EPIC Alert 29.08 – August 31, 2022
- Top Updates
- Analysis From EPIC
- EPIC in the News
1. New Report Highlights DHS’s Extensive Collection and Circulation of Location Data
EPIC published a report, DHS’s Data Reservoir, that analyzes the ways the Department of Homeland Security collects and circulates location data. The report makes several policy recommendations that would help limit unnecessary surveillance of immigrants.
2. EPIC Joins 48 Public Interest Groups Urging House to Vote on American Data Privacy and Protection Act
EPIC joined 48 public interest groups in a letter urging Speaker Nancy Pelosi (D-CA) to move the American Data Privacy and Protection Act to a vote by the full House of Representatives.
3. EPIC Announces Recipients of its 2022 Champions of Freedom Awards
EPIC has announced the five individuals it will honor at its 2022 Champions of Freedom Awards ceremony: DC Attorney General Karl Racine, Representative Yvette Clarke (D-NY), Dr. John Abowd, Dr. Safiya Noble, and Professor Sherry Turkle.
Analysis From EPIC
The State of State AI Policy (2021-22 Legislative Session)
Within the past year, many states and localities have passed or introduced bills regulating Artificial Intelligence or establishing commissions or task forces to seek transparency about the use of AI in their state or locality. EPIC IPIOP Clerk Caroline Kraczon presents a comprehensive summary of these AI-related bills in this blog post.
The Rise of Chinese Surveillance Technology in Africa: Safe City Initiative in Kenya
In the fourth of his six-part blog post series, EPIC Scholar-in-Residence Bulelani Jili explains how the spread of smart cities is a key area facilitating the spread of Chinese surveillance technology globally. In particular, he examines Konza City, an early smart city initiative that was launched in Kenya in 2008 with the intent of helping resolve structural challenges of economic stagnation through innovation.
Europe’s Digital Services Package: What It Means for Online Services and Big Tech
The EU recently passed the Digital Services Package, comprehensive legislation on platform monitoring, digital free speech, and antitrust that is largely directed at Big Tech. In this blog post, EPIC IPIOP Clerk Paul Meosky breaks down the provisions and implications of the new laws.
Agencies Begin to Comply with 2020 Executive Order on AI Transparency
In this blog post, EPIC Counsel Ben Winters provides an update on agency compliance with Executive Order 13960, which was signed in 2020 and created concrete requirements aimed at improving transparency around how the U.S. is currently using automated decision-making systems.
AI & Human Rights
In a follow-up letter to EPIC’s 2020 complaint against Airbnb, EPIC warned the Federal Trade Commission about a newly announced Airbnb algorithm used to identify and block would-be renters who are deemed likely to throw a party. As with the “trustworthiness” algorithm targeted in EPIC’s original complaint, “the company has not disclosed the logic or full range of factors on which the system relies and has failed to establish that the system is accurate, fair, or free from the impermissible bias routinely exhibited by automated decision-making systems.”
The Federal Trade Commission has filed a groundbreaking lawsuit against data broker Kochava, alleging that the company’s sale of geolocation data from hundreds of millions of mobile devices is an unfair and unlawful trade practice. EPIC has long sought to establish and reinforce legal protections for geolocation data and commends the Commission for taking this step.
EPIC and the National Consumer Law Center are urging the Federal Communications Commission to impose harsh consequences on telephone service providers that fail to protect consumers from scam robocalls, arguing that providers would be more likely to stop routing illegal robocalls if they were automatically suspended from the telephone network for transmitting illegal robocalls after receiving notice to stop.
The Federal Trade Commission has announced an advance notice of proposed rulemaking and request for public comment regarding commercial surveillance and lax data security practices. The notice asks whether and how the FTC should regulate the ways that companies collect, process, transfer, share, sell, and monetize consumers’ personal data. EPIC has repeatedly called on the FTC to exercise its rulemaking authority to better protect consumer privacy.
The Federal Trade Commission has reportedly deepened its investigation into Amazon’s employment of dark patterns in the Amazon Prime subscription cancellation process. As EPIC explained in a complaint to the D.C. Attorney General last year, Amazon employs dark patterns to deter customers from canceling their Prime subscriptions, enabling Amazon to continue collecting, retaining, and using misdirected subscribers’ personal data.
EPIC filed comments urging the Federal Trade Commission to protect consumers against the harmful effects of dark patterns and deceptive practices in digital advertising. EPIC advised the Commission to establish updated guidelines for sponsored content, identify and target rapidly evolving uses of dark patterns in advertising, and develop more robust guidance regarding online disclosures when users navigate multiple webpages.
EPIC and a group of consumer advocacy organizations submitted comments to the Federal Trade Commission regarding two proposed sets of changes to the Telemarketing Sales Rule, which protects consumers from telemarketing fraud.
50 state attorneys general announced a new “Anti-Robocall Litigation Task Force,” which has already issued civil investigative demands to 20 gateway providers and other entities believed to be responsible for the majority of foreign robocall traffic. The task force cited EPIC and NCLC’s recent publication, Scam Robocalls: Telecom Providers Profit, in its announcement.
The Fifth Circuit recently issued its decision in United States v. Morton, rolling back its earlier Fourth Amendment protections for cell phone users by giving the police almost unlimited ability to search through a person’s phone whenever the person is suspected of a crime.
A federal court in Ohio has ruled that Cleveland State University violated a student’s Fourth Amendment rights when it forced him to scan his bedroom with a laptop camera before taking a test from home. The decision could significantly reshape state schools’ use of remote proctoring tools, which monitor students during at-home tests and purport to identify indicators of cheating or other prohibited behaviors.
EPIC and coalition partners urged the Federal Communications Commission to maximize survivor self-determination and minimize burdens on survivors in any changes to its low-cost programs for phone service and broadband. The groups emphasized that the Commission must permit survivors to self-attest to their final hardship and status, rather than requiring a third party to “vouch” that they were abused.
The Consumer Financial Protection Bureau issued a consent order against the U.S. Bank National Association for exploiting consumers’ personal data without authorization, requiring U.S. Bank to stop its unlawful practices, develop a plan to remediate all harmed consumers by returning unlawfully charged fees and costs (plus interest), and pay a $37.5 million penalty.
Democracy & Free Speech
EPIC submitted an amicus brief in National Coalition on Black Civic Participation v. Wohl, a federal case concerning voter intimidation and privacy. “Voters must know that their voting decisions will not be used to subject them to economic, physical, or other types of harm in order to make a truly independent decision,” EPIC wrote.
EPIC Joins 48 Public Interest Groups Urging House to Vote on American Data Privacy and Protection Act
EPIC joined 48 public interest groups in a letter urging Speaker Nancy Pelosi (D-CA) to move the American Data Privacy and Protection Act to a vote by the full House of Representatives. “We fear that a failure to move the bill in this Congress will forestall progress on this issue for years to come,” the groups wrote. “We urge you to move the bill to a vote as soon as possible.”
EPIC and coalition partners sent comments to the California Privacy Protection Agency regarding proposed regulations under the California Consumer Privacy Act. “Californians’ most urgent need is not for more notices about their rights; it is for substantive, meaningful limitations on the use and disclosure of their sensitive personal information,” the groups told the Agency.
EPIC submitted comments to the Colorado Attorney General as they promulgate rules implementing key measures of the Colorado Privacy Act, urging Colorado to set clear standards for personal data collection, use, and transfer that restrict behavioral tracking and secondary uses of data.
EPIC published a report, DHS’s Data Reservoir, that analyzes the ways the Department of Homeland Security (DHS) collects and circulates location data. DHS’s collection of location data results in disproportionate and harmful surveillance of immigrant communities, and the report makes several policy recommendations that would limit unnecessary surveillance and move DHS more in line with national and international standards of privacy.
EPIC in the News
- Inside Cybersecurity: Civil and consumer rights groups urge passage of House privacy bill
- CyberScoop: FTC sues data broker over selling location data that can reveal abortion clinic visits
- NPR: Scanning students’ rooms during remote tests is unconstitutional, judge rules
- Politico Pro: Privacy bill triggers lobbying surge by data brokers
- Law360: Twitter’s Alleged Security Failures Fuel Data Privacy Law Push
- The Wall Street Journal: Should Companies Track Workers With Monitoring Technology?
- Tech Policy Press: Evaluating the American Data Privacy and Protection Act
- VentureBeat: AI regulation: A state-by-state roundup of AI bills
- WIRED: Will Europe Force a Facebook Blackout?
- FCW: CBP’s facial recognition program at airports is expanding but concerns remain