======================================================================= E P I C A l e r t ======================================================================= Volume 21.05 March 17, 2014 ----------------------------------------------------------------------- Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. http://www.epic.org/alert/epic_alert_21.05.html "Defend Privacy. Support EPIC." http://epic.org/support ========================================================================= Table of Contents ========================================================================= [1] EPIC Urges FTC Investigation of WhatsApp Sale to Facebook [2] EPIC Celebrates Sunshine Week [3] EPIC Asks Supreme Court to Protect Cell Phone Privacy [4] Citron, Felten, Lewis, Lysyanskaya, Marwick, McDonald, Moglen, and Vladeck Join EPIC Advisory Board [5] EP Passes New Privacy Law, Rejects Safe Harbor and US Data Transfers [6] News in Brief [7] EPIC in the News [8] EPIC Book Review: 'Privacy in the Age of Big Data' [9] Upcoming Conferences and Events TAKE ACTION: Speak Out on Big Data! - SUBMIT Your Comments on Big Data: Send Mail to bigdata@ostp.gov! - LEARN about Big Data: http://epic.org/privacy/big-data/default.html - SUPPORT EPIC: http://epic.org/support ========================================================================= [1] EPIC Urges FTC Investigation of WhatsApp Sale to Facebook ========================================================================= EPIC has filed a complaint with the Federal Trade Commission over Facebook's proposed $19 billion purchase of WhatsApp, a popular cross- platform text messaging and VoIP service with a pro-privacy approach to user data. WhatsApp currently has 450 million active users worldwide, many of whom objected when Facebook announced the proposed acquisition in February. Facebook also operates a messaging service, although Facebook messaging is notorious for its extensive data collection practices. EPIC's complaint highlights that Facebook regularly incorporates data from companies it has acquired. For example, prior to Facebook's purchase of the photo-sharing application Instagram in 2012, Instagram users' data was not used for advertisements in the app. After the acquisition, however, " Facebook did in fact access Instagram users' data and changed the Instagram Terms of Service to reflect this change." According to the EPIC complaint, "WhatsApp users could not reasonably have anticipated that by selecting a pro-privacy messaging service, they would subject their data to Facebook's data collection practices." The complaint states: "As set forth in detail below, WhatsApp built a user base based on its commitment not to collect user data for advertising revenue. Acting in reliance on WhatsApp representations, Internet users provided detailed personal information to the company including private text to close friends. Facebook routinely makes use of user information for advertising purposes and has made clear that it intends to incorporate the data of WhatsApp users into the user profiling business model. The proposed acquisition will therefore violate WhatsApp users’ understanding of their exposure to online advertising and constitutes an unfair and deceptive trade practice, subject to investigation by the Federal Trade Commission." EPIC's complaint also notes that Facebook currently is under a 20-year consent decree from the FTC that requires Facebook to protect user privacy and to comply with the US-EU Safe Harbor guidelines. Facebook has stated that WhatsApp will remain an independent service and "nothing will change." EPIC advised the FTC to investigate this claim as well, to ensure that Facebook is not violating the consent decree. In the past, the Federal Trade Commission has responded favorably to EPIC's complaints. The Commission's November 2011 settlement with Facebook followed from a complaint filed by EPIC and a coalition of privacy and civil liberties groups in December 2009 and a supplemental complaint filed by EPIC in February 2010. EPIC's 2010 complaint over Google Buzz provided the basis for the Commission's investigation of and subsequent settlement with the social networking service. In the Google Buzz case, the Commission found that Google "used deceptive tactics and violated its own privacy promises to consumers when it launched [Buzz]." In 2008, EPIC notified the Commission that AskEraser falsely represented that search queries would be deleted when in fact they were retained by the company and made available to law enforcement agencies. EPIC: Complaint to FTC re: Facebook and What'sApp (Mar. 6, 2014) https://www.epic.org/ftc/WhatsApp-Complaint.pdf EPIC: In re WhatsApp http://epic.org/privacy/internet/ftc/whatsapp/ WhatsApp: Privacy Policy http://www.whatsapp.com/legal/#Privacy FTC: Facebook Settlement (Nov. 29, 2011) http://epic.org/redirect/031714-FB-FTC-2011.html FTC: In re Facebook http://epic.org/redirect/031714-FTC-in-re-FB.html EPIC: In re Facebook: Supplemental Materials http://epic.org/privacy/inrefacebook/EPIC_Facebook_Supp.pdf FTC: In re DoubleClick (2007) http://epic.org/redirect/031714-in-re-doubleclick.html EPIC: In re Google Buzz http://epic.org/privacy/ftc/googlebuzz/ ======================================================================== [2] EPIC Celebrates Sunshine Week ======================================================================== In recognition of "Sunshine Week," EPIC has launched the 2014 EPIC FOIA Gallery. Sunshine Week, which this year spans March 16 to March 22, is a nationwide initiative promoting public awareness of the significance of open government laws and policies. One of the primary legal tools for open government advocates is the Freedom of Information Act, or FOIA. EPIC is a frequent FOIA requester, using the law to obtain information about citizens' data privacy from previously secret government documents. EPIC's 2014 FOIA Gallery highlights several of EPIC's FOIA successes from 2013. EPIC’s FOIA work over the past year has resulted in public disclosure of information about several formerly secret government surveillance programs. To obtain these documents, EPIC aggressively deployed the tools provided by the FOIA - detailed requests to agencies, comprehensive administrative appeals, and lawsuits in federal court. Through these cases, EPIC “substantially prevailed� and forced the disclosure of documents from federal agencies including the CIA, FBI, NSA, DHS, Transportation Security Administration, Office of the Director of National Intelligence, and the US Department of Education. In several of these cases, EPIC has also obtained attorneys fees. EPIC currently has two FOIA cases before the DC Circuit Court of Appeals. In November 2013, EPIC won a lawsuit against the Department of Homeland Security. EPIC requested the document describing the policy that allowed the federal government to shut down cellular service during a peaceful protest. A federal court ruled in EPIC’s favor, finding that the DHS could not properly withhold the information EPIC is seeking. The Department of Homeland Security appealed the decision. EPIC is also pursuing EPIC v. NSA, a case in which EPIC is seeking to obtain “NSPD 54,� which describes the scope of the NSA’s cybersecurity authority. EPIC forced the NSA to disclose some documents related to NSPD 54. However, a federal judge ruled that the Presidential Directive itself is not subject to the Freedom of Information Act, which was a surprising decision. The Gallery also contains document PDFs and summaries, including the: * Number of times the Foreign Intelligence Surveillance Court authorized the gathering of telephone numbers and "metadata" of phone customers and Internet users; * FBI's use of facial recognition technology to compare subjects of criminal investigations and missing persons against millions of drivers' license and identification photos; * DHS's crowd-scanning facial recognition technology, called BOSS; * Bureau of Customs and Border Protection's domestic use of drones capable of intercepting electronic communications; * CIA's collaboration with the New York Police Department in domestic surveillance efforts; * Documents obtained from the US Education Department about the lack of quality control over many private student debt-collection agencies. EPIC: FOIA Gallery 2014 http://epic.org/foiagallery2014/ EPIC: Open Government https://www.epic.org/open_gov/ EPIC: FOIA Cases https://www.epic.org/foia/ EPIC: Open Government Litigation Manual http://epic.org/bookstore/foia2010/default.html NY Times Editorial: "The CIA and the NYPD" (Jul. 5, 2013) http://www.nytimes.com/2013/07/06/opinion/the-cia-and-the-nypd.html Information Week: "FBI Driver's License Photo Searches Raise Privacy Questions" (Jun. 18, 2013) http://www.informationweek.com/security/risk-management/fbi- drivers-license-photo-searches-raise-privacy-questions/d/d-id/ 1110410?page_number=1 Slate.com: "FBI Files Reveal New Info on Clandestine Phone Surveillance Unit" (Oct. 8, 2013) http://www.slate.com/blogs/future_tense/2013/10/08/fbi_wireless_ intercept_and_tracking_team_files_reveal_new_information_on.html The Guardian: "Fresh Questions for the CIA as NYPD Collaboration Revealed in New Report" (Jun. 27, 2013) http://www.theguardian.com/world/2013/jun/27/nypd-cia- collaboration-surveillance NY Times: "Facial Scanning Is Making Gains in Surveillance" (Aug. 21, 2013) http://www.nytimes.com/2013/08/21/us/facial-scanning-is-making- gains-in-surveillance.html ========================================================================= [3] EPIC Asks Supreme Court to Protect Cell Phone Privacy ========================================================================= EPIC, joined by 24 technical experts and legal scholars, has filed a "friend of the court" brief in the US Supreme Court case, Riley v. California, which concerns warrantless law enforcement cell phone searches. The Court will determine whether such a search violates the Fourth Amendment. EPIC's brief argues that "modern cell phone technology provides access to an extraordinary amount of personal data," and that "Allowing police officers to search a person's cell phone without a warrant following an arrest would be a substantial infringement on privacy, is unnecessary, and unreasonable under the Fourth Amendment." The brief also describes the vast amount of personal data available both on the phone and from remote servers off the phone, which the phone can access through applications or from the cloud. "From a cellphone," EPIC explains, "users can even see into their homes and control devices and appliances." The brief also stresses that police officers already use low-cost security techniques that can significantly reduce the risk of data loss. Therefore, "there is no need to allow warrantless searches when currently available techniques allow law enforcement to secure the cell phone data pending a judicial determination of probable cause." The Supreme Court will hear oral arguments in the case on April 29. A decision is expected before the end of June. EPIC et al.: "Friend of the Court" Brief in Riley v. CA (Mar. 10, 2014) http://epic.org/amicus/cell-phone/riley/EPIC-Amicus-Brief.pdf EPIC: Riley v. CA http://epic.org/amicus/cell-phone/riley/ EPIC: Location Privacy: Apple iPhone / iPad http://epic.org/privacy/location_privacy/apple.html EPIC: Amicus Cases http://epic.org/amicus/ ========================================================================= [4] Citron, Felten, Lewis, Lysyanskaya, Marwick, McDonald, Moglen, and Vladeck Join EPIC Advisory Board ========================================================================= EPIC has announced the 2014 members of the EPIC Advisory Board, a distinguished group of experts in law, technology, and public policy: Danielle Citron, Professor at University of Maryland School of Law. Citron explores the intersection of information privacy and civil rights. Her new book, "Hate Crimes in Cyberspace," will be published by Harvard University Press in 2014. Edward Felten, Professor of Computer Science and Public Affairs at Princeton University. Felten was the first Chief Technologist for the Federal Trade Commission. His research interests include computer security and privacy, and public policy issues relating to information technology. Harry R. Lewis, Professor of Computer Science at Harvard University. Lewis is a leading educator in computer science who has authored several books on theoretical computer science and on higher education. He is co-author of "Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion." Anna Lysyanskaya, Professor of Computer Science at Brown University. Lysyanskaya's research interests include cryptography, theoretical computer science, and computer security, particularly in promoting privacy and accountability. Alice E. Marwick, Assistant Professor of Media Studies at Fordham University. Marwick investigates online identity and consumer culture. Her book, "Status Update: Celebrity and Attention in Web 2.0" (Yale University Press, 2013) is based on a multi-year ethnography of the San Francisco tech industry. Aleecia M. McDonald, Director of Privacy at the Stanford Center for Internet & Society. McDonald's research focuses on the public policy issues of Internet privacy, and includes user expectations for Do Not Track, behavioral economics, and mental models of privacy and the efficacy of industry self regulation. Eben Moglen, Professor of Law and Legal History at Columbia Law School. Moglen is a computer programmer turned law professor who has worked to promote free software and defend the freedom to use cryptography. David Vladeck, Professor of Law at Georgetown University Law Center. Vladeck is a leading expert in Administrative Law and the former director of the Federal Trade Commission's Bureau of Consumer Protection. Among other activities, members of the EPIC Advisory Board often add their insights to “friend of the court� briefs that EPIC prepares for federal and state courts on emerging privacy and civil liberties issues. Danielle Citron http://epic.org/redirect/031714-danielle-citron.html Edward Felten http://www.cs.princeton.edu/~felten/ Harry Lewis http://lewis.seas.harvard.edu/ Anna Lysyanskaya http://cs.brown.edu/~anna/ Alice E. Marwick http://epic.org/redirect/031714-alice-e-marwick.html Aleecia M. McDonald http://cyberlaw.stanford.edu/about/people/aleecia-mcdonald Eben Moglen http://moglen.law.columbia.edu/ David Vladeck http://www.law.georgetown.edu/faculty/vladeck-david-c.cfm EPIC: Press Release on 2014 Advisory Board (Mar. 5, 2014) http://epic.org/press/RELEASE-EPIC-Advisory-Board-2014.pdf EPIC: Advisory Board http://epic.org/epic/advisory_board.html ========================================================================= [5] EP Passes New Privacy Law, Rejects Safe Harbor and US Data Transfers ========================================================================= In a nearly unanimous vote, the European Parliament has approved a comprehensive data protection regulation to replace the individual national privacy laws currently governing the EU's 28 member states. The new law also will change the ways that EU citizens interact with their personal information, including providing better access to their data, restricting the ways that data can be used outside the EU, and fining companies that are in violation. The regulation will be the first update to European privacy legislation since the EU passed the 1995 Data Protection Directive. EU Justice Commissioner Viviane Reding stated, "The message the European Parliament is sending is unequivocal: This reform is a necessity, and now it is irreversible." In 2012, EPIC Executive Director Marc Rotenberg testified in support of the European data protection initiative before the European Parliament. In 2012 and 2013, EPIC and over 20 other US consumer, privacy, and civil liberties groups sent letters to the European Parliament in support of the reform. The groups wrote that until the US passes comprehensive privacy legislation, "the European Union offers the best prospect for the protection of Internet users around the globe." During the same session, the European Parliament also voted to halt the US-EU Safe Harbor program, which allows US companies to process data on EU citizens outside of European legal protections, and to restrict the flow of European data out of the EU. The Safe Harbor resolution recommends that Europe exclude EU-US data transfers from trade negotiations and establish legal remedies for EU citizens who face privacy violations. Earlier in 2012, EPIC wrote to the Federal Trade Commission to urge the agency to enforce Safe Harbor. EPIC also recommended that the Commission require violating companies to comply with the White House's Consumer Privacy Bill of Rights. Similarly, the European Parliament's resolution would add protections for European whistleblowers and establish an independent EU-based data cloud. The resolution follows a six-month investigation, led by MEP Claude Moraes, on the Electronic Mass Surveillance of EU Citizens. The investigation "looked into alleged spying by the US and some EU member states, assessed its impact on EU citizens' rights (e.g. data protection, freedom of expression, presumption of innocence and effective remedy), recommended ways to prevent further breaches, explored redress mechanisms and suggested how to improve the IT security of EU institutions." European Parliament: Press Release on Data Resolutions (Mar. 12, 2014) http://epic.org/redirect/031714-eu-data-resolutions.html European Commission: Press Release on DP Reforms (Mar. 12, 2014) http://europa.eu/rapid/press-release_MEMO-14-186_en.htm Consumer Groups: Letter to EU Parliament re: DP (Oct. 17, 2013) http://www.consumerwatchdog.org/resources/ltreudatareg101513.pdf EU: LIBE Committee Vote on Regulation (Oct. 21, 2013) http://epic.org/redirect/103113-eu-libe-vote.html EPIC: Letter to LIBE Committee re: Data Protection (Sept. 5, 2012) http://epic.org/redirect/031714-epic-letter-eu-dp.html EPIC: Testimony of Marc Rotenberg before EU Parliament (Sep. 30, 2013) http://epic.org/redirect/103113-rotenberg-libe.html EU: Inquiry on Mass Surveillance of EU Citizens (Sep. 25, 2013) http://epic.org/redirect/103113-eu-surveillance-inquiry.html EU: NSA Inquiry (Sep. 30, 2013) http://epic.org/redirect/103113-eu-NSA-inquiry.html EU: LIBE Committee http://epic.org/redirect/103113-libe-committee.html EU: 1995 Data Protection Directive http://epic.org/redirect/103113-eu-dp-directive-1995.htmlL The White House: Consumer Privacy Bill of Rights (Feb. 2012) http://www.whitehouse.gov/sites/default/files/privacy-final.pdf US Department of Commerce: (US-EU Safe Harbor Program) http://export.gov/safeharbor/eu/eg_main_018365.asp EPIC: EU Data Protection Directive https://www.epic.org/privacy/intl/eu_data_protection_directive.html ======================================================================== [6] News in Brief ======================================================================== EPIC Urges Public Comment on White House 'Big Data' Initiative EPIC is urging public input on the Obama Administration's "Big Data and the Future of Privacy" review. In Februrary, EPIC, joined by 24 consumer privacy, public interest, scientific, and educational organizations, petitioned the White House Office of Science and Technology Policy to accept public comments, stating, "The public should be given the opportunity to contribute to the OSTP's review of 'Big Data and the Future of Privacy' since it is their information that is being collected and their privacy and their future that is at stake." The letter sets out a list of questions, including "What potential harms arise from big data collection and how are these risks currently addressed?," and "What technical measures could promote the benefits of big data while minimizing the privacy risks?". Comments are due no later than March 31, 2014, and can be sent via email to bigdata@ostp.gov. OSTP: Government 'Big Data': Request for Information (Mar. 3, 2014) 12031714-ostp-big-data-request.html The White House: "Big Data and the Future of Privacy" (Jan. 23, 2014) http://www.whitehouse.gov/blog/2014/01/23/big-data-and-future-privacy EPIC et al.: Petition to OSTP re: Big Data Initiative (Feb. 10, 2014) http://epic.org/privacy/Ltr-to-OSTP-re-Big-Data.pdf EPIC: Big Data and the Future of Privacy http://epic.org/privacy/big-data/default.html In FOIA Lawsuit, EPIC Obtains Secret Reports on Data Collection Via a Freedom of Information Act lawsuit, EPIC has obtained reports detailing the number of times the Foreign Intelligence Surveillance Court has authorized the use of techniques to gather the telephone numbers and "metadata" of phone customers and Internet users. The previously secret reports, which cover the period 2000-2013, reveal a dramatic increase in the use of these techniques in 2004 and then a significant reduction in 2008, likely the result of a shift to other investigative methods. The documents show that nearly all applications to the Surveillance Court were approved without modifications. In 2013, EPIC petitioned the US Supreme Court to end the bulk telephone record collection program. Former members of the Church Committee and dozens of legal scholars supported the EPIC petition. EPIC: FOIA Documents on Pen Registers and FISA (Mar. 2014) http://epic.org/redirect/031714-foia-pen-register.html EPIC: EPIC v. DOJ - Pen Register Reports http://epic.org/foia/doj/pen-reg-trap-trace/ EPIC: Foreign Intelligence Surveillance Court Orders 1979-2012 http://epic.org/privacy/wiretap/stats/fisa_stats.html EPIC: Foreign Intelligence Surveillance Act (FISA) http://epic.org/privacy/terrorism/fisa/ EPIC: In re EPIC http://epic.org/privacy/nsa/in-re-epic/ Ed Dept. Weakens Student Privacy Laws, Then Proposes 'Best Practices' The US Education Department has issued recommendations for schools that transfer student records to online educational service providers. Following the Department's changes to a federal student privacy law, private companies and government agencies have access to student records without obtaining student consent. The Department's recommendations explain that the current regulations do not require written agreements for schools to disclose student information to private companies. The Education Department also recommended that schools establish policies for approving online educational services, create written contracts with private companies for the use of student data, and explain to parents and students how schools collect, use, and disclose student information. The agency warned that student data held by private companies may not be protected under federal privacy laws. In 2012, EPIC sued the Education Department for weakening the privacy rule that prevented companies from getting access to student data. US Ed. Dept.: Student Privacy Best Practices (Feb. 2014) http://epic.org/redirect/031714-ed-dept-best-practices.html EPIC: EPIC v. The U.S. Department of Education http://epic.org/apa/ferpa/ Federal Register: Proposed Changes to FERPA (Dec. 9, 2008) http://epic.org/apa/ferpa/2008%20Final%20Rule.pdf Federal Register: Final Rule on FERPA (Dec. 2, 2011) http://epic.org/apa/ferpa/Final%20Rule.pdf EPIC: Student Privacy http://epic.org/privacy/student/ Federal Judge Rules Commercial Drones Legal A federal judge has ruled that commercial drones are legal, stating that the Federal Aviation Administration has not issued an enforceable regulatory rule that governs commercial drone operation. The FAA plans to appeal the decision. In 2012, Congress ordered the FAA to implement a plan to integrate drones into US National Airspace by 2015. Shortly thereafter, EPIC, joined by over 100 other organizations, experts, and members of the public, petitioned the agency to address privacy as a component of the integration. As a result, the FAA published a notice with proposed privacy requirements for drone operators. EPIC submitted comments in response to the notice, urging the agency to mandate minimum privacy standards. After considering numerous public comments on the privacy impact of aerial drones, the FAA proposed a regulation that requires test site operators to develop privacy policies but does not require any specific baseline privacy protections. Several states have passed drone privacy laws, and bills are also pending in Congress. NTSB: Decision in Huerta v. Pirker (Mar. 6, 2014) http://www.kramerlevin.com/files/upload/PirkerDecision.pdf FAA: Press Release on Appeal (Mar. 7, 2014) http://www.faa.gov/news/press_releases/news_story.cfm?newsId=15894 EPIC et al.: Petition to FAA re: Drone Privacy (Feb. 24, 2012) http://epic.org/privacy/drones/FAA-553e-Petition-03-08-12.pdf FAA: Proposed Rulemaking on Drone Testing (Feb. 22, 2013) http://www.regulations.gov/#!documentDetail;D=FAA-2013-0061-0001 EPIC: Comments to FAA on Drone Site Testing (Apr. 23, 2013) http://epic.org/apa/comments/EPIC-Drones-Comments-2013.pdf FAA: Notice on Drone Privacy (Nov. 7, 2013) http://epic.org/redirect/031714-faa-drone-privacy.html EPIC: Domestic UAVs and Drones http://epic.org/privacy/drones/ EPIC Presents 2014 Domestic Privacy Champion Award to Evan Hendricks EPIC has presented the 2014 Domestic Privacy Champion Award to Evan Hendricks, publisher of the Privacy Times newsletter. Hendricks received the award in recognition of his work in consumer privacy protection and for publishing Privacy Times, a significant resource to the privacy community since 1981. In 2013, EPIC presented the Domestic Privacy Champion Award to Susan Grant of the Consumer Federation of America. On January 28, EPIC awarded Jan Philipp Albrecht with the International Privacy Champion Award as part of International Privacy Day. Privacy Times http://privacytimes.com/ EPIC: Jan Albrecht Awarded Intl. Privacy Champion 2014 (Jan. 27, 2014) http://epic.org/2014/01/epic-gives-2014-international-.html The Public Voice: International Privacy Day http://thepublicvoice.org/madrid-declaration/ Pew Internet Report Identifies Privacy Concerns, New Challenges According to the Pew Research Report "Digital Life in 2025", experts predict the Internet will become 'like electricity' - less visible, yet more deeply embedded in people's lives for good and ill. Several respondents to the Pew survey identified the loss of privacy, and the stratification of privacy rights, as a key concern. The Pew report, conducted with Elon University, asked experts to make predictions about the state of digital life in 2025. EPIC President Marc Rotenberg posed the question, "Will the Internet of 2025 be a network of freedom and opportunity or the infrastructure of social control?" Pew Research Internet Project: "Digital Life in 2025" (Mar. 11, 2014) http://www.pewinternet.org/2014/03/11/digital-life-in-2025/ EPIC: Public Opinions on Privacy http://epic.org/privacy/survey/ ======================================================================== [7] EPIC in the News ======================================================================== "Tensions rise over access to local government." The Washington Post, Mar. 15, 2014. http://www.washingtonpost.com/national/tensions-rise-over-access- to-local-government/2014/03/15/f17973fc-ac65-11e3-b8ca-197ef3568958_ story.html "Feinstein's CIA accusation seen as possible pivot." Orange County Register, Mar. 15, 2014. http://www.ocregister.com/articles/intelligence-605739-feinstein- cia.html "Google Under Fire for Data-Mining Student Email Messages." Education Week, Mar. 14, 2014. http://www.edweek.org/ew/articles/2014/03/13/26google.h33.html "Can police search your phone on arrest? Groups urge Supreme Court to say 'no'." Ars Technica, Mar. 12, 2014. http://arstechnica.com/tech-policy/2014/03/can-police-search-your- phone-on-arrest-groups-urge-supreme-court-to-say-no/ "How a Court Secretly Evolved, Extending U.S. Spies' Reach." The New York Times, Mar. 12, 2014. http://www.nytimes.com/2014/03/12/us/how-a-courts-secret-evolution- extended-spies-reach.html?hp "Big Data And Privacy: An Uneasy Face-Off For Government To Face." Forbes, Mar. 11, 2014. http://www.forbes.com/sites/oreillymedia/2014/03/12/big-data-and- privacy-an-uneasy-face-off-for-government-to-face/ "Experts Share Visions for Future Web, Tech." Voice of America, Mar. 11, 2014. http://www.voanews.com/content/experts-share-visions-for-future- web-technology/1868325.html "High Court Pushed To Ban Warrantless Cellphone Searches." Law360, Mar. 10, 2014. http://www.law360.com/articles/516931/high-court-pushed-to-ban- warrantless-cellphone-searches "Privacy groups ask regulators to halt Facebook's $19 billion WhatsApp deal." Reuters, Mar. 6, 2014. http://www.reuters.com/article/2014/03/06/us-facebook-whatsapp- idUSBREA2526C20140306 "Privacy advocates decry Facebook's purchase of WhatsApp." The Washington Post, Mar. 6, 2014. http://www.washingtonpost.com/business/technology/privacy- advocates-decry-facebooks-purchase-of-whatsapp/2014/03/06/ 2f14a56e-a569-11e3-84d4-e59b1709222c_story.html "Privacy groups urge FTC to probe Facebook's deal to buy WhatsApp." Los Angeles Times, Mar. 6, 2014. http://www.latimes.com/business/technology/la-fi-tn-privacy-groups- urge-ftc-to-probe-facebooks-whatsapp-deal-20140306,0,5616080.story# ixzz2vgyDD7jq "FTC Should Investigate Facebook-WhatsApp Deal, Groups Say." Bloomberg News, Mar. 6, 2014. http://www.bloomberg.com/news/2014-03-06/ftc-should-investigate- facebook-whatsapp-deal-groups-say.html "Why a 'Student Privacy Bill of Rights' is desperately needed." The Washington Post, Mar. 6, 2014. http://www.washingtonpost.com/blogs/answer-sheet/wp/2014/03/06/why- a-student-privacy-bill-of-rights-is-desperately-needed/ "The technical aspects of privacy." O'Reilly Radar, Mar. 5, 2014. http://radar.oreilly.com/2014/03/the-technical-aspects-of- privacy.html "Documents Released on U.S. Wiretapping Since Sept. 11 Terrorist Attacks." The New York Times, Mar. 3, 2014. http://www.nytimes.com/2014/03/03/us/politics/documents-released- on-us-wiretapping-since-sept-11-terrorist-attacks.html For More EPIC in the News: http://epic.org/news/epic_in_news.html ======================================================================== [8] EPIC Book Review: 'Privacy in the Age of Big Data' ======================================================================== "Privacy in the Age of Big Data: Recognizing Threats, Defending Your Rights, and Protecting Your Family," Theresa M. Payton and Theodore Claypoole http://epic.org/redirect/031714-privacy-big-data-payton-claypoole.html "Privacy in the Age of Big Data" explores the personal and societal importance of privacy and describes the various technologies that put privacy at risk. Security experts Theresa Payton and Theodore Claypoole demonstrate that, from our mobile devices and TVs to our cars and our bodies, data about us is collected in a near boundless number of ways. The book also provides a number of practical tips for securing and minimizing risks to personal privacy. The first chapter argues why privacy, in general, is so important and suggests that, at the heart of it, privacy is about "choice" - our choice to divulge what it is known and unknown about us. It also sets the stage for the current relationship between technology and privacy by describing how technological advancement has lead to both greater data collection and the ability to analyze that data. The authors explain that the amount of privacy protection one is afforded depends on what country we live in but that legal precedent generally has failed to keep pace with technology's ongoing encroachment on privacy. As one would expect about a book on big data and privacy, the Internet plays a central role in Payton and Claypoole's arguments. Several chapters explore various technologies – including cars, TVs, thermostats, and home appliances - that are now Internet-enabled and thus allow greater data collection, on themselves and on us. In other words, greater convenience opens us up to greater snooping by the government, our employer, companies, and crooks. Of course, it's just not the latest Internet-enabled gadgets compromising our privacy; many invasive technologies are watching us as we travel outside our homes. Drones, security cameras, license plate readers, and automatic toll collectors monitor and track our movements. As the authors note, even our bodies betray our movements as improvements in biometrics, particularly facial recognition, make it easier to identify us when we are out in public. "Privacy in the Age of Big Data," however, is far from being a mere laundry list of privacy-compromising technologies. Throughout the book, the authors not only describe technology in an approachable manner but remind us of privacy's fundamental importance. Payton and Claypoole provide useful tips and resources to better protect our privacy and remind their readers that "trading [privacy] for convenience and cost would be a tragedy." Technology- and privacy savvy-readers probably are already familiar with many privacy-compromising technologies and ways to circumvent them. For those looking for an accessible way to better understand "big data" collection, its privacy implications, and how to protect themselves against big data intrusion, "Privacy in the Age of Big Data" provides the perfect place to start. --Jeramie D. Scott ========================================= EPIC Bookstore ========================================= "Litigation Under the Federal Open Government Laws 2010," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, Ginger McCall, and Mark S. Zaid (EPIC 2010). Price: $75. http://epic.org/bookstore/foia2010/ Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding President Obama's 2009 memo on Open Government, Attorney General Holder's March 2009 memo on FOIA Guidance, and the new executive order on declassification. The standard reference work includes in-depth analysis of litigation under: the Freedom of Information Act, the Privacy Act, the Federal Advisory Committee Act, and the Government in the Sunshine Act. The fully updated 2010 volume is the 25th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years. ================================ "Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98. http://www.epic.org/redirect/aspen_ipl_casebook.html This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law. ================================ "Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75. http://www.epic.org/phr06/ This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published. ================================ "The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40. http://www.epic.org/bookstore/pvsourcebook This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process. ================================ "The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40. http://www.epic.org/bookstore/pls2004/ The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act. ================================ "Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20. http://www.epic.org/bookstore/filters2.0 A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression. ================================ EPIC publications and other books on privacy, open government, free expression, and constitutional values can be ordered at: EPIC Bookstore: http://www.epic.org/bookstore ================================ EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act. Subscribe to EPIC FOIA Notes at: http://mailman.epic.org/mailman/listinfo/foia_notes ======================================================================= [9] Upcoming Conferences and Events ======================================================================= "Seventh Annual Freedom of Information Day Celebration," Featuring EPIC's Khaliah Barnes, Alan Butler, and Ginger McCall. American University, Washington, DC, Mar. 18, 2014. For More Information: http://www.wcl.american.edu/lawandgov/cgs/documents/CGS.March.2014. agenda.newer.pdf. Freedom of the Press Committee Presents ""Civil Liberties Dead Zone: Do First and Fourth Amendment Rights Not Apply at the Border?," with EPIC Executive Director Marc Rotenberg. National Press Club, Washington, DC, Mar. 20, 2014. For More Information: http://press.org/news-multimedia/ news/panel-examine-civil-liberties-dead-zone-us-borders-thursday- march-20. “Federal Courts Law Review Symposium,� featuring EPIC Appellate Advocacy Fellow David Husband. Charleston School of Law, Charleston, SC, March 28, 2014. For More Information: http://www.charlestonlaw.edu/General-Info/Events/Federal-Courts-Law- Review-Symposium.aspx. "Techno-Snooping: Privacy, Technology and the Evolving Rule of Law." Ginger McCall, EPIC Associate Director. Colby College, Waterville, ME, April 6, 2014. For More Information: http://epic.org/2014/04/techno-snooping-privacy-techno.html. Fourth Annual International Summit on the Future of Health Privacy. Washington, DC, June 4-5, 2014. For More Information: http://patientprivacyrights.org/summit/. IEEE Presents "Reintroducing Norbert Wiener in the 21st Century." Boston, 24-26 June 2014. For More Information: http://21stcenturywiener.org. SAVE THE DATE: EPIC's 2014 Champions of Freedom Dinner, Hosted by Bruce Schneier: http://epic.org/june02. ======================================================================= Join EPIC on Facebook and Twitter ======================================================================= Join the Electronic Privacy Information Center on Facebook and Twitter: http://facebook.com/epicprivacy http://epic.org/facebook http://twitter.com/epicprivacy Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC. ======================================================================= Privacy Policy ======================================================================= The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name. In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information." ======================================================================= About EPIC ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax). ======================================================================= Support EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave. NW, Suite 200, Washington, DC 20009. Or you can contribute online at: http://www.epic.org/support Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government and private-sector infringement on constitutional values. ======================================================================= Subscription Information ======================================================================= Subscribe/unsubscribe via web interface: http://mailman.epic.org/mailman/listinfo/epic_news Back issues are available at: http://www.epic.org/alert The EPIC Alert displays best in a fixed-width font, such as Courier. ------------------------- END EPIC Alert 21.05------------------------