EPIC Alert 26.06

1. Justice Department Expedites EPIC Request for Public Release of Mueller Report; Hearing Set for April 9

The Department of Justice has agreed to expedite EPIC's Freedom of Information Act request for the Mueller Report and related Special Counsel records concerning Russian interference in the 2016 U.S. presidential election. The DOJ's concession comes after EPIC sought a preliminary injunction to compel the immediate release of the report. Judge Reggie B. Walton has scheduled a hearing for April 9 in EPIC's case, the first lawsuit in the country seeking to obtain the Mueller Report.

In November 2018, EPIC submitted a detailed Freedom of Information Act request to the DOJ seeking records about Russian election interference. But the agency refused to process EPIC's request on an expedited basis, claiming it could not "identify a particular urgency" to disclose the records sought. On March 22, Attorney General William Barr notified Congress that Special Counsel Robert Mueller had completed his investigation and delivered the final report. EPIC filed suit the same day.

Shortly after, EPIC filed a motion for a preliminary injunction to secure the expedited release of the Mueller Report and related records. EPIC explained that "Few, if any, government documents in the recent history of the United States have commanded more attention than the Mueller Report," yet the public "remains in the dark as to the most consequential government investigation in recent history."

EPIC's work in obtaining the Mueller report has been extensively covered by Politico, Washington Post, Reuters, The Hill, Newsweek, CNN, and the National Law Journal. EPIC, through its Democracy and Cybersecurity Project, has pursued multiple FOIA cases concerning Russian interference with the 2016 election, including EPIC v. FBI (response to Russian cyberattacks), EPIC v. ODNI (Russian hacking), EPIC v. IRS I (release of Trump's tax returns), EPIC v. IRS II (release of Trump's offers-in-compromise), and EPIC v. DHS (election cybersecurity). The case for the release of the Mueller Report is EPIC v. DOJ, No. 19-810 (D.D.C.).

2. EPIC, in Amicus Brief, Urges Supreme Court to Remove Census Citizenship Question

EPIC recently filed an amicus brief in Department of Commerce v. New York, urging the Supreme Court to uphold a federal judge's decision to remove the citizenship question from the 2020 Census. EPIC warned that "collecting citizenship status information from hundreds of millions of U.S. residents presents enormous privacy and security concerns." EPIC previously filed an amicus brief in the lower court.

EPIC described the history of census privacy and the connection to census accuracy. EPIC wrote that "the accuracy and integrity of the census depends on the assurance that the personal information collected by the Census Bureau will be used only by the Bureau and for purposes consistent with the census." EPIC stressed that "response data pertaining to national origin is particularly susceptible to abuse." The brief highlighted EPIC's 2004 FOIA request which revealed that the Census Bureau transferred data on Arab-Americans to the DHS after 9/11.

EPIC also explained that, "in failing to assess the risks that would result from the collection of personal data regarding citizenship status, the Census Bureau has violated its obligations under the E-Government Act." EPIC wrote that "the agency's disregard of this core responsibility for the management of information systems in the federal government is all the more egregious because there is no dispute that the data associated with citizenship is the most consequential collection activity in the 2020 census."

EPIC's own lawsuit to block the citizenship question, EPIC v. Commerce, is currently before the D.C. Circuit with an argument scheduled for May 8. EPIC has charged that the Census Bureau failed to complete required privacy impact assessments prior to the decision to collect personal data about citizenship. The Bureau concedes that it must complete the impact assessments, but it has so far failed to do so.

EPIC has long focused on census privacy. EPIC's 2004 FOIA case led the Census Bureau to revise its "sensitive data" policy. In comments to the Census Bureau in 2018, EPIC opposed the citizenship question in the 2020 census. EPIC also obtained Census Bureau documents in a FOIA case, including an email from Kris Kobach to Secretary Ross requesting the addition of the citizenship question "on the direction of Steve Bannon."

3. EPIC FOIA: FTC Confirms More than 25,000 Facebook Complaints are Pending

In response to a FOIA request from EPIC, the FTC has confirmed that there are over 25,000 complaints about Facebook pending with the Commission. A subsequent disclosure from the agency revealed that the number of complaints against Facebook is doubling every two years. In 2018 alone, the FTC received 8,391 consumer complaints about Facebook, nearly twice the number received in 2016 (4,612), and more than four times the number received in 2014 (1,860).

In the eight (8) years since the FTC announced a consent order barring Facebook from making any misrepresentations about user privacy, the FTC has not taken a single enforcement action against the company. And one year has now passed since the FTC announced the reopening Facebook investigation after news of the Cambridge Analytica data breach.

Many experts say Facebook violated the order, including Senator Richard Blumenthal (D-CT), Sen. Josh Hawley (R-MO), former FTC Chair William Kovacic, former FTC CTO Ashkan Soltani, and Internet policy expert Tim Wu.

In a recent interview with Bloomberg News, Senator Blumenthal slammed the pace of the Federal Trade Commission's privacy investigation into Facebook Inc., saying it is "inexplicable" that the probe has stretched for more than a year without a fine against the company. According to Bloomberg, Senator Blumenthal is "flabbergasted and frustrated" that the commission has not resolved the case. The inquiry, which started in March 2018, should have been done in "one-tenth" of the time, he said.

EPIC has urged the FTC to #EnforceTheOrder against Facebook. EPIC's campaign calls for changes in business practices such as reforming hiring practices, installing a director to represent users, and unwinding the WhatsApp and Instagram mergers.

4. D.C. Circuit Greenlights EPIC Appeal Concerning Predictive Policing, Executive Privilege

The D.C. Circuit has rejected an attempt by the Department of Justice to cut short EPIC's appeal in EPIC v. DOJ, a FOIA case concerning predictive policing, algorithmic transparency, and executive privilege. The appeal will now be argued before a three-judge panel of the D.C. Circuit.

EPIC's case calls for the disclosure of a "Predictive Analytics Report" drafted by the DOJ for the White House. A lower court backed the DOJ last year when the agency asserted the "presidential communications privilege" over the report. But neither the D.C. Circuit nor the Supreme Court has ever permitted a federal agency to unilaterally invoke that privilege in a FOIA case.

The DOJ, on appeal, asked the D.C. Circuit to uphold the lower court decision without a full examination of EPIC's case. But the court denied the agency's motion, concluding that the "merits of the parties' positions are not so clear as to warrant summary action." EPIC's case previously led to the disclosure of 400 pages of records concerning criminal justice algorithms and predictive policing.

EPIC recently filed a FOIA suit for the release of the Mueller Report, which President Trump may attempt to withhold from the public using executive privilege. EPIC has pursued numerous FOIA cases concerning algorithmic transparency, passenger risk assessment, "future crime" prediction, and proprietary forensic analysis. EPIC's appeal is EPIC v. DOJ, No. 18-5307 (D.C. Cir.).

5. EPIC Warns Appellate Court of Google’s Flawed, Secretive, Massive File Scanning Program

EPIC recently filed an amicus brief in United States v. Wilson, a case concerning Google's scanning of billions of personal files for suspected unlawful content at the behest of the federal government.

Google uses a proprietary image matching technique to scan files users upload to Google services for images that Google employees believe to be child pornography. Once an image is detected, Google notifies the National Center for Missing and Exploited Children, which then forwards personal information about the individual user to law enforcement. Although the Fourth Amendment prohibits unreasonable searches, the lower court held that the police were allowed to search files that Google flagged from the defendant's Gmail account.

In the brief, EPIC argued that "because neither Google nor the Government explained how the image matching technique actually works or presented evidence establishing accuracy and reliability, the Government's search was unreasonable." EPIC also explained that "the lower court made a key mistake" by confusing file hashing, which uniquely identifies a file, and image matching, which is more prone to false positives.

Last year, EPIC filed an amicus brief in a similar case, United States v. Miller. EPIC has long promoted algorithmic transparency. EPIC has previously submitted amicus briefs on the application of the Fourth Amendment to investigative techniques, including in the Supreme Court case Florida v. Harris.

News in Brief

EPIC to Congress: Funding for TSA Facial Recognition Program Must Be Halted

EPIC has sent a statement to the House Appropriations Committee regarding the TSA's FY2020 budget request, urging Congress to suspend the "Biometric Entry-Exit" program until privacy safeguards are established. EPIC said Congress should halt funding for TSA's facial recognition program "until CBP establishes proper privacy assessments, policies and procedures, and oversight mechanisms." EPIC recently filed a Freedom of Information Act lawsuit to determine whether travelers are able to to opt-out of facial recognition at airports. According to the CBP, the "alternative screening procedures" allow travelers to provide identification documents, such as a passport, and avoid facial recognition, which "is not mandatory for U.S. citizens." But research by EPIC indicates that CBP has made it increasingly difficult for travelers to opt-out.

EPIC to Appropriations Committees: Suspend the Census Citizenship Question

EPIC has sent a statement to the House and Senate regarding the FY2020 appropriations for the Department of Commerce. EPIC urged Congress to require the Census Bureau to remove the citizenship question from the 2020 census, pending the completion of legally required Privacy Impact Assessments. EPIC told the committees that the Census Bureau failed to complete the Privacy Impact Assessments required by Section 208 of the E-Government Act. The Census Bureau concedes that it must complete the impact assessments but has so far failed to do so. "Congress made clear that data collection simply could not occur without the completion of these assessments," EPIC explained to Congress. In EPIC v. Commerce now before the D.C. Circuit Court of Appeals, EPIC argued that the collection of citizenship data without the privacy impact assessments is unlawful. EPIC warned the federal appeals court that, "major privacy risks have not been addressed by the agency."

EPIC Provides U.S. Report for Privacy Experts Meeting

EPIC has provided a comprehensive report explaining the latest developments in U.S. privacy law and policy for the 65th meeting of the International Working Group on Data Protection, held this year in Bled, Slovenia. The Working Group includes Data Protection Authorities and experts from around the world who review emerging privacy challenges. The EPIC 2019 report details the reported shutdown of the NSA call record collection program, Congressional hearings on federal privacy legislation, the nomination of a Privacy Shield Ombudsperson, the Executive Order on Artificial Intelligence, and more. In April 2017, EPIC hosted the 61st meeting of the IWG in Washington, D.C. at the Goethe-Institut, Germany's cultural institute.

EPIC Backs Principles for Student Safety, Privacy, and Equity

EPIC joined forty education, privacy, disability rights, and civil rights organizations to support ten principles for school safety. The principles promote student safety measures that are evidence-based and oppose the surveillance-based measures that have been proposed in many states. In 2014 EPIC urged Congress to adopt the Student Privacy Bill of Rights to safeguard student privacy. In 2012, EPIC sued the Department of Education after it weakened a rule to protect the privacy of student records. Last year EPIC filed an amicus brief in Jackson v. McCurry, stating that teachers may not search a student's cell phone unless they have followed an explicit school policy that complies with Fourth Amendment requirements.

EPIC Urges Senate to Strengthen US Privacy Laws for Cross Border Data Flows

EPIC sent a statement to a Senate committee on Foreign Relations regarding the nomination of Keith Krach to Under Secretary of State. Krach would serve as the US Privacy Shield Ombudsperson, a pivotal role concerning the transfer of personal data between the EU and the US. EPIC took no position on the nominee but wrote to underscore the urgency of Congressional action to safeguard the privacy interests of Americans. EPIC explained that foreign governments are reluctant to permit the transfer of the personal data of their citizens to the U.S. due to the U.S.'s lax privacy laws. EPIC recommended Congress take three steps to update U.S. privacy law: (1) enact the comprehensive baseline privacy legislation, (2) establish an independent data protection agency, and (3) ratify the International Privacy Convention.

EPIC to Senate Committee: Privacy Rules Can Help Level Playing Field for Small Business

In advance of a hearing on "Small Business Perspectives on a Federal Data Privacy Framework," EPIC has sent a statement to the the Senate committee on consumer protection. EPIC said that over the last two decades, an absence of privacy regulation has led to a growing concentration of internet services. "Privacy rules could help level the playing field," EPIC said. EPIC also warmed against preempting state laws, citing California's data breach legislation as an example. "A federal law that preempted California's ability to respond to new threats would have placed consumers and businesses at risk," EPIC said.

EPIC to House Oversight Committee: U.S. Data Protection Agency Needed to Protect Consumers

In advance of a hearing on "Improving Cybersecurity at Consumer Reporting Agencies," EPIC sent a statement to the House Oversight Committee urging the creation of a data protection agency in the United States. "The FTC also lacks the ability, authority and expertise to engage the broad range of challenges we now confront," EPIC said. EPIC cited the Federal Trade Commission's limited ability to enforce basic data protection standards, and the growing dangers of data breach, identity theft, and cyberattacks by foreign adversaries. The U.S. is one of the few democracies in the world that does not have a federal data protection agency. EPIC wrote about the need for a U.S. data protection agency in the New York Times, the Hill, and Techonomy.

EPIC to Supreme Court: Access to Commercial Records is Critical for Government Oversight

EPIC has filed an amicus brief urging the Supreme Court to protect the public's right to access commercial information held by federal agencies. EPIC described several of its own FOIA case -- including the now defunct airport body scanner program and the ongoing probe of Facebook -- where access to commercial records made possible meaningful oversight and reform. EPIC also warned that private parties, "acting on behalf of public agencies and with public funding," often hide their activities. EPIC wrote, "The public must have access to commercial information in agency records to conduct effective oversight of government programs that implicate privacy." EPIC has filed several amicus briefs for the US Supreme Court and other federal courts in Freedom of Information Act cases. Twenty members of the EPIC Advisory Board, distinguished experts in law, technology, and public policy, signed the brief. The case is Food Marketing Institute v. Argus Leader Media, No. 18-481.

Bipartisan Group of Senators, Representatives File Bill To End NSA Surveillance Program

Sens. Ron Wyden (D-Ore.), and Rand Paul (R-Ky.), and Reps. Justin Amash (R-Mich.), and Zoe Lofgren (D-Calif.) have introduced The Ending Mass Collection of Americans' Phone Records Act. The bill would end the NSA's collection of Americans' phone records, known as "Section 215" authority, which is set to expire on December 15, 2019. EPIC recently joined civil liberties organizations in a statement calling for the end to the NSA's phone record collection program. The USA Freedom Act limited the NSA's collection program, but the NSA has acknowledged compliance problems. In 2013, EPIC filed a petition with the Supreme Court, challenging the lawfulness of the NSA program. EPIC has long called for an end to the phone record collection program.

Report: FBI Victim Notification Procedures 'Unreliable' and 'Incomplete'

The FBI's system for notifying victims of cyberattacks is "unreliable" and "incomplete," according to a report by the Inspector General for the Department of Justice. The IG report found that "not all victims were informed of their rights as required by" DOJ guidelines, which are "outdated since they do not consider the needs of victims of cybercrime." In 2017, EPIC obtained through EPIC v. FBI, a FOIA lawsuit, the FBI Victim Notification Procedures that should have applied to Russian cyberattacks during the 2016 Presidential election. The FBI Notification Procedures made clear that notification should occur "even when it may interfere with another investigation or (intelligence) operation." The records obtained by EPIC led to Associated Press investigation ("FBI gave heads-up to fraction of Russian hackers' US targets"), which found that the FBI did not follow the Procedures and failed to notify U.S. officials that their email accounts were compromised. The EPIC Democracy and Cybersecurity Project has pursued multiple FOIA cases concerning Russian interference with the 2016 election, including EPIC v. DOJ (the Mueller Report), EPIC v. ODNI (Russian hacking), EPIC v. IRS I release of Trump's tax returns), EPIC v. IRS II (release of Trump business tax records), and EPIC v. DHS (election cybersecurity).

Utah Becomes First State to Require Warrant for Data Held by Third Parties

The State of Utah has become the first state in the nation to require law enforcement to obtain a warrant to obtain electronic data held by third parties such as wireless providers, email providers, search engines, or social media companies. House Bill 57, sponsored by State Representative Craig Hall (R), was recently signed into law by Governor Gary Herbert. Last year, the Supreme Court ruled in Carpenter v. United States that the Fourth Amendment protects location records generated by mobile phones. Recognizing that other types of data were in equal need of protections, Chief Justice John Roberts, writing for the Court, said "legislation is much preferable to the development of an entirely new body of Fourth Amendment case law." Utah took that advice and passed broad protections for essentially all data held by third-parties, with exceptions in emergency circumstances. EPIC filed an amicus brief in the Carpenter case, has recommended updates to the Electronic Communications Privacy Act, and recently proposed a comprehensive strategy for Congress to update federal law after the Carpenter decision.

Congressional Leaders Ask GAO To Review Agency Compliance with FOIA

Democratic and Republican leaders in the Senate and the House have sent a letter to the Government Accountability Office requesting a comprehensive review of compliance with the Freedom of Information Act across the federal government. The letter was spearheaded by Rep. Cummings (D-MD), Senator Leahy (D-VFT), Senator Grassley (R-IA), Senator Feinstein (D-CA), Senator Cornyn (R-TX), and Rep. Jordan (R-OH). The letter stated that the GAO's 2018 assessment revealed "inconsistent and incomplete" agency compliance with the FOIA between 2012-2016. The GAO report found that 18 agencies only implemented half of the FOIA requirements since the 2016 amendments and some agencies had backlogs of more than 1,000 FOIA requests. As part of EPIC's Open Government project, EPIC frequently uses FOIA to obtain information about the government to improve government oversight and accountability.

New FCC Regulation of Robocalls

The FCC published a final rule on robocalls that establishes a single database for reassigned phone numbers, sets a minimum period of 45 days before a disconnected number may be reassigned to a new subscriber, and adopts a limited safe harbor from liability for any caller that relies upon inaccurate information in the database. EPIC submitted comments for this rulemaking, recommending that the FCC (1) require phone providers to proactively block calls from numbers that are unassigned, unallocated, or invalid; (2) prohibit spoofing if there is an intent to defraud or cause harm; and (3) encourage the use of call authentication technology that safeguards caller anonymity. EPIC has long advocated for robust telephone privacy protections. EPIC filed an amicus brief in 2015 that strengthened consumer protections for robocalls.

Appeals Court Refuses to Find Dating App Liable in Abuse Case

A federal appellate court has refused to find a dating app liable for failing to remove a false profile that enabled abusive conduct. EPIC filed an amicus brief in Herrick v. Grindr, arguing that the law Section 230 of the Communications Decency Act was intended to "encourage internet service providers to police their platforms," not to "give platforms carte blanche to ignore harassment and abuse." EPIC explained that victims may be subjected to ongoing "psychological, social, and financial harm" if internet services are not accountable for harassment and abuse. EPIC routinely files friend of the court briefs in cases concerning emerging privacy and civil liberties issues.

Federal Government Charges Facebook with Housing Discrimination, Algorithmic Profiling at Issue

The Department of Housing and Urban Development has charged Facebook with violating the Fair Housing Act by enabling discrimination through user profiling on the advertising platform. "Facebook is discriminating against people based upon who they are and where they live," said HUD Secretary Ben Carson. "Using a computer to limit a person's housing choices can be just as discriminatory as slamming a door in someone's face." EPIC supports "algorithmic transparency," which could reduce bias and help ensure fairness in automated decisionmaking. EPIC proposed the Universal Guidelines for Artificial Intelligence as the basis for federal legislation. The Universal Guidelines have been endorsed by more than 250 experts and 60 organizations in 40 countries. EPIC has pursued numerous FOIA cases concerning algorithmic transparency, passenger risk assessment, "future crime" prediction, and proprietary forensic analysis.

Senators Question DOJ About Surveillance of Americans' Location Data

A bipartisan group of Senators, including Senator Patrick Leahy, recently sent a series of questions to Attorney General William Barr about the government's surveillance of Americans' location data. The Senators specifically asked how the Supreme Court's decision in Carpenter v. United States has impacted government surveillance programs. In Carpenter, the Court ruled that the government could not collect cell phone location data without a warrant, even if that data was held by the phone company. The Senator's questions concern possible collection of location data by intelligence agencies as well as during criminal investigations. EPIC has sued the Department of Justice to obtain records of the number of surveillance applications for location data submitted by federal prosecutors in prior years. EPIC also filed a "friend of the court" brief in Carpenter, and urged the Court to extend Constitutional protection to cell phone data. EPIC also provides the public with access to and information about the federal wiretap reports, which provide important statistics about the use of other surveillance authorities. These reports have not yet been updated to address location data collection.

Supreme Court Hears Arguments in Case About FCC Privacy Rules

The Supreme Court has heard oral arguments in PDR Network v. Carlton & Harris Chiropractic, which concerns a company's efforts to disregard an FCC rule about junk faxes. EPIC filed an amicus brief in the case. In the brief, EPIC explained that permitting companies to avoid FCC rules "will exclude the voices of consumers" in agency decision making. EPIC also explained that the company's efforts to sidestep agency rules will benefit those "who have resources to attack FCC rules." EPIC contributed to the development of the robocall and junk fax laws. EPIC has since worked to ensure that telephone users are protected from invasive practices through agency comments and amicus briefs in cases such as ACA International and Gallion v. Charter Communications.

Supreme Court Won't Disturb Data Breach Decision

Last month, the Supreme Court declined to review Zappos.com, v. Stevens, a decision that allowed consumers to sue the online retailer following a breach of their personal data. More than 24 million Zappos customers were affected by the breach, which included account numbers and passwords. Zappos tried to block the lawsuit, claiming that consumers had to show additional damages. The Ninth Circuit rejected that argument, and the Supreme Court left the decision of the appeals court in place. EPIC has filed amicus briefs in similar data breach cases, including Attias v. Carefirst, arguing that if "companies fail to invest in reasonable security measures, then consumers will continue to face harm from data breaches." EPIC regularly files amicus briefs defending consumer privacy and addressing emerging privacy challenges.

EPIC in the News

• A.I. and Privacy Concerns Get White House to Embrace Global Cooperation, New York Times, April 4, 2019
• Comparing American and European perspectives on tech and privacy, Brookings, April 4, 2019
• FTC has received 26,000 complaints about Facebook privacy violations since 2012, The Hill, April 4, 2019
• EPIC: Google Conducts Warrantless Searches for the Government, Breitbart, April 3, 2019
• EPIC says DOJ agreed to 'expedite' release of Mueller report, The Hill, April 3, 2019
• Report: FBI Fails to Promptly Notify Cybercrime Victims, Bank Info Security, April 3, 2019
• Press group asks judge to lift grand jury secrecy in Mueller report, POLITICO, Apr. 2, 2019
• EPIC's Day in Court on Mueller Report Set, POLITICO Morning Tech, Apr. 2, 2019
• Facebook founder Mark Zuckerberg to visit Dublin headquarters, Irish Times, Apr. 1, 2019
• Zuckerberg's Calls for Regulation Are Seen Missing the Mark, Bloomberg, Apr. 1, 2019
• Grindr Prevails In Battle Over Online Harassment, MediaPost, Mar. 29, 2019
• Lawmakers Propose End To NSA's Phone Data Collection, Law360, Mar. 29, 2019
• Grindr just won a major lawsuit that could've fundamentally changed the internet, Queerty, Mar. 28, 2019
• Watchdog report critiques DEA program Barr approved 27 years ago, POLITICO, Mar. 28, 2019
• Yeah, you better, you... you better tell us how you're misusing people's data, privacy, watchdog suggests to US telcos, The Register, Mar. 27, 2019
• 5G is speedy, but does it also raise the stakes on privacy, security, potential abuse?, USA TODAY, Mar. 27, 2019
• Amazon Is Already Listing the Mueller Report Online: Will It Be Made Public?, Rolling Stone, Mar. 26, 2019
• How Mueller's Report Lands in Court: Congress, FOIAs and Defendants, National Law Journal, Mar. 26, 2019
• Suit seeks release of Mueller report while Democrats still investigate; obstruction conclusion questioned, ABA Journal, Mar. 26, 2019
• EPIC Sues for Mueller Details, WND, Mar. 26, 2019
• Status update: How Facebook is dealing with a year's worth of crises, CBS News, Mar. 26, 2019
• Privacy a Top Concern in 'Biometric Exit', Infosecurity Magazine, Mar. 26, 2019
• Gold Dome: Mueller Report Analysis Begins, State Bill News, Mar. 26, 2019
• Morning Docket: 03.25.19, Above the Law, Mar. 25, 2019
• The Hill's Morning Report, The Hill, Mar. 25, 2019
• Attorney general is preparing conclusions from the Mueller report, Washington Post, Mar. 25, 2019
• FOIA the Mueller Report: What will the Special Counsel's Office release?, MuckRock, Mar. 25, 2019
• FTC under fire, POLITICO Morning Tech, Mar. 25, 2019
• Mueller report found no conspiracy with Russia, AG says , Miami Herald, Mar. 24, 2019
• EPIC sues DOJ for public release of Mueller report, The Hill, Mar. 23, 2019
• EPIC sues for full release of Mueller report, Washington Post, Mar. 23, 2019
• EPIC Sues Justice Department, Seeking to Compel Full Public Release Of Mueller Report, Newsweek, Mar. 23, 2019
• Main Findings of Mueller Report Will Not Be Released Saturday: U.S. Official, U.S. News & World Report, Mar. 23, 2019
• 'The public has a right to know:' U.S. privacy group sues for release of Mueller's report, Global News, Mar. 23, 2019
• Mueller Finishes Russia Probe With No New Indictments, Law360, Mar. 23, 2019
• When Will Attorney General Barr Provide His Summary of Mueller Report? Not Today, Newsweek, Mar. 23, 2019
• EPIC sues for public release of Mueller probe report, Reuters, Mar. 23, 2019
• Here's the first lawsuit filed seeking the public release of Mueller's report, CNN, Mar. 22, 2019
• New FOIA Lawsuit Demands Release of Mueller Report, National Law Journal, Mar. 22, 2019

More EPIC in the News »

EPIC Bookstore

EPIC publications and books by members of the EPIC Advisory Board, distinguished experts in law, technology and public policy are available at the EPIC Bookstore.

Recent EPIC Publications

The Privacy Law Sourcebook 2018, edited by Marc Rotenberg (2018)

The Privacy Law Sourcebook is the leading resource for students, attorneys, and policymakers interested in privacy law in the United States and around the world. The Sourcebook includes major US privacy laws such as the Fair Credit Reporting Act, the Privacy Act, the Family Educational Rights and Privacy Act, the Video Privacy Protection Act, and the Electronic Communications Privacy Act. The Sourcebook also includes key international privacy frameworks such as the EU General Data Protection Regulation and the revised OECD Privacy Guidelines. The Privacy Law Sourcebook 2018 has been updated and expanded to include the modernized Council of Europe Convention on Privacy, the Judicial Redress Act, the CLOUD Act, and new materials from the United Nations. The Sourcebook also includes an extensive resources section with useful websites and contact information for privacy agencies, organizations, and publications.

Communications Law and Policy: Cases and Materials, 5th Edition, by Jerry Kang and Alan Butler. Direct Injection Press (2016).

This teachable casebook provides an introduction to the law and policy of modern communications. The book is organized by analytic concepts instead of current industry lines, which are constantly made out-of-date by technological convergence. The basic ideas—power, entry, pricing, access, classification, bad content, and intermediary liability—equip students with a durable and yet flexible intellectual structure that can help parse a complex and ever-changing field.

Privacy Law and Society, 3rd Edition, by Anita Allen, JD, PhD and Marc Rotenberg, JD, LLM. West Academic (2015).

The Third Edition of "Privacy Law and Society" is the most comprehensive casebook on privacy law ever produced. It traces the development of modern privacy law, from the early tort cases to present day disputes over drone surveillance and facial recognition. The text examines the philosophical roots of privacy claims and the significant court cases and statues that have emerged. The text provides detailed commentary on leading cases and insight into emerging issues. The text includes new material on developments in the European Union, decisions grounded in fundamental rights jurisprudence, and exposes readers to current debates over cloud computing, online profiling, and the role of the Federal Trade Commission. Privacy Law and Society is the leading and most current text in the privacy field.

Privacy in the Modern Age: The Search for Solutions, edited by Marc Rotenberg, Julia Horwitz and Jeramie Scott. The New Press (2015). Price: $25.95.

The threats to privacy are well known: The National Security Agency tracks our phone calls; Google records where we go online and how we set our thermostats; Facebook changes our privacy settings when it wishes; Target gets hacked and loses control of our credit card information; our medical records are available for sale to strangers; our children are fingerprinted and their every test score saved for posterity; and small robots patrol our schoolyards while drones may soon fill our skies.

The contributors to this anthology don't simply describe these problems or warn about the loss of privacy—they propose solutions.

Contributors include: Steven Aftergood, Ross Anderson, Christine L. Borgman (coauthored with Kent Wada and James F. Davis), Ryan Calo, Danielle Citron, Simon Davies, A. Michael Froomkin, Deborah Hurley, Kristina Irion, Jeff Jonas, Harry Lewis, Anna Lysyanskaya, Gary T. Marx, Aleecia M. McDonald, Dr. Pablo G. Molina, Peter G. Neumann, Helen Nissenbaum, Frank Pasquale, Dr. Deborah Peel, MD, Stephanie E. Perrin, Marc Rotenberg, Pamela Samuelson, Bruce Schneier, and Christopher Wolf.

Upcoming Conferences and Events

UK Data Protection Practitioners' Conference 2019. Apr. 8, 2019. Manchester, UK. Marc Rotenberg, EPIC President.

FTC Hearing: The FTC's Approach to Consumer Privacy. Apr. 10, 2019. Washington, DC. Christine Bannan, EPIC Consumer Protection Counsel.

Tech Ethics & Governance Conference. Apr. 18–19, 2019. Duke University, Durham, NC. Jeramie Scott, EPIC Senior Counsel.

AI World Society. May 25, 2019. Washington, DC. Marc Rotenberg, EPIC President.

Cyber Crime Review. Aug. 8, 2019. ABA Annual Meeting, San Francisco, CA. Alan Butler, EPIC Senior Counsel.

EPIC Champions of Freedom Awards Dinner: 'Data Protection and Democracy.' June 5, 2019. National Press Club, Washington, DC.