EPIC Alert 21.13
======================================================================= E P I C A l e r t ======================================================================= Volume 21.13 July 16, 2014 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/epic_alert_21.13.html "Defend Privacy. Support EPIC." http://epic.org/support ========================================================================= Table of Contents ========================================================================= [1] EPIC Challenges Facebook's Manipulation of Users, Files Complaint [2] EPIC Defends FOIA Victory in Federal Appeals Court [3] Privacy Panel Backs PRISM Program [4] FTC Releases 2014 Data Security Update, Enforcement Issues Remain [5] Attorney General Supports Privacy Act Protections for EU Citizens [6] News in Brief [7] EPIC in the News [8] EPIC Editorial: 'Invitation to a Dialogue: Internet Behemoths' [9] Upcoming Conferenceso and Events ========================================================================= [1] EPIC Challenges Facebook's Manipulation of Users, Files Complaint ========================================================================= EPIC has filed a formal complaint to the Federal Trade Commission over Facebook's manipulation of users' News Feeds for psychological research. The complaint concerns Facebook's 2012 "secretive and non-consensual use of personal information to conduct an ongoing psychological experiment on 700,000 Facebook users, i.e. the company purposefully messed with people's minds." EPIC said that Facebook's misuse of data is a deceptive practice subject to FTC enforcement. Early in 2012, Facebook altered 700,000 Facebook users' News Feeds to elicit positive and negative emotional responses. Facebook conducted the psychological experiment with researchers at Cornell University and the University of California, San Francisco, both of whom failed to follow standard ethical protocols for human subject research. At the time of the experiment, Facebook's Data Use Policy did not state that user data would be used for research purposes. Facebook also failed to inform users that their personal information would be shared with researchers. EPIC's complaint charges Facebook with engaging in deceptive business practices in violation of Section 5 of the Federal Trade Commission Act. According to the complaint, Facebook's misrepresentations were likely to mislead reasonable users; and that Facebook represented to consumers that the company shared user data with users' Facebook "friends," third-party advertisers, and developers, but actually shared user data with third-party researchers at multiple universities. Furthermore, the complaint maintains, "Facebook subjected certain users to ongoing behavioral testing by collecting user data and feeding it into a separate algorithm," and "Users could not reasonably have guessed that use of their Facebook account might subject them to behavioral testing." EPIC also charged Facebook with violating a 2012 FTC Consent Order. In July 2012, following a complaint by EPIC and other consumer privacy organizations, the Commission entered into a consent order with Facebook, establishing new privacy safeguards for Facebook users and prohibiting Facebook from misrepresenting the extent to which it maintains the privacy or security of covered information. Specifically, Count I of the Consent Order prohibits Facebook from misrepresenting "its collection or disclosure of any covered information," and "the extent to which Respondent makes or has made covered information accessible to third parties." In the Psychological Study complaint, EPIC charged Facebook with misrepresenting the extent to which it made covered information accessible to third parties. EPIC has asked the FTC to require that Facebook make public the News Feed algorithm. EPIC: Facebook Psychological Study Complaint (Jul. 3, 2014) http://epic.org/redirect/071614-epic-fb-complaint.html EPIC: Facebook Psychological Study Page http://epic.org/privacy/internet/ftc/facebook/psycho/ The New York Times: "Lack of Transparency in the Facebook Study" (Jul. 1, 2014) http://www.nytimes.com/2014/07/01/opinion/jaron-lanier-on-lack-of- transparency-in-facebook-study.html FTC: 2012 Facebook Consent Decree http://ftc.gov/os/caselist/0923184/111129facebookagree.pdf EPIC: Facebook Privacy http://epic.org/privacy/facebook/ EPIC: FTC http://epic.org/privacy/internet/ftc/ ======================================================================== [2] EPIC Defends FOIA Victory in Federal Appeals Court ======================================================================== EPIC has filed a brief in response to US Justice Department's appeal to the DC Circuit Court of Appeals in the case EPIC v. DHS. The Department of Justice appealed to the DC Circuit Court of Appeals after a federal district court ruled that DHS must turn over to EPIC "SOP 303," a government procedure to shut down cell phone service. EPIC sought the document after a peaceful protest over the killing of a homeless man by BART police was cut short after public officials cut off all cellular service inside four transit stations. This prevented cell phone users from sending or receiving phone calls, messages, or other data, including for emergency services, and raised significant First Amendment and public safety concerns. In finding for EPIC, the district court judge found that the government could not withhold the policy as an "investigative technique" or because,as the government claimed, release would cause harm to an individual.The court's ruling also emphasized FOIA's basic principle of promoting disclosure over secrecy. The government appealed this ruling, arguing that the lower court was wrong about the law. EPIC's response brief explained, "The government procedure at issue in this case is used to 'disrupt' cellular networks operated by private carriers. These communications networks are the backbone of our society. Hundreds of millions of Americans rely upon cell phone service every day to conduct business, communicate with family, organize politically, and obtain emergency services. . . . The decision to shut down one of these networks, even temporarily, would have a significant impact on the surrounding population, and could itself threaten public safety. Furthermore, shutdowns have been used to suppress lawful protest activities, both in the United States and abroad. The protocol governing the shutdown decision is therefore a matter of significant public interest and should be released." EPIC: EPIC v. DHS - SOP 303 http://epic.org/foia/dhs/internet-kill-switch/default.html DHS: SOP 303 (Redacted) (Sep. 23, 2009) http://epic.org/foia/dhs/internet-kill-switch/SOP-303-Redacted.pdf EPIC: SOP 303 Appellee Brief (Jul. 7, 2014) http://epic.org/redirect/071614-epic-303-brief.html EPIC: EPIC v. DHS: Opinion, DC District Court (Nov. 12, 2013) http://epic.org/foia/dhs/internet-kill-switch/DCD-Opinion.pdf ========================================================================= [3] Privacy Panel Backs PRISM Program ========================================================================= In a surprising report, the US Privacy and Civil Liberties Oversight Board has endorsed the US government's routine collection of the Internet activities of non-US persons via the use of section 702 of the Foreign Intelligence Surveillance Act. Section 702 includes the PRISM Program, first disclosed by Edward Snowden in 2013, in which the NSA obtains information directly from Internet companies located within the US. Section 702 also includes "Upstream" collection in which the NSA amasses communications directly from the Internet "backbone." The Board cited the program's value and compliance with the law, but said little about the impact on non-US persons. The search terms, or "selectors," used for the upstream collection of Internet communications incidentally collect large amounts of US Person communications that the NSA can subsequently query using US Person identifiers. For these queries, according to the report, "[n]o showing of suspicion that the U.S. person is engaged in any form of wrongdoing is required . . . ." The upstream collection also gathers large amounts of communications of non-US Persons who are not NSA targets. The Board did not assess the level of communications of non-targets collected under Section 702, but a Washington Post analysis of huge quantities of NSA-intercepted communications revealed that upwards of 90% of the account holders were not NSA targets. The Post also found that the within the NSA-intercepted communications it received, the NSA marked nearly 50% of the surveillance files as containing information on a US Person. The Post points out that many of these files are "described as useless by the analysts but nonetheless retained, have a startlingly intimate, even voyeuristic quality. They tell stories of love and heartbreak, illicit sexual liaisons, mental-health crises, political and religious conversions, financial anxieties and disappointed hopes." In 2013, EPIC petitioned the US Supreme Court to end a similar government program involving the bulk collection of domestic telephone records. In early 2014, the President committed to ending the NSA's current bulk collection of domestic telephone records, but since has twice renewed the 90-day order EPIC has also argued that the US government's collection of communications should be subject to international privacy law, such as the International Covenant on Civil and Political Rights. It is anticipated that foreign countries will continue to transfer cloud- based services away from US firms because of the lax privacy safeguards in the US. PCLOB: Report on Section 702 of FISA (Jul. 2, 2014) http://epic.org/redirect/071614-pclob-702-report.html Privacy and Civil Liberties Oversight Board (PCLOB) http://www.pclob.gov/ The Washington Post: "In NSA-intercepted data, those not targeted far outnumber the foreigners who are" (Jul. 5, 2014) http://www.washingtonpost.com/world/national-security/in-nsa- intercepted-data-those-not-targeted-far-outnumber-the-foreigners- who-are/2014/07/05/8139adf8-045a-11e4-8572-4b1b969b6322_story.html EPIC: In re EPIC - NSA Telephone Records Surveillance http://epic.org/privacy/nsa/in-re-epic/ EPIC: International Privacy Standards http://epic.org/privacy/intl/ ========================================================================= [4] FTC Releases 2014 Data Security Update, Enforcement Issues Remain ========================================================================= The Federal Trade Commission has released the 2014 Privacy and Data Security Update." The report is "an overview of the FTC's enforcement, policy initiatives, and consumer outreach and business guidance in the areas of privacy and data security," and outlines recent FTC activities in such areas as consumer privacy, data security, credit reporting, children's privacy, Do Not Call, and the US-EU Safe Harbor framework. The report also lists recent FTC workshops on emerging consumer issues, such as the Internet of Things and Senior identity theft. "If a company violates an FTC order, the FTC can seek civil monetary penalties for the violations," the report states. The report also maintains that the agency has brought "more than 40 general privacy lawsuits" in the last 12 months. These actions often result in consent orders that require the development of comprehensive privacy programs or privacy assessments. 'However, the FTC has consistently failed to enforce these consent orders. As a consequence, companies routinely engage in business practices that undermine consumer privacy and violate the terms of the consent orders. The Commission has also failed to modify proposed settlement agreements after seeking public comment. The Commission has been unwilling to require publication of compliance reports or to enforce the Consumer Privacy Bill of Rights against companies subject to FTC authority. EPIC has filed complaints with the FTC over the agency's own handling of Google and Facebook settlements, arguing that the FTC has not prevented those companies from changing their Terms of Service, in violation of existing consent orders. In response to the FTC's requests for public comments on proposed settlement, EPIC has also urged the Commission to enforce the Consumer Privacy Bill of Rights and to publish compliance reports. FTC: 2014 Privacy and Data Security Update (July 2014) http://www.ftc.gov/reports/privacy-data-security-update-2014 EPIC: EPIC v. FTC (Enforcement of the Google Consent Order) http://epic.org/privacy/ftc/google/consent-order.html FTC: In the Matter of Google, Inc. (Oct. 24, 2011) http://epic.org/redirect/071614-ftc-google-2011.html FTC: Facebook Consent Order (Aug. 10, 2012) http://ftc.gov/opa/2012/08/facebook.shtm EPIC: Comments to FTC on Facebook Settlement (Dec. 27, 2011) http://epic.org/redirect/011812-FTC-settlement-comments.html EPIC: Federal Trade Commission http://epic.org/privacy/internet/ftc/ EPIC: Facebook Privacy http://epic.org/privacy/facebook/ EPIC: In re: Google Buzz http://epic.org/privacy/ftc/googlebuzz/ ========================================================================= [5] Attorney General Supports Privacy Act Protections for EU Citizens ========================================================================= Speaking in Athens at a meeting between US and EU officials, US Attorney General Eric Holder announced that the Obama Administration will work with Congress to extend Privacy Act protections to EU citizens. "The Obama Administration is committed to seeking legislation that would ensure that . . . EU citizens would have the same right to seek judicial redress for intentional or willful disclosures of protected information, and for refusal to grant access or to rectify any errors in that information, as would a U.S. citizen under the Privacy Act," stated Holder. EU Justice Commissioner Viviane Reding welcomed the announcement but noted that "words only matter if put into law. We are waiting for the legislative step." Holder's announcement comes after a year of increased tensions between the EU and the US over the Snowden revelations of US spying on top European officials. EPIC has previously recommended that Privacy Act safeguards be extended to non-US persons. In 2012, EPIC urged Congress to update the Privacy Act. In 2011, EPIC filed a "friend of the court" brief in the US Supreme Court, arguing that the Privacy Act provides damages for mental and emotional harm. EPIC routinely submits comments to federal agencies, urging enforcement of Privacy Act protections. US DOJ: Press Release on Atty. General Speech (Jun. 25, 2014) http://www.justice.gov/opa/pr/2014/June/14-ag-668.html EPIC: Letter to Sen. Akaka re: Privacy Act Comments (Mar. 27, 2012) http://epic/org/redirect/032812-epic-akaka-letter.html US Senate: Text of "Privacy Act Modernization of 2011" (Oct. 18, 2011) http://epic.org/redirect/052912-senate-privacy-update.html EPIC: "Friend of the Court" Brief in FAA v. Cooper (Oct. 4, 2011) http://epic.org/amicus/cooper/Cooper-EPIC-Brief.pdf EPIC: Comments to DHS re: Automated Targeting System (Jun. 21, 2012) http://epic.org/apa/comments/EPIC-ATS-Comments-2012.pdf EPIC et al.: Comments to DHS re: Proposed Rulemaking (Aug. 5, 2011) http://epic.org/apa/comments/EPIC-DHS-TSD-Comments.pdf EPIC et al.: Comments to DoD re: Proposed Rulemaking (Oct. 21, 2013) http://epic.org/privacy/nsa/Coal-DoD-Priv-Program-Cmts.pdf EPIC: Comments to DOJ re: Traveler Screening System (Sep. 2005) http://epic.org/privacy/airtravel/tsrs_comments090605.html EPIC: The Privacy Act of 1974 http://epic.org/privacy/1974act/ EPIC: FAA v. Cooper http://epic.org/amicus/cooper/ ======================================================================== [6] News in Brief ======================================================================== Congress May Cut Funding for Surveillance Blimps over DC The Department of the Army is seeking $54 million to fund the Joint Land Attack Cruise Missile Defense Elevated Netted Sensor System, or JLENS. The request is part of the Fiscal Year 2015 Defense Budget currently being considered by Congress. The JLENS system consists of a combination of long-range surveillance technologies and targeting capabilities including HELLFIRE missiles, and was originally deployed in war zones in Iraq and Afghanistan. The Army wants to test the system over the metro Washington, DC area, but the program has come under Congressional scrutiny because of cost overruns. EPIC recently filed a Freedom of Information lawsuit against the Army, seeking more information about the JLENS program. US Army: FY 2015 Budget Estimates (Mar. 2014) http://epic.org/redirect/army-budget-2014.html US Defense Dept.: Press Release on JLENS Cost Overruns (Mar. 30, 2012) http://www.defense.gov/releases/release.aspx?releaseid=15146 EPIC: FOIA Lawsuit Against US Army re: JLENS (May 6, 2014) http://epic.org/foia/army/Complaint.pdf EPIC: EPIC v. Army - Surveillance Blimps http://epic.org/foia/army/ FAA, Park Service Ground Drones, Cite Safety Concerns The Federal Aviation Administration has released a proposed Special Rule for Model Aircraft, which will prohibit the use of drones for the delivery of packages and other commercial services. The agency also requested comments on the proposal. At the end of 2013, Amazon had raised the prospect of delivering packages via drones. A recent Washington Post series highlighted numerous close encounters between commercial aircraft and small drones, as well as many incidents where drones fell from the sky. The National Park Service has prohibited the use of drones in national parks, citing safety concerns. In 2013, EPIC urged the Federal Aviation Administration to mandate minimum privacy standards for drone operators. FAA: "Special Rule for Model Aircraft" (Jun. 18, 2014) http://epic.org/redirect/071614-rule-model-aircraft.html FAA: RFC on Special Rule for Model Aircraft (Jun. 25, 2014) http://www.regulations.gov/#!docketDetail;D=FAA-2014-0396 The Washington Post: "Close encounters on rise as small drones gain in popularity" (Jun. 23, 2014) http://www.washingtonpost.com/sf/investigative/2014/06/23/close- encounters-with-small-drones-on-rise/ National Park Service: Press Release on Drones (Jun. 20, 2014) http://home.nps.gov/news/release.htm?id=1601 EPIC: Comments to FAA re: Drone Privacy (Apr. 23, 2013) http://epic.org/apa/comments/EPIC-Drones-Comments-2013.pdf EPIC: Domestic Unmanned Aerial Vehicles (UAVs) and Drones http://epic.org/privacy/drones/ FTC Sues Amazon Over Billing for Children's In-App Purchases The FTC has filed a lawsuit alleging that "Amazon.com, Inc. has billed parents and other account holders for millions of dollars in unauthorized in-app charges incurred by children." FTC Chairwoman Edith Ramirez stated, "Amazon's in-app system allowed children to incur unlimited charges on their parents' accounts without permission. Even Amazon's own employees recognized the serious problem its process created." The FTC recently settled similar charges with Apple, in which the FTC charged Apple with "billing consumers for millions of dollars of charges incurred by children in kids' mobile apps without their parents' consent." Under the terms of the settlement, Apple must provide a refund for affected consumers and must change billing practices to ensure that it has obtained express, informed consent from consumers before charging them for items sold in mobile apps. In 2003, EPIC filed a complaint with the FTC over Amazon's collection of children's data. EPIC explained that Amazon was violating the Children's Online Privacy Protection Act by allowing children under 13 to post content, including personally identifiable information, without their parents' permission. FTC: Blog Post re: Amazon Lawsuit (Jul. 10, 2014) http://www.ftc.gov/system/files/documents/cases/140710amazoncmpt.pdf FTC: Press Release re: Amazon Lawsuit (Jul. 10, 2014) http://epic.org/redirect/071614-FTC-amazon.release.html FTC: Press Release on Apple Lawsuit (Jan. 15, 2014) http://epic.org/redirect/071614-FTC-apple-release.html FTC: Settlement with Apple (Jan. 15, 2014) http://epic.org/redirect/071614-ftc-apple-settlement.html EPIC: Complaint to FTC re: Amazon and COPPA (2003) http://epic.org/privacy/amazon/coppacomplaint.html EPIC: COPPA http://epic.org/privacy/kids Global Survey: Widespread Opposition to US Communications Spying, Drones A new survey from Pew Research finds overwhelming opposition to US monitoring of emails and phone calls. There appears to be little variation by region or culture, with high levels of opposition found in countries in Europe, South America, Asia, and the Middle East. According to the survey "Global Opinions of U.S. Surveillance," the four countries that believe US surveillance is acceptable are the United States, the Philippines, India, and Nigeria. A related Pew Survey found widespread opposition to drone strikes. Pew Research: "Global Opinions of U.S. Surveillance" (Jul. 14, 2014) http://epic.org/redirect/071614-pew-surveillance.html Pew Research: International Survey on Drones (Jul. 14, 2014) http://epic.org/redirect/071614-pew-drones.html EPIC: Public Opinion on Privacy http://epic.org/privacy/survey/ Pew Research Publishes 'Net Threats' Report The Pew Research Internet Project has released a "Canvassing of Experts" that finds growing concerns about the future of the Internet. According to the report, current trends could "sharply disrupt the way the Internet works for many users." Among the threats identified: state censorship, surveillance, diminished user trust, and commercialization and centralization. EPIC President Marc Rotenberg pointed to the growing concentration of the Internet industry, saying, "There should be many information sources, more distributed, and with less concentration of control. . . . We need many more small and mid- size firms that are stable and enduring." Pew Research Internet Project: "Net Threats" (Jul. 3, 2014) http://www.pewinternet.org/2014/07/03/net-threats/ Pew Research Internet Project: "The Gurus Speak" (Jul. 3, 2014) http://www.pewinternet.org/2014/07/03/the-gurus-speak-3/ EPIC: Public Opinion on Privacy http://epic.org/privacy/survey/ ======================================================================== [7] EPIC in the News ======================================================================== "Invitation to a Dialogue: Internet Behemoths." The New York Times, Letter to the Editor by EPIC President Marc Rotenberg. July 15, 2014. http://www.nytimes.com/2014/07/16/opinion/invitation-to-a-dialogue- internet-behemoths.html "Nielsen and Facebook team up to track shows watched on users' mobile devices." The Washington Post, July 15, 2014. http://www.washingtonpost.com/news/morning-mix/wp/2014/07/15/ nielsen-and-facebook-team-up-to-track-shows-watched-on-users- mobile-devices/ "Facebook to track users' TV habits." Los Angeles Times, July 15, 2014. http://www.latimes.com/business/la-fi-facebook-tv-tracking-20140715- story.html#page=1 "Future of floating surveillance system in doubt." FCW, July 10, 2014. http://fcw.com/articles/2014/07/10/jlens-missile-detector.aspx "Facebook Mood Experiment Draws FTC Complaint." Information Week, July 7, 2014. http://www.informationweek.com/software/social/facebook-mood- experiment-draws-ftc-complaint/d/d-id/1279161 "Facebook COO: Sorry you got so upset when we deliberately upset you." NASDAQ, July 7, 2014. http://www.nasdaq.com/article/facebook-coo-sorry-you-got-so-upset- when-we-deliberately-upset-you1-cm368100 "Facebook deceives its users by manipulating feeds, FTC told." The Columbus Dispatch, July 7, 2014. http://www.dispatch.com/content/stories/business/2014/07/07/ facebook-deceives-its-users-ftc-told.html "How Far Will US Supreme Court Go to Protect Digital Privacy?" Voice of America News, July 6, 2014. http://www.voanews.com/content/how-far-will-us-supreme-court-go-to- protect-digital-privacy/1951925.html "EPIC files complaints against Facebook. Here are its allegations." Tech Times, July 6, 2014. http://www.techtimes.com/articles/9764/20140706/epic-files- complaints-against-facebook-here-are-its-allegations.htm "Privacy Group Complains to F.T.C. About Facebook Emotion Study." The New York Times, July 3, 2014. http://bits.blogs.nytimes.com/2014/07/03/privacy-group-complains- to-f-t-c-about-facebook-emotion-study/ "EPIC says Facebook 'messed with people's minds,' seeks FTC sanctions." Computer World, July 3, 2014. http://www.computerworld.com/s/article/9249553/EPIC_says_Facebook_ messed_with_people_s_minds_seeks_FTC_sanctions "Privacy Watchdog Files Complaint to FTC Over Facebook News-Feed Study." The Wall Street Journal, July 3, 2014. http://blogs.wsj.com/digits/2014/07/03/privacy-watchdog-files- complaint-to-ftc-over-facebook-news-feed-study/ "Facebook Experiment Draws Complaint From Privacy Group." Bloomberg News, July 3, 2014. http://www.bloomberg.com/news/2014-07-03/facebook-experiment- draws-complaint-from-privacy-group.html "Privacy group to FTC: Facebook 'purposefully messed with people's minds." BoingBoing, July 3, 2014. http://boingboing.net/2014/07/03/privacy-group-to-ftc-facebook.html "Privacy watchdog files complaint over Facebook study." USA Today, July 3, 2014. http://www.usatoday.com/story/tech/2014/07/03/facebook-emotion- study-complaint-epic/12157471/ "Supreme Court refuses to drag Google out of its Street View privacy wreckage." Naked Security, July 2, 2014. http://nakedsecurity.sophos.com/2014/07/02/supreme-court-refuses- to-drag-google-out-of-its-street-view-privacy-wreckage/ "Supreme Court denies appeal in Google Street View case." Tech Times, June 30, 2014. http://www.techtimes.com/articles/9454/20140630/supreme-court- denies-appeal-in-google-street-view-case.htm "Supreme Court Rejects Google's Street View Appeal." The New York Times, June 30, 2014. http://bits.blogs.nytimes.com/2014/06/30/supreme-court-rejects- googles-street-view-appeal/ "High court rejects Google appeal in snooping case." USA Today, June 30, 2014. http://www.usatoday.com/story/tech/2014/06/30/high-court-google- appeal/11760297/ "NSA queried phone records of just 248 people despite massive data sweep." The Guardian, June 27, 2014. http://www.theguardian.com/world/2014/jun/27/nsa-queries-phone- data-2013-report "Google removes search results under 'right to be forgotten' rules." Financial Times, June 26, 2014. http://www.ft.com/intl/cms/s/0/ca7c1c7a-fd17-11e3-8ca9- 00144feab7de.html#axzz35uSRJDdQ For More EPIC in the News: http://epic.org/news/epic_in_news.html ======================================================================== [8] EPIC Editorial: 'Invitation to a Dialogue: Internet Behemoths' ======================================================================== Readers of the EPIC Alert are encouraged to respond to The New York Times about this commentary on the future of the Internet economy. "Invitation to a Dialogue: Internet Behemoths." The New York Times, Letter to the Editor by EPIC President Marc Rotenberg. July 15, 2014. http://www.nytimes.com/2014/07/16/opinion/invitation-to-a-dialogue- internet-behemoths.html "To the Editor: Your recent article about the reluctance of consumers to turn away from the Internet titans suggests that most users are largely satisfied with the current choices ("Principles Are No Match for Europe's Love of U.S. Web Titans," Business Day, July 7). A better reading could be that they have no real choices. A small group of companies today controls much of the online world. Internet companies have grown in part because of the same network effects — the benefits that arise with many participants in the same communications environment — that enabled the growth of the Internet. Large Internet companies have also benefited from powerful economic incentives, a lax regulatory environment, rapid technological changes and business practices that are designed to deprive users of meaningful choices. The practical consequence is increasing consolidation of Internet-based services and little real choice for consumers. Consider Facebook's recent acquisition of WhatsApp, the popular messaging service, or Google's purchase of Nest, the smart home thermostat company. Both of the target companies had offered strong privacy safeguards to consumers. Now they — and the data of their users — will simply be subsumed in the larger companies. Companies are also doing more through the political realm to extend their power. Witness Google's proxy war against the recent privacy decision of the top court in Europe, waged through media organizations that are themselves losing readers and revenue to Google. Or consider Facebook's decision to remove Facebook groups critical of the company. Much is said about the use of these platforms to promote democracy and human rights in the Middle East, China and Russia. But hardly a word is spoken when these companies prevent their own users from expressing criticism. Political institutions today are not well equipped to deal with the realities of the modern Internet economy. Change is happening quickly. The benefits are oftentimes dazzling, and to many policy leaders disorienting. But there is a real need for a more thoughtful, critical examination of current business practices. MARC ROTENBERG Washington, July 11, 2014 The writer is president of the Electronic Privacy Information Center and has been active in Internet governance issues for more than 20 years. Editors' Note: We invite readers to respond briefly by Thursday for the Sunday Dialogue. We plan to publish responses and a rejoinder in the Sunday Review. Email: letters@nytimes.com" ======================================= EPIC Book Store ======================================= "Litigation Under the Federal Open Government Laws 2010," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark S. Zaid (EPIC 2010). Price: $75. http://epic.org/bookstore/foia2010/ Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding President Obama's 2009 memo on Open Government, Attorney General Holder's March 2009 memo on FOIA Guidance, and the new executive order on declassification. The standard reference work includes in-depth analysis of litigation under: the Freedom of Information Act, the Privacy Act, the Federal Advisory Committee Act, and the Government in the Sunshine Act. The fully updated 2010 volume is the 25th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. http://www.epic.org/redirect/aspen_ipl_casebook.html This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore: http://www.epic.org/bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= Chautauqua Institution Presents "The Digital Self - Current Issues in Privacy Law," featuring EPIC Appellate Advocacy Counsel Alan Butler. Chautauqua, NY: July 7-9, 2014. For More Information: http://www.chqtickets.com/item_detail_special_studies.php?id=3418&page=1 ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://epic.org/facebook http://twitter.com/epicprivacy Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Support EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/support Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government and private-sector infringement on constitutional values. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 21.13------------------------