« September 2019 | Main | November 2019 »

October 2019 Archives

October 1, 2019

Top European Court Rules Companies Must Obtain Active User Consent to Cookies

The Court of Justice for the European Union has ruled that under EU law companies must obtain active, specific consent from users to store persistent identifiers, or “cookies," on the user's device. In Planet49, the Court ruled that a pre-checked box does not constitute consent. The case was brought by the German Federation of Consumer Organisations. The European high court also ruled that companies must inform users about the duration of the cookie and whether data will be transferred to third parties. EPIC made a similar argument about consent in the first US case concerning cookies, contending that US federal wiretap law requires companies to obtain explicit consent from users for tracking.

Posted by Candace Paul on October 1, 2019 11:28 AM |

EPIC to Massachusetts Legislature: Establish AI Commission

EPIC Policy Director Caitriona Fitzgerald testified today before the Massachusetts Legislature in support of proposals to establish a state Commission to examine the use of “automated decision systems.” Under H2701 and S1876 a Commission will make recommendations to ensure the state’s use of algorithms is fair and transparent. EPIC supports algorithmic transparency and opposed systemic bias in "risk assessment" tools used in the criminal justice system. EPIC has filed Freedom of Information lawsuits to obtain information about "predictive policing" and "future crime prediction" algorithms. EPIC President Marc Rotenberg has called for laws that mandate algorithmic transparency and prohibit automated decision-making that results in discrimination.

Posted by Candace Paul on October 1, 2019 12:29 PM |

Court: Ruling in EPIC's Mueller Report Case Expected in 30 Days

Judge Reggie B. Walton said Tuesday that he expects to make a ruling within 30 days in EPIC’s case for the release of the complete Mueller Report. The statement came during a hearing on EPIC’s lawsuit and a related case brought by CNN. EPIC brought the first suit in the nation for the release of the unredacted Mueller Report and argued for its release in August. Judge Walton also criticized the Department of Justice for the agency’s slow processing of requests for Special Counsel records, saying that the purpose of the FOIA has been “totally undermined by a lack of resources.” EPIC’s case is EPIC v. DOJ, No. 19-810 (D.D.C.). The book EPIC v. DOJ: The Mueller Report is available for purchase at the EPIC Bookstore.

Posted by Candace Paul on October 1, 2019 1:39 PM |

Court Schedules Hearing in EPIC Transparency Suit Against AI Commission

A federal court in Washington, DC has scheduled a Wednesday, October 16 hearing in EPIC v. AI Commission, EPIC’s lawsuit to open the records and meetings of the National Commission on Artificial Intelligence. Judge Trevor N. McFadden also ordered the AI Commission to respond to EPIC’s motion for a preliminary injunction by Tuesday, October 8. EPIC filed the lawsuit after the Commission failed to provide EPIC access to its meetings and records, operating in near-total secrecy for six months. The Commission is chaired by former Google CEO Eric Schmidt and dominated by representatives of large tech firms, including Microsoft, Amazon, and Oracle. The case is EPIC v. AI Commission, No. 19-2906 (D.D.C.).

Posted by Candace Paul on October 1, 2019 5:56 PM |

October 3, 2019

EPIC Provides U.S. Report for Privacy Experts Meeting

EPIC has provided a comprehensive report on the latest developments in U.S. privacy law and policy for the 66th meeting of the International Working Group on Data Protection, to be held in Brussels. The International Working Group includes data protection authorities and experts from around the world who review emerging privacy challenges, such as location tracking, DNA collection, and face recognition. The EPIC Fall 2019 report details the debate over reauthorization of the NSA call record collection program, EPIC's ranking of consumer privacy proposals, the FTC Facebook and YouTube settlements, and more. In April 2017, EPIC hosted the 61st meeting of the IWG in Washington, D.C. at the Goethe-Institut, Germany's cultural institute.

Posted by Candace Paul on October 3, 2019 11:18 AM |

EPIC Assesses US Privacy for United Nations Periodic Review

EPIC has submitted an assessment of privacy rights and surveillance practices in the US to the UN Human Rights Council for the periodic review of US compliance with international human rights standard. After the last periodic review, the UN strongly recommended the US implement private sector and government privacy safeguards. However, EPIC told the Rights Council that the US still "lacks meaningful privacy enforcement, a comprehensive data privacy law, and has failed to curtail mass surveillance of U.S. and non-U.S. persons." EPIC also submitted a comprehensive EPIC report drafted for data protection experts from around the world. EPIC’s earlier comments for a separate UN review were incorporated by the UN Human Rights Committee.

Posted by Candace Paul on October 3, 2019 3:34 PM |

Top European Court Rules Global Takedown of Defamatory Content Permissible

The Court of Justice for the European Union has ruled that member states may order internet providers to remove globally content found to be defamatory. In Eva Glawischnig-Piesczek v Facebook Ireland, the Court ruled that the e-Commerce directive does not prohibit orders to remove content from all domains globally that is identical or equivalent to content found to be defamatory. However, Court said Member States must ensure measures "which produce effects worldwide take due account" of internet rules on an international level. The EPIC 2018 Privacy Law Sourcebook, a comprehensive overview of privacy laws in the US and around the world, is available in the EPIC bookstore.

Posted by Candace Paul on October 3, 2019 4:44 PM |

D.C. Attorney General Racine Speaks at EPIC

EPIC hosted D.C. Attorney General Karl Racine for a meeting with the Privacy Coalition. General Racine discussed his office’s initiatives on privacy, algorithmic discrimination, and antitrust. Last year, the Attorney General sued Facebook under the D.C. Consumer Protection Procedures Act for the mishandling of user data that led to Cambridge Analytica breach. And General Racine joined with others AGs investigating Google for anti-competitive conduct. EPIC has filed a Consumer Protection Procedures Act lawsuit against AccuWeather, challenging the misuse of personal data of D.C. residents. EPIC also recently filed an amicus brief in support of the plaintiffs in Attias v. CareFirst, Inc, a data breach that allowed hackers to obtain 1.1 million customer records from D.C.'s largest health insurer.

Posted by Candace Paul on October 3, 2019 5:30 PM |

US and UK Sign Law Enforcement Data Access Agreement

The US and UK have signed a CLOUD Act "executive agreement,” permitting cross-border access, by law enforcement agencies, to personal communications without a warrant.The agreement will enter into force within 180 days if Congress does not pass a resolution of disapproval. To form the agreement, the Attorney General must certify to Congress that the country's domestic law "affords robust substantive and procedural protections for privacy and civil liberties.” Privacy rights organizations in the UK have challenged the adequacy of legal protections for communications data. EPIC has also argued in the European Data Protection Law review that the CLOUD Act fails to include key human rights protections, such as notice, judicial authorization, and transparency EPIC submitted an amicus brief in the related Supreme Court case United States v. Microsoft, pointing to fundamental rights obligations for cross-border access to personal data, and published "Digital Free for All Part Deux: European Commission Proposal on E-Evidence" in Just Security.

Posted by Candace Paul on October 3, 2019 5:54 PM |

October 4, 2019

EPIC Joins Effort to Safeguard Federal Advisory Committees

EPIC has joined over 75 organizations urging the Administration to rescind the recent Executive Order on Federal Advisory Committees. The executive order would require the elimination of one-third of existing advisory committees. The coalition letter explains that federal advisory committees enable public participation and help hold federal agencies accountable. The groups wanted that the arbitrary elimination of advisory committees will result in fewer opportunities for the public to participate in agency decision making. EPIC recently filed an open government lawsuit against the National Commission on Artificial Intelligence to ensure that the Commission complies with advisory commission requirements. Around the time EPIC filed its lawsuit, the Commission announced a public conference and opened a Twitter account. The case is EPIC v. AI Commission, no. 19-2906 (D.D.C).

Posted by Candace Paul on October 4, 2019 12:22 PM |

Senators Warn FTC Not to Weaken Children's Privacy Rules

Senators Edward J. Markey (D-Mass.), Richard Blumenthal (D-Conn.), Josh Hawley (R-Mo.), and Marsha Blackburn (R-Tenn.) wrote a letter to the FTC urging the Commission “to prioritize enhancing protections for kids, not advancing the interests of data collectors.” The Senators criticized the agency’s recent settlement with YouTube, saying “the monetary penalty provided almost no deterrence value at all and was not paired with sufficient structural injunctions to prevent future violations by Google.” The FTC is reviewing the Children’s Online Privacy Protection Act Rule and is seeking public comments. EPIC testified before Congress in support of the original children's privacy law and backed the 2013 regulations that updated the law.

Posted by Candace Paul on October 4, 2019 4:18 PM |

October 7, 2019

UK Releases US-UK CLOUD Act Agreement

The UK has released the text of the US-UK CLOUD Act Agreement. The agreement permits cross-border access to personal data without judicial approval, allows for law enforcement investigations under lower standards than in the U.S., and lacks notice to data subjects who are subject to surveillance. In testimony before the European Parliament, EPIC International Counsel Eleni Kyriakides argued that cross-border access to personal data should ensure robust human rights protections, such as notice, judicial authorization, and transparency.

Tags:

Posted by Caitriona Fitzgerald on October 7, 2019 5:53 PM |

Court Requires Trump to Disclose Tax Returns to Prosecutor

A federal judge in New York has ordered President Trump to turn over eight years of personal tax returns to the Manhattan district attorney. Judge Victor Marrero rejected the President's attempt to block a grand jury subpoena for the returns, holding that the President is not immune from state criminal prosecution. "The Court cannot square a vision of presidential immunity that would place the President above the law with the text of the Constitution," the court wrote. EPIC previously sought President Trump's tax returns in EPIC v. IRS, arguing that disclosure was necessary to correct numerous factual misstatements made by the President about his taxes. In EPIC v. IRS II, EPIC is seeking "offers-in-compromise" and related tax records of President Trump and his businesses.

Tags:

Posted by Caitriona Fitzgerald on October 7, 2019 5:55 PM |

October 8, 2019

Senate Report Confirms Russia Interfered in 2016 Election

The Russian government “sought to influence the 2016 U.S. presidential election” as part of a “broader, sophisticated, and ongoing information warfare campaign designed to sow discord in American politics and society,” according to a report from the Senate Intelligence Committee. The bipartisan report confirms earlier findings by the U.S. Intelligence Community, Special Counsel Robert Mueller, and the Intelligence Committee itself. In EPIC v. Department of Justice, EPIC is seeking the disclosure of the complete and unredacted Mueller Report, which would provide further information about Russian election interference. A ruling is expected in the case this month. The book EPIC v. DOJ: The Mueller Report is available for purchase at the EPIC Bookstore.

Tags:

Posted by Caitriona Fitzgerald on October 8, 2019 2:23 PM |

October 10, 2019

In Mueller Case, EPIC Obtains Memos About Suspected Agent of a Foreign Power

As a consequence of its Freedom of Information Act lawsuit, EPIC v DOJ, EPIC has obtained previously undisclosed memos from the Mueller investigation. One memo released to EPIC summarizes Mueller's investigation of a suspected “unregistered agent of a foreign government.” The memo was submitted one day after the Justice Department released a redacted version of the Mueller Report. The Special Counsel previously disclosed that it investigated Paul Manafort, Rick Gates, Michael Flynn, George Papadopoulos, and Carter Page as possible foreign agents. Additional documents will be forthcoming in EPIC’s open government case concerning Russian interference in the 2016 election. EPIC is also seeking the disclosure of the complete and unredacted Mueller Report in EPIC v. Department of Justice. The book EPIC v. DOJ: The Mueller Report is available for purchase at the EPIC Bookstore.

Posted by Candace Paul on October 10, 2019 1:35 PM |

California Attorney General Announces Rulemaking on California Privacy Law

The California Attorney General, Xavier Becerra, announced today a Notice of Proposed Rulemaking Action for the California Consumer Privacy Act. The proposed regulations will "establish procedures to facilitate consumers’ new rights under the CCPA and provide guidance to businesses for how to comply.” The California Attorney General held several public forums about the proposed regulations, and will hold four more public hearings to provide interested parties with an opportunity to comment. The deadline to submit written comments is December 6, 2019. A recent report from EPIC on privacy legislation in Congress notes that some lawmakers are seeking to preempt strong consumer privacy laws in states such as California.

Posted by Candace Paul on October 10, 2019 3:35 PM |

New Documents from Surveillance Court Reveal FBI Violated the Law When It Searched Americans’ Communications

This week the Director of National Intelligence declassified several opinions from the Foreign Intelligence Surveillance Court and Court of Review concerning Section 702 of the FISA. The courts determined that the FBI violated the law when it searched for information about Americans in communications intercepted for foreign intelligence purposes. The documents also reveal that FBI repeatedly exceeded the scope of its authority to search for Americans’ information. The Court of Review ruled in July of this year that the FBI must record every search of an American’s data and the basis for that search. As a result of these rulings, the FBI has changed its surveillance. In January 2018 EPIC obtained a Justice Department report detailing concerns with the FBI’s “backdoor searches.” EPIC has long advocated for reform of U.S. surveillance laws, which do not adequately protect the fundamental rights of Americans or of individuals abroad.

Posted by Candace Paul on October 10, 2019 5:17 PM |

October 11, 2019

EPIC Seeks Reversal of Decision Allowing FAA Drone Committee to Operate in Secret

EPIC has asked the D.C. Circuit Court of Appeals to reverse a lower court decision allowing the FAA's Drone Advisory Committee to conduct much of its work in secret. EPIC filed suit last year against the industry-dominated Committee, which has consistently ignored the privacy risks posed by the deployment of drones—even after identifying privacy as a top public concern. As a result of EPIC's lawsuit, the Committee was forced to disclose hundreds of pages of records that it unlawfully withheld. But the lower court ruled that the Committee did not need to disclose records from its secretive subcommittees, where many drone policy recommendations were developed. The case is EPIC v. Drone Advisory Committee, No. 19-5238 (D.C. Cir.).

Tags:

Posted by John Davisson on October 11, 2019 10:23 AM |

October 15, 2019

Senator Cantwell to FTC: Settlement Lets Facebook "Off the Hook"

Senator Maria Cantwell [D-WA], Ranking Member on the Senate Commerce Committee, has sent a letter to Federal Trade Commission Chairman Joseph Simons regarding the FTC's controversial settlement with Facebook. "I am concerned that the settlement lets Facebook off the hook for unspecified violations, and given the many public reports of Facebook's mishandling of consumer data, it is difficult to fully understand the impact of this provision on the settlement on the data privacy protection of the millions of U.S. consumers that have used and continue to use Facebook," Cantwell wrote to Simons. Through a Freedom of Information Act Request. EPIC has obtained thousands of new consumer complaints (part 1, part 2) against Facebook. EPIC is formally challenging the proposed settlement, charging that the Commission has failed to investigate thousands of complaints against the company.

Tags:

Posted by EPIC on October 15, 2019 9:40 AM |

EPIC to Supreme Court: Public Should Have Free Access to Georgia's State Code

EPIC has filed an amicus brief in the U.S Supreme Court case Georgia v. Public.Resource.Org, which concerns Georgia’s copyright of the state’s official annotated code. EPIC’s brief, signed by thirty-five experts in law and technology, urged the Supreme Court “to recognize that free access to the law is not only guaranteed by our country’s traditions but also enabled by digital technologies.” EPIC explained that “the federal government has worked to ensure that government materials, including legal materials, are broadly accessible to the public; the states should do the same.” EPIC and its staff have worked for almost thirty years to promote online access to judicial opinions and open access to government information. EPIC routinely files amicus briefs in the US Supreme Court in cases concerning emerging privacy and civil liberties issues.

Tags:

Posted by Candace Paul on October 15, 2019 1:01 PM |

October 16, 2019

In Court EPIC Argues AI Commission Broke Open Records Law

EPIC will argue in federal court on Wednesday that the National Commission on Artificial Intelligence has violated the Freedom of Information Act and must immediately process EPIC’s FOIA Requests to the Commission. Created by Congress in 2018, the AI Commission is tasked with considering "the methods and means necessary to advance the development of" AI in the United States. EPIC filed multiple requests for access to Commission meetings and records. But the Commission has operated almost entirely in secret, even as it prepares to submit recommendations to Congress and the President on November 5. EPIC filed suit against the Commission last month and asked the court to issue a preliminary injunction. The Commission is chaired by former Google CEO Eric Schmidt and dominated by representatives of large tech firms, including Microsoft, Amazon, and Oracle. The case is EPIC v. AI Commission, No. 19-2906 (D.D.C.).

Posted by Candace Paul on October 16, 2019 9:00 AM |

In Amicus Brief, EPIC Urges Court to Reject FTC-Facebook Settlement

Today EPIC filed an amicus brief in United States v. Facebook, a case concerning the proposed settlement between the Federal Trade Commission and Facebook. EPIC argued, "This Court should not adopt the proposed Consent Decree because the parties have not established that it would be fair, adequate, reasonable, appropriate, or consistent with the public interest.” EPIC explained that the proposed settlement “largely mirrors the preexisting Consent Order from 2012. There are few new obligations on the company that would limit the collection and use of personal data, nor will there be any significant changes in business practices.” EPIC noted, the "Commission also seems entirely unconcerned by Facebook’s planned integration of the personal data of WhatsApp users even though this would violate representations both firms previously made to the Commission.” EPIC previously filed a motion to intervene in the case that has not yet been resolved by the court. Through a Freedom of Information Act Request, EPIC has uncovered more than 29,000 complaints against Facebook currently pending at the Commission.

Posted by Candace Paul on October 16, 2019 9:32 AM |

Danielle Citron Testifies on Corporate Responsibility for Online Activity

EPIC Board Member Danielle Citron will testify today before the House Energy & Commerce Committee regarding corporate responsibility for online activity. In her written testimony, Professor Citron stated, "Section 230 should be revised to condition the legal shield on reasonable content moderation practices in the face of clear illegality that causes demonstrable harm. That would return the statute to its original purpose—to allow companies to act more responsibly, not less." In an amicus brief filed with the Second Circuit Court of Appeals last year, EPIC said that Section 230, a provision in the Communication Decency Act, was intended to "encourage internet service providers to police their platforms," not to "give platforms carte blanche to ignore harassment and abuse." Professor Citron was recently selected for the prestigious MacArthur Fellowship and is the author of Hate Crimes in Cyberspace, available at the EPIC Bookstore.

Tags:

Posted by Caitriona Fitzgerald on October 16, 2019 10:04 AM |

Court Denies Motion for Injunction, But EPIC’s Case Against AI Commission Moves Forward

A federal court denied a motion for a preliminary injunction against the National Commission on Artificial Intelligence. The Commission is chaired by former Google CEO Eric Schmidt, dominated by representatives of large tech firms, and has operated in near total secrecy. EPIC filed a Freedom of Information Act lawsuit to open the records and meetings of the AI Commission to the public. Today EPIC urged the court to issue a preliminary injunction to compel the production of records, an unusual motion in a FOIA case. The court denied the motion but agreed to consider whether the Commission is subject to FOIA on an expedited briefing schedule. The Commission is expected to release a report to the President and Congress on November 5, but to date the Commission has provided little information about its activities, meetings, or planned recommendations. The case is EPIC v. AI Commission, No. 19-2906 (D.D.C.).

Posted by Candace Paul on October 16, 2019 4:44 PM |

EPIC Backs Moratorium on TSA Facial Recognition Program

In a statement to the Senate Commerce Committee, EPIC has called for a moratorium on the use of facial recognition by the Transportation Security Administration. "Because TSA has failed to establish the necessary privacy safeguards, including ensuring that travelers are able to exercise their legal right to opt-out,” EPIC said, "we request you suspend the TSA’s use of facial image technology pending the completion of required public rulemaking by CBP.” EPIC added, "There is currently no legal authority for DHS’ or TSA’s use of facial recognition technology." After a Buzzfeed story earlier this year featured documents obtained by EPIC about plans to expand facial recognition at airports, Senators Ed Markey (D-MA) and Mike Lee (R-UT) called for the suspension of the program. Many cities and states are moving now to limit the use of facial recognition technology.

Posted by Candace Paul on October 16, 2019 4:53 PM |

October 17, 2019

EPIC Joins Coalition Calling for Reform of Section 702 of FISA

EPIC joined a coalition of organizations calling for Congress to reform Section 702 of the Foreign Intelligence Surveillance Act amidst debate over whether to reauthorize related authorities which are about to expire. The letter follows release of FISA Court rulings that FBI violated the law when it searched for information about Americans in communications intercepted for foreign intelligence purposes. The Court also required the agency use new safeguards. The coalition letter urges Congress to prohibit these "backdoor searches" and calls for an end to "abouts" collection - a broad surveillance technique involving collection of communications that are not to or from a surveillance target. In January 2018, as the result of a FOIA lawsuit EPIC obtained a report explaining how the FBI searches of Americans' data collected under the 702 program.

Posted by Candace Paul on October 17, 2019 5:55 PM |

October 18, 2019

EPIC to Congress: Consumers Must Be Protected in Merger Reviews

In a statement to the House Judiciary Committee, EPIC told lawmakers that merger review should consider data protection. EPIC wrote that "companies that protect user privacy are being absorbed by companies that do not protect privacy." EPIC pointed to the Facebook-WhatsApp deal and the failure of the FTC to protect the personal data of WhatsApp users after the merger. EPIC previously testified before the Senate Judiciary Committee about mergers in the online advertising industry after EPIC told the FTC that Google's acquisition of DoubleClick would diminish privacy and stifle innovation. EPIC earlier opposed Doubleclick's acquisition of Abacus, explaining that the deal would lead to increased profiling of American consumers. EPIC, Color of Change, the Open Markets Institute, and others have also urged the FTC to require Facebook to spin-off WhatsApp and Instagram.

Tags:

Posted by Caitriona Fitzgerald on October 18, 2019 9:09 AM |

EPIC Recommends Privacy Act Compliance for FBI Criminal Database

EPIC has advised the FBI to withdraw a proposal to remove Privacy Act compliance obligations for the National Crime Information Center. The FBI is seeking broad exemptions to regulations that promote records accuracy, ensure data subject access, and limit over collection of personal data. EPIC wrote that the proposed exemptions would "lead to increasing record inaccuracy and the misuse of personal information.” There are numerous reports of misuse of the data in the NCIC and growing concerns about record accuracy. In 2003, EPIC organized a coalition of nearly 90 organizations to urge accuracy in the NCIC record systems. EPIC also submitted amicus briefs to the Supreme Court in Herring v. US and Kansas v. Glover warning about inaccurate records in police databases that would lead to unlawful searches and car stops.

Posted by Candace Paul on October 18, 2019 9:35 AM |

EPIC to Congress: FOIA Critical to Homeland Security Oversight

EPIC has told a House committee that the Freedom of Information Act is critical to keep the Department of Homeland Security accountable. The House Homeland Security Committee held a hearing this week on "The Public’s Right to Know: FOIA at the Department of Homeland Security.” EPIC has brought many FOIA cases against the DHS, including those concerning backscatter x-ray devices in airports, a DHS program to track journalists, and the CBP biometric entry-exit system. In 2011, EPIC urged Congress to end the agency’s political review of FOIA requests. In 2012, EPIC led an effort to reform the DHS treatment of fee wavers. And in 2016, the DHS revised FOIA regulations, reflecting several of EPIC’s recommendations. In comments this week, EPIC observed that DHS’s FOIA processing does not compare favorably with other federal agencies. EPIC recommended that DHS improve the processing of FOIA requests and respond to appeal authorities. EPIC wrote that continued oversight of the DHS is critical. "No federal agency has greater budget authority to develop systems of surveillance directed towards U.S. residents,” EPIC said.

Tags:

Posted by Caitriona Fitzgerald on October 18, 2019 12:02 PM |

October 21, 2019

D.C. City Council Reflects on the Use of Police Body Cameras

Today the D.C. City Council held a public roundtable on Five Years of the Metropolitan Police Department's Body-Worn Camera Program: Reflections and Next Steps. In 2015, EPIC testified before the D.C. City Council regarding police body-worn cameras. EPIC warned of the surveillance risks of body cameras and argued there are more effective means to address police accountability. EPIC previously testified before the DC City Council in 2008, warning that "facial recognition that will make it possible to identify people in public places." EPIC also launched the Observing Surveillance project in 2003 to draw attention to the growing surveillance of DC residents by integrated camera systems. California has recently banned the use of police-worn body cameras.

Tags:

Posted by EPIC on October 21, 2019 6:05 PM |

October 22, 2019

EPIC to Massachusetts Legislature: Ban Facial Recognition

EPIC Policy Director Caitriona Fitzgerald will testify today before the Massachusetts Legislature in support of a bill to establish a moratorium on the use of facial recognition by state agencies. Under S. 1385 and H. 1538 the use of facial recognition technology by the state would be banned until privacy and security safeguards are in place. EPIC recommended eight principles that must be adhered to prior to deployment of facial recognition technology: 1) prohibition on mass surveillance; 2) provably non-discriminatory; 3) minimal retention; 4) transparency; 5) security; 6) monitoring for inappropriate uses; 7) accountability; and 8) independent auditing. EPIC noted the growing use of facial recognition technology in China and Hong Kong, as well as the bipartisan support for a facial recognition moratorium in Congress.

Tags:

Posted by Caitriona Fitzgerald on October 22, 2019 9:53 AM |

October 23, 2019

Civil Society Urges Global Moratorium on Facial Recognition

Speaking at the annual meeting of the privacy commissioners, EPIC President Marc Rotenberg presented a declaration from civil society calling for a moratorium on the further deployment of facial recognition. The declaration, organized by the Public Voice coalition, has gathered the support of more than 60 organizations and many leading experts in 30 countries around the world. The declaration calls on countries to (1) suspend the further deployment of facial recognition for mass surveillance; (2) review all facial recognition systems to determine whether personal data was obtained lawfully; (3) undertake research to assess bias and risk; and (4) establish legal rules, technical standards, and ethical guidelines before further deployment occurs. Mr. Rotenberg explained that around the world there is growing opposition to the deployment of facial recognition and urged the international data protection commissioners to act.

Posted by Candace Paul on October 23, 2019 8:57 AM |

Ninth Circuit Leaves in Place Case that Allows Users to Sue Facebook for Face-Scans

A federal appeals court has let stand a ruling that users can sue Facebook for collecting and using their facial images. The court previously held in Patel v. Facebook that an Illinois biometrics law protects "concrete privacy interests" and violations of the law "pose a material risk of harm to those privacy interests." EPIC filed an amicus brief in the case, arguing that the violation of a privacy law is sufficient for users to sue a company. EPIC has also long advocated for limits on the use of biometric data and has opposed Facebook's use of facial recognition software. EPIC and others recently called for a global moratorium on facial recognition.

Tags:

Posted by EPIC on October 23, 2019 10:35 AM |

EU-U.S. Privacy Shield Renewed, Still in Dispute in Court

The European Commission has renewed the EU-U.S. Privacy Shield, a framework permitting the flow of European consumers' personal data to the U.S. The Commission concluded the recent FTC-Facebook settlement did not bar enforcement actions related to the Privacy Shield. The Commission also noted positively the appointment of a Ombudsperson to receive complaints about U.S. surveillance, FTC enforcement actions for false Privacy Shield certifications, and assurances from the U.S. intelligence community that specific selectors are used to limit foreign intelligence collection. The Commission did urge the FTC to bring actions for substantive violations of the Shield. In comments on the Privacy Shield and in a letter to Congress, EPIC called for a permanent end to the broad telephone record collection under Section 215 of the Patriot Act. The validity of the Privacy Shield is still in dispute in several cases before Europe's highest court.

Tags:

Posted by EPIC on October 23, 2019 5:00 PM |

EPIC on Libra: "Facebook clearly cannot be trusted with consumers' financial data"

During today's House Financial Services hearing, Rep. Nydia Velazquez [D-NY] grilled Mark Zuckerberg about the misrepresentations Facebook made to regulators when it acquired WhatsApp — misrepresentations that led to fines in the EU. "Why should we believe what you and Calibra are saying about protecting customer #privacy and financial data?" said Rep. Velazquez. EPIC raised the same issue in a July statement to the House Financial Services Committee, saying "Facebook clearly cannot be trusted with consumers' financial data" and outlining Facebook's long history of failing to protect user data. EPIC is challenging the proposed settlement between the Federal Trade Commission and Facebook, charging that the Commission has failed to investigate thousands of pending complaints against the company.

Tags:

Posted by EPIC on October 23, 2019 5:30 PM |

October 24, 2019

EPIC to Congress: Data Ownership Won't Protect Consumers

EPIC advised the Senate Banking Committee for a hearing on "Data Ownership: Exploring Implications for Data Privacy Rights and Data Valuation" that "data portability" will not help consumers, but would likely facilitate mergers and consolidation in the Internet industry. EPIC said Congress should pass baseline federal legislation modeled on the Fair Information Practices and establish a U.S. Data Protection Agency. EPIC recently published "Grading on a Curve: Privacy Legislation in the 116th Congress" evaluating the current privacy bills in Congress.

Tags:

Posted by EPIC on October 24, 2019 11:35 AM |

Privacy Commissioners Adopt Resolutions, Plan Future Direction

Meeting in Tirana, Albania, the 41st International Conference of Data Protection and Privacy Commissioners adopted resolutions on privacy as a fundamental right, human error in data breaches, and social media and violent extremist content online. The Commissioners also adopted resolutions on strategic direction, cross-border enforcement, and regulatory cooperation between data protection agencies and consumer protection and competition authorities. Civil society has urged the data protection commissioners to support a moratorium on facial recognition technology. A petition organized by the Public Voice received support from more than 80 organizations and 500 individuals (including leading experts) in more than 40 countries. Privacy International and the Open Markets Institute were among the civil society speakers at the conference. The 2020 conference will be held in Mexico City. The ICDPPC will also be renamed the "Global Privacy Assembly."

Posted by EPIC on October 24, 2019 1:45 PM |

October 25, 2019

DOJ Proposes to Resume DNA Collection of Detainees

The Department of Justice has proposed a rule that effectively requires the DHS to collect DNA from any non-US person the agency detains or arrests. The deadline for public comments is November 12, 2019 and can be submitted here. EPIC has supported increased privacy protections for DNA. In an amicus brief to the Supreme Court, EPIC argued that law enforcement's warrantless collection of DNA is unconstitutional. In the 2013 brief, EPIC described the "dramatic and unpredictable" expansion of the government's DNA collection over the past decade.

Tags:

Posted by EPIC on October 25, 2019 10:40 AM |

October 28, 2019

Axon Ethics Board: No License Plate Readers Without Public Input

A new report from the Axon AI and Policing Technology Ethics Board details problems with automated license plate readers, including the disproportionate impact on communities of color and the long-term tracking of innocent drivers. The Axon report recommends public review prior to use of license plate readers. The report also recommends that license plate reader alerts should not be sufficient grounds to stop a vehicle. EPIC made a similar recommendation in an amicus brief for the U.S. Supreme Court for Kansas v. Glover, arguing against traffic stops based solely on alerts that a registered owner's license is suspended. EPIC previously obtained documents about the extensive use of license plate readers by the Department of Homeland Security and the Federal Bureau of Investigation. EPIC's Senior Counsel Jeramie Scott has warned about the risk of mass surveillance with technologies such as license plate readers.

Tags:

Posted by EPIC on October 28, 2019 5:25 PM |

October 29, 2019

EPIC, NGOs Object to U.S.-U.K. CLOUD Agreement, Urge Congressional Action

A coalition of 20 civil society organizations are objecting to the proposed U.S.-U.K. CLOUD Act Agreement, which will allow cross-border data access and wiretapping by law enforcement agencies. In a letter to Congress, the groups explained the Agreement "fails to adequately protect the privacy and due process rights of U.S. and U.K. citizens." The coalition urged Congress to block the Agreement. In testimony before the European Parliament and in an amicus brief for the Supreme Court in United States v. Microsoft, EPIC has argued that cross-border access to personal data requires robust human rights protections, including notice, judicial authorization, and transparency.

Tags:

Posted by EPIC on October 29, 2019 10:00 AM |

EPIC to Congress: Reauthorize SAFE WEB Act, Pass Federal Privacy Law

In a statement to the House Commerce Committee, EPIC recommended reauthorization of the SAFE WEB Act and federal baseline privacy legislation. "The Safe WEB Act should be reauthorized - cross-border enforcement and cooperation is critical for effective protection of US consumers. But it is just as critical for effective protection that Congress enact a comprehensive baseline privacy legislation and establish a U.S Data Protection Agency," EPIC said in advance of the hearing. EPIC's recent report, Grading on a Curve: Privacy Legislation in the 116th Congress, sets out the key elements of a privacy law. EPIC previously testified before both the House Commerce Committee and the Senate Commerce Committee on the SAFE WEB Act.

Posted by EPIC on October 29, 2019 12:05 PM |

October 31, 2019

UK Privacy Agency Raises Concerns About Facial Recognition

The UK Information Commissioner's Office is raising concerns about the use of "live-streaming facial recognition" (LFR). In an official opinion, Commissioner Elizabeth Denham said that the deployment of facial recognition technology by law enforcement must comply with data protection law. The ICO opinion "recognises the high statutory threshold that must be met to justify the use of LFR, and demonstrate accountability, under the UK's data protection law." A recent Public Voice petition calling for a moratorium on the use of facial recogntion has received support from more than 80 organizations and 600 individuals, including many leading experts.

Tags:

Posted by EPIC on October 31, 2019 1:30 PM |

EPIC FOIA Lawsuit: Kavanaugh at White House Defended Warrantless Surveillance

New emails released in EPIC's lawsuit show that Justice Kavanaugh, as a White House adviser, defended the controversial warrantless wiretapping program that Congress ended in 2015. Following a New York Times article which revealed government wiretapping without judicial authority, Kavanaugh circulated legal justifications for the program. The emails obtained by EPIC also show that Kavanaugh and then Justice Department lawyer Neil Gorsuch placed a USA Today op-ed defending the program. In the nomination hearing for the federal appeals court, Kavanaugh downplayed his role in the wiretapping program, though judge Kavanaugh later defended the NSA program based on a novel legal theory that leading scholars disputed. Documents previously obtained by EPIC revealed that Kavanaugh exchanged hundreds of emails with White House and DOJ staff about the NSA surveillance program.

Tags:

Posted by EPIC on October 31, 2019 3:50 PM |

Supreme Court to Hear Arguments in Case Implicating License Plate Readers

Next week the Supreme Court will consider Kansas v. Glover, a case concerning car stops and the status of the registered owner's license. EPIC filed an amicus brief in the case which could lead to police stopping any vehicle if the registered owner's license is suspended. EPIC warned that the Court's decision, when combined with automated license plate readers, could "dramatically alter police practices" and "unfairly burden disadvantaged communities." EPIC provided empirical data for the Court that indicate that police use license plate readers more frequently in disadvantaged communities. EPIC also provided data that car sharing is more prevalent in these communities and therefore that many drivers whose license is not suspended will be stopped. EPIC noted that the Supreme Court has previously established legal safeguards in response to evolving policing techniques, such as GPS tracking devices, (US v. Jones), cell phones searches (Riley v. California), and location data collection (Carpenter v. United States). EPIC recommended that the Court recognize the role of automated license plate readers in police stops. EPIC routinely files amicus briefs in federal and state courts concerning emerging privacy issues.

Tags:

Posted by EPIC on October 31, 2019 4:30 PM |

Search


About October 2019

This page contains all entries posted to epic.org in October 2019. They are listed from oldest to newest.

September 2019 is the previous archive.

November 2019 is the next archive.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type Pro 6.3.3