EPIC logo

=======================================================================
                              E P I C   A l e r t
=======================================================================
Volume 16.11                                               June 8, 2009
-----------------------------------------------------------------------

                                Published by the
                   Electronic Privacy Information Center (EPIC)
                                Washington, D.C.

                 http://www.epic.org/alert/EPIC_Alert_16.11.html

			"Defend Privacy. Support EPIC."
			     http://epic.org/donate


=======================================================================


EPIC 15th Anniversary Dinner and the
EPIC Champion of Freedom Awards
The Fairfax at Embassy Row, Washington, DC
June 9, 2009

EPIC@15 Invitation: http://www.epic.org/epic15/invite.pdf
Your Reply: http://epic.org/epic15/reply.pdf
Register (or donate to EPIC@15): http://epic.org/register

=======================================================================
Table of Contents
=======================================================================
[1] House Approves Bill Limiting Whole-Body Imaging at Airports
[2] Administration Backs State Privacy Laws Against Challenge
[3] EPIC Submits Comments on Health Breach Notification to the FTC
[4] EPIC Urges Protections for Government Use of Social Media,
     Endorses Better Approaches on Transparency
[5] CFP Wrap-Up in Washington
[6] News in Brief
[7] EPIC Bookstore: "Lessons From the Identity Trail"
[8] Upcoming Conferences and Events
        - Join EPIC on Facebook http://epic.org/facebook
  	- Privacy Policy
  	- About EPIC
  	- Donate to EPIC http://epic.org/donate
  	- Subscription Information

=======================================================================
[1] House Approves Bill Limiting Whole-Body Imaging at Airports
=======================================================================
The House approved an amendment bill that will limit the use of Whole-
Body Imaging machines in US airports. The Transportation Security
Administration had earlier decided to replace the walkthrough metal
detectors at airports with whole body imaging devices. These devices
enable a virtual strip search that produces detailed naked images of
individuals, including females and young children. The technology
provides little additional security beyond other screening techniques,
including magnetometers, physical examination, and baggage inspection.

The amendment, put forward by Congressman Jason Chaffetz (R-UT), aims
to establish limitations on the use of this invasive technology for
aircraft passenger screening. The bill prohibits the use of these
devices as the sole or primary method of screening aircraft passengers,
unless another method of screening, such as metal detection, 
demonstrated cause for preventing such passenger from boarding an
aircraft.

The proposed law also mandates that TSA officials provide a passenger
with information on the operation of such technology, on the image
generated by such technology, on privacy policies relating to such
technology, and on the right to request a pat-down search in lieu of
such screening. The proposed law also expressly prohibits the storage,
transfer, sharing and copying of the images generated by whole body
imaging technology after the boarding determination with respect to
such passenger is made. Misuse of the law by TSA employees will result
in a penalty of fine or imprisonment.

The House voted 310-118 in support of the Chaffetz amendment to the TSA
authorization bill. The Chaffetz amendment had earlier been introduced
as a separate bill before being incorporated into the Transportation
Security Administration Authorization Act. EPIC had launched a campaign
and a Facebook Group seeking to raise public awareness and help stop
Whole Body Imaging. EPIC and thirty other organizations sent a letter
to DHS Secretary Napolitano urging DHS to suspend the program and begin
a formal rulemaking, and investigate less invasive means of screening.


House Vote on Chaffetz Amendment:
     http://clerk.house.gov/evs/2009/roll305.xml

Chaffetz Amendment (Section 215):
     http://thomas.loc.gov/cgi-bin/query/z?c111:H.R.2200:

Whole-Body Imaging:
     http://www.tsa.gov/approach/tech/body_imaging.shtm

Congressman Chaffetz Seeks to Ban Whole-Body Imaging at Airports:
     http://epic.org/redirect/042809_Chaffetz_WBI.html

Congressman Jason Chaffetz:
     http://www.chaffetz.house.gov/about/index.shtml

Aircraft Passenger Whole-Body Imaging Limitations Act, H.R. 2027:
     http://epic.org/redirect/042809_Chaffetz_WBI_LimiAct.html

EPIC's Campaign to Stop TSA's Use of Whole Body Imaging:
     http://privacycoalition.org/stopwholebodyimaging/

EPIC's letter to DHS Secretary Napolitano:
     http://epic.org/redirect/060809_EPIC_DHS_Napolitano_WBI.html

EPIC's Page on Whole body Imaging:
     http://epic.org/privacy/airtravel/backscatter/

EPIC's Spotlight on Surveillance on Whole Body Imaging:
     http://epic.org/privacy/surveillance/spotlight/0605/

Facebook Group: Stop Airport Strip Searches:
     http://www.facebook.com/group.php?gid=179598280013



=======================================================================
[2] Administration Backs State Privacy Laws Against Challenge
=======================================================================

In a filing this week, the Department of Justice urged the nation's
highest court to leave intact California's financial privacy law,
saying the law does not impose hardships on banks. The California law,
Financial Information Privacy Act of 2003 (SB-1), provides strong
financial privacy safeguards, including the right to curtail sale of
personal information by financial firms to affiliated companies, and
to prohibits the sale of data to non-affiliates unless consumers
explicitly "opt-in."

Earlier, the Ninth Circuit reversed a lower court ruling and reinstated
the right of California consumers to stop all sharing of personal
information within affiliated companies, as long as it did not pertain
to credit worthiness. A consortium of financial services companies have
challenged the law and, in December 2008, asked the Supreme Court to
consider the case. The firms argued that the California statute
conflicts with other federal rules. The Supreme Court requested the
Administration's view on the case, and has often followed the
Department's opinions.

The filing came a week after President Obama issued an executive order
reversing the policy of the earlier administration of regularly using
federal regulations to pre-empt state and local laws on consumer and
environmental protection. The Obama Administration has adopted the
policy that preemption of State law by executive departments and
agencies should be undertaken only with full consideration of the
legitimate prerogatives of the States, and with a sufficient legal
basis for preemption. President Obama had further stated that
"Executive departments and agencies should be mindful that in our
Federal system, the citizens of the several States have distinctive
circumstances and values, and that in many instances it is appropriate
for them to apply to themselves rules and principles that reflect these
circumstances and values."

Earlier in the litigation, EPIC urged a federal appeals court to uphold
the California privacy law after banks challenged the law, and argued
that the federal Fair Credit Reporting Act supersedes the California
protections. The EPIC brief argued that affiliate sharing causes
identity theft and fraud, and is inconsistent with fair information
practices.

Supreme Court Docket:
     http://www.supremecourtus.gov/docket/08-730.htm

EPIC's brief in ABA v. Brown:
     http://epic.org/privacy/preemption/lockyer_brief.html

Petition for Review (ABA v. Brown):
     http://epic.org/privacy/preemption/Brief03-16-09084221.pdf

Brief for Respondents in Opposition to Petition (ABA v. Brown):
     http://epic.org/privacy/preemption/BriefofRespondents.pdf

Reply to Respondents' Brief (ABA v. Brown):
     http://epic.org/privacy/preemption/BriefofPetitioners.pdf

White House Press Release on Preemption:
     http://epic.org/redirect/060809_Whitehouse_Preemption_memo.html

EPIC's Page on ABA v. Brown:
     http://epic.org/privacy/preemption/abavlockyer.html

EPIC's Page on Privacy and Preemption:
     http://epic.org/privacy/preemption/

EPIC's Page on the FCRA:
     http://epic.org/privacy/fcra/



=======================================================================
[3] EPIC Submits Comments on Health Breach Notification to the FTC
=======================================================================

The Federal Trade Commission proposed a rule requiring vendors of
medical records and related entities to notify individuals when the
security of such medical information is compromised. The creation of
such rule was mandated under the American Recovery and Reinvestment
Act. The FTC sought comments on the proposed rule.

EPIC submitted comments recommending that the scope of the Commission's
authority be construed as broadly as possible, and that regulation
should include all entities that handle medical information be subject
to the rule. EPIC advised that the rule "provides the FTC with a unique
opportunity to strengthen privacy regulations covering [personal health
records] breaches, assess the strengths and weaknesses of such a
regime, and file a report with Congress." With regard to the difference
between information that had been "accessed" or "acquired," as per the
proposed rule, EPIC supported the presumption that if any information
could be accessed by an unauthorized person was acquired, it would
trigger notice obligations.

The FTC rule also provided Safe Harbor for de-identified information.
EPIC stated that such a provision created significant risks to personal
privacy and would undermine the purpose of the Act. EPIC raised
objections stating that de-identified information was not necessarily
anonymous since research has shown that a particular set of data could
be traced back to an individual. With respect to provisions for
media notices, EPIC advised the use of providing notice through the
home page of the entity's website, or provide notice in major print or
broadcast media. EPIC also encouraged the FTC to look into
opportunities that would improve the adequacy of notice when the breach
occurred by adopting new media technologies.

EPIC also recommended that the federal agency create comprehensive
privacy and security standards, and impose penalties on entities
storing health records whose security protocols do not meet minimum
security minimum requirements, resulting in data breaches. EPIC
supported the creation of a private right of action, including
statutory damages and/or civil penalties, in addition to injunctive
relief. EPIC also suggested preserving a private cause of action which
would enable the burden of enforcement on the private party and not
leave it exclusively upon the Commission. Among other suggestions,
EPIC advised the federal agency to require verification that consumers
receive data breach notifications and establish a central location to
track and announce breaches.

EPIC's Comments to the FTC:
     http://epic.org/privacy/medical/Comments_on_FTC_EHR-EPIC.pdf

FTC Proposed Rule:
     http://www.ftc.gov/os/2009/04/R911002healthbreach.pdf

Federal Register:
     http://edocket.access.gpo.gov/2009/pdf/E9-8882.pdf

FTC Public Comment Submission (Deadline June 1, 2009):
     http://www.ftc.gov/os/publiccomments.shtm

The American Recovery and Reinvestment Act of 2009:
     http://epic.org/redirect/022309_Stimulus_Act.html



=======================================================================
[4] EPIC Urges Protections for Government Use of Social Media,
     Endorses Better Approaches on Transparency
=======================================================================

The Department of Homeland Security is seeking public comments on
"any issue of fact, law, or policy related to privacy issues posed by
Government use of social media" and developing best practices. The
agency plans to "develop a comprehensive record regarding Government
use of social media." Pursuant to such notice, EPIC submitted comments
on the benefits, issues and privacy best practices.

EPIC recommended that government websites not track users; Privacy Act
protections apply to all data collected by the government and
government contractors; prohibit commercialization of information on
users visiting government sponsored social media resources; apply
meaningful rules for public participation in government decisions; and
promote open government and protect privacy. EPIC also advised the
agency that use of social media be limited to providing information and
directing users to official sites for providing benefits or services;
not make social media sites forums for issue discussion outside the
purview of relevant regulations; and apply laws that help public
participation in decisions by government apply to all new technology
platforms. Other suggestions were to restrict official comments for
agency rulemaking to official agency sites, and the use of a model
certification system.

President Obama, in an effort to develop a new open government policy,
had directed his Administration to develop recommendations on
Transparency and Open Government. The first phase involved an online
brainstorming session and submission of ideas. EPIC submitted
proposals suggesting that users are not tracked on government sites;
promoting open government; allowing meaningful public participation in
government decisions; stopping commercialization of personal data; and
the application of Privacy Act to all data collected by the Government.

The next phase, Discussion, invites public comments focusing on
several transparency themes: principles, governance, access, data, and
operations, to be followed by a series of posts on participation and
collaboration. The Office of Science and Technology Policy, which
oversees the initiative, wanted to include a set of transparency
principles. Seeking help articulating those principles, definitions
and the rationale behind them, the Chief Technology Officer also
expressed the necessity of explaining what the principles meant in
practice and the need to prioritize them.

Department of Homeland Security:
     http://www.dhs.gov

Privacy Office of DHS:
     http://www.dhs.gov/privacy

DHS Notice of Public Comments:
     http://edocket.access.gpo.gov/2009/E9-8868.htm

EPIC's comment to DHS:
     http://epic.org/privacy/socialnet/dhs_socialnetworking-6-09.pdf

EPIC's page on The Privacy Act of 1974:
     http://epic.org/privacy/1974act/

EPIC's Social Networking Page:
     http://epic.org/privacy/socialnet/default.html

EPIC's Page on Network Advertising Initiative:
     http://epic.org/privacy/internet/NAI_analysis.html

EPIC's page on Deep Packet Inspection:
     http://epic.org/privacy/dpi/

Open Government Initiative:
     http://www.whitehouse.gov/open/

Office of Science and Technology Policy, Executive Office of the
President, Transparency and Open Government:
     http://edocket.access.gpo.gov/2009/pdf/E9-12026.pdf

Brainstorming Session:
     http://opengov.ideascale.com/

EPIC's Comments in the Brainstorming Phase:
     http://opengov.ideascale.com/akira/pmd/6537-4049

EPIC's Submission: Users Are Not Tracked on Government Sites:
     http://opengov.ideascale.com/akira/dtd/3544-4049

EPIC's Submission: Promoting Open Government:
     http://opengov.ideascale.com/akira/dtd/3533-4049

EPIC's Submission: Allowing Meaningful Public Participation:
     http://opengov.ideascale.com/akira/dtd/3536-4049

EPIC's Submission: Stopping Commercialization of Personal Data:
     http://opengov.ideascale.com/akira/dtd/3538-4049

EPIC's Submission: Application of Privacy Act to Data Collected:
     http://opengov.ideascale.com/akira/dtd/3540-4049

EPIC's Page on Open Government:
     http://epic.org/open_gov/

EPIC's FOIA Litigation Manual 2008:
     http://epic.org/bookstore/foia2008/
  
OSTP Blog:
     http://blog.ostp.gov/



=======================================================================
[5] CFP Wrap-Up in Washington
=======================================================================

The 19th Annual Computers Freedom and Privacy conference was held at
the Marvin Center at George Washington University Law School in
Washington, DC on June 1-4, 2009. The gathering brought 400 academics,
researchers, activists, government officials, and students to
workshops, and held plenary sessions, and presentations on cutting edge
privacy and technology challenges. The program opened with a day long
tutorial on social activism.  

The first full day of the conference began with a presentation by Susan
Crawford, the Special Assistant to the President for Science,
Technology, and Innovation Policy and Member of the National Economic
Council. Over the course of the event debates and discussions covered
the future of privacy, censorship, FISA, psychology of security and
privacy, as well as special topic discussion on Internet voting, Social
Networking, medical privacy and many others.

EPIC staff, board, and advisory board members presented at the meeting
on a number of topics including: the Future of Security vs. Privacy,
Does Government Secrecy Still Make Sense in the Internet Age, Internet
Activism: 20 Years After Tiananmen, Google Book Deal, Social Justice
Activism in the US and Beyond. 

Lillie Coney, EPIC's Associate Director, closed the meeting with a
final plenary panel on the Panopticon: Internalizing the Gaze [of
Government Surveillance]. Panelists included Thomas Tamm, the DOJ
whistleblower who helped shed light of the illegal domestic warrantless
wiretap program; Dr. Steven Hatfill, former government virologist and
bio-weapons expert accused in the Anthrax attacks and later cleared;
Rebecca MacKinnon, a journalist working in China who lived with
government surveillance; Anne Roth, who's partner was accused of
terrorism and later released by the German Supreme Court; and Patrick
Elder, a Maryland Anti-War activist whom the state police had labeled
as a terrorist in criminal databases.


Google Book Deal Panel
     http://www.ustream.tv/recorded/1596405
 
Links: Panopticon: Internalizing the Gaze [of Government Surveillance]:
     http://www.ustream.tv/recorded/1606336

CFP Cybercast Episodes:
     http://www.ustream.tv/channel/cfp09

The Future of Security vs. Privacy:
     http://www.ustream.tv/recorded/1595452

CFP 2009:
     http://cfp2009.org

CFP 2009 Program:
     http://www.cfp2009.org/wiki/index.php/Program



=======================================================================
[6] News in Brief
=======================================================================

Despite Objections, Enhanced Identity Documents Required for Travel

The Western Hemisphere Travel Initiative went into effect on June 1,
2009, despite substantial privacy and security risks. The federal
government now requires US citizens as well as citizen of Canada,
Mexico, and Bermuda to present identity documents when entering the
US. These documents incorporate RFID technology that jeopardizes the
privacy and security of US travelers. EPIC has previously urged the
State Department to abandon the proposal. Senator Leahy has also
criticized the program and said that improper implementation could
impede the flow of people and goods across US borders.


Western Hemisphere Travel Initiative:
     http://www.dhs.gov/xprevprot/programs/gc_1200693579776.shtm

WHTI Land and See Final Rule:
     http://www.dhs.gov/xlibrary/assets/whti_landseafinalrule.pdf

DHS / State Department WHTI Final Rule, November 24, 2006:
     http://edocket.access.gpo.gov/2006/pdf/06-9402.pdf

EPIC's Comments on WHTI:
     http://epic.org/privacy/rfid/whti_080107.pdf

CBP: Travel:
     http://www.cbp.gov/xp/cgov/travel/vacation/ready_set_go/

CBP- WHTI:
     http://www.getyouhome.gov/html/eng_map.html

EPIC's page on RFID:
     http://epic.org/privacy/rfid

EPIC's Comments on RFID Passport:
     http://epic.org/privacy/rfid/rfid_passports-0405.pdf

Department of State - Western Hemisphere Travel Initiative:
     http://travel.state.gov/travel/cbpmc/cbpmc_2223.html

Senator Leahy on Western Hemisphere Travel Initiative:
     http://leahy.senate.gov/issues/Immigration/WHTI.html

EPIC's Spotlight on Surveillance: September 2007:
     http://epic.org/privacy/surveillance/spotlight/0907/default.html



President Announces Privacy Safeguards for Cybersecurity Initiative

President Obama announced a Cybersecurity Initiative by releasing
a review by the National Security Council and Homeland Security Council
and outlined on a range of actions to be pursued in several areas.
"So cyberspace is real. And so are the risks that come with it,"
he remarked. "It's about the privacy and the economic security
of American families," he added. President Obama also stated that he
was aware how it felt to have privacy violated when it happened to him
during his Presidential campaign. Creating a new office at the White
House to be led by the Cybersecurity Coordinator, President Obama
announced five outlines: (1) Developing a comprehensive strategy to
secure America's information and communications networks; (2) Ensuring
an organized and unified response to future cyber incidents;
(3) Strengthening the public/private partnerships that are critical
to the initiative; (4) Investing in cutting-edge research and
development necessary for the innovation and discovery needed; and
(5) beginning a national campaign to promote cybersecurity awareness
and digital literacy. President Obama emphasized that the initiative,
however, did not include monitoring private sector networks or Internet
traffic. "We will preserve and protect the personal privacy and civil
liberties that we cherish as Americans," President Obama concluded.

Cyberspace Policy Review:
     http://epic.org/redirect/060809_Whitehouse_CyberSpace_PolRev.html

Remarks by President Obama: Cyber Infrastructure:
     http://epic.org/redirect/060809_Obama_CyberInfra.html

EPIC's Page on Critical Infrastructure Protection:
     http://epic.org/security/cip/

EPIC's Page on Computer Security Act of 1987:
     http://epic.org/crypto/csa/



Report Finds Widespread Website Data Sharing

A report published by researchers at the University of California,
Berkeley School of Information showed that the most popular websites
in the United States share data with their corporate affiliates and
allow third parties to collect information directly using "web bugs,"
although stating the contrary. Calling for significant changes in
the privacy policies, the researchers recommended that website
operators and third-party trackers inform users about all the
information that has been collected about them, and with whom they
have shared it. Secondly, they recommended that users be allowed to
choose whether or not websites can share information about them with
corporate affiliates.

Press Release:
     http://berkeley.edu/news/media/releases/2009/06/02_webprivacy.shtml

Know Privacy:
     http://www.knowprivacy.org/

Full Report:
Joshua Gomez, Travis Pinnick, and Ashkan Soltani, "KnowPrivacy:"
     http://www.knowprivacy.org/report/KnowPrivacy_Final_Report.pdf

EPIC's Page on Proposed Google/DoubleClick Merger:
     http://epic.org/privacy/ftc/google/

EPIC's Page on Cloud Computing:
     http://epic.org/privacy/cloudcomputing/default.html

EPIC's Page on Network Advertising Initiative:
     http://epic.org/privacy/internet/NAI_analysis.html

EPIC's Page on Tools for Protecting Online Privacy:
     http://epic.org/privacy/tools.html



Sears Settles With FTC Over Tracking Software

The Federal Trade Commission had filed a complaint against Sears
Holdings Management Corporation alleging violation of the Federal Trade
Commission Act by failing to disclose adequately the scope of
consumers' personal information it collected via a downloadable
software application. According to the FTC's complaint, Sears invited
certain consumers visiting the sears.com and kmart.com Web sites to
become members its community by soliciting these consumers to
"participate in exciting, engaging, and on-going interactions – always
on your terms and always by your choice." The Commission vote to
approve the administrative complaint and proposed settlement agreement
was 4-0. The settlement contains standard reporting and record-keeping
provisions to allow the agency to monitor compliance.

Press Release:
     http://www.ftc.gov/opa/2009/06/sears.shtm

FTC Complaint:
     http://www.ftc.gov/os/caselist/0823099/090604searscomplaint.pdf

FTC Agreement:
     http://www.ftc.gov/os/caselist/0823099/090604searsagreement.pdf

EPIC's Page on Deep Packet Inspection and Privacy:
     http://epic.org/privacy/dpi/

EPIC's Page on Cookies:
     http://epic.org/privacy/internet/cookies/

Privacy Policies without Privacy Protection:
     http://epic.org/reports/surfer-beware3.html



Right to Access to Information in the Americas Move Forward

The Carter Center in collaboration with the Organization of American
States, the Andean Commission of Jurists and the Knight Center for
Journalism in the Americas, held a meeting in Lima, Peru from April
28-30, 2009 to find potential solutions to advance the right of
access to information in the Americas. More than 115 participants from
18 countries in the Americas, representing governments, civil society
organizations, international and regional bodies and financial
institutions, donor agencies and foundations, the private sector,
media outlets and scholars released the Americas Regional Finding and
Plan of Action. The publication provides a blueprint for the regional
and international community, states and non-state actors to establish,
develop, and nurture the right of access to information in the Americas
region.


Carter Center, Americas Regional Conference on the Right of Access
to Information (2009):
http://www.cartercenter.org/peace/americas/ati_conference/2009/index.html

Americas Regional Findings and Plan of Action for the Advancement
of the Right of Access to Information (2009):
     http://epic.org/redirect/060809_Lima_AmericanFindings.html

Atlanta Declaration and Plan of Action (2008):
     http://epic.org/redirect/060809_AtlantaDeclaration.html

EPIC's page on Open Government:
     http://epic.org/open_gov/

The Public Voice:
     http://www.thepublicvoice.org 



=======================================================================
[7] EPIC Bookstore: "Lessons From the Identity Trail"
=======================================================================

"Lessons From the Identity Trail"
edited by Kerr, Steeves, Lucock.

     http://www.amazon.com/gp/product/0195372476?tag=e03a6-20

Description:
During the past decade, rapid developments in information and
communications technology have transformed key social, commercial and
political realities. Within that same time period, working at something
less than internet speed, much of the academic and policy debates
arising from these new and emerging technologies have been fragmented.
There have been few examples of interdisciplinary dialogue about the
potential for anonymity and privacy in a networked society. Lessons
from the Identity Trail fills that gap, and examines key questions
about anonymity, privacy and identity in an environment that
increasingly automates the collection of personal information and uses
surveillance to reduce corporate and security risks.

This project has been informed by the results of a multi-million
dollar research project that has brought together a distinguished array
of philosophers, ethicists, feminists, cognitive scientists, lawyers,
cryptographers, engineers, policy analysts, government policy makers
and privacy experts. Working collaboratively over a four-year period
and participating in an iterative process designed to maximize the
potential for interdisciplinary discussion and feedback through a
series of workshops and peer review, the authors have integrated
crucial public policy themes with the most recent research outcomes.

Review:

"This volume promises to make important contributions to policy and
scholarly thinking about developments in information technologies and
changes in social, cultural and personal practices and values. Ian Kerr
and his talented colleagues explore the intricacies of privacy,
identity and anonymity applying fresh analytical approaches, revealing
the limitations of several traditional concepts, and identifying new
insights on these critically important issues. The editors have
effectively fused a range of multidisciplinary perspectives to enrich
and sharpen the analysis and intellectual contribution. This book is
likely to generate more informed and nuanced dialogue among scholars,
technologists, and policymakers."

--Priscilla M. Regan, George Mason University

(- as published by The Oxford University Press)

================================
EPIC Publications:

"Litigation Under the Federal Open Government Laws 2008," edited by
Harry A. Hammitt, Marc Rotenberg, John A. Verdi, and Mark S. Zaid
(EPIC 2008). Price: $60.

http://epic.org/bookstore/foia2008/
	
Litigation Under the Federal Open Government Laws is the most
comprehensive, authoritative discussion of the federal open access
laws. This updated version includes new material regarding the
substantial FOIA amendments enacted on December 31, 2007. Many of the
recent amendments are effective as of December 31, 2008. The standard
reference work includes in-depth analysis of litigation under Freedom
of Information Act, Privacy Act, Federal Advisory Committee Act,
Government in the Sunshine Act. The fully updated 2008 volume is the
24th edition of the manual that lawyers, journalists and researchers
have relied on for more than 25 years. 

================================

"Information Privacy Law: Cases and Materials, Second Edition" Daniel
J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.

http://www.epic.org/redirect/aspen_ipl_casebook.html

This clear, comprehensive introduction to the field of information
privacy law allows instructors to enliven their teaching of fundamental
concepts by addressing both enduring and emerging controversies. The
Second Edition addresses numerous rapidly developing areas of privacy
law, including: identity theft, government data mining and electronic
surveillance law, the Foreign Intelligence Surveillance Act,
intelligence sharing, RFID tags, GPS, spyware, web bugs, and more.
Information Privacy Law, Second Edition, builds a cohesive foundation
for an exciting course in this rapidly evolving area of law.

================================

"Privacy & Human Rights 2006: An International Survey of Privacy Laws
and Developments" (EPIC 2007). Price: $75.
http://www.epic.org/phr06/

This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy in over
75 countries around the world. The report outlines legal protections,
new challenges, and important issues and events relating to privacy.
Privacy & Human Rights 2006 is the most comprehensive report on privacy
and data protection ever published.

================================

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.

http://www.epic.org/bookstore/pvsourcebook

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS). This
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals for
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more involved in the
WSIS process.

================================

"The Privacy Law Sourcebook 2004: United States Law, International Law,
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:
$40.

http://www.epic.org/bookstore/pls2004/

The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource for students,
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world. It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as
well as an up-to-date section on recent developments. New materials
include the APEC Privacy Framework, the Video Voyeurism Prevention Act,
and the CAN-SPAM Act.

================================

"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.

http://www.epic.org/bookstore/filters2.0

A collection of essays, studies, and critiques of Internet content
filtering. These papers are instrumental in explaining why filtering
threatens free expression.

================================

EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

EPIC Bookstore
http://www.epic.org/bookstore

"EPIC Bookshelf" at Powell's Books
http://www.powells.com/bookshelf/epicorg.html

================================

EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents obtained from government agencies under the
Freedom of Information Act.

Subscribe to EPIC FOIA Notes at:
https:/mailman.epic.org/mailman/listinfo/foia_notes


=======================================================================
[8] Upcoming Conferences and Events
=======================================================================

EPIC 15th Anniversary Dinner and the EPIC Champion of Freedom Awards,
The Fairfax at Embassy Row, Washington, DC, June 9, 2009. For
invitation, see http://www.epic.org/epic15/invite.pdf. Register at
http://epic.org/register

IAPP - Practical Privacy Series - "Data Breach," "Data Governance,",
"Human Resources," and "Information Security and Privacy." 
Network Meeting Center at Techmart, Santa Clara, CA. June 17-18,
For more information, 
https://www.privacyassociation.org/index.php

"The Transformation of Privacy Policy," Institutions, Markets
Technology Institute for Advanced Studies (IMT), Lucca, Italy,
July 2-4, 2009.

Engaging Data: First International Forum on the Application and
Management of Personal Electronic Information hosted by
SENSEable City Lab, Massachusetts Institute of Technology.
For more information,
http://senseable.mit.edu/engagingdata



=======================================================================
Join EPIC on Facebook
=======================================================================

Join the Electronic Privacy Information Center on Facebook
http://epic.org/facebook

Start a discussion on privacy. Let us know your thoughts.
Stay up to date with EPIC's events.
Support EPIC.


=======================================================================
Privacy Policy
=======================================================================

The EPIC Alert mailing list is used only to mail the EPIC Alert and to
send notices about EPIC activities. We do not sell, rent or share our
mailing list. We also intend to challenge any subpoena or other legal
process seeking access to our mailing list. We do not enhance (link to
other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list, please follow the above instructions under "subscription
information."


=======================================================================
About EPIC
=======================================================================

The Electronic Privacy Information Center is a public interest research
center in Washington, DC. It was established in 1994 to focus public
attention on emerging privacy issues such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research. For more information, see http://www.epic.org or write
EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202
483 1140 (tel), +1 202 483 1248 (fax).

=======================================================================
Donate to EPIC
=======================================================================

If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible. Checks
should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009. Or you can contribute online at:

http://www.epic.org/donate

Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation of encryption and
expanding wiretapping powers.

Thank you for your support.


=======================================================================
Subscription Information
=======================================================================

Subscribe/unsubscribe via web interface:
http://mailman.epic.org/mailman/listinfo/epic_news

Back issues are available at:
http://www.epic.org/alert


The EPIC Alert displays best in a fixed-width font, such as Courier.


------------------------- END EPIC Alert 16.11 ------------------------

.