EPIC Alert 17.23
E P I C A l e r t
Volume 17.23 November 19, 2010
Published by the
Electronic Privacy Information Center (EPIC)
"Defend Privacy. Support EPIC."
-- PRIVACY UPDATE --
Support Nov. 24 Opt-Out Day
Report All Screening Experiences at
EPIC Body Scanner Incident Report
Table of Contents
 EPIC Files Amicus Brief in Supreme Court Case on "Personal Privacy"
 Senate Hearings Grill TSA on Full Body Scanners in Airports
 FCC Investigates Google Street View
 EPIC Body Scanner Lawsuit Faces Challenge, Endorsed by Libertarians
 Europe Moves
Forward with New Strategy for Privacy Protection
 News in Brief
 EPIC Book Review: "The Master Switch"
 Upcoming Conferences
TAKE ACTION: Stop Airport Strip Searches!
- JOIN Facebook Group "Stop Airport Strip Searches" and INVITE Friends
the IMAGE http://thepublicvoice.org/nakedmachine.jpg
- SUPPORT EPIC http://www.epic.org/donate/
 EPIC Files Amicus Brief in Supreme Court Case on "Personal
EPIC filed a "friend of the court" brief in a Supreme
Court case. The
case concerns the meaning of an exemption in the Freedom of Information
Act. The exemption protects any requested records whose public
disclosure "could reasonably be expected to constitute an unwarranted
invasion of personal privacy."
The Supreme Court is reviewing a federal court of appeals opinion
holding that AT&T, a corporation,
has the same personal privacy rights
as human beings. Around 2004, AT&T employees failed to comply with three
different FCC regulations.
First, they billed the government in one
funding year for services provided during the previous funding year.
Second, they billed
for services the government had not authorized.
Third, they billed for services not eligible for government funding.
Communications Commission investigated these failures, but
AT&T settled with the Commission. The Commission's investigation files
are the subject of the Freedom of Information Act request at issue here.
The Freedom of Information Act request AT&T is fighting to suppress
would reveal key information about the telecommunication company's
government contract work
in New London, Connecticut. The lower court
halted the public disclosure of AT&T's records.
EPIC urged the Supreme Court to overturn
the lower court's decision and
disclose the investigation files, or else "[the lower court's opinion]
would stand as an outlier,
untethered to common understanding, legal
scholarship, technical methods, or privacy law." To buttress its
argument, EPIC cited the
commonly understood meaning of "personal
privacy" in the work of legal scholars and technical experts, as well as
the use of these
terms in an extensive survey of U.S. privacy laws.
The Supreme Court decided to review the lower court's opinion on
2010. The Solicitor General filed the Commission's brief
on November 9, 2010. Oral argument is scheduled for January 19, 2011.
EPIC's "Friend of the Court" Brief
Supreme Court's Grant of Certiorari
Solicitor General/Federal Communication Commission's Brief
Lower Court Opinion
EPIC: FCC v. AT&T
 Senate Hearings Grill TSA on Full Body Scanners in Airports
The Senate Committee on Commerce, Science, and Transportation
oversight hearing on the Transportation Security Administration on
November 17, 2010. John S. Pistole, the TSA Administrator,
Senators asked Pistole tough questions about the privacy and health
implications of airport body scanners. Senators also
asked about the
invasiveness of pat-downs and the problems that the machines pose for
religious objectors. Pistole failed to provide
proof of independent
studies regarding radiation risks and consistently downplayed privacy
and religious concerns.
EPIC has filed
a lawsuit to suspend the body scanner program, calling it
"unlawful, invasive, and ineffective." EPIC argues that the machines
the federal Privacy Act, the Administrative Procedures Act, the
Fourth Amendment, the Video Voyeurism Prevention Act, and the Religious
Freedom Restoration Act.
Opposition to the program is growing: The American Pilots Association,
Airline CEOs, flyers rights organizations, religious groups,
are calling for an end to invasive searches at airports. Libertarian
Party Chair Mark Hinkle stated, "[t]he fact that
I want to travel on an
airplane does not make me a threat, and it does not allow anyone to
conduct a warrantless search under my
clothing." The Libertarian Party
exhorted its constituents to call their members of Congress and "tell
them that they don't want
this expensive, worthless, intrusive,
Kate Hanni, Executive Director of Flyersrights.org, called for
debate by aviation security experts and a full presentation to an
expanded Aviation Security Advisory Committee with opportunity
critics to be heard before these new procedures are implemented." The
new security measures, Hanni stated, "should require an
In a letter to his members, Captain Mike Cleary, President of the
American Pilots Association, urged pilots
not to submit to body scanner
screening because "frequent exposure to TSA-operated scanner devices may
subject pilots to significant
health risks." Additionally, the
body-scanner machines and enhanced pat downs are "intrusive and have
been implemented almost overnight"
leaving no time for public comment
and are effectively a form of "sexual-molestation" that adversely
affects pilots who are moments
away from being in the flight deck.
Captain Cleary finds that the TSA is acting with "unchecked" authority.
A National Opt-Out Day
is scheduled for November 24.
Senate Committee on Commerce, Science, and Transportation
Senate Oversight Hearing on TSA
Senate Oversight Hearing on TSA: John S. Pistole Testimony
Press Release: "Libertarians Oppose Abusive TSA Strip-search Machines"
American Pilots Association, Letter to Pilots
The Fiqh Council of North America,
Council on American-Islamic Relations,
National Opt-Out Day
EPIC: Whole Body Imaging
EPIC: EPIC v. DHS (Suspension of Body Scanner Program)
 FCC Investigates Google Street View
The Federal Communications Commission (FCC) has opened an investigation
into Google's secretive interception and collection of wi-fi
collection. Google has been collecting wi-fi data in thirty countries
over a three-year period through its Google "Street View"
which Google originally maintained merely collected images. In May, EPIC
filed a complaint with the Commission, asking
it to investigate Google's
possible violations of federal wiretap law and the U.S. Communications
Several countries have investigated
Google's wi-fi data collection and
issued findings that Google violated their laws, including the U.K,
Germany, Spain, and Canada.
Other countries, such as France and Italy,
are still investigating. Additionally, Connecticut Attorney General
announced that 38 states and the District of Columbia
are seeking additional information about Google's collection of wi-fi
from private, residential computer networks. In the midst of these
investigations, Google was forced to admit that it had been collecting
wi-fi data for three years, and that it had collected full emails,
passwords, and URLs. Google has since ceased the collection of
data by its Street View cars.
The Federal Trade Commission (FTC) recently sent a letter to Google,
ending its inquiry into
Google Street View. In a letter to Google's law
firm, David Vladeck, director of the Bureau of Consumer Protection at
the FTC, explained
that while he has "concerns" about Google's "internal
review process," the agency is satisfied by steps Google has taken and
Google has made to the agency. EPIC has requested documents
from the FTC under the Freedom of Information Act to determine the scope
of inquiry and the reason it was ended.
In May, the Federal Trade Commission was asked by members of Congress
investigate Google's secretive collection of wi-fi data as part of
Street View. In the letter, the Representatives asked the FTC
Google's actions "form the basis of an unfair or deceptive act or
practice that constitutes harm to consumers" and whether
actions are "illegal under federal law." No response by the FTC to this
letter can be found on the Congressmen's website.
In addition, unlike
the FCC, the Federal Trade Commission never pursued an independent
investigation of Street View, examined the
data collected by Google in
the United States, or even acknowledged the findings of other agencies
Wall Street Journal: FCC Investigation
EPIC: Letter to FCC (May 21, 2010)
FTC: Letter to Google (Oct. 27, 2010)
Letter from Markey and Barton to FTC (May 19, 2010)
Connecticut Attorney General Announcement
EPIC: Google Street View
 EPIC Body Scanner Lawsuit Faces Challenge, Endorsed
Soon after EPIC filed its opening brief
in its suit to stop the
Department of Homeland Security's controversial and intrusive body
scanner program, the Department sought
to exclude a party from
representing religious interests.
In a motion filed in the DC Circuit Court of Appeals, the Department of
Homeland Security attempted to exclude religious objector Nadhira
Al-Khalili from EPIC's body scanner lawsuit. Ms. Al-Khalili is
Counsel for the Council on American-Islamic Relations, one of the
organizations that supported EPIC's petition, which is the
basis for the
challenge to the body scanner program. The Council of American-Islamic
Relations is the largest Islamic civil liberties
group in the U.S.
Ms. Al-Khalili's claims are based on the Religious Freedom Restoration
Act and Islamic modesty tenants. As the parties argued in their opening
brief, "Muslims believe in maintaining modesty and covering their
bodies. [The body scanner program] enables the capture and viewing of
naked human images that violates this belief and denies observant
Muslims the opportunity to travel by plane in the United States as
others are able to do." EPIC has opposed the government's motion
stated that the agency is "simply afraid to have the Religious Freedom
Restoration Act claims heard by this Court."
Libertarian Party Chair Mark Hinkle endorsed EPIC's suit soon after. The
Libertarian Party is America's
third-largest political party. The Party
issued a press release detailing EPIC's charges against the Department
and encouraging all
Americans "to call their newly-elected members of
Congress and tell them that they don't want this expensive, worthless,
unconstitutional program." The Party's press release added
that the government has already shown that the machines can store,
and transfer images, highlighting that U.S. Marshalls stored
thousands of images from a courthouse scanner. EPIC discovered the U.S.
Marshalls body scanner images with a Freedom of Information Act request.
Department of Homeland Security's Motion
EPIC's Opposition to Department's Motion
EPIC's Opening Brief
Press Release: "Libertarians Oppose Abusive TSA Strip-search Machines"
 Europe Moves Forward with New Strategy for Privacy Protection
On November 4, 2010 the European Commission announced its
proposals to revise the EU Data Protection Directive. The strategy is to
"protect individuals' data in all policy areas,
enforcement, while reducing red tape for business and guaranteeing the
free circulation of data within the EU." The
key goals include
strengthening the rights of individuals, enhancing the free flow of
information, extending privacy safeguards to
police and criminal justice
records systems, ensuring high levels of protection for data transferred
outside of the European Union,
and more effective enforcement of privacy
rules. The new policy will build on the 1995 EU Data Protection
Directive, which is the
foundation for much of privacy law across
The 1995 Data Protection Directive was established to provide a
to guarantee secure and free movement of personal
data across the national borders of the EU member countries, in addition
a baseline of security around personal information wherever
it is stored, transmitted or processed. Other legal instruments, such
the e-Privacy Directive for the communications sector, have complemented
the 1995 Data Protection Directive. There are also specific
the protection of personal data in police and judicial cooperation in
In 2009, the European Commission
launched a review of the current legal
framework on data protection, starting with a high-level conference in
May 2009, followed
by a public consultation running until the end of
2009. Targeted stakeholders consultations were organized throughout
before the European Parliament in October 26, 2010, EPIC
President Marc Rotenberg urged the adoption of a comprehensive framework
to protect the flow of personal data between the United States and the
European Union. Citing the growing concern about the misuse
data and the absence of effective legal remedies, Mr. Rotenberg said it
was time for the United States of America and
the European Union to
develop an effective legal framework that would safeguard the rights of
citizens and the users of Internet-based
services. EPIC strongly
supports full implementation of the EU Data Directive as well as other
efforts to fully safeguard the fundamental
rights of citizens,
consumers, and users of Internet-based services.
In 2010, the European Commission circulated a document to the
Parliament, The Council of Europe, The Economic and Social Committee and
The Committee of the Regions containing a draft
improvements in data protection, including a set of proposals to change
the EU Data Protection Directive. The European
Commission is encouraging
public comments on the proposal until January 15, 2011. The European
Commission will then propose legislation
EPIC: EU Data Protection Directive
European Commission: Press Release
European Commission: Public Consultation
European Commission: Communication to the EU Parliament
EU Data Protection Directive 1995
 News In Brief
US Inches Toward Privacy Framework, Creates New White House Committee
Lawrence Strickling, the Administrator of the National
and Information Administration (NTIA) at the U.S.
Department of Commerce spoke on behalf of the United States of America
32nd International Conference of Data Protection and Privacy
Commissioners held in Jerusalem, Israel on October 27, 2010. NTIA serves
as the principal advisor to the President of the United States on
communications and information policy. Mr. Strickling recognized
it is "time that we adopt comprehensive Fair Information Practice
Principles as the information privacy framework in the United
clarify how personal data on the Internet is protected." As part of the
Obama Administration's commitment to promoting
the vast economic
opportunity of the Internet and protecting individual privacy, the
National Science and Technology Council launched
a new Subcommittee on
Privacy and Internet Policy to develop strategic direction on
international policy consensus and will foster dialogue and cooperation
between the United States and its key trading
partners in support of
flexible and robust privacy and innovation policies.
National Telecommunications and Information Administration
NTIA: Lawrence Strickling's Speech
NSTC: Subcommittee on Privacy and Internet Policy
NSTC: Charter on the Subcommittee on Privacy and Internet Policy
Complaint Filed Addressing Employee Termination Over Facebook Post
The National Labor Relations Board has issued a complaint against
American Medical Response of Connecticut for firing an employee after
she complained about her supervisor on Facebook. The company
that it fired the employee for violating its policy against depicting
the company on a social media site. The Labor Board's
that the company's blogging and Internet posting policy is overly broad,
the company illegally denied union representation
investigation, and that the firing violated an employee's right to
engage in concerted activities. The National Labor
protects an employee's right to engage in group activities, such as
discussing work-related issues, to improve workplace
hearing is scheduled for January 25, 2011.
EPIC: Work Place Privacy
EPIC: Social Networking Privacy
NLRB: Concerted Activities
National Labor Relations Act
American Medical Response
FTC Appoints Executive Director, Chief Technology Officer
The Federal Trade Commission has announced that Eileen Harrington will
be rejoining the Commission as the Executive Director. Harrington was
recently the Chief Operating Officer at the U.S. Small Business
Administration, following a 25-year stint at the Commission in a variety
of positions. The Commission has also announced that Princeton
University professor Dr. Edward W. Felten has been named as Chief
Technologist, a new position that will focus on evolving technology
policy issues. Dr. Felten was the founding director for Princeton's
Center for Information Technology Policy.
Federal Trade Commission: Announcement
U.S. Small Business Administration
Edward W. Felten Bio
Center for Information Technology Policy
EPIC: Federal Trade Commission
Emerging Technologies Raise Questions About Consumer Privacy
Two popular Internet companies have introduced new technologies that
could have significant impacts on users' privacy. Facebook announced a
new "messages" feature that will combine e-mail, instant chat,
messaging into one form of conversation. As part of this new feature,
users will receive a Facebook e-mail address, and
Facebook will maintain
an archive of all conversational history between friends. EPIC has two
complaints pending at the FTC regarding
Facebook's unfair and deceptive
practices. Google also unveiled plans for a new Android mobile phone
that will contain a chip allowing
people to use the phone as a credit
card. Google says they will not store personal data from these
transactions. EPIC recently sent
a letter to Google, arguing that its
new policy will enable greater data sharing within the corporation, and
filed a complaint with
the FTC regarding Google Buzz.
Facebook: Messages Feature
Eric Schmidt: Web 2.0
EPIC: In re Facebook
EPIC: In re Facebook II
EPIC: Letter to Google
EPIC: Google Buzz Complaint to FTC
 EPIC Book Review: "The Master Switch"
"The Master Switch: The Rise and Fall of Information Empires," Tim Wu
Tim Wu's Master Switch is a sweeping historical narrative of "the Cycle"
- the "oscillation of information industries between open
and closed" -
that provides a richly layered grounding for his support for net
neutrality and the ideals of free speech. Wu explores
industries, including the telephone, radio, and television, have
effectively stifled free speech and innovation and
wonders whether the
Internet age presents a different moment, a breaking of the cycle. The
Internet is the twenty-first century's
form of common carriage.
The histories of innovation and corporate consolidation in radio, film,
television, and telephony provide
examples of how "vertical integration
of an industry creates a vested interest in limiting free expression.
Profit is tied not to
the proliferation of many voices but to the
propagation of a few "to the mass production of speech, as it were."
versus closed, determines how free the speech is in the
underlying medium. Wu explains further that "[t]he problem is that a
industry' - as we might term any information industry - once
centralized, becomes an easy target for external independent actors
strong reasons of their own for limiting speech." The private sector,
not government, most effectively and consistently censors
Apple and Google epitomize, for Wu, the Cycle. In the struggles between
Apple and Google "is the perennial Manichaean contest
episode in this book: the struggle between the partisans of the open and
of the closed, between the decentralized
and the consolidated visions of
a proper order. But this time around, as compared with any other, the
sides are far more evenly
In fact, Google may have a lead - Wu describes it as the world's "Master
Switch" and in the information world, the switch
is everything. "For it
is the switch that transforms mere communications into networking - that
ultimately decides who reaches what
or whom." Despite being the "switch
of choice," Google has two major weaknesses: its dependency on the wires
services to the Internet but owned by media
companies, and the possibility that content providers could refuse to
allow Google to
index their pages.
The political economy of information industries reveals that despite
capitalism's opportunities for freedom,
"the free market can also led to
situations of reduced freedoms" If we believe in liberty, it must be
freedom from both private and
public concern." Net neutrality embraces
the ideal of an open system and because the Internet functions as a
common carrier, new
solutions to how information industries function are
Wu thus proposes a constitutional rather than regulatory approach
problem of net neutrality and the information economy to address this
concern, what he calls a "Separations Principle," or
"a regime whose
goal is to constrain and divide all power that derives from the control
Essentially the principle
would require that content providers,
infrastructure owners, and those who control access remain separate.
This separation would
be achieved mainly through the pressure of the
public "information morality." Corporations providing infrastructure and
networks are often, Wu admits, responsive to public
conceptions of what is good or bad corporate behavior. We can, he
that tendency as a good.
Additionally, the government must "not intervene in the market to favor
any technology, network monopoly,
or integration of the major functions
of an information industry" because the government is a poor predictor
of what is good for
the information industry. There does remain,
however, a role for the FCC, the DOJ, and the FTC to ensure the
viability of the Internet
as a public utility.
Wu envisions the Separations Principle as preempting politics and
strengthening liberal society's interest
in "the dynamism of diverse,
sometimes disruptive, perspectives and ideas." While vertical
integration of the information industry smothers speech, the Separations
Principle enables an environment
in which the ideal of free speech can
be realized while at the same time allowing entrepreneurship and
innovation to flourish.
"Litigation Under the Federal Open Government Laws 2008,"
Harry A. Hammitt, Marc Rotenberg, John A. Verdi, and Mark S. Zaid
(EPIC 2008). Price: $60.
Litigation Under the Federal Open Government Laws is the most
comprehensive, authoritative discussion of the federal open access
laws. This updated version includes new material regarding the
substantial FOIA amendments enacted on December 31, 2007. Many of
recent amendments are effective as of December 31, 2008. The standard
reference work includes in-depth analysis of litigation
of Information Act, Privacy Act, Federal Advisory Committee Act,
Government in the Sunshine Act. The fully updated 2008 volume is the
24th edition of
the manual that lawyers, journalists and researchers
have relied on for more than 25 years.
Privacy Law: Cases and Materials, Second Edition" Daniel
J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.
This clear, comprehensive introduction to the field of information
privacy law allows instructors to enliven their teaching of fundamental
concepts by addressing both enduring and emerging controversies. The
Second Edition addresses numerous rapidly developing areas of
law, including: identity theft, government data mining and electronic
surveillance law, the Foreign Intelligence Surveillance
intelligence sharing, RFID tags, GPS, spyware, web bugs, and more.
Information Privacy Law, Second Edition, builds a cohesive
for an exciting course in this rapidly evolving area of law.
"Privacy & Human Rights
2006: An International Survey of Privacy Laws
and Developments" (EPIC 2007). Price: $75.
This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy
75 countries around the world. The report outlines legal protections,
new challenges, and important issues and events relating
Privacy & Human Rights 2006 is the most comprehensive report on privacy
and data protection ever published.
"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.
This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS).
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more
involved in the
"The Privacy Law Sourcebook 2004: United States Law, International
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:
The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world.
It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD
Privacy Guidelines, as
well as an up-to-date section on recent developments. New materials
include the APEC Privacy Framework, the
Video Voyeurism Prevention Act,
and the CAN-SPAM Act.
"Filters and Freedom 2.0: Free Speech Perspectives
on Internet Content
Controls" (EPIC 2001). Price: $20.
A collection of essays, studies, and critiques of Internet content
filtering. These papers are instrumental in explaining why filtering
threatens free expression.
EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:
EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents obtained
from government agencies under the
Freedom of Information Act.
Subscribe to EPIC FOIA Notes at:
 Upcoming Conferences and Events
"Broadband Networks and Smart Grid at the Crossroad Between ICT &
Energy." Columbia Business School, New York, New York, 3 December
For More Information:
"Computers, Privacy, and Data Protection Conference European Data
Protection: In Good Health?" Brussels, Belgium, 25-28 January
More Information: http://www.cpdpconferences.org/.
"The Tenth Workshop on Economics of Information Security." The George
Mason University, 14-15 June 2011. For More Information:
"Computers, Freedom, and Privacy 2011." Georgetown Law Center,
Washington D.C., 14-16 June 2011. For More Information:
Join EPIC on Facebook
Join the Electronic Privacy Information Center on Facebook
Start a discussion on privacy. Let us know your thoughts.
Stay up to date with EPIC's events.
The EPIC Alert mailing list is used only
to mail the EPIC Alert and to
send notices about EPIC activities. We do not sell, rent or share our
mailing list. We also intend
to challenge any subpoena or other legal
process seeking access to our mailing list. We do not enhance (link to
our mailing list or require your actual name.
In the event you wish to subscribe or unsubscribe your e-mail address
from this list,
please follow the above instructions under "subscription
The Electronic Privacy Information Center is
a public interest research
center in Washington, DC. It was established in 1994 to focus public
attention on emerging privacy issues
such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale
of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research. For more information, see http://www.epic.org or write
EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1 202
483 1140 (tel), +1 202 483 1248 (fax).
Donate to EPIC
If you'd like to support the work of the
Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible. Checks
should be made out to "EPIC" and
sent to 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009. Or you can contribute online at:
Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation
of encryption and
expanding wiretapping powers.
Thank you for your support.
Subscribe/unsubscribe via web interface:
Back issues are available at:
The EPIC Alert displays best in a fixed-width font, such as Courier.
------------------------- END EPIC Alert 17.23 ------------------------