You are viewing an archived webpage. The information on this page may be out of date. Learn about EPIC's recent work at

EPIC Alert 17.23

======================================================================= E P I C A l e r t ======================================================================= Volume 17.23 November 19, 2010 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. "Defend Privacy. Support EPIC." -- PRIVACY UPDATE -- Support Nov. 24 Opt-Out Day Report All Screening Experiences at EPIC Body Scanner Incident Report ======================================================================= Table of Contents ======================================================================= [1] EPIC Files Amicus Brief in Supreme Court Case on "Personal Privacy" [2] Senate Hearings Grill TSA on Full Body Scanners in Airports [3] FCC Investigates Google Street View [4] EPIC Body Scanner Lawsuit Faces Challenge, Endorsed by Libertarians [5] Europe Moves Forward with New Strategy for Privacy Protection [6] News in Brief [7] EPIC Book Review: "The Master Switch" [8] Upcoming Conferences and Events TAKE ACTION: Stop Airport Strip Searches! - JOIN Facebook Group "Stop Airport Strip Searches" and INVITE Friends - DISPLAY the IMAGE - SUPPORT EPIC ======================================================================= [1] EPIC Files Amicus Brief in Supreme Court Case on "Personal Privacy" ======================================================================= EPIC filed a "friend of the court" brief in a Supreme Court case. The case concerns the meaning of an exemption in the Freedom of Information Act. The exemption protects any requested records whose public disclosure "could reasonably be expected to constitute an unwarranted invasion of personal privacy." The Supreme Court is reviewing a federal court of appeals opinion holding that AT&T, a corporation, has the same personal privacy rights as human beings. Around 2004, AT&T employees failed to comply with three different FCC regulations. First, they billed the government in one funding year for services provided during the previous funding year. Second, they billed for services the government had not authorized. Third, they billed for services not eligible for government funding. The Federal Communications Commission investigated these failures, but AT&T settled with the Commission. The Commission's investigation files are the subject of the Freedom of Information Act request at issue here. The Freedom of Information Act request AT&T is fighting to suppress would reveal key information about the telecommunication company's government contract work in New London, Connecticut. The lower court halted the public disclosure of AT&T's records. EPIC urged the Supreme Court to overturn the lower court's decision and disclose the investigation files, or else "[the lower court's opinion] would stand as an outlier, untethered to common understanding, legal scholarship, technical methods, or privacy law." To buttress its argument, EPIC cited the commonly understood meaning of "personal privacy" in the work of legal scholars and technical experts, as well as the use of these terms in an extensive survey of U.S. privacy laws. The Supreme Court decided to review the lower court's opinion on September 28, 2010. The Solicitor General filed the Commission's brief on November 9, 2010. Oral argument is scheduled for January 19, 2011. EPIC's "Friend of the Court" Brief Supreme Court's Grant of Certiorari Solicitor General/Federal Communication Commission's Brief Lower Court Opinion EPIC: FCC v. AT&T ======================================================================= [2] Senate Hearings Grill TSA on Full Body Scanners in Airports ======================================================================= The Senate Committee on Commerce, Science, and Transportation held an oversight hearing on the Transportation Security Administration on November 17, 2010. John S. Pistole, the TSA Administrator, testified. Senators asked Pistole tough questions about the privacy and health implications of airport body scanners. Senators also asked about the invasiveness of pat-downs and the problems that the machines pose for religious objectors. Pistole failed to provide proof of independent studies regarding radiation risks and consistently downplayed privacy and religious concerns. EPIC has filed a lawsuit to suspend the body scanner program, calling it "unlawful, invasive, and ineffective." EPIC argues that the machines violate the federal Privacy Act, the Administrative Procedures Act, the Fourth Amendment, the Video Voyeurism Prevention Act, and the Religious Freedom Restoration Act. Opposition to the program is growing: The American Pilots Association, Airline CEOs, flyers rights organizations, religious groups, and others are calling for an end to invasive searches at airports. Libertarian Party Chair Mark Hinkle stated, "[t]he fact that I want to travel on an airplane does not make me a threat, and it does not allow anyone to conduct a warrantless search under my clothing." The Libertarian Party exhorted its constituents to call their members of Congress and "tell them that they don't want this expensive, worthless, intrusive, unconstitutional program." Kate Hanni, Executive Director of, called for "a robust debate by aviation security experts and a full presentation to an expanded Aviation Security Advisory Committee with opportunity for critics to be heard before these new procedures are implemented." The new security measures, Hanni stated, "should require an extreme justification." In a letter to his members, Captain Mike Cleary, President of the American Pilots Association, urged pilots not to submit to body scanner screening because "frequent exposure to TSA-operated scanner devices may subject pilots to significant health risks." Additionally, the body-scanner machines and enhanced pat downs are "intrusive and have been implemented almost overnight" leaving no time for public comment and are effectively a form of "sexual-molestation" that adversely affects pilots who are moments away from being in the flight deck. Captain Cleary finds that the TSA is acting with "unchecked" authority. A National Opt-Out Day is scheduled for November 24. Senate Committee on Commerce, Science, and Transportation Senate Oversight Hearing on TSA Senate Oversight Hearing on TSA: John S. Pistole Testimony Press Release: "Libertarians Oppose Abusive TSA Strip-search Machines" American Pilots Association, Letter to Pilots The Fiqh Council of North America, Council on American-Islamic Relations, National Opt-Out Day EPIC: Whole Body Imaging EPIC: EPIC v. DHS (Suspension of Body Scanner Program) ======================================================================= [3] FCC Investigates Google Street View ======================================================================= The Federal Communications Commission (FCC) has opened an investigation into Google's secretive interception and collection of wi-fi data collection. Google has been collecting wi-fi data in thirty countries over a three-year period through its Google "Street View" vehicles, which Google originally maintained merely collected images. In May, EPIC filed a complaint with the Commission, asking it to investigate Google's possible violations of federal wiretap law and the U.S. Communications Act. Several countries have investigated Google's wi-fi data collection and issued findings that Google violated their laws, including the U.K, Germany, Spain, and Canada. Other countries, such as France and Italy, are still investigating. Additionally, Connecticut Attorney General Richard Blumenthal announced that 38 states and the District of Columbia are seeking additional information about Google's collection of wi-fi data from private, residential computer networks. In the midst of these investigations, Google was forced to admit that it had been collecting wi-fi data for three years, and that it had collected full emails, passwords, and URLs. Google has since ceased the collection of wi-fi data by its Street View cars. The Federal Trade Commission (FTC) recently sent a letter to Google, ending its inquiry into Google Street View. In a letter to Google's law firm, David Vladeck, director of the Bureau of Consumer Protection at the FTC, explained that while he has "concerns" about Google's "internal review process," the agency is satisfied by steps Google has taken and "assurances" Google has made to the agency. EPIC has requested documents from the FTC under the Freedom of Information Act to determine the scope of inquiry and the reason it was ended. In May, the Federal Trade Commission was asked by members of Congress to investigate Google's secretive collection of wi-fi data as part of Street View. In the letter, the Representatives asked the FTC whether Google's actions "form the basis of an unfair or deceptive act or practice that constitutes harm to consumers" and whether Google's actions are "illegal under federal law." No response by the FTC to this letter can be found on the Congressmen's website. In addition, unlike the FCC, the Federal Trade Commission never pursued an independent investigation of Street View, examined the data collected by Google in the United States, or even acknowledged the findings of other agencies Wall Street Journal: FCC Investigation EPIC: Letter to FCC (May 21, 2010) FTC: Letter to Google (Oct. 27, 2010) Letter from Markey and Barton to FTC (May 19, 2010) Connecticut Attorney General Announcement EPIC: Google Street View ======================================================================= [4] EPIC Body Scanner Lawsuit Faces Challenge, Endorsed by Libertarians ======================================================================= Soon after EPIC filed its opening brief in its suit to stop the Department of Homeland Security's controversial and intrusive body scanner program, the Department sought to exclude a party from representing religious interests. In a motion filed in the DC Circuit Court of Appeals, the Department of Homeland Security attempted to exclude religious objector Nadhira Al-Khalili from EPIC's body scanner lawsuit. Ms. Al-Khalili is Legal Counsel for the Council on American-Islamic Relations, one of the organizations that supported EPIC's petition, which is the basis for the challenge to the body scanner program. The Council of American-Islamic Relations is the largest Islamic civil liberties group in the U.S. Ms. Al-Khalili's claims are based on the Religious Freedom Restoration Act and Islamic modesty tenants. As the parties argued in their opening brief, "Muslims believe in maintaining modesty and covering their bodies. [The body scanner program] enables the capture and viewing of naked human images that violates this belief and denies observant Muslims the opportunity to travel by plane in the United States as others are able to do." EPIC has opposed the government's motion and stated that the agency is "simply afraid to have the Religious Freedom Restoration Act claims heard by this Court." Libertarian Party Chair Mark Hinkle endorsed EPIC's suit soon after. The Libertarian Party is America's third-largest political party. The Party issued a press release detailing EPIC's charges against the Department and encouraging all Americans "to call their newly-elected members of Congress and tell them that they don't want this expensive, worthless, intrusive, unconstitutional program." The Party's press release added that the government has already shown that the machines can store, capture, and transfer images, highlighting that U.S. Marshalls stored thousands of images from a courthouse scanner. EPIC discovered the U.S. Marshalls body scanner images with a Freedom of Information Act request. Department of Homeland Security's Motion EPIC's Opposition to Department's Motion EPIC's Opening Brief Press Release: "Libertarians Oppose Abusive TSA Strip-search Machines" ======================================================================= [5] Europe Moves Forward with New Strategy for Privacy Protection ======================================================================= On November 4, 2010 the European Commission announced its preliminary proposals to revise the EU Data Protection Directive. The strategy is to "protect individuals' data in all policy areas, including law enforcement, while reducing red tape for business and guaranteeing the free circulation of data within the EU." The key goals include strengthening the rights of individuals, enhancing the free flow of information, extending privacy safeguards to police and criminal justice records systems, ensuring high levels of protection for data transferred outside of the European Union, and more effective enforcement of privacy rules. The new policy will build on the 1995 EU Data Protection Directive, which is the foundation for much of privacy law across Europe. The 1995 Data Protection Directive was established to provide a regulatory framework to guarantee secure and free movement of personal data across the national borders of the EU member countries, in addition to setting a baseline of security around personal information wherever it is stored, transmitted or processed. Other legal instruments, such as the e-Privacy Directive for the communications sector, have complemented the 1995 Data Protection Directive. There are also specific rules for the protection of personal data in police and judicial cooperation in criminal matters. In 2009, the European Commission launched a review of the current legal framework on data protection, starting with a high-level conference in May 2009, followed by a public consultation running until the end of 2009. Targeted stakeholders consultations were organized throughout 2010. Appearing before the European Parliament in October 26, 2010, EPIC President Marc Rotenberg urged the adoption of a comprehensive framework to protect the flow of personal data between the United States and the European Union. Citing the growing concern about the misuse of sensitive data and the absence of effective legal remedies, Mr. Rotenberg said it was time for the United States of America and the European Union to develop an effective legal framework that would safeguard the rights of citizens and the users of Internet-based services. EPIC strongly supports full implementation of the EU Data Directive as well as other efforts to fully safeguard the fundamental rights of citizens, consumers, and users of Internet-based services. In 2010, the European Commission circulated a document to the European Parliament, The Council of Europe, The Economic and Social Committee and The Committee of the Regions containing a draft strategy for improvements in data protection, including a set of proposals to change the EU Data Protection Directive. The European Commission is encouraging public comments on the proposal until January 15, 2011. The European Commission will then propose legislation in 2011. EPIC: EU Data Protection Directive European Commission: Press Release European Commission: Public Consultation European Commission: Communication to the EU Parliament EU Data Protection Directive 1995 ======================================================================= [6] News In Brief ======================================================================= US Inches Toward Privacy Framework, Creates New White House Committee Lawrence Strickling, the Administrator of the National Telecommunications and Information Administration (NTIA) at the U.S. Department of Commerce spoke on behalf of the United States of America during the 32nd International Conference of Data Protection and Privacy Commissioners held in Jerusalem, Israel on October 27, 2010. NTIA serves as the principal advisor to the President of the United States on communications and information policy. Mr. Strickling recognized that it is "time that we adopt comprehensive Fair Information Practice Principles as the information privacy framework in the United States to clarify how personal data on the Internet is protected." As part of the Obama Administration's commitment to promoting the vast economic opportunity of the Internet and protecting individual privacy, the National Science and Technology Council launched a new Subcommittee on Privacy and Internet Policy to develop strategic direction on information privacy policy that will guide legislative, regulatory and international policy consensus and will foster dialogue and cooperation between the United States and its key trading partners in support of flexible and robust privacy and innovation policies. National Telecommunications and Information Administration NTIA: Lawrence Strickling's Speech NSTC: Subcommittee on Privacy and Internet Policy NSTC: Charter on the Subcommittee on Privacy and Internet Policy Complaint Filed Addressing Employee Termination Over Facebook Post The National Labor Relations Board has issued a complaint against American Medical Response of Connecticut for firing an employee after she complained about her supervisor on Facebook. The company claimed that it fired the employee for violating its policy against depicting the company on a social media site. The Labor Board's complaint states that the company's blogging and Internet posting policy is overly broad, the company illegally denied union representation during the investigation, and that the firing violated an employee's right to engage in concerted activities. The National Labor Relations Act protects an employee's right to engage in group activities, such as discussing work-related issues, to improve workplace conditions. A hearing is scheduled for January 25, 2011. EPIC: Work Place Privacy EPIC: Social Networking Privacy NLRB: Complaint NLRB: Concerted Activities National Labor Relations Act American Medical Response FTC Appoints Executive Director, Chief Technology Officer The Federal Trade Commission has announced that Eileen Harrington will be rejoining the Commission as the Executive Director. Harrington was recently the Chief Operating Officer at the U.S. Small Business Administration, following a 25-year stint at the Commission in a variety of positions. The Commission has also announced that Princeton University professor Dr. Edward W. Felten has been named as Chief Technologist, a new position that will focus on evolving technology and policy issues. Dr. Felten was the founding director for Princeton's Center for Information Technology Policy. Federal Trade Commission Federal Trade Commission: Announcement U.S. Small Business Administration Edward W. Felten Bio Center for Information Technology Policy EPIC: Federal Trade Commission Emerging Technologies Raise Questions About Consumer Privacy Two popular Internet companies have introduced new technologies that could have significant impacts on users' privacy. Facebook announced a new "messages" feature that will combine e-mail, instant chat, and text messaging into one form of conversation. As part of this new feature, users will receive a Facebook e-mail address, and Facebook will maintain an archive of all conversational history between friends. EPIC has two complaints pending at the FTC regarding Facebook's unfair and deceptive practices. Google also unveiled plans for a new Android mobile phone that will contain a chip allowing people to use the phone as a credit card. Google says they will not store personal data from these transactions. EPIC recently sent a letter to Google, arguing that its new policy will enable greater data sharing within the corporation, and filed a complaint with the FTC regarding Google Buzz. Facebook: Messages Feature Eric Schmidt: Web 2.0 EPIC: Facebook EPIC: In re Facebook EPIC: In re Facebook II EPIC: Letter to Google EPIC: Google Buzz Complaint to FTC ======================================================================= [7] EPIC Book Review: "The Master Switch" ======================================================================= "The Master Switch: The Rise and Fall of Information Empires," Tim Wu Tim Wu's Master Switch is a sweeping historical narrative of "the Cycle" - the "oscillation of information industries between open and closed" - that provides a richly layered grounding for his support for net neutrality and the ideals of free speech. Wu explores how information industries, including the telephone, radio, and television, have effectively stifled free speech and innovation and wonders whether the Internet age presents a different moment, a breaking of the cycle. The Internet is the twenty-first century's form of common carriage. The histories of innovation and corporate consolidation in radio, film, television, and telephony provide examples of how "vertical integration of an industry creates a vested interest in limiting free expression. Profit is tied not to the proliferation of many voices but to the propagation of a few "to the mass production of speech, as it were." Structure, open versus closed, determines how free the speech is in the underlying medium. Wu explains further that "[t]he problem is that a 'speech industry' - as we might term any information industry - once centralized, becomes an easy target for external independent actors with strong reasons of their own for limiting speech." The private sector, not government, most effectively and consistently censors speech. Apple and Google epitomize, for Wu, the Cycle. In the struggles between Apple and Google "is the perennial Manichaean contest informing every episode in this book: the struggle between the partisans of the open and of the closed, between the decentralized and the consolidated visions of a proper order. But this time around, as compared with any other, the sides are far more evenly matched." In fact, Google may have a lead - Wu describes it as the world's "Master Switch" and in the information world, the switch is everything. "For it is the switch that transforms mere communications into networking - that ultimately decides who reaches what or whom." Despite being the "switch of choice," Google has two major weaknesses: its dependency on the wires supporting connection services to the Internet but owned by media companies, and the possibility that content providers could refuse to allow Google to index their pages. The political economy of information industries reveals that despite capitalism's opportunities for freedom, "the free market can also led to situations of reduced freedoms" If we believe in liberty, it must be freedom from both private and public concern." Net neutrality embraces the ideal of an open system and because the Internet functions as a common carrier, new solutions to how information industries function are required. Wu thus proposes a constitutional rather than regulatory approach to the problem of net neutrality and the information economy to address this concern, what he calls a "Separations Principle," or "a regime whose goal is to constrain and divide all power that derives from the control of information." Essentially the principle would require that content providers, infrastructure owners, and those who control access remain separate. This separation would be achieved mainly through the pressure of the public "information morality." Corporations providing infrastructure and access to networks are often, Wu admits, responsive to public conceptions of what is good or bad corporate behavior. We can, he suggests, embrace that tendency as a good. Additionally, the government must "not intervene in the market to favor any technology, network monopoly, or integration of the major functions of an information industry" because the government is a poor predictor of what is good for the information industry. There does remain, however, a role for the FCC, the DOJ, and the FTC to ensure the viability of the Internet as a public utility. Wu envisions the Separations Principle as preempting politics and strengthening liberal society's interest in "the dynamism of diverse, sometimes disruptive, perspectives and ideas." While vertical integration of the information industry smothers speech, the Separations Principle enables an environment in which the ideal of free speech can be realized while at the same time allowing entrepreneurship and innovation to flourish. -- Nichole Rustin-Paschal ================================ EPIC Publications: "Litigation Under the Federal Open Government Laws 2008," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, and Mark S. Zaid (EPIC 2008). Price: $60. Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding the substantial FOIA amendments enacted on December 31, 2007. Many of the recent amendments are effective as of December 31, 2008. The standard reference work includes in-depth analysis of litigation under Freedom of Information Act, Privacy Act, Federal Advisory Committee Act, Government in the Sunshine Act. The fully updated 2008 volume is the 24th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at: EPIC Bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: ======================================================================= [8] Upcoming Conferences and Events ======================================================================= "Broadband Networks and Smart Grid at the Crossroad Between ICT & Energy." Columbia Business School, New York, New York, 3 December 2010. For More Information: "Computers, Privacy, and Data Protection Conference European Data Protection: In Good Health?" Brussels, Belgium, 25-28 January 2011. For More Information: "The Tenth Workshop on Economics of Information Security." The George Mason University, 14-15 June 2011. For More Information: "Computers, Freedom, and Privacy 2011." Georgetown Law Center, Washington D.C., 14-16 June 2011. For More Information: ======================================================================= Join EPIC on Facebook ======================================================================= Join the Electronic Privacy Information Center on Facebook Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Donate to EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at: Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: Back issues are available at: The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 17.23 ------------------------

Share this page:

Defend Privacy. Support EPIC.
US Needs a Data Protection Agency
2020 Election Security