E P I C A l e r t
On September 5, a federal district court in Washington, DC ordered the government to provide far more detailed information to justify its withholding of records about the President's domestic surveillance program. In EPIC v. Department of Justice, the court rejected the government's attempt to withhold all records concerning its warrantless wiretapping surveillance program.
In December 2005, the New York Times reported that President Bush secretly issued an executive order in 2002 authorizing the National Security Agency to conduct warrantless surveillance of international telephone and Internet communications on American soil. President Bush acknowledged the existence of the NSA surveillance program and vowed that its activities would continue. EPIC submitted Freedom of Information Act (FOIA) requests to the NSA and four Department of Justice components just hours after the existence of the warrantless surveillance program was first reported. Noting the extraordinary public interest in the program - and its potential illegality - EPIC asked the agencies to expedite the processing of the requests.
The Justice Department agreed that the requests warranted priority treatment, but failed to comply with the FOIA's usual time limit of 20 working days. In January 2006, EPIC filed a lawsuit against DOJ to compel the immediate disclosure of information concerning the NSA surveillance program. EPIC's case was consolidated with a similar lawsuit filed by ACLU and National Security Archive.
On February 16, 2006, U.S. District Judge Henry H. Kennedy ordered the DOJ to process and release documents concerning the NSA program within 20 days, or by March 8, 2006. Some documents were disclosed by March 8, but the DOJ asked Judge Kennedy for an additional four months to process some of the material responsive to EPIC's request, which Judge Kennedy allowed. The government then moved to dismiss the case, arguing in effect that it had complied with all of its obligations to respond to EPIC's requests.
In the September 5 order, Judge Kennedy expressed frustration with the government. He said that many of the government's secrecy claims were "too vague and general," and largely denied the Justice Department's motion for summary judgment. Judge Kennedy said that "declaring 'because we say so' is an inadequate method for invoking exemption 5" of the Freedom of Information Act. He pointed out that the government's "exceedingly high level of secrecy" meant that his law clerk was unable to review materials relevant to the case, though the clerk holds a high-level security clearance. By October 12, the DOJ must provide to EPIC and the other plaintiffs far more detailed explanations for its decision to withhold records.
EPIC v. Department of Justice, D.C. District Court Order (September 5, 2007) (pdf):
Eric Lichtblau and James Risen, "Spy Agency Mined Vast Data Trove, Officials Report," The New York Times, December 24, 2005 at A1
EPIC's Page on Warrantless Surveillance FOIA:
In comments to the Department of Homeland Security, EPIC urged the agency to either suspend the Automated Targeting System or to fully apply all Privacy Act safeguards to any individual subject to ATS. The system creates secret, terrorist "risk assessments" on tens of millions of U.S. citizens and foreign visitors. This new rulemaking was in response to public criticism that arose from DHS's November 2006 rulemaking, where EPIC led 29 organizations and 16 privacy and technology experts in condemning the many privacy and security risks of ATS.
ATS was originally established to assess cargo that might pose a threat to the United States. However, since 1999, ATS was used to assign a "risk assessment," which is essentially a terrorist risk rating, to all people "seeking to enter or exit the United States," "engag[ing] in any form of trade or other commercial transaction related to the importation or exportation of merchandise," "employed in any capacity related to the transit of merchandise intended to cross the United States border," and "serv[ing] as operators, crew, or passengers on any vessel, vehicle, aircraft, or train who enters or exits the United States."
Some positive changes to ATS include a significant reduction in the data retention period (from 40 years to 15 years) and the elimination of a routine use that was unnecessary and far too broad (for example, it allowed data to be used for hiring decisions). However, there remain many of the security and privacy risks outlined in previous comments. Most importantly, the fundamental problem remains: The Automated Targeting System still creates terrorist risk profiles that are secret and unreviewable. All of the key characteristics of the Automated Targeting System - including the assessment, the basis for the assessment, the rules that apply, and the "targeting activities" - remain shrouded in mystery.
DHS itself states that the Automated Targeting System's "risk assessments" are substantial reviews of individuals. DHS states that it uses ATS "[i]n lieu of manual reviews of traveler information and intensive interviews with every traveler arriving in or departing from the United States." The Automated Targeting System significantly affects tens of millions of individuals per year.
In the recently filed comments, EPIC expressed surprise that "CBP proposes to exempt ATS from key fair information practices, such as the requirements that an individual be permitted access to personal information, that an individual be permitted to correct and amend personal information, and that an agency assure the reliability of personal information for its intended use." EPIC continued, "It is inconceivable that the drafters of the Privacy Act would have permitted a federal agency to propose a secret profiling system on U.S. citizens and be granted broad exemptions from Privacy Act obligations."
Department of Homeland Security, Press Release: Statement by Homeland Security Chief Privacy Officer Hugo Teufel III on the Privacy Act System of Records Notice for the Automated Targeting System (Aug. 3, 2007) (including links to the Response to Public Comments to the November 2006 ATS Rulemaking, Current Notice of Proposed Rulemaking, System of Records Notice and Privacy Impact Assessment):
EPIC, Comments on the August 6, 2007 Rulemaking on ATS (Sept. 5, 2007) (pdf):
EPIC's page on the Automated Targeting System:
This month, EPIC's Spotlight on Surveillance Project turns to the Department of Homeland Security's employment eligibility verification system, which the agency hoped would encompass 6 million employers and 143.6 million workers nationwide. But Congress recently rejected such legislation, so DHS is now moving the system ahead through administrative regulation.
DHS has renamed the "Basic Pilot" employment eligibility verification system "E-Verify," and has made substantial changes to the program. DHS will require more than 200,000 federal contractors to check the agency databases before hiring employees. This is an increase of more than 1,076 percent over the 17,000 employers currently registered in E-Verify. Also, the system will use an "enhanced photograph capability" that will allow employers to check photographs in E-Verify databases. DHS also will expand the number of databases E-Verify checks to include visa and passport databases; and the agency is asking states to "voluntarily" allow DHS access to their motor vehicle databases.
DHS also will require employers to fire employees if they were unable to resolve "no match" discrepancies within 90 days. If the employers do not terminate the workers' employment, the businesses would face fines of $11,000 or more. DHS also will raise fines against employers by 25 percent and increasingly use criminal action against employers, as opposed to administrative action. This "no match" portion is the subject of a lawsuit filed by the AFL-CIO, ACLU, and National Immigration Law Center. They seek a permanent ban against implementation by the federal government, and a federal judge has approved an order temporarily restraining the government from moving forward.
A broad expansion of E-Verify has severe implications for national and individual security, civil liberties and privacy. At a Congressional hearing in June 2007, the Government Accountability Office detailed the many problems associated with expansion of the system. E-Verify is vulnerable to employer fraud or misuse; the databases used by E-Verify are error-filled; expansion would create enormous backlogs; also, the cost would be enormous. The many errors in DHS and Social Security Administration databases have been highlighted by the GAO, SSA Inspector General, and Justice Department Inspector General.
Though the Department of Homeland Security is requiring federal contractors to use E-Verify, the agency cannot mandate its use by the states. However DHS announced that it is strongly encouraging states to require employers to register and use the employment eligibility verification system. The states are split on this issue. Some states, including Arizona and Oklahoma, have passed legislation mandating the use of E-Verify by public contractors. Just days after DHS announced the new regulations for E-Verify, however, the Illinois governor signed legislation specifically banning the use of the employment eligibility verification system. Illinois legislators cited E-Verify's high error rate and the problems that incorrect "nonconfirmations" would cause for employers and employees. DHS's rapid expansion of E-Verify does not help the problems in the system, but in fact, exacerbates them.
EPIC, Spotlight on Surveillance, "E-Verify System: DHS Changes Name, But Problems Remain for U.S. Workers":
Department of Homeland Security, E-Verify FAQs:
Government Accountability Office, Testimony on Employment Eligibility Verification (June 7, 2007) (pdf):
EPIC's Testimony on Employment Verification Systems before the House Committee on Ways and Means (June 7, 2007) (pdf):
A series of online tools are being put in place by the OECD to allow all stakeholders, and particularly civil society, to participate in and contribute to the process towards the OECD Ministerial on the Future of the Internet Economy being held in June 2008 in Seoul, Korea. The OECD-Canada Technology Foresight Forum on the Participative Web being held in Ottawa on October 3, 2007, will serve as a “testing ground” for many of these tools.
The Forum will host a range of civil society speakers from NGOs and academia. In addition to panel discussions, the Forum will feature demonstrations of web 2.0 technologies during the lunch break. Civil society is encouraged to showcase how it uses specific web 2.0 tools in its work.
The OECD has created a Forum website that includes a page dedicated to civil society. The site also features pre-recorded video messages from speakers and other participants on one or more of the Forum topics. The site will also host the presentations of speakers and/or a transcript of their main points.
In order to allow for remote participation, the Forum will be webcast live, and transcripts will be available one hour after each session. The OECD has also created an email address and a Skype address, both available on the Forum website, which will allow Internet users to post audio and text questions and messages in advance of, and during, the Forum. The OECD will have a newslog, and will also link to various RSS feeds. The Forum will also have an official blogger who will blog throughout the Forum.
Civil society is encouraged to take advantage of the various participative tools available by visiting the OECD's Forum website at: http://www.oecd.org/futureinternet/participativeweb. Participation in the October 3, 2007 Forum taking place in Ottawa is free, and registration is available online.
OECD Forum page:
The Public Voice - OECD Participative Web Forum page:
The Public Voice - OECD Ministerial 2008 page:
A panel of experts asked to investigate the tragic April 16, 2007 shooting deaths of dozens of students and faculty at Virginia Tech has released its final report.
The young man who committed the shootings had a history of mental illness. While attending Virginia Tech he had been arrested and detained for a commitment hearing for involuntary admission into a psychiatric facility. He was found to be a danger to himself, but was not committed, and allowed to return to the school. The report found that the records of his arrest, and the court proceedings were public information that was known by campus authorities, but was not disclosed to the mentally ill student's parents or other school officials.
The report found that school officials should have the ability to intervene when a student is clearly in trouble and may be a threat to themselves or to the public. According to the report, sharing information under these circumstances would not be in violation of privacy laws. However, the report also warns that the privacy of students must be protected unless circumstances dictate that disclosure meets a higher obligation to protect the public.
The report makes several recommendations related to guidelines for the disclosure of student information when behavioral problems are identified. The report advocates a “safe harbor” for good faith disclosures of medical information in order to insulate a person or organization from liability. The report also recommends changes to the Federal Educational Rights and Privacy Act.
Dr. Deborah Peel, founder of the Patient Privacy Rights, called the panel report a "whitewash" and said that the real culprit is the lack of funding for mental health in the United States.
Virginia Tech Report:
EPIC's Student Privacy page:
Patient Privacy Rights
EPIC Urges Federal Trade Commission to Restrict Use of SSN
In comments to the Federal Trade Commission, EPIC urged the Commission to create regulations to limit the use of the Social Security number, but said those restrictions should "not limit the ability of the states to develop better safeguards." In Congressional testimony and previous comments, EPIC has consistently called for more restrictions on SSN use and recommended the creation of context-dependent identifiers "that will encourage the development of more robust systems for identification that safeguard privacy and security." EPIC said "the use of the Social Security Number as an identifier or authenticator . . . will increase rather than decrease instances of fraud and identity theft."
Federal Trade Commission, Request for Public Comment on Private Sector Use of Social Security Numbers:
EPIC Comments Urging Against Expanded Use of the SSN (Sept. 5, 2007) (pdf):
Internet Oversight Agency Working Group Report on Domain Name Privacy
The Internet Corporation for Assigned Names and Numbers (ICANN)'s WHOIS working group submitted its Final Report on WHOIS. The report discusses the implementation issues surrounding the use of an Operational Point of Contact (OPoC) to limit public access to domain name registrants' personal information by allowing registrants to use alternate contact details. The report examines, among other issues, the roles, responsibility and requirements of the OpoC and what happens if they are not fulfilled. Rather than reaching any final decisions on implementation issues, the report outlines implementation options and indicates general support and/or alternative views.
Final Working Group Report on WHOIS Services (pdf):
EPIC's WHOIS page:
CRS Reports on FISA Changes
A Congressional Research Service report on recent modifications to government surveillance powers has been made available to the public. The Protect America Act of 2007 removed some intelligence gathering from review of the FISA court; created additional procedures for authorization of surveillance on a program-wide basis; and set up a procedure for the courts to review those programs. This report summarizes the effects this new law will have on other existing laws.
The Protect America Act of 2007: Modifications to The Foreign Intelligence Surveillance Act (pdf):
EPIC's FISA page:
AFL-CIO v. Chertoff
The Department of Homeland Security announced changes in the process that employers should follow, to avoid possible penalties, should the Social Security Administration report a no match with agency records. The Department of Homeland Security's new policy expands the definition of “constructive knowledge” which outlines new ways that an employer could be found to have had knowledge that an employee was working illegally. The American Federation of Labour-Congress of Industrial Unions (AFL-CIO) filed a lawsuit against the Department of Homeland Security seeking injunctive relief in advance of the new ruling active date of September 14, 2007.
Each person seeking employment in the US is required to fill out a W-2 form, which contains the name and social security number of the wage earner. The form is provided to the Social Security Administration, which manages the largest social insurance program for retirement benefits within the United State. The agency checks the information on W-2s and ensures that the retirement benefits paid by employers are properly applied to each worker's retirement insurance account.
DHS New Rule:
AFL-CIO v. Chertoff (pdf):
EPIC's Workplace Privacy page:
Government Quietly Ends Another Data Mining Program
This week, the Department of Homeland Security announced it would end a federal data mining program created to troll vast amounts of data in order to attempt to find suspicious people. DHS has spent four years and $42 million on the Analysis, Dissemination, Visualization, Insight and Semantic Enhancement (ADVISE) program. ADVISE was temporarily suspended in March after a Government Accountability Office review identified numerous privacy risks. These "include the potential for erroneous association of individuals with crime or terrorism and the misidentification of individuals with similar names," the GAO said. The program was recently reviewed by the DHS Inspector General and its Privacy Office, which recommended ending ADVISE permanently. Previous data mining efforts by the federal government include the 2002 Total Information Awareness system, envisioned to give law enforcement access to private data without suspicion of wrongdoing or a warrant. Earlier this year, the Pentagon scrapped its Threat and Local Observation Notices (TALON) program. TALON collected unvalidated reports of activities that were alleged to be threats to the Defense Department. The program was heavily criticized, and the Pentagon had to apologize, after documents revealed that TALON collected data on peaceful anti-war and anti-nuclear meetings and protests.
Government Accountability Office, "Data Mining: Early Attention to Privacy in Developing a Key DHS Program Could Reduce Risks" (Feb. 2007) (pdf):
EPIC's page on Total Information Awareness:
New York City Taxi Drivers Strike Over GPS Tracking
The New York Taxi Workers Alliance is on strike to protest the city's requirement that Global Positioning Satellite (GPS) tracking systems be installed in all cabs. The city has announced a contingency plan that includes a zone-based fare structure, allowing non-striking drivers to charge passengers more. Last year, Philadelphia cab drivers went on strike to protest a similar plan by the Philadelphia Parking Authority. The mandatory GPS requirement will allow the city to track all cabs and cab drivers.
New York Taxi Workers Alliance:
Privacy and Human Rights 2005 Report - Satellite Surveillance:
Facebook to Share Members' Information with Public
Facebook announced that it will open its database to public search, effectively creating an Internet white pages of its users. Non-Facebook users will be able to search the Facebook database and will receive in return information such as name and picture. These public profiles will become indexed by major search engines such as Google in the coming month. Facebook has automatically included all of its users in this information sharing, and those who do not want their information shared have to manually opt-out via Facebook's privacy page.
Public Search Listings on Facebook:
EPIC Social Networking and Privacy page:
Secrecy Report Card 2007 Released
OpenTheGovernment.org has released its fourth annual Secrecy Report Card 2007 which looks at trends in public access to information. The report shows both a continued expansion of government secrecy across a broad array of agencies and actions and some, limited, movement toward more openness and accountability. The report also shows an unprecedented level of restriction of access to information about federal government's policies and decisions. Further, the current administration has also increasingly refused to be held accountable to the public through the oversight responsibilities of Congress. The 2007 report offers updated numbers on presidential signing statements and invocations of the “state secrets” privilege, and information about restrictive laws introduced/passed in the states.
Open the Government homepage:
Secrecy Report Card 2007 (pdf):
EPIC's FOIA page:
"The Search: How Google and Its Rivals Rewrote the Rules of Business and Transformed Our Culture" by John Battelle (Penguin 2005)
By any measure, Google is remarkable company. As described in "The Search" by industry legend John Battelle, Google combined clear purpose, savvy technology, smart marketing, and clever business moves to become the most dominant Internet firm and just about the most powerful company the world has ever seen.
Battelle describes the early days with the cofounders scrounging up hardware at Stanford to store an ever larger database of Internet web links, on through the collaborations with advisors, the meals at Burger King, the meetings with investors, the bumpy IPO, and the subsequent stratospheric rise in valuation. There is discussion of the philosophy of web search, the significance of PageRank, and the implications of the semantic web.
Key to the success of Google's business model was the understanding that the Internet is "a database of intentions." Whereas the traditional business model for commercial advertising assumed that ads would be linked to relevant content (for example, the ads for movies appear in the Entertainment section of the local newspaper), Google's cofounders realized that search alone was interest and that as search was refined, advertising became more relevant. For web sites seeking to monetize content and small businesses seeking to find an online audience, Internet advertising was the answer. For Google and others, those clicks turned into billions of dollars.
There is in the story of Google almost a celestial elegance in the alignment of technical achievement and market success. As Google refined its algorithms, its market share grew. The best and the brightest were drawn to the company. In a short period, it transformed not only the Internet but also popular culture.
But Google's dominance may not be all to the good, as a recent editorial in The Economist suggests. As the writers for the British magazine observe, Google has become "a custodian of a far wider and more intimate range of information about individuals." The company "through the sheer speed with which it accumulates the treasure of information" tests the limits of what society may tolerate.
There is no doubt that the power of search and the rise of online advertising helped transform the Internet into the global digital agora that it has become. But Google has transformed as well. No longer focused simply on indexing web pages, the company offers almost every conceivable online service from apps and email to commerce engines and Google Earth, which with the most recent upgrade, now peers into the heavens. And every transaction is methodically tagged and recorded by Google for purposes still unknown.
Battelle's first report on Google was aptly titled "The Search." A sequel could well be named "The Searched."
- Marc Rotenberg
"Information Privacy Law: Cases and Materials, Second Edition" Daniel J.
Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005).
This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law.
"Privacy & Human Rights 2005: An International Survey of Privacy Laws
and Developments" (EPIC 2006). Price: $60.
This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 70 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2005 is the most comprehensive report on privacy and data protection ever published.
"FOIA 2004: Litigation Under the Federal Open Government Laws," Harry
Hammitt, David Sobel and Tiffany Stedman, editors (EPIC 2004).
This is the standard reference work covering all aspects of the Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and the Federal Advisory Committee Act. The 22nd edition fully updates the manual that lawyers, journalists and researchers have relied on for more than 25 years. For those who litigate open government cases (or need to learn how to litigate them), this is an essential reference manual.
"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.
This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process.
"The Privacy Law Sourcebook 2004: United States Law, International Law,
and Recent Developments," Marc Rotenberg, editor (EPIC 2005).
The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act.
"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content
Controls" (EPIC 2001). Price: $20.
A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression.
EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at:
EPIC Bookstore http://www.epic.org/bookstore
"EPIC Bookshelf" at Powell's Books
EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act.
Subscribe to EPIC FOIA Notes at:
Georgetown University Law Center National Security Center: FISA Modernization - National Security Surveillance In the 21st Century. September 10, 2007. Washington, DC. For more information contact Elizabeth Claps: firstname.lastname@example.org
Identity, Privacy and Security Initiative. Privacy By Design. September 17, 2007. Toronto, Canada. For more information: email@example.com
7th Annual Future of Music Policy Summit. September 17-18, 2007.
Washington, DC. For more information
Data Privacy and Integrity Advisory Committee meeting. September 19, 2007. Arlington, VA. For more information contact: PrivacyCommittee@dhs.gov
PIPA Conference: Private Sector Privacy in a Changing World. September
20-21, 2007. Vancouver, Canada. For more information:
3rd 2007 Technical Assistance Seminar on International Implementation of the APEC Privacy Framework. September 22-23, 2007. Vancouver, Canada. For more information: http://www.oipcbc.org/APEC_2007.htm
Civil Society Privacy Conference: Privacy Rights in a World Under
Surveillance. September 25, 2007. Montreal, Canada. For more
29th International Conference of Data Protection and Privacy
Commissioners. September 25-28, 2007. Montreal, Canada. For more
Dialogue Forum on Internet Rights. September 27, 2007. Rome, Italy. For more information: http://www.funzionepubblica.it/dfir/
OECD and Industry Canada: Shaping Policies for Creativity, Confidence
and Convergence in the Digital World. October 3, 2007. Ottawa,
For more information:
University of Ottawa Faculty of Law: The Revealed "I". October 25-27,
2007. Ottawa, Canada. For more information:
Computer Professionals for Social Responsibility: Technology in Wartime Conference. AJanuary 26, 2008. Stanford University. For more information: http://cpsr.org/news/compiler/2007/Compiler200707#twc
Future of the Internet Economy - OECD Ministerial Meeting. June 14-18,
2008. Seoul, Korea. For more information:
Subscribe/unsubscribe via web interface:
Back issues are available at:
The EPIC Alert displays best in a fixed-width font, such as Courier.
The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name.
In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information."
The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax).
If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at:
Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers.
Thank you for your support.