EPIC Alert 21.18
======================================================================= E P I C A l e r t ======================================================================= Volume 21.18 October 1, 2014 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/epic_alert_21.18.html "Defend Privacy. Support EPIC." http://epic.org/support ========================================================================= Table of Contents ========================================================================= [1] EPIC FOIA: FBI Extends 'Rap Back' Biometric Collection [2] EPIC Urges FTC to Investigate Maricopa Data Breach [3] EPIC Files Comments to CFPB on Financial Privacy [4] EPIC, Coalition Urge UN Group to Review US Spy Programs [5] 'Eyes Over Washington': EPIC Obtains New Docs on Army Blimps [6] News in Brief [7] EPIC in the News [8] EPIC Op-Ed: 'Student Data Collection is Out of Control' [9] Upcoming Conferences and Events TAKE ACTION: Defend Student Privacy - Opt Out of Marketing! REQUEST Your Child's School's Privacy Policies: www.opt-out-now.info LEARN about Student Privacy: http://epic.org/privacy/student/ SUPPORT EPIC: https://epic.org/support/ ========================================================================= [1] EPIC FOIA: FBI Extends 'Rap Back' Biometric Collection ========================================================================= EPIC has obtained documents about the FBI's "Rap Back program" via a Freedom of Information Act request. Rap Back is part of the FBI's Next Generation Identification initiative, one of the largest biometric databases in the world, tied to data centers managed by the Department of Homeland Security, Department of Defense, and other government agencies. The FBI is currently reviewing thousands of other pages about Rap Back. The Rap Back program equates to an ongoing, continual background check. In addition to being used to monitor whether people under correctional supervision are arrested again, the system monitors civilians in various trusted positions (e.g., teachers or banker tellers). Civilians under Rap Back monitoring must submit their fingerprints and, now, potentially, photos. The biometric data in the FBI's NGI database is not deleted until the individual is 75 years old for civilian records, and 99 years old for criminal records. EPIC's newly obtained documents reveal that a "dedicated communication portal" has been established between the FBI's NGI and the Department of Homeland Security's Biometric Identification System (IDENT), previously separate programs. NGI is able to search IDENT and other biometric databases, while IDENT is able to perform biometric searches of NGI. Additionally, NGI now provides a "rapid response" to DHS and the US Customs and Border Protection's primary ports of entry. In 2013 comments to DHS regarding biometric data collection at ports of entry, EPIC emphasized the need to "impose strict information security safeguards on . . . biometric information collection and limit . . . dissemination of biometric information." The FBI recently announced that the NGI system has reached "full operational capability." Previous documents obtained by EPIC via a FOIA lawsuit reveal that the FBI is willing to accept the identification of the wrong person 20% of the time (false positive) and the failure to identify the correct existing record 15% of the time (false negative) for facial recognition searches. Earlier in 2014, EPIC joined a coalition of civil liberties groups to urge the US Attorney General to release an updated Privacy Impact Assessment for the NGI. EPIC expects to continue to receive FBI documents related to Rap Back and NGI. EPIC: EPIC v. FBI - Next Generation Identification https://epic.org/foia/fbi/ngi/ EPIC: FOIA Docs Set #1 on Rap Back Program http://epic.org/privacy/fbi/Rap-Back-FOIA-Docs-1st-Prod.pdf EPIC: FOIA Docs Set #2 on Rap Back Program http://epic.org/privacy/fbi/Rap-Back-FOIA-Docs-2nd-Prod.pdf EPIC: Spotlight on Surveillance (NGI Program) (Dec. 2013) https://epic.org/privacy/surveillance/spotlight/ngi.html EPIC: Comments to DHS Re: Biometric Data Collection (Jun. 4, 2013) http://epic.org/apa/comments/EPIC-OBIM-Comments-FINAL.pdf EPIC: Biometric Identifiers https://epic.org/privacy/biometrics/ EPIC: Face Recognition https://epic.org/privacy/facerecognition/ ======================================================================== [2] EPIC Urges FTC to Investigate Maricopa Data Breach ======================================================================== EPIC has filed a complaint with the Federal Trade Commission over the loss of personal information of almost 2.5 million current and former students, employees, and vendors in Maricopa County, AZ. According to EPIC's complaint, the Maricopa County Community College District's failure to maintain a comprehensive information security program led to a "massive breach of names, addresses, phone numbers, e-mail addresses, Social Security numbers, dates of birth, certain demographical information, and enrollment, academic, and financial aid information." EPIC further alleges the District violated the Federal Trade Commission's Safeguards Rule by failing to protect student financial information. "Many education institutions in the United States are subject to the Safeguards Rule. The District's case is a particularly egregious example of the risk of failing to safeguard sensitive personal information," EPIC wrote. According to EPIC's complaint, in 2011 the Federal Bureau of Investigation alerted the Maricopa County Community College District that at least one of the District's databases were posted online for sale. Maricopa did not disclose to those impacted by the breach that their information had been compromised. EPIC's complaint further alleges that following the 2011 data breach the Arizona Auditor General twice recommended that Maricopa strengthen Maricopa's information system, finding that the system had "inadequate controls" that could "lead to an increased risk of theft, manipulation, misuse of sensitive or confidential information by unauthorized users, or unauthorized changes or changes that were not made accurately." In response to the Auditor General, Maricopa stated that it would strengthen computer access controls. But in 2013, the FBI again informed Maricopa that 14 Maricopa databases were "listed for sale on a public website." Maricopa began mailing breach notification letters in at the end of November 2013, approximately seven months after being notified of the breach," EPIC's complaint states. EPIC's complaint further alleges that Maricopa County Community College District is a financial institution "engaged in the processing of financial transactions, subject to the Federal Trade Commission's Safeguards Rule." Thus, EPIC maintains that Maricopa violated the Safeguards Rule in three ways: (1) disclosing "personally identifiable financial information of Maricopa students, employees, and vendors" in the 2013 breach; (2) failing to test and monitor the information security program; (3) failing to test the information security program. EPIC has requested that the FTC investigate Maricopa County Community College District's practices and "examine the practices of other similar educational institutions, providing financial services, whose failure to follow the Safeguards Rule may have placed at risk the personal financial information of students." EPIC has been a longstanding advocate for student rights. In 2013, EPIC filed an extensive complaint with the Federal Trade Commission over the business practices of Scholarships.com, a website that encourages students to divulge sensitive medical, sexual, and religious data in order to obtain financial aid information. Earlier in 2014, EPIC unveiled the Student Privacy Bill of Rights, an enforceable student privacy and data security framework. EPIC: FTC Complaint re: Maricopa County (Sept. 29, 2014) http://epic.org/privacy/student/EPIC-Safeguards-Rule-Complaint.pdf FTC: "Safeguarding Customers' Personal Information" http://epic.org/redirect/100114-ftc-safeguarding.html DataBreaches.Net: Post on Maricopa Data Breach (June 16, 2014) http://epic.org/redirect/100114-databreaches-net-maricopa.html EPIC: Student Privacy http://epic.org/privacy/student/ EPIC: FTC Complaint re: Scholarships.com (Dec. 12, 2013) http://epic.org/privacy/student/EPIC-FTC-Compl-Scholarships.com.pdf Scholarships.com https://www.scholarships.com/ EPIC: Student Privacy Bill of Rights http://epic.org/privacy/student/bill-of-rights.html ========================================================================= [3] EPIC Files Comments to CFPB on Financial Privacy ========================================================================= In a letter to the director of the US Consumer Financial Protection Bureau (CFPB), EPIC and other consumer and civil liberties groups offered support for a recent proposal to publish consumer narratives in the Bureau's Consumer Complaint Database. Inclusion of consumer narratives, wrote the coalition, would provide "a much richer understanding of the problems reported, and allow[ ] the public to assess their validity and draw its own conclusions." The CFPB's Consumer Complaint Database collects and sorts data on complaints about financial products. Currently, the database describes complaints in broad, generic terms; for example, banking complaints are categorized as issues with "deposits and withdrawals." This level of generality, states EPIC's letter, does not allow readers to "fully understand complaints, their resolutions, and to put them in context." The letter maintains that the inclusion of narratives will empower consumers, assist the agency in detecting dangerous market patterns, and encourage consumers to use the database. However, the letter also makes clear that as the CFPB must continue to safeguard the privacy of consumer data. EPIC endorsed the Bureau's proposals for a consumer opt-in policy and using search algorithms to scrub narratives for personally identifiable information. The Bureau also proposed using the HIPAA Safe Harbor method to remove specific identifiers from narrative data. EPIC, while supporting this proposal, suggested that zip code disclosures from small communities should be modified in order to prevent re-identification. EPIC has written extensively on consumer privacy issues involving financial products and services. In 2014, EPIC revealed that many student debt collection companies fail to meet legal privacy obligations. EPIC: Letter to CFPB re: Consumer Complaint Database (Sep. 19, 2014) http://epic.org/privacy/fcra/CFPB-Complaint-Cmts-9-19-14.pdf CFPB: Consumer Complaint Database http://www.consumerfinance.gov/complaintdatabase/ EPIC: Comments on the Fair Debt Collection Practices Act (May 27, 2011) http://epic.org/privacy/idtheft/EPIC_Debt_Collection_Comments.pdf EPIC: The Fair Credit Reporting Act http://epic.org/privacy/fcra/ EPIC: EPIC v. Department of Education http://epic.org/foia/ed/ EPIC: Financial Privacy Resources http://epic.org/privacy/financialresources.html ======================================================================== [4] EPIC, Coalition Urge UN Group to Review US Spy Programs ========================================================================= In a joint submission to the United Nations, EPIC, NYU's Brennan Center, and other public interest organizations have urged the UN's Human Rights Council to review US surveillance programs. The Council regularly performs a Universal Periodic Review of the human rights records of UN Member States. As a result of the Council's last review, the US government committed to protect individual privacy and to stop spying on citizens without judicial authorization. The coalition letter argues that the US has not honored this commitment and that US "surveillance activities also violate the rights to privacy, freedom of expression, and the freedom of peaceful assembly and association..." guaranteed by the Universal Declaration of Human Rights. The letter details the US government's mass collection of bulk communications data, argues that the mass collection of so-called "metadata" is a violation of privacy, and describes the lack of judicial oversight of US foreign intelligence surveillance operations under Executive Order 12333. The letter recommends that the US government commit to protecting the privacy of non-US persons; narrow foreign intelligence collection; implement strong minimization procedures; and publish any documentation that contains significant legal interpretations of Executive Order 12333. It also urges the implementation of reforms to provide remedies to US and non-US persons affected by US foreign intelligence surveillance operations. In 2010, EPIC and 29 affiliated experts in privacy and technology wrote to then- US Secretary of State Hillary Clinton to urge the US to ratify the Council of Europe Convention on Privacy. The convention, which has been adopted by both members and non-members of the Council of Europe, aims to ensure that individual rights are protected even as governments and private organizations take advantage of new systems of automation. Accordingly, the letter states, "Just as communications networks can be used for good and ill, so too can computer technology." EPIC et al.: Submission to UN Human Rights Council (Sept. 2014) http://epic.org/privacy/intl/Joint-UPR-Submission-to-UN-HRC.pdf UN Human Rights Council: Universal Periodic Review http://www.ohchr.org/EN/HRBodies/UPR/Pages/UPRMain.aspx UN Human Rights Council: Universal Periodic Review - US (Nov. 5, 2010) http://www.ohchr.org/EN/HRBodies/UPR/Pages/USSession9.aspx EPIC et al.: Letter to State Dept. re: Council of Europe (Jan. 2010) http://epic.org/privacy/intl/EPIC_Clinton_ltr_1-10.pdf EPIC: Council of Europe Privacy Convention http://epic.org/privacy/intl/coeconvention/ ========================================================================= [5] 'Eyes Over Washington': EPIC Obtains New Docs on Army Blimps ========================================================================= EPIC has received new information about the surveillance blimps currently deployed over Washington, DC. The surveillance blimp program, known as JLENS, is based at the Aberdeen Proving Grounds in Maryland and will be deployed over Washington, DC during the next three years. JLENS was originally deployed in Iraq. The new documents were released to EPIC in a Freedom of Information Act lawsuit against the Department of the Army. EPIC sent an initial FOIA request in November 2013, seeking JLENS technical specifications as well as any policies limiting domestic surveillance. After the Army failed to respond to the request, EPIC filed a FOIA lawsuit in DC District Court. EPIC received a first interim release of 139 pages of documents from the Department of the Army in August 2014. These pages comprised two documents: the majority of the Performance Specification for the JLENS, and the Amendment/Modification of Contract between the Department of the Army and contractor Raytheon. EPIC received a second interim release on September 22, 2014. These documents include 30 heavily redacted pages of equipment descriptions and data. Through EPIC's FOIA suit, EPIC has learned that JLENS is comprised of two 250-foot blimps. One blimp is equipped to conduct aerial and ground surveillance, while the other has targeting capability. An Army spokesperson said recently that JLENS will "absolutely not" include video surveillance gear. However, similar blimps deployed by the DHS for border security do include video surveillance. EPIC will continue to receive documents related to JLENS throughout the next two weeks. The Army must complete the document production by October 10. EPIC's goal in this lawsuit is to determine what surveillance data the Army plans to collect during its 3-year JLENS test, as well as how the Army plans to process, store, redact, or delete that data. EPIC: EPIC v. Army - Surveillance Blimps http://epic.org/foia/army/ US Army: Second Interim Document Production (Sep. 22, 2014) http://epic.org/foia/army/Sep-22-interim-release.pdf US Army: First Interim Document Production (Aug. 19, 2014) http://epic.org/foia/army/EPIC-FOIA-Interim-Release-19-Aug-2014.pdf EPIC: EPIC v. Army Complaint (May 6, 2014) http://epic.org/foia/army/Complaint.pdf EPIC: Initial FOIA Request to Army (Nov. 1, 2013) http://epic.org/foia/army/FOIA-Request.pdf The Washington Post: "Blimplike surveillance craft set to deploy over Maryland heighten privacy concerns" (Jan. 22, 2014) http://www.washingtonpost.com/business/technology/blimplike- surveillance-crafts-set-to-deploy-over-maryland-heighten-privacy- concerns/2014/01/22/71a48796-7ca1-11e3-95c6-0a7aa80874bc_story.html The Washington Post: "Army now says it won't put cameras on surveillance aircraft in Maryland" (Sep. 3, 2014) http://www.washingtonpost.com/blogs/the-switch/wp/2014/09/03/armys- eyes-in-the-sky-built-to-spot-people-from-5-kilometers-away/ ======================================================================== [6] News in Brief ======================================================================== Appeals Court Limits Military Surveillance of Civilian Internet Use The US Court of Appeals for the Ninth Circuit has ruled in United States v. Dreyer that an agent for the Naval Criminal Investigative Service violated Defense Department regulations and the Posse Comitatus Act when he conducted a surveillance operation in Washington state to identify civilians possibly sharing illegal files. The 1878 Act prevents the US military from enforcing laws against civilians. The appeals court ruled that the NCIS intrusion into civilian networks showed "a profound lack of regard for the important limitations on the role of the military in our civilian society." The court also ruled that the evidence obtained by NCIS should be suppressed to "deter future violations." In a 2013 petition to the Supreme Court, EPIC challenged the NSA's surveillance of domestic communications. The NSA is a component of the Department of Defense. 9th Circuit: Decision in US v. Dreyer (Sep. 12, 2014) http://epic.org/redirect/100114-9th-circuit-dreyer.html EPIC: In re: EPIC https://epic.org/privacy/nsa/in-re-epic/ EPIC: EPIC v. DOJ: Warrantless Wiretapping Program http://epic.org/privacy/nsa/foia/ Apple Announces New Privacy Enhancing Techniques Apple's most recent product announcements include several privacy enhancing techniques that EPIC has favored, including randomized MAC addresses, end-to-end encryption, robust screen lock, and implementation of secure electronic payment systems. Still, EPIC has raised questions about the company's "Health Kit," which enables the collection and transfer of sensitive medical information, and the enforcement of developer guidelines. Apple: Privacy Statement from CEO Tim Cook (Sept. 2014) https://www.apple.com/privacy/ EPIC: "Preserving Privacy in the Information Society" (1998) http://www.unesco.org/webworld/infoethics_2/eng/papers/paper_10.htm EPIC: Comments to Commerce Dept. re: IPv6 (Mar. 2004) http://epic.org/privacy/internet/IPv6_comments.pdf Apple: App Store Developer Guidelines (2014) https://developer.apple.com/app-store/review/guidelines/ EPIC: Online Guide to Practical Privacy Tools https://epic.org/privacy/tools.html EPIC: Locational Privacy http://epic.org/privacy/location_privacy/ FAA OK's Hollywood Drone Use, but Privacy Safeguards Remain Grounded The Federal Aviation Administration has granted six exemptions for the commercial use of drones to film and television companies. The agency found that the proposed operations do not "pose a threat to national airspace users or national security." Safety requirements include: line of site tracking; restricting flights to the "sterile area" on the set; inspection after each flight; and prohibiting operation at night. The FAA is currently considering another 40 requests from various commercial entities. Currently, no privacy protections exist to address the commercial use of drones. EPIC has testified before Congress in support of a comprehensive drone privacy law, calling for use and data retention limitations, transparency, and public accountability. In 2013, the FAA announced plans to develop drone privacy guidelines after an EPIC-lead coalition petition. EPIC also urged the agency to mandate minimum privacy standards for drone operators. FAA: Press Release on Hollywood Drone Exemptions (Sep. 25, 2014) http://www.faa.gov/news/press_releases/news_story.cfm?newsId=17194 EPIC: Testimony before US Senate re: Drones (Mar. 20, 2013) http://epic.org/redirect/032913-epic-drone-testimony.html EPIC: Letter from FAA re: Drone Privacy (Feb. 14, 2013) http://epic.org/privacy/drones/DOT-UAS-Privacy-Issues-Letter.pdf EPIC: Comments to FAA on Drone Privacy (Apr. 23, 2013) http://epic.org/apa/comments/EPIC-Drones-Comments-2013.pdf EPIC: Domestic UAVs and Drones http://epic.org/privacy/drones/ ======================================================================== [7] EPIC in the News ======================================================================== "EPIC seeks enforcement action over Arizona data breaches." TechWorld, Sept. 30, 2014. http://news.techworld.com/security/3574361/epic-seeks-enforcement- action-over-arizona-data-breaches/ "Student Data Collection is Out of Control," by EPIC Student Privacy Project Director Khaliah Barnes. The New York Times, Sept. 25, 2014. http://www.nytimes.com/roomfordebate/2014/09/24/protecting-student- privacy-in-online-learning/student-data-collection-is-out-of-control "LA County to collect more personal data without public notice." Center for Investigative Reporting, Sept. 24, 2014. https://beta.cironline.org/reports/la-county-to-collect-more- personal-data-without-public-notice/ "Google Wi-Fi Roundup Has Lawyers Chasing Landmark Jackpot." Bloomberg News, Sept. 24, 2014. http://www.bloomberg.com/news/2014-09-24/google-wi-fi-roundup- mistake-has-lawyers-eyeing-jackpot.html "New Documents Reveal Information About Police Cellphone Tracking Devices." Newsweek, Sept. 23, 2014. http://www.newsweek.com/new-documents-reveal-information-about- police-cell-phone-tracking-devices-272746 "If you're on a phone in DC, someone could be listening." CNBC, Sept. 22, 2014. http://www.cnbc.com/id/102020932#. "Child Pornography Case Spurs Debate on Military's Role in Law Enforcement." The New York Times, Sept. 21, 2014. http://www.nytimes.com/2014/09/22/us/child-porn-case-leads-to- questions-of-militarys-role-in-law-enforcement.html "You May Love Apple, But Can You Trust It?" The New Yorker, Sept. 19, 2014. http://www.newyorker.com/business/currency/may-love-apple-can-trust "Apple moves to reassure users on privacy." Financial Times, Sept. 18, 2014. http://www.ft.com/cms/s/0/85ab32a0-3ecd-11e4-adef-00144feabdc0. html "VIDEO: Big Brother 3.0: FBI Launches Facial Recognition Program." Mint Press News, Sept. 17, 2014. http://www.mintpressnews.com/big-brother-3-0-fbi-launches- facial-recognition-program/196657/ "Berlin pushes Google to reveal search engine formula." Financial Times, Sept. 15, 2014. http://www.ft.com/intl/cms/s/0/9615661c-3ce1-11e4-9733- 00144feabdc0.html "A day in the life of a data mined kid." NPR's "Marketplace," Sept. 15, 2014. http://www.marketplace.org/topics/world/day-life-data-mined-kid "FBI's Facial-Recognition Technology Has Achieved 'Full Operational Capability'." National Journal, Sept. 15, 2014. http://www.nationaljournal.com/tech/fbi-s-facial-recognition- technology-has-achieved-full-operational-capability-20140915 "Judge: Google class action 'usual suspects' cash-fling 'smells'." The Register UK, Sept. 5, 2014. http://www.theregister.co.uk/2014/09/05/judge_unhappy_with_ proposed_google_privacy_payout_in_class_action/ For More EPIC in the News: http://epic.org/news/epic_in_news.html ======================================================================= [8] EPIC Op-Ed: 'Student Data Collection is Out of Control' ======================================================================= [This piece was published in The New York Times on Sept. 25, 2014] The collection of student data is out of control. No longer do schools simply record attendance and grades. Now every test score and every interaction with a digital learning tool is recorded. Data gathering includes health, fitness and sleeping habits, sexual activity, prescription drug use, alcohol use and disciplinary matters. Students' attitudes, sociability and even "enthusiasm" are quantified, analyzed, recorded and dropped into giant data systems. Some schools use radio frequency identification tags to track student location throughout the school day. Other schools use "human monitoring services" that read student email and then contact local law enforcement if something is amiss. Students and parents will never see the vast majority of information collected. The push for big data in education has also contributed to data breaches and has made student information susceptible to being sold for purposes unrelated to the collection. My organization sued the Education Department for weakening a forty-year-old student privacy law and allowing private companies increased access to student data. Rampant data collection is not only destroying student privacy, it also threatens students' intellectual freedom. When schools record and analyze students' every move and recorded thought, they chill expression and speech, stifling innovation and creativity. Students should have a right to a privacy framework that limits data collection, gives rights to them and their families, and places responsibility on schools and companies that gather data. Senator Ed Markey of Massachusetts and others are working to update student privacy protections in Congress. Enacting a Student Privacy Bill of Rights is a top priority. -- Khaliah Barnes Khaliah Barnes is the director of the student privacy project at EPIC. http://www.nytimes.com/roomfordebate/2014/09/24/protecting-student- privacy-in-online-learning/student-data-collection-is-out-of-control =================================== EPIC Bookstore =================================== "Litigation Under the Federal Open Government Laws 2010," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark S. Zaid (EPIC 2010). Price: $75. http://epic.org/bookstore/foia2010/ Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding President Obama's 2009 memo on Open Government, Attorney General Holder's March 2009 memo on FOIA Guidance, and the new executive order on declassification. The standard reference work includes in-depth analysis of litigation under: the Freedom of Information Act, the Privacy Act, the Federal Advisory Committee Act, and the Government in the Sunshine Act. The fully updated 2010 volume is the 25th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. http://www.epic.org/redirect/aspen_ipl_casebook.html This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore: http://www.epic.org/bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= OECD Forum of the Knowledge Economy. Speaker: EPIC President Marc Rotenberg. Tokyo: Oct. 2, 2014. For More Information: http://www.oecd.org/innovation/inno/globalforumontheknowledgeeconomy.htm. "Fourth Amendment & Privacy in the Digital Age: The Supreme Court's Cell Phone Cases and What's Next." Speaker: EPIC Senior Counsel Alan Butler. Washington, DC:, Oct. 2, 2014. For More Information: https://www.dcbar.org/marketplace/event-details.cfm?productcd=051501GEN. International Working Group on Data Protection and Telecommunications. Speaker: EPIC President Marc Rotenberg. Berlin: Oct. 14-15, 2014. For More Information: http://www.datenschutz-berlin.de/. "The Year in Government Information: NSA Revelations, FOIA Developments, and More." Speaker: EPIC Senior Counsel Alan Butler. Washington, DC: ABA Administrative Law Conference 2014, October 17, 2014. For More Information: http://www.americanbar.org/content/ebus/events/ 2014/administrative-law-fall-conference-2014/schedule.html. OECD Experts on International Security Guidelines. Speaker: EPIC President Marc Rotenberg. Paris: Oct. 27, 2014. For More Information: http://www.oecd.org/internet/ieconomy/2002-security-guidelines- review.htm. Maine Judicial Conference. Speaker: EPIC Associate Director Ginger McCall. Rockport, ME: October 30-31, 2014. For More Information: http://epic.org/2014/10/maine-judicial-conference.html. "Bird's Eye View: Transatlantic Data Exposures and Regulatory Enforcement." Speaker: EPIC Associate Director Ginger McCall. Scottsdale, AZ: Privacy XChange Forum, November 3, 2014. For More Information: http://privacyxchangeforum.com/agenda/pxf-2014-agenda. ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://epic.org/facebook http://twitter.com/epicprivacy Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Support EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/support Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government and private-sector infringement on constitutional values. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 21.18------------------------