You are viewing an archived webpage. The information on this page may be out of date. Learn about EPIC's recent work at

EPIC Alert 17.18

======================================================================= E P I C A l e r t ======================================================================= Volume 17.18 September 14, 2010 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. "Defend Privacy. Support EPIC." ======================================================================= Table of Contents ======================================================================= [1] EPIC Challenge to Body Scanner Program Progresses in Federal Court [2] Ralph Nader and EPIC Urge Senate Hearings on Airport Body Scanners [3] EPIC Files Suit for Documents Regarding Google/NSA Partnership [4] Google Settles Buzz Lawsuit, Announces New Privacy Policy [5] Questions Remain about Future of Iraq Biometric Databases [6] EPIC's Marc Rotenberg Named to ICANN Advisory Committee [7] News in Brief [8] Upcoming Conferences and Events TAKE ACTION: Stop Airport Strip Searches! - JOIN Facebook Group "Stop Airport Strip Searches" and INVITE Friends - DISPLAY the IMAGE - SUPPORT EPIC ======================================================================= [1] EPIC Challenge to Body Scanner Program Progresses in Federal Court ======================================================================= The United States Court of Appeals for the District of Columbia Circuit has set a briefing schedule for EPIC v. DHS, No. 10-1157, EPIC's challenge to the airport body scanner program. On July 2, 2010 EPIC filed a lawsuit to suspend the deployment of body scanners at US airports, pending an independent review. EPIC filed a petition for review and motion for an emergency stay, urging the District of Columbia Court of Appeals to suspend the TSA's full body scanner program. EPIC said that the program is "unlawful, invasive, and ineffective" and violated the Administrative Procedures Act, the Privacy Act, and the Religious Freedom Restoration Act. EPIC also alleged that the body scanner search itself is unconstitutional under the Fourth Amendment, given what the courts have said about the permissible scope of airport screening procedures. On July 20, 2010 EPIC filed a reply to the government's motion in its case against DHS. In its reply, EPIC cited the growing public opposition to the program, the decision of major airports not to use body scanners, as well as the agency's failure to adequately address Constitutional concerns. EPIC's initial brief in this case will be due November 1, 2010. Subsequent briefs from DHS and EPIC will be due by December 15, 2010. As part of a related Freedom of Information Act (FOIA) lawsuit, EPIC obtained documents establishing that the DHS possessed about 2,000 body scanner photos from devices that DHS said earlier "could not store or record images." In a similar FOIA lawsuit against the DOJ, EPIC obtained evidence of over 35,000 stored images. EPIC has a pending FOIA request for documents related to body scanner radiation risks. Three US senators also recently objected to the DHS expansion of the airport body scanner program. In a letter to DHS Secretary Janet Napolitano, these Senators raised concerns that "the issue of radiation associated with the backscatter x-ray AIT machines has not been adequately addressed by TSA" and urged the agency's Chief Medical Officer, working with independent experts, to conduct a review of the health effects on travelers and airport personnel. EPIC also submitted a FOIA request to the DHS for all records of tests conducted by the agency regarding radiation impacts and launched a "Body Scanner Incident Report" on its website. EPIC: EPIC v. DHS (Suspension of Body Scanner Program) DHS: Letter to EPIC EPIC: Body Scanner Incident Report EPIC v. DHS (FOIA) EPIC v. DOJ (USMS) EPIC: FOIA Request to DHS Regarding Body Scanners and Radiation Senator Collins' letter to DHS Secretary Janet Napolitano ======================================================================= [2] Ralph Nader and EPIC Urge Senate Hearings on Airport Body Scanners ======================================================================= On September 7, 2010, Ralph Nader and EPIC President Marc Rotenberg sent letters to Senator Lieberman and Senator Collins, urging the Senate Committee on Homeland Security and Governmental Affairs to "convene a public hearing to review the government's deployment of whole-body scanners at passenger security checkpoints in US airports." The Nader/Rotenberg letter states that the Department of Homeland Security and the Transportation Security Administration have "disregarded serious questions concerning the devices' effectiveness, privacy safeguards, and potential health impacts." The potential health impacts, Nader and Rotenberg note, led a group of scientists at the University of California-San Francisco to write to President Obama's science adviser, Dr. John Holdren, urging a more systematic review of the health effects in light of "the absence of any real, independent safety data." The scientists emphasized that "the backscatter technology targets the skin and adjacent tissue, and thus the real radiation dose to the skin is higher than stated" by the Transportation Security Administration. This higher concentration of radiation is especially harmful to children, pregnant women, women genetically vulnerable to breast cancer and individuals with comprised immune systems. EPIC recently submitted a Freedom of Information Act request to the DHS for all records of tests conducted by the agency regarding radiation impacts. On August 5, 2010, Senators Collins, Coburn, and Burr sent a letter to Janet Napolitano, Secretary of the Department of Homeland Security, and John Pistole, the Administrator of the Transportation Security Administration raising concerns about the levels of radiation and the health effects of that radiation from the whole body scanners for both travelers and TSA employees. Noting that those concerns had been brought to DHS's on numerous occasions, the Senators continued, “To address the continuing concerns surrounding the use of these machines, we request that you have the Department's Chief Medical Officer, working with independent experts, conduct a review of the health effects of their use for travelers, TSA employees, and airport and airline personnel.” On August 19, 2010, Senators Lieberman and Collins expressed concerns in a letter to the U.S. Marshals Service about the ability of these whole-body scanners to store and retain images. The Senators requested that the Marshals Services provide them with "a full explanation as to why the U.S. Marshals Service was saving images from whole body imaging scans at the federal courthouse in Orlando." Additionally, they requested that the Marshals Service "identify any other locations where the U.S. Marshals Service is using whole body imaging technology, whether or not the images from scans taken at any of those locations are also being stored, and, if they are being stored, the reasons for retaining these images." The Senators urged the Marshals Service to examine and adopt privacy protocols. EPIC has also filed an emergency motion in federal court to suspend the program, pending a thorough review of the airport body scanner program in EPIC v. DHS, No. 10-1157. The United States Court of Appeals for the District of Columbia has set a briefing schedule for this motion. EPIC has alleged that that the Department of Homeland Security has violated three federal laws (the Administrative Procedures Act, the Privacy Act, and the Religious Freedom Restoration Act) and that the body scanner search itself is unconstitutional, given what the courts have said about the permissible scope of airport screening procedures. The Committee on Civil Liberties, Justice and Home Affairs of the European Parliament has also announced a hearing on the Body Scanner program for October 6, 2010. Nader/EPIC letter to Senator Lieberman Senators Lieberman and Collins letter to the US Marshals Service Senators Collins, Coburn, and Burr letter to DHS and TSA Committee on Civil Liberties, Justice and Home Affairs of the European Parliament EPIC v. DHS (Suspension of Body Scanner Program) EPIC: Body Scanners EPIC v. DHS (FOIA) ======================================================================= [3] EPIC Files Suit for Documents Regarding Google/NSA Partnership ======================================================================= On September 13, 2010, EPIC filed a Freedom of Information Act lawsuit against the National Security Agency in the United States District Court in the District of Columbia. The agency has thus far failed to substantively respond to EPIC's request for documents relating to its "Information Awareness" partnership with Google. EPIC had appealed directly to the agency, requesting that it comply with the legal duty to produce all documents relating to the partnership. The agency failed to respond within the legally allotted period to do so. In the wake of Google's January 12, 2010 announcement that hackers originating from China had attacked its corporate infrastructure, the Wall Street Journal and the Washington Post both reported that Google partnered with the agency to coordinate its security response to the attack. The Journal reported that the agency's general counsel drafted a "Cooperative Research and Development Agreement" authorizing the agency to "examine some of the data related to the intrusion into Google's systems." On February 4, 2010, EPIC sent its FOIA request to the NSA for all agency records relating to the agreement. The agency responded on March 10, 2010, stating that it would neither confirm nor deny its existing partnership with Google. Furthermore, the agency also failed to include any of the requested materials, claiming that statutory exemptions protecting its "functions and activities" absolved the agency of its legal duty under FOIA to produce the requested documents. EPIC appealed directly to the agency on May 7, 2010 disputing the agency's reasons for refusing to comply with FOIA and asserting that any specific organizational or functional information could easily be redacted from the disclosed documents. The agency has failed to respond by the statutory deadline. EPIC: Complaint to the United States District Court in the District of Columbia EPIC: Original FOIA Request Letter to the NSA EPIC: FOIA Request Appeal Letter to the NSA NSA's "Information Assurance" Website Google's Official January 12, 2010 Announcement: "A new approach to China" EPIC: Open Government Litigation ======================================================================= [4] Google Settles Buzz Lawsuit, Announces New Privacy Policy ======================================================================= On September 7th, Google entered into a provisional settlement agreement in a class action suit concerning the social network service Buzz. With Buzz, Google tried to transform its popular email service, Gmail, into an untested social networking service. As a consequence, Google transformed users' private address book contacts into publicly viewable "friends." Google immediately came under fire from users for breaching online consumer privacy and trust. Gmail users filed a class action lawsuit against Google. The plaintiffs alleged violations of federal privacy and consumer fraud laws. As part of the settlement agreement, Google will establish an $8.5 million settlement fund to pay the attorneys, compensate the lead plaintiffs, and establish a cy pres fund for "existing organizations focused on Internet privacy policy or privacy education." Earlier this year, EPIC raised similar concerns about Google Buzz in a formal complaint to the Federal Trade commission. The EPIC complaint cited clear harms to Gmail subscribers, and alleged that the change in business practices "violated user expectations, diminished user privacy, contradicted Google's privacy policy, and may have violated federal wiretap laws." The FTC responded to the complaint by sending a letter to EPIC wherein The Bureau of Consumer Protection Director stated that the EPIC complaint "raises interesting issues that relate to consumer expectations about the collection and use of their data." EPIC has also objected to a settlement in the Facebook Beacon case on the grounds that the settlement would allow Facebook, the defendant, to control the private foundation established by the settlement. The Google settlement would not establish a similar entity. On the same day that Google settled the Buzz case, it also announced changes to its privacy policy that will take effect on October 3, 2010. Twelve Google products that formerly had their own specific privacy policies will now be covered under Google's main privacy policy. These changes again raise concerns that EPIC raised in its Buzz complaint to the FTC, described above, in which EPIC argued that Google's Gmail-specific privacy policy was more protective of users than their main general privacy policy. Buzz Settlement Agreement: EPIC: FTC Buzz Complaint: Google: About Google Buzz: Facebook Beacon Settlement: FTC letter to EPIC re Buzz: EPIC: In re Google Buzz: ======================================================================= [5] Questions Remain about Future of Iraq Biometric Databases ======================================================================= President Obama's address on the end of U.S. combat missions in Iraq left open the question of what will happen to the massive databases of Iraqi biometric data armed forces accrued over the last seven years. U.S. forces collected a vast store of sensitive information through field-ready biometric scanners connected to Panasonic Toughbooks. The data has been processed and disseminated from The Biometric Fusion Center in West Virginia for a range of uses, from vetting native government employees to tracking insurgents and criminals. In 2007, EPIC, Privacy International, and Human Rights Watch wrote to Defense Department Secretary Robert Gates to express concern about the creation of secret profiles on hundreds of thousand of Iraqis, tied to unique biometric identifiers, including digital fingerprints, photographic images, iris scans, and even DNA. EPIC, Privacy International, and Human Rights Watch urged the Defense Department to "adopt clear guidelines that incorporate strong privacy safeguards to ensure that Iraqis are afforded basic human rights in their personal information." The organizations warned in their letter that the current identification practices "contravene international treaties and could lead to potentially devastating consequences." They emphasized cases in which similar caches in other conflict regions unleashed dire outcomes, such as in Rwanda in 1994 and Nazi Germany, and they highlighted historical parallels between those flashpoints and modern day Iraq. Scores of media reports have chronicled the religiously motivated violence between Sunnis and Shiites in Iraq. Iraqis travelling through checkpoints manned by rival factions depend on doctored identification documents to move through sectarian checkpoints without being profiled, harassed, tortured, and murdered. Privacy and human rights advocates fear that an unsecured pool of personally identifiable biometric data linked to tribal affiliations could set the stage for ethnic cleansing. As U.S. Army Lieutenant Colonel John W. Velliquette, Jr. stated during a public roundtable in 2007: "essentially what it becomes is a hit list if it gets in the wrong hands." President Obama's Oval Office Address from August 31, 2010 Letter from EPIC, Privacy International, and Human Rights Watch to Defense Department Secretary Robert Gates Public Roundtable with U.S. Army Lieutenant Colonel John W. Velliquette, Jr. EPIC: Iraqi Biometric Identification System ======================================================================= [6] EPIC's Marc Rotenberg Named to ICANN Advisory Committee ======================================================================= On September 7, 2010, the 2010 Internet Corporation for Assigned Names and Numbers (ICANN) Nominating Committee named EPIC President Marc Rotenberg to serve as North America representative for the At-Large Advisory Committee (ALAC) of ICANN. ICANN coordinates the worldwide registration of names and numbers unique to each Internet address, called "identifiers." The Corporation performs its technical responsibilities in accord with a set of core values. Those values include enhancing the global interoperability, security, and stability of the Internet, promoting market competition in the registration of domain names, and remaining accountable both to the Internet community and to governments and public authorities. ICANN uses the ALAC to engage individual Internet users about effectively realizing these core values. Regional At-Large Organizations are the primary venue in each of five global regions for public input to ICANN about the future development of the internet. The Advisory Committee is responsible for "representing the interests of individual Internet users at ICANN," which includes the promotion of an open and accessible public network. The Committee also selected Egypt's Cherine Chalaby, who is now the first representative of an Arab speaking community to the Board in ICANN history. Nominating Committee Chair Wolfgang Kleinwaechter said "We are proud to announce this year's selectees to ICANN's leadership. They include highly accomplished and experienced individuals from Albania, Argentina, Egypt, France, Germany, and the United States." Chair Kleinwaechter highlighted the growing internationalization of the organization since its inception in 1998. Mr. Rotenberg previously served as Board Secretary and then Chair of the Public Interest Registry. The Public Interest Registry manages the .ORG domain of over 8.5 million websites and ensures the active participation of civil society organizations at ICANN. He also helped establish the EPIC Public Voice project in 1996 to encourage civil society participation in decisions concerning thefuture of theInternet, and the Civil Society Information Society Advisory Council (CSISAC)in 2008, which promotes civil society participation in the work of the OECD on Internet policy. 2010 ICANN Nominating Committee Selection Announcement About ICANN EPIC Board and Staff: Marc Rotenberg ICAAN ALAC Public Interest Registry The Public Voice CSISAC ======================================================================= [7] News In Brief ======================================================================= New Jersey Supreme Court to Hear Arguments in Expungement Case The New Jersey Supreme Court will hear oral arguments on September 14, 2010 in the case of G.D. v. Kenny. In G.D. v. Kenny a lower court dismissed a privacy claim involving publication of information about a prior criminal act, even though the state had issued an expungement order. EPIC has filed a "friend of the court" brief, urging the New Jersey Supreme Court to preserve the right of expungement and allow the privacy case to go forward. EPIC's brief points to the increasing risk that private firms will make available inaccurate, incomplete, and out--of-date information if expungement orders are not enforced. EPIC further argues that courts do not treat truth as a defense in cases involving privacy tort claims. EPIC Advisory Board member Grayson Barber will be arguing on EPIC's behalf at the hearing. G.D. v. Kenny, Lower Court Opinion EPIC: Amicus Brief in G.D. v. Kenny Grayson Barber EPIC: Expungement EPIC: G.D. v. Kenny Surveillance Court Seeks Public Comments on Proposed Rules The Foreign Intelligence Surveillance Act (FISA) authorizes a special court, the Foreign Intelligence Surveillance Court (FISC), to undertake electronic surveillance in the United States for foreign intelligence information. The FISC is now seeking public comments concerning its procedures. Comments must be received by Monday, October 4, 2010. EPIC previously submitted an amicus brief regarding FISA authority and national security. EPIC will be submitting comments to the FISC and endorse changes that improve accountability and transparency for FISA orders. The Foreign Intelligence Surveillance Act (FISA) Foreign Intelligence Surveillance Court Proposed Rulemaking EPIC: Foreign Intelligence Surveillance Act (FISA) EPIC: Amicus brief, In re: Sealed Case No. 02-001, 310 F.3d 717 (F.I.S.C.R. 2002) EPIC: Foreign Intelligence Surveillance Act Orders 1979-2010 ================================ EPIC Publications: "Litigation Under the Federal Open Government Laws 2008," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, and Mark S. Zaid (EPIC 2008). Price: $60. Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding the substantial FOIA amendments enacted on December 31, 2007. Many of the recent amendments are effective as of December 31, 2008. The standard reference work includes in-depth analysis of litigation under Freedom of Information Act, Privacy Act, Federal Advisory Committee Act, Government in the Sunshine Act. The fully updated 2008 volume is the 24th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at: EPIC Bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: https:/ ======================================================================= [8] Upcoming Conferences and Events ======================================================================= Privacy and Security in the Future Internet 3rd Network and Information Security (NIS'10) Summer School Crete, Greece, September 13-17 2010. For more information: Internet Governance Forum 2010 Vilnius, Lithuania, 14-16 September 2010. For more information: 13th Meeting of InterAmerican Data Protection Professionals Mexico City, Mexico, 29-30 September 2010. For more information: "Internet at Liberty 2010" Central European University, Budapest, Hungary, 20-22 September 2010 Privacy Coalition Washington, DC, 24 September 2010 "W3C Worksop on Privacy and Data Usage Control" MIT, 4-5 October 2010 The Public Voice Civil Society Meeting: "Next Generation Privacy Challenges and Opportunities." Jerusalem, Israel, 25 October 2010 Conference on the Evolving Role of the Individual in Privacy Protection: 30 Years after the OECD Privacy Guidelines" Jerusalem, Israel, 26 October 2010 "32nd Int'l Conference of Data Protection and Privacy Commissioners" Jerusalem, October 2010. For more information: ======================================================================= Join EPIC on Facebook ======================================================================= Join the Electronic Privacy Information Center on Facebook http// Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Donate to EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at: Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: Back issues are available at: The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 17.18 ------------------------

Share this page:

Defend Privacy. Support EPIC.
US Needs a Data Protection Agency
2020 Election Security