epic.org: July 2019 Archives

CREW Backs EPIC in Case for Release of Full Mueller Report

Citizens for Responsibility and Ethics in Washington has filed an amicus brief in support of EPIC's case for the release of the full Mueller Report. CREW argued that the Justice Department cannot withhold parts of the Report as "deliberative" because the Report explains the Special Counsel's final decisions. "Especially in the context of an investigation into interference with our electoral process by a foreign power and potential links to the sitting President's political campaign, the public interest in disclosure is at an apex once the investigation is complete and the prosecutorial decisions have been made," CREW argued. EPIC recently moved for summary judgment to obtain the full Mueller Report. The case is EPIC v. Department of Justice, No. 19-810 (D.D.C.). Copies of the Mueller Report obtained by EPIC, related materials, and background on the case are available for purchase at the EPIC Bookstore.

Tags:

Posted by EPIC on July 1, 2019 9:15 AM | Permalink

Privacy Board Publishes Inventory of Current Oversight Activities

In an important step for transparency, the Privacy and Civil Liberties Oversight Board has published an inventory of current oversight activities. The Board announced it is reviewing NSA's search tool called "xkeyscore." The tool is used to search data collected under Executive Order 12333, a legal authority has not yet been subject to public oversight. EPIC previously sought public release of the PCLOB report on Executive Order 12333. The Board will also issue a public report on how the intelligence community is implementing proposed surveillance reforms. EPIC previously sent detailed comments to the Board, urging the oversight agency to become a "leader" in open government and recommending specific changes to agency practices regarding FOIA and open meetings.

Tags:

12333
PCLOB

Posted by EPIC on July 2, 2019 10:10 AM | Permalink

Congress Sues for Release of Trump's Tax Returns

The U.S. House of Representatives has filed suit to obtain six years of President Trump's personal tax returns from the IRS. Rep. Richard Neal, Chairman of the House Ways and Means Committee, has the authority under a section of the tax code to obtain the tax returns. But the IRS and Treasury Department have repeatedly refused to comply with the law. EPIC has sought the release of the President's tax records in two lawsuits: EPIC v. IRS I and EPIC v. IRS II. The D.C. Circuit's opinion in EPIC v. IRS I is cited in the House's complaint multiple times. EPIC previously urged Congress to obtain and publicly release of President Trump's tax returns. EPIC is seeking to determine the extent of Russian interference in the 2016 presidential election.

Tags:

Posted by EPIC on July 2, 2019 1:35 PM | Permalink

EPIC to FAA: Drone Advisory Committee Needs Privacy and Security Experts

EPIC has sent a letter to the Federal Aviation Administration, urging the agency to name privacy and security experts to the Drone Advisory Committee. EPIC filed suit last year to enforce the transparency obligations of the industry-dominated Committee, which conducted much of its work in secret. EPIC's case forced the Advisory Committee to release hundreds of documents that it unlawfully withheld. The documents obtained by EPIC show that the Committee recognized drone privacy risks and even planned to form a "Privacy Subcommittee." Yet the Committee entirely failed to address privacy issues before making final policy recommendations to the FAA. The FAA has recently come under criticism from members of Congress and the Department of Defense concerning commercial drones that enable remote surveillance.

Tags:

drones
FAA

Posted by EPIC on July 2, 2019 2:15 PM | Permalink

BREAKING: Citizenship Question Dropped from 2020 Census

The Census Bureau has confirmed that it will not collect personal data concerning citizenship status on the 2020 Census. The Bureau has instead ordered census forms to be printed without the proposed citizenship question. The decision follows a ruling by the U.S. Supreme Court blocking the citizenship question over the government's failure to provide a "reasoned explanation" for collecting citizenship information. EPIC filed a separate lawsuit to block the Census Bureau's collection of citizenship data because the agency had failed to complete required privacy impact assessments. The D.C. Circuit reached a decision in EPIC's case last week. EPIC also filed an amicus brief in the Supreme Court case, joined by 23 legal scholars and technical experts, warning that "collecting citizenship status information from hundreds of millions of U.S. residents presents enormous privacy and security concerns."

Tags:

census

Posted by EPIC on July 2, 2019 5:05 PM | Permalink

In Amicus, EPIC Proposes Duty to Protect Personal Data

In an amicus brief for the D.C. Circuit Court of Appeals, EPIC has recommended that courts recognize a common law obligation to protect the personal data that companies choose to collect. In Attias v. CareFirst, Inc., inadequate security practices allowed hackers to obtain 1.1 million customer records from D.C.'s largest health insurer. A lower court dismissed many of the privacy claims in the case. But EPIC argued to the appellate court that data breaches underscore the need for companies to be held liable for faulty security. EPIC said that courts should impose a duty of reasonable data protection on businesses to ensure that companies protect the personal data that they collect. EPIC previously filed an amicus brief in this case supporting data breach victims. EPIC regularly files briefs defending consumer privacy.

Tags:

Posted by EPIC on July 3, 2019 10:25 AM | Permalink

EPIC, Coalition Oppose Facebook Libra Plan

EPIC joined a coalition of consumer groups in a letter to Congress calling for an end to Facebook's Libra plan. Facebook, the world's largest social network company, said it planned to enter the global financial services market, likely sidestepping government oversight and democratic accountability. Several groups warned that "a careful assessment will show that the proposal is too dangerous to proceed." The coalition also identified "profound questions" about governance, national sovereignty, law enforcement, consumer protection, privacy, competition and systemic risk. Meanwhile, the Federal Trade Commission has failed to take any action in the fifteen months since the FTC reopened the investigation of Facebook, following the Cambridge Analytica scandal. EPIC brought the original complaint to the FTC in 2009 that led to the 2011 consent order against Facebook. Earlier this year, an EPIC Freedom of Information Act request uncovered more than 26,000 complaints against Facebook pending at the Commission. EPIC has repeatedly urged the FTC to #EnforceTheOrder against Facebook.

Tags:

Posted by EPIC on July 3, 2019 10:30 AM | Permalink

EPIC to Discuss US Surveillance before Top European Court

This week EPIC Senior Counsel Alan Butler will appear before the Court of Justice for the European Union in the case Data Protection Commissioner v. Facebook. The case, known as "Schrems 2.0." follows the European Court's landmark decision in Schrems v. DPC striking down the "Safe Harbor" arrangement and leading to the creation of the "Privacy Shield." The current case considers whether the transfer of personal data to the U.S. using standard contract clauses violates the fundamental rights of Europeans. At issue is Section 702 of the FISA Amendments Act and Executive Order 12333. EPIC's Butler will provide the Court with expert analysis on U.S. surveillance law. EPIC is a party to the case, along with Austrian privacy activist Max Schrems. EPIC also recently filed a brief with the European Court of Human Rights in Big Brother Watch v. UK, arguing that the Human Rights Court should review UK-U.S. intelligence transfers in assessing UK bulk surveillance. That case will be heard July 10th.

Tags:

Posted by EPIC on July 8, 2019 11:25 AM | Permalink

Coalition Urges Florida Governor to Cancel School "Safety" Profiling Project

EPIC and 32 organizations have urged Florida Governor DeSantis to postpone the implementation of a proposed school safety database. The groups warned that the system could label students as threats based on data such as physical disabilities or those seeking mental health care. The signatories asked Governor DeSantis to immediately halt the database project and create a commission to propose measures that effectively identify and mitigate school safety threats. In 2014 EPIC urged Congress to adopt the Student Privacy Bill of Rights to safeguard student privacy.

Tags:

Posted by EPIC on July 9, 2019 11:35 AM | Permalink

EPIC, NCLC Urge Federal Appeals Court to Limit Robocalls

EPIC and the National Consumer Law Center have filed an amicus brief in a case concerning the scope of the federal law, the Telephone Consumer Protection Act, that protects consumers against robocalls. In Gadelhak v. AT&T Services, EPIC and NCLC argued that list-based systems are included among the law's definition of "autodialers." To do otherwise, the brief explained, "would undermine the law's effectiveness by inviting easy circumvention and rendering the restriction obsolete." EPIC and NCLC further explained that the "mass texting from a list, such as the system used by AT&T in this case, is precisely the type of technology the TCPA sought to restrict." The amici warned that a narrow interpretation of the law "would accelerate the rising levels of robocalls and texts." EPIC routinely files amicus briefs on consumer privacy issues, including several amicus briefs on the TCPA.

Tags:

Posted by EPIC on July 9, 2019 11:45 AM | Permalink

Ninth Circuit Strikes Down Debt-Collection Exception to Robocall Ban

The Ninth Circuit has again found that the Telephone Consumer Protection Act limits the ability of government debt collectors to make robocalls. The law prohibits automated calls to cell phones, except in emergencies or with the consent of the called party. But in 2015 Congress created an exception for calls made to collect debts guaranteed by the federal government. In Duguid v. Facebook, the Ninth Circuit found that the exception violated the First Amendment because it preference debt collectors over other companies that could might use robocall technology. The outcome is favorable for consumer privacy. EPIC filed a "friend of the court" brief in Gallion v. Charter Communications, a similar case in the Ninth Circuit, arguing that "the TCPA prohibitions are needed now more than ever." EPIC routinely files amicus briefs on consumer privacy issues, including several amicus briefs on the TCPA.

Tags:

Posted by EPIC on July 9, 2019 3:00 PM | Permalink

EPIC, Coalition Call for Suspension of Face Recognition by DHS

EPIC and over 35 organizations have urged Congress to halt the use of face recognition technology on the general public. The letter states that face recognition technology poses serious risks to privacy and civil liberties, threatens immigrants, broadly impacts American citizens, and has been implemented without proper safeguards or explicit Congressional approval. At a hearing this week, the House Homeland Security Committee will examinee face recognition technology. Documents previously obtained by EPIC under the FOIA, and featured at Buzzfeed, revealed flaws in facial recognition at airports. Bias is also a significant problem with the identification technique. EPIC highlighted these problems in comments to the agency and previously recommended a suspension of facial recognition at US airports.

Tags:

Posted by EPIC on July 9, 2019 5:40 PM | Permalink

White House Explores Social Media "Bias"

The White House is today hosting a social media summit to examine allegations of bias and censorship. EPIC objected to an earlier White House survey on this topic, noting that the White House failed to protect the privacy of respondents. EPIC told the White House that "this data collection is unlawful, unconstitutional, and itself a violation of the First Amendment." The White House has since disabled the survey. To address concerns about bias, EPIC supports algorithmic transparency and has urged federal agencies and Congress to mandate algorithmic transparency. In 2007, EPIC explained to Congress that after Google acquired YouTube, Google substituted its own subjective algorithm based on "relevance" for objective criteria, such as number of hits and user ratings. The practical consequence was to elevate the rankings of Google's own web pages and to demote the ranking of other web pages, including EPIC's. Senator Josh Hawley (R-MO) recently introduced the "Ending Support for Internet Censorship Act," which would require tech companies to submit to an external audit that proves that their algorithms and content-removal practices are politically neutral.

Tags:

Posted by EPIC on July 11, 2019 11:30 AM | Permalink

U.S. Courts Release 2018 FISA Report

The Administrative Office of the U.S. Courts has issued the 2018 report on activities of the Foreign Intelligence Surveillance Court. The 2018 report reveals a significant decline in the number of total applications to the FISC. There were 1,318 FISA applications in 2018, down by three hundred applications from the total of 1,614 in 2017. The scrutiny of FISA applications by the Court remained steady after an uptick last year: 985 orders were granted, 261 orders were modified, 42 orders were denied in part, and 30 applications were denied in full. EPIC testified before Congress in 2012 on the need to improve review of FISA applications. EPIC Senior Counsel Alan Butler also recently appeared before Europe's highest court to provide expert analysis on U.S. surveillance law, including FISA authorities.

Tags:

FISA
FISC

Posted by EPIC on July 11, 2019 11:40 AM | Permalink

EPIC Urges FAA to Act on Drone ID Broadcast Requirement

In comments on the Federal Aviation Administration's proposal to renew the drone registration system, EPIC urged the agency to move quickly on a drone ID broadcasting requirement. EPIC explained that the European Union has recently established comprehensive rules for drone operators, including a requirement for realtime ID that aligns with EPIC's previous recommendations to the FAA. The EU will require real-time broadcasting of the drone operator registration number, the geographical position of the drone, the drone route course, and the position of the drone operator. In a letter to the FAA earlier this year, Senators Edward Markey (D-MA) and John Thune (R-SD) also urged the FAA to establish a rule for the real-time, remote identification of drones.

Tags:

drones

Posted by EPIC on July 11, 2019 1:20 PM | Permalink

EPIC, Coalition Ask Congress to Block CIA Proposal to Limit Agency Accountability

EPIC and a coalition of government transparency advocates have urged Senate and House leaders to remove a proposed change to the Intelligence Authorization Act for Fiscal Year 2020 that would dramatically expand the crime of disclosing the identity of intelligence agents. The CIA has been lobbying Congress to modify the Intelligence Identities Protection Act's penalties, which could be applied to whistleblowers, public interest organizations, and journalists who try to expose mismanagement, fraud, and corruption in the intelligence community. The letter from open government advocates also warned that the amendment could obstruct congressional oversight, weaken government accountability, limit public access to information, and chill journalists and public interest organizations.

Tags:

open government

Posted by EPIC on July 11, 2019 1:35 PM | Permalink

Facing EPIC Lawsuit, DHS Suspends Media Monitoring Program

As the result of an EPIC lawsuit, the Department of Homeland Security has suspended a controversial effort to track journalists, news outlets, and social media accounts. The "Media Monitoring Services" platform would have included an "unlimited" database of personal information from journalists and media influencers, including location data, contact information, employer affiliations, and past content. EPIC filed suit last year to block the program, arguing that the DHS had failed to complete required Privacy Impact Assessments. In a settlement with EPIC, the agency acknowledged that it was not using the proposed system and agreed to complete required Privacy Impact Assessments before collecting personal data in the future. EPIC also obtained records showing that the DHS ignored the harms that media monitoring would have caused to privacy and press freedoms.

Tags:

Posted by EPIC on July 11, 2019 3:20 PM | Permalink

White House Seeks Public Comments on AI and Federal Data

The White House is requesting public comment on which federal data and models should be made available for AI research, development, and testing. Comments are due by August 8, 2019. The request for public comments follows from the Executive Order on Artificial Intelligence, which also requires agencies to identify privacy, civil liberties, and security concerns associated with access federal data sets. The Privacy Act of 1974 imposes limits on how government agencies collect, use, and transfer personal data. In Scientific American, EPIC has strongly favored greater use of federal data that is not personally identifiable, such as statistical data and data concerning climate change, but has warned against the use of personal data maintained by federal agencies for AI projects. EPIC also recently filed comments with the National Institute of Standards and Technology urging the U.S. to implement the OECD Principles on Artificial Intelligence and the Universal Guidelines for AI, which both emphasize the importance of privacy protection in AI research.

Tags:

Posted by EPIC on July 11, 2019 3:50 PM | Permalink

Bi-Partisan Effort Underway to Reform FOIA

Senators from across the aisle have criticized recent changes to the Freedom of Information Act and vow to introduce legislation to reform the FOIA. In Food Marketing Institute v. Argus Leader Media, the Supreme Court recently narrowed public access to government records. A few days later, the Environmental Protection Agency changed its FOIA regulations without a public comment opportunity. The EPA's changes are similar to the Department of the Interior's "awareness review" that allows political appointees to decide whether to withhold information and issue a misleading "no records" response. Senators Ed Markey (D-MA) and Chuck Grassley (R-IA) are both considering legislation in response. Senator Grassley stated, "[the] recent Supreme Court ruling and even new regulations in the EPA and the Department of Interior are undermining access to public information. . . Americans deserve an accountable government, and transparency leads to accountability." EPIC wrote an amicus brief in Food Marketing Institute, warning the Court that a change in the FOIA "would deprive the public, and government watchdogs such as EPIC, of access to important information about 'what the government is up to.'" EPIC frequently uses the FOIA to promote government oversight.

Tags:

Posted by EPIC on July 11, 2019 5:10 PM | Permalink

Court: Computer Experts May Examine Georgia Voting Systems

A federal court in Georgia has ruled that Georgia election officials must allow the Coalition for Good Governance to review the state's election management databases. The Coalition argued that the databases "provide the roadmap that needs to be analyzed to identify flaws" in the state election system. EPIC recently filed an amicus brief in the case, joined by 31 legal scholars and technical experts. EPIC asked the federal court to stop Georgia's use of Direct Recording Electronic voting machines. Experts in election security have shown that DREs are insecure, vulnerable to attack, fail to provide a paper trail that enables auditing, and subject vote tallies to manipulation by remote adversaries. EPIC told the court, "the continued use of these systems poses a direct threat to personal privacy, election integrity, and democratic institutions." The case is Curling v. Raffensperger.

Tags:

Posted by EPIC on July 11, 2019 5:25 PM | Permalink

EPIC FOIA - FTC Enforcement Director Participated in Over 100 Meetings About Facebook Post-Cambridge Analytica

As a result of EPIC's Freedom of Information Act request, the Federal Trade Commission released records indicating that FTC Associate Director of Enforcement James A. Kohm participated in at least 162 meetings since the Commission adopted the consent order with Facebook in 2011. Almost 140 meetings occurred after Facebook admitted to the unlawful transfer of over 87 million user profiles to Cambridge Analytica. In March 2018, the FTC said it would reopen investigation of Facebook, but the agency has never taken an enforcement action against the country. EPIC launched the #EnforceTheOrder campaign this year to urge action by the FTC.

Tags:

Posted by EPIC on July 11, 2019 6:10 PM | Permalink

Trump Issues Executive Order To Seek Citizenship Information From All Federal Agencies

President Trump announced today that he will order federal agencies to transfer personal data to the Department of Commerce to determine the number of non-citizens in the United States. Trump stated, "We will utilize these vast federal databases to gain a full, complete, and accurate count of the non-citizen population including databases maintained by the Department of Homeland Security, and the Social Security Administration." President Trump has abandoned his quest to seek citizenship information on the 2020 Census after the Supreme Court ruled that the Commerce Department's decision to collect citizenship data "cannot be adequately explained" by the rationale provided by the agency. EPIC separately sought to block the Census Bureau's collection of citizenship data because the agency failed to complete required privacy impact assessments. Last month, the D.C. Circuit issued a decision in the case, ruling that EPIC did not have a legal basis to obtain Privacy Impact Assessments from the federal government. EPIC also filed an amicus brief in the Supreme Court case, joined by 23 legal scholars and technical experts, warning that "collecting citizenship status information from hundreds of millions of U.S. residents presents enormous privacy and security concerns." The federal Privacy Act also imposes limits on the ability of federal agencies to transfer personal data to other agencies. The DHS has previously stated that DACA applicant information would be used exclusively for the purposes for which it was provided.

Tags:

Posted by EPIC on July 11, 2019 6:30 PM | Permalink

EPIC Files Complaint with FTC about Zoom

Today EPIC filed a complaint with the FTC alleging that the videoconferencing company Zoom has committed unfair and deceptive practices in violation of the FTC Act. According to EPIC, Zoom intentionally designed its web conferencing service to bypass browser security settings and remotely enable a user's web camera without the knowledge or consent of the user. As a result, Zoom exposed users to the risk of remote surveillance, unwanted videocalls, and denial-of-service attacks. EPIC has brought many similar consumer privacy complaints to the FTC, including the complaint that led to the FTC consent order against Facebook and the complaint that led to the FTC consent order against Google. EPIC cited the Google order, which produced a $22.5 m fine, in the complaint concerning Zoom. EPIC, In re Zoom ("Concerning Zoom's ability to bypass browser security settings and remotely enable a user's web camera without the knowledge or consent of the user.”)

Tags:

Posted by EPIC on July 11, 2019 7:20 PM | Permalink

WSJ Reports that FTC Agrees to $5B Fine Against Facebook

The Federal Trade Commission has reportedly approved a $5 billion fine against Facebook, the largest fine in the Commission's history. EPIC brought the original complaint to the FTC that led to the 2011 Consent Order against Facebook. This is the first enforcement action the FTC has taken against Facebook in the eight years since the Consent Order was put in place. Earlier this year, an EPIC Freedom of Information Act request uncovered more than 26,000 complaints against Facebook pending at the Commission. EPIC also launched the #EnforceTheOrder campaign to urge action by the FTC. In January, EPIC recommended that the FTC enforcement action 1) impose substantial fines; 2) establish structural remedies; 3) require compliance with Fair Information Practices; 4) reform hiring and management practices; and 5) restore democratic governance.

Tags:

Facebook
FTC

Posted by EPIC on July 12, 2019 4:50 PM | Permalink

IRS Issues Final Rule on Truncated SSNs

The IRS has issued a final rule to encourage employers to truncate employees' social security numbers (SSNs) on copies of W-2s and other forms furnished to employees. The new rule is intended to aid employers' efforts to protect employees from identity theft. EPIC submitted comments to the IRS in support of the rule, but argued that the rule should require employers to truncate SSNs rather than only allowing them to do so. EPIC said: "W-2 forms have been the target of several high-profile breaches" and recommended that the IRS require truncated SSNs "to protect employees from future breaches." EPIC has participated in the leading cases involving the privacy of the SSN and has frequently testified in Congress about the need to establish privacy safeguards for the SSN to prevent identity theft and financial fraud.

Tags:

Posted by EPIC on July 15, 2019 11:00 AM | Permalink

EPIC Comments on Third Annual Privacy Shield Review

EPIC provided comments to the European Commission to inform the third annual review of the EU-U.S. Privacy Shield, a framework that permits the transfer of Europeans' personal data to the U.S. EPIC detailed the latest developments in the U.S., including the failure to reform bulk surveillance under Section 702 of FISA, the absence of comprehensive federal privacy law and a data protection authority, and an executive order to collect data about non-citizens from across the federal government. EPIC also applauded appointments to the PCLOB and the U.S. endorsement of the OECD AI Principles. The Commission approved Privacy Shield last year, but urged the U.S. to adopt privacy legislation and to join the International Privacy Convention. The European Commission will make a determination about whether to renew the Privacy Shield this fall.

Tags:

Posted by EPIC on July 15, 2019 11:55 AM | Permalink

US AI Commission Continues Secret Meetings

On July 11, 2019, the National Security Commission on Artificial Intelligence held its third meeting behind closed doors. Created by the National Defense Authorization Act for Fiscal Year 2019, the AI Commission is tasked with considering "the methods and means necessary to advance the development of" AI to address the national security and defense needs of the U.S. Representatives of large tech firms, including Google and Microsoft, dominate the Commission. Like its first meeting in March, the AI Commission provided no notice of the meeting and no opportunity for public participation. According to reports, the AI Commission received briefings on AI research, national security uses of AI, and preparing the workforce for AI. The AI Commission's mandate specifies that comprehensive reports be made available to the public. EPIC previously filed a Freedom of Information Act request seeking a copy of the AI Commission report, which has still not been released to the public.

Tags:

Posted by EPIC on July 15, 2019 2:15 PM | Permalink

EPIC on Libra: "Facebook Clearly Cannot be Trusted With Consumers' Financial Data"

In advance of Congressional hearings on Facebook's plan to launch its own cryptocurrency called Libra, EPIC has sent statements to Senate and House Committees stating that "Facebook clearly cannot be trusted with consumers' financial data." EPIC noted Facebook's history of misrepresentations to regulators, highlighting the promises Facebook made when the company acquired WhatsApp regarding user privacy — promises Facebook has since broken. EPIC also discussed the Cambridge Analytica scandal and outlined Facebook's long history of failing to protect user data. As reported, a pending settlement with Facebook would not address proposals made by EPIC and others to strengthen Facebook's protection of user data. EPIC urged Congress to block Facebook's entry into cryptocurrency.

Tags:

Posted by EPIC on July 15, 2019 5:05 PM | Permalink

Tim Wu Testifies Before House Antitrust Committee

Former EPIC Advisory Board member Tim Wu will testify this week before a House committee regarding online platforms and market power. EPIC previously told the Subcommittee on Antitrust that "the internet advertising system today is not healthy. Two companies dominate the market. The privacy of Internet users is under assault. The revenue model that sustained journalism is broken. The current model is not sustainable. Privacy rules can help level the playing field." In 2000, EPIC opposed Doubleclick's acquisition of Abacus. In 2007, EPIC told the FTC that Google's proposed acquisition of DoubleClick would lead to consumers being tracked and profiled by advertisers across the web.

Tags:

Posted by EPIC on July 15, 2019 5:20 PM | Permalink

BREAKING - EPIC Seeks Public Release of FTC Settlement with Facebook

Today EPIC filed an expedited Freedom of Information Act request with the Federal Trade Commission, seeking the public release of the proposed settlement with Facebook. Last week the Wall Street Journal first reported that the FTC approved a $5 billion settlement with Facebook for violating a 2011 consent order that EPIC helped obtain. However, details about the settlement have not been disclosed. In January, EPIC recommended that the FTC 1) impose substantial fines; 2) establish structural remedies; 3) require compliance with Fair Information Practices; 4) reform hiring and management practices; and 5) restore democratic governance. In a series of FOIA cases, EPIC uncovered the biennial audits of Facebook, the number of complaints pending against Facebook at the Commission (26,000), and records of meetings by the chief agency official responsible for overseeing enforcement. EPIC also launched the #EnforceTheOrder campaign.

Tags:

Posted by EPIC on July 15, 2019 6:10 PM | Permalink

EPIC To Congress: Require Algorithmic Transparency For Dominant Internet Firms

For a hearing on "Google and Censorship through Search Engines," EPIC sent a statement to the Senate Judiciary Committee. EPIC said that "algorithmic transparency" could help establish fairness, transparency, and accountability for much of what users see online. In 2011, EPIC sent a letter to the FTC stating that Google's acquisition of YouTube led to a skewing of search results after Google substituted its secret "relevance" ranking for the original objective ranking, based on hits and ratings. The FTC took no action on EPIC's complaint. But the European Commission found that Google rigged search results to give preference to its own shopping service. The European Commission required Google to change its algorithm to rank its own shopping comparison the same way it ranks its competitors.

Tags:

Posted by EPIC on July 17, 2019 11:50 AM | Permalink

Justice John Paul Stevens, 1920-2019

Former Supreme Court Justice John Paul Stevens passed this week. He was 99. EPIC remembers Justice Stevens for his many important opinions on privacy, open government, and the First Amendment. Justice Stevens played a pivotal role in cases concerning the Constitutional right of anonymity. In McIntyre v. Ohio (1995), he wrote for the Court "Under our Constitution, anonymous pamphleteering is not a pernicious, fraudulent practice, but an honorable tradition of advocacy and of dissent. Anonymity is a shield from the tyranny of the majority." In Watchtower Bible, a case concerning a permit requirement for pamphleteers, he said for the Court "It is offensive . . . to the very notion of a free society that in the context of everyday public discourse a citizen must first inform the government of her desire to speak to her neighbors and then obtain a permit to do so." And in Hiibel v. Sixth Judicial District (2004), Justice Stevens wrote in dissent opposing a state stop and identify law, "A name can provide the key to a broad array of information about the person, particularly in the hands of a police officer with access to a range of law enforcement databases." Stevens was also a cryptographer for the Navy during World War II.

Tags:

Posted by EPIC on July 17, 2019 1:55 PM | Permalink

New Privacy Alliance Underway in Russia, Central and Eastern Europe

Civil society advocates are set to form a new NGO to promote privacy in Russia, Central, and Eastern Europe. The initiative was convened by Simon Davies, founder of Privacy International and author of "Privacy: A Personal Chronicle." EPIC's Public Voice Fund provided the seed funding for the project. EPIC President Marc Rotenberg said "We appreciate the good work of NGOs and academics to undertake this important collaboration." The initiative's Moderator, former Ombudsman of Georgia, Ucha Nanuashvili, stated "in the former Soviet states there's an urgent need for an initiative that brings together advocates and experts in a strong alliance." The annual meeting of the International Data Protection and Privacy Commissioners will be held this year in Tirana, Albania. The Public Voice plans to host a civil society event.

Tags:

Public Voice

Posted by EPIC on July 18, 2019 2:45 PM | Permalink

Ahead of Congressional Testimony, EPIC Organizes DC Panel on the Mueller Report

EPIC will host a panel discussion on the Mueller Report at Busboy's and Poets in Washington, DC on Tuesday, July 23. The event — "Behind the Black Ink" — precedes Robert Mueller's testimony next week before the House Judiciary and the House Intelligence Committees. Mueller's two-year investigation produced a 448-page report about Russian interference in the 2016 U.S. Presidential Election. EPIC is currently litigating a Freedom of Information Act lawsuit to obtain the complete, unredacted report. Speakers at the EPIC event include Alan Butler, Ryan Goodman, Jason Leopold, Marcy Wheeler, and Anne Weismann.

Tags:

Mueller Report

Posted by EPIC on July 18, 2019 2:55 PM | Permalink

EPIC Launches Campaign for U.S. Data Protection Agency

EPIC has launched a campaign urging the creation of a Data Protection Agency in the United States. In a recent statement, EPIC President Marc Rotenberg said "A data protection agency is the cornerstone of effective privacy protection. Data protection agencies act as ombudsmen for the public. They encourage innovation and good business practices. They identify emerging privacy challenges and pursue solutions. They take enforcement action when necessary and they impose penalties that are meaningful." EPIC has repeatedly told Congress that the FTC is not an effective privacy agency. Earlier this year, EPIC joined other organizations in support of "A Framework for Privacy Protection in the United States," which said "The US needs a federal agency focused on privacy protection, compliance with data protection obligations, and emerging privacy challenges." Visit epic.org/dpa for more information.

Tags:

Data Protection

Posted by EPIC on July 18, 2019 3:05 PM | Permalink

EPIC Urges Antitrust Agencies to Raise their Game

In a statement to the Senate Judiciary committee, EPIC urged lawmakers to press the FTC and the Department of Justice on Enforcement of the Antitrust Laws. EPIC wrote that "companies that protect user privacy are being absorbed by companies that do not protect privacy." EPIC pointed to the Facebook-WhatsApp deal and the failure of the FTC to protect the personal data of WhatsApp users after the merger. EPIC previously testified before the Senate Judiciary Committee about mergers in the online advertising industry after EPIC told the FTC that Google's acquisition of DoubleClick would diminish privacy and stifle innovation. EPIC earlier opposed Doubleclick's acquisition of Abacus, explaining that the deal would lead to increased profiling of American consumers. EPIC, Color of Change, the Open Markets Institute, and others have also urged the FTC to require Facebook to spin-off WhatsApp and Instagram.

Tags:

Posted by EPIC on July 18, 2019 5:00 PM | Permalink

EPIC Leads Coalition Calling for Inclusion of Consumer Groups in Senate Privacy Task Force

EPIC organized a coalition letter to Senator Blackburn (R-TN) and Senator Feinstein (D-CA), urging them to work with consumer and privacy groups in the newly formed Senate Judiciary tech task force. Yesterday Blackburn held a closed-door session with representatives from tech companies, including Snap and Mozilla. The coalition letter said "We need you to pursue an open and inclusive process that ensures that meetings are held in public, that a record is established, and that the voices of consumers are heard." The groups also said "the United States needs comprehensive, baseline federal legislation" and "an independent data protection agency." The groups concluded, "We can no longer let industry groups and ineffective agencies decide how much privacy Americans may have."

Tags:

data protection

Posted by EPIC on July 19, 2019 10:30 AM | Permalink

In FOIA Appeal, EPIC Argues for Release of Predictive Analytics Report

EPIC has filed its opening brief in EPIC v. DOJ, a Freedom of Information Act case concerning predictive policing, algorithmic transparency, and executive privilege. EPIC’s case, now before the D.C. Circuit Court of Appeals, seeks the public release of a report on AI techniques in the criminal justice system. Last year, a lower court allowed the agency to assert the “presidential communications privilege” and withhold the report, but neither the D.C. Circuit nor the Supreme Court has ever permitted a federal agency to invoke that privilege. “The records sought in this [FOIA] case concern the use of predictive analytic techniques in the U.S. criminal justice system, a topic of vital public interest,” EPIC wrote. "But the questions presented on appeal have even broader significance for open government.” EPIC has pursued numerous FOIA cases concerning algorithmic transparency, passenger risk assessment, "future crime" prediction, and proprietary forensic analysis.

Tags:

Posted by John Davisson on July 19, 2019 9:34 PM | Permalink

EPIC Files Closing Arguments for Release of Complete Mueller Report

EPIC has filed its closing brief in EPIC v. Department of Justice, EPIC's case for the release of the complete and unredacted Mueller Report. EPIC warned the Court that “details about ongoing vulnerabilities in the US election system remain hidden from public view. The roles of well-known public officials and public figures in an effort by a foreign government to change the outcome of a US Presidential election are still kept behind a shroud of secrecy.” Judge Reggie B. Walton previously said EPIC's case should move "as expeditiously as humanly possible" and ordered the parties to brief the case on an accelerated schedule. A hearing on EPIC's motion is set for August 5. The case is EPIC v. Department of Justice, No. 19-810 (D.D.C.). Copies of the Mueller report obtained by EPIC, related materials, and background on the case are available for purchase at the EPIC Bookstore. EPIC will host a panel discussion on the Mueller Report at Busboys and Poets in Washington, D.C. on Tuesday, July 23.

Tags:

Posted by John Davisson on July 19, 2019 10:04 PM | Permalink

Equifax to Pay Up to 700 Million in 2017 Data Breach Case

The CFPB, the FTC, and 48 State AGS today announced a settlement with Equifax arising from the 2017 data breach that compromised personal data of 143 million Americans. The company, which offers authentication services, failed to safeguard the names, addresses, dates of birth and SSNs of 147 million Americans, and then failed to act once aware of the breach. EPIC President Marc Rotenberg testified before the House in 2018 and the Senate in 2017 about the Equifax breach. Rotenberg warned lawmakers and regulators that "the Equifax data breach is one of the most serious in the nation's history." EPIC urged lawmakers to update federal privacy laws and also ensure that the CFPB pursues an effective investigation. In the Harvard Business Review, Rotenberg explained the significance of the breach. "Reforms should not just fix these problems but also aim to transform the industry for the better," he wrote. Under the terms of the settlement, Equifax will pay up to 425 million to consumers impacted by the breach as well as a 100 million civil fine. EPIC has recently renewed calls for the creation of a US Data Protection Agency.

Tags:

Posted by EPIC on July 22, 2019 9:40 AM | Permalink

Proposed Cy-Pres Only Settlement Provides No Benefit to Class Members

A proposed settlement with Google concerning the Street View program will provide no actual benefit to class members. With Street View, Google not only captured digital images of streets but also intercepted private wifi communications, including passwords. Beginning in 2007, EPIC and other consumer groups spent several years urging federal and state regulators to act. In 2013, 38 State Attorneys General settled claims against Google. In that settlement, Google agreed to end the collection of network data and launch a public service campaign to help users install secure wireless networks. Six years later, lawyers have just put before a federal judge a settlement that proposes that the company again end the program and launch a public service campaign. Chief Justice Robert has raised "fundamental concerns" about settlements that provide no benefits to class members and no change in business practices. In a cy press case earlier this year, Justice Thomas opposed the Gaos settlement, which also involved Google, explaining "because the class members here received no settlement fund, no meaningful injunctive relief, and no other benefit whatsoever in exchange for the settlement of their claims." EPIC seeks to promote class action fairness and has proposed objective criteria that courts should consider to protect the interests of Internet users in class action settlements.

Tags:

Posted by EPIC on July 22, 2019 10:40 AM | Permalink

EPIC Asks NJ Supreme Court to Apply Fifth Amendment to Cell Phone Searches

EPIC has submitted an amicus brief in State v. Andrews, a New Jersey Supreme Court case about the compelled disclosure of a cell phone passcode. In the brief, EPIC argued that the Fifth Amendment limits the ability of the government to obtain cellphone passcodes. EPIC explained that the U.S. Supreme Court's decisions in Riley v. California and Carpenter v. United States found that the vast amounts of personal data stored in cell phones "justifies strong constitutional protections." EPIC also explained that exceptions to the Fifth Amendment were adopted before personal information was "consolidated in one place." EPIC has long filed "friend of the court" briefs arguing that constitutional protections should keep pace with advances in technology. EPIC filed amicus briefs in Carpenter and Riley, which both involved the searches of cellphones. The U.S. Supreme Court cited EPIC's amicus brief in its opinion.

Tags:

Posted by EPIC on July 23, 2019 12:45 PM | Permalink

In Advance of Mueller Hearings, EPIC Sends Copies of Report to Congress

EPIC has sent dozens of copies of "The Mueller Report: EPIC v. Department and the Special Counsel's Report on Russian Interference in the 2016 Presidential Election" to members of the House Judiciary Committee and the House Permanent Select Committee on Intelligence. Mr. Mueller is scheduled to testify before both committees on Wednesday, July 24. The book, also available at Amazon, chronicles EPIC's efforts, in a Freedom of Information Act lawsuit, to obtain the complete, unreacted report. The case is now fully briefing and hearings on the release of the complete Mueller report and related materials will take place before Judge Reggie Walton on August 5 and August 9. EPIC has also organized a panel discussion at Busboys and Poets this evening to discuss the upcoming testimony of Mr. Mueller and EPIC's case.

Tags:

Mueller Report

Posted by EPIC on July 23, 2019 4:00 PM | Permalink

EPIC to Congress: Executive Order on Citizenship Status Threatens Privacy

EPIC has sent a statement to Congress, warning that President Trump's Executive Order on Collecting Information about Citizenship Status could undermine Privacy Act safeguards. EPIC said "Although President Trump has abandoned his quest to seek citizenship information through the 2020 Census, the plan to aggregate data from other agencies in the Commerce Department is also problematic." EPIC explained that the "Executive Order contemplates both the collection of statistical data and the use of citizenship data for determinations about individuals." EPIC opposed the citizenship question in the 2020 Census, arguing in federal court that the Census Bureau failed to complete required privacy impact assessments. EPIC also filed an amicus brief in the Supreme Court case, joined by 23 legal scholars and technical experts, warning that "collecting citizenship status information from hundreds of millions of U.S. residents presents enormous privacy and security concerns."

Tags:

Posted by EPIC on July 23, 2019 5:15 PM | Permalink

BREAKING - FTC Issues Facebook Fine, EPIC - "Too little, too late."

The Federal Trade Commission announced today the first fine against Facebook since EPIC and a coalition of privacy organizations filed a complaint with the Commission about the company’s businesses practices back in 2009. In a 2011 consent order the FTC said it would bar Facebook "from making any further deceptive privacy claims.” But in the years that followed, the FTC failed to act even as complaints emerged about marketing to children, privacy settings, tracking users, gathering health data, and facial recognition. Earlier this year, EPIC determined that there were 26,000 complaints against Facebook pending at the Commission. EPIC President Marc Rotenberg said today, “The FTC’s action is too little, too late. American consumers cannot wait another decade for the Commission to act against a company that violates their privacy rights. Congress should move quickly to establish a data protection agency."

Tags:

Posted by Caitriona Fitzgerald on July 24, 2019 9:15 AM | Permalink

Bi-Partisan FOIA Reform Bill Would Correct Recent Supreme Court Decision

Senators Chuck Grassley (R-IA), Patrick Leahy (D-VT), John Cornyn (R-TX), and Dianne Feinstein (D-CA) have introduced the Open and Responsive Government Act (S. 2220) to reverse the recent Supreme Court decision in Food Marketing Institute v. Argus Leader Media which overturned over 40 years of Freedom of Information Act precedent. The bill codifies the National Parks test, requiring that information may only be withheld from the public if disclosure would cause "substantial competitive harm" to the oompany that provided that information to the government. The bill also makes clear that agencies may only redact information under the FOIA's nine exemptions and cannot redact information as "non-responsive." In a press release Senator Leahy said, "The bill would limit the extent to which the government can use a recent Supreme Court opinion to justify abuses of a particular FOIA exemption to withhold information. And it would codify another court decision - one that the Trump administration increasingly ignores - prohibiting the government from withholding information on the tenuous rationale that it is supposedly not responsive to the FOIA request." According to Senator Grassley, "This balanced and bipartisan bill . . . mak[es] crystal clear where Congress stands on the public's right to know." EPIC submitted an amicus brief in the Food Marketing Institute case, warning the Court that changing the National Parks standard would deprive the public and groups such as EPIC access to important government information. EPIC frequently uses the FOIA to promote government oversight.

Tags:

FOIA

Posted by EPIC on July 25, 2019 9:25 AM | Permalink

Bill Introduced to Strengthen Privacy Protections At U.S. Borders

U.S. Senators Patrick Leahy (D-Vt.) and Patty Murray (D-Wash.) have reintroduced legislation that would strengthen privacy protections through limiting warrantless border searches. Customs and Border Protection officials are currently authorized to stop and search drivers without a warrant or even reasonable suspicion of wrongdoing within 100 miles of any U.S. border. They can also search private land within 25 miles of the border. In practice, this means government officers have authority to conduct searches without cause in a region that includes nearly two-thirds of the U.S. population. The Border Zone Reasonableness Restoration Act of 2019 would reduce the "border zone" from 100 miles to 25 miles and only allow officers access to private property within 10 miles of the border. A companion bill was introduced in the House of Representatives by Representative Peter Welch (D-Vt.). EPIC has long advocated against privacy-invasive border surveillance and has filed numerous lawsuits to force CBP and Immigration and Customs Enforcement to be more transparent about their border surveillance practices.

Tags:

Posted by EPIC on July 25, 2019 11:50 AM | Permalink

House Passes Bill to Combat Robocalls

In a 429-3 vote, the House passed a bill to combat the onslaught of robocalls. The Stopping Bad Robocalls Act would increase the fines for illegal robocalls, require phone companies to block robocalls by default, require more businesses to obtain consumer consent before calling, and much more. The Act comes two months after the Senate passed a similar bill—the Traced Act—with near unanimous support. Many criticized the Senate's bill for not going far enough. EPIC joined a coalition of consumer groups that urged members of Congress to support the House bill. EPIC has long advocated for stronger regulations surrounding robocalls. EPIC provided expert analysis to Congress, submitted numerous comments, and filed multiple amicus briefs emphasizing the need to limit robocalls.

Tags:

Posted by EPIC on July 25, 2019 12:00 PM | Permalink

FTC Opens Antitrust Investigation of Facebook

Facebook has disclosed that the Federal Trade Commission opened an antitrust investigation into the company. In a recent statement for a Senate Judiciary committee hearing on antitrust, EPIC wrote that "companies that protect user privacy are being absorbed by companies that do not protect privacy." EPIC pointed to the Facebook-WhatsApp deal and the failure of the FTC to protect the personal data of WhatsApp users after the merger. EPIC previously testified before the Senate Judiciary Committee about mergers in the online advertising industry after EPIC told the FTC that Google's acquisition of DoubleClick would diminish privacy and stifle innovation. EPIC earlier opposed Doubleclick's acquisition of Abacus, explaining that the deal would lead to increased profiling of American consumers. This year, EPIC, Color of Change, the Open Markets Institute, and others urged the FTC to spin off WhatsApp as a remedy for violations of the 2011 consent order. In a settlement announced this week, the Commission failed to do so.

Tags:

Posted by EPIC on July 25, 2019 12:10 PM | Permalink

Senate Intelligence Committee: Russian Election Interference "Extensive"

The Senate Intelligence Committee has released the results of its investigation into Russian interference in the 2016 Presidential Election. The Committee found "extensive" Russian interference dating back to 2014. The EPIC Democracy and Cybersecurity Project has pursued numerous FOIA cases concerning Russian interference with the 2016 election. In EPIC v. DOJ, EPIC is seeking the complete, unredacted Mueller Report. Hearings will will take place in federal court on August 5 and August 9. In EPIC v. FBI (response to Russian cyberattacks), EPIC obtained the FBI victim notification procedures. In EPIC v. ODNI (Russian hacking), EPIC confirmed that Russia engaged in a "multi-pronged" attack against the U.S. elections. In EPIC v. IRS I, EPIC sought the release of President Trump's tax returns. In EPIC v. IRS II, EPIC is seeking the release of related business returns. And in EPIC v. DHS (election cybersecurity), EPIC obtained documents about election security procedures.

Tags:

Posted by EPIC on July 25, 2019 5:20 PM | Permalink

EPIC Seeks Consumer Complaints about Facebook Pending Before FTC Prior to Settlement Agreement

EPIC has submitted an urgent Freedom of Information Act request to the Federal Trade Commission seeking all consumer complaints pending before the Commission at the time the agency entered into the settlement with Facebook. The proposed settlement order "resolves" all consumer complaints alleging violation of the consent order prior to June 12, 2019. Earlier this year, EPIC determined that there were 26,000 complaints against Facebook pending at the Commission. Many US privacy organizations have also filed detailed complaints with the Commission, alleging that Facebook's business practices violate the FTC Act and also the Children's Online Privacy Protection Act. The release of the information sought by EPIC could help the public and the Congress assess the adequacy of the proposed settlement.

Tags:

Posted by EPIC on July 25, 2019 6:55 PM | Permalink

EPIC Challenges FTC-Facebook Settlement, Asks Court to Hear from Privacy Groups

EPIC has filed a Motion to Intervene in United States v. Facebook to protect the interests of Facebook users. The case concerns a proposed settlement between the FTC and Facebook. EPIC said the settlement "is not adequate, reasonable, or appropriate." EPIC also explained that the settlement would extinguish more than 26,000 consumer complaints against Facebook pending at the FTC. EPIC asked the court for an opportunity for EPIC and others to be heard before the settlement is finalized. EPIC filed the original complaint that created legal authority for the FTC to oversee Facebook. Back in 2011, EPIC also urged the Commission to require Facebook to restore the privacy settings of users, give users access to all of the data that Facebook keeps about them, stop making facial recognition profiles without users' consent, make the results of the government privacy audits public, and stop secretly tracking users across the web. Earlier this year, EPIC and others urged the FTC to pursue structural remedies, including the divestiture of WhatsApp. Many organizations and individuals have expressed concern about the proposed settlement, which was narrowly approved by the Commission, 3-2. More info at https://epic.org/privacy/facebook/epic2019-challenge/

Tags:

Posted by EPIC on July 26, 2019 11:40 AM | Permalink

Top European Court Rules Companies Using Facebook "Like" Button Are Responsible for User Privacy

The Court of Justice for the European Union has ruled websites embedding the Facebook "like" button are responsible for user privacy. Facebook's tracking technique collects the personal data of visitors to a third-party website and transfers it to Facebook. In Fashion ID v Verbraucherzentrale NRW, the Court stated FashionID can be held jointly responsible with Facebook for compliance with Europe's data protection rules. Fashion ID must obtain prior consent from users or have a legitimate interest in processing their data. The case concerns Europe's 1995 privacy law, but implicates similar terms in the new EU General Data Protection Regulation. EPIC Senior Counsel Alan Butler also recently appeared before the Court of Justice in DPC v. Facebook. The landmark case considers whether the transfer of data to the U.S. using standard contract clauses violates fundamental rights.

Tags:

Posted by EPIC on July 29, 2019 11:05 AM | Permalink

Capital One Breach Sets Record

Capital One bank announced that a criminal hacker stole the personal information of 106 million people who had applied for credit, including credit scores, social security numbers, and bank account numbers. By some measures, it is the largest data breach of a US bank in history. The FBI arrested the alleged hacker and filed a complaint in federal court. Capital One joins a long list of companies that have had data breaches in recent years. In testimony before the Senate and the House several years ago, EPIC warned Congress that US financial institutions were not doing to safeguard consumer data. EPIC has recently renewed calls for the creation of a US Data Protection Agency.

Tags:

Posted by EPIC on July 30, 2019 10:25 AM | Permalink

"Equifax Settlement: Exercise Your Rights!"

After a settlement with Equifax, consumers can now file a claim for free credit monitoring or a cash payment of $125. If you spent time recovering from the breach or lost or spent money because of the breach, you can request payment of up to $20,000. Credit monitoring or the $125 cash payment is easy and requires no documentation, though the actual amount provided may be less depending on the total number of claims. Supporting documents are necessary if you seek payment for time lost or costs because of the breach. The settlement also requires Equifax to provide all U.S. consumers with 6 free credit reports per year. EPIC President Marc Rotenberg testified before the Senate Banking Committee and recommended free credit freezes and other consumer remedies following the 2017 data breach.

Tags:

Posted by EPIC on July 30, 2019 2:35 PM | Permalink

New York Passes Data Breach Law

New York state passed the Stop Hacks and Improve Electronic Data Security, which imposes new obligations on businesses collecting personal data on New York residents. The SHIELD Act requires notification to affected consumers when there is a security breach, broadens the scope of covered information, expands the definition of data breach, and extends the notification requirement to any entity with private information of a New York resident. Governor Cuomo said: "The stark reality is security breaches are becoming more frequent and with this legislation New York is taking steps to increase protections for consumers and holding these companies accountable when they mishandle sensitive data." Recent breaches have highlighted the need for stronger data protection laws. EPIC has renewed calls for a data protection agency in the U.S. and also warned that federal preemption of state privacy laws will lead to an increase in data breaches and financial fraud.

Tags:

Posted by EPIC on July 30, 2019 3:30 PM | Permalink

EPIC Seeks Documents About Executive Order on Citizenship Status Data Collection

EPIC has filed a Freedom of Information Act request with the Department of Commerce seeking documents about Executive Order 13,880, "Collecting Information About Citizenship Status in Connection With the Decennial Census." The executive order requires federal agencies across the government to transfer personal data, subject to Privacy Act safeguards, to the Department of Commerce to determine citizenship "status." Trump also ordered the Commerce Department to develop mechanisms for expanding the collection of data, including collecting data from state governments. Trump vowed that the government "will leave no stone unturned" when seeking citizenship information from every person living in the United States. EPIC recently sent a statement to Congress, warning that the executive order could undermine Privacy Act safeguards. EPIC opposed a similar effort by the Privacy Advisory Commission on Election Integrity to gather personal data from the states. The program was eventually suspended, the data deleted, and the Commission disbanded.

Tags:

census

Posted by EPIC on July 31, 2019 4:45 PM | Permalink

Pew: States Battle Big Tech Over Data Privacy Laws

The Pew Charitable Trusts reports that of the 24 states legislatures that considered data privacy legislation in 2019, only a few have passed new laws. Last year, California passed the California Consumer Privacy Act of 2018, the most comprehensive consumer privacy state law ever enacted in the United States. This month, New York state passed the Stop Hacks and Improve Electronic Data Security, which imposes new obligations on businesses collecting personal data on New York residents. According to the National Conference on State Legislatures, more than 100 privacy bills are currently pending in the states. The EPIC State Policy Project monitors privacy bills nationwide

Tags:

state policy

Posted by EPIC on July 31, 2019 5:05 PM | Permalink