EPIC v. CBP (Analytical Framework for Intelligence)

Summary

This case arises out of an EPIC Freedom of Information Act ("FOIA") request for records relating to the U.S. Customs and Border Protection’s (“CBP”) Analytical Framework for Intelligence ("AFI"). CBP uses AFI to analyze personally identifiable information from a variety of sources, including government databases, commercial data brokers, and other Internet sources. These databases contain detailed personal information, subject to the Privacy Act, that are combined with secret, analytic tools to assign “risk assessments” to travelers, including U.S. citizens traveling solely within the United States.

EPIC pursued this FOIA request to make public the agency's use of personal information for automated profiling as well as the chilling effect of First Amendment protected activities. Both activities may violate the Federal Privacy Act; the disclosure of the documents sought by EPIC is of utmost importance to the public and Congressional oversight committees.

Top News

  • Documents Obtained by EPIC Reveal DHS’s Slow Response to Election Cybersecurity Threats, Underscore Risks Posed by New Voting Technologies: EPIC has obtained additional documents related to federal efforts to respond to election cybersecurity threats in its suit against the Department of Homeland Security. The documents include summaries of: the DHS's contacts with election officials, state reports of election security incidents going back to 2016, meeting minutes from the DHS Election Task Force in 2017, and a September 2016 Election Infrastructure Cyber Risk Characterization Report. The incident logs reveal difficulties contacting campaign officials in the lead up to the 2016 Election and concern voiced within the agency about "unbalanced" outreach. And DHS contacts with state election officials were somewhat limited as some were wary that the critical infrastructure designation "would at a later time lead to regulation on states." In the September 2016 Election Infrastructure Cyber Risk Characterization Report, the DHS Office of Cyber and Infrastructure Analysis found that compromises in voter registration databases resulted in the potential release of personally identifiable information but not the modification of the underlying records. The DHS determined that exposure of this information could undermine public confidence in election systems. The DHS also counseled strongly against untested voting technologies, finding that the "introduction of new technologies in the voting system will increase vulnerabilities to the election system in the future," particularly the implementation of internet-connected voting systems. The case is EPIC v. DHS, 17-2047 (D.D.C.). (Aug. 19, 2020)
  • EPIC Seeks Release of Records About Election Cybersecurity: EPIC has filed a cross motion for summary judgement in EPIC v. DHS seeking records about the agency's assessment of election vulnerabilities in 2016 and 2018. EPIC filed the Freedom of Information Act lawsuit against the Department of Homeland Security after the agency designated election systems as "critical infrastructure" in 2017. The agency has released hundreds of pages of records to EPIC about the agency's role in election cybersecurity, but continues to withhold four categories of records including: (1) documents concerning contacts between DHS and state election officials, (2) Election Security Task Force meeting minutes, (3) the agency's assessment of cybersecurity risks to election infrastructure in September 2016, and (4) incident reports concerning vulnerabilities to election systems. EPIC explained that “[t]here is a profound and urgent public interest in the release of [these] records" because it "is necessary for the public to evaluate DHS's response to past incidents, to assess future threats to election systems, and to ensure accountability of the federal agency with the legal authority to safeguard our election systems." With the 2020 presidential election mere months away, it is critical that the public and Congress have access to these records so they can assess the effectiveness of the agency's election cybersecurity program and what steps the agency has taken to protect our democratic institutions. The case is EPIC v. DHS, No. 17-2047 (D.D.C.). (Jun. 26, 2020)
  • More top news »
  • EPIC Settles FOIA Case Regarding DHS Drone Reports » (May. 13, 2020)
    EPIC settled a Freedom of Information Act lawsuit against the Department of Homeland Security to obtain public release of a drone status report and other related documents required by a 2015 Presidential Memorandum. The memorandum required the report to detail the status of implementing privacy, civil liberties, and civil rights protections against DHS' use of surveillance drones. The 2015 DHS status report attempted to justify the use of drones by Customs and Border Protection, but a 2018 Inspector General report called into question the CBP's drone privacy policies and procedures. The Inspector General found that CBP failed to complete a required analysis for a drone surveillance system and failed to implement effective safeguards for information collected by drones. EPIC has called on Congress to "establish drone privacy safeguards that limit the risk of public surveillance."
  • EPIC Scrutinizes DHS "Insider Threat" Database » (Apr. 9, 2020)
    In detailed comments, EPIC criticized the DHS's proposed "Insider Threat" database that would give the agency vast amounts of personal data. EPIC urged DHS to limit the scope of data collection and to drop proposed Privacy Act exemptions that would diminish the agency's responsibilities for the data gathered. Citing the surge in data breaches, EPIC warned that DHS data practices pose a risk to federal employees. EPIC previously recommended privacy protections in background checks and warned against inaccurate, insecure, and overbroad government databases.
  • EPIC Obtains DHS Report About 2016 Election Threats » (Feb. 28, 2020)
    Through EPIC's lawsuit against the DHS, EPIC obtained a previously undisclosed Report about security breaches prior to the 2016 Presidential Election. The DHS/FBI report "Threats of Federal, State, and Local Government Systems" describes attacks on US elections and includes recommendations for cybersecurity risks. In the FOIA lawsuit, EPIC seeks to determine whether the DHS responded effectively to election security threats in 2016, The case is EPIC v. DHS, 17-2047 (D.D.C.).
  • House Votes to Ban Foreign-made Drones at DHS » (Feb. 11, 2020)
    The House passed H.R. 4357, which bans the use or purchase of foreign-made drones by the Department of Homeland Security. Last month, the Interior Department banned the use of foreign-made drones for non-emergency operations. The US government actions respond to growing concern that Chinese-made drones collect sensitive information in the United States. In 2012, EPIC and more than 100 experts petitioned the FAA to establish a rule to limit drones surveillance, but the agency failed to act. In recent comments to the FAA, EPIC warned the agency that regulating drone surveillance was essential to privacy and security. Last year, EPIC's Marc Rotenberg and Len Kennedy cited the FAA's failure to develop appropriate regulations in a commentary for the New York Times, and also warned that China's surveillance model requires "comprehensive privacy legislation to safeguard the personal data of Americans."
  • DHS Agrees to Release Documents About Election Cybersecurity to EPIC » (Nov. 27, 2019)
    EPIC and DHS have filed a joint status report in EPIC v. DHS. The federal agency has agreed to reprocess previously withheld documents about election security. EPIC filed a Freedom of Information Act lawsuit in 2017, immediately after the agency's decision to designate election systems as "critical infrastructure." The announcement followed the determination that Russia meddled in the 2016 presidential election. The designation also gave the DHS new responsibilities to help protect state election systems. Over the course of litigation, DHS has provided hundreds of pages to EPIC about the agency's role in election system security. But the agency has also withheld information sought by EPIC, including: (1) documents concerning contacts between DHS and State Election Officials, (2) Election Task Force meeting minutes, (3) documents about risk characterizations and analysis reports on Russian interference; and (4) incident reports and vulnerabilities in election systems. Because the 2020 election is fast approaching, EPIC sought the prompt release of these records so that Congress and the public could assess the effectiveness of the DHS security program. The recent court filing between EPIC and the DHS should move the process forward. The case is EPIC v. DHS, 17-2047 (D.D.C).
  • EPIC Obtains Docs about Critical Infrastructure Designation for Election Systems » (Nov. 18, 2019)
    In a FOIA lawsuit, EPIC has obtained an original draft of the proposal by former DHS Secretary Jeh Johnson to designate state election systems as critical infrastructure. Released in a set of previously withheld documents, the draft memo states "[g]iven the vital role elections play in this country, certain systems and assets of election infrastructure meet the statutory definition of critical infrastructure in fact and in law." The DHS policy was announced on January 6, 2017, the same day the ODNI found extensive Russian interference in the 2016 Presidential election. EPIC later litigated for the release of the complete ODNI report, which found that Russian intelligence services had "obtained and maintained access to elements of multiple U.S. state or local electoral boards." EPIC also obtained from DHS documents about the background and implementation of the critical infrastructure designation. Other documents released as a result of EPIC's suit show the DHS continued to encourage state efforts in election security by making federal resources available on a voluntary basis. The case is EPIC v. DHS, No. 17-2047.
  • EPIC to Congress: FOIA Critical to Homeland Security Oversight » (Oct. 18, 2019)
    EPIC has told a House committee that the Freedom of Information Act is critical to keep the Department of Homeland Security accountable. The House Homeland Security Committee held a hearing this week on "The Public’s Right to Know: FOIA at the Department of Homeland Security.” EPIC has brought many FOIA cases against the DHS, including those concerning backscatter x-ray devices in airports, a DHS program to track journalists, and the CBP biometric entry-exit system. In 2011, EPIC urged Congress to end the agency’s political review of FOIA requests. In 2012, EPIC led an effort to reform the DHS treatment of fee wavers. And in 2016, the DHS revised FOIA regulations, reflecting several of EPIC’s recommendations. In comments this week, EPIC observed that DHS’s FOIA processing does not compare favorably with other federal agencies. EPIC recommended that DHS improve the processing of FOIA requests and respond to appeal authorities. EPIC wrote that continued oversight of the DHS is critical. "No federal agency has greater budget authority to develop systems of surveillance directed towards U.S. residents,” EPIC said.
  • Congress to Consider Moratorium on Facial Recognition » (Aug. 22, 2019)
    POLITICO reports that House leaders will consider a moratorium on funding facial recognition following a House Oversight Committee hearing on DHS facial recognition programs. Prior to the hearing, EPIC briefed members of the House committee about the entry-exit program at US airports. Air travelers have reported that it is difficult to opt-out and the agency has still not conducted a required rulemaking. Last month, EPIC led a coalition of over 35 organizations urging Congress to halt the use of face recognition on the general public. In a statement in April to the House Appropriations Committee, EPIC recommended that Congress halt the funding for the facial recognition program at TSA, also within the DHS. After a Buzzfeed story featured documents obtained by EPIC about plans to expand facial recognition at airports, Senators Ed Markey (D-MA) and Mike Lee (R-UT) called for the suspension of the program.
  • Facing EPIC Lawsuit, DHS Suspends Media Monitoring Program » (Jul. 11, 2019)
    As the result of an EPIC lawsuit, the Department of Homeland Security has suspended a controversial effort to track journalists, news outlets, and social media accounts. The "Media Monitoring Services" platform would have included an "unlimited" database of personal information from journalists and media influencers, including location data, contact information, employer affiliations, and past content. EPIC filed suit last year to block the program, arguing that the DHS had failed to complete required Privacy Impact Assessments. In a settlement with EPIC, the agency acknowledged that it was not using the proposed system and agreed to complete required Privacy Impact Assessments before collecting personal data in the future. EPIC also obtained records showing that the DHS ignored the harms that media monitoring would have caused to privacy and press freedoms.
  • EPIC, Coalition Call for Suspension of Face Recognition by DHS » (Jul. 9, 2019)
    EPIC and over 35 organizations have urged Congress to halt the use of face recognition technology on the general public. The letter states that face recognition technology poses serious risks to privacy and civil liberties, threatens immigrants, broadly impacts American citizens, and has been implemented without proper safeguards or explicit Congressional approval. At a hearing this week, the House Homeland Security Committee will examinee face recognition technology. Documents previously obtained by EPIC under the FOIA, and featured at Buzzfeed, revealed flaws in facial recognition at airports. Bias is also a significant problem with the identification technique. EPIC highlighted these problems in comments to the agency and previously recommended a suspension of facial recognition at US airports.
  • EPIC to TSA: Conduct Rulemaking on Facial Recognition » (Apr. 26, 2019)
    In comments to inform the Transportation Security Administration's 2020 National Strategy, EPIC recommended that TSA to suspend the facial recognition program at US airports. EPIC wrote, "The TSA's use of facial recognition lacks the safeguards necessary for implementation." EPIC has also warned lawmakers and the DHS about the biometric border program that incorporates deploy facial recognition. EPIC has urged the agency to undertake a notice and comment rule making that would provide the public with the opportunity to comment on the controversial program. EPIC successfully required TSA to conduct a rulemaking on its deployment of airport body scanners in EPIC v. DHS. EPIC also recommended that TSA incorporate the Universal Guidelines for Artificial Intelligence, endorsed by over 300 organizations and experts, for AI-based systems.
  • EPIC Recommends Border Agency Adopt Universal Guidelines for Artificial Intelligence » (Apr. 11, 2019)
    In comments to Customs and Border Protection, EPIC recommended the adoption of the Universal Guidelines for Artificial Intelligence for a new boded controls system, the "21st Century Customs Framework." EPIC , stressed the need for transparency, accountability, and fairness in automated decisionmaking. EPIC explained “Although CBP claims that risk scores are only used on cargo,” the "impact falls on individuals.” EPIC previously submitted comments to the agency regarding the Automated Targeting System and the Intelligence Records System. Through FOIA, EPIC has also obtained information on the agency’s data systems, including the Analytical Framework for Intelligence, which assigns “risk assessments” to travelers, including U.S. citizens.
  • EPIC FOIA: EPIC Obtains DHS Drone Status Report » (Apr. 11, 2019)
    Through a Freedom of Information Act lawsuit, EPIC has obtained the DHS drone status report required by a Presidential Memorandum. The 2015 Memorandum required federal agencies to detail drone policies and procedures to protect privacy, civil rights, and civil liberties. The DHS report attempts to justify the use of drones by Customs and Border Protection, but a recent Inspector General report calls into question the CBP's policies and procedures. The Inspector General found that CBP failed to complete a required analysis for a drone surveillance system and failed to implement effective safeguards for information collected by drones. EPIC has called on Congress to "establish drone privacy safeguards that limit the risk of public surveillance."
  • EPIC Files First Lawsuit for Special Counsel Report on Russian Election Interference » (Mar. 22, 2019)
    EPIC has filed a Freedom of Information Act lawsuit to obtain the final report by Special Counsel Robert Mueller concerning Russian interference in the 2016 U.S. presidential election. Attorney General William Barr notified Congress on Friday that the Special Counsel had delivered the final report. In November 2018, EPIC submitted a detailed Freedom of Information Act request to the Department of Justice seeking records about the investigation. The Special Counsel was authorized to conduct an investigation into Russian interference, including "any links and/or coordination between the Russian government and individuals associated with the campaign of President Donald Trump." Special Counsel Mueller has since brought criminal charges against 34 individuals and three organizations. EPIC, through its Democracy and Cybersecurity Project, has pursued multiple FOIA cases concerning Russian interference with the 2016 election, including EPIC v. FBI (response to Russian cyberattacks), EPIC v. ODNI (Russian hacking), EPIC v. IRS I (release of Trump's tax returns), EPIC v. IRS II (release of Trump's offers-in-compromise), and EPIC v. DHS (election cybersecurity). The case for the release of the Mueller Report is EPIC v. DOJ, No. 19-810 (D.D.C.) [Exhibits].
  • EPIC Investigates the Transfer of Personal Data from DHS to Census Bureau » (Mar. 8, 2019)
    EPIC has submitted urgent Freedom of Information Act requests to the Department of Homeland Security (USCIS and the Office of Immigration Statistics) and the Census Bureau for records about the planned transfer of personal data from DHS to the Census Bureau. After a federal judge in California ruled that adding a citizenship question to the 2020 Census was unconstitutional, the AP reported that DHS would disclose to the Census Bureau personal data, including names, addresses, birth dates, Social Security numbers, and alien registration numbers. The Census Bureau confirmed that the agency was preparing an agreement with DHS to “receive administrative records.” In EPIC v. Commerce, EPIC alleges that the Bureau failed to conduct and publish required privacy impact assessments before making an uninformed decision to collect citizenship data. EPIC is seeking an injunction from the D.C. Circuit, which will hear arguments in the case in May. EPIC's appeal is EPIC v. Commerce, No. 19-5031 (D.C. Cir.).
  • DHS Privacy Advisory Committee Finalizes Facial Recognition Report » (Mar. 6, 2019)
    The DHS Privacy Advisory Committee issued final recommendations on facial recognition use at the border. The report examined transparency, data minimization, data quality and integrity, and accountability and auditing. The report said entrants to the U.S. need notice of their rights and how to exercise those rights. The final recommendations differed only slightly from the draft recommendations. In response to EPIC's comments, the final report included recommendations for increased reporting and research of facial recognition accuracy. However, the DHS report failed to address the lack of legal authorization for the facial recognition program or establish that the program is necessary for national security.
  • Senate Reports Detail Russian Russian Interference in 2016 Election » (Dec. 18, 2018)
    In a pair of reports released this week, the Senate Intelligence Committee provided fresh details on the extent of Russian interference in the 2016 election. Committee Chairman Richard Burr explained: "This newly released data demonstrates how aggressively Russia sought to divide Americans by race, religion and ideology, and how the IRA actively worked to erode trust in our democratic institutions. Most troublingly, it shows that these activities have not stopped." Shortly after the 2016 presidential election, EPIC filed a series of Freedom of Information Act lawsuits to determine the extent of Russian interference: EPIC v. FBI, EPIC v. ODNI, EPIC v. IRS I, and EPIC v. DHS. As EPIC President Marc Rotenberg explained in an op-ed in March 2017: "The public has a right to know the details when a foreign government attempts to influence the outcome of a U.S. presidential election. And the public has a right to know what steps have been taken to prevent future attacks."
  • EPIC to DHS Privacy Advisory Committee: End Facial Recognition » (Dec. 6, 2018)
    In response to a public notice by the Data Privacy and Integrity Advisory Committee, EPIC submitted comments urging the CBP to halt implementation of the biometric border program. EPIC stressed the need for federal regulation to safeguard privacy and prevent the misuse of facial recognition technology. EPIC called for a public rulemaking for the federal entry/exit program. EPIC also criticized the Committee's draft recommendations for facial recognition. EPIC said that the transfer of personal data from the State Department to the CBP was unlawful and that the opt-opt procedures were ignored in practice. Documents EPIC previously obtained in a FOIA lawsuit against CBP revealed that facial scanning did not perform operational matching at a "satisfactory" level.
  • Contrary to DHS Policy and Prior Statements, ICE Seeks NC State Voter Data » (Sep. 6, 2018)
    Immigration and Customs Enforcement has demanded that North Carolina provide over 18 million voter records from the past eight years. The subpoena is outside the Department of Homeland Security authority and goes against testimony by DHS Secretary Kirstjen Nielsen, who told Congress this year that DHS’s role is limited to voluntary requests for assistance from the states. Nielsen also wrote, in records obtained through an EPIC FOIA request, that associating the DHS with voter data collection “could disrupt critical efforts” to work with state officials on election cybersecurity. EPIC has long fought to ensure voter privacy and recently forced the defunct Presidential Election Commission to delete millions of state voter records unlawfully obtained.
  • EPIC Urges DHS To Abandon Privacy Act Exemptions for New Biometric Database » (Aug. 31, 2018)
    In comments to the Department of Homeland Security, EPIC urged the agency to withdraw proposed Privacy Act exemptions that would reduce privacy safeguards in the federal government. The Immigration Biometric and Background Check database will contain personal data on U.S. and non-U.S. citizens. DHS has proposed to exempt the database from several Privacy Act protections, including ensuring that records are accurate, timely, and complete. DHS also claims numerous “routine uses” that allow the agency to disseminate the data to law enforcement and intelligence agencies. EPIC has urged strict compliance with Privacy Act obligations and warned that inaccurate, insecure, and overbroad government databases threaten both privacy and national security.
  • D.C. Circuit Sets Date for Argument in EPIC v. IRS, FOIA Case for Trump's Tax Returns » (Jun. 19, 2018)
    The D.C. Circuit has scheduled oral argument in EPIC v. IRS, EPIC's Freedom of Information Act case to obtain public release of President Trump's tax returns. The Court will hear the case on Thursday, September 13, 2018. EPIC has argued that the IRS has the authority to disclose the President's returns to correct numerous misstatements of fact concerning his financial ties to Russia. For example, President Trump tweeted that "Russia has never tried to use leverage over me. I HAVE NOTHING TO DO WITH RUSSIA - NO DEALS, NO LOANS, NO NOTHING"—a claim "plainly contradicted by his own attorneys, family members, and business partners." As EPIC told the Court, "there has never been a more compelling FOIA request presented to the IRS." A broad majority of the American public favor the release of the President's tax returns. EPIC v. IRS is one of several FOIA cases EPIC is pursuing concerning Russian interference in the 2016 Presidential election, including EPIC v. FBI (response to Russian cyber attack) and EPIC v. DHS (election cybersecurity).
  • EPIC Pursues Privacy Impact Assessments for Proposed DHS Biometric Database » (Jun. 18, 2018)
    EPIC has submitted an urgent Freedom of Information Act request to the Department of Homeland Security seeking the Privacy Impact Assessment for the "Homeland Advanced Recognition Technology," a proposed system that will integrate biometric identifiers across the federal government. HART would replace IDENT, which now contains biometric records on over 220 million unique individuals. In 2015 a breach at the Office of Personnel Management compromised 22 m records, including 5 m digitized fingerprints. It appears that Homeland Security failed to complete the Privacy Assessment prior to launching HART. By law, a federal agency is required to conduct a Privacy Impact Assessment before procuring information technology that stores personally identifiable information. In EPIC v. Presidential Election Commission, EPIC challenged the failure of the Commission to undertake a Privacy Impact Assessment prior to the collection of state voter data. The Commission was shuttered earlier this year.
  • EPIC Sues to Obtain Privacy Impact Assessment for DHS Journalist Database » (May. 31, 2018)
    EPIC has filed a Freedom of Information Act lawsuit to obtain a Privacy Impact Assessment for "Media Monitoring Services," a controversial new database proposed by the Department of Homeland Security. In April, the DHS announced a system to track journalists and "media influencers" and to monitor hundreds of thousands of news outlets and social media accounts. Although the system is designed to monitor journalists, the federal agency failed to conduct a Privacy Impact Assessment as required by law. EPIC submitted a request for Assessment but the agency did not respond. EPIC has successfully obtained several Privacy Impact Assessments, including a related media tracking system (EPIC v. DHS) and for facial recognition technology (EPIC v. FBI). In EPIC v. Presidential Election Commission, EPIC challenged the Commission's failure to publish a Privacy Impact Assessment prior to collection of state voter data.
  • EPIC, Coalition Oppose State Department's Plan to Collect Social Media Identifiers of Visa Applicants » (May. 30, 2018)
    EPIC, the Brennan Center and 55 privacy, civil liberties, and civil rights organizations submitted comments opposing the State Department's plan to collect social media identifiers from individuals applying for visas. The coalition warned that the proposal would "undermine First Amendment rights of speech, expression, and association." Social media monitoring raises serious privacy and civil liberties issues. EPIC previously opposed the State Department's expansion of social media collection as well as a similar proposal by the Department of Homeland Security. In EPIC v. DHS, a 2011 Freedom of Information Act case, EPIC uncovered the first agency plan to monitor social media.
  • After EPIC Obtains FBI Victim Notification Procedures, Court Rules for Bureau » (May. 23, 2018)
    After EPIC obtained the FBI cyberattack victim notification procedures in Freedom of Information Act lawsuit EPIC v. FBI, a D.C. federal court has ruled that the agency may withhold remaining records explaining FBI's response to the Russian interference in the 2016 election. EPIC had argued that the FBI had failed to demonstrate that releasing records of the agency's response to cyberattacks would interfere with its investigation of the Russian interference. The "Victim Notification Procedures" obtained by EPIC led to Associated Press investigation which found that the FBI did not follow the Procedures and failed to notify U.S. officials that their email accounts were compromised. EPIC is currently pursuing related FOIA cases about Russian interference in the 2016 election, including EPIC v. IRS (Release of Trump Tax Returns) and EPIC v. DHS (election cybersecurity).
  • EPIC Obtains Comey's Memos Detailing Conversations with Trump » (May. 15, 2018)
    Through a Freedom of Information Act request, EPIC obtained declassified memorandums from former FBI Director James Comey detailing his conversations with President Trump from January to April 2017. The conversations include President Trump asking about the possibility of imprisoning journalists, dropping the investigation of former advisor Michael Flynn, and the need to "lift the cloud" of the Russia investigation. In early 2017, EPIC launched the Project on Democracy and Cybersecurity. EPIC is currently pursuing several FOIA cases concerning Russian interference with the 2016 election including: EPIC v. ODNI (Russian hacking), EPIC v. IRS (release of Trump's tax returns), and EPIC v. DHS (election cybersecurity).
  • Senators Urge DHS to Address Concerns Over Facial Recognition at Airports; Conduct Public Rule-Making » (May. 11, 2018)
    In a letter to DHS Secretary Kirstjen Nielson, Senators Edward Markey (D-MA) and Mike Lee (R-UT) urged the agency to promptly conduct a public rulemaking on the agency's biometric exit program prior to any expansion of the program. The program, currently implemented in nine U.S. airports, requires travelers on departing international flights to submit to facial recognition identification. The Senators requested that DHS determine the accuracy of the technique and the procedures for collecting passenger data. EPIC is currently pursuing documents about the biometric exit program, but documents EPIC obtained about a related program that tested iris and facial recognition scanning at the border revealed that the technology did not perform operational matching at a "satisfactory" level. An earlier EPIC lawsuit against the DHS led to the removal of backscatter x-ray devices — "body scanners" — at US airports.
  • Tax Day: EPIC Files Second Lawsuit to Obtain Trump Tax Records » (Apr. 17, 2018)
    EPIC has filed a second Freedom of Information Act lawsuit to obtain President Trump's tax records. EPIC is seeking information about IRS settlements involving the President and his businesses—information which the agency is required to disclose to the public upon request. The IRS agreed to process EPIC's request in February but has failed to release any records to date. EPIC previously sued the IRS for the release of the President's personal tax returns to correct misstatements of fact about his financial ties to Russia. President Trump tweeted "I HAVE NOTHING TO DO WITH RUSSIA - NO DEALS, NO LOANS, NO NOTHING"—a claim contradicted by the President's own lawyers. That case, EPIC v. IRS, is now before the D.C. Circuit Court of Appeals. EPIC is litigating several other FOIA cases about Russian interference in the 2016 Presidential election, including EPIC v. FBI (response to Russian cyber attack) and EPIC v. DHS (election cybersecurity).
  • EPIC FOIA: EPIC Sues DHS for Drone Reports » (Mar. 9, 2018)
    EPIC has filed a Freedom of Information Act lawsuit against the Department of Homeland Security to obtain the public release of information about the use of drones for domestic surveillance. EPIC cited a Presidential Memorandum that required all federal agencies to prepare public reports on drone deployment. EPIC's lawsuit charges that the DHS has failed to make these reports public. In a previous lawsuit against the DHS, EPIC obtained records which revealed that DHS drones had the capability to intercept electronic communications and identity humans at a distance. EPIC has also brought a lawsuit against the FAA to establish drone privacy regulations in the United States.
  • EPIC Presses Department of Defense on Privacy of Cyber Threat Information » (Feb. 27, 2018)
    In a statement to Congress in advance of a hearing on the Department of Defense's cyber operations, EPIC urged lawmakers to consider the privacy impact of cyber policies. The Cybersecurity Information Sharing Act of 2015 allowed the federal government to obtain cyber threat information from the private sector—much of which concerns the activities of individual Internet users—without privacy safeguards. EPIC urged Congress to ask Michael Rogers, the Commander of U.S. Cyber Command, about the steps the Defense Department will take to reduce privacy risks. EPIC previously sued the federal government for information regarding a Department of Homeland Security program that allowed the NSA to monitor the Internet traffic of defense contractors.
  • EPIC v. IRS: EPIC Urges D.C. Circuit to Green-Light Release of President Trump's Tax Returns » (Feb. 22, 2018)
    EPIC has filed the opening brief in its case to obtain President Trump's tax returns. EPIC told the D.C. Circuit Court of Appeals that the IRS has the authority to disclose the President's returns to correct numerous misstatements of fact concerning his financial ties to Russia. For example, President Trump tweeted that "Russia has never tried to use leverage over me. I HAVE NOTHING TO DO WITH RUSSIA - NO DEALS, NO LOANS, NO NOTHING"—a claim "plainly contradicted by his own attorneys, family members, and business partners." A Quinnipiac poll released today confirms that public overwhelmingly supports (67%) the release of the President's returns. As EPIC told the Court, "there has never been a more compelling FOIA request presented to the IRS." EPIC v. IRS is one of several FOIA cases EPIC is pursuing concerning Russian interference in the 2016 Presidential election, including EPIC v. ODNI (scope of Russian interference), EPIC v. FBI (response to Russian cyber attack), and EPIC v. DHS (election cybersecurity). Press Release.
  • Congressional Task Force Releases Report on Election Security » (Feb. 14, 2018)
    The Congressional Task Force on Election Security today released its final report detailing vulnerabilities in U.S. election systems. The report includes many recommendations, purchasing voting systems with paper ballots, post-election audits, and funding for IT support. The report also proposes a national strategy to counter efforts to undermine democratic institutions. Election experts have said that Congress has not done enough to safeguard the mid-term elections. In early 2017, EPIC launched the Project on Democracy and Cybersecurity. EPIC is currently pursuing several FOIA cases concerning Russian interference with the 2016 election, including EPIC v. FBI (cyberattack victim notification), EPIC v. ODNI (Russian hacking), EPIC v. IRS (release of Trump's tax returns), and EPIC v. DHS (election cybersecurity).
  • Senators Question Intelligence Officials on Russian Election Interference » (Feb. 13, 2018)
    The Senate Intelligence Committee held a hearing today with top officials from all U.S. intelligence agencies: Office of the Director of National Intelligence, CIA, NSA, Defense Intelligence Agency, FBI, and the National Geospatial-Intelligence Agency. The officials unanimously agreed that Russia interfered in the 2016 election and will interfere in the 2018 election, noting that they have already observed attempts to influence upcoming elections. Director of National Intelligence Dan Coats said: "There should be no doubt that Russia perceived that its past efforts as successful and views the 2018 U.S. midterm elections as a potential target for Russian influence operations." EPIC launched the Project on Democracy and Cybersecurity, after the 2016 presidential election, to safeguard democratic institutions. EPIC is currently pursuing several FOIA cases concerning Russian interference, including EPIC v. FBI (cyberattack victim notification), EPIC v. ODNI (Russian hacking), EPIC v. IRS (release of Trump's tax returns), and EPIC v. DHS (election cybersecurity). EPIC also provided comments to the Federal Election Commission to improve transparency of election advertising on social media.
  • EPIC FOIA: IRS Agrees to Fulfill EPIC's Request for Trump Tax Records » (Feb. 12, 2018)
    The IRS acknowledged that it will fulfill EPIC's FOIA request seeking certain tax records of President Trump and the President's businesses. It marks the first time, to EPIC's knowledge, that the IRS has agreed to process a third-party FOIA request for the President's tax information. EPIC is seeking tax records relating to settlements with the IRS, which the agency is required to disclose to the public upon request. EPIC previously sued the IRS for the release of the President's personal tax returns to correct misstatements of fact about his financial ties to Russia. President Trump tweeted "I HAVE NOTHING TO DO WITH RUSSIA - NO DEALS, NO LOANS, NO NOTHING"—a claim contradicted by the President's own lawyers. That case, EPIC v. IRS, is now before the D.C. Circuit Court of Appeals. EPIC is litigating several other FOIA cases about Russian interference in the 2016 Presidential election, including EPIC v. ODNI (scope of Russian interference), EPIC v. FBI (response to Russian cyber attack), and EPIC v. DHS (election cybersecurity).
  • EPIC Pursues Trump's IRS Records, Contradictory Statements about Financial Ties to Russia » (Feb. 5, 2018)
    EPIC has filed a new Freedom of Information Act request with the IRS, seeking tax-related records for President Trump's businesses. The new EPIC request follows EPIC's pending lawsuit for the release of Trump's personal tax returns. The request seeks the release of tax records concerning settlements with the IRS, which the agency is required to disclose to the public upon request. EPIC previously called on the IRS to release the President's tax returns to correct misstatements of fact about his financial ties to Russia. President Trump tweeted "I HAVE NOTHING TO DO WITH RUSSIA - NO DEALS, NO LOANS, NO NOTHING"—a claim contradicted by the President's lawyers. EPIC v. IRS, which is now before the D.C. Circuit Court of Appeals, is one of several FOIA cases EPIC is pursuing concerning Russian interference in the 2016 Presidential election. EPIC is also litigating EPIC v. ODNI (scope of Russian interference), EPIC v. FBI (response to Russian cyber attack), and EPIC v. DHS (election cybersecurity).
  • House Members Introduce Russian Election Meddling Bill » (Jan. 29, 2018)
    Rep. Ros-Lehtinen (R-FL) and Rep. Schneider (D-IL) introduced the Defending Elections from Threats by Establishing Redlines Act of 2018 to deter foreign interference in U.S. elections. The bipartisan legislation stipulates that if the Director of National Intelligence determines that the Russian government knowingly interfered in a U.S. election, the President is required to impose sanctions on Russia's aerospace, banking, defense, energy, intelligence and mining industries. The bill is a direct response to Russian interference in the 2016 Presidential election. EPIC is currently pursuing several related FOIA cases, including EPIC v. FBI (cyberattack victim notification), EPIC v. ODNI (Russian hacking), EPIC v. IRS (release of Trump's tax returns), and EPIC v. DHS (election cybersecurity).
  • EPIC FOIA: Report Reveals Failure of Border Biometric Matching Program » (Dec. 18, 2017)
    Through a Freedom of Information Act lawsuit, EPIC has obtained a report from Custom and Border Protection, which evaluated iris imaging and facial recognition scans for border control. The "Southwest Border Pedestrian Field Test" reveals that the agency program does not perform operational matching at a "satisfactory" level. In a statement to Congress earlier this year, EPIC warned that biometric identification techniques are unreliable and lack proper privacy safeguards. EPIC is pursuing related documents for the use of biometrics at airports. EPIC has extensively litigated airport screening techniques, including EPIC v. TSA (concerning body scanner modifications) and EPIC v. DHS (concerning full body scanner radiation risks).
  • EPIC Urges Congress to Examine FBI Response to Russian Cyber Attacks » (Dec. 5, 2017)
    EPIC has sent a statement to the House Judiciary Committee ahead of Thursday's FBI Oversight hearing. EPIC urged the Committee to question FBI Director Wray about the agency's ability to respond to future cyberattacks concerning the 2018 elections. A recent Associated Press investigation found that the FBI, the lead agency for cyber response, did not notify U.S. officials that their email accounts were compromised during the 2016 election. According to documents obtained by EPIC, the FBI is to notify victims of cyberattacks "even when it may interfere with another investigation or (intelligence) operation." EPIC obtained the FBI's Victim Notification Procedures through a Freedom of Information Act lawsuit, EPIC v. FBI, filed earlier this year. EPIC is currently pursuing several related FOIA cases about Russian interference in the 2016 Presidential election, including EPIC v. ODNI (Russian hacking), EPIC v. IRS (Release of Trump Tax Returns), and EPIC v. DHS (election cybersecurity).
  • EPIC FOIA - Rep. Ted Lieu Asks FBI to Explain Failure to Notify Russian Hacking Victims » (Nov. 28, 2017)
    In a letter to FBI director Christopher Wray, Rep. Ted Lieu (D-CA) asked the FBI to brief Congress on the agency's failure to notify victims targeted by the Russian hacking group Fancy Bear. Lieu's letter follows an Associated Press's (AP) investigation which found that the FBI did not notify U.S. officials that their accounts were compromised even though the FBI knew of the targeted cyber attacks and had primary responsibility in the federal government for notification. EPIC obtained the FBI's Victim Notification Procedures through a Freedom of Information Act lawsuit (EPIC v. FBI) filed earlier this year. The FBI policy calls for notifying victims of cyberattacks "even when it may interfere with another investigation or (intelligence) operation." EPIC is currently pursuing several related FOIA cases about Russian interference in the 2016 Presidential election, including EPIC v. ODNI (Russian hacking), EPIC v. IRS (Release of Trump Tax Returns), and EPIC v. DHS (election cybersecurity).
  • Nominee for DHS Secretary Favors Less Wall, More Surveillance Tech at Border » (Nov. 9, 2017)
    Today Congress considered the nomination of Kirstjen M. Nielsen as Secretary at the Department of Homeland Security. Ms. Nielsen opposes a border wall but suggested an expansion of border surveillance. "Technology, as you know, plays a key part, and we can't forget it," she said. EPIC is pursuing a FOIA request regarding the use of DHS drones for border surveillance. Earlier EPIC cases - including EPIC v. DHS which led to the removal of x-ray body scanners in US airports - revealed that technologies for border surveillance invariably impact the privacy rights of Americans. Ms. Nielsen views on the use of DACA applicant data for enforcement remains unclear. EPIC recently warned that 800,000 DACA applicants face privacy risks as a result of the decision to end the Deferred Action for Childhood Arrivals.
  • Senate Begins Investigation Into Russian Meddling » (Oct. 31, 2017)
    This week the Senate is holding two hearings to investigate Russians' use of social media platforms to influence the 2016 U.S. presidential election. Today, the Senate Committee on the Judiciary's Subcommittee on Crime and Terrorism is holding a hearing on "Extremist Content and Russian Disinformation Online: Working with Tech to Find Solutions." Representatives from Facebook, Twitter, and Google as well as foreign policy experts will testify. Tomorrow the Senate Select Committee on Intelligence will hold a hearing on "Social Media Influence in the 2016 U.S. Elections." In 2017, EPIC launched the Democracy and Cybersecurity project to preserve the integrity of democratic institutions. EPIC is currently pursuing several Freedom of Information Act cases to learn more about Russian interference in the 2016 Presidential election, including: EPIC v. ODNI (Russian hacking), EPIC v. FBI (Russian hacking), EPIC v. IRS (Release of Trump Tax Returns), and EPIC v. DHS (election cybersecurity).
  • EPIC Opposes DHS Plan for Social Media Surveillance » (Oct. 19, 2017)
    In comments to the Department of Homeland Security, EPIC opposed a plan to add social media information to the official files of all immigrants. EPIC said the DHS proposal threatens First Amendment rights, risked abuse, and would disproportionately impact minority groups. A coalition of organizations also submitted comments to express concern about the proposal. EPIC previously opposed a Customs and Border Protection proposal to collect social media identifiers from visa applicants. In a FOIA lawsuit against DHS, EPIC obtained documents which revealed that federal agencies gather social media comments to identify individuals critical of the government. EPIC is currently pursuing a FOIA request about a revised DHS plan to require disclosure of social media passwords before allowing entry into the country.
  • EPIC Sues Department of Homeland Security for Release of Russian Interference Records » (Oct. 4, 2017)
    EPIC has filed a Freedom of Information Act lawsuit against the Department of Homeland Security to obtain records related to Russian interference in the 2016 U.S. Presidential Election. Earlier this year, the DHS has designated state election systems as critical infrastructure and published a Joint Analysis Report acknowledging Russian interference with U.S. election systems. However, DHS has not provided any significant new information to the American public about the extent of the Russian interference. EPIC now seeks disclosure of the agency's "research, integration, analysis" related to the scope of Russian interference. EPIC's FOIA lawsuit follows H.Res. 235, a bill sponsored by Rep. Thompson (D-MS) that would have directed the DHS to provide this information to Congress, but was blocked by the House Homeland Security Committee. EPIC has filed several FOIA lawsuits to determine the scope of Russian interference. The cases include: EPIC v. FBI (Russian Hacking), EPIC v. ODNI (Russian Hacking), and EPIC v. IRS (Donald Trump's Tax Records).
  • TSA Proposal to Inspect Books at US Airports Raises First Amendment Concerns » (Jun. 27, 2017)
    The TSA is considering a requirement to remove books from carry-on luggage for inspection during security screenings. The procedure raises concerns that individuals may be singled out for their religious and political beliefs, implicating core First Amendment values. In 2015 a college student won a $25,000 settlement after he was detained by the TSA for carrying Arabic flash cards. EPIC has pursued litigation against invasive airport screening techniques. In EPIC v. DHS, EPIC successfully sued to require the Department of Homeland Security to obtain public comment on the use of body scanners in U.S. airports. The litigation also led to the removal the backscatter x-ray devices from airports. EPIC recently filed a FOIA request to determine why US travelers returning to the United States are subject to biometric identification. In numerous cases, including a recent case before the US Supreme Court, EPIC has argued for the freedom to without government surveillance.
  • EPIC Urges DHS To Abandon Privacy Act Exemptions for ICE Database » (Jun. 8, 2017)
    In comments to the Department of Homeland Security, EPIC urged the agency to withdraw proposed Privacy Act exemptions. The FALCON database contains detailed personal information on ICE and CBP employees, and individuals associated with ICE investigations including victims and witnesses. For this government database, DHS has proposed to exempt itself from several Privacy Act protections including ensuring that the records are accurate, timely, and complete. EPIC has consistently warned against inaccurate, insecure, and overbroad government databases. The FBI recently postponed an "Insider Threat" database that also lacked adequate Privacy Act safeguards.
  • EPIC Awarded Nearly $100,000 in Internet Surveillance Case » (Jun. 5, 2017)
    A federal judge in Washington, DC has issued a final order granting EPIC substantial attorney's fees in a long-running case against the Department of Homeland Security. EPIC sued the DHS in 2012 for information about a secret program to monitor Internet traffic. The "Cyber Pilot" program applied originally to defense contractors, but an executive order dramatically expanded the program, raising concerns about violations of federal wiretap law. EPIC's lawsuit produced the release of several thousand pages on the program. EPIC sought attorneys fees for the successful litigation, which the DHS opposed. In November, Judge Gladys Kessler ruled that EPIC was entitled to attorney's fees because it "substantially prevailed in [the] litigation" and added "to the fund of information that citizens may use in making vital political choices." On Monday, Judge Kessler confirmed that decision and awarded EPIC nearly $100,000 in fees—the largest such award in EPIC's history.
  • EPIC Continues Opposition to Social Media Searches of Visa Applicants » (May. 31, 2017)
    In comments to Customs and Border Protection, EPIC opposed a plan to obtain social media information from visa applicants. EPIC said the CBP proposal threatens First Amendment rights, risked abuse, and would disproportionately impact minority groups. EPIC has previously opposed proposals to collect social media information from individuals seeking to enter the United States. In a FOIA lawsuit against DHS, EPIC obtained documents which revealed that federal agencies gather social media comments to identify individuals critical of the government. EPIC is currently pursuing a FOIA request about a revised DHS plan to require disclosure of social media passwords before allowing entry into the country.
  • DC Circuit Rules in Second EPIC Airport Body Scanner Case » (May. 30, 2017)
    In a cursory per curium opinion, the D.C. Circuit denied EPIC's petition for review of the TSA's final rule mandating body scanners in U.S. airports. EPIC argued in EPIC v. DHS II that the TSA had failed to justify body scanners as compared with less invasive, more effective screening techniques, such as magnometers combined with explosive trace detection. Public comments overwhelmingly favored EPIC's recommendations to the federal agency. EPIC also argued that the TSA's decision to end the opt-out was contrary to the DC Circuit's earlier opinion EPIC v. DHS I which held that passengers could opt-out of the invasive screening technique. As Judge Ginsburg explained in the earlier case, "Despite the precautions taken by the TSA, it is clear that by producing an image of the unclothed passenger, an AIT scanner intrudes upon his or her personal privacy in a way a magnetometer does not." Judge Ginsburg further said, "any passenger may opt-out of AIT screening in favor of a patdown, which allows him to decide which of the two options for detecting a concealed, nonmetallic weapon or explosive is least invasive."
  • DHS Privacy Office Releases 2016 Report, Secret Profiling on the Rise » (Apr. 20, 2017)
    The Department of Homeland Security has released the 2016 Annual Data Mining Report. The report describes several of the agency's profiling systems that assign secret "risk assessments" to U.S. citizens. According to the DHS report, the Analytical Framework for Intelligence is accessible to several agency components, including the Citizenship and Immigration Services, the Coast Guard, and the Transportation Security Administration. Through a Freedom of information Act lawsuit, EPIC previously obtained important documents about the secretive scoring program. EPIC is now appealing EPIC v. CBP to the D.C. Circuit Court of Appeals to compel the release of additional documents.
  • EPIC, Coalition Urge DHS Secretary to Reject Social Media Password Requirement » (Apr. 18, 2017)
    EPIC has joined the Fly Don't Spy! campaign to urge DHS Secretary Kelly to reject plans to require to hand over passwords to the federal government. Such a requirement would undermine privacy and human rights, chill freedom of speech and association, and create greater security risks for travelers. Earlier this year, Secretary Kelly testified before Congress about collecting social media passwords. In response, EPIC immediately filed a Freedom of Information Act request regarding all DHS plans to use individuals' internet and social media information to vet potential entrants to the U.S.
  • Following Congress, EPIC Seeks Public Release of DHS Records on Russian Interference » (Mar. 31, 2017)
    EPIC has submitted an urgent Freedom of Information Act request for DHS's review of the Russian Interference with the presidential election. The EPIC FOIA request follows House Resolution 235, sponsored by Rep. Bennie Thompson (D-MS), which would direct the Secretary of Homeland Security to transmit DHS's documents related to Russian interference to the House of Representative. EPIC is now pursuing public release of the same records, and has notified Chairman Jason Chaffetz (R-UT) and Ranking Member Cummings (D-MD), of the House Oversight Committee of the pending FOIA request. Earlier this week, EPIC argued "the public has the right to know" about the extent of Russian interference with the 2016 election.
  • Court Rules in EPIC's Passenger Profiling Lawsuit Against DHS » (Mar. 24, 2017)
    A federal court in Washington, DC has issued a ruling in EPIC v. DHS, case involving a controversial passenger screening program operated by Customs and Border Protection. Under the program, CBP combines detailed personal information with secret algorithms to assign "risk assessments" to travelers—including US citizens. EPIC sued the DHS for information about the "Analytic Framework for Intelligence" program, and argued that the agency unlawfully withheld records under the Freedom of Information Act. As a consequence of the EPIC FOIA lawsuit, EPIC obtained important documents and prevailed in an earlier phase of the case. However, the Court declined to order the further release of certain training materials for the profiling system EPIC sought. EPIC is currently deciding whether to pursue further a legal challenge to the agency's withholding.
  • EPIC Submits FOIA Request Seeking Documents on Airline Electronics Ban » (Mar. 22, 2017)
    EPIC has submitted a Freedom of Information Act request to the TSA seeking information on the recently announced ban on electronics on flights bound for the United States. The ban applies to ten airports in eight majority Muslim countries. EPIC is seeking documents related to the reasons for implementing the ban as well as documentation on TSA policies and procedures for searching electronics in checked luggage. EPIC regularly submits FOIA requests to government agencies and is also seeking information on eye scans conducted at US airports on US travelers. In EPIC v. DHS, EPIC is challenging the TSA's efforts to mandate airport body scanners.
  • EPIC Obtains Documents About DHS Immigration Enforcement Priorities » (Feb. 23, 2017)
    As a result of a Freedom of Information Act request, EPIC has obtained over 650 pages about DHS's immigration enforcement priorities. The documents detail the "Priorities Enforcement Program," a controversial program that relied on biometric data collection for immigration enforcement. EPIC recently submitted two new urgent FOIA requests to DHS, the first about DHS plans to step up social media monitoring and a second to reveal the agency's compliance with recent immigration court orders. This week, EPIC also prevailed in a FOIA lawsuit for public release of privacy assessments the FBI is required to prepare.
  • Coalition Urges UN to Investigate US Social Media Monitoring » (Feb. 16, 2017)
    A coalition of human rights groups is urging the UN to investigate reports that the US is demanding entrants provide access to their cell phones and social media accounts. "These practices persist in violation of the United States human rights treaty obligations and your action is needed to hold the government accountable," the group stated in a letter to the the UN High Commissioner on Human rights and other UN offices. EPIC recently submitted an urgent request for disclosure of DHS plans to step up social media monitoring, and previously prevailed in a lawsuit against the agency to reveal records of its monitoring programs. EPIC's Privacy Law Sourcebook 2016, available in the EPIC bookstore, provides an overview of privacy frameworks around the world and tracks emerging privacy challenges.
  • Senators Calls for Answers from Secretary Kelly on Privacy Act Exclusion » (Feb. 9, 2017)
    In a letter to DHS Secretary Kelly, Senator Markey (D-MA) and five other Senators pressed DHS about the impact of an Executive Order limiting federal Privacy Act protections. "These Privacy Act exclusions could have a devastating impact on immigrant communities and would be inconsistent with the commitments made when the government collected much of this information," the Senators contended. The Senators also called on Secretary Kelly to explain the Order's impact on international commitments that permit U.S. firms to obtain access to the data of European consumers. EPIC is participating in Data Protection Commissioner v. Facebook, a case which follows a landmark decision that found insufficient legal protections for the transfer of European consumer data to the United States.
  • EPIC Pursues FOIA Requests at DHS Concerning Aerial Surveillance, Social Media Monitoring, and ID Theft » (Feb. 8, 2017)
    EPIC has submitted an urgent FOIA request to the Department of Homeland Security about aerial surveillance, social media monitoring and ID theft following statements made by DHS Secretary John Kelly in a Congressional hearing on Homeland Security. The Secretary described plans to expand the use of "aerostats" (surveillance blimps) and monitoring of social media. The Secretary also stated that he has been a victim of data breach. The EPIC FOIA request follows earlier cases brought by EPIC which revealed efforts by the DHS to expand aerial surveillance within the United States, develop techniques for "pre-crime" detection, interrupt Internet service, as well as the impermissible monitoring of social media services and news organizations.
  • EPIC FOIA: EPIC Seeks Information About Immigration Executive Order » (Feb. 3, 2017)
    EPIC has filed an urgent FOIA request with the Department for Homeland Security for further information about a DHS press release on "Compliance With Court Orders And The President's Executive Order." The DHS Press Release follows an Executive Order on entry to the United States and a series of court decisions suspending the Order. EPIC is now seeking details about the DHS's activities, including communications with other agencies, communications with airlines, and legal memos supporting the agency's actions. The Inspector General of DHS also announced an investigation to review "allegations of individual misconduct on the part of DHS personnel." EPIC cited both an "urgency to inform the public" and "exceptional media interest" in questions about the "government's integrity" in support of the request for expedited processing. EPIC will continue to press the DHS for prompt release of the documents sought. More information about EPIC's FOIA work is available on the FOIA Case page.
  • EPIC Seeks Public Release of Secret Directive on Cybersecurity » (Jan. 28, 2017)
    EPIC has filed an urgent FOIA request with the DHS, the Department of Justice, and the NSA, seeking the expedited release of NSPD-1. The National Security Presidential Directive sets out procedures for cybersecurity "policy coordination, guidance, dispute resolution, and periodic in-progress review." EPIC has previously litigated, and successfully obtained, NSPD-54, a Presidential Directive concerning the NSA's authority to conduct surveillance within the United States.
  • Government Breaches Continue, Hacker Compromises more than 130,000 Navy Records » (Nov. 29, 2016)
    In the latest government data breach, the Navy reported that a hacker gathered the personal data of more than 130,000 current and former sailors from a laptop that belonged to a government contractor. Government security vulnerabilities are on the rise. In 2015, the records of more than 21 million federal workers, friends and family members were breached. In 2016, EPIC urged candidates for office to focus on "data protection." EPIC has warned that inaccurate, insecure, and overbroad government databases pose a risks to the safety of Americans. Earlier this year, EPIC urged the Dept. of Defense and Dept. of Homeland Security to drop proposals to expand government databases that lacked adequate privacy safeguards.
  • FBI to Monitor Twitter » (Nov. 29, 2016)
    According to FBI contracting documents, the FBI has hired Dataminr to monitor in real-time more than 500 million daily tweets. EPIC has warned that these techniques of mass surveillance will subject more innocent people to government investigation. In 2012, EPIC successfully obtained documents detailing the social media monitoring program of the Department of Homeland Security, including instructions to analysts to monitor critics of the agency. EPIC's FOIA work led to a Congressional hearing on social media monitoring and government surveillance.
  • DHS Releases Revised FOIA Regulations, Agrees and Disagrees with EPIC's Suggestions » (Nov. 23, 2016)
    The Department of Homeland Security has released revised Freedom of Information Act regulations. EPIC submitted extensive comments on the proposed changes to the agency's open government practices. The DHS agreed to make some changes, recommended by EPIC, that should improve the processing of FOIA requests. The agency maintained a broad definition of "educational institutions" so that individual researchers will be able to access government records at minimal cost, and clarified steps that could be taken to delay "administrative closure," a controversial agency practice. The agency disagreed with EPIC about agency referrals, the definition of "commercial interest," and the routine release of public information to general public.
  • Report: Facial Recognition is Expansive, Unregulated; Coalition Calls for DOJ Review » (Oct. 18, 2016)
    EPIC and a coalition of civil liberties organizations urged the Justice Department to review the disparate impact of facial recognition. The letter follows a report on law enforcement use of the technology. The report builds on work pursued by EPIC and others. Freedom of Information Act documents obtained by EPIC showed that the DHS system lacked privacy safeguards, the FBI accepts a 20% error rate for its Next Generation Identification system and has agreements to run facial recognition searches on DMV databases. In 2012, EPIC urged the Federal Trade Commission to suspend the use of facial recognition techniques pending the establishment of legal safeguards. And the 2009 Madrid Privacy Declaration, authored by NGOs and privacy experts, calls for a moratorium on the face scanning technology.
  • EPIC Opposes DHS Plan to Collect Social Media Identifiers » (Sep. 30, 2016)
    In comments to the Department of Homeland Security, EPIC urged the agency to drop a plan to review the social media accounts of people seeking to visit the U.S. EPIC argued that the proposal threatens important First Amendment rights, risked abuse, and would disproportionately impact against minority groups. Documents obtained by EPIC in 2011 in a Freedom of Information Act lawsuit revealed that the DHS gathered social media comments to identify individuals, including US citizens, critical of the agency and the government. A 2012 Congressional hearing, based on the documents obtained by EPIC, revealed bipartisan opposition to the original DHS social media monitoring program. 
  • EPIC Opposes DHS Plan to Collect Social Media Identifiers » (Aug. 23, 2016)
    In comments to the Department of Homeland Security, EPIC urged the agency to drop a plan to review the social media accounts of people seeking to visit the U.S. EPIC argued that the proposal threatens important First Amendment rights, risked abuse, and would disproportionately impact against minority groups. Documents obtained by EPIC in 2011 in a Freedom of Information Act lawsuit revealed that the DHS gathered social media comments to identify individuals, including US citizens, critical of the agency and the government. A 2012 Congressional hearing, based on the documents obtained by EPIC, revealed bipartisan opposition to the original DHS social media monitoring program.
  • FOIA Ombudsman Releases First Part of "Still Interested" Report » (Apr. 27, 2016)
    In response to a letter from EPIC and open government advocates, the FOIA ombudsman has issued the first part of a report on the use of "still interested" letters by federal agencies. The DHS and other agencies have sent these letters to prematurely terminate FOIA requests. In 2014, an EPIC-led coalition urged the Office of Government Information Services to investigate the pervasive use of such letters. In today's report, OGIS found that there is no "guidance or standard for reporting requests that agencies close" through "still interested" letters, and that it does not yet understand the impact such letters have on FOIA requesters.
  • TSA Releases New Body Scanner Document to EPIC » (Apr. 25, 2016)
    In response to an EPIC FOIA request, the Transportation Security Administration has released a document describing the technical capabilities of the airport body scanners. EPIC previously obtained documents from TSA revealing that body scanners can record, store, and transmit digital strip search images of airline passengers. Last month, the TSA issued a regulation on airport body scanners, nearly five years after a federal appeals court ordered the agency to "promptly” undertake a rule making. In 2011, EPIC successfully challenged the TSA's unlawful deployment of airport body scanners. Despite public comments that overwhelmingly favor less invasive security screenings, the TSA plans to use invasive body scanners at US airports. The TSA also said it may mandate airport body scanners, even though the agency previously told the D.C. Circuit that the body scanner program was optional and the federal appeals court upheld the program, relying on the agency’s statements.
  • DHS, Federal Agencies Publish 2016 FOIA Reports » (Apr. 6, 2016)
    Most federal agencies, including the Department of Homeland Security, have now published the 2016 FOIA Reports. These annual reports, required by former Attorney General Holder's 2009 FOIA Memo, describe each agency's compliance with the FOIA, including steps to taken to improve processing and promote openness. The federal FOIA ombudsman is currently investigating the practices of six DHS component agencies in response to a 2015 letter from EPIC and open government advocates. EPIC and other have recently urged the President to support bipartisan legislation aimed at improving the FOIA.
  • EPIC Recommends Greater Accountability for Government Screening Database » (Feb. 23, 2016)
    EPIC submitted comments to DHS urging the agency to improve transparency and privacy protections for the controversial Terrorist Screening Database that is used for Watchlist programs, such as the No Fly List, containing information that is often inaccurate and incomplete. The agency solicited comments on a proposal to remove Privacy Act safeguards while simultaneously expanding data collection and distributing data more widely across the DHS. EPIC and many other organization opposed the establishment of the Screening Database and called for the suspension pending a full review of the privacy and security implications. EPIC has testified before Congress about the risks of the Watchlist program.
  • EPIC, Coalition Call for Congressional Hearings on Unlawful TSA Mandate for Body Scanners » (Jan. 13, 2016)
    EPIC and 25 organizations have urged Congress to hold a hearing on TSA's decision to end the opt-out for airport body scanners. Dozens of organizations petitioned the DHS secretary in 2010 to solicit public comments on the original program. In EPIC v. DHS the lawsuit that followed, the D.C. Circuit ruled that TSA violated federal law when it installed body scanners in airports without public comment. The agency said at the time that the body scanner program was optional. The Court also concluded because "any passenger may opt-out of AIT screening in favor of a patdown" there was no violation of the Fourth Amendment.
  • Supreme Court Denies EPIC's Petition to Obtain Cellphone Shutdown Policy » (Jan. 11, 2016)
    Today, the U.S. Supreme Court declined to review EPIC v. DHS, concerning the government's cellphone shutdown policy. EPIC had pursued the secret policyafter government officials disabled cellular service at a BART station in San Francisco during a peaceful protest. A district court in Washington, D.C. ruled in EPIC's favor when the DHS sought to withhold the policy, but the court of appeals later overturned the ruling. EPIC urged the Supreme Court to review the case to resolve a conflict between the D.C. Circuit and the Second Circuit Courts of Appeals. EPIC also pointed to competing public safety interests when cell service is disabled, but the Court declined. Despite today's order, EPIC successfully obtained a redacted version of the shutdown policy.
  • EPIC Opposes Sea Traveller Surveillance Program » (Jan. 4, 2016)
    In comments to the DHS, EPIC criticized a proposal to collect detailed records on people traveling by boat. The DHS is planning to track people arriving and departing the United States by sea, including between ports within the United States. However, DHS will ignore Privacy Act protections, and make the data collected routinely available to private companies and foreign governments. The proposal, explained EPIC, would "create a massive government database of detailed personal information that lacks accountability." EPIC has opposed other boat surveillance programs. And a FOIA case pursued by EPIC about a controversial boater tracking program revealed that the DHS fuses tracking data with other intelligence data to develop detailed profiles on boaters.
  • Ignoring Federal Law, TSA Drops Opt-Out Option for Body Scanners » (Dec. 19, 2015)
    The TSA has used a "Privacy Impact Assessment Update" to announce an unlawful procedure for screening air travelers in the United States. The agency claims that it may "mandate body scanner screening for some passengers." In EPIC v. DHS (Suspension of Body Scanner Program, the D.C. Circuit Court of Appeals ruled that the screening was Constitutional because passengers could always opt out. As Judge Ginsburg explained, "any passenger may opt-out of AIT screening in favor of a patdown, which allows him to decide which of the two options for detecting a concealed, nonmetallic weapon or explosive is least invasive. "The TSA has also failed to "act promptly," as the Court mandated, to finalize the legal authority for the program.
  • DHS and State Department Pushing for Increased Social Media Monitoring » (Dec. 16, 2015)
    According to reports and statements from former Homeland Security officials, the DHS has initiated three "pilot programs" to analyze social media posts during the visa review process. Prior to 2014, a DHS policy prohibited social media monitoring by immigration officials. EPIC successfully obtained documents in 2012 detailing the DHS social media monitoring policies, including instructions to analysts to monitor criticism of the agency. EPIC also submitted a letter to congressional leaders, outlining how DHS officials misrepresented their policies in a Homeland Security Committee hearing. EPIC wrote that the DHS' monitoring program should be suspended, as it exceeds the agency's statutory authority and chills First Amendment activity.
  • D.C. Circuit Orders TSA to Produce Schedule for Final Rule on Body Scanners » (Oct. 23, 2015)
    The Court of Appeal for the D.C. Circuit today ordered TSA to comply with the ruling in EPIC v. DHS and conduct an "expeditious" rulemaking on the use of body scanners at airports. EPIC successfully sued TSA in 2011 to compel notice-and-comment rulemaking after the agency failed to solicit public comments as required by law. EPIC said the body scanner program was "unlawful, invasive, and ineffective." The backscatter x-ray devices were subsequently removed from U.S. airports, though the millimeter devices remain. In 2015 the Competitive Enterprise Institute filed a petition to compel TSA to issue a final rule as required by the EPIC v. DHS mandate. TSA now has 30 days to submit a rulemaking plan to the court.
  • Government Gets Second Extension in EPIC Supreme Court Case about Cellphone Shutdown Policy » (Oct. 12, 2015)
    The US Supreme Court has granted the Solicitor General more time to respond to EPIC's charges that the government's effort to keep under wraps a controversial cellphone shutdown policy violates the law. EPIC has pursued public release of the government policy since BART subway officials shut down cellphone service during a peaceful protest in 2011. After EPIC prevailed in district court and a judge ordered release of the policy, the government appealed and a federal appeals court reversed. In the Supreme Court petition, EPIC argued that the was "contrary to the intent of Congress, this Court's precedent, and this Court's specific guidance on statutory interpretation." The government's response is now due on November 13.
  • EPIC Sues Coast Guard, DHS for Information on Boater Tracking Program » (Sep. 20, 2015)
    EPIC has sued the U.S. Coast Guard and the Department of Homeland Security to obtain information on a federal government program to track and record the location of boaters. According to EPIC, the DHS intends to transfer the data from the Nationwide Automatic Identification System to federal and state agencies, as well as foreign governments. "The NAIS program exceeds the stated purpose of marine safety and constitutes an ongoing risk to the privacy and civil liberties of mariners across the United States," wrote EPIC in the FOIA lawsuit. The boating community has expressed concern over the tracking program. A previous FOIA request from EPIC to the agency went unanswered. Press Release - EPIC v. CG, DHS, No, 15-1527.
  • Government Gets Extension in EPIC Supreme Court Case about Cellphone Shutdown Policy » (Sep. 14, 2015)
    The US Supreme Court has granted the Solicitor General extra time to respond to EPIC's charges that the government's effort to keep under wraps a controversial cellphone shutdown policy violates the law. EPIC has pursued public release of the government policy since BART subway officials shut down cellphone service during a peaceful protest in 2011. After EPIC prevailed in district court and a judge ordered release of the policy, the government appealed and a federal appeals court reversed. In the Supreme Court petition, EPIC argued that the was "contrary to the intent of Congress, this Court's precedent, and this Court's specific guidance on statutory interpretation." The government's response is now due on October 14.
  • Following EPIC Complaint, FOIA Ombudsman Announces Investigation of Practices at DHS » (Aug. 28, 2015)
    The federal FOIA ombudsman has informed EPIC that it is investigating the FOIA practices of six DHS component agencies. In 2014, EPIC and a dozen open government organizations urged the Office of Government Information Services to investigate the impermissible closures of FOIA requests. Through "still interested" letters, some federal agencies notify FOIA requesters that unprocessed requests will be closed by the agency if there is no further communication. EPIC and the open government groups object to the practice and reminded OGIS that "no provision in the [FOIA] allows for administrative closures." An earlier EPIC letter to OGIS led to a reduction of fee payments for FOIA requesters.
  • Federal Court: DHS Failed to Justify Withholdings in Defense Contractor Monitoring FOIA Case » (Aug. 5, 2015)
    In EPIC v. DHS, a federal district court ruled that the Department of Homeland Security failed to justify withholding documents subject to the Freedom of Information Act. EPIC sued DHS to compel the disclosure of records relating to a cybersecurity program designed to monitor traffic flowing through ISPs to a select number of defense contractors. The court concluded that the agency's argument relied on "a weak assumption," but will allow the agency to submit a revised justification for withholding the records. EPIC previously won a five-year legal battle to release NSPD-54, the foundational legal document for U.S. cybersecurity policies.
  • Appeals Court Turns Down EPIC's Challenge to Cellphone Shutdown Secrecy » (May. 14, 2015)
    The Court of Appeals for the D.C .Circuit has denied EPIC's petition for further review of EPIC v. DHS, 14-5013. The Court sided with the DHS earlier this year, ruling that the agency could withhold from the public its cellphone shutdown policy. EPIC then asked that the full Court review the earlier ruling, arguing that the three-judge panel misconstrued the relevant law. The case is now headed back to the district court to determine which portions of the secret document the DHS must release. EPIC brought the case after cellphone service in a BART station was shutdown in advance of a peaceful protest.
  • Court Orders Government to Respond to EPIC's Petition in Case Over Cell Phone Shutdown Policy » (Apr. 3, 2015)
    The federal appeals court in Washington, DC, has ordered DHS to respond to EPIC's petition to reconsider a recent decision allowing the federal agency to withhold the criteria for shutdown of cell phone networks. EPIC sued the DHS for the policy following a 2011 San Francisco BART incident, when government officials shut down cell phone service during a peaceful protest. EPIC argued that the recent decision would "create an untethered national security exemption for law enforcement agencies," and is contrary to other court decisions and the intent of Congress. The appeals court has determined that the government must respond to EPIC's petition.
  • EPIC Continues Pursuit of Network Shutdown Policy » (Mar. 27, 2015)
    Today EPIC filed a Petition in the federals appeal court in Washington, D.C., seeking review of a recent opinion allowing DHS to withhold the criteria to shutdown cell phone networks. EPIC sued the agency for the shutdown policy following a 2011 San Francisco BART incident, where government officials shut down cell phone service during a peaceful protest. In its Petition, EPIC argued that the recent decision would "create an untethered national security exemption for law enforcement agencies," and is contrary to other court decisions and the intent of Congress.
  • EPIC Files Lawsuit for Details About Government "Pre-crime" Program » (Feb. 26, 2015)
    EPIC has filed a Freedom of Information Act lawsuit about "Future Attribute Screening Technology", a "Minority Report" program that purports to identify individuals who will commit crimes in the future. EPIC filed the complaint after the DHS failed to respond to EPIC's FOIA request for information. EPIC charged that the agency uses secret algorithms to identify behavioral "abnormalities" that the agency claims indicate "mal intent." "Minority Report" is a 2002 movie with Tom Cruise about "a special police unit is able to arrest murderers before they commit their crime."
  • In EPIC v. DHS, DC Circuit Backs Agency Secrecy on "Internet Kill Switch" » (Feb. 10, 2015)
    The federal court of appeals based in Washington, DC has ruled that the Department of Homeland Security may withhold from the public a secret procedure for shutting down cell phone service. EPIC pursued the DHS policy after government officials in San Francisco disabled cell phone service during a peaceful protest in 2011. EPIC sued DHS when the agency failed to release the criteria for network shutdowns. A federal judge ruled in EPIC's favor. On appeal, the D.C. Circuit held for the DHS but said that the agency might still be required to disclose some portions of the protocol.
  • EPIC to Argue Before DC Circuit for Release of Cell Phone Shutdown Policy » (Dec. 9, 2014)
    This week EPIC President Marc Rotenberg will argue EPIC v. DHS, No. 14-5013 before the US Court of Appeals for the DC Circuit. At issue is the public release of the policy - "SOP 303" - to shut down cell phone service in the United States. EPIC filed a filed a Freedom of Information Act request for the policy after government officials shut down cell phone service during a peaceful protest at BART subway stations in San Francisco. The government first contended it could not find the document, then located the document, then claimed it was exempt from disclosure. EPIC filed suit against the agency and a federal court ruled in EPIC's favor. On appeal, the government argued the decision should be reversed. EPIC responded that the decision was correct and SOP 303 should be released. The DC Circuit will hear arguments Thursday morning. For more information, see EPIC v. DHS - SOP 303.
  • Post-Snowden, Social Media Users Concerned About Access to Personal Data » (Nov. 13, 2014)
    According to the Pew Research Report "Public Perceptions of Privacy and Security in the Post-Snowden Era," most users of social media are very concerned about businesses and government accessing their personal data. 80% of adults "agree" or "strongly agree" that Americans should be concerned about the government's monitoring of phone calls and internet communications. 64% believe there should be more regulation of advertisers. Almost all users rank their social security number as the most sensitive piece of personal data. EPIC has asked the House Committee on Homeland Security to suspend a DHS program that is monitoring social networks and media organizations. EPIC has recommended that the FTC to establish privacy protections for online advertising. EPIC has also urged the US Congress over many years to limit the use of the Social Security Number for commercial purposes. For more information, see EPIC: Public Opinion on Privacy, EPIC: Facebook Privacy, EPIC: Social Media Monitoring, and EPIC: Social Security Numbers.
  • Department of Homeland Security Releases 2014 Privacy Report » (Oct. 2, 2014)
    The Department of Homeland Security released the 2014 Privacy Office Annual Report to Congress. The report describes a joint review conducted with the European Commission regarding the transfer of EU Passenger Name Records to the US. The European Commission found the redress mechanisms were lacking for passengers denied boarding. The Commission also found that DHS would often review passenger records without a legal reason. The Annual Report describes the sixth Compliance Review of the department’s social media monitoring program. The review found that the DHS began collecting GPS and geo-location of Internet users without assessing or mitigating the privacy risks. In 2012, EPIC obtained FOIA documents revealing that the Department of Homeland Security monitored social media for political dissent. For more information, see EPIC: EU-US Airline Passenger Data Disclosure and EPIC: EPIC v. DHS - media monitoring.
  • Pew Survey: Users Online Self-Censor Discussion of Government Surveillance » (Sep. 9, 2014)
    According to the Pew Research Report "Social Media and the 'Spiral of Silence,'" most users of social media are afraid to talk about government surveillance on Facebook, Twitter, and other social platforms. Users were more willing to share their views on government surveillance if they thought others shared the same view. Those who thought they held minority views were more likely to self-censor—an effect known as the "spiral of silence." In 2012, EPIC obtained FOIA documents revealing that the Department of Homeland Security monitored social media for political dissent. A subsequent Congressional hearing led the DHS to cancel the program. For more information, see EPIC v. DHS: Media Monitoring and EPIC: Public Opinion on Privacy.
  • Security Experts: EPIC Correct About Body Scanners-Invasive and Ineffective » (Aug. 22, 2014)
    The first independent analysis of backscatter x-ray body scanners corroborate the claims EPIC and others have made for several years: The scanners are invasive and ineffective. In a detailed report published in 2005, EPIC warned that the x-ray body scanners amounted to a virtual strip search and were an ineffective means of airport security. Freedom of Information Act documents later obtained by EPIC revealed that TSA could disable the body scanner's privacy settings, the nude images could be stored on the machines, and the scanners ran on a standard operating system making them vulnerable to outside security threats. EPIC and a coalition of civil liberties organizations then petitioned DHS Secretary Napolitano to suspend the program. When the DHS failed to do so, EPIC sued the agency. The D.C. Circuit Court of Appeals ruled in EPIC v. DHS that the agency must begin a public rule making. The backscatter X-ray scanners were subsequently removed from US airports. For more information, see EPIC: EPIC v. DHS (Suspension of Body Scanner Program) and EPIC: Whole Body Imaging Technology.
  • Congress Investigates Airline Privacy Practices » (Aug. 20, 2014)
    Senator John Rockefeller (D-WV) is currently seeking information from ten U.S. airlines concerning how airlines safeguard consumer traveler data. Senator Rockefeller has requested information regarding: (1) the type of information airlines collect; (2) airlines' data retention periods; (3) airline privacy and security safeguards governing consumer information; (4) whether consumers may access and amend their information; (5) whether airlines sell or disclose consumer information and if so, to whom do they disclose the consumer data; and (6) how airlines inform consumers about airline privacy policies governing consumer information. EPIC routinely urges the Department of Homeland Security to provide privacy protections for air travelers and end the agency's secret "risk-based" passenger profiling. For more information, see EPIC: Air Travel Privacy, EPIC: Passenger Profiling, EPIC: Secure Flight, and EPIC: EPIC v. DHS (Suspension of Body Scanner Program).
  • EPIC Defends FOIA Victory in Federal Appeals Court » (Jul. 8, 2014)
    EPIC has filed a brief in response to an appeal by the Department of Justice in EPIC v. DHS, concerning the government policy to disrupt cellular networks. EPIC won a major FOIA victory when a federal district court ruled that the DHS could not withhold "SOP 303," a government procedure to shut down cellular phone service. EPIC sought the policy after authorities shut down cell phone service at a peaceful protest in San Francisco. The government argued it did not need to release the document to EPIC because it was a "law enforcement technique" and because it would endanger the physical safety of an individual. The federal court rejected those arguments and ordered that the document be disclosed to EPIC, pending a decision on the appeal. For more details, see EPIC v. DHS—SOP 303.
  • Senate to Hold Homeland Security Oversight Hearing » (Jun. 10, 2014)
    The Senate Judiciary Committee will hold an oversight hearing for the Department of Homeland Security. Secretary Jeh Johnson will testify. EPIC has objected to many of the agency's mass surveillance practices, including the secret profiling of American air travelers, the use of drones for aerial surveillance, the amassing of information on Americans into "fusion centers", and the collection of biometric identifiers. EPIC has also warned that the DHS Chief Privacy Officer has failed to safeguard privacy, a legal obligation for that office. According to the DHS, the number of privacy complaints increased in 2013. EPIC has several Freedom of Information Act case pending against the DHS. In an earlier case, EPIC determined the DHS was monitoring social media and news organizations for criticisms of the agency. Another EPIC case led to the removal of the x-ray backscatter devices from US airports. For more information, see EPIC v. DHS - Social Media Monitoring and EPIC v. DHS (Suspension of Body Scanner Program).
  • DHS Privacy Complaints Increase in 2013, Many Databases Kept Secret » (May. 27, 2014)
    The Department of Homeland Security Quarterly Report to Congress details programs and databases affecting privacy. According to the agency, DHS received 964 privacy complaints between September 1, 2013 and November 30, 2013. By contrast, DHS received 295 privacy complaints during the same period in 2011. According to the report, most DHS systems complies with Privacy Act notice requirements. However, the report also indicates that the DHS maintains many databases with personally identifiable information that lack required Privacy Act notices. For more information, see EPIC: Department of Homeland Security Chief Privacy Office and Privacy.
  • DHS Open Government Report Reveals Increased Backlog and Use of Law Enforcement Exemptions » (Feb. 21, 2014)
    The Department of Homeland Security has released the 2013 Freedom of Information Act Report detailing the agencies attempts to comply with the federal open government law. The FOIA requires each agency to provide the numbers of requests received and processed, the time taken to respond, the outcome of each request, and other statistics. In 2013, the DHS reported a significant increase in its FOIA backlog, which rose from 28,553 unanswered requests in 2012 to 53,598 unanswered requests in 2013. Of the nine exemptions that an agency can invoke to withhold documents, DHS relied most heavily on exemption 7(C) (law enforcement records that if released would constitute an invasion of personal privacy) and 7(E) (law enforcement records that if released would disclose law enforcement techniques or procedures, which is significant because the DHS is not a law enforcement agency. DHS reported granting about 7% of requests for expedited processing. EPIC has prevailed in several FOIA lawsuits against DHS, and has also worked to reform the agency's FOIA processing practices for other requesters. For more information, see EPIC v. DHS - Body Scanner FOIA Appeal, EPIC v. DHS - Social Media Monitoring, and EPIC v. DHS - SOP 303.
  • DHS Appeals Ruling in EPIC's "Internet" Kill Switch Case » (Jan. 13, 2014)
    The Department of Homeland Security has appealed a ruling for EPIC in a Freedom of Information Case involving Standard Operating Procedure 303, a protocol which describes the government's plan for deactivating wireless communications networks. Seeking information about the First Amendment and public safety implications of the protocol, EPIC filed a FOIA lawsuit against the agency. A federal court ruled that the protocol could not be withheld under the FOIA because it was not an investigative technique and DHS had not established that releasing the document would cause harm to any individual. Therefore, the court concluded, the documents EPIC sought should be turned over. The Department of Justice has now appealed that decision to the D.C. Circuit Court of Appeals. For more information, see EPIC: EPIC v. DHS (SOP 303) and EPIC: FOIA.
  • EPIC Settles FOIA Case, Obtains Body Scanner Radiation Fact Sheets » (Jan. 10, 2014)
    EPIC has received the documents that were the subject of EPIC's Freedom of Information Act appeal to the D.C. Circuit in EPIC v. DHS (Body Scanner FOIA Appeal). The agency had previously withheld test results, fact sheets, and estimates regarding the radiation risks of body scanners used to screen passengers at airports. EPIC challenged the lower court's determination that the factual material was "deliberative" and therefore exempt from the FOIA. After filing an opening brief to the D.C. Circuit, EPIC participated in a new appellate mediation program. As a result of the mediation, EPIC obtained not only the records sought, but also attorneys' fees. The fact sheets show that the agency did not perform a "quantitative analysis" of risks and benefits before implementing the body scanner program. EPIC addressed that concern in the 2011 lawsuit EPIC v. DHS (Suspension of Body Scanner Program). That EPIC case also had a favorable outcome, and ultimately resulted in the removal of backscatter x-ray scanners from US airports. For more information, see EPIC v. DHS - Body Scanner FOIA Appeal and EPIC v. DHS - Suspension of Body Scanner Program.
  • Federal Court Awards EPIC $30,000 in Social Media Monitoring Case » (Nov. 20, 2013)
    EPIC has prevailed in a fee dispute with the Department of Homeland Security in an open government case concerning the government’s monitoring of social media. EPIC filed a FOIA request after the agency announced plans to gather information from "online forums, blogs, public websites, and message boards." After the DHS refused to produce documents, EPIC filed suit and obtained more than 500 pages describing the agency program. When the agency subsequently moved to dismiss the case, a federal judge ruled that EPIC had "substantially prevailed." And when the DHS sought to give EPIC a token amount in settlement, the court had harsh words for the agency. The court described EPIC's work in the case as "the sort of public benefit that FOIA was designed to promote." The case is EPIC v. DHS, No. 11-2261 (D.D.C. Nov. 15, 2013). For more information, see EPIC v. DHS: Social Media Monitoring.
  • EPIC Prevails in FOIA Case About "Internet Kill Switch" » (Nov. 12, 2013)
    In a Freedom of Information Act case brought by EPIC against the Department of Homeland Security, a federal court has ruled that the DHS may not withhold the agency's plan to deactivate wireless communications networks in a crisis. EPIC had sought "Standard Operating Procedure 303," also known as the "internet Kill Switch," to determine whether the agency's plan could adversely impact free speech or public safety. EPIC filed the FOIA lawsuit in 2012 after the the technique was used by police in San Francisco to shut down cell service for protesters at a BART station, who had gathered peacefully to object to police practices. The federal court determined that the agency wrongly claimed that it could withhold SOP 303 as a "technique for law enforcement investigations or prosecutions." The phrase, the court explained, "refers only to acts by law enforcement after or during the prevention of a crime, not crime prevention techniques." The court repeatedly emphasized that FOIA exemptions are to be read narrowly. For more information, see EPIC: EPIC v. DHS (SOP 303) and EPIC: FOIA.
  • EPIC Obtains Information About Government-Corporate Cybersecurity Practices » (Nov. 1, 2013)
    As a result of a Freedom of Information Act lawsuit against the Department of Homeland Security, EPIC has obtained documents which reveal that the Department of Defense required companies to disclose information about Internet traffic on private networks. These documents contradict Homeland Security’s assertions that companies participating in a DOD pilot project would not be compelled to transmit information to federal agencies. The documents obtained by EPIC under the FOIA also indicate that the National Security Agency, a branch of the Department of Defense, is engaging in offensive cybersecurity measures. A statement to the Senate, EPIC warned that the National Security Agency has become a "black box" for public information about cybersecurity. For more information, see EPIC v. DHS: Defense Contractor Monitoring.
  • Open Government Organizations Support EPIC's FOIA Appeal » (Oct. 15, 2013)
    Citizens for Responsibility and Ethics in Washington (CREW) has filed a "friend of the court" brief in EPIC v. DHS, a challenge to the secrecy of government documents now pending before the D.C. Circuit Court of Appeals. EPIC's is appealing a District Court decision which allowed two federal agencies to withhold factual documents, including test results, about airport body scanners. In the brief, CREW explains that "accepting the District Court's analysis would threaten the integrity of the decision making process and undermine the goals of the FOIA." Several other open government groups joined the CREW amicus brief, including the ACLU, EFF, and the OpenTheGovernment coalition. EPIC filed the opening brief in early October. The government is expected to file an opposition brief at the beginning of November. For more information, see EPIC v. DHS - Body Scanner FOIA Appeal.
  • EPIC Objects to Secret Profiling of Air Travelers » (Oct. 10, 2013)
    EPIC has submitted comments to the Department of Homeland Security, objecting to the agency's plan to secretly profile U.S. air travelers and remove Privacy Act safeguards. The DHS proposed to exempt TSA PreCheck from the federal privacy law. The PreCheck database contains detailed personal information, including name, birthdate, biometric information, Social Security Number, and financial information. The TSA plans to release applicant data to federal, state, tribal, local, territorial agencies and foreign governments. However, the TSA proposes to remove the rights of PreCheck applications concerning notification, access, and correction. The agency also intends to keep secret the basis for approving PreCheck applicants. EPIC described the substantial privacy and security risks of Precheck, urged the DHS to narrow the Privacy Act exemptions, and recommended that the DHS withdraw routine use disclosures. For more information, see EPIC: Secure Flight, EPIC: Passenger Profiling, and EPIC: Air Travel Privacy.
  • EPIC Appeals Secrecy of Body Scanner Radiation Documents » (Oct. 3, 2013)
    EPIC has challenged a District Court decision which allowed two federal agencies to withhold documents about airport body scanners, including test results, fact sheets, and estimates regarding radiation risks. In the opening brief to the DC Circuit Court of Appeals, EPIC argues that federal agencies may not withhold factual information under the "deliberative process privilege" in the Freedom of Information Act. EPIC said that under "under the standard adopted by the lower court, not only would the judgement of agency officials be exempt, but so too would reports or studies of any significance." For more information, see EPIC: DHS Body Scanner FOIA Appeal, EPIC v. DHS and EPIC v. TSA.
  • TSA Conducts Warrantless Searches Outside of Airports » (Aug. 8, 2013)
    The Transportation Security Administration has expanded its Visible Intermodal Prevention and Response (VIPR) program to perform warrantless searches at various locations, including festivals, sporting events, and bus stations. The VIPR program uses "risk-based" profiling and "behavior detection" to search and detain individuals. Members of Congress have opposed these searches, and the GAO has questioned the validity of TSA's behavior detection and dispelled behavior detection effectiveness. Last year, EPIC prevailed in a lawsuit against the TSA that revealed the agency's plan to deploy body scanners outside of the airport at bus stations, train stations, and elsewhere. For more information, see EPIC: EPIC v. DHS (Mobile Body Scanners FOIA Lawsuit).
  • EPIC Opposes DHS Biometric Collection » (Jun. 21, 2013)
    EPIC has submitted comments to the Department of Homeland Security, staunchly opposing the agency's border biometric collection, facilitated through the Office of Biometric Identity Management program. Since at least 2004, DHS has collected fingerprint and facial photos from individuals entering the United States. DHS then disseminates this information to DHS agency components, other federal agencies, and "federal, state, and local law enforcement agencies," and the "federal intelligence community." Currently, at least 30,000 individuals from federal, state, and local governments access the data contained obtained by DHS's biometric collection program. DHS shares this biometric data with foreign governments, including Canada, Australia, and the United Kingdom. In its comments, EPIC urged the agency to cease collecting biometric information without proper privacy safeguards in place. Should the agency continue to collect this sensitive information, EPIC recommends that DHS: (1) impose strict information security safeguards on its biometric information collection and limit its dissemination of biometric information; (2) conduct a comprehensive privacy impact assessment on the biometric collection program; (3) grant individuals Privacy Act rights before collecting additional biometric information; and (4) adhere to international privacy standards. For more information, see EPIC: US-VISIT and EPIC: Biometric Identifiers.
  • TSA "Unplugs, Boxes Up, and Ships Back" X-Ray Body Scanners » (May. 30, 2013)
    The TSA has completed removal of the x-ray body scanners from US airports. The devices revealed detailed images of a person's naked body and have been described as "digital strip searches." The TSA action follows an Act of Congress and several lawsuits by EPIC. The TSA was forced to remove the machines after Congress required that the devices produce only generic image. And as result of EPIC v. TSA the TSA is currently required to accept public comments on its airport screening procedures. The public has until June 24, 2013 to voice its opinions. The millimeter wave devices remain in US airports. For more information, see: EPIC: Comment on the TSA Nude Body Scanner Proposal and EPIC: ATR lawsuit.

    Backscatter x-ray machines show detailed images of a person's naked body and have been described as "digital strip searches."

  • EPIC FOIA Request Reveals Details About Government Cybersecurity Program » (Apr. 24, 2013)
    New documents obtained by EPIC in a Freedom of Information Act lawsuit reveal that the Department of Defense advised private industry on how to best circumvent federal wiretap law. The documents concern a collaboration between the Defense Department, the Department of Homeland Security, and private companies to allow government monitoring of private Internet networks. Though the program initially only applied to defense contractors, an Executive Order issued by the Obama administration earlier this year expanded it to include other "critical infrastructure" industries. The documents obtained by EPIC also cited NSPD 54 as one source of authority for the program. NSPD 54 is a presidential directive issued under President Bush that EPIC is pursuing in separate FOIA litigation. For more information, see EPIC: EPIC v. DHS (Defense Contractor Monitoring), and EPIC: EPIC v. NSA - Cybersecurity Authority.
  • Public Opposes TSA Nude Body Scanners » (Apr. 23, 2013)
    Following a court mandate that the Transportation Security Administration receive public comment on airport body scanners, the public overwhelmingly opposes invasive nude body scanners. The court mandate was in response to EPIC's lawsuit in EPIC v. DHS, where EPIC successfully challenged the TSA's unlawful deployment of airport body scanners. The TSA will accept comments until June 24, 2013. The public has submitted almost 2,000 comments noting various problems with the scanners, including privacy violations, potential health risks, and the machine's inability to accurately detect threats. EPIC has recently filed appeals in two Freedom of Information Act cases seeking documents related to airport body scanner radiation risks and threat detection software. For more information, see EPIC: Comment on the TSA Nude Body Scanner Proposal, EPIC: Radiation Risks lawsuit, and EPIC: ATR lawsuit.
  • EPIC Appeals FOIA Decisions Concerning Body Scanner Information » (Apr. 16, 2013)
    EPIC has filed appeals in two Freedom of Information Act cases seeking documents related to airport body scanners from the Department of Homeland Security and the Transportation Security Administration. EPIC filed FOIA requests with the agencies seeking records related to radiation risks from body scanners and the threat detection software the machines use. The TSA is currently developing formal rules for the use of body scanners in response to a court order in one of EPIC's previous cases. Body scanners allow routine digital strip searches of individuals who are not suspected of any crime. For more information, see EPIC: Radiation Risks lawsuit and EPIC: ATR lawsuit, and EPIC: Suspension of Body Scanner Program.
  • DHS Reveals More Information on Covert Social Media Monitoring Program » (Apr. 16, 2013)
    The Department of Homeland Security has issued a Privacy Impact Assessment, updating information on its controversial social media monitoring program. As part of the program, DHS scours social media sites, including Twitter, Facebook, and Youtube, for public posts that contain words such as "cops," "police," "airport," "hacktivist," and "zombie." DHS then disseminates social media information it has collected to "federal, state, local, and foreign government and private sector partners." Although the Privacy Impact Assessment states DHS should only collect "relevant" social media information, the document also states that "any information posted publicly can be used by [DHS] in providing situational awareness and establishing a common operating picture." Recently, EPIC obtained a court order and an opinion in a Freedom of Information Act lawsuit against DHS, requiring the agency to turn over more documents about the monitoring of social media and Internet media organizations. For more information, see: EPIC: EPIC v. Department of Homeland Security: Media Monitoring.
  • EPIC Obtains News Information on TSA Body Scanner Program » (Apr. 10, 2013)
    The Transportation Security Administration was forced to disclose additional information regarding the Agency's controversial body scanner program after EPIC prevailed in a lawsuit against the Agency. In March 2013, Judge Royce Lamberth held that the Agency had unlawfully redacted certain information from records released to EPIC under the Freedom of Information Act containing details on software modifications made to the scanners. In response to a separate lawsuit filed against the Department of Homeland Security regarding the Agency's authority to deploy the devices, the TSA has initiated a process to allow the public to comment on the program. EPIC is recommending that the TSA adopt more effective screening procedures. For more information, see and EPIC v. DHS (Suspension of Body Scanner Program).
  • TSA Begins Court Ordered Rulemaking on Body Scanner Program, EPIC Urges Public Comment » (Mar. 26, 2013)
    The TSA announced today that it will begin a public comment process on its airport screening procedures. The action follows from a 2011 court order in EPIC v. DHS. In that case, the Federal Appeals Court for the DC Circuit found that the agency unlawfully deployed body scanners in US airports. In a proposed two-sentence change to the agency's extensive regulations, the TSA seeks to grant itself authority to continue to deploy Nude Body Scanners ("NBS") without establishing privacy safeguards. EPIC, which brought the successful challenging to the TSA program, is urging public comment on the agency proposal. EPIC is recommending that the TSA adopt more effective screening procedures. If the TSA continues with Nude Body Scanner program, EPIC said the agency should make clear the right of individuals to opt-out as well as require privacy filters for all devices. For more information, see EPIC v. DHS (Suspension of Body Scanner Program).
  • EPIC Prevails in Two FOIA Cases, Obtains Further Details on Body Scanners » (Mar. 8, 2013)
    A federal judge has granted EPIC victories in two Freedom of Information Act cases involving the controversial airport body scanners. Judge Royce Lamberth in Washington, DC held that the Department of Homeland Security must turn over two safety reports detailing radiation output by the scanners and a set of power point slides containing details on automated target recognition software. The agency previously claimed it was not required to release the documents to EPIC. EPIC has pursued several related Freedom of Information Act cases as a challenge to the deployment of the devices. In 2011, the DC Circuit of Appeals ruled in EPIC v. DHS that the agency must receive public comments on the decision to deploy body scanners for primary screening. For more information see: EPIC: Whole Body Imaging Technology and EPIC v. DHS (Suspension of Body Scanner Program).
  • EPIC Prevails in Social Media Monitoring FOIA Suit » (Mar. 4, 2013)
    EPIC has obtained a court order and an opinion in a Freedom of Information Act lawsuit against the Department of Homeland Security, requiring the agency to turn over more documents about the monitoring of social media and Internet media organizations. EPIC had previously obtained several hundred pages of documents, revealing that the agency monitors the internet for reports that “reflect adversely” on the agency or the federal government. EPIC also obtained a list of very broad search terms used by the agency to monitor social media. As a result of EPIC’s findings, Congress held a hearing on "DHS Monitoring of Social Networking and Media: Enhancing Intelligence Gathering and Ensuring Privacy." For more information see: EPIC: EPIC v. Department of Homeland Security: Media Monitoring.
  • EPIC Obtains DHS Body Scanner Training Manuals, New Questions About Absence of Privacy Safeguards » (Feb. 15, 2013)
    In response to an EPIC FOIA request, the Department of Homeland Security has released documents about the use of body scanners by the US Secret Service. EPIC sought information about the types of images that body scanners capture, the length of time the images can be stored, and safeguards for maintaining the integrity and security of the captured images. EPIC also asked about radiation body scanner radiation risks. EPIC received the contract of sale between the Government and Rapiscan, the body scanner manufacturer; and the Secret Service’s training manuals for instructing new recruits on the operation of body scanners. The training materials make no mention of data privacy. For more information, see EPIC: EPIC v. DHS and EPIC: Body Scanners.
  • TSA to Pull Naked Body Scanners Out of US Airports » (Jan. 18, 2013)
    The US Transportation Security Administration will end the contract for backscatter x-ray devices. As a consequence, all devices that produce a detailed naked image of air travelers will be removed from US airports. Beginning in 2005, EPIC and then a coalition of privacy advocates, scientists, legal experts and lawmakers urged the TSA not to deploy the devices. The groups petitioned DHS Secretary Napolitano to suspend the program pending a thorough review. The agency went forward and EPIC sued. In EPIC v. DHS, the DC Circuit held that the devices could be used as long as passengers were able to opt-out. The federal appeals court also ordered the agency to "promptly" begin a public rulemaking. That process will likely begin in March 2013. For more information, see EPIC: EPIC v. DHS and EPIC: Body Scanners.
  • EPIC Succeeds in Fight Against Protective Order in FOIA Case » (Jan. 9, 2013)
    A federal judge has vacated provisions in a prior order that would have limited the ability of FOIA requesters to disseminate information to the public. EPIC filed a Freedom of Information Act lawsuit against the Department of Homeland Security after the agency failed to respond to a request for documents about a plan to monitor internet traffic. In arguments before the court, the Department of Justice contended that EPIC should agree to a protective order that would prevent EPIC from disclosing documents obtained in the case. EPIC challenged this argument, stating that it was contrary to FOIA law and that the use of protective orders in FOIA cases would make it more difficult for the public to obtain information about government activities. Judge Kessler agreed with EPIC and discarded the protective order requirement. She also chastised the agency for its repeated delays in processing EPIC's FOIA request. The case is EPIC v. DHS, 12-333. For more information see: EPIC v. DHS - Defense Contractor Monitoring.
  • Congress to Scrutinize TSA's "Scanner Shuffle" » (Nov. 14, 2012)
    The House Subcommittee on Transportation Security is holding an oversight hearing this week, "TSA's Recent Scanner Shuffle: Real Strategy or Wasteful Smokescreen?" The hearing announcement follows a decision by the TSA to remove the backscatter x-ray devices from major US airports. In a statement for the record, EPIC highlighted public concerns about the use of body scanners, including health and privacy risks, and the failure of the TSA to take public comments on the program. In July 2011, the federal appeals court in Washington, DC ruled that that the Department of Homeland Security must "act promptly" to receive public comments. For more information, see EPIC: EPIC v. DHS (Suspension of Body Scanner Program), EPIC: Whole Body Imaging Technology and Body Scanners ("Backscatter" X-Ray and Millimeter Wave Screening) and EPIC: EPIC: Body Scanner FAQ.
  • DHS Privacy Review Fails to Address DHS Monitoring of Online Dissent » (Nov. 9, 2012)
    The Department of Homeland Security released a Privacy Compliance Review which found that the DHS social media monitoring program complied the DHS's own privacy requirements. Documents obtained by EPIC through a FOIA lawsuit revealed that DHS is monitoring social networks and media organizations for criticism of the agency. Congress held a Hearing earlier this year to determine why DHS is tracking political statements on Twitter and social networks. EPIC's lawsuit against DHS is ongoing. For more information, see EPIC: EPIC v. Department of Homeland Security: Media Monitoring.
  • TSA Unplugs, Boxes Up Airport Body Scanner X-ray Devices » (Oct. 19, 2012)
    Earlier this year, the TSA indicated that it would no longer purchase backscatter x-ray devices for deployment in US airports. A news story this week confirms that the TSA has ceased buying the "Whole Body Imaging" devices and is actively replacing them with millimeter wave scanners, a less intrusive but also controversial scanning technology. EPIC sued the Department of Homeland Security to force disclosure of technical documents about the body scanner program. In a subsequent lawsuit, EPIC v. DHS, the DC Circuit Court of Appeals determined that air travellers have a right to opt-out of the body scanner screening and that the TSA must undertake a notice and comment rulemaking. In the most recent decision, the Court has ordered the agency to begin the public comment process by March 2013. For more information, see EPIC: Whole Body Imaging Technology and Body Scanners and EPIC; EPIC v. DHS (suspension of airport body scanners).
  • Court Responds to EPIC Petition, Expects Body Scanner Rule by March 2013 » (Sep. 25, 2012)
    The Court of Appeals for the DC Circuit has issued a ruling on EPIC's recent petition regarding the controversial body scanner program. EPIC had urged the court to require the Secretary of Homeland Security to begin a public comment process or suspend the program. The agency said it might "finalize documents" by February 2013. The court said it expected the agency to begin the process before the end of March 2013. In July 2011 the court ordered the agency to "promptly" begin the process. For more information, see: EPIC v. DHS (Suspension of Body Scanner Program).
  • Department of Homeland Security Releases 2012 Privacy Report » (Sep. 20, 2012)
    The Department of Homeland Security released the 2012 Privacy Office Annual Report to Congress. The report describes a social media monitoring policy, and privacy training for fusion centers personnel. According to the report, the TSA has still failed to adopt privacy safeguards for whole body image devices. The report is silent on several new DHS-funded initiatives, including the Future Attribute Screening Technology, a Minority-Report like proposal for "pre-crime" detection. The report also notes the expansion of the National Counterterrorism Center's five-year retention policy for records on U.S. Persons that do not contain terrorism information. The Chief Privacy Officer of the DHS is required by law to ensure that new agency programs do not diminish privacy in the United States. For more information, see EPIC: Privacy Report Held Hostage.
  • EPIC Prevails in Mobile Body Scanner FOIA Case » (Sep. 16, 2012)
    A federal district court has awarded EPIC attorneys fees and costs in EPIC v. DHS, No, 11-945, a Freedom of Information Act lawsuit that resulted in the disclosure of information about the agency's plan to deploy body scanners at bus stations, train stations, and elsewhere. The court found that EPIC had "substantially prevailed" in the FOIA lawsuit and that "EPIC has demonstrated a public benefit arising from the disclosed records." EPIC has several related FOIA lawsuits concerning new systems of mass surveillance. For more information, see EPIC v. DHS (Mobile Body Scanners FOIA Lawsuit).
  • EPIC Pursues Body Scanner Case, Files Reply Brief » (Sep. 12, 2012)
    EPIC has filed a reply brief with the U.S. Court of Appeals for the D.C. Circuit in the airport body scanner case. The case arises from EPIC's Mandamus Petition, seeking to enforce the Court's July 2011 order requiring the DHS to "promptly" begin notice-and-comment rulemaking. EPIC has argued that the agency's ongoing delay is "unreasonable" and that the Court should require the Secretary to begin the rule making or suspend the program. For more information, see: EPIC v. DHS (Suspension of Body Scanner Program) and EPIC: Whole Body Imaging Technology.
  • New Congressional Report Recommends TSA Address Privacy and Health Concerns with Airport Bodyscanners » (Sep. 11, 2012)
    "Rebuilding TSA into a Smarter, Leaner Organization," a new House Report critiques the Transportation Security Administration for "failing to meet taxpayers' expectations." The report, prepared by the House Committee on Homeland Security, recommends that the TSA sponsor "an independent analysis" of the health risks of body scanners and install privacy filters on all devices. The Report cites the decision in EPIC v. DHS, pointing out that the TSA has failed to abide by the ruling of a federal appeals court to "act promptly" to receive public comments. For more information, see EPIC v. Department of Homeland Security - Full Body Scanner Radiation Risks and EPIC v. TSA - Body Scanner Modifications (ATR).
  • EPIC FOIA - Documents Shed Further Light on Homeland Security Pursuit of Crowd Surveillance » (Aug. 16, 2012)
    New documents obtained by EPIC under the Freedom of Information Act provide further details on a DHS plan to use an multiples surveillance technologies to search people in public spaces. Previous EPIC FOIA work produced records about a similar DHS program, which the government agency subsequently claimed it had cancelled. However, the new documents obtained by EPIC show that the DHS was still pursuing mobile crowd surveillance as recently as 2011. The technologies include "intelligent video," backscatter x-ray, Millimeter Wave Radar, and Terahertz Wave, and could be deployed at subway platforms, sidewalks, sports arenas, and shopping malls. For more information, see EPIC: EPIC v. DHS (Mobile Body Scanners FOIA Lawsuit) and EPIC: Electronic Frisking.
  • Department of Homeland Security Limits E-Verify Data and Disclosures » (Aug. 9, 2012)
    The Department of Homeland Security has issued a Privacy Act system of records notice for the E-Verify Program. E-Verify is a government records system that informs employers about the citizenship status of current and prospective employees. The database contains detailed personal information including names, dates of birth, Social Security numbers, and citizenship status for all individuals subject to review. This Privacy Act notice minimizes the information that the agency will collect, and also limits the agency's ability to disclose personal information to outside entities. Last year EPIC, along with a coalition of privacy, consumer rights, and civil rights organizations, encouraged DHS to strengthen privacy and security safeguards for E-Verify. For more information, see EPIC: E-Verify and Privacy.
  • White House TSA Petition Passes 20,000 Signatures » (Aug. 7, 2012)
    A petition, posted at the White House website "We The People," urging the Transportation Security Agency to "Follow the Law!" has received more than 20,000 signatures. If 25,000 people sign the petition before August 9, 2012, the White House will respond.The petition asks President Obama to force the Transportation Security Administration to begin the public comment process on the controversial airport body scanner program, as the agency was ordered to do by a federal court more than a year ago. For more information see EPIC v. DHS (Suspension of Body Scanners).
  • Court Orders Homeland Security to Answer EPIC's Petition » (Aug. 1, 2012)
    The US Court of Appeals for the DC Circuit has ordered the DHS to respond to EPIC's mandamus petition to "enforce the court's mandate" by August 30. EPIC filed the "extraordinary writ" after a year had passed since the federal agency was ordered to begin a public rulemaking on the controversial airport body scanner program. A coalition of organizations, led by the Competitive Enterprise Institute, has filed an amicus brief in support of the EPIC petition and a separate petition to the White House has gathered more than 16,000 signatures. For more information, see EPIC v. DHS (suspension of airport body scanners).
  • White House TSA Petition Passes 15,000 » (Jul. 23, 2012)
    A petition posted at the White House website "We the People" urging the Transportation Security Agency to "Follow the Law!" has received more than 15,000 signatures. If 25,000 people sign the petition before August 9, 2012, the White House will respond. The petition asks President Obama to force the TSA to begin the public comment process on the controversial airport body scanner program, as the agency was ordered to do by a federal court more than a year ago. For more information see EPIC v. DHS (suspension of airport body scanners).
  • EPIC Demands Evidence of TSA Body Scanner Rulemaking » (Jul. 19, 2012)
    EPIC has submitted a Freedom of Information Act request to the TSA, seeking documents about whether the agency actually intends to give the public the opportunity to comment on the controversial body scanner program. One year has passed since the D.C. Circuit Court of Appeals ordered the agency to "act promptly" and undertake a public notice-and-comment rulemaking. The agency has not done so but claims to be working on it. In a separate Petition for Mandamus EPIC asked the Court to require the agency to issue a proposed rule within 60 days or suspend the program. For more information, see EPIC v. DHS (airport body scanners).
  • EPIC Files Mandamus Petition to Compel Action on the Airport Body Scanner Program » (Jul. 17, 2012)
    EPIC has filed a mandamus petition with the Federal Court of Appeals in Washington, DC to require the beginning of a public comment process on the controversial airport body scanner program. One year has passed since the Court ordered the Department of Homeland Security to "act promptly" to undertake the action demanded by EPIC, but the agency has taken no action. In the petition, EPIC said that the agency's delay poses risks to travelers, defies the Court's authority, and is unlawful. EPIC asked the court to require that the federal agency receive public comments within 60 days or that it suspend the program. (Mandamus Appendix). For more information, see EPIC v. DHS (airport body scanners).
  • Homeland Security Seeking Applicants to Join Privacy Board » (Jun. 28, 2012)
    The Department of Homeland Security has announced that it is seeking applicants for the Data Privacy and Integrity Advisory Committee. The Committee was established to advise the agency on issues related to personally identifiable information, data integrity, and other privacy-related matters. The agency has a mandate from Congress to ensure that its programs "do not erode privacy protections" and to ensure that personal information is "handled in full compliance with fair information practices as set out in the Privacy Act of 1974." For more information, see EPIC: Department of Homeland Security Chief Privacy Office and Privacy and EPIC: EPIC v. DHS (Suspension of Body Scanner Program).
  • Department of Homeland Security Exempts Massive Database from Privacy Act » (Jun. 8, 2012)
    The Department of Homeland Security issued a final rule exempting its Operations System from various Privacy Act safeguards, including provisions that permit individuals to access information about them held by the agency. The system "fuses" information from many sources which the agency uses for investigatory purposes. There are over twenty categories of data, including social security numbers, citizenship, medical records, and even information gathered from social media in the database. In 2010, EPIC urged the agency not to reduce the privacy protections for the Operations System, citing the substantial risks. Despite EPIC's recommendations, DHS went forward. For more information, see EPIC: Total Information Awareness and EPIC: EPIC v. DHS: Media Monitoring.
  • Homeland Security Seeks to Expand "Risk-Based" Profiles » (Jun. 6, 2012)
    The Department of Homeland Security has proposed to exempt its "Automated Targeting System" from certain Privacy Act provisions. The Automated Targeting System creates "risk-based" profiles of individuals traveling to, from, and throughout the United States. The profile contains a plethora of personal data, including, nationality, race, occupation, and biometrics. The System accesses and "ingests" this information from many sources, including government databases and commercial data aggregators. The DHS issued a Privacy Impact Assessment, which describes some of the privacy risks, including unauthorized access. In detailed comments to DHS in 2007, EPIC opposed the use of "risk-based" profiles. For more information, see EPIC: Automated Targeting System.
  • EPIC Asks Ombudsman to Investigate DHS FOIA Practices » (Jun. 4, 2012)
    EPIC has submitted a letter to the Office of Government Information Services, asking for an investigation into FOIA practices at the Department of Homeland Security. EPIC explained that the federal agency, which includes the TSA and the Bureau of Customs and Border Protection, routinely denies fee waivers in circumstances where the agency knows that the requester properly qualifies. By way of example, EPIC cited a recent FOIA appeal in which the agency wrongly denied a fee waiver request. EPIC said that the practice creates additional work for sophisticated FOIA requesters and may, as a practical matter, prevent other requesters from pursuing important FOIA requests. For more information, see EPIC: DHS Privacy Office and EPIC: Litigation Under the Federal Open Government Laws.
  • Classified Report Finds Vulnerabilities in Body Scanner Program » (May. 4, 2012)
    The Department of Homeland Security Office of Inspector General has completed an investigation into the effectiveness of the body scanner program as deployed in airports as a primary passenger screening system. The unclassified summary of the report notes that several vulnerabilities were found in the program, which has already cost more than $87 million. The full report consists of "Sensitive Security Information" (SSI) and will not be released to the public, according to the Inspector General. EPIC has challenged the SSI designation, arguing that it is an improper standard for classification. The Government Accountability Office, technical experts, Members of Congress, and bloggers have also questioned the effectiveness of the devices. In a federal lawsuit, EPIC challenged the body scanner program, calling it "invasive, unlawful, and ineffective." For more information, see EPIC v. DHS (Suspension of body scanners).
  • Department of Homeland Security Expands Use of Watch Lists for "Known Traveler" Program » (Apr. 23, 2012)
    The Department of Homeland Security has published a Privacy Impact Assessment Update for Secure Flight, a DHS program that compares airline passenger records with various watch lists. The assessment describes the agency's plans to expand the Known Traveler program so as to expedite airline screening for certain categories of individuals. The DHS also intends to incorporate into Secure Flight the Automated Targeting System, a controversial program that allows the government to assign a risk assessment number to individual travelers. That number provides the basis for further screening. In 2007, EPIC urged DHS to either suspend the Automated Targeting System or to fully apply all Privacy Act safeguards to any individual subject to ATS. In 2010, EPIC advocated for stronger privacy protections of DHS trusted traveler programs that compare passenger names against watch lists. For more information, see EPIC: Secure Flight and EPIC: Automated Targeting Systems.
  • DHS Privacy Office Issues Quarterly Report to Congress » (Mar. 26, 2012)
    The DHS Privacy Office has issued its First Quarter Fiscal Year 2012 Report to Congress. The report details DHS programs and functions that affect privacy, such as privacy impact assessments and system of records notices. The report also summarizes the 295 privacy compliance complaints that DHS has received between September 1, 2011 and November 30, 2011. EPIC has closely followed DHS Privacy Office activities, and has worked to ensure timely release of DHS privacy reports. For more information, see EPIC: Department of Homeland Security Chief Privacy Office and Privacy.
  • House and Senate Call for Investigation on Airport Body Scanner Radiation Risks » (Mar. 15, 2012)
    Both the House and the Senate introduced bills last month that would require the Department of Homeland Security "to contract with an independent laboratory to study the health effects of backscatter x-ray machines used at airline checkpoints operated by the Transportation Security Administration," and to provide improved notice of the health effects to airline passengers. The bills focus on the health effects of those screened by the backscatter x-ray machines, including frequent air travelers, flight crews, and individuals with greater sensitivity to radiation, such as children, pregnant women, the elderly, and cancer patients. In 2010, EPIC filed a Freedom of Information Act lawsuit asking a court to force the Department of Homeland Security to disclose documents about radiation testing results and agency fact sheets on radiation risks. For more information, see EPIC: EPIC v. DHS - Full Body Scanner Radiation Risks.
  • EPIC Publishes 2012 FOIA Gallery » (Mar. 12, 2012)
    In celebration of Sunshine Week, EPIC published the EPIC FOIA Gallery: 2012. The gallery highlights key documents obtained by EPIC in the past year, including the Federal Bureau of Investigation's watch list guidelines, records of the Department of Homeland Security's social media monitoring program, Google's first Privacy Compliance Report, records detailing the government's FAST scanning program, records of the FBI's surveillance of Wikileaks supporters, and DHS records detailing the use of body scanners at the U.S. border. EPIC regularly files Freedom of Information Act requests and pursues lawsuits to force disclosure of critical documents that impact privacy. EPIC also publishes the authoritative FOIA litigation manual. For more, see EPIC Open Government and EPIC Bookstore: FOIA.
  • Video, Blog Post Raise New Questions About Airport Body Scanners » (Mar. 9, 2012)
    A popular video "How To Get Anything Through TSA Nude Body Scanners" show that it is easy to bypass airport body scanners by hiding materials perpendicular to the plane of the scanning devices. The video also notes that traditional metal detectors, now being removed from US airports, would routinely alert to the presence of metallic objects. Still more interesting may be the recent blog post by a 25-year FBI agent, expert in aviation security, who writes that the "TSA has never foiled a terrorist plot or stopped an attack on an airliner" and that "the entire TSA paradigm is flawed." In a federal lawsuit, EPIC challenged the TSA airport scanner program, calling it "invasive, unlawful, and ineffective." For more information, see EPIC v. DHS (Suspension of body scanners).
  • DHS Privacy Office Releases 2011 Data Mining Report » (Mar. 5, 2012)
    The Department of Homeland Security has released the 2011 Annual Data Mining Report. The report must include all of the Agency's current activities that fall within the legislative definition of "data mining." Among other things, this year's report references the Agency's programs to profile individuals entering or leaving the country to determine who should be subject to "additional screening." A FOIA request by EPIC in 2011 revealed that the FBI's standard for inclusion on the list is "particularized derogatory information," which has never been recognized by a court of law. The report also provides information on Secure Flight and Air Cargo Advanced Screening. For more information, see EPIC: FBI Watch List FOIA and EPIC: DHS Privacy Office.
  • EPIC Obtains New Documents on DHS Media Monitoring, Urges Congress to Suspend Program » (Feb. 23, 2012)
    EPIC has submitted a letter to Congress following a hearing on DHS monitoring of social networks and media organizations. In the letter, EPIC highlights new documents obtained as a result of a FOIA lawsuit and points out to inconsistencies in DHS' testimony about the program. Though DHS testified that it does not monitor for public reaction to government proposals, the documents obtained by EPIC indicate that the DHS analysts are specifically instructed to look for criticism of the agency and then to redirect reports that would otherwise be circulated to other agencies. EPIC wrote that the DHS' monitoring program should be suspended, as it exceeds the agency's statutory authority and chills First Amendment activity. For more information, see EPIC: EPIC v. DHS: Media Monitoring.
  • 2013 Federal Budget Limits Body Scanners, But Expands Domestic Surveillance » (Feb. 20, 2012)
    According to White House budget documents and the Congressional Testimony of Secretary Napolitano, DHS will not purchase any new airport body scanners in 2013. However, the agency will expand a wide range of programs for monitoring and tracking individuals within the United States. This includes the development of biometric identification techniques for programs such as Secure Communities. DHS will also seek funding for "Einstein 3," a network intrusion detection program that enables surveillance of private networks. EPIC has urged the DHS to comply with the requirements of the federal Privacy Act, and is currently pursuing several Freedom of Information Act lawsuits against the agency. For more information see, EPIC - Body Scanners and Radiation Risks, EPIC - E-Verify, EPIC - Secure Communities, EPIC - Fusion Centers, EPIC - Drones, EPIC - Cybersecurity, EPIC - Secure Flight.
  • Congress Grills Department of Homeland Security » (Feb. 16, 2012)
    Members of a House Committee today questioned DHS officials about the agency's monitoring of social networks and media organizations for information that "reflects adversely" on the agency or the federal government. Several members expressed support for EPIC's proposal that DHS suspend the program, warning that this activity violates First Amendment rights. New questions also arose when the DHS witnesses claimed that no other federal agencies were engaged in similar practices. According to many news sources, the FBI wants to monitor social media. The House hearing was called after EPIC obtained nearly 300 pages of documents detailing the Department of Homeland Security's activities. For more information see: EPIC v. Department of Homeland Security: Media Monitoring.
  • EPIC Asks Congress to Suspend DHS Social Network Monitoring Program » (Feb. 15, 2012)
    In a Statement for the Record, EPIC has asked the House Committee on Homeland Security to suspend a DHS program that has permitted the agency to gather comments critical of the agency and the government by monitoring social networks and media organizations. The hearing on "DHS Monitoring of Social Networking and Media: Enhancing Intelligence Gathering and Ensuring Privacy" was called after EPIC obtained nearly 300 pages of documents detailing the Department of Homeland Security's activities. The documents, obtained as a result of EPIC's Freedom of Information Act lawsuit, include instructions from the DHS to General Dynamics to monitor media reports that "reflect adversely" on the agency or the federal government. For more information see: EPIC v. Department of Homeland Security: Media Monitoring.
  • Congress to Hold Hearing on Department of Homeland Security Social Network Monitoring » (Feb. 6, 2012)
    On February 16, 2012, the House Committee on Homeland Security will hold a hearing on "DHS Monitoring of Social Networking and Media: Enhancing Intelligence Gathering and Ensuring Privacy." The hearing was called after EPIC obtained nearly 300 pages of documents, as a result of a Freedom of Information Act lawsuit, detailing the Department of Homeland Security's monitoring of social networks and media organizations. The documents included guidelines from DHS instructing General Dynamics to monitor for media reports that "reflect adversely" on the agency or the federal government. For more information see: EPIC v. Department of Homeland Security: Media Monitoring.
  • EPIC - FOIA Documents Reveal Homeland Security is Monitoring Political Dissent » (Jan. 13, 2012)
    As the result of EPIC v. DHS, a Freedom of Information Act lawsuit, EPIC has obtained nearly thee hundred pages of documents detailing a Department of Homeland Security's surveillance program. The documents include contracts and statements of work with General Dynamics for 24/7 media and social network monitoring and periodic reports to DHS. The documents reveal that the agency is tracking media stories that "reflect adversely" on DHS or the U.S. government. One tracking report -- "Residents Voice Opposition Over Possible Plan to Bring Guantanamo Detainees to Local Prison-Standish MI" -- summarizes dissent on blogs and social networking cites, quoting commenters. EPIC sent a request for these documents in April 2004 and filed suit against the agency in December. For more information, see EPIC: EPIC v. Department of Homeland Security: Media Monitoring.
  • DHS Memo Reveals Plan to Impose "Secure Communities" on All States » (Jan. 10, 2012)
    According to a draft memo, the Department of Homeland Security intends to require that all states comply with the agency's "Secure Communities" program by 2013. Secure communities is a controversial deportation program that relies on extensive data collection and biometric identification. Several states, including Illinois, New York and Massachusetts, objected to the federal program, citing mismanagement, and refused to participate. Previously, the DHS maintained that the program would be voluntary. For more, see EPIC: Secure Communities.
  • Supreme Court to Hear Case About Enhanced Search Techniques » (Jan. 6, 2012)
    The US Supreme Court has decided to review Florida v. Jardines, a case that addresses whether a dog sniff at the front door of a home is a search that requires probable cause. This case follows Illinois v. Caballes, a 2005 case in which the Court held that a dog sniff around a car during a routine traffic stop was not a search. The Florida Supreme Court ruled that Caballes was inapplicable in the case, and that a dog sniff in front of a home is a Fourth Amendment search. This case also implicates the government's use of "enhanced" investigative techniques that are designed to detect contraband. Because these techniques are imperfect and also allow the government to search for material that is not illegal, EPIC has argued that a Fourth Amendment probable cause standard should apply. For more information, see EPIC: EPIC v. DHS (Airport Body Scanners).
  • EPIC Urges Court to End DHS Delay in Seeking Public Input on Airport Body Scanners » (Dec. 23, 2011)
    EPIC has asked a federal court seeking to enforce a July 15, 2011 order requiring the Department of Homeland Security to take public comment on the agency's controversial airport body scanner program. As a result of an EPIC lawsuit, the DC Circuit Court of Appeals ruled that the agency violated federal law when it installed body scanners in airports for primary screening without first soliciting public input. In July, the Court ordered Homeland Security to "promptly" seek public comment, but the agency has failed to respond. EPIC, and a coalition of privacy and civil liberties organizations, first petitioned DHS to undertake a public rulemaking in 2009. This is EPIC's second motion to compel the agency to comply with the court's order. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.
  • EPIC Warns DHS: Plan to Release Personal Data Held by Agency is Unlawful » (Dec. 22, 2011)
    EPIC has submitted comments to the Department of Homeland Security, objecting to the agency's plan to disclose internal agency records to former DHS employees, third party employers, and foreign and international agencies. DHS plans to disclose criminal conviction records, employee records, and foreclosures, about a broad category of individuals, including members of the public, individuals who file administrative complaints with DHS, and even individuals who are named parties in cases "in which DHS believes it will or may become involved." All of this information is protected under the federal Privacy Act, but the DHS proposes to invoke the "routine use" exemption to allow disclosure. EPIC said the plan would "undermine privacy safeguards set out in the Privacy Act and would unnecessarily increase privacy risks for individuals whose records are maintained by the federal government." EPIC also noted that the agency has failed to allow sufficient time to meaningfully consider public comment on the plan. For more information, see EPIC: the Privacy Act of 1974.
  • EPIC Sues DHS Over Covert Surveillance of Facebook and Twitter » (Dec. 20, 2011)
    EPIC has filed a Freedom of information Act lawsuit against the Department of Homeland Security to force disclosure of the details of the agency's social network monitoring program. In news reports and a Federal Register notice, the DHS has stated that it will routinely monitor the public postings of users on Twitter and Facebook. The agency plans to create fictitious user accounts and scan posts of users for key terms. User data will be stored for five years and shared with other government agencies.The legal authority for the DHS program remains unclear. EPIC filed the lawsuit after the DHS failed to reply to an April 2011 FOIA request. For more information, see EPIC: Social Networking Privacy.
  • EPIC Asks Court to Require Release of Documents About Body Scanner Radiation Risks » (Dec. 5, 2011)
    EPIC has filed a reply motion in EPIC v. DHS, No. 1:11-cv-01991-ABJ, a Freedom of Information Act lawsuit for information, held by the DHS, about the radiation risks of airport body scanners. EPIC is asking the court to force the agency to disclose documents about radiation testing results, agency fact sheets on radiation risks, and an image produced by the machines. A recent report from ProPublica states that the "U.S. Government Glossed Over Cancer Concerns As It Rolled Out Airport X-Ray," and the European Union recently prohibited the use of "back-scatter x-ray" devices in EU airports. EPIC has already obtained hundreds of pages of documents discussing the risks of radiation exposure. For more information, see EPIC: EPIC v. DHS - Full Body Scanner Radiation Risks.
  • EPIC to DHS: Proposed Expansion of "Routine Use" Exception is Unlawful » (Nov. 30, 2011)
    In comments to the Department of Homeland Security regarding a proposal to expand the Privacy Act "routine use" exemption, EPIC has said that the agency is exceeding its legal authority. The DHS is seeking to disclose information about current and former government employees, including members of the US Secret Service, for the the development of "civil, administrative, or background investigation." The information includes names, social security numbers, addresses, and dates of birth. The "routine use" exemption allows federal agencies to disclose personal information in their possession in certain, narrow circumstances, not for open-ended investigations. EPIC stated that the change would "undermine privacy safeguards set out in the Privacy Act and would unnecessarily increase privacy risks for individuals whose records are maintained by the federal government." For more information, see EPIC: the Privacy Act of 1974.
  • European Union Limits Use of Airport Body Scanners » (Nov. 14, 2011)
    The European Union has adopted strict new guidelines limiting the use of body scanners at EU airports. Under the new guidelines, European Union member states may only deploy airport body scanners if they comply with new regulations that protect health, privacy, and fundamental rights. The European Commission has also prohibited any devices that store, record, or transfer images of travelers as well as devices that display an image of the naked human body. As a result, backscatter x-ray devices are now effectively prohibited in airports in the European Union. The European Commission has also made clear that passengers may not be required to go through body scanners, following the conclusion reached by the federal appellate court in the United States in the EPIC v. DHS case, which held that passengers have a legal right to opt-out of body scanners. The body scanners have not done well during trials in Europe. Most recently a test in Germany found that the devices were ineffective. For more information, see EPIC: Whole Body Imaging Technology and EPIC: EPIC v. DHS (Suspension of the Body Scanner Program).
  • EPIC Asks Court to Require DHS Disclosure of Documents Detailing Body Scanner Radiation Risks » (Nov. 1, 2011)
    EPIC has filed a motion for summary judgment in EPIC v. DHS, No. 1:11-cv-01991-ABJ, a pending Freedom of Information Act lawsuit against the Department of Homeland Security for information about the radiation risks posed by body scanners. EPIC has asked the court to force the agency to disclose documents containing radiation testing results, agency fact sheets on body scanner radiation risks, and an image produced by the machines. A new report from ProPublica states that the "U.S. Government Glossed Over Cancer Concerns As It Rolled Out Airport X-Ray." EPIC has already obtained hundreds of pages of documents detailing the radiation risks presented by the machines. For more information, see EPIC: Body Scanners and Radiation Risks (FOIA).
  • EPIC Files Papers to End DHS Delay in Seeking Public Input on Airport Body Scanners » (Oct. 28, 2011)
    EPIC filed papers in federal court today seeking to enforce an order that requires the Department of Homeland Security to detail the agency's controversial airport body scanner program. As a result of the EPIC lawsuit, the DC Circuit Court of Appeals ruled that the agency violated federal law when it installed body scanners in airports for primary screening without first soliciting public comment. In July, the Court ordered Homeland Security to "promptly" seek public comment, but the agency has failed to respond. EPIC, and a coalition of privacy and civil liberties organizations, first petitioned DHS to undertake a public rulemaking in 2009. EPIC's subsequent lawsuit alleged that airport body scanners are "invasive, unlawful, and ineffective." For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.
  • Congressional Watchdog: DHS Data Mining Programs Pose Risk to Privacy » (Oct. 11, 2011)
    The Government Accountability Office has performed a detailed evaluation of data mining practices at the Department of Homeland Security. According to the report, privacy protections and transparency are vital to data mining operation, however the Department's practices did not "adequately ensure the protection of privacy-related information." in 2009, EPIC called for an investigation of the Department's Privacy Office and said that the Chief Privacy Officer was not complying with the statutory requirements to protect privacy. For more information, see EPIC: Department of Homeland Security Chief Privacy Office and Privacy.
  • Documents Obtained by EPIC Reveal Government's "Minority Report" Scanning Program » (Oct. 7, 2011)
    Through a Freedom of Information Act request, EPIC has obtained documents from the Department of Homeland Security about a secretive "pre-crime" detection program. The "Future Attribute Screening Technology" (FAST) Program gathers "physiological measurements" from subjects, including heart rate, breathing patterns, and thermal activity, to determine "malintent." According to the documents obtained by EPIC, the agency is considering the use of the device at conventions and sporting events, and has already conducted field testing. CNET first reported on the EPIC FOIA request. For more information, see: EPIC: Future Attribute Screening Technology Project.
  • Documents Reveal New Details About DHS Development of Mobile Body Scanners » (Aug. 31, 2011)
    EPIC has obtained more than one hundred fifty pages of documents detailing the Department of Homeland Security’s development of mobile body scanners and other crowd surveillance technology. The documents were obtained as a result of a Freedom Information Act lawsuit brought by EPIC against the federal agency. According to the documents obtained by EPIC, vehicles equipped with mobile body scanners are designed to scan crowds and pedestrians on the street and can see through bags, clothing, and even other vehicles. The documents also reveal that the mobile backscatter machines cannot be American National Standards Institute “certified people scanners” because of the high level of radiation output and because subjects would not know they have been scanned. For more information see EPIC: Whole Body Imaging Technology and EPIC: EPIC v. DHS (Suspension of the Body Scanner Program).
  • EPIC Files for Rehearing in Airport Body Scanner Case » (Aug. 30, 2011)
    Citing significant errors in an earlier decision, EPIC has petitioned a federal appeals court to rehear the organization's challenge to the TSA's controversial body scanner program. "The court overstated the effectiveness of the body scanner devices and understated the degree of the privacy intrusion to the travelling public," stated EPIC President Marc Rotenberg. EPIC's petition challenged the Court's finding that the devices detect “liquid and powders," which was never established and was not claimed by the government. EPIC also argued that the court wrongly concluded that the TSA is not subject to a federal privacy law that prohibits video voyeurism. The panel found that TSA body scanner employees are “engaged in law enforcement activity," contrary to the TSA's own regulations. EPIC is pursuing related litigation on the government's deployment of mobile body scanners. For more information, see EPIC: EPIC v. DHS.
  • Federal Appeals Court: TSA Violated Federal Law, Must Take Public Comment on Body Scanners » (Jul. 15, 2011)
    As a result of a lawsuit brought by EPIC, the D.C. Circuit Court of Appeals has ruled that the TSA violated federal law when it installed body scanners in airports for primary screening across the country without first soliciting public comment. The Administrative Procedure Act requires federal agencies to provide notice and opportunity for comment when implementing a rule that affects the rights of the public. Writing for a unanimous court, Judge Ginsburg found there was "no justification for having failed to conduct a notice-and-comment rulemaking," and said, "few if any regulatory procedures impose directly and significantly upon so many members of the public." EPIC's brief alleged that airport body scanners are "invasive, unlawful, and ineffective," and that the TSA's deployment of the devices for primary screening violated the U.S. Constitution and several federal statutes. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology. Press Release.
  • EPIC Urges Court to Order Release of 2,000 Airport Body Scanner Images » (Mar. 25, 2011)
    EPIC asked a federal court in Washington, DC to reconsider its earlier decision allowing the Department of Homeland Security to keep secret 2,000 airport body scanner images in EPIC's Freedom of Information Act lawsuit. The Court relied on a legal theory in its decision, "Exemption High b(2)," that was recently struck down by the Supreme Court in Navy v. Milner. In Milner, the Court held that FOIA exemption 2 only applies to records concerning employee relations and human resources issues. Milner overturns previous lower court decisions that applied the exemption to broader categories of records, allowing federal agencies to block disclosure of documents to the public. EPIC argues in its motion that the Department of Homeland Security is unlawfully withholding information about the airport scanners from the public. For more information, see EPIC-Milner v. Dept. of Navy and EPIC v. DHS - Body Scanners.
  • EPIC to Testify at Congressional Hearing on TSA Body Scanner Program » (Mar. 10, 2011)
    The Subcommittee on National Security of the House Committee on Oversight and Government Reform will hold a hearing on "TSA Oversight: Whole Body Imaging" On March 16, 2011. EPIC President Marc Rotenberg has been asked to testify. The hearing is expected to explore the privacy impact, health concerns, and questions of effectiveness that have been raised about the program. Committee Chairman Jason Chaffetz (R-UT) introduced legislation in 2009 that passed the House, 310-108, that would prevent the TSA from deploying body scanners as the primary screening technique in US airports. EPIC held a public conference earlier this that explored public objections to the TSA program. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.
  • DHS: We Have the Authority to Routinely Strip-Search Air Travelers » (Mar. 10, 2011)
    The Department of Homeland Security told a federal court that the agency believes it has the legal authority to strip search every air traveler. The agency made the claim at oral argument in EPIC's lawsuit to suspend the airport body scanner program. The agency also stated that it believed a mandatory strip search rule could be instituted without any public comment or rulemaking. EPIC President Marc Rotenberg urged the Washington, DC appeals court to suspend the body scanner program, noting that the devices are "uniquely intrusive" and ineffective. EPIC's opening brief in the case states that the Department of Homeland Security "has initiated the most sweeping, the most invasive, and the most unaccountable suspicionless search of American travelers in history," and that such a change in policy demands that the TSA conduct a notice-and-comment rule making process. The case is EPIC v. DHS, No. 10-1157. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.
  • EPIC to Argue for Suspension of Airport Body Scanner Program in the DC Court of Appeals » (Mar. 8, 2011)
    On March 10, 2011, EPIC President Marc Rotenberg will present arguments against the TSA body scanner program before the US Court of Appeals for the District of Columbia Circuit. EPIC has said that body scanners are "invasive, unlawful, and ineffective," and that the TSA's deployment of the devices for primary screening violates the U.S. Constitution and several federal statutes. EPIC's opening brief states that the Department of Homeland Security "has initiated the most sweeping, the most invasive, and the most unaccountable suspicionless search of American travelers in history." EPIC has also cited the agency's failure to respond to the First EPIC Petition and the Second EPIC Petition, widely supported by a broad coalition of organizations, which challenged the deployment of the devices and called for a public rule making. The case is EPIC v. DHS, No. 10-1157. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.
  • Inspector General Finds Homeland Security’s Contract Management Process Noncompetitive » (Mar. 2, 2011)
    The Inspector General of the Department of Homeland Security released a report finding that the agency's contract files did not "contain[] sufficient evidence of justification and approval, market research, and acquisition planning" for the $1.3 billion dollars in noncompetitive contracts the agency entered into in fiscal year 2010. The noncompetitive process raises doubts that the agency secured the "best possible value" for the goods and services and that the contracts were awarded to "eligible and qualified vendors." The IG recommended that the agency’s Chief Procurement Officer pursue corrective action plans. EPIC previously criticized the agency’s contracting practices regarding whole body scanners. For related information see EPIC: EPIC v. DHS: Body Scanners (Suspend the Program) and EPIC: EPIC v. DHS (FOIA).
  • EPIC FOIA - Homeland Security Spending Millions on Mobile Strip Search Devices » (Mar. 2, 2011)
    Documents obtained by EPIC under the Freedom of Information Act reveal that the Department of Homeland Security has spent millions of dollars on mobile body scanner technology that could be used at railways, stadiums, and elsewhere. EPIC has already challenged the use of the devices in airports, calling them "invasive, ineffective, and unconstitutional." According to the documents obtained by EPIC, the federal agency plans to expand the use of these systems to monitor crowds, peering under clothes and inside bags away from airports. For more information, see EPIC: EPIC v. DHS (Suspension of Body Scanner Program) and EPIC: Whole Body Imaging Technology.
  • White House Budget Funds Surveillance, Ignores Public Concerns » (Feb. 18, 2011)
    The White House Office of Management and Budget has released the federal budget for fiscal year 2012. The stated goal of the budget is to reduce the national deficit by eliminating wasteful programs. However, the budget proposal includes funding for 275 airport body scanners, which EPIC has called "invasive, unlawful, and ineffective." There is funding for federal "fusion centers," widely viewed as unregulated government databases that are used to track people suspected of new crime. The White House budget proposes expansion of the “Secure Communities” program, which has been the target of harsh criticism by civil liberties groups. For more information, see EPIC: EPIC v. DHS (Suspension of Body Scanner Program) and EPIC: Information Fusion Centers and Privacy.
  • EPIC Opposes TSA's Secret Evidence in Body Scanner Case » (Feb. 10, 2011)
    EPIC has opposed an effort by the Transportation Security Administration to provide secret evidence to the court in EPIC's challenge to the the airport body scanner program. The TSA claimed that it can withhold documents that it has designated "Sensitive Security Information" and scientific studies because they are "copyrighted materials." EPIC responded that the TSA failed to establish that the documents are Sensitive Security Information, and also that the TSA cannot withhold materials in a judicial proceeding because they are subject copyright. The argument before the DC Circuit in the case is scheduled for March 10. For more information, see EPIC: EPIC v. DHS: Body Scanners (Suspend the Program) and EPIC: EPIC v. DHS (FOIA).
  • Senate Amendment Could End "Digital Strip Searches" » (Feb. 8, 2011)
    Senator Udall (D-NM) has introduced a Senate Amendment 51 that would require the Transportation Security Administration to install "Automatic Target Recognition" software in all body scanners by January 1, 2012. The technology creates a "generic image" of airline passengers instead of the "peep show" images now produced by TSA devices and viewed by TSA officials. The TSA recently announced that it will begin testing new software at select U.S. airports. However, the TSA has not resolved concerns about image retention, health risks, or the effectiveness of the procedures. EPIC has filed a Freedom of Information Act lawsuit against the TSA for unlawfully withholding information about the body scanner technology. EPIC has a case in Federal Appellate court to suspend the use of the devices for primary screening in airports. For more information see EPIC - Whole Body Imaging Technology, EPIC - EPIC v. DHS (Suspend the program), EPIC - EPIC v. DHS (FOIA).
  • EPIC Files Lawsuit for Details on New Passenger Screening Devices » (Feb. 2, 2011)
    EPIC has filed a Freedom of Information Act lawsuit against the TSA for unlawfully withholding documents about software modifications to the Full-Body Scanners. EPIC submitted requests for these documents in June 2010 and October 2010. In response to mounting public criticism about the passenger screening program, the TSA recently announced that it would use "Automatic Target Recognition" software to mask the nude images of airline travelers that TSA officials currently view. However, documents obtained by EPIC in an earlier Freedom of Information Act lawsuit established that these procedures have the capability to store and record unfiltered images of passengers. EPIC has since filed a lawsuit to suspend the controversial screening program. The new case is EPIC v. Dep't of Homeland Security, No. 1:11-cv-00290. For more information see EPIC: Whole Body Imaging Technology and EPIC v. DHS (Suspension of Body Scanner Program).
  • TSA Drops Plan for Remote Viewing of Passengers, Will Get Up Front and Personal with New Scanning Devices » (Feb. 2, 2011)
    In response to widespread public opposition to airport body scanners, the TSA has announced that it will begin testing new body scanner software at select U.S. airports that it claims is less revealing. But the new scanners will also allow TSA officials to observe the passengers as they are being scanned. Previously, TSA operators were stationed in a remote viewing room. The TSA has also not resolved concerns about image retention, health risks, or the effectiveness of the procedures. In June 2010, EPIC submitted a FOIA request for information about the technology. The agency has yet to respond. For more information see EPIC: Whole Body Imaging Technology and EPIC v. DHS (Suspension of Body Scanner Program).
  • Jury Vindicates Right to Fly Without Producing Identification » (Jan. 24, 2011)
    A New Mexico jury exonerated civil rights activist Phil Mocek for refusing to show his identification to the TSA before boarding a plane and for filming TSA agents. Mocek has published footage of the incident, stemming from his attempt to board a flight in Albuquerque in 2009. Agents instructed Mocek to put down his camera. When he refused, insisting that TSA rules and regulations do not prohibit filming in publicly-accessible areas of the airport, agents raised their voices and accused him of "causing a disturbance." Police officers arrived on scene and informed Mocek that he was under criminal investigation for "disturbing the peace," demanding that he produce identification. Mocek carried no identification and was brought up on four separate charges relating to the incident. The jury in the case took an hour to deliberate and returned with a verdict of NOT GUILTY on all charges. EPIC is currently suing to strike down the TSA's body scanner checkpoint program and recently submitted a "Friend of the Court" brief urging the Supreme Court to limit police access to identity documents. For more information, see EPIC: EPIC v. DHS and EPIC: Tolentino v. New York.
  • Court Grants Government Motion in EPIC Body Scanner FOIA Lawsuit » (Jan. 12, 2011)
    A federal district court has granted the Department of Homeland Security's motion to conclude one of EPIC's Freedom of Information Act lawsuits. EPIC was seeking more than 2,000 images generated by airport body scanners held by the TSA. The DHS objected to the disclosure and the court sided with the government. The court relied on a legal theory, "Exemption High (b)(2)" that is currently under review by the Supreme Court in Milner v. Dept. of Navy. As a result of this lawsuit, EPIC obtained many documents concerning the airport screening program, including Procurement Specifications, Operational Requirements, traveler complaints, and vendor contracts with L3 and Rapiscan, that were subsequently made available to the public. EPIC may appeal the district court's decision as to the release of the body scanner images. For more information see EPIC:EPIC v. DHS and EPIC: Body Scanners. (Press Release)
  • EPIC Conference Draws Broad Coalition in Opposition to Airport Body Scanners » (Jan. 6, 2011)
    EPIC hosted "The Stripping of Freedom: A Careful Scan of TSA Security Procedures" at the Carnegie Institute for Science in Washington, DC. Speakers included Representative Rush Holt, Ralph Nader, New York City Councilman David Greenfield, and representatives of the Libertarian Party, the Council on American Islamic Relations, Flyer’s Rights, and the CATO Institute. The conference, covered by CSPAN, was fully interactive, with a videocast and a Twitter feed (#ScanTSA). For more information, see EPIC v. DHS (Suspension of Body Scanner Program).
  • EPIC Files Brief in Airport Body Scanner Case » (Jan. 6, 2011)
    EPIC has filed its reply brief in the suit to suspend the Department of Homeland Security's controversial airport body scanner program. The brief argues that "the TSA has acted outside of its regulatory authority and with profound disregard for the statutory and constitutional rights of air travelers, the agency’s rule should be set aside and further deployment of the body scanners should be suspended." EPIC filed its opening brief on November 1, 2010, arguing that the body scanners are "unlawful, invasive, and ineffective." On January 6, EPIC held a one-day public conference "The Stripping of Freedom: A Careful Scan of TSA Security Procedures" in Washington, DC. Oral argument will be heard in the case on March 10. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.
  • DHS Files Brief in EPIC Airport Body Scanner Case » (Jan. 4, 2011)
    The Department of Homeland Security has filed its answer brief in EPIC's suit to suspend the agency's controversial airport body scanner program. EPIC filed its opening brief on November 1, 2010, arguing that the body scanners are "unlawful, invasive, and ineffective." Since then, a national grassroots movement of citizens, advocates, and lawmakers staged protests, sent letters, held hearings (2), and introduced legislation (2, 3) to stop the program. DHS has repeatedly attempted to delay resolution of EPIC's lawsuit, but the Court has scheduled oral argument for March 10, 2011. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.
  • Oral Argument Set in EPIC Lawsuit to Suspend Airport Body Scanners » (Dec. 21, 2010)
    The United States Court of Appeals for the District of Columbia Circuit has scheduled oral argument in EPIC's case, No. 10-1157, against the Department of Homeland Security. The court set a March 10, 2011 date for the parties to present oral argument before the Court. EPIC filed suit against the Department of Homeland Security to suspend the body scanner program because it is "unlawful, invasive, and ineffective." In its opening brief, EPIC argued that the federal agency has violated the Administrative Procedures Act, the Privacy Act, the Religious Freedom Restoration Act, the Video Voyeurism Prevention Act, and the Fourth Amendment. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.
  • Study: TSA Whole Body Scanners Ineffective at Detecting Explosives » (Dec. 14, 2010)
    Evidence mounts that TSA’s whole-body scanners are not designed to detect powdered explosives or other low-density materials that pose a threat  to airline safety. Leon Kaufman and Joseph W. Carlson’s new study finds that “Even if exposure were to be increased significantly, normal anatomy would make a dangerous amount of plastic explosives with tapered edges difficult, if not impossible to detect.” Kaufman and Carlson’s study examined the imaging and device specifications of the backscatter machines to estimate the penetration and exposure to the body from the x-ray beam and the machines’ sensitivity to contraband. The authors’ study also echoes concerns about the health risks associated with the backscatter devices. EPIC has filed a lawsuit against the Department of Homeland Security to suspend the body scanner program because it is "unlawful, invasive, and ineffective." For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.
  • Court Finalizes Briefing Schedule in EPIC v. DHS Body Scanner Case » (Dec. 9, 2010)
    The United States Court of Appeals for the District of Columbia Circuit has finalized a briefing schedule in EPIC's case, No. 10-1157, against the Department of Homeland Security. The court has set a December 23, 2010 deadline for the agency's brief and a January 6, 2011 deadline for EPIC's reply. Final briefs will be due on January 27, 2011. EPIC has filed suit against the Department of Homeland Security to suspend the body scanner program because it is "unlawful, invasive, and ineffective." In its opening brief, EPIC argued that the federal agency has violated the Administrative Procedures Act, the Privacy Act, the Religious Freedom Restoration Act, the Video Voyeurism Prevention Act, and the Fourth Amendment. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.
  • EPIC Demands Documents from DHS about Mobile Body Scanners, Use of Devices at Trains Stations and Stadiums » (Nov. 24, 2010)
    EPIC has filed a Freedom of Information Act request with the Department of Homeland Security, demanding that the agency turn over documents concerning the use of body scanner technology by law enforcement agencies in surface transit and street-roaming vans. EPIC cited previous DHS testing of body scanners on New Jersey's PATH trains and the development of street-roaming backscatter vans. EPIC has also filed a lawsuit to suspend body scanner program. EPIC has called the devices "invasive, inefffective, and unlawful." For more information, see: EPIC: Whole Body Imaging and EPIC: EPIC v. DHS.
  • Majority of Americans Now Oppose Body Scanners and TSA Pat Downs » (Nov. 23, 2010)
    A new poll by Zogby International finds that 61% of Americans polled between Nov. 19 and Nov. 22 oppose the use of full body scans and TSA pat downs.  Of those polled, 52% believe the enhanced security measures will not prevent terrorist activity, almost half (48%) say it is a violation of privacy rights, 33% say they should not have to go through enhanced security methods to get on an airplane, and 32% believe the full body scans and TSA pat downs to be sexual harassment. The Zogby Poll is the most recent survey of American opinion on the new airport screening procedures. Combined with earlier polls by USA Today and the Washington Post-ABC News, the Zogby Poll reflects declining support for the TSA program.
  • EPIC Releases Analysis on TSA Body Scanner Program - "Deployment and contracting for body scanners should be suspended" » (Nov. 22, 2010)
    EPIC is making available to the public today the report EPIC prepared in January 2010, following the release of documents from the DHS in an open government lawsuit. The analysis, based on the internal records obtained from the agency, reveals that the "device specifications, set out by the TSA, include the ability to store, record, and transfer images, contrary to the representations made by the TSA...include hard disk storage, USB integration, and Ethernet connectivity that raise significant privacy and security concerns...include "super user" ("Level Z") status that allows the TSA itself to disable filters and to export raw images..." The EPIC memo states "Based on the materials received to date, EPIC concludes that further deployment and contracting for body scanners should be suspended until the privacy and security problems identified are adequately resolved." The documents were obtained in EPIC v. DHS (FOIA) EPIC has since filed papers in federal court to suspend the program. See EPIC v. DHS (body scanners).
  • Congress Raises New Questions About Airport Screening Procedures » (Nov. 21, 2010)
    Rep. Bennie G. Thompson (D-MS) and Rep. Sheila Jackson-Lee (D-TX), two leading members of Congress, have sent a letter to TSA Administrator John S. Pistole, objecting to the new airport screening procedures. Reps. Thompson and Lee wrote, "we are concerned about new enhanced pat down screening protocols and urge you to reconsider utilization of these protocols." Reps. Thompson and Lee further said that "the TSA should have had a conversation with the American public" and should have ensured that "these changes do not run afoul of privacy and civil liberties." EPIC has filed a lawsuit against the TSA for failing to provide an opportunity for public comment, which is required by law, and implementing a screening procedure that violates privacy. EPIC President Marc Rotenberg has called the new screening procedures "invasive, unlawful, and ineffective." For more information, see EPIC: Whole Body Imaging and EPIC: EPIC v. DHS.
  • EPIC Files FOIA Suit to Force Disclosure of Body Scanner Radiation Risks » (Nov. 19, 2010)
    EPIC has filed a Freedom of Information Act lawsuit against the Department of Homeland Security, seeking records concerning radiation emissions and exposure associated with airport full body scanners. The Department recently implemented the scanners as a primary screening mechanism for all airline travelers. In August, many senators questioned the safety of the scanners. In September, Ralph Nader also sent a letter to the Senate expressing concern about radiation exposure. Earlier this year, EPIC requested DHS to release all information about radiation emissions. DHS failed to respond to EPIC's FOIA request and when DHS also failed to reply to EPIC's administrative appeal, EPIC filed a lawsuit in federal court. Earlier EPIC FOIA lawsuits uncovered evidence that body scanners can store and record images and that the Marshals Service had captured more than 35,000 images. For more information see, EPIC v. DHS (Body scanner images) and EPIC v. DOJ (Body scanner images).
  • Rep. Ron Paul Introduces Bill to Halt Body Scanner Program » (Nov. 18, 2010)
    Representative Ron Paul introduced a bill that would hold TSA agents legally accountable for airline screening procedures. Rep. Paul cited abusive screening procedures as the reason for the legislation, titled the American Traveler Dignity Act. In a floor speech, Representative Paul also endorsed National Opt-Out Day, a grassroots movement of passengers who plan to refuse the devices on November 24th. EPIC is suing in federal court to suspend the body scanner program. For more information, see EPIC: Whole Body Imaging and EPIC: EPIC v. DHS.
  • New York City Moves to Ban Body Scanners » (Nov. 18, 2010)
    Members of the New York City Council announced today that they would introduce legislation to ban the use of body scanners in New York City. Councilmember David Greenfield said, "I am deeply troubled that we are subjecting New Yorkers to this humiliating process, which breaches the most basic privacy rights." EPIC President Marc Rotenberg joined the Councilmembers on the steps of City Hall for the announcement. For more information, see EPIC: Whole Body Imaging and EPIC: EPIC v. DHS (Suspension of Body Scanner Program).
  • Senators Grill TSA Official About Airport Body Scanners » (Nov. 17, 2010)
    In a hearing before the Senate Committee on Commerce, Science, and Transportation, Sentors asked TSA Administrator John Pistole tough questions about the privacy and health implications of airport body scanners. Senators also asked about the invasiveness of pat-downs and the problems that the machines pose for religious objectors. Pistole failed to provide proof of independent studies regarding radiation risks and consistently downplayed privacy and religious concerns. EPIC has filed a lawsuit to suspend the body scanner program, calling the program "unlawful, invasive, and ineffective." For more information, see EPIC: Whole Body Imaging and EPIC: EPIC v. DHS (Suspension of Body Scanner Program).
  • Senate to Hold Hearings on TSA, Congress to Examine Impact of Body Scanner Program on Airline Industry » (Nov. 15, 2010)
    The Senate Committee on Commerce, Science, and Transportation will hold an oversight hearing on the Transportation Security Administration on November 17, 2010. Hon. John S. Pistole, the TSA Administrator, is expected to testify. EPIC has filed a lawsuit to suspend the body scanner program, calling it "unlawful, invasive, and ineffective." Opposition to the program is growing. The Libertarian Party, the American Pilots Association, Airline CEOs, flyers rights organizations, religious groups, and others are calling for an end to invasive searches at airports. A National Opt-Out Day is scheduled for November 24. For more information, see EPIC: Whole Body Imaging and EPIC: EPIC v. DHS (Suspension of Body Scanner Program).
  • Government Seeks to Exclude Religious Objectors from EPIC Body Scanner Challenge, EPIC Opposes DHS Motion » (Nov. 9, 2010)
    In a motion filed in the DC Circuit Court of Appeals, the Department of Homeland Security has attempted to exclude religious objector Nadhira Al-Khalili from EPIC's body scanner lawsuit. Ms. Al-Khalili is Legal Counsel for the Council on American Islamic Relations, one of the organizations that supported EPIC's petition, which is the basis for the challenge to the body scanner program. Ms. Al-Khalili's claims are based on the Religious Freedom Restoration Act and Islamic modesty requirements. EPIC has opposed the government's motion and stated that the agency is "simply afraid to have the Religious Freedom Restoration Act claims heard by this Court." EPIC further argued that "Respondents hope by seeking to exclude Ms. Al- Khalili . . . they will avoid judicial scrutiny of an agency practice that substantially burdens the free exercise of religion in violation of federal law." For more information, see EPIC: EPIC v. DHS (Emergency Stay, Body Scanners) and EPIC: Whole Body Imaging Technology.
  • Libertarian Party Endorses EPIC Body Scanner Lawsuit » (Nov. 5, 2010)
    Libertarian Party Chair Mark Hinkle said today, "The TSA should end the strip-search machine program immediately. We've reached a point where our government has no qualms about humiliating us." Mr. Hinkle expressed support for the EPIC lawsuit aimed at suspending the body scanner program. Mr. Hinkle further said, "We encourage Americans to call their newly-elected members of Congress and tell them that they don't want this expensive, worthless, intrusive, unconstitutional program." The Libertarian Party is America's third-largest political party. For more information, see EPIC v. DHS.
  • In Opening Brief, EPIC Urges Federal Appeals Court to Suspend Airport Body Scanner Program » (Nov. 1, 2010)
    EPIC has filed the opening brief in EPIC v. DHS, No, 10-1157, a case that challenges the unilateral decision of the TSA to make body scanners the primary screening technique in U.S. airports. Three frequent air travelers are joining EPIC in the lawsuit: security expert Bruce Schneier, human rights activist Chip Pitts, and the Council on American-Islamic Relations legal counsel Nadhira Al-Khalili. The Petitioners have brought claims under the Administrative Procedure Act, the Privacy Act, the Video Voyeurism Prevention Act, the Religious Freedom Restoration Act, and the Fourth Amendment. The Petitioners are seeking the suspension of the body scanner program. In its brief, EPIC argues that the Department of Homeland Security "has initiated the most sweeping, the most invasive, and the most unaccountable suspicionless search of American travelers in history." EPIC further argues that the Transportation Security Administration "must comply with relevant law, and it must not be permitted to engage in such a fundamental change in agency practice without providing the public the opportunity to express its views." For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology. UPDATE: Read EPIC's press release here.
  • DHS Privacy Office Releases 2010 Annual Report » (Sep. 24, 2010)
    The Department of Homeland Security has released the Privacy Office 2010 Annual Report. The Agency's Chief Privacy Officer must prepare an annual report to Congress that details activities of the Department that affect privacy, including complaints of privacy violations, and DHS compliance with the Privacy Act of 1974. This year’s report details the establishment of privacy officers within each component of the Agency. The report also provides updates on Fusion Centers, Cybersecurity, and Cloud Computing activities of the agency. For more information, see EPIC: DHS Privacy Office.
  • Ralph Nader and EPIC Urge Senate Hearings on Airport Body Scanners » (Sep. 7, 2010)
    In letters to Senator Lieberman and Senator Collins, EPIC President Marc Rotenberg and consumer advocate Ralph Nader urged the Senate Committee on Homeland Security and Governmental Affairs to "convene a public hearing to review the government's deployment of whole-body scanners at passenger security checkpoints in US airports." The Nader/Rotenberg letter states that the Department of Homeland Security and the Transportation Security Administration have "disregarded serious questions concerning the devices' effectiveness, privacy safeguards, and potential health impacts." In a letter to the US Marshall Service, Senators Lieberman and Collins earlier expressed concern about the ability of these devices to store and retain images. The Committee on Civil Liberties, Justice and Home Affairs of the European Parliament has announced a hearing on the Body Scanner program for October 6, 2010. For more information, see EPIC v. DHS (Suspension of Body Scanner Program and EPIC - Airport Body Scanners
  • EPIC Challenge to Airport Body Scanner Program Moves Forward in Federal Court » (Sep. 2, 2010)
    The United States Court of Appeals for the District of Columbia Circuit has set a briefing schedule for EPIC v. DHS, No. 10-1157, EPIC's challenge to the airport body scanner program. EPIC has alleged that that the Department of Homeland Security has violated three federal laws (the Administrative Procedures Act, the Privacy Act, and the Religious Freedom Restoration Act) and that the body scanner search itself is unconstitutional, given what the courts have said about the permissible scope of airport screening procedures. EPIC's initial brief will be due November 1, 2010. Subsequent briefs from DHS and EPIC will be due by December 15, 2010. In earlier open government litigation against DHS, EPIC obtained evidence that the devices are designed to store and record images. For more information, see EPIC - EPIC v. DHS (Suspension of Body Scanner Program).
  • Following EPIC FOIA Lawsuit, US Senators Raise Questions About Retention of Body Scanner Images » (Aug. 20, 2010)
    The Chairman and Ranking Member of the Homeland Security Committee, along with four other Senators, have sent a letter to the head of the US Marshal Service to ask why the federal agency stored more than 35,000 images from whole body imaging scans taken at the Orlando federal courthouse. The letter follows a Freedom of Information Act lawsuit, filed by EPIC, in which the Marshal Service was forced to disclose the fact that it had stored body scanner images. EPIC has also filed an emergency motion in federal court to suspend the program, pending a thorough review of the airport body scanner program. For more information, see EPIC: Whole Body Imaging Technology and EPIC v. DHS (Suspension of Body Scanner Program).
  • Senators Question Safety of Airport Body Scanners, Object to Program Expansion » (Aug. 18, 2010)
    Three U.S. Senators have objected to the Department of Homeland Security's expansion of the airport body scanner program. In a letter to DHS Secretary Janet Napolitano, Senators Collins (R-ME), Burr (R-NC), and Coburn (R-OK) have asked "why the Department continues to purchase this technology when legitimate concerns about its safety appear to remain unanswered." The Senators noted that "the issue of radiation associated with the backscatter x-ray AIT machines has not been adequately addressed by TSA." They urged the agency's Chief Medical Officer, working with independent experts, to conduct a review of the health effects on travelers and airport personnel. EPIC recently submitted a FOIA request to the DHS for all records of tests conducted by the agency regarding radiation impacts. EPIC has also filed an emergency motion in federal court to suspend the program, pending an thorough review of the airport body scanner program. For more information, see EPIC: Whole Body Imaging Technology and EPIC v. DHS (Suspension of Body Scanner Program).
  • DHS Announces Dramatic Expansion of Airport Body Scanner Program » (Jul. 21, 2010)
    On July 20, 2010, the Department of Homeland Security announced a substantial change in the deployment of body scanners in US airports. According to the DHS Secretary, the devices, which had once been part of a pilot program for seconary screening, will now be deployed in 28 additional airports. The devices are designed to capture and store photographic images of naked air travelers. EPIC has filed an emergency motion in federal court, urging the suspension of the program and citing violations of several federal statutes and the Fourth Amendment. Public opposition to the program is also growing. For more information, see EPIC v. DHS (Body scanners) and EPIC Body Scanners.
  • EPIC Pursues Lawsuit Against Homeland Security, Urges Court to Suspend Body Scanner Program » (Jul. 20, 2010)
    Today, EPIC filed a reply in its case against the Department of Homeland Security, EPIC v. DHS,10-1157. EPIC had previously filed a petition and motion for emergency stay, asking the court to suspend the use of the machines. EPIC argued that the use of body scanners for primary screening in U.S. airports violates several federal laws and the Fourth Amendment. In its reply to the government's motion, EPIC also cited the growing public opposition to the program, the decision of major airports not to use body scanners, as well as the agency's failure to adequately address Constitutional concerns. For more information, see EPIC: Body Scanners and EPIC v. DHS.
  • Federal Judge Limits Suspicionless Laptop Searches at Borders » (Jun. 11, 2010)
    A federal judge has ruled against the Department of Homeland Security's Customs and Border Protection claim that agents could not only search the electronic devices of cross-border travelers without a warrant or even reasonable suspicion, they could also seize the devices indefinitely for more invasive searches. In United States v. Hanson, U.S. District Judge Jeffrey White ruled that "[g]iven the passage of time between the January and February searches and the fact that the February search was not conduct[ed] at the border, or its functional equivalent, the court concludes that the February search . . . must be justified by reasonable suspicion." Last October, EPIC and 20 other organizations sent a letter to the House Committee on Homeland Security objecting to this practice and other privacy violations. For more information, see EPIC: DHS Privacy Office.
  • Ralph Nader, Privacy Groups Urge Congress to Suspend Airport Body Scanner Program » (May. 28, 2010)
    In two letters today, Ralph Nader and ten privacy organizations urged leaders in the House and Senate to cease deployment of full-body scanning devices in US airports until an independent review of the devices' health effects, effectiveness and privacy safeguards is completed. In letters addressed to Congressman Bennie Thompson and Senator Joe Lieberman, the organizations cited the increasing presence of the full-body scanner machines and the health risks posed by the machines. This message echoes previous requests made by EPIC in a letter to President Obama and in testimony before the House Committee on Homeland Security. For more information, see EPIC: Whole Body Imaging Technology and EPIC v. Department of Homeland Security.
  • Coalition Petitions Homeland Security to Suspend Airport Body Scanners » (Apr. 21, 2010)
    EPIC and a broad coalition of organizations sent a formal petition to the Department of Homeland Security to demand that the agency suspend the airport body scanner program. The petition states that the "uniquely intrusive search" is unreasonable and violates the Constitution. The petition further states the program fails to comply with several federal laws, including the Religious Freedom Restoration Act , the Privacy Act of 1974, and the Administrative Procedures Act. The petitioners also argue that the machines are ineffective and that there are better, less costly security technology. The petitioners  contend that the TSA has routinely misled the pubic about the ability of the devices to store and transmit detailed images of travelers' naked bodies. In a Freedom of Information Act lawsuit, EPIC has already obtained technical documents, vendor contracts, and hundreds of traveler complaints. EPIC is seeking additional documents. For more information, see EPIC: Whole Body Imaging Technology and EPIC: EPIC v. Department of Homeland Security.
  • EPIC v. Homeland Security: Government has Over 2,000 Photos from Airport Body Scanners » (Apr. 16, 2010)
    As a result of a Freedom of Information Act lawsuit, EPIC has obtained hundreds of pages of documents from the Department of Homeland Security about the plan to deploy full body scanners in US airports. A letter to EPIC reveals that the government agency possesses about 2,000 body scanner photos from devices that the DHS said earlier "could not store or record images." EPIC has also obtained the most recent device procurement specifications, and several hundred new pages of traveler complaints. For more information, see EPIC: Whole Body Imaging and EPIC: EPIC v. Department of Homeland Security
  • EPIC Recommends That Congress Suspend Body Scanning Program » (Mar. 18, 2010)
    In testimony before the House Committee on Homeland Security, EPIC President Marc Rotenberg urged Congress to halt the plan to deploy body scanners in the nation's airports. "Based on the documents we've obtained, the views of experts, the concerns of  American, and the extraordinary cost, Congress should suspend the program," said Mr. Rotenberg. In a recent letter to President Obama, EPIC and Ralph Nader recommended an independent review to assess health impacts, privacy safeguards, and the actual effectiveness of the devices. Through FOIA litigation, EPIC has obtained technical specifications, vendor contracts, and hundreds of complaints from US air travelers about the body scanners (Part 1, Part 2, Part 3, Part 4, Part 5). A recent report from the GAO has also raised questions about the effectiveness and cost of the devices. For more information, see EPIC Whole Body Imaging and EPIC Air Travel Privacy.
  • EPIC v. DHS: EPIC Obtains Complaints About Airport Body Scanners » (Mar. 8, 2010)
    In response to an EPIC Freedom of Information Act lawsuit, the Department of Homeland Security and the Transportation Security Administration (TSA) released more documents about body scanners in US airports. The documents include many complaints from travelers who went through the devices. Travelers reported that they were not told about the pat down alternative or that they were going to be subject to a body scan by TSA officials. Travelers also expressed concern about radiation risks to pregnant women and the image capture of young children without clothes. EPIC has previously obtained whole body imaging vendor contracts, operational requirements, and procurement specifications from TSA. EPIC and Ralph Nader have urged President Obama to suspend the program until an independent review is completed. For more information see EPIC: Whole Body Imaging Technology
  • Federal Budget Announced for Fiscal Year 2011, Surveillance Projects Scrutinized » (Feb. 3, 2010)
    The Office of Management and Budget has released the federal budget for fiscal year 2011. The budget proposes funding for several new surveillance initiatives, including over $700 million to the Department of Homeland Security for "Passenger Aviation Security". The Department would like to purchase 500 body scanner machines for U.S. airports, bringing the projected total number of machines to 1,000 at a cost of over $200 million by the end of 2011. The new budget also includes several hundred million dollars for the Department of Justice's national security programs, which were recently the subject of a critical Inspector-General's report for improper use of authority. For more information, see EPIC DHS and Privacy, EPIC Domestic Surveillance, EPIC Air Travel Privacy, and EPIC Whole Body Imaging.
  • Homeland Security Releases Annual FOIA Report » (Feb. 1, 2010)
    The Department of Homeland Security has released the 2009 Freedom of Information Act Report. The report shows that the Department processed over 160,000 requests in the past year, with 27,182 requests remaining pending. Of the requests processed, 11% were granted in full, 60% were classified as "partial grants/partial denials," and the remaining 29% were denied in full. The overwhelming majority of backlogged requests and appeals are pending at the Customs and Immigration Service. For denied requests with processed appeals, nearly 30% were fully reversed on appeal, and another 32% were reversed in part. EPIC currently has two FOIA cases pending against the Department relating to its use of Body Scanner machines. For more information, see EPIC v. DHS, EPIC FOIA Litigation Docket.
  • UPDATE - EPIC Sues Dept. of Homeland Security, Demands Additional Documents About Airport Body Scanners » (Jan. 13, 2010)
    EPIC has filed a second FOIA lawsuit, demanding the release of the full resolution images captured by airport "digital strip search" machines. EPIC's suit against the Department of Homeland Security also seeks records detailing air traveler complaints and security breaches that may have exposed data to unauthorized individuals. The TSA  has called for mandatory use of the body scanners in all US airports. A prior EPIC lawsuit forced the disclosure of documents that reveal that TSA officials can disable privacy filters and export raw image files. For more information, see EPIC Whole Body Imaging Technology and EPIC Open Government.
  • UPDATE - EPIC Posts TSA Documents on Body Scanners » (Jan. 11, 2010)
    EPIC has posted more than 250 pages of documents it obtained in  a Freedom of Information Act lawsuit concerning body scanners. The documents, released by the Department of Homeland Security, reveal that Whole Body Imaging machines can record, store, and transmit digital strip search images of Americans. This contradicts assurances made by the TSA. The documents include TSA Procurement Specifications, TSA Operational Requirements, TSA contract with L3, TSA contract with Rapiscan (1), and TSA contract with Rapiscan (2). The DHS has withheld other documents that EPIC is seeking. For more information, see EPIC: Whole Body Imaging Technology and EPIC: Open Government.
  • Congressional Committee Investigating Privacy Office at Homeland Security, Acknowledges Privacy Coalition Letter » (Nov. 12, 2009)
    House Homeland Security Committee Chairman Bennie Thompson has responded to the Privacy Coalition letter regarding the Chief Privacy Officer of the Department of Homeland Security. Chairman Thompson said that "the Committee is in the process of reviewing the programs outlined" in the letter, and thanked the Coalition for bringing the issues to the attention of the committee. He further stated that the Committee "will continue to examine the Department's programs and policies and vigorously address privacy concerns and issues." For more information, see EPIC DHS Privacy Office and Privacy Coalition.
  • EPIC Sues Homeland Security for Information About Digital Strip Search Devices » (Nov. 9, 2009)
    EPIC filed a Freedom of Information Act lawsuit challenging the Department of Homeland Security's failure to make public details about the agency's Whole Body Imaging program. The devices capture detailed naked images of air travelers in the United States. After the agency announced that the body scanners would become the primary screening device in US airports, EPIC demanded that the agency disclose records that describe the scanners' capacity to save and transmit images. In June, EPIC sent a letter to the Secretary of Homeland Security Janet Napolitano urging her to suspend the digital strip searches. For more, see EPIC Backscatter X-ray, Whole Body Imaging and EPIC Air Travel Privacy.
  • EPIC Reminds Homeland Security Agency to Publish Privacy Report » (Sep. 22, 2009)
    In a letter to the Chief Privacy Officer of the Department of Homeland Security, EPIC asked when the annual privacy report will be made available. The Department is required by law to provide an annual report "on activities of the Department that affect privacy, including complaints of privacy violations, implementation of the Privacy Act of 1974, internal controls, and other matters." The last privacy report was published in July 2008. EPIC has previously sent similar letters to the Department, reminding the agency of its legal obligation to inform the public about its activities. For more information, see EPIC’s Privacy Report Held Hostage page.
  • EPIC Pursues DHS Official's Public Calendar » (Sep. 18, 2009)
    EPIC has filed a FOIA appeal with the Department of Homeland Security for the calendar of the Chief Privacy Officer. EPIC submitted the original request to find out why the DHS Privacy Officer could not meet with privacy groups in Washington, DC. The agency turned over many pages from the calendar, but the entries were all blacked out. In the appeal, EPIC said the agency has failed to comply with the open government law and also cited the President's commitment to government transparency concerning the activities of public officials. For more information, see EPIC Open Government.
  • Senate Judiciary Committee Considers National Biometric Identification System » (Jul. 22, 2009)
    Senator Schumer (D-NY) is proposing a new system to track all US workers to determine employment eligibility. The plan for the employment verifiability system involves the collection of biometric information. The Department of Homeland Security would approve or disapprove individuals for employment. Automated biometric identification systems raise questions about the scalability, reliability, accuracy, and security of the data collected. See EPIC Biometric Identification.
  • Workshop: Government 2.0: Privacy and Best Practices » (Jun. 22, 2009)
    Lillie Coney EPIC Associate Director DHS Data Privacy and Integrity Advisory Committee June 22-23, 2009
  • DHS Seeks Nominations to the Agency's Data Privacy and Integrity Advisory Committee » (May. 5, 2009)
    The Department of Homeland Security is seeking applications for appointments to the agency's Data Privacy and Integrity Advisory Committee. The committee provides advice at the request of the Secretary of DHS and the agency's Chief Privacy Officer on privacy related matters. The agency is seeking to fill two terms that would expire in January 2012, and January 2013. Applications for the positions must be received by the agency on or before June 8, 2009. For more information, see: EPIC's Web page Spotlight on Surveillance.
  • Homeland Security Secretary Proposes Increase in Spending for Domestic Surveillance Programs » (Feb. 27, 2009)

Background

According to the AFI Privacy Impact Assessment, the Agency maintains six categories of data, each of which contains personally identifiable information: DHS-owned data, other government agency data, information from commercial data aggregators, analyst-created data, analyst-provided data, and index information. AFI further “collects identity and imagery data from several commercial data aggregators. . . [to] cross-reference that information with the information contained in DHS-owned systems.” AFI contains personally identifiable information including full name, address, age, gender, race, physical characteristics, marital status, residency status, country of citizenship, city and country of birth, date of birth, Social Security number, vehicle information, travel information, document information, passport information, law enforcement records, and familial and other contact information. AFI became operational in August 2012.

Some of the “DHS-owned” data within AFI comes from the Automated Targeting System (“ATS”). According to a 2012 Federal Register notice, in addition to the data amassed from ATS, CBP uses AFI to “provide AFI analysts with different tools that assist in detecting trends, patterns, and emerging threats, and in identifying non-obvious relationships.” According to the agencies, DHS and CBP use individual information within ATS to make “risk assessments” on individuals that travel to, through, and from the United States or “other locations where CBP maintains an enforcement or operational presence by land, air, or sea.” These risk assessments are assigned to U.S. citizens. CBP uses “Automated Targeting System” risk assessments to “signal to CBP officers that further inspection of a person, shipment, or conveyance may be warranted, even though an individual may not have been previously associated with a law enforcement action or otherwise be noted as a person of concern to law enforcement.” CBP uses initial “risk-based” assessment matches and subsequent matches “to confirm continued official interest in the identified person.”

CBP uses a variety of personally identifiable information within ATS to perform risk assessments, including name, address, Social Security number, gender, nationality, race, and biometric information. ATS also contains information generated by CBP, including “law enforcement or intelligence information regarding an individual” and “risk-based rules developed by analysts to assess and identify high-risk cargo, conveyances, or travelers that should be subject to further scrutiny or examination.”

Individuals having information within ATS are not notified of their risk assessment because DHS has exempted ATS from the “notification, access, amendment, and certain accounting procedures of the Privacy Act[.]”

EPIC's Interest in AFI

EPIC has highlighted the problems inherent in passenger profiling systems like ATS and AFI in previous testimony and comments. In testimony before the National Commission on Terrorist Attacks Upon the United States (more commonly known as "the 9/11 Commission"), EPIC President Marc Rotenberg explained, "there are specific problems with information technologies for monitoring, tracking, and profiling. The techniques are imprecise, they are subject to abuse, and they are invariably applied to purposes other than those originally intended."

The Automated Targeting System mines a vast amount of data to create a "risk assessment" on hundreds of millions of people per year, a label that will follow them for the rest of their lives.

EPIC has urged the suspension of the risk assessment system, arguing that the use of such factors as race and nationality in a government database is unconstitutional.

EPIC has a longstanding interest in algorithmic transparency and ending secret profiling of individuals.

EPIC's Freedom of Information Act Request

On April 8, 2014, EPIC submitted a FOIA request asking for:

(1) All AFI training modules, request forms, and similar final guidance documents that are used in, or will be used in, the operation of the program;

(2) Any records, memos, opinions, communications, or other documents that discuss potential or actual sources of information not currently held in DHS databases, or potential or actual uses of information not currently held in DHS databases;

(3) Any records, contracts, or other communications with commercial data aggregators regarding the AFI program; and

(4) The Privacy Compliance Report initiated in August 2013 by the DHS Privacy Office.

FOIA Documents

Legal Documents

EPIC v. Customs and Border Protection, No. 14-cv-01217 (D.D.C. filed July, 18, 2014)

EPIC v. CBP, No. 17-5078 (D.C. Cir. filed Apr. 18, 2017)

Resources

News Reports

Share this page:

Defend Privacy. Support EPIC.
US Needs a Data Protection Agency
2020 Election Security