Home | Databases | WorldLII | Search | Feedback EPIC Alert

EPIC Alert 16.04 [2009] EPICAlert 4

E P I C A l e r t

http://www.epic.org/alert/EPIC_Alert_16.04.html

"Defend Privacy. Support EPIC." http://epic.org/donate

The Obama Administration publicly made available nine Office of Legal Counsel memoranda and opinion that were mostly drafted in the post 9/11 timeframe. Attorney General Holder stated "Americans deserve a government that operates with transparency and openness. It is my goal to make OLC opinions available when possible while still protecting national security information and ensuring robust internal executive branch debate and decision-making. The Office of Legal Counsel provides authoritative legal advice to the President and all the Executive Branch agencies. The Office drafts legal opinions and also provides oral advice in response to requests to the President, the various agencies of the Executive Branch, and offices within the Department. The Office is responsible for providing legal advice to the Executive Branch on all constitutional questions and reviewing pending legislation for constitutionality. All executive orders and proclamations proposed to be issued by the President are reviewed by the Office of Legal Counsel for form and legality, as are various other matters that require the President's formal approval.

One of the memorandum released contained secret legal opinions that allowed the President to use the nation's military within the United States for counter-terrorism and to conduct domestic warrantless wiretapping. Other opinions pertained to broad interpretation of the President's powers and unilateral abrogation of foreign treaties. The last memorandum dated January 15, 2009 discusses the status of previous OLC opinions and declares "certain propositions stated in several opinions issued by the Office of Legal Counsel in 2001-2003 respecting the allocation of authorities between the President and Congress in matters of war and national security" did not reflect the current views of the Office.

The released memoranda included opinions on the constitutionality of amending the Foreign Intelligence Surveillance Act to change the "purpose" standard for searches; authority for use of military force to combat terrorist activities within the United States; authority of the President to conduct renditions and order the military to detain and set up commissions to try individuals involved in terrorist acts and the detention of U.S. citizens and domestic use of military force to combat terrorist activities.

The Office of Professional Responsibility and began investigations into the circumstances surrounding the drafting of opinions for the standards for conducting interrogation and whether the legal advice contained in those memoranda was consistent with professional standards that applied to Justice Department attorneys. In October 2008, in a lawsuit by EPIC against the Justice Department, a federal judge ordered the independent judicial inspection of documents relating to the President's warrantless wiretapping program. EPIC is seeking the release of OLC memos concerning the warrantless wiretapping program that was conducted by President Bush. (See below).

Department of Justice Releases Nine Office of Legal Counsel Memoranda and Opinions: http://www.usdoj.gov/opa/pr/2009/March/09-ag-181.html

Office of Legal Counsel Memoranda: http://www.usdoj.gov/opa/documents/oc-memos.htm

Department of Justice: Office of Legal Counsel http://www.usdoj.gov/olc/

Office of Legal Counsel Memorandum of January 15, 2009: http://epic.org/redirect/030909_OLC011509.html

Letter of Marshall Jarrett, Counsel, Office of Professional Responsibility, Department of Justice to Senators Durbin and Whitehouse: http://epic.org/redirect/030909_OPR2Sens.html

Letter of Glenn A. Fine, Inspector-General, Office of the Inspector General, Department of Justice to Senators Durbin and Whitehouse: http://epic.oreg/redirect/030909_IG2Sens.html

EPIC v. DOJ Page on the National Security Agency's Warrantless Surveillance Program: http://epic.org/privacy/nsa/foia/

Court Order Requiring Judicial Review of DOJ Documents: http://epic.org/privacy/nsa/foia/103108_order.pdf

EPIC's Complaint Against the Department of Justice: http://www.epic.org/privacy/nsa/complaint_doj.pdf

On March 6, 2009, EPIC, the ACLU, and the National Security Archive asked a federal court in Washington, DC to order the immediate disclosure of government memos describing the legal basis for the warrantless wiretapping of American citizens by the Bush Administration. The court is currently reviewing the documents as part of an EPIC Freedom of Information Act lawsuit, EPIC v. DOJ. The documents, prepared by the Office of Legal Counsel, "are vital to the public's understanding of the government's warrantless surveillance program - activities of dubious legality that have attracted great interest from the public and lawmakers," EPIC said.

On March 2, 2009, the Attorney General released several related memos, which previously were secret. An October 23, 2001 memo takes the extreme position that the Fourth Amendment does not apply to military actions aimed at investigating or preventing terrorist activity on U.S. soil. A subsequent DOJ document, dated January 15, 2009, disavows the analysis, characterizing it as "a doubtful interpretation of the Foreign Intelligence Surveillance Act." The newly released documents reference the government's warrantless spy scheme, but do not include the Office of Legal Counsel's justifications for the surveillance. EPIC's lawsuit seeks the disclosure of foundational documents setting forth the program's legal basis, which remains secret.

The March 2, 2009 release follows President Obama's recent statement on government transparency. "The Freedom of Information Act should be administered with a clear presumption: In the face of doubt, openness prevails," the President stated. Senator Patrick J. Leahy, Chairman of the Senate Judiciary Committee, expressed support for the March 2, 2009, disclosures, demonstrating the continued interest of lawmakers in the issues implicated by EPIC's lawsuit, as well as the desire to see the other OLC memos released. Senator Leahy wrote, "The memoranda and opinions of the last administration regarding national security remain of great concern."

EPIC v. DOJ seeks the disclosure of opinions prepared by the Department of Justice Office of Legal Counsel regarding the President's warrantless domestic surveillance program. The Office of Legal Counsel regularly issues opinions on a variety of topics in response to legal questions posited by the President and the heads of executive departments.

Government lawyers have also withheld the memos from lawmakers charged with overseeing the department. After the department stymied efforts to shed light on the OLC opinions, Senate Judiciary Committee Chairman Patrick Leahy issued a subpoena requiring Attorney General Michael Mukasey to disclose information regarding the federal government's terrorism-related activities, including its warrantless surveillance program. Senator Edward Kennedy previously criticized the secrecy surrounding the Office of Legal Counsel opinions, arguing that the Administration's selective disclosure of the documents to a tiny number of legislators "is a pale shadow of the real disclosure that Americans deserve."

EPIC began the Freedom of Information Act lawsuit in December 2005, after the New York Times first reported the details of the wiretap program. EPIC requested documents relating to legal opinions that were prepared to justify the program. The DOJ refused to produce several key documents, and EPIC sued, demanding that the DOJ disclose the documents in compliance with the Freedom of Information Act.

EPIC Notice to the Court Urging Immediate Release of OLC Memos on Warrantless Wiretapping: http://epic.org/privacy/nsa/foia/030609_notice.pdf

EPIC v. DOJ Page on the National Security Agency's Warrantless Surveillance Program: http://epic.org/privacy/nsa/foia/

March 2, 2009 Attorney General Announcement Releasing Documents: http://www.usdoj.gov/opa/pr/2009/March/09-ag-181.html

Sept. 25, 2001 DOJ Memo Concerning Presidential Surveillance Powers: http://epic.org/redirect/030909_OLC092501.html

Jan. 15, 2009 DOJ Memo Disavowing Prior Advice Concerning Presidential Authority: http://epic.org/redirect/030909_OLC011509.html

Sen Leahy's Statement Concerning Release of Warrantless Wiretap Documents: http://leahy.senate.gov/press/200903/030209a.html

EPIC's Complaint Against the Department of Justice: http://www.epic.org/privacy/nsa/complaint_doj.pdf

Facebook recently announced an offer to its users around the world in shaping the future policies governing the service. Facebook issued the first proposals subject to these new procedures - "The Facebook Principles," a set of values that will guide the development of the service, and "Statement of Rights and Responsibilities" that clarify Facebook's and users' commitments related to the service. Facebook also announced that over time, users will have the opportunity to review, comment and vote on these documents. Further, a planned update to the Privacy Policy will also have similar input.

Last month, Facebook did a volte-face on its Terms of Service just before EPIC was about a file a complaint before the Federal Trade Commission. The modified Terms of Service were announced on February 4, were widely criticized, and were to be the subject of the EPIC complaint. EPIC observed that the modified Terms of Service included several material changes, which adversely impacted Facebook customers, eviscerated wide-recognized privacy rights, and unilaterally and retroactively transferred control of user generated content to Facebook. In response to user concerns, Facebook has established a new Group, the Facebook Bill of Rights and Responsibilities seeking comments from users.

The company's efforts in making the world more open and connected underlies the Principles of Facebook Service. The Principles include the "Freedom to Share and Connect," "Fundamental Equality" of people on Facebook, "Ownership and Control of Information," and other basic tenets of the Facebook service. The achievement of these Principles, according to Facebook, should be constrained only by limitations of law, technology, and evolving social norms about sharing.

The social networking company also drafted the Statement of Rights and Responsibilities. The Facebook statement reaffirms that users, not Facebook, own the content they share through Facebook services and that Facebook's permission to use that content expires when users delete the content or terminate their accounts. The document also codifies the specific requirements that users be given notice, an opportunity to comment, and, in certain cases, approval authority through a vote for policy changes.

With these changes, Facebook hopes for more user participation and involvement in future policy issues. Facebook plans to publish a final policy proposal that reflects the comments received.

Facebook Opens Governance of Service and Policy Process to Users: http://www.facebook.com/press/releases.php?p=85587

Facebook Town Hall: Proposed Facebook Principles: http://www.facebook.com/group.php?gid=54964476066

The Proposed Statement of Rights and Responsibilities: http://www.facebook.com/topic.php?uid=67758697570&topic=7569

Facebook Blog: Update on Terms: http://blog.facebook.com/blog.php?post=54746167130

People Against the new Terms of Service (TOS): http://www.facebook.com/group.php?gid=77069107432

EPIC's Social Networking Privacy Page: http://epic.org/privacy/socialnet/default.html

On February 26, 2009, the Federal Trade Commission released its most recent Consumer Sentinel Network Data Book, which contains data on consumer complaints obtained from the previous calendar year (January - December 2008). The Data book contains three kinds of consumer complaints, including fraud, identity theft, and other. This is the first year the Consumer Sentinel Network has included "other" as a consumer complaint category. Just as in previous years, identity theft is once again at the top of the charts. The Consumer Sentinel Network received a total of 313,982 identity theft consumer complaints during the year, which is an increase of 54,716 complaints in comparison with 2006. The Data Book provides detailed data on a variety of areas with regard to the identity theft complaints.

The most recent results indicate a decrease in the percentage of credit card fraud, from 23 to 20 percent, and phone or utilities fraud, from 18 to 13 percent. Whereas credit card and phone or utilities fraud are on the decline, government documents or benefits fraud is increasing, as it has been for the past three years. In 2008, 15 percent of the identity theft complaints were a result of information misuse through government documents or benefits fraud. In particular, "[f]raudulent tax return-related identity theft, a subtype of government documents or benefits fraud, has increased nearly six percentage points since calendar year 2006." The remainder of the categories, including employment-related, bank, and loan fraud all appear to demonstrate minimal, if any, fluctuation.

With regard to reporting incidents of identity theft, the report found that the majority of victims still fail to do so. According to the results, 35 percent of victims report the crime to law enforcement officials. Law enforcement takes a report in 27 percent of the cases. This result is nearly identical to the one published in 2007.

Furthermore, just as last year's results indicated most (24%) of the consumer complaints about identity theft come from victims in the 20-29 age category. They are followed closely (23%) by those in the 30-39 category. As a result, almost half of all the identity theft complaints registered are in the 20-39 age bracket.

The remainder of the Data Book is dedicated to a breakdown of the identity theft complaints in each state. Per capita, identity theft appears to be most prominent in Arizona, California, and Florida. Whereas North and South Dakota received the least number of consumer complaints per capita.

Consumer Sentinel Network Data Book (January - December 2008): http://epic.org/redirect/030909_FTC_CSN2008_report.html

Federal Trade Commission: Identity Theft: http://www.ftc.gov/bcp/edu/microsites/idtheft/

EPIC's Page on Identity Theft: http://epic.org/privacy/idtheft/

The Secretary for the Department of Homeland Security, Janet Napolitano testified before the House Committees on Homeland Security. She affirmed that it was her priority to increase accountability, uphold professionalism, reassess the Department's response to threats. She deposed that she had issued a series of action directives to assess the functions of the Department and seek areas of improvement. Her action directives included areas which affects individual privacy and civil liberties.

Napolitano deposed that she had issued two action directives concerning fusion centers. Fusion Centers promote partnerships and intelligence -sharing of federal, state, local, tribal and territorial partners. DHS is considering ways to improve intelligence sharing by involving state and local partners during rule-making of intelligence-sharing policies and programs. The DHS is also looking at means to improve coordination of activities involving both state and local authorities.

Another directive issued involved the DHS E-Verify program. The directive was aimed at measuring employer compliance and participation in E-Verify. The directive also sought to find out ways that DHS could reduce the false negatives and lower the possibility of identity fraud. EPIC has noted that E-Verify could deny many eligible individuals - including U.S. citizens and legal immigrants - the opportunity to work, and is ineffective as a solution to U.S. immigration problems. Last year, EPIC had filed a Freedom of Information request with the DHS seeking documents concerning promotion of E-Verify.

A further directive was also issued towards reviewing transportation security. Backscatter X-Ray devices show detailed images of a person's naked body, and are equivalent to a "virtual strip search" for all air travelers. The Recovery Act allots a budget of $ 1 Billion towards upgrading the explosive detection infrastructure.

The testimony also stated an interest of the DHS in promoting high-tech RFID systems and RFID-enabled documents including passports, trusted traveler programs to avoid watchlists and enhanced driver's licenses. The proposed uses of RFID tags pose exponentially greater risks to personal privacy. In addition to undermining a consumer's ability to enjoy a lifestyle in relative anonymity, critics of the technology counter that the information gathered by RFID readers could be obtained by the government for surveillance or monitoring the activities of citizens, or even misused by hackers and criminals. The are several problems with the watchlist program- it is not subject to the Privacy Act and the watchlists are full of errors. Enhanced driver's licenses also imposes many costs with few benefits and poses significant threats to individual privacy and security.

Testimony of Secretary Napolitano: http://www.dhs.gov/ynews/testimony/testimony_1235577134817.shtm

DHS Fusion Centers: http://homeland.house.gov/

EPIC's Page on Fusion Centers: http://epic.org/privacy/fusion/

DHS E-Verify program: http://www.dhs.gov/e-verify

Spotlight on Surveillance- E-Verify System: http://epic.org/privacy/surveillance/spotlight/0707/default.html

Millimeter Wave- Whole Body Imaging: http://www.tsa.gov/approach/tech/mwave.shtm

Spotlight on Surveillance- Plan to X-Ray Travelers Should Be Stripped of Funding: http://epic.org/privacy/surveillance/spotlight/0605/

The U.S. Electronic Passport: http://travel.state.gov/passport/eppt/eppt_2498.html

EPIC's FOIA Note: E-Passports Less Reliable Than Traditional Passports: http://epic.org/foia_notes/note14.html

U.S. Customs and Border Protection - Trusted Traveler: http://www.cbp.gov/xp/cgov/travel/trusted_traveler

EPIC's Page on Air Travel Privacy: http://epic.org/privacy/airtravel/

Enhanced Drivers Licenses: What Are They?: http://www.dhs.gov/xtrvlsec/crossingborders/gc_1197575704846.shtm

National ID Cards and REAL ID Act: http://epic.org/privacy/id-cards/

EPIC's page on RFID Systems: http://epic.org/privacy/rfid/

Profile of Janet Napolitano: http://www.dhs.gov/xabout/structure/gc_1232568253959.shtm

House Committees on Homeland Security: http://homeland.house.gov/

Cybersecurity Czar Steps Down, Warns of Growing NSA Influence

Rod Beckstrom, Director of the National Cybersecurity Center, has resigned. In a letter to Homeland Security Secretary Janet Napolitano, Beckstrom warned of the increasing role of the National Security Agency in domestic security. The "intelligence culture is very different than a network operation or security culture... the threats to our democratic processes are significant if all top government network and monitoring are handled by any one organization... we have been unwilling to subjugate the NSCS under the NSA," wrote the former NCSC Director. The announcement follows Congressional testimony from the new Director of National Intelligence that the NSA should be responsible for network security. EPIC has long maintained that the NSA, though it plays a vital role in gathering foreign intelligence, should not be the lead agency for domestic network security because it also engages in extensive and unregulated spying.

The National Cybersecurity Center: http://www.nctc.gov/

NCTC Director's Resignation Letter: http://epic.org/linkedfiles/ncsc_directors_resignation1.pdf

Hearing of the House Permanent Select Committee on Intelligence: http://www.dni.gov/testimonies/20090225_transcript.pdf

EPIC's Page on Computer Security Act of 1987: http://epic.org/crypto/csa/

Action Item: Support the Creation of a "Truth Commission"

Senator Patrick Leahy of Vermont has proposed the idea of a truth and reconciliation commission to investigate abuses during the Bush-Cheney Administration so that they never repeated. Abuses have included the use of torture, warrantless wiretapping, extraordinary rendition, and executive override of laws. A petition of support for the trust commission is currently being sought to be signed by members of the public. EPIC supports Senator Leahy in the creation of a truth commission to uncover wiretap abuses.

Sign the Petition: http://ga3.org/campaign/btcpetition

EPIC's Page on Wiretapping: http://epic.org/privacy/wiretap/

Report Highlights Cloud Computing Risks to Privacy

The World Privacy Forum released a report "Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing." The report discusses the issue of cloud computing and outlines its implications for the privacy of personal information as well as the confidentiality of business and governmental information. The report discusses how even when no laws or obligations block the ability of a user to disclose information to a cloud provider, disclosure may still not be free of consequences and that information stored with a third party may have fewer or weaker privacy protections. The report concludes that both government agencies and private litigants may be able to obtain information from a third party more easily than from the creator of the information.

Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing: http://www.worldprivacyforum.org/pdf/WPF_Cloud_Privacy_Report.pdf

APEC Proposes Guidelines on Cross-Border Data Transfers

The Data Privacy Subgroup of Asia-Pacific Economic Cooperation held a meeting in February, 2009. They reported progress on the eight projects designed to advance the Data Privacy Pathfinder which contains general commitments leading to the development of a Cross-Border Privacy Rules. The next step will be to finalize survey documentation that will collate information on the data privacy frameworks that currently exist in each member economy. The objective of the meeting was to create a method of cross-border data transfers of information while maintaining privacy safeguards. The guidelines call for an oversight panel for certifications and enforcement in cases of violations. The Asia-Pacific Economic Cooperation forum was established in 1989 to capitalize on the growing interdependence of Asia-Pacific economies.

APEC Data Privacy Pathfinder Initiative: http://www.dpmc.gov.au/privacy/apec/pathfinder_initiative.cfm

APEC Cross-Border Privacy Rules: http://www.dpmc.gov.au/privacy/apec/cross-border.cfm

APEC Singapore 2009, Sustaining Growth, Connecting the Region: http://www.apec.org/apec/daily_news_update/260209_sg_somi.html

APEC Data Privacy Pathfinder Projects Implementation Work Plan: http://aimp.apec.org/Documents/2008/ECSG/ECSG1/08_ecsg1_024.doc

Council of Europe Privacy Convention: http://epic.org/privacy/intl/coeconvention/default.html

ENISA Reports on Network and Information Security

The European Network and Information Security Agency released a paper containing a series of country reports with an overview on the "state of the art" of network and information security in each country regarding stakeholders, activities, events and current trends. The project elaborated separate stages: information and data gathering entered into a country data collection template; information and data review; and creation of the report from each country chapter. The report concluded that that institutions and responsibilities vary substantially from country to country although there were some general trends. ENISA is an EU agency created to advance the functioning of the internal market.

ENISA Country Reports 2009: http://epic.org/redirect/030909_ENISA_country_reports.html

EPIC's Page on CoE Privacy Convention: http://epic.org/privacy/intl/coeconvention/default.html

European Anti-crime Authority to Review VoIP Wiretaps

The European Anti-crime authority, Eurojust, was supposed to have been approached by Italy with the request to introduce a case to Eurojust. The case involves interception of internet telephony as an essential tool in the fight against international organized crime. In September 2006, at the first strategic meeting on internet telephony at Eurojust, Skype representatives agreed to cooperate with the law enforcement authorities in the fight against serious, cross-border organized crime. In a later update, Eurojust clarified that there was not yet an official case reported to Eurojust.

Eurojust will be requested to coordinate internet telephony investigations: http://www.eurojust.europa.eu/press_releases/2009/25-02-2009.htm

EPIC's Page on Wiretapping: http://epic.org/privacy/wiretap/

Report: False Assurances of Security in Health IT Systems

Dartmouth College business professor Eric Johnson has written a report called "Data Hemorrhages in the Health Care Sector." The paper discusses how confidential data flowing from health-care providers pose financial risks to firms and medical risks to patients. Examining the consequences including privacy violations, medical fraud, financial and medical identity theft, the paper characterized the security risk for a group of health-care organizations using a direct analysis of leaked files. The analysis demonstrated both a substantial threat and vulnerability for the health-care sector and as well as the unique complexity exhibited by the US health-care system. The paper was presented at the Thirteenth International Conference of International Financial Cryptography Association. EPIC has urged strong safeguards in the field of medical privacy.

Eric Johnson, Data Hemorrhages in the Health Care Sector: http://fc09.ifca.ai/papers/54_Data_Hemorrhages.pdf

EPIC's page on Medical Privacy: http://epic.org/privacy/medical/

Whitehouse Tests Alternate Method of Video Content-Delivery

The White House website which posts the Weekly Address of President Obama tested a different version of video content-delivery. Setting aside YouTube, the latest weekly address uses a technology which no longer secretly tracked Whitehouse visitors. Federal policy restricts the use of tracking cookies by federal agencies. Privacy concerns remain for media content delivered by Congressional offices. While initially it was believed that the change was permanent, subsequent clarifications by the White House seems to indicate that the new system was merely a test of content-delivery using a player developed "in-house."

The White House Blog Post, Keeping Promises: http://www.whitehouse.gov/blog/09/02/28/Keeping-Promises/

The White House YouTube Channel: http://www.youtube.com/whitehouse

The White House Weekly Address: http://www.whitehouse.gov/weekly_address/

EPIC's page on Cookies: http://epic.org/privacy/internet/cookies/

"In Search of Jefferson's Moose - Notes on the State of Cyberspace" by David G. Post

http://www.powells.com/biblio/2-9780195342895-0?&PID=24075

"In Search of Jefferson's Moose" is an unusual name for a book describing the state of cyberspace. But it is also an unusual book. Thoroughly entertaining, the author, David G. Post, compares Jefferson's "Notes on the State of Virginia" published in 1785 with the evolution of the Cyberspace. Post applies Jefferson's vision of natural history, law and governance to bring out the internet's technical and legal aspects to the fore.

Going back and forth between the "New World" as Jefferson saw it in his days to the new world of today, the "Cyberspace," Post draws interesting parallels on the challenges and the measures that once shaped history and is now once again proving to hold true in the development of digital world. Referencing Isaiah Berlin who divided the great thinkers of the world into foxes and hedgehogs as knowing "many things" and knowing "one big thing," Post sees Jefferson as being both a hedgehog and a fox at the same time who had interesting things to say "about pretty much everything" and also had "Big Ideas" which helped transform a world where "conventional mechanisms of lawmaking and governance did not work..."

The book is broadly divided into two parts, "Chaos" brings a lucid perspective of the territory and population of the internet as it was in the State of Virginia of 1781. Post believes that the geography of the land as it then existed is similar to the geography of the internet. The second part, "order," looks into methods of governance as a solution to a rule of authority on the internet. Post quotes a portion of Thomas Jefferson's autobiography by stating that "[i]t is not by consolidation or concentration of powers, but by their distribution, that good government is effected."

Filled with delightful footnotes containing a cornucopia of information snippets ranging from natural history, literature, and politics to science, technology and law, the book explores the rich depth of history manifesting itself in the new world of the internet. The author, however, does not offer clear possibilities into what lies in its future. Instead, Post endeavors to let the readers be the judge and chart its impending route in the concourse of the human mind.

-- Anirban Sen

"Litigation Under the Federal Open Government Laws 2008," edited by Harry A. Hammitt, Marc Rotenberg, John A. Verdi, and Mark S. Zaid (EPIC 2008). Price: $60.

http://epic.org/bookstore/foia2008/

Litigation Under the Federal Open Government Laws is the most comprehensive, authoritative discussion of the federal open access laws. This updated version includes new material regarding the substantial FOIA amendments enacted on December 31, 2007. Many of the recent amendments are effective as of December 31, 2008. The standard reference work includes in-depth analysis of litigation under Freedom of Information Act, Privacy Act, Federal Advisory Committee Act, Government in the Sunshine Act. The fully updated 2008 volume is the 24th edition of the manual that lawyers, journalists and researchers have relied on for more than 25 years.

"Information Privacy Law: Cases and Materials, Second Edition" Daniel J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.

http://www.epic.org/redirect/aspen_ipl_casebook.html

This clear, comprehensive introduction to the field of information privacy law allows instructors to enliven their teaching of fundamental concepts by addressing both enduring and emerging controversies. The Second Edition addresses numerous rapidly developing areas of privacy law, including: identity theft, government data mining and electronic surveillance law, the Foreign Intelligence Surveillance Act, intelligence sharing, RFID tags, GPS, spyware, web bugs, and more. Information Privacy Law, Second Edition, builds a cohesive foundation for an exciting course in this rapidly evolving area of law.

"Privacy & Human Rights 2006: An International Survey of Privacy Laws and Developments" (EPIC 2007). Price: $75.
http://www.epic.org/phr06/

This annual report by EPIC and Privacy International provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. The report outlines legal protections, new challenges, and important issues and events relating to privacy. Privacy & Human Rights 2006 is the most comprehensive report on privacy and data protection ever published.

"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on the Information Society" (EPIC 2004). Price: $40.

http://www.epic.org/bookstore/pvsourcebook

This resource promotes a dialogue on the issues, the outcomes, and the process of the World Summit on the Information Society (WSIS). This reference guide provides the official UN documents, regional and issue-oriented perspectives, and recommendations and proposals for future action, as well as a useful list of resources and contacts for individuals and organizations that wish to become more involved in the WSIS process.

"The Privacy Law Sourcebook 2004: United States Law, International Law, and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price: $40.

http://www.epic.org/bookstore/pls2004/

The Privacy Law Sourcebook, which has been called the "Physician's Desk Reference" of the privacy world, is the leading resource for students, attorneys, researchers, and journalists interested in pursuing privacy law in the United States and around the world. It includes the full texts of major privacy laws and directives such as the Fair Credit Reporting Act, the Privacy Act, and the OECD Privacy Guidelines, as well as an up-to-date section on recent developments. New materials include the APEC Privacy Framework, the Video Voyeurism Prevention Act, and the CAN-SPAM Act.

"Filters and Freedom 2.0: Free Speech Perspectives on Internet Content Controls" (EPIC 2001). Price: $20.

http://www.epic.org/bookstore/filters2.0

A collection of essays, studies, and critiques of Internet content filtering. These papers are instrumental in explaining why filtering threatens free expression.

EPIC publications and other books on privacy, open government, free expression, crypto and governance can be ordered at:

EPIC Bookstore
http://www.epic.org/bookstore

"EPIC Bookshelf" at Powell's Books
http://www.powells.com/bookshelf/epicorg.html

EPIC also publishes EPIC FOIA Notes, which provides brief summaries of interesting documents obtained from government agencies under the Freedom of Information Act.

Subscribe to EPIC FOIA Notes at: https:/mailman.epic.org/mailman/listinfo/foia_notes

2009 Freedom Forum Freedom of Information conference: "Freedom and Information: Looking Back and Looking Forward," 11th annual National FOI Day Conference, Freedom Forum's Newseum, March 13, 2009. Contact: ahampton@freedomforum.org or call 202/292-6288

The IAPP Privacy Summit 2009 will be held between March 11-13, 2009, at Washington, D.C. For more information, http://www.privacysummit.org

"Conference on International Aspects of Securing Personal Data," The Federal Trade Commission, Washington, D.C., March 16-17, 2009. For more information, http://ftc.gov/opa/2008/12/datasec.shtm

UC Berkeley Law School, BCLT Second Annual Privacy Lecture, "Confronting the Third Party Doctrine and the Privacy of Personal Information," March 18, 2009 at Bancroft Hotel, 2680 Bancroft Way, Berkeley, CA 94704. For more information,
http://www.law.berkeley.edu/institutes/bclt/privacy-lecture/index.html

Notice and Request for Public Comments by the Federal Trade Commission on Digital Rights Management Technologies. Event: Wednesday, March 25, 2009, Seattle, WA. For more information,
http://www.ftc.gov/bcp/workshops/drm/index.shtml

"2nd Privacy OS Conference," MediaCentre, Berlin, Germany, April 1-3, 2009. For more information, http://www.privacyos.eu

"THE FUTURE OF PRIVACY: What's Next?" - a one day seminar. April 28, 2009, Cartier Suites Hotel, 180 Cooper Street, Ottawa, Canada. For more information,
http://www.rileyis.com/seminars/

"2nd Annual Research Symposium for the Identity, Privacy and Security Initiative," , May 6, 2009, University of Toronto. For more information, http://www.ipsi.utoronto.ca/site4.aspx

IEEE Symposium on Security and Privacy, May 17-20, 2009, The Claremont Resort, Oakland, California. For more information,
http://oakland09.cs.virginia.edu/

Web 2.0 Security & Privacy 2009, Thursday, May 21, The Claremont Resort, Oakland, California. For more information,
http://w2spconf.com/2009/

Computers, Freedom, and Privacy, 19th Annual Conference, Washington, D.C., June 1-4, 2009. For more information,
http://www.cfp2009.org/wiki/index.php/Main_Page

"The Transformation of Privacy Policy," Institutions, Markets Technology Institute for Advanced Studies (IMT)Lucca, Italy, July 2-4, 2009.

Join the Electronic Privacy Information Center on Facebook
http://epic.org/facebook

Start a discussion on privacy. Let us know your thoughts. Stay up to date with EPIC's events. Support EPIC.

Subscribe/unsubscribe via web interface: https://mailman.epic.org/mailman/listinfo/epic_news

Back issues are available at:
http://www.epic.org/alert

The EPIC Alert displays best in a fixed-width font, such as Courier.

The EPIC Alert mailing list is used only to mail the EPIC Alert and to send notices about EPIC activities. We do not sell, rent or share our mailing list. We also intend to challenge any subpoena or other legal process seeking access to our mailing list. We do not enhance (link to other databases) our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address from this list, please follow the above instructions under "subscription information."

The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues such as the Clipper Chip, the Digital Telephony proposal, national ID cards, medical record privacy, and the collection and sale of personal information. EPIC publishes the EPIC Alert, pursues Freedom of Information Act litigation, and conducts policy research. For more information, see http://www.epic.org or write EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202 483 1140 (tel), +1 202 483 1248 (fax).

If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "EPIC" and sent to 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. Or you can contribute online at:

http://www.epic.org/donate

Your contributions will help support Freedom of Information Act and First Amendment litigation, strong and effective advocacy for the right of privacy and efforts to oppose government regulation of encryption and expanding wiretapping powers.

Thank you for your support.

.