Recent Updates

  • White House Releases Long-Awaited “AI Bill of Rights” Document
    Today, the White House Office of Science and Technology Policy released a “Blueprint” for an “AI Bill of Rights.” OSTP had announced this effort in October 2021, saying “Our country should clarify the rights and freedoms we expect data-driven technologies to respect.” “Designers, developers, and deployers of automated systems should take proactive and continuous measures … Continued
  • EPIC Joins Brennan Center, Others Urging Supreme Court to Allow Lawsuits by Unconstitutionally Surveilled Citizens
    EPIC has joined an amicus brief filed before the Supreme Court in the case Wikimedia v. NSA, a case that could determine whether people subjected to unlawful surveillance are permitted to challenge that surveillance in court. The Wikimedia Foundation, represented by the ACLU, filed the lawsuit after Edward Snowden uncovered the existence of the “upstream” … Continued
  • DOJ Report Highlights Disagreements Between FBI, DOJ on Key FISA Processes and Principles
    A report from the Department of Justice (DOJ) Inspector General (IG) revealed that the FBI conducted queries of data collected under foreign intelligence surveillance authorities that oversight officials within the DOJ believed were not permissible. According to the IG report, the FBI’s Office of the General Counsel (OGC) and the Department of Justice’s National Security … Continued
  • EPIC Submits Additional Feedback on NIST AI Risk Management Framework 
    EPIC has submitted feedback to NIST to inform the development of an AI Risk Management Framework that will assist companies in developing, deploying, and evaluating trustworthy AI systems. This is the second time that EPIC has submitted comments to NIST on this issue and comes in response to an updated draft of the Framework. EPIC’s … Continued
  • Representative Lieu Introduces Bill to Limit Law Enforcement Face Surveillance
    Rep. Ted Lieu (D-CA), along with Rep. Yvette Clark (D-NY) today introduced legislation to limit law enforcement use of face recognition tools. The Facial Recognition Act would require law enforcement agencies to obtain a warrant before conducting face recognition searches. Further, it would narrow the circumstances in which law enforcement may use face recognition technology, … Continued
  • NBC: Cookies might not be tracking you, but some of your favorite brands are
    It isn’t clear whether retail media networks violate California’s privacy laws or would come under enforcement if the federal privacy bill is enacted, said John Davisson, senior counsel with the Electronic Privacy Information Center, which backs tighter controls around consumer data. “A lot turns on what is made clear to the consumer at the time … Continued
  • Axios: FTC considers strengthening its consent decree security hammer
    Khan’s idea to start naming executives as responsible parties in consent decrees could force the C-suite to take FTC orders seriously, since they could face individual fines, says John Davisson, senior counsel at the Electronic Privacy Information Center. Read the full article here.
  • WKRC: Ups and Downs: Hamilton County Sheriff’s Office replacing helicopters with drones
    “It’s right to raise questions about where all that content is going,” said Alan Butler, executive director of the Electronic Privacy Information Center. “Are they capturing video of people’s homes? Looking into people’s windows — that has nothing to do with any crime? And what controls are in place to make sure that nothing is … Continued
  • Bloomberg Law: NYPD Face Search Details Sought in New Jersey Armed Robbery Case
    Read the full article here (paywall).
  • EPIC & NCLC to Ninth Circuit: Automated Campaign Calling Without Consent Violates TCPA
    EPIC and the National Consumer Law Center (NCLC) filed an amicus brief in Trim v. Reward Zone USA LLC, arguing that Reward Zone violated the Telephone Consumer Protection Act (TCPA) if its dialing system used a number generator to mass dial people without consent—even if Reward Zone called telephone numbers from a stored list. Last … Continued
  • EPIC, EFF, & NACDL Amicus Brief Urges NJ Court to Recognize Right to Discovery on Facial Recognition Used to Identify Defendant
    EPIC has filed an amicus brief in New Jersey v. Arteaga supporting the defendant’s right to know the details of how he was identified by a facial recognition system. Mr. Arteaga was identified as a suspect in an armed robbery in New Jersey by a facial recognition search performed by the NYPD. Even though the facial recognition search was … Continued
  • Bloomberg Law: Website-Browsing Surveillance Suits Erupt After Appellate Ruling
    The software also enables companies to conduct a form of human-subject research without the consent of the human subjects, and operates without regard to important privacy concerns such as limiting the amount of data that companies collect and retain, said John Davisson, senior counsel at the Electronic Privacy Information Center. Read the full story here.
  • GAO Report: Federal Agencies Lack Senior Leadership to Effectively Implement Privacy Programs
    A Government Accountability Office (GAO) report, prepared in consultation with privacy experts including EPIC Senior Counsel John Davisson, canvassed 24 federal government agencies and found that most have failed to fully implement statutory privacy requirements. The GAO found that despite the massive amount of personally identifiable information (PII) collected by these agencies and the increasing … Continued
  • EPIC Urges DC Council to Pass Algorithmic Discrimination Bill
    Yesterday, EPIC urged the DC Council Committee on Government Operations and Facilities to pass the Stop Discrimination of Algorithms Act. The bill prohibits algorithmic eligibility or information delivery determinations based on a protected class that segregate, discriminate against, or otherwise make important life opportunities unavailable to an individual or class of individuals. The bill would … Continued
  • EPIC, NCLC Urge FCC to Deter Phone Service Providers From Transmitting Scam Robocalls
    Last week, EPIC and the National Consumer Law Center (NCLC) urged the FCC to more aggressively protect phone subscribers from scam robocalls, which account for billions of dollars in consumer losses every month. The organizations emphasized that there are demonstrably effective tools currently available to assist with this goal, yet phone service providers refrain from … Continued
  • The Rise of Chinese Surveillance Technology in Africa (part 5 of 6)
    Personal Data Vulnerabilities in Africa By Bulelani Jili, EPIC Scholar-in-Residence Digital initiatives have widened the range of personal data collected by African states. In 2011, the Nairobi government employed a French company, Imprimerie Nationale, to create a biometric data system for their national identity card program. This digitization initiative was justified as a way to … Continued
  • Report: DOD Agencies Provided Access to “Petabytes” of Data, Including Internet Browsing and Email Data, via Data Broker Mass Monitoring Tool
    In a letter to the DOD, DHS, and DOJ Inspectors General, Sen. Ron Wyden revealed that the Naval Criminal Investigative Service (NCIS) has purchased a subscription to Augury, a service that provides access to internet browsing and email data. Motherboard further reported that the U.S. Navy, Army, Cyber Command, and the Defense Counterintelligence and Security … Continued
  • Indonesia Passes Privacy Bill
    Indonesia’s parliament has passed a new personal data protection law after a series of data leaks and breaches. The law carries heavy penalties for data misuse or leaks, including up to 5 years of jail time and 2% of a company’s annual revenue. Falsifying personal data carries a potential 6 years of jail time. The … Continued
  • Dallas Morning News: Tracked: How Colleges Use AI To Monitor Student Protests
    But even collecting publicly posted information may harm students’ privacy and speech rights, experts say. Jake Wiener, a lawyer at the Electronic Privacy Information Center also said social media monitoring services may extend the reach of law enforcement agencies beyond what they were previously able to track. “Something like a social media surveillance program is … Continued
  • The GW Hatchet: Congresswoman, experts talk reproductive data privacy post-Dobbs
    Sara Geoghegan, a law fellow at the Electronic Privacy Information Center, said the state of New York may soon pass a similar law and expressed her belief that restrictions on the exchange of private data should be placed on tech companies and other organizations. “I think the data minimization standard that has been discussed should … Continued
  • CBP Compiles Massive Amounts of Travelers’ Data Through Border Seizures
    In a letter to Customs and Border Patrol (CBP) Commissioner Chris Magnus, Sen. Ron Wyden revealed that CBP has compiled a massive amount of travelers’ data through the searches of cellphones, iPads, and computers seized from travelers at U.S. airports, seaports, and border crossings. The data from the searches is kept in a database known as the Automated … Continued
  • The Register: US border cops harvest info from citizens’ phones, build massive database
    “Today’s cell phones and other electronic devices are filled with countless amounts of personal data — often more than what is contained in our homes,” EPIC senior counsel Jeramie Scott told The Register. “This makes CBP’s retention of data from tens of thousands of electronic devices through warrantless border searches an extremely invasive surveillance program that … Continued
  • Senators Markey & Wyden Call on ICE to End Invasive Surveillance Practices
    In a letter to Immigration and Customs Enforcement’s Acting Director, Tae D. Johnson, Senators Ed Markey and Ron Wyden “urge[d] [ICE] to end its use of technologies and surveillance tactics that threaten the privacy rights of individuals all across the United States.” The Senators called out ICE’s “dragnet surveillance system” created using facial recognition and the agency’s … Continued
  • GAO: Congress Should Enact Comprehensive Privacy Legislation
    The Government Accountability Office yesterday released a snapshot of its recent work on consumer data. The GAO’s work shows that (1) consumer scores pose risks; (2) facial recognition technology raises consumer privacy and accuracy concerns; and (3) additional federal authority over internet privacy could enhance consumer protection. The GAO recommended that Congress implement consumer protection … Continued
  • ABC News: Twitter whistleblower alleges user data vulnerable to foreign adversaries
    “Twitter is routinely ignoring cybersecurity mandates in its consent order with the FTC and faces no consequence or possibility of consequence, absent this whistleblower,” said Alan Butler, executive director and president of the Electronic Privacy Information Center. Read the full article and watch the video here.
  • Bankrate: Five years after the Equifax data breach, how safe is your data?
    “Unfortunately, in the last five years, companies have increased the amount of data they’re collecting about us and not deleting it when it’s no longer needed,” Fitzgerald says. “We always like to say that data that is never collected can’t be breached.” Read the full article here.
  • WIRED: The FTC Is Closing In on Runaway AI
    TEENAGERS DESERVE TO grow, develop, and experiment, says Caitriona Fitzgerald, deputy director at the Electronic Privacy Information Center (EPIC), a nonprofit advocacy group. They should be able to test or abandon ideas “while being free from the chilling effects of being watched or having information from their youth used against them later when they apply to … Continued
  • EPIC’s Fitzgerald Warns of ‘Data Privacy Crisis’ at FTC Rulemaking Forum
    EPIC Deputy Director Caitriona Fitzgerald warned that the U.S. is “facing a data privacy crisis” and urged the Federal Trade Commission to adopt a data minimization rule at this week’s FTC public forum on commercial surveillance (video here). The event was part of the FTC’s recently announced rulemaking on commercial surveillance and data security. “The … Continued
  • Bloomberg Law: Data-Driven Online Ads Enter Spotlight as FTC Moves Toward Rules
    “It was important for the FTC to get started,” said Caitriona Fitzgerald, deputy director at the nonprofit Electronic Privacy Information Center. Fitzgerald, who’s also taking part in the agency’s event, said she plans to highlight harms to people’s privacy from widespread tracking online. Read the full article here.
  • Bloomberg Government: NFL Fears ‘Nefarious’ Drones, Seeks Law to Thwart Stadium Risks
    The bill would give local law enforcement “a lot of authority to define the threats and grants them a lot of authority in terms of how they react to that perceived threat,” said Electronic Privacy Information Center senior counsel Jeramie Scott. “On the flip side, there’s not a lot of meaningful oversight.” […] “It’s not … Continued
  • Massachusetts Supreme Judicial Court Sidesteps Important Algorithmic Justice Issue
    In an opinion published yesterday in Rodriguez v. Massachusetts Parole Board, the Massachusetts Supreme Judicial Court declined to decide whether the Parole Board’s use of a risk-assessment instrument violated a parole applicant’s constitutional rights. The Court avoided answering this question by adopting an extremely deferential stance: the Court has jurisdiction to review whether certain factors … Continued
  • EPIC Urges Interagency Body to Center Privacy, Human Rights in Federal Research on AI Image Analysis
    EPIC is urging the Networking and Information Technology Research and Development program to center privacy and human rights in its revised plan for federal research on AI-powered image analysis. Originally published in 2020, the Video and Image Analytics Research and Development Action Plan lays out strategic objectives for federal research involving video and image analytics, … Continued
  • Time: The Most Important Things to Know About Apps That Track Your Location
    Alan Butler, executive director of the Electronic Privacy Information Center, argues that this kind of access is “a sale as well, especially when you’re allowed to download the information.” Read the full story here.
  • Law360: FTC’s Broad Privacy Rulemaking Faces Bumpy Path Forward
    Seeing the FTC “finally pull the trigger” on rulemaking is a positive development, [EPIC’s John Davisson] said, since it marks the “rejection of the soft-pedaling and self-regulation” that’s “made some of the commission’s enforcement work so unsatisfactory over the years.” Read the full article here (subscription required).
  • Forbes: Israeli Facial Recognition Once Did Border Checks In The West Bank. Now It Snoops On Casinos Across America
    “Selling facial recognition tech to private companies can actually increase the risk of police misusing the tech when companies sell or provide access to cops,” says Jake Wiener, a lawyer covering domestic surveillance at the Electronic Privacy Information Center (EPIC). “As a baseline, facial recognition destroys privacy: The more it’s used, the easier it becomes … Continued
  • Fifth Circuit Opinion in United States v. Morton Threatens Cell Phone Users’ Privacy
    Last week, the Fifth Circuit issued its decision in United States v. Morton, rolling back its earlier Fourth Amendment protections for cell phone users by giving the police almost unlimited ability to search through a person’s phone whenever the person is suspected of a crime. There were two main issues in the case: whether police … Continued
  • Inside Cybersecurity: Civil and consumer rights groups urge passage of House privacy bill
    “To accomplish these sweeping advancements and bring relief to millions today, we understand that some compromise is necessary,” [EPIC and 47 peer organizations] said. “ADPPA has limited preemption of state privacy laws that cover the same issues as ADPPA. It does not preempt state civil rights laws, consumer protection laws of general applicability, or laws … Continued
  • IAPP: A view from DC: ‘Dear Speaker Pelosi’
    With a couple of notable absences, the letter [signed by EPIC and 47 peer organizations] represents an unprecedented consensus among civil rights, privacy and consumer organizations. Together, they deliver a forceful message: “The time is now to pass a comprehensive federal privacy and civil rights law.” Read the full story here.
  • CyberScoop: FTC sues data broker over selling location data that can reveal abortion clinic visits
    “By undertaking this enforcement action they’re making it clear to other players in the industry that this is not a practice that will be tolerated in the future,” said John Davisson, director of litigation and senior counsel at privacy nonprofit Electronic Privacy Information Center. Read the full story here.
  • FTC Sues Data Broker Kochava for Selling Sensitive Location Data
    The Federal Trade Commission filed a groundbreaking lawsuit today against data broker Kochava, alleging that the company’s sale of geolocation data from hundreds of millions of mobile devices is an unfair and unlawful trade practice. As the complaint explains, Kochava purchases geolocation information derived from mobile devices—often without mobile users’ knowledge—and sells it to clients … Continued
  • New EPIC Report Highlights DHS’s Extensive Collection and Circulation of Location Data
    In a new report titled DHS’s Data Reservoir, EPIC Fellow Dana Khabbaz analyzes the ways that the Department of Homeland Security (DHS) collects and circulates location data. DHS’s collection of location data results in disproportionate and harmful surveillance of immigrant communities. As the report explains, DHS obtains precise location data from cell-phone apps, license plate readers, … Continued
  • MediaPost: Advocacy Groups Press Pelosi To Hold Vote On Privacy Bill
    “The time is now to pass a comprehensive federal privacy and civil rights law,” 48 organizations including the Center for Democracy & Technology, Electronic Privacy Information Center, New America’s Open Technology Institute and Public Knowledge say in a letter sent Thursday to the Democratic lawmaker from California. Read the full story here (registration required).
  • Analysis: The Rise of Chinese Surveillance Technology in Africa (Part 4 of 6)
    The spread of smart cities is a key area facilitating the spread of Chinese surveillance technology globally. Simply put, the smart city is a computational model of urban planning that purports to optimize operational efficacy and promote economic activity by utilizing Information and Communication Technology (ICT).  In 2018, the Kenyatta administration in Kenya announced the … Continued
  • The Rise of Chinese Surveillance Technology in Africa (part 4 of 6)
    Safe City Initiative in Kenya By Bulelani Jili, EPIC Scholar-in-Residence The spread of smart cities is a key area facilitating the spread of Chinese surveillance technology globally. Simply put, the smart city is a computational model of urban planning that purports to optimize operational efficacy and promote economic activity by utilizing Information and Communication Technology … Continued
  • EPIC Underscores Importance of Privacy in Voter Intimidation Case
    EPIC submitted an amicus brief this week in National Coalition on Black Civic Participation v. Wohl, a federal case concerning voter intimidation and privacy. The suit was brought by voters against several defendants who placed deceptive robocalls shortly before the 2020 election. The robocalls specifically targeted Black voters, falsely warning them that their personal information … Continued
  • EPIC Joins 48 Public Interest Groups Urging House to Vote on American Data Privacy and Protection Act
    Today, EPIC joined nearly 50 other public interest, consumer advocacy, and civil rights groups in a letter urging Speaker Nancy Pelosi (D-CA) to move the “American Data Privacy and Protection Act (ADPPA)” to a vote by the full House of Representatives. The groups contend that this comprehensive federal privacy and civil rights legislation will create “real and lasting protections” … Continued
  • NPR: Scanning students’ rooms during remote tests is unconstitutional, judge rules
    Digital privacy advocates have raised red flags over online proctoring services’ alleged civil liberty violations in recent years.  In December 2020, the Electronic Privacy Information Center filed a complaint against five popular proctoring services, including Honorlock, for their “invasive” and “deceptive” data collection practices. Fight for the Future, a nonprofit that created the website, called the decision a … Continued
  • EPIC, Coalition Comment on Proposed California Rules
    EPIC, along with the California Public Interest Research Group Education Fund, Center for Digital Democracy, Consumer Action, the Consumer Federation of America, Ranking Digital Rights, and the U.S. Public Interest Research Group, sent comments to the California Privacy Protection Agency regarding proposed regulations under the California Consumer Privacy Act. The Agency was seeking feedback on … Continued
  • Europe’s Digital Services Package: What It Means for Online Services and Big Tech
    By Paul Meosky The EU recently passed comprehensive legislation on platform monitoring, digital free speech, and antitrust, largely directed at Big Tech. On July 5, 2022, the European Parliament adopted the Digital Services Package, comprised of the Digital Markets Act (“DMA”) and the Digital Services Act (“DSA”) and first proposed by the European Commission in … Continued
  • POLITICO Pro: Privacy bill triggers lobbying surge by data brokers
    “Just because data brokers have spent the last 20 years making millions of dollars off of our personal data because Congress hasn’t passed a privacy law doesn’t mean it should continue to be legal,” Caitriona Fitzgerald, deputy director of the Electronic Privacy Information Center, one of D.C.’s best-known privacy advocacy groups. “The bipartisan consensus behind … Continued