EPIC Alert 20.12
======================================================================= E P I C A l e r t ======================================================================= Volume 20.12 June 27, 2013 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/epic_alert_20.12.html "Defend Privacy. Support EPIC." http://epic.org/donate ======================================================================== Table of Contents ======================================================================== [1] EPIC, Bamford, Diffie, Schneier Call for Suspension of NSA Domestic Surveillance Program [2] Supreme Court Upholds Privacy of Driver Records [3] EPIC Obtains Docs Detailing FBI Collection of DMV Photos [4] EPIC to FCC: Investigate Disclosure of Consumer Phone Records [5] NSA Targeting and Minimization Procedures Released [6] News in Brief [7] EPIC in the News [8] EPIC Book Review: 'Big Data' [9] Upcoming Conferences and Events TAKE ACTION: Sign EPIC's Petition Against NSA Domestic Surveillance! - SIGN the Petition: https://epic.org/NSApetition/ - LEARN More: https://epic.org/privacy/terrorism/fisa/ - SUPPORT EPIC: http://www.epic.org/donate/ ======================================================================== [1] EPIC, Bamford, Diffie, Schneier Call for Suspension of NSA Domestic Surveillance Program ======================================================================== EPIC, joined by leading privacy and technology experts including James Bamford, Whitfield Diffie, and Bruce Schneier, has petitioned the National Security Agency to suspend domestic surveillance programs pending public comment. According to recently released classified documents, the NSA is engaging in programs that monitor US phone calls and other forms of electronic communication, implicating the First and Fourth Amendment rights of millions of American citizens. EPIC's petition states: "NSA's collection of domestic communications contravenes the First and Fourth Amendments to the United States Constitution, and violates several federal privacy laws, including the Privacy Act of 1974, and the Foreign Intelligence Surveillance Act of 1978 as amended." EPIC filed the petition as a request for formal rulemaking under the Administrative Procedure Act, which states that agency actions that substantially affect the rights of US citizens must go through a systematic public notice and comment process before being enacted. The EPIC petition to the NSA further states that the NSA's domestic surveillance "substantively affects the public to a degree sufficient to implicate the policy interests" that require public comment, and that "NSA's collection of domestic communications absent the opportunity for public comment is unlawful." The NSA surveillance programs, operating under the Foreign Intelligence Surveillance Act and heavily classified, do not receive any public oversight. The NSA provides classified briefings to only a handful of members of Congress, and the agency's surveillance activities are reviewed by a secret court known as the FISC. Bamford is a former NSA employee and author of numerous books and articles on the inner workings of the US intelligence community. Diffie, a mathematician and technologist, pioneered public key cryptography in the 1970s and 1980s. Schneier is the Chief Technology Officer of BT Counterpane and a leading author on computer security. All are members of the EPIC Advisory Board. EPIC intends to renew the request each week until the NSA responds, as required by all federal agencies under the statute. The petition is available at http://epic.org/NSApetition. EPIC: Rulemaking Petition to the NSA http://epic.org/NSApetition FISC: Order Permitting NSA Phone Surveillance (Apr. 23, 2013) http://epic.org/privacy/nsa/Section-215-Order-to-Verizon.pdf EPIC: NSA - Verizon Phone Record Monitoring http://epic.org/privacy/nsa/verizon/default.html EPIC: The Administrative Procedure Act (APA) http://epic.org/open_gov/Administrative-Procedure-Act.html ======================================================================== [2] Supreme Court Upholds Privacy of Driver Records ======================================================================== The US Supreme Court has ruled that the exceptions in a privacy statute that protects drivers' records should be read narrowly and that attorneys cannot use DMV records to solicit clients. In Maracich v. Spears, the Court ruled that solicitation is not a permissible use of state motor vehicle records under the Driver's Privacy Protection Act (DPPA). The DPPA says that personal information in DMV records cannot be obtained and used by individuals except for certain enumerated purposes. Justice Anthony Kennedy, writing for the majority, said, "To permit this highly personal information to be used in solicitation is so substantial an intrusion on privacy it must not be assumed, without language more clear and explicit, that Congress intended to exempt attorneys from DPPA liability in this regard." Justice Kennedy further said: "Petitioners and other state residents have no real choice but to disclose their personal information to the state DMV, including highly restricted personal information. The use of that information by private actors to send direct commercial solicitations without the license holder's consent is a substantial intrusion on the individual privacy the Act protects." As Justice Kennedy explained, "Congress chose to protect individual privacy by requiring a state DMV to obtain the license holder's express consent before permitting the disclosure, acquisition, and use of personal information for bulk solicitation," adding, "Direct marketing and solicitation present a particular concern not only because these activities are of the ordinary commercial sort but also because contacting an individual is an affront to privacy even beyond the fact that a large number of persons have access to the personal information." Writing in dissent, Justice Ruth Bader Ginsburg expressed concern that theCourt's opinion would make it more difficult for attorneys to contact clients. Congress passed the DPPA in 1994 in order to prevent stalking and solicitation using the personal information contained within motor vehicle records. The statute contains a blanket prohibition on the use of personal information contained within DMV records, unless the user can meet one of the enumerated exceptions, a common formula for privacy protection statutes. The Court ruled that Congress' formulation of these statutes deserves deference. Justice Kennedy said that when Congress wishes to create an exception to a privacy protection, it uses "explicit terms." Consequently, said Kennedy, exceptions should be interpreted "narrowly in order to preserve the primary operation of the provision.", rather than to the outer limits of the text. State DMV records contain a huge amount of sensitive personal information, including Social Security Numbers, biometric identifiers, and medical information. EPIC filed a "friend of the court" brief discussing the wide range of personal information contained in DMV records and the risks of identity theft. Following the enactment of the Department of Homeland Security's REAL ID rules, state DMVs will be required to collect and retain substantially more detailed personal information. In 1999, EPIC submitted a "friend of the court" brief defending the DPPA in the case Reno v. Condon. The Supreme Court, in a unanimous opinion by Chief Justice Rehnquist, upheld the constitutionality of the law. US Supreme Court: Decision in Maracich v. Spears (Jun. 17, 2013) http://www.supremecourt.gov/opinions/12pdf/12-25_4314.pdf EPIC: "Friend of the Court" Brief in Maracich v. Spears (Nov. 16, 2012) http://epic.org/redirect/112112-epic-marchich-amicus.html EPIC: Driver's Privacy Protection Act http://epic.org/privacy/drivers/ EPIC: Maracich v. Spears http://epic.org/amicus/dppa/maracich/ EPIC: Reno v. Condon http://www.epic.org/privacy/drivers/epic_dppa_brief.pdf‎ ======================================================================== [3] EPIC Obtains Docs Detailing FBI Collection of DMV Photos ======================================================================== EPIC has obtained, via a Freedom of Information Act request, a number of agreements between the FBI and state DMVs. The agreements allow the FBI to use facial recognition to compare subjects of FBI investigations with the millions of license and identification photos retained by participating state DMVs. According to the documents obtained by EPIC, this facial recognition program is run by the FBI's Facial Analysis, Comparison, and Evaluation Services (FACES) Unit. According to a Standard Operating Procedure for FACES, the "service will be expanded to include a larger customer base as the operation evolves." Currently, the FACES team provides a photo to state DMVs, which then return up to 25 results per DMV for evaluation. FACES also has access to photos from other federal databases, including the Departments of State and Defense. A Privacy Threshold Analysis obtained by EPIC indicates that a Privacy Impact Assessment is required of FACES, but to date EPIC has not received any documentation to indicate that a Privacy Impact Assessment had been performed. In addition to facial recognition programs, the FBI is developing a biometric database program called "Next Generation Identification;" photographs used for facial recognition will be part of this database. EPIC is suing the FBI to learn more about the development of Next Generation Identification, which will include iris scans, DNA profiles, voice identification profiles, and palm prints. EPIC: FOIA Request to FBI re: FACES (Mar. 29, 2013) http://epic.org/foia/fbi/faces/EPIC-FOIA-Request-FBI-DMV-MOUs.pdf EPIC: FBI Agreements with State DMVs (Mar. 2013) http://epic.org/foia/fbi/faces/FBI-MOUs-FACES-Unit.pdf EPIC: FBI FACES Unit Standard Operating Procedure (Apr. 9, 2013) http://epic.org/foia/fbi/faces/FBI-SOP-FACES-Unit.pdf EPIC: FBI FACES Privacy Threshold Analysis (Apr. 1, 2011) http://epic.org/foia/fbi/faces/FBI-PTA-FACES-Unit.pdf EPIC: EPIC v. FBI - Next Generation Identification http://epic.org/foia/fbi/ngi/ EPIC: Facial Recognition http://epic.org/privacy/facerecognition/ ======================================================================== [4] EPIC to FCC: Investigate Disclosure of Consumer Phone Records ======================================================================== In a letter to Federal Communications Commission Chair Mignon Clyburn, EPIC has urged the agency to determine whether Verizon violated the Communications Act when it released consumer call detail information to the National Security Agency (NSA). In early June, UK newspaper The Guardian reported that, in response to a Foreign Intelligence Surveillance Court order, Verizon had released identifying call metadata to the NSA, including telephone numbers, time of call, and call duration. The Guardian also published a copy of the classified order. EPIC's letter argues that, by "surrendering protected information of its consumers in response to a facially invalid order, Verizon has violated the legal protections surrounding consumer proprietary network information ('CPNI')," which includes the time, date, duration, destination number, and location of telephone calls, and any other information that appears on the subscriber's telephone bill. According to the letter, a key provision of the Telecommunications Act "places strict limits on telecommunications carriers' ability to disclose CPNI. Disclosure is only permitted as required by law, with the customer's consent, or pursuant to four narrowly drawn exceptions related to the facilitation of telecommunications or emergency services." "Verizon's disclosure of CPNI to the NSA was not authorized under the Telecommunications Act because it did not fall under any of the Act's permissible disclosures. Verizon customers did not authorize these disclosures," EPIC's letter maintains. The letter also refers the FCC to EPIC's June 7 letter to Congress, detailing the illegality of the FISC order that presumably formed the basis for Verizon's disclosures of CPNI. "The role of carriers like Verizon is particularly important because the structure of the Foreign Intelligence Surveillance Act does not allow for meaningful public oversight or accountability," EPIC argues. Thus, "millions of consumers had no way of knowing that their personal information had been illegally provided to the NSA by Verizon" - yet at the same time, "these consumers are completely dependent on Verizon for the protection of their personal phone records." Congress explicitly charged the Commission with investigating unauthorized disclosures of consumer call detail information. Over 20 years ago, the FCC ruled that CPNI "belongs to the customers," not carriers, and restricted carriers' use of CPNI. Since then, the Commission has exercised authority numerous times to protect the privacy of consumers' phone records. EPIC's letter therefore urged the FCC to "investigate Verizon's violations of the Telecommunications Act, and its consumers' privacy, by surrendering protected information in response to a plainly unlawful order." EPIC: Letter to FCC re: NSA Surveillance (Jun. 11, 2013) http://epic.org/privacy/terrorism/fisa/EPIC-FCC-re-Verizon.pdf FISA: Verizon Order (Apr. 23, 2013) http://epic.org/privacy/nsa/Section-215-Order-to-Verizon.pdf EPIC: Foreign Intelligence Surveillance Act http://epic.org/privacy/terrorism/fisa/ EPIC: Clapper v. Amnesty Int'l http://epic.org/amicus/fisa/clapper/ EPIC: USA PATRIOT Act http://epic.org/privacy/terrorism/usapatriot/ ======================================================================== [5] NSA Targeting and Minimization Procedures Released ======================================================================== Top Secret documents recently published by the UK's Guardian newspaper reveal the National Security Agency's procedures for targeting non-US citizens under the Foreign Intelligence Surveillance Act, as well as the minimization procedures for information collected about US citizens. The documents indicate that "[a] person whose location is not known will be presumed to be a non-United States person." The minimization procedures also contain a number of exceptions that allow for the NSA to collect domestic communications. According to the documents, the NSA may collect any communications based on the fact that the communications are encrypted, and retain the encrypted information for as long as needed to exploit it. The documents also indicate the NSA maintains databases of the telephone numbers, email accounts, and other identifiers of US citizens. In response to the recent revelations about NSA domestic surveillance, Senator Patrick Leahy (D-VT), joined by several other US senators, has introduced a bill amending certain provisions of the USA PATRIOT Act and the FISA Amendments Act. The bill would increase the NSA's threshold for obtaining domestic metadata, require court-approved minimization procedures, and move up expiration dates on surveillance authorities to June 2015. EPIC recently petitioned the NSA to suspend domestic surveillance pending public comment. In May 2012, EPIC testified before Congress on the FISA Amendments Act of 2008 and made recommendations on improving public accountability and oversight for FISA. EPIC urged Congress not to reauthorize the FISA Amendments Act until adequate oversight procedures were in place. "Where the government is given new authorities to conduct electronic surveillance, there should be new means of oversight and accountability," EPIC stated. NSA: Minimization Procedures in Foreign Intelligence (Jul. 28, 2009) http://epic.org/redirect/062613-nsa-minimization.html NSA: Procedures for Targeting Non-US Persons (July 28, 2009) http://epic.org/redirect/062613-nsa-targeting.html Sen. Patrick Leahy (D-VT): Text of FISA Bill (Jun. 2013) http://www.leahy.senate.gov/download/sch13282 EPIC: NSA Petition (Jun. 17, 2013) http://epic.org/NSApetition/ EPIC: Testimony on the FISA Amendments Act of 2008 (May 31, 2012) http://epic.org/redirect/073012-epic-fisa-testimony.html EPIC: Foreign Intelligence Surveillance Act (FISA) http://epic.org/privacy/terrorism/fisa/ ======================================================================== [6] News in Brief ======================================================================== EU Commissioner Asks Attorney General to Explain US Spying European Justice Commissioner Viviane Reding has demanded that US Attorney General Eric Holder explain the scope of US data collection on EU citizens. "Direct access of US law enforcement to the data of EU citizens on servers of US companies should be excluded unless in clearly defined, exceptional and judicially reviewable situations," the Commissioner wrote. The Commissioner's request is similar to that made by other European officials, including German Justice Minister Sabine Leutheusser-Schnarrenberger, who also stated that "all facts must be put on the table." Recent reports indicate that US lobbied the European Commission to weaken a comprehensive data protection law now pending in the European Parliament. Earlier in 2013, EPIC joined a coalition of leading US consumer and civil liberties organizations expressing concern about the role of US officials in the development of European privacy law. The coalition's letter stated that "without exception," members of the European Parliament reported that the US government was "mounting an unprecedented lobbying campaign to limit the protections that European law would provide." EU Justice Commissioner: Letter to USAG re: NSA (Jun. 13, 2013) http://www.statewatch.org/news/2013/jun/eu-usa-reding-ag.letter.pdf German Justice Ministry: Statement on NSA (Jun. 12, 2013) http://epic.org/redirect/062613-german-nsa-statement.html EU: Draft of Data Protection Law (Jan. 25, 2013) http://epic.org/redirect/062613-eu-data-law-draft.html EPIC et al.: Letter to US Officials re: EU Privacy Law (Feb. 4, 2013) http://epic.org/privacy/intl/NGOs-to-US-Gov-re-EU-US-Privacy.pdf EPIC: EU Data Protection Regulation http://epic.org/privacy/intl/eu_data_protection_directive.html EPIC, Coalition Demand Congress Investigate NSA Surveillance EPIC and a coalition of over 100 civil liberties organizations and Internet companies have sent a letter to the US Congress, demanding a full-scale investigation into the National Security Agency's domestic surveillance activities. The coalition's letter emphasized the need for public transparency and an end to dragnet surveillance: "This type of blanket data collection by the government strikes at bedrock American values of freedom and privacy," the letter states. EPIC is also spearheading a petition to the NSA that requires the agency to suspend programs that collect information on all US persons. EPIC intends to renew the request to the agency every week until the NSA responds. Civil Liberties/Internet Coalition: Letter to Congress (Jun. 2013) http://epic.org/privacy/nsa/Coal-NSA-Spy-Ltr.pdf EPIC: Petition to NSA to Stop Data Collection on US Persons http://epic.org/NSApetition EPIC: NSA: Verizon Phone Record Monitoring http://epic.org/privacy/nsa/verizon/default.html EPIC: USA PATRIOT Act http://epic.org/privacy/terrorism/usapatriot/ EPIC: Domestic Surveillance http://epic.org/features/surveillance.html EPIC Opposes DHS Biometric Collection EPIC has submitted comments to the Department of Homeland Security, staunchly opposing the agency's border biometric collection, facilitated through the Office of Biometric Identity Management program. Since at least 2004, DHS has collected fingerprints and facial photos from individuals entering the US, which are then disseminated to DHS agency components, other federal agencies, "federal, state, and local law enforcement agencies," and the "federal intelligence community." Currently, at least 30,000 individuals from federal, state, and local governments can access the DHS biometric data, which DHS also shares with foreign governments, including Canada, Australia, and the United Kingdom. EPIC's comments urge the agency to cease collecting biometric information without proper privacy safeguards in place. Should the agency continue to collect this sensitive information, EPIC recommends that DHS: (1) impose strict information security safeguards on biometric information collection and limit dissemination of biometric information; (2) conduct a comprehensive privacy impact assessment on the biometric collection program; (3) grant individuals Privacy Act rights before collecting additional biometric information; and (4) adhere to international privacy standards. EPIC: Comments to DHS re: US Border Biometric Collection (Jun. 14, 2013) http://epic.org/privacy/biometrics/EPIC-OBIM-Cmts.pdf DHS: RFC on US Border Biometric Collection (Apr. 15, 2013) http://www.gpo.gov/fdsys/pkg/FR-2013-04-15/pdf/2013-08718.pdf DHS: Government Agencies Using US-VISIT http://www.dhs.gov/government-agencies-using-us-visit EPIC: US-VISIT http://epic.org/privacy/us-visit/ EPIC: Biometrics http://epic.org/privacy/biometrics/ EPIC Recommends Privacy Protections for Natural Disaster Survivors In comments to the National Institutes of Health, an agency component of the US Department of Health and Human Services, EPIC urged the agency to safeguard personally identifiable information following natural disasters. The agency proposes to use the "People Locator" system and related mobile app ReUnite to reunite "family and friends who are separated during a disaster." The People Locator system allows third parties to enter highly sensitive information about each missing or located individual, which in turn is accessed by the public, including an individual's name, location, date of birth, race, religion, health status, address, and photographs. EPIC recommended that the agency: (1) limit data collection to relevant information; (2) protect the system's security by implementing data access control and establishing data quality standards; (3) define a record retention and disposal schedule; (4) establish guidelines, which adhere to the Fair Information Practices, for disclosures to third parties. EPIC: Comments to NIH re: Disaster People Locator (Jun. 14, 2013) http://epic.org/redirect/062613-epic-nih-comments.html NIH: Request for Comments on People Locator System (Apr. 15, 2013) http://www.gpo.gov/fdsys/pkg/FR-2013-04-15/pdf/2013-08788.pdf NIH: Lost Person Finder https://lpf.nlm.nih.gov/ EPIC: Locational Privacy http://epic.org/privacy/location_privacy/ Senator Paul Seeks Answers about FBI's Domestic Drone Use Senator Rand Paul (R-KY) has sent a letter to FBI Director Robert Mueller seeking answers about the FBI's domestic use of drones. In a recent US Senate Judiciary Committee hearing on FBI oversight, Director Mueller admitted that the FBI uses drones for domestic surveillance. Mueller also stated there were no guidelines in place to regulate the FBI's use of drones or protect the privacy of Americans. In 2012, EPIC petitioned the Federal Aviation Administration to conduct a public rulemaking addressing domestic drones' threat to privacy and civil. Earlier in 2013, EPIC petitioned the Bureau of Customs and Border Protection to establish privacy regulations for CBP's drone use, and testified before the US Congress on domestic drones and privacy. Sen. Rand Paul (R-KY): Letter re: Domestic Drone Use (Jun. 20, 2013) http://www.paul.senate.gov/files/documents/MuellerDrones.pdf US Senate Judiciary Comm.: Hearing on Domestic Drones (Jun. 19, 2013) http://epic.org/redirect/062613-senate-drones.html EPIC et al.: Petition to FAA re: Drone Privacy (Feb. 24, 2012) http://epic.org/privacy/drones/FAA-553e-Petition-03-08-12.pdf EPIC: Petition to CPB re: Domestic Drone Privacy (Mar. 2013) http://epic.org/drones_petition/ EPIC: Testimony Before US Congress on Domestic Drones (Mar. 13, 2013) http://epic.org/redirect/032913-epic-drone-testimony.html EPIC: Domestic Unmanned Aerial Vehicles (UAVs) and Drones http://epic.org/privacy/drones/ Privacy Officials Seek Answers on Google Glass More than 30 international privacy officials, including the Privacy Commissioner of Canada and the Chairman of the EU's Article 29 Working Party, have written to Google demanding information on Google Glass. "[W]e would strongly urge Google to engage in a real dialogue with data protection authorities about Glass," the letter states. The coalition also lists eight specific questions for Google to answer, including how Glass complies with privacy laws and how Google intends to use the information collected by Glass. Recently, members of the US Congressional Bi-Partisan Privacy Caucus wrote to Google with similar questions about Glass; following the letter, Google announced that it would not approve any facial recognition apps for Glass. Canadian Privacy Commissioner: Letter to Google (Jun. 18, 2013) http://www.priv.gc.ca/media/nr-c/2013/nr-c_130618_e.asp US Congress: Bi-Partisan Privacy Caucus Letter to Google (May 16, 2013) http://joebarton.house.gov/images/GoogleGlassLtr_051613.pdf Google: Press Release on Glass and Facial Recognition (May 31, 2013) https://plus.google.com/u/0/+projectglass/posts/fAe5vo4ZEcE EPIC: Google Glass and Privacy http://epic.org/privacy/google/glass/default.html European Privacy Authorities Give Google 3 Months to Comply with Law European data protection authorities have ordered Google to comply with EU data protection law or face fines. The French Data Protection Authority (CNIL), which led the investigation into Google's consolidation of user data, stated that "Google has not implemented any significant compliance measures", and gave the company three months to comply with CNIL requirements. The decision follows an investigation triggered by the collapse of the Google privacy policy in March 2012, which allowed the company to combine user data across 60 Internet services to create detailed profiles on Internet users. In response, EPIC sued the Federal Trade Commission to enforce the terms of a settlement with Google that would have prohibited changes in Google's business practices. Google's consolidation also prompted objections from state attorneys general, members of Congress, and IT managers in the government and private sectors. CNIL: Press Release on Google Order (Jun. 20, 2013) http://epic.org/redirect/062613-cnil-google-press-release.html NAAG: Letter to Google re: Privacy Policy Changes (Feb. 22, 2012) http://epic.org/redirect/022912-naag-google-letter.html US Congress: Bi-Partisan Privacy Caucus Letter to FTC (Feb. 17, 2012) http://epic.org/redirect/030113-priv-caucus-letter-google.html SafeGov: Blog Post on Google Privacy Changes (Jan. 25, 2012) http://epic.org/redirect/022912-safegov-google-post.html EPIC: In re: Google Buzz http://epic.org/privacy/ftc/googlebuzz/ EPIC: EPIC v. FTC (Enforcement of the Google Consent Order) http://epic.org/privacy/ftc/google/consent-order.html EPIC's Rotenberg: "Time to Restore Oversight of Domestic Surveillance" Writing in The Washington Post, EPIC President Marc Rotenberg said that there is a clear problem that needs to be addressed following the news report of the NSA's domestic surveillance program: "the Foreign Intelligence Surveillance Court (FISC) is an inadequate check on the government's demands for personal information." Rotenberg pointed to the routine approval of all surveillance orders presented to the surveillance court. He also wrote that the court has exceeded its statutory purpose. "No longer tethered to the mission of enabling the monitoring of foreign agents or the collection of foreign intelligence, the FISC's enormous surveillance authorities are now directed to the daily activities of Americans." EPIC's President concluded, "It may be the case that the government needs access to vast amounts of telephone records and the user data held by Internet firms. But that argument can no longer be made to a court where there is no meaningful review and too little public accountability." Marc Rotenberg in The Washington Post: "It Is Time to Return to Oversight of Surveillance Authority" (Jun. 12, 2013) http://www.washingtonpost.com/opinions/it-is-time-to-return-to- oversight-of-surveillance-authority/2013/06/12/522fe660-d217- 11e2-9577-df9f1c3348f5_story.html ======================================================================== [7] EPIC in the News ======================================================================== "Tech companies fret over loss of consumers' trust after NSA revelations." The Hill, June 24, 2013. http://thehill.com/blogs/hillicon-valley/technology/307183-tech- companies-fret-over-loss-of-consumers-trust#ixzz2XLrdhSJV "Obama Meets with privacy watchdog panel . . . in private." The Washington Times, June 23, 2013. http://www.washingtontimes.com/news/2013/jun/23/obama-meets-privacy- watchdog-panel-private/?utm_source=RSS_Feed "EPIC publishes comments on DHS biometric border management." Biometric Update, June 21, 2013. http://www.biometricupdate.com/201306/epic-publishes-comments-on- dhs-biometric-border-management/ Opinion: "BOVARD: Transportation security doesn't include the freedom to molest." The Washington Times, June 20, 2013. http://www.washingtontimes.com/news/2013/jun/20/transportation- security-doesnt-include-the-freedom/ "FBI director confirms limited drone use in U.S." Constitution Daily, June 19, 2013. http://blog.constitutioncenter.org/2013/06/fbi-director-confirms- limited-drone-use-in-u-s/ "Tech companies jockey to seem the most transparent." CNN, June 18, 2013. http://www.cnn.com/2013/06/18/tech/web/tech-companies-data- transparent "Yahoo releases number of data requests, calls for transparency." The Christian Science Monitor, June 18, 2013. http://www.csmonitor.com/Innovation/2013/0618/Yahoo-releases- number-of-data-requests-calls-for-transparency "FBI Driver's License Photo Searches Raise Privacy Questions." Information Week Security, June 18, 2013. http://www.informationweek.com/security/privacy/fbi-drivers- license-photo-searches-raise/240156871 "More Data on Privacy, but Picture Is No Clearer." The New York Times, June 17, 2013. http://www.nytimes.com/2013/06/18/technology/more-data-on-privacy- but-picture-is-no-clearer.html?_r=0 "Body scanner ruling could squelch NSA domestic spying." CNet, June 17, 2013. http://news.cnet.com/8301-13578_3-57589640-38/body-scanner-ruling- could-squelch-nsa-domestic-spying/ Marc Rotenberg Op-Ed.: "It Is Time to Return to Oversight of Surveillance Authority." The Washington Post, June 12, 2013. http://www.washingtonpost.com/opinions/it-is-time-to-return-to- oversight-of-surveillance-authority/2013/06/12/522fe660-d217- 11e2-9577-df9f1c3348f5_story.html For More EPIC in the News: http://epic.org/news/epic_in_news.html ======================================================================== [8] EPIC Book Review: 'Big Data' ======================================================================== "Big Data: A Revolution That Will Transform How We Live, Work, and Think," Viktor Mayer-Schonberger and Kenneth Cukier http://epic.org/redirect/062613-big-data-cukier-mayer.html Two provocative thinkers - The Economist Magazine's Kenneth Cukier and Oxford University professor Viktor Mayer-Schonberger - have joined forces to write this intriguing and forward looking-book about big data, punctuated with examples from both past and present to illustrate what our increasingly "datafied" future holds for us. According to the authors, data is now the "oil of the information economy" and at the core of big data is making predictions. This book demonstrates both the current importance of big data and how data's predictive ability has the potential for great societal benefits as well as harm. "Big Data" begins with an overview of current issues, providing the reader with insight into the concepts and themes covered in the following chapters. Mayer-Schonberger and Cukier stress the "datafication" of our world, big data's inherent messiness, the unexpected correlations it exposes, and its (often latent) value. The authors then use this framework to lay the groundwork for understanding big data's potential benefits. This book makes clear that central to big data's transformative power is its wealth of hidden correlations; predicting the future via data analysis can irrevocably change society. Big data correlations, are, for example, what allowed Google to predict the spread of flu better than the CDC, a company called Farecast to predict the best time to buy an airline ticket, and Amazon to predict what books you might read. Using real-world examples allows "Big Data" to jump nimbly from one concept to the next. The authors, however, warn about the effects of a "big data world." They suggest that big data threatens to do three harms to our society: further compromise our privacy, undermine our individuality, and create blind adherence to big data decisions. To counter these potential pitfalls, Mayer-Schonberger and Cukier offer a number of big-data controls, including the need for big-data users to exercise greater responsibility and accountability. The authors also suggest safeguards for human agency, lest we begin condemning people for their calculated propensities rather their actions. Finally, Mayer-Schonberger and Cukier propose a new profession: "Data algorithmnists," whose job will be to pierce the black box of data analysis to ensure its integrity and right the wrongs for individuals at the wrong end of a bad data-based decision. "Big Data" has a nice, swift flow that makes it an enjoyable read, but big data's enormous potential for both good and ill makes the reader feel a little short-changed by the book's lack of depth. It's clear, though, that the big data movement is progressing, and we as a society will need to decide whether we want our every move "datafied" or scrutinized by algorithms to predict our every proclivity. --Jeramie D. Scott ================================ EPIC Publications: "Litigation Under the Federal Open Government Laws 2010," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark S. Zaid (EPIC 2010). Price: $75. http://epic.org/bookstore/foia2010/ Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding President Obama's 2009 memo on Open Government, Attorney General Holder's March 2009 memo on FOIA Guidance, and the new executive order on declassification. The standard reference work includes in-depth analysis of litigation under: the Freedom of Information Act, the Privacy Act, the Federal Advisory Committee Act, and the Government in the Sunshine Act. The fully updated 2010 volume is the 25th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. http://www.epic.org/redirect/aspen_ipl_casebook.html This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore http://www.epic.org/bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= The Public Voice Conference, Warsaw, Poland, September 2013. For More Information: http://thepublicvoice.org. ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://epic.org/facebook http://twitter.com/epicprivacy Join us on Twitter for #privchat, Tuesdays, 11:00am ET. Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Donate to EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/donate Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government and private-sector infringement on constitutional values. Thank you for your support. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 20.12------------------------
WorldLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.worldlii.org/int/journals/EPICAlert/2013/12.html