« February 2020 | Main | April 2020 »

March 2020 Archives

March 2, 2020

Supreme Court to Hear Freedom of Information Act Case

The U.S. Supreme Court announced today it will consider a Freedom of Information Act case about the government's attempts to withhold documents from the public under the "deliberative process" exemption. In U.S. Fish and Wildlife Services v. Sierra Club, a federal appeals court ordered a federal agency to produce agency documents about a proposed regulation concerning endangered species. The Ninth Circuit held that the documents were not "predecisional." EPIC frequently litigates Freedom of Information Act cases to challenge the government withhold public records. EPIC is currently litigating for the release of the complete Mueller Report.

Tags:

Posted by EPIC on March 2, 2020 2:25 PM |

Poll: Americans Oppose Micro-Targeting in Online Political Ads

A new poll from Gallup and the Knight Foundation found that the majority of Americans do not want political campaigns to micro-target digital ads. Democrats (69%), independents (72%), and Republicans (75%) said that internet companies should not provide information about users to political campaigns for online advertisements. 59% said Internet companies should disclose who paid for political ads, how much they cost, and to whom the ads are targeted. EPIC Consumer Protection Counsel Christine Bannan testified at an FEC hearing in 2018 and urged the Commission to promulgate rules to mandate the source of online political ads, comparable to the rule for print and broadcast publications.

Tags:

Posted by EPIC on March 2, 2020 2:30 PM |

EPIC to Supreme Court: Robocall Ban is Constitutional

In an amicus brief for the U.S. Supreme Court, EPIC today defended the Telephone Consumer Protection Act, a law that prohibits unwanted robocalls. EPIC said that the robocall ban is "constitutionally permissible and serves important governmental interests." EPIC explained in Barr v. American Association of Political Consultants that "the harm caused by unwanted automated calls" is more acute than when the robocall ban was enacted in 1991. EPIC said "without the autodialer ban, the assault of unwanted calls could make cell phones unusable." EPIC also argued that "a minor amendment to an otherwise constitutional law, passed decades after the original enactment, should not take down an act of Congress." Senator Markey, Representative Eshoo, and more than a dozen members of Congress also filed an amicus brief in support of the consumer privacy law. EPIC frequently files amicus briefs on the TCPA, including in the related case, Gallion v. Charter Communications.

Tags:

Posted by EPIC on March 2, 2020 2:35 PM |

March 3, 2020

EPIC, Coalition Urge Real Time Remote ID for All Drones

EPIC, joined by other organizations, submitted comments to the FAA regarding the agency's proposed rule for drone IDs. EPIC urged the FAA to require real-time public access to drone ID information. EPIC also recommended that the FAA provide privacy protections for recreational users and conduct a privacy impact assessment of the risks associated with drone surveillance. In 2015, EPIC wrote "Drones should be required to broadcast their registration information to allow members of the public" to easily identify the operator and to determine the location, purpose, and surveillance capabilities of the drone. The European Union has established a drone regulation similar to the one EPIC has recommend the FAA to adopt. The Interior Department recently grounded Chinese-made drones, warning of surveillance risks.

Tags:

Posted by EPIC on March 3, 2020 9:30 AM |

Appeals Court Affirms Consumer Rights to Facebook Suit, But Upholds Ineffective Settlement

The Ninth Circuit decided today that consumers could bring a case against Facebook for scanning private messages, but upheld a settlement that produced only a minor change in Facebook's business practices. In Campbell v. Facebook, the appeals court found that consumers "sued to protect concrete interests" because wiretap laws "codify a context-specific extension of the substantive right to privacy." EPIC filed an amicus brief in the case, arguing that the settlement "does not prevent Facebook from resuming the practices" consumers sued to stop. EPIC explained that the settlement only requires Facebook to post a "vague notice" that is "not the basis for consent" under applicable wiretap laws. EPIC routinely files amicus briefs in cases concerning consumer privacy and standing.

Tags:

Posted by EPIC on March 3, 2020 2:20 PM |

EPIC Pursues Disclosure of FAA Drone Committee Records

EPIC has filed a reply brief in EPIC v. Drone Advisory Committee urging the D.C. Circuit to reverse a decision that allowed FAA to conduct much of its policy work on drones in secret. EPIC filed suit in 2018 against the industry-dominated Advisory Committee, which ignored the privacy risks posed by the deployment of drones—even after identifying privacy as a top public concern. As a result of EPIC's lawsuit, the Committee was forced to disclose hundreds of pages of records to EPIC, but the agency withheld records from subcommittees that participated in the policy process. EPIC told the Court of Appeals that the FAA's interpretation of the Federal Advisory Committee Act would circumvent the open meetings law. The case is EPIC v. Drone Advisory Committee, No. 19-5238 (D.C. Cir.).

Tags:

Posted by EPIC on March 3, 2020 2:55 PM |

March 4, 2020

In FOIA Case, EPIC Obtains New Documents From AI Commission

EPIC has obtained a more documents from the National Security Commission on Artificial Intelligence. The records obtained by EPIC show that the AI Commission was aware of work on algorithmic transparency and AI bias. But the Commission's recent report to Congress did not endorse these recommendations, instead criticizing EU privacy law and calling for greater "government access to data on Americans." The Commission's disclosure follows a court ruling in EPIC v. AI Commission that the Commission is subject to the FOIA. Before issuing its report, the AI Commission held regular secret meetings with tech firms and defense contractors but did not gather opinions from the American public. EPIC is also litigating to enforce Commission's obligation to hold open meetings.

Tags:

Posted by EPIC on March 4, 2020 11:40 AM |

EPIC to Supreme Court: Allow Disclosure of Trump Tax Returns

In an amicus brief filed today, EPIC urged the Supreme Court to allow the release of President Trump's tax returns to a grand jury. EPIC explained that President Trump broke with 40 years of precedent by concealing his tax records, even as he sought to collect sensitive voter and citizenship data from the public. "This is inverted liberty: privacy for the President and compelled disclosure of personal data for the public," EPIC argued. "That is antithetical to the structure and practice of modern democracies which safeguard the privacy of citizens and impose transparency obligations on political leaders, most notably the President." EPIC previously sought public release of President Trump's tax returns in EPIC v. IRS, arguing that disclosure was necessary to correct numerous factual misstatements made by the President. In EPIC v. IRS II, EPIC is currently seeking "offers-in-compromise" and related tax records of President Trump and his businesses. The case before the Supreme Court, Trump v. Vance, will be argued March 31.

Tags:

Posted by EPIC on March 4, 2020 12:15 PM |

March 5, 2020

EPIC, Coalition Recommend Changes to Pending Washington Privacy Law

EPIC along with a coalition of groups proposed changes to the Washington Privacy Act, a bill now pending in the Washington legislature. The Washington Privacy Act would give consumers the right to access, correct and delete personal data held by companies, and it wold require companies to uphold privacy obligations, including transparency, purpose specification, data minimization, security, and nondiscrimination. But the bill lacks an effective mechanism for enforcement, permits the deployment of facial recognition, and contains many loopholes. EPIC and the coalition urged the Washington legislature to establish a private right of action, narrow the exemptions, make risk assessments publicly accessible, and remove the provisions permitting facial recognition. At the federal level, EPIC supports H.R. 4978, the Online Privacy Act, and S. 3300, to establish a US Data Protection Agency. EPIC has also called for a moratorium on face surveillance. The EPIC State Policy Project monitors privacy bills nationwide.

Tags:

Posted by EPIC on March 5, 2020 1:05 PM |

BREAKING: EPIC Prevails in Case for Release of Mueller Report, Court Will Review Unredacted Document

A federal Court, ruling in EPIC v. Department of Justice, today rebuked Attorney General Barr and agreed to review the complete Mueller Report to determine what additional material must be released. Judge Reggie B. Walton wrote, "The Court has grave concerns about the objectivity of the process that preceded the public release of the redacted version of the Mueller Report[.]” The Court cited the summary of the principal findings prepared by the Attorney General. Judge Walton explained that "the need for the American public to have faith in the judicial process” requires that the court review the Mueller Report without redactions. "Adherence to the FOIA’s objective of keeping the American public informed of what its government is up to demands nothing less,” wrote Judge Walton. The Court also denied the Department of Justice’s motion for summary judgment. EPIC filed the first case in the nation for the disclosure of the complete Mueller Report. The book EPIC v. DOJ: The Mueller Report is available for purchase at the EPIC Bookstore. The case is EPIC v. Department of Justice, No. 19-810.

Tags:

Posted by John Davisson on March 5, 2020 5:12 PM |

March 6, 2020

EPIC Seeks Records About the Government's Use of Clearview AI App

EPIC has filed a Freedom of Information Act request to several government agencies seeking records about the government's use of Clearview AI technology. Clearview AI permits law enforcement agencies to conduct suspicionless searches of people in public spaces. The company scraped billions of facial images, without permission, from websites, including Facebook, Youtube, Venmo, and Twitter. Clearview's recently stolen client list revealed that the company has sold its surveillance technology to more than 2,200 law enforcement and government agencies, and companies across 27 countries. EPIC, and more than a hundred organizations, have called for a moratorium on facial recognition technology.

Tags:

Posted by EPIC on March 6, 2020 3:30 PM |

March 9, 2020

EPIC v. AI Commission: Court Orders Rapid Disclosure of Records

In EPIC's open government case concerning US AI policy, a federal court has ordered the National Security Commission on Artificial Intelligence to process 800 pages of records a month for disclosure to EPIC. The order follows the court's previous ruling in EPIC v. AI Commission that the Commission is subject to the Freedom of Information Act. The Commission recently released a report to Congress that criticizes the EU General Data Protection Regulation and calls for greater "government access to data on Americans." Before issuing its report, the Commission held more than two hundred secret meetings with tech firms, defense contractors, and others but did not gather opinions from the American public. EPIC is also litigating to enforce Commission's obligation to hold open meetings.

Tags:

Posted by EPIC on March 9, 2020 11:45 AM |

New Rule Promotes Patient Access But Raises Privacy Concern

The Department of Health and Human Services finalized rules that require insurance and healthcare companies to provide patient access to their medical data in a format suitable for cellphones and other electronic devices. However, federal privacy protections under HIPAA no longer apply once patients transfer their data to consumer apps, creating serious risks to medical privacy. The CEO of the American Medical Association warned regulators that "These practices jeopardize patient privacy, commoditize an individual's most sensitive information, and threaten patient willingness to utilize technology to manage their health." Tech firms pushed for these changes. Last year, the Wall Street Journal reported that Google's 'Project Nightingale' intends to amass health data on millions of Americans. There will be a six-month period before the rule goes into effect. EPIC has recommended strong safeguards for medical records in agency comments and briefs for the Supreme Court.

Tags:

Posted by EPIC on March 9, 2020 5:15 PM |

Comments on OMB AI Guidance Due Friday

The OMB is seeking comments on the proposed Guidance for Regulation of Artificial Intelligence Applications. The Guidance recommends that federal agencies "promote advancements in technology and innovation, while protecting American technology, economic and national security, privacy, civil liberties, and other American values, including the principles of freedom, human rights, the rule of law, and respect for intellectual property." The US AI Guidance follows from the OECD AI Principles, which the United States has endorsed, as well as some of the Universal Guidelines for AI, a human rights framework for AI endorsed by more than 250 experts and 60 associations in 40 countries. EPIC will recommend that the OMB regulation apply to all government uses of AI, include prohibitions on secret profiling and unitary scoring, and require transparency to ensure fairness and accountability in automated decisions concerning people. EPIC has recently petitioned the FTC to undertake a rulemaking for AI in commerce. Comments to the OMB are due Friday, March 13 and can be submitted through the Federal Register. EPIC has published the AI Policy Sourcebook, the first reference book on AI policy.

Tags:

Posted by EPIC on March 9, 2020 6:45 PM |

March 10, 2020

EPIC Urges Court to Open Meetings, Records of AI Commission

EPIC has filed a reply brief in EPIC v. AI Commission urging a federal court in Washington, DC to enforce the Commission's obligation to hold open meetings and publish its records on a regular basis. The court previously ruled that the AI Commission must comply with the Freedom of Information Act. In briefs with the court, EPIC explained that the Commission must also comply with the Federal Advisory Committee Act, citing the law enacted by Congress. "It is not for the Government or the courts to second-guess that legislative choice simply because the AI Commission's transparency obligations flow from two statutes rather than one," EPIC wrote. In a recent report for Congress and the President, the Commission recommended weakening privacy safeguards for Americans but never consulted with the public as the Federal Advisory Committee Act would require. The case is EPIC v. AI Commission, No. 19-2906 (D.D.C.).

Tags:

Posted by EPIC on March 10, 2020 9:25 AM |

Congress Considers Reforms as Surveillance Authorities Set to Expire

Congress is reviewing proposals to reform the Foreign Intelligence Surveillance Act. Several bills have been introduced, including a bill backed by EPIC and other civil liberties groups that would establish a warrant requirement for location data and internet browsing history, increase transparency, and strengthen the Privacy and Civil Liberties Oversight Board. Members of both parties have expressed interest in reform of the controversial NSA surveillance program. Even the FISA court has criticized the program, following abuses uncovered by the Inspector General. EPIC closely tracks the use of FISA authority. EPIC has advocated for significant FISA reforms, and recently advised Congress to limit Section 702 surveillance and to allow Section 215 to expire. The Section 215 program is scheduled to sunset on March 15.

Tags:

Posted by EPIC on March 10, 2020 11:45 AM |

D.C. Circuit: Congress Can Obtain Mueller Grand Jury Materials

The D.C. Circuit Court of Appeals has granted Congress access to the grand jury materials referenced in the Mueller Report. The appeals court upheld a lower court decision to disclose the grand jury records to the House Judiciary Committee, citing the "compelling need for the material and the public interest." Last week, the court in EPIC v. Department of Justice ruled that it would review the unredacted Mueller Report to determine what additional material must be released to EPIC. The court in EPIC's case also rebuked Attorney General Barr, citing "grave concerns about the objectivity of the process that preceded the public release of the redacted version of the Mueller Report[.]" The book EPIC v. DOJ: The Mueller Report, which includes EPIC's original FOIA request and related materials, is available for purchase at the EPIC Bookstore. EPIC's case is EPIC v. Department of Justice, No. 19-810.

Tags:

Posted by EPIC on March 10, 2020 4:55 PM |

March 11, 2020

EPIC Obtains Documents about DC Risk Assessment Use

In response to EPIC's FOIA Request, the DC Pretrial Services Agency produced several documents about its risk assessment instrument developed and validated by Maxarth. The government reduced the number of factors in risk factors from 70 to 43 in 2019 after review, and place more emphasis on recent criminal charges. EPIC also obtained a 2019 Validation Study and a Predictive Bias report. The Validation Study rated the predictive ability "sufficient." EPIC has obtained documents about pre-trial risk assessments nationwide as well as a scoring system developed by the DHS to assign risk assessments to travelers, including US citizens. EPIC has urged government agencies to make transparent algorithmic-based decision making to ensure fairness and accountability.

Tags:

Posted by EPIC on March 11, 2020 2:05 PM |

March 12, 2020

EPIC, Consumer Groups Call for Review of Robocall Ruling

EPIC joined the National Consumer Law Center and other consumer groups in an amicus brief supporting review of recent decision that limits consumer robocall protections. In Gadelhak v. AT&T Services, the Seventh Circuit concluded that consumers who receive an automated text message can sue under the federal anti-robocall law, but only if the autodialer has a random number generator. The decision deepened a split among federal appeals courts over the scope of federal robocall protections. EPIC and NCLC also filed an amicus brief during the court's original consideration of the case. The EPIC brief explained that allowing telemarketers to auto-dial consumers "would undermine the law's effectiveness by inviting easy circumvention and rendering the restriction obsolete." EPIC routinely files amicus briefs on consumer privacy issues, including several amicus briefs on the TCPA.

Tags:

Posted by EPIC on March 12, 2020 2:55 PM |

EPIC Backs Strong Crypto and 230 Reform

In a statement to the Senate Judiciary Committee on the EARN IT Act, EPIC supported both end-to-end encryption and reform to Section 230 of the Communications Decency Act. EPIC backed the plan to establish Best Practices to limit the distribution of child sexual exploitation material, but cautioned "against recommendations that would reduce privacy and security for Internet users." EPIC pointed out that actual end-to-end encryption "protects users, promotes commerce, and ensures cybersecurity." In an amicus brief in Herrick v. Grindr, EPIC objected to a court decision that found "online platforms bear no responsibility for the harassment and abuse their systems enable."

Tags:

Posted by EPIC on March 12, 2020 6:25 PM |

March 13, 2020

EPIC Announces New Advisory Board Members

EPIC has announced the newest members of the EPIC Advisory Board. They are Joy Buolamwini, Professor Margot Kaminski, Professor Kate Klonick, Professor William McGeveran, Professor Priscilla Regan, Rashida Richardson, and Vivian Schiller. The EPIC Advisory Board is a distinguished group of experts in law, technology, and public policy who contribute to EPIC's work on privacy and civil liberties. The publication of the EPIC Advisory Board members are available at the EPIC Bookstore. Press Release.

Tags:

Posted by Caitriona Fitzgerald on March 13, 2020 8:30 AM |

Tech Companies Block Washington State Privacy Law

Last minute lobbying by big tech companies blocked passage of the Washington Privacy Act. The state privacy law have given consumers the right to access, correct and delete their personal data held by tech firms. EPIC and a broad coalition of privacy groups backed a comprehensive bill that would include, as privacy laws typically do, the right of consumers to bring legal action but that was opposed by industry groups. The Washington legislature did pass a modest bill limiting the government use of facial recognition technology. EPIC has long supported federal baseline legislation and the creation of a data protection agency. EPIC has also called for a moratorium on face surveillance. The EPIC State Policy Project monitors privacy bills nationwide.

Tags:

Posted by EPIC on March 13, 2020 11:35 AM |

EPIC Advises White House on Regulation of Private Sector AI

EPIC submitted comments on the OMB draft Guidance for Regulation of Artificial Intelligence Applications. The OMB Guidance instructs federal agencies to regulate private sector use of AI. EPIC recommended that the OMB guidance also apply to government uses of AI, that OMB establish prohibitions on secret profiling and unitary scoring, and require transparency to ensure fairness and accountability in automated decisions concerning people. EPIC has recently petitioned the FTC to undertake a rulemaking for AI in commerce. EPIC has published the AI Policy Sourcebook, the first reference book on AI policy.

Tags:

Posted by EPIC on March 13, 2020 6:05 PM |

March 16, 2020

UN Urges Countries to Protect Human Rights During Coronavirus Crisis

United Nations human rights experts are urging government leaders not to abuse emergency powers in response to the coronavirus outbreak. UN High Commissioner for Human Rights Michelle Bachelet stated: "Being open and transparent is key to empowering and encouraging people to participate in measures designed to protect their own health and that of the wider population, especially when trust in the authorities has been eroded." Andrea Jelinek, Chair of the European Data Protection Board, also released a statement, saying: "even in these exceptional times, the data controller must ensure the protection of the personal data of the data subjects." Some countries, such as Israel, intend to use cellphone data to track coronavirus, threatening civil liberties. A recent book by EPIC Advisory Board Member Professor Francisca Bignami on EU Law in Populist Times at the EPIC Bookstore explores derogations for national security.

Tags:

Posted by EPIC on March 16, 2020 3:05 PM |

EPIC Celebrates Sunshine Week with 2020 FOIA Gallery

In celebration of Sunshine Week, EPIC has unveiled the 2020 FOIA Gallery. Since 2001, EPIC has annually published highlights of EPIC's most significant open government cases. For example, last year EPIC filed the first lawsuit in the country for the public release of the Mueller Report. The federal court rebuked Attorney General Barr and agreed to review the complete Mueller Report to determine what additional material must be released. EPIC also prevailed in EPIC v. the Commission on AI. A federal court ruled that the Commission on Artificial Intelligence is subject to the FOIA. Following the court's decision, the AI Commission released documents about its activities to EPIC. In this year's FOIA gallery, EPIC also highlighted pre-trial risk assessment reports, documents about Justice Kavanaugh's role in the warrantless surveillance program, a DHS drone status report, the Census data transfer plan, and more than 29,000 complaints against Facebook pending at the FTC.

Tags:

Posted by EPIC on March 16, 2020 5:30 PM |

EPIC v. DOJ: Court Will Review Key Memo From Mueller Investigation

A federal court, ruling in EPIC v. Department of Justice, has decided to review the unredacted version of key memo by Special Counsel Mueller to determine whether additional material must be released. The memo, which summarizes Mueller's investigation of a suspected "unregistered agent of a foreign government," was partially disclosed to EPIC in response to EPIC's Freedom of Information Act request. Earlier, the court ruled in EPIC's case that it would review the sections of the Mueller Report that the government has withheld from the public. The court also rebuked Attorney General Barr, citing "grave concerns about the objectivity of the process that preceded the public release of the redacted version of the Mueller Report[.]" The book EPIC v. DOJ: The Mueller Report, which includes EPIC's original FOIA request and related materials, is available for purchase at the EPIC Bookstore. The case is EPIC v. Department of Justice, No. 19-810.

Tags:

Posted by EPIC on March 16, 2020 5:50 PM |

March 17, 2020

Senate Passes Short-term Extension of Surveillance Authorities

The Senate voted late Monday to extend certain national security authorities for 75 days that were set to expire. Last week the House passed a bill that included several reforms. EPIC and other civil liberties groups backed a bill that would establish a warrant requirement for location data and internet browsing history, increase transparency, and strengthen the Privacy and Civil Liberties Oversight Board. Members of both parties have expressed support for reform of the controversial NSA surveillance program. EPIC closely tracks the use of FISA authority. EPIC has advocated for significant FISA reforms, and recently advised Congress to limit Section 702 surveillance and to allow Section 215 to expire.

Tags:

Posted by EPIC on March 17, 2020 12:55 PM |

Federal Government Weakens Privacy Protections for Telemedicine

The Department of Health & Human Services announced today that it is rolling back privacy protections for electronic medical appointments during the coronavirus outbreak. HHS stated it will not take enforcement action against health care providers that violate the federal patient privacy law (HIPAA) when consulting with patients remotely, as long as providers act in "good faith." Normally, remote communications tools used for medical purposes must comply with strict privacy rules. Health care providers are still prohibited from using "public facing" applications such as Facebook Live and TikTok to consult with patients, HHS said. EPIC has long advocated privacy protections for medical information and filed a brief in IMS v. Sorrell urging the Supreme Court to safeguard prescription data.

Tags:

Posted by EPIC on March 17, 2020 5:50 PM |

Senators Urge FTC to Stop Google's Monetization of COVID-19 Fears

Today, U.S. Sens. Mark R. Warner (D-VA) and Richard Blumenthal (D-CT) wrote to FTC Chairman Joe Simons about Google's ad targeting practices for products such as face masks and hand sanitizer. The Senators presented evidence that Google continues to run ads that capitalize on COVID-19 fears despite claiming to ban such ads. The Senators said that the ads "create widespread social harms to our nation's response to the crisis." The also said, "consumers should b able to rely on representations regarding a company's business practices...if consumer cannot rely on a company's representations, then the FTC must intervene." EPIC has long advocated privacy protections for medical information. EPIC helped establish the FTC's authority to oversee Google, but EPIC has since criticized the agency's effectiveness and called for the establishment of a U.S. Data Protection Agency.

Tags:

Posted by EPIC on March 17, 2020 6:20 PM |

March 19, 2020

Senators Question White House Google Website Plan

Five U.S. Senators have sent a letter to the White House expressing concern over the privacy implications of the Administration's plan to allow Google to establish a virus screening website for COVID-19. Senators Bob Menendez, Sherrod Brown, Richard Blumenthal, Kamala Harris, and Cory Booker said "If the Administration and the private company responsible for launching and maintaining the website does not establish sufficient privacy safeguards, Americans who use the site will be more susceptible to identity theft, negative credit decisions, and employment discrimination." The Senators asked for responses to thirteen questions by March 30, 2020. Google is under a consent order that gives the FTC authority to oversee the company's privacy practices. The FTC consent order followed complaints by EPIC about Google Buzz. EPIC later sued the FTC, EPIC v. FTC, for the agency's failure to enforce the consent against Google.

Tags:

Posted by EPIC on March 19, 2020 1:15 PM |

DOJ Releases 2019 FOIA Litigation and Compliance Report

The Department of Justice has released the 2019 FOIA Litigation and Compliance Report which details the DOJ's efforts to encourage agency compliance with the FOIA across federal agencies. DOJ updated the Guide to the Freedom of Information Act, with recent court decisions. The DOJ report also summarizes agency guidance, including the application of Exemption 4 after the Supreme Court expanded the definition of "confidential" information. On that issue, EPIC filed an amicus brief in Food Marketing Institute v. Argus Leader Media telling the Supreme Court that access to commercial records is critical for government oversight. EPIC celebrated Sunshine Week with the 2020 EPIC FOIA Gallery, highlighting important EPIC FOIA work from the past year, including EPIC's case for the release of the Mueller Report, EPIC v. Department of Justice.

Tags:

Posted by EPIC on March 19, 2020 3:35 PM |

Privacy International Tracks Privacy Impact of Response to COVID-19

Privacy International has created a resource to track the privacy implications of the various responses to the Coronavirus by tech companies, governments, and international agencies. Some responses to the pandemic involve mass surveillance and locational tracking that impact on privacy and human rights. For example, Israel plans to use cellphone data for contact tracing and a U.S. company Athena Security has proposed mass surveillance for temperature monitoring. U.S. Senators have written to the Federal Trade Commission and the White House expressing concern over the privacy implications of the Administration's plan to allow Google to establish a virus screening website for COVID-19.

Tags:

Posted by EPIC on March 19, 2020 4:00 PM |

Ad Groups Seek Delay of California Privacy Law

In a letter to the California Attorney General, several advertising associations called for a six-month delay in implementation of the California Consumer Privacy Act. The business groups cited the coronavirus as the reason they should not comply with the law as planned. The California privacy law establishes new privacy rights for California residents, and busineses are required to bring their practices into compliance. The California Attorney General will begin enforcement actions on July 1, 2020. EPIC expressed support for the new privacy law in comments to the Attorney General on proposed regulations. EPIC's recommendations for baseline federal privacy legislation and the creation of a Data Protection Agency are detailed in Grading on a Curve: Privacy Legislation in the 116th Congress.

Tags:

Posted by EPIC on March 19, 2020 5:40 PM |

Government Considers Location Data to Track Coronavirus

According to the Washington Post, the U.S. Government is in active discussions with tech companies about tracking telephone customers to monitor the spread of the coronavirus. Cellphone data is currently protected under federal privacy law. In the Carpenter case, the Supreme Court made clear that government access to location information implicates the Fourth Amendment. EPIC has long advocated for protection of location privacy. EPIC pursued a lawsuit against a mobile app company that led to greater protection of users' location data. EPIC also successfully petitioned the FCC to safeguard sensitive data collected by phone companies. The FCC recently announced fines against T-Mobile, AT&T, Verizon, and Sprint for selling customers' location information.

Tags:

Posted by EPIC on March 19, 2020 5:45 PM |

EPIC Urges Georgia Court to Ensure Ballot Secrecy in Primary

In an amicus brief, EPIC has asked a Georgia federal court to protect the secret ballot. Plaintiffs presented the court with evidence that Georgia's ballot-marking devices, which rely on large display screens, make voter choices easily viewable by others in the polling place. EPIC wrote in the amicus that "the right to cast a secret ballot in a public election is a core value in the United States." This is the second amicus brief EPIC has submitted in the case, Curling v. Raffensperger. In the earlier amicus brief, EPIC urged the court to stop Georgia's use of Direct Recording Electronic voting machine, which EPIC explained were unreliable and easily hacked. The court ruled that Georgia must replace those voting machines before the 2020 election.

Tags:

Posted by EPIC on March 19, 2020 8:55 PM |

March 20, 2020

EPIC Obtains DOJ Report on Predictive Policing and AI - “Individual liberty is at stake"

EPIC, through a FOIA request, lawsuit, and negotiated settlement, has obtained a 2014 report from the Department of Justice to former President Obama warning about the dangers of predictive analytics and algorithms in law enforcement. The Justice Department report highlights the risks of "making decisions about sentencing—where individual liberty is at stake in the most fundamental way—based on historical data about other people,” stating that “equal justice demands that sentencing determinations be based primarily on the defendant’s own conduct and criminal history." Even when algorithms "seem neutral, any model is susceptible to importing any biases reflected in the underlying data,” the report Predictive Analytics in Law Enforcement explains. Former U.S. Attorney General Eric Holder has said that "basing sentencing decisions on static factors and immutable characteristics . . . may exacerbate unwarranted and unjust disparities that are already far too common in our criminal justice system and in our society." The case, which was before the D.C. Circuit Court of Appeals, has now settled and EPIC will receive attorneys fees for its work on the matter. The case is EPIC v. DOJ, No. 18-5307 (D.C. Cir.).

Tags:

Posted by Caitriona Fitzgerald on March 20, 2020 8:15 AM |

EPIC and 131 Organizations Support Government Transparency During Coronavirus Crisis

EPIC and 131 other organizations issued a public statement supporting government transparency and public access to information when the U.S. is taking measures to respond to the coronavirus pandemic. The groups caution that agencies should not take advantage of the public's inability to attend large gatherings to conceal critical policy decisions. The group "encourage[s] the custodians of information at all levels of government to take this opportunity to leverage technology to make governance more inclusive and more credible, not to suspend compliance with core accountability imperatives." The statement emphasized that "the legitimacy of government decision-making requires a renewed commitment to transparency." Last week, the White House ordered federal health officials to treat top-level coronavirus meetings as classified, "an unusual step that has restricted information and hampered the U.S. government's response to the contagion," according to a report by Reuters.

Tags:

Posted by EPIC on March 20, 2020 2:30 PM |

March 23, 2020

Senators Back Bill to Promote Vote-by-Mail

Senators Amy Klobuchar and Senator Ron Wyden have introduced the "Natural Disaster and Emergency Ballot Act of 2020," which would expand early in-person voting and no-excuse absentee vote-by-mail to all states. Twenty-six Senators have co-sponsored S. 3529. Senator Klobuchar said, "we should act swiftly to pass my legislation to ensure that every American has a safe way to participate in our democracy during a national emergency." According to the National Conference on State Legislatures, five states currently conduct all elections entirely by mail, and at least 21 other states have laws that permit some elections to be conducted by mail. EPIC has a long history of working to protect voter privacy and election integrity. In 2016 EPIC published The Secret Ballot at Risk: Recommendations for Protecting Democracy, a report highlighting the right to a secret ballot and how Internet voting threatens voter privacy.

Tags:

Posted by EPIC on March 23, 2020 11:30 AM |

European Privacy Officials Offer Guidance in Response to Pandemic

The European Data Protection Board, the committee of national European privacy officials, has published a statement advising data processors on their legal obligations in light of the pandemic. The EDPB statement addresses the lawfulness of processing during a public health emergency, the use of mobile location data, and the protections of health data of employees. The Board cautioned that: "Personal data that is necessary to attain the objectives pursued should be processed for specified and explicit purposes." The EDPB advises processors that: "The least intrusive solutions should always be preferred, taking into account the specific purpose to be achieved." EPIC and 131 other organizations issued a public statement supporting government transparency and public access to information when the U.S. is taking measures to respond to the coronavirus pandemic.

Posted by EPIC on March 23, 2020 12:15 PM |

EU NGOs Call for Fundamental Rights-based Responses to COVID-19

European NGOs called on EU countries to ensure that fundamental rights are upheld while taking public health measures to tackle COVID-19.The members of the European Digital Rights Initiative (EDRi) urged Member States to limit the collection and use of personal data and to implement exceptional measures only for the duration of the crisis. The NGOs also highlighted the danger of internet shutdowns during a pandemic, stating that: "During this crisis and beyond, an accessible and open internet will play a significant role in keeping us safe." The groups warned that "companies should not abuse the extraordinary circumstances to monetise information at their disposal." Privacy International has created a resource to track the privacy implications of the various responses to the Coronavirus by tech companies, governments, and international agencies. The EPIC Public Voice Fund supports the work of EDRi.

Posted by EPIC on March 23, 2020 5:50 PM |

March 24, 2020

EPIC Seeks Records About White House Plan to Use Cellphone Data for Coronavirus Tracking

EPIC has submitted a Freedom of Information Act request to the Office of Science and Technology Policy seeking information about the White House plan to use cell phone location data for public health surveillance. According to news reports, the White House has sought the assistance of large tech companies including Facebook, Apple, and Google, to use cell phone location data. It is not clear at this time whether the U.S. program is lawful or how the data will be used. EPIC has asked the OSTP to provide "all policies, proposals, and guidance documents for the collection of cell phone location data in connection with the coronavirus" and also "any privacy assessments, including but not limited to privacy threshold assessments and privacy impact assessments, related to the collection of cell phone location data in connection with the coronavirus."

Tags:

Posted by EPIC on March 24, 2020 5:40 PM |

EPIC Seeks Records About Lawfulness of Use of Location Data for Public Health Surveillance

EPIC has submitted a Freedom of Information Act request to the Department of Justice seeking legal analysis concerning the collection and use of GPS and cell phone location data for public health surveillance. EPIC explained "The Department of Justice plays a key role advising the President regarding the lawfulness of proposed activities, and particularly the proposed expansion of government authorities during a time of national crisis." EPIC wrote, "If the Department of Justice is considering the use of cell phone data to address the public health crisis, it should first consider whether the use is lawful and that analysis should be made available to the public." EPIC pursued a FOIA lawsuit during the Bush Administration, EPIC v. DOJ, for the legal memos concerning the warrantless wiretapping program that was later repealed by Congress.

Tags:

Posted by EPIC on March 24, 2020 6:20 PM |

March 26, 2020

WHO Advisor - "We should never step beyond individual freedoms"

Dr. Michael Ryan, a key advisor for the World Health Organization, said this week at a briefing on the novel coronavirus that there is a "tremendous amount" of innovation and enthusiasm for new products. But he also cautioned (video) that "when collecting information on citizens or tracking their movements there are always serious data protection and human rights principles involved." Dr. Ryan said, "we want to ensure that all products are done in the most sensitive way possible and that we never step beyond the principles of individual freedoms and rights." UN human rights experts and European privacy officials are urging governments to safeguard privacy in the effort to contain the novel coronavirus. Yuval Noah Harari wrote recently "We can and should enjoy both privacy and health. We can choose to protect our health and stop the coronavirus epidemic not by instituting totalitarian surveillance regimes, but rather by empowering citizens."

Posted by EPIC on March 26, 2020 3:20 PM |

DHS Postpones Real ID Enforcement Deadline

The Department of Homeland Security announced that the agency is extending the REAL ID enforcement deadline to October 1, 2021. DHS plans to publish a notice of the new deadline in the Federal Register in the coming days. The REAL ID Act requires states to gather certain personal data and issue documents that comply with federal standards. The failure to have a REAL ID-compliant document can restrict the freedom to travel. EPIC, along with a broad coalition, opposed REAL ID because it created a de facto national identity system and has exposed Americans to data breaches. Criminal hackers compromised the authenticating documents in state DMVs including Oregon, North Carolina, and California. EPIC has urged the DHS to limit the data collection and ensure transparency and accountability in implementing REAL ID.

Tags:

Posted by EPIC on March 26, 2020 5:15 PM |

EPIC to Testify In Support of Voting System Guidelines

EPIC Policy Director Caitriona Fitzgerald will testify this week before the Election Assistance Commission in support of the Voluntary Voting System Guidelines 2.0. Fitzgerald’s prepared statement said that the Voting Guidelines are "vital to protecting our democratic institutions.” The Voting Guidelines are open for public comment through June 22. EPIC, along with the Association for Computing Machinery, previously recommended principles for voter privacy, ballot secrecy, and data protection. EPIC and the ACM also urged the Commission to ban internet-connected voting machinery, citing the risks to voting integrity and democratic institutions. The EAC adopted these suggestions, banning internet-connected voting systems and retaining strong provisions on voter privacy, ballot secrecy, and data protection. Though states are not mandated to comply with the Voting System Guidelines, the Guidelines shape the election security market. EPIC has a long history of working to protect voter privacy and election integrity.

Continue reading "EPIC to Testify In Support of Voting System Guidelines" »

Tags:

Posted by Caitriona Fitzgerald on March 26, 2020 9:50 PM |

March 27, 2020

European Commission Seeks Anonymized Location Data, Citing Coronavirus

The European Commission has reportedly asked telecom companies to turn over anonymized cell phone location data, citing a need to track the spread of the novel coronavirus. The planned transfer would give the Commission access to location information and other data from hundreds of millions of cell phone users. European Data Protection Supervisor Wojciech WiewiĆ³rowski, responding to the proposal, warned that “effective anonymisation requires more than simply removing obvious identifiers” and called on the Commission to “clearly define the dataset it wants to obtain and ensure transparency towards the public.” The European Data Protection Board explained that any use of location data in connection with the coronavirus must be “strictly limited to the duration of the emergency at hand” and “in accordance with the Charter of Fundamental Rights and the European Convention for the Protection of Human Rights and Fundamental Freedoms.” EPIC recently submitted a Freedom of Information Act request to the U.S. Department of Justice seeking legal analysis concerning the collection and use of GPS and cell phone location data for public health surveillance.

Tags:

Posted by John Davisson on March 27, 2020 2:37 PM |

EPIC Backs Experts' Statement on Data Protection and Coronavirus

EPIC President Marc Rotenberg has endorsed a statement of German privacy experts that emphasizes, "even in the corona crisis, personal rights remain - in the words of the German Federal Constitutional Court - 'an elementary functional condition of a free and democratic society based on the ability of its citizens to act and participate.'" The experts state, "data protection demands data minimisation, ensuring that data is used for specific purposes only and that measures and any new legal powers are clearly limited in time." The statement also calls attention to "principles and guidelines on data protection in the Corona crisis." The statement was organized by Peter Schaar, Chairman of the European Academy for Freedom of Information and Data Protection (EAID) and the former Federal Data Protection Commissioner for Germany.

Posted by EPIC on March 27, 2020 6:40 PM |

World Health Organization Again Speaks Up for Data Protection

Dr. Michael Ryan, a key advisor for the World Health Organization, again this week emphasized the need to safeguard privacy and data protection in the responses to the coronavirus. “We take the issues of personal data protection and intrusion very, very seriously,’ said Dr. Ryan (video). He said that the WHO is working to ensure that "all of the initiatives we’re involved with, while aiming to develop good public health information, in no way interfere with the individual rights to privacy and protections under the law. It is important when we talk about surveillance and the surveillance society that in the case of public health the gathering of information about individuals, their movements must be done with the consent of the community and in many cases of the individual themselves."

Tags:

Posted by Caitriona Fitzgerald on March 27, 2020 11:59 PM |

March 30, 2020

Council of Europe Issues Statement on COVID-19 and Data Protection

Today the Council of Europe published a Joint Statement on The Right to Data Protection in the Context of the COVID-19 Pandemic. The statement was published by Alessandra Pierucci, Chair of the Committee of Convention 108 and Jean-Philippe Walter, Data Protection Commissioner of the Council of Europe. The COE Statement advises that "States have to address the threat resulting from the COVID-19 pandemic in respect of democracy, rule of law and human rights, including the rights to privacy and data protection." The Council further states that even during a public health crisis, "human rights(such as the International Covenant on Civil and Political Rights and the European Convention on Human Rights) cannot be suspended but only derogated or restricted by law, to the extent strictly required by the exigencies of the situation, while respecting the essence of the fundamental rights and freedoms." The COE notes that "anonymised data is not covered by data protection requirements. The use of aggregate location information . . . would thus not be prevented by data protection requirements." EPIC has worked closely with the Council of Europe on updates to the Council of Europe Privacy Convention, recommended US ratification of the Convention, and recently advised the COE on AI policy. The text of the COE Privacy Convention is contained in the EPIC Policy Law Sourcebook.

Tags:

Posted by Caitriona Fitzgerald on March 30, 2020 7:46 AM |

Apple Launches New COVID Resource Backed by CDC

Apple has launched a COVID-19 Screening Tool that provides information about the coronavirus, information about social distancing and current guidance on COVID-19 testing. Apple states "Apple is not collecting your answers from the screening tool. To help improve the site, Apple collects some information about how you use it. The information collected will not personally identify you." In a press statement, the CDC said the "tool provides CDC recommendations on next steps including guidance on social distancing and self-isolating, how to closely monitor symptoms, recommendations on testing, and when to contact a medical provider." In a comment on Twitter, Apple CEO Tim Cook said "the data is yours and your privacy is protected. Stay safe and healthy." In 2015, Tim Cook received the EPIC Champion of Freedom Award.

Posted by EPIC on March 30, 2020 8:05 AM |

BREAKING: DOJ Delivers Mueller Report to Federal Judge in EPIC's FOIA Case

The Department of Justice today submitted the complete Mueller Report to federal Judge Reggie B. Walton for review. The judge will now determine whether the federal agency properly withheld information EPIC sought in the open government case EPIC v. Department of Justice. The judge's review of the Mueller Report marks one of the most significant "in camera" reviews in the history of the Freedom of Information Act. Judge Walton will also examine a related memo obtained by EPIC to determine what additional material must be released to EPIC and the public. Judge Walton previously ordered the DOJ to turn over the full Mueller Report in EPIC's case, citing "the need for the American public to have faith in the judicial process." The court also rebuked Attorney General Barr and raised "grave concerns about the objectivity of the process that preceded the public release of the redacted version of the Mueller Report[.]" The book EPIC v. DOJ: The Mueller Report, which includes EPIC's original FOIA request and related materials, is available for purchase at the EPIC Bookstore. EPIC's case—the first in the nation for the disclosure of the Mueller Report—is EPIC v. DOJ, No. 19-810.

Tags:

Posted by EPIC on March 30, 2020 2:30 PM |

March 31, 2020

Georgia Court Grants EPIC's Motion to File Amicus on Ballot Secrecy

A Georgia federal court has granted EPIC's request to file an amicus brief urging the court to protect the secret ballot. Plaintiffs presented the court with evidence that Georgia’s ballot-marking devices, which rely on large display screens, make voter choices easily viewable by others in the polling place. EPIC wrote in the amicus that "the right to cast a secret ballot in a public election is a core value in the United States." This is the second amicus brief EPIC has submitted in the case, Curling v. Raffensperger. In the earlier amicus brief, EPIC urged the court to stop Georgia's use of Direct Recording Electronic voting machines, which EPIC explained were unreliable and easily hacked. The court ruled that Georgia must replace the machines before the 2020 election.

Tags:

Posted by EPIC on March 31, 2020 4:10 PM |

Search


About March 2020

This page contains all entries posted to epic.org in March 2020. They are listed from oldest to newest.

February 2020 is the previous archive.

April 2020 is the next archive.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type Pro 6.3.3