WorldLII Home | Databases | WorldLII | Search | Feedback

EPIC Alert

You are here:  WorldLII >> Databases >> EPIC Alert >> 2010 >> [2010] EPICAlert 4

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

EPIC Alert 17.04 [2010] EPICAlert 4

EPIC Alert 17.04

                         E P I C   A l e r t
Volume 17.04                                          February 25, 2010
                         Published by the
             Electronic Privacy Information Center (EPIC)
                  "Defend Privacy. Support EPIC."
Table of Contents
[1] EPIC Urges Court to Reject Google Books Settlement
[2] Lawsuit Alleges School Used Laptops to Spy on Students at Home
[3] EPIC
Submits Statement on Location Privacy
[4] EPIC Urges FTC to Investigate Google Buzz
[5] EPIC Submits Statement to Congress on Google,
NSA, Cybersecurity
[6] News in Brief
[7] EPIC Bookstore: "The Peep Diaries"
[8] Upcoming Conferences and Events
Airport Strip Searches
           - JOIN Facebook Group "Stop Airport Strip Searches" and 
             INVITE Friends to JOIN
         - DISPLAY the IMAGE
           - SUPPORT EPIC

[1] EPIC Urges Court to Reject Google Books Settlement

On February, 18, 2010, the federal district court in New
York heard
arguments from opponents and supporters at the Google Books Settlement
Fairness Hearing. The Settlement had previously
undergone amendments
after a variety of parties, including EPIC, the DOJ, and Privacy
Authors, had objected to it on copyright, antitrust,
and privacy
grounds. Even after revisions, the Google Books Settlement still failed
to address antitrust, privacy, and copyright
concerns, according the
the US Justice Department, privacy advocates, and academic authors.

On February 4, the Justice Department
filed a brief and issued a
statement opposing the revised settlement. The Department said the
revisions still ran afoul of authors'
copyrights and did not fix
antitrust problems. EPIC also continued to object to the settlement
because it does not contain adequate
privacy protections for readers.
On February 4, EPIC informed the court of its intent to appear at the
Fairness Hearing on behalf
of users' privacy interests.

At the Fairness Hearing, EPIC President, Marc Rotenberg, urged Judge
Denny Chin to reject the revised
settlement now before the court in
Authors Guild v. Google. Mr. Rotenberg said that the settlement would
"turn upside down" well
established safeguards for reader privacy,
including state privacy laws, library confidentiality obligations, and
the development
of techniques that minimize privacy intrusions. Mr.
Rotenberg warned that the settlement would eviscerate legal safeguards
for library
patrons, commercialize access to information, consolidate
Google's control of the Internet, and put in place an elaborate system
of user authentication and watermarking. "A person at any library or
any university in the United States that attempted to retrieve
information from Google's digital library would be uniquely tagged and
tracked. There is simply no precedent for the creation of
such power."

Judge Chin said  at the beginning of the hearing "To end the suspense,
I am not going to rule today. There is just
too much to digest. And
however I come out, I want to write an opinion that explains my

Rotenberg's Argument (transcript

Complete hearing transcript

The Laboratorium (Grimmelman site on Google Book Settlement)
Google Books, Proposed Settlement (Revised) 

Academic Authors', Objections to Revised Settlement 

Justice Department, Brief 

Justice Department, Statement (February 4, 2010) 

EPIC: Google Books and Privacy 

EPIC: Google Books Litigation 

EPIC: Google Books: Policy Without Privacy 

[2] Lawsuit Alleges School Used Laptops to Spy on Students
at Home

Parents of a student attending Harriton High School
filed a lawsuit
against the Lower Merion School District in Pennsylvania for using
school-issued laptop web cameras to spy on students.
Court papers
charge that the school district is in violation of the Electronic
Communications Privacy Act, the Fourth Amendment,
the Pennsylvania
Wiretapping and Electronic Surveillance Act and Pennsylvania common

The lawsuit arose when the high school's
assistant principle, Lindy
Matsko, informed one of the students that the School District believed
he was engaged in improper behavior
in his home. Ms. Matsko then cited
evidence of a photograph from the students' laptop webcam as evidence
of his wrongdoing.

Merion School District acknowledges that it did install web
camera spyware on laptops issued to students and provided no notice to
parents or students regarding the district’s ability to remotely
access, capture images of the surroundings, and screenshot
on users. The technology also allowed global positioning data, IP
address capture, domain name service logging, as well
as recording of
date, and times information. The school district states that it only
used this capability 42 times during the 2009-2010
academic school year
to located reported "stolen" laptops.

Laptops were only allowed to contain software installed by the school
district, which purchased the Apple Laptops. The Lower Merion School
District student handbook states that the laptops was to be
used for
"educational purposes." The list of "Laptop Capabilities at home"
enabled a wide range of Macintosh social networking and
user engaging
applications such as ichat, iTunes, iweb, ichat, iphoto. The school
district nor the school is reported to have used
Apple parental
controls to limit the time of day the computer would be available nor
the use of Apple social networking features.
The "Getting Started
Guide" states that the same laptop would be issued to the same students
throughout their time at the school.


EPIC: Children's Privacy

Lower Merion School District: Statement 2/19/2010

Lower Merion School District: Student Guide

Lower Merion School District: Getting Started Guide

Lower Merion School District, Laptop Capabilities (Screenshot)

[3] EPIC Submits Statement on Location Privacy

EPIC submitted statements for a February 24  joint hearing on "The
Collection and Use of Location Information for Commercial Purposes."
The hearing was held by House Subcommittee on Communications,
Technology, and the Internet and the Subcommittee on Commerce, Trade,
and Consumer Protection.

EPIC argued that as mobile devices have become ubiquitous in modern
society and their use becomes common
among younger children, it is
important that clear standards are formulated in order to protect the
privacy of users. EPIC cited
the growing uses of location data for
advertising and tracking purposes, typically without any legal
protections, and noted widespread
support among US and European
consumer organizations for clear protections.

EPIC recommended that Congress establish strong rules,
similar to those
in the European Union Eprivacy Directive, that would give users
meaningful control over their locational data. Specifically,
recommended that the government create regulations to require that
location information not be collected or shared with out
user consent, that users be informed about the type and purpose of the
data being collected, that location data not be
stored beyond delivery
of location-based services unless it is being kept for billing purposes
or being anonymized.

EPIC had previously
recommended that the FCC establish guidelines for
the protection of users' locational privacy. In its previous comments, 
EPIC recognized
that locational tracking technologies "enable the
creation of detailed daily itineraries for millions of consumers, [and]
have the
potential to fundamentally alter the nature and use of
wireless communications systems." EPIC encouraged the FCC to enact
rules that
would give consumers "meaningful control over the collection
and use of location data."

EPIC: Statement for the Record

Hearing Notice

Eprivacy Directive

EPIC: Previous Comments to FCC

EPIC: Consumer Proprietary Network Information

[4] EPIC Urges FTC to Investigate Google Buzz

EPIC has filed a complaint with the Federal Trade Commission (FTC),
urging the FTC to open an investigation into Google Buzz. Google
to transform its popular email service, Gmail, into an untested social
networking service. As a consequence, Google transformed
users' most
frequent address book contacts into publicly viewable social networking

The change to Google's email service
was widely opposed by users, and
prompted Google to undergo two rounds of modifications to the Buzz
service. Despite these changes,
Google Buzz is still an opt-out
service. EPIC filed its complaint on February 16, 2010, arguing that
the changes to Buzz are not
sufficient to protect the privacy of Gmail

EPIC's complaint cites clear harms to service subscribers, and alleges
that the
change in business practices "violated user expectations,
diminished user privacy, contradicted Google's privacy policy, and may
have violated federal wiretap laws." EPIC asserts that email providers
have a responsibility to safeguard the personal information
that users
provide and Google has failed to fulfill this responsibility.

The complaint urges the FTC to require Google to make the
Buzz service
fully opt-in, to stop using Gmail users' private address book contacts
to compile social networking lists, and to give
Google users meaningful
control over their personal data. EPIC also noted that the FTC has
failed to take action in response to EPIC's
previous complaint,
involving Google and Cloud Computing services.

EPIC: FTC Complaint: In re Google Buzz

Google: About Google Buzz

EPIC: Google and Cloud Computing Services

EPIC: In re Google Buzz
[5] EPIC Submits Statement to Congress on Google,
NSA, Cybersecurity

EPIC submitted a statement for the record
for a House Foreign Affairs
Committee hearing on Google and U.S. Cyberspace Policy. The hearing was
titled "The Google Predicament:
Transforming U.S. Cyberspace Policy to
Advance Democracy, Security, and Trade" and was scheduled for February
10, 2010. EPIC's statement
recommended investigation into the
newly-announced partnership between Google and the National Security
Agency. It also urged the
committee to call for the public release of
National Security Presidential Directive 54, the secret document that
grants the NSA
broad surveillance authority in cyberspace.

The EPIC statement urged the Congressional Committee to support US
ratification of the
Council of Europe Convention on Privacy, also known
as Convention 108. Twenty-nine experts in privacy and technology
recently sent
a letter to Secretary of State Clinton regarding this
issue and encouraging United States ratification of the treaty.

Finally, the
EPIC statement for the record directed the Committee's
attention to the actions by the European Parliament civil liberties
which had, shortly before the hearing, declined to make
permanent an agreement with the United States regarding access to
bank transfer information. In the days after EPIC's
statement was submitted, the European Parliament voted to end the
citing violations of European privacy laws.

EPIC: Statement for the Record

House Foreign Affairs Committee Hearing

Council of Europe Privacy Convention

Experts' Letter to Secretary Clinton

[6] News in Brief

EPIC and Ralph Nader Urge President Obama to Suspend Body Scanners

EPIC's Marc Rotenberg and consumer advocate Ralph Nader have
sent a
letter to President Obama, urging the suspension of funding for the
body scanner program pending an assessment by an independe
board of
review. The recommendation follows a joint workshop sponsored by EPIC
and Center for Study of Response Law. The event included
two panels,
the first of which focused on the problems with body scanners, and the
second of which dealt with the political opportunities
that exist to
combat the widespread utilization of the scanners. The event included
talks by experts on radiation, airport security,
religious and
constitutional ramifications of whole body imaging, and the
international response to whole body imaging machines.
EPIC Staff
Counsel, Ginger McCall, discussed documents that EPIC recently received
that reveal that the machines can store and transmit
images. Katitiza
Rodriguez, director of EPIC's International Privacy Project, discussed
the EU's decision to postpone the use of
these machines until a full
privacy and health risk assessment can be completed.

EPIC, Ralph Nader, Letter (Feb. 25, 2010)

Center for Study of Responsive Law

Ralph Nader

EPIC: Whole Body Imaging

EPIC: Air Travel Privacy
Pew Research Center Releases New Report on Future of the Internet 

The Pew Research Center has released its fourth
annual "The Future of
the Internet" report. The report, part of the Center's Internet and
American Life Project, surveyed the views
of technology experts,
stakeholders, and critics regarding their expectations about the
changes and the future of the internet. When
asked to share his view
"about the future of anonymous activity online," EPIC Executive
Director Marc Rotenberg explained, "The privacy
and civil liberties
battles over the next decade will increasingly focus on the growing
demands for identity credentials. New systems
for authentication will
bring new problems as more identity information will create new
opportunities for criminals."

Pew Research
Pew Research Center: "The Future of the Internet" Report

Internet and American Life Project

European Parliament Rejects Data Disclosure Deal 

EPIC and Privacy International praised a vote in the European
Parliament that
rejected the transfer of finacial records to the United
States under an interim agreement. Members of the parliament stated the
agreement lacked adequate privacy safeguards, and was a
disproportionate response to U.S. concerns about terrorism that also
reciprocity. Simon Davies, Director General of Privacy
International in London, said that the vote offered hope that political
could respond effectively to new privacy challenges. "It
has taken several years to gather the political will to stop this
violation of privacy in Europe. But today is a very good day, a
milestone in the long history of privacy campaigning." In 2006 Privacy
International launched a campaign in 33 European countries, urging
close scrutiny of the original SWIFT banking deal shortly after
it came
to light that United States officials routinely accessed financial
records of European citizens without appropriate legal
authority. Several national Parliaments, as well as the US Congress,
will soon be facing similar votes on security measures involving
international data transfers, and proposals for systems of biometric
identification and airport body scanners. Both organisations
vowed to
scrutinise any further proposed deals between the US and Europe.

EuroParliament: SWIFT VOTE : European Parliament votes
down agreement
with the US

EPIC: Spotlight on Surveillance on the SWIFT program   

European Parliament, Is Transatlantic Data Protected? (March 26,

Article 29 Working Group: opinion on the processing of personal data by
the Society for Worldwide Interbank Financial Telecommunication

Privacy International Launches Campaign to Suspend Unlawful Activities
of Finance Giant

Federal Appeals Court Hears Arguments in Location Privacy Case

The Third Circuit Court of Appeals considered this week whether
government must obtain a warrant prior to obtaining location data from
an electronic communications service provider. The case
centers on
access to cell phone records that were used to help crack a bank
robbery investigation. In a related case, the Massachusetts
Court recently held that a warrant would be required for the use of a
GPS tracking device. EPIC filed an amicus brief in
that case. 

District Court Opinion: In re The Application of the United States of
America for an Order Directing a Provider of Electronic
Service to Disclose Records to the Government

Massachusetts Supreme Court Opinion in Commonwealth v. Connolly
EPIC: Amicus Brief in Commonwealth v. Connolly
EPIC: Commonwealth v. Connoll

[7] EPIC Bookstore: "The Peep Diaries" by Hal Niedzviecki

Overshare (verb): to divulge excessive personal information,
as in a
blog or broadcast interview, prompting reactions ranging from alarmed
discomfort to approval. 
     -Word of the year 2008,
Webster's New World Dictionary

In Hal Niedzviecki's The Peep Diaries, Niedzviecki explores this
concept of "oversharing" information.
He describes the increasing
popularity of divulging sometimes mundane, sometimes grotesque images
and stories to an audience of strangers.
In today's "peeping tom"
society, Americans use blogs, Facebook, Twitter, and You Tube as
outlets to share information about themselves,
while indulging in
reality television to stare into the lives of others. For four
chapters, Niedzviecki describes "peep culture,"
and argues that this
oversharing on the internet leads to a disconnect between people, and a
breakdown of the notion of community.
This idea is further illustrated
in his final chapter, where Niedzviecki invites his 700 Facebook
friends to a bar, and only one
decides to show.

Niedzviecki's arguments fall short, however, in Chapters 5 and 6, with
his discussions of domestic surveillance
and privacy. In Chapter 5,
Niedzviecki reflects on "spying" on his wife's daily travels via a
camera installed in her car. He fails
to discuss government
surveillance in any real depth, apart from a brief history of CCTV
cameras, but rather focuses on using cameras
to survey neighbors,
nannies, and loved ones. According to Niedzviecki, "We're not afraid
of the surveillance state. We're afraid
of the gaps in our culture of
surveillance … We embrace surveillance because we're terrified of
disappearing 'without a trace.'"

In Chapter 6, Niedzviecki makes clear he is of the mindset of Dave
Sifry (Technorati CEO who claimed "privacy is dead") and Scott
(Sun Microsystems CEO who famously said, "You already have zero
privacy-get over it"). According to Niedzviecki, privacy
"isn't much
of a priority for us... many of us don't value our privacy nearly
as much as the possibility of meaningful connection,
convenience, and
rewards like attention and even remuneration." While people are
increasingly using social networking sites and sharing
online, Niedzviecki fails to consider that users do maintain an
expectation of privacy while using these sites. Users
do care about
their privacy, and this is made clear by examples such as Facebook
Beacon, Facebook's February 2009 change in Terms
of Service, and Google
Buzz - all of which were met with widespread user opposition causing
the companies to make changes to increase
privacy protections.

While Niedzviecki's reflections throughout the book were interesting,
his analyses seemed superficial and incomplete.
The last few sentences
of Chapter 6 summed up the book well. Niedzviecki writes, "What's the
moral of this story? There isn't a clear

--Kim Nguyen

EPIC Publications:

"Litigation Under the Federal Open Government Laws 2008,"
edited by
Harry A. Hammitt, Marc Rotenberg, John A. Verdi, and Mark S. Zaid (EPIC
2008). Price: $60.

Litigation Under the Federal Open Government Laws is the most
comprehensive, authoritative discussion of the federal open access
laws. This updated version includes new material regarding the
substantial FOIA amendments enacted on December 31, 2007. Many of
recent amendments are effective as of December 31, 2008. The standard
reference work includes in-depth analysis of litigation
under Freedom
of Information Act, Privacy Act, Federal Advisory Committee Act,
Government in the Sunshine Act. The fully updated 2008 volume is the
24th edition of
the manual that lawyers, journalists and researchers
have relied on for more than 25 years.


Privacy Law: Cases and Materials, Second Edition" Daniel
J. Solove, Marc Rotenberg, and Paul Schwartz. (Aspen 2005). Price: $98.

This clear, comprehensive introduction to the field of information
privacy law allows instructors to enliven their teaching of fundamental
concepts by addressing both enduring and emerging controversies. The
Second Edition addresses numerous rapidly developing areas of
law, including: identity theft, government data mining and electronic
surveillance law, the Foreign Intelligence Surveillance
intelligence sharing, RFID tags, GPS, spyware, web bugs, and more.
Information Privacy Law, Second Edition, builds a cohesive
for an exciting course in this rapidly evolving area of law.


"Privacy & Human Rights
2006: An International Survey of Privacy Laws
and Developments" (EPIC 2007). Price: $75.

This annual report by EPIC and Privacy International provides an
overview of key privacy topics and reviews the state of privacy
in over
75 countries around the world. The report outlines legal protections,
new challenges, and important issues and events relating
to privacy.
Privacy & Human Rights 2006 is the most comprehensive report on privacy
and data protection ever published.


"The Public Voice WSIS Sourcebook: Perspectives on the World Summit on
the Information Society" (EPIC 2004). Price: $40.

This resource promotes a dialogue on the issues, the outcomes, and the
process of the World Summit on the Information Society (WSIS).
reference guide provides the official UN documents, regional and
issue-oriented perspectives, and recommendations and proposals
future action, as well as a useful list of resources and contacts for
individuals and organizations that wish to become more
involved in the
WSIS process.


"The Privacy Law Sourcebook 2004: United States Law, International
and Recent Developments," Marc Rotenberg, editor (EPIC 2005). Price:

The Privacy Law Sourcebook, which has been called the "Physician's Desk
Reference" of the privacy world, is the leading resource
for students,
attorneys, researchers, and journalists interested in pursuing privacy
law in the United States and around the world.
It includes the full
texts of major privacy laws and directives such as the Fair Credit
Reporting Act, the Privacy Act, and the OECD
Privacy Guidelines, as
well as an up-to-date section on recent developments. New materials
include the APEC Privacy Framework, the
Video Voyeurism Prevention Act,
and the CAN-SPAM Act.


"Filters and Freedom 2.0: Free Speech Perspectives
on Internet Content
Controls" (EPIC 2001). Price: $20.

A collection of essays, studies, and critiques of Internet content
filtering. These papers are instrumental in explaining why filtering
threatens free expression.


EPIC publications and other books on privacy, open government, free
expression, crypto and governance can be ordered at:

EPIC Bookstore


EPIC also publishes EPIC FOIA Notes, which provides brief summaries of
interesting documents
obtained from government agencies under the
Freedom of Information Act.

Subscribe to EPIC FOIA Notes at:

[8] Upcoming Conferences and Events

Limiting Knowledge in
a Democracy, The New School, New York City,
February 24-26, 2010. For more information:

Fourth Law and Information Society Symposium: Hate Versus Democracy on
the Internet, Fordham University, New York City, February
26, 2010. For
more information:

RSA 2010, San Francisco, March 1-5, 2010. For more information:

Association for Practical and Professional Ethics, Cincinnati, March 5,
2010. For more information:

Privacy 2010, Stanford, March 23 - 25, 2010. For more information:

Computers, Freedom, and Privacy, San Jose, June 15-18, 2010. For more

32nd International Conference of Data Protection and Privacy
Commissioners, Jerusalem, October 2010. For more information:

Join EPIC on Facebook

Join the Electronic Privacy Information Center on Facebook


Start a discussion on privacy. Let us know your thoughts. Stay up to
date with EPIC's events. Support EPIC.

Privacy Policy

The EPIC Alert mailing list is used only
to mail the EPIC Alert and to
send notices about EPIC activities. We do not sell, rent or share our
mailing list. We also intend
to challenge any subpoena or other legal
process seeking access to our mailing list. We do not enhance (link to
other databases)
our mailing list or require your actual name.

In the event you wish to subscribe or unsubscribe your e-mail address
from this list,
please follow the above instructions under
"subscription information."

About EPIC

The Electronic Privacy Information Center is
a public interest research
center in Washington, DC. It was established in 1994 to focus public
attention on emerging privacy issues
such as the Clipper Chip, the
Digital Telephony proposal, national ID cards, medical record privacy,
and the collection and sale
of personal information. EPIC publishes the
EPIC Alert, pursues Freedom of Information Act litigation, and conducts
policy research. For more information, see or write
EPIC, 1718 Connecticut Ave., NW, Suite 200, Washington, DC 20009. +1
202 483 1140 (tel), +1 202 483 1248 (fax).

Donate to EPIC

If you'd like to support the work of the
Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible. Checks
should be made out to "EPIC" and
sent to 1718 Connecticut Ave., NW,
Suite 200, Washington, DC 20009. Or you can contribute online at:

Your contributions will help support Freedom of Information Act and
First Amendment litigation, strong and effective advocacy for the right
of privacy and efforts to oppose government regulation
of encryption
and expanding wiretapping powers.

Thank you for your support.

Subscription Information

Subscribe/unsubscribe via web interface:

Back issues are available at:

  The EPIC Alert displays best in a fixed-width font, such as Courier.

  ------------------------- END EPIC Alert 17.04------------------------

WorldLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback