epic.org: September 2019 Archives

EPIC Says FTC Responsible for Cambridge Analytica

EPIC has filed comments on the FTC's proposed consent order with the individuals responsible for the Cambridge Analytica breach that impacted 87 million Facebook users, and possibly the outcome of the Brexit vote. EPIC wrote: "the Cambridge Analytica breach could have been prevented if the Commission had enforced the Consent Order." EPIC pointed to numerous reports that Facebook's improper sharing of personal data with third party developers was known to the FTC after the 2011 Consent Order. EPIC is currently pursuing two cases against the FTC, one to obtain the release of the complete biennial audits, the other to block the FTC's proposed settlement that would leave the Facebook's business practices largely unchanged.

Tags:

Posted by EPIC on September 3, 2019 5:25 PM | Permalink

Facebook Changes Default Setting on Facial Recognition, Following EPIC's 2011 Recommendation

Following a decision by a federal appeals court which found that Facebook had violated a state law limiting the collection of biometric identifiers including facial images, Facebook has changed the default setting for facial recognition. Beginning this week, facial recognition will be set to off by default for both new users and current users. EPIC filed an amicus brief in the biometric privacy case, Patel v. Facebook arguing that "the unlawful collection of an individual's biometric information in violation of the [state law] is an invasion of a legal right..." EPIC had repeatedly warned the Federal Trade Commission that Facebook's use of facial recognition threatened privacy. In comments on the original 2011 consent order, EPIC wrote the "Commission should require that Facebook cease creating facial recognition profiles without users' affirmative, opt-In consent." EPIC had filed a complaint with the FTC early in 2011 charging that the "secretive collection compilation and subsequent use of facial images for automated online identification adversely impacts consumers in the United States and around the world." EPIC filed similar complaints with the FTC about Facebook's use of facial recognition in 2016 and 2018 and provided detailed comments to the Commission in 2012, but the FTC simply failed to act on one of the most controversial business practices of the social media company.

Tags:

Posted by EPIC on September 4, 2019 9:05 AM | Permalink

FTC YouTube Settlement Fails to Safeguard Children's Privacy

Following a comprehensive complaint launched by the CCFC and the CDD concerning children's privacy, the Federal Trade Commission announced a settlement today with YouTube and parent company Google. The companies agreed to pay $170 million to settle claims that they violated the Children's Online Privacy Protection Act, but little will change in the companies business model. Writing in dissent, Commissioner Slaughter said, "Youtube and Google were knowingly profiting off of the unlawful tracking of children." She said the Commission should have required a "technological backstop" to ensure that behavioral advertising of children would not continue. Commissioner Chopra, also dissenting, wrote "the Commission repeats many of the same mistakes from the Facebook settlement." In a statement, Senator Markey said the FTC should have required Google to delete all data it collected from children under 13, prohibit Google from launching kids service without prior review, and required annual public audits. EPIC joined the CCFC and the CDD in the complaint to the FTC. Earlier, after Google acquired YouTube, EPIC sued the FTC to block Google's proposed consolidation of user data. The judge ruled against EPIC, but wrote "EPIC - along with many other individuals and organizations - has advanced serious concerns that may well be legitimate..."

Tags:

Posted by EPIC on September 4, 2019 2:30 PM | Permalink

EPIC Appeals Decision Allowing FAA Drone Committee to Operate in Secret

EPIC has appealed a lower court decision allowing the FAA's Drone Advisory Committee to conduct much of its work in secret. EPIC filed suit last year against the industry-dominated Committee, which has consistently ignored the privacy risks posed by the deployment of drones—even after identifying privacy as a top public concern. As a result of EPIC's lawsuit, the Committee was forced to disclose hundreds of pages of records that it unlawfully withheld. But the lower court ruled that the Committee did not need to disclose records from its secretive subcommittees, where many drone policy recommendations were developed. EPIC will now challenge that ruling before the U.S. Court of Appeals for the D.C. Circuit. The case is EPIC v. Drone Advisory Committee, No. 18-833 (D.D.C.).

Tags:

Posted by EPIC on September 4, 2019 4:41 PM | Permalink

Federal Court Rules FBI Watchlist Unconstitutional

A federal court has ruled that the "suspected terrorist" watchlist used by the FBI and Department of Homeland Security is unconstitutional. Judge Anthony J. Trenga held that the watchlist "imposes a substantial burden on Plaintiffs' exercise of their rights to international travel and domestic air travel" and "fails to provide constitutionally sufficient procedural due process." In 2011, documents obtained by EPIC under the Freedom of Information Act revealed the FBI's standards for adding and removing names from the watchlist and showed that individuals may remain on the FBI watch list even if charges are dropped or a case is dismissed. In 2018, EPIC obtained key records about Secure Flight, a Transportation Security Administration program that compares airline passenger records with various government watchlists. EPIC has long campaigned against the use of secret watchlists.

Tags:

Posted by EPIC on September 5, 2019 10:30 AM | Permalink

EPIC Joins BanFacialRecognition Campaign

EPIC joined over 30 organizations calling for lawmakers to ban the government use of facial recognition technology. EPIC has long urged greater scrutiny of facial recognition. In 2016, EPIC led a coalition of 45 organizations calling for Congress to investigate the FBI's facial recognition program. Documents obtained by EPIC in 2017 showed that the Customs and Border Protection system failed to perform at a "satisfactory" level. In comments to CBP and statements to Congress, EPIC has recommended the suspension of facial recognition for identification at the border. Earlier this year, EPIC and others urged lawmakers to halt the use of face recognition technology on the general public. The coalition letter stated, "the use of face recognition technology...poses serious risks to privacy and civil liberties, threatens immigrants, broadly impacts American citizens, and has been implemented without proper safeguards in place or explicit Congressional approval."

Tags:

Facial Recognition

Posted by EPIC on September 5, 2019 12:00 PM | Permalink

Senator Markey Presses Amazon on Ring Police Surveillance Deal

In a letter to Amazon CEO Jeff Bezos, Senator Ed Markey pressed the company to provide details about Amazon's deal with police departments for police access to the video footage from the company's Ring doorbells. Senator Markey wrote "the integration of Ring's network of cameras with law enforcement offices could easily create a surveillance network that places dangerous burdens on people of color and feeds racial anxieties in local communities." Senator Markey sought information about Amazon's plan to add facial recognition to the doorbell cameras, noting that "facial recognition technology disproportionately misidentifies African Americans and Latinos." In comments to federal law enforcement agencies and statements to Congress, EPIC has repeatedly warned of the dangers posed by facial recognition technology. Several years ago, EPIC urged the FTC to establish a moratorium on the commercial use of facial recognition technology until adequate privacy safeguards were established.

Tags:

Facial Recognition

Posted by EPIC on September 5, 2019 6:00 PM | Permalink

In Amicus Brief, EPIC Urges Supreme Court to Limit Traffic Stops Based Solely on Owner's License Status

EPIC has submitted an amicus brief in Kansas v. Glover, urging the Supreme Court to limit traffic stops based solely on the status of the registered owner. EPIC warned that permitting police stops based on this factor, when combined with Automated License Plate Readers, would "dramatically alter police practices" and "unfairly burden disadvantaged communities." EPIC provided empirical data for the Court which indicate that ALPRs are more widely used in disadvantaged communities and also that car sharing is more prevalent in these communities. The Supreme Court has previously expanded Fourth Amendment protections for new technologies, such as GPS tracking devices, (US v. Jones), cell phones (Riley v. California), and location data (Carpenter v. United States), in response to evolving policing techniques. EPIC recommended that the Court do the same in this case. EPIC routinely files amicus briefs in cases before federal and state courts concerning emerging privacy issues.

Tags:

Posted by EPIC on September 6, 2019 9:33 AM | Permalink

EPIC Report Finds Privacy Bills in Congress Lacking Basic Elements

EPIC has released a detailed analysis of the privacy bills in Congress. According to EPIC, Senator Ed Markey's Privacy Bill of Rights ranks #1. EPIC's report — Grading on a Curve: Privacy Legislation in the 116th Congress -- reviews recent developments, sets out a model bill, and assesses pending legislation. The EPIC Report finds that many of the bills in Congress lack the basic elements of a privacy law, such as an opportunity for individuals to enforce their rights. The EPIC report strongly recommends creation of a federal data protection agency. EPIC President Marc Rotenberg said, "There are shortcomings with all of the bills, but Senator Markey's is clearly the best." [Press Release]

Tags:

data protection

Posted by EPIC on September 9, 2019 12:30 PM | Permalink

Top European Court to Review National Data Retention Laws

Today, the Court of Justice for the European Union will hear challenges to the data retention laws of the UK, Belgium, and France. The Court previously invalidated European and national data retention laws that required companies to retain communications data for law enforcement purposes. The Court said the laws were a "particularly serious" interference with the right to privacy. The new challenges, brought by civil society organizations, contend that European national laws fail to comply with the earlier rulings. EPIC recently urged the FCC to repeal a similar regulation that requires the retention of US telephone records, following an earlier petition to the agency. When the FCC docketed the EPIC petition for public comment, every comment received supported an end to the data retention regulation.

Tags:

Posted by EPIC on September 9, 2019 2:40 PM | Permalink

Federal Appeals Court Says LinkedIn Must Allow "Scraping" of Personal Data

A federal appeals court has ruled that LinkedIn must allow hiQ, a data analytics firm, to scrape user data from public profiles—at least, for now. The appeals court found that "hiQ's interest in continuing its business" outweighed users' privacy interests in their profile information. EPIC filed an amicus brief in the case. In 2017, a lower court permitted hiQ access to the user data of LinkedIn users. EPIC argued that "the lower court has undermined the fiduciary relationship between LinkedIn and its users." EPIC also said the order is "contrary to the interests of individual LinkedIn users" and contrary to the public interest "because it undermines the principles of modern privacy and data protection law." Siding with neither party, EPIC urged reversal to protect online privacy. EPIC routinely participates as amicus curiae in cases concerning consumer privacy.

Tags:

Posted by EPIC on September 9, 2019 4:05 PM | Permalink

State Department Seeks Comment on UK Privacy Protections for CLOUD Act Certification

The State Department is seeking comment on certification of the UK for a CLOUD Act agreement. The CLOUD Act permits the U.S. to enter into "executive agreements" that allow foreign authorities to order production of communications content stored in the U.S. without obtaining a warrant. To form an agreement, the Attorney General must certify to Congress that the country's domestic law "affords robust substantive and procedural protections for privacy and civil liberties in light of the data collection and activities of the foreign government." The State Department is required to take into account expert input for the certification and is seeking comments on the rule of law in the UK, protection of human rights, and other factors listed for consideration in the CLOUD Act Section 105(b)(1)(B)(i-vi). Comments must be submitted via email to IFBHR@state.gov by Friday, September 13th. Earlier this year, EPIC International Counsel Eleni Kyriakides argued in the European Data Protection Law Review that the CLOUD Act fails to include key human rights protections, such as notice, judicial authorization, and transparency.

Tags:

CLOUD Act

Posted by EPIC on September 9, 2019 5:10 PM | Permalink

As Senate "Tech Task Force" Meets Again Behind Closed Doors, EPIC Presses for Investigation

EPIC has again written to the Senate Rules Committee regarding the closed-door meetings of a Senate "Tech Task Force." EPIC said that the closed-door meetings violate the Senate Rules of Procedure. As EPIC explained, "the Senate Rules of Procedure establish a strong presumption that meetings of the Senate shall be open to the public." EPIC, the Center for Digital Democracy, and the Consumer Federation of America previously asked the Rules Committee to begin an investigation, make a determination, and then require Tech Task meetings be held in accordance with the Senate Rules. The groups said "Open meetings, public notice, and hearing records are central to the integrity of the United States Senate."

Posted by EPIC on September 12, 2019 12:55 PM | Permalink

EPIC Advisory Board Member Anne Washington Testifies Before Congress

EPIC Advisory Board Member Professor Anne Washington today testified at a hearing on "The Future of Identity in Financial Services: Threats, Challenges, and Opportunities." Professor Washington said "Ignoring AI exceptions in financial services risks excluding many in our society because they are outliers from expectations...By baking privacy, security, and usability into the design of our AI systems, we can build a more responsible and ethical data environment." EPIC supports algorithmic transparency which would reduce bias and help ensure fairness in automated decisionmaking. EPIC proposed the Universal Guidelines for Artificial Intelligence as the basis for federal legislation. The Universal Guidelines have been endorsed by more than 250 experts and 60 organizations in 40 countries. EPIC has recently published the "AI Policy Sourcebook," containing the Universal Guidelines and other AI policy framework.

Tags:

Posted by EPIC on September 12, 2019 4:50 PM | Permalink

Privacy Emphasized in White House AI Budget Request

The White House Budget for 2020 emphasizes privacy and ethics in AI Research and Development. The budget recommends "broad, multidisciplinary research in security and privacy," but actual funding levels remain unclear. In 1989, the Human Genome Project set aside 18 million dollars annually to examine Ethical, Legal, and Social Implications. Strategic priorities from the 2016 National Privacy Research Strategy will be carried forward. EPIC has recently published the "AI Policy Sourcebook," containing public policy frameworks for Artificial Intelligence.

Tags:

Posted by EPIC on September 12, 2019 5:55 PM | Permalink

EPIC, Coalition Call for NGO Role in Privacy Convention Oversight

EPIC, the Australian Privacy Foundation, and Privacy International submitted comments calling for a greater NGO role in oversight of the International Privacy Convention. The Council of Europe Convention 108+ is the first and only binding international legal instrument for data protection. Updated in 2018, the Modernized Convention includes new articles on biometric data and algorithmic transparency, and enhanced compliance with convention terms. The coalition comments urge the Council of Europe to include NGOs in compliance review groups, increase transparency of the review process, and to evaluate national privacy remedies and derogations from the Convention. EPIC and consumer groups have also long urged the United States to ratify the international Privacy Convention.

Tags:

International Convention for Privacy Protection

Posted by EPIC on September 13, 2019 9:25 AM | Permalink

California to Ban Police Body Cameras with Facial Recognition

California Governor Gavin Newsom is expected to sign legislation —The Body Camera Accountability Act- to ban the use of facial-recognition technology in law enforcement body cameras. Assembly Member Phil Ting (D), who wrote the bill, told the Washington Post "Body cameras have been used as a tool to build trust between communities and law enforcement and to provide more transparency. Putting facial recognition software into those body cameras helps destroy that trust. It turns a tool of transparency and openness into a tool of 24-hour surveillance." EPIC had long warned lawmakers about police-worn body cameras and facial recognition. In a 2015 statement for the Senate, EPIC explained that "the use of facial recognition technology by law enforcement agencies is expanding within the United States without proper oversight or input from the public." In a related commentary, EPIC Domestic Surveillance Counsel Jeramie Scott wrote, "Police body cameras may help improve police relations with the public, but steps must also be taken to ensure that concerns about privacy are addressed. As body cameras increase, we must guard against expanding their use and remain focused on true police accountability." EPIC's State Policy Project tracks privacy developments in the states.

Tags:

Posted by EPIC on September 13, 2019 10:27 AM | Permalink

EPIC Urges Rules Committee to Clarify Position on Closed Door Hearings

EPIC has again written to the Senate Rules Committee regarding the meetings of a Senate "Tech Task Force," following a news item which suggested that the Rules Committee approved closed-door hearings. EPIC had called for an investigation into the meetings in the Senate Judiciary Committee hearing room, which were closed to the public and press, lacked public notice, and produced no written record. According to the POLITICO story, an unnamed staff person told a reporter that they had decided the Task Force was not subject to the open meeting requirement. EPIC was never notified of any decision. "This saga increasingly resembles a Kafka short story," EPIC wrote. EPIC has requested a written response to its requests for investigation and also wrote "we fully intend to pursue this issue until there is a favorable resolution."

Posted by EPIC on September 13, 2019 4:40 PM | Permalink

D.C. Metro Wants to Track Riders for Advertising Revenue

The D.C. Metro is proposing to track the cellphones of D.C. metro riders, with a network of sensors to detect Wi-Fi and Bluetooth connections. "WMATA has already begun to develop a network of digital display units and seeks to expand that network through digital place-based and location-based devices and programs," the Metro contracting document stated. After 9-11. EPIC led the Observing Surveillance campaign to limit the use of surveillance cameras in DC against residents and visitors. EPIC is pursuing a lawsuit against AccuWeather alleging that the company engaged in unlawful and deceptive practices in tracking consumers' locations in violation of the D.C. Consumer Protection Procedures Act.

Tags:

Posted by EPIC on September 16, 2019 1:25 PM | Permalink

Google Seeks to Establish Facial Recognition in Homes

With opposition growing to facial recognition, Google has decided instead to build facial recognition into Nest Hub Max, an "always on" device intended for use in the home. Google's "face match" constantly targets the facial images of each person in the household. Any interaction with the Google device is added to the secret user profile Google maintains for ad targeting. In 2014, EPIC filed a complaint with the FTC and said the "Commission clearly failed to address the significant privacy concerns presented in the Google acquisition of Nest," a related device that enabled surveillance in the home. EPIC later asked the Federal Trade Commission to require Google to spin-off Nest and to disgorge the data obtained from Nest users. A 2017 complaint to the Consumer Product Safety Commission from EPIC and consumer organizations pointed out that the "touchpad on the Google device is permanently set to 'on' so that it records all conversations without a consumer's knowledge or consent."

Tags:

Posted by EPIC on September 16, 2019 2:30 PM | Permalink

D.C. Circuit Won't Fix Deeply Flawed Ruling in EPIC's Census Privacy Case

The D.C. Circuit has refused to void an earlier ruling in EPIC v. Commerce, EPIC's suit to halt the collection of citizenship data in the 2020 Census due to the government's failure to complete required privacy impact assessments. Under the E-Government Act, federal agencies must make privacy impact assessments "publicly available" before undertaking a new collection of personal data. Yet a three-judge panel of the D.C. Circuit ruled that the statute does not "vest a general right of information in the public" that would allow EPIC—one of the leading privacy organizations in the country—to obtain information about the government's data collection practices. EPIC asked the full D.C. Circuit to take the rare step of revisiting the panel's decision, but the court declined. The case is eligible for appeal to the Supreme Court, which blocked the citizenship question from being added to the 2020 Census in June. EPIC's case is EPIC v. Commerce, No. 19-5031 (D.C. Cir.).

Tags:

epic v. Commerce

Posted by EPIC on September 16, 2019 2:45 PM | Permalink

EPIC Urges Antitrust Agencies to Unwind Bad Mergers

In a statement to the Senate Judiciary Committee, EPIC urged lawmakers to press the FTC and the Department of Justice on Enforcement of the Antitrust Laws. EPIC wrote that "companies that protect user privacy are being absorbed by companies that do not protect privacy." EPIC pointed to the Facebook-WhatsApp deal and the failure of the FTC to protect the personal data of WhatsApp users after the merger. EPIC previously testified before the Senate Judiciary Committee about mergers in the online advertising industry after EPIC told the FTC that Google's acquisition of DoubleClick would diminish privacy and stifle innovation. EPIC also warned that Google's acquisition of YouTube would skew search results. EPIC, Color of Change, and the Open Markets Institute urged the FTC to require Facebook to spin-off WhatsApp and Instagram as part of the recent enforcement action. The FTC failed to do so.

Tags:

Posted by EPIC on September 16, 2019 4:20 PM | Permalink

EPIC Renews Request for Information About National AI Commission

EPIC has renewed its request with the National Security Commission on Artificial Intelligence for records and access to Commission meetings. Created by Congress in 2018, the AI Commission is tasked with considering "the methods and means necessary to advance the development of" AI to address national security and defense needs. But the Commission has operated almost entirely in secret, unlawfully refusing to publish any meeting notices or to allow any public participation. The Commission is dominated by representatives of large tech firms, including Google and Microsoft. EPIC previously requested records about the AI Commission and has urged Congress to ensure that the Commission operates transparently.

Tags:

Posted by EPIC on September 16, 2019 4:30 PM | Permalink

EPIC Publishes First Reference Book on AI Policy

EPIC has published "The EPIC AI Policy Sourcebook 2019." The EPIC collection is the first compendium of AI policy, providing essential information to policy makers, researchers, journalists, and the public. The EPIC Sourcebook includes global AI frameworks such as the OECD AI Principles and the Universal Guidelines for AI, as well as materials from the EU, Council of Europe, national AI initiatives and professional societies IEEE and ACM. The Sourcebook also includes an extensive resources section on AI, including organizations, reports, articles, and books from around the world. "Required reading for a necessary conversation," Sherry Turkle. The EPIC AI Policy Sourcebook is now available in the EPIC Bookstore.

Tags:

Posted by EPIC on September 17, 2019 6:00 PM | Permalink

EPIC to Congress: Do Not Renew Section 215 Surveillance Program

In advance of a hearing on the Foreign Intelligence Surveillance Act, EPIC has sent a statement to the House Judiciary Committee urging Congress to end the NSA's phone record collection program, known as "Section 215." Section 215 of the Patriot Act, according to White House legal advisors including now Supreme Court Justice Brett Kavanaugh, allowed the NSA to collect in bulk the telephone records of Americans. In 2013, following the Snowden disclosures, EPIC filed a petition with the Supreme Court, challenging the lawfulness of Section 215. Congress found the 215 program was ineffective and passed the USA Freedom Act to limit data collection. NSA has since acknowledged significant compliance problems with the reformed program, and the Director of National Intelligence confirmed that the limited collection program was suspended. Section 215 will sunset unless Congress chooses to renew the program.

Tags:

Posted by EPIC on September 18, 2019 2:10 PM | Permalink

Access Now Calls for Privacy Shield to be Struck Down

Access Now has called on the European Commission to strike down the EU-U.S. Privacy Shield, a framework that permits the transfer of Europeans' personal data to the U.S. In comments to the Commission, Access Now wrote "the Privacy Shield has manifestly failed to meet the standards set by EU law from inception to today." The comments cite the limited redress provided by the Privacy Shield Ombudsperson, increased U.S. border surveillance, and the Cambridge Analytica scandal among the shortcomings in US privacy protection. EPIC's earlier comments on the Privacy Shield highlighted the failure of the U.S. to curtail surveillance authorities, the absence of a comprehensive privacy law and a data protection agency. Next month the European Commission will decide whether to renew the pact.

Tags:

Privacy Shield

Posted by EPIC on September 18, 2019 2:20 PM | Permalink

EPIC Advises CFPB to Reform Debt Collector Practices

Today EPIC submitted comments to the Consumer Financial Protection Bureau on the agency's proposed amendment to the Fair Debt Collection Practices Act. EPIC recommended that the CFPB: (1) clarify the definition of debt collector, (2) impose limitations on quantities of texts and emails, (3) not provide a safe harbor for debt collectors through limited-content messages, (4) impose liability for third-party disclosures by email or text, (5) require debt collector to offer a streamlined process for opt-out on any given medium, (6) limit the consumer information that can be included in debt validation notices, and (7) require debt collectors to comply with E-Sign Act consent requirements. EPIC previously advised CFPB on debt collector practices and the agency's publication of consumer narratives in the public complaint database.

Tags:

Posted by EPIC on September 18, 2019 3:25 PM | Permalink

EPIC to FTC: Strengthen Unrollme Order

In comments to the FTC on a proposed consent agreement with Unrollme, EPIC recommended requiring Unrollme to notify users of past deceptive practices and to obtain reauthorization from users before using personal data. According to the settlement with the FTC, Unrollme deceived users as to the privacy protections for personal emails. EPIC also respond to the Separate Statement of Commissioner Noah Phillips, warning that "continued support for 'Notice and choice' will only contribute to further erosion of privacy protection for American consumers." EPIC also suggested "if the Commissioner is genuinely concerned about restoring consumer choice and competition for Internet services, then unwinding the Facebook-WhatsApp merger, as EPIC has repeatedly urged, would be a good place to start." Agency regulations require the FTC to consider public comments before finalizing a proposed consent order.

Posted by EPIC on September 19, 2019 2:15 PM | Permalink

Secret AI Policy Meetings Continue

The National Security Commission on Artificial Intelligence is holding yet another closed-door meeting today—at least the fourth such meeting in the Commission's short existence. Created by Congress in 2018, the AI Commission is tasked with considering "the methods and means necessary to advance the development of" AI to address national security and defense needs. But the Commission has operated almost entirely in secret, unlawfully refusing to publish any meeting notices or to allow any public participation. Last week, EPIC renewed its request to access Commission records and meetings. The Commission is dominated by representatives of large tech firms, including Google and Microsoft. EPIC has urged Congress to ensure that the Commission operates transparently.

Tags:

Posted by EPIC on September 19, 2019 5:30 PM | Permalink

EPIC Obtains New Documents in Mueller Case

EPIC has obtained new documents concerning Robert Mueller's investigation into Russian interference in the 2016 election. The records were released in EPIC v. Department of Justice, EPIC's case for the release of the Mueller Report and related documents. The documents consist of previously undisclosed emails between Mueller's office and the Justice Department concerning the Special Counsel's budget. EPIC recently argued in court for the release of the complete and unredacted Mueller Report. A ruling in the case is expected this fall. The book "EPIC v. DOJ: The Mueller Report" is available for purchase at the EPIC Bookstore.

Tags:

Posted by EPIC on September 19, 2019 5:59 PM | Permalink

EPIC Uncovers 3,156 More Facebook Complaints at FTC—Over 29,000 Now Pending

Through a Freedom of Information Act Request, EPIC has obtained thousands of new consumer complaints (part 1, part 2)against Facebook. The most recent documents, released to EPIC, follow the Commission’s proposed $5 b settlement in July. Among the complaints uncovered by EPIC are those from consumer groups and members of Congress. EPIC also obtained records of new complaints in the FTC’s Consumer Sentinel database. EPIC earlier uncovered 26,000 complaints against Facebook since the announcement of the 2011 consent order. EPIC is formally challenging the proposed settlement with Facebook, charging that the Commission has failed to investigate thousands of complaints against the company.

Tags:

Posted by Caitriona Fitzgerald on September 22, 2019 3:17 PM | Permalink

EPIC Opposes Nomination of Marshall Billingslea for Top Human Rights Position

In a EPIC statement to the Senate Foreign Relations Committee, EPIC has urged the U.S. Senate to reject the nomination of Marshall Billingslea for Under Secretary of State for Civilian Security, Democracy, and Human Rights. "This is a critical position in the U.S. government for human rights and should be filled by a person with a deep regard for international law and fundamental rights, such as a constitutional scholar. Mr. Billingslea simply lacks the necessary qualifications for this post," EPIC said. EPIC also said that the US should ratify the International Privacy Convention. The Council of Europe Convention 108+ is the first and only binding international legal instrument for data protection. Updated in 2018, the Modernized Convention includes new provisions on biometric data and algorithmic transparency.

Posted by EPIC on September 23, 2019 11:00 AM | Permalink

Bill Introduced to Regulate Forensic Algorithms

U.S. Rep. Mark Takano (D-CA 41) has introduced the "Justice in Forensic Algorithms Act of 2019." The Act would create federal standards for the development and use of forensic algorithms as well as prohibit the use of trade secrets privileges to prevent defense access to evidence in criminal proceedings. The Computational Forensic Algorithm Standards include considerations of bias, accuracy, precision, and reproducibility, and makes "publicly available documentation by developers of computational forensic software of the purpose and function of the software, the development process, including source and description of training data, and internal testing methodology and results, including source and description of testing data." Earlier this year, Iowa passed a law regarding pre-trial risk assessment algorithms. EPIC has advocated for Algorithmic Transparency across all applications and urges the use of the Universal Guidelines for Artificial Intelligence to guide AI regulation. A new publication from EPIC — the AI Policy Sourcebook — includes major policy frameworks for artificial intelligence.

Tags:

Posted by EPIC on September 23, 2019 6:10 PM | Permalink

EPIC Renews Call for Antitrust Agencies to Unwind Bad Mergers

In a second statement to the Senate Judiciary Committee, EPIC urged lawmakers to unwind bad mergers such as Facebook's acquisition of WhatsApp and Google's acquisition of YouTube and Nest. EPIC wrote that "companies that protect user privacy are being absorbed by companies that do not protect privacy." EPIC pointed to the Facebook-WhatsApp deal and the failure of the FTC to protect the personal data of WhatsApp users after the merger. EPIC previously testified before the Senate Judiciary Committee about mergers in the online advertising industry after EPIC told the FTC that Google's acquisition of DoubleClick would diminish privacy and stifle innovation. EPIC also warned that Google's acquisition of YouTube would skew search results. EPIC, Color of Change, and the Open Markets Institute urged the FTC to require Facebook to spin-off WhatsApp and Instagram as part of the recent enforcement action. The FTC failed to do so.

Tags:

Posted by EPIC on September 23, 2019 6:20 PM | Permalink

Google Wins Global Delisting Case at European High Court, But Paragraph 72

In Google v. CNIL, the Court of Justice for the European Union ruled Google is not required to apply Europeans' requests to de-reference search results globally. The case follows an earlier ruling in Google v. Spain that Europeans have a right to remove links to their personal data in Google search results - the "Right to Be Forgotten." In the most recent case, the Court ruled that "currently there is no obligation under EU law, for a search engine operator...to carry out such a de-referencing on all the versions of its search engine." However, the Court also said that the search operator must "take sufficiently effective measures" to prevent searches for deferenced information from within the EU with a search engine outside of the EU. The Court also stated, in paragraph 72, that national authorities, in some circumstances, could require global delisting. EPIC supported the CNIL's approach contending that "commercial search firms should remove links to private information when asked." EPIC published "The Right to be Forgotten on the Internet: Google v. Spain" an account of the original case by former Spanish Privacy Commissioner Artemi Rallo.

Tags:

Posted by EPIC on September 25, 2019 9:35 AM | Permalink

EPIC to Congress: 29,000 Facebook Complaints Pending at FTC

In advance of an FTC oversight hearing, EPIC told the House Appropriations Committee that more than 29,000 complaints against Facebook are now pending at the Federal Trade Commission. EPIC obtained documents last week revealing 3,000 new complaints against Facebook since the Commission proposed the $5 b settlement with Facebook two months ago. EPIC's Freedom of Information Act Request had previously found 26,000 complaints pending against the social media giant. "The FTC is simply ignoring thousands of consumer privacy complaints about Facebook's ongoing business practices," EPIC said to the Committee. EPIC is formally challenging the proposed settlement with Facebook, charging that the Commission has failed to investigate thousands of complaints against the company. EPIC urged the Committee to support the creation of a U.S. Data Protection Agency, saying "The Federal Trade Commission may help consumers with broken toasters, but the FTC is not an effective data protection agency."

Tags:

Facebook
FTC

Posted by EPIC on September 25, 2019 11:45 AM | Permalink

EPIC’s Danielle Citron Wins MacArthur Award

The MacArthur Foundation has selected EPIC Board Member and former EPIC Board Chair, Danielle Citron for the prestigious MacArthur Fellowship. Recipients of the MacArthur Fellowship must show exceptional creativity, promise for important future advances based on a track record of significant accomplishments, and potential for the Fellowship to facilitate subsequent creative work. Professor Citron’s research has focused on cyber harassment and hate crimes. In a recent TED talk, Citron discussed Deepfakes - a technique using artificial intelligence and superimposed images to create malicious video and hoaxes, and the long-term reputational impact for victims. Her work has been featured in The New York Times, The Atlantic, Slate, The Guardian, and TIME. Danielle Citron is the author of Hate Crimes in Cyberspace (HUP 2014), available at the EPIC Bookstore. The MacArthur Foundation wrote that Danielle Citron is "a legal scholar addressing the scourge of cyber harassment by raising awareness of the toll it takes on victims and proposing reforms to combat the most extreme forms of online abuse.”

Posted by Candace Paul on September 25, 2019 4:31 PM | Permalink

EPIC Joins Consumer Groups in Amicus Brief on Illegal Text Messages

EPIC has joined an amicus brief, led by the National Consumer Law Center, urging a federal appellate court to rehear a case about whether a consumer can sue a company for sending an illegal text message. A panel of the court recently decided that consumers cannot sue companies that send one text message in violation of the Telephone Consumer Protection Act. The consumer brief states that the decision “opens the floodgates to mass text messaging, a result that is contrary to the plain language of the statue and Congress’s intent.” EPIC routinely files amicus briefs supporting consumers’ right in privacy cases. EPIC has filed several amicus briefs about the Telephone Consumer Protection Act.

Posted by Candace Paul on September 26, 2019 1:33 PM | Permalink

Top European Court Elaborates on Right to Be Forgotten for Sensitive Data

In G.C. and Others v. CNIL the Court of Justice for the European Union has ruled a search engine operator must balance rights to determine whether to remove sensitive data - such as racial or ethnic origin, political opinions, religious or philosophical beliefs - from search results. Users brought suit against the CNIL after the French DPA declined to order Google to delist their sensitive data. The European Court ruled that a search engine operator which receives a request to de-list sensitive data must weigh the requester’s rights of privacy and data protection against the rights to freedom of information of internet users. EPIC publication “The Right to be Forgotten on the Internet: Google v. Spain,” an account of the original case written by former Spanish Privacy Commissioner Artemi Rallo, is available in the EPIC bookstore.

Posted by Candace Paul on September 26, 2019 2:43 PM | Permalink

EPIC to Congress: Improve Public Access to Court Decisions

For a hearing on “Ensuring the Public’s Right of Access to the Courts,” EPIC told the House Judiciary Committee that "in the digital age, access to court decisions is a critical component of the public’s right of access to the courts." EPIC has worked for many years to promote online access to judicial opinions, urging the federal government to make legal materials freely available on agency websites. "The public’s constitutional and common law rights of access to the law are fundamental to a society governed by the rule of law," EPIC said. EPIC also cited the work of the Internet Archive, which has worked to "promote universal access to all knowledge.” EPIC noted, "Today the Internet Archive is one of the largest libraries in the world, harnessing the power of the Internet to make information freely available."

Posted by Candace Paul on September 26, 2019 5:35 PM | Permalink

EPIC Challenges Closed Door Meetings of US AI Commission

EPIC has filed an open government lawsuit against the National Security Commission on Artificial Intelligence, following the Commission’s repeated failure to make its records and meetings open to the public. Created by Congress in 2018, the AI Commission is tasked with considering "the methods and means necessary to advance the development of" AI in the United States. EPIC filed multiple requests for access to Commission meetings and records. But the Commission has operated almost entirely in secret, even as it prepares to submit recommendations to Congress and the President. “Public access to the records and meetings of the AI Commission is vital to ensure government transparency and democratic accountability.” The Commission is chaired by former Google CEO Eric Schmidt and dominated by representatives of large tech firms, including Microsoft, Amazon, and Oracle. The case is EPIC v. AI Commission, No. 19-2906 (D.D.C.).

Tags:

AI Commission

Posted by Candace Paul on September 27, 2019 10:26 AM | Permalink