EPIC Alert 16.22
E P I C A l e r t
Volume 16.22 November 23, 2009
Published by the Electronic Privacy Information Center (EPIC)
Washington, D.C.
http://www.epic.org/alert/epic_alert_1622.html
"Defend Privacy. Support EPIC." http://epic.org/donate
Table of Contents
[1] Internet Governance Forum Meets in Egypt
[2] EPIC Urges Smart Grid Privacy
[3] EPIC Sues Department of Homeland Security over Imaging Technology
[4] European and United States Officials Examine Cross Border Privacy
[5] Revised Google Books Settlement Released
[6] News in Brief
[7] EPIC Bookstore: "Protectors of Privacy"
[8] Upcoming Conferences and Events - Join EPIC on Facebook http://facebook.com/epicprivacy - Privacy Policy - About EPIC - Donate to EPIC http://epic.org/donate - Subscription Information
[1] Internet Governance Forum Meets in Egypt
The Internet Governance Forum (IGF) had its fourth annual meeting this month in Sharm El Sheikh, Egypt. The meeting brought together technology, privacy, and security experts from all over the world, including multiple members of EPIC's advisory board. The three-day conference included a number of panels and workshops on privacy issues, as part of a complete look at the future of the internet.
The IGF conference workshops were organized into the categories of Access, Critical Internet Resources, Diversity, Openness, Security, Capacity Building, and Development, and nearly every category included workshops addressing privacy. Some of the key privacy topics addressed were balancing freedom of expression and privacy; content regulation, surveillance, and sexuality rights; openness and online behavioral targeting advertising; privacy and security; social networking; cloud computing; and policy implications of the IPv6 transition.
EPIC Executive Director Marc Rotenberg served as moderator for the plenary session on security, openness, and privacy, and spoke in a workshop titled "Four Sisters--Information Security, Data Protection, and Electronic Governance." EPIC Advisory Board members Bruce Schneier and Simon Davies also attended and spoke in a workshop titled "Security, Openness, and Privacy," and Advisory Board members Rebecca Mackinnon and Vinton G. Cerf also participated in the conference.
EPIC Public Voice Coordinator Katitza Rodriguez was a key organizer for the IGF. Katitza serves as a member of the Multistaker Advisory Group (MAG), established by the the Secretary-General of the United Nations. Its purpose is to assist the Secretary General in convening the Internet Governance Forums. The MAG comprises of Members from governments, the private sector and civil society, including representatives from the academic and technical communities.
The forum succeeded in its goal of being a platform that brings together experts to discuss issues, exchange information, and share best practices. Next year's IGF meeting will be in Vilnius, Lithuania.
Internet Governance Forum: http://www.intgovforum.org/
IGF: Chairman's Summary, 2009 Meeting: http://www.epic.org/redirect/112209chairmansumm.html
The Public Voice - Privacy & Security Implications of Cloud Computing: http://thepublicvoice.org/events/egypt09/
EPIC: Cloud Computing: http://epic.org/privacy/cloudcomputing/
Internet Governance Caucus, MAG Nominations: http://www.igcaucus.org/mag-nominations
Katitza Rodriguez at the May 2009 MAG Meeting (YouTube): http://www.youtube.com/watch?v=4q76hpA6PmU
[2] EPIC Urges Smart Grid Privacy
On November 10, EPIC filed comments with the National Institute of Standards and Technology (NIST), urging the agency to implement robust privacy protections in the Smart Grid. NIST had requested comments on their draft framework and roadmap for Smart Grid standards on October 29, 2009.
The Smart Grid refers to a host of technologies that will modernize the existing electrical grid. The proposed grid will allow unprecedented communication between American energy providers and energy consumers, permitting the bi-directional flow of both information and electricity. Ideally, the Smart Grid will enable more efficient delivery of electricity and will allow consumers to make more informed energy use decisions.
The Smart Grid will also dramatically transform the ability of providers of power services in the United States to track the activities of consumers. For instance, the Smart Grid proposes to coordinate power supply with users' past usage patterns. However, the electrical usage patterns could reveal intimate, personal details about users' lives, such as their medical needs, interactions with others, and personal habits.
EPIC also warned that the Smart Grid could be used to track specific appliance usage, which could also reveal sensitive personal information. The availability of Smart Grid data also increases the danger of physical harm from, for example, burglars, stalkers, or other criminals. For instance, burglars could examine electricity usage data in order to determine times when a particular house is vacant, or in order to determine how many occupants it has. Similarly, stalkers or domestic abusers could use the data in order to track a victim's activity.
The Smart Grid also increases the risk of identity theft, as any personally identifiable information in the data could be intercepted and misused. Alternatively, identity thieves could use PII obtained elsewhere to impersonate utility customers, which poses the risk of fraudulent utility use and potential impact on credit reports Because of the privacy implications of the Smart Grid, EPIC urged NIST to establish comprehensive privacy regulations that limit the collection and use of consumer data.
EPIC Comments: http://epic.org/privacy/smartgrid/EPIC%20Smart%20Grid%20Comments.pdf
NIST Framework and Roadmap for Smart Grid Interoperability Standards Release 1.0 (Draft): http://www.epic.org/redirect/112209nistframewkrdmp.html
EPIC: Smart Grid and Privacy: http://epic.org/privacy/smartgrid/smartgrid.html/
NIST Homepage: http://www.nist.gov/index.html
Privacy By Design: The Smart Grid: http://www.ipc.on.ca/images/Resources/pbd-smartpriv-smartgrid.pdf
[3] EPIC Sues Department of Homeland Security over Imaging Technology
On November 5, 2009, EPIC filed suit against the Department of Homeland Security (DHS) regarding an unanswered Freedom of Information Act request. On April 14, 2009, EPIC had mailed a request to DHS for records regarding the privacy protection capabilities of whole body imaging technology. The agency never responded substantively to EPIC's request. EPIC later filed an appeal, challenging the agency's lack of response. Again, the agency failed to comply with its legal obligations to disclose the records sought by EPIC.
Whole body imaging technology was originally introduced in 2007, when the Transportation Security Administration (TSA), a component of DHS, began testing the imaging technology to screen travelers. These machines produced detailed, three-dimensional images of individuals' naked bodies and are being used at airport security checkpoints, court houses, and correctional facilities.
While TSA originally provided assurances that the technology would not be mandatory for passengers and would include a privacy algorithm that blurred faces, the agency later withdrew these assurances. In February 2009, TSA announced that it would require passengers at six airports to submit to whole body imaging in place of the standard metal detector search. In April 2009, the agency announced plans to expand the mandatory use of body imaging to all U.S. Airports.
This means that Whole Body Imaging devices will replace metal detectors at the primary screening devices in US airports. As a consequence, the TSA could obtain naked pictures of every airline passenger, including children, who travel from a US airport.
In response to TSA's expansion of the program, the U.S. House of Representatives passed H.R. 2200, a bill that would limit the use of whole body imaging systems at airports. The measure is still pending in the Senate.
EPIC's Complaint: http://epic.org/privacy/airtravel/backscatter/Complaint_110309.pdf
EPIC: Whole Body Imaging: http://epic.org/privacy/airtravel/backscatter/
TSA: Whole Body Imaging: http://www.tsa.gov/approach/tech/imaging_technology.shtm
H.R. 2200: http://www.epic.org/redirect/112209hr2200.html
Privacy Coalition Letter Regarding Whole Body Imaging: http://www.epic.org/redirect/112209dhswbiletter.html
DHS Response to Privacy Coalition Letter: http://privacycoalition.org/dhs-reply-wbi_ltr.pdf
[4] European and United States Officials Examine Cross Border Privacy
European and American officials, as well as corporate privacy professionals and privacy advocates, met for a three-day conference recently on cross-border data flows and privacy. The conference was organized by the U.S. Department of Commerce, with the participation and cooperation of the European Commission and the Article 29 Working Party on Data Protection. It was held from November 16th to 18th at the International Trade Center in Washington, D.C.
The conference was the fourth annual meeting to review progress on the US-EU Safe Harbor Framework, which was implemented in 2005. The Safe Harbor allows U.S. companies to engage in data transfers out of EU member states without prior approval, in spite of U.S. data protection laws failing to meet the requirements of the EU's 1998 Data Protection Directive.
Panels were held on a number of topics with panelists from a variety of backgrounds. Several panels on the Safe Harbor itself included speakers from U.S. law firms, the U.S. Federal Trade Commission, the Article 29 Working Party, and others. Other panels addressed such issues as security, privacy by design, social networking, and privacy protection in cases of pandemic response.
EPIC Executive Director, Marc Rotenberg, participated in a panel on behavioral advertising, data protection, and privacy, alongside panelists from advertising companies and the FTC.
Across the Divide: Successfully Navigating Safe Harbor: http://www.regonline.com/builder/site/Default.aspx?eventid=765010
International Trade Administration: Safe Harbor: http://www.export.gov/safeharbor/
EPIC: Federal Trade Commission: http://epic.org/privacy/internet/ftc/
[5] Revised Google Books Settlement Released
On November 14, the parties in the Google Books Settlement filed an amended settlement in federal court. The revised settlement makes several changes to the original settlement. It removes several foreign rights holders from the settlement class, so that only rights holders in the United States, the United Kingdom, Canada, and Australia remain. It also attempts to address concerns about “orphan books,” or books whose rights holders cannot be readily found through a reasonably diligent search, by calling for the appointment of a trustee to represent their rights.
The revised settlement also addresses antitrust concerns, dropping the clause that forbade the Book Rights Registry from offering Google's competitors a more favorable deal than the one Google received from the Association of American Publishers and the Authors Guild. The Department of Justice, authors, EPIC and other privacy advocates criticized the original settlement.
EPIC argued that the settlement would create a single digital library, operated by Google, but failed to limit Google's use of the personal information collected. In a motion to intervene in the settlement EPIC argued that it “mandates the collection of the most intimate personal information, threatens well-established standards that safeguard intellectual freedom, and imperils longstanding Constitutional rights, including the right to read anonymously.” EPIC also warned that the original deal threatened “to eviscerate state library privacy laws that safeguard library patrons in the United States."
Similarly, FTC Chairman John Liebowitz called attention to privacy concerns and the vast amount of consumer information that could be collected under the original settlement. The Chairman expressed the Commission's commitment to evaluating the privacy issues presented by Google Books, a sentiment that was echoed by Commissioner Pamela Jones Harbour in her statement. In a separate letter, FTC Consumer Protection Director David C. Vladeck urged Google to address consumer privacy concerns and to limit the secondary use of user data.
However, the revised settlement does little to address privacy and does not fix the lack of user privacy protections. Professor Pamela Samuelson of the University of California, Berkeley stated that “[t]here are dozens of provisions in the settlement agreement that call for monitoring of what users do with books and essentially no privacy protections built into the settlement agreement.”
Amended settlement agreement:
http://www.epic.org/redirect/112209gbsettrev.html
Pamela Samuelson, “New Google Book Settlement Aims Only to Placate Governments,” Huffington Post, November 17, 2009: http://www.epic.org/redirect/112209Samuelson.html
EPIC's Objections to the Original Settlement: http://epic.org/privacy/googlebooks/EPIC_Brief-GBS.pdf
DOJ's Statement Regarding the Original Settlement: http://thepublicindex.org/docs/letters/usa.pdf
FTC''s Statements Regarding the Original Settlement: http://www.ftc.gov/os/closings/090903leibowitzstatement.pdf http://www.ftc.gov/os/closings/090903harbourthstatement.pdf http://www.ftc.gov/os/closings/090903horvathletter.pdf
Authors' Objections to the Original Settlement:
http://www.eff.org/files/filenode/authorsguild_v_google/File Stamped Brf.pdf
Other Privacy Advocates Objections to the Original Settlement: http://www.epic.org/redirect/112209gbobjections.html
EPIC: Google Books Settlement and Privacy: http://epic.org/privacy/googlebooks/
EPIC: Google Books Litigation: http://epic.org/privacy/googlebooks/litigation.html
EPIC: Google Books: Policy Without Privacy: http://epic.org/privacy/googlebooks/policy.html
[6] News in Brief
EPIC Complete's Takoma Park Election Manual Ballot Audit
EPIC completed the final phase of the manual ballot audit of the Takoma Park, Maryland November 3, 2009 election. The manual audit completed the oversight requirements imposed by the City of Takoma Park for the Scantegrity voting system used by the city for its recent elections. This was the first public election in the United States to deploy the Scantegrity voting system. Over 1600 votes cast ballots in the election to elect their mayor and fill ward council positions.
EPIC Audit of Takoma Park Municipal Election November 3, 2009: takoma_park_audit.pdf
Scantagrity: http://www.scantegrity.org/
Links: Takoma Park Election’s Office: http://www.takomaparkmd.gov/clerk/election/2009/index.html
Takoma Ballot verification Web page: http://scantegrity.org/takoma/checkcodes
EPIC’s Voting Privacy Page: http://epic.org/privacy/voting/
President Obama Nominates Brill and Ramirez for FTC
On November 17, 2009, President Obama nominated Julie Brill and Edith Ramirez to be commissioners of the Federal Trade Commission. Brill, North Carolina's top consumer advocate, serves as the senior deputy attorney general and chief of consumer protection and antitrust for the North Carolina Department of Justice. Ramirez, who specializes in intellectual property and complex litigation matters, is a partner in a Los Angeles, California law firm and has experience representing companies such as Mattel, Inc. and Northrop Grumman Corp. In a press release, President Obama stated, “These individuals bring a depth of experience to their respective roles, and I am confident they will serve my administration and the American people well. I look forward to working with them in the months and years ahead.”
Federal Trade Commission: http://www.ftc.gov/commissioners/index.shtml
EPIC: Federal Trade Commission: http://epic.org/privacy/internet/ftc/.
Brill Biography: http://www.law.columbia.edu/fac/Julie_Brill.
Ramirez Biography: http://www.quinnemanuel.com/attorneys/ramirez-edith.aspx.
White House Nominations Press Release: http://www.epic.org/redirect/112209whitehouseprelease.html
Investigating Congressional Committee Acknowledges Privacy Coalition Letter
House Homeland Security Committee Chairman Bennie Thompson has responded to the Privacy Coalition letter regarding the Chief Privacy Officer of the Department of Homeland Security. Chairman Thompson said that "the Committee is in the process of reviewing the programs outlined" in the letter, and thanked the Coalition for bringing the issues to the attention of the committee. He further stated that the Committee "will continue to examine the Department's programs and policies and vigorously address privacy concerns and issues."
Letter from Chairman Thompson: http://epic.org/open_gov/homeland/HLS_Comm_Reply.pdf
Privacy Coalition - Letter to Chairman Thompson: http://epic.org/security/DHS_CPO_Priv_Coal_Letter.pdf
EPIC: DHS Privacy Office: http://epic.org/privacy/dhs-cpo.html
Privacy Coalition: http://privacycoalition.org/
Privacy Coalition Writes Letter Re: Fordham Child Privacy Study
A Fordham Law School study found that state educational databases across the country ignore key privacy protections for the nation's school children. The study reports that at least 32% of states warehouse children's social security numbers; at least 22% of states record student pregnancies; and at least 46% of the states track mental health, illness, and jail sentences as part of the children's educational records. Some states outsource the data processing without any restrictions on use or confidentiality for children's information. Access to this information and the disclosure of personal data may occur for decades and follow children well into their adult lives. These findings come as Congress is considering the Student Aid and Financial Responsibility Act, which would expand and integrate the 43 existing state databases without taking into account the critical privacy failures in the states' electronic warehouses of children's information.
Study Website: http://law.fordham.edu/childrensprivacy
Fordham Law School, Center on Law and Information Policy: http://www.epic.org/redirect/110609fordhamstudy.html
Student Aid and Financial Responsibility Act: http://www.epic.org/redirect/110609studentaidact.html
EPIC: Children's Online Privacy Protection Act: http://epic.org/privacy/kids/
EPIC: DOD Recruiting Database: http://epic.org/privacy/student/doddatabase.html
Demand Your dotRights Campaign Goes Public
The ACLU of Northern California launched a new privacy campaign called “Demand Your dotRights.” The campaign is intended to call attention to the trail of digital information that is left by online activity. It “provides a behind-the-scenes look at everything from social networking, to photo sites, to search engines,” and educates individuals on how they can regain control over their personal information. The campaign also urges businesses and lawmakers to do more to protect privacy.
Demand Your dotRights campaign website: http://www.dotrights.org/home
ACLU of Northern California announcement: http://www.epic.org/redirect/112209acluannouncement.html
EPIC: Facebook Privacy: http://epic.org/privacy/facebook
EPIC: Search Engine Privacy: http://epic.org/privacy/search_engine
Facebook Releases Revised Privacy Policy
On November 17, 2009, Facebook unveiled its new privacy policy. The new policy was announced after the social network site completed a weeklong comment period. Facebooks said that new policy was designed to be more easy to understand, and includes plain language and a simpler structure. The company has also announced plans to add definitions of key terms, screen shots of important pages and informational "learn more" videos. However, the policy is problematic because it continues to allow the disclosure of user information to third parties, including "other companies, lawyers, courts or other government entities", in a broad array of circumstances and relieves Facebook of any responsibility for third party applications that "violate [Facebook's] rules."
Facebook: Privacy Policy: http://www.facebook.com/policy.php
EPIC: Social Networking Privacy: http://epic.org/privacy/socialnet/
Facebook Blog: New Privacy Policy Adopted: http://blog.facebook.com/blog.php?post=181160577130
D.C. Circuit Hears Argument in Warrantless GPS Tracking Case
On November 17, 2009, the D.C. Circuit heard oral argument in United States v. Jones, a case addressing the legality of warrantless GPS tracking by the government. In the case, FBI agents attached a GPS tracker to the appellant’s car while the car was on private property. The device transmitted the position of the car every ten seconds, allowing the FBI to track its position for a full month, all without a warrant. In a similar case, Commonwealth v. Connolly, EPIC filed a “friend-of-the-court” brief with the Massachusetts Supreme Judicial Court, urging it to require police to obtain a warrant before engaging in GPS tracking. That court held not only that police were required to obtain a warrant, but also mandated that such warrants must expire after fifteen days.
Electronic Frontier Foundation: U.S. v. Jones: http://www.eff.org/cases/us-v-jones
New York Times: Editorial: GPS and Privacy Rights: http://www.nytimes.com/2009/11/23/opinion/23mon3.html
EPIC: Commonwealth v. Connolly: http://epic.org/privacy/connolly/
EPIC: Commonwealth v. Connolly Amicus Brief: http://epic.org/privacy/connolly/042009amicus.pdf
[7] EPIC Bookstore: "Protectors of Privacy"
Protectors of Privacy: Regulating Personal Data in the Global Economy By Abraham L. Newman Available at:
http://www.epic.org/redirect/112209bookreview.html
“You have zero privacy anyway. Get over it.” - Scott McNealy, CEO of Sun Microsystems
“Everyone has the right to the protection of personal data concerning him or her.” - Article 8-1, Charter of Fundamental Rights of the European Union
In Protectors of Privacy: Regulating Personal Data in a Global Economy, Professor Abraham Newman compares the attitudes and approaches of The United States and the European Union with respect to privacy in the computer age. Newman argues that, while the United States surpasses other countries in terms of technological advancements, the European Union has much more comprehensive data privacy protection, which has shown to be more effective than the United States' self-regulatory approach.
Newman opens the book with a description of the security issues that face consumers across the globe today. The problems center on data retention by governments, corporations, and private firms: “In 2004, Wal-Mart alone stored more than 460 terabytes of consumer information. ..[and one study] estimates that four federal agencies alone purchased $30 million in personal information from [data mining] firms in 2005.” With so much information stored in these databases, personal information is left exposed, vulnerable to security breaches and general misuse. The United States suffers over $50 billion in losses as a result of identity theft and fraud every year. Storage of personal data has occurred not only in the United States, but also abroad, and thus the need for regulation of personal information has become a focus for countries around the world. Many of the international debates surrounding privacy protection deal with differences in the scope of regulation, what Newman describes as either comprehensive regulations, as the Europeans have adopted, or limited regulations, as the United States has adopted.
Europe has emerged as the leader in establishing comprehensive protection for personal information. In Chapter Four, Newman argues that the success of Europe's comprehensive regulations, namely the European Union's 1995 data privacy directive, is attributed to the “institutionalization of data privacy authorities with expertise, statutory authority, and network ties.” A significant result of the directive was the emergence of transgovernmental cooperation, by way of the Article 29 Working Party, which has compelled companies like Google to alter their data retention policies in order to maintain compliance with the group. Throughout the years, the Article 29 Working Party has pushed for limiting data retention periods and encouraging data retention principles, even in the wake of the terrorist attacks in Madrid and the United Kingdom.
The United States, however, takes a different approach to privacy when terrorism or a threat to national security is involved. After the September 11, 2001 terrorist attacks, the federal government implemented security measures that would require international airlines to report to the U.S. Customs Bureau extensive traveler information that could be retained for a period of up to three years, without offering travelers the right to review or correct any of the stored information. The Article 29 Working Party was particularly concerned with the United States' government and agency access to carrier databases and the exchange of personal information. After negotiations, the European Commission finally allowed the transfer of data from European airlines to the U.S. Customs Bureau, but gained a small victory as the transfers would not include access to carrier databases and also would not include sensitive information.
Newman's finest, and perhaps most significant, observation which also serves as the underlying theme to the book, centers on the idea that regulatory authority is truly the driving force behind successful data protection measures. Europe emphasizes regulatory power, exemplified by its data privacy authorities, and also operates using “coercive tools to shape international outcomes.” According to Newman, the persuasive appeal of regulatory solutions often is affected by the threats that serve as incentives for compliance and motivation for negotiations. On the other hand, the United States' self-regulatory approach is focused on “convincing” rather than “coercing,” and has slowly moved away from delegating authority to independent agencies, instead favoring small government and a focus on accountability. This new focus, however, has “unintentionally undermined the power resources available to the United States to promote its interests globally.” As a result, the United States faces difficult challenges, in light of Europe's comprehensive and broadly adopted approach to privacy protection, to develop and enforce its rules in the global market.
--Kim Nguyen
EPIC Publications:
"Litigation Under the Federal Open Government Laws 2008," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, and Mark S. Zaid (EPIC 2008). Price: $60.
http://epic.org/bookstore/foia2008/
Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding the substantial FOIA amendments enacted on December 31, 2007. Many of the recent amendments are effective as of December 31, 2008. The standard reference work includes in-depth analysis of litigation under Freedom of Information Act, Privacy Act, Federal Advisory Committee Act, Government in the Sunshine Act. The fully updated 2008 volume is the 24th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years.
"Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.
http://www.epic.org/redirect/aspen_ipl_casebook.html
This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law.
"Privacy & Human Rights 2006: An International Survey of Privacy Laws
and Developments" (EPIC 2007). Price: $75.
http://www.epic.org/phr06/
This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published.
"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40.
http://www.epic.org/bookstore/pvsourcebook
This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process.
"The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40.
http://www.epic.org/bookstore/pls2004/
The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act.
"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20.
http://www.epic.org/bookstore/filters2.0
A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression.
EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at:
EPIC Bookstore
http://www.epic.org/bookstore
EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act.
Subscribe to EPIC FOIA Notes at: https:/mailman.epic.org/mailman/listinfo/foia_notes
[8] Upcoming Conferences and Events
The Innovation Economy, Aspen Institute, Reagan Conference Center, Washington, DC, Nov 30 - Dec 1, 2009. For more information:
http://theinnovationeconomy.org/
Law in Cyberspace: Legal Blogging & the Courts, Northwestern School of
Law, Chicago, IL, 4th Annual Judicial Symposium on Civil Justice
Issues, December 7, 2009.
For more information:
http://www.epic.org/redirect/112209nwconference.html
FTC Privacy Roundtable: Exploring Existing Regulatory Frameworks,
FTC Conference Center, Washington, DC, December 7, 2009.
For more
information:
http://www.ftc.gov/opa/2009/11/privacyrt.shtm
"Reconceptualizing the FTC's Understanding of Privacy", Willard Hotel
Washington, DC, IAPP Confernce, December 8, 2009.
For more information:
http://www.epic.org/redirect/112209conference.html
Annual Privacy Coalition meeting, EPIC, Washington, DC, January 21-23, 2010. For more information: http://www.theprivacycoalition.org
"Reader Privacy: Should Library Standards Apply Online?," University of North Carolina, Chapel Hill, January 22, 2010.
Data Privacy Day, January 28, 2010.
For more information:
http://www.thepublicvoice.org
"Computers, Privacy, and Data Protection: An Element of Choice,"
Brussels, Belgium, January 29-30, 2010.
For more information:
http://www.cpdpconferences.org/
RSA 2010, San Francisco, March 1-5, 2010.
For more information:
http://www.rsaconference.com/2010/usa/
Association for Practical and Professional Ethics, Cincinnati,
March 5, 2010.
For more information:
http://www.indiana.edu/~appe/annualmeeting.html
Privacy 2010, Stanford, March 23 - 25, 2010.
For more information:
http://codex.stanford.edu/privacy2010
Join EPIC on Facebook
Join the Electronic Privacy Information Center on Facebook
http//facebook.com/epicprivacy
Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC.
Privacy Policy
The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name.
In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information."
About EPIC
The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax).
Donate to EPIC
If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at:
Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers.
Thank you for your support.
Subscription Information
Subscribe/unsubscribe via web interface:
http://mailman.epic.org/mailman/listinfo/epic_news
Back issues are available at:
http://www.epic.org/alert
The EPIC Alert displays best in a fixed-width font, such as Courier.
END EPIC Alert 16.22
.