EPIC Alert 19.16
======================================================================= E P I C A l e r t ======================================================================= Volume 19.16 August 30, 2012 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/epic_alert_19.16.html "Defend Privacy. Support EPIC." http://epic.org/donate ======================================================================== Table of Contents ======================================================================== [1] EPIC FOIA Docs: DHS Continues Pursuit of Crowd Surveillance [2] EPIC Supports Moratorium on RFID Student Tracking [3] Judge Rejects Settlement in Facebook 'Sponsored Stories' Case [4] European Consumer Organization Backs New EU Privacy Effort [5] Republican Party Platform Seeks To Limit US Drone Surveillance [6] News in Brief [7] EPIC in the News [8] Book Review: 'Privacy' [9] Upcoming Conferences and Events TAKE ACTION: Join the Coalition to Oppose RFID Tracking in Schools! READ the Position Paper: http://epic.org/redirect/083012-spychips.html LEARN about RFID Tracking: http://epic.org/privacy/rfid/ SUPPORT EPIC: http://epic.org/donate ======================================================================== [1] EPIC FOIA Docs: DHS Continues Pursuit of Crowd Surveillance ======================================================================== New documents obtained by EPIC under the Freedom of Information Act provide further details on a DHS plan to use multiple surveillance technologies to search people in public spaces. The documents were obtained under a FOIA request for records related to the development and implementation of technology to "virtually frisk" individuals on sidewalks without their knowledge or consent. Among the documents obtained by EPIC is a 145-page "Preliminary Design Review" report for prototyping the so-called "BomDetec" system, which would integrate "four existing sensor technologies" - "intelligent video, backscatter x-ray, Millimeter Wave Radar (MMWR Radar) and Terahertz Wave (THz)" - inside a "common ruggedized surveillance vehicle." Combined, these technologies would provide "visual tracking" and metal, shape and chemical identification. A possible addition to the sensor suite is Spectroscopic FLIR, which would further test the identified chemicals. Terahertz technology can be used to detect every substance's unique "fingerprint", and use that fingerprint to determine exactly what an individual is carrying or has come into contact with. According to the documents, the sensor suite "has been tested . . . at stand-off distance of 3m and real time (<1 sec) scanning." DHS's goal is to use the scanners at up to 50 meters. The BomDetec specs state that the surveillance vehicles would be used "at the entrance to a protected facility, such as a military facility, an embassy or check point." However, the records released by DHS give further insight into the agency's plans to use the technology as part of a comprehensive crowd-screening program. Previous EPIC FOIA work produced records about a similar DHS program, which the government agency subsequently claimed it had canceled. The new documents obtained by EPIC show that DHS was still pursuing mobile crowd surveillance as recently as 2011, and that the scanning suite could be deployed at subway platforms, sidewalks, sports arenas, and shopping malls. Recent news reports indicate that DHS also may be pursuing terahertz technology for use as primary screening at airports. EPIC is seeking records related to these developments. EPIC: FOIA Documents on "Electronic Frisking" http://epic.org/foia/dhs/terahertz-frisking.html#documents EPIC: Electronic Frisking http://epic.org/foia/dhs/terahertz-frisking.html EPIC: EPIC v. DHS (Mobile Body Scanners FOIA Lawsuit) http://epic.org/redirect/083012-epicvdhs-mobile-scan.html EPIC: Whole Body Imaging Technology and Body Scanners http://epic.org/privacy/airtravel/backscatter/ ======================================================================= [2] EPIC Supports Moratorium on RFID Student Tracking ======================================================================= EPIC, in conjunction with the group Consumers Against Supermarket Privacy Invasion and Numbering (CASPIAN) and other leading privacy and civil liberties organizations, has issued a Position Paper on the use of RFID in schools. Radio Frequency Identification is an identification and tracking technology "designed to monitor physical objects," such as commercial products, vehicles, and animals. Some school districts are proposing to use RFID ID tags to monitor students, teachers, and staff. The report warns of significant privacy and security risks if schools adopt RFID tracking, and if the tracking is adopted, the position paper urges schools to adopt robust privacy safeguards. Radio Frequency Identification is an identification tracking technology "designed to monitor physical objects," such as commercial products, vehicles, and animals. Some school districts are proposing to use RFID ID tags to monitor students, teachers, and staff. "Chipping" students, or requiring students to wear RFID badges, raises significant privacy and security concerns. These badges can reveal intimate details such a visit to a counselor or nurse's office. EPIC's position paper maintains that, if any information from the RFID badge is compromised, "a student's location could be monitored" by many different malefactors, including stalkers and pedophiles. The position paper states, "certain uses of RFID should be flatly prohibited," including RFID without the user's knowledge or consent, coercion of or discrimination against individuals who refuse to participate in the RFID program, and covertly hidden or installed RFID chips. Moreover, EPIC and the coalition state "RFID implementation must be guided by Principles of Fair Information Practice," and "schools should not implement RFID systems" without first undergoing a "formal safety, technology, and privacy impact assessment." EPIC has a longstanding interest in protecting individuals against RFID tracking. In 2006 and 2007, EPIC submitted comments to federal agencies, recommending against the use of RFID technology to track air travelers. The State Department subsequently made changes to the proposed "e-Passport" program to address privacy and security concerns. In 2005, EPIC, in a joint letter with the EFF and the ACLU of Northern California, urged the board of the Brittan school district to terminate an experimental program using mandatory RFID badges to track children's movements. In 2004, EPIC made recommendations to the Federal Trade Commission on the commercial use of RFID technology. CASPIAN et al.: Paper on the Use of RFID in Schools (Aug. 21, 2012) http://www.spychips.com/school/RFIDSchoolPositionPaper.pdf Consumers Against Supermarket Privacy Invasion and Numbering (CASPIAN) http://www.nocards.org/ San Antonio Express-News: Article on Student RFID Tags (May 26, 2012) http://epic.org/redirect/083012-san-antonio-student-chips.html EPIC: PASS Card Comments to Department of State (Jan. 2007) http://epic.org/privacy/rfid/whti_010806.pdf EPIC: Comments on Air Traveler RFID Technology (Aug. 2007) http://epic.org/privacy/rfid/whti_080107.pdf EPIC et al.: Joint Letter on RFID Student Tracking (Feb. 2005) http://epic.org/privacy/rfid/brittan-letter.pdf EPIC: Guidelines to FTC on Commercial RFID Technology (July 2004) http://epic.org/privacy/rfid/rfid_gdlnes-070904.pdf EPIC: Radio Frequency Identification (RFID) Systems http://epic.org/privacy/rfid/ EPIC: Children and RFID Systems http://epic.org/privacy/rfid/children.html EPIC: Student Privacy http://epic.org/privacy/student/ ======================================================================== [3] Judge Rejects Settlement in Facebook 'Sponsored Stories' Case ======================================================================== A federal judge has rejected the proposed settlement in Fraley v. Facebook, a class-action lawsuit over Facebook's unauthorized use of user images as part of the site's "Sponsored Stories" advertising program. Judge Richard Seeborg of the 9th Circuit Court of Northern CA denied the motion for preliminary approval of the settlement agreement on August 17 after expressing skepticism about the terms of the settlement at a previous hearing. EPIC, along with several other consumer privacy organizations, had previously filed a letter opposing the proposed settlement on the grounds that it provided little benefit to Facebook users and that the "cy pres" allocation was not aligned with the interests of the class. "Sponsored Stories" was the subject of two separate complaints EPIC and other consumer privacy organizations filed with the Federal Trade Commission in 2009 and 2010. These complaints resulted in a significant consent order approved by the FTC August 10. Under the FTC consent order, Facebook is prohibited from misrepresenting the privacy or security of users' personal information, and must (1) obtain users' affirmative, express consent before sharing their information in a way that exceeds their privacy settings; (2) establish a comprehensive privacy program; (3) ensure that Facebook cannot access personal information after a user deletes an account; and (4) submit to independent audits every two years for the next 20 years. Under the doctrine of "cy pres," a court may "distribute unclaimed or non-distributable portions of a class action settlement fund to the 'next best' class of beneficiaries." This distribution process is ultimately guided by (1) the objectives of the underlying statute, and (2) the interests of the silent class members. A proposed "cy pres" distribution should be rejected when it fails to "provide the 'next best' distribution." In the Facebook case, EPIC and others argued that the organizations excluded from the distribution have provided significant benefits to the class members, i.e., Facebook users. In his opinion dismissing the motion for preliminary approval, Judge Seeborg noted the proposed settlement in Fraley v. Facebook is problematic for several reasons. First, Judge Seeborg stated that cy pres "provides no monetary relief directly to class members", and that the relatively small $10 million payment for roughly 70 million class members was not sufficiently justified where the statutory damages would be $.14 per plaintiff. Judge Seeborg also maintained that the injunctive relief was not sufficiently described, and that the fee settlement was disproportionate to the class relief granted. The parties will now revise their proposed settlement to address Judge Seeborg's concerns. 9th Circuit Court: Order Denying Approval of Settlement (Aug. 17, 2012) http://epic.org/redirect/083012-9th-circuit-fb-settlement-deny.html EPIC et al.: Letter to Judge of Northern District of CA (Jul. 11, 2012) http://epic.org/redirect/083012-epic-letter-fb-deny.html FTC: Press Release on Facebook Settlement (Aug. 10, 2012) http://ftc.gov/opa/2012/08/facebook.shtm EPIC: Facebook Privacy http://epic.org/privacy/facebook/ ======================================================================= [4] European Consumer Organization Backs New EU Privacy Effort ======================================================================= The European Union consumer organization BEUC has endorsed the European Commission's new proposed General Data Protection Regulation. In a new position paper the BEUC BEUC proposes changes to clarify and strengthen the privacy law, in order to "ensure the new EU framework is effective and becomes the global standard of personal data protection and privacy." The proposed revisions aim to reinforce the "user-centered approach" while retaining the existing protections provided by the Regulation. BEUC represents more than 40 independent, national consumer organizations in more than 30 European countries. The General Data Protection Regulation, officially released in January 2012, is intended to modernize the EU Data Protection Directive, which was adopted in 1995 The topics of the new General Data Protection Regulation include (1) Rights of Data Subjects (Transparency, Access to Data, Rectification, Erasure, Right to Object to Profiling); (2) Obligations of Companies (Data Security, Data Protection Assessment); (3) Increased Powers for Data Protection Agencies and New Efforts for Coordination and Collaboration; and (4) New Remedies and Sanctions. The Trans-Atlantic Consumer Dialogue, or TACD, a coalition of US and European consumer groups of which EPIC is a member, has already expressed support for the effort to update European privacy law. The TACD submitted a letter for the record at a September 2011 House hearing on "Internet Privacy: The Impact and Burden of EU Regulation." This letter stressed the importance of the EU Data Directive as a "concise statement of principles that make clear to business and consumers what their rights and obligations are." The TACD also emphasized the "great urgency in the need for the US Congress to address meaningfully the new challenges to privacy." BEUC: Data Protection Position Paper (Jul. 27, 2012) http://epic.org/privacy/BEUC-Position-Paper.pdf Bureau Europeen des Unions de Consommateurs http://www.beuc.org/ EPIC: EU Data Protection Directive http://epic.org/privacy/intl/eu_data_protection_directive.html Trans-Atlantic Consumer Dialogue http://www.tacd.org/ TACD: Letter to House Commerce Subcommittee (Sept. 14, 2011) http://epic.org/redirect/083012-TACD-letter-USHouse.html ======================================================================== [5] Republican Party Platform Seeks To Limit US Drone Surveillance ======================================================================== The 2012 Republican Party Platform now advocates Fourth Amendment limits on government use of unmanned drones in US airspace. According to the official party platform document, "We support pending legislation to prevent unwarranted or unreasonable governmental intrusion through the use of aerial surveillance or flyovers on U.S. soil, with the exception of patrolling our national borders." The platform was announced at the 2012 Republican National Convention. Earlier in 2012, Sen. Rand Paul (R-KY) and Rep. Austin Scott (R-GA) introduced legislation to limit US aerial drone surveillance. The joint bills would require law enforcement to receive a warrant before conducting any criminal surveillance of individuals in most circumstances. The US House also approved an amendment to the National Defense Authorization Act of 2013, introduced by Rep. Jeff Landry (R-LA), prohibiting information collected without a warrant by Department of Defense drones from being used in court. Rep. Ed Markey (D-MA) has also proposed comprehensive legislation for drones. At a July 2012 congressional hearing on domestic drone use, EPIC Associate Litigation Counsel Amie Stepanovich testified on the privacy implications of domestic drone use, stating that "the privacy and security concerns arising from the use of drones needs to be addressed," and calling for specific legislative safeguards to limit drone surveillance. A 2012 re-authorization bill for the Federal Aviation Administration requires the agency to develop rules governing the operation of drones within the US. In February, EPIC, joined by over 100 organizations, experts, and members of the public, petitioned the FAA to begin a rulemaking on the privacy impact of drone use. The agency has yet to respond to EPIC's petition or address other privacy concerns. GOP: Official 2012 Republican Platform http://www.gop.com/2012-republican-platform_We/ EPIC: Unmanned Aerial Vehicles (UAVs) and Drones http://epic.org/privacy/drones/ US House: Hearing on Drones and Homeland Security (Jul. 19, 2012) http://epic.org/redirect/073012-house-drone-hearing.html EPIC: Testimony on Drones before US House (Jul. 19, 2012) http://www.epic.org/privacy/testimony/EPIC-Drone-Testimony-7-12.pdf FAA: 2012 Air Transportation Modernization and Safety Improvement Act http://thomas.loc.gov/cgi-bin/bdquery/z?d112:h.r.658: EPIC: APA Petition to the FAA (Feb. 24, 2012) http://epic.org/privacy/drones/FAA-553e-Petition-03-08-12.pdf US House: Preserving Freedom from Unwarranted Surveillance Act of 2012 http://thomas.loc.gov/cgi-bin/query/z?c112:H.R.5925: US House: Drone Surveillance Amendment to the NDAA http://epic.org/redirect/083012-ndaa-drone amendment.html Rep. Ed Markey: Press Release on Draft Drone Legislation (Aug. 1, 2012) http://epic.org/redirect/083012-markey-drone amendment.html ======================================================================== [6] News in Brief ======================================================================== FTC Proposes Additional Changes to Children's Online Privacy Rule The Federal Trade Commission has proposed additional changes to the Children's Online Privacy Protection Act Rule. The revised rule would clarify that operators of websites who use advertising services and plug-ins that collect data about children would have to comply with COPPA. The rule would also allow mixed-audience websites to age-screen visitors, and would clarify the circumstances in which persistent identifiers such as cookies or IP addresses are considered "personal information." The revisions modify an earlier rule that was proposed by the FTC in September 2011. EPIC commented on the September 2011 rule, noting that "the proposed revisions update the COPPA Rule by taking better account of the increased use of mobile devices by users and of new data collection practices by businesses." FTC: Press Release on Proposed COPPA Changes (Aug. 1, 2012) http://www.ftc.gov/opa/2012/08/coppa.shtm FTC: Text of 2012 Revisions (Dec. 23, 2011) http://www.ftc.gov/os/comments/copparulereview2011/00367-82392.pdf FTC: Initial Press Release on COPPA Changes (Sept. 15, 2011) http://www.ftc.gov/opa/2011/09/coppa.shtm FTC: Text of Sept 2011 COPPA Rules (Sept. 15, 2011) http://www.ftc.gov/os/2011/09/110915coppa.pdf EPIC: Comments to FTC on Sept 2011 Revisions (Dec. 23, 2011) http://epic.org/redirect/083012-epic-coppa-2011-comments.html EPIC: Testimony Before US Senate on COPPA (Apr. 29, 2010) http://epic.org/privacy/kids/EPIC_COPPA_Testimony_042910.pdf EPIC: Comments to the FTC on COPPA Rule Review (Jul. 9, 2010) http://epic.org/privacy/ftc/COPPA_070910.pdf EPIC: Children's Online Privacy Protection Act http://epic.org/privacy/kids/ Federal Court Applies Video Privacy Law to Streaming Services A California federal district court has held that the Video Privacy Protection Act applies to companies that provide video streaming services over the Internet. The opinion, which is the first to address the issue, relies on the forward-looking nature of the law, and states, "Congress was concerned with protecting the confidentiality of private information about viewing preferences regardless of the business model or media format involved." EPIC testified on the VPPA before the Senate Judiciary Committee in early 2012 and recommended several ways that Congress could strengthen the Act, including applying it to streaming services and allowing users to inspect the information that video providers collect about them. The US Senate is considering an amendment that would weaken the consent provision of the law by allowing companies such as Netflix to obtain blanket consent to routinely disclose a consumer's video viewing records. US District Court of N. CA: Ruling in VPPA Case (Aug. 10, 2012) http://epic.org/privacy/vppa/In-re-Hulu-Order-On-Mot-To-Dismiss.pdf EPIC: Testimony before US Senate on VPPA Changes (Jan. 31, 2012) http://epic.org/privacy/vppa/EPIC-Senate-VPPA-Testimony.pdf US Senate: Proposed Amendment to VPPA (Jul. 25, 2012) http://epic.org/redirect/083012-senate-vppa-amendment.html EPIC: Video Privacy Protection Act http://epic.org/privacy/vppa/ Government Standard for Vehicle 'Event Data Recorders' Will Go Forward The National Highway Traffic Safety Administration has denied a petition for rulemaking that would delay the effective date of national requirements for event data recorders. As a result, the US government's requirements that the devices be installed in new vehicles will go into effect September 1, 2012. Commonly referred to as "black boxes," event data recorders collect and store vehicle operation information before, during, and after a vehicle crash, including vehicle location, driver speed, seat belt use, and number of vehicle occupants. In 2003 and 2004, EPIC urged the agency and the automotive industry to protect privacy interests when deploying event data recorders. Federal Register: Notice of NHTSA Denial of Petition (Aug. 12, 2012) http://www.gpo.gov/fdsys/pkg/FR-2012-08-14/pdf/2012-19762.pdf NHTSA: Event Data Recorders http://epic.org/redirect/083012-nhtsa-event-recorders.html EPIC: 2003 Comments Before NHTSA on Event Data Recorders (Feb. 2003) http://epic.org/privacy/drivers/edr_comments.pdf EPIC: 2004 Comments Before NHTSA on Event Data Recorders (Aug. 2004) http://epic.org/privacy/drivers/edr_comm81304.html EPIC: Drivers Privacy Protection Act http://epic.org/privacy/drivers/ Supreme Court Upholds, for the Moment, Controversial State DNA Law US Supreme Court Chief Justice John Roberts has granted a preliminary stay of a decision by the Maryland Supreme Court, which would have invalidated that state's new DNA collection law. The Maryland court ruled in April that the warrantless collection of DNA from an arrestee constituted an unreasonable search. Justice Roberts, however, wrote that there was a "reasonable probability" that the Court would agree to review the case and that the state of Maryland would suffer irreparable harm if the law is invalidated in the interim. EPIC has filed "friend of the court" briefs in several DNA privacy cases, including United States v. Pool (2011), Kohler v. Englade (2006), and Maryland v. Raines (2003). US Supreme Court: Stay of Decision in Maryland v. King (Jul. 30, 2012) http://epic.org/redirect/083012-scotus-stay-maryland.html State of MD Supreme Court: Decision in MD v. King (Apr. 24, 2012) http://mdcourts.gov/opinions/coa/2012/68a11.pdf EPIC: "Friend of the Court" Brief in US v. Pool (Jul. 25, 2011) http://epic.org/amicus/pool/EPIC_brief_Pool_Final.pdf EPIC: US v. Pool http://epic.org/amicus/pool/default.html EPIC: "Friend of the Court" Brief in Kohler v. Englade (Oct. 2005) http://epic.org/privacy/kohler/amicus.pdf EPIC: Kohler v. Englade http://epic.org/privacy/kohler/ EPIC: "Friend of the Court Brief" in Maryland v. Raines (Apr. 2004) http://epic.org/privacy/genetic/raines_amicus.pdf EPIC: The DNA Act http://epic.org/amicus/dna-act/ EPIC: Genetic Privacy http://epic.org/privacy/genetic/ ======================================================================= [7] EPIC in the News ======================================================================= "Aggressive use of personal data by political campaigns prompts alarm for privacy advocates." Free Speech Radio News, Aug. 29, 2012. http://fsrn.org/audio/privacy-and-campaign-apps/10803 "License plates scanned at border, data shared with car insurance group." Ars Technica, Aug. 22, 2012. http://epic.org/redirect/083012-arstechnica-license-readers.html "Federal Agencies Trade Motorist Data to Insurance Companies." Thenewspaper.com, Aug. 24, 2012. http://www.thenewspaper.com/news/38/3877.asp "7 reasons the FTC could audit your privacy program." Computer World, Aug. 21, 2012. http://news.idg.no/cw/art.cfm?id=EC383480-9530-B97D-CC86AC4ACC324B2F "Experts Join with CASPIAN to Oppose RFID Tracking in Schools." PR Web, Aug. 21, 2012. http://www.prweb.com/releases/2012/8/prweb9820494.htm "U.S. Customs Tracks Millions Of License Plates And Has Shared Data With Insurance Firms." Forbes, Aug. 21, 2012. http://epic.org/redirect/083012-forbes-license-readers.html "Privacy Questions Accompany Automated License Plate Scanners." Information Week, Aug. 17, 2012. http://epic.org/redirect/083012-infoweek-epic-license.html "Facebook’s Privacy Policy Was a Lie Says the FTC." JD Supra, Aug. 16, 2012. http://epic.org/redirect/083012-jdsupra-epic-fb.html For More EPIC in the News: http://epic.org/news/epic_in_news.html ======================================================================= [8] Book Review: 'Privacy' ======================================================================= "Privacy," Garret Keizer. http://epic.org/redirect/083012-privacy-keizer.html Privacy is like a pregnant woman on a bus. Jesus was a privacy advocate. Privacy is fundamentally an elitist concept, and yet essential to human dignity. You puzzle over these disparate theories? Be prepared for an entire book in which privacy, usually portrayed as a non-partisan issue, veers wildly to the political left. "Privacy" is a high-speed ideological dive-and-swoop through history, literature, technology, politics and world mythology, all wrapped up in a tiny, pretty paper package not much bigger than an e-reader. The net effect is equal parts bourgeois guilt and squirmy 21st-century cultural overload. The crux of essayist and former Guggenheim Fellow Garret Keizer's new book won't please privacy activists who lean Libertarian. Privacy, he contends, is not only a human right, but also a social justice issue. "You and I belong to a society in which the gap between the rich and the poor is widening even as our personal privacy shrinks," he begins. "If . . . the middle class is vanishing, then . . . the privacy of all sbut a few people is vanishing with it." Keizer is resolute and fierce in his humanistic polemics, borrowing from privacy scholars like Jeffrey Rosen, as well as far-flung sources like Ursula K. LeGuin, Bob Dylan, John Donne, Elizabeth I, and Andy Warhol. Kaiser reiterates that all people "are important and worthy of preservation," and thus all have a right to be "let alone" (as opposed to "left alone"), just as they have rights to air and water. And, according to Keizer, nearly every aspect of modern society is failing to offer humanity its rights. Keizer aces all the easy privacy targets (social media and Google are exploitative; mobile devices are alienating; the poor are denied many privacy rights the middle class take for granted) but then tosses in some far more volatile issues, particularly with respect to women and feminism. He quotes feminist scholar Catherine MacKinnon ("'This right of privacy is a right of men "to be let alone" to oppress women one at a time'"), and asks, "What is a woman?" vis a vis gender and privacy. Does he have answers? Not really. "Privacy" stuns, both in the condemnation of first-world culture and in readers' complicity in their own oppression. But this book's delicate form factor should have made Keizer a little more circumspect about how many pop-culture, mythological, historical, and deconstructionist references he's packed into it. It's also a little heavy on potentially transient current events: Relying on the myopia of recent news cycles is not a fabulous way to preserve a book's shelf life, regardless of the basic content. Keizer's moral certitude about his positions on privacy deserves more examination than it gets here. -- EC Rosenberg ================================ EPIC Publications: "Litigation Under the Federal Open Government Laws 2010," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark S. Zaid (EPIC 2010). Price: $75 http://epic.org/bookstore/foia2010/ Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding President Obama's 2009 memo on Open Government, Attorney General Holder's March 2009 memo on FOIA Guidance, and the new executive order on declassification. The standard reference work includes in-depth analysis of litigation under: the Freedom of Information Act, the Privacy Act, the Federal Advisory Committee Act, and the Government in the Sunshine Act. The fully updated 2010 volume is the 25th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. http://www.epic.org/redirect/aspen_ipl_casebook.html This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore http://www.epic.org/bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= CONSENT Policy Conference: "Perceptions, Privacy and Permissions: the role of consent in on-lineservices." 6-7 September 2012, Cluj-Napoca, Romania. Call for papers by 7 June 2012. For More Information: http://conference.ubbcluj.ro/consent/. The Constitution Project: "Fusion Centers: Concerns and Recommendations for Information Sharing Post 9/11." 11 September 2012, Washington, DC. For More Information: Email Larry Akey, lakey@constitutionproject.org. DataCenter Dynamics Converged. 12 September 2012, Washington, DC. For More Information: http://www.datacenterdynamics.com/conferences/2012/ washington-dc-2012?i=who-should-attend. Cato Institute's 11th Annual Constitution Day Conference, 18 September 2012, Washington, DC. For More Information: http://www.cato.org/events/ccs2012/index.html. 3rd Annual Privacy, ATI and Security Congress. 4-5 October 2012, Ottawa, ON. For More Information: http://www.rebootconference.com/ events/information-privacy-security-congress-2012/. Amsterdam Privacy Conference. 7-10 October 2012, Amsterdam. For More Information: http://www.ivir.nl/news/CallforPapersAPC2012.pdf. 34th International Conference of Data Protection and Privacy. 23-25 October 2012, Punta del Este, Uruguay. For more information: http://www.privacyconference2012.org/english/sobre-la-conferencia/ noticias/noticia-destacada. The Public Voice Conference. 22 October 2012, Punta del Este, Uruguay. For more information: http://www.thepublicvoice.org/. PIPA Conference 2012: "Privacy on the Go." 1-2 November 2012, Calgary, Alberta. For More Information: http://privacyconference2012.ca. "Computers, Privacy and Data Protection: Reloading Data Protection." 23-25 January 2013, Brussels. For More information: http://www.cpdpconferences.org/. ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://epic.org/facebook http://twitter.com/epicprivacy Join us on Twitter for #privchat, Tuesdays, 11:00am ET. Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Donate to EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers. Thank you for your support. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 19.16 ------------------------