« July 2014 | Main | September 2014 »

August 2014 Archives

August 8, 2014

The Privacy Class Action Landscape

"The Privacy Class Action Landscape"

Marc Rotenberg,
EPIC President

American Bar Association
Annual Conference
Boston, MA
August 8, 2014

August 13, 2014

Developing Policies for the Internet of Things

"Developing Policies for the Internet of Things"

Marc Rotenberg,
EPIC President

Aspen Institute Communication and Society Program
Aspen, CO
Aug 13-16, 2014

August 1, 2014

EPIC Seeks Information About Secret Surveillance Authority

EPIC has filed a series of Freedom of Information Act requests for documents related to the Government's collection of private communications data under Executive Order 12333. EPIC is seeking secret policies that govern the collection of Internet data by U.S. intelligence agencies outside of the United States. Former government officials have warned that these procedures allow the government to spy on Americans in violation the Fourth Amendment. The Washington Post also reported last year that the NSA had infiltrated private communications held on servers abroad. EPIC's requests to the Attorney General, the Director of National Intelligence, the NSA and other intelligence agencies will help to shed light on these invasive programs. For more information, see EPIC: Executive order 12333.

EPIC Sues FBI for Missing Privacy Reports

EPIC has filed a Freedom of Information Act lawsuit to obtain details about the Federal Bureau of Investigation's surveillance programs. The agency is required to conduct privacy impact assessments when it collects and uses personal data. However, the Bureau has failed to publicly release privacy impact assessments for many of its programs, including facial recognition, drones, and license plate readers. According to the E-Government Act and Justice Department guidelines, all privacy assessments should be made public if practicable. EPIC, joined by a coalition of organizations, recently urged the Attorney General to immediately conduct a privacy assessment of the FBI's Next Generation Identification (NGI) program. The NGI program collects massive amounts of biometric data on U.S. citizens. For more information, see EPIC: EPIC v. FBI - Privacy Assessments.

August 5, 2014

Consumer Privacy Organizations Oppose Farcical Class Action Settlement

EPIC, along with a group of consumer privacy organizations, has asked the Federal Trade Commission to object to an unfair class action settlement in California federal court. In 2010, Google was sued for sharing user web browsing information with advertisers. Under the proposed settlement agreement, Google will distribute several million dollars to a handful of organizations, many of which already have ties to the company. EPIC and other privacy organizations have argued that the proposed agreement "confers no monetary relief to class members, compels no change in Google's behavior, and misallocates the cy pres distribution" to organizations that are "not aligned with the interests of class members and do not further the purpose of the litigation." The consumer groups, who have already written to the court opposing the settlement, urged the Federal Trade Commission to object as well. The agency filed a similar objection in Fraley v. Facebook, an unfair class action settlement in the Ninth Circuit. For more information, see EPIC: FTC and EPIC: Search Engine Privacy.

August 7, 2014

EPIC Demands Report Detailing CIA's Surveillance of Congress

EPIC has filed a Freedom of Information Act request for the Central Intelligence Agency Inspect General's report detailing the agency's surveillance of the Congressional Intelligence Committee. In March 2014, Senator Dianne Feinstein (D-CA), head of the Senate Intelligence Committee, publicly accused the CIA of secretly removing documents from the Committee, searching computers used by the Committee, and attempting to intimidate congressional investigators by requesting a Federal Bureau of Investigation inquiry of their conduct. The Committee had been investigating the CIA's torture program. After Senator Feinstein publicly accused the agency of spying, the CIA's Inspector General conducted an investigation and concluded that the agency's actions had been improper. However, the Inspector General has failed to the actual report public. EPIC has demanded a copy of the full report, as well as associated documents. For more information see: EPIC: FOIA Cases and EPIC v. CIA (Domestic Surveillance).

Federal Trade Commission Responds to EPIC Regarding Google Settlement

The Federal Trade Commission has responded to EPIC's letter urging the agency to oppose a collusive Google class action settlement. The agency stated that it "systematically monitors compliance" with its consumer protection orders and that it "takes alleged violation[s] of an order seriously," but that it cannot publicly disclose details of its investigations until a formal complaint is issued. In 2010, Google was sued for sharing user web browsing information with advertisers. Under the proposed settlement agreement, Google will distribute several million dollars to a handful of organizations, many of which already have ties to the company. EPIC and other privacy organizations urged the Commission to formally object because the proposed agreement "confers no monetary relief to class members, compels no change in Google's behavior, and misallocates the cy pres distribution." The agency has a history of filing objections - it filed a similar objection in Fraley v. Facebook, an unfair class action settlement in the Ninth Circuit. For more information see EPIC: FTC and EPIC: Search Engine Privacy.

August 13, 2014

Privacy Interests: Big Data, UAVs and SNS

Privacy Interests: Big Data, UAVs and SNS

Ginger McCall,
Director, EPIC Open Government Project

The Judge Advocate General's Legal Center and School
Charlottesville, VA
August 13, 2014

August 12, 2014

Documents Obtained by EPIC Lawsuit Show NSA’s Internet Metadata Program Was Sharply Criticized By FISA Judges While Congressional Oversight Lagged for Years

In a FOIA lawsuit against the Department of Justice, EPIC has obtained many documents about the NSA's Internet Metadata program. These include the Government's original FISA application seeking authorization to collect data from millions of e-mails, as well as declarations from NSA officials describing the program. The documents show that FISA Court Judge John Bates chastised the agency for "long-standing and pervasive violations of the prior [court] orders in this matter.'' The FISA Court first authorized the program in 2004, but the documents obtained by EPIC show that the legal justification was not provided to Congress until 2009. The documents also reveal that the DOJ withheld information about the program in testimony for the Senate Intelligence hearing prior to the reauthorization of the legal authority. The program was shut down in 2011 after a detailed review. For more information, see EPIC v. DOJ (FISA Pen Register) and EPIC: Foreign Intelligence Surveillance Court.

August 14, 2014

Senator Schumer Calls On Regulators to Make Fitness Data Private

Senator Charles Schumer has denounced the data collection practices of "activity trackers" such as FitBit. "Activity trackers" are mobile devices that record highly personal information about the wearer and constantly analyze the wearer's activities, including their diet, exercise, sleep, and even sexual habits. However, it is not clear whether federal privacy law protects this personal data from disclosure to third parties. EPIC has commented extensively on the privacy protections that are necessary in the "internet of things." EPIC has frequently pointed out the potential for misuse when companies collect data about sensitive consumer behavior. EPIC has made several recommendations to improve the privacy protections on devices such as "activity trackers," including requiring companies to adopt Privacy Enhancing Techniques, respect a consumer’s choice not to tracked, profiled, or monitored, minimize data collection, and ensure transparency in both design and operation of Internet-connected devices. For more information, see EPIC: FTC and EPIC: Practical Privacy Tools.

August 20, 2014

Congress Investigates Airline Privacy Practices

Senator John Rockefeller (D-WV) is currently seeking information from ten U.S. airlines concerning how airlines safeguard consumer traveler data. Senator Rockefeller has requested information regarding: (1) the type of information airlines collect; (2) airlines' data retention periods; (3) airline privacy and security safeguards governing consumer information; (4) whether consumers may access and amend their information; (5) whether airlines sell or disclose consumer information and if so, to whom do they disclose the consumer data; and (6) how airlines inform consumers about airline privacy policies governing consumer information. EPIC routinely urges the Department of Homeland Security to provide privacy protections for air travelers and end the agency's secret "risk-based" passenger profiling. For more information, see EPIC: Air Travel Privacy, EPIC: Passenger Profiling, EPIC: Secure Flight, and EPIC: EPIC v. DHS (Suspension of Body Scanner Program).

August 21, 2014

Department of Transportation Seeks Public Comment on Connected Cars

The National Highway Traffic Safety Administration, at the Department of Transportation, is soliciting public comments on the privacy and security implications of connected "vehicle-to-vehicle" technology. According to the agency, the technology transmits data between vehicles to "facilitate warnings to drivers concerning impending crashes." The agency plans to mandate vehicle-to-vehicle technology. NHTSA is also soliciting comments on a connected car research report. Comments on both are due October 20, 2014. Last year EPIC, joined by a coalition of privacy and consumer rights organizations and members of the public, urged NHTSA to protect driver privacy and establish privacy safeguards for car "black boxes." For more information, see EPIC: Event Data Recorders and EPIC: Comments on the Privacy and Security Implications of the Internet of Things.

August 22, 2014

Security Experts: EPIC Correct About Body Scanners-Invasive and Ineffective

The first independent analysis of backscatter x-ray body scanners corroborate the claims EPIC and others have made for several years: The scanners are invasive and ineffective. In a detailed report published in 2005, EPIC warned that the x-ray body scanners amounted to a virtual strip search and were an ineffective means of airport security. Freedom of Information Act documents later obtained by EPIC revealed that TSA could disable the body scanner's privacy settings, the nude images could be stored on the machines, and the scanners ran on a standard operating system making them vulnerable to outside security threats. EPIC and a coalition of civil liberties organizations then petitioned DHS Secretary Napolitano to suspend the program. When the DHS failed to do so, EPIC sued the agency. The D.C. Circuit Court of Appeals ruled in EPIC v. DHS that the agency must begin a public rule making. The backscatter X-ray scanners were subsequently removed from US airports. For more information, see EPIC: EPIC v. DHS (Suspension of Body Scanner Program) and EPIC: Whole Body Imaging Technology.

August 26, 2014

European Facebook Users Privacy Lawsuit Moves Forward

A group of over 25,000 European Facebook users may proceed with their lawsuit against Facebook. The users, led by privacy activist Max Schrems, sued Facebook in a court in Vienna. The users charge Facebook with violating EU privacy law by improperly handling users' data. Now that the court has approved the class action suit, Facebook must respond to the complaints. In 2011, Schrems brought a similar lawsuit against Facebook in an Irish court. In the same year, Facebook signed a consent order with the Federal Trade Commission, following a complaint filed by EPIC and a group of American consumer privacy organizations. EPIC has also filed an amicus brief in a federal class action lawsuit, opposing Facebook's use of children's images for advertising purposes. In 2013, EPIC gave the International Privacy Champion Award to Max Schrems, calling him "an innovative and effective spokesperson for the right to privacy." For more information, see EPIC: In re Facebook.

August 27, 2014

Consumer Privacy Organizations Urge Judge to Reject "Privacy Settlement"

EPIC, joined by leading consumer protection organizations, has asked a federal judge to reject a proposed class action settlement in In re Google Referrer Header Litigation. The settlement requires no substantial change in Google's business practices and provides no benefit to class members. EPIC wrote to the same judge last year when the settlement was first proposed, urging him not to approve. The Federal Trade Commission and the California Attorney General have opposed a similar settlement. And the Chief Justice of the US Supreme Court has expressed deep skepticism about settlements that provide no benefits to class members. The judge in the Google care will rule on the settlement August 29. For more information, see EPIC: Search Engine Privacy, and EPIC: FTC.

August 29, 2014

EPIC FOIA Case - Army Blimps over Washington Loaded with Surveillance Gear, Cost $1.6 Billion

EPIC has received substantial new information about the surveillance blimps, now deployed over Washington, DC. The documents were released to EPIC in a Freedom of Information Act lawsuit against the Department of the Army. The documents also reveal that the Army paid Raytheon $1.6 billion. EPiC will receive more documents about the controversial program In October. For more information, see EPIC: EPIC v. Army - Surveillance Blimps and EPIC: Freedom of Information Act Litigation.

About August 2014

This page contains all entries posted to epic.org in August 2014. They are listed from oldest to newest.

July 2014 is the previous archive.

September 2014 is the next archive.

Many more can be found on the main index page or by looking through the archives.