EPIC logo

  
========================================================================
                            E P I C  A l e r t
========================================================================
Volume 14.18                                           September 7, 2007
------------------------------------------------------------------------

                             Published by the
                Electronic Privacy Information Center (EPIC)
                             Washington, D.C.
              http://www.epic.org/alert/EPIC_Alert_14.18.html


========================================================================
Table of Contents
========================================================================
[1] EPIC v. DOJ: Court Rejects Secrecy Claims in FOIA Case
[2] EPIC Recommends Suspension of Secret Traveler Profiling Program 
[3] DHS Changes Name, But Problems Remain for U.S. Workers
[4] OECD Launches Participative Web Tools
[5] Virginia Tech Report Released
[6] News in Brief
[7] EPIC Bookstore: "The Search"
[8] Upcoming Conferences and Events

========================================================================
[1] EPIC v. DOJ: Court Rejects Secrecy Claims in FOIA Case
========================================================================

On September 5, a federal district court in Washington, DC ordered the
government to provide far more detailed information to justify its
withholding of records about the President's domestic surveillance
program. In EPIC v. Department of Justice, the court  rejected the
government's attempt to withhold all records concerning its warrantless
wiretapping surveillance program.

In December 2005, the New York Times reported that President Bush
secretly issued an executive order in 2002 authorizing the National
Security Agency to conduct warrantless surveillance of international
telephone and Internet communications on American soil. President Bush
acknowledged the existence of the NSA surveillance program and vowed
that its activities would continue. EPIC submitted Freedom of
Information Act (FOIA) requests to the NSA and four Department of
Justice components just hours after the existence of the warrantless
surveillance program was first reported. Noting the extraordinary public
interest in the program - and its potential illegality - EPIC asked the
agencies to expedite the processing of the requests.

The Justice Department agreed that the requests warranted priority
treatment, but failed to comply with the FOIA's usual time limit of 20
working days. In January 2006, EPIC filed a lawsuit against DOJ to
compel the immediate disclosure of information concerning the NSA
surveillance program. EPIC's case was consolidated with a similar
lawsuit filed by ACLU and National Security Archive.

On February 16, 2006, U.S. District Judge Henry H. Kennedy ordered the
DOJ to process and release documents concerning the NSA program within
20 days, or by March 8, 2006. Some documents were disclosed by March 8,
but the DOJ asked Judge Kennedy for an additional four months to process
some of the material responsive to EPIC's request, which Judge Kennedy
allowed. The government then moved to dismiss the case, arguing in
effect that it had complied with all of its obligations to respond to
EPIC's requests.

In the September 5 order, Judge Kennedy expressed frustration with the
government. He said that many of the government's secrecy claims were
"too vague and general," and largely denied the Justice Department's
motion for summary judgment. Judge Kennedy said that "declaring 'because
we say so' is an inadequate method for invoking exemption 5" of the
Freedom of Information Act. He pointed out that the government's
"exceedingly high level of secrecy" meant that his law clerk was unable
to review materials relevant to the case, though the clerk holds a
high-level security clearance.  By October 12, the DOJ must provide to
EPIC and the other plaintiffs far more detailed explanations for its
decision to withhold  records.

EPIC v. Department of Justice, D.C. District Court Order (September 5,
2007) (pdf):

     http://www.epic.org/privacy/nsa/dc_order_090507.pdf

Eric Lichtblau and James Risen, "Spy Agency Mined Vast Data Trove,
Officials Report," The New York Times, December 24, 2005 at A1

      http://www.nytimes.com/2005/12/24/politics/24spy.html

EPIC's Page on Warrantless Surveillance FOIA:

     http://www.epic.org/privacy/nsa/foia/


========================================================================
[2] EPIC Recommends Suspension of Secret Traveler Profiling Program
========================================================================

In comments to the Department of Homeland Security, EPIC urged the
agency to either suspend the Automated Targeting System or to fully
apply all Privacy Act safeguards to any individual subject to ATS. The
system creates secret, terrorist "risk assessments" on tens of millions
of U.S. citizens and foreign visitors. This new rulemaking was in
response to public criticism that arose from DHS's November 2006
rulemaking, where EPIC led 29 organizations and 16 privacy and
technology experts in condemning the many privacy and security risks of
ATS.

ATS was originally established to assess cargo that might pose a threat
to the United States. However, since 1999, ATS was used to assign a
"risk assessment," which is essentially a terrorist risk rating, to all
people "seeking to enter or exit the United States," "engag[ing] in any
form of trade or other commercial transaction related to the importation
or exportation of merchandise," "employed in any capacity related to the
transit of merchandise intended to cross the United States border," and
"serv[ing] as operators, crew, or passengers on any vessel, vehicle,
aircraft, or train who enters or exits the United States."

Some positive changes to ATS include a significant reduction in the data
retention period (from 40 years to 15 years) and the elimination of a
routine use that was unnecessary and far too broad (for example, it
allowed data to be used for hiring decisions). However, there remain
many of the security and privacy risks outlined in previous comments.
Most importantly, the fundamental problem remains: The Automated
Targeting System still creates terrorist risk profiles that are secret
and unreviewable. All of the key characteristics of the Automated
Targeting System - including the assessment, the basis for the
assessment, the rules that apply, and the "targeting activities" -
remain shrouded in mystery.

DHS itself states that the Automated Targeting System's "risk
assessments" are substantial reviews of individuals. DHS states that it
uses ATS "[i]n lieu of manual reviews of traveler information and
intensive interviews with every traveler arriving in or departing from
the United States." The Automated Targeting System significantly affects
tens of millions of individuals per year.

In the recently filed comments, EPIC expressed surprise that "CBP
proposes to exempt ATS from key fair information practices, such as the
requirements that an individual be permitted access to personal
information, that an individual be permitted to correct and amend
personal information, and that an agency assure the reliability of
personal information for its intended use." EPIC continued, "It is
inconceivable that the drafters of the Privacy Act would have permitted
a federal agency to propose a secret profiling system on U.S. citizens
and be granted broad exemptions from Privacy Act obligations."

Department of Homeland Security, Press Release: Statement by Homeland
Security Chief Privacy Officer Hugo Teufel III on the Privacy Act System
of Records Notice for the Automated Targeting System (Aug. 3, 2007)
(including links to the Response to Public Comments to the November 2006
ATS Rulemaking, Current Notice of Proposed Rulemaking, System of Records
Notice and Privacy Impact Assessment):

      http://www.dhs.gov/xnews/releases/pr_1186178812301.shtm

EPIC, Comments on the August 6, 2007 Rulemaking on ATS (Sept. 5, 2007)
(pdf):

     http://www.epic.org/privacy/travel/ats/epic_090507.pdf

EPIC's page on the Automated Targeting System:

     http://www.epic.org/privacy/travel/ats/


========================================================================
[3] DHS Changes Name, But Problems Remain for U.S. Workers
========================================================================

This month, EPIC's Spotlight on Surveillance Project turns to the
Department of Homeland Security's employment eligibility verification
system, which the agency hoped would encompass 6 million employers and
143.6 million workers nationwide. But Congress recently rejected such
legislation, so DHS is now moving the system ahead through
administrative regulation.

DHS has renamed the "Basic Pilot" employment eligibility verification
system "E-Verify," and has made substantial changes to the program. DHS
will require more than 200,000 federal contractors to check the agency
databases before hiring employees. This is an increase of more than
1,076 percent over the 17,000 employers currently registered in
E-Verify. Also, the system will use an "enhanced photograph capability"
that will allow employers to check photographs in E-Verify databases.
DHS also will expand the number of databases E-Verify checks to include
visa and passport databases; and the agency is asking states to
"voluntarily" allow DHS access to their motor vehicle databases.

DHS also will require employers to fire employees if they were unable to
resolve "no match" discrepancies within 90 days. If the employers do not
terminate the workers' employment, the businesses would face fines of
$11,000 or more. DHS also will raise fines against employers by 25
percent and increasingly use criminal action against employers, as
opposed to administrative action. This "no match" portion is the subject
of a lawsuit filed by the AFL-CIO, ACLU, and National Immigration Law
Center. They seek a permanent ban against implementation by the federal
government, and a federal judge has approved an order temporarily
restraining the government from moving forward.

A broad expansion of E-Verify has severe implications for national and
individual security, civil liberties and privacy. At a Congressional
hearing in June 2007, the Government Accountability Office detailed the
many problems associated with expansion of the system. E-Verify is
vulnerable to employer fraud or misuse; the databases used by E-Verify
are error-filled; expansion would create enormous backlogs; also, the
cost would be enormous. The many errors in DHS and Social Security
Administration databases have been highlighted by the GAO, SSA Inspector
General, and Justice Department Inspector General.

Though the Department of Homeland Security is requiring federal
contractors to use E-Verify, the agency cannot mandate its use by the
states. However DHS announced that it is strongly encouraging states to
require employers to register and use the employment eligibility
verification system. The states are split on this issue. Some states,
including Arizona and Oklahoma, have passed legislation mandating the
use of E-Verify by public contractors. Just days after DHS announced the
new regulations for E-Verify, however, the Illinois governor signed
legislation specifically banning the use of the employment eligibility
verification system. Illinois legislators cited E-Verify's high error
rate and the problems that incorrect "nonconfirmations" would cause for
employers and employees. DHS's rapid expansion of E-Verify does not help
the problems in the system, but in fact, exacerbates them.

EPIC, Spotlight on Surveillance, "E-Verify System: DHS Changes Name, But
Problems Remain for U.S. Workers":

     http://www.epic.org/privacy/surveillance/spotlight/0707/

Department of Homeland Security, E-Verify FAQs:

     http://www.dhs.gov/ximgtn/programs/gc_1185222483635.shtm

Government Accountability Office, Testimony on Employment Eligibility
Verification (June 7, 2007) (pdf):

     http://www.gao.gov/new.items/d07924t.pdf

EPIC's Testimony on Employment Verification Systems before the House
Committee on Ways and Means (June 7, 2007) (pdf):

     http://www.epic.org/privacy/ssn/eevs_test_060707.pdf



========================================================================
[4] OECD Launches Participative Web Tools
========================================================================

A series of online tools are being put in place by the OECD to allow all
stakeholders, and particularly civil society, to participate in and
contribute to the process towards the OECD Ministerial on the Future of
the Internet Economy being held in June 2008 in Seoul, Korea. The
OECD-Canada Technology Foresight Forum on the Participative Web being
held in Ottawa on October 3, 2007, will serve as a “testing ground” for
many of these tools.

The Forum will host a range of civil society speakers from NGOs and
academia. In addition to panel discussions, the Forum will feature
demonstrations of web 2.0 technologies during the lunch break. Civil
society is encouraged to showcase how it uses specific web 2.0 tools in
its work.

The OECD has created a Forum website that includes a page dedicated to
civil society. The site also features pre-recorded video messages from
speakers and other participants on one or more of the Forum topics. The
site will also host the presentations of speakers and/or a transcript of
their main points.

In order to allow for remote participation, the Forum will be webcast
live, and transcripts will be available one hour after each session. The
OECD has also created an email address and a Skype address, both
available on the Forum website, which will allow Internet users to post
audio and text questions and messages in advance of, and during, the
Forum. The OECD will have a newslog, and will also link to various RSS
feeds. The Forum will also have an official blogger who will blog
throughout the Forum.

Civil society is encouraged to take advantage of the various
participative tools available by visiting the OECD's Forum website at:
http://www.oecd.org/futureinternet/participativeweb. Participation in
the October 3, 2007 Forum taking place in Ottawa is free, and
registration is available online.

OECD Forum page:

     http://www.oecd.org/futureinternet/participativeweb

The Public Voice - OECD Participative Web Forum page:

     http://www.thepublicvoice.org/events/oecd.html

The Public Voice - OECD Ministerial 2008 page:

     http://www.thepublicvoice.org/events/oecd.html


========================================================================
[5] Virginia Tech Report Released
========================================================================

A panel of experts asked to investigate the tragic April 16, 2007
shooting deaths of dozens of students and faculty at Virginia Tech has
released its final report.

The young man who committed the shootings had a history of mental
illness. While attending Virginia Tech he had been arrested and detained
for a commitment hearing for involuntary admission into a psychiatric
facility.  He was found to be a danger to himself, but was not
committed, and allowed to return to the school.  The report found that
the records of his arrest, and the court proceedings were public
information that was known by campus authorities, but was not disclosed
to the mentally ill student's parents or other school officials.

The report found that school officials should have the ability to
intervene when a student is clearly in trouble and may be a threat to
themselves or to the public.  According to the report, sharing
information under these circumstances would not be in violation of
privacy laws. However, the report also warns that the privacy of
students must be protected unless circumstances dictate that disclosure
meets a higher obligation to protect the public.

The report makes several recommendations related to guidelines for the
disclosure of student information when behavioral problems are
identified.  The report advocates a “safe harbor” for good faith
disclosures of medical information in order to insulate a person or
organization from liability. The report also recommends changes to the
Federal Educational Rights and Privacy Act.

Dr. Deborah Peel, founder of the Patient Privacy Rights, called the
panel report a "whitewash" and said that the real culprit is the lack of
funding for mental health in the United States.

Virginia Tech Report:

     http://www.governor.virginia.gov/TempContent/techPanelReport.cfm

EPIC's Student Privacy page:

     http://www.epic.org/privacy/student/#history

Patient Privacy Rights

     http://www.patientprivacyrights.org/


========================================================================
[6] News in Brief
========================================================================

EPIC Urges Federal Trade Commission to Restrict Use of SSN

In comments to the Federal Trade Commission, EPIC urged the Commission
to create regulations to limit the use of the Social Security number,
but said those restrictions should "not limit the ability of the states
to develop better safeguards." In Congressional testimony and previous
comments, EPIC has consistently called for more restrictions on SSN use
and recommended the creation of context-dependent identifiers "that will
encourage the development of more robust systems for identification that
safeguard privacy and security." EPIC said "the use of the Social
Security Number as an identifier or authenticator . . . will increase
rather than decrease instances of fraud and identity theft."

Federal Trade Commission, Request for Public Comment on Private Sector
Use of Social Security Numbers:

     http://www.ftc.gov/opa/2007/07/ssncomments.shtm

EPIC Comments Urging Against Expanded Use of the SSN (Sept. 5, 2007)
(pdf):

     http://www.epic.org/privacy/ssn/ftc_ssn_090507.pdf


Internet Oversight Agency Working Group Report on Domain Name Privacy

The Internet Corporation for Assigned Names and Numbers (ICANN)'s WHOIS
working group submitted its Final Report on WHOIS. The report discusses
the implementation issues surrounding the use of an Operational Point of
Contact (OPoC) to limit public access to domain name registrants'
personal information by allowing registrants to use alternate contact
details. The report examines, among other issues, the roles,
responsibility and requirements of the OpoC and what happens if they are
not fulfilled. Rather than reaching any final decisions on
implementation issues, the report outlines implementation options and
indicates general support and/or alternative views.

Final Working Group Report on WHOIS Services (pdf):

     http://gnso.icann.org/drafts/icann-whois-wg-report-final-1-9.pdf

EPIC's WHOIS page:

     http://www.epic.org/privacy/whois/


CRS Reports on FISA Changes

A Congressional Research Service report on recent modifications to
government surveillance powers has been made available to the public.
The Protect America Act of 2007 removed some intelligence gathering from
review of the FISA court; created additional procedures for
authorization of surveillance on a program-wide basis; and set up a
procedure for the courts to review those programs. This report
summarizes the effects this new law will have on other existing laws.

The Protect America Act of 2007: Modifications to The Foreign
Intelligence Surveillance Act (pdf):

     http://www.fas.org/sgp/crs/intel/RL34143.pdf

EPIC's FISA page:

     http://www.epic.org/privacy/terrorism/fisa/


AFL-CIO v. Chertoff

The Department of Homeland Security announced changes in the process
that employers should follow, to avoid possible penalties, should the
Social Security Administration report a no match with agency records. 
The Department of Homeland Security's new policy expands the definition
of “constructive knowledge” which outlines new ways that an employer
could be found to have had knowledge that an employee was working
illegally.  The American Federation of Labour-Congress of Industrial
Unions (AFL-CIO) filed a lawsuit against the Department of Homeland
Security seeking injunctive relief in advance of the new ruling active
date of September 14, 2007.

Each person seeking employment in the US is required to fill out a W-2
form, which contains the name and social security number of the wage
earner.  The form is provided to the Social Security Administration,
which manages the largest social insurance program for retirement
benefits within the United State.  The agency checks the information on
W-2s and ensures that the retirement benefits paid by employers are
properly applied to each worker's retirement insurance account.

DHS New Rule:

     http://www.epic.org/redirect/dhs0907.html 

AFL-CIO v. Chertoff (pdf):

     http://www.epic.org/pdf/aflcio.pdf

EPIC's Workplace Privacy page:

     http://www.epic.org/privacy/workplace/


Government Quietly Ends Another Data Mining Program

This week, the Department of Homeland Security announced it would end a
federal data mining program created to troll vast amounts of data in
order to attempt to find suspicious people. DHS has spent four years and
$42 million on the Analysis, Dissemination, Visualization, Insight and
Semantic Enhancement (ADVISE) program. ADVISE was temporarily suspended
in March after a Government Accountability Office review identified
numerous privacy risks. These "include the potential for erroneous
association of individuals with crime or terrorism and the
misidentification of individuals with similar names," the GAO said. The
program was recently reviewed by the DHS Inspector General and its
Privacy Office, which recommended ending ADVISE permanently. Previous
data mining efforts by the federal government include the 2002 Total
Information Awareness system, envisioned to give law enforcement access
to private data without suspicion of wrongdoing or a warrant. Earlier
this year, the Pentagon scrapped its Threat and Local Observation
Notices (TALON) program. TALON collected unvalidated reports of
activities that were alleged to be threats to the Defense Department.
The program was heavily criticized, and the Pentagon had to apologize,
after documents revealed that TALON collected data on peaceful anti-war
and anti-nuclear meetings and protests.

Government Accountability Office, "Data Mining: Early Attention to
Privacy in Developing a Key DHS Program Could Reduce Risks" (Feb. 2007)
(pdf):

     http://www.gao.gov/new.items/d07293.pdf

EPIC's page on Total Information Awareness:

     http://www.epic.org/privacy/profiling/tia/


New York City Taxi Drivers Strike Over GPS Tracking

The New York Taxi Workers Alliance is on strike to protest the city's
requirement that Global Positioning Satellite (GPS) tracking systems be
installed in all cabs. The city has announced a contingency plan that
includes a zone-based fare structure, allowing non-striking drivers to
charge passengers more. Last year, Philadelphia cab drivers went on
strike to protest a similar plan by the Philadelphia Parking Authority.
The mandatory GPS requirement will allow the city to track all cabs and
cab drivers.

New York Taxi Workers Alliance:

     http://www.nytwa.org/

Privacy and Human Rights 2005 Report - Satellite Surveillance:

     http://www.epic.org/redirect/phr0907.html


Facebook to Share Members' Information with Public

Facebook announced that it will open its database to public search,
effectively creating an Internet white pages of its users. Non-Facebook
users will be able to search the Facebook database and will receive in
return information such as name and picture. These public profiles will
become indexed by major search engines such as Google in the coming
month. Facebook has automatically included all of its users in this
information sharing, and those who do not want their information shared
have to manually opt-out via Facebook's privacy page.

Public Search Listings on Facebook:

     http://blog.facebook.com/blog.php?post=2963412130

EPIC Social Networking and Privacy page:

     http://www.epic.org/privacy/socialnet/default.html


Secrecy Report Card 2007 Released

OpenTheGovernment.org has released its fourth annual Secrecy Report Card
2007 which looks at trends in public access to information.  The report
shows both a continued expansion of government secrecy across a broad
array of agencies and actions and some, limited, movement toward more
openness and accountability. The report also shows an unprecedented
level of restriction of access to information about federal government's
policies and decisions. Further, the current administration has also
increasingly refused to be held accountable to the public through the
oversight responsibilities of Congress. The 2007 report offers updated
numbers on presidential signing statements and invocations of the “state
secrets” privilege, and information about restrictive laws
introduced/passed in the states.

Open the Government homepage:

     http://www.openthegovernment.org

Secrecy Report Card 2007 (pdf):

     http://www.openthegovernment.org/otg/SRC2007.pdf

EPIC's FOIA page:

     http://www.epic.org/foia_notes/


========================================================================
[7] EPIC Bookstore: "The Search"
========================================================================

"The Search: How Google and Its Rivals Rewrote the Rules of Business and
Transformed Our Culture" by John Battelle (Penguin 2005)

     http://www.powells.com/partner/24075/biblio/9781591841418

By any measure, Google is remarkable company. As described in "The
Search" by industry legend John Battelle, Google combined clear purpose,
 savvy technology, smart marketing, and clever business moves to become
the most dominant Internet firm and just about the most powerful company
the world has ever seen.

Battelle describes the early days with the cofounders scrounging up
hardware at Stanford to store an ever larger database of Internet web
links, on through the collaborations with advisors, the meals at Burger
King, the meetings with investors, the bumpy IPO, and the subsequent
stratospheric rise in valuation. There is  discussion of the philosophy
of web search, the significance of PageRank, and the implications of the
semantic web.

Key to the success of Google's business model was the understanding that
the Internet is "a database of intentions." Whereas the traditional
business model for commercial advertising assumed that ads would be
linked to relevant content (for example, the ads for movies appear in
the Entertainment section of the local newspaper), Google's cofounders
realized that search alone was interest and that as search was refined,
advertising became more relevant.  For web sites seeking to monetize
content and small businesses seeking to find an online audience,
Internet advertising was the answer. For Google and others, those clicks
turned into billions of dollars.

There is in the story of Google almost a celestial elegance in the
alignment of technical achievement and market success. As Google refined
its algorithms, its market share grew. The best and the brightest were
drawn to the company. In a short period, it transformed not only the
Internet but also popular culture.

But Google's dominance may not be all to the good, as a recent editorial
in The Economist suggests. As the writers for the British magazine
observe, Google has become "a custodian of a far wider and more intimate
range of information about individuals." The company "through the sheer
speed with which it accumulates the treasure of information" tests the
limits of what society may tolerate.

There is no doubt that the power of search and the rise of online
advertising helped transform the Internet into the global digital agora
that it has become. But Google has transformed as well. No longer
focused simply on indexing web pages, the company offers almost every
conceivable online service from apps and email to commerce engines and
Google Earth, which with the most recent upgrade, now peers into the
heavens. And every transaction is methodically tagged and recorded by
Google for purposes still unknown.

Battelle's first report on Google was aptly titled "The Search." A
sequel could well be named "The Searched."

- Marc Rotenberg


================================


EPIC Publications:

"Information Privacy Law: Cases and Materials, Second Edition" Daniel J.
Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.
http://www.epic.org/redirect/aspen_ipl_casebook.html

This clear, comprehensive introduction to the field of information
privacy law allows instructors to enliven their teaching of fundamental
concepts by addressing both enduring and emerging controversies. The
Second Edition addresses numerous rapidly developing areas of privacy
law, including: identity theft, government data mining and electronic
surveillance law, the Foreign Intelligence Surveillance Act,
intelligence sharing, RFID tags, GPS, spyware, web bugs, and more.
Information Privacy Law, Second Edition, builds a cohesive foundation
for an exciting course in this rapidly evolving area of law.

================================

"Privacy & Human Rights 2005: An International Survey of Privacy Laws
and Developments" (EPIC 2006). Price: $60.
http://www.epic.org/bookstore/phr2005/phr2005.html

This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy in over
70 countries around the world. The report outlines legal protections,
new challenges, and important issues and events relating to privacy.
Privacy & Human Rights 2005 is the most comprehensive report on privacy
and data protection ever published.

================================

"FOIA 2004: Litigation Under the Federal Open Government Laws," Harry
Hammitt, David Sobel and Tiffany Stedman, editors (EPIC 2004). Price:
$40.
http://www.epic.org/bookstore/foia2004

This is the standard reference work covering all aspects of the Freedom
of Information Act, the Privacy Act, the Government in the Sunshine Act,
and the Federal Advisory Committee Act.  The 22nd edition fully updates
the manual that lawyers, journalists and researchers have relied on for
more than 25 years.  For those who litigate open government cases (or
need to learn how to litigate them), this is an essential reference
manual.

================================

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.
http://www.epic.org/bookstore/pvsourcebook

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS).  This
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals for
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more involved in the
WSIS process.

================================

"The Privacy Law Sourcebook 2004: United States Law, International Law,
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:
$40.
http://www.epic.org/bookstore/pls2004/

The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource for students,
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world. It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well
as an up-to-date section on recent developments. New materials include
the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the
CAN-SPAM Act.

================================

"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.
http://www.epic.org/bookstore/filters2.0

A collection of essays, studies, and critiques of Internet content
filtering.  These papers are instrumental in explaining why filtering
threatens free expression.

================================

EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

EPIC Bookstore http://www.epic.org/bookstore

"EPIC Bookshelf" at Powell's Books
http://www.powells.com/features/epic/epic.html

================================

EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents obtained from government agencies under the
Freedom of Information Act.

Subscribe to EPIC FOIA Notes at:
https://mailman.epic.org/cgi-bin/control/foia_notes


========================================================================
[8] Upcoming Conferences and Events
========================================================================

Georgetown University Law Center National Security Center: FISA
Modernization - National Security Surveillance In the 21st Century.
September 10, 2007. Washington, DC. For more information contact
Elizabeth Claps: elc37@law.georgetown.edu

Identity, Privacy and Security Initiative. Privacy By Design. September
17, 2007. Toronto, Canada. For more information: ipsi@utoronto.ca

7th Annual Future of Music Policy Summit. September 17-18, 2007.
Washington, DC. For more information
http://www.futureofmusic.org/events/summit07/

Data Privacy and Integrity Advisory Committee meeting. September 19,
2007. Arlington, VA. For more information contact:
PrivacyCommittee@dhs.gov

PIPA Conference: Private Sector Privacy in a Changing World. September
20-21, 2007. Vancouver, Canada. For more information:
http://www.verney.ca/pipa2007/

3rd 2007 Technical Assistance Seminar on International Implementation of
the APEC Privacy Framework. September 22-23, 2007. Vancouver, Canada.
For more information: http://www.oipcbc.org/APEC_2007.htm

Civil Society Privacy Conference: Privacy Rights in a World Under
Surveillance. September 25, 2007. Montreal, Canada. For more
information:
http://www.thepublicvoice.org/events/montreal07/default.html

29th International Conference of Data Protection and Privacy
Commissioners. September 25-28, 2007.  Montreal, Canada. For more
information:
http://www.privacyconference2007.gc.ca/Terra_Incognita_home_E.html

Dialogue Forum on Internet Rights. September 27, 2007. Rome, Italy. For
more information: http://www.funzionepubblica.it/dfir/

OECD and Industry Canada: Shaping Policies for Creativity, Confidence
and Convergence in the Digital World. October 3, 2007. Ottawa, Canada.
For more information:
http://www.oecd.org/futureinternet/participativeweb

University of Ottawa Faculty of Law: The Revealed "I". October 25-27,
2007. Ottawa, Canada. For more information:
http://www.idtrail.org/content/section/11/95/

Computer Professionals for Social Responsibility: Technology in Wartime
Conference. AJanuary 26, 2008. Stanford University. For more
information: http://cpsr.org/news/compiler/2007/Compiler200707#twc

Future of the Internet Economy - OECD Ministerial Meeting. June 14-18,
2008. Seoul, Korea. For more information:
http://www.oecd.org/document/19/0,2340,en_2649_37441_38051667
_1_1_1_37441,00.html

======================================================================
Subscription Information
======================================================================

Subscribe/unsubscribe via web interface:

https://mailman.epic.org/cgi-bin/mailman/listinfo/epic_news

Back issues are available at:

http://www.epic.org/alert

The EPIC Alert displays best in a fixed-width font, such as Courier.

========================================================================
Privacy Policy
========================================================================

The EPIC Alert mailing list is used only to mail the EPIC Alert and to
send notices about EPIC activities.  We do not sell, rent or share our
mailing list.  We also intend to challenge any subpoena or other legal
process seeking access to our mailing list.  We do not enhance (link to
other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list, please follow the above instructions under "subscription
information."

========================================================================
About EPIC
========================================================================

The Electronic Privacy Information Center is a public interest research
center in Washington, DC.  It was established in 1994 to focus public
attention on emerging privacy issues such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research.  For more information, see http://www.epic.org or write
EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202
483 1140 (tel), +1 202 483 1248 (fax).

If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible.  Checks
should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009.  Or you can contribute online at:

http://www.epic.org/donate

Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation of encryption and
expanding wiretapping powers.

Thank you for your support.

------------------------- END EPIC Alert 14.18 -------------------------

.