EPIC Alert 26.08

1. EPIC Obtains FOIA-Annotated Mueller Report from Department of Justice

EPIC has obtained an annotated version of the Mueller Report through EPIC v. Department of Justice, EPIC's Freedom of Information Act lawsuit about the Special Counsel investigation into Russian election interference.

The version of the Mueller Report provided to EPIC contains new details about the extensive redactions made by the Justice Department. Material is withheld on approximately 178 pages of the 448-page Report, and multiple pages are redacted in full. EPIC will challenge those redactions as the case moves forward on an expedited schedule.

At a hearing last week in EPIC v. Department of Justice, Judge Reggie B. Walton ordered the Justice Department to disclose additional information about the Mueller Report—as well as additional Special Counsel records—by June 3. A hearing is scheduled in EPIC's case for June 17.

On Wednesday, President Trump claimed executive privilege in an attempt to withhold the redacted portions of the Mueller Report from Congress. The President's assertion goes far beyond the narrow limits of the privilege and conflicts with the Attorney General's recent statement to Congress that President Trump had "no plans" to claim executive privilege over the Report. But the government has waived any assertion of executive privilege in EPIC's case, making EPIC uniquely positioned to challenge the redactions.

EPIC's case for the release of the Mueller Report—the first in the nation—is EPIC v. Department of Justice, No. 19-810 (D.D.C.).

2. EPIC Files Intervention in Human Rights Court Review of UK Bulk Surveillance Program

EPIC has filed a third-party intervention with the European Court of Human Rights in Big Brother Watch v. UK. The case reviews whether a British bulk surveillance program and UK-U.S. intelligence transfers violate the European Convention on Human Rights.

Last year the Court of Human Rights ruled that the UK's particular surveillance regime violated the rights to privacy and free expression under the European Convention, but the Court stopped short of ruling that bulk surveillance violates the Convention. The human rights groups that brought the case requested referral to the Grand Chamber—a larger panel of judges—and urged the Court to rule that mass surveillance is incompatible with fundamental rights.

EPIC filed a brief in the original case explaining the sweeping scope of U.S. surveillance. EPIC has now filed a new brief in the Grand Chamber proceedings, arguing that the Court should carefully consider UK-U.S. intelligence transfers. U.S. surveillance does not "provide the requisite Article 8 safeguards," and transfer of intelligence to the UK "risks circumventing the Convention's guarantees," EPIC explained.

In an article for Just Security, EPIC called the initial ruling against UK surveillance a "narrow" but "important" decision for human rights. EPIC also recently intervened in Privacy International v. UK concerning government hacking, explaining that hacking tools are vulnerable to theft and can lead to weakened security safeguards.

3. Facebook Anticipates $3B-$5B Fine

According to news reports, Facebook has budgeted $3 billion for in its first-quarter earnings report, saying it expected the FTC to fine the company between $3 billion and $5 billion.

In January, EPIC and a coalition of consumer and civil rights groups sent a letter to the FTC calling on the Commission to enforce the order against Facebook by 1) imposing substantial fines; 2) establishing structural remedies; 3) requiring compliance with Fair Information Practices; 4) reforming hiring and management practices; and 5) restoring democratic governance.

In April, an EPIC's Freedom of Information Act request revealed that there are there are over 26,000 complaints pending against Facebook. In 2018 alone, the FTC received 8,391 consumer complaints about Facebook, nearly twice the number received in 2016 (4,612), and more than four times the number received in 2014 (1,860).

In the eight years since the FTC announced the consent order barring Facebook from making any misrepresentation about user privacy, the FTC has not taken a single enforcement action against the company. EPIC launched the #EnforceTheOrder campaign to pressure the FTC to take enforcement action against Facebook. EPIC also brought the original complaint to the FTC in 2009 that led to the consent order.

4. Defense Department Finalizes Uniform Privacy Regulation, Responds to EPIC Comments

As part of an effort to promote uniformity in privacy regulations, the Department of Defense has finalized a regulation regarding the Personnel Vetting Records System. The DoD 's regulation responds in detail to comments submitted by EPIC last year "expressing concerns about accountability for DoD's information collection activities."

As EPIC told the DoD, "The scope of information collection is virtually limitless, including SSN, date and place of birth, hair and eye color, residential history, maternal maiden name, immigration and passport information, drug/alcohol consumption records, mental health history, financial records (e.g. credit reports and tax returns), biometric data, and a litany of other sensitive information."

EPIC' also explained that the DoD's proposed routine uses for data violated the Privacy Act and urged the DoD limit its broad exemptions. "Several of DoD's claimed exemptions would further exacerbate the impact of its overbroad categories of records and routine uses in this system of records," EPIC wrote. "The net result of these exemptions, coupled with DoD's proposal to collect and retain virtually unlimited information unrelated to any purpose Congress delegated to the agency, would be to diminish the legal accountability of the agency's information collection activities."

The Department of Defense wrote that it "appreciates the[] concerns" raised by EPIC and stated that "With respect to access rights in particular, the DoD anticipates generally providing access rights and exercising exemptions as the exception rather than the norm."

EPIC routinely comments on the obligations of federal agencies to comply with the Privacy Act. EPIC recently commented on the privacy issues raised by the Department's "Insider Threat" Program, noting that the extensive collection of personal data could create new vulnerabilities.

5. EPIC to TSA: Conduct Rulemaking on Facial Recognition

In comments to inform the Transportation Security Administration's 2020 National Strategy, EPIC recommended that TSA to suspend the facial recognition program at U.S. airports. "The use of facial recognition completely lacks the safeguards necessary to even consider its implementation," EPIC wrote.

The TSA's National Strategy lists facial recognition as a research and development "priority." But the TSA—like Customs and Border Protection and private airlines and airports—has deployed facial recognition technology without following notice-and-comment procedures.

"Beyond cybersecurity risks, there is the problem of bias," EPIC wrote. "Face recognition algorithms fail often and in unfair ways. In September 2018, the DHS Office of Inspector General raised the concern that 'CBP could not consistently match individuals of certain age groups or nationalities . . . .' Discrimination through automation should not be tolerated, and when it is undertaken by a federal agency it simply cannot be tolerated."

EPIC has previously warned lawmakers and the DHS about the biometric border program that incorporates facial recognition. Numerous legislators share EPIC's concerns. Senator Tom Udall stated that "[i]t is unclear how these technologies would impact efficiency and whether the software treats all travelers and Americans equally in practice." And Senator Markey stated, "The American people deserve to have a set of guidelines which are put in place in order to protect their privacy."

In 2011, EPIC successfully required TSA to conduct a rulemaking on its deployment of airport body scanners in EPIC v. DHS. Recently, EPIC recommended that TSA incorporate the Universal Guidelines for Artificial Intelligence, endorsed by over 300 organizations and experts, for AI-based systems.

News in Brief

EPIC Argues Against Collection of Citizenship Data in Federal Appeals Court

On May 8, EPIC Counsel John Davisson argued before the D.C. Circuit Court of Appeals to block the Census Bureau from collecting personal data concerning citizenship status in the 2020 Census. EPIC's case challenges the Census Bureau's failure to complete privacy impact assessments required by law. The Bureau concedes that it must complete the impact assessments but has so far failed to do so. As EPIC previously warned the appeals court, "major privacy risks have not been addressed by the agency." EPIC has filed several successful lawsuits to require privacy impact assessments by federal agencies, including EPIC's case that led a now-defunct Presidential Commission to delete state voter data it unlawfully obtained. EPIC's census privacy case is EPIC v. Commerce, No. 19-5031 (D.C. Cir.).

EPIC Settles FOIA Case About Government Use of Facial Recognition

EPIC has settled a Freedom of Information Act lawsuit against Customs and Border Protection. EPIC sought records about the agency's Biometric Entry-Exit program for use at US borders. As a result of the lawsuit, EPIC obtained the "Southwest Border Pedestrian Field Test" concerning the use of iris imaging and facial recognition. The report revealed that the technology did not perform operational matching at a "satisfactory" level. Relying on the documents obtained in the case, EPC has told Congress that facial recognition should be suspended until privacy safeguards are established. Senators Ed Markey (D-MA) and Mike Lee (R-UT) have also called for the suspension of the CBP program.

EPIC Amicus: Public Employees Must Be Able to Speak Freely on Social Media, 'The Modern Public Square'

In an amicus brief EPIC urged the Pennsylvania Supreme Court to protect the right of public employees to speak on matters of public concern on social media without fear of dismissal. The case, Carr v. Department of Transportation, concerns a state employee who was fired for comments posted to a Facebook group criticizing local school bus drivers. EPIC explained that "social media is 'the modern public square' for debate on issues of public concern," citing the U.S. Supreme Court's opinion in Packingham v. North Carolina, in which EPIC also filed an amicus. EPIC warned that "allowing the Government to fire a public employee for posts made in a private Facebook group would encourage government supervisors to surveil employees across social media." EPIC has frequently argued that the First Amendment protects the right of individuals to engage in activities free from government surveillance, in cases including City of Los Angeles v. Patel, Doe v. Reed, and Americans for Prosperity v. Becerra.

EPIC FOIA: Massive DHS Biometric Database Still Lacks a Privacy Impact Assessment

In response to EPIC's Freedom of Information Act request, the Department of Homeland Security confirmed that no privacy impact assessment has been completed for a vast DHS biometric database known as the "Homeland Advanced Recognition Technology." The HART database will include fingerprints, iris scans, and facial images on millions of individuals. The documents EPIC did obtain from DHS consist of privacy threshold reviews that indicate a privacy impact assessment is required and was expected by January 2019. A previous document obtained by EPIC show that the Homeland Advanced Recognition Technology database is part of the facial recognition Biometric Entry/Exit program at US airports.

EPIC FOIA: Census Bureau Gathers Noncitizens' Data Without Required Privacy Impact Assessment

An EPIC Freedom of Information Act request has revealed that the Census Bureau obtains vast quantities of noncitizens' personal data from the Department of Homeland Security without having first conducted a required Privacy Impact Assessment. Under a written agreement disclosed to EPIC, the DHS transfers the "Legal Permanent Resident File" to the Bureau each year, which includes citizenship, immigration status, marital status, and other sensitive personal information. Yet the Census Bureau conducted no analysis of the privacy risks and failed to describe the personal data gathered. In EPIC v. Commerce, EPIC has charged that the Census Bureau failed to complete required Privacy Impact Assessments prior to adding the citizenship question to the 2020 Census. The Bureau concedes that it must complete the impact assessments but has so far failed to do so. EPIC's motion to halt the citizenship question will be argued before the D.C. Circuit on May 8.

EPIC to Congress: FCC Must Do More on Robocalls

In advance of a hearing about robocalls, EPIC has sent a statement to the House Energy & Commerce Committee saying "The FCC needs to do far more to protect consumers from robocalls." EPIC has long advocated for robust telephone privacy protections. Last week, EPIC submitted comments to the FCC recommending that the agency (1) require phone providers to proactively block calls from numbers that are unassigned, unallocated, or invalid; (2) prohibit spoofing if there is an intent to defraud or cause harm; and (3) encourage the use of call authentication technology that safeguards caller anonymity. EPIC filed amicus briefs earlier this year and in 2015 that strengthened consumer protections for robocalls.

EPIC Advises Senate Commerce Committee on Federal Privacy Legislation

Prior to a hearing on "Consumer Perspectives: Policy Principles for a Federal Data Privacy Framework," EPIC has sent a statement and related materials to the Senate Commerce Committee advising on federal privacy legislation. EPIC Executive Director Marc Rotenberg recently wrote in the New York Times, "There is still much that Congress can do to strengthen privacy protections for Americans. Enacting federal baseline legislation and establishing a data protection agency would be a good start." EPIC also sent the Committee EPIC commentaries from the Financial Times, Techonomy, the OECD Observer, and the Harvard International Review. EPIC recently joined 16 organizations in support of "A Framework for Privacy Protection in the United States."

EPIC to Appropriations Committees: Suspend the Census Citizenship Question

EPIC has sent a statement to the House Appropriations Committee prior to a hearing on Census oversight. EPIC urged Congress to require the Census Bureau to remove the citizenship question from the 2020 census, pending the completion and review of required Privacy Impact Assessments. EPIC told the Committee that the Census Bureau failed to complete the Privacy Impact Assessments required by Section 208 of the E-Government Act. The Census Bureau concedes that it must complete the impact assessments but has so far failed to do so. "Congress made clear that data collection simply could not occur without the completion of these assessments," EPIC explained to Congress. In EPIC v. Commerce, currently before the D.C. Circuit Court of Appeals, EPIC argued that the collection of personal data concerning citizenship status without the privacy impact assessments is unlawful. EPIC warned the federal appeals court that "major privacy risks have not been addressed by the agency."

Lawmakers Introduce Legislation Regulating Equifax, Credit Reporting Agencies

Senators Warren and Warner and Representatives Cummings and Krishnamoorthi introduced the Data Breach Prevention and Compensation Act of 2019. The legislation would compensate consumers for stolen data, impose mandatory penalties on credit reporting agencies for data breaches, and give the FTC greater authority over data security at credit reporting agencies. The lawmakers also released a new report "Breach of Trust: CFPB's Complaint Database Shows Failure to Protect Consumers after Equifax Breach." The report found that consumers have filed over 52,000 complaints since Equifax announced the breach in September 2017. Following the Equifax data breach, EPIC President Marc Rotenberg testified before the Senate Banking Committee and recommended free credit freezes and other consumer safeguards to mitigate the risk of identity theft.

International Privacy Experts Adopt Recommendations for AI, Location Tracking

The International Working Group on Data Protection has adopted new recommendations for artificial intelligence and location tracking. The Berlin-based Working Group includes data protection authorities who assess emerging privacy challenges. The IWG report "Privacy and Artificial Intelligence" sets out fairness and respect for human rights, oversight, transparency and intelligibility as key elements of AI design and use. The IWG recommendations share several principles with the Universal Guidelines for Artificial Intelligence, proposed by EPIC as the basis for federal legislation and endorsed by more than 250 experts and 60 organizations. The IWG report "Wide Area Location Tracking" addresses large scale collection of location data in devices and applications, and urges limits on the transfer of the data, location tracking switched off by default, and periodic auditing by regulators. EPIC recently provided a comprehensive report for the IWG explaining recent developments in U.S. privacy law and policy.

FTC Renews Spam Rule, Cites EPIC Comments

After soliciting public comments, the Federal Trade Commission has renewed the CAN-SPAM Rule (Controlling the Assault of Non-Solicited Pornography and Marketing). The FTC rule requires subject-line labeling of commercial emails containing sexually explicit material. The rule also clarifies that a recipient of unwanted emails may not be required to pay a fee, provide additional information or take any steps beyond sending an email or visiting a web page to opt out. In confirming the final rule, the agency specifically referenced EPIC's comments in support of the rule: "For example, the Electronic Privacy Information Center ('EPIC'), a consumer advocacy group, asserted that, '[w]hile the volume of spam is lower than it was just a few years ago, the need for the Rule continues.'" EPIC continues to push the FTC to safeguard consumer privacy with the Enforce the Order campaign, urging the agency to act against Facebook.

In Comments to Defense Dept. EPIC Urges Adherence to Privacy Act, Algorithmic Fairness

In comments to the Department of Defense on the proposed expansion of the "Insider Threat" Database, EPIC recommended the Department withdraw unlawful and unnecessary routine use disclosures, significantly narrow the Privacy Act exemptions, and adopt the Universal Guidelines for Artificial Intelligence. The DoD plans to collect detailed, personal information, including health data, ethnicity and race, biometric data, travel records, and social media information, on federal employees, their friends, and family members. EPIC noted widespread computer security problems at the DoD, and warned, "this system of records—despite a documented inability to protect personal data—invites the very threats the program seeks to prevent." EPIC previously commented on the creation of the system.

Senators Urge FAA to Require Realtime Remote Identification for Drones

In a letter to the FAA, Senators Edward Markey (D-MA) and John Thune (R-SD) urged the agency to quickly publish a rule for the realtime, remote identification of drones. The senators wrote, "remote identification will enhance safety, security, and privacy." EPIC has long called for remote identification requirement for drones, stating "Because drones present substantial privacy and safety risks, EPIC recommends that the FAA require any drone operating in the national airspace system to broadcast location when aloft (latitude, longitude, and altitude), course, speed over ground, as well as owner identifying information and contact information[.]" EPIC cited similar requirements for vessels and planes, and explained that the technology is widely available. Most recently, EPIC repeated its call for remote identification in response to a proposed rule that would allow drones to fly over people.

Annual Surveillance Report Reveals Upturn in U.S. Persons Call Record Searches, Unmasking

According to the Office of Director National Intelligence 2018 report, the use of information on U.S. persons collected under Foreign Intelligence Surveillance Act increased. The instances in which the NSA "unmasked" - revealed a U.S. person's identity in foreign intelligence data - to another agency grew from 9,529 to 16,721. In 2018, the government also searched domestic call detail records for U.S. persons at five times the rate in 2017, rising from 31,196 to 164,682. Notably, the government notifications to defendants of the use of FISA information in criminal proceedings increased from 7 in 2017 to 14 in 2018. EPIC previously testified before Congress on the need for more public reporting about the use of FISA for domestic surveillance. Several of EPIC's recommendations, including greater detail on government surveillance activities, were incorporated in the USA Freedom Act.

Appeals Court Strikes Down Debt Collector Exception to Robocall Ban

A federal appeals court ruled today that an amendment to the federal robocall ban is unconstitutional. The Telephone Consumer Protection Act prohibits automated calls to cell phones, except in emergencies or with the consent of the called party. But in 2015 Congress created an exception for calls made to collect debts guaranteed by the federal government. The court in AAPC v. FCC found that the debt-collection exemption "undercuts" the privacy protections in the law. So the court found the exception unconstitutional and struck it from the law. EPIC filed a "friend of the court" brief in Gallion v. Charter Communications, a similar case in the Ninth Circuit, arguing that "the TCPA prohibitions are needed now more than ever." EPIC has testified in support of the TCPA and has submitted extensive comments and amicus briefs on the consumer privacy law.

Supreme Court to Hear Arguments on Census Citizenship Question

The U.S. Supreme Court will hear arguments this week in a case challenging the addition of the citizenship question to the 2020 Census. EPIC filed an amicus brief in Department of Commerce v. New York, urging the Court to uphold a New York federal judge's decision to remove the question. EPIC warned that the "extraordinary reach of the Bureau into the private lives of Americans brings extraordinary risks to privacy." In a related matter, EPIC's lawsuit to block the citizenship question, EPIC v. Commerce, is currently before the D.C. Circuit with an argument scheduled for May 8. EPIC has charged that the Census Bureau failed to complete required Privacy Impact Assessments prior to the decisions to collect personal data about citizenship. The Bureau concedes that it must complete the impact assessments but has so far failed to do so. EPIC told the D.C. Circuit, "Key deadlines are fast approaching, and major privacy risks have not been addressed by the agency."

EPIC in the News

• Judge demands unredacted Mueller report in Roger Stone case, POLITICO, May 9, 2019
• Google's privacy push gets a mixed reception, WRAL.com, May 9, 2019
• Google's Privacy Promises Don't Sway Many Experts, U.S. News & World Report, May 8, 2019
• Experts Aren't Impressed With Google's New Privacy Tools, Time, May 8, 2019
• Dems propose fining credit agencies for data breaches, The Hill, May 7, 2019
• Google unveils new privacy tools, smarter AI assistant, cheaper phones, MarketWatch, May 7, 2019
• Google promises better privacy tools, smarter AI assistant, Miami Herald, May 7, 2019
• DOJ releases second redacted version of Mueller report over FOIA lawsuits, The Hill, May 6, 2019
• Justice Department releases redacted Mueller report — again, Washington Examiner, May 6, 2019
• A New Version Of The Mueller Report Has Been Released In Response To A BuzzFeed News Lawsuit, BuzzFeed, May 6, 2019
• DC Judge Says He Can't Look At Full Mueller Report Yet, Law360, May 3, 2019
• Facebook's Privacy Practices May Get More Oversight, Consumer Reports, May 3, 2019
• The splintering internet means trouble for Facebook, Twitter, and Google, Yahoo Finance, May 3, 2019
• Facebook's FTC Settlement May Include Privacy Oversight, PC Magazine, May 2, 2019
• Fight to Release Unredacted Mueller Report Advances in Court, Bloomberg, May 2, 2019
• Facebook could get new privacy oversight and record-breaking fine in FTC deal, Fox News, May 2, 2019
• Facebook could create new privacy positions as part of FTC settlement, The Verge, May 2, 2019
• Mark Zuckerberg could become Facebook's 'designated compliance officer', Mashable, May 2, 2019
• Facebook Settlement With FTC To Include New Privacy Committee, MediaPost, May 2, 2019
• New privacy oversight on the table for Facebook, Zuckerberg, POLITICO Pro, May 1, 2019
• How to Take Back Control From Facebook, New York Times, Apr. 30, 2019
• Privacy Advocates Urge Creation of Data Protection Agency, Decipher, Apr. 30, 2019
• Facebook Unveils Redesign as It Tries to Move Past Privacy Scandals, New York Times, Apr. 30, 2019
• A Record FTC Fine Won't Fix Facebook, Privacy Experts Say, Consumer Reports, Apr. 26, 2019
• Why Facebook's 'biggest fine ever' is actually peanuts, The Week, Apr. 26, 2019
• The fight to unveil Mueller's final mysteries, POLITICO, Apr. 26, 2019
• Facebook Takes $3 Billion Hit, Anticipating FTC Fine, BankInfo Security, Apr. 26, 2019
• Regulators Around the World Are Circling Facebook, New York Times, Apr. 26, 2019
• Facebook expects up to $5B FTC fine, POLITICO, Apr. 25, 2019
• Facebook sets aside billions of dollars for a potential FTC fine, Washington Post, Apr. 25, 2019
• FBI's Cyber Guardian is 'unreliable,' watchdog finds, Washington Post, Apr. 24, 2019
• DHS plan for face scanning at airports sparks alarm, The Hill, Apr. 24, 2019
• EPIC continues mounting opposition, POLITICO Morning Tech, Apr. 24, 2019
• She sold the Patriot Act to Congress. Her next job is defending Facebook, Washington Post, Apr. 23, 2019
• Tech and Privacy Groups Hate the Census Citizenship Question, WIRED, Apr. 23, 2019
• VERIFY: Yes, airlines are using facial recognition for boarding, ABC 10, Apr. 23, 2019
• This new US airport screening camera would see too much, Quartz, Apr. 22, 2019

EPIC Bookstore

EPIC publications and books by members of the EPIC Advisory Board, distinguished experts in law, technology and public policy are available at the EPIC Bookstore.

Recent EPIC Publications

The Privacy Law Sourcebook 2018, edited by Marc Rotenberg (2018)

The Privacy Law Sourcebook is the leading resource for students, attorneys, and policymakers interested in privacy law in the United States and around the world. The Sourcebook includes major US privacy laws such as the Fair Credit Reporting Act, the Privacy Act, the Family Educational Rights and Privacy Act, the Video Privacy Protection Act, and the Electronic Communications Privacy Act. The Sourcebook also includes key international privacy frameworks such as the EU General Data Protection Regulation and the revised OECD Privacy Guidelines. The Privacy Law Sourcebook 2018 has been updated and expanded to include the modernized Council of Europe Convention on Privacy, the Judicial Redress Act, the CLOUD Act, and new materials from the United Nations. The Sourcebook also includes an extensive resources section with useful websites and contact information for privacy agencies, organizations, and publications.

Communications Law and Policy: Cases and Materials, 5th Edition, by Jerry Kang and Alan Butler. Direct Injection Press (2016).

This teachable casebook provides an introduction to the law and policy of modern communications. The book is organized by analytic concepts instead of current industry lines, which are constantly made out-of-date by technological convergence. The basic ideas—power, entry, pricing, access, classification, bad content, and intermediary liability—equip students with a durable and yet flexible intellectual structure that can help parse a complex and ever-changing field.

Privacy Law and Society, 3rd Edition, by Anita Allen, JD, PhD and Marc Rotenberg, JD, LLM. West Academic (2015).

The Third Edition of "Privacy Law and Society" is the most comprehensive casebook on privacy law ever produced. It traces the development of modern privacy law, from the early tort cases to present day disputes over drone surveillance and facial recognition. The text examines the philosophical roots of privacy claims and the significant court cases and statues that have emerged. The text provides detailed commentary on leading cases and insight into emerging issues. The text includes new material on developments in the European Union, decisions grounded in fundamental rights jurisprudence, and exposes readers to current debates over cloud computing, online profiling, and the role of the Federal Trade Commission. Privacy Law and Society is the leading and most current text in the privacy field.

Privacy in the Modern Age: The Search for Solutions, edited by Marc Rotenberg, Julia Horwitz and Jeramie Scott. The New Press (2015). Price: $25.95.

The threats to privacy are well known: The National Security Agency tracks our phone calls; Google records where we go online and how we set our thermostats; Facebook changes our privacy settings when it wishes; Target gets hacked and loses control of our credit card information; our medical records are available for sale to strangers; our children are fingerprinted and their every test score saved for posterity; and small robots patrol our schoolyards while drones may soon fill our skies.

The contributors to this anthology don't simply describe these problems or warn about the loss of privacy—they propose solutions.

Contributors include: Steven Aftergood, Ross Anderson, Christine L. Borgman (coauthored with Kent Wada and James F. Davis), Ryan Calo, Danielle Citron, Simon Davies, A. Michael Froomkin, Deborah Hurley, Kristina Irion, Jeff Jonas, Harry Lewis, Anna Lysyanskaya, Gary T. Marx, Aleecia M. McDonald, Dr. Pablo G. Molina, Peter G. Neumann, Helen Nissenbaum, Frank Pasquale, Dr. Deborah Peel, MD, Stephanie E. Perrin, Marc Rotenberg, Pamela Samuelson, Bruce Schneier, and Christopher Wolf.

Upcoming Conferences and Events

Oral Argument in EPIC v. Department of Commerce (D.C. Cir. 19-5031). May 8, 2019. U.S. Court of Appeals for the D.C. Circuit. John Davisson, EPIC Counsel.

Ethical AI. May 15, 2019. Capitol Hill, Washington, DC. Caitriona Fitzgerald, EPIC Policy Director.

AI World Society. May 25, 2019. Washington, DC. Marc Rotenberg, EPIC President.

EPIC Champions of Freedom Awards Dinner: 'Data Protection and Democracy' (REGISTRATION NOW OPEN). June 5, 2019. National Press Club, Washington, DC.

Cyber Crime Review. Aug. 8, 2019. ABA Annual Meeting, San Francisco, CA. Alan Butler, EPIC Senior Counsel.