EPIC Alert 17.18
E P I C A l e r t
Volume 17.18 September 14, 2010
Published by the
Electronic Privacy Information Center (EPIC)
"Defend Privacy. Support EPIC."
Table of Contents
 EPIC Challenge to Body Scanner Program Progresses in Federal Court
 Ralph Nader and EPIC Urge Senate Hearings on Airport Body
 EPIC Files Suit for Documents Regarding Google/NSA Partnership
 Google Settles Buzz Lawsuit, Announces New Privacy
 Questions Remain about Future of Iraq Biometric Databases
 EPIC's Marc Rotenberg Named to ICANN Advisory Committee
 News in Brief
 Upcoming Conferences and Events
TAKE ACTION: Stop Airport Strip Searches!
- JOIN Facebook Group "Stop Airport
Strip Searches" and INVITE Friends
- DISPLAY the IMAGE http://thepublicvoice.org/nakedmachine.jpg
- SUPPORT EPIC http://www.epic.org/donate/
 EPIC Challenge to Body Scanner Program Progresses in
The United States Court of Appeals for the
District of Columbia Circuit
has set a briefing schedule for EPIC v. DHS, No. 10-1157, EPIC's
challenge to the airport body scanner
program. On July 2, 2010 EPIC
filed a lawsuit to suspend the deployment of body scanners at US
airports, pending an independent review.
EPIC filed a petition for
review and motion for an emergency stay, urging the District of
Columbia Court of Appeals to suspend the
TSA's full body scanner
program. EPIC said that the program is "unlawful, invasive, and
ineffective" and violated the Administrative
Procedures Act, the
Privacy Act, and the Religious Freedom Restoration Act. EPIC also
alleged that the body scanner search itself is unconstitutional under
the Fourth Amendment, given what the courts have
said about the
permissible scope of airport screening procedures.
On July 20, 2010 EPIC filed a reply to the government's motion
case against DHS. In its reply, EPIC cited the growing public
opposition to the program, the decision of major airports not
body scanners, as well as the agency's failure to adequately address
Constitutional concerns. EPIC's initial brief in this
case will be due
November 1, 2010. Subsequent briefs from DHS and EPIC will be due by
December 15, 2010.
As part of a related Freedom
of Information Act (FOIA) lawsuit, EPIC
obtained documents establishing that the DHS possessed about 2,000 body
scanner photos from devices that DHS
said earlier "could not store or
record images." In a similar FOIA lawsuit against the DOJ, EPIC
obtained evidence of over 35,000
stored images. EPIC has a pending FOIA
request for documents related to body scanner radiation risks.
Three US senators also recently
objected to the DHS expansion of the
airport body scanner program. In a letter to DHS Secretary Janet
Napolitano, these Senators
raised concerns that "the issue of radiation
associated with the backscatter x-ray AIT machines has not been
by TSA" and urged the agency's Chief Medical
Officer, working with independent experts, to conduct a review of the
on travelers and airport personnel. EPIC also submitted
a FOIA request to the DHS for all records of tests conducted by the
regarding radiation impacts and launched a "Body Scanner
Incident Report" on its website.
EPIC: EPIC v. DHS (Suspension of Body
DHS: Letter to EPIC
EPIC: Body Scanner Incident Report
EPIC v. DHS (FOIA)
EPIC v. DOJ (USMS)
EPIC: FOIA Request to DHS Regarding Body Scanners and Radiation
Senator Collins' letter to DHS Secretary Janet Napolitano
 Ralph Nader and EPIC Urge Senate Hearings on Airport
On September 7, 2010, Ralph Nader and EPIC
President Marc Rotenberg
sent letters to Senator Lieberman and Senator Collins, urging the
Senate Committee on Homeland Security
and Governmental Affairs to
"convene a public hearing to review the government's deployment of
whole-body scanners at passenger security
checkpoints in US airports."
The Nader/Rotenberg letter states that the Department of Homeland
Security and the Transportation Security
"disregarded serious questions concerning the devices' effectiveness,
privacy safeguards, and potential health
The potential health impacts, Nader and Rotenberg note, led a group of
scientists at the University of California-San
Francisco to write to
President Obama's science adviser, Dr. John Holdren, urging a more
systematic review of the health effects
in light of "the absence of any
real, independent safety data." The scientists emphasized that "the
backscatter technology targets
the skin and adjacent tissue, and thus
the real radiation dose to the skin is higher than stated" by the
Administration. This higher concentration of
radiation is especially harmful to children, pregnant women, women
to breast cancer and individuals with comprised
immune systems. EPIC recently submitted a Freedom of Information Act
request to the DHS for all records of tests conducted by the agency
regarding radiation impacts.
On August 5, 2010, Senators Collins,
Coburn, and Burr sent a letter to
Janet Napolitano, Secretary of the Department of Homeland Security, and
John Pistole, the Administrator
of the Transportation Security
Administration raising concerns about the levels of radiation and the
health effects of that radiation
from the whole body scanners for both
travelers and TSA employees. Noting that those concerns had been
brought to DHS's on numerous
occasions, the Senators continued, “To
address the continuing concerns surrounding the use of these machines,
we request that
you have the Department's Chief Medical Officer,
working with independent experts, conduct a review of the health
effects of their
use for travelers, TSA employees, and airport and
On August 19, 2010, Senators Lieberman and Collins expressed
in a letter to the U.S. Marshals Service about the ability of these
whole-body scanners to store and retain images. The
that the Marshals Services provide them with "a full explanation as to
why the U.S. Marshals Service was saving
images from whole body imaging
scans at the federal courthouse in Orlando." Additionally, they
requested that the Marshals Service
"identify any other locations where
the U.S. Marshals Service is using whole body imaging technology,
whether or not the images from
scans taken at any of those locations
are also being stored, and, if they are being stored, the reasons for
retaining these images."
The Senators urged the Marshals Service to
examine and adopt privacy protocols.
EPIC has also filed an emergency motion in federal
court to suspend the
program, pending a thorough review of the airport body scanner program
in EPIC v. DHS, No. 10-1157. The United
States Court of Appeals for
the District of Columbia has set a briefing schedule for this motion.
EPIC has alleged that that the
Department of Homeland Security has
violated three federal laws (the Administrative Procedures Act, the
Privacy Act, and the Religious
Freedom Restoration Act) and that the
body scanner search itself is unconstitutional, given what the courts
have said about the permissible scope of airport
The Committee on Civil Liberties, Justice and Home Affairs of the
European Parliament has also announced a
hearing on the Body Scanner
program for October 6, 2010.
Nader/EPIC letter to Senator Lieberman
Senators Lieberman and Collins letter to the US Marshals Service
Senators Collins, Coburn, and Burr letter to DHS and TSA
Committee on Civil Liberties, Justice and Home Affairs of the European
EPIC v. DHS (Suspension of Body Scanner Program)
EPIC: Body Scanners
EPIC v. DHS (FOIA)
 EPIC Files Suit for Documents Regarding Google/NSA
On September 13, 2010, EPIC filed a Freedom
of Information Act lawsuit
against the National Security Agency in the United States District
Court in the District of Columbia. The agency has thus
far failed to
substantively respond to EPIC's request for documents relating to its
"Information Awareness" partnership with Google.
EPIC had appealed
directly to the agency, requesting that it comply with the legal duty
to produce all documents relating to the
partnership. The agency
failed to respond within the legally allotted period to do so.
In the wake of Google's January 12, 2010
announcement that hackers
originating from China had attacked its corporate infrastructure, the
Wall Street Journal and the Washington
Post both reported that Google
partnered with the agency to coordinate its security response to the
attack. The Journal reported
that the agency's general counsel drafted
a "Cooperative Research and Development Agreement" authorizing the
agency to "examine some
of the data related to the intrusion into
On February 4, 2010, EPIC sent its FOIA request to the NSA for all
agency records relating to the agreement. The agency responded on
March 10, 2010, stating that it would neither confirm nor deny
existing partnership with Google. Furthermore, the agency also failed
to include any of the requested materials, claiming that
exemptions protecting its "functions and activities" absolved the
agency of its legal duty under FOIA to produce the requested
EPIC appealed directly to the agency on May 7, 2010 disputing the
agency's reasons for refusing to comply with FOIA and
any specific organizational or functional information could easily be
redacted from the disclosed documents. The
agency has failed to
respond by the statutory deadline.
EPIC: Complaint to the United States District Court in the
EPIC: Original FOIA Request Letter to the NSA
EPIC: FOIA Request Appeal Letter to the NSA
NSA's "Information Assurance" Website
Google's Official January 12, 2010 Announcement:
"A new approach to China"
EPIC: Open Government Litigation
 Google Settles Buzz Lawsuit, Announces New Privacy
On September 7th, Google entered into a provisional
agreement in a class action suit concerning the social network service
Buzz. With Buzz, Google tried to transform its
popular email service,
Gmail, into an untested social networking service. As a consequence,
Google transformed users' private address
book contacts into
publicly viewable "friends." Google immediately came
under fire from users for breaching online consumer privacy
Gmail users filed a class action lawsuit against Google. The plaintiffs
alleged violations of federal privacy and consumer
fraud laws. As part
of the settlement agreement, Google will establish an $8.5 million
settlement fund to pay the attorneys, compensate
the lead plaintiffs,
and establish a cy pres fund for "existing organizations focused on
Earlier this year, EPIC raised similar concerns about Google Buzz in a
formal complaint to the Federal Trade commission. The EPIC
cited clear harms to Gmail subscribers, and alleged that the change in
business practices "violated user expectations,
federal wiretap laws." The FTC responded to
the complaint by sending a
letter to EPIC wherein The Bureau of Consumer Protection Director
stated that the EPIC complaint "raises
interesting issues that relate
to consumer expectations about the collection and use of their data."
EPIC has also objected to a
settlement in the Facebook Beacon case on
the grounds that the settlement would allow Facebook, the defendant, to
control the private
foundation established by the settlement. The
Google settlement would not establish a similar entity.
On the same day that Google
settled the Buzz case, it also announced
Twelve Google products
that formerly had their own specific privacy
raise concerns that EPIC raised in its Buzz complaint to the
FTC, described above, in which EPIC argued that Google's Gmail-specific
Buzz Settlement Agreement:
EPIC: FTC Buzz Complaint:
Google: About Google Buzz:
Facebook Beacon Settlement:
FTC letter to EPIC re Buzz:
EPIC: In re Google Buzz:
 Questions Remain about Future of Iraq Biometric Databases
President Obama's address on the end of U.S. combat
in Iraq left open the question of what will happen to the
massive databases of Iraqi biometric data armed forces accrued over the
last seven years. U.S. forces collected a vast store of sensitive
information through field-ready biometric scanners connected to
Panasonic Toughbooks. The data has been processed and disseminated from
The Biometric Fusion Center in West Virginia for a range
of uses, from
vetting native government employees to tracking insurgents and
In 2007, EPIC, Privacy International, and
Human Rights Watch wrote to
Defense Department Secretary Robert Gates to express concern about the
creation of secret profiles on
hundreds of thousand of Iraqis, tied to
unique biometric identifiers, including digital fingerprints,
photographic images, iris scans,
and even DNA. EPIC, Privacy
International, and Human Rights Watch urged the Defense Department to
"adopt clear guidelines that incorporate
strong privacy safeguards to
ensure that Iraqis are afforded basic human rights in their personal
warned in their letter that the current
identification practices "contravene international treaties and could
lead to potentially
devastating consequences." They emphasized cases in
which similar caches in other conflict regions unleashed dire outcomes,
as in Rwanda in 1994 and Nazi Germany, and they highlighted
historical parallels between those flashpoints and modern day Iraq.
Scores of media reports have chronicled the religiously motivated
violence between Sunnis and Shiites in Iraq. Iraqis travelling
checkpoints manned by rival factions depend on doctored identification
documents to move through sectarian checkpoints without
harassed, tortured, and murdered. Privacy and human rights advocates
fear that an unsecured pool of personally identifiable
linked to tribal affiliations could set the stage for ethnic cleansing.
As U.S. Army Lieutenant Colonel John W. Velliquette,
Jr. stated during
a public roundtable in 2007: "essentially what it becomes is a hit list
if it gets in the wrong hands."
Obama's Oval Office Address from August 31, 2010
Letter from EPIC, Privacy International, and Human Rights Watch to
Defense Department Secretary Robert Gates
Public Roundtable with U.S. Army Lieutenant Colonel
John W. Velliquette, Jr.
EPIC: Iraqi Biometric Identification System
 EPIC's Marc Rotenberg Named to ICANN Advisory Committee
On September 7, 2010, the 2010 Internet Corporation for
and Numbers (ICANN) Nominating Committee named EPIC President Marc
Rotenberg to serve as North America representative
for the At-Large
Advisory Committee (ALAC) of ICANN.
ICANN coordinates the worldwide registration of names and numbers
each Internet address, called "identifiers." The Corporation
performs its technical responsibilities in accord with a set of core
values. Those values include enhancing the global interoperability,
security, and stability of the Internet, promoting market competition
in the registration of domain names, and remaining accountable both to
the Internet community and to governments and public authorities.
uses the ALAC to engage individual Internet users about effectively
realizing these core values.
Regional At-Large Organizations
are the primary venue in each of five
global regions for public input to ICANN about the future development
of the internet. The
Advisory Committee is responsible for
"representing the interests of individual Internet users at ICANN,"
which includes the promotion
of an open and accessible public network.
The Committee also selected Egypt's Cherine Chalaby, who is now the
of an Arab speaking community to the Board in
ICANN history. Nominating Committee Chair Wolfgang Kleinwaechter said
"We are proud
to announce this year's selectees to ICANN's leadership.
They include highly accomplished and experienced individuals from
Argentina, Egypt, France, Germany, and the United States."
Chair Kleinwaechter highlighted the growing internationalization of the
organization since its inception in 1998.
Mr. Rotenberg previously served as Board Secretary and then Chair of
the Public Interest
Registry. The Public Interest Registry manages the
.ORG domain of over 8.5 million websites and ensures the active
of civil society organizations at ICANN. He also helped
establish the EPIC Public Voice project in 1996 to
encourage civil society
participation in decisions concerning thefuture of
theInternet, and the Civil Society Information Society Advisory
2008, which promotes civil society participation in
the work of the OECD on Internet policy.
2010 ICANN Nominating Committee Selection
EPIC Board and Staff: Marc Rotenberg
Public Interest Registry
The Public Voice
 News In Brief
New Jersey Supreme Court to Hear Arguments in Expungement Case
The New Jersey Supreme Court will hear oral arguments on September
2010 in the case of G.D. v. Kenny. In G.D. v. Kenny a lower
court dismissed a privacy claim involving publication of information
about a prior criminal act, even though the state had issued an
expungement order. EPIC has filed a "friend of the court"
urging the New Jersey Supreme Court to preserve the right
of expungement and allow the privacy case to go forward. EPIC's brief
to the increasing risk that private firms will make available
inaccurate, incomplete, and out--of-date information if expungement
orders are not enforced. EPIC further argues that courts do not treat
truth as a defense in cases involving privacy tort claims.
Advisory Board member Grayson Barber will be arguing on EPIC's
behalf at the hearing.
G.D. v. Kenny, Lower Court Opinion
EPIC: Amicus Brief in G.D. v. Kenny
EPIC: G.D. v. Kenny
Surveillance Court Seeks Public Comments on Proposed Rules
The Foreign Intelligence Surveillance Act (FISA) authorizes a special
court, the Foreign Intelligence Surveillance Court (FISC), to undertake
electronic surveillance in the United States for foreign
information. The FISC is now seeking public comments concerning its
procedures. Comments must be received by Monday,
October 4, 2010. EPIC
previously submitted an amicus brief regarding FISA authority and
national security. EPIC will be submitting
comments to the FISC and
endorse changes that improve accountability and transparency for FISA
The Foreign Intelligence
Surveillance Act (FISA)
Foreign Intelligence Surveillance Court Proposed Rulemaking
EPIC: Foreign Intelligence Surveillance Act (FISA)
EPIC: Amicus brief, In re: Sealed Case No. 02-001, 310 F.3d 717
EPIC: Foreign Intelligence Surveillance Act Orders 1979-2010
"Litigation Under the Federal Open Government Laws 2008," edited by
A. Hammitt, Marc Rotenberg, John A. Verdi, and Mark S. Zaid
(EPIC 2008). Price: $60.
Litigation Under the Federal Open Government Laws is the most
comprehensive, authoritative discussion of the federal open access
laws. This updated version includes new material regarding the
substantial FOIA amendments enacted on December 31, 2007. Many of
recent amendments are effective as of December 31, 2008. The standard
reference work includes in-depth analysis of litigation
of Information Act, Privacy Act, Federal Advisory Committee Act,
Government in the Sunshine Act. The fully updated 2008 volume is the
24th edition of
the manual that lawyers, journalists and researchers
have relied on for more than 25 years.
Privacy Law: Cases and Materials, Second Edition" Daniel
J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.
This clear, comprehensive introduction to the field of information
privacy law allows instructors to enliven their teaching of fundamental
concepts by addressing both enduring and emerging controversies. The
Second Edition addresses numerous rapidly developing areas of
law, including: identity theft, government data mining and electronic
surveillance law, the Foreign Intelligence Surveillance
intelligence sharing, RFID tags, GPS, spyware, web bugs, and more.
Information Privacy Law, Second Edition, builds a cohesive
for an exciting course in this rapidly evolving area of law.
"Privacy & Human Rights
2006: An International Survey of Privacy Laws
and Developments" (EPIC 2007). Price: $75.
This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy
75 countries around the world. The report outlines legal protections,
new challenges, and important issues and events relating
Privacy & Human Rights 2006 is the most comprehensive report on privacy
and data protection ever published.
"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.
This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS).
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more
involved in the
"The Privacy Law Sourcebook 2004: United States Law, International
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:
The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world.
It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD
Privacy Guidelines, as
well as an up-to-date section on recent developments. New materials
include the APEC Privacy Framework, the
Video Voyeurism Prevention Act,
and the CAN-SPAM Act.
"Filters and Freedom 2.0: Free Speech Perspectives
on Internet Content
Controls" (EPIC 2001). Price: $20.
A collection of essays, studies, and critiques of Internet content
filtering. These papers are instrumental in explaining why filtering
threatens free expression.
EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:
EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
obtained from government agencies under the
Freedom of Information Act.
Subscribe to EPIC FOIA Notes at:
 Upcoming Conferences and Events
Privacy and Security in the Future Internet
3rd Network and Information Security (NIS'10) Summer School
Crete, Greece, September
For more information: http://www.nis-summer-school.eu
Internet Governance Forum 2010
Vilnius, Lithuania, 14-16 September 2010.
For more information: http://igf2010.lt/
13th Meeting of InterAmerican Data Protection Professionals
Mexico City, Mexico, 29-30 September 2010.
For more information:
"Internet at Liberty 2010"
Central European University, Budapest, Hungary, 20-22 September 2010
Washington, DC, 24 September 2010
"W3C Worksop on Privacy and Data Usage Control"
MIT, 4-5 October 2010
The Public Voice Civil Society Meeting: "Next Generation Privacy
Challenges and Opportunities."
Jerusalem, Israel, 25 October
Conference on the Evolving Role of the Individual in Privacy Protection:
30 Years after the OECD Privacy Guidelines"
Israel, 26 October 2010
"32nd Int'l Conference of Data Protection and Privacy Commissioners"
Jerusalem, October 2010.
For more information:
Join EPIC on Facebook
Join the Electronic Privacy Information Center on Facebook
Start a discussion on privacy. Let us know your thoughts.
Stay up to date with EPIC's events.
The EPIC Alert mailing list is used only
to mail the EPIC Alert and to
send notices about EPIC activities. We do not sell, rent or share our
mailing list. We also intend
to challenge any subpoena or other legal
process seeking access to our mailing list. We do not enhance (link to
our mailing list or require your actual name.
In the event you wish to subscribe or unsubscribe your e-mail address
from this list,
please follow the above instructions under "subscription
The Electronic Privacy Information Center is
a public interest research
center in Washington, DC. It was established in 1994 to focus public
attention on emerging privacy issues
such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale
of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research. For more information, see http://www.epic.org or write
EPIC, 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009. +1 202
483 1140 (tel), +1 202 483 1248 (fax).
Donate to EPIC
If you'd like to support the work of the
Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible. Checks
should be made out to "EPIC" and
sent to 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009. Or you can contribute online at:
Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation
of encryption and
expanding wiretapping powers.
Thank you for your support.
Subscribe/unsubscribe via web interface:
Back issues are available at:
The EPIC Alert displays best in a fixed-width font, such as Courier.
------------------------- END EPIC Alert 17.18 ------------------------