epic.org

Federal Appeals Court Backs Justice Department in Voting Rights Dispute

Fri, 18 May 2012 14:46:49 -0500

The Court of Appeals for the District of Columbia Circuit issued an opinion rejecting Shelby County, Alabama's constitutional challenge to the preclearance requirements of the Voting Rights Act of 1965. The Court held that Section 5 of the Act, which requires "covered jurisdictions" to show that new voting procedures, such as Voter ID requirements, are nondiscriminatory before those changes can be put into effect, is constitutional. Shelby County challenged the preclearance requirements after Congress reauthorized Section 5 in 2006. The Department of Justice recently blocked Voter ID laws in South Carolina and Texas through the Section 5 preclearance process. EPIC has argued that unreasonable voter ID requirements are an impermissible burden on the right to vote. For more information, see EPIC: Voter Photo ID and Privacy and EPIC: Crawford v. Marion County.

House Approves Amendment to Defense Spending Bill to Limit Defense Drones Surveillance

Thu, 17 May 2012 17:41:00 -0500

The House of Representatives has approved an amendment, introduced by Congressman Landry (R-LA), to the National Defense Authorization Act to prohibit information collected by Department of Defense drones without a warrant from being used as evidence in court. New legislation requires the Federal Aviation Administration to develop rules governing the operation of drones in the U.S. National Airspace. Shortly after passage, EPIC, joined by over 100 organizations, experts, and members of the public, submitted a petition to the FAA requesting a public rulemaking on the privacy impact of drone use in US airspace. The petition is still pending with the agency. For more information, see EPIC: Unmanned Aerial Vehicles (UAVs) and Drones.

Privacy Board Approved by Judiciary Committee, Vote Moves to Senate

Thu, 17 May 2012 13:52:58 -0500

The Senate Committee on the Judiciary has approved President Obama's five nominees for the Privacy and Civil Liberties Oversight Board. The Board is an independent entity charged with ensuring that fundamental rights are protected in the implementation of government programs, including cybersecurity. Originally convened in 2004, the five seats on the Board have remained vacant for the past five years. Senator Leahy, the Chairman of the Judiciary Committee, said, "When we worked to create this board, we did so to ensure that our fundamental rights and liberties would be preserved…The Senate should move quickly to confirm the nominees to the board so that they can get to their important work." For more information, see EPIC: 9/11 Commission Report and "The Sui Generis Privacy Agency: How the United States Institutionalized Privacy Oversight After 9-11."

EPIC Supports Geolocation Privacy Act, Suggests Improvement

Wed, 16 May 2012 17:19:25 -0500

In a Statement for the Record, EPIC has expressed support for H.R. 2168, the "Geolocational Privacy and Surveillance Act," which prohibits the interception of location information by private parties and government agents acting without a search warrant. The bill will be considered at a hearing before the House Subcommittee on Crime, Terrorism, and Homeland Security. EPIC said "as communications technologies evolve, new forms of personal information are generated that require new legal safeguards." EPIC also recommended that Congress adopt purpose-specification and data limitation requirements for data stored by private companies, require affirmative consent prior to the collection of location data, and clarify an exception that permits the interception of location data made available through publicly accessible systems. For more information, see EPIC: Location Privacy.

"Privacy And Security: An Evening Conversation With Leading Experts"

Wed, 16 May 2012 10:30:01 -0500

Marc Rotenberg,
EPIC Executive Director

Stanford Law School and Microsoft Innovation & Policy Center
Washington, D.C.
May 16, 2012

FAA Revises Drone License Procedures, Privacy Petition Still Pending

Tue, 15 May 2012 14:07:23 -0500

The Federal Aviation Administration has announced new procedures for government agencies that operate drones in the United States. The procedures will streamline the process through which government agencies, including local law enforcement, receive drone licenses. However, the FAA has so far failed to establish privacy safeguards for drone use. On February 24, 2012, EPIC, joined by over 100 organizations, experts, and members of the public, submitted a petition to the FAA requesting a public rulemaking on the privacy impact of drone use in US airspace. For more information, see EPIC: Unmanned Aerial Vehicles (UAVs) and Drones.

EPIC Proposes Update to Privacy Act to Address Recent Supreme Court Decision

Mon, 14 May 2012 16:57:02 -0500

Following the recent decision of the Supreme Court in FAA v. Cooper, EPIC has set out proposed changes to the Privacy Act that would compensate individuals for provable nonpecuniary harms caused by willful violations of the Privacy Act. In Cooper, the Supreme Court held that the Privacy Act "does not unequivocally authorize" compensatory damages for mental or emotional distress. Justice Sotomayor, joined by Justices Ginsburg and Breyer, wrote in dissent that "the primary, and often only, damages sustained as a result of an invasion of privacy are . . . mental or emotional distress." EPIC recommended that the Privacy Act explicitly define "actual damages" to include provable mental and emotional distress. EPIC's letter follows an earlier request from Senator Daniel Akaka (D-HI) for comment on S.1732, the Privacy Act Modernization for the Information Age Act of 2011. For more information, see, EPIC: FAA v. Cooper and EPIC: The Privacy Act of 1974.

EPIC Calls on FTC to Develop Substantive Privacy Protections at Workshop on Mobile Advertising

Fri, 11 May 2012 17:52:19 -0500

EPIC submitted comments to the Federal Trade Commission for the May 30 workshop on mobile advertising disclosures. EPIC recommended that the agency focus on the development of substantive privacy protections, such as the Consumer Privacy Bill of Rights announced by the President earlier this year, for mobile services. EPIC also recommended that the workshop address a series of problems with the "notice and consent" approach, as well as the merits of innovative, nonverbal approaches proposed by privacy scholars. The workshop follows an FTC report calling for privacy legislation and an investigation that documented privacy problems with mobile applications for children. For more information, see EPIC: Federal Trade Commission.

On Google Spy-Fi, Senator Durbin Calls for Update to Wiretap Law, FCC Chair Agrees Law Should Protect Unencrypted Communications

Fri, 11 May 2012 15:09:20 -0500

In a hearing with Federal Communications Commission Chairman Julius Genachowski, Senator Dick Durbin (D. IL.) criticized the agency's decision to issue a mere $25,000 fine against Google following the investigation of Street View data collection. (Hearing video beginning at 64:20) Senator Durbin said that Google's interception and collection of private wi-fi communication was a clear violation of privacy. Chairman Genachowski defended the agency's decision but agreed with the committee chairman that "the law should protect people even if they have unencrypted wi-fi." Senator Durbin said that he would consider changes to the law if that is necessary. Senator Durbin also asked the FCC to provide the legal memoranda supporting the FCC's decision not to find Google guilty of violating the Communications Act. EPIC has a similar FOIA request pending with the agency. For more information, see EPIC: FCC Investigation of Google Street View and EPIC: Electronic Communications Privacy Act.

Federal Appeals Courts Sides with NSA, Rejects EPIC's Arguments that Agency Should Provide Information About Collaboration with Google

Fri, 11 May 2012 13:32:20 -0500

The DC Circuit Court of Appeals ruled today the National Security Agency need neither "confirm nor deny" the existence of any records about the agency's relationship with Google, even after such a collaboration was widely reported in the national media. EPIC filed a Freedom of Information Act (FOIA) request with the NSA following a cyber attack in January 2010 that led Google to contact the NSA. The NSA refused to either confirm or deny the existence of responsive records, claiming that such information is exempt from disclosure under the NSA Act. EPIC challenged this "Glomar" response and argued that the agency had a responsibility to locate records that could be disclosed, but a lower court ruled in favor of the NSA and the appellate court affirmed. EPIC has several other pending FOIA matters concerning the NSA, including "Perfect Citizen," Internet wiretapping, and even the NSA's own legal authority which the agency has refused to release to the public. For more information, see EPIC v. NSA: Google / NSA Relationship.

EPIC Stresses Need For Privacy Evaluation in Drone Testing

Wed, 09 May 2012 12:13:06 -0500

In comments to the Federal Aviation Administration (FAA), EPIC emphasized the need for transparency and accountability in drone operations, and recommended the development of privacy protections before drones are more widely deployed in the US. The FAA Notice of Proposed Rulemaking set out proposed criteria for drone testing. Congress has tasked the FAA with facilitating the use of drones in the domestic airspace. February, EPIC, joined by a coalition of more than 100 organizations, experts, and members of the public, petitioned the FAA to conduct a rulemaking on the privacy implications of domestic drone use. For more information, see EPIC: Unmanned Aerial Vehicles (UAVs) and Drones.

Myspace Settles With FTC Over Deceptive Practices Complaint

Tue, 08 May 2012 15:57:50 -0500

The Federal Trade Commission has reached a settlement with the social networking service Myspace over charges that Myspace allowed advertisers to access personally-identifying information after promising to keep such information private. Advertisers were able to access the unique "Friend ID" of users and link this identifier to other personal information. The settlement requires Myspace to implement a comprehensive privacy program, submit to independent audits, and refrain from privacy misrepresentations. For more information, see EPIC: Federal Trade Commission and EPIC: Social Networking Privacy.

2011 FISA Orders Up, National Security Letters Down, No Surveillance Request Denied

Fri, 04 May 2012 11:07:22 -0500

According to the 2011 Foreign Intelligence Surveillance Act (FISA) Report the Justice Department submitted 1,745 applications to the Foreign Intelligence Surveillance Court, a 10.5% increase over 2010. Of the 1,745 FISA search applications, 1,676 concerned electronic surveillance. The FISA court did not deny any applications, though it did modify 30 applications. Also in 2011, the FBI made 16,511 National Security Letter requests for information pertaining to 7,201 different U.S. persons. This is a substantial decrease from the 24,287 national security letter requests concerning 14,212 U.S. persons in 2010. The annual report on FISA, released by the Department of Justice, is far less extensive than the annual wiretap report, produced by the Administrative Office of the US Courts. EPIC has recommended greater accountability for the FISA Court. For more information, see: EPIC: Foreign Intelligence Surveillance Act Court Orders 1979-2011 and EPIC: Foreign Intelligence Surveillance Act.

Classified Report Finds Vulnerabilities in Body Scanner Program

Fri, 04 May 2012 10:39:02 -0500

The Department of Homeland Security Office of Inspector General has completed an investigation into the effectiveness of the body scanner program as deployed in airports as a primary passenger screening system. The unclassified summary of the report notes that several vulnerabilities were found in the program, which has already cost more than $87 million. The full report consists of "Sensitive Security Information" (SSI) and will not be released to the public, according to the Inspector General. EPIC has challenged the SSI designation, arguing that it is an improper standard for classification. The Government Accountability Office, technical experts, Members of Congress, and bloggers have also questioned the effectiveness of the devices. In a federal lawsuit, EPIC challenged the body scanner program, calling it "invasive, unlawful, and ineffective." For more information, see EPIC v. DHS (Suspension of body scanners).

Following Maryland, Congress and California Consider Bills Banning Employers From Asking for Facebook Passwords

Tue, 01 May 2012 14:17:22 -0500

Reps. Eliot Engel (D-NY) and Jan Schakowsky (D-IL) introduced the Social Networking Online Protection Act, a bill that would prohibit employers, colleges, universities, and K-12 schools from seeking usernames or passwords for the social media accounts of employees or students. Similar legislation was introduced in California. Maryland became the first state to ban employers from asking employees or applicants for social networking passwords. Senators Blumenthal and Schumer have asked the Equal Employment Opportunity Commission and the U.S. Department of Justice to investigate the practice. For more information, see EPIC: Workplace Privacy and EPIC: Facebook Privacy.