- EPIC Ask FTC to Investigate Privacy Risks of Pokemon GO: EPIC has urged the FTC to launch an investigation of Pokemon GO and the app's developer Niantic. When the augmented-reality app was first released, Niantic granted itself "full access" to users' Google accounts in violation of federal privacy law. Even after recent changes, the company continues to collect detailed location history and has access to smartphone cameras. Pokemon GO "raises complex and novel privacy issues that require close FTC scrutiny," EPIC told the Commission. Senator Al Franken recently sent a letter to the company asking for clarification on the scope and purpose of its data collection. Niantic has close ties to Google and its CEO oversaw Google's controversial Street View project, which was found to collect private wifi data transmissions. (Jul. 22, 2016)
- Federal Court Lifts Gag Order on National Security Letter Recipient: For the first time, a federal court has lifted a national security letter gag order, allowing an Internet Service Provider to publish the FBI's demands for records of user web browsing history, IP addresses, online purchases, and location information. The FBI issues thousands of NSLs each year, forcing companies to disclose troves of consumer records without probable cause. Recipients are preventing from acknowledging these warrantless searches. EPIC filed an amicus brief in In re National Security Letter, arguing that NSL gag orders frustrate the public's right to know about government surveillance programs. (Dec. 1, 2015) More top news »
Over the last 10 years, law enforcement has stepped up its use of location tracking technologies, such as GPS (Global Positioning System) trackers and cell phones, to monitor the movements of individuals who may or may not be suspected of a crime. GPS is a geolocation network that consists of satellites and receivers that can calculate the precise location of a GPS device 24-hours a day (subject to environmental constraints). As of March 19, 2013, there are 31 satellites in the GPS constellation. The satellites and ground stations in the GPS network are maintained by the U.S. Air Force Global Positioning Systems Wing. GPS satellites are designed to transmit three-dimensional location data (longitude, latitude and altitude) as well as precise velocity and timing information to an unlimited number of users simultaneously. A GPS receiver is all that one needs to access the service. GPS satellites can not receive any data, they can only broadcast location and timing information.
A GPS-enabled receiver is the device that is commonly available through commercial retailers, and used by the general public to assist in navigation. The civilian GPS receivers deliver precise velocity and timing information, and very accurate location information. This device by itself does not transmit the data received from the satellite network to remote locations, nor is it typically capable of storing data regarding its long-term historical movements. However, most cell phones are now GPS-enabled and can transmit location data to the service provider or other third parties (such as Apps - see e.g. Foursquare). Cell phones can also be used to track users even if they are not GPS-enabled. See Cell Phone Tracking Methods.
The Fourth Amendment provides that the "right of the people to be secure in their persons, houses, papers and effects, against unreasonable searches and seizures, shall not be violated." A seizure of property occurs when there is “some meaningful interference with an in- dividual’s possessory interests in that property,” United States v. Jacobsen, 466 U. S. 109, 113 (1984). In determining whether a "search" has occurred, courts have traditionally applied a two-part test established in Katz v. United States, 389 U.S. 347 (1967): where an individual has (1) a subjective expectation of privacy in the searched object that (2) society is willing to recognize as reasonable. See Kyllo v. United States, 533 U.S. 27, 33 (2001). However, in United States v. Jones, 132 S. Ct. 945 (2012), the Supreme Court held that Katz is not the exclusive test under the Fourth Amendment and that the Government's "installation of a GPS device on a target's vehicle, and its use of that device to monitor the vehicle's movements, constitutes a 'search.'" Id. at 949. Under this new "trespass test," a search occurs whenever the government occupies private property for the purpose of obtaining information. Id.
A warrant is typically required for law enforcement to search or seize an item, although courts recognize certain exigent circumstances excusing the warrant requirement in limited cases. Judges may issue warrants based on probable cause under state and federal laws such as Rule 41 of the Federal Rules of Criminal Procedure.
After the Supreme Court's decision in United States v. Jones, courts must reassess the application of the Fourth Amendment to various location-tracking methods. The two main cases laying the groundwork for the contemporary Constitutional issue of using location-based tracking devices to conduct surveillance are United States v. Knotts, 460 U.S. 276 (1980) and United States v. Karo, 468 U.S. 705 (1984). These cases examine whether the diminished expectation of privacy in an automobile is expanded when the police use technology to track a suspect and whether the technology is a mere augmentation of the officer's own sense of observation or a more intrusive form of surveillance.
In Knotts, the Court determined that the use by the police of a beeper to track a person did not constitute a search. The police attached a beeper to a container that the suspect then placed in his car. The police used the signal from the beeper to track the container to the suspect's cabin. Once there, the police set up visual surveillance of the cabin. The Court held that the beeper allowed the police merely to track a suspect on public highways and streets. Consequently, the Court explained, there is a diminished expectation of privacy in an automobile. "The fact that the officers in this case relied not only on visual surveillance, but also on the use of the beeper to signal the presence of [Darryl] Petschen's automobile to the police receiver does not alter the situation. Nothing in the Fourth Amendment prohibited the police from augmenting the sensory faculties with such enhancement as science and technology afforded them in this case."
A year after Knotts, the Court heard United States v. Karo. Karo shifts the discussion to whether the police may use beepers to monitor suspects in private residences without a warrant. In this case, the DEA installed and monitored a beeper into a can of ether in the possession of the suspects. The DEA relied on the signal from the beeper (as the can was moved from two private residences and a storage facility) to track the suspects. The Court held that this was an impermissible search. "Indiscriminate [electronic] monitoring of property that has been withdrawn from public view would present far too serious a threat to privacy interests in the home to escape entirely some sort of Fourth Amendment oversight."
Individuals are using location-based services that provide incentives for sharing where a person is at any given point in time. These location-based services are generally run on software applications found on GPS-enabled devices such as smartphones. The application requests the latitude and longitude of the user's phone or other GPS enabled device or from cell tower and WiFi information.
The Pew Internet and American Life Project found that 35% of U.S. adults use phones able to run apps. Location-based apps are focused on social-networking, consumer, and gaming activities. The Pew project also estimates that at least 1% of Internet users and 6% of all male Internet users are regularly taking advantage of location-based apps.
Foursquare, with approximately 3 million users, is a service that "lets users ‘check in' to a place when they're there, tell friends where they are and track the history of where they've been and who they've been there with." Businesses are taking advantage of the service by offering discounts and coupons to individuals who "check in" to their location. Foursquare also has an API that allows developers to build on its platform.
An application programming interface (API) enables software programs to interface or interact with other software. Social networking sites, like Facebook and Twitter, provide a platform for APIs and are increasingly opening up their APIs to developers. Facebook Places now allows developers to store their own check-in data in Facebook Places database and to search that database. Developers can access the database for free and are no longer limited by having to build their own database. Facebook has more than 200 mobile users, making its Places database larger than that of any other service currently available.
Search engines are opening up their API to developers. Google is turning its attention to the location-based services with its Places service by focusing on check-in applications because these applications are ones that "the API currently caters to well."
A study by AT&T research found that 19 out of 20 social networking sites shared information with third parties in a way that would allow third parties to associate online activities with actual identities. The researchers tracked privacy leakage (including presence and location data as well as the unique device identifiers on mobile devices) to determine whether existing privacy protection measures are still adequate. The report states that even if a company provides a range of privacy settings, "the multi-dimensional nature of the issue makes the problem of protecting information significantly harder." The researchers found leakage of personally identifiable information (PII) from all twenty social networking sites. They conclude that "[t]he combination of location information, unique identifiers of devices, and traditional leakage of other PII all conspire against protection of a user's privacy."
Cell phones, smartphones, and other mobile devices (e.g. laptops and tablets) can be located whenever they are turned on. Current location-tracking technologies can be used to pinpoint users of mobile devices in several ways. First, service providers have access to network-based and handset-based technologies that can locate a phone for emergency purposes. Second, historical location can frequently be discerned from service provider records. Finally, third party devices such as Wi-Fi hotspots or IMSI catchers can be used to track nearby mobile devices in real time. The accuracy of these methods depends on a variety of technological and environmental factors, but the location data will only get more precise as the technology evolves.
- Network-based Location Technologies
- Handset-based Location Technologies
- Third-party Methods
Network-based location tracking technologies rely on existing equipment to determine the location of a target device. See Ali H. Sayed, Alireza Tarighat & Nima Khajehnouri, Network-Based Wireless Location, IEEE Signal Processing Magazine 24, 26 (Jul. 2005). Cell phone networks consist of a series of antennas (or “cell sites”), which can be densely concentrated in urban areas with many users. See CTIA: The Wireless Association, Wireless in America: How Wireless Works (Jan. 2011). Mobile devices communicate with nearby cell sites during a process called “registration,” which occurs automatically even when the device is idle. A Guide to the Wireless Engineering Body of Knowledge 77 (Andrzej Jajszcyk ed., 2nd ed. 2011). During the registration process, mobile devices also communicate with nearby cell sites in order to identify the strongest signal. Michele Sequeira & Michael Westphal, Cell Phone Science: What Happens When You Call and Why 104 (2010). A similar process occurs when a user moves from one cell to another while making a call. See Nishith D. Tripathi, Jeffrey H. Reed & Hugh F. VanLandingham, Handoff in Cellular Systems, IEEE Pers. Comm., Dec. 1998, at 26. The service provider can also initiate the registration process. See CDMA Glossary, supra note 3 (describing “Non-Autonomous Registration” as “[a] registration method in which the base station initiates registration.”). Once registration occurs, the information is stored temporarily in service provider databases in order to route calls. Tripathi, supra, at 26. A log is also typically created every time a call is made or data downloaded. See Stephanie K. Pell & Christopher Soghoian, Can You See Me Now? Toward Reasonable Standards for Law Enforcement Access to Location Data that Congress Could Enact, 26 Berkeley Tech. L.J. 117, 128 (2012) (these logs reveal “which particular cell site a phone was near at the time of the call.”).
These cell site records are the most basic component of network-based location data. See Junhui Zhao & Xueue Zhang, Location-Based Services Handbook: Wireless Location Technology in Location-Based Services § 2.2.1 (Syed A. Ahson & Mohammad Ilyas eds., 2011). The size of a “cell,” the area served by a cell site, can range from several miles to several meters. See Dimitris Mavrakis, Do We Really Need Femto Cells?, Vision Mobile (Dec. 1, 2007). As a result, a cell site location record can reveal the location of a mobile device in a specific area (like a room in a house) or within a large area (like a neighborhood). The smaller the cell site, the more precise the cell site location data. In order to increase network capacity, as is necessary in dense urban areas, providers typically shrink the size of their cells. Id. In 2000, there were 97 million wireless subscriber connections and as of 2010 there were nearly 293 million. CTIA: The Wireless Ass'n, Wireless in America: Wireless Subscriber Statistics (May 2011). Over that same time period, the number of cell towers has increased from 95,733 to 251,618. Id. In response to increased network demand, small cells are becoming increasingly common. See Press Release, Small Cells Outnumber Traditional Mobile Base Stations, Small Cell Forum (Oct. 31, 2012).
Cell site data can also be collected for a specific cell site and time without an individual target. See, e.g., In re U.S. ex rel. Order Pursuant to 18 U.S.C. Section 2703(d), Nos. 12-670, 671, 672, 673, 674, 2012 WL 4717778 (S.D. Tex. Sept. 26, 2012) (rejecting a government request for bulk tower data). This information is referred to as a “tower dump.” Id. at *1. Government investigators have argued that they should be allowed to collect such data and analyze it in order to locate possible targets present at a particular location and time (like a crime scene). Id. The problem, as one court noted, is that it requires collection of “data related to innocent people who are not the target of the criminal investigation.” Id. at 4. At least one such application has been rejected because the Government had no protocol in place to handle this sensitive private data. See Id.
Network-based location information can also be collected using more advanced and precise methods. Service providers can identify the location of a wireless device by using triangulation (or “lateration”) methods based on simultaneous signals from several base stations. See Ali H. Sayed, Network-Based Wireless Location at 26-29. See also Küpper at 131-136. Even more advanced methods consider the exact angle and time of arrival of each signal. See Küpper at 138-140, 144-148. The current advanced triangulation methods are capable of locating a mobile device within 50-120 meters, even in rural areas, and provide comparable accuracy to A-GPS in urban environments. See id. at 231 (table describing the accuracy of various cellular positioning methods).
The handset-based method involves locating a mobile device based on information provided by the device itself (such as GPS data). See Frank Van Diggelen, A-GPS: Assisted GPS, GNSS, and SBAS 292 (2009). Most current phones contain GPS technology. See Berg Insight, GPS and Mobile Handsets 2 (March 2010).The Global Positioning System (“GPS”) is a “constellation of orbiting satellites that provides navigation data to military and civilian users all over the world.” U.S. Air Force, Global Positioning System Factsheet (Sept. 15, 2010). GPS receivers, like those in mobile devices, can use the satellite signals to calculate “extremely accurate, three-dimensional location information (latitude, longitude and altitude), velocity (speed and direction) and precise time.” Id. However, buildings and other environmental factors in urban areas can reduce the accuracy of GPS location data. See Adam Gorski, Understanding GPS Performance in Urban Environments, AGI (Jan. 4, 2011).
Assisted GPS (“A-GPS”) positioning now provides improved accuracy, lower power consumption, and reduced location acquisition time for compatible devices. Küpper at 225. The A-GPS process works by estimating a position using standard GPS triangulation, and then adjusting for corrections provided by a remote reference station connected to the network. Id. at 227. This allows for extremely accurate location information, to within 10 meters in outdoor rural areas. Id. at 231.
Mobile devices can also determine location based on surrounding Wi-Fi networks. See Axel Küpper, Location-Based Services: Fundamentals and Operation 234 (2005). There are several companies that maintain databases listing the approximate location of wireless networks. Pell & Soghoian, supra, at 131. These companies are known as "location aggregators." Ann Cavoukian & Kim Cameron, Wi-Fi Positioning Systems: Beware of Unintended Consequences 6 (June 2011). See, e.g., Open WLAN Map. Internet service providers, such as Google, also use Wi-Fi data to determine a user's location. See Google, Statement to Several National Data Protection Authorities (Apr. 27, 2010). These Wi-Fi Positioning Systems cross reference the user's nearby Wi-Fi networks with the database in order to determine the user's approximate location. Id. See generally Cavoukian & Cameron, supra, at 6 (describing Wi-Fi Positioning methods). It is not clear whether service providers have access to Wi-Fi position data generated by mobile devices.
In addition to the location tracking methods described above, which require law enforcement to collect data indirectly through the service provider, there are surveillance technologies that facilitate real-time tracking of a mobile signal directly.
One such tool is known as an “IMSI Catcher,” “StingRay,” or “Triggerfish,” and is used to identify and measure the strength and location of a mobile signal. See Jennifer Valentino-Devries, Stingray Phone Tracker Fuels Constitutional Clash, Wall St. J., Sept. 22, 2011. IMSI catchers mimic a wireless carrier's network tower and can send and receive all the same signals going to the cellular tower. See EPIC, EPIC v. FBI - Stingray / Cell Site Simulator (2012). IMSI catchers can determine a specific cell phones location by measuring the signal strength of the cell phone from several locations and utilizing triangulation to pinpoint the cell phones location. Id. These tools can also be used to identify a device based on its location, rather than the opposite. See In re Application of the U.S. for an Order Authorizing the Use of a Pen Register and Trap and Trace Device, ___ F. Supp. 2d ____, 2012 WL 2120492 (S.D. Tex. 2012)(“by determining the identifying registration data at various locations in which the Subject's Telephone is reasonably believed to be operating, the telephone number corresponding to the Subject's Telephone can be identified.”). At least one court has rejected an application to use such technology because the Government failed to address how they would deal with “information concerning seemingly innocent cell phone users,” which would be recorded by the equipment. Id.
- United States v. Jones, 132 S.Ct. 945 (2012)
- United States v. Skinner, 690 F.3d 772 (2012)
- In re U.S., No. 11-20884 (5th Cir. filed Dec. 14, 2011)
- In the re U.S., 620 F.3d 304 (3rd Cir. 2010)
- United States v. Maynard, 615 F.3d 544 (D.C. Cir. 2010)
- United States v. Antoine Jones, Appellee's Petition for Rehearing En Banc
- United States v. Antoine Jones, Denial of Petition for Rehearing En Banc
- United States v. Pineda-Moreno, No. 08-30385 (9th Cir. 2010)
- United States v. Garcia, 474 F.3d 994 (7th Cir. 2007)
- In re U.S., ___ F.Supp.2d ____, 2012 WL 2120492 (S.D.Tx. 2012)
- In re US, 747 F.Supp.2d 827 (S.D. Tx. 2010)
- State v. Earls, 209 N.J. 97 (2011)
- State v. Wyatt, 30 Mass. L. Rptr. 270 (Mass. Sup. Ct. 2012)
- State v. Zahn, 812 N.W.2d 490 (S.D. 2012)
- People v. Hall, 86 A.D.3d 450 (N.Y. App. Div. 1st 2011)
- Foltz v Commonwealth, 57 Va. App. 68 (Ct. App. 2010)
- Commonwealth v. Connolly, 913 N.E.2d 356 (Mass. 2009)
- People v. Weaver, 909 N.E.2d 1995 (N.Y. 2009)
- Wisconsin v. Sveum, 328 Wis.2d 369 (2009)
- State v. Jackson, 150 Wash. 2d 251 (2003)
Existing Federal Law
- Electronic Communications Privacy Act of 1986
- Title II - Stored Communications Act, 18 U.S.C. §§ 2701 to 2712
- Title III - Pen Register Act, 18 U.S.C. §§ 3121 to 3127
- Communications Act of 1934
- Communications Assistance for Law Enforcement Act, 47 U.S.C. § 1002(a)
- Wireless Communications and Public Safety Act of 1999, 47 U.S.C. § 222(d) and (f)
- Online Communications and Geolocation Privacy Act, 113 H.R. 983 (2013)
- Geolocation Privacy and Surveillance Act, 112 S. 1212, 112 H.R. 2168 (2011)
- Location Privacy Protection Act of 2011, 112 S. 1223 (2011)
- CDG, Welcome to the World of CDMA: Glossary
- Where is the energy spent inside my app?, Researchers: Abhinav Pathak (Purdue University), Y. Charlie Hu (Purdue University), and Ming Zhang (Microsoft Research)
- ACLU-Northern California, Location Based Services: Time for a Privacy Check-In, November 2010.
- Kathryn Zickhur, Aaron Smith, 4% of online Americans use location based services, Pew Internet and American Life Project, November 4, 2010
- Ann Cavoukian, Ph.D., Information & Privacy Commissioner, Ontario, Canada, Redesigning IP Geolocation: Privacy by Design and Online Targeted Advertising, www.privacybydesign.ca, October 2010.
- Real Time Privacy Monitoring on Smartphones, Joint Study: Intel Labs, Penn State University, Duke University.
- Gerald Friedland, Robin Sommer, Cybercasing the Joint: On the Privacy Implications of Geo-Tagging, International Computer Science Institute, August 2010.
- Bruce Sewell, Apple, Letter to Reps. Edward J. Markey and Joe Barton, July 12, 2010.
- Reps. Edward Markey and Joe Barton, Letter to Steve Jobs, Chief Executive Officer, Apple, June 24, 2010.
- Jay Stanley, The Crisis in Fourth Amendment Jurisprudence, acslaw.org, May 2010.
- Joint Hearing Subcommittee on Commerce, Trade and Consumer Protection and Subcommittee on Communications, Technology, and the Internet, "The Collection and Use of Location Information for Commercial Purposes," February 24, 2010.
- Nick Doty, Deirdre K. Mulligan and Erik Wilde, Privacy Issues of the W3C Geolocation API, UC Berkeley School of Information Report 2010-038, February 2010.
- Nick Doty, How do websites know where I am?
- Matt Duckham & Lars Kulik, University of Melbourne, Australia, Location privacy and location-aware computing.
- Google, Privacy: Location privacy.
- The Internet Engineering Task Force (IETF), Geographic Location/Privacy (geopriv) working group.
- Andrew J. Blumberg and Peter Eckersley, "On Locational Privacy, and How to Avoid Losing it Forever," Electronic Frontier Foundation, August 2009.
- Al Gidari, Jr., Perkins Coie, "They Know Where You Are: Location Privacy in a Mobile World," March 10, 2009.
- House of Representatives, Subcommittee on Communications, Technology, and the Internet, Transcript of Hearing on "Communications Networks and Consumer Privacy: Recent Developments," April 23, 2009.
- Privacy International, Location Privacy, December 18, 2007.
- Stephen R. Harwood, Senior Counsel, Electronic Surveillance Issues, Department of Justice, justice.gov, November 2005.
- Ford-Long Wong and Frank Stajano, Location Privacy in Bluetooth, Lecture Notes in Computer Science, 2005 3813/2005, 176-188.
- Mel Tsai, "The Privacy Implications of Cellular Locationing," December 4, 2002.
- People, Not Places A Policy Framework for Analyzing Location Privacy Issues
- Cyrus Farivar, Cops Can Track Your Cell Phone to a Specific Room, ArsTechnica (June 4, 2014)
- R "Ray" Wang, Why I'm Unplugging from Location Based Services Until the Privacy Issue is Resolved, Enterprise Irregulars, January 17, 2011.
- Del. Court: Police need warrant for GPS tracking, wboc.com, December 16, 2010.
- Leonard Deutchman, Ruling on Cell Phone Tower Data Raises Privacy Issues, law.com, December 14, 2010.
- Michael Virtanen, NY agency sued over GPS tracker on worker's car, news.yahoo.com, December 6, 2010.
- Meredith J. Cooper, Probable Cause? Search-warrant affidavits give insight into sting operation on local collectives—and in many cases the evidence appears flimsy, newsreview.com, December 2, 2010.
- Dennis O'Reilly, Privacy concerns dog location-based services, cnet.com, November 13, 2010.
- Kashmir Hill, The Place-Race: Where We Are on Location-Sharing Services Adoption, Forbes.com, November 4, 2010.
- Oliver Chiang, How Facebook Will Own All Your Location Data, Forbes.com, November 3, 2010.
- Kim Zetter, FBI allegedly caught using GPS to spy on student, cnn.com, October 7, 2010.
- An Illegal Search, by GPS, nytimes.com, October 5, 2010.
- RichardC, "Location privacy: whose WiFi signal is it anyway?," October 25, 2010.
- Ashley Yeager, Researchers Find Phone Apps Sending Data without Notification, dukenews.duke.edu, September 29, 2010.
- Wade Roush, "Truste, Citing Location Privacy Worries, Expands Certification Program to the Mobile World," Xconomy, September 27, 2010.
- Pay for the Subway with Your iPhone, nbcnewyork.com, September 24, 2010.
- Susan Freiwald, "Freiwald on Much-Anticipated Cell Location Privacy Decision," Concurring Opinions, September 13, 2010.
- Police GPS Tracking (video), Washington Journal, cspan.org, August 27, 2010.
- Orin Kerr, "Fourth Amendment Stunner: Judge Rules That Cell-Site Data Protected by Fourth Amendment Warrant Requirement," The Volokh Conspiracy, August 31, 2010.
- Charlie Savage, "Judges Divided Over Rising GPS Surveillance," New York Times, August 13, 2010.
- Orin Kerr, D.C. Circuit Introduces "Mosaic Theory" of Fourth Amendment, Holds GPS Monitoring a Fourth Amendment Search, theconstitutional.org, August 8, 2010.
- Spara, "Why location privacy matters," ‘sproke, July 26, 2010.
- Ryan Singel, White Hat Uses Foursquare Privacy Hole to Capture 875K Check-ins, wired.com, June 29, 2010.
- Bill Snyder, CIO, "You Are Here: Scary New Location Privacy Risks," Network World, June 28, 2010.
- Nick Saint, Watch Out: Check-In Apps Share Your Location With More People Than You Think, Forbes.com, June 30, 2010.
- Chloe Albanesius, Apple Location, Privacy Issue Prompts House Inquiry, pcmag.com, June 24, 2010.
- Julia Boorstin, "Twitter's Biz Stone on Bing, Location, Privacy & World Cup Explosion," cnbc.com, June 23, 2010.
- David Sarno, Apple collecting, sharing iPhone users' precise locations [Updated], latimes.com, June 21, 2010.
- Riva Richmond, "Apple's Plans for iPhone Location Privacy," New York Times, April 8, 2010.
- Orin Kerr, Does the Fourth Amendment Prohibit Warrantless GPS Surveillance?, volokh.com, December 13, 2009.
- Kip F. Wainscott, Unwarranted Intrusion: GPS and the Fourth Amendment, acslaw.org, May 19, 2009.
- Yvonne Zipp, Courts divided on Police use of GPS Tracking, The Christian Science Monitor, May 15, 2009.
- Humphrey Cheung, LAPD's dart firing, license plate reading, Video-Streaming Car, tgdaily.com, August 21, 2007.
Share this page:
EPIC relies on support from individual donors to pursue our work.
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.
by Ryan Calo, A. Michael Froomkin,