EPIC Alert 24.21

EPIC Alert logo

1. D.C. Circuit to Hear Arguments in EPIC Voter Privacy Case Concerning Presidential Commission

The U.S. Court of Appeals for the D.C. Circuit will hear arguments next week in EPIC's case against the Presidential Election Commission concerning the unlawful collection of state voter data. Arguments are set for Tuesday, November 21 at 9:30 a.m. and will be streamed live through the D.C. Circuit's website.

EPIC filed suit in July to halt the Commission's collection of state voter data and to compel the Commission to conduct a Privacy Impact Assessment required by law. EPIC's initial filing led the Commission to suspend the collection of voter data, discontinue the use of an unsafe computer server, and delete the state voter data that was unlawfully obtained.

EPIC's appeal challenges a federal district court ruling that allowed the Commission to move forward with its plan to gather voter data. EPIC explained to the appeals court that Commission's decision to "collect state voter records from state election officials across the country without first completing the required Privacy Impact Assessment" is "contrary to law and must be enjoined."

Many states have opposed the Commission's efforts to obtain state voter data. More than 150 members of Congress have urged the Commission to end the collection of voter data. The Government Accountability Office has opened an investigation to determine whether the Commission has engaged in unlawful action, and one member of the Commission recently filed suit against the Commission.

Proceedings in EPIC v. Commission are continuing in the district court, as well. EPIC recently filed a revised complaint charging that the Commission has misrepresented its legal status to evade privacy obligations and to escape judicial review. Contrary to its past statements, the Commission is part of the General Services Administration, which by law must complete Privacy Impact Assessments.

2. EPIC Promotes 'Algorithmic Transparency' for Political Ads

EPIC has submitted comments to the Federal Election Commission promoting new rules that would establish transparency for online political ads. EPIC proposed that the FEC: (1) impose at least the same disclosure requirements for internet communications as for broadcast and print communications—including who paid for the communication—and (2) require algorithmic transparency for targeted political advertisements that appear on platforms such as Facebook, Google, and Twitter. EPIC said that voters should "know as much about advertisers as advertisers know about voters."

The FEC previously considered disclosure requirements for online political advertisements in 2011, when the Commission first issued an Advance Notice of Proposed Rulemaking. The FEC reopened the public comment period in 2016, and then again in October, stating that it sought additional comments "in light of developments" since 2016. It has yet to undertake a rulemaking, however.

Under the FEC's current rules, certain communications are exempt from the disclaimer requirements that apply to traditional print, radio, and television advertisements. These exemptions include advertisements with space limitations, such as those placed on "bumper stickers pins, buttons," and other small items. The FEC has applied this exemption to internet advertisements but noted that "technological options may allow for the display of disclaimers when a user 'hovers' or 'rolls' over the advertisement." EPIC noted that "URL shortening tools" could also be used.

Senators Klobuchar (D-MN), Warner (D-VA), and McCain (R-AZ) have introduced a bipartisan bill that would require the same disclosures for online political advertisements as for print and broadcast advertisements.

In view of evidence that Russia used online advertisements to interfere in the 2016 presidential election, EPIC implored the FEC to fulfill its role to protect the integrity of elections. "The need to protect democratic institutions from foreign adversaries has never been greater," EPIC wrote. EPIC is fully engaged in the challenge of preserving and promoting democratic institutions and election integrity with its Project on Democracy and Cybersecurity. EPIC has four pending FOIA cases, EPIC v. FBI, EPIC v. ODNI, EPIC v. IRS, and EPIC v. DHS seeking records pertaining to Russian interference in the 2016 election.

3. EPIC Sues Justice Department for Release of Report on 'Backdoor Searches'

EPIC has filed a Freedom of Information Act lawsuit against the Department of Justice National Security Division for a report detailing the FBI's warrantless searches for information about U.S. citizens in foreign intelligence databases.

Section 702 of the Foreign Intelligence Surveillance Act permits the U.S. to conduct foreign intelligence surveillance targeting non-U.S. persons located abroad. However, Americans' communications are also incidentally collected. The FBI and other agencies can, without a warrant and with minimal justification, conduct "backdoor searches" of the data acquired using 702 for information about Americans.

In EPIC v. NSD, EPIC seeks the release of a report ordered by the Foreign Intelligence Surveillance Court detailing the FBI's use of Section 702 data for domestic criminal purposes. This report explains why the FBI searched for the information, and requires the government to defend its compliance with procedural limitations.

EPIC also recently joined coalition of over 50 organizations calling on lawmakers to establish a warrant requirement before the government can search 702 databases for information about U.S. citizens and residents. The USA Rights Act, now pending in Congress, would end backdoor searches by all federal agencies.

4. EPIC FOIA: EPIC Uncovers Report on 'Predictive Policing' but DOJ Blocks Release

EPIC has received over 400 pages of documents in EPIC v. DOJ, a Freedom of Information Act (FOIA) case concerning the Department of Justice's failure to disclose records about the use of "evidence-based assessment tools" in the criminal justice system. These algorithms, also known as "risk assessments," attempt to "predict recidivism—repeat offending or breaking the rules of probation or parole—using statistical probabilities based on factors such as age, employment history and prior criminal record."

"Risk assessment" tools have been used to make decisions at all stages of the criminal justice process, including setting bail, determining criminal sentences, and even contributing to determinations of guilt or innocence. But the use of these algorithms is controversial, and the reliability, fairness, and constitutional legitimacy of "evidence-based" tools are vigorously contested.

In 2014, the Attorney General called on the U.S. Sentencing Commission (USSC) to study the use of "risk assessments" in criminal sentencing, expressing concern about potential bias. EPIC requested the USSC's final assessment, as well as policies, guidelines, source codes, and validation studies related to evidence-based practices in sentencing. After the agency failed to comply with FOIA deadlines, EPIC filed suit against the DOJ. In July, the court ordered the DOJ to produce all non-exempt records responsive to EPIC's request.

Among the documents released, EPIC obtained emails confirming the existence of a 2014 DOJ report about "predictive policing" algorithms. The agency, however, failed to disclose both the "predictive policing" report and the requested USSC assessment. The documents obtained by EPIC are available in three parts: Part 1, Part 2, and Part 3.

EPIC has pursued several FOIA cases to promote algorithmic transparency, including cases on passenger risk assessment, "future crime" prediction, and proprietary forensic analysis. The Supreme Court recently considered taking a case on whether the use of a sentencing algorithm can violate a defendant's constitutional right to due process, but the Court ultimately decided not to grant review.

5. EPIC v. DOJ: Court Orders DOJ to Defend Withholding of FISA Reports

A federal court, ruling in an EPIC Freedom of Information Act (FOIA) lawsuit, has ordered the Department of Justice to defend the agency's refusal to release portions of its Foreign Intelligence Surveillance Act (FISA) reports. The semiannual reports, prepared for Congressional oversight committees, summarize significant Foreign Intelligence Surveillance Court (FISC) decisions and include the total number of FISA applications filed by the government and the number of U.S. persons targeted for surveillance.

Though the court ruled that the DOJ can withhold some of the material requested by EPIC, the court found multiple "inconsistencies in the redactions that the government must address." In particular, the Court "identified three redactions in the Congressional reports that DOJ has categorized as undisputed . . . but that do appear to fit within the categories of disputed redactions still at issue in the case."

EPIC submitted its FOIA request to the National Security Division of the DOJ in 2013. EPIC sought all reports detailing the number of orders for pen registers and trap and trace devices that were granted or denied, as well as information provided to Congress about the use of these devices.

EPIC's FOIA request and lawsuit led to the release of secret documents about the government's use of pen registers to collect records of private communications. The documents included semiannual reports from the Attorney General concerning FISA authorities and related documents filed by the DOJ in the FISC. The DOJ also released reprocessed versions of five of the disputed reports that included significant new material.

EPIC makes frequent use of FOIA requests and FOIA litigation to obtain information from the government about surveillance, privacy policies, and programs that affect critical privacy interests. Recent cases include EPIC v. CBP (concerning CBP's biometric entry/exit tracking system) and EPIC v. IRS (seeking President Trump's tax returns).

News in Brief

EPIC Warns that Weak Cybersecurity and Privacy Guidance Endangers Drivers

In comments to the National Highway Traffic Safety Administration, EPIC warned that the agency's proposed voluntary guidelines for autonomous vehicles would not protect auto passengers. EPIC explained that the privacy and security are paramount safety concerns and stated that "strong encryption in autonomous vehicles will be essential to driver safety." EPIC urged NHTSA to issue mandatory guidelines to protect consumers. EPIC also warned that the FTC lacks authority and expertise to protect driver privacy and security. EPIC made comments to NHTSA earlier this year, and has also brought this issue to attention of a House committee on consumer protection and the Senate Committee on Commerce.

EPIC to House Judiciary: FBI Response to Russia Attack Must Be Examined

Following a hearing on Russian Interference with the 2016 U.S. Election, EPIC has sent a statementto the House Judiciary Committee. EPIC urged the Committee to explore whether the FBI Victim Notification procedures were followed once the FBI became aware of the Russian cyberattack on the DNC and the RNC. In a Freedom of Information Act lawsuit EPIC v. FBI, EPIC obtained the FBI notification procedures that would have applied during the 2016 Presidential election. The documents indicate that the FBI Cyber Division is to "notify and disseminate meaningful information to victims and the CND [Computer Network Defense] community." The obvious question at this point, said EPIC, is whether the FBI followed the required procedures for Victim Notification once the Bureau became aware of this attack. In a related FOIA case, EPIC v. ODNI, EPIC is seeking the public release of the complete report of the intelligence community on the Russian interference with the 2016 election.

Missouri AG Cites EPIC's FTC Complaint in Announcing its Investigation into Google

Missouri Attorney General Josh Hawley has announced an investigation into Google's business practices concerning Internet privacy. The investigation also examines whether Google misappropriated content from competitors' websites and manipulated search results to preference Google sites. The Missouri AG stated, "when a company has access to as much consumer information as Google does, it's my duty to ensure they are using it appropriately." The announcement highlighted EPIC's recent FTC Complaint against Google regarding the company's tracking of in-store purchases as well as the record fine by the European Union for monopolistic search practices. Under the leadership of then Connecticut Attorney General Richard Blumenthal, the state Attorneys General previously investigated Google for the unlawful interception of private communications by means of the Google "Street View" vehicles. That state AGs fined Google $7,000,000 when it was found that the company "casually scooped up passwords, e-mail and other personal information from unsuspecting computer users."

EPIC Supports 'Release to One, Release to All' FOIA Policy

EPIC joined a coalition of open government groups to urge government agencies to implement the "Release to One, Release to All" policy for Freedom of Information Act requests. This policy would require federal agencies to post all Freedom of Information Act disclosures online after the information is released to a particular requester. Despite overwhelming positive public comments, the Office of Information Policy at the Department of Justice has failed to finalize the policy. EPIC supports FOIA reforms to promote government transparency and files lawsuits to force disclosure of agency records. Most recently the EPIC Democracy and Cybersecurity Project is pursuing FOIA requests concerning Russian interference with the 2016 Presidential election.

EPIC Urges FTC to Focus on Data Protection at Upcoming Workshop

EPIC has sent a letter to the FTC expressing concerns regarding their upcoming workshop on "Informational Injury." In advance of the workshop, the FTC has asked, "how to best characterize" privacy injuries. EPIC stated, "the injuries consumers face are obvious," in particular the unprecedented levels of data breach and identity theft. EPIC urged the FTC to re-focus the workshop on the questions of why data breach, identity theft, and financial fraud continue to rise in the United States, and how the FTC can do more to address these issues. EPIC recently testified before Congress on consumer data security and the credit bureaus, and has called on the FTC to step up its enforcement to protect consumer privacy.

Senator Leahy Introduces Legislation to Protect Consumer Privacy

Senator Patrick Leahy (D-VT), joined by six other Senators, introduced comprehensive legislation to protect consumers from data breach and identity theft. The Consumer Privacy Protection Act of 2017 requires companies to provide notice to consumers after a data breach and meet certain baseline privacy and data security standards. The Consumer Privacy Act also prohibits companies from using a data breach to force consumers into individual arbitration and would punish companies for concealing security breaches. Senator Leahy stated, "Companies that profit from our personal information should be obligated to take steps to keep it safe." Senator Leahy added, "In today's world, data security is no longer just about protecting our identities and our bank accounts; it is about protecting our privacy and even our national security." EPIC recently testified before the Senate Banking Committee in the wake of Equifax breach calling for consumer control over their personal data. EPIC President Marc Rotenberg also outlined several steps for Congress to reform the credit reporting industry in the Harvard Business Review.

House Bill Would Restore FAA's Drone Registration Rule

A defense authorization bill released in the House earlier this month would restore an FAA drone regulation that was struck down by a federal appeals court earlier this year. The D.C. Circuit had previously ruled that a regulation requiring hobbyists to register their drones violated the FAA Modernization Act, which forbids regulations for "model aircraft." EPIC strongly supports registration for commercial drones but recognizes an exception for hobbyists. EPIC submitted statements to the House Transportation Committee and the Senate Commerce Committee earlier this year emphasizing the unique privacy risks of commercial drones. EPIC is currently challenging the FAA's failure to protect the public from aerial surveillance by commercial drones in federal court. EPIC v. FAA is currently before the D.C. Circuit Court of Appeals, with oral arguments scheduled for January 25, 2018.

Senators Question Social Security Administration about Election Commission Request

A group of Senators has requested information from Social Security Administration about the Presidential Election Commission's controversial plan to compare state voter rolls to the SSA's master database. Vice Chair Kris Kobach announced at the Commission's first meeting that the Commission staff would seek personal data from numerous federal agencies, including the SSA. EPIC filed a FOIA request with the SSA in September seeking records of the Commission's attempts to collect SSA data. "The public must know whether, how, and for what purpose a federal Commission is seeking new personal data from SSA, and how the federal agency has responded to any attempt to collect this data," EPIC wrote. EPIC filed similar FOIA requests with the Department of Justice and Department of Homeland Security.

Presidential Election Commission Sued by Commission Member

A member of the Presidential Election Commission has sued the Commission, arguing that the Commission has violated the Federal Advisory Committee Act. According to Maine Secretary of State Matthew Dunlap, the Commission violated FACA by "excluding certain members of the Commission from substantively participating in its work" and by "preventing certain members of the Commission from accessing documents made available to some Commission members." EPIC filed the first lawsuit against the Commission, charging that it had violated federal law when it failed to conduct and publish a Privacy Impact Assessment prior to the collection of state voter. EPIC v. Presidential Commission is now before the federal appeals court for the D.C. Circuit.

Senators Urge FEC to Promote Transparency in Online Ads

A group of 15 Senators led by Mark Warner (D-VA), Amy Klobuchar, (D-MN) and Claire McCaskell, (D-MO) have urged the Federal Election Commission to improve transparency for online political ads. The Senators stated that, "the FEC can and should take immediate and decisive action to ensure parity between ads seen on the internet and those on television and radio." The Senators emphasized how "Russian operatives used advertisements on social media platforms to sow division and discord" during the 2016 election. EPIC provided comments to the FEC calling for "algorithmic transparency" and the disclosure of who paid for online ads. Senators Klobuchar, Warner, and McCain (R-AZ) have also introduced a bipartisan bill that would require the same disclosures for online political advertisements as for those on television and radio. EPIC's Project on Democracy and Cybersecurity, established after the 2016 presidential election, seeks to promote election integrity and safeguard democratic institutions from various forms of cyberattack.

FTC Requests Public Comments on Strategic Plan

The FTC released a draft of the FTC 2018-2022 strategic plan for public comment. The plan broadly summarizes the FTC's role in protecting consumers and promoting competition. Federal agencies are required by law to publish a strategic plan every four years. EPIC has stated that the Commission needs to "step up its efforts to protect the privacy interests of American consumers." EPIC wrote to Senate Commerce Committee in advance of a recent hearing on reform proposals for the FTC, stating "the FTC must do more to safeguard American consumers." EPIC also urged the FTC to re-focus an upcoming "workshop on informational injury" on the unprecedented levels of data breach and identity theft in the United States. Earlier this year, EPIC and a coalition of consumer privacy organizations set out "10 Steps for the FTC to Protect Consumers." Comments on the Strategic Plan are due to the FTC by December 5, 2017.

Equifax, Yahoo Testify Before Senate on Data Breaches

The Senate Commerce Committee heard testimony earlier this month from Equifax, Yahoo, and Verizon executives in a hearing on "Protecting Consumers in the Era of Major Data Breaches." A witness for a company selling identification systems recommended an "identity framework," with fingerprints and facial recognition to replace the Social Security Number. EPIC President Marc Rotenberg recently warned against replacing the SSN with a national biometric identifier in testimony before the Senate Banking Committee. Rotenberg has detailed how the credit reporting industry is broken and the steps Congress should take to give consumers greater control over their personal data. EPIC has urged the Senate Judiciary Committee, the House Financial Services Committee, and theHouse Energy Committee to establish new safeguards for consumers following the Equifax data breach.

Nominee for DHS Secretary Favors Less Wall, More Surveillance Tech at Border

Congress recently took up the nomination of Kirstjen M. Nielsen as Secretary at the Department of Homeland Security. Ms. Nielsen opposes a border wall but suggested an expansion of border surveillance. "Technology, as you know, plays a key part, and we can't forget it," she said. EPIC is pursuing a FOIA request regarding the use of DHS drones for border surveillance. Earlier EPIC cases - including EPIC v. DHS which led to the removal of x-ray body scanners in US airports - revealed that technologies for border surveillance invariably impact the privacy rights of Americans. Ms. Nielsen views on the use of DACA applicant data for enforcement remains unclear. EPIC recently warned that 800,000 DACA applicants face privacy risks as a result of the decision to end the Deferred Action for Childhood Arrivals.

European Court of Human Rights Hears Key Surveillance Challenge

European Court of Human Rights has heard 10 Human Rights Organizations v. UK, a legal challenge which will impact surveillance practices around the world. The organizations who brought the case argue that surveillance by UK and US intelligence services violated their fundamental rights. In a recent hearing, the groups' legal representative characterized the government's position as "trust us and we will keep you safe." Instead, she called for a "framework to ensure...public authorities are doing no more than is truly proportionate and are only using these very intrusive powers when they're necessary." EPIC filed a brief in the case explaining that the NSA's "technological capacities" enable "wide scale surveillance" and that U.S. statutes do not restrict surveillance of non-U.S. persons abroad. EPIC casebook Privacy Law and Society explores a wide range of privacy issues, including recent decisions of the European Court of Human Rights.

White House Cancels Safety Rule for Connected Vehicles

The Trump administration has set aside a proposed rule by the National Highway Transit Safety Association to regulate vehicle-to-vehicle (V2V) technology for all new cars and light trucks. V2V technology transmits data between vehicles to "facilitate warnings to drivers concerning impending crashes." NHTSA and safety advocates have touted V2V technology as life-saving, noting that traffic fatalities have surged over the past two years with the increased use of cellphones. The rule was also supported by automakers to establish baseline safety standards. EPIC commented on the proposed rule and urged NHTSA to adopt stronger privacy protections. EPIC also submitted comments to the FTC and NHTSA for a workshop on connected vehicles, recommending that the agencies do more to protect consumer data. Security researchers have provided numerous examples of remote hacking of vehicles. The administration has denied that it has made any final decision on the rule, but it was removed from an OMB list of upcoming regulatory actions.

Senate Begins Investigation Into Russian Meddling

The Senate recently held two hearings to investigate Russians' use of social media platforms to influence the 2016 U.S. presidential election. On October 31, the Senate Subcommittee on Crime and Terrorism held a hearing titled "Extremist Content and Russian Disinformation Online: Working with Tech to Find Solutions." Representatives from Facebook, Twitter, and Google as well as foreign policy experts testified. And on November 1, the Senate Select Committee on Intelligence held a hearing on "Social Media Influence in the 2016 U.S. Elections." In 2017, EPIC launched the Democracy and Cybersecurity project to preserve the integrity of democratic institutions. EPIC is currently pursuing several Freedom of Information Act cases to learn more about Russian interference in the 2016 Presidential election, including: EPIC v. ODNI (Russian hacking), EPIC v. FBI (Russian hacking), EPIC v. IRS (Release of Trump Tax Returns), and EPIC v. DHS (election cybersecurity).

EPIC in the News

EPIC Bookstore

EPIC publications and books by members of the EPIC Advisory Board, distinguished experts in law, technology and public policy are available at the EPIC Bookstore.

Recent EPIC publications:

The Privacy Law Sourcebook 2016, edited by Marc Rotenberg (2016)

The Privacy Law Sourcebook is the leading resource for students, attorneys, researchers, and journalists interested in privacy law in the United States and around the world. It includes major US privacy laws such as the Fair Credit Reporting Act, the Communications Act, the Privacy Act, the Family Educational Rights and Privacy Act, the Electronic Communications Privacy Act, the Video Privacy Protection Act, and the Foreign Intelligence Surveillance Act. The Sourcebook also includes key international privacy frameworks including the OECD Privacy Guidelines, the OECD Cryptography Guidelines, and European Union Directives for both Data Protection and Privacy and Electronic Communications. The Privacy Law Sourcebook 2016 (Kindle Edition) has been updated and expanded to include recent developments such as the United Nations Resolution on Right to Privacy, the European Union General Data Protection Regulation, the USA Freedom Act, and the US Cybersecurity Information Sharing Act. The Sourcebook also includes an extensive resources section with useful websites and contact information for privacy agencies, organizations, and publications.

Communications Law and Policy: Cases and Materials, 5th Edition, by Jerry Kang and Alan Butler. Direct Injection Press (2016).

This teachable casebook provides an introduction to the law and policy of modern communications. The book is organized by analytic concepts instead of current industry lines, which are constantly made out-of-date by technological convergence. The basic ideas--power, entry, pricing, access, classification, bad content, and intermediary liability--equip students with a durable and yet flexible intellectual structure that can help parse a complex and ever-changing field.

Privacy Law and Society, 3rd Edition, by Anita Allen, JD, PhD and Marc Rotenberg, JD, LLM. West Academic (2015).

The Third Edition of "Privacy Law and Society" is the most comprehensive casebook on privacy law ever produced. It traces the development of modern privacy law, from the early tort cases to present day disputes over drone surveillance and facial recognition. The text examines the philosophical roots of privacy claims and the significant court cases and statues that have emerged. The text provides detailed commentary on leading cases and insight into emerging issues. The text includes new material on developments in the European Union, decisions grounded in fundamental rights jurisprudence, and exposes readers to current debates over cloud computing, online profiling, and the role of the Federal Trade Commission. Privacy Law and Society is the leading and most current text in the privacy field.

Privacy in the Modern Age: The Search for Solutions, edited by Marc Rotenberg, Julia Horwitz and Jeramie Scott. The New Press (2015). Price: $25.95.

The threats to privacy are well known: The National Security Agency tracks our phone calls; Google records where we go online and how we set our thermostats; Facebook changes our privacy settings when it wishes; Target gets hacked and loses control of our credit card information; our medical records are available for sale to strangers; our children are fingerprinted and their every test score saved for posterity; and small robots patrol our schoolyards while drones may soon fill our skies.

The contributors to this anthology don't simply describe these problems or warn about the loss of privacy—they propose solutions.

Contributors include: Steven Aftergood, Ross Anderson, Christine L. Borgman (coauthored with Kent Wada and James F. Davis), Ryan Calo, Danielle Citron, Simon Davies, A. Michael Froomkin, Deborah Hurley, Kristina Irion, Jeff Jonas, Harry Lewis, Anna Lysyanskaya, Gary T. Marx, Aleecia M. McDonald, Dr. Pablo G. Molina, Peter G. Neumann, Helen Nissenbaum, Frank Pasquale, Dr. Deborah Peel, MD, Stephanie E. Perrin, Marc Rotenberg, Pamela Samuelson, Bruce Schneier, and Christopher Wolf.

Upcoming Conferences and Events

Oral Argument: EPIC v. Presidential Advisory Commission on Election Integrity, No. 17-5171
Challenging the unlawful collection of state voter data
November 21, 2017
Marc Rotenberg, EPIC President
U.S. Court of Appeals for the D.C. Circuit
Washington, DC

62nd Meeting of the International Working Group on Data Protection in Telecommunications
November 27-28, 2017
Eleni Kyriakides, EPIC Fellow
Paris, France

Where Are We With Location Privacy? Reactions to the Supreme Court's Oral Argument in Carpenter v. United States
November 30, 2017
Alan Butler, EPIC Senior Counsel
American Bar Association — Section on Civil Rights and Social Justice
Washington, DC

"Tech Triumph or Bloated Bubble: Innovation, Investors & Industrial Transformation"
December 14, 2017
Marc Rotenberg, EPIC President
Yale CEO Summit, New York, NY

2018 EPIC Champions of Freedom Awards Dinner
June 5, 2018
Washington, DC

Share this page:

Support EPIC

EPIC relies on support from individual donors to pursue our work.

Defend Privacy. Support EPIC.

#Privacy