis. In fact, her writing is so deceptively simple that she appears to write for an audience conditioned to only comprehend the small bites of text accessible on a mobile screen. The book's full of aphorisms and pithy subheads, perhaps designed with Twitter-habituated brains in mind. But it's never patronizing. Turkle's language flows like natural human communication. This "is not a moment to reject technology but to find ourselves," Turkle concludes. "We can design technology that demands that we use it with greater intention. And in our families, we can create sacred spaces . . . that are device-free. We can do the same thing at work . . . . We can plan for a future in which the design of our tools and our social surroundings encourages us to be our best. As consumers of digital media, our goal should be to partner with an industry that commits to . . . our health and emotional well-being." -- EC Rosenberg =================================== [8] EPIC Bookstore =================================== "Privacy Law and Society, 3rd Edition," by Anita Allen, JD, PhD and Marc Rotenberg, JD, LLM. West Academic (Dec.2015). http://www.westacademic.com/Professors/ProductDetails.aspx?NSIID=48693 The Third Edition of "Privacy Law and Society" is the most comprehensive casebook on privacy law ever produced. It traces the development of modern privacy law, from the early tort cases to present day disputes over drone surveillance and facial recognition. The text examines the philosophical roots of privacy claims and the significant court cases and statues that have emerged. The text provides detailed commentary on leading cases and insight into emerging issues. The text includes new material on developments in the European Union, decisions grounded in fundamental rights jurisprudence, and exposes readers to current debates over cloud computing, online profiling, and the role of the Federal Trade Commission. Privacy Law and Society is the leading and most current text in the privacy field. =================================== "Privacy in the Modern Age: The Search for Solutions," edited by Marc Rotenberg, Julia Horwitz and Jeramie Scott. The New Press (May 2015). Price: $25.95. http://epic.org/buy-privacy-modern-age The threats to privacy are well known: The National Security Agency tracks our phone calls; Google records where we go online and how we set our thermostats; Facebook changes our privacy settings when it wishes; Target gets hacked and loses control of our credit card information; our medical records are available for sale to strangers; our children are fingerprinted and their every test score saved for posterity; and small robots patrol our schoolyards while drones may soon fill our skies. The contributors to this anthology don't simply describe these problems or warn about the loss of privacythey propose solutions. They look closely at business practices, public policy, and technology design and ask, "Should this continue? Is there a better approach?" They take seriously the dictum of Thomas Edison: "What one creates with his hand, he should control with his head." It's a new approach to the privacy debate, one that assumes privacy is worth protecting, that there are solutions to be found, and that the future is not yet known. This volume will be an essential reference for policy makers and researchers, journalists and scholars, and others looking for answers to one of the biggest challenges of our modern day. The premise is clear: There's a problem let's find a solution. Contributors include: Steven Aftergood, Ross Anderson, Christine L. Borgman (coauthored with Kent Wada and James F. Davis), Ryan Calo, Danielle Citron, Simon Davies, A. Michael Froomkin, Deborah Hurley, Kristina Irion, Jeff Jonas, Harry Lewis, Anna Lysyanskaya, Gary T. Marx, Aleecia M. McDonald, Dr. Pablo G. Molina, Peter G. Neumann, Helen Nissenbaum, Frank Pasquale, Dr. Deborah Peel, MD, Stephanie E. Perrin, Marc Rotenberg, Pamela Samuelson, Bruce Schneier, and Christopher Wolf. ===================================== "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. =================================== "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. =================================== "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. =================================== "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. =================================== EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore: http://www.epic.org/bookstore =================================== EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= November 13, 2015. "Privacy and Transparency: To Promote Online Freedom" (UNESCO panel) "Open Forum on 2016 Ministerial" (OECD panel) Speaker: Marc Rotenberg, EPIC President Internet Governance Forum, Joo Pessoa, Brazil. http://www.intgovforum.org/cms/igf-2015-website November 19, 2015 "The Possibilities of Big Data Endless or Ethical?" Marc Rotenberg, EPIC President Big Data Brainstorm Newseum, Washington, DC https://meritalk.com/bdx-brainstorm-2015-register.php January 27, 2016. EPIC 2016 International Champions of Freedom Awards Event. Computers, Privacy, and Data Protection Conference, Brussels. http://www.cpdpconferences.org/ June 6, 2016. EPIC 2016 Champions of Freedom Awards Event. Washington, DC. ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://twitter.com/epicprivacy Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center (EPIC) is a non-profit, independent public interest research center in Washington, DC. EPIC was established in 1994 to focus public attention on emerging privacy issues. Today EPIC maintains one of the top privacy websites in the world. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, files amicus briefs on emerging privacy and civil liberties issues, and conducts policy research. For more information, visit http://www.epic.org. ======================================================================= Support EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/support Your contributions help support Freedom of Information Act litigation, strong and effective advocacy for the right of privacy, and continued public education. Thank you for your support. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 22.21-------------------------

Share this page:

Defend Privacy. Support EPIC.
US Needs a Data Protection Agency
2020 Election Security