Home | Databases | WorldLII | Search | Feedback EPIC Alert

EPIC Alert 16.10 [2009] EPICAlert 10

E P I C A l e r t

http://www.epic.org/alert/EPIC_Alert_16.10.html

"Defend Privacy. Support EPIC." http://epic.org/donate"

EPIC 15th Anniversary Dinner and the EPIC Champion of Freedom Awards Cosmos Club, Washington, DC June 9, 2009

EPIC@15 Invitation: http://www.epic.org/epic15/invite.pdf Your Reply: http://epic.org/epic15/reply.pdf Register (or donate to EPIC@15): http://epic.org/register

Whole Body Imaging systems, such as backscatter x-ray and millimeter wave, capture a detailed image of the subject stripped naked. Some presentations of the image produced display the outline of undergarments, while others do not stop there but reveal the nude body. The agency is using the technology on persons suspected of no wrongdoing.

Privacy advocates have expressed their frustration with the agency after being assured that Whole Body Imaging would only be used in the case of secondary screening that provide travelers with the option of a pat-down search. Privacy groups engaged in the campaign believe that the change in the agency's policy to make default a primary screening tool opens the door on other options that could further undermine passenger privacy.

The deadline for joining the letter to Department of Homeland Security Secretary Janet Napolitano is May 31, 2009.

Airport security underwent significant changes following terrorist attacks of September 11, 2001. TSA said it believes that whole body imaging screening is less invasive than pat-down searches. However, these machines, which show detailed images of a person's naked body, are equivalent to a "virtual strip search" for all air travelers.

Whole body imaging systems have been in use at 19 US Airports around the country: Albuquerque International, Hartsfield-Jackson Atlanta, Baltimore/Washington International, Ronald Reagan Washington National, Denver International, Dallas/Ft Worth International, Detroit Metro, Indianapolis International, Jacksonville International, McCarran International, Los Angeles International, Miami International, Phoenix Sky Harbor International, Raleigh-Durham International, Richmond International, San Francisco International, Salt Lake City International, Tampa International, and Tulsa International Airports.

Privacy Coalition Campaign to Stop TSA's Use of Whole Body Imaging: http://privacycoalition.org/stopwholebodyimaging/

EPIC's Page on Whole body Imaging: http://epic.org/privacy/airtravel/backscatter/

EPIC's Spotlight on Surveillance on Whole Body Imaging: http://epic.org/privacy/surveillance/spotlight/0605/

Facebook Group: Stop Airport Strip Searches: http://www.facebook.com/group.php?gid=179598280013

In a report to the Congress, the Justice Department revealed a substantial increase in the use of National Security Letters to acquire information on American citizens without court order. National Security Letters are an extraordinary search procedure which gives the FBI the power to compel the disclosure of customer records held by banks, telephone companies, Internet Service Providers, and others. These entities are prohibited, or "gagged," from telling anyone about their receipt of the NSL, which makes oversight difficult.

The report stated that during 2008, the Government made 2,082 applications to the Foreign Intelligence Surveillance Court for authority to conduct electronic surveillance and physical searches for foreign intelligence purposes. The applications include permission for electronic surveillance, physical searches or both. During the year, the FISC approved 2,083 applications. In 2008, the FBI issued 24,744 National Security Letters pertaining to 7,225 U.S. persons compared to 16,804 requests pertaining to 4,327 U.S. persons in 2007.

In March 2007 and in March 2008, the Inspector General released reports detailing FBI's use of NSLs. The findings indicated that the manner in which the FBI tracked NSLs resulted in inaccuracies in the statistics reported to Congress. The report indicated that in an effort to redress the deficiency, the FBI deployed the NSL subsystem of the FISA Management System in all FBI field offices which is a "web-enabled workflow manager that automatically tallies data points necessary for accurate and timely Congressional reporting."

The report also stated that the FBI issued "corrective NSLs" to provide legal authority to retain information it had previously received in response to "exigent letters". These notices were letters to communications service providers requesting production of toll or subscriber records with the statement that exigent circumstances existed and that legal process would follow. Additionally, the report also highlighted concerns that upon legal review of some so-called blanket NSLs, significant procedural and legal concerns were raised - none of the blanket NSLs were accompanied by the required internal security memorandum documenting the relevance of the information sought to a national security investigation and statistics not reported to Congress in 2007.

Previously, EPIC had written a letter to Senators Leahy and Specter asking the statute which enhanced National Security Letter authority be repealed. EPIC had uncovered evidence of past FBI misuse of Patriot Act powers under its Freedom of Information Act requests. Documents released to EPIC under the FOIA revealed forty-two cases in which the FBI's Office of General Counsel investigated alleged FBI misconduct during intelligence activities and found these matters serious enough to report them to the Intelligence Oversight Board. EPIC, in a letter to the Senate Committee on the Judiciary recommended that Congress hold hearings to assess the allegations of unlawful intelligence activities.

Report of Justice Department under FISA and USA PATRIOT Act: http://www.fas.org/irp/agency/doj/fisa/2008rept.pdf

A Review of the FBI's Use of National Security Letters - Office of the Inspector General, March 2008: http://www.usdoj.gov/oig/special/s0803b/final.pdf

A Review of the Federal Bureau of Investigation's Use of National Security Letters - Office of the Inspector General, March 2007: http://www.usdoj.gov/oig/special/s0703b/final.pdf

EPIC's letter to Senators Leahy and Specter: http://www.epic.org/privacy/pdf/nsl_letter.pdf

Letter from Electronic Privacy Information Center to the United States Senate Committee on the Judiciary: http://www.epic.org/privacy/surveillance/sen_iob_letter.pdf

EPIC's Page on Foreign Intelligence Surveillance Act: http://epic.org/privacy/terrorism/fisa/

EPIC's Page on National Security Letters: http://epic.org/privacy/nsl/default.html

EPIC's Page on Wiretapping: http://www.epic.org/privacy/wiretap/

US Justice Department: http://www.usdoj.gov

With the proposed slogan "Internet Governance ñ Creating Opportunities for All", the fourth annual meeting of the United Nations Internet Governance Forum will take place at Sharm el-Sheikh, Egypt on November 15-18, 2009.

The IGF was formed to support the United Nations Secretary-General in carrying out the mandate from the World Summit on the Information Society with regard to convening a new multi-stakeholder policy dialogue forum to discuss issues related to key elements of Internet governance. The IGF was established in July 2006 and since then three annual forums have been organized.

On May 14-15, 2009, the United Nations Multi-stakeholder Advisory Group to the Internet Governance Secretariat met in Geneva to discuss the preparation of the Sharm el-Sheikh meeting.

Comments on the Substantive Program Agenda were one of the main topics of discussion. "Internet governance ñ creating opportunities for all" was chosen as the overall title.

The proposed agenda for the 2009 meeting will be as follows:

- Managing critical Internet resources - Security, openness and privacy - Access and diversity - Internet governance in the light of WSIS principles - Emerging issues: Social Networks - Taking stock and the way forward ñ on the desirability of the continuation of the Forum.

Many members of civil society, who are part of the Multi-stakeholder Advisory Group to the Internet Governance Secretariat, proposed the inclusion of human rights and principles in the information society as an overall theme; however, this proposal did not reach consensus.

It is important to highlight that in December 2003, the final Declaration and Plan of Action of the World Summit of Information Society, incorporated references to the Universal Declaration of Human Rights as well as to the Vienna Declaration and the UN Charter. The document also included the full extent of Article 19 of the UDHR. This means that there might be a possibility to discuss those topics in the main session on "Internet governance in the light of WSIS principles."

For the first time, one of the main sessions will be "Security, Openness and Privacy," though the specific details of the panel are still unclear. Some clusters were identified, among others: "secure the network (e.g. to fight spam)." Issues to be discussed in this cluster might include the respect for privacy as a business advantage and issues such as identity theft, identity fraud, and information leakage. Another cluster includes "Web 2.0, social networks, cloud computing and privacy, e.g. control of one's own personal data and data retention." Some issues pertaining to openness were also addressed, including ensuring the open architecture of the Internet and Net Neutrality.

The last substantive session of the 2009 IGF meeting will be devoted to emerging issues. The impact of social networks was chosen as the theme for this session. It will be a forward-looking session with a focus on policy instead of technology. Hopefully, those sessions tackle one of the key privacy debates in social networks: Profiling and Behavioral Targeted Advertising.

In the 2007 IGF meeting, privacy was subsumed under the main session of "security" and other controversial topics including human rights were avoided.

In 2008, the right of privacy was discussed under the main title "Promoting cyber-security and trust," where two panels were held. The Chairman report of the second panel of this session "Fostering Security, Privacy and Openness," highlighted that "[t]he increased awareness of the importance of data protection was mentioned as regards not only the protection of the private sphere of individuals, but their very freedom." The first panel on the "Dimensions of Cyber-Security and Cyber-crime" addressed problems concerning jurisdiction and geographical boundaries that law enforcement agencies face because of the borderless nature of the Internet. However, the discussions did not address any public accountability measures to oversee the legality and limit the use of the surveillance in communications. There was no mention of the wiretapping abuses that have been revealed around the world, sometimes involving thousands of illegal wiretaps.

At the Human Right Caucus reported in 2003, "much of the [WSIS] Declaration focused on the creation of a "global culture of cyber- security". The Caucus said in 2003, "the discussion around security would have been enhanced by a clear understanding that true security can only be achieved by measures that are fully compatible with international human rights and particularly the right to privacy."

In 2010, the United Nations General Assembly will decide if it should extend the IGF's initial five-year mandate, based on a review of its work as well as its achievements.

Internet Governance Forum: http://www.intgovforum.org/

Submitted proposals for workshops sessions for the 2009 IGF meeting: http://epic.org/redirect/052609_IGF_2009_sub_proposals.html

The WSIS Declaration of Principles and Plan of Action: http://www.itu.int/wsis/

Summary Report of the Multistakeholder Advisory Group MeetingñMay 2009: http://www.intgovforum.org/cms/AGD/MAG.Summary.18.05.2009.rtf

IGF 2008 Chairman's Summary (pdf): http://epic.org/redirect/122208_IGF_Chairman.html

IGF "Promoting Cyber-Security and Trust" transcripts: http://www.intgovforum.org/cms/index.php/hyderabadprogramme

Comments on the Political Chapeau and the Operational Part Human Rights Caucus Contribution to the Work of the Group of the Friends of the Chair (March 4th, 2005): http://www.itu.int/wsis/docs2/pc3/contributions/co2.doc

The Public Voice: http://www.thepublicvoice.org

The White House is seeking public comments on the open government proposal. President Obama, on the second day in office, had issued a memorandum promoting Transparency and Open Government in his Administration. The memorandum directed the Chief Technology Officer, the Office of Management and Budget, and the General Services Administration to develop a set of recommendations that will inform an Open Government Directive.

The memorandum had declared that Governments should be transparent as it promoted accountability and provided information for citizens about what their Government was doing. Promoting a participatory and collaborative Government, President Obama wanted his Executive departments and agencies in his administration to offer Americans increased opportunities to participate in policymaking and to provide their Government with the benefits of their collective expertise and information. The President's Executive orders also included active collaboration that engages citizens in the work of their Government, innovation and public feedback as the bedrock of the new administration.

Following the earlier memorandum and executive orders, members of the public are now invited to participate in the process of developing recommendations via email or the White House website offering comments, ideas, and proposals about possible initiatives and about how to increase openness and transparency in government. Comments on open government may relate to government-wide or agency-specific policy, project ideas, and relevant examples. The public inputs may address topics on law, policy, technology, culture, and practice on issues and the final feedback must be received by June 19, 2009. The first stage involves an online brainstorming session to enable the White House to receive the most important ideas relating to open government. This stage of the session is open until May 28, 2009.

In another memorandum, President Obama had also declared that Freedom of Information should be administered with a clear presumption of openness. In response to FOIA requests, executive branch agencies should act promptly and in a spirit of cooperation, recognizing that such agencies are servants of the public. Reiterating that transparency promotes accountability and information maintained by the Federal Government is a national asset, President Obama also declared that all agencies should bring in a culture of open Government.

EPIC has submitted comments on numerous issues to various agencies, submitted several FOIA requests to ensure government transparency and accountability, and has been invited several times to testify at Congressional hearings due to its knowledge and expertise on matters relating to privacy and civil liberties. EPIC has also published the FOIA Manual, "Litigation Under the Federal Open Government Laws," in 2008.

Open Government Initiative: http://www.whitehouse.gov/open

Open Government Dialogue: http://opengov.ideascale.com/

Executive Office of the President, Office of Science and Technology Policy, May 21, 2009: http://edocket.access.gpo.gov/2009/pdf/E9-12026.pdf

Memorandum of January 21, 2009 - Transparency and Open Government: http://edocket.access.gpo.gov/2009/pdf/E9-1777.pdf

Memorandum of January 21, 2009 - Freedom of Information Act: http://edocket.access.gpo.gov/2009/pdf/E9-1773.pdf

EPIC - Open Government: http://epic.org/open_gov/

Freedom of Information Act Gallery: http://www.epic.org/open_gov/foiagallery/

EPIC's FOIA Litigation Docket: http://epic.org/privacy/litigation/

EPIC's Open Government Manual: http://epic.org/bookstore/foia2008/

The European Commission announced recommendations on the implementation of privacy and data protection safeguards in applications supported by radio-frequency identification. These RFID applications are capable of transferring personal data remotely between an embedded tag within an ID card or product and a reader. Many privacy concerns have been raised. Using such cards, it is possible to track movements and collect data on products purchased.

The recommendation took notice of the increasing use of RFID in everyday life, the ability to process information over short distances without physical contact or visible interaction, and the potential to monitor individuals through their possession of one or more items that contain an RFID item number. The Commission recognized the need for ensuring effective measures to safeguard personal data, privacy and associated ethical principles.

Directives 95/46/EC and Directive 2002/58/EC of the European Parliament prescribes the rights and obligations concerning the protection of individuals with regard to processing of personal data and the free flow of this data. The recommendations reaffirmed these privacy rights and obligations and held them fully applicable to the use of RFID applications that process personal data.

The EU recommendations attempts to supply guidance to Member States on the design and operation of RFID in a "lawful, ethical, and socially and politically acceptable way," respecting the right to privacy and ensuring protection of personal data. The set of rules provide guidance on measures to be taken for the deployment of RFID applications to ensure that national legislation implementing Directives 95/46/EC, 99/5/EC and 2002/58/EC is, where applicable, respected when such applications are deployed.

The guidance directs Member States to ensure that industry, in collaboration with civil society stakeholders, develops a framework for privacy and data protection impact assessments. Such framework should be submitted for endorsement to the Article 29 Data Protection Working Party within 12 months. The notification also directs Member States to support the Commission in identifying application that may raise information security threats with implications for the general public and ensure that operators develop and publish a policy for each of their applications.

Recommendations to operators include informing individuals of the presence of tags that are placed on or embedded in products, determine if tags embedded in products sold constitute a likely threat to privacy or the protection of personal data and perform deactivation of tags as necessary. Both Member States as well as the industry are asked to inform and raise awareness of potential benefits and risks associated with the use of RFID technology; apply risk minimization techniques; and stimulate and support the introduction of "security and privacy by design" principle at an early stage in the development of RFID applications.

In America, EPIC has urged strong consumer protections for RFID before the Alaska and New Hampshire state legislatures, and the Federal Trade Commission. EPIC also submitted comments to DHS on the use of RFID embedded passports and urged the agency to abandon the use of such technology in passports because of significant security and privacy issues after obtaining reports showing government testing of the RFID- enabled passports uncovered many problems with the program.

Radio Frequency IDentification and the Internet of Things: http://ec.europa.eu/information_society/policy/rfid/index_en.htm

Commission Recommendation: http://epic.org/redirect/052609_RFID_EU_Recco.html

Radio-Frequency Identification: http://en.wikipedia.org/wiki/RFID

Citizens' Summary: http://epic.org/redirect/052609_RFID_EU_CitizenSummary.html

EPIC's Testimony before Alaska Legislature: http://www.epic.org/privacy/rfid/ngo_test_031708.pdf

EPIC's Testimony before New Hampshire Legislature: http://epic.org/privacy/rfid/epic_clegg_hb686.pdf

EPIC - Guidelines on Commercial Use of RFID Technology: http://www.epic.org/privacy/rfid/rfid_gdlnes-070904.pdf

EPIC's Page on Radio Frequency Identification (RFID) Systems: http://epic.org/privacy/rfid/

EPIC's comments on RFID use on Western Hemisphere Travel Initiative: http://epic.org/privacy/rfid/whti_080107.pdf

DHS WHTI Final Rule: http://www.dhs.gov/xlibrary/assets/whti_landseafinalrule.pdf

DHS Secretary Testifies Before Senate Committee on the Judiciary

DHS Secretary Janet Napolitano testified before the Senate Committee on the Judiciary. While discussing several issues facing DHS, Napolitano stated that DHS was strengthening the E-Verify program and its growth was continuing with an average of 1,000 employers signing-up each week. She further stated that E-Verify was continuously improving its accuracy with 96 percent of all cases queried found to be employment authorized. EPIC has noted that E-Verify could deny many eligible individuals the opportunity to work, and is ineffective as a solution to U.S. immigration problems. Last year, EPIC had filed a Freedom of Information request with the DHS seeking documents concerning promotion of E-Verify. The DHS Secretary also commented on a various issues involving travel through secure identification, and the use of Real-ID.

Testimony of DHS Secretary Janet Napolitano: http://epic.org/redirect/052609_Napolitano_Senate_JudCom.html

Statement of Senator Patrick Leahy: http://epic.org/redirect/052609_Leahy_Napolitano_Testify.html

DHS E-Verify program: http://www.dhs.gov/e-verify

Spotlight on Surveillance- E-Verify System: http://epic.org/privacy/surveillance/spotlight/0707/default.html

EPIC's Page on Air Travel Privacy: http://epic.org/privacy/airtravel/

Enhanced Drivers Licenses: What Are They?: http://www.dhs.gov/xtrvlsec/crossingborders/gc_1197575704846.shtm

National ID Cards and REAL ID Act: http://epic.org/privacy/id-cards/

Profile of Janet Napolitano: http://www.dhs.gov/xabout/structure/gc_1232568253959.shtm

Bill Introduced to Restore Privacy Rights

Rep. Carol Shea-Porter (D-N.H.) introduced a bill which attempts to restore privacy rights under the Family and Medical Leave Act. The previous law allowed an employer to directly contact an employee's medical provider. The new law prevents such direct contact. Instead, now, other employer representatives may contact the employee's health care provider to confirm eligibility for Family and Medical Leave. The bill has been referred to the Committee on Education and Labor, and in addition to the Committees on Oversight and Government Reform, and House Administration.

H.R. 2161 - Family and Medical Leave Act of 1993 Amendments: http://thomas.loc.gov/cgi-bin/bdquery/z?d111:h.r.02161:

Family and Medical Leave Restoration Act (Introduced in House): http://thomas.loc.gov/cgi-bin/query/z?c111:H.R.2161:

Family and Medical Leave Act: http://www.dol.gov/esa/whd/fmla/

Family and Medical Leave Act of 1993 (29 U.S.C. 2611 et seq.): http://law.onecle.com/uscode/29/2611.html

EPIC's Bill Track Page (111th Congress): http://epic.org/privacy/bill_track-111.html

EPIC's Page on Medical Privacy: http://epic.org/privacy/medical

New Red Flags Rule Guidance for Low Risk Creditors

The Federal Trade Commission issued a guidance for small businesses about complying with the new identity theft Red Flags Rule. The guidance applies to businesses which may be termed "creditors" within the definition of the rule, but have a low risk of identity theft. The rule sets out how businesses and organizations must develop, implement, and administer their Identity Theft Prevention Programs. The Rule requires a business to conduct a periodic risk assessment to determine if there are "covered accounts" and then implement a written program. Covered accounts are described as any account that a financial institution or creditor offers or maintains for which there is a reasonably foreseeable risk to customers or to the safety and soundness of the financial institution or creditor from identity theft, including financial, operational, compliance, reputation, or litigation risks.

Fighting Fraud With the Red Flags Rule: http://www.ftc.gov/bcp/edu/pubs/business/idtheft/bus23.pdf

Federal Register Notice Issuing "Red Flags" ID Theft Rules: http://ftc.gov/os/fedreg/2007/november/071109redflags.pdf

Agencies Issue Final Rules on Identity Theft Red Flags, October 31, 2007: http://ftc.gov/opa/2007/10/redflag.shtm

EPIC's Page on Identity Theft: http://epic.org/privacy/idtheft

Wireless Association Urges Federal Agency to Help Combat Mobile Spam

The Wireless Association has urged the Federal Communications Commission to work with wireless carriers to increase enforcement efforts against third parties sending unsolicited commercial messages to wireless customers. Highlighting existing mechanisms which protect consumers from unsolicited commercial calls and messages, the association demanded more aggressive investigation and prosecution of erring companies in order to deter the growth of fraudulent and oppressive third party conduct and for meaningful FCC enforcement under the Communications Act. Previously, EPIC had submitted comments to the FCC regarding unwanted mobile service commercial messages and the CAN-SPAM Act.

Letter to the Federal Communications Commission: http://epic.org/redirect/052609_CTIA_letter_FCC.html

Report on Informal Consumer Inquiries and Complaints Released: http://epic.org/privacy/telemarketing/wsspamcomm4.30.04.html

Section 501 under the Communications Act (47 U.S.C. 503) http://law.onecle.com/uscode/47/503.html

EPIC's Comments to the FCC: http://epic.org/privacy/telemarketing/wsspamcomm4.30.04.html

EU Group Updates FAQs on Binding Corporate Rules

The European Article 29 Working Group has revised its Frequently Answered Questions to the Binding Corporate Rules. BCRs are a legal means for providing adequate protection to personal data which is covered by Directive 95/46/EC and transferred out of the European Union to countries that are not considered to provide an adequate level of protection. This new revision clarifies that compliance with binding corporate rules is not a substitute for complying with EEA national data protection laws, applying to the processing of personal data in EEA Member States. The new guidance also states that "where data subjects can demonstrate that they have suffered damage and establish facts which show it is likely that the damage has occurred because of the breach of BCR, it will be for the member of the group in Europe that accepted liability to prove that the member of the corporate group outside of Europe was not responsible for the breach of the BCR giving rise to those damages or that no such breach took place."

Art.29 Data Protection Working Party: http://epic.org/redirect/040109_A29WP.html

FAQs on Binding Corporate Rules (BCR): http://epic.org/redirect/052609_BCR_FAQ_WP155_Rev4.html

Working Document on Frequently Asked Questions (FAQs) related to Binding Corporate Rules: http://epic.org/redirect/022309_BCR_framework.html

Privacy & Human Rights (2006): http://epic.org/phr06/

Spanish Data Protection Authority Publishes Social Network Privacy Study

The National Institute of Communication Technology and the Spanish Data Protection Authority released the report "Privacy of personal data and the security of the information in online social networks." The publication studied the most relevant legal aspects of privacy in social networks and made recommendations directed to the business sector, the social network operators, the internet service providers, the security providers, the users and the public administration. The report analyses the legal framework of social networks in order to determine the obligations and responsibilities of the social networks operators in Spain. The studies also made an analysis of the privacy and security challenges of the protection of the users' personal information with special focus on children's personal data.

Estudio AEPD - INTECO sobre riesgos para la privacidad y seguridad en redes sociales (Risks to Privacy and Social Networks Security: http://epic.org/redirect/052609_SpanishDPA_PrivSocNetSec.html

EPIC - Social Networking Web Sites http://epic.org/privacy/socialnet/default.html

EPIC - Facebook Privacy Page http://epic.org/privacy/facebook/default.html

"Moyers on Democracy" by Bill Moyers http://www.amazon.com/gp/product/0385523807?tag=e03a6-20

When journalist and former White House Press Secretary, Bill Moyers, published his notions on democracy, one is justified in expecting a memoir laced with personal experiences and a sense of wisdom. "Moyers on democracy" certainly does deliver. And perhaps exceeds. In what could have been a blueprint for Barack Obama's presidential campaign speeches, but probably wasn't, this narrative was published a few years ago, and while some of the facts may have lost their lustre, their purport certainly has not.

Having been well-versed in the power maneuvres of Washington, Moyers was intimately familiar with the political chicaneries of megalomaniacal charlatans attempting to remain in power at all costs. And just as true as absolute power that corrupts absolutely, Moyers saw the high ideals of people power being subverted into an oligarchy that failed to transcend political lobbying and ran reverse to social welfare.

Throughout the book, Moyers journeys through the annals of history of American politics and draws out the history and its teachings. Having worked within "the system," Moyers attempts to convey the true meaning of democracy not only in letter, but also in spirit and affirms "why politics should be everyone's business."

Bill Moyers does not hestitate to call a spade, a spade. Terming politics as an arms race today, with money doing to work of missiles, he is as vitriolic in his statements as he is passionate in the arguments against those who corrupted the true meaning to democracy. Having been exposed to abysmal realities from the Capitol and the idea that the greed for power is good, Moyers chastises the public for being "institutionalised and locked in separate realities; parochial loyalties and fixed opinions." The former White House Press Secretary urges the people to escape the bonds and pursue "a life of free and enriching communion." He valiantly exhorts his readers to change the rules of what has become the "cynical acceptance of falsehood as a way of government and as a way of life."

Apart from being a commentary, this book can also be considered a manual for journalists which might enable them to ask the right questions that connect the dots between "we the people" and "of the people, by the people, for the people." Moyer calls journalism "a job of trying to tell the truth about people whose job it is to hide the truth [and] is as complicated and difficult as trying to hide it in the first place."

Looking from his viewpoint of witnessing the crumbling citadels of democracy and a perverted sense of polity, Moyers conveys a sense of helplessness in being part of the generation that could not pass on the baton of good governance to the next. However, what he does convey are his best wishes, the power of belief in the "struggle", and that "hope" was a state of mind independent of the state of the nation.

-- Anirban Sen

"Litigation Under the Federal Open Government Laws 2008," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, and Mark S. Zaid (EPIC 2008). Price: $60.

http://epic.org/bookstore/foia2008/

Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding the substantial FOIA amendments enacted on December 31, 2007. Many of the recent amendments are effective as of December 31, 2008. The standard reference work includes in-depth analysis of litigation under Freedom of Information Act, Privacy Act, Federal Advisory Committee Act, Government in the Sunshine Act. The fully updated 2008 volume is the 24th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years.

"Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.

http://www.epic.org/redirect/aspen_ipl_casebook.html

This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law.

"Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75.
http://www.epic.org/phr06/

This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published.

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40.

http://www.epic.org/bookstore/pvsourcebook

This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process.

"The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40.

http://www.epic.org/bookstore/pls2004/

The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act.

"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20.

http://www.epic.org/bookstore/filters2.0

A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression.

EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at:

EPIC Bookstore
http://www.epic.org/bookstore

"EPIC Bookshelf" at Powell's Books
http://www.powells.com/bookshelf/epicorg.html

EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act.

Subscribe to EPIC FOIA Notes at: https:/mailman.epic.org/mailman/listinfo/foia_notes

Computers, Freedom, and Privacy, 19th Annual Conference, Washington, D.C., June 1-4, 2009. For more information,
http://www.cfp2009.org/wiki/index.php/Main_Page

http://www.facebook.com/event.php?eid=96415848361

EPIC 15th Anniversary Dinner and the EPIC Champion of Freedom Awards, Cosmos Club, Washington, DC, June 9, 2009. For invitation, see
http://www.epic.org/epic15/invite.pdf. Register at
http://epic.org/register

IAPP - Practical Privacy Series - "Data Breach," "Data Governance,", "Human Resources," and "Information Security and Privacy." Network Meeting Center at Techmart, Santa Clara, CA. June 17-18, For more information, https://www.privacyassociation.org/index.php

"The Transformation of Privacy Policy," Institutions, Markets Technology Institute for Advanced Studies (IMT)Lucca, Italy, July 2-4, 2009.

Engaging Data: First International Forum on the Application and Management of Personal Electronic Information hosted by SENSEable City Lab, Massachusetts Institute of Technology. For more information,
http://senseable.mit.edu/engagingdata

Join the Electronic Privacy Information Center on Facebook
http://epic.org/facebook

Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC.

The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information."

The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax).

If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at:

http://www.epic.org/donate

Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers.

Thank you for your support.

Subscribe/unsubscribe via web interface:
http://mailman.epic.org/mailman/listinfo/epic_news

Back issues are available at:
http://www.epic.org/alert

The EPIC Alert displays best in a fixed-width font, such as Courier.

.